RHCE:配置postfix服务端和空客户端
MUA(客户端) ->通过smtp ->MTA (邮件服务器)POSTFIX/sendmail->
通过MX记录找到远程收件人的IP地址->目标邮件服务器通过SPF DKIM PTR验证发件人是否合法->再将邮件发到收件人的目标邮件服务器中
->MDA邮件代理(将接收的邮件放在本地的邮箱)
MUA-通过pop3读取->MRA->读取MDA服务器上的邮件
abc@example.com->DNS查->postfix->到MYSQL查找是否是信任的域
Dovecot(MRA)POP3/IMAP,将邮件服务器的邮件下载到本地
MUA(FOXMAIL)->Dovecot(MRA)到数据库查用户名密码是否正确->正确连接/var/mail/com/下载文件,返回邮件给MUA
确保发件人是否有效安全措施:
1.发件人保证框架:SPF (Sender Policy Framework)
example.com. 3600 IN TXT "v=spf1 ip4:192.168.1.100 -all"
2.DKIM主要让收件人可以通过加密解密的方式得知发件人是否是真实的
TXTdefault.domainkey asdfasdfasdfasdf 3600
3.PTR反向域名解析
MX:邮件交换记录
MUA:用户邮件代理outlook foxmail
MTA:SMTP 25端口 sendmail postfix 邮件传输代理
MDA 邮件分发代理 将接收的邮件放在本地的邮箱
MRA 邮件接收代理 Dovecot
Mail协议:
SMTP:将邮件从发件人的邮件传递到收件人的邮箱(本域或外域)
POP3:收件人将邮件服务器的邮件接收到本地,来查看邮件
IMAP:可以直接管理服务器上的邮件,与POP3相同但功能更强
创建邮件服务器的步骤的:server(172.25.0.11)
前题条件:
设置主机名:
hostnamectl set-hostname mail.linuxmysql.com
[root@mail ~]# hostnamectl
Static hostname: mail.linuxmysql.com
Icon name: computer
Chassis: n/a
Machine ID: 946cb0e817ea4adb916183df8c4fc817
Boot ID: a66b3c2b5b454172a4bef4fa2178a001
Virtualization: kvm
Operating System: Red Hat Enterprise Linux Server 7.0 (Maipo)
CPE OS Name: cpe:/o:redhat:enterprise_linux:7.0:GA:server
Kernel: Linux 3.10.0-123.el7.x86_64
Architecture: x86_64
在防火墙添上添加以下端口: 25,465,587,110,995,143,993
[root@mail ~]# firewall-cmd --permanent --add-port="25/tcp"
success
unbound域名解析A记录,MX记录
[root@mail ~]# cat /etc/unbound/local.d/linuxmysql.com.conf
local-zone: "linuxmysql.com" static
local-data: "linuxmysql.com. 86400 IN SOA ns.linuxmysql.com root.linuxmysql.com 1 1D 1H 1W 1H"
local-data: "linuxmysql.com. IN NS ns.linuxmysql.com."
local-data: "ns.linuxmysql.com. IN A 172.25.0.11"
local-data: "www.linuxmysql.com. IN A 172.25.0.11"
local-data: "linuxmysql.com. IN A 172.25.0.11"
local-data: "linuxmysql.com. IN MX 10 mail.linuxmysql.com."#MX记录
local-data: "mail.linuxmysql.com. IN A 172.25.0.11"#A记录
local-data: "desktop.linuxmysql.com. IN A 172.25.0.10"
local-data-ptr: "172.25.0.11 ns.linuxmysql.com."
local-data-ptr: "172.25.0.11 mail.linuxmysql.com"#反向解析记录
local-data-ptr: "172.25.0.10 desktop.linuxmysql.com"
安装postfix
yum install postfix
Post配置文件:
Vim /etc/postfix/main.cf
Myhostname邮件系统的主机名
Mydomain邮件系统的域名,指邮件的后缀 linuxmysql.com
Myorigin从本机发出邮件的域名名称 对方收到的邮件是属于那个域名 linuxmysql.com
Inet_interfaces监听的网卡接口
Mydestination可以接收邮件的主机名或域名 自己的域名 linuxmysql.com
Mynetworks设置可转发那些主机的邮件 是本机,本机接收,如果不是本地,是否可以转发,转发那个网段的
可以转发的网段的邮件
Relay_domains可转发那些网域的邮件
修改配置文件:
116 #inet_interfaces = localhost
117 inet_interfaces = all
75 #myhostname = host.domain.tld
76 #myhostname = virtual.domain.tld
77 myhostname = mail.linuxmysql.com
84 #mydomain = domain.tld
85 mydomain = linuxmysql.com
101 #myorigin = $mydomain
102 myorigin = $mydomain
168 #mydestination = $myhostname, localhost.$mydomain, localhost
169 mydestination = $myhostname, $mydomain
269 mynetworks = 172.25.0.0/24,127.0.0.0/8
270 #mynetworks = 168.100.189.0/28, 127.0.0.0/8
将本地的DNS指向本地的IP地址
[root@mail postfix]# cat /etc/resolv.conf
# Generated by NetworkManager
search linuxmysql.com
nameserver 172.25.0.11
创建邮件用户:
[root@mail postfix]# useradd natasha
[root@mail postfix]# echo "redhat" | passwd --stdin natasha
Changing password for user natasha.
passwd: all authentication tokens updated successfully.
