***相关知识
简介:一个完整的电子邮件服务系统,一般包括三个部分
MUA邮件用户代理程序————帮助用户发送和接收邮件(下面以Thunderbird为例做实验),主要作用是将用户的邮件发送到邮件主机上或者将用户的邮件从邮件主机上接受下来
MTA邮件传送代理程序也就是邮件服务器————用来监控和传送邮件(下面以postfix为例做实验)
电子邮件协议————————
1)SMTP,Simple Mail Transfer Protocol,简单邮件传输协议,SMPT是请求响应协议,监听25号端口,用于接收用户的邮件请求,并与远程邮件服务器建立SMPT连接
2)POP3,Post Office Protocol,邮局协议,用于接收电子邮件,使用TCP的110端口
3)IMAP4,Internet Message Access Protocol,主要提供的是通过Interbnet获取信息的一种协议
4)Web Mail
#postfix#
postfix的配置文件主要包括四个:main.cf master.cf access aliases 都位于/etc/postfix子目录下
/etc/postfix/main.cf 主配置文件
/etc/postfix/master.cf 运行参数配置文件
/etc/postfix/access 存取控制文件
/etc/aliases 别名数据库
实验之前将一个虚拟机明改为westos-mail.westos.com,另一个改为qq-mail.qq.com
命令:hostnamectl set-hostnname qq-mail.qq.com
0.dns配置 地址解析
[root@westos-mail ~]# yum install bind.x86_64 -y
[root@westos-mail ~]# vim /etc/named.conf
10 options {
11 // listen-on port 53 { 127.0.0.1; };
12 // listen-on-v6 port 53 { ::1; };
13 directory "/var/named";
14 dump-file "/var/named/data/cache_dump.db";
15 statistics-file "/var/named/data/named_stats.txt";
16 memstatistics-file "/var/named/data/named_mem_stats.txt";
17 // allow-query { localhost; };
32 dnssec-validation no;
[root@westos-mail ~]# vim /etc/named.rfc1912.zones
25 zone "westos.com" IN {
26 type master;
27 file "westos.com.zone";
28 allow-update { none; };
29 };
30 zone "qq.com" IN {
31 type master;
32 file "qq.com.zone";
33 allow-update { none; };
34 };
[root@westos-mail ~]# cd /var/named/
[root@westos-mail named]# ls
data named.ca named.localhost slaves
dynamic named.empty named.loopback
[root@westos-mail named]# cp -p named.localhost westos.com.zone
[root@westos-mail named]# vim westos.com.zone
$TTL 1D
@ IN SOA dns.westos.com. root.westos.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.westos.com.
dns A 172.25.254.134
westos.com. MX 1 172.25.254.134.
[root@westos-mail named]# cp -p westos.com.zone qq.com.zone
[root@westos-mail named]# vim qq.com.zone
$TTL 1D
@ IN SOA dns.qq.com. root.qq.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.qq.com.
dns A 172.25.254.134
qq.com. MX 1 172.25.254.234.
[root@westos-mail named]# vim /etc/resolv.conf
nameserver 172.25.254.134
[root@westos-mail named]# dig -t mx westos.com
; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> -t mx westos.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10978
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;westos.com. IN MX
;; ANSWER SECTION:
westos.com. 86400 IN MX 1 172.25.254.134.
;; AUTHORITY SECTION:
westos.com. 86400 IN NS dns.westos.com.
;; ADDITIONAL SECTION:
dns.westos.com. 86400 IN A 172.25.254.134
;; Query time: 0 msec
[root@qq-mail ~]# vim /etc/resolv.conf
; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> -t mx qq.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 39448
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;qq.com. IN MX
;; ANSWER SECTION:
qq.com. 86400 IN MX 1 172.25.254.234.
;; AUTHORITY SECTION:
qq.com. 86400 IN NS dns.qq.com.
