邮件服务器的配置以及使用

实验一:

                   实验目的:简单搭建出邮件服务器并测试其可用性

                   实验环境:DNS服务器一台,安装有Portfix的邮件服务器一台

实验步骤:

.邮件的发送(SMTP

1.在邮件服务器配置主机名,ip,并安装portfix并启动

[root@mail~]# tail -2 /etc/sysconfig/network

HOSTNAME=mail.tarena.com

 

[root@mail~]# ifconfig |head -2 |tail -1

          inet addr:192.168.13.189  Bcast:192.168.13.255  Mask:255.255.255.0

 

[root@mail~]# yum -y install postfix

[root@mail~]# service sendmail stop

[root@mail~]# chkconfig sendmail off

2.DNS服务器内添加邮件服务器解析条目

[root@dns01~]# cat /var/named/chroot/var/named/tarena.com.zone

$TTL    86400

@               IN SOA  localhost.      root.localhost. (

                                       2014060601              ; serial(d. adams)

                                        3H              ; refresh

                                        15M             ; retry

                                        1W              ; expiry

                                        1D)            ; minimum

         IN     NS    dns01.tarena.com.

         IN     MX  5     mail.tarena.com.     --5为邮件服务器优先级,数值越小优先级越高  

mail IN     A      192.168.13.189

dns01       IN     A      192.168.13.203

3.在邮件服务器将DNS指向DNS服务器,并测试

[root@mail~]# tail -1 /etc/resolv.conf

nameserver192.168.13.203                   --在网卡配置文件中添加PERDNS=no可将DNS服务器锁定

[root@mail~]# host -t mx tarena.com                              --解析域内的mx记录(域内的邮件服务器)

tarena.commail is handled by 5 mail.tarena.com.

[root@mail~]# host mail.tarena.com                              --解析邮件服务器

mail.tarena.comhas address 192.168.13.189

4.修改邮件服务器主配置文件

[root@mail~]# cd /etc/postfix/

[root@mailpostfix]# postconf -n > tmp.txt                            --将非默认配置导出(在备份前操作)

[root@mailpostfix]# mv main.cf main.cf.bak                --进行配置文件备份

[root@mailpostfix]# mv tmp.txt main.cf                        --将导出的非默认配置定义为主配置文件

[root@mailpostfix]# vim main.cf                                     

...

  8 #inet_interfaces = localhost                                         --监听端口

 20 myhostname = mail.tarena.com                                   --邮件服务器主机名

 21 mydomain = tarena.com                                                     --邮件服务器所在区域

 22 myorigin = $mydomain                                               --发件人DNS后缀           

 23 mydestination = $mydomain                                             --指定Postfix允许处理的邮件

 24 home_mailbox = Maildir/                                                 --邮箱类型(每个用户的邮件存放在家目录内,M必须为大写)

 25 mynetworks = 192.168.13.0/24                                   --设置允许哪些客户端直接将需要转发到外部区域的邮件提交给Postfix

[root@mail~]# postfix check                                          --主配置文件语法与拼写

5.测试:

新建两个用户

[root@mail~]# useradd yg

[root@mail~]# useradd xln

[root@mail~]# echo 123456 | passwd --stdin yg

[root@mail~]# echo 123456 | passwd --stdin xln

[root@mail~]# telnet mail.tarena.com 25

Trying192.168.13.189...

Connectedto mail.tarena.com (192.168.13.189).

Escapecharacter is '^]'.

220mail.tarena.com ESMTP Postfix

helolocalhost                                                                                    --宣告客户端

250 mail.tarena.com

mailfrom:yg@tarena.com                                                   --邮件来自

2502.1.0 Ok

rcptto:xln@tarena.com                                                                 --邮件发往

2502.1.5 Ok

data                                                                                                                --邮件正文

354End data with <CR><LF>.<CR><LF>

subjecttest mail                                                                                --邮件主题

hello          

.                                                                                                               --邮件结束

2502.0.0 Ok: queued as A967D324DE8

quit                                                                                                        --退出

2212.0.0 Bye

Connectionclosed by foreign host.

