Sendmail
简单配置(2)
RHEL5.3
基本网络配置
公司采用两个网段和两个域来分别管理内部员工
team1.benet.com
域采用192.168.2.0/24网段
team2.benet.com
域采用192.168.3.0/24网段
DNS
及Sendmail服务器地址:192.168.1.200
要求:
(1)员工可以自由收发内部邮件并且能够通过邮件服务器往外网发信。
(2)设置两个邮件群组team1和team2,确保发送给team1的邮件“team1.benet.com”域成员都可以收到,同理哈,发送给team2的邮件“team2.benet.com”域成员都可以收到。
(3)禁止待客室的主机192.168.2.100使用Sendmail服务器。
一、
1
、RHEL5 U3:如图1
(如图1)
2
、#hostname //查看当前主机的主机名:如图2
(如图2)
3
、#vi /etc/sysconfig/network-scripts/ifcfg-eth0 编辑指定网络接口配置文件:如图3
(如图3)
4
、#vi /etc/sysconfig/network 通过配置文件修改主机名:如图4
(如图4)
5
、在终端字符界面修改其字体和中文字体大小:如图5
(如图5)
6
、挂载光盘:如图6
(如图6)
7
、查看OpenSSH是否安装:如图7
(如图7)
8
、
#vi /etc/hosts
设置本地
DNS
解析文件:
如图8
(如图8)
9
、
#vi /etc/resolv.conf
指定当前主机的
DNS
服务器,最多可指定三个:
如图9
(如图9)
10
、关闭iptables防火墙:如图10
(如图10)
二、IP地址设置
[root@dns Server]#
ifconfig
eth0 Link encap:Ethernet HWaddr 00:0C:29:DF:45:1A
inet addr:192.168.1.200 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fedf:451a/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:219 errors:0 dropped:0 overruns:0 frame:0
TX packets:149 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:35389 (34.5 KiB) TX bytes:19083 (18.6 KiB)
Interrupt:169 Base address:0x2000
eth1 Link encap:Ethernet HWaddr 00:0C:29:DF:45:24
inet addr:192.168.1.101 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fedf:4524/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:83 errors:0 dropped:0 overruns:0 frame:0
TX packets:49 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:17404 (16.9 KiB) TX bytes:8944 (8.7 KiB)
Interrupt:185 Base address:0x2080
eth2 Link encap:Ethernet HWaddr 00:0C:29:DF:45:2E
inet addr:192.168.1.102 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fedf:452e/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:78 errors:0 dropped:0 overruns:0 frame:0
TX packets:51 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:16574 (16.1 KiB) TX bytes:9072 (8.8 KiB)
Interrupt:177 Base address:0x2400
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:8 errors:0 dropped:0 overruns:0 frame:0
TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:560 (560.0 b) TX bytes:560 (560.0 b)
[root@dns Server]#
vim /etc/sysconfig/network-scripts/ifcfg-eth1
# Advanced Micro Devices [AMD] 79c970 [PCnet32 LANCE]
DEVICE=eth1
BOOTPROTO=static
IPADDR=192.168.2.200
NETMASK=255.255.255.0
GATEWAY=192.168.2.1
ONBOOT=yes
HWADDR=00:0c:29:df:45:24
~
"/etc/sysconfig/network-scripts/ifcfg-eth1" 8L, 182C 已写入
[root@dns Server]#
ifdown eth1
[root@dns Server]#
ifup eth1
[root@dns Server]# vim /etc/sysconfig/network-scripts/ifcfg-eth2
# Advanced Micro Devices [AMD] 79c970 [PCnet32 LANCE]
DEVICE=eth2
BOOTPROTO=static
IPADDR=192.168.3.200
NETMASK=255.255.255.0
GATEWAY=192.168.3.1
ONBOOT=yes
HWADDR=00:0c:29:df:45:2e
~
~
"/etc/sysconfig/network-scripts/ifcfg-eth2" 8L, 182C 已写入
[root@dns Server]# ifdown eth2
[root@dns Server]# ifup eth2
[root@dns Server]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:0C:29:DF:45:1A
inet addr:192.168.1.200 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fedf:451a/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1008 errors:0 dropped:0 overruns:0 frame:0
TX packets:626 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:124798 (121.8 KiB) TX bytes:76300 (74.5 KiB)
Interrupt:169 Base address:0x2000
eth1 Link encap:Ethernet HWaddr 00:0C:29:DF:45:24
inet addr:192.168.2.200 Bcast:192.168.2.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fedf:4524/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:114 errors:0 dropped:0 overruns:0 frame:0
