邮件服务器配置「建议收藏」

2022-07-29 21:26:27 浏览数 (1)

大家好,又见面了,我是你们的朋友全栈君。

邮件服务器 postfix 仅提供 smtp 服务,不提供 pop3 和 imap 服务,主要是用发送和接收邮件的(接收到的邮件后,一般转交 dovecot 处理,dovecot 负责将 postfix 转发过来的邮件保存到服务器硬盘上) dovecot 仅提供 pop3 和 imap 服务,不提供 smtp 服务(Foxmail之类的邮箱客户端,都是通过pop3 和 imap 来收发邮件的。发邮件时,dovecot 会将邮件转交给 postfix 来发送) Postfix是一个由IBM资助下由Wietse Venema 负责开发的一个自由软件工程产物 邮件服务器 三个协议: SMTP:Simple Mail Transfer Protocol/简单邮件传送协议 定义邮件传送,基于TCP服务的应用层, 明文传送,SMTP协议使用25端口 POP3:Post Office Protocol 3/邮局协议第三版,是从邮件服务器中下载邮件存起来支持不在线用户,基于TCP/IP,明文,使用110端口 IMAP:Internet Message Access Protocol/英特网信息存取协议 也叫邮件同步协议,将邮件留在服务器端直接对邮件进行管理、操作,比POP3更先进支持邮件头部预览主题来源,基于TCP/IP,使用143端口,

POP3协议允许电子邮件客户端下载服务器上的邮件,但是在客户端的操作(如移动邮件、标记已读等),不会反馈到服务器上,比如通过客户端收取了邮箱中的3封邮件并移动到其他文件夹,邮箱服务器上的这些邮件是没有同时被移动的 。 IMAP提供webmail与电子邮件客户端之间的双向通信,客户端的操作都会反馈到服务器上,对邮件进行的操作,服务器上的邮件也会做相应的动作。 postfix管邮件收发,也就是SMTP服务器 dovecot负责邮件管理,上传,下载,删除等。也就是POP3/IMAP服务器 Dovecot: 是一个非常优秀的IMAP/POP服务器用以接收外界发送到本机的邮件。通常,Dovecot的工作内容包括:验证用户身份以确保邮件不会被泄露。

MUA:Mail User Agent,邮件用户代理 MTA:Mail Transfer Agent,邮件传输代理代为传递,Sendmail和Postfix就是扮演MTA的角色。 MDA:Mail Delivery Agent,邮件投递代理 邮件到达MDA后,就存放在某个文件或特殊的数据库里,我们将这个长期保存邮件的地方称之为邮箱。 一旦邮件到达邮箱,就原地不动了,等用户再通过MUA将其取走,就是用Outlook,Foxmail等软件收信的过程。

一封邮件的流程是: 发件人:MUA –发送–> MTA -> 若干个MTA… -> MTA -> MDA <–收取– MUA:收件人 MUA到MTA,以及MTA到MTA之间使用的协议就是SMTP协议,而收邮件时,MUA到MDA之间使用的协议最常用的是POP3或IMAP 专业邮件服务商都有大量的机器来为用户服务,所以通常MTA和MDA并不是同一台服务器,因此,在Outlook等软件里,我们需要分别填写SMTP发送服务器的地址和POP3接收服务器的地址

默认安装邮件服务,并启动 [root@localhost ~]# vim /etc/postfix/main.cf 76 myhostname = mail.baidu.com配置邮件服务器主机名 83 mydomain = baidu.com配置域名 99myorigin=$mydomain 113 inet_interfaces = all指定网络接口

116#inet_interfaces = localhost 164mydestination= myhostname,localhost. m y h o s t n a m e , l o c a l h o s t . myhostname, localhost.mydomain, localhost,$mydomain指定服务器的目标区域

264 mynetworks = 172.16.50.0/24, 127.0.0.0/8 296 Relay_domains = $mydestination 转发域

