smtp协议（二）

标签：用户权限 postfix与mysql 空壳邮件

####smtp协议(二)####
1. 权限设置
(1)限制主机去发送接受文件
[root@mailwestos postfix]# vim access
172.25.254.9 REJECT
[root@mailwestos postfix]# postmap access
[root@mailwestos postfix]# postconf -e "smtpd_client_restrictions =check_client_access hash:/etc/postfix/access"
[root@mailwestos postfix]# systemctl restart postfix.service
测试：
[kiosk@foundation9 Desktop]$ telnet 172.25.254.109 25
Trying 172.25.254.109...
Connected to 172.25.254.109.
Escape character is ‘^]‘.
220 mailwestos.westos.com ESMTP Postfix
mail from:root@westos.com
250 2.1.0 Ok
rcpt to:westos@westos.com
554 5.7.1 <unknown[172.25.254.9]>: Client host rejected: Access denied
421 4.4.2 mailwestos.westos.com Error: timeout exceeded
Connection closed by foreign host.

(2)限制用户发送
[root@mailwestos postfix]# useradd westos
[root@mailwestos postfix]# passwd westos
[root@mailwestos postfix]# vim sender
westos@westos.com REJECT
[root@mailwestos postfix]# postmap sender
[root@mailwestos postfix]# postconf -d | grep sender
[root@mailwestos postfix]# postconf -e "smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender"
[root@mailwestos postfix]# systemctl restart postfix.service
在真机上测试：
[kiosk@foundation9 Desktop]$ telnet 172.25.254.109 25
Trying 172.25.254.109...
Connected to 172.25.254.109.
Escape character is ‘^]‘.
220 mailwestos.westos.com ESMTP Postfix
mail from:westos@westos.com
250 2.1.0 Ok
rcpt to:root@westos.com
554 5.7.1 <westos@westos.com>: Sender address rejected: Access denied

(3)限制用户接受
[root@mailwestos postfix]# vim recip
[root@mailwestos postfix]# postmap recip
[root@mailwestos postfix]# postconf -e "smtpd_recipient_restrictions = ckeck_recipient_access hash:/etc/postfix/recip"
[root@mailwestos postfix]# systemctl restart postfix.service

2.登陆验证用接受邮件
[root@mailwestos ~]# yum install dovecot -y
[root@mailwestos ~]# systemctl start dovecot
[root@mailwestos ~]# netstat -antlpe | grep dovecot
[root@mailwestos ~]# vim /etc/dovecot/dovecot.conf
24 protocols = imap pop3 lmtp
 49 disable_plaintext_auth = no
[root@mailwestos ~]# cd /etc/dovecot/conf.d/
[root@mailwestos conf.d]# vim 10-mail.conf
mail_location = mbox:~/mail:INBOX=/var/mail/%u
[root@mailwestos skel]# su - westos
[westos@mailwestos ~]$ ls
mail
[westos@mailwestos ~]$ cd mail/
[westos@mailwestos mail]$ ls -a
.  ..
[westos@mailwestos mail]$ touch /home/westos/mail/.imap/INBOX

[root@mailwestos conf.d]# systemctl restart dovecot.service
测试
[root@foundation9 ~]# mutt -f pop://westos@172.25.254.109  (在做测试的用户必须是你主机存在的用户)

