\uae30\uc874 Postfix + Rspamd + Let’s Encrypt \ud658\uacbd\uc5d0\uc11c Dovecot\uc744 \uc774\uc6a9\ud574 POP3\/IMAP \uc11c\ube44\uc2a4\ub97c \ucd94\uac00\ud558\ub294 \ubc29\ubc95\uc744 \uc124\uba85\ud569\ub2c8\ub2e4.<\/p>\n
sudo apt update\nsudo apt install dovecot-core dovecot-imapd dovecot-pop3d<\/code><\/pre>\n2. Dovecot \uae30\ubcf8 \uc124\uc815<\/h2>\n2.1 \uba54\uc778 \uc124\uc815 \ud30c\uc77c \uc218\uc815<\/h3>\n
\/etc\/dovecot\/dovecot.conf<\/code> \ud30c\uc77c\uc744 \ud3b8\uc9d1\ud569\ub2c8\ub2e4:<\/p>\nsudo vi \/etc\/dovecot\/dovecot.conf<\/code><\/pre>\n\ub2e4\uc74c \ub0b4\uc6a9\uc744 \ucd94\uac00\ud558\uac70\ub098 \uc218\uc815\ud569\ub2c8\ub2e4:<\/p>\n
# \ud65c\uc131\ud654\ud560 \ud504\ub85c\ud1a0\ucf5c\nprotocols = imap pop3\n\n# \uba54\uc77c \uc800\uc7a5 \uc704\uce58 (Maildir \ud615\uc2dd)\nmail_location = maildir:~\/Maildir\n\n# \uc778\uc99d \uad00\ub828 \uc124\uc815\ndisable_plaintext_auth = yes\nauth_mechanisms = plain login\n\n# SSL\/TLS \uc124\uc815\nssl = required\nssl_cert = <\/etc\/letsencrypt\/live\/example.com\/fullchain.pem\nssl_key = <\/etc\/letsencrypt\/live\/example.com\/privkey.pem\n\n# \ucd5c\uc2e0 TLS \ud504\ub85c\ud1a0\ucf5c\ub9cc \uc0ac\uc6a9\nssl_min_protocol = TLSv1.2\nssl_cipher_list = ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384\nssl_prefer_server_ciphers = yes\n\n# DH \ud30c\ub77c\ubbf8\ud130 (\ubcf4\uc548 \uac15\ud654)\nssl_dh = <\/etc\/dovecot\/dh.pem<\/code><\/pre>\n2.2 SSL \uc778\uc99d\uc11c \uad8c\ud55c \uc124\uc815<\/h3>\n
Dovecot\uc774 Let’s Encrypt \uc778\uc99d\uc11c\uc5d0 \uc811\uadfc\ud560 \uc218 \uc788\ub3c4\ub85d \uad8c\ud55c\uc744 \uc124\uc815\ud569\ub2c8\ub2e4:<\/p>\n
sudo usermod -a -G ssl-cert dovecot\nsudo chmod 640 \/etc\/letsencrypt\/live\/example.com\/privkey.pem\nsudo chgrp ssl-cert \/etc\/letsencrypt\/live\/example.com\/privkey.pem<\/code><\/pre>\n2.3 DH \ud30c\ub77c\ubbf8\ud130 \uc0dd\uc131<\/h3>\n
\ubcf4\uc548\uc744 \uc704\ud574 DH \ud30c\ub77c\ubbf8\ud130\ub97c \uc0dd\uc131\ud569\ub2c8\ub2e4:<\/p>\n
sudo openssl dhparam -out \/etc\/dovecot\/dh.pem 2048\nsudo chmod 600 \/etc\/dovecot\/dh.pem<\/code><\/pre>\n3. \uc778\uc99d \uc124\uc815<\/h2>\n3.1 \uc778\uc99d \uc124\uc815 \ud30c\uc77c \uc218\uc815<\/h3>\n
\/etc\/dovecot\/conf.d\/10-auth.conf<\/code> \ud30c\uc77c\uc744 \ud3b8\uc9d1\ud569\ub2c8\ub2e4:<\/p>\nsudo vi \/etc\/dovecot\/conf.d\/10-auth.conf<\/code><\/pre>\n\ub2e4\uc74c \uc124\uc815\uc744 \ud655\uc778\ud558\uace0 \uc218\uc815\ud569\ub2c8\ub2e4:<\/p>\n
# \ud3c9\ubb38 \uc778\uc99d \ube44\ud65c\uc131\ud654 (SSL\/TLS\uc5d0\uc11c\ub9cc \ud5c8\uc6a9)\ndisable_plaintext_auth = yes\n\n# \uc778\uc99d \uba54\ucee4\ub2c8\uc998\nauth_mechanisms = plain login\n\n# \uc2dc\uc2a4\ud15c \uc0ac\uc6a9\uc790 \uc778\uc99d \ud65c\uc131\ud654\n!include auth-system.conf.ext<\/code><\/pre>\n3.2 \uc2dc\uc2a4\ud15c \uc0ac\uc6a9\uc790 \uc778\uc99d \uc124\uc815<\/h3>\n
\/etc\/dovecot\/conf.d\/auth-system.conf.ext<\/code> \ud30c\uc77c\uc744 \ud655\uc778\ud569\ub2c8\ub2e4:<\/p>\nsudo vi \/etc\/dovecot\/conf.d\/auth-system.conf.ext<\/code><\/pre>\n\uae30\ubcf8 \uc124\uc815\uc774 \uc62c\ubc14\ub978\uc9c0 \ud655\uc778\ud569\ub2c8\ub2e4:<\/p>\n
