Linux云自动化运维第十七课
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了Linux云自动化运维第十七课相关的知识,希望对你有一定的参考价值。
第四单元 配置电子邮件传输
一、基本电子邮件发送
1.电子邮件发送
1)服务器使用SMTP协议将电子邮件提交至TCP端口25,或由本地客户端通过/usr/bin/sendmail程序进行提交。如果该MTA是最终目标位置,邮件将传递至MDA。否则,将使用MX记录在DNS中查找下一个MTA,并使用SMTP进行转发。
2)MDA:“邮件发送代理”。MDA将邮件发送至收件人的本地邮件存储位置(默认情况下是/var/spool/mail/user)。Postfix提供自己的MDA,以发送至基于文件的本地默认邮件存储位置/usr/libexec/postfix/local.
3)转发:电子邮件服务器(MTA)将提交的邮件转发至另一个服务器,以进行发送
4)排队:失败的发送或转发尝试排队等待,并由MTA定义重试。(默认情况下,Postfix每小时执行此操作一次)
5)拒绝:在首次提交期间,电子邮件被电子邮件服务器拒绝
6)退回:远程服务器接受电子邮件以进行发送以后,又将该电子邮件退回给始发电子邮件服务器和/或用户
7)电子邮件以进行发送以后,又将该电子邮件退回给始发电子邮件服务器和/或用户
a.Postfix由postfix RPM包提供,并通过postfix服务脚本控制。它是一个由多个协同操作程序构成的模块化程序,它的组件由master进程控制。
b.Postfix的主配置文件是/etc/postfix/main.cf,可以使用文本编辑器或postconf命令进行编辑。postconf命令还可用于确定Postfix的所有当前和默认配置设置或逐项确定这些设置。
c.默认情况下,Postfix仅侦听来自本地主机的传入电子邮件。若要重新配置postfix以接收从远程主机发送的本地邮件,必须在/etc/postfix/main.cf中设置inet_interfaces = all
d.对电子邮件进行故障排除时,将在/var/log/maillog中保留所有与邮件相关的操作日志,其中包括关于被事件和成功事件的信息。mailq命令(或postqueue -p)显示已排队的所有传出邮件的列表。若要尝试再次立即发送所有已排队的邮件,可以运行postfix flush命令(或postqueue -f);否则,postfix将大约每小时尝试重新发送一次,直至邮件被接受或过期。
2.重要的Postfix配置指令:可以在/etc/postfix/main.cf文件中找到以下所有指令。
1)myorigin
重写本地发布的电子邮件,使其显示为来自该域。这样有助于确保响应返回入站邮件服务器
默认:myorigin = $myhostname
2)inet_interfaces
控制Postfix侦听传入电子邮件的网络接口。如果设置为loopback-only,仅侦听127.0.0.1和::1,如果设置为all,则侦听所有网络接口。还可以指定特定地址。
默认:inet_interfaces = localhost
3)mydestination
收到地址为这些域的电子邮件将传递至MDA,以进行本地发送。
默认:mydestination = $myhostname, localhost.$mydomain, localhost
4)mynetworks
IP地址和网络的逗号分隔列表(采用CIDR表示法)。这些地址和网络可以通过此MTA转发至任何位置,无需进一步身份验证。
默认:mynetworks = 127.0.0.0/8
5)relayhost
relayhost转发所有通过的出站邮件。通常用方括号指定,以阻止MX记录查找。
默认:relayhost =
6)local_transport
收件地址为$mydestination的邮件的发送方式。默认情况下,设置为local:$myhostname(使用Local MDA将传入电子邮件发送到/var/spool/mail中的本地邮件存储位置)
默认:local_transport = local:$myhostname
7)postconf -d 显示默认值。
8)postconf -n显示不同于默认值的更改。
二、空壳邮件客户端
实际上,大多数组织不再只用一个邮件服务器来处理所有入站和出战电子邮件。相反,出于安全方面的考虑邮件服务器专门针对特定角色进行了设置,以便可以面向其具体针
对的应用程序更好标准角色包括:
1.null客户端:运行本地MTA的客户端计算机,使所有电子邮件都可以转发至中央邮件服务器以进行发送,null客户端不接受任何电子邮件的本地发送。
2.仅入站邮件服务器:在站点处理用户的所有传入电子邮件,并将之传递给MDA以发送至用户邮件存储位置的邮件服务器。在实际情况中,通常会在仅入站邮件服务器前端安装反垃圾邮件服务器或设备,以过滤垃圾邮件并且仅将 正常邮件转发至入站邮件服务器。
3.出站邮件转发:出站邮件转发(或“smarthost”)接收所有出站邮件,并使用MX记录和SMTP协议将邮件转发至目标位置 。
三、示例
1.配置基本环境
#mail-qq端
[[email protected] ~]# yum install bind -y
[[email protected] ~]# vim /etc/named.conf #允许所有主机连接
#// listen-on port 53 { 127.0.0.1; };
#// listen-on-v6 port 53 { ::1; };
# directory "/var/named";
# dump-file "/var/named/data/cache_dump.db";
# statistics-file "/var/named/data/named_stats.txt";
# memstatistics-file "/var/named/data/named_mem_stats.txt";
#// allow-query { localhost; };
# dnssec-enable yes;
# dnssec-validation no;
# dnssec-lookaside auto;
[[email protected] ~]# vim /etc/named.rfc1912.zones #正向解析
#zone "qq.com" IN {
# type master;
# file "qq.com.zone";
# allow-update { none; };
#};
#zone "westos.com" IN {
# type master;
# file "westos.com.zone";
# allow-update { none; };
#};
[[email protected] named]# cd /var/named/
[[email protected] named]# ls
data dynamic named.ca named.empty named.localhost named.loopback slaves
[[email protected] named]# cp -p named.localhost qq.com.zone
[[email protected] named]# vim qq.com.zone
[[email protected] named]# cat qq.com.zone
$TTL 1D
