Simple SMTP Auth

Aveam nevoie astazi sa configurez un sistem simplu de relay: sa autentifice user-ul si, daca parola se potriveste, sa trimita mail-ul mai departe:

yum install postfix cyrus-sasl cyrus-sasl-plain

chkconfig –levels 235 saslauthd on

mkdir /etc/postfix/ssl

cd  /etc/postfix/ssl

openssl genrsa -des3 -rand /etc/hosts -out smtpd.key 1024

chmod 600 smtpd.key

openssl req -new -key smtpd.key -out smtpd.csr

openssl x509 -req -days 3650 -in smtpd.csr -signkey smtpd.key -out smtpd.crt

openssl rsa -in smtpd.key -out smtpd.key.unencrypted

mv -f smtpd.key.unencrypted smtpd.key

openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -days 3650

openssl pkcs12 -export -in smtpd.crt -inkey smtpd.key -out OutlookSMTP.p12

postfix reload

vim /etc/sysconfig/iptables

-A INPUT -m state –state NEW -m tcp -p tcp –dport  465 -j ACCEPT

chmod 660 /etc/sasldb2

 

vim /etc/sasl2/smtpd.conf

pwcheck_method:auxprop
mech_list: plain login

vim /etc/postfix/master.cf

smtps inet n – n – – smtpd
-o smtpd_sasl_auth_enable=yes
-o smtpd_reject_unlisted_sender=yes
-o smtpd_recipient_restrictions=permit_sasl_authenticated,reject
-o broken_sasl_auth_clients=yes

vim /etc/postfix/main.cf

smtpd_tls_auth_only = no
smtp_use_tls = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_type = cyrus
local_recipient_maps =
smtpd_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandomsmtpd_sasl_security_options = noanonymous

smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, check_relay_domains

saslpasswd2 user@domain.xxx

chmod 666 /etc/sasldb2

 

/etc/init.d/saslauthd restart

 

Surse:

http://wiki.centos.org/HowTos/Postfix%2BCyrusImapd%2BSASL#head-7667bd080e3a1a3b5cf164645f1a91c3c3e35614

http://www.howtoforge.com/postfix-smtp-authentication-on-the-secure-port-only

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>