・AlmaLinux + Postfix + Dovecotでメールの送受信ができるサーバーを構築する方法を知りたい。
・具体的な手順を分かりやすく教えてほしい。
こういった疑問に答えます。
本記事の内容
この記事を書いている私は、某SIerに勤務しながら、
WEB系エンジニア・インフラエンジニアに憧れて、プログラミングおよびインフラ技術の勉強をしています。
こういった私が、解説していきます。
私が実機で試したコマンドや画像を載せて書いています。
記事の信頼性担保に繋がると思います。
- 本記事の内容
- AlmaLinux + Postfix + Dovecotでメールの送受信ができるサーバーを構築する方法
- 事前確認① MXレコードの確認
- 手順② dovecotのインストール
- 手順③ dovecot起動、自動起動の設定
- 手順④ dovecot.confの編集
- 手順⑤ 10-auth.confの編集
- 手順⑥ 10-mail.confの編集
- 手順⑦ 10-ssl.confの編集
- 手順⑧ 10-master.confの編集
- 手順⑨ dovecotを再起動して設定を反映
- 手順⑩ 110番(POP3)と143番(IMAP4)ポートがLISTENであることの確認
- 手順⑪ Postfixのmain.cfの編集
- 手順⑫ Postfixのmaster.cfの編集
- 手順⑬ Postfixを再起動して変更を反映
- 手順⑭ firewallの許可設定を追加
- 手順⑮ メールソフトで動作確認(POP3, SMTP)
- 手順⑮ メールソフトで動作確認(IMAP4, SMTP-Submission)
AlmaLinux + Postfix + Dovecotでメールの送受信ができるサーバーを構築する方法
事前確認① MXレコードの確認
host -t mx ドメイン名
[root@SV-VEGA ~]# host -t mx space.com space.com mail is handled by 10 space.com.
手順② dovecotのインストール
[root@SV-VEGA ~]# dnf -y install dovecot メタデータの期限切れの最終確認: 0:48:13 前の 2023年09月05日 07時37分08秒 に実施しました。 依存関係が解決しました。 ==================================================================================================== パッケージ Arch バージョン リポジトリー サイズ ==================================================================================================== インストール: dovecot x86_64 1:2.3.16-3.el8 appstream 5.2 M 依存関係のインストール: clucene-core x86_64 2.3.3.4-31.20130812.e8e3d20git.el8 appstream 588 k トランザクションの概要 ==================================================================================================== インストール 2 パッケージ ダウンロードサイズの合計: 5.8 M インストール後のサイズ: 19 M パッケージのダウンロード: (1/2): clucene-core-2.3.3.4-31.20130812.e8e3d20git.el8.x86_64.rpm 1.7 MB/s | 588 kB 00:00 (2/2): dovecot-2.3.16-3.el8.x86_64.rpm 5.7 MB/s | 5.2 MB 00:00 ---------------------------------------------------------------------------------------------------- 合計 4.1 MB/s | 5.8 MB 00:01 トランザクションの確認を実行中 トランザクションの確認に成功しました。 トランザクションのテストを実行中 トランザクションのテストに成功しました。 トランザクションを実行中 準備 : 1/1 インストール中 : clucene-core-2.3.3.4-31.20130812.e8e3d20git.el8.x86_64 1/2 scriptletの実行中: dovecot-1:2.3.16-3.el8.x86_64 2/2 インストール中 : dovecot-1:2.3.16-3.el8.x86_64 2/2 scriptletの実行中: dovecot-1:2.3.16-3.el8.x86_64 2/2 検証 : clucene-core-2.3.3.4-31.20130812.e8e3d20git.el8.x86_64 1/2 検証 : dovecot-1:2.3.16-3.el8.x86_64 2/2 インストール済み: clucene-core-2.3.3.4-31.20130812.e8e3d20git.el8.x86_64 dovecot-1:2.3.16-3.el8.x86_64 完了しました!