;; ADDITIONAL SECTION:
dns.qq.com. 86400 IN A 172.25.254.134
;; Query time: 1 msec
;; SERVER: 172.25.254.134#53(172.25.254.134)
;; WHEN: Mon May 22 10:55:58 EDT 2017
;; MSG SIZE rcvd: 99
1.postfix提供smtp协议用来投递邮件
默认端口25
/var/log/maillog ##服务日志
mail root@westos.com ##发送邮件,用"."来结束录入内容并发送
mailq ##查看邮件队列
postqueue -f ##重新处理邮件队列
默认情况下邮件端口只在127.0.0.1上开启
2.配置
vim /etc/postfix/main.cf ##主配置文件(等号两变得空格不可少)
76 myhostname = westos-mail.westos.com ##指定主机名
83 mydomain = westos.com ##指定mta的域名
99 myorigin = westos.com ##指定邮件来源结尾(@后面的字符内容),表示域名为westos.com
116 inet_interfaces = all ##25端口开启的网络接口,all表示监听从任何网络端口来的邮件,如果是localhost则表示只在本地邮件上寄信
164 mydestination = $myhostname, $mydomain, localhost ##接收邮件结尾字符的指定
systemctl restart postfix.service ##重起服务
[root@qq-mail ~]# netstat -antlpe | grep master
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 0 50592 3773/master
tcp6 0 0 ::1:25 :::* LISTEN 0 50593 3773/master
76 myhostname = qq-mail.qq.com ##指定主机名称
83 mydomain = qq.com ##指定mta的域名
99 myorigin = qq.com ##指定邮件来源结尾(@后面的字符内容)
116 inet_interfaces = all ##25端口开启的网络接口
164 mydestination = $myhostname, $mydomain, localhost ##接收邮件结尾字符的指定,表示无论来信人地址是UserName@localdomain还是XXX@clinuxer.localdomain.tst,postfix都会接收邮件
[root@qq-mail ~]# netstat -antlpe | grep master
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 0 51758 3912/master
tcp6 0 0 :::25 :::* LISTEN 0 51759 3912/master
[root@westos-mail ~]# mail root@qq.com ##发送邮件
Subject: hello
aaa
.
EOT
Heirloom Mail version 12.5 7/5/10. Type ? for help.
"/var/spool/mail/root": 1 message 1 new
>N 1 root Mon May 22 21:40 21/720 "hello"
&
Message 1:
From root@westos.com Mon May 22 21:40:08 2017 ##邮件来源
Return-Path: <root@westos.com>
X-Original-To: root@qq.com ##邮件去向
Delivered-To: root@qq.com
Date: Mon, 22 May 2017 21:40:07 -0400
To: root@qq.com
Subject: hello ##邮件标题
User-Agent: Heirloom mailx 12.5 7/5/10
Content-Type: text/plain; charset=us-ascii
From: root@westos.com (root)
Status: R
aaa ##邮件内容
& q
New mail has arrived.
3.邮件别名和邮件群发
vim /etc/aliases
别名: 真名 ##邮件别名
别名: :include:filename ##邮件群发(绝对路径)
vim filename
user1
user2
postalias /etc/aliases ##刷新
mail 别名 ##邮件别名测试
mail -u 别名 ##邮件群发测试
postsuper -d 邮件名 ##删除邮件
> /var/spool/mail/root ##清空邮箱
[root@westos-mail ~]# vim /etc/aliases ##在文件最后加上别名和群发组的配置
admin: root ##表示发给admin的邮件都会自动转发给root
moreuser: :include:/etc/postfix/moreuser ##发送给moreuser的都会自动转发给/etc/postfix/moreuser文件中指定的所有用户
[root@westos-mail ~]# vim /etc/postfix/moreuser
root
student
[root@westos-mail ~]# postalias /etc/aliases ##更新
[root@westos-mail ~]# systemctl restart postfix.service ##重启服务
邮件别名测试
[root@qq-mail ~]# mail admin@westos.com ##在另一个主机给配置的主机别名发邮件
Subject: 123
123
123
.
EOT
[root@westos-mail ~]# mail ##查看是否受到发给别名的邮件
Heirloom Mail version 12.5 7/5/10. Type ? for help.
