外部から内部にメール送信の設定  それをするためにはまず MX レコードがないと外部からのメールを受け取ることができない。MX レコードは BIND のゾーンに明記する。[root@pc06 ~]# vi /var/named/chroot/v...
CRAM-MD5 LOGIN PLAIN) ← 行頭の dnl を削除(SMTP-Auth 有効化)以下に sendmail.mc のソースを記述する。divert(-1)dnldnl #dnl # This is the sendmail m...
dnl # Mozilla Mail and Evolution, though Outlook Express and other MUAs dodnl # use LOGIN. Other mechanisms should be used...
FEATURE(use_cw_file)dnlFEATURE(use_ct_file)dnldnl #dnl # The following limits the number of processes sendmail can fork to...
dnl #dnl # The following causes sendmail to additionally listen to port 587 fordnl # mail from MUAs that authenticate. Roa...
dnl FEATURE(`relay_based_on_MX)dnldnl #dnl # Also accept email sent to "localhost.localdomain" as local email.dnl #LOCAL_D...
[root@pc06 ~]# echo `hostname -d` >> /etc/mail/local-host-namesもともと、学校内のサーバは外部から制限されているが、リレーの制限を設定しておく。[root@pc06 ~]# /etc...
test18:52リザル ザハルッディン高知工業高等専門学校電気工学科43期生高知県南国市物部川乙200-1Email: rizal@kochi-ct.jp参考文献http://fedorasrv.com/cgi-bin/namazu.cgi?...
Upcoming SlideShare
Loading in...5
×

13

509

Published on

外部から内部にメール送信の設定

Published in: Self Improvement, Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
509
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
1
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

