送信メールサーバ側

 

# getenforce
Disabled

 

 

# systemctl start firewalld
# systemctl enable firewalld

firewall-cmd --add-service=smtp --zone=public --permanent
firewall-cmd --add-service=smtps --zone=public --permanent
firewall-cmd --permanent --zone=public --add-port=587/tcp
firewall-cmd --reload

 

 

# yum install postfix cyrus-sasl-plain cyrus-sasl-md5 cyrus-sasl

 

# vi /etc/postfix/main.cf



#myhostname = host.domain.tld
#myhostname = virtual.domain.tld
myhostname = mail.example.com




#mydomain = domain.tld
mydomain = example.com


#myorigin = $myhostname
#myorigin = $mydomain
myorigin = $mydomain



#inet_interfaces = all
#inet_interfaces = $myhostname
#inet_interfaces = $myhostname, localhost
#inet_interfaces = localhost
inet_interfaces = all



#inet_protocols = all
inet_protocols = ipv4


#home_mailbox = Mailbox
#home_mailbox = Maildir/
home_mailbox = Maildir/



※最終行に追加

# SMTP認証
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_sasl_authenticated, reject_unauth_destination

 

 

# vi /etc/sasl2/smtpd.conf


pwcheck_method: saslauthd
mech_list: plain login

↓変更

pwcheck_method: saslauthd
mech_list: plain login cram-md5

 

# saslpasswd2 -u example.com send-only

Password:パスワード
Again (for verification):パスワード


ユーザ：send-only@example.com
パスワード：パスワード

上記設定になる。

 

# chown postfix /etc/sasldb2

 

# postfix check
# systemctl start postfix
# systemctl enable postfix


# systemctl start saslauthd
# systemctl enable saslauthd

 

 

# vi /etc/postfix/master.cf


smtp      inet  n       -       n       -       -       smtpd
#smtp      inet  n       -       n       -       1       postscreen
#smtpd     pass  -       -       n       -       -       smtpd
#dnsblog   unix  -       -       n       -       0       dnsblog
#tlsproxy  unix  -       -       n       -       0       tlsproxy
submission inet n       -       n       -       -       smtpd ←有効化
#  -o syslog_name=postfix/submission
#  -o smtpd_tls_security_level=encrypt
  -o smtpd_sasl_auth_enable=yes ←有効化
#  -o smtpd_reject_unlisted_recipient=no
#  -o smtpd_client_restrictions=$mua_client_restrictions
#  -o smtpd_helo_restrictions=$mua_helo_restrictions
#  -o smtpd_sender_restrictions=$mua_sender_restrictions
  -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject ←有効化

 

 

# systemctl restart postfix

 

 

WEBサーバ

 

# yum install postfix cyrus-sasl-plain cyrus-sasl-md5 cyrus-sasl

 

# vi /etc/postfix/sasl_passwd

[mail.example.com]:587 send-only@example.com:パスワード

 

# postmap /etc/postfix/sasl_passwd
# chmod 600 /etc/postfix/sasl_passwd

 

# vi /etc/postfix/main.cf


※最下部に追記する

## Relay SMTP
myhostname = web1.example.com
mydomain = web1.example.com
myorigin = $mydomain
inet_interfaces = localhost
mydestination =  $myhostname, localhost.$mydomain, localhost
relayhost = [mail.example.com]:587
smtp_tls_security_level = may
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_mechanism_filter = CRAM-MD5, DIGEST-MD5, PLAIN, LOGIN
smtp_tls_CApath = /etc/pki/tls/certs/ca-bundle.crt

 

# systemctl restart postfix
# systemctl enable postfix

 

# yum install mailx

 

# mail test@gmail.com

 

# cat /var/log/maillog