Pulogalamu ya ProHoster > Blog > nkhani zapaintaneti > Kutulutsidwa kwa seva ya Postfix 3.6.0

Kutulutsidwa kwa seva ya Postfix 3.6.0

Pambuyo pa chaka cha chitukuko, nthambi yatsopano yokhazikika ya seva ya postfix inatulutsidwa - 3.6.0. Nthawi yomweyo, idalengeza kutha kwa thandizo la nthambi ya Postfix 3.2, yomwe idatulutsidwa koyambirira kwa 2017. Postfix ndi imodzi mwama projekiti osowa omwe amaphatikiza chitetezo chambiri, kudalirika komanso magwiridwe antchito nthawi yomweyo, zomwe zidatheka chifukwa cha zomangamanga zomwe zidaganiziridwa bwino komanso mfundo yokhwima yopangira ma code ndi kuwunika kwa zigamba. Khodi ya polojekitiyi imagawidwa pansi pa EPL 2.0 (Eclipse Public License) ndi IPL 1.0 (IBM Public License).

Malinga ndi kafukufuku wodziyimira pawokha wa Epulo wama seva pafupifupi 600, Postfix imagwiritsidwa ntchito pa 33.66% (chaka chapitacho 34.29%) ya ma seva, gawo la Exim ndi 59.14% (57.77%), Sendmail - 3.6% (3.83) %), MailEnable - 2.02% ( 2.12%), MDaemon - 0.60% (0.77%), Microsoft Exchange - 0.32% (0.47%).

Zatsopano zazikulu:

  • Chifukwa cha kusintha kwa ma protocol amkati omwe amagwiritsidwa ntchito polumikizana pakati pa zigawo za Postfix, kuyimitsa seva yamakalata ndi lamulo la "postfix stop" ndikofunikira musanasinthe. Kupanda kutero, pakhoza kukhala zolephera mukamalumikizana ndi kujambula, qmgr, tsimikizirani, tlsproxy, ndi njira zowonera, zomwe zingayambitse kuchedwa kutumiza maimelo mpaka Postfix itayambikanso.
  • Kutchulidwa kwa mawu akuti “oyera” ndi “wakuda,” amene anthu ena a m’deralo amawaona kukhala kusankhana mitundu, kwathetsedwa. M'malo mwa "whitelist" ndi "blacklist", "allowlist" ndi "denylist" ziyenera kugwiritsidwa ntchito (mwachitsanzo, magawo postscreen_allowlist_interfaces, postscreen_denylist_action ndi postscreen_dnsbl_allowlist_threshold). Zosinthazo zimakhudza zolemba, zoikidwiratu za postscreen process (zomanga-zozimitsa moto) ndikuwonetsa zidziwitso m'zipika. postfix/postscreen[pid]: ALLOWLIST VETO [address]:port postfix/postscreen[pid]: ALLOWLISTED [address]:port postfix/postscreen[pid]: DENYLISTED [address]:port

    Kuti musunge mawu am'mbuyomu muzolemba, gawo la "respectful_logging = no" limaperekedwa, lomwe liyenera kufotokozedwa main.cf pamaso pa "compatibility_level = 3.6". Thandizo la mayina akale azithunzi zazithunzi zasungidwa kuti zigwirizane ndi kumbuyo. Komanso, fayilo yosinthira "master.cf" yakhala yosasinthika pakadali pano.