[root@SV-VEGA postfix]# dnf list installed | grep dovecot dovecot.x86_64 1:2.3.16-3.el8 @appstream
手順③ dovecot起動、自動起動の設定
systemctl start dovecot
systemctl status dovecot
[root@SV-VEGA ~]# systemctl start dovecot [root@SV-VEGA ~]# systemctl status dovecot ● dovecot.service - Dovecot IMAP/POP3 email server Loaded: loaded (/usr/lib/systemd/system/dovecot.service; disabled; vendor preset: disabled) Active: active (running) since Tue 2023-09-05 08:26:23 JST; 9s ago Docs: man:dovecot(1) https://doc.dovecot.org/ Process: 7514 ExecStartPre=/usr/libexec/dovecot/prestartscript (code=exited, status=0/SUCCESS) Main PID: 7522 (dovecot) Tasks: 4 (limit: 24822) Memory: 4.6M CGroup: /system.slice/dovecot.service tq7522 /usr/sbin/dovecot -F tq7523 dovecot/anvil tq7524 dovecot/log mq7525 dovecot/config 9月 05 08:26:23 SV-VEGA systemd[1]: Starting Dovecot IMAP/POP3 email server... 9月 05 08:26:23 SV-VEGA systemd[1]: Started Dovecot IMAP/POP3 email server. 9月 05 08:26:23 SV-VEGA dovecot[7522]: master: Dovecot v2.3.16 (7e2e900c1a) starting up for imap, >
systemctl enable dovecot
systemctl is-enabled dovecot
[root@SV-VEGA ~]# systemctl enable dovecot Created symlink /etc/systemd/system/multi-user.target.wants/dovecot.service → /usr/lib/systemd/system/dovecot.service. [root@SV-VEGA ~]# systemctl is-enabled dovecot enabled
手順④ dovecot.confの編集
[root@SV-VEGA ~]# cd /etc/dovecot [root@SV-VEGA dovecot]# cp -p /etc/dovecot/dovecot.conf /etc/dovecot/dovecot.conf.original_bk
vi /etc/dovecot/dovecot.conf
protocols
23 # Protocols we want to be serving.
24 protocols = imap pop3 ←★★変更
手順⑤ 10-auth.confの編集
[root@SV-VEGA dovecot]# cp /etc/dovecot/conf.d/10-auth.conf /etc/dovecot/conf.d/10-auth.conf.original_bk
vi /etc/dovecot/conf.d/10-auth.conf
disable_plaintext_auth
5 # Disable LOGIN command and all other plaintext authentications unless 6 # SSL/TLS is used (LOGINDISABLED capability). Note that if the remote IP 7 # matches the local IP (ie. you're connecting from the same computer), the 8 # connection is considered secure and plaintext authentication is allowed. 9 # See also ssl=required setting. 10 disable_plaintext_auth = no ←★★変更
auth_mechanisms
96 # Space separated list of wanted authentication mechanisms: 97 # plain login digest-md5 cram-md5 ntlm rpa apop anonymous gssapi otp 98 # gss-spnego 99 # NOTE: See also disable_plaintext_auth setting. 100 auth_mechanisms = plain login ←★★変更
手順⑥ 10-mail.confの編集
[root@SV-VEGA conf.d]# cp /etc/dovecot/conf.d/10-mail.conf /etc/dovecot/conf.d/10-mail.conf.original_bk
vi /etc/dovecot/conf.d/10-mail.conf
mail_location
22 # See doc/wiki/Variables.txt for full list. Some examples: 23 # 24 # mail_location = maildir:~/Maildir 25 # mail_location = mbox:~/mail:INBOX=/var/mail/%u 26 # mail_location = mbox:/var/mail/%d/%1n/%n:INDEX=/var/indexes/%d/%1n/%n 27 # 28 # <doc/wiki/MailLocation.txt> 29 # 30 mail_location = maildir:~/Maildir ←★★変更
手順⑦ 10-ssl.confの編集
[root@SV-VEGA conf.d]# cp -p /etc/dovecot/conf.d/10-ssl.conf /etc/dovecot/conf.d/10-ssl.conf.original_bk
vi /etc/dovecot/conf.d/10-ssl.conf
ssl
2 ## SSL settings 3 ## 4 5 # SSL/TLS support: yes, no, required. <doc/wiki/SSL.txt> 6 # disable plain pop3 and imap, allowed are only pop3+TLS, pop3s, imap+TLS and imaps 7 # plain imap and pop3 are still allowed for local connections 8 ssl = no ←★★変更
手順⑧ 10-master.confの編集
[root@SV-VEGA conf.d]# cp -p /etc/dovecot/conf.d/10-master.conf /etc/dovecot/conf.d/10-master.conf.original_bk
vi /etc/dovecot/conf.d/10-master.conf
Postfix smtp-auth