passdb {\n driver = pam\n}\n\nuserdb {\n driver = passwd\n}<\/code><\/pre>\n4. \uba54\uc77c\ubc15\uc2a4 \uc124\uc815<\/h2>\n4.1 \uba54\uc77c\ubc15\uc2a4 \uc704\uce58 \uc124\uc815<\/h3>\n
\/etc\/dovecot\/conf.d\/10-mail.conf<\/code> \ud30c\uc77c\uc744 \ud3b8\uc9d1\ud569\ub2c8\ub2e4:<\/p>\nsudo vi \/etc\/dovecot\/conf.d\/10-mail.conf<\/code><\/pre>\n\ub2e4\uc74c \uc124\uc815\uc744 \ucd94\uac00\ud558\uac70\ub098 \uc218\uc815\ud569\ub2c8\ub2e4:<\/p>\n
# Maildir \ud615\uc2dd \uc0ac\uc6a9\nmail_location = maildir:~\/Maildir\n\n# \uba54\uc77c\ubc15\uc2a4 \uc790\ub3d9 \uc0dd\uc131\nmail_home = \/home\/%u\n# mail_uid = 1000\n# mail_gid = 1000\n\n# \ub124\uc784\uc2a4\ud398\uc774\uc2a4 \uc124\uc815\nnamespace inbox {\n type = private\n separator = \/\n prefix = \n inbox = yes\n\n mailbox Drafts {\n special_use = \\Drafts\n auto = subscribe\n }\n mailbox Junk {\n special_use = \\Junk\n auto = subscribe\n }\n mailbox Sent {\n special_use = \\Sent\n auto = subscribe\n }\n mailbox Trash {\n special_use = \\Trash\n auto = subscribe\n }\n}<\/code><\/pre>\n5. POP3\/IMAP \ud504\ub85c\ud1a0\ucf5c \uc124\uc815<\/h2>\n5.1 IMAP \uc124\uc815<\/h3>\n
\/etc\/dovecot\/conf.d\/20-imap.conf<\/code> \ud30c\uc77c\uc744 \ud3b8\uc9d1\ud569\ub2c8\ub2e4:<\/p>\nsudo vi \/etc\/dovecot\/conf.d\/20-imap.conf<\/code><\/pre>\nprotocol imap {\n # IMAP \ud074\ub77c\uc774\uc5b8\ud2b8 \ucd5c\ub300 \uc5f0\uacb0 \uc218\n mail_max_userip_connections = 10\n\n # IDLE \uba85\ub839 \uc9c0\uc6d0 (\uc2e4\uc2dc\uac04 \ud478\uc2dc)\n # imap_idle = yes\n\n # IMAP \ud50c\ub7ec\uadf8\uc778\n mail_plugins = $mail_plugins imap_quota\n}<\/code><\/pre>\n5.2 POP3 \uc124\uc815<\/h3>\n
\/etc\/dovecot\/conf.d\/20-pop3.conf<\/code> \ud30c\uc77c\uc744 \ud3b8\uc9d1\ud569\ub2c8\ub2e4:<\/p>\nsudo vi \/etc\/dovecot\/conf.d\/20-pop3.conf<\/code><\/pre>\nprotocol pop3 {\n # POP3 \uc0ac\uc6a9\uc790\ub2f9 \ucd5c\ub300 \uc5f0\uacb0 \uc218\n mail_max_userip_connections = 3\n\n # \uba54\uc77c \uc0ad\uc81c \ud6c4\uc5d0\ub3c4 \uc11c\ubc84\uc5d0 \ubcf4\uad00 (\uc120\ud0dd\uc0ac\ud56d)\n # pop3_uidl_format = %08Xu%08Xv\n\n # POP3 \ud50c\ub7ec\uadf8\uc778\n mail_plugins = $mail_plugins\n}<\/code><\/pre>\n5.3 Postfix \uc11c\ubc84 \ucd94\uac00 \uc124\uc815<\/h3>\nsudo vi \/etc\/postfix\/main.cf\n......\nsmtpd_relay_restrictions =\n permit_mynetworks,\n permit_sasl_authenticated,\n defer_unauth_destination\n......\nsmtpd_sasl_type = dovecot\nsmtpd_sasl_path = private\/auth\nsmtpd_sasl_auth_enable = yes\nsmtpd_sasl_security_options = noanonymous, noplaintext\nsmtpd_sasl_tls_security_options = noanonymous\n\nsmtpd_recipient_restrictions =\n permit_mynetworks,\n permit_sasl_authenticated,\n reject_unauth_destination\n......