postfix邮件管理
2017-05-23 20:36
274 查看
*************实验前配置环境*****************
***首先重置两台虚拟机***
####desktop主机#####
vim /etc/sysconfig/network-scripts/ifcfg-eth0 ##配置网络环境
BOOTPROTO=none
IPADDR=172.25.254.140
PREFIX=24
systemctl restart network ##重启网络服务
vim /etc/yum.repos.d/... ##配置yum源
yum clean all ##清除yum缓存
hostnamectl set-hostname westos-mail.westos.com ##设置主机名
*****配置dns解析*******
yum install bind -y
systemctl start named
vim /etc/named.conf
11 // listen-on port 53 { 127.0.0.1; };
12 // listen-on-v6 port 53 { ::1; };
17 // allow-query { localhost; };
32 dnssec-validation no;
vim /etc/named.rfc1912.zones
zone "westos.com" IN {
type master;
file "westos.com.zone";
allow-update { none; };
};
zone "qq.com" IN {
type master;
file "qq.com.zone";
allow-update { none; };
};
vim /var/named/westos.com.zone
$TTL 1D
@ IN SOA dns.westos.com. root.westos.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.westos.com.
dns A 172.25.254.140
westos.com. MX 1 172.25.254.140.
###可以用命令:cp -p named.localhost dns.westos.com复制一个配置文件然后修改有关条目
vim /var/named/qq.com.zone
###可以用命令:cp -pdns.westos.com qq.com.zone 复制一个配置文件然后修改有关条目
###进入qq.com.zone后在一般模式下可用命令“:%s/westos/qq/g” 将全文的westos用qq代替
systemctl restart named
vim /etc/resolv.conf
nameserver 172.25.254.140
#####server主机#####
vim /etc/sysconfig/network-scripts/ifcfg-eth0 ##网络配置
vim /etc/yum.repos.d/rhel_dvd.repo ##配置yum源
yum clean all
hostnamectl set-hostname qq-mail.qq.com
vim /etc/resolv.conf
nameserver 172.25.254.140
##测试dns配置:dig -t mx qq.com
dig -t mx westos.com
![](https://img-blog.csdn.net/20170523211847092?watermark/2/text/aHR0cDovL2Jsb2cuY3Nkbi5uZXQvc3VtaW4xMTE4/font/5a6L5L2T/fontsize/400/fill/I0JBQkFCMA==/dissolve/70/gravity/Center)
![](https://img-blog.csdn.net/20170523211907530?watermark/2/text/aHR0cDovL2Jsb2cuY3Nkbi5uZXQvc3VtaW4xMTE4/font/5a6L5L2T/fontsize/400/fill/I0JBQkFCMA==/dissolve/70/gravity/Center)
1.postfix
postfix提供smtp协议用来投递邮件(默认25端口)
/var/log/maillog ##邮件服务日志(可以用cat命令来查看)
mail root@westos.com ##向root用户发送邮件
Subject: hello ##邮件标题
hello world ##邮件内容
. ##用"."来结束录入内容回车发送
mailq ##查看邮件队列
Mail queue is empty ##邮件队列为空,说明已发送
**postqueue -f ##重新处理邮件队列
**默认情况下邮件端口只在127.0.0.1上开启
![](https://img-blog.csdn.net/20170523204704420?watermark/2/text/aHR0cDovL2Jsb2cuY3Nkbi5uZXQvc3VtaW4xMTE4/font/5a6L5L2T/fontsize/400/fill/I0JBQkFCMA==/dissolve/70/gravity/Center)
2.邮件系统基础配置
vim /etc/postfix/main.cf
116 inet_interfaces = all ##25端口开启的网络接口
76 myhostname = westos-mail.westos.com ##指定mta(邮件服务器)主机名称
83 mydomain = westos.com ##指定mta的域名
99 myorigin = westos.com ##指定邮件来源结尾(即@后面的字符内容)
164 mydestination = $myhostname, $mydomain, localhost ##接收邮件结尾字符的指定
systemctl stop firewalld ##关闭火墙
systemctl restart postfix.service ##重启服务
测试:mail
![](https://img-blog.csdn.net/20170523212621577?watermark/2/text/aHR0cDovL2Jsb2cuY3Nkbi5uZXQvc3VtaW4xMTE4/font/5a6L5L2T/fontsize/400/fill/I0JBQkFCMA==/dissolve/70/gravity/Center)
