######邮件部分######

前提

1.保证环境的纯净

2.dns的配置

*此处关于dns不做解释，可参照之前dns博客理解

[root@westos-mail ~]# yum install bind -y

[root@westos-mail ~]# systemctl start named

[root@westos-mail ~]# vim /etc/named.conf

[root@westos-mail ~]# vim /etc/named.rfc1912.zones  

[root@westos-mail ~]# cd /var/named/

[root@westos-mail named]# ls

data     named.ca     named.localhost  slaves

dynamic  named.empty  named.loopback

[root@westos-mail named]# cp -p named.localhost westos.com.zone

[root@westos-mail named]# vim westos.com.zone

[root@westos-mail named]# cp -p westos.com.zone qq.com.zone

[root@westos-mail named]# vim qq.com.zone

[root@westos-mail named]# systemctl restart named

[root@westos-mail named]# systemctl stop firewalld

[root@westos-mail named]# systemctl disable firewalld  ##不关闭火墙，其他人不能dig到

rm ‘/etc/systemd/system/basic.target.wants/firewalld.service‘

rm ‘/etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service‘

[root@westos-mail named]# vim /etc/resolv.conf

[root@westos-mail named]# dig -t mx westos.com

[root@westos-mail named]# dig -t mx qq.com

######postfix#####

1.基本定义

postfix提供smtp协议用来投递邮件

默认端口25

[root@westos-mail named]# mail root@qq.com

Subject: w

wq

.    ##用“.”来结束录入内容并发送

EOT

   ##默认情况下邮件端口只在127.0.0.1上开启

[root@westos-mail named]# netstat -antlpe | grep master

tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN      0          21046      1378/master         

tcp6       0      0 ::1:25                  :::*                    LISTEN      0          21047      1378/master         

***邮件日志存储地址   /var/log/maillog

mail        ##邮件查看

mailq       ##查看邮件队列

postqueue -f    ##重新处理邮件队列 

2.配置

[root@westos-mail named]# vim /etc/postfix/main.cf

76 myhostname = westos-mail.westos.com    ##指定mta主机名称

83 mydomain = westos.com        ##指定mta的域名

99 myorigin = $mydomain         ##指定邮件来源结尾（@后面的字符内容）

116 inet_interfaces = all     ##25端口开启的网络端口

164 mydestination = $myhostname, $mydomain, localhost    ##接收邮件结尾字符的指定

[root@westos-mail named]# systemctl restart postfix.service

[root@westos-mail named]# systemctl stop firewalld

  ##更改后：

[root@westos-mail named]# netstat -antlpe | grep master

tcp        0      0 0.0.0.0:25              0.0.0.0:*               LISTEN      0          110726     928/master          

tcp6       0      0 :::25                   :::*                    LISTEN      0          110727     928/master          

3.邮件别名与群发

[root@westos-mail named]# vim /etc/aliases

 97 admin:          root        ##邮件别名（用admin发送但是接收端显示的是root）

 98 moreuser:       :include:/etc/postfix/moreuser   ##邮件群发

[root@westos-mail named]# vim /etc/postfix/moreuser

  1 student

  2 root

~                                                  

[root@westos-mail named]# postalias /etc/aliases   ##立即生效

测试：

1）别名测试

[root@qq-mail ~]# mail admin@westos.com     发送端）

Subject: wq

wq

wq

wq

.

EOT

[root@westos-mail named]# mail        接收端）

Heirloom Mail version 12.5 7/5/10.  Type ? for help.

"/var/spool/mail/root": 1 message 1 new

>N  1 root                  Sat May 20 04:13  24/859   

& 1

Message  1:From root@qq.com  Sat May 20 04:11:21 2017

Return-Path: <root@qq.com>

X-Original-To: admin@westos.com

Delivered-To: admin@westos.com

Date: Sat, 20 May 2017 04:11:21 -0400

To: admin@westos.com

Subject: wq

User-Agent: Heirloom mailx 12.5 7/5/10

Content-Type: text/plain; charset=us-ascii

From: root@qq.com (root)

Status: RO

wq

wq

wq

& q

2）群发测试

[root@qq-mail ~]# mail moreuser@westos.com     发送端）

Subject: wqq

hahaha

.

EOT

[root@qq-mail ~]# mailq

Mail queue is empty

[root@westos-mail named]# mail  接收端）

Heirloom Mail version 12.5 7/5/10.  Type ? for help.

"/var/spool/mail/root": 1 message 1 new

>N  1 root                  Sat May 20 04:13  24/859   

& 1

Message  1:

From root@qq.com  Sat May 20 04:13:15 2017

Return-Path: <root@qq.com>

X-Original-To: moreuser@westos.com

Delivered-To: root@westos.com

Delivered-To: moreuser@westos.com

Date: Sat, 20 May 2017 04:13:15 -0400

To: moreuser@westos.com

Subject: wqq

User-Agent: Heirloom mailx 12.5 7/5/10

Content-Type: text/plain; charset=us-ascii

From: root@qq.com (root)

Status: R

hahaha

& q

Held 1 message in /var/spool/mail/root

[root@westos-mail named]# mail -u student

Heirloom Mail version 12.5 7/5/10.  Type ? for help.