13

  1. 1. 外部から内部にメール送信の設定 それをするためにはまず MX レコードがないと外部からのメールを受け取ることができない。MX レコードは BIND のゾーンに明記する。[root@pc06 ~]# vi /var/named/chroot/var/named/pc06.net-enshu.ee.kochi-ct.ac.jp.db.wan pc06.net-enshu.ee.kochi-ct.ac.jp. IN MX 10 mail.pc06.net-enshu.ee.kochi-ct.ac.jp. mail.pc06.net-enshu.ee.kochi-ct.ac.jp. IN A 202.249.231.116Fedora には sendmail がすでにインストールされているので、インストールする必要がなく、sendmail の設定を編集する。[root@pc06 ~]# vi /etc/mail/sendmail.mc DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA)dnl ↓ DAEMON_OPTIONS(`Port=smtp, Name=MTA)dnl ← 変更(外部からの受信を許 可) dnl MASQUERADE_AS(`pc06.net-enshu.ee.kochi-ct.ac.jp)dnl MASQUERADE_AS(`pc06.net-enshu.ee.kochi-ct.ac.jp)dnl ← 追加(送信元アドレス の@以降をドメイン名にする) dnl FEATURE(masquerade_envelope)dnl FEATURE(masquerade_envelope)dnl ← 追加(エンベロープ From も書き替える) EXPOSED_USER(`root)dnl ↓ dnl EXPOSED_USER(`root)dnl ← 変更(送信元が root の場合も書き替える) dnl TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN)dnl dnl define(`confAUTH_MECHANISMS, `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN) ↓ TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN)dnl ← 行頭の dnl を削除(SMTP-Auth 有効化) define(`confAUTH_MECHANISMS, `EXTERNAL GSSAPI DIGEST-MD5
  2. 2. CRAM-MD5 LOGIN PLAIN) ← 行頭の dnl を削除(SMTP-Auth 有効化)以下に sendmail.mc のソースを記述する。divert(-1)dnldnl #dnl # This is the sendmail macro config file for m4. If you make changes todnl # /etc/mail/sendmail.mc, you will need to regenerate thednl # /etc/mail/sendmail.cf file by confirming that the sendmail-cf package isdnl # installed and then performing adnl #dnl # make -C /etc/maildnl #include(`/usr/share/sendmail-cf/m4/cf.m4)dnlVERSIONID(`setup for Red Hat Linux)dnlOSTYPE(`linux)dnldnl #dnl # default logging level is 9, you might want to set it higher todnl # debug the configurationdnl #dnl define(`confLOG_LEVEL, `9)dnldnl #dnl # Uncomment and edit the following line if your outgoing mail needs todnl # be sent out through an external mail server:dnl #dnl define(`SMART_HOST,`smtp.your.provider)dnl #define(`confDEF_USER_ID,``8:12)dnldnl define(`confAUTO_REBUILD)dnldefine(`confTO_CONNECT, `1m)dnldefine(`confTRY_NULL_MX_LIST,true)dnldefine(`confDONT_PROBE_INTERFACES,true)dnldefine(`PROCMAIL_MAILER_PATH,`/usr/bin/procmail)dnldefine(`ALIAS_FILE, `/etc/aliases)dnldefine(`STATUS_FILE, `/var/log/mail/statistics)dnldefine(`UUCP_MAILER_MAX, `2000000)dnldefine(`confUSERDB_SPEC, `/etc/mail/userdb.db)dnldefine(`confPRIVACY_FLAGS, `authwarnings,novrfy,noexpn,restrictqrun)dnldefine(`confAUTH_OPTIONS, `A)dnldnl #dnl # The following allows relaying if the user authenticates, and disallowsdnl # plaintext authentication (PLAIN/LOGIN) on non-TLS linksdnl #dnl define(`confAUTH_OPTIONS, `A p)dnldnl #dnl # PLAIN is the preferred plaintext authentication method and used by
  3. 3. dnl # Mozilla Mail and Evolution, though Outlook Express and other MUAs dodnl # use LOGIN. Other mechanisms should be used if the connection is notdnl # guaranteed secure.dnl # Please remember that saslauthd needs to be running for AUTH.dnl #TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN)dnldefine(`confAUTH_MECHANISMS, `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5LOGIN PLAIN)dnldnl #dnl # Rudimentary information on creating certificates for sendmail TLS:dnl # cd /usr/share/ssl/certs; make sendmail.pemdnl # Complete usage:dnl # make -C /usr/share/ssl/certs usagednl #dnl define(`confCACERT_PATH,`/etc/pki/tls/certs)dnldnl define(`confCACERT,`/etc/pki/tls/certs/ca-bundle.crt)dnldnl define(`confSERVER_CERT,`/etc/pki/tls/certs/sendmail.pem)dnldnl define(`confSERVER_KEY,`/etc/pki/tls/certs/sendmail.pem)dnldnl #dnl # This allows sendmail to use a keyfile that is shared with OpenLDAPsdnl # slapd, which requires the file to be readble by group ldapdnl #dnl define(`confDONT_BLAME_SENDMAIL,`groupreadablekeyfile)dnldnl #dnl define(`confTO_QUEUEWARN, `4h)dnldnl define(`confTO_QUEUERETURN, `5d)dnldnl define(`confQUEUE_LA, `12)dnldnl define(`confREFUSE_LA, `18)dnldefine(`confTO_IDENT, `0)dnldnl FEATURE(delay_checks)dnlFEATURE(`no_default_msa,`dnl)dnlFEATURE(`smrsh,`/usr/sbin/smrsh)dnlFEATURE(`mailertable,`hash -o /etc/mail/mailertable.db)dnlFEATURE(`virtusertable,`hash -o /etc/mail/virtusertable.db)dnlFEATURE(redirect)dnlFEATURE(always_add_domain)dnl