继续回车,依次显示邮件内容
![](https://img-blog.csdn.net/20170523212631612?watermark/2/text/aHR0cDovL2Jsb2cuY3Nkbi5uZXQvc3VtaW4xMTE4/font/5a6L5L2T/fontsize/400/fill/I0JBQkFCMA==/dissolve/70/gravity/Center)
3.邮件别名
vim /etc/aliases
别名: 真名 ##邮件别名
别名: :include:filename ##邮件群发
vim filename
user1
user2
postalias /etc/aliases ##刷新别名列表
mail 别名
测试:
desktop端:mail 别名@qq.com
server端:mail ##查看邮件
或mail -u 真名
4.通过远程主机测试邮件服务
![](https://img-blog.csdn.net/20170524155028993?watermark/2/text/aHR0cDovL2Jsb2cuY3Nkbi5uZXQvc3VtaW4xMTE4/font/5a6L5L2T/fontsize/400/fill/I0JBQkFCMA==/dissolve/70/gravity/Center)
在qq.com端用mail命令测试接收结果。
5.邮件访问控制
(1)发送端:
[root@westos-mail ~]# postconf -e "smtpd_client_restrictions = check_client_access hash:/etc/postfix/access"
<
dbc9
/p>
###在邮件配置文件中加入配置:开启用户访问检测,并对访问文件进行hash加密
[root@westos-mail ~]# tail -n 1 /etc/postfix/main.cf ##查看主配置文件的最后一行会发现参数已经添加
smtpd_client_restrictions = check_client_access hash:/etc/postfix/access
[root@westos-mail ~]# vim /etc/postfix/access ##编辑加密文件
172.25.254.75 REJECT ##最后一行添加要拒绝的主机
[root@westos-mail ~]# postmap /etc/postfix/access ##加密文件
[root@westos-mail ~]# ls /etc/postfix/ ##.db文件为真实的加密文件
access canonical header_checks master.cf relocated virtual
access.db generic main.cf moreuser transport
[root@westos-mail ~]# systemctl restart postfix.service ##重启服务
(2)测试:
[root@foundation150 ~]# telnet 172.25.254.140 25
Trying 172.25.254.140...
Connected to 172.25.254.140.
Escape character is '^]'.
220 westos-mail.westos.com ESMTP Postfix
mail from:root@westos.com
250 2.1.0 Ok
rcpt to:root@qq.com
554 5.7.1 <unknown[172.25.254.40]>: Client host rejected: Access denied ##发送邮件时被拒绝
quit
221 2.0.0 Bye
Connection closed by foreign host
![](https://img-blog.csdn.net/20170524170423736?watermark/2/text/aHR0cDovL2Jsb2cuY3Nkbi5uZXQvc3VtaW4xMTE4/font/5a6L5L2T/fontsize/400/fill/I0JBQkFCMA==/dissolve/70/gravity/Center)
6.限制用户发送
(1)首先清除上次实验的控制
[root@westos-mail ~]# vim /etc/postfix/main.cf ##注释掉邮件访问控制语句
#smtpd_client_restrictions = check_client_access hash:/etc/postfix/access
(2)
[root@westos-mail ~]# postconf -e "smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender" ##限制用户发送邮件,使用哈希在/etc/postfix/sender加密
[root@westos-mail ~]# tail -n 1 /etc/postfix/main.cf ##查看主配置文件发现参数已经添加
smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender
[root@westos-mail ~]# vim /etc/postfix/sender ##编辑加密文件,写入要加密的用户
student@westos.com REJECT ##末尾不能加空格等其他任何字符
[root@westos-mail ~]# postmap /etc/postfix/sender ##对加密文件进行加密
[root@westos-mail ~]# ls /etc/postfix/ ##sender.db即生成的加密文件
access canonical header_checks master.cf relocated sender.db virtual
generic main.cf moreuser sender transport
[root@westos-mail ~]# systemctl restart postfix.service ##重启服务
(3)测试:
[root@foundation41 Desktop]# telnet 172.25.254.140 25
Trying 172.25.254.140...
Connected to 172.25.254.140.
Escape character is '^]'.