"/var/mail/student": 1 message 1 new

>N  1 root                  Sat May 20 04:13  24/862   

& 1

Message  1:

From root@qq.com  Sat May 20 04:13:15 2017

Return-Path: <root@qq.com>

X-Original-To: moreuser@westos.com

Delivered-To: student@westos.com

Delivered-To: moreuser@westos.com

Date: Sat, 20 May 2017 04:13:15 -0400

To: moreuser@westos.com

Subject: wqq

User-Agent: Heirloom mailx 12.5 7/5/10

Content-Type: text/plain; charset=us-ascii

From: root@qq.com (root)

Status: R

hahaha

& q

Held 1 message in /var/mail/student

4.远程主机测试邮件服务

[root@foundation13 kiosk]#  yum install telent -y   ##安装服务

[root@foundation13 kiosk]# telnet 172.25.254.113 25   ##连接113主机的25端口

Trying 172.25.254.113...

Connected to 172.25.254.113.

Escape character is ‘^]‘.

220 westos-mail.westos.com ESMTP Postfix

ehlo hello    ##打招呼，查看是否回应

250-westos-mail.westos.com

250-PIPELINING

250-SIZE 10240000

250-VRFY

250-ETRN

250-ENHANCEDSTATUSCODES

250-8BITMIME

250 DSN

mail from:root@westos.com   ##邮件来源

250 2.1.0 Ok

rcpt to:root@qq.com    ##邮件去向

250 2.1.5 Ok

data

354 End data with <CR><LF>.<CR><LF>

wq          ##邮件内容

haha

lalala

.

250 2.0.0 Ok: queued as E2A022461FD

测试端：

[root@qq-mail ~]# mail

Heirloom Mail version 12.5 7/5/10.  Type ? for help.

"/var/spool/mail/root": 4 messages 1 new 3 unread

    1 root                  Sat May 20 03:46  22/730   

 U  2 Mail Delivery System  Sat May 20 04:12  76/2389  

 U  3 Mail Delivery System  Sat May 20 04:12  76/2389  

>N  4 root@westos.com       Sat May 20 04:38  15/493   

& 4

Message  4:

From root@westos.com  Sat May 20 04:38:35 2017

Return-Path: <root@westos.com>

X-Original-To: root@qq.com

Delivered-To: root@qq.com

Status: R

wq

haha

lalala

& q

Held 4 messages in /var/spool/mail/root

You have mail in /var/spool/mail/root

[root@qq-mail ~]#

5.邮件客户端的访问控制

##限制客户端

在mta上

[root@westos-mail ~]# postconf -e "smtpd_client_restrictions = check_client_access hash:/etc/postfix/access"  ##用参数检测此文件使其识别文件内容

[root@westos-mail ~]# vim /etc/postfix/main.cf  ##自动生成在文件末尾

680 smtpd_client_restrictions = check_client_access hash:/etc/postfix/access

[root@westos-mail ~]# vim /etc/postfix/access

477 172.25.254.13 REJECT

[root@westos-mail ~]# postmap /etc/postfix/access    ##加密

[root@westos-mail ~]# cd /etc/postfix/

[root@westos-mail postfix]# ls    ##access.db即位加密文件

access     generic        master.cf  transport

access.db  header_checks  moreuser   virtual

canonical  main.cf        relocated

[root@westos-mail postfix]# systemctl restart postfix.service

测试：

实验前：

[root@foundation13 kiosk]# telnet 172.25.254.113 25

Trying 172.25.254.113...

Connected to 172.25.254.113.

Escape character is ‘^]‘.

220 westos-mail.westos.com ESMTP Postfix

mail from:root@westos.com

250 2.1.0 Ok

rcpt to:root@qq.com

250 2.1.5 Ok

data

354 End data with <CR><LF>.<CR><LF>

wq

haha

lalala

.

250 2.0.0 Ok: queued as E2A022461FD

Connection closed by foreign host.    ##连接成功

实验后：

[root@foundation13 kiosk]# telnet 172.25.254.113 25

Trying 172.25.254.113...

Connected to 172.25.254.113.

Escape character is ‘^]‘.

220 westos-mail.westos.com ESMTP Postfix

mail from:root@westos.com

250 2.1.0 Ok

rcpt to:root@qq.com

554 5.7.1 <unknown[172.25.254.13]>: Client host rejected: Access denied    ##连接被拒

本文出自 “AELY木” 博客，请务必保留此出处http://12768057.blog.51cto.com/12758057/1928817

postfix 邮件1