Centos7.5下安装sendmail

发表于 |

sendmail简介

  • Sendmail是一种多用途、支持多种协议的跨网络电子邮件发送代理软件,由艾瑞克·欧曼(Eric Allman)所开发,于1983年随着BSD 4.1c首次发行。
  • 其他同类软件:postfix、qmail
  • 客户端工具MUA:mailx(http://heirloom.sourceforge.net/mailx.html)

安装和配置

  • 安装

    1
    2
    3
    4
    5
    6
    7
    8
    # sendmail服务端
    yum -y install sendmail sendmail-cf m4
    systemctl start sendmail.service
    # mail客户端
    yum -y install mailx
    # 支持smtp认证
    yum -y install saslauthd
    systemctl start saslauthd

  • sendmail配置

  1. 更换主机名,假设我们的机器名为mymail(本文为mymail),域名为mymail.com

    1
    hostnamectl set-hostname mymail

  2. 修改/etc/hosts

    127.0.0.1 mymail mymail.com

    1
    2
    3
    4
    5
    # cat /etc/hosts
    127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
    ::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
    127.0.0.1   mymail mymail.com
    ::1         mymail mymail.com

  3. 修改/etc/mail/sendmail.mc

    1
    2
    3
    4
    5
    # 修改配置项,将下面两行的dnl去掉
    dnl TRUST_AUTH_MECH(\`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
    dnl define(\`confAUTH_MECHANISMS', \`EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
    # 将127.0.0.1改为0.0.0.0,意思是任何主机都可以访问Sendmail服务
    DAEMON_OPTIONS(\`Port=smtp, Addr=127.0.0.1, Name=MTA')dnl

生成Sendmail的配置文件:

m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf

  1. 将域名加入到local-host-names文件,修改/etc/mail/local-host-names
    1
    mymail.com

  1. 修改/etc/mail/submit.cf,找到行 #Dj$w.Foo.COM,修改为

    1
    2
    3
    4
    # my official domain name
    # ... define this only if sendmail cannot automatically determine your domain
    #Dj$w.Foo.COM
    Djmimvp.com

  2. 修改/etc/mail/acess,添加域名

    1
    Connect: mymail.com           RELAY

执行

1
makemap hash access.db < access

  1. 添加域名MX记录
  2. sendmail可以直接使用 “-r account@domain.com” 参数来以任意源地址发送邮件,但目前主流的邮箱都会将源地址和反向解析IP进行比较,如果解析不到或是解析的IP不匹配,轻则将邮件直接归为SPAM,严重的就直接拒绝接收。
  3. 重启sendmail生效
    1
    systemctl restart sendmail.service

调试和测试

  • 邮件目录结构

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    # 邮件执行文件
    /usr/sbin/sendmail
    /usr/bin/mail

    # 邮件配置目录
    /etc/mail/...

    # 邮件日志目录
    /var/log/mail*

    # 未发送邮件列表,可用mailq查看邮件列表
    /var/spool/mqueue/*

  • 建立邮件账号

    1
    adduser mailA -p Pass

  • 在本机上测试,使用xmail工具给mailA发邮件

    1
    echo "hello mymail.com" | mail -v -s "Title" mailA@mymail.com

  • 用其他转发邮箱测试,

    1. 配置/etc/mail.rc,以下以163邮箱示例

      1
      2
      3
      4
      5
      6
      7
      set from=my163mail@163.com
      set smtp=smtps://smtp.163.com:465
      set ssl-verify=ignore
      set nss-config-dir=/root/.certs
      set smtp-auth-user=my163mail@163.com
      set smtp-auth-password=my163mailpassword
      set smtp-auth=login

    2. 导入证书,分别是qq证书和163证书示例

      1
      2
      3
      4
      5
      echo -n | openssl s_client -connect smtp.qq.com:465 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > ~/.certs/qq.crt
      certutil -A -n "GeoTrust Global CA" -t "C,," -d ~/.certs -i ~/.certs/qq.crt
      certutil -A -n "GeoTrust SSL CA" -t "C,," -d ~/.certs -i ~/.certs/qq.crt
      certutil -L -d .certs
      certutil -A -n "GeoTrust SSL CA - G3" -t "Pu,Pu,Pu" -d ~/.certs/ -i ~/.certs/qq.crt
1
2
3
4
5
echo -n | openssl s_client -connect smtp.163.com:465 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > ~/.certs/163.crt
certutil -A -n "GeoTrust Global CA" -t "C,," -d ~/.certs -i ~/.certs/163.crt
certutil -A -n "GeoTrust SSL CA" -t "C,," -d ~/.certs -i ~/.certs/163.crt
certutil -L -d /root/.certs
certutil -A -n "GeoTrust SSL CA - G3" -t "Pu,Pu,Pu" -d ~/.certs/ -i ~/.certs/163.crt
  1. 发送邮件
    1
    echo "hello mymail.com" | mail -v -s "Title" tomail@163.com