postfix 邮件2

标签：邮件限制用户发送、限制用户接收、出站地址的伪装、入站地址的转换

######邮件部分######

6.限制用户发送

1.过滤sender

[root@westos-mail ~]# postconf -d | grep sender

2.hash加密

[root@westos-mail ~]# postconf -e "smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender"

[root@westos-mail ~]# vim /etc/postfix/sender  ##添加拒绝的用户

 1 student@westos.com      REJECT    ##拒绝student@westos.com 发送邮件（但可以接收）

[root@westos-mail ~]# postmap /etc/postfix/sender    ##加密生成.db文件

[root@westos-mail ~]# cd /etc/postfix/

[root@westos-mail postfix]# ls

access     header_checks  relocated  virtual

access.db  main.cf        sender

canonical  master.cf      sender.db

generic    moreuser       transport

[root@westos-mail postfix]# systemctl restart postfix.service

测试：

[kiosk@foundation13 Desktop]$ telnet 172.25.254.113 25

Trying 172.25.254.113...

Connected to 172.25.254.113.

Escape character is ‘^]‘.

220 westos-mail.westos.com ESMTP Postfix

mail from:student@westos.com

250 2.1.0 Ok

rcpt to:root@westos.com

554 5.7.1 <unknown[172.25.254.13]>: Client host rejected: Access denied

Connection closed by foreign host.

[kiosk@foundation13 Desktop]$

7.限制用户接收

[root@westos-mail postfix]# postconf -e "smtpd_recipient_restrictions = check_recipient_access hash:/etc/postfix/recip"

[root@westos-mail postfix]# vim /etc/postfix/recip

westos@westos.com       REJECT        ##限制此用户接收

~

[root@westos-mail postfix]# postmap /etc/postfix/recip

[root@westos-mail postfix]# systemctl restart postfix.service

测试：

1）westos作为发送端

[kiosk@foundation13 Desktop]$ telnet 172.25.254.113 25

Trying 172.25.254.113...

Connected to 172.25.254.113.

Escape character is ‘^]‘.

220 westos-mail.westos.com ESMTP Postfix

mail from:westos@westos.com

250 2.1.0 Ok

rcpt to:root@westos.com

250 2.1.5 Ok

data

354 End data with <CR><LF>.<CR><LF>

haha

.

250 2.0.0 Ok: queued as F3FAA246207

quit##发送成功

221 2.0.0 Bye

Connection closed by foreign host.

2）westos作为接收端

[kiosk@foundation13 Desktop]$ telnet 172.25.254.113 25

Trying 172.25.254.113...

Connected to 172.25.254.113.

Escape character is ‘^]‘.

220 westos-mail.westos.com ESMTP Postfix

mail from:root@westos.com

250 2.1.0 Ok

rcpt to:westos@westos.com

554 5.7.1 <unknown[172.25.254.13]>: Client host rejected: Access denied   ##接收被拒

8.出站地址伪装

[root@westos-mail postfix]# postconf -e "smtp_generic_maps = hash:/etc/postfix/generic"

[root@westos-mail postfix]# vim /etc/postfix/main.cf

[root@westos-mail postfix]# vim /etc/postfix/generic

241 westos@westos.com       admin@gmail.com

[root@westos-mail postfix]# postmap /etc/postfix/generic

[root@westos-mail postfix]# systemctl restart postfix.service

测试：

[root@westos-mail postfix]# su - westos

[westos@westos-mail postfix]$ mail root@qq.com

Subject: wq

wqq

.

EOT

[root@qq-mail ~]# mail

Heirloom Mail version 12.5 7/5/10.  Type ? for help.

"/var/spool/mail/root": 1 messages 1 new 3  

>N  1 admin@gmail.com       Sat May 20 22:30  21/718   "wq"

& 1

Message  1:

From admin@gmail.com  Sat May 20 22:30:30 2017

Return-Path: <admin@gmail.com>

X-Original-To: root@qq.com

Delivered-To: root@qq.com

Date: Sat, 20 May 2017 22:30:29 -0400

To: root@qq.com

Subject: wq

User-Agent: Heirloom mailx 12.5 7/5/10

Content-Type: text/plain; charset=us-ascii

From: admin@gmail.com

Status: R

wqq

& q

Held 1 messages in /var/spool/mail/root

You have mail in /var/spool/mail/root

9.入站地址转换

dns mx 记录解析先做好

[root@westos-mail postfix]$ vim /etc/named.rfc1912.zones

[root@westos-mail named]# cp qq.com.zone haha.com.zone -p

[root@westos-mail named]# vim haha.com.zone

[root@westos-mail named]# systemctl restart named

[root@westos-mail named]# postconf -e "virtual_alias_maps = hash:/etc/postfix/virtual"

[root@westos-mail named]# vim /etc/postfix/virtual

hello@haha.com  westos@westos.com

虚拟名字      真实用户

[root@westos-mail postfix]#  postmap /etc/postfix/virtual   ##生成加密的.db文件

[root@westos-mail postfix]# systemctl restart postfix.service

测试：

[root@qq-mail postfix]# mail hello@haha.com

Subject: qqq

qqq

.

EOT

[root@westos-mail named]# mail -u westos

Heirloom Mail version 12.5 7/5/10.  Type ? for help.

"/var/mail/westos": 4 messages 1 new

    1 root                  Sat May 20 23:36  20/574   "adf"

    2 root                  Sun May 21 00:49  19/567   "wq"

    3 root                  Sun May 21 01:18  19/568   "hao"

>N  4 root                  Sun May 21 01:24  21/710   "qqq"

& 4

Message  4:

From root@qq.com  Sun May 21 01:24:30 2017

Return-Path: <root@qq.com>

X-Original-To: hello@haha.com    ##发送方显示的用户

Delivered-To: westos@westos.com    ##实际发送的用户

Date: Sun, 21 May 2017 01:24:29 -0400

To: hello@haha.com

Subject: qqq

User-Agent: Heirloom mailx 12.5 7/5/10

Content-Type: text/plain; charset=us-ascii

From: root@qq.com (root)

Status: R

qqq

& q

Held 4 messages in /var/mail/westos

本文出自 “AELY木” 博客，请务必保留此出处http://12768057.blog.51cto.com/12758057/1928818

postfix 邮件2

标签：邮件限制用户发送、限制用户接收、出站地址的伪装、入站地址的转换

原文地址：http://12768057.blog.51cto.com/12758057/1928818