######################
##### postfix ##########
######################
電子郵件發送
l 服務器使用SMTP協議將電子郵件提交至TCP端口25,或由本地客戶端通過/usr/bin/sendmail程序進行提交。如果該MTA是最終目標位置,郵件將傳遞至MDA。否則,將使用MX記錄在DNS中查找下一個MTA,並使用SMTP進行轉發。
l MDA:“郵件發送代理”。MDA將郵件發送至收件人的本地郵件存儲位置(默認情況下是/var/spool/mail/user)。Postfix提供自己的MDA,以發送至基於文件的本地默認郵件存儲位置/usr/libexec/postfix/local.
l 轉發:電子郵件服務器(MTA)將提交的郵件轉發至另一個服務器,以進行發送
l 排隊:失敗的發送或轉發嘗試排隊等待,並由MTA定義重試。(默認情況下,Postfix每小時執行此操作一次)
l 拒絕:在首次提交期間,電子郵件被電子郵件服務器拒絕
l 退回:遠程服務器接受電子郵件以進行發送以後,又將該電子郵件退回給始發電子郵件服務器和/或用戶
l 電子郵件以進行發送以後,又將該電子郵件退回給始發電子郵件服務器和/或用戶
實驗準備:
兩臺虛擬機,ip分別爲172.25.254.100和172.25.254.200配置好yum源。
配置dns服務端
[root@westos-mail ~]# yum install bind -y
[root@westos-mail ~]# systemctl stop firewalld
[root@westos-mail named]# systemctl disable firewalld
[root@westos-mail ~]# vim /etc/named.conf
// listen-on port 53 { 127.0.0.1; };
// listen-on-v6 port 53 { ::1; };
// allow-query { localhost; };
dnssec-validation no;
[root@westos-mail named]# vim /etc/named.rfc1912.zones
zone "westos.com" IN {
type master;
file "westos.com.zone";
allow-update { none; };
};
zone "qq.com" IN {
type master;
file "qq.com.zone";
allow-update { none; };
};
[root@westos-mail named]# cp -p named.localhost westos.com.zone
[root@westos-mail named]# vim westos.com.zone
$TTL 1D
@ IN SOA dns.westos.com. root.westos.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.westos.com.
dns A 172.25.254.100
westos.com. MX 1 172.25.254.100.
[root@westos-mail named]# cp -p westos.com.zone qq.com.zone
[root@westos-mail named]# vim qq.com.zone
$TTL 1D
@ IN SOA dns.qq.com. root.qq.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.qq.com.
dns A 172.25.254.100
qq.com. MX 1 172.25.254.200
[root@westos-mail named]# vim /etc/resolv.conf
nameserver 172.25.254.100
[root@westos-mail named]# systemctl restart named
[root@westos-mail named]# dig -t mx westos.com
客戶端:
[root@qq-mail ~]# vim /etc/resolv.conf
[root@qq-mail ~]# dig -t mx qq.com
[root@qq-mail ~]# systemctl stop firewalld
[root@qq-mail ~]# systemctl disable firewalld
1.
postfix提供smtp協議用來投遞郵件,默認端口25
/var/log/maillog ##服務日誌
mail [email protected]
Subject: hello
hello world
. #用"."來結束錄入內容併發送
mailq ##查看郵件隊列
postqueue -f ##重新處理郵件隊列
netstat -antlpe | grep master
默認情況下郵件端口只在127.0.0.1上開啓
postsuper -d id ##刪除發件
> /var/spool/mail/root ##刪除收件
2.配置
[root@westos-mail ~]# vim /etc/postfix/main.cf
116 inet_interfaces = all ##25端口開啓的網絡接口
76 myhostname = westos-mail.westos.com ##指定mta主機名稱
83 mydomain = westos.com ##指定mta的域名
99 myorigin = $mydomain ##指定郵件來源結尾(@後面的字符內容)
164 mydestination = $myhostname, $mydomain, localhost ##接收郵件結尾字符的指定
systemctl restart postfix.service
systemctl stop firewalld
同理,qq-mail主機也進行配置。
測試:
[root@westos-mail named]# vim /etc/postfix/main.cf
[root@westos-mail named]# systemctl restart postfix.service
[root@westos-mail named]# mail [email protected]
Subject: asdf
s
.
EOT
[root@westos-mail named]# mailq
Mail queue is empty
[root@qq-mail ~]# mail
Heirloom Mail version 12.5 7/5/10. Type ? for help.