86 service auth { 87 # auth_socket_path points to this userdb socket by default. It's typically 88 # used by dovecot-lda, doveadm, possibly imap process, etc. Users that have 89 # full permissions to this socket are able to get a list of all usernames and 90 # get the results of everyone's userdb lookups. 91 # 92 # The default 0666 mode allows anyone to connect to the socket, but the 93 # userdb lookups will succeed only if the userdb returns an "uid" field that 94 # matches the caller process's UID. Also if caller's uid or gid matches the 95 # socket's uid or gid the lookup succeeds. Anything else causes a failure. 96 # 97 # To give the caller full permissions to lookup all users, set the mode to 98 # something else than 0666 and Dovecot lets the kernel enforce the 99 # permissions (e.g. 0777 allows everyone full permissions). 100 unix_listener auth-userdb { 101 #mode = 0666 102 #user = 103 #group = 104 } 105 106 # Postfix smtp-auth 107 unix_listener /var/spool/postfix/private/auth { ←★★コメント解除 108 mode = 0666 ←★★変更 109 user = postfix ←★★変更 110 group = postfix ←★★変更 111 }
手順⑨ dovecotを再起動して設定を反映
[root@SV-VEGA conf.d]# doveconf -n
systemctl restart dovecot
systemctl status dovecot
[root@SV-VEGA ~]# systemctl restart dovecot [root@SV-VEGA ~]# systemctl status dovecot ● dovecot.service - Dovecot IMAP/POP3 email server Loaded: loaded (/usr/lib/systemd/system/dovecot.service; enabled; vendor preset: disabled) Active: active (running) since Tue 2023-09-05 08:57:53 JST; 10s ago Docs: man:dovecot(1) https://doc.dovecot.org/ Process: 7742 ExecStop=/usr/bin/doveadm stop (code=exited, status=0/SUCCESS) Process: 7747 ExecStartPre=/usr/libexec/dovecot/prestartscript (code=exited, status=0/SUCCESS) Main PID: 7753 (dovecot) Tasks: 4 (limit: 24822) Memory: 4.6M CGroup: /system.slice/dovecot.service tq7753 /usr/sbin/dovecot -F tq7755 dovecot/anvil tq7756 dovecot/log mq7757 dovecot/config 9月 05 08:57:53 SV-VEGA systemd[1]: Starting Dovecot IMAP/POP3 email server... 9月 05 08:57:53 SV-VEGA systemd[1]: Started Dovecot IMAP/POP3 email server. 9月 05 08:57:53 SV-VEGA dovecot[7753]: master: Dovecot v2.3.16 (7e2e900c1a) starting up for imap, >
手順⑩ 110番(POP3)と143番(IMAP4)ポートがLISTENであることの確認
netstat -nat
[root@SV-VEGA ~]# netstat -nat Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 0.0.0.0:110 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:143 0.0.0.0:* LISTEN tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN tcp6 0 0 :::110 :::* LISTEN tcp6 0 0 :::143 :::* LISTEN
手順⑪ Postfixのmain.cfの編集
vi /etc/postfix/main.cf
inet_interfaces
122 # RECEIVING MAIL 123 124 # The inet_interfaces parameter specifies the network interface 125 # addresses that this mail system receives mail on. By default, 126 # the software claims all active interfaces on the machine. The 127 # parameter also controls delivery of mail to user@[ip.address]. 128 # 129 # See also the proxy_interfaces parameter, for network addresses that 130 # are forwarded to us via a proxy or network address translator. 131 # 132 # Note: you need to stop/start Postfix when this parameter changes. 133 # 134 inet_interfaces = all ←★★コメント解除で有効化 135 #inet_interfaces = $myhostname 136 #inet_interfaces = $myhostname, localhost 137 #inet_interfaces = localhost ←★★コメントで無効化
mydestination
185 #mydestination = $myhostname, localhost.$mydomain, localhost ←★★コメントで無効化 186 mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain ←★★コメント解除で有効化 187 #mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain, 188 # mail.$mydomain, www.$mydomain, ftp.$mydomain
local_recipient_maps
229 local_recipient_maps = unix:passwd.byname $alias_maps ←★★コメント解除で有効化 230 #local_recipient_maps = proxy:unix:passwd.byname $alias_maps 231 #local_recipient_maps =
home_mailbox