<\/code><\/pre>\nsudo vi \/etc\/dovecot\/conf.d\/10-master.conf\n......\nservice auth {\n unix_listener \/var\/spool\/postfix\/private\/auth {\n mode = 0660\n user = postfix\n group = postfix\n }\n}\n......<\/code><\/pre>\n\uc774\uba54\uc77c \ubc1c\uc1a1 PC \uc758 \uc544\uc774\ud53c\ub97c \uc81c\ud55c\ud560 \uc218 \uc5c6\uc73c\uba74 \ubaa8\ub4e0 \uc544\uc774\ud53c\ub97c \ud5c8\uc6a9\ud574\uc57c \ud569\ub2c8\ub2e4.<\/p>\n
sudo vi \/etc\/opendkim\/TrustedHosts\n......\n0.0.0.0\/0<\/code><\/pre>\nsudo systemctl restart opendkim\nsudo systemctl restart dovecot\nsudo systemctl restart postfix\nsudo systemctl status postfix\n<\/code><\/pre>\n6. \ubc29\ud654\ubcbd \uc124\uc815<\/h2>\n
\uba54\uc77c \uc11c\ube44\uc2a4 \ud3ec\ud2b8\ub97c \ubc29\ud654\ubcbd\uc5d0\uc11c \ud5c8\uc6a9\ud569\ub2c8\ub2e4:<\/p>\n
# IMAP\nsudo ufw allow 143\/tcp\nsudo ufw allow 993\/tcp\n\n# POP3\nsudo ufw allow 110\/tcp\nsudo ufw allow 995\/tcp\n\n# \ubc29\ud654\ubcbd \uaddc\uce59 \ud655\uc778\nsudo ufw status<\/code><\/pre>\n7. \uc11c\ube44\uc2a4 \uc2dc\uc791 \ubc0f \ud655\uc778<\/h2>\n7.1 \uc11c\ube44\uc2a4 \uc7ac\uc2dc\uc791<\/h3>\nsudo systemctl restart dovecot\nsudo systemctl restart postfix\nsudo systemctl enable dovecot<\/code><\/pre>\n7.2 \uc11c\ube44\uc2a4 \uc0c1\ud0dc \ud655\uc778<\/h3>\nsudo systemctl status dovecot\nsudo systemctl status postfix<\/code><\/pre>\n7.3 \ud3ec\ud2b8 \ub9ac\uc2a4\ub2dd \ud655\uc778<\/h3>\nsudo netstat -tlnp | grep -E ":(110|143|993|995)"<\/code><\/pre>\n8. \ud14c\uc2a4\ud2b8<\/h2>\n8.1 \ub85c\uceec \uc5f0\uacb0 \ud14c\uc2a4\ud2b8<\/h3>\n# IMAP \ud14c\uc2a4\ud2b8\ntelnet localhost 143\n\n# POP3 \ud14c\uc2a4\ud2b8 \ntelnet localhost 110<\/code><\/pre>\n8.2 SSL\/TLS \uc5f0\uacb0 \ud14c\uc2a4\ud2b8<\/h3>\n# IMAPS \ud14c\uc2a4\ud2b8\nopenssl s_client -connect example.com:993 -servername example.com\n\n# POP3S \ud14c\uc2a4\ud2b8\nopenssl s_client -connect example.com:995 -servername example.com<\/code><\/pre>\n8.3 \uc774\uba54\uc77c \ubc1c\uc1a1\ud14c\uc2a4\ud2b8<\/h3>\n
--auth-user user@example.com \\<\/code> \ubd80\ubd84\uc740 --auth-user user \\<\/code> \uc778 \uacbd\uc6b0\ub3c4 \uc788\uc2b5\ub2c8\ub2e4.<\/p>\nsudo apt update\nsudo apt install swaks\n\n# SMTP(587\/STARTTLS) \uc778\uc99d \ud14c\uc2a4\ud2b8\nswaks --to recipient@example.com \\\n --from user@example.com \\\n --server mail.example.com \\\n --port 587 \\\n --auth LOGIN \\\n --auth-user user@example.com \\\n --auth-password '\ud328\uc2a4\uc6cc\ub4dc' \\\n --tls \\\n --header "Subject: \ud14c\uc2a4\ud2b8 \uba54\uc77c" \\\n --body "\uc774\uac83\uc740 \ud14c\uc2a4\ud2b8 \uba54\uc77c\uc785\ub2c8\ub2e4."\n\n# SMTPS(465\/SSL) \ud14c\uc2a4\ud2b8\nswaks --to recipient@example.com \\\n --from user@example.com \\\n --server mail.example.com \\\n --port 465 \\\n --auth LOGIN \\\n --auth-user user@example.com \\\n --auth-password '\ud328\uc2a4\uc6cc\ub4dc' \\\n --tls-on-connect \\\n --header "Subject: SMTPS \ud14c\uc2a4\ud2b8" \\\n --body "SMTPS(465) \ud3ec\ud2b8 \ud14c\uc2a4\ud2b8\uc785\ub2c8\ub2e4."<\/code><\/pre>\n9. \ub85c\uadf8 \ud655\uc778<\/h2>\n