"/var/spool/mail/root": 1 message 1 new
>N 1 root Wed May 24 00:34 21/722 "asdf"
& q
3.郵件別名和羣發
[root@qq-mail ~]# vim /etc/aliases
別名: 真名 ##郵件別名
postalias /etc/aliases
systemctl restart postfix
[root@qq-mail ~]# vim /etc/aliases
別名: :include:filename ##郵件羣發
vim filename
user1
user2
postalias /etc/aliases ##生效
systemctl restart postfix
mail 別名
4.通過遠程主機測試郵件服務
[root@foundation60 Desktop]# yum install telnet -y
[root@foundation60 Desktop]$ telnet 172.25.254.100 25
Trying 172.25.254.100...
Connected to 172.25.254.100.
Escape character is '^]'.
220 westos-mail.westos.com ESMTP Postfix
ehlo hello ##測試連接
250-westos-mail.westos.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
mail from:[email protected] ##發送方
250 2.1.0 Ok
rcpt to:[email protected] ##接收方
250 2.1.5 Ok
data
354 End data with <CR><LF>.<CR><LF>
adsf
asdf
.
250 2.0.0 Ok: queued as 34C0124622B
查看
5.郵件客戶端的訪問控制
#限制客戶端
在mta上
postconf -e "smtpd_client_restrictions = check_client_access hash:/etc/postfix/access"
vim /etc/postfix/access
172.25.254.60 REJECT
postmap /etc/postfix/access
systemctl restart postfix
測試
##限制用戶發送
postconf -e "smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender"
vim /etc/postfix/sender
[email protected] REJECT
postmap /etc/postfix/sender
systemctl restart postfix
測試
[kiosk@foundation60 Desktop]$ telnet 172.25.254.100 25
Trying 172.25.254.100...
Connected to 172.25.254.100.
Escape character is '^]'.
220 westos-mail.westos.com ESMTP Postfix
mail from:[email protected]
250 2.1.0 Ok
rcpt to:[email protected]
554 5.7.1 <[email protected]>: Sender address rejected: Access denied
##限制用戶接收
postconf -e "smtpd_recipient_restrictions = check_recipient_access hash:/etc/postfix/recip"
vim /etc/postfix/recip
[email protected] REJECT
postmap /etc/postfix/recip
systemctl restart postfix
測試
[kiosk@foundation0 Desktop]$ telnet 172.25.254.100 25
Trying 172.25.254.100...
Connected to 172.25.254.100.
Escape character is '^]'.
220 westos-mail.westos.com ESMTP Postfix
mail from:[email protected]
250 2.1.0 Ok
rcpt to:[email protected]
250 2.1.5 Ok
data
354 End data with <CR><LF>.<CR><LF>
adsf
adsf
asdf
.
250 2.0.0 Ok: queued as DE17D2461EA
qiut
502 5.5.2 Error: command not recognized
mail from:[email protected]
250 2.1.0 Ok
rcpt to:[email protected]
554 5.7.1 <[email protected]>: Recipient address rejected: Access denied
##出站地址僞裝
[root@westos-mail ~]# postconf -e "smtp_generic_maps = hash:/etc/postfix/generic"
[root@westos-mail ~]# vim /etc/postfix/main.cf
[email protected] [email protected]
[root@westos-mail ~]# vim /etc/postfix/generic
[root@westos-mail ~]# postmap /etc/postfix/generic
[root@westos-mail ~]# systemctl restart postfix.service
測試
[root@westos-mail ~]# su - westos
[westos@westos-mail ~]$ mail [email protected]
Subject: haha
s
.
EOT
[westos@westos-mail ~]$ mailq
Mail queue is empty
[root@qq-mail ~]# mail
Heirloom Mail version 12.5 7/5/10. Type ? for help.
"/var/spool/mail/root": 1 message 1 new
>N 1 [email protected] Wed May 24 06:40 21/709 "haha"
& 1
Message 1:
From [email protected] Wed May 24 06:40:52 2017
Return-Path: <[email protected]>
X-Original-To: [email protected]
Delivered-To: [email protected]
Date: Wed, 24 May 2017 06:40:51 -0400
Subject: haha
User-Agent: Heirloom mailx 12.5 7/5/10
Content-Type: text/plain; charset=us-ascii
From: [email protected]
##入戰地址轉換
dns mx 記錄解析:
[root@westos-mail westos]# vim /etc/named.rfc1912.zones
[root@westos-mail westos]# cd /var/named/
[root@westos-mail named]# cp -p qq.com.zone sb.com.zone
[root@westos-mail named]# vim sb.com.zone
$TTL 1D
@ IN SOA dns.sb.com. root.sb.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.sb.com.
dns A 172.25.254.100
sb.com. MX 1 172.25.254.100.