432 # DELIVERY TO MAILBOX 433 # 434 # The home_mailbox parameter specifies the optional pathname of a 435 # mailbox file relative to a user's home directory. The default 436 # mailbox file is /var/spool/mail/user or /var/mail/user. Specify 437 # "Maildir/" for qmail-style delivery (the / is required). 438 # 439 #home_mailbox = Mailbox 440 home_mailbox = Maildir/ ←★★コメント解除で有効化
smtpd_banner
593 #smtpd_banner = $myhostname ESMTP $mail_name 594 #smtpd_banner = $myhostname ESMTP $mail_name ($mail_version) 595 smtpd_banner = $myhostname ESMTP ←★★追加
SMTP-AUTH
745 ### SMTP-AUTH ←★★追加
746 smtpd_sasl_auth_enable = yes ←★★追加
747 smtpd_sasl_type = dovecot ←★★追加
748 smtpd_sasl_path = private/auth ←★★追加
749 broken_sasl_auth_clients = yes ←★★追加
750 smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination ←★★追加
確認
[root@SV-VEGA ~]# postconf -n [root@SV-VEGA ~]# postfix check
手順⑫ Postfixのmaster.cfの編集
[root@SV-VEGA ~]# cp -p /etc/postfix/master.cf /etc/postfix/master.cf.original_bk
vi /etc/postfix/master.cf
8 # ========================================================================== 9 # service type private unpriv chroot wakeup maxproc command + args 10 # (yes) (yes) (no) (never) (100) 11 # ========================================================================== 12 smtp inet n - n - - smtpd 13 #smtp inet n - n - 1 postscreen 14 #smtpd pass - - n - - smtpd 15 #dnsblog unix - - n - 0 dnsblog 16 #tlsproxy unix - - n - 0 tlsproxy 17 submission inet n - n - - smtpd ←★★コメント解除で有効化
手順⑬ Postfixを再起動して変更を反映
systemctl restart postfix
systemctl status postfix
[root@SV-VEGA ~]# systemctl restart postfix [root@SV-VEGA ~]# systemctl status postfix ● postfix.service - Postfix Mail Transport Agent Loaded: loaded (/usr/lib/systemd/system/postfix.service; enabled; vendor preset: disabled) Active: active (running) since Tue 2023-09-05 09:12:30 JST; 6s ago Process: 7892 ExecStop=/usr/sbin/postfix stop (code=exited, status=0/SUCCESS) Process: 7913 ExecStart=/usr/sbin/postfix start (code=exited, status=0/SUCCESS) Process: 7911 ExecStartPre=/usr/libexec/postfix/chroot-update (code=exited, status=0/SUCCESS) Process: 7908 ExecStartPre=/usr/libexec/postfix/aliasesdb (code=exited, status=0/SUCCESS) Process: 7906 ExecStartPre=/usr/sbin/restorecon -R /var/spool/postfix/pid/master.pid (code=exited> Main PID: 7981 (master) Tasks: 3 (limit: 24822) Memory: 4.3M CGroup: /system.slice/postfix.service tq7981 /usr/libexec/postfix/master -w tq7982 pickup -l -t unix -u mq7983 qmgr -l -t unix -u 9月 05 09:12:30 SV-VEGA systemd[1]: postfix.service: Succeeded. 9月 05 09:12:30 SV-VEGA systemd[1]: Stopped Postfix Mail Transport Agent. 9月 05 09:12:30 SV-VEGA systemd[1]: Starting Postfix Mail Transport Agent... 9月 05 09:12:30 SV-VEGA postfix/master[7981]: daemon started -- version 3.5.8, configuration /etc/> 9月 05 09:12:30 SV-VEGA systemd[1]: Started Postfix Mail Transport Agent.
587番(submission)ポートがLISTENであることを確認
netstat -nat
[root@SV-VEGA ~]# netstat -nat Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 0.0.0.0:110 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:143 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:587 0.0.0.0:* LISTEN tcp6 0 0 :::110 :::* LISTEN tcp6 0 0 :::143 :::* LISTEN
手順⑭ firewallの許可設定を追加
smtp,smtp-submission,pop3,imap
[root@SV-VEGA ~]# firewall-cmd --zone=public --add-service={smtp,smtp-submission,pop3,imap} --permanent success [root@SV-VEGA ~]# firewall-cmd --reload success
[root@SV-VEGA ~]# firewall-cmd --list-all public (active) target: default icmp-block-inversion: no interfaces: ens18 sources: services: dhcpv6-client imap pop3 smtp smtp-submission ports: protocols: forward: no masquerade: no forward-ports: source-ports: icmp-blocks: rich rules:
手順⑮ メールソフトで動作確認(POP3, SMTP)
手順⑮ メールソフトで動作確認(IMAP4, SMTP-Submission)