TX packets:87 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:25638 (25.0 KiB) TX bytes:17436 (17.0 KiB)
Interrupt:185 Base address:0x2080
eth2 Link encap:Ethernet HWaddr 00:0C:29:DF:45:2E
inet addr:192.168.3.200 Bcast:192.168.3.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fedf:452e/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:111 errors:0 dropped:0 overruns:0 frame:0
TX packets:86 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:25318 (24.7 KiB) TX bytes:16975 (16.5 KiB)
Interrupt:177 Base address:0x2400
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:8 errors:0 dropped:0 overruns:0 frame:0
TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:560 (560.0 b) TX bytes:560 (560.0 b)
[root@dns Server]#
service network restart
正在关闭接口 eth0: [确定]
正在关闭接口 eth1: [确定]
正在关闭接口 eth2: [确定]
关闭环回接口: [确定]
弹出环回接口: [确定]
弹出界面 eth0: [确定]
弹出界面 eth1: [确定]
弹出界面 eth2: [确定]
[root@dns Server]#
三、DNS简单配置
1
、vim /etc/named.conf
2
、vim /var/named/benet.com.zone
3
、vim /var/named/1.168.192.in-addr.arpa.zone
4
、vim /var/named/team1.benet.com.zone
5
、vim /var/named/2.168.192.in-addr.arpa.zone
6
、vim /var/named/team2.benet.com.zone
7
、vim /var/named/3.168.192.in-addr.arpa.zone
8
、nslookup查看
9
、复制named.root到/var/named/目录下
[root@dns Server]#
cd /usr/share/doc/bind-9.3.4/sample/var/named/
[root@dns named]# ls
data my.external.zone.db named.ip6.local named.zero
localdomain.zone my.internal.zone.db named.local slaves
localhost.zone named.broadcast
named.root
[root@dns named]#
cp named.root /var/named/
[root@dns named]# cd /var/named/
[root@dns named]# ls
1.168.192.in-addr.arpa.zone benet.com.zone slaves
2.168.192.in-addr.arpa.zone data team1.benet.com.zone
3.168.192.in-addr.arpa.zone named.root team2.benet.com.zone
10
、启动named服务
[root@dns Server]# chkconfig --list named
named 0:
关闭 1:
关闭 2:
关闭 3:
关闭 4:
关闭 5:
关闭 6:
关闭
[root@dns Server]# chkconfig --level 2345 named on
[root@dns Server]# chkconfig --list named
named 0:
关闭 1:
关闭 2:
启用 3:
启用 4:
启用 5:
启用 6:
关闭
[root@dns Server]#
tail var/log/messages
Oct 18 06:07:20 dns named[5204]: zone benet.com/IN: loaded serial 20091017
Oct 18 06:07:20 dns named[5204]: zone team1.benet.com/IN: loaded serial 20091017
Oct 18 06:07:20 dns named[5204]: zone team2.benet.com/IN: loaded serial 20091017
Oct 18 06:07:20 dns named[5204]: running
Oct 18 06:07:20 dns named[5204]: zone 3.168.192.in-addr.arpa/IN: sending notifies (serial
20091017)
Oct 18 06:07:20 dns named[5204]: zone 1.168.192.in-addr.arpa/IN: sending notifies (serial
20091017)
Oct 18 06:07:20 dns named[5204]: zone 2.168.192.in-addr.arpa/IN: sending notifies (serial
20091017)
Oct 18 06:07:20 dns named[5204]: client 192.168.1.200#42561: received notify for zone
'3.168.192.in-addr.arpa'
Oct 18 06:07:21 dns named[5204]: client 192.168.1.200#42561: received notify for zone
'1.168.192.in-addr.arpa'
Oct 18 06:07:21 dns named[5204]: client 192.168.1.200#42561: received notify for zone
'2.168.192.in-addr.arpa'
四、sendmail简单配置
1
、安装sendmail
[root@dns Server]# rpm -qa | grep sendmail
sendmail-8.13.8-2.el5
[root@dns Server]# ls sendmail*
sendmail-8.13.8-2.el5.i386.rpm sendmail-devel-8.13.8-2.el5.i386.rpm
sendmail-cf-8.13.8-2.el5.i386.rpm sendmail-doc-8.13.8-2.el5.i386.rpm
[root@dns Server]# rpm -ivh --aid sendmail-cf-8.13.8-2.el5.i386.rpm
warning: sendmail-cf-8.13.8-2.el5.i386.rpm: Header V3 DSA signature: NOKEY, key ID 37017186
Preparing... ########################################### [100%]