"/var/spool/mail/root": 1 message 1 new
>N 1 root Tue May 23 03:20 22/719 "123"
&
Message 1:
From root@qq.com Tue May 23 03:20:49 2017
Return-Path: <root@qq.com>
X-Original-To: admin@westos.com
Delivered-To: admin@westos.com
Date: Tue, 23 May 2017 03:20:49 -0400
To: admin@westos.com
Subject: 123
User-Agent: Heirloom mailx 12.5 7/5/10
Content-Type: text/plain; charset=us-ascii
From: root@qq.com (root)
Status: R
123
123
邮件群发测试
[root@qq-mail ~]# mail moreuser@westos.com ##群发邮件
Subject: test
test
.
EOT
Heirloom Mail version 12.5 7/5/10. Type ? for help.
"/var/mail/student": 1 message 1 new
>N 1 root Tue May 23 03:25 24/863 "test"
&
Message 1:
From root@qq.com Tue May 23 03:25:09 2017
Return-Path: <root@qq.com>
X-Original-To: moreuser@westos.com
Delivered-To: student@westos.com
Delivered-To: moreuser@westos.com
Date: Tue, 23 May 2017 03:25:10 -0400
To: moreuser@westos.com
Subject: test
User-Agent: Heirloom mailx 12.5 7/5/10
Content-Type: text/plain; charset=us-ascii
From: root@qq.com (root)
Status: R
test
4.通过远程主机测试
telent命令可以连接到Postfix服务器的25端口,也就是发信服务端口
[root@foundation66 ~]# telnet 172.25.254.134 25 ##远程发送邮件
Trying 172.25.254.134...
Connected to 172.25.254.134.
Escape character is '^]'.
220 westos-mail.westos.com ESMTP Postfix
ehlo hello ##测试
250-westos-mail.westos.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
mail from:root@westos.com ##发送端
250 2.1.0 Ok
rcpt to:root@qq.com ##接受端
250 2.1.5 Ok
data ##写入内容
354 End data with <CR><LF>.<CR><LF> ##354表示开始邮件输入
6666
66
.
250 2.0.0 Ok: queued as 7AB2E17E876
quit
221 2.0.0 Bye
Connection closed by foreign host.
5.邮件客户端的访问控制(限制用户远程连接)
在mta上
记得将上个实验改动的配置恢复,/etc/postfix/main.cf,/etc/postfix/access 将上个实验写入的删掉
[root@westos-mail ~]# postconf -e "smtpd_client_restrictions = check_client_access hash:/etc/postfix/access" ##写入
[root@westos-mail ~]# vim /etc/postfix/main.cf ##查看文件是否写入
smtpd_client_restrictions = check_client_access hash:/etc/postfix/access
[root@westos-mail ~]# vim /etc/postfix/access ##写入拒绝的客户端
172.25.254.66 REJECT ##拒绝172.25.254.66主机使用服务器
[root@westos-mail ~]# postmap /etc/postfix/access ##生成加密文件
[root@westos-mail ~]# systemctl restart postfix.service ##重起服务
[root@foundation66 ~]# telnet 172.25.254.134 25 ##客户端测试
Trying 172.25.254.134...Connected to 172.25.254.134.
Escape character is '^]'.
220 westos-mail.westos.com ESMTP Postfix ##服务器发送220告诉客户已经准备好接受邮件
ehlo hello
250-westos-mail.westos.com ##250表示请求命令完成1
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
mail from:root@westos.com
250 2.1.0 Ok
rcpt to:root@qq.com
554 5.7.1 <unknown[172.25.254.66]>: Client host rejected: Access denied##拒绝
quit
221 2.0.0 Bye
6.限制用户发送
[root@westos-mail ~]# postconf -e "smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender" ##写入配置文件
[root@westos-mail ~]# vim /etc/postfix/sender ##写入被限制用户
student@westos.com REJECT
[root@westos-mail ~]# postmap /etc/postfix/sender ##哈希加密,生成db文件
[root@westos-mail ~]# cd /etc/postfix/
[root@westos-mail postfix]# ls ##生成sender.db
access canonical header_checks master.cf sender transport
access.db generic main.cf relocated sender.db virtual
[root@westos-mail postfix]# systemctl restart postfix.service ##重启服务
测试
[root@foundation66 ~]# telnet 172.25.254.134 25
Trying 172.25.254.134...
