第四单元:SMTP配置
###初始环境##设置主机IP
服务器:hostnamectl set-hostname westos-mail.westos.com ##修改主机名为westos-mail.westos.com
vim /etc/yum.repos.d/rhel_dvd.repo ##修改yum源指向
示图1:
vim /etc/sysconfig/network-scripts/ifcfg-eth0 ##设置主机IP
示图2:
systemctl restart network
vim /etc/resolv.conf ##修改主机DNS
示图3:
yum install bind.x86_64 ##安装DNS服务的软件
vim /etc/named.conf ##修改DNS配置文件,允许接受外界任何网段的访问
示图4:
vim /etc/named.rfc1912.zones ##添加DNS库
示图5:
cd /var/named ##进入DNS库中创建表格
cp -p named.localhost westos.com.zone
vim westos.com.zone
示图6:
cp -p westos.com.zone qq.com.zone
vim qq.com.zone
示图7:
systemctl start named
systemctl stop firewalld
systemctl disable firewalld
客户端:
hostnamectl set-hostname qq-mail.qq.com ##修改主机名为qq-mail.qq.com
vim /etc/resolv.conf ##修改主机DNS
示图8:
vim /etc/sysconfig/network-scripts/ifcfg-eth0 ##设置主机IP
systemctl restart network
测试DNS设置结果:
分别在服务器和客户端全部测试
dig -t mx westos.com
dig -t mx qq.com
示图:测试westos.com
示图:测试qq.com
一、postfix基本知识
#postfix提供smtp协议用来投递邮件#默认端口为25
示图10:
#日志:/var/log/maillog
#配置文件:/etc/postfix/main.cf
二、基本发送配置
1.vim /etc/postfix/main.cf ##在westos-mail.westos.com 和qq-mail.qq.com 全部修改配置文件,在qq-mail.qq.com 主机中的配置文件修改内容变为“qq.com”75 myhostname = westos-mail.westos.com ##指定MTA的主机名称
83 mydomain = westos.com ##指定MTA的域名
99 myorigin =westos.com ##指定邮件来源结尾(@后面的字符内容)
116 inet_interfaces = all ##25端口开启的网络接口
164 mydestination = $myhostname, $mydomain, localhost ##接受邮件结尾字符的指定
systemctl restart postfix.service
systemctl stop firewalld
netstat -anptle | grep master ##查看到此时端口对外开放
示图11:
2.测试邮件发送接受:
测试发送方为westos-mail.westos.com
测试接受方为qq-mail.qq.com
[root@westos-mail named]# mail root@qq.com
Subject: qq
. ##以"."结束录入内容
EOT
示图:接受情况
mailq ##查看邮件队列
postqueue -f ##重新处理邮件队列
三、邮件别名
文件在westos-mail.westos.com 主机上修改,测试在qq-mail.qq.com上1.vim /etc/aliases
97 admin: root ##邮件别名(单发),真名root,别名admin
98 moreuser: :include:/etc/postfix/moreuser ##邮件群发
2.vim /etc/postfix/moreuser ##编写群发名单
harry
leo
3.useradd harry
useradd leo
4.systemctl restart postfix
5.测试
别名测试:
[root@qq-mail ~]# mail admin@westos.com
Subject: admin
admin
.
EOT
示图:别名测试
群发测试 mail -u 用户【查看用户的邮件箱】:
[root@qq-mail ~]# mail moreuser@westos.com
Subject: moreuser
moreuser
.
EOT
示图:群发成员接受情况
harry
leo
四、通过远程主机控制邮件服务
1.登陆测试yum install telnet ##在另外一台主机安装telnet软件
[root@foundation98 ~]# telnet 172.25.254.198 25 ##远程主机测试邮件服务
Trying 172.25.254.198...
Connected to 172.25.254.198.
Escape character is '^]'.
220 westos-mail.westos.com ESMTP Postfix
mail from:root@westos.com ##发送方:westos.com
250 2.1.0 Ok
rcpt to:root@qq.com ##接收方:qq.com
250 2.1.5 Ok
data ##发送内容准备
354 End data with <CR><LF>.<CR><LF> ##输入发送内容
telnet westos to qq
.
250 2.0.0 Ok: queued as 83470EAF86 ##发送成功
quit
221 2.0.0 Bye
Connection closed by foreign host.