1:sendmail-cf ########################################### [100%]
[root@dns Server]# rpm -ivh --aid sendmail-devel-8.13.8-2.el5.i386.rpm
warning: sendmail-devel-8.13.8-2.el5.i386.rpm: Header V3 DSA signature: NOKEY, key ID 37017186
Preparing... ########################################### [100%]
1:sendmail-devel ########################################### [100%]
[root@dns Server]# rpm -ivh --aid sendmail-doc-8.13.8-2.el5.i386.rpm
warning: sendmail-doc-8.13.8-2.el5.i386.rpm: Header V3 DSA signature: NOKEY, key ID 37017186
Preparing... ########################################### [100%]
1:sendmail-doc ########################################### [100%]
[root@dns Server]#
[root@dns Server]# rpm -qa | grep sendmail
sendmail-devel-8.13.8-2.el5
sendmail-doc-8.13.8-2.el5
sendmail-cf-8.13.8-2.el5
sendmail-8.13.8-2.el5
[root@dns Server]# rpm -qa | grep m4
m4-1.4.5-3.el5.1
2
、修改vim /etc/mail/sendmail.mc
第116行
将smtp侦听范围从
127.0.0.1
改为0.0.0.0
第155行修改成自己域:
LOCAL_DOMAIN(`benet.com')dnl
3
、使用m4命令生成sendmail.cf文件
m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf
4
、修改local-host-names文件添加域名及主机名
vim /etc/mail/local-host-names
[root@dns Server]#
m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf
[root@dns Server]#
vim /etc/mail/local-host-names
# local-host-names - include all aliases for your machine here.
benet.com.
mail.benet.com.
team1.benet.com.
mail.team1.benet.com.
team2.benet.com.
mail.team2.benet.com.
~
"/etc/mail/local-host-names" 7L, 169C 已写入
5、
实现邮局aliases别名功能
vim /etc/aliases
aliases
文件语法格式:
真实用户帐号:别名1,别名2
例如:
增加:team1: client1,client2,client3
Team2: clienta,clientb,clientc
6、
运行newaliases命令,生成aliases库
7
、
配置访问控制的access文件,
生成access数据库文件(makemap hash /etc/mail/access.db < /etc/mail/access)
五、安装
Dovecot
软件包(
POP3
和
IMAP
)
1
、安装dovecot
[root@dns Server]# rpm -ivh --aid perl-DBI-1.52-2.el5.i386.rpm
warning: perl-DBI-1.52-2.el5.i386.rpm: Header V3 DSA signature: NOKEY, key ID 37017186
Preparing... ########################################### [100%]
1:perl-DBI ########################################### [100%]
[root@dns Server]# rpm -ivh --aid mysql-5.0.45-7.el5.i386.rpm
warning: mysql-5.0.45-7.el5.i386.rpm: Header V3 DSA signature: NOKEY, key ID 37017186
Preparing... ########################################### [100%]
1:mysql ########################################### [100%]
[root@dns Server]# rpm -ivh --aid dovecot-1.0.7-7.el5.i386.rpm
warning: dovecot-1.0.7-7.el5.i386.rpm: Header V3 DSA signature: NOKEY, key ID 37017186
Preparing... ########################################### [100%]
1:dovecot ########################################### [100%]
2
、启动sendmail和dovecot服务
[root@dns Server]# service sendmail restart
关闭 sm-client: [确定]
关闭 sendmail: [确定]
启动 sendmail: [确定]
启动 sm-client: [确定]
[root@dns Server]# service dovecot restart
停止 Dovecot Imap: [失败]
启动 Dovecot Imap: [确定]
[root@dns Server]# chkconfig --list dovecot
dovecot 0:关闭 1:关闭 2:关闭 3:关闭 4:关闭 5:关闭 6:关闭
[root@dns Server]# chkconfig --level 2345 dovecot on
[root@dns Server]# chkconfig --list dovecot
dovecot 0:关闭 1:关闭 2:启用 3:启用 4:启用 5:启用 6:关闭
3
、查看端口netstat
[root@dns Server]# netstat -ntl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 127.0.0.1:2208 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:688 0.0.0.0:* LISTEN
tcp 0 0 192.168.1.200:53 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:2207 0.0.0.0:* LISTEN
tcp 0 0 :::993 :::* LISTEN
tcp 0 0 :::995 :::* LISTEN
tcp 0 0 :::110 LISTEN
tcp 0 0 :::143 :::* LISTEN
tcp 0 0 :::22 :::* LISTEN
