######郵件部分######
6.限制用戶發送
1.過濾sender
[root@westos-mail ~]# postconf -d | grep sender
2.hash加密
[root@westos-mail ~]# postconf -e "smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender"
[root@westos-mail ~]# vim /etc/postfix/sender ##添加拒絕的用戶
1 [email protected] REJECT ##拒絕[email protected] 發送郵件(但可以接收)
[root@westos-mail ~]# postmap /etc/postfix/sender ##加密生成.db文件
[root@westos-mail ~]# cd /etc/postfix/
[root@westos-mail postfix]# ls
access header_checks relocated virtual
access.db main.cf sender
canonical master.cf sender.db
generic moreuser transport
[root@westos-mail postfix]# systemctl restart postfix.service
測試:
[kiosk@foundation13 Desktop]$ telnet 172.25.254.113 25
Trying 172.25.254.113...
Connected to 172.25.254.113.
Escape character is '^]'.
220 westos-mail.westos.com ESMTP Postfix
mail from:[email protected]
250 2.1.0 Ok
rcpt to:[email protected]
554 5.7.1 <unknown[172.25.254.13]>: Client host rejected: Access denied
Connection closed by foreign host.
[kiosk@foundation13 Desktop]$
7.限制用戶接收
[root@westos-mail postfix]# postconf -e "smtpd_recipient_restrictions = check_recipient_access hash:/etc/postfix/recip"
[root@westos-mail postfix]# vim /etc/postfix/recip
[email protected] REJECT ##限制此用戶接收
~
[root@westos-mail postfix]# postmap /etc/postfix/recip
[root@westos-mail postfix]# systemctl restart postfix.service
測試:
1)westos作爲發送端
[kiosk@foundation13 Desktop]$ telnet 172.25.254.113 25
Trying 172.25.254.113...
Connected to 172.25.254.113.
Escape character is '^]'.
220 westos-mail.westos.com ESMTP Postfix
mail from:[email protected]
250 2.1.0 Ok
rcpt to:[email protected]
250 2.1.5 Ok
data
354 End data with <CR><LF>.<CR><LF>
haha
.
250 2.0.0 Ok: queued as F3FAA246207
quit##發送成功
221 2.0.0 Bye
Connection closed by foreign host.
2)westos作爲接收端
[kiosk@foundation13 Desktop]$ telnet 172.25.254.113 25
Trying 172.25.254.113...
Connected to 172.25.254.113.
Escape character is '^]'.
220 westos-mail.westos.com ESMTP Postfix
mail from:[email protected]
250 2.1.0 Ok
rcpt to:[email protected]
554 5.7.1 <unknown[172.25.254.13]>: Client host rejected: Access denied ##接收被拒
8.出站地址僞裝
[root@westos-mail postfix]# postconf -e "smtp_generic_maps = hash:/etc/postfix/generic"
[root@westos-mail postfix]# vim /etc/postfix/main.cf
[root@westos-mail postfix]# vim /etc/postfix/generic
241 [email protected] [email protected]
[root@westos-mail postfix]# postmap /etc/postfix/generic
[root@westos-mail postfix]# systemctl restart postfix.service
測試:
[root@westos-mail postfix]# su - westos
[westos@westos-mail postfix]$ mail [email protected]
Subject: wq
wqq
.
EOT
[root@qq-mail ~]# mail
Heirloom Mail version 12.5 7/5/10. Type ? for help.
"/var/spool/mail/root": 1 messages 1 new 3
>N 1 [email protected] Sat May 20 22:30 21/718 "wq"
& 1
Message 1:
From [email protected] Sat May 20 22:30:30 2017
Return-Path: <[email protected]>
X-Original-To: [email protected]
Delivered-To: [email protected]
Date: Sat, 20 May 2017 22:30:29 -0400
Subject: wq
User-Agent: Heirloom mailx 12.5 7/5/10
Content-Type: text/plain; charset=us-ascii
From: [email protected]
Status: R
wqq
& q
Held 1 messages in /var/spool/mail/root
You have mail in /var/spool/mail/root
9.入站地址轉換
dns mx 記錄解析先做好
[root@westos-mail postfix]$ vim /etc/named.rfc1912.zones
[root@westos-mail named]# cp qq.com.zone haha.com.zone -p
[root@westos-mail named]# vim haha.com.zone
[root@westos-mail named]# systemctl restart named
[root@westos-mail named]# postconf -e "virtual_alias_maps = hash:/etc/postfix/virtual"
[root@westos-mail named]# vim /etc/postfix/virtual
[email protected] [email protected]
虛擬名字 真實用戶
[root@westos-mail postfix]# postmap /etc/postfix/virtual ##生成加密的.db文件
[root@westos-mail postfix]# systemctl restart postfix.service
測試:
[root@qq-mail postfix]# mail [email protected]
Subject: qqq
qqq
.
EOT
[root@westos-mail named]# mail -u westos
Heirloom Mail version 12.5 7/5/10. Type ? for help.
"/var/mail/westos": 4 messages 1 new
1 root Sat May 20 23:36 20/574 "adf"
2 root Sun May 21 00:49 19/567 "wq"
3 root Sun May 21 01:18 19/568 "hao"
>N 4 root Sun May 21 01:24 21/710 "qqq"
& 4
Message 4:
From [email protected] Sun May 21 01:24:30 2017
Return-Path: <[email protected]>
X-Original-To: [email protected] ##發送方顯示的用戶
Delivered-To: [email protected] ##實際發送的用戶
Date: Sun, 21 May 2017 01:24:29 -0400
Subject: qqq
User-Agent: Heirloom mailx 12.5 7/5/10
Content-Type: text/plain; charset=us-ascii
From: [email protected] (root)
Status: R
qqq
& q
Held 4 messages in /var/mail/westos