11. named.conf
cp -pi /etc/named.conf /etc/named.conf.org
vi /etc/named.conf
listen-on port 53 { 127.0.0.1; }; ↓
// listen-on port 53 { 127.0.0.1; };
listen-on-v6 port 53 { ::1; }; ↓
listen-on-v6 port 53 { none; };
allow-query { localhost; }; ↓
allow-query { any; };
recursion yes; ↓
recursion no;
version "unknown";
12. named.conf zone追加
zone "hiroshimaserver.com" IN {
type master;
file "master/hiroshimaserver.com.zone";
};
13. zone
mkdir /var/named/master/
cd /var/named/master/
cp /var/named/named.empty /var/named/master/hiroshimaserver.com.zone
vi /var/named/master/hiroshimaserver.com.zone
14. # /var/named/master/hiroshimaserver.com.zone
$TTL 300 ; 5m
@ IN SOA @ ns1.hiroshimaserver.com. (
2014110104 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
IN NS ns1.hiroshimaserver.com.
IN NS ns2.hiroshimaserver.com.
IN MX 50 mail1.hiroshimaserver.com.
host1 IN A 133.242.227.23
ns1 IN A 133.242.227.23
ns2 IN A 133.242.227.23
mail1 IN A 133.242.227.23
smtp IN A 133.242.227.23
pop IN A 133.242.227.23
www IN A 133.242.227.23
15. 設定チェック,サービス開始
chown -R named:named /var/named/master/
/usr/sbin/named-checkconf /etc/named.conf
/usr/sbin/named-checkzone hiroshimaserver.com
/var/named/master/hiroshimaserver.com.zone
service named start
dig @localhost ns1.hiroshimaserver.com a
dig @localhost hiroshimaserver.com soa
dig @localhost hiroshimaserver.com mx
18. postconf -n
cp -pi /etc/postfix/master.cf /etc/postfix/master.cf.org
vi /etc/postfix/master.cf
submission inet n - n - - smtpd
chkconfig saslauthd on
chkconfig --list saslauthd
service saslauthd start
service postfix restart
19. dovecot
yum install dovecot
cp -pi /etc/dovecot/conf.d/10-mail.conf /etc/dovecot/conf.d/10-mail.conf.org
vi /etc/dovecot/conf.d/10-mail.conf
mail_location = maildir:~/Maildir
cp -pi /etc/dovecot/conf.d/10-auth.conf /etc/dovecot/conf.d/10-auth.conf.org
vi /etc/dovecot/conf.d/10-auth.conf
disable_plaintext_auth = no
auth_mechanisms = plain login
20. cp -pi /etc/dovecot/conf.d/10-master.conf /etc/dovecot/conf.d/10-
master.conf.org
vi /etc/dovecot/conf.d/10-master.conf
# Postfix smtp-auth
unix_listener /var/spool/postfix/private/auth {
mode = 0666
user = postfix
group = postfix
}
23. テストメール送信
telnet mail1.hiroshimaserver.com 25
helo xxxx
mail from: yo.takata@gmail.com
rcpt to: mailuser01@hiroshimaserver.com
data
From: yo.takata@gmail.com
To: mailuser01@hiroshimaserver.com
Subject: TEST MAIL YYYY/MM/DD HH:MM
TEST
.
34. 送信テスト
telnet localhost 25
helo mail1.hiroshimaserver.com
mail from: mailuser01@hiroshimaserver.com
rcpt to: yo.takata@gmail.com
data
From: mailuser01@hiroshimaserver.com
To: yo.takata@gmail.com
Subject: TEST YYYY/MM/DD HH:MM
TEST
.
quit
※gmail等にメールを送ってメッセージのソース表示で判定結果を確認
35. DMARC (DNS設定のみ)
vi /var/named/master/hiroshimaserver.com.zone
_dmarc.hiroshimaserver.com. IN TXT "v=DMARC1;
p=none; rua=mailto:report-dmarc@
hiroshimaserver.com; ruf=mailto:report-dmarc@
hiroshimaserver.com"
※シリアルを加算
rndc reload
36. テスト結果
Received-SPF: pass (google.com: domain of mailuser01@hiroshimaserver.com designates
133.242.227.23 as permitted sender) client-ip=133.242.227.23;
Authentication-Results: mx.google.com;
spf=pass (google.com: domain of mailuser01@hiroshimaserver.com designates 133.242.227.23
as permitted sender) smtp.mail=mailuser01@hiroshimaserver.com;
dkim=pass header.i=@hiroshimaserver.com;
dmarc=pass (p=NONE dis=NONE) header.from=hiroshimaserver.com
Received: from mail1.hiroshimaserver.com (localhost [IPv6:::1])
by mail1.hiroshimaserver.com (Postfix) with SMTP id 16BFC60672
for <yo.takata@gmail.com>; Sat, 1 Nov 2014 15:11:43 +0900 (JST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hiroshimaserver.com;
s=default; t=1414822343;
bh=q5cyARPl5zX/knmvCnEy11G7/r6gcljJ44qrvv5DErY=;
h=From:To:Subject:Date;
b=liRt7CwuIswOjW5+JYJRYmxaQe9W2QzZF98LvfRF55AWCbolKPItsZq/ztKuxLRXH
QDiZvozmL7pKlYCzUabCQG+kwuZo20PfbCY4xQnqKO3ocLpESBukudru41RnzwzXFf
GnUrIjFQmaxxA8E070qFpgAkXXTvLr51AyT6LVlI=