Was this page helpful?

設定郵件通知 Postfix

    在 Elastix 系統內建的郵件系統是 Postfix,這可以用來作語音留言通知及傳真通知等功能。

    此篇的作法也適用 Trixbox 的用戶,但先參考這篇 Replacing sendmail with PostFix

    假設環境是家用的 Elastix 主機,而且沒有申請任何網域,使用 Dyndns.org 作網域註冊(選用)。在沒有任何郵件轉發主機的使用狀況,有兩種解決方法:

    1. 使用線路所屬的 ISP 供應商的郵件主機。
    2. 使用外部其他認證的郵件主機。

    筆者的系統是使用 Seednet ADSL 當使用 ISP 的郵件主機轉發郵件時,會被拒絕,這是因為主機的 IP 是撥號連線取得的,又這類 IP 多半會被一些阻擋垃圾郵件組織的網站列為黑名單,不巧筆者的主機就是如此,雖然有透過該網站申請移除,但一直沒下文,所以就作罷。

    還好,平常在使用的 Gmail,因為支援 SMTP 連線,所以就拿它來轉寄 Elastix 的郵件,接著來看看如何作。

    使用 Gmail

    NOTE: 這裡有另一篇比較簡單的做法,使用 Mutt 工具來發信,不須建立憑證檔。
    How to send email notifications using Gmail SMTP server on Linux

    建立 SSL 的憑證檔
    mkdir /etc/postfix/gmail
    cd /etc/postfix/gmail
    openssl genrsa -out gmail.key 1024
    openssl req -new -key gmail.key -x509 -out gmail.crt

     

    設定 Gmail 連線帳號及密碼

    vi /etc/postfix/saslpasswd

    smtp.gmail.com [email protected]:password
    

    username & password 是 Gmail 的登入帳號密碼

    # postmap hash:/etc/postfix/saslpasswd 
    # chmod 600 /etc/postfix/saslpasswd /etc/postfix/saslpasswd.db
    設定 Postfix

    vi /etc/postfix/main.cf

    relayhost = [smtp.gmail.com]:587
    
    smtp_sasl_auth_enable=yes
    smtp_sasl_password_maps = hash:/etc/postfix/saslpasswd
    smtp_use_tls = yes
    smtp_sasl_security_options = noanonymous
    smtp_sasl_tls_security_options = noanonymous
    smtp_tks_note_starttls_offer = yes
    tls_random_source = dev:/dev/urandom
    smtp_tls_scert_verifydepth = 5
    smtp_tls_key_file=/etc/postfix/gmail/gmail.key
    smtp_tls_cert_file=/etc/postfix/gmail/gmail.crt
    smtpd_tls_ask_ccert = yes
    smtpd_tls_req_ccert =no
    smtp_tls_enforce_peername = no
    

    存檔後重新載入 Postfix

    service postfix reload

    到這 Elastix 應該已經可以正常發信,如果有異常,可能要查一下 /var/log/maillog  裡面的有關訊息。

    在 maillog 裡可能會看到有關認證檔讀取失敗的錯誤,不過這不影響發信,如果覺得這幾行礙眼,可以繼續下面的步驟。

    其他補充
    # yum install openssl-perl
    # cd /etc/pki/tls/misc
    # ./CA.pl -newca
    CA certificate filename (or enter to create)
    
    Making CA certificate ...
    Generating a 1024 bit RSA private key
    ...............++++++
    ........++++++
    writing new private key to '../../CA/private/cakey.pem'
    Enter PEM pass phrase:
    Verifying - Enter PEM pass phrase:
    -----
    You are about to be asked to enter information that will be incorporated
    into your certificate request.
    What you are about to enter is what is called a Distinguished Name or a DN.
    There are quite a few fields but you can leave some blank
    For some fields there will be a default value,
    If you enter '.', the field will be left blank.
    -----
    Country Name (2 letter code) [GB]:TW
    State or Province Name (full name) [Berkshire]:
    Locality Name (eg, city) [Newbury]:TC
    Organization Name (eg, company) [My Company Ltd]:MyOrgName
    Organizational Unit Name (eg, section) []:home
    Common Name (eg, your name or your server's hostname) []:home
    Email Address []:[email protected]
    