[root@localhost ~]# systemctl restart postfix [root@localhost ~]# mail to redhat@baidu.com Subject: jhdafds jhdpweiyrqpuvhfe EOT 按下CTRL d按键保存发送,回显一个标记 [root@localhost ~]# su – redhat Last login: Mon Aug 6 07:24:48 EDT 2018 on :0 [redhat@localhost ~]$ mail Heirloom Mail version 12.5 7/5/10. Type ? for help. “/var/spool/mail/redhat”: 1 message 1 new >N 1 root Mon Aug 6 10:48 18/572 “jhdafds” & 1 Message 1: From root@baidu.com Mon Aug 6 10:48:59 2018 Return-Path: root@baidu.com X-Original-To: redhat@baidu.com Delivered-To: redhat@baidu.com Date: Mon, 06 Aug 2018 10:48:58 -0400 To: redhat@baidu.com, to@baidu.com Subject: jhdafds User-Agent: Heirloom mailx 12.5 7/5/10 Content-Type: text/plain; charset=us-ascii From: root@baidu.com (root) Status: R

jhdpweiyrqpuvhfe & Held 1 message in /var/spool/mail/redhat

邮件群发:

[root@localhost ~]# vim /etc/aliases nfsnobody: root ingres: root system: root toor: root manager: root dumper: root abuse: root newsadm: news newsadmin: news usenet: news ftpadm: ftp ftpadmin: ftp ftp-adm: ftp ftp-admin: ftp www: webmaster webmaster: root noc: root security: root hostmaster: root info: postmaster marketing: postmaster sales: postmaster support: postmaster # trap decode t catch security attacks decode: root # Person who should get root’s mail #root: marc workgroup: maomao,redhat,xixi workgroup1: xix,maomao “/etc/aliases” 98L, 1571C 读取/etc/aliases.db文件 使用postmail命令将别名文件转化为数据库 [root@localhost ~]# postalias /etc/aliases [root@localhost ~]# mail to workgroup@baidu.com Subject: test ddjafhoiahva;k EOT [root@localhost ~]# su – maomao [maomao@localhost ~]$ mail Heirloom Mail version 12.5 7/5/10. Type ? for help. “/var/spool/mail/maomao”: 1 message 1 new >N 1 root Mon Aug 6 11:10 18/576 “test” & 1 Message 1: From root@baidu.com Mon Aug 6 11:10:58 2018 Return-Path: root@baidu.com X-Original-To: workgroup@baidu.com Delivered-To: workgroup@baidu.com Date: Mon, 06 Aug 2018 11:10:57 -0400 To: workgroup@baidu.com, to@baidu.com Subject: test User-Agent: Heirloom mailx 12.5 7/5/10 Content-Type: text/plain; charset=us-ascii From: root@baidu.com (root) Status: R ddjafhoiahva;k & Held 1 message in /var/spool/mail/maomao [root@localhost ~]# mail to workgroup1@baidu.com Subject: test24 lalalalal EOT [root@localhost ~]# su – redhat Last login: Mon Aug 6 10:57:14 EDT 2018 on pts/0 [redhat@localhost ~]$ mail Heirloom Mail version 12.5 7/5/10. Type ? for help. “/var/spool/mail/redhat”: 3 messages 1 new 1 root Mon Aug 6 10:48 19/583 “jhdafds” 2 root Mon Aug 6 10:57 19/579 “hfslak” >N 3 root Mon Aug 6 11:10 18/576 “test” & Held 3 messages in /var/spool/mail/redhat

[redhat@localhost ~]$ exit logout

[root@localhost ~]# su – maomao Last login: Mon Aug 6 11:11:05 EDT 2018 on pts/0 [maomao@localhost ~]$ mail Heirloom Mail version 12.5 7/5/10. Type ? for help. “/var/spool/mail/maomao”: 2 messages 1 new 1 root Mon Aug 6 11:10 19/587 “test” >N 2 root Mon Aug 6 11:16 18/576 “test24” & Held 2 messages in /var/spool/mail/maomao

配置dovecot服务 dovecot: 邮件接收服务 Dovecot是一款能够为Linux系统提供IMAP和POP3电子邮件服务的开源软件程序,

[maomao@localhost ~]$ yum install dovecot -y Loaded plugins: langpacks, product-id, search-disabled-repos, subscription-manager You need to be root to perform this command.

