Chinaunix首页 | 论坛 | 博客

linux乐园38699

首页 |  博文目录 |  关于我

4PwY6JP

  • 博客访问: 686868
  • 博文数量: 771
  • 博客积分: 5000
  • 博客等级: 大校
  • 技术积分: 4910
  • 用 户 组: 普通用户
  • 注册时间: 2008-09-18 11:35
文章分类

全部博文(771)

文章存档

2011年(1)

2008年(770)

我的朋友
最近访客
推荐博文
2008-1-14 22:03

分类:

2008-09-18 11:48:11

Q. How do I configure Sendmail email server to use SSL encryption for sending/receiving email? I have already obtained or received the required valid SSL certificate. It is stored in /etc/mail/ssl directory as follows:
SSL Keys and Certification files
=> /etc/mail/ssl/sendmail.pem
=> /etc/mail/ssl/ca-bundle.crt
Now how do I configure sendmail for SSL under Fedora Core or RHEL or Cent OS?
A. Sendmail is a mail transfer agent (MTA) and you need a valid SSL certificate on the server. Sendmail remains the most popular MTA on the Internet, although this is probably fading. Its popularity is due in part to its position as the standard MTA under most variants of the Unix operating system.
Sendmail can be configured to encrypt email via the secure socket layer (SSL) when you want to send and receives emails.
Open sendmail configuration file /etc/mail/sendmail.mc using text editor such as vi:
# vi /etc/mail/sendmail.mc
Now append/modify following directives:
define(`confCACERT_PATH',`/etc/mail/ssl/certs')
define(`confCACERT',`/etc/mail/ssl/ca-bundle.crt')
define(`confSERVER_CERT',`/etc/mail/ssl/sendmail.pem')
define(`confSERVER_KEY',`/etc/mail/ssl/sendmail.pem')
And make sure port is set to smtps (secure smtp i.e. port 465):
DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, M=s')dnl

Restart sendmail and secure pop3s/imapsType the following commands to restart sendmail and related services:
# /etc/init.d/sendmail restart
# chkconfig pop3s on
# chkconfig imaps on
# /etc/init.d/xinetd restart
pop3s and imaps will start from xinetd
How do I generate certificates locally for testing purpose only?If you don’t have certificates you can generates certificates locally on Cent OS/RHEL/Fedora Core. Type the following commands:
# cd /usr/share/ssl/certs
# make sendmail.pem
Now open sendmail /etc/mail/sendmail.mc config file and append/modify directives as follows:
define(`confCACERT_PATH',`/usr/share/ssl/certs')
define(`confCACERT',`/usr/share/ssl/certs/ca-bundle.crt')
define(`confSERVER_CERT',`/usr/share/ssl/certs/sendmail.pem')
define(`confSERVER_KEY',`/usr/share/ssl/certs/sendmail.pem')
DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, M=s')dnl
Restart [url=#restartsendmail]sendmail[/url] as discussed above.
Subscribe to our or to get all updates. You can Email this page to a friend.
Related Linux / UNIX FAQ:






.      
--------------------next---------------------

阅读(206) | 评论(0) | 转发(0) |
0

上一篇:2008-1-21 00:21

下一篇:欢迎阅读我的文章

给主人留下些什么吧!~~
关于我们 | 关于IT168 | 联系方式 | 广告合作 | 法律声明 | 免费注册

Copyright 2001-2010 ChinaUnix.net All Rights Reserved 北京皓辰网域网络信息技术有限公司. 版权所有

感谢所有关心和支持过ChinaUnix的朋友们

16024965号-6