@ IN SOA dns.qq.com. root.qq.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.qq.com.
dns A 172.25.254.142
qq.com. MX 1 172.25.254.142.
[[email protected] named]# cp -p qq.com.zone westos.com.zone
[[email protected] named]# vim westos.com.zone
[[email protected] named]# cat westos.com.zone
$TTL 1D
@ IN SOA dns.westos.com. root.westos.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.westos.com.
dns A 172.25.254.142
westos.com. MX 1 172.25.254.242.
[[email protected] named]# systemctl start named
[[email protected] named]# systemctl stop firewalld.service
[[email protected] named]# systemctl disable firewalld.service
rm ‘/etc/systemd/system/basic.target.wants/firewalld.service‘
rm ‘/etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service‘
[[email protected] named]# vim /etc/resolv.conf
[[email protected] named]# cat /etc/resolv.conf
# Generated by NetworkManager
search qq.com
nameserver 172.25.254.142
[[email protected] named]# dig -t mx qq.com
; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> -t mx qq.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 8303
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;qq.com. IN MX
;; ANSWER SECTION:
qq.com. 86400 IN MX 1 172.25.254.142.
;; AUTHORITY SECTION:
qq.com. 86400 IN NS dns.qq.com.
;; ADDITIONAL SECTION:
dns.qq.com. 86400 IN A 172.25.254.142
;; Query time: 0 msec
;; SERVER: 172.25.254.142#53(172.25.254.142)
;; WHEN: Thu Apr 20 21:59:10 EDT 2017
;; MSG SIZE rcvd: 99
[[email protected] named]# dig -t mx westos.com
; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> -t mx westos.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57470
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;westos.com. IN MX
;; ANSWER SECTION:
westos.com. 86400 IN MX 1 172.25.254.242.
;; AUTHORITY SECTION:
westos.com. 86400 IN NS dns.westos.com.
;; ADDITIONAL SECTION:
dns.westos.com. 86400 IN A 172.25.254.142
;; Query time: 0 msec
;; SERVER: 172.25.254.142#53(172.25.254.142)
;; WHEN: Thu Apr 20 21:59:16 EDT 2017
;; MSG SIZE rcvd: 103
#mail-westos端
[[email protected] ~]# systemctl stop firewalld.service
[[email protected] ~]# systemctl disable firewalld.service
rm ‘/etc/systemd/system/basic.target.wants/firewalld.service‘
rm ‘/etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service‘
[[email protected] ~]# vim /etc/resolv.conf
[[email protected] ~]# cat /etc/resolv.conf
# Generated by NetworkManager
search westos.com
nameserver 172.25.254.142
[[email protected] ~]# dig -t mx qq.com
; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> -t mx qq.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 46511
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;qq.com. IN MX
;; ANSWER SECTION:
qq.com. 86400 IN MX 1 172.25.254.142.
;; AUTHORITY SECTION:
qq.com. 86400 IN NS dns.qq.com.
;; ADDITIONAL SECTION:
dns.qq.com. 86400 IN A 172.25.254.142
;; Query time: 1 msec
;; SERVER: 172.25.254.142#53(172.25.254.142)
;; WHEN: Thu Apr 20 21:57:54 EDT 2017
;; MSG SIZE rcvd: 99
[[email protected] ~]# dig -t mx westos.com
; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> -t mx westos.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21706
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;westos.com. IN MX
;; ANSWER SECTION:
westos.com. 86400 IN MX 1 172.25.254.242.
