Postfix: http://www.postfix.org
OpenSSL: http://www.openssl.org
Configure:
make -f Makefile.init makefiles AUXLIBS="-L/usr/lib/mysql -lmysqlclient -lz -lm -L/home/postfix/sasl/lib -lsasl2 -L/usr/lib -lssl -lcrypto" CCARGS='-DRECEIVED_ENVELOPE_FROM -DUSE_SASL_AUTH -DUSE_CYRUS_SASL -I/home/postfix/sasl/include/sasl -DUSE_TLS -I/usr/include/openssl -I/usr/kerberos/include -DHAS_MYSQL -I/usr/include/mysql -DDEF_COMMAND_DIR=\"/home/postfix/sbin\" -DDEF_DAEMON_DIR=\"/home/postfix/libexec\" -DDEF_PROGRAM_DIR=\"/home/postfix/libexec\" -DDEF_QUEUE_DIR=\"/home/postfix/spool\" -DDEF_CONFIG_DIR=\"/home/postfix/etc\" -DDEF_SENDMAIL_PATH=\"/home/postfix/sbin/sendmail\" -DDEF_MAILQ_PATH=\"/home/postfix/bin/mailq\" -DDEF_NEWALIAS_PATH=\"/home/postfix/bin/newaliases\" -DDEF_SAMPLE_DIR=\"/home/postfix/doc/sample\"' OPT='-O2'
Install:
make || exit 2 sh postfix-install -non-interactive install_root=/ config_directory=/home/postfix/etc daemon_directory=/home/postfix/libexec command_directory=/home/postfix/sbin queue_directory=/home/postfix/spool sendmail_path=/home/postfix/sbin/sendmail newaliases_path=/home/postfix/bin/newaliases mailq_path=/usr/bin/mailq mail_owner=postfix setgid_group=postdrop manpage_directory=/home/postfix/man sample_directory=/home/postfix/doc/sample readme_directory=/home/postfix/doc/README_FILES
生成证书:
mkdir /home/postfix/etc/tls cd /home/postfix/etc/tls openssl req -new -x509 -nodes -out cert.pem chown root:postfix * chmod 640 * cd ..
配置文件main.cf
#smtpd-tls smtpd_tls_cert_file = $config_directory/tls/cert.pem smtpd_tls_key_file = $config_directory/tls/privkey.pem smtpd_use_tls = yes tls_random_source = dev:/dev/urandom tls_daemon_random_source = dev:/dev/urandom #smtpd_tls_auth_only = yes
启动smtps的守护进程
smtps inet n - n - - smtpd -o smtpd_tls_wrappermode=yes -o smtpd_tls_auth_only=yes
smtpd-tls-auth-only是指只有在安全传输的情况下,才可以认证。
大功告成,postfix reload后开始测试吧。