架設Postfix+Dovecot+SASL With SSL/TLS

環境：
Server Domain：teed7334.idv.tw


設定：
apt-get install postfix libsasl2 libsasl2-modules sasl2-bin dovecot-common dovecot-imapd dovecot-pop3d

vi /etc/postfix/main.cf

---

smtpd_use_tls=yes
.
.
.
myhostname = debian.localhost
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = debian.localhost, localhost.localhost, , localhost
relayhost =
mynetworks = 127.0.0.0/8
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all

以上設定清空，全數改為以下
smtpd_use_tls=yes #指定smtp是否使用TLS加密
.
.
.
myhostname = teed7334.idv.tw #Mail Server的主機名稱
mydomain = teed7334.idv.tw #Mail Server的Domain
#Mail Server所認可合法的位置
mydestination = $myhostname, localhost.$mydomain, $mydomain
myorigin = $mydomain
mynetworks = teed7334.idv.tw
message_size_limit = 10240000 #單封郵件最大大小
disable_vrfy_command = yes
home_mailbox = mail/ #設定~/mail為存放Mail所在地
smtpd_sasl_auth_enable = yes #使用SASL認証
broken_sasl_auth_clients = yes #使用SASL認証Client端
smtpd_sasl_security_options = noanonymous #不允許匿名登入
#指定smtp允許的方式
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
smtpd_sender_restrictions = reject_unknown_sender_domain #拒絕來路不明的domain
header_checks = regexp:/etc/postfix/header_checks #郵件標頭過濾檔
body_checks = regexp:/etc/postfix/body_checks #郵件內文過濾檔
smtp_rcpt_timeout = 1200s
smtp_data_init_timeout = 480s
smtp_data_done_timeout = 2400s
smtp_quit_timeout = 1200s
smtp_connect_timeout = 120s
fallback_relay =
smtp_helo_timeout = 1200s
smtp_data_xfer_timeout = 720s
smtp_mail_timeout = 1200s
smtpd_error_sleep_time = 2s
smtpd_timeout = 600s
smtpd_client_restrictions = permit_mynetworks, reject_rbl_client cbl.abuseat.org, reject_rbl_client bl.spamcop.net, reject_rbl_client dnsbl.sorbs.net

---

vi /etc/postfix/master.cf

---

smtp inet n - - - - smtpd

To

smtp inet n - n - - smtpd

---

mkdir /etc/postfix/sasl
touch /etc/postfix/sasl/smtpd.conf
vi /etc/postfix/sasl/smtpd.conf

---

Add

log_level: 3
pwcheck_method: saslauthd
mech_list: PLAIN LOGIN

---

vi /etc/default/saslauthd

---

START=no
.
.
.
MECHANISMS="pam"

To

START=yes
.
.
.
MECHANISMS="shadow"

---

vi /etc/dovecot/dovecot.conf

---

protocols =
.
.
.
#listen = *
.
.
.
#disable_plaintext_auth = yes

To

protocols=imaps pop3s
.
.
.
listen=*
.
.
.
disable_plaintext_auth=no

---

chmod 755 /etc/default/saslauthd

---

/etc/init.d/saslauthd restart
/etc/init.d/dovecot restart
/etc/init.d/postfix restart