;; AUTHORITY SECTION:
westos.com. 86400 IN NS dns.westos.com.
;; ADDITIONAL SECTION:
dns.westos.com. 86400 IN A 172.25.254.142
;; Query time: 0 msec
;; SERVER: 172.25.254.142#53(172.25.254.142)
;; WHEN: Thu Apr 20 21:58:01 EDT 2017
;; MSG SIZE rcvd: 103
[[email protected] ~]#
2.发邮件收邮件
#mail-qq端
[[email protected] named]# >/var/log/maillog
[[email protected] named]# mail [email protected]
Subject: aa
aa
.
EOT
[[email protected] named]# mailq
-Queue ID- --Size-- ----Arrival Time---- -Sender/Recipient-------
DDCC017E876 416 Thu Apr 20 22:30:02 [email protected]
(connect to 172.25.254.242[172.25.254.242]:25: Connection refused)
-- 0 Kbytes in 1 Request.
[[email protected] named]# cat /var/log/maillog
Apr 20 22:30:02 mail-qq postfix/pickup[1380]: DDCC017E876: uid=0 from=<root>
Apr 20 22:30:02 mail-qq postfix/cleanup[30746]: DDCC017E876: message-id=<[email protected]>
Apr 20 22:30:02 mail-qq postfix/qmgr[1381]: DDCC017E876: from=<[email protected]>, size=416, nrcpt=1 (queue active)
Apr 20 22:30:02 mail-qq postfix/smtp[30748]: warning: numeric domain name in resource data of MX record for westos.com: 172.25.254.242
Apr 20 22:30:02 mail-qq postfix/smtp[30748]: connect to 172.25.254.242[172.25.254.242]:25: Connection refused
Apr 20 22:30:03 mail-qq postfix/smtp[30748]: DDCC017E876: to=<[email protected]>, relay=none, delay=0.15, delays=0.13/0.02/0/0, dsn=4.4.1, status=deferred (connect to 172.25.254.242[172.25.254.242]:25: Connection refused)
[[email protected] named]# netstat -antlpe | grep master
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 0 24066 1379/master
tcp6 0 0 ::1:25 :::* LISTEN 0 24067 1379/master
[[email protected] named]# vim /etc/postfix/main.cf
#116 inet_interfaces = all
[[email protected] named]# systemctl restart postfix.service
[[email protected] named]# netstat -antlpe | grep master
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 0 108540 30966/master
tcp6 0 0 :::25 :::* LISTEN 0 108541 30966/master
[[email protected] named]# postqueue -f
[[email protected] named]# mailq
Mail queue is empty
[[email protected] named]# >/var/log/maillog
[[email protected] named]# vim /etc/postfix/main.cf
#164 mydestination = $myhostname, $mydomain, localhost
# 76 myhostname = mail-qq.qq.com
# 83 mydomain = qq.com
# 99 myorigin = $mydomain
[[email protected] named]# systemctl restart postfix.service
[[email protected] named]# mail [email protected]
Subject: 233
233
.
EOT
[[email protected] named]# mailq
Mail queue is empty
[[email protected] named]# mail
Heirloom Mail version 12.5 7/5/10. Type ? for help.
"/var/spool/mail/root": 2 messages 1 new
1 [email protected] Thu Apr 20 21:30 518/36184 "[abrt] full crash report"
>N 2 root Thu Apr 20 22:46 21/700 "33"
& 2
Message 2:
From [email protected] Thu Apr 20 22:46:44 2017
Return-Path: <[email protected]>
X-Original-To: [email protected]
Delivered-To: [email protected]
Date: Thu, 20 Apr 2017 22:46:44 -0400
Subject: 33
User-Agent: Heirloom mailx 12.5 7/5/10
Content-Type: text/plain; charset=us-ascii
From: [email protected] (root)
Status: R
33
& q
Held 2 messages in /var/spool/mail/root
You have mail in /var/spool/mail/root
#mail-westos端
[[email protected] ~]# >/var/log/maillog
[[email protected] ~]# netstat -antlpe | grep master
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 0 24357 1374/master
tcp6 0 0 ::1:25 :::* LISTEN 0 24358 1374/master
[[email protected] ~]# vim /etc/postfix/main.cf
#116 inet_interfaces = all
[[email protected] ~]# systemctl restart postfix.service
[[email protected] ~]# netstat -antlpe | grep master
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 0 108525 30540/master
tcp6 0 0 :::25 :::* LISTEN 0 108526 30540/master
[[email protected] ~]# mailq
Mail queue is empty
[[email protected] ~]# mail
Heirloom Mail version 12.5 7/5/10. Type ? for help.