[root@westos-mail named]# systemctl restart named
[root@westos-mail named]# dig -t mx sb.com
開始轉換:
[root@westos-mail named]# postconf -e "virtual_alias_maps = hash:/etc/postfix/virtual"
[root@westos-mail named]# vim /etc/postfix/virtual
虛擬名字 真實用戶
[email protected] [email protected]
[root@westos-mail named]# postmap /etc/postfix/virtual
[root@westos-mail named]# systemctl restart postfix.service
測試
[root@qq-mail ~]# mail [email protected]
Subject: hehe
w
.
EOT
[root@qq-mail ~]# mailq
[root@westos-mail named]# su - westos
Last login: Wed May 24 06:40:34 EDT 2017 on pts/1
[westos@westos-mail ~]$ mail
Heirloom Mail version 12.5 7/5/10. Type ? for help.
"/var/spool/mail/westos": 1 message 1 new
>N 1 root Wed May 24 06:59 21/703 "hehe"
& 1
Message 1:
From [email protected] Wed May 24 06:59:15 2017
Return-Path: <[email protected]>
X-Original-To: [email protected]
Delivered-To: [email protected]
Date: Wed, 24 May 2017 06:59:15 -0400
Subject: hehe
User-Agent: Heirloom mailx 12.5 7/5/10
Content-Type: text/plain; charset=us-ascii
From: [email protected] (root)
Status: R
#########################
####### dovecot #########
#########################
1.
dovecot 用來提供收件協議
pop3 110
imap 143
imaps 993
pop3s 995
給定用戶名稱,用戶密碼,dovecot程序代我們去看這個用戶的郵件文件
2.
[root@westos-mail ~]# yum install dovecot -y
3.
[root@westos-mail ~]# systemctl start dovecot
[root@westos-mail ~]# vim /etc/dovecot/dovecot.conf
24 protocols = imap pop3 lmtp ##使用協議
48 login_trusted_networks = 0.0.0.0/0 ##允許全網訪問
49 disable_plaintext_auth = no ##允許明文授權
[root@westos-mail ~]# vim /etc/dovecot/conf.d/10-mail.conf
30 mail_location = mbox:~/mail:INBOX=/var/mail/%u ##用戶郵件所在地址
[root@westos-mail ~]# systemctl restart dovecot
4.
[root@westos-mail ~]# id westos
uid=1001(westos) gid=1001(westos) groups=1001(westos)
[root@westos-mail ~]# passwd westos
[root@westos-mail ~]# su - westos
Last login: Wed May 24 06:58:35 EDT 2017 on pts/1
[westos@westos-mail ~]$ mkdir mail/.imap/ -p
[westos@westos-mail ~]$ touch mail/.imap/INBOX
[root@westos-mail ~]# su - westos
Last login: Wed May 24 06:58:35 EDT 2017 on pts/1
[westos@westos-mail ~]$ mkdir mail/.imap/ -p ##創建郵件的目錄
[westos@westos-mail ~]$ touch mail/.imap/INBOX
[westos@westos-mail ~]$ mail westos
Subject: hello
ww
.
EOT
[westos@westos-mail ~]$ mailq
Mail queue is empty
新建用戶郵件查看
[root@westos-mail ~]# mkdir /etc/skel/mail/.imap -p
[root@westos-mail ~]# touch /etc/skel/mail/.imap/INBOX
[root@westos-mail ~]# useradd huyan
[root@westos-mail ~]# cd /home/huyan
[root@westos-mail huyan]# ll
total 0
drwxr-xr-x. 3 huyan huyan 18 May 24 07:54 mail
[root@westos-mail huyan]# ls mail/ -a
. .. .imap
[root@westos-mail huyan]# ls mail/.imap/INBOX
mail/.imap/INBOX
[root@westos-mail huyan]# passwd huyan
[root@westos-mail huyan]# mail huyan
Subject: www
ww
.
