首页 > 代码库 > 3-unit4 配置电子邮件传输

3-unit4 配置电子邮件传输

########配置电子邮件传输###############

##本单元涵盖的主题:

* 基本电子邮件配置

* 空壳电子邮件服务器配置


#######DNS服务###
服务端westos-mail.westos.com
1.安装
yum install bind -y
systemctl start named

2.配置文件
vim /etc/named.conf
 11 //      listen-on port 53 { 127.0.0.1; };
 12 //      listen-on-v6 port 53 { ::1; };
 13         directory       "/var/named";
 14        dump-file      "/var/named/data/cache_dump.db";
 15         statistics-file"/var/named/data/named_stats.txt";
 16         memstatistics-file"/var/named/data/named_mem_stats.txt";
 17 //      allow-query     { localhost; };
 18
 32         dnssec-validation no;

 vim /etc/named.rfc1912.zones
 24 zone "westos.com" IN{
 25         type master;
 26         file"westos.com.zone";
 27         allow-update { none; };
 28 };
 29 zone "qq.com" IN {
 30         type master;
 31         file "qq.com.zone";
 32         allow-update { none; };
 33 };


技术分享

cp -p /var/named/named.localhost /var/named/westos.com.zone
vim westos.com.zone
$TTL 1D
@   IN SOA  dns.westos.com.root.westos.com. (
                    0   ; serial
                    1D  ; refresh
                    1H  ; retry
                    1W  ; expire
                    3H )    ; minimum
        NS  dns.westos.com.
dns     A   172.25.254.136
westos.com. MX 1    172.25.254.136.

技术分享
vim qq.com.zone
$TTL 1D
@   IN SOA  dns.qq.com.root.qq.com. (
                    0   ; serial
                    1D  ; refresh
                    1H  ; retry
                    1W  ; expire
                    3H )    ; minimum
        NS  dns.qq.com.
dns     A   172.25.254.136
qq.com.     MX 1    172.25.254.236.

技术分享
systemctl restart named
dig -t mx westos.com
dig -t mx qq.com


技术分享
技术分享

技术分享

客户端
systemctl stop firewalld
vim /etc/resolv.conf
nameserver 172.25.254.136
dig -t mx qq.com
dig -t mx westos.com

技术分享


########邮件发送与接收######
1.
postfix提供smtp协议用来投递邮件
默认端口25
/var/log/maillog                ##服务日志
mail root@westos.com    ##发送邮件给westos.com
Subject:hello                   ##主题
hello world                      ##邮件内容
.                                      ##用"."来结束录入内容并发送
mailq                               ##查看邮件队列
postqueue -f                   ##重新处理邮件队列
mail                                ##接收方查看邮件

postsuper -d 24B0217E854 ##删除邮件序号

默认情况下邮件端口只在127.0.0.1上开启


技术分享

2.配置(发送方和接收方都配置)
vim /etc/postfix/main.cf
76 myhostname = westos-mail.westos.com  ##指定mta主机名称
83 mydomain = westos.com    ##指定mta的域名
99 myorigin = westos.com    ##指定邮件来源结尾(@后面的字符内容)
116 inet_interfaces = all   ##25端口开启的网络接口
164 mydestination = $myhostname, $mydomain, localhost   ##接收邮件结尾字符的指定

systemctl restart postfix
systemctl stop firewalld
技术分享

技术分享

技术分享

技术分享

技术分享


技术分享

测试:

[root@westos-mail ~]# mail root@qq.com

Subject: cuijiangbo

西安邮电大学

.

EOT

[root@westos-mail ~]# mailq

Mail queue is empty

 技术分享


接受端:

[root@qq-mail ~]# mail

Heirloom Mail version 12.5 7/5/10.  Type ? for help.