"/var/spool/mail/root": 1 message 1 new
>N 1 [email protected] Thu Apr 20 21:40 515/36032 "[abrt] full crash report"
& q
Held 1 message in /var/spool/mail/root
[[email protected] ~]# >/var/log/maillog
[[email protected] ~]# vim /etc/postfix/main.cf
#164 mydestination = $myhostname, $mydomain, localhost
# 76 myhostname = mail-westos.westos.com
# 83 mydomain = westos.com
# 99 myorigin = $mydomain
[[email protected] ~]# systemctl restart postfix.service
[[email protected] ~]# mailq
Mail queue is empty
[[email protected] ~]# mail
Heirloom Mail version 12.5 7/5/10. Type ? for help.
"/var/spool/mail/root": 2 messages 1 new 2 unread
U 1 [email protected] Thu Apr 20 21:40 516/36042 "[abrt] full crash report"
>N 2 root Thu Apr 20 22:44 21/704 "233"
& 2
Message 2:
From [email protected] Thu Apr 20 22:44:34 2017
Return-Path: <root[email protected]>
X-Original-To: [email protected]
Delivered-To: [email protected]
Date: Thu, 20 Apr 2017 22:44:33 -0400
Subject: 233
User-Agent: Heirloom mailx 12.5 7/5/10
Content-Type: text/plain; charset=us-ascii
From: [email protected] (root)
Status: R
233
& q
Held 2 messages in /var/spool/mail/root
[[email protected] ~]# mail [email protected]
Subject: 33
33
.
EOT
[[email protected] ~]# mailq
Mail queue is empty
[[email protected] ~]#
3.远程发邮件
[[email protected] yum.repos.d]$ telnet 172.25.254.142 25
Trying 172.25.254.142...
Connected to 172.25.254.142.
Escape character is ‘^]‘.
220 mail-qq.qq.com ESMTP Postfix
mail from:[email protected]
250 2.1.0 Ok
rcpt to:[email protected]
250 2.1.5 Ok
data
354 End data with <CR><LF>.<CR><LF>
aaaaaaaa
aaaaaaaaaaaaa
.
250 2.0.0 Ok: queued as 2069117E876
quit
221 2.0.0 Bye
Connection closed by foreign host.
[[email protected] yum.repos.d]$
[[email protected] ~]# mail
Heirloom Mail version 12.5 7/5/10. Type ? for help.
"/var/spool/mail/root": 3 messages 1 new 2 unread
U 1 [email protected] Thu Apr 20 21:40 516/36042 "[abrt] full crash report"
2 root Thu Apr 20 22:44 22/715 "233"
>N 3 [email protected] Thu Apr 20 23:04 14/496
& 3
Message 3:
From [email protected] Thu Apr 20 23:04:18 2017
Return-Path: <[email protected]>
X-Original-To: [email protected]
Delivered-To: [email protected]
Status: R
aaaaaaaa
aaaaaaaaaaaaa
& q
Held 3 messages in /var/spool/mail/root
You have mail in /var/spool/mail/root
[[email protected] ~]#
4.远程接受邮件
######配置了DNS的服务端######
[[email protected] named]# mail [email protected] #向用户[email protected]发送邮件
Subject: 2333
2333
.
EOT
[[email protected] named]# mailq #邮件已发送
Mail queue is empty
[[email protected] named]# mail
No mail for root
[[email protected] named]#
######拥有dovecot的客户端######
[[email protected] ~]# mail
No mail for root
[[email protected] ~]# mail -u student
Heirloom Mail version 12.5 7/5/10. Type ? for help.