    Please enter the following 'extra' attributes
    to be sent with your certificate request
    A challenge password []:123456
    An optional company name []:home
    Using configuration from /etc/pki/tls/openssl.cnf
    Enter pass phrase for ../../CA/private/cakey.pem:
    Check that the request matches the signature
    Signature ok
    Certificate Details:
            Serial Number:
                f7:5b:cd:79:c8:c9:e1:1e
            Validity
                Not Before: Jan 15 13:22:30 2009 GMT
                Not After : Jan 15 13:22:30 2012 GMT
            Subject:
                countryName               = TW
                stateOrProvinceName       = Berkshire
                organizationName          = MyOrgName
                organizationalUnitName    = home
                commonName                = home
                emailAddress              = [email protected]
            X509v3 extensions:
                X509v3 Subject Key Identifier:
                    6D:30:48:B1:5E:5C:D9:88:58:97:9F:39:B7:6C:49:21:6B:7F:28:4D
                X509v3 Authority Key Identifier:
                    keyid:6D:30:48:B1:5E:5C:D9:88:58:97:9F:39:B7:6C:49:21:6B:7F:28:4D
                    DirName:[email protected]me.net
                    serial:F7:5B:CD:79:C8:C9:E1:1E
    
                X509v3 Basic Constraints:
                    CA:TRUE
    Certificate is to be certified until Jan 15 13:22:30 2012 GMT (1095 days)
    
    # cd ../../
    # openssl x509 -in CA/cacert.pem -days 3650 -out cacert.pem -signkey CA/private/cakey.pem
    # cp cacert.pem /etc/postfix/gmail
    # vi /etc/postfix/main.cf

    多加這一行

    smtp_tls_CAfile = /etc/postfix/gmail/cacert.pem

    存檔重新載入 Postfix

    service postfix reload

    使用 Seednet SMTP

    編輯 mail.cf:

    # for seednet SMTP
    relayhost = [tcts.seed.net.tw]:25
    smtp_sasl_auth_enable = yes
    smtp_sasl_password_maps = hash:/etc/postfix/saslpasswd_seednet
    smtp_sasl_security_options =
    

    建立密碼檔 saslpasswd_seednet

    tcts.seed.net.tw:25 [email protected]:thisispass
    

    繼續

    > chmod 0600 saslpasswd_seednet
    > postmap hash:/etc/postfix/saslpasswd_seednet
    

    重啟 postfix

    service postfix stop
    service postfix start 
    

    使用 Godaddy SMTP

    編輯 main.cf:

    # for Godaddy SMTP
    relayhost = [smtpout.secureserver.net]:3535
    smtp_sasl_auth_enable=yes
    smtp_sasl_password_maps = hash:/etc/postfix/saslpasswd_godaddy
    smtp_sasl_type = cyrus
    #smtp_sasl_mechanishm_filter=digest-md5
    #smtp_use_tls = yes
    smtp_sasl_security_options = noanonymous
    

    建立密碼檔 saslpasswd_godaddy

    smtpout.secureserver.net [email protected]:thisispass
    

    繼續

    > chmod 0600 saslpasswd_godaddy
    > postmap hash:/etc/postfix/saslpasswd_godaddy
    

    重啟 postfix

    service postfix stop
    service postfix start 
    
    Was this page helpful?
    標籤 (Edit tags)
    • No tags

    文件 1

    文件大小日期附件上傳者 
     postfixgmail.sh
    The script for setting gmail on postfix
    3.8 KB18:01, 23 Jun 2010alang動作
    您必須 登入 才能發佈評論。
    Powered by MindTouch Core