Connected to 172.25.254.134.
Escape character is '^]'.
220 westos-mail.westos.com ESMTP Postfix
ehlo hello
250-westos-mail.westos.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
mail from:student@westos.com
250 2.1.0 Ok
rcpt to:root@qq.com
554 5.7.1 <student@westos.com>: Sender address rejected: Access denied ##student@westos.com被限制,不能发送邮件
quit
221 2.0.0 Bye
Connection closed by foreign host.
7.限制用户接收
[root@westos-mail postfix]# postconf -e "smtpd_recipient_restrictions = check_recipient_access hash:/etc/postfix/recip" ##写主配置文件
[root@westos-mail postfix]# vim /etc/postfix/main.cf ##查看
[root@westos-mail postfix]# vim /etc/postfix/recip 写入需要限制的用户
westos@westos.com REJECT
[root@westos-mail postfix]# useradd westos
[root@westos-mail postfix]# postmap /etc/postfix/recip ##加密
[root@westos-mail postfix]# systemctl restart postfix.service
[root@foundation66 ~]# telnet 172.25.254.134 25
Trying 172.25.254.134...
Connected to 172.25.254.134.
Escape character is '^]'.
220 westos-mail.westos.com ESMTP Postfix
mail from:root@westos.com
250 2.1.0 Ok
rcpt to:westos@westos.com
554 5.7.1 <westos@westos.com>: Recipient address rejected: Access denied##westos@westos.com被限制无法接受邮件
quit
221 2.0.0 Bye
Connection closed by foreign host.
8.出站地址伪装
#先做地址解析
[root@westos-mail postfix]# vim /etc/named.rfc1912.zones
35 zone "sb.com" IN {
36 type master;
37 file "sb.com.zone";
38 allow-update { none; };
39 };
[root@westos-mail named]# cp -p qq.com.zone sb.com.zone
[root@westos-mail named]# vim sb.com.zone
$TTL 1D
@ IN SOA dns.sb.com. root.sb.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.sb.com.
dns A 172.25.254.134
sb.com. MX 1 172.25.254.134.
root@westos-mail named]# systemctl restart named
[root@westos-mail postfix]# postconf -e "smtp_generic_maps = hash:/etc/postfix/generic"
[root@westos-mail postfix]# vim /etc/postfix/generic
westos@westos.com hello@sb.com
[root@westos-mail postfix]# postmap /etc/postfix/generic
[root@westos-mail postfix]# vim /etc/postfix/recip ##删除文件内容,取消对westos的限制
[root@westos-mail postfix]# ls
access generic main.cf recip.db sender.db
access.db generic.db master.cf relocated transport
canonical header_checks recip sender virtual
[root@westos-mail postfix]# systemctl restart postfix.service
测试
[root@westos-mail postfix]# su - westos
[westos@westos-mail ~]$ mail root@qq.com
Subject: qq
.
EOT
[root@qq-mail ~]# mail
Heirloom Mail version 12.5 7/5/10. Type ? for help.