[root@localhost ~]# vim /etc/dovecot/dovecot.conf 24 protocols = imap pop3 lmtp 48 login_trusted_networks = 172.16.50.0/24

[root@localhost ~]# vim /etc/dovecot/conf.d/10-mail.conf 把25行复制并去掉#号 mail_location = mbox:~/mail:INBOX=/var/mail/%u

[root@localhost ~]# chmod 0600 /var/mail/* 如果不执行上面这个命令,可能会出现在系统中可以收到邮件,但是客户端无法收到邮件,注意查看系统/var/log/maillog日志 配置sasl服务 开启SASL认证 [root@localhost ~]# vim /etc/postfix/main.cf broken_sasl_auth_clients = yes smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination

[root@localhost ~]# systemctl restart postfix [root@localhost ~]# systemctl restart dovecot [root@localhost ~]# systemctl restart saslauthd [root@localhost ~]# systemctl stop firewalld

间域收发

一、配置baidu.com域 配置postfix服务 [root@localhost ~]# vi /etc/postfix/main.cf 76 myhostname = mail.baidu.com 83 mydomain = baidu.com 99 myorigin = mydomain113inetinterfaces=all164mydestination= m y d o m a i n 113 i n e t i n t e r f a c e s = a l l 164 m y d e s t i n a t i o n = mydomain 113 inet_interfaces = all 164 mydestination = mydomain, myhostname264mynetworks=172.16.50.0/24296relaydomains= m y h o s t n a m e 264 m y n e t w o r k s = 172.16.50.0 / 24 296 r e l a y d o m a i n s = myhostname 264 mynetworks = 172.16.50.0/24 296 relay_domains = mydestination 开启SASL认证 编辑postfix配置文件 [root@localhost ~]# vi /etc/postfix/main.cf 追加如下内容: broken_sasl_auth_clients = yes smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination 配置dovecot服务 配置dovecot主配置文件 [root@localhost ~]# vi /etc/dovecot/dovecot.conf 24 protocols = imap pop3 lmtp 48 login_trusted_networks = 172.16.50.0/24 配置dovecot子配置文件 [root@localhost ~]# vi /etc/dovecot/conf.d/10-mail.conf 30 mail_location = mbox:~/mail:INBOX=/var/mail/% 注意:有的系统可能没有权限; chmod 0600 /var/mail/*

二、配置qq.com域 配置postfix服务 [root@localhost ~]# vi /etc/postfix/main.cf 76 myhostname = mail.qq.com 83 mydomain = qq.com 99myorigin= mydomain113inetinterfaces=all164mydestination= m y d o m a i n 113 i n e t i n t e r f a c e s = a l l 164 m y d e s t i n a t i o n = mydomain 113 inet_interfaces = all 164 mydestination = mydomain, myhostname264mynetworks=172.16.50.0/24296relaydomains= m y h o s t n a m e 264 m y n e t w o r k s = 172.16.50.0 / 24 296 r e l a y d o m a i n s = myhostname 264 mynetworks = 172.16.50.0/24 296 relay_domains = mydestination 开启SASL认证 编辑postfix配置文件 [root@localhost ~]# vi /etc/postfix/main.cf 追加如下内容: broken_sasl_auth_clients = yes smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination 配置dovecot服务 配置dovecot主配置文件 [root@localhost ~]# vi /etc/dovecot/dovecot.conf 24 protocols = imap pop3 lmtp 48 login_trusted_networks = 172.16.50.0/24 配置dovecot子配置文件 [root@localhost ~]# vi /etc/dovecot/conf.d/10-mail.conf 30 mail_location = mbox:~/mail:INBOX=/var/mail/%n

配置DNS服务器 两边手动设置DNS服务器地址(网卡必须指定dns服务器的地址) [root@localhost ~]# nmcli connection modify ens33 ipv4.dns 172.16.50.37 [root@localhost ~]# nmcli connection up ens33 连接已成功激活(D-Bus 活动路径:/org/freedesktop/NetworkManager/ActiveConnection/5) [root@localhost postfix]# vim /etc/named.conf options { listen-on port 53 { 172.16.50.37; }; directory “/var/named”; allow-transfer { 172.16.50.60; }; }; zone “baidu.com” IN { type master; file “baidu.com.zone”; }; zone “50.16.172.in-addr.arpa” IN { type master; file “hehe.com.zone”; }; zone “qq.com” IN { type master; file “qq.com.zone”; };

