Postfix. 1

安装postfix. 1

dns 1

开启postfix. 3

邮件的收发... 4

身份验证sasl... 4

启用sasl认证... 4

更改postfix配置文件添加验证... 5

通过验证发送邮件... 5

接收邮件... 6

限定用户的安全认证... 6

Postfix

安装postfix

[root@mail ~]# cd /mnt/cdrom/Server/

[root@mail Server]# rpm   -ivh postfix-

postfix- 2.3.3 -2.1.el5_2.i386.rpm

postfix-pflogsumm- 2.3.3 -2.1.el5_2.i386.rpm

[root@mail Server]# rpm   -ivh postfix- 2.3.3 -2.1.el5_2.i386.rpm

Preparing...                ########################################### [100%]

   1:postfix                ########################################### [100%]

[root@mail Server]# vim /etc/postfix/master.cf

dns

[root@mail Server]# rpm -qa |grep bind

bind- 9.3.4 -10.P1.el5

bind-devel- 9.3.4 -10.P1.el5

bind-libs- 9.3.4 -10.P1.el5

bind-sdb- 9.3.4 -10.P1.el5

ypbind-1.19-11.el5

bind-utils- 9.3.4 -10.P1.el5

bind-libbind-devel- 9.3.4 -10.P1.el5

bind-chroot- 9.3.4 -10.P1.el5

[root@localhost Server]# rpm -ivh caching-nameserver- 9.3.4 -10.P1.el5.i386.rpm

[root@localhost etc]# cd /var/named/chroot/etc/

[root@localhost etc]# cp -p named.caching-nameserver.conf named.conf

[root@localhost etc]# vim named.conf

options {

        listen-on port 53 { any; }

        allow-query     { any; };

};

view localhost_resolver {

        match-clients      { any; };

        match-destinations { any; };

        recursion yes;

        include "/etc/named.rfc1912.zones";

};

[root@localhost ~]# cd /var/named/chroot/etc

[root@localhost etc]# vim named.rfc1912.zones

zone "bj.com" IN {

        type master;

        File "bj.com.zone";

        allow-update { none; };

};

[root@localhost named]# pwd

/var/named/chroot/var/named

[root@localhost named]# cp -p localhost.zone bj.com.zone

[root@localhost named]# vim bj.com.zone

$TTL    86400

@               IN SOA  ns.bj.com.       root (

                                        42              ; serial (d. adams )

                                        3H              ; refresh

                                        15M             ; retry

                                        1W              ; expiry

                                        1D )            ; minimum

 

                IN NS           ns.bj.com.

ns              IN A            192.168.101.9

mail            IN A            192.168.101.9

pop3            IN CNAME        mail

smtp            IN CNAME        mail

@               IN  MX 10       mail

[root@localhost named]# vim /etc/sysconfig/network

NETWORKING=yes

NETWORKING_IPV6=no

HOSTNAME=mail.bj.com

[root@localhost named]# vim /etc/resolv.conf

nameserver 192.168.101.9

[root@localhost named]# vim /etc/hosts

127.0.0.1               localhost.localdomain localhost

192.168.101.9     mail.bj.com  mail                               

[root@localhost named]# vim /etc/inittab

id:3:initdefault:

[root@mail ~]# service named start

[root@mail ~]# chkconfig named on

[root@mail named]# dig -t mx bj.com

开启postfix

[root@mail ~]# service postfix restart

Shutting down postfix:                                     [  OK  ]

Starting postfix:                                          [  OK  ]

[root@mail ~]# netstat -tupnl |grep 25

tcp        0      0 127.0.0.1:25                0.0.0 .0:*                   LISTEN      4269/master        

[root@mail ~]#

 

Main.cf

Man 5 配置脚本

Man 1 用户命令

man 8 x系统管理

man postconf

man 5 postconf

[root@mail ~]# vim /etc/postfix/main.cf

110 inet_interfaces = all

[root@mail ~]# service postfix restart

Shutting down postfix:                                     [  OK  ]

Starting postfix:                                          [  OK  ]