  • Mu "compatibility_level = 3.6" mode, kusintha kosasintha kunapangidwa kuti agwiritse ntchito SHA256 hashi ntchito m'malo mwa MD5. Ngati muyika mtundu wakale mu compatibility_level parameter, MD5 ikupitilizabe kugwiritsidwa ntchito, koma pazosintha zokhudzana ndi kugwiritsa ntchito ma hashes momwe ma algorithm sanatchulidwe momveka bwino, chenjezo lidzawonetsedwa mu chipika. Thandizo la mtundu wotumizira wa Diffie-Hellman key exchange protocol wathetsedwa (mtengo wa tlsproxy_tls_dh512_param_file parameter tsopano wanyalanyazidwa).
  • Kuzindikira kosavuta kwamavuto okhudzana ndi kutchula pulogalamu yolakwika ya master.cf. Kuti muwone zolakwika zotere, ntchito iliyonse yakumbuyo, kuphatikiza postdrop, tsopano imalengeza dzina la protocol musanayambe kulumikizana, ndipo njira iliyonse yamakasitomala, kuphatikiza kutumiza maimelo, imayang'ana kuti dzina la protocol lomwe lalengezedwa likufanana ndi zomwe zimathandizidwa.
  • Onjezani mtundu watsopano wamapu "local_login_sender_maps" kuti muzitha kuwongolera kagawidwe ka adilesi ya wotumiza (yoperekedwa mu lamulo la "MAIL KUCHOKERA" mu gawo la SMTP) kumayendedwe a kutumiza ndi kutumiza. Mwachitsanzo, kulola ogwiritsa ntchito am'deralo, kupatula mizu ndi postfix, kuti atchule malowedwe awo okha mu sendmail, pogwiritsa ntchito UID kumangiriza dzina, mutha kugwiritsa ntchito makonda awa: /etc/postfix/main.cf: local_login_sender_maps = inline :{{mizu = *} , {postfix = * }}, pcre:/etc/postfix/login_senders /etc/postfix/login_senders: # Kutchula malowedwe onse awiri ndi login@domain mawonekedwe amaloledwa. /(. +)/ $1 $1…@example.com
  • Kuwonjezedwa ndikuyatsidwa mwachisawawa makonzedwe a "smtpd_relay_before_recipient_restrictions=yes", momwe seva ya SMTP idzayang'ana smtpd_relay_restrictions pamaso pa smtpd_recipient_restrictions, osati mosemphanitsa, monga kale.
  • Wowonjezera parameter "smtpd_sasl_mechanism_list", yomwe imasinthidwa kukhala "! external, static: rest" kuti tipewe zolakwika zosokoneza pamene SASL backend imati imathandizira "EXTERNAL" mode, yomwe siyikuthandizidwa mu Postfix.
  • Mukathetsa mayina mu DNS, API yatsopano yomwe imathandizira multithreading (threadsafe) imayatsidwa mwachisawawa. Kuti mumange ndi API yakale, muyenera kufotokoza "pangani makefiles CCARGS="-DNO_RES_NCALLS ..." pomanga.
  • Kuwonjezedwa kwa "enable_threaded_bounces = inde" kuti mulowe m'malo mwa zidziwitso za zovuta zobweretsera, kuchedwa kubweretsa kapena kutsimikizira kutumiza ndi ID yofananira yokambirana (chidziwitsocho chidzawonetsedwa ndi kasitomala wamakalata mu ulusi womwewo, pamodzi ndi mauthenga ena amakalata).
  • Mwachikhazikitso, deta ya /etc/services system sikugwiritsidwanso ntchito kudziwa manambala a port a TCP a SMTP ndi LMTP. M'malo mwake, ziwerengero zamadoko zimakonzedwa kudzera pagulu lodziwika_tcp_ports (default lmtp=24, smtp=25, smtps=submissions=465, submission=587). Ngati ntchito ina ikusowa podziwika_tcp_ports, /etc/services ikupitiriza kugwiritsidwa ntchito.
  • Mulingo wofananira ("compatibility_level") wakwezedwa kukhala "3.6" (parameter idasinthidwa kawiri m'mbuyomu, kupatula 3.6 zomwe zimathandizidwa ndi 0 (zosasintha), 1 ndi 2). Kuyambira pano, "compatibility_level" isintha kukhala nambala yomwe idasinthidwa zomwe zimasemphana ndi kufanana. Kuti muwone milingo yofananira, ofananitsa osiyana awonjezedwa ku main.cf ndi master.cf, monga "<=level" ndi "<level" (oyerekeza ofananirako sali oyenera, popeza adzalingalira 3.10 zosakwana 3.9).

Source: opennet.ru

Kuwonjezera ndemanga