EOT
[root@westos-mail huyan]# mailq
測試:
[root@qq-mail ~]# yum install mutt -y
[root@qq-mail ~]# mutt -f pop://[email protected] ##查看westos的郵件
[root@qq-mail ~]# mutt -f pop://[email protected]
#######################
###postfix+mariadb#####
#######################
1.重新配置postfix
[root@westos-mail ~]# mv /etc/postfix/main.cf /mnt
[root@westos-mail ~]# yum reinstall postfix.x86_64 -y
[root@westos-mail ~]# vim /etc/postfix/main.cf
116 inet_interfaces = all
76 myhostname = westos-mail.westos.com
83 mydomain = westos.com
99 myorigin = $mydomain
164 mydestination = $myhostname, $mydomain, localhost
[root@westos-mail ~]# systemctl restart postfix.service
2.安裝數據庫
[root@westos-mail ~]# yum install httpd php php-mysql mariadb-server -y
[root@westos-mail ~]# systemctl start mariadb
[root@westos-mail ~]# vim /etc/my.cnf
skip-networking=1
[root@westos-mail ~]# systemctl restart mariadb
[root@westos-mail ~]# mysql_secure_installation ##設置root用戶登錄數據庫密碼
[root@westos-mail ~]# cd /var/www/html
[root@westos-mail html]# ls
phpMyAdmin-3.4.0-all-languages.tar.bz2
[root@westos-mail html]# tar jxf phpMyAdmin-3.4.0-all-languages.tar.bz2
[root@westos-mail html]# rm -fr *.bz2
[root@westos-mail html]# mv phpMyAdmin-3.4.0-all-languages/ myadmin
[root@westos-mail html]# ls
myadmin
[root@westos-mail html]# cd myadmin/
[root@westos-mail myadmin]# cp config.sample.inc.php config.inc.php
[root@westos-mail myadmin]# vim config.inc.php
$cfg['blowfish_secret'] = 'mysql';
[root@westos-mail myadmin]# systemctl restart httpd
3.測試:
http://172.25.254.100/myadmin
寫入數據
4.
root用戶登錄數據庫
創建用戶和授權
5.
[root@westos-mail ~]# cd /etc/postfix/
[root@westos-mail postfix]# vim mailuser.cf ##用戶名稱查詢
host = localhos ##數據庫所在主機
user = postuser ##登陸數據庫的用戶
password = postuser ##登陸數據庫的密碼
dbname = email ##postfix要查詢的名稱
table = emailuser ##postfix要查詢的表的名稱
select_field = username ##postfix要查詢的字段
where_field = username ##用戶給定postfix的查詢條件
[root@westos-mail postfix]# postmap -q "[email protected]" mysql:/etc/postfix/mailuser.cf
[root@westos-mail postfix]# cp mailuser.cf maildomain.cf
[root@westos-mail postfix]# vim maildomain.cf##用戶域名查詢
host = localhost
user = postuser
password = postuser
dbname = email
table = emailuser
select_field = domain
where_field = domain
[root@westos-mail postfix]# postmap -q "hu.com" mysql:/etc/postfix/maildomain.cf
hu.com
[root@westos-mail postfix]# cp maildomain.cf mailbox.cf
[root@westos-mail postfix]# vim mailbox.cf ##用戶郵箱位置查詢
/mnt/hu.com/hu/
host = localhost
user = postuser
password = postuser
dbname = email
table = emailuser
select_field = maildir
where_field = username
[root@westos-mail postfix]# postmap -q "[email protected]" mysql:/etc/postfix/mailbox.cf
/mnt/hu.com/hu/
5.配置postfix
[root@westos-mail ~]# groupadd -g 666 vmail
[root@westos-mail ~]# useradd -s /sbin/nologin -u 666 vmail -g 666
[root@westos-mail ~]# id vmail
uid=666(vmail) gid=666(vmail) groups=666(vmail)
[root@westos-mail ~]# postconf -e "virtual_mailbox_base = /home/vmail"
[root@westos-mail ~]# postconf -e "virtual_uid_maps = static:666"
[root@westos-mail ~]# postconf -e "virtual_gid_maps = static:666"
[root@westos-mail ~]# postconf -e "virtual_alias_maps = mysql:/etc/postfix/mailuser.cf" ##設定虛擬用戶的郵件目錄
[root@westos-mail ~]# postconf -e "virtual_mailbox_domains = mysql:/etc/postfix/maildomain.cf" ##虛擬用戶建立文件的uid
[root@westos-mail ~]# postconf -e "virtual_mailbox_maps = mysql:/etc/postfix/mailbox.cf" ##虛擬用戶建立文件的gid
[root@westos-mail ~]# vim /etc/postfix/main.cf
[root@westos-mail ~]# systemctl restart postfix.service
測試:
[root@westos-mail ~]# cd /home/vmail
[root@westos-mail vmail]# ls
[root@westos-mail vmail]# mail [email protected]
Subject: pp
p
.
