######################
##### postfix ##########
######################
电子邮件发送
l 服务器使用SMTP协议将电子邮件提交至TCP端口25,或由本地客户端通过/usr/bin/sendmail程序进行提交。如果该MTA是最终目标位置,邮件将传递至MDA。否则,将使用MX记录在DNS中查找下一个MTA,并使用SMTP进行转发。
l MDA:“邮件发送代理”。MDA将邮件发送至收件人的本地邮件存储位置(默认情况下是/var/spool/mail/user)。Postfix提供自己的MDA,以发送至基于文件的本地默认邮件存储位置/usr/libexec/postfix/local.
l 转发:电子邮件服务器(MTA)将提交的邮件转发至另一个服务器,以进行发送
l 排队:失败的发送或转发尝试排队等待,并由MTA定义重试。(默认情况下,Postfix每小时执行此操作一次)
l 拒绝:在首次提交期间,电子邮件被电子邮件服务器拒绝
l 退回:远程服务器接受电子邮件以进行发送以后,又将该电子邮件退回给始发电子邮件服务器和/或用户
l 电子邮件以进行发送以后,又将该电子邮件退回给始发电子邮件服务器和/或用户
实验准备:
两台虚拟机,ip分别为172.25.254.100和172.25.254.200配置好yum源。
配置dns服务端
[root@westos-mail ~]# yum install bind -y
[root@westos-mail ~]# systemctl stop firewalld
[root@westos-mail named]# systemctl disable firewalld
[root@westos-mail ~]# vim /etc/named.conf
// listen-on port 53 { 127.0.0.1; };
// listen-on-v6 port 53 { ::1; };
// allow-query { localhost; };
dnssec-validation no;
[root@westos-mail named]# vim /etc/named.rfc1912.zones
zone "westos.com" IN {
type master;
file "westos.com.zone";
allow-update { none; };
};
zone "qq.com" IN {
type master;
file "qq.com.zone";
allow-update { none; };
};
[root@westos-mail named]# cp -p named.localhost westos.com.zone
[root@westos-mail named]# vim westos.com.zone
$TTL 1D
@ IN SOA dns.westos.com. root.westos.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.westos.com.
dns A 172.25.254.100
westos.com. MX 1 172.25.254.100.
[root@westos-mail named]# cp -p westos.com.zone qq.com.zone
[root@westos-mail named]# vim qq.com.zone
$TTL 1D
@ IN SOA dns.qq.com. root.qq.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.qq.com.
dns A 172.25.254.100
qq.com. MX 1 172.25.254.200
[root@westos-mail named]# vim /etc/resolv.conf
nameserver 172.25.254.100
[root@westos-mail named]# systemctl restart named
[root@westos-mail named]# dig -t mx westos.com
客户端:
[root@qq-mail ~]# vim /etc/resolv.conf
[root@qq-mail ~]# dig -t mx qq.com
[root@qq-mail ~]# systemctl stop firewalld
[root@qq-mail ~]# systemctl disable firewalld
1.
postfix提供smtp协议用来投递邮件,默认端口25
/var/log/maillog ##服务日志
mail root@westos.com
Subject: hello
hello world
. #用"."来结束录入内容并发送
mailq ##查看邮件队列
postqueue -f ##重新处理邮件队列
netstat -antlpe | grep master
默认情况下邮件端口只在127.0.0.1上开启
postsuper -d id ##删除发件
> /var/spool/mail/root ##删除收件
2.配置
[root@westos-mail ~]# vim /etc/postfix/main.cf
116 inet_interfaces = all ##25端口开启的网络接口
76 myhostname = westos-mail.westos.com ##指定mta主机名称
83 mydomain = westos.com ##指定mta的域名
99 myorigin = $mydomain ##指定邮件来源结尾(@后面的字符内容)
164 mydestination = $myhostname, $mydomain, localhost ##接收邮件结尾字符的指定
systemctl restart postfix.service
systemctl stop firewalld
同理,qq-mail主机也进行配置。
测试:
[root@westos-mail named]# vim /etc/postfix/main.cf
[root@westos-mail named]# systemctl restart postfix.service
[root@westos-mail named]# mail root@qq.com
Subject: asdf
s
.
EOT
[root@westos-mail named]# mailq
Mail queue is empty
[root@qq-mail ~]# mail
Heirloom Mail version 12.5 7/5/10. Type ? for help.
