Install and Configure SMTP Server

Dari Dokumentasi Robie
Loncat ke navigasi Loncat ke pencarian
root@mail:~#

apt -y install postfix sasl2-bin

# on this example, proceed to select [No Configuration]

# because configure all manually

+------+ Postfix Configuration +-------+
| General type of mail configuration:  |
|                                      |
|       No configuration               |
|       Internet Site                  |
|       Internet with smarthost        |
|       Satellite system               |
|       Local only                     |
|                                      |
|                                      |
|       <Ok>           <Cancel>        |
|                                      |
+--------------------------------------+

root@mail:~# cp /usr/share/postfix/main.cf.dist /etc/postfix/main.cf

root@mail:~#

vi /etc/postfix/main.cf

# line 82 : uncomment
mail_owner = postfix

# line 98 : uncomment and specify hostname
myhostname = mail.srv.world

# line 106 : uncomment and specify domainname
mydomain = srv.world

# line 127 : uncomment
myorigin = $mydomain

# line 141 : uncomment
inet_interfaces = all

# line 189 : uncomment
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain

# line 232 : uncomment
local_recipient_maps = unix:passwd.byname $alias_maps

# line 277 : uncomment
mynetworks_style = subnet

# line 294 : add your local network
mynetworks = 127.0.0.0/8, 10.0.0.0/24

# line 416 : uncomment
alias_maps = hash:/etc/aliases

# line 427 : uncomment
alias_database = hash:/etc/aliases

# line 449 : uncomment
home_mailbox = Maildir/

# line 585: comment out and add
#smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_banner = $myhostname ESMTP

# line 659 : add
sendmail_path = /usr/sbin/postfix

# line 664 : add
newaliases_path = /usr/bin/newaliases

# line 669 : add
mailq_path = /usr/bin/mailq

# line 675 : add
setgid_group = postdrop

# line 679 : comment out
#html_directory =

# line 683 : comment out
#manpage_directory =

# line 688 : comment out
#sample_directory =

# line 692 : comment out
#readme_directory =

# line 692 : if also listen IPv6, change to [all]
inet_protocols = ipv4

# add follows to last line
# disable SMTP VRFY command
disable_vrfy_command = yes

# require HELO command to sender hosts
smtpd_helo_required = yes

# limit an email size
# example below means 10M bytes limit
message_size_limit = 10240000

# SMTP-Auth settings
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $myhostname
smtpd_recipient_restrictions = 
  permit_mynetworks,
  permit_sasl_authenticated,
  reject_unauth_destination

root@mail:~# newaliases root@mail:~# systemctl restart postfix

[2] Configure additional settings for Postfix if you need.

It's possible to reject many spam emails with the settings below. However, you should consider to apply the settings, because sometimes normal emails are also rejected with them. Especially, there are SMTP servers that forward lookup and reverse lookup of their hostnames on DNS do not match even if they are not spammers.

root@mail:~#

vi /etc/postfix/main.cf

# add to the end
# reject unknown clients that forward lookup and reverse lookup of their hostnames on DNS do not match
smtpd_client_restrictions = permit_mynetworks, reject_unknown_client_hostname, permit

# rejects senders that domain name set in FROM are not registered in DNS or 
# not registered with FQDN
smtpd_sender_restrictions = permit_mynetworks, reject_unknown_sender_domain, reject_non_fqdn_sender

# reject hosts that domain name set in FROM are not registered in DNS or 
# not registered with FQDN when your SMTP server receives HELO command
smtpd_helo_restrictions = permit_mynetworks, reject_unknown_hostname, reject_non_fqdn_hostname, reject_invalid_hostname, permit

root@mail:~# systemctl restart postfix