mail2

本文涉及的产品
RDS MySQL Serverless 基础系列,0.5-2RCU 50GB
云数据库 RDS MySQL,集群系列 2核4GB
推荐场景:
搭建个人博客
云数据库 RDS PostgreSQL,集群系列 2核4GB
简介:

黑名单

1.禁止IP登陆

vim /etc/postfix/access

172.25.254.124REJECT

postmap access

postconf -d | grep client

postconf -e "smtpd_client_restrictions = check_client_access hash:/etc/postfix/access"

systemctl restart postfix.service

测试:

[root@mail postfix]# telnet 172.25.254.224 25

Trying 172.25.254.224...

Connected to 172.25.254.224.

Escape character is '^]'.

220 mail.timo.com ESMTP Postfix

mail from:root@timo.com

250 2.1.0 Ok

rcpt to:root@rito.com

554 5.7.1 <unknown[172.25.254.124]>: Client host rejected: Access denied

quit

221 2.0.0 Bye

Connection closed by foreign host.

You have mail in /var/spool/mail/root

 

2.禁止某域的用户登陆

vim sender(名字任意)

taxing@timo.com         REJECT

postconf -d | grep sender

postconf -e "smtpd_sender_restrictions =check_sender_accesshash:/etc/postfix/sender"

postmap sender

systemctl restart postfix.service

 测试:

[root@mail postfix]# telnet 172.25.254.224 25

Trying 172.25.254.224...

Connected to 172.25.254.224.

Escape character is '^]'.

220 mail.timo.com ESMTP Postfix

mail from:taxing@timo.com

250 2.1.0 Ok

rcpt to:root@rito.com

451 4.3.5 <taxing@timo.com>: Sender address rejected: Server configuration error

421 4.4.2 mail.timo.com Error: timeout exceeded

Connection closed by foreign host.

 

3.禁止接收

vim recip(名字任意)

taxing@timo.com

postmap recip

postconf -d | grep recip

postconf -e "smtpd_recipient_restrictions = check_recipient_access hash:/etc/postfix/recip"

systemctl restart postfix.service

测试:

[root@mail postfix]# telnet 172.25.254.224 25

Trying 172.25.254.224...

Connected to 172.25.254.224.

Escape character is '^]'.

220 mail.timo.com ESMTP Postfix

mail from:root@timo.com

250 2.1.0 Ok

rcpt to:taxing@timo.com

451 4.3.5 <root@timo.com>: Sender address rejected: Server configuration error

 

4.数据库连接邮箱

vim /etc/hosts

172.25.254.124 mail.rito.com

网页创建数据库email,表muser

+----------------+----------+----------+-----------------------------+

| username       | password | domain   | maildir                     |

+----------------+----------+----------+-----------------------------+

| admin@rito.org | rito     | rito.org | /home/vmail/rito.org/admin/ |

+----------------+----------+----------+-----------------------------+

 

创建用户

MariaDB [(none)]> CREATE USER postfix@localhost identified by 'postfix';

Query OK, 0 rows affected (0.00 sec)

用户授权

MariaDB [(none)]> GRANT INSERT,UPDATE,SELECT ON email.* to postfix@localhost;

Query OK, 0 rows affected (0.00 sec)

查询

[root@mail thunderbird]# cd /etc/postfix/

[root@mail postfix]# ls

access     generic        main.cf    relocated  virtual

canonical  header_checks  master.cf  transport

 

[root@mail postfix]# vim mysql-users.cf

hosts = locahost

user = postfix

password = postfix

dbname = email

table = muser

select_field = username

where_field = username

 

[root@mail postfix]# vim mysql-domain.cf

hosts = locahost

user = postfix

password = postfix

dbname = email

table = muser

select_field = domain

where_field = domain

 

[root@mail postfix]# vim mysql-domain.cf

hosts = locahost

user = postfix

password = postfix

dbname = email

table = muser

select_field = maildir

where_field = username

检测

postconf -e | grep virtual

[root@mail postfix]# postconf -e "virtual_gid_maps = static:666"

[root@mail postfix]# postconf -e "virtual_uid_maps = static:666"

[root@mail postfix]# postconf -e "virtual_mailbox_maps = /home/vmail"

[root@mail postfix]# postconf -e "virtual_alias_maps = mysql:/etc/postfix/mysql-users.cf"

[root@mail postfix]# postconf -e "virtual_mailbox_domains = mysql:/etc/postfix/mysql-domain.cf"

[root@mail postfix]# postconf -e "virtual_mailbox_maps = mysql:/etc/postfix/mysql-maildir.cf"

 

vim main.cf

 virtual_gid_maps = static:666

 virtual_uid_maps = static:666

 virtual_mailbox_maps = mysql:/etc/postfix/mysql-maildir.cf

 virtual_alias_maps = mysql:/etc/postfix/mysql-users.cf

 virtual_mailbox_domains = mysql:/etc/postfix/mysql-domain.cf

 virtual_mailbox_base = /home/vmail

 

[root@mail vmail]# mail admin@rito.org

Subject: 123

123

123

.

