SMTP(二)
telnet远程链接:(谁都可以链接,存在安全隐患)
telnet:禁止谁远程链接我的主机发送邮件(任何我主机的用户都不能被链接)
vim /etc/postfix/access
172.25.254.131REJECT
postmap access(生成access.db加密文件)
postconf -d | grep client
postconf-e "smtpd_client_restrictions =check_client_accesshash:/etc/postfix/access"(check_client_access:检测客户)
vim /etc/postfix/main.cf
systemctl restart postfix.service
测试:
删除此设置
vim /etc/postfix/access(删除禁止)
postmap access(重新加密)
systemctl restart postfix.service
设置我的哪个主机用户不能被远程链接(本地可以)发送邮件,但是这个用户可以收到邮件(没用被禁止的主机用户可以链接)
vim /etc/postfix/sender
postmap sender(写完整的用户名)
postconf -d | grep sender
postconf-e "smtpd_client_restrictions =check_sender_accesshash:/etc/postfix/sender"(check_sender_access:检测用户)
systemctl restart postfix.service
测试:
我的哪一个主机用户不能收邮件(远程登陆的不可以,本地发送的也不可以收到)
修改之前(student用户可以收邮件)
vim /etc/postfix/recip
postconf -d | grep recip
postconf-e "smtpd_recipient_restrictions = check_recipient_accesshash:/etc/postfix/recip"
systemctl restart postfix.service
测试:
登陆验证用户接收邮件:
yum install dovecot –y
vim /etc/dovecot/dovecot.conf
disable_plaintext_auth = no
cd /etc/dovecot/conf.d
vim 10-mail.conf
mail_location = mbox:~/mail:INBOX=/var/mail/%u
测试:mutt -f imap://[email protected](前提是在/home/studnet下有/mail/.iamp/INDOX这个文件存在)
数据库连接邮箱:
网页管理数据库:
创建数据库:mail
创建表格:muser
创建用户:
给权限:
查询:
cd /etc/postfix
vim mysql-user.cf
hosts = localhost
user = postfix
password = postfix
dbname = email
table = muser
select_field = username
where_field = username
查询测试:postmap -q "[email protected]" /etc/postfix/mysql-user.cf
vim mysql-domain.cf
hosts = localhost
user = postfix
password = postfix
dbname = email
table = muser
select_field = domain
where_field = domain
查询测试:postmap -q "dd.org" /etc/postfix/mysql-domain.cf
vim mysql-maildri.cf
hosts = localhost
user = postfix
password = postfix
dbname = email
table = muser
select_field = mailder
where_field = username
查询测试:postmap -q "[email protected]" /etc/postfix/mysql-maildir.cf
给数据库里面的虚拟用户发送邮件
groupadd -g 666 vmail
useradd -g 666 -u 666 vmain
virtual_gid_maps = static:666
virtual_uid_maps = static:666
virtual_mailbox_base = /home/vmail
virtual_alias_maps = mysql:/etc/postfix/mysql-user.cf
virtual_mailbox_domains = mysql:/etc/postfix/mysql-domain.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql-maildir.cf
cd /home/vmail 
数据库里面的虚拟用户收邮件
vim dovecot.conf
protocols = imap pop3 lmtp
disable_plaintext_auth = no
vim dovecot-sql.conf.ext
driver = mysql
connect = host=localhost dbname=email user=postfix password=postfix
default_pass_scheme = PLAIN
password_query = \
SELECT username, domain, password \
FROM muser WHERE username = ‘%u‘ AND domain =‘%d‘
user_query = SELECT mailder, 666 AS uid, 666 AS gid FROM muserWHERE username = ‘%u‘
(认真 细心 一定不要写错哦 ~)
vim 10-auth.conf
!include auth-system.conf.ext
!include auth-sql.conf.ext
vim 10-mail.conf
mail_location
maildir:/home/vmail/%d/%n
first_valid_uid = 666
first_valid_gid = 666
邮件空壳:
空壳:
配置dns:
vim /etc/named.rfc1912.zones
zone"dd.org" IN {
type master;
file "dd.org.zone";
allow-update { none; };
};
vim/var/name/dd.org.zone
(请参照前面所讲的DNS的知识~)
测试:(dd.org域真实指向的是172.25.254.131 )
配置/etc/postfix/main.cf
myhostname =dd.dd.com(真实空壳主机名)
mydomain = dd.com(真实域名)
myorigin = dd.org (做哪个域的空壳)
inet_interfaces =all(打开25接口)
local_transport =error:local delivery disabled(如果给“空壳”传送邮件会报错)
mydestination= (什么都不写:因为作为空壳不接收处理任何邮件)
relayhost =172.25.254.231(主处理邮件的服务器)
systemctl restartpostfix.service
真实的接受邮件的服务器:(MTA:邮件服务器)
vim/etc/postfix/main.cf
mynetworks = 172.25.254.131 (我的空壳是谁)
systemctl restartpostfix.service
测试:
给[email protected]
发送一封邮件