  4. 4. FEATURE(use_cw_file)dnlFEATURE(use_ct_file)dnldnl #dnl # The following limits the number of processes sendmail can fork to acceptdnl # incoming messages or process its message queues to 12.) sendmail refusesdnl # to accept connections once it has reached its quota of child processes.dnl #dnl define(`confMAX_DAEMON_CHILDREN, 12)dnldnl #dnl # Limits the number of new connections per second. This caps the overheaddnl # incurred due to forking new sendmail processes. May be useful againstdnl # DoS attacks or barrages of spam. (As mentioned below, a per-IP addressdnl # limit would be useful but is not available as an option at this writing.)dnl #dnl define(`confCONNECTION_RATE_THROTTLE, 3)dnldnl #dnl # The -t option will retry delivery if e.g. the user runs over his quota.dnl #FEATURE(local_procmail,`,`procmail -t -Y -a $h -d $u)dnlFEATURE(`access_db,`hash -T<TMPF> -o /etc/mail/access.db)dnlFEATURE(`blacklist_recipients)dnldnl EXPOSED_USER(`root)dnldnl #dnl # For using Cyrus-IMAPd as POP3/IMAP server through LMTP deliveryuncommentdnl # the following 2 definitions and activate below in the MAILER section thednl # cyrusv2 mailer.dnl #dnl define(`confLOCAL_MAILER, `cyrusv2)dnldnl define(`CYRUSV2_MAILER_ARGS, `FILE /var/lib/imap/socket/lmtp)dnldnl #dnl # The following causes sendmail to only listen on the IPv4 loopback addressdnl # 127.0.0.1 and not on any other network devices. Remove the loopbackdnl # address restriction to accept email from the internet or intranet.dnl #DAEMON_OPTIONS(`Port=smtp, Name=MTA)dnl
  5. 5. dnl #dnl # The following causes sendmail to additionally listen to port 587 fordnl # mail from MUAs that authenticate. Roaming users who cant reach theirdnl # preferred sendmail daemon due to port 25 being blocked or redirected finddnl # this useful.dnl #dnl DAEMON_OPTIONS(`Port=submission, Name=MSA, M=Ea)dnldnl #dnl # The following causes sendmail to additionally listen to port 465, butdnl # starting immediately in TLS mode upon connecting. Port 25 or 587 followeddnl # by STARTTLS is preferred, but roaming clients using Outlook Express cantdnl # do STARTTLS on ports other than 25. Mozilla Mail can ONLY use STARTTLSdnl # and doesnt support the deprecated smtps; Evolution <1.1.1 uses smtpsdnl # when SSL is enabled-- STARTTLS support is available in version 1.1.1.dnl #dnl # For this to work your OpenSSL certificates must be configured.dnl #dnl DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, M=s)dnldnl #dnl # The following causes sendmail to additionally listen on the IPv6 loopbackdnl # device. Remove the loopback address restriction listen to the network.dnl #dnl DAEMON_OPTIONS(`port=smtp,Addr=::1, Name=MTA-v6, Family=inet6)dnldnl #dnl #dnl # enable both ipv6 and ipv4 in sendmail:dnl #dnl DAEMON_OPTIONS(`Name=MTA-v4, Family=inet, Name=MTA-v6,Family=inet6)dnl #dnl # We strongly recommend not accepting unresolvable domains if you want todnl # protect yourself from spam. However, the laptop and users on computersdnl # that do not have 24x7 DNS do need this.dnl #FEATURE(`accept_unresolvable_domains)dnldnl #
  6. 6. dnl FEATURE(`relay_based_on_MX)dnldnl #dnl # Also accept email sent to "localhost.localdomain" as local email.dnl #LOCAL_DOMAIN(`pc06.net-enshu.ee.kochi-ct.ac.jp)dnldnl #dnl # The following example makes mail from this host and any additionaldnl # specified domains appear to be sent from mydomain.comdnl #MASQUERADE_AS(`pc06.net-enshu.ee.kochi-ct.ac.jp)dnldnl #dnl # masquerade not just the headers, but the envelope as welldnl #FEATURE(masquerade_envelope)dnldnl #dnl # masquerade not just @mydomainalias.com, but @*.mydomainalias.com as welldnl #dnl FEATURE(masquerade_entire_domain)dnldnl #MASQUERADE_DOMAIN(pc06)dnlMASQUERADE_DOMAIN(pc06.net-enshu.ee.kochi-ct.ac.jp)dnldnl MASQUERADE_DOMAIN(mydomainalias.com)dnldnl MASQUERADE_DOMAIN(mydomain.lan)dnlMAILER(smtp)dnlMAILER(procmail)dnldnl MAILER(cyrusv2)dnlCwpc07.net-enshu.ee.kochi-ct.ac.jp次に m4 コマンドを用いて sendmail.cf を作成する。[root@pc06 ~]# m4 /usr/share/sendmail-cf/m4/cf.m4 /etc/mail/sendmail.mc >/etc/mail/sendmail.cf受信ドメイン名の決定。[root@pc06 ~]# /etc/mail/local-host-names pc06.net-enshu.ee.kochi-ct.ac.jp mail.pc06.net-enshu.ee.kochi-ct.ac.jp@pc06.net-enshu.ee.kochi-ct.ac.jp でメール受信できるようにする。
  7. 7. [root@pc06 ~]# echo `hostname -d` >> /etc/mail/local-host-namesもともと、学校内のサーバは外部から制限されているが、リレーの制限を設定しておく。[root@pc06 ~]# /etc/mail/accesslocalhost.localdomain RELAYlocalhost RELAY127.0.0.1 RELAY202.249.231.116 RELAYpc06.net-enshu.ee.kochi-ct.ac.jp RELAYkochi-ct.ac.jp RELAYkochi-ct.jp RELAY[root@pc06 ~]# makemap hash /etc/mail/access.db < /etc/mail/accesssendmail をリロードする[root@pc06 ~]# service sendmail restart受信の確認[rizal@pc06 ~]$ mailMail version 8.1 6/6/93. Type ? for help."/var/spool/mail/rizal": 6 messages 6 new>N 1 root@localhost.local Wed Jan 14 14:13 17/734 "test" N 2 root@pc06.net-enshu. Wed Jan 14 15:32 16/788 "test" N 3 root@pc06.net-enshu. Wed Jan 14 16:25 16/725 "test" N 4 root@pc06.net-enshu. Wed Jan 14 16:30 16/788 "test" N 5 root@pc06.net-enshu. Wed Jan 14 16:31 16/726 "test" N 6 rizal@kochi-ct.jp Wed Jan 14 18:56 31/1075 "test"&(6)Message 6:From rizal@kochi-ct.jp Wed Jan 14 18:56:02 2009MIME-Version: 1.0Date: Wed, 14 Jan 2009 18:53:41 +0900From: =?ISO-2022-JP?B?GyRCTX1jdRsoQg==?= <rizal@kochi-ct.jp>To: <rizal@pc06.net-enshu.ee.kochi-ct.ac.jp>Subject: testContent-Type: Text/plain; charset=ISO-2022-JPContent-Transfer-Encoding: 7bitX-Priority: 3ORGANIZATION: =?ISO-2022-JP?B?GyRCOWJDTjliQGwbKEI=?=X-MAILER: Active! mail
  8. 8. test18:52リザル ザハルッディン高知工業高等専門学校電気工学科43期生高知県南国市物部川乙200-1Email: rizal@kochi-ct.jp参考文献http://fedorasrv.com/cgi-bin/namazu.cgi?query=sendmail&whence=0&idxname=bbshtml&max=20&result=normal&sort=score

×