MTA在邮件系统中处于非常重要的位置,他负责接收其他人给你发的信,并且负责把你的信转发到目的地。选择一个靠谱的MTA对建立邮件来说意义重大,因此我们使用Postfix!! 
。另外MTA部分在邮件系统中的开发难度是最高的,起到的作用也是最大的,因此我们也常拿MTA的名字来称呼自己的邮件系统,比如:我常说我的邮件系统是Postfix。
1、安装postfix
安装时选择(如果你使用MySQL验证,可以选择MYSQL):
PCRE SASL2 TLS MYSQL VDA TEST
shell
# cd /usr/ports/mail/postfix/ && make install clean
2、配置postfix
编辑/etc/rc.conf文件:
shell
# vi /etc/rc.conf
增加如下一行:
postfix_enable="YES"
编辑/etc/aliases文件:
shell
# vi /etc/aliases
确保有如下一行
postfix: root
替换掉系统带的sendmail程序
shell
# mv /usr/sbin/sendmail /usr/sbin/sendmail.bak
# cp /usr/local/sbin/sendmail /usr/sbin/sendmail
# cp /usr/local/sbin/sendmail /usr/sbin/sendmail
编辑/etc/periodic.conf文件:加入如下内容,禁掉sendmail的自动维护。
daily_clean_hoststat_enable="NO" daily_status_mail_rejects_enable="NO" daily_status_include_submit_mailq="NO" daily_submit_queuerun="NO"
执行如下命令
shell
# /usr/local/sbin/postalias /etc/aliases
# chown postfix:postfix /etc/opiekeys
# /usr/local/sbin/postconf -n > /usr/local/etc/postfix/main2.cf
# mv /usr/local/etc/postfix/main2.cf /usr/local/etc/postfix/main.cf
# vi /usr/local/etc/postfix/main.cf
# chown postfix:postfix /etc/opiekeys
# /usr/local/sbin/postconf -n > /usr/local/etc/postfix/main2.cf
# mv /usr/local/etc/postfix/main2.cf /usr/local/etc/postfix/main.cf
# vi /usr/local/etc/postfix/main.cf
增加如下内容:
# hostname mydomain = extmail.org myhostname = mail.extmail.org myorigin = $mydomain virtual_mailbox_base = /home/domains virtual_uid_maps=static:1000 virtual_gid_maps=static:1000
3、SMTP认证设置
编辑/usr/local/lib/sasl2/smtpd.conf文件:
shell
# vi /usr/local/lib/sasl2/smtpd.conf
增加以下内容:
pwcheck_method:authdaemond log_level:3 mech_list:PLAIN LOGIN authdaemond_path:/var/run/authdaemond/socket
对postfix做如下配置使支持smtp认证
# SMTP AUTH config here smtpd_sasl_auth_enable = yes broken_sasl_auth_clients = yes smtpd_sasl_local_domain = $myhostname
4、postfix反垃圾设置
此处的反垃圾邮件只是在MTA级的一些预防垃圾邮件的设置,可根据实际情况以及自己的需要进行调整。
shell
# vi /usr/local/etc/postfix/main.cf
增加以下内容:
smtpd_helo_required = yes
smtpd_delay_reject = yes
disable_vrfy_command = yes
smtpd_client_restrictions =
check_client_access hash:/usr/local/etc/postfix/client_access
smtpd_helo_restrictions=
reject_invalid_hostname,check_helo_access hash:/usr/local/etc/postfix/helo_access
# SMTP sender login matching config
smtpd_sender_restrictions =
reject_non_fqdn_sender,
reject_unknown_sender_domain,
check_sender_access hash:/usr/local/etc/postfix/sender_access
#smtpd related config
smtpd_recipient_restrictions=
permit_mynetworks,
permit_sasl_authenticated,
reject_non_fqdn_hostname,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unauth_destination,
reject_unauth_pipelining,
reject_invalid_hostname
smtpd_data_restrictions = reject_unauth_pipelining
header_checks = regexp:/usr/local/etc/postfix/head_checks
body_checks = regexp:/usr/local/etc/postfix/body_checks
生成虚拟域数据库
shell
# rehash
# touch /usr/local/etc/postfix/head_checks
# touch /usr/local/etc/postfix/body_checks
# touch /usr/local/etc/postfix/client_access
# touch /usr/local/etc/postfix/sender_access
# touch /usr/local/etc/postfix/helo_access
# postmap /usr/local/etc/postfix/head_checks
# postmap /usr/local/etc/postfix/body_checks
# postmap /usr/local/etc/postfix/client_access
# postmap /usr/local/etc/postfix/sender_access
# postmap /usr/local/etc/postfix/helo_access
# touch /usr/local/etc/postfix/head_checks
# touch /usr/local/etc/postfix/body_checks
# touch /usr/local/etc/postfix/client_access
# touch /usr/local/etc/postfix/sender_access
# touch /usr/local/etc/postfix/helo_access
# postmap /usr/local/etc/postfix/head_checks
# postmap /usr/local/etc/postfix/body_checks
# postmap /usr/local/etc/postfix/client_access
# postmap /usr/local/etc/postfix/sender_access
# postmap /usr/local/etc/postfix/helo_access