“/etc/named.conf” 30L, 707C 配置baidu.com域 [root@localhost postfix]# vim /var/named/baidu.com.zone $TTL 1D @ IN SOA ns.baidu.com. admin.baidu.com. ( 0 1D 1H 1W 3H ) IN NS ns.baidu.com. IN MX 10 mail.baidu.com. ns IN A 172.16.50.37 mail IN A 172.16.50.37

配置qq.com域 ~[root@localhost postfix]# vim /var/named/qq.com.zone $TTL 1D @ IN SOA ns.qq.com. admin.qq.com. ( 0 1D 1H 1W 3H ) IN NS ns.qq.com. IN MX 10 mail.qq.com. ns IN A 172.16.50.37 mail IN A 172.16.50.60

反向区域配置文件 [root@localhost postfix]# vim /var/named/hehe.com.zone $TTL 1D @ IN SOA ns.baidu.com. admin.baidu.com. ( 0 ; serial 1D ; refresh 1H ; retry 1W ; expire 3H ) ; minimum IN NS ns.baidu.com. 37 IN PTR ns.baidu.com. 37 IN PTR mail.baidu.com. 60 IN PTR mail.qq.com.

支持SSL访问 [root@localhost ~]# cd /etc/postfix/ [root@localhost postfix]# openssl req -new -x509 -nodes -out smtpd.pem -keyout smtpd.pem -days 3650 Generating a 2048 bit RSA private key ………………….. ……………………………………….. **writing new private key to ‘smtpd.pem’ —–** You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, **If you enter ‘.’, the field will be left blank. —–** Country Name (2 letter code) [XX]:86 State or Province Name (full name) []:shanxi Locality Name (eg, city) [Default City]:xian Organization Name (eg, company) [Default Company Ltd]:openlab Organizational Unit Name (eg, section) []:ce Common Name (eg, your name or your server’s hostname) []:mail.baidu.com Email Address []:ping

编辑/etc/postfix/main.cf文件 smtp_use_tls = yes smtpd_use_tls = yes smtp_tls_note_starttls_offer = yes smtpd_tls_key_file = /etc/postfix/smtpd.pem smtpd_tls_cert_file = /etc/postfix/smtpd.pem smtpd_tls_CAfile = /etc/postfix/smtpd.pem smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes smtpd_tls_session_cache_timeout = 3600s tls_random_source = dev:/dev/urandom

编辑/etc/postfix/master.cf文件,去掉以下内容的注释: #smtps inet n – n – – smtpd # -o smtpd_tls_wrappermode=yes # -o smtpd_sasl_auth_enable=yes 重启服务 [root@localhost postfix]# systemctl restart postfix

虚拟别名区 在两个域的主配置文件中添加如下内容: [root@mail ~]# vi /etc/postfix/main.cf virtual_alias_domains = group.com, work.com virtual_alias_maps = hash:/etc/postfix/virtual

在虚拟别名域中添加如下内容

baidu域的虚拟别名 [root@localhost postfix]# vi /etc/postfix/virtual @group.com @baidu.com @work.com @qq.com 123@group.com maomao,xixi 234@work.com doudou@work.com,xiaodou@work.com admin@group.com maomao,xixi,redhat,dadou@work.com,doudou@work.com,xiaodou@work.com

qq域的虚拟别名 [root@localhost postfix]# vi /etc/postfix/virtual @group.com @baidu.com @work.com @qq.com 123@group.com maomao@group.com,xixi@group.com 234@work.com doudou,xiaodou admin@group.com maomao@group.com,xixi@group.com,redhat@group.com,dadou,doudou,xiaodou 每次改变该文件,需要执行以下两个命令 重新生成虚拟别名域数据库 [root@mail ~]# postmap /etc/postfix/virtual 重新加载虚拟别名域数据文件 [root@mail ~]# systemctl reload postfix

发布者:全栈程序员栈长,转载请注明出处:https://javaforall.cn/129652.html原文链接:https://javaforall.cn

0 人点赞