"/var/spool/mail/root": 1 message 1 new
>N 1 root Wed May 24 00:34 21/722 "asdf"
& q
3.邮件别名和群发
[root@qq-mail ~]# vim /etc/aliases
别名: 真名 ##邮件别名
postalias /etc/aliases
systemctl restart postfix
[root@qq-mail ~]# vim /etc/aliases
别名: :include:filename ##邮件群发
vim filename
user1
user2
postalias /etc/aliases ##生效
systemctl restart postfix
mail 别名
4.通过远程主机测试邮件服务
[root@foundation60 Desktop]# yum install telnet -y
[root@foundation60 Desktop]$ telnet 172.25.254.100 25
Trying 172.25.254.100...
Connected to 172.25.254.100.
Escape character is '^]'.
220 westos-mail.westos.com ESMTP Postfix
ehlo hello ##测试连接
250-westos-mail.westos.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
mail from:root@westos.com ##发送方
250 2.1.0 Ok
rcpt to:root@qq.com ##接收方
250 2.1.5 Ok
data
354 End data with <CR><LF>.<CR><LF>
adsf
asdf
.
250 2.0.0 Ok: queued as 34C0124622B
查看
5.邮件客户端的访问控制
#限制客户端
在mta上
postconf -e "smtpd_client_restrictions = check_client_access hash:/etc/postfix/access"
vim /etc/postfix/access
172.25.254.60 REJECT
postmap /etc/postfix/access
systemctl restart postfix
测试
##限制用户发送
postconf -e "smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender"
vim /etc/postfix/sender
student@westos.com REJECT
postmap /etc/postfix/sender
systemctl restart postfix
测试
[kiosk@foundation60 Desktop]$ telnet 172.25.254.100 25
Trying 172.25.254.100...
Connected to 172.25.254.100.
Escape character is '^]'.
220 westos-mail.westos.com ESMTP Postfix
mail from:student@westos.com
250 2.1.0 Ok
rcpt to:root@westos.com
554 5.7.1 <student@westos.com>: Sender address rejected: Access denied
##限制用户接收
postconf -e "smtpd_recipient_restrictions = check_recipient_access hash:/etc/postfix/recip"
vim /etc/postfix/recip
westos@westos.com REJECT
postmap /etc/postfix/recip
systemctl restart postfix
测试
[kiosk@foundation0 Desktop]$ telnet 172.25.254.100 25
Trying 172.25.254.100...
Connected to 172.25.254.100.
Escape character is '^]'.
220 westos-mail.westos.com ESMTP Postfix
mail from:westos@westos.com
250 2.1.0 Ok
rcpt to:root@westos.com
250 2.1.5 Ok
data
354 End data with <CR><LF>.<CR><LF>
adsf
adsf
asdf
.
250 2.0.0 Ok: queued as DE17D2461EA
qiut
502 5.5.2 Error: command not recognized
mail from:root@westos.com
250 2.1.0 Ok
rcpt to:westos@westos.com
554 5.7.1 <westos@westos.com>: Recipient address rejected: Access denied
##出站地址伪装
[root@westos-mail ~]# postconf -e "smtp_generic_maps = hash:/etc/postfix/generic"
[root@westos-mail ~]# vim /etc/postfix/main.cf
westos@westos.com hello@sb.com
[root@westos-mail ~]# vim /etc/postfix/generic
[root@westos-mail ~]# postmap /etc/postfix/generic
[root@westos-mail ~]# systemctl restart postfix.service
测试
[root@westos-mail ~]# su - westos
[westos@westos-mail ~]$ mail root@qq.com
Subject: haha
s
.
EOT
[westos@westos-mail ~]$ mailq
Mail queue is empty
[root@qq-mail ~]# mail
Heirloom Mail version 12.5 7/5/10. Type ? for help.
"/var/spool/mail/root": 1 message 1 new
>N 1 hello@sb.com Wed May 24 06:40 21/709 "haha"
& 1
Message 1:
From hello@sb.com Wed May 24 06:40:52 2017
Return-Path: <hello@sb.com>
X-Original-To: root@qq.com
Delivered-To: root@qq.com
Date: Wed, 24 May 2017 06:40:51 -0400
To: root@qq.com
Subject: haha
User-Agent: Heirloom mailx 12.5 7/5/10
Content-Type: text/plain; charset=us-ascii
From: hello@sb.com
##入战地址转换
dns mx 记录解析:
[root@westos-mail westos]# vim /etc/named.rfc1912.zones
[root@westos-mail westos]# cd /var/named/
[root@westos-mail named]# cp -p qq.com.zone sb.com.zone
[root@westos-mail named]# vim sb.com.zone
$TTL 1D
@ IN SOA dns.sb.com. root.sb.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.sb.com.
dns A 172.25.254.100
sb.com. MX 1 172.25.254.100.
