首先,配置好一台综合服务器,为邮件服务器提供FTP、DNS、DHCP等服务(包括YUM源);
[root@localhost ~]# ifconfig eth0
eth0Link encap:EthernetHWaddr00:0C:29:AC:5E:76
inet addr:192.168.10.199Bcast:192.168.10.255
[root@localhost ~]# cd /etc/yum.repos.d/
[root@localhost yum.repos.d]# wgetftp://192.168.10.254/pub/repo/redhat.repo
--2014-03-10 19:05:30--ftp://192.168.10.254/pub/repo/redhat.repo
[root@localhost yum.repos.d]# ls
redhat.reporhel-debuginfo.repo
检查并安装邮件服务软件包:
[root@localhost ~]# rpm -q postfix
package postfix is not installed
[root@localhost ~]# yum -y install postfix
Dependency Installed:
mysql.x86_64 0:5.0.95-3.el5perl-DBI.x86_64 0:1.52-2.el5
Complete!
由于sendmail服务与postfix都使用的是TCP的25端口,我搭建服务使用的软件为postfix,因此要把sendmail服务停掉,
[root@localhost ~]# netstat -anptu | grep:25
tcp00 127.0.0.1:250.0.0.0:*LISTEN3944/sendmail
[root@localhost ~]# service sendmail stop
关闭 sm-client:[确定]
关闭 sendmail:[确定]
[root@localhost ~]# chkconfig sendmail off
[root@localhost ~]# chkconfig --add postfix
[root@localhost ~]# chkconfig --level 35postfix on
[root@localhost ~]# chkconfig --listpostfix
postfix0:关闭1:关闭2:启用3:启用4:启用5:启用6:关闭
验证:邮件服务是否可以解析:
[root@localhost postfix]# host -t MXtarena.com
tarena.com mail is handled by 10mail.tarena.com.
[root@localhost postfix]# host mail.tarena.com
mail.tarena.com has address 192.168.10.199
由于主配置文件中很多注释文件,不利于操作,利用postconf提取有效配置,排除干扰,只保留非默认配置:
[root@localhost postfix]# postconf -n | wc-l
19
[root@localhost postfix]# postconf -n >main.cf.bak
[root@localhost postfix]# mv main.cfmain.cf.old
[root@localhost postfix]# mv main.cf.bakmain.cf
[root@localhost postfix]# cat main.cf | wc-l
19
编辑主配置文件:
[root@localhost postfix]# vim/etc/postfix/main.cf
#inet_interfaces = localhost
mydestination = $myhostname,$mydomain
myhostname = mail.tarena.com
mydomain = tarena.com
myorigin = $mydomain
home_mailbox = Maildir/
[root@localhost postfix]# service postfixrestart
关闭 postfix:[确定]
启动 postfix:[确定]
[root@localhost postfix]# netstat -anptu |grep master
tcp00 0.0.0.0:250.0.0.0:*LISTEN5515/master
邮件服务需要使用系统用户,且系统用户又不需要登陆系统:
[root@localhost ~]# useradd -s/sbin/nologin tom
[root@localhost ~]# useradd -s /sbin/nologinjim
[root@localhost ~]# useradd -s/sbin/nologin dom
[root@localhost ~]# echo "123" |passwd --stdin tom
Changing password for user tom.
passwd: all authentication tokens updatedsuccessfully.
[root@localhost ~]# echo "123" |passwd --stdin jim
[root@localhost ~]# echo "123" |passwd --stdin dom
验证:在命令行验证邮件服务是否可以使用
[root@localhost postfix]# telnetmail.tarena.com 25
Trying 192.168.10.199...
Connected to mail.tarena.com(192.168.10.199).
Escape character is '^]'.
220 mail.tarena.com ESMTP Postfix
helo localhost
250 mail.tarena.com
mail from:tom@tarena.com
250 2.1.0 Ok
rcpt to:jim@tarena.com
250 2.1.5 Ok
data
354 End data with<CR><LF>.<CR><LF>
subject:hi,This is mail test!
test mail ...!
.
250 2.0.0 Ok: queued as 10F1B30D4D6
quit
221 2.0.0 Bye
Connection closed by foreign host.
在用户jim家目录下检查是否有邮件,有证明成功!
[root@localhost postfix]# ls/home/jim/Maildir/new/
1394450809.V802I3ec11cM361808.localhost.localdomain
[root@localhost postfix]# cat/home/jim/Maildir/new/139*
Received: from localhost (unknown [192.168.10.199])
by mail.tarena.com (Postfix) with SMTP id 10F1B30D4D6
for <jim@tarena.com>; Mon, 10 Mar 2014 19:25:41 +0800 (CST)
subject:hi,This is mail test!
test mail ...!
Message-Id:<20140310112554.10F1B30D4D6@mail.tarena.com>
Date: Mon, 10 Mar 2014 19:25:41 +0800 (CST)
From: tom@tarena.com
服务器发信服务已经配置好,下步安装配置收信服务:
[root@localhost ~]# rpm -q dovecot
package dovecot is not installed
[root@localhost ~]# yum -y install dovecot
Installed:
dovecot.x86_64 0:1.0.7-7.el5_7.1
Dependency Installed:
postgresql-libs.x86_64 0:8.1.23-6.el5_8
Complete!