220 westos-mail.westos.com ESMTP Postfix
mail from:student@westos.com
250 2.1.0 Ok
rcpt to:root@qq.com
554 5.7.1 <student@westos.com>: Sender address rejected: Access denied ##发送被限制
![](https://img-blog.csdn.net/20170524201853755?watermark/2/text/aHR0cDovL2Jsb2cuY3Nkbi5uZXQvc3VtaW4xMTE4/font/5a6L5L2T/fontsize/400/fill/I0JBQkFCMA==/dissolve/70/gravity/Center)
7.限制用户接收
(1)
[root@westos-mail ~]# postconf -e "smtpd_recipient_restrictions = check_recipient_access hash:/etc/postfix/recip" ##限制用户接受文件,使用哈希加密在/etc/postfix/recip加密
[root@westos-mail ~]# vim /etc/postfix/recip ##编辑加密文件,写入加密用户
westos@westos.com REJECT
##末尾不能加空格等其他任何字符
[root@westos-mail ~]# postmap /etc/postfix/recip ##对加密文件进行加密,生成.db文件
[root@westos-mail ~]# ls /etc/postfix/
access generic main.cf moreuser recip.db sender transport
canonical header_checks master.cf recip relocated sender.db virtual
[root@westos-mail ~]# systemctl restart postfix.service ##重启服务
(2)测试:
[root@foundation41 Desktop]# telnet 172.25.254.140 25
Trying 172.25.254.140...
Connected to 172.25.254.140.
Escape character is '^]'.
220 westos-mail.westos.com ESMTP Postfix
mail from:westos@westos.com ##发送者
250 2.1.0 Ok
rcpt to:root@qq.com ##接收者
250 2.1.5 Ok
data
354 End data with <CR><LF>.<CR><LF>
123
1213
.
250 2.0.0 Ok: queued as 29960EAC27 ##由此看出westos@westos.com可以发送邮件
mail from:root@qq.com
250 2.1.0 Ok
rcpt to:westos@westos.com
554 5.7.1 <westos@westos.com>: Recipient address rejected: Access denied ##由此看出不能接受邮件
quit
221 2.0.0 Bye
Connection closed by foreign host.
![](https://img-blog.csdn.net/20170524202620562?watermark/2/text/aHR0cDovL2Jsb2cuY3Nkbi5uZXQvc3VtaW4xMTE4/font/5a6L5L2T/fontsize/400/fill/I0JBQkFCMA==/dissolve/70/gravity/Center)
8.出站地址伪装
(1)
[root@westos-mail ~]# postconf -e "smtp_generic_maps = hash:/etc/postfix/generic" ##出站地址伪装
[root@westos-mail ~]# vim /etc/postfix/generic ##编写加密文件,写入伪装用户
westos@westos.com hello@haha.com
##末尾不能加空格等其他任何字符
[root@westos-mail ~]# postmap /etc/postfix/generic ##进行加密
[root@westos-mail ~]# systemctl restart postfix.service ##重启服务
(2)测试:
[root@westos-mail ~]# su - westos
[westos@westos-mail ~]$ mail root@qq.com
Subject: hello1
hello qq
.
[root@qq-mail ~]# mail ##查看邮件,最后一封邮件发送方显示伪装后的名字:hello@haha.com
![](https://img-blog.csdn.net/20170524203653145?watermark/2/text/aHR0cDovL2Jsb2cuY3Nkbi5uZXQvc3VtaW4xMTE4/font/5a6L5L2T/fontsize/400/fill/I0JBQkFCMA==/dissolve/70/gravity/Center)
9.入站地址转换
(1)实验环境:
[root@westos-mail ~]# vim /etc/postfix/main.cf ##编辑主配置文件,注释westos用户不能收件的功能
#smtpd_recipient_restrictions = check_recipient_access hash:/etc/postfix/recip
(2)DNS解析
[root@westos-mail ~]# vim /etc/named.rfc1912.zones
zone "gmail.com" IN {
type master;
file "gmail.com.zone";
allow-update { none; };
};
[root@westos-mail ~]# cp -p /var/named/westos.com.zone /var/named/gmail.com.zone
[root@westos-mail ~]# vim /var/named/gmail.com.zone
把westos换成gmail ##可用命令“:%s/westos/gmail/g”
[root@westos-mail ~]# systemctl restart named
[root@westos-mail ~]# dig -t mx gmail.com
![](https://img-blog.csdn.net/20170524204809540?watermark/2/text/aHR0cDovL2Jsb2cuY3Nkbi5uZXQvc3VtaW4xMTE4/font/5a6L5L2T/fontsize/400/fill/I0JBQkFCMA==/dissolve/70/gravity/Center)
(3)转换地址
[root@westos-mail ~]# postconf -e "virtual_alias_maps = hash:/etc/postfix/virtual" ##入站地址转换
[root@westos-mail ~]# vim /etc/postfix/virtual ##编辑虚拟地址转换文件
虚拟名称 真实名称
hello@gmail.com westos@westos.com
##末尾不能加空格等其他任何字符
[root@westos-mail ~]# postmap /etc/postfix/virtual ##进行加密
[root@westos-mail ~]# systemctl restart postfix.service ##重启服务
(4)测试
[root@qq-mail ~]# mail hello@gmail.com ##向hello@gmail.com回复邮件
Subject: hi
hi gmail
.