3.postfix 与mysql架构搭建 (邮箱有数据库连接)
[root@mailwestos ~]# yum install dovecot-mysql.x86_64 -y
[root@mailwestos ~]# cd /usr/share/doc/dovecot-2.2.10/
[root@mailwestos dovecot-2.2.10]# cd example-config/
[root@mailwestos example-config]# cp dovecot-sql.conf.ext /etc/dovecot
[root@mailwestos postfix]# groupadd -g 666 vmail
[root@mailwestos postfix]# useradd -u 666 -g 666 vmail -s /sbin/nologin ##创建非交互式的用户
在数据库的操作，如果没有安装服务要先安装服务。可以通过网页管理数据库来建库，建表和
插入数据。我接下来的操作是通过命令来进行。
[root@mailwestos postfix]# mysql -uroot -p   
MariaDB [(none)]> USE mysql;
MariaDB [mysql]> CREATE USER postfix identified by ‘postfix‘;  ##创建用户
MariaDB [mysql]> GRANT INSERT on *.* to postfix;           ##给用户插入的权力
MariaDB [mysql]> GRANT SELECT on *.* to postfix;           ##给用户查找的权力
MariaDB [mysql]> GRANT UPDATE on *.* to postfix;           ##给用户更新的权力
MariaDB [mysql]> QUIT;
[root@mailwestos dovecot]# mysql -upostfix -p    
MariaDB [(none)]> CREATE DATABASE email;               ##建库
Query OK, 1 row affected (0.00 sec)

MariaDB [(none)]> show databases;

+--------------------+
| Database           |
+--------------------+
| information_schema |
| email              |
| mysql              |
| performance_schema |
+--------------------+
4 rows in set (0.00 sec)
MariaDB [(none)]> USE email
Database changed
MariaDB [email]> CREATE TABLE muser;           ##建表
ERROR 1113 (42000): A table must have at least 1 column
MariaDB [email]> CREATE TABLE muser (username varchar(50) not null, password varchar(20) not null, domain varchar(50) not null, maildir varchar(50) not null);
Query OK, 0 rows affected (0.15 sec)
MariaDB [email]> INSERT INTO muser VALUES (‘admin@westos.org‘,‘123‘,‘westos.org‘,‘/home/vmail/westos.org/admin‘);   ##插入数据
Query OK, 1 row affected (0.10 sec)
MariaDB [email]> SELECT * FROM email.muser;
+------------------+----------+------------+-----------------------------------------+
| username         | password | domain     | maildir                                 |
+------------------+----------+------------+-----------------------------------------+
| admin@westos.org | 123      | westos.org | /home/vmail/westos.org/admin |
+------------------+----------+------------+-----------------------------------------+
1 row in set (0.00 sec)

[root@mailwestos example-config]# vim /etc/dovecot/dovecot-sql.conf.ext
32 driver = mysql
71 connect = host=localhost dbname=email user=postfix password=postfix
78 default_pass_scheme = PLAIN     ##明文认证
107 password_query = \
108   SELECT username, domain, password \
109   FROM muser WHERE username = ‘%u‘ AND domain = ‘%d‘
125 user_query = SELECT maildir, 666 AS uid, 666 AS gid FROM muser WHERE userna    me = ‘%u‘

在 /etc/postfix/下的操作
[root@mailwestos postfix]# vim mysql_users.cf
hosts = localhost
user = postfix
password = postfix
dbname = email
table = muser
select_field = username
where_field = username    ##根据用户名筛选出用户
[root@mailwestos postfix]# cp -p mysql_users.cf mysql_domain.cf
[root@mailwestos postfix]# vim mysql_domain.cf
hosts = localhost
user = postfix
password = postfix
dbname = email
table = muser
select_field = domain
where_field = domain      ##根据域名筛选出域
[root@mailwestos postfix]# cp -p mysql_users.cf mysql_maildir.cf
[root@mailwestos postfix]# vim mysql_maildir.cf
hosts = localhost
user = postfix
password = postfix
dbname = email
table = muser
select_field = maildir
where_field = username     ##根据用户名筛选出邮箱