"/var/spool/mail/root": 12 messages 4 new
1 root@westos.com Mon May 22 22:30 14/495
2 root@westos.com Mon May 22 22:40 14/498
3 Mail Delivery System Mon May 22 23:06 79/2657 "Undelivered Mail Returned to S"
4 root@westos.com Mon May 22 23:23 15/500
5 root Mon May 22 23:30 22/732 "88"
6 Mail Delivery System Mon May 22 23:38 80/2657 "Undelivered Mail Returned to S"
7 root Mon May 22 23:53 22/749 "qqqq"
8 root Mon May 22 23:53 22/738 "qqq"
>N 9 Mail Delivery System Mon May 22 23:59 75/2409 "Undelivered Mail Returned to S"
N 10 root@westos.com Tue May 23 00:06 14/487
N 11 root@westos.com Tue May 23 03:35 14/487
N 12 hello@sb.com Tue May 23 08:43 21/706 "qq" ##收到hello@sb.com的邮件,伪装成功
&
入站地址转换
[root@westos-mail postfix]# postconf -e "virtual_alias_maps = hash:/etc/postfix/virtual" ##写主配置文件
[root@westos-mail postfix]# vim /etc/postfix/virtual ##写入转换身份
hello@sb.com westos@westos.com
[root@westos-mail postfix]# postmap /etc/postfix/virtual
[root@westos-mail postfix]# systemctl restart postfix.service
测试
[root@qq-mail ~]# mail hello@sb.com ##给转换的身份发邮件
Subject: aa
aa
.
EOT
[westos@westos-mail ~]$ mail ##查看转换信息
Heirloom Mail version 12.5 7/5/10. Type ? for help.
"/var/spool/mail/westos": 1 message 1 unread
>U 1 root Tue May 23 08:56 22/712 "aa"
&
Message 1:
From root@qq.com Tue May 23 08:56:49 2017
Return-Path: <root@qq.com>
X-Original-To: hello@sb.com
Delivered-To: westos@westos.com
Date: Tue, 23 May 2017 08:56:50 -0400
To: hello@sb.com
Subject: aa
User-Agent: Heirloom mailx 12.5 7/5/10
Content-Type: text/plain; charset=us-ascii
From: root@qq.com (root)
Status: RO
aa
9.###docecot##接受端
Postfix服务只是一个MTA(邮件传输代理),他只提供SMPT服务,也就是只提供邮件的转发及本地的分发功能,要实现一台服务器即做邮件发送任务,又可以保存邮件,还必须安装POP3和IMAP服务,dovecot可以同时提供这两个服务
[root@westos-mail postfix]# yum install dovecot -y ##安装服务
[root@westos-mail postfix]# systemctl start dovecot ##开启服务
24 protocols = imap pop3 lmtp ##打开imap pop3 lmtp协议的支持
48 login_trusted_networks = 0.0.0.0/0 ##允许所有网络连接
49 disable_plaintext_auth = no ##允许明文登录
[root@westos-mail postfix]# vim /etc/dovecot/conf.d/10-mail.conf
30 mail_location = mbox:~/mail:INBOX=/var/mail/%u ##指定查看的用户文件,%u表示用户名
[root@westos-mail postfix]# passwd westos ##设置用户密码
Changing password for user westos.
New password:
BAD PASSWORD: The password is shorter than 8 characters
Retype new password:
passwd: all authentication tokens updated successfully.
[root@westos-mail postfix]# cd
[root@westos-mail ~]# su - westos
Last login: Tue May 23 08:57:22 EDT 2017 on pts/0
[westos@westos-mail ~]$ mkdir -p mail/.imap/ ##建立邮件目录
[westos@westos-mail ~]$ touch mail/.imap/INBOX ##建立邮件查看位置
[westos@westos-mail ~]$ logout
[root@westos-mail ~]# mail westos
Subject: 1122
1122
.
EOT
[root@westos-mail ~]# mkdir -p /etc/skel/mail/.imap/
[root@westos-mail ~]# touch /etc/skel/mail/.imap/INBOX ##执行这两条命令后建立的用户会自动生成mail目录,mail/.imap/INBOX文件,收件箱
[root@westos-mail ~]# useradd haha
[root@westos-mail ~]# cd /home/haha/
[root@westos-mail haha]# ll
total 0
drwxr-xr-x. 3 haha haha 18 May 23 10:04 mail
[root@westos-mail haha]# ls mail/.imap/INBOX
mail/.imap/INBOX
[root@westos-mail haha]# ll mail/.imap/INBOX
-rw-r--r--. 1 haha haha 0 May 23 10:04 mail/.imap/INBOX
[root@westos-mail haha]# cd mail/
[root@westos-mail mail]# ls -a
. .. .imap
[root@westos-mail mail]# cd .imap/
[root@westos-mail .imap]# ls
INBO
测试
[root@foundation66 ~]# mutt -f pop://westos@172.25.254.134 ##通过密码认证登录查看邮件
10.邮件用户代理程序MUA
例如:雷鸟Thunderbird作用:帮助用户发送和接收电子邮件
[root@foundation66 ~]# rpm -ivh thunderbird-31.2.0-1.el7.x86_64.rpm ##安装雷鸟
warning: thunderbird-31.2.0-1.el7.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID 352c64e5: NOKEY
Preparing... ################################# [100%]
Updating / installing...