EOT
[root@westos-mail ~]# mail -u westos
Heirloom Mail version 12.5 7/5/10. Type ? for help.
"/var/mail/westos": 1 message 1 new
>N 1 root Wed May 24 08:57 21/717 "hi"
&
Message 1:
From root@qq.com Wed May 24 08:57:07 2017
Return-Path: <root@qq.com>
X-Original-To: hello@gmail.com ##虚拟名称
Delivered-To: westos@westos.com ##转换成了真实名称
Date: Wed, 24 May 2017 08:57:06 -0400
To: hello@gmail.com
Subject: hi
User-Agent: Heirloom mailx 12.5 7/5/10
Content-Type: text/plain; charset=us-ascii
From: root@qq.com (root)
Status: R
hi gmail
![](https://img-blog.csdn.net/20170524210029718?watermark/2/text/aHR0cDovL2Jsb2cuY3Nkbi5uZXQvc3VtaW4xMTE4/font/5a6L5L2T/fontsize/400/fill/I0JBQkFCMA==/dissolve/70/gravity/Center)
#####出站地址伪装和入站地址转换构成了企业邮箱功能#####
10.dovecot
1.dovecot 用来提供收件协议,给定用户名称,用户密码,dovecot程序代我们去看这个用户的邮件文件
/etc/services 端口文件
pop3 110
imap 143
imaps 993
pop3s 995
2.下载
yum install dovecot -y ##下载dovecot
3.配置
vim /etc/dovecot/dovecot.conf ##编辑主配置文件
24 protocols = imap pop3 lmtp ##使用imap pop3 lmtp协议
48 login_trusted_networks = 0.0.0.0/0 ##全网访问
49 disable_plaintext_auth = no ##使用明文密码登陆
vim /etc/dovecot/conf.d/10-mail.conf ##编辑子配置文件
30 mail_location = mbox:~/mail:INBOX=/var/mail/%u ##用户邮件所在地
#mbox - mail's box
#~/mail - 用户家目录/mail
#INBOX=/var/mail/%u - INBOX中存放的是/var/mail/%u中的文件
#%u - username
systemctl restart dovecot ##重启服务
[root@westos-mail ~]# su - westos ##切换westos用户
[westos@westos-mail ~]$ pwd
/home/westos
[westos@westos-mail ~]$ mkdir mail/.imap/ -p ##建立邮件目录
[westos@westos-mail ~]$ touch mail/.imap/INBOX ##建立邮件存储文件
[root@westos-mail ~]# mkdir /etc/skel/mail/.imap -p ##建立用户(新建立的所有)邮件目录
[root@westos-mail ~]# touch /etc/skel/mail/.imap/INBOX ##建立用户(新建立的所有)邮件存储文件
4.测试
mutt -f pop://westos@172.25.254.140 ##查看邮件
11.postfix+mysql
1.数据库基础设置
yum install httpd php php-mysql.x86_64 mariadb-server.x86_64 -y
mv /etc/postfix/main.cf /mnt ##备份配置文件
yum reinstall postfix.x86_64 ##重新下载
vim /etc/postfix/main.cf
systemctl restart postfix.service
systemctl start mariadb
mysql_secure_installation ##数据库安全证书初始化
tar jxf phpMyAdmin-3.4.0-all-languages.tar.bz2 -C /var/www/html/
rm *.bz2 -f
mv phpMyAdmin-3.4.0-all-languages/ admin/
cp /var/www/html/admin/config.sample.inc.php /var/www/html/admin/config.sample.php
vim /var/www/html/admin/config.sample.php
vim /etc/my.cnf
systemctl restart mariadb
systemctl restart httpd
-----web建立表格
mysql -uroot -pwestos
create user postuser@localhost identified by 'postuser'; ##建立数据库用户
grant select,update,insert on email.* to postuser@localhost; ##授权
2.设置postfix
(1)用户名查询
vim /etc/postfix/mailuser.cf ##用户名查询
hosts = localhost ##数据库所在主机
user = postuser ##登陆数据库的用
password = postuser ##登陆数据库的用户的密码
dbname = email ##postfix要查询的库名称
table = emailuser ##postfix要查询的表的名称
select_field = username ##postfix要查询的字段
where_field = username ##用户给定的postfix的查询条件
(2)用户域名查询
vim /etc/postfix/maildomain.cf ##用户域名查询
hosts = localhost
user = postuser
password = postuser
dbname = email
table = emailuser
select_field = domain
where_field = domain
(3)用户邮箱位置查询
vim /etc/postfix/mailbox.cf ##用户邮箱位置查询
hosts = localhost
user = postuser
password = postuser
dbname = email
table = emailuser
select_field = maildir
where_field = username
(4)测试
[root@westos-mail postfix]# postmap -q "lee@lee.com" mysql:/etc/postfix/mailuser.cf
lee@lee.com
[root@westos-mail postfix]# postmap -q "lee.com" mysql:/etc/postfix/maildomain.cf
lee.com
[root@westos-mail postfix]# postmap -q "lee@lee.com" mysql:/etc/postfix/mailbox.cf
/mnt/lee.com/lee/
3.配置postfix
(1)
groupadd -g 666 vmail