"/var/spool/mail/root": 1 message 1 new

>N  1 root                  Mon May 22 23:59  21/741   "cuijiangbo"

& q

Held 1 message in /var/spool/mail/root

You have mail in /var/spool/mail/root

技术分享


3.邮件别名
 vim /etc/aliases
别名:  真名    ##邮件别名
别名:  :include:/etc/postfix/filename      ##邮件群发

haha:root

hello::include:/etc/postfix/qunfaname


vim /etc/postfix/filename
user1
user2

 postalias /etc/aliases


技术分享

技术分享

测试:
mail 别名
[root@qq-mail ~]# mail admin@westos.com

[root@westos-mail ~]# mail hello@qq.com

技术分享

技术分享

4.远程主机发送邮件

安装:

yum install telnet -y


[root@foundation36 ~]# telnet 172.25.254.136 25     ##用25端口远程访问172.25.254.36
Trying 172.25.254.136...
Connected to 172.25.254.136.
Escape character is ‘^]‘.
220 westos-mail.westos.com ESMTP Postfix
ehlo haha   ##连接172.25.254.136打招呼
250-westos-mail.westos.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
mail from:root@westos.com   ##从westos.com发送
250 2.1.0 Ok
rcpt to:root@qq.com ##发送到qq.com
250 2.1.5 Ok
hello
502 5.5.2 Error: command not recognized
data    ##写邮件数据
354 End data with <CR><LF>.<CR><LF>
西安邮电大学
电子工程学院
 .
250 2.0.0 Ok: queued as ED7DD17E874

quit


技术分享

技术分享


5.邮件客户端的访问控制
在mta上
postconf -e "smtpd_client_restrictions = check_client_accesshash:/etc/postfix/access"

vim /etc/postfix/access
172.25.254.36   REJECT  ##拒绝172.25.254.36访问

postmap /etc/postfix/access     ##加密并生成.db文件
systemctl restart postfix.service 


测试:
[root@foundation36 ~]# telnet 172.25.254.136 25
Trying 172.25.254.136...
Connected to 172.25.254.136.
Escape character is ‘^]‘.
220 westos-mail.westos.com ESMTP Postfix
mail from:root@westos.com
250 2.1.0 Ok
rcpt to:root@qq.com
554 5.7.1 <unknown[172.25.254.36]>: Client host rejected: Accessdenied
 

##限制用户发送
postconf -e "smtpd_sender_restrictions = check_sender_accesshash:/etc/postfix/sender"

vim /etc/postfix/sender     ##限制用户发送文件student
student@westos.com  REJECT

postmap /etc/postfix/sender ##文件加密并生成.db文件
systemctl restart postfix   ##重启
技术分享

测试:
[root@foundation36 ~]# telnet 172.25.254.136 25
Trying 172.25.254.136...
Connected to 172.25.254.136.
Escape character is ‘^]‘.
220 westos-mail.westos.com ESMTP Postfix
mail from:student@westos.com
250 2.1.0 Ok
rcpt to:root:westos.com
554 5.7.1 <student@westos.com>: Sender address rejected: Accessdenied   ##student用户拒绝发送

技术分享


##限制用户接收
 postconf -e"smtpd_recipient_restrictions = check_recipient_accesshash:/etc/postfix/recip"

vim /etc/postfix/recip   ##限制用户接收文件
westos@westos.com   REJECT  ##限制westos用户

postmap /etc/postfix/recip  ##文件加密并生成.db文件
systemctl restart postfix
技术分享

测试:
[root@foundation36 ~]# telnet 172.25.254.136 25
Trying 172.25.254.136...
Connected to 172.25.254.136.
Escape character is ‘^]‘.
220 westos-mail.westos.com ESMTP Postfix
mail from:westos@westos.com
250 2.1.0 Ok
rcpt to:root@westos.com
250 2.1.5 Ok
data
354 End data with <CR><LF>.<CR><LF>
cui
xianyoudian^[[D^[[D^[[D^[[D
.
250 2.0.0 Ok: queued as 7197D17E87C

[root@foundation36 ~]# telnet 172.25.254.136 25
Trying 172.25.254.136...
Connected to 172.25.254.136.
Escape character is ‘^]‘.
220 westos-mail.westos.com ESMTP Postfix
mail from:root@westos.com
250 2.1.0 Ok
rcpt to:westos@westos.com
554 5.7.1 <westos@westos.com>: Recipient address rejected: Access denied##westos拒绝接收

技术分享



6.##出站地址伪装
postconf -e "smtp_generic_maps = hash:/etc/postfix/generic"

vim /etc/postfix/generic
westos@westos.com   hello@haha.com

postmap /etc/postfix/generic
systemctl restart postfix


技术分享

测试:
发送方:
su - westos
mail root@qq.com
[westos@westos-mail ~]$ mail root@qq.com
接收方:
[root@qq-mail ~]# mail
Heirloom Mail version 12.5 7/5/10.  Type? for help.
"/var/spool/mail/root": 1 message 1 new
>N  1 hello@haha.com        Sat May 20 22:30  21/720  "uiii"
& 1
技术分享

