搭建DNS服务器
编辑yum
[root@www Server]# vim /etc/yum.repos.d/rhel-debuginfo.repo
[rhel-server]
name=Red Hat Enterprise Linux server
baseurl=file:///mnt/cdrom/Server
enabled=1
gpgcheck=1
gpgkey=file:///mnt/cdrom/RPM-GPG-KEY-redhat-release
[root@www Server]# yum install bind bind-chroot caching-nameserver -y
[root@www ~]# cd /var/named/chroot/etc/
[root@www etc]# cp -p named.caching-nameserver.conf named.conf
[root@www etc]# vim named.conf
options {
listen-on port 53 { any; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
// Those options should be used carefully because they disable port
// randomization
// query-source port 53;
// query-source-v6 port 53;
allow-query { any; };
allow-query-cache { any; };
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
view localhost_resolver {
match-clients { any; };
match-destinations { any; };
recursion yes;
include "/etc/named.rfc1912.zones";
};
修改区域声明文件
[root@www etc]# vim named.rfc1912.zones
zone "." IN {
type hint;
file "named.ca";
};
zone "localdomain" IN {
type master;
file "localdomain.zone";
allow-update { none; };
};
zone "abc.com" IN {
type master;
file "abc.com.db";
allow-update { none; };
};
生成数据库
[root@www etc]# cd ../var/named/
[root@www named]# cp -p localhost.zone abc.com.db
[root@www named]# vim abc.com.db
$TTL 86400
@ IN SOA ns.abc.com. root (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
@ IN NS ns.abc.com.
ns IN A 192.168.101.200
mail IN A 192.168.101.200
pop3 IN CNAME mail
smtp IN CNAME mail
@ IN MX 10 mail
修改vim /etc/resolv.conf
[root@www named]# vim /etc/resolv.conf
search a.com
nameserver 192.168.101.200
修改主机名
[root@www named]# vim /etc/sysconfig/network
NETWORKING=yes
NETWORKING_IPV6=no
HOSTNAME=mail.abc,com
GATEWAY=192.168.101.200
重启系统
[root@www named]# init 6
[root@mail ~]# service named start
启动 named: [确定]
[root@mail ~]# chkconfig named on
安装所需独rpm包:
[root@mail ~]# yum install -y httpd mysql mysql-server mysql-devel openssl-devel dovecot perl-DBD-MySQL tcl tcl-devel libart_lgpl libart_lgpl-devel libtool-ltdl libtool-ltdl-devel expect
关闭sendmail,并将它的随系统自动启动功能关闭
[root@mail ~]# service sendmail stop
[root@mail ~]# chkconfig sendmail off
安装以下开发所用的rpm包组:
Development Libraries
Devolopment Tools
Legacy Software Development
X Software Development
启动mysql数据库,root用户设置密码
[root@mail ~]# service mysqld start
[root@mail ~]# chkconfig mysqld on
[root@mail ~]# mysqladmin -u root password '123'
安装postfix
[root@mail ~]# groupadd -g 2525 postfix
[root@mail ~]# useradd -g postfix -u 2525 -s /sbin/mologin -M postfix
[root@mail ~]# groupadd -g 2526 postdrop
[root@mail ~]# useradd -g postdrop -u 2526 -s /bin/failse -M postdrop
[root@mail ~]#tar -zxvf postfix-2.6.2.tar.gz -C /usr/src/
[root@mail ~]# cd /usr/src/postfix-2.6.2/
[root@mail postfix-2.6.2]# make makefiles 'CCARGS=-DHAS_MYSQL -I/usr/include/mysql -DUSE_SASL_AUTH -DUSE_CYRUS_SASL -I/usr/include/sasl -DUSE_TLS' 'AUXLIBS=-L/usr/lib/mysql -lmysqlclient -lz -lm -L/usr/lib/sasl2 -lsasl2 -lssl -lcrypto'
[root@mail postfix-2.6.2]# make && make install
[root@mail postfix-2.6.2]# postconf -m
[root@mail postfix-2.6.2]# newaliases
[root@mail postfix-2.6.2]# vim /etc/postfix/main.cf
77 myhostname = mail.abc.com
85 mydomain = abc.com
102 myorigin = abc.com
165 mydestination = $myhostname, localhost,$mydomain, localhost, $mydomain, mail, $mydomain,www, $mydomain, ftp, $mydomain
263 mynetworks = 192.168.101.0/24,127.0.0.0/8
[root@mail ~]#mkdir jack
[root@mail ~]#cd jack
[root@mail jack]#cp /mnt/cdrom/Server/postfix-2.3.3-2.1.e15_i386.rpm ./
[root@mail jack]# rpm2cpio postfix-2.3.3-2.1.el5_2.i386.rpm |cpio -id
[root@mail jack]# cd etc/
[root@mail etc]# cd rc.d/
[root@mail rc.d]# cd init.d/
[root@mail init.d]# cp postfix /etc/init.d
[root@mail init.d]# service postfix start
Starting postfix: [ OK ]
加入开机自启动
[root@mail init.d]# chkconfig --add postfix
[root@mail init.d]# chkconfig postfix on
连接postfix,建一用户user1
[root@mail ~]# useradd user1
[root@mail ~]# echo "123" |passwd --stdin user1
[root@mail ~]# telnet mail.abc.com 25
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 mail.abc.com ESMTP Postfix
EHLO mail.abc.com
250-mail.abc.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
mail from:[email protected]
250 2.1.0 Ok
rcpt to:[email protected]
250 2.1.5 Ok
data
354 End data with <CR><LF>.<CR><LF>
11111111111111111
.