示图:远程接收结果1
2.限制客户端的访问控制
postconf -d |grep client
示图:查看postfix配置关于客户的默认值
postconf -e "smtpd_client_restrictions = check_client_access hash:/etc/postfix/access"
##将smtpd_client_restrictions = check_client_access hash:/etc/postfix/access加入/etc/postfix/main.cf中
vim /etc/postfix/main.cf ##刚才添加的内容会自动补充到该配置文件最后,从而使修改生效
示图12:
vim /etc/postfix/access
477 172.25.254.98 REJECT
postmap /etc/postfix/access ##加密文件
示图13:加密后文件变化
systemctl restart postfix
测试:
示图:测试结果为发送失败
3.限制客户端的用户发送
postconf -e "smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender"
vim /etc/postfix/sender ##编写拒绝远程控制发送的用户名单
student@westos.com REJECT
postmap /etc/postfix/sender ##加密
systemctl restart postfix
测试:
示图:student用户发送失败
4.限制客户端的用户接收
postconf -e "smtpd_recipient_restrictions = check_recipient_access hash:/etc/postfix/recip"
vim /etc/postfix/recip
westos@westos.com REJECT
postmap /etc/postfix/recip
systemctl restart postfix
测试:
示图:远程控制接收
五、出站地址伪装
1.postconf -d |grep generic示图:查看postfix配置关于generic的默认值
2.postconf -e "smtp_generic_maps = hash:/etc/postfix/generic"
3.vim /etc/postfix/generic ##编写伪装的文件(匿名转换)
241 westos@westos.com hello@lr.com ##真实名字为westos@westos.com 虚拟名字为hello@lr.com
4.postmap /etc/postfix/generic ##加密文件
5.systemctl retart postfix
6.测试:
[root@westos-mail named]# su - westos
Last login: Fri May 26 10:50:21 EDT 2017 on pts/0
[westos@westos-mail ~]$ mail root@qq.com
Subject: lr
lrwestos
.
EOT
示图:qq-mail.qq.com 查看邮件接收情况
六、入站地址转换
1.配置DNS解析vim /etc/named.rfc1912.zones
示图:DNS文件1
cd /var/named
cp -p qq.com.zone lr.com.zone
vim lr.com.zone
示图:DNS文件2
systemctl restart named
测试:dig -t mx lr.com
2.ostconf -e "virtual_alias_maps = hash:/etc/postfix/virtual"
3.vim /etc/postfix/virtual ##编写伪装的文件(匿名转换)
295 hello@lr.com westos@westos.com
4.postmap /etc/postfix/virtual ##加密
5.systemctl restart postfix
6.测试
[root@qq-mail ~]# mail hello@lr.com
Subject: lr
lr
.
EOT
示图:进战转换测试
七、dovecot
pop3 110
imap 143
imaps 993
pop3s 995
给定用户名称,用户密码,dovecot程序带我们去看这个用户的邮件文件
1.安装
安装
yum install dovecot -y
systemctl start dovecot
2.配置
vim /etc/dovecot/dovecot.conf ##主配置文件
24 protocols = imap pop3 lmtp ##协议
48 login_trusted_networks = 0.0.0.0/0 ##允许所有人登录
49 disable_plaintext_auth = no ##明文认证(否)
vim /etc/dovecot/conf.d/10-mail.conf ##子策略文件
30 mail_location = mbox:~/mail:INBOX=/var/mail/%u ##邮件的存放目录
systemctl restart dovecot
3.添加用户并设置密码
useradd westos
echo westos |passwd --stdin westos
su - westos
mkdir mail/.imap -p
touch mail/.imap/INBOX
4.测试:
[root@foundation98 ~]# yum install mutt -y
[root@foundation98 ~]# mutt -f pop://westos@172.25.254.198
5 kept, 0 deleted.
示图:初次登陆
6.软件发送邮件:
rpm -ivh thunderbird-31.2.0-1.el7.x86_64.rpm
示图:登陆
示图:回复邮件检测
八、数据库和邮件
1.安装
yum reinstall postfix.x86_64 -y
vim /etc/postfix/main.cf
76 myhostname = westos-mail.westos.com ##指定mta主机名称
83 mydomain = westos.com ##指定mta的域名
99 myorigin = westos.com ##指定邮件来源结尾(@后面的字符内容)
116 inet_interfaces = all ##25端口开启的网络接口
164 mydestination = $myhostname, $mydomain, localhost ##接收邮件结尾字符的指定
2,yum install httpd php php-mysql mariadb-server -y
systemctl start mariadb
vim /etc/my.cnf
示图:
systemctl restart mariadb
mysql_secure_installation
3,在/var/www/html/中,下载phpMyadmin-3.4.0-all-languages.tar.bz2
tar jxf phpMyadmin-3.4.0-all-languages.tar.bz2
mv phpMyadmin-3.4.0-all-languages/ myadmin
cd myadmin/
cp config.sample.inc.php config.inc.php
vim config.inc.php
示图:
systemctl restart httpd
4.创建数据库email,在email库中,创建表emailuser,添加四个字段username,password,domain,maildir
示图:
4,建立新的用户并登陆
mysql -uroot -pwestos ###创建postuser并进行授权
create user postuser@localhost identified by 'postuser';
grant insert,select,delete,update on email.emailuser to postuser@localhost;