"/var/mail/student": 1 message 1 new
>N 1 root Thu Apr 20 23:23 21/718 "2333"
& 1
Message 1:
From [email protected] Thu Apr 20 23:23:45 2017
Return-Path: <[email protected]>
X-Original-To: [email protected]
Delivered-To: [email protected]
Date: Thu, 20 Apr 2017 23:23:44 -0400
Subject: 2333
User-Agent: Heirloom mailx 12.5 7/5/10
Content-Type: text/plain; charset=us-ascii
From: [email protected] (root)
Status: R
2333
& q
Held 1 message in /var/mail/student
[[email protected] ~]# yum install dovecot -y #下载dovecot,用来接受文件,993-pop3s,995-imaps,110-pop,143-imap
[[email protected] ~]# systemctl restart dovecot
[[email protected] ~]# netstat -antlpe | grep dovecot
tcp 0 0 0.0.0.0:993 0.0.0.0:* LISTEN 0 132321 31303/dovecot
tcp 0 0 0.0.0.0:995 0.0.0.0:* LISTEN 0 132297 31303/dovecot
tcp 0 0 0.0.0.0:110 0.0.0.0:* LISTEN 0 132295 31303/dovecot
tcp 0 0 0.0.0.0:143 0.0.0.0:* LISTEN 0 132319 31303/dovecot
tcp6 0 0 :::993 :::* LISTEN 0 132322 31303/dovecot
tcp6 0 0 :::995 :::* LISTEN 0 132298 31303/dovecot
tcp6 0 0 :::110 :::* LISTEN 0 132296 31303/dovecot
tcp6 0 0 :::143 :::* LISTEN 0 132320 31303/dovecot
[[email protected] ~]# >/var/log/maillog
[[email protected] ~]$ mutt -f pop://[email protected]
[[email protected] ~]# cat /var/log/maillog
Apr 20 23:28:33 mail-westos dovecot: pop3-login: Login: user=<student>, method=PLAIN, rip=172.25.254.42, lip=172.25.254.242, mpid=31358, TLS, session=<KXkj2qRNEgCsGf4q>
Apr 20 23:28:33 mail-westos dovecot: pop3(student): Error: user student: Initialization failed: Namespace ‘‘: Mail storage autodetection failed with home=/home/student
Apr 20 23:28:33 mail-westos dovecot: pop3(student): Error: Invalid user settings. Refer to server log for more information.
Apr 20 23:28:39 mail-westos dovecot: pop3-login: Aborted login (tried to use disallowed plaintext auth): user=<>, rip=172.25.254.42, lip=172.25.254.242, session=<Xb1/2qRNEwCsGf4q>
[[email protected] ~]# vim /etc/dovecot/dovecot.conf
# 24 protocols = imap pop3 lmtp
# 49 disable_plaintext_auth = no
[[email protected] ~]# vim /etc/dovecot/conf.d/10-mail.conf
# 30 mail_location = mbox:~/mail:INBOX=/var/mail/%u
[[email protected] ~]# systemctl restart dovecot.service
[[email protected] ~]# >/var/log/maillog
[[email protected] ~]$ mutt -f pop://[email protected]
[[email protected] ~]# cat /var/log/maillog
Apr 20 23:31:47 mail-westos dovecot: pop3-login: Login: user=<student>, method=PLAIN, rip=172.25.254.42, lip=172.25.254.242, mpid=31489, TLS, session=<VzG15aRNFACsGf4q>
Apr 20 23:31:47 mail-westos dovecot: pop3(student): Error: chown(/home/student/mail/.imap, group=12(mail)) failed: Operation not permitted (egid=1000(student), group based on /var/mail/student - see http://wiki2.dovecot.org/Errors/ChgrpNoPerm)
Apr 20 23:31:47 mail-westos dovecot: pop3(student): Error: Couldn‘t open INBOX: Permission denied
Apr 20 23:31:47 mail-westos dovecot: pop3(student): Couldn‘t open INBOX top=0/0, retr=0/0, del=0/0, size=0
Apr 20 23:31:53 mail-westos dovecot: pop3-login: Aborted login (tried to use disallowed plaintext auth): user=<>, rip=172.25.254.42, lip=172.25.254.242, session=<D50R5qRNFQCsGf4q>
[[email protected] ~]# su - student
[[email protected] ~]$ mkdir /home/student/mail/.imap
[[email protected] ~]$ exit
logout
[[email protected] ~]# >/var/log/maillog
[[email protected] ~]$ mutt -f pop://[email protected]
[[email protected] ~]# cat /var/log/maillog
Apr 20 23:33:07 mail-westos dovecot: pop3-login: Login: user=<student>, method=PLAIN, rip=172.25.254.42, lip=172.25.254.242, mpid=31541, TLS, session=<OwF/6qRNGACsGf4q>
Apr 20 23:33:07 mail-westos dovecot: pop3(student): Error: chown(/home/student/mail/.imap/INBOX, group=12(mail)) failed: Operation not permitted (egid=1000(student), group based on /var/mail/student - see http://wiki2.dovecot.org/Errors/ChgrpNoPerm)
Apr 20 23:33:07 mail-westos dovecot: pop3(student): Error: Couldn‘t open INBOX: Permission denied
Apr 20 23:33:07 mail-westos dovecot: pop3(student): Couldn‘t open INBOX top=0/0, retr=0/0, del=0/0, size=0
Apr 20 23:33:13 mail-westos dovecot: pop3-login: Aborted login (tried to use disallowed plaintext auth): user=<>, rip=172.25.254.42, lip=172.25.254.242, session=<E2Xb6qRNGQCsGf4q>
[[email protected] ~]# su - student
Last login: Thu Apr 20 23:32:12 EDT 2017 on pts/0
[[email protected] ~]$ touch /home/student/mail/.imap/INBOX
[[email protected] ~]$ exit
logout
[[email protected] ~]#
[[email protected] ~]$ mutt -f pop://[email protected]
1 kept, 0 deleted.
