用POP認證寄信 – Postfix + pop-before-smtp

一般我們用收發信軟體寄信時，會需要勾選SMTP伺服器認證才能成功寄信

平常我們收信是透過 pop協定的，如果搭配了 pop-before-smtp，故名思意就是在smtp認證之前就使用了 pop認證了，

這個 pop before smtp就是要在收信的時後就順便認證了，就不用再smtp伺服器認證了

CentOS 4

[1.] 安裝套件

        yum install perl-TimeDate perl-Net-Netmask perl-DB_File

        yum install pop-before-smtp

        rpm -ql pop-before-smtp

/etc/pop-before-smtp-conf.pl
/etc/rc.d/init.d/pop-before-smtp
/usr/sbin/pop-before-smtp
/usr/share/doc/pop-before-smtp-1.41
/usr/share/doc/pop-before-smtp-1.41/ChangeLog
/usr/share/doc/pop-before-smtp-1.41/README
/usr/share/doc/pop-before-smtp-1.41/README.QUICKSTART
/usr/share/doc/pop-before-smtp-1.41/README.rootless-install
/usr/share/doc/pop-before-smtp-1.41/pop-before-smtp-conf.pl
/usr/share/man/man8/pop-before-smtp.8.gz

[2.] vi /etc/pop-before-smtp-conf.pl

# Set $debug to output some extra log messages (if logging is enabled).

$debug = 1;

$logto = '/var/log/pop-before-smtp';

# Override the DB hash file we will create/update (".db" gets appended).

$dbfile = '/etc/postfix/pop-before-smtp';

# A 30-minute grace period before the IP address is expired.

$grace = 30*60;

# Set the log file we will watch for pop3d/imapd records.

$file_tail{'name'} = '/var/log/maillog';

# For Dovecot POP3/IMAP when using syslog.
$pat = '^[LOGTIME] S+ (?:dovecot: )?(?:imap|pop3)-login: ' .
    'Login: .*? (?:[|rip=)[:f]*(d+.d+.d+.d+)[],]';

      注意: $pats變數 for Dovecot POP3/IMAP的系統記錄是 syslog還是 dovecot.log

[3.] 測試 pop-before-smtp

       顯示設定檔資訊

           pop-before-smtp –dumpconfig

config file: /etc/pop-before-smtp-conf.pl
watchlog: /var/log/maillog
dbfile: /etc/postfix/pop-before-smtp
logto: /var/log/pop-before-smtp
pat: "^[LOGTIME] S+ (?:dovecot: )?(?:imap|pop3)-login: Login: .*? (?:[|rip=)[:f]*(d+.d+.d+.d+)[],]"
logtime_pat: "(www +d+ d+:d+:d+)"

       測試 $pat是否正確

            pop-before-smtp –debug –nowrite –reprocess

Jan 28 14:08:25 starting up
Jan 28 14:08:25 Using 2 values for pre-authorized networks: `168.100.189.0/28', `127.0.0.0/8'
Jan 28 14:08:26 startup log-scan complete

        啟動

           service pop-before-smtp start

[3.] 設定postfix

        vi /etc/postfix/main.cf

smtpd_recipient_restrictions = permit_mynetworks,reject_non_fqdn_recipient,
    check_client_access hash:/etc/postfix/pop-before-smtp,
    reject_unauth_destination

       postfix reload

[4.] Outlook，一般 Smtp Auth時需要勾選"我的伺服器需要驗證"，pop-before-smtp則不用勾選。

       當收信時可在 server上下指令看到資訊

       pop-before-smtp –list

The database holds 1 IP:
        220.132.155.223

       而 /var/log/pop-before-smtp

Jan 28 14:03:12 found ip=220.132.155.223 (0)
Jan 28 14:03:12 setting expiration time for ip=220.132.155.223 to 1169965989

http://popbsmtp.sourceforge.net/quickstart.shtml

http://linux.vbird.org/somepaper/20060111-pop-before-smpt.html