首先,配置好一台综合服务器,为邮件服务器提供FTPDNSDHCP等服务(包括YUM源);

[root@localhost ~]# ifconfig eth0

eth0Link encap:EthernetHWaddr00:0C:29:AC:5E:76

inet addr:192.168.10.199Bcast:192.168.10.255

[root@localhost ~]# cd /etc/yum.repos.d/

[root@localhost yum.repos.d]# wgetftp://192.168.10.254/pub/repo/redhat.repo

--2014-03-10 19:05:30--ftp://192.168.10.254/pub/repo/redhat.repo

[root@localhost yum.repos.d]# ls

redhat.reporhel-debuginfo.repo

检查并安装邮件服务软件包:

[root@localhost ~]# rpm -q postfix

package postfix is not installed

[root@localhost ~]# yum -y install postfix

Dependency Installed:

mysql.x86_64 0:5.0.95-3.el5perl-DBI.x86_64 0:1.52-2.el5

Complete!

由于sendmail服务与postfix都使用的是TCP25端口,我搭建服务使用的软件为postfix,因此要把sendmail服务停掉,

[root@localhost ~]# netstat -anptu | grep:25

tcp00 127.0.0.1:250.0.0.0:*LISTEN3944/sendmail

[root@localhost ~]# service sendmail stop

关闭 sm-client[确定]

关闭 sendmail[确定]

[root@localhost ~]# chkconfig sendmail off

[root@localhost ~]# chkconfig --add postfix

[root@localhost ~]# chkconfig --level 35postfix on

[root@localhost ~]# chkconfig --listpostfix

postfix0:关闭1:关闭2:启用3:启用4:启用5:启用6:关闭

验证:邮件服务是否可以解析:

[root@localhost postfix]# host -t MXtarena.com

tarena.com mail is handled by 10mail.tarena.com.

[root@localhost postfix]# host mail.tarena.com

mail.tarena.com has address 192.168.10.199

由于主配置文件中很多注释文件,不利于操作,利用postconf提取有效配置,排除干扰,只保留非默认配置:

[root@localhost postfix]# postconf -n | wc-l

19

[root@localhost postfix]# postconf -n >main.cf.bak

[root@localhost postfix]# mv main.cfmain.cf.old

[root@localhost postfix]# mv main.cf.bakmain.cf

[root@localhost postfix]# cat main.cf | wc-l

19

编辑主配置文件:

[root@localhost postfix]# vim/etc/postfix/main.cf

#inet_interfaces = localhost

mydestination = $myhostname,$mydomain

myhostname = mail.tarena.com

mydomain = tarena.com

myorigin = $mydomain

home_mailbox = Maildir/

[root@localhost postfix]# service postfixrestart

关闭 postfix[确定]

启动 postfix[确定]

[root@localhost postfix]# netstat -anptu |grep master

tcp00 0.0.0.0:250.0.0.0:*LISTEN5515/master

邮件服务需要使用系统用户,且系统用户又不需要登陆系统:

[root@localhost ~]# useradd -s/sbin/nologin tom

[root@localhost ~]# useradd -s /sbin/nologinjim

[root@localhost ~]# useradd -s/sbin/nologin dom

[root@localhost ~]# echo "123" |passwd --stdin tom

Changing password for user tom.

passwd: all authentication tokens updatedsuccessfully.

[root@localhost ~]# echo "123" |passwd --stdin jim

[root@localhost ~]# echo "123" |passwd --stdin dom

验证:在命令行验证邮件服务是否可以使用

[root@localhost postfix]# telnetmail.tarena.com 25

Trying 192.168.10.199...

Connected to mail.tarena.com(192.168.10.199).

Escape character is '^]'.

220 mail.tarena.com ESMTP Postfix

helo localhost

250 mail.tarena.com

mail from:tom@tarena.com

250 2.1.0 Ok

rcpt to:jim@tarena.com

250 2.1.5 Ok

data

354 End data with<CR><LF>.<CR><LF>

subject:hi,This is mail test!

test mail ...!

.

250 2.0.0 Ok: queued as 10F1B30D4D6

quit

221 2.0.0 Bye

Connection closed by foreign host.

在用户jim家目录下检查是否有邮件,有证明成功!

[root@localhost postfix]# ls/home/jim/Maildir/new/

1394450809.V802I3ec11cM361808.localhost.localdomain

[root@localhost postfix]# cat/home/jim/Maildir/new/139*

Received: from localhost (unknown [192.168.10.199])

by mail.tarena.com (Postfix) with SMTP id 10F1B30D4D6

for <jim@tarena.com>; Mon, 10 Mar 2014 19:25:41 +0800 (CST)

subject:hi,This is mail test!

test mail ...!

Message-Id:<20140310112554.10F1B30D4D6@mail.tarena.com>

Date: Mon, 10 Mar 2014 19:25:41 +0800 (CST)

From: tom@tarena.com

服务器发信服务已经配置好,下步安装配置收信服务:

[root@localhost ~]# rpm -q dovecot

package dovecot is not installed

[root@localhost ~]# yum -y install dovecot

Installed:

dovecot.x86_64 0:1.0.7-7.el5_7.1

Dependency Installed:

postgresql-libs.x86_64 0:8.1.23-6.el5_8

Complete!