5.远程图形界面接发邮件
######真机,下载邮件客户端thunderbird######
[[email protected] ~]# rpm -ivh /home/kiosk/Desktop/thunderbird-31.2.0-1.el7.x86_64.rpm
warning: /home/kiosk/Desktop/thunderbird-31.2.0-1.el7.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID 352c64e5: NOKEY
Preparing... ################################# [100%]
Updating / installing...
1:thunderbird-31.2.0-1.el7 ################################# [100%]
[[email protected] ~]# thunderbird
######拥有dovecot的客户端######
[[email protected] ~]# vim /etc/dovecot/dovecot.conf
# 48 login_trusted_networks = 0.0.0.0/0 #接受所有主机的发送过来的邮件
[[email protected] ~]# systemctl restart dovecot.service
######配置了DNS的服务端######
[[email protected] named]# vim /etc/named.rfc1912.zones #dns正向解析
# 37 zone "eastos.com" IN {
# 38 type master;
# 39 file "eastos.com.zone";
# 40 allow-update { none; };
# 41 };
[[email protected] named]# ls
data dynamic named.ca named.empty named.localhost named.loopback qq.com.zone slaves westos.com.zone
[[email protected] named]# cp -p westos.com.zone eastos.com.zone
[[email protected] named]# vim eastos.com.zone
[[email protected] named]# cat eastos.com.zone
$TTL 1D
@ IN SOA dns.eastos.com. root.eastos.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.eastos.com.
dns A 172.25.254.142
eastos.com. MX 1 172.25.254.116.
[[email protected] named]# systemctl restart named
6.连接数据库的虚拟帐号
######创建email数据库,emailuser虚拟用户数据表######
[[email protected] named]# yum install mariadb-server -y #下载mysql
[[email protected] named]# vim /etc/my.cnf
# 10 skip-networking=1 #跳过网络端口,不对外开放
[[email protected] named]# systemctl restart mariadb
[[email protected] named]# mysql_secure_installation #mysql安全安装加密
/usr/bin/mysql_secure_installation: line 379: find_mysql_client: command not found
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!
In order to log into MariaDB to secure it, we‘ll need the current
password for the root user. If you‘ve just installed MariaDB, and
you haven‘t set the root password yet, the password will be blank,
so you should just press enter here.
Enter current password for root (enter for none):
OK, successfully used password, moving on...
Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.
Set root password? [Y/n] y
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
... Success!
By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.
Remove anonymous users? [Y/n] y
... Success!
Normally, root should only be allowed to connect from ‘localhost‘. This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n] y
... Success!
By default, MariaDB comes with a database named ‘test‘ that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n] y
- Dropping test database...
... Success!
- Removing privileges on test database...
... Success!
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n] y
... Success!
Cleaning up...
All done! If you‘ve completed all of the above steps, your MariaDB
installation should now be secure.
Thanks for using MariaDB!
[[email protected] named]# yum install httpd php php-mysql -y #下载httpd,php,php-mysql
[[email protected] html]# lftp 172.25.254.250
lftp 172.25.254.250:~> cd pub/docs/software/
lftp 172.25.254.250:/pub/docs/software> ls
-rwxr-xr-x 1 1000 1000 3086326 Dec 25 2013 phpMyAdmin-2.11.3-all-languages.tar.bz2
-rwxr-xr-x 1 1000 1000 4548030 Dec 25 2013 phpMyAdmin-3.4.0-all-languages.tar.bz2
-rw-rw-r-- 1 1000 1000 2713600 Jun 07 2015 taobao.tar
-rwxr-xr-x 1 1000 1000 52387876 Feb 01 2015 thunderbird-31.2.0-1.el7.x86_64.rpm
-rwxr-xr-x 1 1000 1000 36902724 Feb 01 2015 thunderbird-31.4.0.tar.bz2
lftp 172.25.254.250:/pub/docs/software> get phpMyAdmin-3.4.0-all-languages.tar.bz2
4548030 bytes transferred
lftp 172.25.254.250:/pub/docs/software> quit
[[email protected] html]# ls
phpMyAdmin-3.4.0-all-languages.tar.bz2
[[email protected] html]# tar jxf phpMyAdmin-3.4.0-all-languages.tar.bz2
[[email protected] html]# ls
phpMyAdmin-3.4.0-all-languages phpMyAdmin-3.4.0-all-languages.tar.bz2
[[email protected] html]# rm -fr phpMyAdmin-3.4.0-all-languages.tar.bz2
[[email protected] html]# ls
phpMyAdmin-3.4.0-all-languages
[[email protected] html]# mv phpMyAdmin-3.4.0-all-languages/ mysqladmin
[[email protected] html]# ls
mysqladmin
[[email protected] html]# cd mysqladmin/
[[email protected] mysqladmin]# cp config.sample.inc.php config.inc.php
[[email protected] mysqladmin]# vim config.inc.php
# 17 $cfg[‘blowfish_secret‘] = ‘westos‘;
[[email protected] mysqladmin]# systemctl restart httpd
[[email protected] mysqladmin]# firefox
######授权给postfix用户######
[[email protected] mysqladmin]# mysql -uroot -pwestos
Welcome to the MariaDB monitor. Commands end with ; or \\g.
