2021-1-10\u73fe\u5728\u306e\u60c5\u5831\u3067\u3059\u3002\u73fe\u6642\u70b9\u3067\u306e\u30c6\u30b9\u30c8\u306f\u4e8c\u3064\u306e\u30c9\u30e1\u30a4\u30f3\u306e\u5185\u3001kinryo.net\u306b\u95a2\u3057\u3066\u306f\u307b\u307c\u30c6\u30b9\u30c8\u304c\u7d42\u4e86\u3057\u3066\u3044\u307e\u3059\u304c\u3001kinryokai.net\u306b\u95a2\u3057\u3066\u306f\u30ed\u30fc\u30ab\u30eb\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u5185\u3067\u306e\u30c6\u30b9\u30c8\u306e\u307f\u304c\u7d42\u4e86\u3057\u3066\u3044\u307e\u3059\u304c\u3001\u30b0\u30ed\u30fc\u30d0\u30eb\u304b\u3089\u306e\u30c6\u30b9\u30c8\u306f\u307e\u3060\u51fa\u6765\u3066\u5c45\u307e\u305b\u3093\u3002\u3068\u3044\u3046\u306e\u3082\u3001\u3053\u306e\u30c9\u30e1\u30a4\u30f3\u306f\u73fe\u6642\u70b9\u3067\u5168\u304f\u5225\u306e\u30db\u30b9\u30c8\u3067\u73fe\u884c\u306e\u30e1\u30fc\u30eb\u30b5\u30fc\u30d0\u30fc\u304c\u7a3c\u50cd\u3057\u3066\u304a\u308a\u3001DNS\u306e\u8a2d\u5b9a\u3092\u5909\u66f4\u3057\u306a\u3044\u3068\u306a\u3089\u306a\u3044\u306e\u3067\u3059\u304c\u3001\u904e\u53bb\u306e\u30e1\u30fc\u30eb\u306e\u30c7\u30fc\u30bf\u30fc\u3092\u79fb\u3057\u5909\u3048\u3066\u3044\u306a\u3044\u304b\u3089\u3067\u3059\u3002<\/p>\r\n\r\n\r\n\r\n
postfix\u306fvirtual\u3067\u8907\u6570\u306e\u30e1\u30fc\u30eb\u30b5\u30fc\u30d0\u30fc\u3092\u7a3c\u52d5\u3055\u305b\u307e\u3059\u3002\u4e0b\u8a18\u306b postconf -n \u306e\u7d50\u679c\u3092\u8a18\u3057\u307e\u3059\u3002\uff08\u3054\u5b58\u3058\u3060\u3068\u601d\u3044\u307e\u3059\u304c\u3001\u3053\u308c\u306f\u30c7\u30d5\u30a9\u30eb\u30c8\u306e\u8a2d\u5b9a\u304b\u3089\u5909\u66f4\u3057\u305f\u90e8\u5206\u306e\u307f\u3092\u8868\u793a\u3057\u3066\u3044\u307e\u3059\uff09\u3053\u306e\u8a2d\u5b9a\u306f\u30e1\u30a4\u30eb\u30dc\u30c3\u30af\u30b9\u306fMaildir\u5f62\u5f0f\uff08\u4e00\u3064\u306e\u30e1\u30fc\u30eb\u304c\u4e00\u3064\u306e\u30d5\u30a1\u30a4\u30eb\uff09\u3001ipv6\u306f\u4f7f\u306f\u306a\u3044\u3001\u30b9\u30d1\u30e0\u3084\u30a6\u30a3\u30eb\u30b9\u30c1\u30a7\u30c3\u30af\u306f centossrv.com\u3092\u53c2\u8003\u306b\u8a2d\u5b9a\u3001sasl auth\u3092\u5c0e\u5165\u3001\u305d\u306e\u8a8d\u8a3c\u306f dovecot\u306b\u59d4\u305b\u308b(dovecot\u306e\u8a2d\u5b9a\u3067\u51fa\u3066\u304d\u307e\u3059\u304c\u3001\u8a8d\u8a3c\u306fmysql(mariadb)\u3092\u4f7f\u3046\uff09\u3001\u30e1\u30fc\u30eb\u306e\u6697\u53f7\u5316\u306f letsencrypt \u3092\u4f7f\u3046\u3001\u30e1\u30a4\u30eb\u30c7\u30fc\u30bf\u30fc\u306e\u4fdd\u5b58\u5834\u6240\u306f \/Mail (\u3053\u308c\u306f\u79fb\u8a2d\u3092\u7c21\u5358\u306b\u3059\u308b\u305f\u3081\u306b\u3001\u65b0\u305f\u306b\u5c02\u7528\u306e\u9818\u57df\u3092\u4f5c\u3063\u305f\u3002\u53c8\u3001\u65b0\u898f\u30e6\u30fc\u30b6\u30fc\u3068\u3057\u3066vmail\u3092\u4f5c\u6210\u3057\u305d\u306eUID\u3001GID\u309210000\u306b\u3057\u305f\u3002\u53c8 \/mail\u4ee5\u4e0b\u306e\u6240\u6709\u8005\u3092vmail\u306b\u3057\u305f\u3002\uff09\u3001\u30d0\u30fc\u30c1\u30e3\u30eb\u30c9\u30e1\u30a4\u30f3\u3084\u30d0\u30fc\u30c1\u30e3\u30eb\u30e1\u30a4\u30eb\u30dc\u30c3\u30af\u30b9\u306b\u306fmysql(mariadb)\u3092\u4f7f\u3046\u3002IP\u30a2\u30c9\u30ec\u30b9\u306f\u4f0f\u305b\u5b57\u3002 \/etc\/postfix\/master.cf \u306f mysql(mariadb)\u95a2\u9023\u3002\u5c1a\u3001postfixadmin\u306edatabase\u540d\uff1apostfix, user\u540d\uff1apostfixadmin, \u30d1\u30b9\u30ef\u30fc\u30c9\u306f\u4f0f\u305b\u5b57 # cat \/etc\/postfix\/mysql_virtual_domains_maps.cf<\/span><\/span> # cat \/etc\/postfix\/mysql_virtual_mailbox_maps.cf<\/span><\/span> <\/p>\r\n","protected":false},"excerpt":{"rendered":" 2021-1-10\u73fe\u5728\u306e\u60c5\u5831\u3067\u3059\u3002\u73fe\u6642\u70b9\u3067\u306e\u30c6\u30b9\u30c8\u306f\u4e8c\u3064\u306e\u30c9\u30e1\u30a4\u30f3\u306e\u5185\u3001kinryo.net\u306b\u95a2\u3057\u3066\u306f\u307b\u307c\u30c6\u30b9\u30c8\u304c\u7d42\u4e86\u3057\u3066\u3044\u307e\u3059\u304c\u3001kinryokai.net\u306b\u95a2\u3057\u3066\u306f\u30ed\u30fc\u30ab\u30eb\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u5185\u3067\u306e\u30c6\u30b9\u30c8\u306e\u307f\u304c\u7d42\u4e86\u3057\u3066\u3044\u307e\u3059 … \u7d9a\u304d\u3092\u8aad\u3080
#<\/span> postconf -n<\/span>
alias_database = hash:\/etc\/aliases<\/span>
alias_maps = hash:\/etc\/aliases<\/span>
command_directory = \/usr\/sbin<\/span>
config_directory = \/etc\/postfix<\/span>
daemon_directory = \/usr\/libexec\/postfix<\/span>
data_directory = \/var\/lib\/postfix<\/span>
debug_peer_level = 2<\/span>
debugger_command = PATH=\/bin:\/usr\/bin:\/usr\/local\/bin:\/usr\/X11R6\/bin ddd $daemon_directory\/$process_name $process_id & sleep 5<\/span>
disable_vrfy_command = yes<\/span>
header_checks = regexp:\/etc\/postfix\/header_checks<\/span>
home_mailbox = Maildir\/<\/span>
html_directory = no<\/span>
inet_interfaces = all<\/span>
inet_protocols = ipv4<\/span>
local_recipient_maps =<\/span>
local_transport = virtual<\/span>
luser_relay = unknown_user@localhost<\/span>
mail_owner = postfix<\/span>
mailbox_command = \/usr\/bin\/procmail<\/span>
mailbox_size_limit = 9663676416<\/span>
mailq_path = \/usr\/bin\/mailq.postfix<\/span>
manpage_directory = \/usr\/share\/man<\/span>
message_size_limit = 52428800<\/span>
milter_command_timeout = 150<\/span>
milter_default_action = tempfail<\/span>
milter_mail_macros = {auth_author} {auth_type} {auth_authen}<\/span>
milter_protocol = 6<\/span>
mydestination =<\/span>
mydomain = kinryo.net<\/span>
myhostname = mail.kinryo.net<\/span>
mynetworks = 192.168.X.X\/24, 127.0.0.0\/8<\/span>
myorigin = $mydomain<\/span>
newaliases_path = \/usr\/bin\/newaliases.postfix<\/span>
queue_directory = \/var\/spool\/postfix<\/span>
readme_directory = \/usr\/share\/doc\/postfix-2.10.1\/README_FILES<\/span>
sample_directory = \/usr\/share\/doc\/postfix-2.10.1\/samples<\/span>
sendmail_path = \/usr\/sbin\/sendmail.postfix<\/span>
setgid_group = postdrop<\/span>
smtp_tls_ciphers = high<\/span>
smtp_tls_mandatory_protocols = !SSLv2,!SSLv3<\/span>
smtp_tls_protocols = !SSLv2,!SSLv3<\/span>
smtp_tls_security_level = may<\/span>
smtpd_banner = $myhostname ESMTP unknown<\/span>
smtpd_client_restrictions = permit_mynetworks, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_client, reject_rbl_client all.rbl.jp, reject_rbl_client zen.spamhaus.org, permit<\/span>
smtpd_helo_required = yes<\/span>
smtpd_milters = unix:\/var\/run\/milter-manager\/milter-manager.sock<\/span>
smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination<\/span>
smtpd_sasl_auth_enable = yes<\/span>
smtpd_sasl_local_domain = $myhostname<\/span>
smtpd_sasl_path = private\/auth<\/span>
smtpd_sasl_security_options = noanonymous<\/span>
smtpd_sasl_type = dovecot<\/span>
smtpd_sender_restrictions = reject_unknown_sender_domain, reject_non_fqdn_sender<\/span>