[root@mail ~]# netstat -tupln |grep 25

tcp        0      0 0.0.0 .0:25                  0.0.0 .0:*                   LISTEN      4400/master      

 

[root@mail ~]#netstat --倒数第一个最近使用的netstat命令

 

[root@mail ~]# vim /etc/postfix/main.cf

70 myhostname = mail.bj.com

77 mydomain = bj.com

158 mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain

--按地址段的中继

257 mynetworks = 168.100.101.0/24, 127.0.0.0/8  --接收mail的网段

[root@mail ~]# service postfix restart

Shutting down postfix:                                     [  OK  ]

Starting postfix:                                          [  OK  ]

[root@mail ~]#  useradd user1

[root@mail ~]#  useradd user2

[root@mail ~]# passwd user1

[root@mail ~]# passwd user2

邮件的收发

[root@mail ~]# mail [email protected]

Subject: 1

1

.

Cc:

[user1@mail root]$ su - user1

Password:

[user1@mail ~]$ mail

Mail version 8.1 6/6/93 .  Type ? for help.

"/var/spool/mail/user1": 1 message 1 new

>N  1 [email protected]      Sat Aug 27 17:25  18/603   "1"

& 1

Message 1:

From [email protected]  Sat Aug 27 17:25:34 2011

X-Original-To: [email protected]

Delivered-To: [email protected]

Date: Sat, 27 Aug 2011 17:25:34 +0800

From: root

To: [email protected]

Subject: 1

 

1

 

&

身份验证sasl

启用sasl认证

[root@mail ~]# rpm -qa |grep sasl

cyrus-sasl- 2.1.22 -4

cyrus-sasl-lib- 2.1.22 -4

cyrus-sasl-plain- 2.1.22 -4

cyrus-sasl-devel- 2.1.22 -4

[root@mail ~]# service saslauthd start

Starting saslauthd:                                        [  OK  ]

[root@mail ~]# cd /usr/lib/sasl2/

更改postfix配置文件添加验证

[root@mail sasl2]#

[root@mail sasl2]# vim /etc/postfix/main.cf

broken_sasl_auth_clients = yes

smtpd_sasl_auth_enable = yes –启用sasl

smtpd_sasl_security_options = noanonymous --安全选项 不允许匿名

smtpd_sasl_application_name = smtpd

smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,rejec

t_unauth_destination  --设置中继

--开头空格表示上一行的延续

[root@mail sasl2]# vim smtpd.conf

pwcheck_method: saslauthd

~

[root@mail sasl2]# service postfix restart

通过验证发送邮件

[root@mail ~]# echo -n "[email protected]"|openssl base64

dXNlcjFAYmouY29t

[root@mail ~]# echo -n "123"|openssl base64

MTIz

 

[root@mail sasl2]# telnet mail.bj.com 25

Trying 192.168.101.9...

Connected to mail.bj.com (192.168.101.9).

Escape character is '^]'.

220 mail.bj.com ESMTP Postfix

auth login dXNlcjFAYmouY29t

334 UGFzc3dvcmQ6

MTIz

235 2.0.0 A uthentication successful

mail from:[email protected]

250 2.1.0 Ok

rcpt to :[email protected]

501 5.5.4 Syntax: RCPT TO:

rcpt to:[email protected]

250 2.1.5 Ok

data

354 End data with .

subject

hello user2 this is user1.                             

.

250 2.0.0 Ok: queued as 881FB4ADADF

500 5.5.2 Error: bad syntax

quit

221 2.0.0 Bye

Connection closed by foreign host.

[root@mail sasl2]#

接收邮件

[root@mail ~]# su - user2

[user2@mail ~]$ mail

Mail version 8.1 6/6/93 .  Type ? for help.

"/var/spool/mail/user2": 1 message 1 new

>N  1 [email protected]          Sat Aug 27 17:53  15/476 

& 1

Message 1:

From [email protected]  Sat Aug 27 17:53:44 2011

X-Original-To: [email protected]

Delivered-To: [email protected]

Date: Sat, 27 Aug 2011 17:52:07 +0800 (CST)

From: [email protected]

To: undisclosed-recipients:;

subject

hello user2 this is user1.