useradd -s /sbin/nologin -u 666 vmail -g 666
(2)
postconf -e "virtual_mailbox_base = /home/vmail"
postconf -e "virtual_uid_maps = static:666"
postconf -e "virtual_alias_maps = mysql:/etc/postfix/mailuser.cf"
postconf -e "virtual_mailbox_domains = mysql:/etc/postfix/maildomain.cf"
postconf -e "virtual_mailbox_maps = mysql:/etc/postfix/mailbox.cf"
systemctl restart postfix.service
(3)
mail lee@lee.com
ls /home/vmail
***首先重置两台虚拟机***
####desktop主机#####
vim /etc/sysconfig/network-scripts/ifcfg-eth0 ##配置网络环境
BOOTPROTO=none
IPADDR=172.25.254.140
PREFIX=24
systemctl restart network ##重启网络服务
vim /etc/yum.repos.d/... ##配置yum源
yum clean all ##清除yum缓存
hostnamectl set-hostname westos-mail.westos.com ##设置主机名
*****配置dns解析*******
yum install bind -y
systemctl start named
vim /etc/named.conf
11 // listen-on port 53 { 127.0.0.1; };
12 // listen-on-v6 port 53 { ::1; };
17 // allow-query { localhost; };
32 dnssec-validation no;
vim /etc/named.rfc1912.zones
zone "westos.com" IN {
type master;
file "westos.com.zone";
allow-update { none; };
};
zone "qq.com" IN {
type master;
file "qq.com.zone";
allow-update { none; };
};
vim /var/named/westos.com.zone
$TTL 1D
@ IN SOA dns.westos.com. root.westos.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.westos.com.
dns A 172.25.254.140
westos.com. MX 1 172.25.254.140.
###可以用命令:cp -p named.localhost dns.westos.com复制一个配置文件然后修改有关条目
vim /var/named/qq.com.zone
###可以用命令:cp -pdns.westos.com qq.com.zone 复制一个配置文件然后修改有关条目
###进入qq.com.zone后在一般模式下可用命令“:%s/westos/qq/g” 将全文的westos用qq代替
systemctl restart named
vim /etc/resolv.conf
nameserver 172.25.254.140
#####server主机#####
vim /etc/sysconfig/network-scripts/ifcfg-eth0 ##网络配置
vim /etc/yum.repos.d/rhel_dvd.repo ##配置yum源
yum clean all
hostnamectl set-hostname qq-mail.qq.com
vim /etc/resolv.conf
nameserver 172.25.254.140
##测试dns配置:dig -t mx qq.com
dig -t mx westos.com
1.postfix
postfix提供smtp协议用来投递邮件(默认25端口)
/var/log/maillog ##邮件服务日志(可以用cat命令来查看)
mail root@westos.com ##向root用户发送邮件
Subject: hello ##邮件标题
hello world ##邮件内容
. ##用"."来结束录入内容回车发送
mailq ##查看邮件队列
Mail queue is empty ##邮件队列为空,说明已发送
**postqueue -f ##重新处理邮件队列
**默认情况下邮件端口只在127.0.0.1上开启
2.邮件系统基础配置
vim /etc/postfix/main.cf
116 inet_interfaces = all ##25端口开启的网络接口
76 myhostname = westos-mail.westos.com ##指定mta(邮件服务器)主机名称
83 mydomain = westos.com ##指定mta的域名
99 myorigin = westos.com ##指定邮件来源结尾(即@后面的字符内容)
164 mydestination = $myhostname, $mydomain, localhost ##接收邮件结尾字符的指定
systemctl stop firewalld ##关闭火墙
systemctl restart postfix.service ##重启服务
测试:mail
继续回车,依次显示邮件内容
3.邮件别名
vim /etc/aliases
别名: 真名 ##邮件别名
别名: :include:filename ##邮件群发
vim filename
user1
user2
postalias /etc/aliases ##刷新别名列表
mail 别名
测试:
desktop端:mail 别名@qq.com
server端:mail ##查看邮件
或mail -u 真名
4.通过远程主机测试邮件服务
在qq.com端用mail命令测试接收结果。
5.邮件访问控制
(1)发送端:
[root@westos-mail ~]# postconf -e "smtpd_client_restrictions = check_client_access hash:/etc/postfix/access"
<
dbc9
/p>
###在邮件配置文件中加入配置:开启用户访问检测,并对访问文件进行hash加密
[root@westos-mail ~]# tail -n 1 /etc/postfix/main.cf ##查看主配置文件的最后一行会发现参数已经添加
smtpd_client_restrictions = check_client_access hash:/etc/postfix/access
[root@westos-mail ~]# vim /etc/postfix/access ##编辑加密文件
172.25.254.75 REJECT ##最后一行添加要拒绝的主机
[root@westos-mail ~]# postmap /etc/postfix/access ##加密文件
[root@westos-mail ~]# ls /etc/postfix/ ##.db文件为真实的加密文件
access canonical header_checks master.cf relocated virtual
access.db generic main.cf moreuser transport
[root@westos-mail ~]# systemctl restart postfix.service ##重启服务
(2)测试:
[root@foundation150 ~]# telnet 172.25.254.140 25
Trying 172.25.254.140...