[root@westos-mail named]# systemctl restart named
[root@westos-mail named]# dig -t mx sb.com
开始转换:
[root@westos-mail named]# postconf -e "virtual_alias_maps = hash:/etc/postfix/virtual"
[root@westos-mail named]# vim /etc/postfix/virtual
虚拟名字 真实用户
hello@sb.com westos@westos.com
[root@westos-mail named]# postmap /etc/postfix/virtual
[root@westos-mail named]# systemctl restart postfix.service
测试
[root@qq-mail ~]# mail hello@sb.com
Subject: hehe
w
.
EOT
[root@qq-mail ~]# mailq
[root@westos-mail named]# su - westos
Last login: Wed May 24 06:40:34 EDT 2017 on pts/1
[westos@westos-mail ~]$ mail
Heirloom Mail version 12.5 7/5/10. Type ? for help.
"/var/spool/mail/westos": 1 message 1 new
>N 1 root Wed May 24 06:59 21/703 "hehe"
& 1
Message 1:
From root@qq.com Wed May 24 06:59:15 2017
Return-Path: <root@qq.com>
X-Original-To: hello@sb.com
Delivered-To: westos@westos.com
Date: Wed, 24 May 2017 06:59:15 -0400
To: hello@sb.com
Subject: hehe
User-Agent: Heirloom mailx 12.5 7/5/10
Content-Type: text/plain; charset=us-ascii
From: root@qq.com (root)
Status: R
#########################
####### dovecot #########
#########################
1.
dovecot 用来提供收件协议
pop3 110
imap 143
imaps 993
pop3s 995
给定用户名称,用户密码,dovecot程序代我们去看这个用户的邮件文件
2.
[root@westos-mail ~]# yum install dovecot -y
3.
[root@westos-mail ~]# systemctl start dovecot
[root@westos-mail ~]# vim /etc/dovecot/dovecot.conf
24 protocols = imap pop3 lmtp ##使用协议
48 login_trusted_networks = 0.0.0.0/0 ##允许全网访问
49 disable_plaintext_auth = no ##允许明文授权
[root@westos-mail ~]# vim /etc/dovecot/conf.d/10-mail.conf
30 mail_location = mbox:~/mail:INBOX=/var/mail/%u ##用户邮件所在地址
[root@westos-mail ~]# systemctl restart dovecot
4.
[root@westos-mail ~]# id westos
uid=1001(westos) gid=1001(westos) groups=1001(westos)
[root@westos-mail ~]# passwd westos
[root@westos-mail ~]# su - westos
Last login: Wed May 24 06:58:35 EDT 2017 on pts/1
[westos@westos-mail ~]$ mkdir mail/.imap/ -p
[westos@westos-mail ~]$ touch mail/.imap/INBOX
[root@westos-mail ~]# su - westos
Last login: Wed May 24 06:58:35 EDT 2017 on pts/1
[westos@westos-mail ~]$ mkdir mail/.imap/ -p ##创建邮件的目录
[westos@westos-mail ~]$ touch mail/.imap/INBOX
[westos@westos-mail ~]$ mail westos
Subject: hello
ww
.
EOT
[westos@westos-mail ~]$ mailq
Mail queue is empty
新建用户邮件查看
[root@westos-mail ~]# mkdir /etc/skel/mail/.imap -p
[root@westos-mail ~]# touch /etc/skel/mail/.imap/INBOX
[root@westos-mail ~]# useradd huyan
[root@westos-mail ~]# cd /home/huyan
[root@westos-mail huyan]# ll
total 0
drwxr-xr-x. 3 huyan huyan 18 May 24 07:54 mail
[root@westos-mail huyan]# ls mail/ -a
. .. .imap
[root@westos-mail huyan]# ls mail/.imap/INBOX
mail/.imap/INBOX
[root@westos-mail huyan]# passwd huyan
[root@westos-mail huyan]# mail huyan
Subject: www
ww
.