&

限定用户的安全认证

[root@mail ~]# vim /etc/postfix/main.cf

257 mynetworks = 192.168.101.0/24 127.0.0.0/8

671 broken_sasl_auth_clients = yes

672 smtpd_sasl_auth_enable = yes

673 smtpd_sasl_security_options = noanonymous

674 smtpd_sasl_application_name = smtpd

676 smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,

677  reject_unauth_destination

678 smtpd_client_restrictions = permit_sasl_authenticated,reject

--所有用户都要验证的,验证的通过 ,不验证的拒绝发送邮件。

[root@mail ~]# service postfix restart

 

[root@mail ~]# echo -n "[email protected]"|openssl base64

dXNlcjFAYmouY29t

[root@mail ~]# echo -n "123"|openssl base64

MTIz

[root@mail ~]# telnet mail.bj.com 25

Trying 192.168.101.9...

Connected to mail.bj.com (192.168.101.9).

Escape character is '^]'.

220 mail.bj.com ESMTP Postfix

mail from:[email protected]

250 2.1.0 Ok

rcpt to:[email protected]

554 5.7.1 : Client host rejected: Access denied

auth login dXNlcjFAYmouY29t

334 UGFzc3dvcmQ6

MTIz

235 2.0.0 A uthentication successful

data

554 5.5.1 Error: no valid recipients

rcpt to:[email protected]

250 2.1.5 Ok

data

354 End data with .

hello this test for smtpd

.

250 2.0.0 Ok: queued as BA6164ADADF

[user2@mail ~]$ mail

Mail version 8.1 6/6/93 .  Type ? for help.

"/var/spool/mail/user2": 1 message 1 new

>N  1 [email protected]          Sat Aug 27 19:59  14/467 

& 1

Message 1:

From [email protected]  Sat Aug 27 19:59:43 2011

X-Original-To: [email protected]

Delivered-To: [email protected]

Date: Sat, 27 Aug 2011 19:57:49 +0800 (CST)

From: [email protected]

To: undisclosed-recipients:;

 

hello this test for smtpd

 

&

 

[root@mail ~]# mail [email protected]

Subject: yy

yy

.

Cc:

[root@mail ~]# tail /var/log/maillog

Aug 27 19:59:43 mail postfix/cleanup[5974]: BA6164ADADF: message-id=<[email protected]>

Aug 27 19:59:43 mail postfix/qmgr[5950]: BA6164ADADF: from=, size=348, nrcpt=1 (queue active)

Aug 27 19:59:43 mail postfix/local[5975]: BA6164ADADF: to=, relay=local, delay=114, delays=114/0.01/0/0.01, dsn= 2.0.0 , status=sent (delivered to mailbox)

Aug 27 19:59:43 mail postfix/qmgr[5950]: BA6164ADADF: removed

Aug 27 20:02:37 mail postfix/smtpd[5967]: disconnect from mail.bj.com[192.168.101.9]

Aug 27 20:03:00 mail sendmail[6020]: p7RC30TM006020: from=root, size=33, class=0, nrcpts=1, msgid=<[email protected]>, relay=root@localhost

Aug 27 20:03:00 mail postfix/smtpd[5967]: connect from localhost.localdomain[127.0.0.1]

Aug 27 20:03:00 mail postfix/smtpd[5967]: fatal: non-null host address bits in "127.0.0.1/8", perhaps you should use "127.0.0.0/8" instead

Aug 27 20:03:01 mail sendmail[6020]: p7RC30TM006020: [email protected], ctladdr=root (0/0), delay=00:00:01, xdelay=00:00:01, mailer=relay, pri=30033, relay=[127.0.0.1] [127.0.0.1], dsn= 4.0.0 , stat=Deferred: Connection reset by [127.0.0.1]

Aug 27 20:03:01 mail postfix/master[5948]: warning: process /usr/libexec/postfix/smtpd pid 5967 exit status 1

[root@mail ~]#