查看用户xln收到的邮件内容

[root@mail~]# ls ~xln/Maildir/new/

1403753848.V303Ife428M799366.mail.tarena.com

[root@mail~]# cat ~xln/Maildir/new/1403753848.V303Ife428M799366.mail.tarena.com

Return-Path:<yg@tarena.com>

X-Original-To:xln@tarena.com

Delivered-To:xln@tarena.com

Received:from localhost (unknown [192.168.13.189])

         by mail.tarena.com (Postfix) with SMTPid CDFC1155C56

         for <xln@tarena.com>; Thu, 26 Jun2014 11:36:04 +0800 (CST)

Message-Id:<20140626033641.CDFC1155C56@mail.tarena.com>

Date:Thu, 26 Jun 2014 11:36:04 +0800 (CST)

From:yg@tarena.com

To:undisclosed-recipients:;

 

subjecttest mail

 

hello

.邮件的接收(POP3

1.安装服务(dovecot

[root@mail~]# yum -y install dovecot

2、配置主配置文件

[root@mail~]# vim /etc/dovecot.conf

 205   mail_location = maildir:~/Maildir                           --设置邮箱路径(必须为大写M

[root@mail~]# service dovecot restart                                             --启动服务

[root@mail~]# chkconfig dovecot on                   

[root@mail~]# netstat -tulnp | grep dovecot                       --查看监听端口

tcp   0     0 :::110      :::*        LISTEN      16835/dovecot  

tcp   0     0 :::143      :::*        LISTEN      16835/dovecot 

3.测试邮件的接收

[root@mail~]# telnet mail.tarena.com 110

Trying192.168.13.189...

Connectedto mail.tarena.com (192.168.13.189).

Escapecharacter is '^]'.

+OKDovecot ready.

userxln                                                                                                          --输入用户名

+OK

pass123456                                                                                                 --输入用户密码                                

+OKLogged in.

list                                                                                                                    --邮件列表

+OK3 messages:

1446

21876

3446

.

retr1                                                                                                               --读取邮件1

+OK446 octets

Return-Path:<yg@tarena.com>

X-Original-To:xln@tarena.com

Delivered-To:xln@tarena.com

Received:from localhost (unknown [192.168.13.189])

         by mail.tarena.com (Postfix) with SMTPid 1F39C155C34

         for <xln@tarena.com>; Thu, 26 Jun2014 06:20:39 +0800 (CST)

Message-Id:<20140625222058.1F39C155C34@mail.tarena.com>

Date:Thu, 26 Jun 2014 06:20:39 +0800 (CST)

From:yg@tarena.com

To:undisclosed-recipients:;

 

subjectTest mail!

hello

.

quit

+OKLogging out.

Connectionclosed by foreign host.

 

实验二:邮件服务的认证控制

                   实验目的:通过cysrus-sasl服务的安装,实现邮件服务的SMTP认证控制

实验步骤:

1.安装并启动saslauthd服务

[root@mail~]# rpm -q cyrus-sasl

cyrus-sasl-2.1.22-7.el5_8.1

         --cp /usr/lib64/sasl2/smtpd.conf   /etc/sasl2/smtpd.conf     --将模板复制为主配置文件

[root@mail~]# cat /etc/sasl2/smtpd.conf

pwcheck_method:saslauthd

[root@mail~]# service saslauthd start

[root@mail~]# chkconfig saslauthd on

[root@mail~]# testsaslauthd -u yg -p 123456 -s smtp                 --yg用户登录检查saslauthd服务

0:OK "Success."