EOT
[root@westos-mail huyan]# mailq
测试:
[root@qq-mail ~]# yum install mutt -y
[root@qq-mail ~]# mutt -f pop://westos@172.25.254.100 ##查看westos的邮件
[root@qq-mail ~]# mutt -f pop://huyan@172.25.254.100
#######################
###postfix+mariadb#####
#######################
1.重新配置postfix
[root@westos-mail ~]# mv /etc/postfix/main.cf /mnt
[root@westos-mail ~]# yum reinstall postfix.x86_64 -y
[root@westos-mail ~]# vim /etc/postfix/main.cf
116 inet_interfaces = all
76 myhostname = westos-mail.westos.com
83 mydomain = westos.com
99 myorigin = $mydomain
164 mydestination = $myhostname, $mydomain, localhost
[root@westos-mail ~]# systemctl restart postfix.service
2.安装数据库
[root@westos-mail ~]# yum install httpd php php-mysql mariadb-server -y
[root@westos-mail ~]# systemctl start mariadb
[root@westos-mail ~]# vim /etc/my.cnf
skip-networking=1
[root@westos-mail ~]# systemctl restart mariadb
[root@westos-mail ~]# mysql_secure_installation ##设置root用户登录数据库密码
[root@westos-mail ~]# cd /var/www/html
[root@westos-mail html]# ls
phpMyAdmin-3.4.0-all-languages.tar.bz2
[root@westos-mail html]# tar jxf phpMyAdmin-3.4.0-all-languages.tar.bz2
[root@westos-mail html]# rm -fr *.bz2
[root@westos-mail html]# mv phpMyAdmin-3.4.0-all-languages/ myadmin
[root@westos-mail html]# ls
myadmin
[root@westos-mail html]# cd myadmin/
[root@westos-mail myadmin]# cp config.sample.inc.php config.inc.php
[root@westos-mail myadmin]# vim config.inc.php
$cfg['blowfish_secret'] = 'mysql';
[root@westos-mail myadmin]# systemctl restart httpd
3.测试:
http://172.25.254.100/myadmin
写入数据
4.
root用户登录数据库
创建用户和授权
5.
[root@westos-mail ~]# cd /etc/postfix/
[root@westos-mail postfix]# vim mailuser.cf ##用户名称查询
host = localhos ##数据库所在主机
user = postuser ##登陆数据库的用户
password = postuser ##登陆数据库的密码
dbname = email ##postfix要查询的名称
table = emailuser ##postfix要查询的表的名称
select_field = username ##postfix要查询的字段
where_field = username ##用户给定postfix的查询条件
[root@westos-mail postfix]# postmap -q "hu@hu.com" mysql:/etc/postfix/mailuser.cf
hu@hu.com
[root@westos-mail postfix]# cp mailuser.cf maildomain.cf
[root@westos-mail postfix]# vim maildomain.cf##用户域名查询
host = localhost
user = postuser
password = postuser
dbname = email
table = emailuser
select_field = domain
where_field = domain
[root@westos-mail postfix]# postmap -q "hu.com" mysql:/etc/postfix/maildomain.cf
hu.com
[root@westos-mail postfix]# cp maildomain.cf mailbox.cf
[root@westos-mail postfix]# vim mailbox.cf ##用户邮箱位置查询
/mnt/hu.com/hu/
host = localhost
user = postuser
password = postuser
dbname = email
table = emailuser
select_field = maildir
where_field = username
[root@westos-mail postfix]# postmap -q "hu@hu.com" mysql:/etc/postfix/mailbox.cf
/mnt/hu.com/hu/
5.配置postfix
[root@westos-mail ~]# groupadd -g 666 vmail
[root@westos-mail ~]# useradd -s /sbin/nologin -u 666 vmail -g 666
[root@westos-mail ~]# id vmail
uid=666(vmail) gid=666(vmail) groups=666(vmail)
[root@westos-mail ~]# postconf -e "virtual_mailbox_base = /home/vmail"
[root@westos-mail ~]# postconf -e "virtual_uid_maps = static:666"
[root@westos-mail ~]# postconf -e "virtual_gid_maps = static:666"
[root@westos-mail ~]# postconf -e "virtual_alias_maps = mysql:/etc/postfix/mailuser.cf" ##设定虚拟用户的邮件目录
[root@westos-mail ~]# postconf -e "virtual_mailbox_domains = mysql:/etc/postfix/maildomain.cf" ##虚拟用户建立文件的uid
[root@westos-mail ~]# postconf -e "virtual_mailbox_maps = mysql:/etc/postfix/mailbox.cf" ##虚拟用户建立文件的gid
[root@westos-mail ~]# vim /etc/postfix/main.cf
[root@westos-mail ~]# systemctl restart postfix.service
测试:
[root@westos-mail ~]# cd /home/vmail
[root@westos-mail vmail]# ls
[root@westos-mail vmail]# mail hu@hu.com
Subject: pp
p
.