\ubb38\uc81c \ubc1c\uc0dd \uc2dc \ub85c\uadf8\ub97c \ud655\uc778\ud569\ub2c8\ub2e4:<\/p>\n
# Dovecot \ub85c\uadf8\nsudo journalctl -u dovecot -f\n\n# \uba54\uc77c \ub85c\uadf8\nsudo tail -f \/var\/log\/mail.log<\/code><\/pre>\n10. \ud074\ub77c\uc774\uc5b8\ud2b8 \uc124\uc815 \uc815\ubcf4<\/h2>\n
\uc774\uba54\uc77c \ud074\ub77c\uc774\uc5b8\ud2b8\uc5d0\uc11c \uc0ac\uc6a9\ud560 \uc124\uc815 \uc815\ubcf4:<\/p>\n
IMAP \uc124\uc815<\/h3>\n\n- \uc11c\ubc84: example.com<\/li>\n
- \ud3ec\ud2b8: 993 (IMAPS) \ub610\ub294 143 (STARTTLS)<\/li>\n
- \ubcf4\uc548: SSL\/TLS \ub610\ub294 STARTTLS<\/li>\n
- \uc778\uc99d: \uc77c\ubc18 \ube44\ubc00\ubc88\ud638<\/li>\n<\/ul>\n
POP3 \uc124\uc815<\/h3>\n\n- \uc11c\ubc84: example.com <\/li>\n
- \ud3ec\ud2b8: 995 (POP3S) \ub610\ub294 110 (STARTTLS)<\/li>\n
- \ubcf4\uc548: SSL\/TLS \ub610\ub294 STARTTLS<\/li>\n
- \uc778\uc99d: \uc77c\ubc18 \ube44\ubc00\ubc88\ud638<\/li>\n<\/ul>\n
SMTP \uc124\uc815<\/h3>\n\n- \uc11c\ubc84: example.com<\/li>\n
- \ud3ec\ud2b8: 587 (STARTTLS) \ub610\ub294 465 (SMTPS)<\/li>\n
- \ubcf4\uc548: STARTTLS \ub610\ub294 SSL\/TLS<\/li>\n
- \uc778\uc99d: \ud544\uc694<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"
Postfix \uc124\uce58 – Dovecot POP3\/IMAP \uc11c\ube44\uc2a4 \uad6c\ucd95 \uae30\uc874 Postfix + Rspamd + Let’s Encrypt \ud658\uacbd\uc5d0\uc11c Dovecot\uc744 \uc774\uc6a9\ud574 POP3\/IMAP \uc11c\ube44\uc2a4\ub97c \ucd94\uac00\ud558\ub294 \ubc29\ubc95\uc744 \uc124\uba85\ud569\ub2c8\ub2e4. \ud658\uacbd \uc815\ubcf4 \uc6b4\uc601\uccb4\uc81c: Ubuntu Server \uae30\uc874 \uad6c\uc131: Postfix + Rspamd + Let’s Encrypt SSL \ucd94\uac00 \uad6c\uc131: Dovecot (POP3\/IMAP) \ub3c4\uba54\uc778: example.com \uba54\uc77c \uc11c\ubc84: mail.example.com 1. Dovecot \uc124\uce58 sudo apt update sudo apt install dovecot-core\u2026 Read More »<\/a><\/span><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-10831","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/10831","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=10831"}],"version-history":[{"count":21,"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/10831\/revisions"}],"predecessor-version":[{"id":10852,"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/10831\/revisions\/10852"}],"wp:attachment":[{"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=10831"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=10831"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=10831"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}