####smtp协议(二)####
1. 权限设置
(1)限制主机去发送接受文件
[root@mailwestos postfix]# vim access
172.25.254.9 REJECT
[root@mailwestos postfix]# postmap access
[root@mailwestos postfix]# postconf -e "smtpd_client_restrictions =check_client_access hash:/etc/postfix/access"
[root@mailwestos postfix]# systemctl restart postfix.service
测试:
[kiosk@foundation9 Desktop]$ telnet 172.25.254.109 25
Trying 172.25.254.109...
Connected to 172.25.254.109.
Escape character is ‘^]‘.
220 mailwestos.westos.com ESMTP Postfix
mail from:root@westos.com
250 2.1.0 Ok
rcpt to:westos@westos.com
554 5.7.1 <unknown[172.25.254.9]>: Client host rejected: Access denied
421 4.4.2 mailwestos.westos.com Error: timeout exceeded
Connection closed by foreign host.
(2)限制用户发送
[root@mailwestos postfix]# useradd westos
[root@mailwestos postfix]# passwd westos
[root@mailwestos postfix]# vim sender
westos@westos.com REJECT
[root@mailwestos postfix]# postmap sender
[root@mailwestos postfix]# postconf -d | grep sender
[root@mailwestos postfix]# postconf -e "smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender"
[root@mailwestos postfix]# systemctl restart postfix.service
在真机上测试:
[kiosk@foundation9 Desktop]$ telnet 172.25.254.109 25
Trying 172.25.254.109...
Connected to 172.25.254.109.
Escape character is ‘^]‘.
220 mailwestos.westos.com ESMTP Postfix
mail from:westos@westos.com
250 2.1.0 Ok
rcpt to:root@westos.com
554 5.7.1 <westos@westos.com>: Sender address rejected: Access denied
(3)限制用户接受
[root@mailwestos postfix]# vim recip
[root@mailwestos postfix]# postmap recip
[root@mailwestos postfix]# postconf -e "smtpd_recipient_restrictions = ckeck_recipient_access hash:/etc/postfix/recip"
[root@mailwestos postfix]# systemctl restart postfix.service
2.登陆验证用接受邮件
[root@mailwestos ~]# yum install dovecot -y
[root@mailwestos ~]# systemctl start dovecot
[root@mailwestos ~]# netstat -antlpe | grep dovecot
[root@mailwestos ~]# vim /etc/dovecot/dovecot.conf
24 protocols = imap pop3 lmtp
49 disable_plaintext_auth = no
[root@mailwestos ~]# cd /etc/dovecot/conf.d/
[root@mailwestos conf.d]# vim 10-mail.conf
mail_location = mbox:~/mail:INBOX=/var/mail/%u
[root@mailwestos skel]# su - westos
[westos@mailwestos ~]$ ls
mail
[westos@mailwestos ~]$ cd mail/
[westos@mailwestos mail]$ ls -a
. ..