insert into emailuser values ('lr@lr.com','lr','lr.com','/mnt/lr.com/lr');
mysql -upostuser -ppostuser ##登录postuser
5,配置文件
vim /etc/postfix/mailuser.cf ##用户名称查询
hosts = localhost ##数据库所在主机
user = postuser ##登录数据库的用户
password = postuser ##登录数据库的密码
dbname = email ##postfix要查询的库名称
table = emailuser ##postfix要查询的表的名称
select_field = username ##postfix要查询的字段
where_field = username ##用户给定postfix的查询条件
vim /etc/postfix/maildomain.cf ##用户域名查询
hosts = localhost
user = postuser
password = postuser
dbname = email
table = emailuser
select_field = domian
where_field = domain
vim /etc/postfix/mailbox.cf ##用户邮箱查询
hosts = localhost
user = postuser
password = postuser
dbname = email
table = emailuser
select_field = maildir
where_field = username
6,配置postfix
postmap -q "lr@lr.com" mysql:/etc/postfix/mailuser.cf
lr@lr.com
postmap -q "lr.com" mysql:/etc/postfix/maildomain.cf
lr.com
postmap -q "lr@lr.com" mysql:/etc/postfix/maildir.cf
/lr.com/lr
groupadd -g 666 vmail
useradd -s /sbin/nologin -u 666 vmail -g 666
postconf -e "virtual_mailbox_base = /home/vmail" ##设定虚拟用户的邮件目录
postconf -e "virtual_uid_maps = static:666" ##虚拟用户建立文件的uid
postconf -e "virtual_gid_maps = static:666" ##虚拟用户建立文件的gid
postconf -e "virtual_alias_maps = mysql:/etc/postfix/mailuser.cf"
postconf -e "virtual_mailbox_domains = mysql:/etc/postfix/maildomain.cf"
postconf -e "virtual_mailbox_maps = mysql:/etc/postfix/mailfix.
cf"
7.修改emailuser内lr用户邮件目录为/home/lr.com/lr/
示图:用户信息
8.systemctl restart postfix
9.测试:
在虚拟机中
[root@westos-mail vmail]# rm -rf *
[root@westos-mail vmail]# mail lr@lr.com
Subject: lr
lr
.
EOT
在/home/vmail/lr.com/lr中,查看邮件
示图:
九、dovecot+mariadb+postfix
1.安装服务软件
yum install dovecot dovecot-mysql -y ##dovecot-mysql dovecot软件的茶件 ,让此软件可以识别mysql
2.配置文件
vim /etc/dovecot/dovecot.conf
24 protocols = imap pop3 lmtp ##支持收件协议
48 login_trusted_networks = 0.0.0.0/0 ##信任网络
49 disable_plaintext_auth = no ##开启明文认证
vim /etc/dovecot/conf.d/10-auth.conf
123 !include auth-sql.conf.ext ##开启mysql的认证方是
cp /usr/share/doc/dovecot-2.2.10/example-config/dovecot-sql.conf.ext /etc/dovecot/dovecot.sql.conf.ext ##生成dovecot读取mysql的配置
vim /etc/dovecot/dovecot-sql.conf.ext
32 driver = mysql ##数据库类型
71 connect = host=localhost dbname=email user=postuser password=postuser ##查询时用到的库,用户,密码
78 default_pass_scheme = PLAIN ##采取明文认证
107 password_query = \ ##查询密码匹配
108 SELECT username, domain, password \
109 FROM emailuser WHERE username = '%u' AND domain = '%d'
125 user_query = SELECT maildir, 666 AS uid, 666 AS gid FROM emailuser WHERE us ername = '%u' ##查询邮件内容
vim /etc/dovecot/conf.d/10-mail.conf
30 mail_location = maildir:/home/vmail/%d/%n ##指定邮件位置
168 first_valid_uid = 666 ##邮件文件查询用户身份
175 first_valid_gid = 666
3.systemctl restart dovecot
4.测试:
远程登陆110端口测试:
[kiosk@foundation98 Desktop]$ telnet 172.25.254.198 110
Trying 172.25.254.198...
Connected to 172.25.254.198.
Escape character is '^]'.
+OK [XCLIENT] Dovecot ready.
user lr@lr.com
+OK
pass lr
+OK Logged in.
quit
+OK Logging out.
Connection closed by foreign host.
登陆图形雷鸟软件进行接收发送测试:
示图:登陆后lr@lr.com用户的邮件箱内容
示图:邮件回复接收情况
十、空壳邮件
服务器:172.25.254.198 westos.example.com
空壳服务器:172.25.254.244 nullmail.qq.com
1.配置文件【在空壳邮件服务器上配置:】
vim /etc/postfix/main.cf
75 myhostname = nullmail.qq.com ##本主机名称
83 mydomain = qq.com ##本主机域名
99 myorigin = example.com ##指定邮件来源结尾为example.com
113 inet_interfaces = all ##对所有端口开放
116 #inet_interfaces = localhost
119 inet_protocols = all
164 mydestination = ##接收邮件结尾字符的指定
316 relayhost = 172.25.254.198 ##空壳邮件附着于172.25.254.198主机
2.systemctl restart postfix
3.测试:
发送:
[root@nullmail ~]# mail root@example.com
Subject: cdsc
bcjkds
.
EOT
接收:
示图:空壳邮件接收情况