分类: LINUX
2008-01-17 18:50:11
在rhel4中配置sendmail服务器:
实验的拓扑结构图:
MTA1 MTA2
DNS.SINA.COM
SMTP.SINA.COM SMTP.YAHOO.COM
POP.SINA.COM POP.YAHOO.COM
IP:192.168.1.10 IP:192.168.1.40
DNS:192.168.1.10 DNS:192.168.1.10
MUA1 MUA2
CLIENT.SINA.COM CLIENT.YAHOO.COM
IP:192.168.1.100 IP:192.168.1.140
DNS:192.168.1.10 DNS:192.168.1.10
Last login: Tue Sep 18 09:00:24 2007
[root@dns root]# hostname
dns.sina.com ---->首先配置域名服务器
[root@localhost ~]# rpm -qa | grep bind ---->检查是否具备域名服务器软件包
bind-utils-9.2.4-2
bind-libs-9.2.4-2
ypbind-1.17.2-3
[root@localhost ~]# mount /media/cdrom/ ---->挂载第4章光盘
mount: block device /dev/hdc is write-protected, mounting read-only
[root@localhost ~]# rpm -ivh /media/cdrom/RedHat/RPMS/bind-*
warning: /media/cdrom/RedHat/RPMS/bind-9.2.4-2.i386.rpm: V3 DSA signature: NOKEY, key ID db42a60e
Preparing... ########################################### [100%]
1:bind ########################################### [ 33%]
2:bind-chroot ########################################### [ 67%]
3:bind-devel ########################################### [100%]
---->安装域名服务器软件包
[root@localhost ~]# umount /media/cdrom/
[root@localhost ~]# mount /media/cdrom/ ---->挂载第1章光盘
mount: block device /dev/hdc is write-protected, mounting read-only
[root@localhost ~]# rpm -ivh /media/cdrom/RedHat/RPMS/caching-nameserver*
warning: /media/cdrom/RedHat/RPMS/caching-nameserver-7.3-3.noarch.rpm: V3 DSA signature: NOKEY, key ID db42a60e
Preparing... ########################################### [100%]
1:caching-nameserver warning: /etc/named.conf saved as /etc/named.conf.rpmorig
########################################### [100%]
[root@localhost ~]# vi /etc/named.conf
以下是我添加的内容:
正向:
zone "sina.com" IN {
type master;
file "sina.com.zone";
};
zone "yahoo.com" IN {
type master;
file "yahoo.com.zone";
};
反向:
zone "1.168.192.in-addr.arpa" IN {
type master;
file "sina.com.local";
};
从上面的配置中看到,本机将作为负责两个域名解析的域名服务器
[root@localhost ~]# cd /var/named/chroot/var/named/
根据上述内容创建区域数据库文件:
[root@dns named]# touch sina.com.zone sina.com.local yahoo.com.zone
其中sina.com.zone文件内容:
$TTL 86400
@ IN SOA dns.sina.com. root.sina.com. (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
IN NS dns.sina.com.
IN MX 5 smtp.sina.com.
dns IN A 192.168.1.10
smtp IN CNAME dns
pop IN CNAME dns
其中yahoo.com.zone文件内容:
$TTL 86400
@ IN SOA dns.sina.com. root.sina.com. (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
IN NS smtp.yahoo.com.
IN MX 5 smtp.yahoo.com.
smtp IN A 192.168.1.40
pop IN CNAME smtp
其中sina.com.local文件内容:
$TTL 86400
@ IN SOA dns.sina.com. root.sina.com. (
42 ; Serial
3H ; Refresh
15M ; Retry
1W ; Expire
1D ) ; Minimum
IN NS dns.sina.com.
IN MX 5 smtp.sina.com.
IN MX 5 smtp.yahoo.com.
10 IN PTR dns.sina.com.
10 IN PTR smtp.sina.com.
10 IN PTR pop.sina.com.
40 IN PTR smtp.yahoo.com.
40 IN PTR pop.yahoo.com.
上述三个配置文件的写法上实际上是通过添加A记录来实现各主机解析:
从结构图中可以看出:
MTA1: smtp.sina.com IP:192.168.1.10
pop.sina.com
dns.sina.com DNS:192.168.1.10
MTA2: smtp.yahoo.com IP:192.168.1.40
pop.yahoo.com DNS:192.168.1.10
其中一台邮件服务器上集成了DNS服务器。
现在开始在dns.sina.com上安装sendmail软件包:挂载第4章光盘
[root@localhost named]# umount /media/cdrom/
[root@localhost named]# mount /media/cdrom/
mount: block device /dev/hdc is write-protected, mounting read-only
[root@localhost named]# rpm -ivh /media/cdrom/RedHat/RPMS/sendmail-*
warning: /media/cdrom/RedHat/RPMS/sendmail-cf-8.13.1-2.i386.rpm: V3 DSA signature: NOKEY, key ID db42a60e
Preparing... ########################################### [100%]
1:sendmail-doc ########################################### [ 33%]
2:sendmail-cf ########################################### [ 67%]
3:sendmail-devel ########################################### [100%]
进行配置:
[root@localhost named]# cd /etc/mail/
[root@dns mail]# vi sendmail.mc
将其中的:
dnl # DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl
更改为:
DAEMON_OPTIONS(`Port=smtp,Addr=0.0.0.0, Name=MTA')dnl ------>在0.0.0.0上开启25端口监听!
并且把 smtp认证打开
去掉sendmail.mc 的48 49行dnl
完成之后执行
[root@localhost mail]# service saslauthd start
Starting saslauthd: [ OK ]
[root@localhost mail]#m4 senmdail.mc > sendmail.cf `------>将编译内容导入主配置文件sendmail.cf
修改其他配置文件:local-host-names以及access
更改完成的结果:
[root@dns mail]# cat local-host-names
# local-host-names - include all aliases for your machine here.
sina.com
smtp.sina.com
[root@dns mail]# cat access
# Check the /usr/share/doc/sendmail/README.cf file for a description
# of the format of this file. (search for access_db in that file)
# The /usr/share/doc/sendmail/README.cf is part of the sendmail-doc
# package.
#
# by default we allow relaying from localhost...
localhost.localdomain RELAY
localhost RELAY
127.0.0.1 RELAY
sina.com RELAY
yahoo.com RELAY
192.168. RELAY ---->若不能转发,则REJECT 或者DISCARD
针对access文件要进行如下处理:
[root@dns mail]# makemap hash access.db < access
最后重启动服务:
[root@dns mail]# service sendmail restart
[root@dns mail]# netstat -nl | grep 25
tcp 0 0 192.168.1.10:25 0.0.0.0:* LISTEN
udp 0 0 0.0.0.0:1025 0.0.0.0:*
[root@dns mail]#