7.##入站地址转换

vim /etc/named.rfc1912.zones
zone "haha.com" IN {
        type master;
        file"haha.com.zone";
        allow-update { none; };
};
vim /var/named/haha.com.zone
$TTL 1D
@   IN SOA  dns.haha.com.root.haha.com. (
                    0   ; serial
                    1D  ; refresh
                    1H  ; retry
                    1W  ; expire
                    3H )    ; minimum
        NS  dns.haha.com.
dns     A   172.25.254.136
haha.com.   MX 1    172.25.254.136.
systemctl restart named
dig -t mx haha.com
dns mx 记录解析先做好

技术分享

postconf -e "virtual_alias_maps = hash:/etc/postfix/virtual"

vim /etc/postfix/virtual
虚拟名字    真实用户
hello@haha.com  westos@westos.com

 postmap /etc/postfix/virtual

systemctl restart postfix

测试:
发送方:
[root@qq-mail ~]# mail hello@haha.com
Subject: xiyou
fhsjfd
sfhkjdjkjfdj
.
EOT
 技术分享


接收方:

[westos@westos-mail ~]$ mail
Heirloom Mail version 12.5 7/5/10.  Type? for help.
"/var/spool/mail/westos": 1 message 1 new
>N  1 root                  Sat May 20 22:45  22/728  "xiyou"
&
Message  1:
From root@qq.com  Sat May 20 22:45:242017
Return-Path: <root@qq.com>
X-Original-To: hello@haha.com
Delivered-To: westos@westos.com
Date: Sat, 20 May 2017 22:45:23 -0400
To: hello@haha.com
Subject: xiyou
User-Agent: Heirloom mailx 12.5 7/5/10
Content-Type: text/plain; charset=us-ascii
From: root@qq.com (root)
Status: R

fhsjfd
sfhkjdjkjfdj


技术分享

####dovecot##########
/etc/services   ##端口列表
/etc/shells ##定义shell类型
1.dovecot 用来提供收件协议

pop3            110

imap            143

imaps           993

pop3s           995

 

给定用户名称,用户密码,dovecot程序代我们去看这个用户的邮件文件


2.安装
yum install dovecot -y
systemctl start dovecot
技术分享

3.
vim /etc/dovecot/dovecot.conf
24 protocols = imap pop3 lmtp
48 login_trusted_networks = 0.0.0.0/0
49 disable_plaintext_auth = no

vim /etc/dovecot/conf.d/10-mail.conf
30 mail_location = mbox:~/mail:INBOX=/var/mail/%u

systemctl restart dovecot

技术分享

技术分享

技术分享


[westos@westos-mail ~]$ mkdir /home/westos/mail/.imap -p
[westos@westos-mail ~]$ touch /home/westos/mail/.imap/INBOX
测试:
mutt -f pop://westos@172.25.254.136

mkdir /etc/skel/mail/.imap -p
touch /etc/skel/mail/.imap/INBOX

技术分享
技术分享


##########postfix+mariadb########
1.
vim /etc/postfix/mailuser.cf    ##用户名称查询
host = localhost        ##数据库所在主机
user = postuser         ##登陆数据库的用户
password = postuser     ##登陆数据库的用户密码
dbname = email          ##postfix要查询的库的名称
table = emailtable      ##postfix要查询的表的名称
select_field = username     ##postfix要查询的字段
where_field = username      ##用户给定postfix的查询条件

vim /etc/postfix/maildomain.cf  ##用户域名查询
host = localhost
user = postuser
password = postuser
dbname = email
table = emailtable
select_field = domain
where_field = domain

vim /etc/postfix/mailbox.cf     ##用户邮箱位置查询
host = localhost
user = postuser
password = postuser
dbname = email
table = emailtable
select_field = maildir
where_field = username

测试:
 postmap -q "cui@cui.com"mysql:/etc/postfix/mailuser.cf
cui@cui.com
 postmap -q "cui.com"mysql:/etc/postfix/maildomain.cf
cui.com
 postmap -q "cui@cui.com"mysql:/etc/postfix/mailbox.cf
/mnt/cui.com/cui/

3-unit4 配置电子邮件传输