实验环境:
服务器端server: willis.com 172.25.254.1
客户端desktop: desktop.com 172.25.254.2
实验内容: 1.邮件远程发送
2.邮件别名
3.邮件群发
4.空壳邮件服务搭建
5.不同服务器之间邮件传送(DNS邮件解析)
6.出栈地址伪装
7.客户端主机名/地址限制 :(通过IP限制发件)
8.通过发件人地址进行限制 :(通过地址限制发件)
9.通过收件人地址进行过滤 :(限制收件)
1.邮件远程发送
1.1服务端
1.1-1 systemctl stop firewalld
yum install postfix
1.1-2vim /etc/postfix/main.cf
mydomain = willis.com #收件方看到的方邮件方主机名
myorigin = $mydomain
inet_interfaces = all #开启接口
#inet_interfaces = localhost #关闭只允许本地访问
mydestination = $myhostname, $mydomain, localhost #
1.1-3.systemctl restart postfix
netstat antlpe |grep master #查看端口
[root@willis ~]# netstat -antple |grep master
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 0 43632 2497/master
tcp6 0 0 :::25 :::* LISTEN 0 43633 2497/master
1.2.远程发送端(客户端)
[root@desktop ~]# yum install telnet -y
[root@desktop ~]# telnet 172.25.254.1 25
Trying 172.25.254.1...
Connected to 172.25.254.1.
Escape character is '^]'.
220 linux.com ESMTP Postfixehlo hello250-linux.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
2.邮件别名
2.1.vim /etc/aliases
最后添加 admin: root ###给root一个别名为admin
2.2.postalias /etc/aliases ###重读别名文件
2.3.systemctl restart postfix
2.4.id admin ###可查看到admin用户不存在
mail admin ###相当于给root用户发送邮件
mail ###查看root用户的邮件
[root@willis ~]# vim /etc/aliases
[root@willis ~]# postalias /etc/aliases
[root@willis ~]# systemctl restart postfix.service
[root@willis ~]# id willis
id: willis: no such user
[root@willis ~]# mail willis
Subject: hello
hello , my name is willis,how are you.
.
EOT
[root@willis ~]# mail
Heirloom Mail version 12.5 7/5/10. Type ? for help.
"/var/spool/mail/root": 1 message 1 new
>N 1 root Fri Sep 9 10:36 18/567 "hello"
& 1
Message 1:
From root@willis.com Fri Sep 9 10:36:54 2016
Return-Path: <root@willis.com>
X-Original-To: willis
Delivered-To: willis@willis.com
Date: Fri, 09 Sep 2016 10:36:54 +0800
To: willis@willis.com
Subject: hello
User-Agent: Heirloom mailx 12.5 7/5/10
Content-Type: text/plain; charset=us-ascii
From: root@willis.com (root)
Status: R
hello , my name is willis,how are you.
& q
Held 1 message in /var/spool/mail/root
3.邮件群发
1.vim /etc/postfix/moreuser
root
student
2.vim /etc/aliases
最后添加 more: :include:/etc/postfix/moreuser
3.postalias /etc/aliases
4.systemctl restart postfix
5.mail more ###群发邮件
mail ###查看root用户的邮件
mail -u student ###查看student用户的邮件
[root@willis ~]# >/var/spool/mail/root
[root@willis ~]# useradd student
[root@willis ~]# vim /etc/postfix/moreuser
root
student
[root@willis ~]# vim /etc/aliases
[root@willis ~]# postalias /etc/aliases
[root@willis ~]# systemctl restart postfix.service
[root@willis ~]# mail more
Subject: hello-world
hello world.
.
EOT
[root@willis ~]# mail
Heirloom Mail version 12.5 7/5/10. Type ? for help.
"/var/spool/mail/root": 1 message 1 new
>N 1 root Fri Sep 9 10:42 21/661 "hello-world"
& q
Held 1 message in /var/spool/mail/root
[root@willis ~]# mail -u student
Heirloom Mail version 12.5 7/5/10. Type ? for help.
"/var/mail/student": 1 message 1 new
>N 1 root Fri Sep 9 10:42 21/664 "hello-world"
& q
Held 1 message in /var/mail/student
4.空壳邮件服务搭建
4.1.在desktop(另外一台仅中转邮件的服务器,空壳端)上
postconf -e "inet_interfaces = all"
postconf -e "mydomain = willis.com"
postconf -e 'myorigin = $mydomain'
postconf -e "mydestination = "
postconf -e "relayhost = 172.25.254.1"
postconf -e "local_transport = error:local delivery disabled "
systemctl restart postfix.service
(附注:火墙要关闭systemctl stop firewalld selinux要置0 setenforce 0 )
[root@desktop ~]# postconf -e "mydomain = willis.com"
[root@desktop ~]# postconf -e 'myorigin = $mydomain'
[root@desktop ~]# postconf -e "mydestination = "
[root@desktop ~]# postconf -e "relayhost = 172.25.254.1"
[root@desktop ~]# postconf -e "local_transport = error:local delivery disabled "
[root@desktop ~]# systemctl restart postfix.service 4.2.在主服务器server上
postconf -e "mynetworks = 127.0.0.0/8 172.25.254.0/24"
#接受来自那个网段的邮件
systemctl restart postfix.service
(附注:火墙要关闭systemctl stop firewalld selinux要置0 setenforce 0 )
[root@willis ~]# postconf -e "mynetworks = 127.0.0.0/8 172.25.254.0/24"
You have mail in /var/spool/mail/root
[root@willis ~]# systemctl restart postfix.service
4.3.实验验证 在desktop(另外一台仅中转邮件的服务器)上(> /var/log/maillog ###清空邮件日志) mail root ###发送文件[root@desktop ~]# >/var/log/maillog
[root@desktop ~]# mail root
Subject: beautiful world
Threr are many beautiful things.