Connected to 172.25.254.140.
Escape character is '^]'.
220 westos-mail.westos.com ESMTP Postfix
mail from:root@westos.com
250 2.1.0 Ok
rcpt to:root@qq.com
554 5.7.1 <unknown[172.25.254.40]>: Client host rejected: Access denied ##发送邮件时被拒绝
quit
221 2.0.0 Bye
Connection closed by foreign host
6.限制用户发送
(1)首先清除上次实验的控制
[root@westos-mail ~]# vim /etc/postfix/main.cf ##注释掉邮件访问控制语句
#smtpd_client_restrictions = check_client_access hash:/etc/postfix/access
(2)
[root@westos-mail ~]# postconf -e "smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender" ##限制用户发送邮件,使用哈希在/etc/postfix/sender加密
[root@westos-mail ~]# tail -n 1 /etc/postfix/main.cf ##查看主配置文件发现参数已经添加
smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender
[root@westos-mail ~]# vim /etc/postfix/sender ##编辑加密文件,写入要加密的用户
student@westos.com REJECT ##末尾不能加空格等其他任何字符
[root@westos-mail ~]# postmap /etc/postfix/sender ##对加密文件进行加密
[root@westos-mail ~]# ls /etc/postfix/ ##sender.db即生成的加密文件
access canonical header_checks master.cf relocated sender.db virtual
generic main.cf moreuser sender transport
[root@westos-mail ~]# systemctl restart postfix.service ##重启服务
(3)测试:
[root@foundation41 Desktop]# telnet 172.25.254.140 25
Trying 172.25.254.140...
Connected to 172.25.254.140.
Escape character is '^]'.
220 westos-mail.westos.com ESMTP Postfix
mail from:student@westos.com
250 2.1.0 Ok
rcpt to:root@qq.com
554 5.7.1 <student@westos.com>: Sender address rejected: Access denied ##发送被限制
7.限制用户接收
(1)
[root@westos-mail ~]# postconf -e "smtpd_recipient_restrictions = check_recipient_access hash:/etc/postfix/recip" ##限制用户接受文件,使用哈希加密在/etc/postfix/recip加密
[root@westos-mail ~]# vim /etc/postfix/recip ##编辑加密文件,写入加密用户
westos@westos.com REJECT
##末尾不能加空格等其他任何字符
[root@westos-mail ~]# postmap /etc/postfix/recip ##对加密文件进行加密,生成.db文件
[root@westos-mail ~]# ls /etc/postfix/
access generic main.cf moreuser recip.db sender transport
canonical header_checks master.cf recip relocated sender.db virtual
[root@westos-mail ~]# systemctl restart postfix.service ##重启服务
(2)测试:
[root@foundation41 Desktop]# telnet 172.25.254.140 25
Trying 172.25.254.140...
Connected to 172.25.254.140.
Escape character is '^]'.
220 westos-mail.westos.com ESMTP Postfix
mail from:westos@westos.com ##发送者
250 2.1.0 Ok
rcpt to:root@qq.com ##接收者
250 2.1.5 Ok
data
354 End data with <CR><LF>.<CR><LF>
123
1213
.
250 2.0.0 Ok: queued as 29960EAC27 ##由此看出westos@westos.com可以发送邮件
mail from:root@qq.com
250 2.1.0 Ok
rcpt to:westos@westos.com
554 5.7.1 <westos@westos.com>: Recipient address rejected: Access denied ##由此看出不能接受邮件
quit
221 2.0.0 Bye
Connection closed by foreign host.