[root@mail postfix]# systemctl restart postfix
[root@mail postfix]# systemctl enable postfix
[root@mail postfix]# ss -antlup | grep 25
tcp LISTEN 0 100 *:25 *:* users:(("master",8354,14))
在natasha邮箱用户下面创建必要的目录以及文件
[root@mail postfix]# su natasha
[natasha@mail ~]$ mkdir -p mail/.imap/INBOX
[natasha@mail ~]$ su -
Password:
Last login: Mon Dec 18 20:01:49 CST 2017 from 172.25.0.250 on pts/0
[root@mail ~]# chgrp -R mail /home/natasha/mail
[root@mail ~]# chmod -R 2760 /home/natasha/mail
[root@mail ~]# systemctl restart dovecot
[root@mail ~]# systemctl enable dovecot
ln -s '/usr/lib/systemd/system/dovecot.service' '/etc/systemd/system/multi-user.target.wants/dovecot.service'
安装Dovecot收邮件:
Yum install dovecot -y
修改配置文件:
Vim /etc/dovecot/dovecot.conf
24 #protocols = imap pop3 lmtp
25 protocols = imap pop3 lmtp
26 disable_plaintext_auth = no
50 #login_trusted_networks =
51 login_trusted_networks = 172.25.0.0/24
自定义邮箱邮件的存放位置
[root@mail postfix]# vim /etc/dovecot/conf.d/10-mail.conf
24 # mail_location = maildir:~/Maildir
25 # mail_location = mbox:~/mail:INBOX=/var/mail/%u
26 mail_location = mbox:~/mail:INBOX=/var/mail/%u
27 # mail_location = mbox:/var/mail/%d/%1n/%n:INDEX=/var/indexes/%d/%1n/%n
[root@mail ~]# ss -antlup | grep -w 110
users:(("nmbd",4391,19))
tcp LISTEN 0 100 *:110 *:* users:(("dovecot",8744,23))
tcp LISTEN 0 100 :::110 :::* users:(("dovecot",8744,24))
[root@mail ~]# ss -antlup | grep -w 143
tcp LISTEN 0 100 *:143 *:* users:(("dovecot",8744,37))
tcp LISTEN 0 100 :::143 :::* users:(("dovecot",8744,38))
测试邮件服务是否能发邮件:
[root@mail ~]# echo "mail test " | mail -s "mail test" natasha@linuxmysql.com
[root@mail mail]# cat /var/mail/natasha
From root@linuxmysql.com Tue Dec 19 11:11:01 2017
Return-Path: <root@linuxmysql.com>
X-Original-To: natasha@linuxmysql.com
Delivered-To: natasha@linuxmysql.com
Received: by mail.linuxmysql.com (Postfix, from userid 0)
id DA853EAEF3; Tue, 19 Dec 2017 11:11:01 +0800 (CST)
Date: Tue, 19 Dec 2017 11:11:01 +0800
To: natasha@linuxmysql.com
Subject: mail test
User-Agent: Heirloom mailx 12.5 7/5/10
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-Id: <20171219031101.DA853EAEF3@mail.linuxmysql.com>
From: root@linuxmysql.com (root)
mail test
空客户端邮件系统配置:(desktop 172.25.0.10)
安装MTA(POSTFIX), 不接收客户端的连接,不能通过25端口来连接postfix ,不响应别人的投递邮件
本机发送的邮件不会存在本地,全部发往别一台MTA(server 172.25.0.11的postfix 服务器,由这台服务器代发邮件)
修改主机名为同一个域:
[root@desktop ~]# hostnamectl
Static hostname: desktop.linuxmysql.com
Icon name: computer
Chassis: n/a
Machine ID: 946cb0e817ea4adb916183df8c4fc817
Boot ID: c4f51d6b5ff047009c4cc632fb200e68
Virtualization: kvm
Operating System: Red Hat Enterprise Linux Server 7.0 (Maipo)
CPE OS Name: cpe:/o:redhat:enterprise_linux:7.0:GA:server
Kernel: Linux 3.10.0-123.el7.x86_64
Architecture: x86_64
修改本机的域名DNS服务器:
[root@desktop ~]# cat /etc/resolv.conf
# Generated by NetworkManager
search linuxmysql.com
nameserver 172.25.0.11
防火墙配置
Systemctl restart postfix
Firewalld-cmd --permanent --add-service=smtp
Firewalld-cmd --reload
Firewalld-cmd --list-all
安装postfix
yum install postfix
直接修改配置文件/etc/postfix/main.cf(考试内容)
682 relayhost = [mail.linuxmysql.com]
116 inet_interfaces = loopback-only
680 mynetworks = 127.0.0.0/8 [::1]/128
681 myorigin = desktop.linuxmysql.com
164 mydestination =