2.调整postfix配置,启用认证

[root@localhost~]# vim /etc/postfix/main.cf

 25 mynetworks = 127.0.0.1                                                                  --设置本地网络

 26 smtpd_sasl_auth_enable = yes                                                              --启用SASL认证

 27 smtpd_sasl_security_options = noanonymous                      --阻止匿名发信

 28 smtpd_recipient_restrictions =                                                              --设置收件人过滤

 29  permit_mynetworks,                                                                          --允许来自mynetworks的客户

 30  permit_sasl_authenticated,   三行为28行的子行,前面一个空格         --允许已通过sasl认证的用户

 31  reject_unauth_destination                                                             --拒绝向未授权的目标域发信

[root@localhost~]# service postfix restart

3.测试

[root@mail~]# printf "yg" | openssl base64                                   --将用户名加密

eWc=

[root@mail~]# printf "123456" | openssl base64                          --将用户密码加密

MTIzNDU2

[root@mail~]# telnet mail.tarena.com 25

Trying192.168.13.189...

Connectedto mail.tarena.com (192.168.13.189).

Escapecharacter is '^]'.

220mail.tarena.com ESMTP Postfix

mailfrom:yg@tarena.com

2502.1.0 Ok

rcptto:123@sina.com

5545.7.1 <123@sina.com>: Relay access denied                            --没有通过用户名密码发送被拒绝

quit

2212.0.0 Bye

Connectionclosed by foreign host.

[root@mail~]# telnet mail.tarena.com 25

Trying192.168.13.189...

Connectedto mail.tarena.com (192.168.13.189).

Escapecharacter is '^]'.

220mail.tarena.com ESMTP Postfix

helolocalhost

250mail.tarena.com

authlogin

334VXNlcm5hbWU6

eWc=

334UGFzc3dvcmQ6

MTIzNDU2

2352.0.0 Authentication successful                                                    --通过用户名密码成功                          

mailfrom:yg@tarena.com 

2502.1.0 Ok

rcptto:123@sina.com

2502.1.5 Ok

quit

2212.0.0 Bye

Connectionclosed by foreign host.

实验三:邮件过滤

1.根据客户端地址过滤

[root@mail~]# tail -n 2 /etc/postfix/access                                             --创建允许访问策略库

192.168.13.203   REJECT                                                                       --拒绝ip用户访问

192.168.13.189   OK                                                                                        --允许ip用户访问

[root@mail~]# postmap /etc/postfix/access

[root@mail~]# vim /etc/postfix/main.cf

 32 smtpd_client_restrictions =check_client_access hash:/etc/postfix/access --添加词条目,启用访问限制

[root@localhost~]# postfix reload

将主配置文件注释后访问策略库不生效

 

2.根据发信人地址过滤

[root@mail~]# cat /etc/postfix/sender_access

yg@tarena.com   REJECT

[root@mail~]# postmap /etc/postfix/sender_access

[root@mail~]# vim /etc/postfix/main.cf    

 33 smtpd_sender_restrictions =

 34 permit_mynetworks,                                                                           --若从mynetworks网络访问则允许

 35 reject_sender_login_mismatch,                                                --发件人与登录信息不符时拒绝

 36 reject_non_fqdn_sender,                                                                  --拒绝不完整的发件域

 37 reject_unknown_sender_domain,                                              --拒绝未知的收件域

 38 check_sender_access hash:/etc/postfix/sender_access      --指定策略库

[root@localhost~]# service postfix restart

做完这个实验请将main.cf33-38行注释,注释后访问策略库不生效

 

搭建Webmail系统

1、安装squirrelmail

[root@mail~]# yum -y install squirrelmail

2、配置squirrelmail

[root@mail~]# vim /etc/squirrelmail/config.php

...

 26 $squirrelmail_default_language = 'zh_CN';

 28 $domain                 = 'tarena.com';

 29 $imapServerAddress      = '192.168.13.189';

 32 $smtpServerAddress      = '192.168.13.189';

3、启动httpd服务

[root@mail~]# service httpd restart

[root@mail~]# chkconfig httpd on

测试:

http:--mail.tarena.com/webmail