8.出站地址伪装
(1)
[root@westos-mail ~]# postconf -e "smtp_generic_maps = hash:/etc/postfix/generic" ##出站地址伪装
[root@westos-mail ~]# vim /etc/postfix/generic ##编写加密文件,写入伪装用户
westos@westos.com hello@haha.com
##末尾不能加空格等其他任何字符
[root@westos-mail ~]# postmap /etc/postfix/generic ##进行加密
[root@westos-mail ~]# systemctl restart postfix.service ##重启服务
(2)测试:
[root@westos-mail ~]# su - westos
[westos@westos-mail ~]$ mail root@qq.com
Subject: hello1
hello qq
.
[root@qq-mail ~]# mail ##查看邮件,最后一封邮件发送方显示伪装后的名字:hello@haha.com
9.入站地址转换
(1)实验环境:
[root@westos-mail ~]# vim /etc/postfix/main.cf ##编辑主配置文件,注释westos用户不能收件的功能
#smtpd_recipient_restrictions = check_recipient_access hash:/etc/postfix/recip
(2)DNS解析
[root@westos-mail ~]# vim /etc/named.rfc1912.zones
zone "gmail.com" IN {
type master;
file "gmail.com.zone";
allow-update { none; };
};
[root@westos-mail ~]# cp -p /var/named/westos.com.zone /var/named/gmail.com.zone
[root@westos-mail ~]# vim /var/named/gmail.com.zone
把westos换成gmail ##可用命令“:%s/westos/gmail/g”
[root@westos-mail ~]# systemctl restart named
[root@westos-mail ~]# dig -t mx gmail.com
(3)转换地址
[root@westos-mail ~]# postconf -e "virtual_alias_maps = hash:/etc/postfix/virtual" ##入站地址转换
[root@westos-mail ~]# vim /etc/postfix/virtual ##编辑虚拟地址转换文件
虚拟名称 真实名称
hello@gmail.com westos@westos.com
##末尾不能加空格等其他任何字符
[root@westos-mail ~]# postmap /etc/postfix/virtual ##进行加密
[root@westos-mail ~]# systemctl restart postfix.service ##重启服务
(4)测试
[root@qq-mail ~]# mail hello@gmail.com ##向hello@gmail.com回复邮件
Subject: hi
hi gmail
.
EOT
[root@westos-mail ~]# mail -u westos
Heirloom Mail version 12.5 7/5/10. Type ? for help.
"/var/mail/westos": 1 message 1 new
>N 1 root Wed May 24 08:57 21/717 "hi"
&
Message 1:
From root@qq.com Wed May 24 08:57:07 2017
Return-Path: <root@qq.com>
X-Original-To: hello@gmail.com ##虚拟名称
Delivered-To: westos@westos.com ##转换成了真实名称
Date: Wed, 24 May 2017 08:57:06 -0400
To: hello@gmail.com
Subject: hi
User-Agent: Heirloom mailx 12.5 7/5/10
Content-Type: text/plain; charset=us-ascii
From: root@qq.com (root)
Status: R
hi gmail
#####出站地址伪装和入站地址转换构成了企业邮箱功能#####
10.dovecot
1.dovecot 用来提供收件协议,给定用户名称,用户密码,dovecot程序代我们去看这个用户的邮件文件
/etc/services 端口文件
pop3 110
imap 143
imaps 993
pop3s 995
2.下载
yum install dovecot -y ##下载dovecot
3.配置
vim /etc/dovecot/dovecot.conf ##编辑主配置文件
24 protocols = imap pop3 lmtp ##使用imap pop3 lmtp协议
48 login_trusted_networks = 0.0.0.0/0 ##全网访问
49 disable_plaintext_auth = no ##使用明文密码登陆
vim /etc/dovecot/conf.d/10-mail.conf ##编辑子配置文件
30 mail_location = mbox:~/mail:INBOX=/var/mail/%u ##用户邮件所在地
#mbox - mail's box
#~/mail - 用户家目录/mail
#INBOX=/var/mail/%u - INBOX中存放的是/var/mail/%u中的文件
#%u - username
systemctl restart dovecot ##重启服务
[root@westos-mail ~]# su - westos ##切换westos用户
[westos@westos-mail ~]$ pwd
/home/westos
[westos@westos-mail ~]$ mkdir mail/.imap/ -p ##建立邮件目录
[westos@westos-mail ~]$ touch mail/.imap/INBOX ##建立邮件存储文件
[root@westos-mail ~]# mkdir /etc/skel/mail/.imap -p ##建立用户(新建立的所有)邮件目录