[root@localhost ~]# chkconfig --level 35dovecot on

[root@localhost ~]# chkconfig --listdovecot

dovecot0:关闭1:关闭2:关闭3:启用4:关闭5:启用6:关闭

收信服务使用默认服务就可以,不需要更改配置文件:

[root@localhost ~]# vim /etc/dovecot.conf

[root@localhost ~]# service dovecot restart

停止 DovecotImap[确定]

启动 DovecotImap[确定]

[root@localhost ~]# netstat -anptu | grep dovecot

tcp00 :::993:::*LISTEN5872/dovecot

tcp00 :::995:::*LISTEN5872/dovecot

tcp00 :::110:::*LISTEN5872/dovecot

tcp00 :::143:::*LISTEN5872/dovecot

收信服务:POP3使用的TCP110端口,IMAP4使用的TCP143端口,

[root@localhost ~]# telnet mail.tarena.com 110

Trying 192.168.10.199...

Connected to mail.tarena.com (192.168.10.199).

Escape character is '^]'.

+OK Dovecot ready.

user jim

+OK

pass 123

+OK Logged in.

list

+OK 1 messages:

1 468

.

retr 1

+OK 468 octets

Received: from localhost (unknown [192.168.10.199])

by mail.tarena.com(Postfix) with SMTP id 10F1B30D4D6

for<jim@tarena.com>; Mon, 10 Mar 2014 19:25:41 +0800 (CST)

subject:hi,This is mail test!

test mail ...!

Message-Id: <20140310112554.10F1B30D4D6@mail.tarena.com>

Date: Mon, 10 Mar 2014 19:25:41 +0800 (CST)

From: tom@tarena.com

验证:成功接受信件,证明收信服务也已搭建好,现在服务器就可以正常收发信件了!(但是为了避免成为垃圾信件中转站,可以配置用户限制:)

配置用户限***务:

root@localhost ~]# rpm -q cyrus-sasl

cyrus-sasl-2.1.22-7.el5_8.1

[root@localhost ~]# vim /etc/sasl2/smtpd.conf

:r /usr/lib64/sasl2/smtpd.conf

pwcheck_method: saslauthd

[root@localhost ~]# service saslauthd start

启动 saslauthd[确定]

[root@localhost ~]# chkconfig --level 35saslauthd on

[root@localhost ~]# testsaslauthd -u tom -p123 -s smtp检查saslauthd服务

0: OK "Success."

[root@localhost ~]# vim/etc/postfix/main.cf

mynetworks = 127.0.0.1

smtpd_sasl_auth_enable = yes

smtpd_sasl_security_options = noanonymous

smtpd_recipient_restrictions =

permit_mynetworks,

permit_sasl_authenticated,

reject_unauth_destination

[root@localhost ~]# service saslauthd restart

停止 saslauthd[确定]

启动 saslauthd[确定]

[root@localhost ~]# service postfix restart

获得base64编码的认证字串:发件人的用户名和密码加密:

[root@localhost ~]# printf "tom"| openssl base64

dG9t

[root@localhost ~]# printf "123"| openssl base64

MTIz

验证:[root@localhost ~]# telnet mail.tarena.com 25

Trying 192.168.10.199...

Connected to mail.tarena.com(192.168.10.199).

Escape character is '^]'.

220 mail.tarena.com ESMTP Postfix

auth login

334 VXNlcm5hbWU6

dG9t

334 UGFzc3dvcmQ6

MTIz

235 2.0.0 Authentication successful

mail from:tom@tarena.com

250 2.1.0 Ok

rcpt to:jim@tarena.com

250 2.1.5 Ok

data

354 End data with<CR><LF>.<CR><LF>

haha

.

250 2.0.0 Ok: queued as A5F3830D4D6

quit

221 2.0.0 Bye

Connection closed by foreign host.

2限制客户端:创建access策略

[root@localhost ~]# vim /etc/postfix/access

192.168.10REJECT

192.168.10.199 OK

建立access策略库:

[root@localhost ~]# ls /etc/postfix/access*

/etc/postfix/access

[root@localhost ~]# postmap/etc/postfix/access

[root@localhost ~]# ls /etc/postfix/access*

/etc/postfix/access/etc/postfix/access.db

[root@localhost ~]# vim/etc/postfix/main.cf

smtpd_client_restrictions =

check_client_access

hash:/etc/postfix/access

[root@localhost ~]# service postfix restart

验证:用IP*.*.*254客户端访问,遭到拒绝:

[root@server1 tmp]# telnet mail.tarena.com25

Trying 192.168.10.199...

Connected to mail.tarena.com(192.168.10.199).

Escape character is '^]'.

220 mail.tarena.com ESMTP Postfix

mail from:tom@tarena.com

250 2.1.0 Ok

rcpt to:jim@tarena.com

554 5.7.1 <unknown[192.168.10.254]>:Client host rejected: Access denied

IP*.*.*.199设备可以访问:

[root@localhost ~]# telnet mail.tarena.com25

Trying 192.168.10.199...

Connected to mail.tarena.com(192.168.10.199).

Escape character is '^]'.

220 mail.tarena.com ESMTP Postfix

mail from:tom@tarena.com

250 2.1.0 Ok

rcpt to:jim@tarena.com

250 2.1.5 Ok

data

354 End data with<CR><LF>.<CR><LF>

keyi!

.

250 2.0.0 Ok: queued as 2303530D4D6

3限制发信人地址:创建send_access策略:

[root@localhost ~]# vim/etc/postfix/send_access

dom@tarena.com REJECT

生成send_access数据库:

[root@localhost ~]# ls/etc/postfix/send_access*

/etc/postfix/send_access

[root@localhost ~]# postmap/etc/postfix/send_access

[root@localhost ~]# ls/etc/postfix/send_access*

/etc/postfix/send_access

/etc/postfix/send_access.db

[root@localhost ~]# vim/etc/postfix/main.cf

smtpd_sender_restrictions =

permit_mynetworks,

reject_sender_login_mismatch,

reject_non_fqdn_sender,

reject_unknown_sender_domain,

check_sender_access

hash:/etc/postfix/sender_access

[root@localhost~]# service postfix resta