<![CDATA[Postfix 发信配置]]>安装 
sudo apt install postfix

sudo systemctl start postfix

主机名

1.修改系统主机名(可选)

hostnamectl set-hostname love4z.cn

2.修改 Postfix 配置

sudo nano /etc/postfix/main.cf

myhostname = love4z.cn

sudo systemctl restart postfix

DNS设置

SPF 记录

  • 记录类型: TXT
  • 主机记录: @
  • 记录值: v=spf1 mx ip4:yourIP4 ip6:yourIp6 -all

DMARC 记录

  • 记录类型: TXT
  • 主机记录: _dmarc
  • 记录值: v=DMARC1; p=quarantine;

Linux系统之sendmail 命令详解

]]>https://blog.clouldon.com/topic/20/postfix-发信配置RSS for NodeThu, 11 Jun 2026 10:51:38 GMTSat, 16 May 2026 02:31:45 GMT60<![CDATA[Reply to Postfix 发信配置 on Sat, 16 May 2026 02:32:08 GMT]]>SSL 加密

基础 TLS 设置

sudo nano /etc/postfix/main.cf

# 可以使用网站域名证书
smtpd_tls_cert_file = /your.pem
smtpd_tls_key_file = /your.key

smtpd_use_tls = yes

# encrypt 强制启用
smtpd_tls_security_level = may
smtpd_tls_auth_only = yes
smtpd_tls_loglevel = 1

smtp_tls_CAfile = /your.crt
smtp_tls_security_level = may
smtp_tls_loglevel = 1

开启 465 和 587 端口

sudo nano /etc/postfix/master.cf

submission inet n       -       y       -       -       smtpd
  -o syslog_name=postfix/submission
  -o smtpd_tls_security_level=encrypt
  -o smtpd_sasl_auth_enable=yes
smtps     inet  n       -       y       -       -       smtpd
  -o syslog_name=postfix/smtps
  -o smtpd_tls_wrappermode=yes
  -o smtpd_sasl_auth_enable=yes
]]>https://blog.clouldon.com/post/79https://blog.clouldon.com/post/79Sat, 16 May 2026 02:32:08 GMT<![CDATA[Reply to Postfix 发信配置 on Sat, 16 May 2026 02:31:58 GMT]]>DKIM 记录

开启DNSSEC
1.CloudFlare > love4z.cn > DNS > 设置 > 开启DNSSEC

2.腾讯云 > love4z.cn > 域名安全 > DNSSEC 管理 >!(先暂时关闭禁止更新锁)!<

将CloudFlare提供的DS 记录一一对应填入:

安装 OpenDKIM

sudo apt install opendkim opendkim-tools

生成密钥

mkdir /etc/opendkim

opendkim-genkey -s 2233 -d love4z.cn -D /etc/opendkim

编辑 /etc/opendkim.conf

SyslogSuccess       yes
LogWhy              yes

Domain              love4z.cn
Selector            2233
KeyFile             /etc/opendkim/2233.private
# 注释掉原本的 Socket local:...
Socket              inet:8891@localhost

InternalHosts       127.0.0.1, ::1

配置 DNS:
vi /etc/opendkim/2233.txt
若格式错误 删除括号内多余的空格换行和引号,使两段长字符串合并

  • 记录类型: TXT
  • 主机记录: 2233._domainkey
  • 记录值: v=DKIM1; k=sha256; p=MIIBIjANBg...

验证DNS配置

systemctl restart opendkim && opendkim-testkey -d love4z.cn -s 2233 -vvv

#应该返回
opendkim-testkey: using default configfile /etc/opendkim.conf
opendkim-testkey: key loaded from /etc/opendkim/2233.private
opendkim-testkey: checking key '2233._domainkey.love4z.cn'
opendkim-testkey: key secure
opendkim-testkey: key OK

配置 Postfix

vim /etc/postfix/main.cf

添加:

smtpd_milters = inet:127.0.0.1:8891
non_smtpd_milters = $smtpd_milters
milter_default_action = accept

测试发信
邮件原文显示 dkim=fail(No key) 意味私钥读取失败

chown opendkim:opendkim /etc/opendkim/2233.private
chmod 600 /etc/opendkim/2233.private
]]>https://blog.clouldon.com/post/78https://blog.clouldon.com/post/78Sat, 16 May 2026 02:31:58 GMT