測試環境:
CentOS Linux release 7.6.1810
ossec 3.6.10
1、wazuh服務器上安裝postfii及相關服務
yum install -y postfix mailx cyrus-sasl cyrus-sasl-plain
2、修改postfix配置文件
# vi /etc/postfix/main.cf
command_directory = /usr/sbin
data_directory = /var/lib/postfix
mail_owner = postfix
home_mailbox = /home/ossec/mail
myhostname = qiyeyou.com
mydomain = qiyeyou.com
myorigin = $mydomain
mydestination = $mydoamin
relayhost = [smtp.exmail.qq.com]:587 #這裏使用SSL 587端口,465端口沒有測試通
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_tls_CAfile = /etc/ssl/certs/ca-bundle.crt
smtp_use_tls = yes
smtp_sender_dependent_authentication = yes
smtp_generic_maps = hash:/etc/postfix/generic
3、生成sasl_passwd文件
# vi etc/postfix/sasl_passwd
[smtp.exmail.qq.com]:587 [email protected]:mypassword
4、生成generic文件,用於將所有系統發送郵箱都轉換成[email protected]
# vi etc/postfix/generic
@hostname [email protected]
root@xxxx [email protected](神來之筆)
這裏有個小技巧,如果不知道hostname是什麼,可以先發一封測試郵件,此時root下是使用hostname發送的,然後查看tail -f /var/log/maillog裏的from值,就能獲取到@hostname是什麼了
5、postmap生成hash數據庫
# postmap /etc/postfix/generic
# postmap /etc/postfix/sasl_passwd
6、修改文件歸屬及權限
# chown root:root /etc/postfix/sasl_passwd /etc/postfix/sasl_passwd.db
# chown root:root /etc/postfix/generic /etc/postfix/generic.db
# chmod 400 /etc/postfix/sasl_passwd
# chmod 400 /etc/postfix/generic
# chmod 0600 /etc/postfix/sasl_passwd.db
# chmod 0600 /etc/postfix/generic.db
8、重啓postfix
# systemctl reload postfix
9、測試postfix配置
echo 'This is a test mail' | mail -s 'This is a test mail' [email protected]
10、修改/var/ossec/ossec.conf文件
# vi /var/ossec/ossec.conf
<global>
<email_notification>yes</email_notification>
<smtp_server>localhost</smtp_server>
<email_from>[email protected]</email_from>
<email_to>[email protected]</email_to>
</global>
剛好遇到不能發郵件的問題,就做個筆記!
轉載文章: https://www.jianshu.com/p/fd92e2226d31
參考鏈接: https://documentation.wazuh.com/3.13/user-manual/manager/manual-email-report/smtp_authentication.html