EOT
[root@westos-mail vmail]# mailq
Mail queue is empty
[root@westos-mail vmail]# ls
hu.com mail
[root@westos-mail vmail]# cd hu.com/
[root@westos-mail hu.com]# ls
hu
[root@westos-mail hu.com]# cd hu/
[root@westos-mail hu]# ls
cur new tmp
[root@westos-mail hu]# cd new/
[root@westos-mail new]# cd -
[root@westos-mail new]# ls
1495641824.Vfd01I272930M604254.westos-mail.westos.com
[root@westos-mail hu]# cat
new/1495641824.Vfd01I272930M604254.westos-mail.westos.com ##查看传到mysql数据库中的邮件内容
Return-Path: <root@westos.com>
X-Original-To: hu@hu.com
Delivered-To: hu@hu.com
Received: by westos-mail.westos.com (Postfix, from userid 0)
id 87AEF272929; Wed, 24 May 2017 12:03:44 -0400 (EDT)
Date: Wed, 24 May 2017 12:03:44 -0400
To: hu@hu.com
Subject: pp
User-Agent: Heirloom mailx 12.5 7/5/10
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-Id: <20170524160344.87AEF272929@westos-mail.westos.com>
From: root@westos.com (root)
#######################
###dovecot+mysql#######
#######################
1.安装软件
##dovecot-mysql dovecot软件的插件,让此软件可以识别mysql
2.编辑配置文件
vim /etc/dovecot/dovecot.conf
24 protocols = imap pop3 lmtp ##支持收件协议
48 login_trusted_networks = 0.0.0.0/0 ##信任协议
49 disable_plaintext_auth = no ##开启明文认证
vim /etc/dovecot/conf.d/10-auth.conf
123 !include auth-sql.conf.ext #开启mysql的认证方式
##生成dovecot读取mysql的配置
cp /usr/share/doc/dovecot-2.2.10/example-config/dovecot-sql.conf.ext /etc/dovecot/dovecot-sql.conf.ext
vim /etc/dovecot/dovecot-sql.conf.ext
32 driver = mysql ##数据类型
71 connect = host=localhost dbname=email user=postuser password=postuser ##查询时用到的库,用户,密码
78 default_pass_scheme = PLAIN ##默认认证方式为明文
107 password_query = \ ##查询密码匹配
108 SELECT username, domain, password \
109 FROM eamiluser WHERE username = '%u' AND domain = '%d'
125 user_query = SELECT maildir, 666 AS uid, 666 AS gid FROM emailuser WHERE username = '%u' ##查询邮件内容
vim /etc/dovecot/conf.d/10-mail.conf
30 mail_location = maildir:/home/vmail/%d/%n ##指定邮件位置
168 first_valid_uid = 666 ##指定文件查询用户身份
175 first_valid_gid = 666
systemctl restart dovecot
[root@westos-mail ~]# telnet 172.25.254.100 110
Trying 172.25.254.100...
Connected to 172.25.254.100.
Escape character is '^]'.
+OK [XCLIENT] Dovecot ready.
user hu@hu.com
+OK
pass hu
+OK Logged in.
quit
+OK Logging out.
Connection closed by foreign host.
#######################
########空壳邮件#######
#######################
[root@nullmail ~]# hostnamectl set-hostname nullmail.example.com
[root@nullmail ~]# vim /etc/postfix/main.cf
76 myhostname = nullmail.example.com
83 mydomain = example.com
99 myorigin = westos.com ##真实接受邮件的主机域名
116 inet_interfaces = all
164 mydestination =
316 relayhost = 172.25.254.100
[root@nullmail ~]# systemctl restart postfix.service
[root@nullmail ~]# mail root@westos.com
Subject: oo
l
.
EOT
[root@nullmail ~]# mailq
Mail queue is empty
[root@westos-mail ~]# mail
Heirloom Mail version 12.5 7/5/10. Type ? for help.
"/var/spool/mail/root": 1 message 1 new
>N 1 root Sat May 27 23:30 21/738 "oo"
& q