Your MariaDB connection id is 26
Server version: 5.5.35-MariaDB MariaDB Server
Copyright (c) 2000, 2013, Oracle, Monty Program Ab and others.
Type ‘help;‘ or ‘\\h‘ for help. Type ‘\\c‘ to clear the current input statement.
MariaDB [(none)]> CREATE USER [email protected] identified by "postfix";
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> GRANT INSERT,SELECT,UPDATE ON email.* to [email protected];
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> quit
Bye
[[email protected] mysqladmin]# firefox
######创建vmail用户,作为虚拟用户的使用身份######
[[email protected] mysqladmin]# cd
[[email protected] ~]# groupadd -g 888 vmail
[[email protected] ~]# useradd -g 888 -u 888 vmail
[[email protected] ~]# cd /home/vmail/
######建立postfix文件mailuser.cf,maildomain.cf,mailbox.cf,可查找虚拟用户名,domain,以及maildir目录######
[[email protected] vmail]# cd /etc/postfix/
[[email protected] postfix]# ls
access generic main.cf relocated virtual
canonical header_checks master.cf transport
[[email protected] postfix]# vim mailuser.cf
[[email protected] postfix]# cat mailuser.cf
hosts = localhost
user = postfix
password = postfix
dbname = email
table = emailuser
select_field = username
where_field = username
[[email protected] postfix]# postmap -q "[email protected]" mysql:/etc/postfix/mailuser.cf
[[email protected] postfix]# postmap -q "[email protected]" mysql:/etc/postfix/mailuser.cf
[[email protected] postfix]# cp mailuser.cf maildomain.cf
[[email protected] postfix]# cp mailuser.cf mailbox.cf
[[email protected] postfix]# vim maildomain.cf
[[email protected] postfix]# cat maildomain.cf
hosts = localhost
user = postfix
password = postfix
dbname = email
table = emailuser
select_field = domain #既定事实,数据表的段名
where_field = domain #想要查找的domain
[[email protected] postfix]# postmap -q "westos.com" mysql:/etc/postfix/maildomain.cf
westos.com
[[email protected] postfix]# postmap -q "qq.com" mysql:/etc/postfix/maildomain.cf
[[email protected] postfix]# vim mailbox.cf
[[email protected] postfix]# cat mailbox.cf
hosts = localhost
user = postfix
password = postfix
dbname = email
table = emailuser
select_field = maildir
where_field = username
[[email protected] postfix]# postmap -q "[email protected]" mysql:/etc/postfix/mailbox.cf
/var/spool/westos.com/lee/
[[email protected] postfix]# postmap -q "[email protected]" mysql:/etc/postfix/mailbox.cf
[[email protected] postfix]#
######用虚拟用户发送邮件######
[[email protected] postfix]# postconf -d | grep virtual
address_verify_virtual_transport = $virtual_transport
propagate_unmatched_extensions = canonical, virtual
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $smtpd_sender_login_maps $sender_bcc_maps $recipient_bcc_maps $smtp_generic_maps $lmtp_generic_maps $alias_maps
unknown_virtual_alias_reject_code = 550
unknown_virtual_mailbox_reject_code = 550
virtual_alias_domains = $virtual_alias_maps
virtual_alias_expansion_limit = 1000
virtual_alias_maps = $virtual_maps
virtual_alias_recursion_limit = 1000
virtual_delivery_slot_cost = $default_delivery_slot_cost
virtual_delivery_slot_discount = $default_delivery_slot_discount
virtual_delivery_slot_loan = $default_delivery_slot_loan
virtual_destination_concurrency_failed_cohort_limit = $default_destination_concurrency_failed_cohort_limit
virtual_destination_concurrency_limit = $default_destination_concurrency_limit
virtual_destination_concurrency_negative_feedback = $default_destination_concurrency_negative_feedback
virtual_destination_concurrency_positive_feedback = $default_destination_concurrency_positive_feedback
virtual_destination_rate_delay = $default_destination_rate_delay