[root@westos-mail ~]# touch /etc/skel/mail/.imap/INBOX ##建立用户(新建立的所有)邮件存储文件
4.测试
mutt -f pop://westos@172.25.254.140 ##查看邮件
11.postfix+mysql
1.数据库基础设置
yum install httpd php php-mysql.x86_64 mariadb-server.x86_64 -y
mv /etc/postfix/main.cf /mnt ##备份配置文件
yum reinstall postfix.x86_64 ##重新下载
vim /etc/postfix/main.cf
systemctl restart postfix.service
systemctl start mariadb
mysql_secure_installation ##数据库安全证书初始化
tar jxf phpMyAdmin-3.4.0-all-languages.tar.bz2 -C /var/www/html/
rm *.bz2 -f
mv phpMyAdmin-3.4.0-all-languages/ admin/
cp /var/www/html/admin/config.sample.inc.php /var/www/html/admin/config.sample.php
vim /var/www/html/admin/config.sample.php
vim /etc/my.cnf
systemctl restart mariadb
systemctl restart httpd
-----web建立表格
mysql -uroot -pwestos
create user postuser@localhost identified by 'postuser'; ##建立数据库用户
grant select,update,insert on email.* to postuser@localhost; ##授权
2.设置postfix
(1)用户名查询
vim /etc/postfix/mailuser.cf ##用户名查询
hosts = localhost ##数据库所在主机
user = postuser ##登陆数据库的用
password = postuser ##登陆数据库的用户的密码
dbname = email ##postfix要查询的库名称
table = emailuser ##postfix要查询的表的名称
select_field = username ##postfix要查询的字段
where_field = username ##用户给定的postfix的查询条件
(2)用户域名查询
vim /etc/postfix/maildomain.cf ##用户域名查询
hosts = localhost
user = postuser
password = postuser
dbname = email
table = emailuser
select_field = domain
where_field = domain
(3)用户邮箱位置查询
vim /etc/postfix/mailbox.cf ##用户邮箱位置查询
hosts = localhost
user = postuser
password = postuser
dbname = email
table = emailuser
select_field = maildir
where_field = username
(4)测试
[root@westos-mail postfix]# postmap -q "lee@lee.com" mysql:/etc/postfix/mailuser.cf
lee@lee.com
[root@westos-mail postfix]# postmap -q "lee.com" mysql:/etc/postfix/maildomain.cf
lee.com
[root@westos-mail postfix]# postmap -q "lee@lee.com" mysql:/etc/postfix/mailbox.cf
/mnt/lee.com/lee/
3.配置postfix
(1)
groupadd -g 666 vmail
useradd -s /sbin/nologin -u 666 vmail -g 666
(2)
postconf -e "virtual_mailbox_base = /home/vmail"
postconf -e "virtual_uid_maps = static:666"
postconf -e "virtual_alias_maps = mysql:/etc/postfix/mailuser.cf"
postconf -e "virtual_mailbox_domains = mysql:/etc/postfix/maildomain.cf"
postconf -e "virtual_mailbox_maps = mysql:/etc/postfix/mailbox.cf"
systemctl restart postfix.service
(3)
mail lee@lee.com
ls /home/vmail
相关文章推荐
- LAMP+Postfix+Dovecot+Postfixadmin搭建邮件管理系统(七)
- LAMP+Postfix+Dovecot+Postfixadmin搭建邮件管理系统(四)
- Postfix 邮件系统常用测试与管理命令
- Postfix queue(邮件队列) 管理
- postfix管理邮件队列的小程序
- postfix邮件队列管理
- LAMP+Postfix+Dovecot+Postfixadmin搭建邮件管理系统(五)
- postfix+mysql(数据库对邮件的管理)
- Postfix邮件队例队列管理工具
- postfix管理邮件队列
- Extamil+postfix web页面管理发送虚拟账号邮件
- postfix 邮件队列管理
- Postfix queue(邮件队列) 管理
- 构建postfix邮件服务器(五)extmail和extman的安装,实现web使用和管理邮件系统
- LAMP+Postfix+Dovecot+Postfixadmin搭建邮件管理系统(一)
- LAMP+Postfix+Dovecot+Postfixadmin搭建邮件管理系统(二)
- LAMP+Postfix+Dovecot+Postfixadmin搭建邮件管理系统(六)
- postfix+webmail实现邮件服务的配置及管理
- LAMP+Postfix+Dovecot+Postfixadmin搭建邮件管理系统(三)
- postfix 邮件发送