smtpd_tls_cert_file = \/etc\/letsencrypt\/live\/mail.kinryo.net\/fullchain.pem<\/span>
smtpd_tls_ciphers = high<\/span>
smtpd_tls_key_file = \/etc\/letsencrypt\/live\/mail.kinryo.net\/privkey.pem<\/span>
smtpd_tls_loglevel = 1<\/span>
smtpd_tls_mandatory_ciphers = high<\/span>
smtpd_tls_mandatory_protocols = !SSLv2,!SSLv3<\/span>
smtpd_tls_protocols = !SSLv2,!SSLv3<\/span>
smtpd_tls_received_header = yes<\/span>
smtpd_tls_security_level = may<\/span>
smtpd_tls_session_cache_database = btree:\/var\/lib\/postfix\/smtpd_scache<\/span>
tls_high_cipherlist = kEECDH:+kEECDH+SHA:kEDH:+kEDH+SHA:+kEDH+CAMELLIA:kECDH:+kECDH+SHA:kRSA:+kRSA+SHA:+kRSA+CAMELLIA:!aNULL:!eNULL:!SSLv2:!RC4:!MD5:!DES:!EXP:!SEED:!IDEA:!3DES<\/span>
unknown_local_recipient_reject_code = 550<\/span>
virtual_alias_maps = mysql:\/etc\/postfix\/mysql_virtual_alias_maps.cf<\/span>
virtual_gid_maps = static:10000<\/span>
virtual_mailbox_base = \/Mail<\/span>
virtual_mailbox_domains = mysql:\/etc\/postfix\/mysql_virtual_domains_maps.cf<\/span>
virtual_mailbox_limit = 9663676416<\/span>
virtual_mailbox_maps = mysql:\/etc\/postfix\/mysql_virtual_mailbox_maps.cf<\/span>
virtual_transport = virtual<\/span>
virtual_uid_maps = static:10000
<\/span>\u5c1a\u3001smtpd_client_restrictions, smtpd_sender_restrictions, smtpd_recipient_restrictions, \u306f\u540c\u3058\u3088\u3046\u306a\u8a2d\u5b9a\u304c\u51fa\u6765\u308b\u304c\u3001\u52d8\u9055\u3044\u3057\u3084\u3059\u3044\u306e\u3067\u3001https:\/\/www.netmarvs.com\/archives\/3808<\/a> \u3092\u53c2\u8003\u306b\u3059\u308b\u3068\u826f\u3044\u3002<\/p>\r\n
smtp inet n – n – – smtpd<\/span>
smtps inet n – n – – smtpd<\/span>
-o smtpd_tls_wrappermode=yes<\/span>
-o smtpd_sasl_auth_enable=yes<\/span>
pickup unix n – n 60 1 pickup<\/span>
cleanup unix n – n – 0 cleanup<\/span>
qmgr unix n – n 300 1 qmgr<\/span>
tlsmgr unix – – n 300 1 tlsmgr<\/span>
rewrite unix – – n – – trivial-rewrite<\/span>
bounce unix – – n – 0 bounce<\/span>
defer unix – – n – 0 bounce<\/span>
trace unix – – n – 0 bounce<\/span>
verify unix – – n – 1 verify<\/span>
flush unix n – n 1000? 0 flush<\/span>
proxymap unix – – n – – proxymap<\/span>
proxywrite unix – – n – 1 proxymap<\/span>
smtp unix – – n – – smtp<\/span>
relay unix – – n – – smtp<\/span>
showq unix n – n – – showq<\/span>
error unix – – n – – error<\/span>
retry unix – – n – – error<\/span>
discard unix – – n – – discard<\/span>
local unix – n n – – local<\/span>
virtual unix – n n – – virtual<\/span>
lmtp unix – – n – – lmtp<\/span>
anvil unix – – n – 1 anvil<\/span>
scache unix – – n – 1 scache<\/span><\/p>\r\n
#<\/span> cat \/etc\/postfix\/mysql_virtual_alias_maps.cf<\/span>
user = postfixadmin<\/span>
password = XXXXXX<\/span>
hosts = localhost<\/span>
dbname = postfix<\/span>
table = alias<\/span>
select_field = goto<\/span>
where_field = address<\/span><\/p>\r\n
user = postfixadmin<\/span>
password = XXXXXX<\/span>
hosts = localhost<\/span>
dbname = postfix<\/span>
table = domain<\/span>
select_field = domain<\/span>
where_field = domain<\/span>
additional_conditions = and active = ‘1’<\/span><\/p>\r\n
user = postfixadmin<\/span>
password = XXXXXX<\/span>
hosts = localhost<\/span>
dbname = postfix<\/span>
table = mailbox<\/span>
select_field = maildir<\/span>
where_field = username<\/span><\/p>\r\n