virtual_destination_recipient_limit = $default_destination_recipient_limit
virtual_extra_recipient_limit = $default_extra_recipient_limit
virtual_gid_maps =
virtual_initial_destination_concurrency = $initial_destination_concurrency
virtual_mailbox_base =
virtual_mailbox_domains = $virtual_mailbox_maps
virtual_mailbox_limit = 51200000
virtual_mailbox_lock = fcntl, dotlock
virtual_mailbox_maps =
virtual_minimum_delivery_slots = $default_minimum_delivery_slots
virtual_minimum_uid = 100
virtual_recipient_limit = $default_recipient_limit
virtual_recipient_refill_delay = $default_recipient_refill_delay
virtual_recipient_refill_limit = $default_recipient_refill_limit
virtual_transport = virtual
virtual_uid_maps =
[[email protected] postfix]# postconf -e "virtual_mailbox_base = /home/vmail"
[[email protected] postfix]# postconf -e "virtual_uid_maps = static:888"
[[email protected] postfix]# postconf -e "virtual_gid_maps = static:888"
[[email protected] postfix]# postconf -e "virtual_alias_maps = mysql:/etc/postfix/mailuser.cf"
[[email protected] postfix]# postconf -e "virtual_mailbox_domains = mysql:/etc/postfix/maildomain.cf"
[[email protected] postfix]# postconf -e "virtual_mailbox_maps = mysql:/etc/postfix/mailbox.cf"
[[email protected] postfix]# postmap -q "[email protected]" mysql:/etc/postfix/mailuser.cf
[[email protected] postfix]# postmap -q "[email protected]" mysql:/etc/postfix/mailbox.cf
/var/spool/westos.com/lee/
[[email protected] postfix]# postmap -q "westos.com" mysql:/etc/postfix/maildomain.cf
westos.com
[[email protected] postfix]# cd /home/vmail/
[[email protected] vmail]# ls
[[email protected] vmail]# mail [email protected]
Subject: 233333
23333333333333333333333
.
EOT
[[email protected] vmail]# ls
westos.com
[[email protected] vmail]# cd westos.com/
[[email protected] westos.com]# ls
lee
[[email protected] westos.com]# cd lee/
[[email protected] lee]# ls
cur new tmp
[[email protected] new]# cat Cmysql:/etc/postfix/maildomain.cf
cat: Cmysql:/etc/postfix/maildomain.cf: No such file or directory
[[email protected] new]# cd ..
[[email protected] lee]# cat new/1492763498.Vfd01I134975bM202916.mail-qq.qq.com
Return-Path: <[email protected]>
X-Original-To: [email protected]
Delivered-To: [email protected]
Received: by mail-qq.qq.com (Postfix, from userid 0)
id 13A1B26D8BE; Fri, 21 Apr 2017 04:31:37 -0400 (EDT)
Date: Fri, 21 Apr 2017 04:31:37 -0400
Subject: 233333
User-Agent: Heirloom mailx 12.5 7/5/10
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-Id: <[email protected]>
From: [email protected] (root)
23333333333333333333333
[[email protected] lee]# cd ..
[[email protected] westos.com]# cd ..
[[email protected] vmail]# ls
westos.com
[[email protected] vmail]# mail [email protected]
Subject: 199999
1999999
.
EOT
[[email protected] vmail]# ls
163.com westos.com
[[email protected] vmail]# cd 163.com/
[[email protected] 163.com]# ls
loo
[[email protected] 163.com]# cd loo/
[[email protected] loo]# ls
cur new tmp
[[email protected] loo]# cat new/1492763826.Vfd01I300e415M855100.mail-qq.qq.com
Return-Path: <[email protected]>
X-Original-To: [email protected]
Delivered-To: [email protected]
Received: by mail-qq.qq.com (Postfix, from userid 0)
id BD6F63259; Fri, 21 Apr 2017 04:37:06 -0400 (EDT)
Date: Fri, 21 Apr 2017 04:37:06 -0400
Subject: 199999
User-Agent: Heirloom mailx 12.5 7/5/10
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-Id: <[email protected]>
From: [email protected] (root)
1999999
[[email protected] loo]#
以上是关于Linux云自动化运维第十七课的主要内容,如果未能解决你的问题,请参考以下文章