[westos@mailwestos mail]$ touch /home/westos/mail/.imap/INBOX
[root@mailwestos conf.d]# systemctl restart dovecot.service
测试
[root@foundation9 ~]# mutt -f pop://westos@172.25.254.109 (在做测试的用户必须是你主机存在的用户)
3.postfix 与mysql架构搭建 (邮箱有数据库连接)
[root@mailwestos ~]# yum install dovecot-mysql.x86_64 -y
[root@mailwestos ~]# cd /usr/share/doc/dovecot-2.2.10/
[root@mailwestos dovecot-2.2.10]# cd example-config/
[root@mailwestos example-config]# cp dovecot-sql.conf.ext /etc/dovecot
[root@mailwestos postfix]# groupadd -g 666 vmail
[root@mailwestos postfix]# useradd -u 666 -g 666 vmail -s /sbin/nologin ##创建非交互式的用户
在数据库的操作,如果没有安装服务要先安装服务。可以通过网页管理数据库来建库,建表和
插入数据。我接下来的操作是通过命令来进行。
[root@mailwestos postfix]# mysql -uroot -p
MariaDB [(none)]> USE mysql;
MariaDB [mysql]> CREATE USER postfix identified by ‘postfix‘; ##创建用户
MariaDB [mysql]> GRANT INSERT on *.* to postfix; ##给用户插入的权力
MariaDB [mysql]> GRANT SELECT on *.* to postfix; ##给用户查找的权力
MariaDB [mysql]> GRANT UPDATE on *.* to postfix; ##给用户更新的权力
MariaDB [mysql]> QUIT;
[root@mailwestos dovecot]# mysql -upostfix -p
MariaDB [(none)]> CREATE DATABASE email; ##建库
Query OK, 1 row affected (0.00 sec)
MariaDB [(none)]> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| email |
| mysql |
| performance_schema |
+--------------------+
4 rows in set (0.00 sec)
MariaDB [(none)]> USE email
Database changed
MariaDB [email]> CREATE TABLE muser; ##建表
ERROR 1113 (42000): A table must have at least 1 column
MariaDB [email]> CREATE TABLE muser (username varchar(50) not null, password varchar(20) not null, domain varchar(50) not null, maildir varchar(50) not null);
Query OK, 0 rows affected (0.15 sec)
MariaDB [email]> INSERT INTO muser VALUES (‘admin@westos.org‘,‘123‘,‘westos.org‘,‘/home/vmail/westos.org/admin‘); ##插入数据
Query OK, 1 row affected (0.10 sec)
MariaDB [email]> SELECT * FROM email.muser;
+------------------+----------+------------+-----------------------------------------+
| username | password | domain | maildir |
+------------------+----------+------------+-----------------------------------------+
| admin@westos.org | 123 | westos.org | /home/vmail/westos.org/admin |
+------------------+----------+------------+-----------------------------------------+
1 row in set (0.00 sec)
[root@mailwestos example-config]# vim /etc/dovecot/dovecot-sql.conf.ext
32 driver = mysql
71 connect = host=localhost dbname=email user=postfix password=postfix
78 default_pass_scheme = PLAIN ##明文认证
107 password_query = \
108 SELECT username, domain, password \
109 FROM muser WHERE username = ‘%u‘ AND domain = ‘%d‘
125 user_query = SELECT maildir, 666 AS uid, 666 AS gid FROM muser WHERE userna me = ‘%u‘
在 /etc/postfix/下的操作
[root@mailwestos postfix]# vim mysql_users.cf
hosts = localhost
user = postfix
password = postfix
dbname = email
table = muser
select_field = username
where_field = username ##根据用户名筛选出用户
[root@mailwestos postfix]# cp -p mysql_users.cf mysql_domain.cf
[root@mailwestos postfix]# vim mysql_domain.cf
hosts = localhost
user = postfix
password = postfix
dbname = email
table = muser
select_field = domain
where_field = domain ##根据域名筛选出域
[root@mailwestos postfix]# cp -p mysql_users.cf mysql_maildir.cf
[root@mailwestos postfix]# vim mysql_maildir.cf
hosts = localhost