.
EOT
[root@desktop ~]# mail
No mail for root
在主服务器server上( > /var/spool/mail/root ###清空邮件) mail ###查看文件
[root@willis ~]# >/var/spool/mail/root
[root@willis ~]# mail
Heirloom Mail version 12.5 7/5/10. Type ? for help.
"/var/spool/mail/root": 1 message 1 new
>N 1 root Fri Sep 9 10:54 21/756 "beautiful world"
& q
Held 1 message in /var/spool/mail/root
5.不同服务器之间的邮件传送(DNS邮件解析记录)
将前面做实验的环境恢复到初始状态。
vim /etc/postfix/main.cf
mydomain = willis.com
myorigin = $mydomain
inet_interfaces = all
#inet_interfaces = localhost
mydestination = $myhostname, $mydomain, localhost
5-1server端配置dns
hostnamectl set-hostname mail.willis.com
安装DNS:yum install bind -y
1)vim /etc/resolv.conf
search willis.com
nameserver 172.25.254.12)vim /etc/named.rfc1912.zoneszone "willis.com" IN {
type master;
file "willis.com.zone";
allow-update { none; };
};
zone "redhat.com" IN {
type master;
file "redhat.com.zone";
allow-update { none; };
};3)cd /var/named/
cp -p named.localhost willis.com.zone4)vim willis.com.zone$TTL 1D
@ IN SOA dns.willis.com. root. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.willis.com.
dns A 172.25.254.1
willis.com. MX 1 172.25.254.1.5)cp -p willis.com.zone redhat.com.zone
vim redhat.com.zone$TTL 1D
@ IN SOA dns.redhat.com. root. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.redhat.com.
dns A 172.25.254.1
redhat MX 1 172.25.254.2. 6)systemctl start named
5-2 . desktop端配置
hostnamectl set-hostname mail.redhat.com
1)vim /etc/resolv.conf
search redhat.com
nameserver 172.25.254.1
2)测试
mail root@willis.com
mail root@redhat.com
[root@mail ~]# mail root@willis.com
Subject: hello-willis
hello . you are a good boy.
.
EOT
[root@mail ~]# mail root@redhat.com
Subject: hello goog boy
Are you ok now?
.
EOT
You have new mail in /var/spool/mail/root
[root@mail ~]# mail
[root@mail ~]# mail root@redhat.com
Subject: hello good boy.
Are you OK now?
.
EOT
[root@mail ~]# mail
Heirloom Mail version 12.5 7/5/10. Type ? for help.
"/var/spool/mail/root": 1 message 1 new
>N 1 root Fri Sep 9 12:24 18/569 "hello good boy."
& 1
Message 1:
From root@redhat.com Fri Sep 9 12:24:07 2016
Return-Path: <root@redhat.com>
X-Original-To: root@redhat.com
Delivered-To: root@redhat.com
Date: Fri, 09 Sep 2016 12:24:07 +0800
To: root@redhat.com
Subject: hello good boy.
User-Agent: Heirloom mailx 12.5 7/5/10
Content-Type: text/plain; charset=us-ascii
From: root@redhat.com (root)
Status: R
Are you OK now?
6.出栈地址伪装
6.1服务器端(伪装端)
vim /etc/postfix/generic
增加
root@willis.com admin@hello.com
postmap generic ###生成generic.db文件
postconf -d | grep generic
postconf -e "smtp_generic_maps = hash:/etc/postfix/generic"
systemctl restart postfix.service
测试 mail root@redhat.com
[root@willis postfix]# mail root@redhat.com
Subject: hello.
你好呀
.
EOT
6.2 接受端
[root@mail ~]# mail
Heirloom Mail version 12.5 7/5/10. Type ? for help.
"/var/spool/mail/root": 1 message 1 new
>N 1 root Fri Sep 9 12:47 21/733 "hello."
& 1
Message 1:
From admin@hello.com Fri Sep 9 12:47:10 2016
Return-Path: <admin@hello.com>
X-Original-To: root@redhat.com
Delivered-To: root@redhat.com
Date: Fri, 09 Sep 2016 12:47:11 +0800
To: root@redhat.com
Subject: hello.
User-Agent: Heirloom mailx 12.5 7/5/10
Content-Type: text/plain; charset=utf-8
From: admin@hello.com (root)
Status: R
你好呀
7.客户端主机名/地址限制 :(通过IP限制发件)
postconf -e "smtpd_client_restrictions
= check_client_access hash:/etc/postfix/access"
vim /etc/postfox/main.cf
smtpd_client_restrictions = check_client_access hash:/etc/postfix/access,
vim /etc/postfox/access
192.168.0.4 REJECT
192.168.0 REJECT
postmap access
systemctl restart postfix
8.通过发件人地址进行限制 :(通过地址限制发件)
postconf -e "smtpd_sender_restrictions
= check_sender_access hash:/etc/postfix/sender"
vim /etc/postfox/main.cf
smtpd_sender_restrictions =
check_sender_access hash:/etc/postfix/sender
vim /etc/postfix/sender
user@exmaple.com REJECT(OK、RELAY)
postmap sender
systemctl restart postfix9.通过收件人地址进行过滤 :(限制收件)
postconf -e "smtpd_recipient_restrictions = check_recipient_access
hash:/etc/postfix/recipient"
vim /etc/postfox/main.cf
smtpd_recipient_restrictions = check_recipient_access
hash:/etc/postfix/recipient
vim /etc/postfix/recipient
user@example.com REJECT(OK、RELAY,DISCARDED)
postmap recipient
本文转自willis_sun 51CTO博客,原文链接:http://blog.51cto.com/willis/1851049,如需转载请自行联系原作者