250 2.0.0 Ok: queued as 45F632482A8
quit
221 2.0.0 Bye
Connection closed by foreign host.
[root@mail ~]# su - user1
[user1@mail ~]$ mail
Mail version 8.1 6/6/93. Type ? for help.
"/var/spool/mail/user1": 1 message 1 new
>N 1 [email protected] Tue Feb 7 22:45 13/437
& 1
Message 1:
From [email protected] Tue Feb 7 22:45:37 2012
X-Original-To: [email protected]
Delivered-To: [email protected]
Date: Tue, 7 Feb 2012 22:45:18 +0800 (CST)
From: [email protected]
11111111111111111
& quit
Saved 1 message in mbox
[user1@mail ~]$ eixt
为postfix开启基于cyrus-sasl的认证功能
[root@mail ~]# vim /etc/postfix/main.cf
增加以下内容:
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject_invalid_hostname,reject_non_fqdn_hostname,reject_unknown_sender_domain,reject_non_fqdn_sender,reject_non_fqdn_recipient,reject_unknown_recipient_domain,reject_unauth_pipelining,reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_security_options = noanonymous
smtpd_banner = Welcome to our $myhostname ESMTP,Warning: Version not Available!
[root@mail sasl2]# vim /usr/lib/sasl2/smtpd.conf
增加如下内容:
pwcheck_method: saslauthd
mech_list: PLAIN LOGIN
启动sasl,并将其设为开机自启动
[root@mail sasl2]# service saslauthd start
Starting saslauthd: [ OK ]
[root@mail sasl2]# chkconfig saslauthd on
重启postfix
[root@mail sasl2]# service postfix restart
[root@mail ~]# telnet mail.abc.com 25
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 Welcome to our mail.abc.com ESMTP,Warning: Version not Available!
EHLO mail.abc.com
250-mail.abc.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH PLAIN LOGIN #已出现验证机制
250-AUTH=PLAIN LOGIN #已出现验证机制
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
安装Courier authentication library
[root@mail ~]# tar -jxvf courier-authlib-0.63.1.20111230.tar.bz2 -C /usr/src/
[root@mail ~]# cd /usr/src/courier-authlib-0.63.1.20111230/
[root@mail courier-authlib-0.63.1.20111230]# ./configure --prefix=/usr/local/courier-authlib --sysconfdir=/etc --with-authmysql --with-mysql-libs=/usr/lib/mysql --with-mysql-includes=/usr/include/mysql --with-redhat --with-authmysqlrc=/etc/authmysqlrc --with-authdaemonrc=/etc/authdaemonrc --with-ltdl-lib=/usr/lib --with-ltdl-include=/usr/include
[root@mail courier-authlib-0.63.1.20111230]# make && make install
[root@mail ~]#chmod 755 /usr/local/courier-authlib/var/spool/authdaemon
[root@mail ~]# cp /etc/authdaemonrc.dist /etc/authdaemonrc
[root@mail ~]# cp /etc/authmysqlrc.dist /etc/authmysqlrc
修改文件/etc/authdaemonrc
[root@mail ~]# vim /etc/authdaemonrc
authmodulelist="authmysql"
authmodulelistorig="authmysql"
daemons=10
[root@mail ~]# vim /etc/authmysqlrc
修改的内容:
MYSQL_SERVER localhost
MYSQL_PORT 3306
MYSQL_USERNAME extmail
MYSQL_PASSWORD extmail
MYSQL_SOCKET /var/lib/mysql/mysql.sock
MYSQL_DATABASE extmail
MYSQL_USER_TABLE mailbox
MYSQL_CRYPT_PWFIELD password
MYSQL_UID_FIELD '2525'
MYSQL_GID_FIELD '2525'
MYSQL_LOGIN_FIELD username
MYSQL_HOME_FIELD concat('/var/mailbox/',homedir)
MYSQL_NAME_FIELD name
MYSQL_MAILDIR_FIELD concat('/var/mailbox/',maildir)
[root@mail ~]# cd /usr/src/courier-authlib-0.63.1.20111230/
[root@mail courier-authlib-0.63.1.20111230]# cp courier-authlib.sysvinit /etc/init.d/courier-authlib
[root@mail ~]#chmod 755 /etc/init.d/courier-authlib
[root@mail ~]# chkconfig --add courier-authlib
[root@mail ~]# chkconfig --level 2345 courier-authlib on
[root@mail ~]# echo "/usr/local/courier-authlib/lib/courier-authlib" >> /etc/ld.so.conf.d/courier-authlib.conf
[root@mail ~]# ldconfig –v
[root@mail ~]# service courier-authlib start