tcp 0 0 ::1:953 :::* LISTEN
[root@dns Server]# netstat -an | grep 25
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN
udp 0 0 0.0.0.0:52546 0.0.0.0:*
unix 2 [ ] DGRAM 8925
[root@dns Server]# netstat -an | grep 110
tcp 0 0 :::110 LISTEN
[root@dns Server]# netstat -an | grep 143
tcp 0 0 :::143 :::* LISTEN
unix 2 [ ] STREAM CONNECTED 10143 /var/run/setrans/.setrans-unix
4
、验证Sendmail的SMTP认证功能telnet localhost 25
[root@dns Server]# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 dns.benet.com ESMTP Sendmail 8.13.8/8.13.8; Sat, 10 Oct 2009 22:15:28 +0800
ehlo localhost
250-dns.benet.com Hello localhost.localdomain [127.0.0.1], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-DELIVERBY
250 HELP
quit
221 2.0.0 dns.benet.com closing connection
Connection closed by foreign host.
[root@dns Server]# telnet localhost 110
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
+OK Dovecot ready.
quit
+OK Logging out
Connection closed by foreign host.
[root@dns Server]#
telnet mail.benet.com 25
telnet mail.benet.com 110
5
、建立用户
[root@dns Server]# useradd zhangsan
[root@dns Server]# passwd zhangsan
Changing password for user zhangsan.
New UNIX password:
BAD PASSWORD: it is based on a dictionary word
Retype new UNIX password:
passwd: all authentication tokens updated successfully.
[root@dns Server]# useradd lisi
[root@dns Server]# passwd lisi
Changing password for user lisi.
New UNIX password:
BAD PASSWORD: it is based on a dictionary word
Retype new UNIX password:
passwd: all authentication tokens updated successfully.
[root@dns Server]# groupadd team1
[root@dns Server]# groupadd team2
[root@dns Server]# useradd -g team1 -s /sbin/nologin client1
[root@dns Server]# useradd -g team1 -s /sbin/nologin client2
[root@dns Server]# useradd -g team1 -s /sbin/nologin client3
[root@dns Server]# useradd -g team2 -s /sbin/nologin clienta
[root@dns Server]# useradd -g team2 -s /sbin/nologin clientb
[root@dns Server]# useradd -g team2 -s /sbin/nologin clientc
[root@dns Server]# passwd client1
Changing password for user client1.
New UNIX password:
BAD PASSWORD: it is based on a dictionary word
Retype new UNIX password:
passwd: all authentication tokens updated successfully.
[root@dns Server]# passwd client2
Changing password for user client2.
New UNIX password:
BAD PASSWORD: it is based on a dictionary word
Retype new UNIX password:
passwd: all authentication tokens updated successfully.
[root@dns Server]# passwd client3
Changing password for user client3.
New UNIX password:
BAD PASSWORD: it is based on a dictionary word
Retype new UNIX password:
passwd: all authentication tokens updated successfully.
[root@dns Server]# passwd clienta
Changing password for user clienta.
New UNIX password:
BAD PASSWORD: it is based on a dictionary word
Retype new UNIX password:
passwd: all authentication tokens updated successfully.
[root@dns Server]# passwd clientb
Changing password for user clientb.
New UNIX password:
BAD PASSWORD: it is based on a dictionary word
Retype new UNIX password:
passwd: all authentication tokens updated successfully.
[root@dns Server]# passwd clientc
Changing password for user clientc.
New UNIX password:
BAD PASSWORD: it is based on a dictionary word
Retype new UNIX password:
passwd: all authentication tokens updated successfully.
[root@dns Server]#
6
、客户端测试
1
)192.168.1.0/24网段测试
2
)别名测试
3
)192.168.2.0/24网段测试
4
)192.168.3.0/24网段测试
5)禁止192.168.2.100发送和接收邮件
配置文件在附件里面:
如有不懂的地方,请call我!qq:357714938 mail:[email protected]