1:thunderbird-31.2.0-1.el7 ################################# [100%]
实现发送及接受邮件
11.邮件收发与数据库的结合
1)配置安装及建立邮件使用的数据库
[root@westos-mail ~]# vim /etc/postfix/main.cf ##恢复文件内容
[root@westos-mail ~]# systemctl restart postfix.service
[root@westos-mail ~]# yum install httpd php php-mysql.x86_64 mariadb-server.x86_64 -y ##安装数据库服务
[root@westos-mail ~]# vim /etc/my.cnf ##跳过网络
skip-networking=1
[root@westos-mail ~]# mysql_secure_installation##安全认证,密码redhat
[root@westos-mail html]# tar jxf phpMyAdmin-3.4.0-all-languages.tar.bz2 -C /var/www/html/##安装php服务
[root@westos-mail html]# ls
phpMyAdmin-3.4.0-all-languages phpMyAdmin-3.4.0-all-languages.tar.bz2
[root@westos-mail html]# mv phpMyAdmin-3.4.0-all-languages
phpMyAdmin-3.4.0-all-languages/
phpMyAdmin-3.4.0-all-languages.tar.bz2
[root@westos-mail html]# mv phpMyAdmin-3.4.0-all-languages/ myadmin
[root@westos-mail html]# cd myadmin/
[root@westos-mail myadmin]# cp config.sample.inc.php config.inc.php
[root@westos-mail myadmin]# vim config.inc.php
17 $cfg['blowfish_secret'] = 'mysql'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */
[root@westos-mail myadmin]# systemctl restart httpd.service
[root@westos-mail myadmin]# mysql -uroot -predhat ##密码认证登录,建立用户及授权
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 26
Server version: 5.5.35-MariaDB MariaDB Server
Copyright (c) 2000, 2013, Oracle, Monty Program Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> create user postuser@localhost identified by 'postuser';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> grant select,update,insert on email.* to postuser@localhost;
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> quit
Bye
[root@westos-mail myadmin]# mysql -upostuser -ppostuser ##普通用户登录
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 27
Server version: 5.5.35-MariaDB MariaDB Server
Copyright (c) 2000, 2013, Oracle, Monty Program Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> select * from email.emailuser; ##查看表信息
+-------------+----------+---------+-------------------+
| username | password | domain | maildir |
+-------------+----------+---------+-------------------+
| lee@lee.com | lee | lee.com | /mnt/lee.com/lee/ |
+-------------+----------+---------+-------------------+
1 row in set (0.00 sec)
MariaDB [(none)]> quit
Bye
2)
[root@westos-mail ~]# cd /etc/postfix/
[root@westos-mail postfix]# vim mailuser.cf ##用户名称查询
hosts = localhost ##数据库所在主机
user = postuser ##登录数据库的用户
password = postuser ##登录数据库的密码
dbname = email ##postfix要查询的名称
table = emailuser ##postfix要查询的表的名称
select_field = username ##postfix要查询的字段
where_field = username ##用户给定postfix的查询条件
lee@lee.com
[root@westos-mail postfix]# cp mailuser.cf maildomain.cf
[root@westos-mail postfix]# vim mail
maildomain.cf mailuser.cf
[root@westos-mail postfix]# vim maildomain.cf ##用户域名查询
hosts = localhost
user = postuser
password = postuser
dbname = email
table = emailuser
select_field = domain
where_field = domain
lee.com
[root@westos-mail postfix]# cp mailuser.cf mailbox.cf
[root@westos-mail postfix]# vim mailbox.cf ##用户邮箱位置查询
hosts = localhost
user = postuser
password = postuser
dbname = email
table = emailuser
select_field = maildir
where_field = username
/mnt/lee.com/lee/
配置postfix