EOT

[root@mail home]# cd vmail/

[root@mail vmail]# ls

rito.org

[root@mail vmail]# cd rito.org/

[root@mail rito.org]# ls

admin

[root@mail rito.org]# cd admin/

[root@mail admin]# ls

cur  new  tmp

[root@mail admin]# cd new/

[root@mail new]# ls

1481030344.Vfd01I24635aM472016.mail.rito.com

[root@mail new]# cat 1481030344.Vfd01I24635aM472016.mail.rito.com

Return-Path: <root@rito.com>

X-Original-To: admin@rito.org

Delivered-To: admin@rito.org

Received: by mail.rito.com (Postfix, from userid 0)

id B91D1246333; Tue,  6 Dec 2016 08:13:58 -0500 (EST)

Date: Tue, 06 Dec 2016 08:13:58 -0500

To: admin@rito.org

Subject: 123

User-Agent: Heirloom mailx 12.5 7/5/10

MIME-Version: 1.0

Content-Type: text/plain; charset=us-ascii

Content-Transfer-Encoding: 7bit

Message-Id: <20161206131358.B91D1246333@mail.rito.com>

From: root@rito.com (root)

 

123

123

 

5.虚拟用户接收邮件

yum install mysql

vim /etc/dovecot/dovecot-s

 32 driver=mysql

 71 connect = host =localhost dbname=email user=postfix password=postfix

 78 default_pass_scheme = PLAIN

 107 password_query = \

 108  SELECT username, domain, password \

 109   FROM muser WHERE  username = '%n' AND domain = '%d'

 125 user_query = SELECT maildir, 666 AS uid, 666 AS gid FROM users WHERE usernam    e = '%u'

 

vim /etc/dovecot/dovecot.conf

49 login_trusted_networks = 0.0.0.0/24

disable_plaintext_auth = no

protocols = imap pop3 lmtp

 

cd /conf.d

vim 10-mail.conf

 30 mail_location = maildir:/home/vmail/%d/%n

 168 first_valid_uid = 666

 175 first_valid_gid = 666

 

vim 10-auth.conf

122 !include auth-system.conf.ext

123 !include auth-sql.conf.ext

 

安装雷鸟

./thunderbird-bin

 

6.空壳邮箱

vim /etc/named.rfc1912.zones

zone "rito.org" IN {

 38         type master;

 39         file "rito.org.zone";

 40         allow-update { none; };

 41 };

 vim rito.org.zone

  1 $TTL 1D

  2 @       IN SOA  dns.rito.org. root.rito.org. (

  3                                         0       ; serial

  4                                         1D      ; refresh

  5                                         1H      ; retry

  6                                         1W      ; expire

  7                                         3H )    ; minimum

  8                 NS      dns.rito.org.

  9 dns             A       172.25.254.124

 10 rito.org.       MX 1    172.25.254.124.

~                                            

 

[root@mail conf.d]# dig -t mx rito.org

 

; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> -t mx rito.org

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12579

;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2

 

;; OPT PSEUDOSECTION:

; EDNS: version: 0, flags:; udp: 4096

;; QUESTION SECTION:

;rito.org.INMX

 

;; ANSWER SECTION:

rito.org.86400INMX1 172.25.254.124.

 

;; AUTHORITY SECTION:

rito.org.86400INNSdns.rito.org.

 

;; ADDITIONAL SECTION:

dns.rito.org.86400INA172.25.254.124

 

;; Query time: 0 msec

;; SERVER: 172.25.254.124#53(172.25.254.124)

;; WHEN: Wed Dec 07 09:01:58 EST 2016

;; MSG SIZE  rcvd: 101

在空壳主机上224

vim /etc/postfix/main.cf

myhostname=mail.timo.com

mydomain=timo.com

myorigin=$mydomain

inet_interfaces = all

local_transport = erro:local delivery disabled

mydestination = ##空壳不接受任何类型邮件

relayhost = 172.25.254.124##被替代的服务器

 

systemctl restart postfix.service

 

在需要被空壳替代的主机上124

vim /etc/postfix/main.cf

mynetworks = 172.25.254.224 #空壳ip

 本文转自   Taxing祥   51CTO博客,原文链接:http://blog.51cto.com/12118369/1880624


相关实践学习
如何快速连接云数据库RDS MySQL
本场景介绍如何通过阿里云数据管理服务DMS快速连接云数据库RDS MySQL,然后进行数据表的CRUD操作。
全面了解阿里云能为你做什么
阿里云在全球各地部署高效节能的绿色数据中心,利用清洁计算为万物互联的新世界提供源源不断的能源动力,目前开服的区域包括中国(华北、华东、华南、香港)、新加坡、美国(美东、美西)、欧洲、中东、澳大利亚、日本。目前阿里云的产品涵盖弹性计算、数据库、存储与CDN、分析与搜索、云通信、网络、管理与监控、应用服务、互联网中间件、移动服务、视频服务等。通过本课程,来了解阿里云能够为你的业务带来哪些帮助 &nbsp; &nbsp; 相关的阿里云产品:云服务器ECS 云服务器 ECS(Elastic Compute Service)是一种弹性可伸缩的计算服务,助您降低 IT 成本,提升运维效率,使您更专注于核心业务创新。产品详情: https://www.aliyun.com/product/ecs
相关文章
e-mail
e-mail
95 0
|
PHP Unix
|
开发工具 C++ 网络安全
|
Web App开发
|
关系型数据库 MySQL 测试技术