邮件服务:
sendmail.i386 主程序包(MTA)
sendmail-cf.i386 配置文件模板
sendmail-devel.i386 开发包
sendmail-doc.i386 帮助文档
dovecot pop3/imap服务端(MDA)
procmail 处理邮件,分发邮件
m4 把*.mc ---> *.cf
例子1:简单实现本机邮件发送
准备:
FQDN主机名
静态IP
绑定到/etc/hosts
1、安装软件包
# yum install sendmail-* -y
2、配置
配置目录:/etc/mail
access 设定访问控制
access.db
local-host-names 绑定域名
sendmail.cf 工作时候读取的配置文件
sendmail.mc 面向管理员设定的 mc-->cf
virtusertable 虚拟帐号
virtusertable.db
/etc/aliases 别名设定
该例子不需要配置
# service sendmail restart
# netstat -ntlp | grep :25
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 2789/sendmail: acce
测试:
方法1
# telnet 127.0.0.1 25
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 dr.upl.com ESMTP Sendmail 8.13.8/8.13.8; Sun, 19 Jun 2011 10:14:26 +0800
helo dr.upl.com <------
250 dr.upl.com Hello localhost.localdomain [127.0.0.1], pleased to meet you
mail from:tom@dr.upl.com <----
250 2.1.0 tom@dr.upl.com... Sender ok
rcpt to:root@dr.upl.com <-----
250 2.1.5 root@dr.upl.com... Recipient ok
data <----
354 Enter mail, end with "." on a line by itself
Hi,I am tom
. <---邮件内容输入完毕
250 2.0.0 p5J2EQR6002811 Message accepted for delivery
quit <---退出
查看邮件
# cat /var/spool/mail/root
方法2:
# cat /etc/fstab | sendmail -v tom@dr.upl.com
方法3:
# cat /etc/inittab | mail -s "Warning: Server is down" bean@dr.upl.com
例子2:让邮件服务器监听所有IP的25端口,实现支持用户发送邮件到本地用户
让邮件服务支持短域名
xxxx@dr.upl.com
xxx@upl.com
1、配置邮件服务
# vim /etc/mail/sendmail.mc
把
DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl
修改为
DAEMON_OPTIONS(`Port=smtp,Addr=0.0.0.0, Name=MTA')dnl
转换配置文件
# m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.c
2、绑定域名
# vim /etc/mail/local-host-names
dr.upl.com
upl.com
3、设定DNS服务,增加MX记录
# vim /var/named/chroot/var/named/data/master.upl.com.zone
@ IN MX 0 dr.upl.com.
dr IN A 10.1.1.21
# service named restart
sendmail服务器:10.1.1.21
DNS服务器: 10.1.1.22
设定senmail服务器,让他dns指向上面的DNS服务器
# vim /etc/resolv.conf
nameserver 10.1.1.22
4、重启sendmail
# service sendmail restart
# netstat -ntlp | grep :25
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 2920/sendmail: acce
# nslookup
> set type=mx
> upl.com
Server: 10.1.1.22
Address: 10.1.1.22#53
upl.com mail exchanger = 0 dr.upl.com.
测试:
# mail -s "Test sendmail" tom@upl.com < /etc/hosts
例子3:使用邮件别名,实现邮件转发或者群发
# vim /etc/aliases
mygod: tom 《--转发
it: tom,bean 《--群发
# newaliases ---》 aliases.db
重载配置文件
# service sendmail reload
测试
# mail -s "test mygod" mygod@upl.com < /etc/rc.local
例子4:允许发送外部邮件
xxx@upl.com ---> tanpao@139.com
sendmail如果没有打开smtp验证的话,使用access.db进行访问控制,控制哪些人可以发送外部邮件
发送外部域邮件的过程叫中继
配置前的测试
使用别的机器远程telnet连接邮件服务器25端口发邮件
# telnet 10.1.1.21 25
Trying 10.1.1.21...
Connected to s22 (10.1.1.21).
Escape character is '^]'.
220 dr.upl.com ESMTP Sendmail 8.13.8/8.13.8; Sun, 19 Jun 2011 11:24:07 +0800
mail from:10000@qq.com
250 2.1.0 10000@qq.com... Sender ok
rcpt to:tanpao@139.com
550 5.7.1 tanpao@139.com... Relaying denied 《--中继失败
默认是允许本机连接的用户发送外部邮件
# telnet 127.0.0.1 25
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 dr.upl.com ESMTP Sendmail 8.13.8/8.13.8; Sun, 19 Jun 2011 11:26:17 +0800
mail from:1000@qq.com
250 2.1.0 1000@qq.com... Sender ok
rcpt to:tanpao@139.com
250 2.1.5 tanpao@139.com... Recipient ok
1、设定允许本地收信任局域网发送外部邮件
# vim /etc/mail/access
Connect:localhost.localdomain RELAY
Connect:localhost RELAY
Connect:127.0.0.1 RELAY
Connect:10.1.1 RELAY 《--该网段中继
Connect:192.168.1.2 REJECT《--拒绝中继
From:qq.com REJECT 《--拒绝发件邮件是@qq.com
To:126.com REJECT <--拒绝发邮件给@126.com
# makemap hash /etc/mail/access.db < /etc/mail/access
# service sendmail reload
2、测试
远程telnet 邮件服务器
# telnet 10.1.1.21 25
Trying 10.1.1.21...