[root@westos-mail ~]# groupadd -g 666 vmail ##建立虚拟组并指定gid[root@westos-mail ~]# useradd -s /sbin/nologin -u 666 vmail -g 666 ##建立虚拟用户并指定uid
[root@westos-mail ~]# id vmail
uid=666(vmail) gid=666(vmail) groups=666(vmail)
[root@westos-mail ~]# postconf -e "virtual_mailbox_base = /home/vmail" ##设定虚拟用户的邮件目录
[root@westos-mail ~]# postconf -e "virtual_uid_maps = static:666" ##虚拟用户建立邮件的uid
[root@westos-mail ~]# postconf -e "virtual_gid_maps = static:666" ##虚拟用户建立邮件的gid
[root@westos-mail ~]# postconf -e "virtual_alias_maps = mysql:/etc/postfix/mailuser.cf"##指定mysql查找主机
[root@westos-mail ~]# postconf -e "virtual_mailbox_domains = mysql:/etc/postfix/maildomain.cf"##指定mysql查找域名
[root@westos-mail ~]# postconf -e "virtual_mailbox_maps = mysql:/etc/postfix/mailbox.cf"##指定mysql查找邮箱
[root@westos-mail ~]# ll /etc/postfix/mailuser.cf ##查看文件信息,可以判断该文件名是否写入正确
-rw-r--r--. 1 root root 134 May 24 01:58 /etc/postfix/mailuser.cf
[root@westos-mail ~]# ll /etc/postfix/maildomain.cf
-rw-r--r--. 1 root root 130 May 24 02:00 /etc/postfix/maildomain.cf
[root@westos-mail ~]# ll /etc/postfix/mailbox.cf
-rw-r--r--. 1 root root 133 May 24 02:01 /etc/postfix/mailbox.cf
测试
[root@westos-mail ~]# mail lee@lee.com ##给lee@lee.com发邮件Subject: 666
666
.
EOT
[root@westos-mail new]# pwd ##当前所在位置,在/home/vmail/lee.com/lee/new可以查看收到的邮件
/home/vmail/lee.com/lee/new
[root@westos-mail new]# ls
1495610301.Vfd01I1a9ee43M43814.westos-mail.westos.com
[root@westos-mail new]# cat 1495610301.Vfd01I1a9ee43M43814.westos-mail.westos.com##查看邮件内容及相关信息
Return-Path: <root@westos.com>
X-Original-To: lee@lee.com
Delivered-To: lee@lee.com
Received: by westos-mail.westos.com (Postfix, from userid 0)
id F24B026AD16; Wed, 24 May 2017 03:18:20 -0400 (EDT)
Date: Wed, 24 May 2017 03:18:20 -0400
To: lee@lee.com
Subject: 666
User-Agent: Heirloom mailx 12.5 7/5/10
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-Id: <20170524071820.F24B026AD16@westos-mail.westos.com>
From: root@westos.com (root)
666
####dovecot+mysql###
[root@westos-mail ~]yum install dovecot dovecot-mysql -y ##dovecot-mysql是dovecot的插件,让dovecot识别数据库
[root@westos-mail ~]# vim /etc/dovecot/dovecot.conf ##修改主配置
24 protocols = imap pop3 lmtp ##支持收件协议
48 login_trusted_networks = 0.0.0.0/0 ##信任网络,所有网络
49 disable_plaintext_auth = no ##开启明文认证
[root@westos-mail ~]# vim /etc/dovecot/conf.d/10-auth.conf
123 !include auth-sql.conf.ext ##开启mysql的认证方式
[root@westos-mail ~]# cp /usr/share/doc/dovecot-2.2.10/example-config/dovecot-sql.conf.ext /etc/dovecot/dovecot-sql.conf.ext
[root@westos-mail ~]# vim /etc/dovecot/dovecot-sql.conf.ext ##生成devocot读取mysql的配置
32 driver = mysql ##数据库类型
71 connect = host=localhost dbname=email user=postuser password=postuser#查询时用到的库,用户,密码
78 default_pass_scheme = PLAIN ##默认认证方式为明文
107 password_query = \ ##查询密码匹配
108 SELECT username, domain, password \ ##用户,域名,密码
109 FROM emailuser WHERE username = '%u' AND domain = '%d' ##%u表示主机名,%d表示域名,在数据库的表中匹配用户名和域名
125 user_query = SELECT maildir, 666 AS uid, 666 AS gid FROM emailuser WHERE usename = '%u'##邮件目录,指定gid,uid
[root@westos-mail ~]# vim /etc/dovecot/conf.d/10-mail.conf
30 mail_location = maildir:/home/vmail/%d/%n ##指定邮件位置
168 first_valid_uid = 666 ##邮件文件查询用户身份
175 first_valid_gid = 666
[root@westos-mail ~]# systemctl restart dovecot
测试
[kiosk@foundation66 Desktop]$ telnet 172.25.254.134 110
Trying 172.25.254.134...