683 local_transport = error:local delivery disabled
通过命令修改配置文件:(考试内容)
Postconf查看默认参数
Postconf -n 仅查看postfix修改过的参数设置
Postconf -e 编辑postfix参数
Postconf -e “relayhost=[mail.linuxmysql.com]” #mail.linuxmysql.com #所有邮件转发到mail.linuxmysql.com,由这台postfix服务器上代发
Postconf -e “inet_interfaces=loopback-only” #只侦听用于发送电子邮件的本地回环接口
Postconf -e “mynetworks=127.0.0.0/8 [::1]/128” #只允许本地的(空客户端)邮件转发到中继主机(mail.linuxmysql.com)
Postconf -e “myorigin=desktop.linuxmysql.com”#所有传出的邮件都将发件人域重写为desktop.linuxmysql.com
Postconf -e “mydestination=”#本地发送,不会按受收件人为本地电子邮件帐户的邮件
Postconf -e “local_transport=error:local delivery disabled” #不将任何邮件存放到本地系统上的邮箱中
#postconf -n 查看已配置是否正确
#查看项目对应的值:
[root@mail unbound]# postconf inet_interfaces myorigin
inet_interfaces = all
myorigin = $mydomain
+++++++++++++++++++++++++++++++++++++++++++++++++++
考试内容:
[root@desktop postfix]# postconf -e "inet_interfaces=loopback-only"
[root@desktop postfix]# postconf -e "mynetworks=127.0.0.0/8 [::1]/128"
[root@desktop postfix]# postconf -e "mydestination = "
[root@desktop postfix]# postconf -e "myorigin=desktop.linuxmysql.com"
[root@desktop postfix]# postconf -e "relayhost=[mail.linuxmysql.com]"
[root@desktop postfix]# postconf -e "local_transport = error:local delivery disabled"
[root@desktop postfix]# systemctl restart postfix
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
测试:
在desktop空客户端主机上发送邮件:本机没有natasha这个用户,这个邮件将转由server上的postfix邮件服务器发送
[root@desktop mail]# echo "test" | mail -s "null client" natasha@linuxmysql.com
查看desktop空客户端发送的邮件日志:
[root@desktop mail]# cat /var/log/maillog
Dec 19 11:26:40 desktop postfix/pickup[17987]: E70793268: uid=0 from=<root>
Dec 19 11:26:40 desktop postfix/cleanup[18780]: E70793268: message-id=<20171219032640.E70793268@desktop.linuxmysql.com>
Dec 19 11:26:40 desktop postfix/qmgr[8045]: E70793268: from=<root@desktop.linuxmysql.com>, size=430, nrcpt=1 (queue active)
Dec 19 11:26:41 desktop postfix/smtp[18782]: E70793268: to=<natasha@linuxmysql.com>, relay=mail.linuxmysql.com[172.25.0.11]:25, delay=0.22, delays=0.08/0.03/0.06/0.05, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 3C1C5EAEF3)
Dec 19 11:26:41 desktop postfix/qmgr[8045]: E70793268: removed
查看desktop空客户端的邮件队列:(如果为空,则说明发送成功)
[root@desktop mail]# mailx
No mail for root
[root@desktop mail]# mailq
Mail queue is empty
[root@desktop mail]# postqueue -p
Mail queue is empty
[root@desktop mail]# postqueue -f#立即发送所有在队列的邮件
查看server服务端的日志:
[root@mail local.d]# tail /var/log/maillog
在server 端下查看收到的邮件:
[root@mail mail]# cat /var/mail/natasha
From root@desktop.linuxmysql.com Tue Dec 19 11:26:41 2017
Return-Path: <root@desktop.linuxmysql.com>
X-Original-To: natasha@linuxmysql.com
Delivered-To: natasha@linuxmysql.com
Received: from desktop.linuxmysql.com (desktop.example.com [172.25.0.10])
by mail.linuxmysql.com (Postfix) with ESMTP id 3C1C5EAEF3
for <natasha@linuxmysql.com>; Tue, 19 Dec 2017 11:26:41 +0800 (CST)
Received: by desktop.linuxmysql.com (Postfix, from userid 0)
id E70793268; Tue, 19 Dec 2017 11:26:40 +0800 (CST)
Date: Tue, 19 Dec 2017 11:26:40 +0800
To: natasha@linuxmysql.com
Subject: null client
User-Agent: Heirloom mailx 12.5 7/5/10
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-Id: <20171219032640.E70793268@desktop.linuxmysql.com>
From: root@desktop.linuxmysql.com (root)
Test