[root@mailwestos postfix]# postmap -q "westos.org" mysql:/etc/postfix/mysql_domain.cf     ##输入域名输出域名
westos.org
[root@mailwestos postfix]# postmap -q "admin@westos.org" mysql:/etc/postfix/mysql_users.cf              ##输入用户名输出用户名
admin@westos.org
[root@mailwestos postfix]# postmap -q "admin@westos.org" mysql:/etc/postfix/mysql_maildir.cf       ##输入用户名输出邮箱
/home/vmail/westos.org/admin/
[root@mailwestos postfix]# postconf -e "virtual_gid_maps = static:666"
[root@mailwestos postfix]# postconf -e "virtual_uid_maps = static:666"
[root@mailwestos postfix]# postconf -e "virtual_mailbox_base = /home/vmail"
[root@mailwestos postfix]# postconf -e "virtual_alias_maps = mysql:/etc/postfix/mysql_users.cf"
[root@mailwestos postfix]# ll /etc/postfix/mysql_users.cf
-rw-r--r--. 1 root root 129 Dec  3 02:41 /etc/postfix/mysql_users.cf
[root@mailwestos postfix]# postconf -e "virtual_mailbox_domains = mysql:/etc/postfix/mysql_domain.cf"
[root@mailwestos postfix]# ll /etc/postfix/mysql_domain.cf
-rw-r--r--. 1 root root 125 Dec  3 02:42 /etc/postfix/mysql_domain.cf
[root@mailwestos postfix]# postconf -e "virtual_mailbox_maps = mysql:/etc/postfix/mysql_maildir.cf"
[root@mailwestos postfix]# ll /etc/postfix/mysql_maildir.cf
-rw-r--r--. 1 root root 128 Dec  3 02:43 /etc/postfix/mysql_maildir.cf
[root@mailwestos postfix]# systemctl restart postfix.service

[root@mailwestos example-config]# cd /etc/dovecot/
[root@mailwestos dovecot]# vim dovecot.conf
24 protocols = imap pop3 lmtp
48 login_trusted_networks = 0.0.0.0/0
49 disable_plaintext_auth = no
[root@mailwestos dovecot]# cd conf.d/
[root@mailwestos conf.d]# vim 10-mail.conf
29 mail_location = maildir:/home/vmail/%d/%n
167 first_valid_uid = 666
174 first_valid_gid = 666
选择一台机子去安装thunderbird，安装成功后：
[root@maillinux thunderbird]# thunderbird

(process:4907): GLib-CRITICAL **: g_slice_set_config: assertion `sys_page_size == 0‘ failed
将进入图形界面 进入后输入用户的密码将进入用户的邮箱界面，可以进行邮件接受和发送。
[kiosk@foundation9 Desktop]$ telnet 172.25.254.109 110    
Trying 172.25.254.109...
Connected to 172.25.254.109.
Escape character is ‘^]‘.
+OK [XCLIENT] Dovecot ready.
user admin@westos.org
+OK
pass 123
+OK Logged in.
 

空壳邮件
首先要配置好dns服务，具体操作可参考DNS设定的内容。
[root@maillinux named]# vim /etc/named.rfc1912.zones
zone "westos.org" IN {
        type master;
        file "westos.org.zone";
        allow-update { none; };
};
在westos.org.zone文件里westos.org域真实指向的是172.25.254.109
vim /etc/postfix/main.cf
75 myhostname = mailwestos.westos.com         ##真实主机名
83 mydomain = westos.com                      ##真实主机域名
98 myorigin = westos.org                      ##做那个域的空壳
113 inet_interfaces = all                     ##打开所有端口
116 #inet_interfaces = localhost              ##注释只对本地用户开放的端口
140 local_transport = error:local delivery disabled     ##给空壳传送邮件报错
164 mydestination =                         ##因为空壳不处理邮件所以什么都不填
313 relayhost = 172.25.254.109              ##主处理邮件的服务器
[root@maillinux named]# systemctl restart postfix.service    ##重启服务
MAT：邮件服务器的设置（真实服务器的设置）
[root@mailwestos postfix]# vim main.cf
mynetworks = 172.25.254.0/24     ##一般情况下空壳不止一个，所以设置为172.25.254这个网段。我的空壳是172.25.254.209
[root@mailwestos postfix]# systemctl restart postfix.service
测试：
可以给admin@westos.org 发送一封邮件
在/home/vmail/westos.org/admin/new 里会接受到邮件。

smtp协议（二）

标签：用户权限 postfix与mysql 空壳邮件

原文地址：http://12183531.blog.51cto.com/12173531/1880544