[root@localhost ~]# chkconfig --level 35dovecot on
[root@localhost ~]# chkconfig --listdovecot
dovecot0:关闭1:关闭2:关闭3:启用4:关闭5:启用6:关闭
收信服务使用默认服务就可以,不需要更改配置文件:
[root@localhost ~]# vim /etc/dovecot.conf
[root@localhost ~]# service dovecot restart
停止 DovecotImap:[确定]
启动 DovecotImap:[确定]
[root@localhost ~]# netstat -anptu | grep dovecot
tcp00 :::993:::*LISTEN5872/dovecot
tcp00 :::995:::*LISTEN5872/dovecot
tcp00 :::110:::*LISTEN5872/dovecot
tcp00 :::143:::*LISTEN5872/dovecot
收信服务:POP3使用的TCP的110端口,IMAP4使用的TCP143端口,
[root@localhost ~]# telnet mail.tarena.com 110
Trying 192.168.10.199...
Connected to mail.tarena.com (192.168.10.199).
Escape character is '^]'.
+OK Dovecot ready.
user jim
+OK
pass 123
+OK Logged in.
list
+OK 1 messages:
1 468
.
retr 1
+OK 468 octets
Received: from localhost (unknown [192.168.10.199])
by mail.tarena.com(Postfix) with SMTP id 10F1B30D4D6
for<jim@tarena.com>; Mon, 10 Mar 2014 19:25:41 +0800 (CST)
subject:hi,This is mail test!
test mail ...!
Message-Id: <20140310112554.10F1B30D4D6@mail.tarena.com>
Date: Mon, 10 Mar 2014 19:25:41 +0800 (CST)
From: tom@tarena.com
验证:成功接受信件,证明收信服务也已搭建好,现在服务器就可以正常收发信件了!(但是为了避免成为垃圾信件中转站,可以配置用户限制:)
配置用户限***务:
root@localhost ~]# rpm -q cyrus-sasl
cyrus-sasl-2.1.22-7.el5_8.1
[root@localhost ~]# vim /etc/sasl2/smtpd.conf
:r /usr/lib64/sasl2/smtpd.conf
pwcheck_method: saslauthd
[root@localhost ~]# service saslauthd start
启动 saslauthd:[确定]
[root@localhost ~]# chkconfig --level 35saslauthd on
[root@localhost ~]# testsaslauthd -u tom -p123 -s smtp检查saslauthd服务
0: OK "Success."
[root@localhost ~]# vim/etc/postfix/main.cf
mynetworks = 127.0.0.1
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination
[root@localhost ~]# service saslauthd restart
停止 saslauthd:[确定]
启动 saslauthd:[确定]
[root@localhost ~]# service postfix restart
获得base64编码的认证字串:发件人的用户名和密码加密:
[root@localhost ~]# printf "tom"| openssl base64
dG9t
[root@localhost ~]# printf "123"| openssl base64
MTIz
验证:[root@localhost ~]# telnet mail.tarena.com 25
Trying 192.168.10.199...
Connected to mail.tarena.com(192.168.10.199).
Escape character is '^]'.
220 mail.tarena.com ESMTP Postfix
auth login
334 VXNlcm5hbWU6
dG9t
334 UGFzc3dvcmQ6
MTIz
235 2.0.0 Authentication successful
mail from:tom@tarena.com
250 2.1.0 Ok
rcpt to:jim@tarena.com
250 2.1.5 Ok
data
354 End data with<CR><LF>.<CR><LF>
haha
.
250 2.0.0 Ok: queued as A5F3830D4D6
quit
221 2.0.0 Bye
Connection closed by foreign host.
2限制客户端:创建access策略
[root@localhost ~]# vim /etc/postfix/access
192.168.10REJECT
192.168.10.199 OK
建立access策略库:
[root@localhost ~]# ls /etc/postfix/access*
/etc/postfix/access
[root@localhost ~]# postmap/etc/postfix/access
[root@localhost ~]# ls /etc/postfix/access*
/etc/postfix/access/etc/postfix/access.db
[root@localhost ~]# vim/etc/postfix/main.cf
smtpd_client_restrictions =
check_client_access
hash:/etc/postfix/access
[root@localhost ~]# service postfix restart
验证:用IP为*.*.*254客户端访问,遭到拒绝:
[root@server1 tmp]# telnet mail.tarena.com25
Trying 192.168.10.199...
Connected to mail.tarena.com(192.168.10.199).
Escape character is '^]'.
220 mail.tarena.com ESMTP Postfix
mail from:tom@tarena.com
250 2.1.0 Ok
rcpt to:jim@tarena.com
554 5.7.1 <unknown[192.168.10.254]>:Client host rejected: Access denied
用IP*.*.*.199设备可以访问:
[root@localhost ~]# telnet mail.tarena.com25
Trying 192.168.10.199...
Connected to mail.tarena.com(192.168.10.199).
Escape character is '^]'.
220 mail.tarena.com ESMTP Postfix
mail from:tom@tarena.com
250 2.1.0 Ok
rcpt to:jim@tarena.com
250 2.1.5 Ok
data
354 End data with<CR><LF>.<CR><LF>
keyi!
.
250 2.0.0 Ok: queued as 2303530D4D6
3限制发信人地址:创建send_access策略:
[root@localhost ~]# vim/etc/postfix/send_access
dom@tarena.com REJECT
生成send_access数据库:
[root@localhost ~]# ls/etc/postfix/send_access*
/etc/postfix/send_access
[root@localhost ~]# postmap/etc/postfix/send_access
[root@localhost ~]# ls/etc/postfix/send_access*
/etc/postfix/send_access
/etc/postfix/send_access.db
[root@localhost ~]# vim/etc/postfix/main.cf
smtpd_sender_restrictions =
permit_mynetworks,
reject_sender_login_mismatch,
reject_non_fqdn_sender,
reject_unknown_sender_domain,
check_sender_access
hash:/etc/postfix/sender_access
[root@localhost~]# service postfix resta转载于:https://blog.51cto.com/8451586/1374362