Connected to 172.25.254.134.
Escape character is '^]'.
+OK [XCLIENT] Dovecot ready.
user lee@lee.com ##用户名
+OK
pass lee ##密码
+OK Logged in. ##认证成功
quit
+OK Logging out.
Connection closed by foreign host.
两个数据库中存在的用户可以通过雷鸟进行邮件通信(lee@lee.com和westos@qq.com)
##空壳邮件###
空壳代替真实主机与外界连接以此来保护真实主机,发给真实主机的邮件将通过空壳转发至真实主机,空壳并不接收邮件
[root@localhost ~]# hostnamectl set-hostname nullmail.example.com##修改主机名
[root@nullmail ~]# vim /etc/postfix/main.cf
76 myhostname = nullmail.example.com ##空壳主机主机名
83 mydomain = example.com ##空壳主机域名
99 myorigin = westos.com ##真实主机域名
116 inet_interfaces = all ##所有网络
164 mydestination = ##空壳主机不接受邮件
316 relayhost = 172.25.254.134 ##真实主机ip
[root@nullmail ~]# systemctl restart postfix.service
测试
[root@nullmail ~]# mail root@westos.com ##发给root@westos.com和root的邮件全部转发给134主机,空壳不接收邮件
Subject: test
test
test
.
EOT
[root@westos-mail ~]# mail
Heirloom Mail version 12.5 7/5/10. Type ? for help.
"/var/spool/mail/root": 1 message 1 new
>N 1 root Sun May 28 21:28 22/748 "test"
&
Message 1:
From root@westos.com Sun May 28 21:28:14 2017
Return-Path: <root@westos.com>
X-Original-To: root@westos.com
Delivered-To: root@westos.com
Date: Sun, 28 May 2017 21:28:14 -0400
To: root@westos.com
Subject: test
User-Agent: Heirloom mailx 12.5 7/5/10
Content-Type: text/plain; charset=us-ascii
From: root@westos.com (root)
Status: R
test
test
& q
New mail has arrived.
[root@nullmail ~]# mail root
Subject: aaa
a
a
.
EOT
[root@westos-mail ~]# mail
Heirloom Mail version 12.5 7/5/10. Type ? for help.
"/var/spool/mail/root": 2 messages 1 new
1 root Sun May 28 21:28 23/759 "test"
>N 2 root Sun May 28 21:30 22/741 "aaa"
&
Message 2:
From root@westos.com Sun May 28 21:30:35 2017
Return-Path: <root@westos.com>
X-Original-To: root@westos.com
Delivered-To: root@westos.com
Date: Sun, 28 May 2017 21:30:36 -0400
To: root@westos.com
Subject: aaa
User-Agent: Heirloom mailx 12.5 7/5/10
Content-Type: text/plain; charset=us-ascii
From: root@westos.com (root)
Status: R
a
a
&
扫一扫
407
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