EOT
[root@westos-mail vmail]# mailq
Mail queue is empty
[root@westos-mail vmail]# ls
hu.com mail
[root@westos-mail vmail]# cd hu.com/
[root@westos-mail hu.com]# ls
hu
[root@westos-mail hu.com]# cd hu/
[root@westos-mail hu]# ls
cur new tmp
[root@westos-mail hu]# cd new/
[root@westos-mail new]# cd -
[root@westos-mail new]# ls
1495641824.Vfd01I272930M604254.westos-mail.westos.com
[root@westos-mail hu]# cat
new/1495641824.Vfd01I272930M604254.westos-mail.westos.com ##查看傳到mysql數據庫中的郵件內容
Return-Path: <[email protected]>
X-Original-To: [email protected]
Delivered-To: [email protected]
Received: by westos-mail.westos.com (Postfix, from userid 0)
id 87AEF272929; Wed, 24 May 2017 12:03:44 -0400 (EDT)
Date: Wed, 24 May 2017 12:03:44 -0400
Subject: pp
User-Agent: Heirloom mailx 12.5 7/5/10
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-Id: <[email protected]>
From: [email protected] (root)
#######################
###dovecot+mysql#######
#######################
1.安裝軟件
##dovecot-mysql dovecot軟件的插件,讓此軟件可以識別mysql
2.編輯配置文件
vim /etc/dovecot/dovecot.conf
24 protocols = imap pop3 lmtp ##支持收件協議
48 login_trusted_networks = 0.0.0.0/0 ##信任協議
49 disable_plaintext_auth = no ##開啓明文認證
vim /etc/dovecot/conf.d/10-auth.conf
123 !include auth-sql.conf.ext #開啓mysql的認證方式
##生成dovecot讀取mysql的配置
cp /usr/share/doc/dovecot-2.2.10/example-config/dovecot-sql.conf.ext /etc/dovecot/dovecot-sql.conf.ext
vim /etc/dovecot/dovecot-sql.conf.ext
32 driver = mysql ##數據類型
71 connect = host=localhost dbname=email user=postuser password=postuser ##查詢時用到的庫,用戶,密碼
78 default_pass_scheme = PLAIN ##默認認證方式爲明文
107 password_query = \ ##查詢密碼匹配
108 SELECT username, domain, password \
109 FROM eamiluser WHERE username = '%u' AND domain = '%d'
125 user_query = SELECT maildir, 666 AS uid, 666 AS gid FROM emailuser WHERE username = '%u' ##查詢郵件內容
vim /etc/dovecot/conf.d/10-mail.conf
30 mail_location = maildir:/home/vmail/%d/%n ##指定郵件位置
168 first_valid_uid = 666 ##指定文件查詢用戶身份
175 first_valid_gid = 666
systemctl restart dovecot
[root@westos-mail ~]# telnet 172.25.254.100 110
Trying 172.25.254.100...
Connected to 172.25.254.100.
Escape character is '^]'.
+OK [XCLIENT] Dovecot ready.
user [email protected]
+OK
pass hu
+OK Logged in.
quit
+OK Logging out.
Connection closed by foreign host.
#######################
########空殼郵件#######
#######################
[root@nullmail ~]# hostnamectl set-hostname nullmail.example.com
[root@nullmail ~]# vim /etc/postfix/main.cf
76 myhostname = nullmail.example.com
83 mydomain = example.com
99 myorigin = westos.com ##真實接受郵件的主機域名
116 inet_interfaces = all
164 mydestination =
316 relayhost = 172.25.254.100
[root@nullmail ~]# systemctl restart postfix.service
[root@nullmail ~]# mail [email protected]
Subject: oo
l
.
EOT
[root@nullmail ~]# mailq
Mail queue is empty
[root@westos-mail ~]# mail
Heirloom Mail version 12.5 7/5/10. Type ? for help.
"/var/spool/mail/root": 1 message 1 new
>N 1 root Sat May 27 23:30 21/738 "oo"
& q