Connected to s22 (10.1.1.21).
Escape character is '^]'.
220 dr.upl.com ESMTP Sendmail 8.13.8/8.13.8; Sun, 19 Jun 2011 11:34:30 +0800
mail from:10000@qq.com
550 5.7.1 10000@qq.com... Access denied
mail from:admin@gmail.com
250 2.1.0 admin@gmail.com... Sender ok
rcpt to:admin@126.com
550 5.2.1 admin@126.com... Mailbox disabled for this recipient
rcpt to:tanpao@139.com
250 2.1.5 tanpao@139.com... Recipient ok
data
354 Enter mail, end with "." on a line by itself
just for testing sendmail relay......
.
250 2.0.0 p5J3YUw7025613 Message accepted for delivery
quit
例子5:开启smtp验证
开启了之后,中继功能访问判断再也不会根据access.db
# telnet 10.1.1.21 25
Trying 10.1.1.21...
Connected to dr.upl.com (10.1.1.21).
Escape character is '^]'.
220 dr.upl.com ESMTP Sendmail 8.13.8/8.13.8; Sun, 19 Jun 2011 13:44:50 +0800
ehlo dr.upl.com
250-dr.upl.com Hello dr.upl.com [10.1.1.21], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-DELIVERBY
250 HELP <---看不到AUTH关键字
# vim /etc/mail/sendmail.mc
搜索MD5,把前面的dnl 去掉
TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
搜索submission,去掉注释
DAEMON_OPTIONS(`Port=submission, Name=MSA, M=Ea')dnl
# m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf
验证
# telnet 10.1.1.21 25
Trying 10.1.1.21...
Connected to dr.upl.com (10.1.1.21).
Escape character is '^]'.
220 dr.upl.com ESMTP Sendmail 8.13.8/8.13.8; Sun, 19 Jun 2011 13:50:13 +0800
ehlo dr.upl.com
250-dr.upl.com Hello dr.upl.com [10.1.1.21], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-AUTH LOGIN PLAIN 《---看到AUTH关键,说明需要smtp验证
250-DELIVERBY
250 HELP
验证时候需要cyrus-*软件包的支持
# yum install cyrus-* -y
# service saslauthd restart
# service sendmail restart
如果你是需要让客户端能使用MUA(foxmail等)连接上来获取邮件:
安装dovecot服务
# yum install dovecot -y
# service dovecot restart
sendmail默认是同一个局域网登录上来的用户发送邮件是不强迫使用SMTP验证。
但需要对客户端的IP进行反向解析,如果接下出来的域名是跟邮件服务所在域是同一个域才允许发送外部域邮件
验证:
firefox /share/weeken/sendmail/base64_conversion.html
# telnet 10.1.1.21 25
Trying 10.1.1.21...
Connected to s22 (10.1.1.21).
Escape character is '^]'.
220 dr.upl.com ESMTP Sendmail 8.13.8/8.13.8; Sun, 19 Jun 2011 13:59:33 +0800
auth login 《-----
334 VXNlcm5hbWU6
dG9t 《---用户名tom经过base64编码之后
334 UGFzc3dvcmQ6
cXFx 《---密码qqq经过base64编码之后
235 2.0.0 OK Authenticated
mail from:tom@upl.com
250 2.1.0 tom@upl.com... Sender ok
rcpt to:13424337718@139.com
250 2.1.5 13424337718@139.com... Recipient ok
data
354 Enter mail, end with "." on a line by itself
Hi,i am sendmail hhhhhhhhhhhh
.
250 2.0.0 p5J5xXea026283 Message accepted for delivery
quit
221 2.0.0 dr.upl.com closing connection
Connection closed by foreign host.
使用mutt工具
mutt -f /var/mail/tom
或者
mutt -f pop://tom@upl.com <---upl.com必须直接解析到邮件服务器
mutt -f pop://tom@dr.upl.com
例子6: 让局域网内两个sendmail可以互相发送邮件
server1 server2
mail.upl.com mail.test.com
mary@upl.com <-------------------------> tom@test.tom
1、都开始smtp验证
2、必须能够相互解析对方的mx记录
=========================
下周内容
xinetd,tcpwrapper,http
samba,dhcp
阅读(1220) | 评论(0) | 转发(0) |