user = postfix
password = postfix
dbname = email
table = muser
select_field = maildir
where_field = username ##根据用户名筛选出邮箱
[root@mailwestos postfix]# postmap -q "westos.org" mysql:/etc/postfix/mysql_domain.cf ##输入域名输出域名
westos.org
[root@mailwestos postfix]# postmap -q "admin@westos.org" mysql:/etc/postfix/mysql_users.cf ##输入用户名输出用户名
admin@westos.org
[root@mailwestos postfix]# postmap -q "admin@westos.org" mysql:/etc/postfix/mysql_maildir.cf ##输入用户名输出邮箱
/home/vmail/westos.org/admin/
[root@mailwestos postfix]# postconf -e "virtual_gid_maps = static:666"
[root@mailwestos postfix]# postconf -e "virtual_uid_maps = static:666"
[root@mailwestos postfix]# postconf -e "virtual_mailbox_base = /home/vmail"
[root@mailwestos postfix]# postconf -e "virtual_alias_maps = mysql:/etc/postfix/mysql_users.cf"
[root@mailwestos postfix]# ll /etc/postfix/mysql_users.cf
-rw-r--r--. 1 root root 129 Dec 3 02:41 /etc/postfix/mysql_users.cf
[root@mailwestos postfix]# postconf -e "virtual_mailbox_domains = mysql:/etc/postfix/mysql_domain.cf"
[root@mailwestos postfix]# ll /etc/postfix/mysql_domain.cf
-rw-r--r--. 1 root root 125 Dec 3 02:42 /etc/postfix/mysql_domain.cf
[root@mailwestos postfix]# postconf -e "virtual_mailbox_maps = mysql:/etc/postfix/mysql_maildir.cf"
[root@mailwestos postfix]# ll /etc/postfix/mysql_maildir.cf
-rw-r--r--. 1 root root 128 Dec 3 02:43 /etc/postfix/mysql_maildir.cf
[root@mailwestos postfix]# systemctl restart postfix.service
[root@mailwestos example-config]# cd /etc/dovecot/
[root@mailwestos dovecot]# vim dovecot.conf
24 protocols = imap pop3 lmtp
48 login_trusted_networks = 0.0.0.0/0
49 disable_plaintext_auth = no
[root@mailwestos dovecot]# cd conf.d/
[root@mailwestos conf.d]# vim 10-mail.conf
29 mail_location = maildir:/home/vmail/%d/%n
167 first_valid_uid = 666
174 first_valid_gid = 666
选择一台机子去安装thunderbird,安装成功后:
[root@maillinux thunderbird]# thunderbird
(process:4907): GLib-CRITICAL **: g_slice_set_config: assertion `sys_page_size == 0‘ failed
将进入图形界面 进入后输入用户的密码将进入用户的邮箱界面,可以进行邮件接受和发送。
[kiosk@foundation9 Desktop]$ telnet 172.25.254.109 110
Trying 172.25.254.109...
Connected to 172.25.254.109.
Escape character is ‘^]‘.
+OK [XCLIENT] Dovecot ready.
user admin@westos.org
+OK
pass 123
+OK Logged in.
空壳邮件
首先要配置好dns服务,具体操作可参考DNS设定的内容。
[root@maillinux named]# vim /etc/named.rfc1912.zones
zone "westos.org" IN {
type master;
file "westos.org.zone";
allow-update { none; };
};
在westos.org.zone文件里westos.org域真实指向的是172.25.254.109
vim /etc/postfix/main.cf
75 myhostname = mailwestos.westos.com ##真实主机名
83 mydomain = westos.com ##真实主机域名
98 myorigin = westos.org ##做那个域的空壳
113 inet_interfaces = all ##打开所有端口
116 #inet_interfaces = localhost ##注释只对本地用户开放的端口
140 local_transport = error:local delivery disabled ##给空壳传送邮件报错
164 mydestination = ##因为空壳不处理邮件所以什么都不填
313 relayhost = 172.25.254.109 ##主处理邮件的服务器
[root@maillinux named]# systemctl restart postfix.service ##重启服务
MAT:邮件服务器的设置(真实服务器的设置)
[root@mailwestos postfix]# vim main.cf
mynetworks = 172.25.254.0/24 ##一般情况下空壳不止一个,所以设置为172.25.254这个网段。我的空壳是172.25.254.209
[root@mailwestos postfix]# systemctl restart postfix.service
测试:
可以给admin@westos.org 发送一封邮件
在/home/vmail/westos.org/admin/new 里会接受到邮件。
原文地址:http://12183531.blog.51cto.com/12173531/1880544