背景介绍
邮件服务器普遍需要一个主机名来使得mail from 以“账号@主机名”方式显示。由于外网上垃圾邮件太多,现在已不使用ip发邮件,很多网络供应商都会对来源不明的邮件进行限制,故需要搭建DNS或者使用服务商的域名解析,使得拥有一个正规的有来源的主机名。
postfix发信流程
发邮件流程(SMTP)
本地端MUA (邮件用户代理人) -----> 本地端MTA ---------> 远程用户MTA ------> 远程用户MDA ----> mailbox 远程用户MUA (此时还未到MUA)
收邮件流程 (IMAPs/POP3s)
远端用户MUA --------> MRA -------> mailbox
MUA <-------- MRA <------- mailbox
MUA : mail user agent 邮件用户代理人
MTA : mail transfer agent 邮件发送代理人
MDA : mail delivery agent 邮件传送代理人,MDA是MTA下的一个小程序,可以分析邮件表头或内容以获取邮件去向
mailbox:邮件主机的电子邮箱邮件,若MTA收到的邮件目标是本机,则MDA就会将邮件放进mailbox。
MRA: mail retrieval agent 邮件接收代理人
SMTP:用户传输邮件MTA使用此协议,连接服务器25端口
IMAPs/POP3s:用户接受邮件MRA使用此协议,加密有s,不加密可去掉s,连接服务器110端口。POP3与IMAP的区别是POP3传送邮件后会将服务端mailbox里的邮件删除,故你电脑端收完该邮件,打开手机端就接收不到了。软件介绍
postfix是Wietse Venema在IBM的GPL协议之下开发的MTA(邮件传输代理)软件
Dovecot 是一个开源的 IMAP 和 POP3 邮件服务器
saslauthd 用作用户认证
部署安装
DNS
yum -y install bind bind-chroot
vim /etc/named.conf 修改几个any
listen-on port 53 { any; };
listen-on-v6 port 53 { any; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
recursing-file "/var/named/data/named.recursing";
secroots-file "/var/named/data/named.secroots";
allow-query { any; };
vim /etc/named.rfc1912.zones 增加
zone "cat.com" IN {
type master;
file "named.cat";
};
zone "20.168.192.in-addr.arpa" {
type master;
file "named.arpa.cat";
};创建以上定义的几个域名解析的文件
vim /var/named/named.cat
@ IN SOA master.cat.com. rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
@ NS master.cat.com.
master A 192.168.20.136
www A 192.168.20.136
mail A 192.168.20.136
MX 5 mail.cat.com.
vim /var/named/named.arpa.cat
$TTL 1D
@ IN SOA master.cat.com. rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
@ NS master.cat.com.
136 PTR mail.cat.com.
136 PTR www.cat.com.
136 PTR master.cat.com.起服务
systemctl start named设置域名解析服务器为此服务器ip
vim /etc/resolv.conf
nameserver 192.168.20.136验证是否能解析成功
dig mail.cat.com
dig -x 192.168.20.136邮件服务器
yum -y remove sendmail
yum -y install postfix dovecot cyrus-sasl-* mailxpostfix配置
myhostname =mail.cat.com
mydomain = cat.com
myorigin = $mydomain #发邮件那个主机名user@$myorigin
inet_interfaces = all #postfix监听哪些主机的端口
inet_protocols = ipv4 #postfix监听ip协议
mydestination = $myhostname, $mydomain, ftp.cat.com #设置我方作为收信方时,能够接收邮件的主机名
mynetworks = 127.0.0.0/8, 192.168.20.0/24 #信任的客户端,哪些主机能利用我发邮件
relay_domains = $mydestination #可以帮忙传递邮件的下一台MTA主机地址
alias_maps = hash:/etc/aliases #设置邮件别名,保留默认值
alias_database = hash:/etc/aliases
home_mailbox = Maildir/ #接收的邮件保存在该user的家目录的Maildir下
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_sasl_authenticated,reject_unauth_destination,permit_mynetworks
smtpd_client_restrictions = permit_sasl_authenticated
smtpd_relay_restrictions = permit_mynetworks,permit_sasl_authenticated,defer_unauth_destinationdovecot配置
vim /etc/dovecot/dovecot.conf
protocols = imap pop3 lmtp
listen = *
dict {
}
!include conf.d/*.conf
!include_try local.conf
vim /etc/dovecot/conf.d/10-mail.conf
mail_location = maildir:~/Maildir
namespace inbox {
inbox = yes
}
first_valid_uid = 1000
mbox_write_locks = fcntl
vim /etc/dovecot/conf.d/10-ssl.conf
ssl = no
ssl_cert = </etc/pki/dovecot/certs/dovecot.pem
ssl_key = </etc/pki/dovecot/private/dovecot.pemsasl2配置
vim /etc/sysconfig/saslauthd
SOCKETDIR=/run/saslauthd
MECH=shadow
FLAGS=
vim /usr/lib64/sasl2/smtpd.conf
pwcheck_method: saslauthd #系统用户认证
mech_list: PLAIN LOGIN
log_level:3mailx配置(可以不用加此文件的配置)
vim /etc/mail.rc
set [email protected]
set smtp=mail.cat.com
set smtp-auth-user=admin
set smtp-auth-password=123456
set smtp-auth=login添加用户设置密码
groupadd mailuser
useradd admin -g mailuser
useradd admin -g tom
echo 123456 | passwd --stdin admin
echo tom | passwd --stdin tom起服务
systemctl start dovecot
systemctl start postfix
systemctl start saslauthd测试发送邮件:
[root@mail ~]# telnet mail.cat.com 25
Trying 192.168.20.136...
Connected to mail.cat.com.
Escape character is '^]'.
220 mail.cat.com ESMTP Postfix
helo mail.cat.com
250 mail.cat.com
mail from:[email protected]
250 2.1.0 Ok
rcpt to:[email protected]
250 2.1.5 Ok
data
354 End data with <CR><LF>.<CR><LF>
hi tom
.
250 2.0.0 Ok: queued as 1EB6A4864A40
quit
221 2.0.0 Bye
Connection closed by foreign host.查看邮件
[root@mail new]# cat /home/tom/Maildir/new/1552977534.V803I60f7021M770672.mail.cat.com
Return-Path: <[email protected]>
X-Original-To: [email protected]
Delivered-To: [email protected]
Received: from mail.cat.com (bbs.cat.com [192.168.20.136])
by mail.cat.com (Postfix) with SMTP id 1EB6A4864A40
for <[email protected]>; Tue, 19 Mar 2019 14:38:23 +0800 (CST)
Message-Id: <[email protected]>
Date: Tue, 19 Mar 2019 14:38:23 +0800 (CST)
From: [email protected]
hi tom此时你若是用此方式给外网邮箱发邮件是发不通的,会报错Relay access denied
可以使用sendEmail
sendEmail
sendEmail是一个轻量级,命令行的SMTP邮件客户端。如果你需要使用命令行发送邮件,那么sendEmail是非常完美的选择:使用简单并且功能强大
wget http://caspian.dotconf.net/menu/Software/SendEmail/sendEmail-v1.56.tar.gz
tar -xvf sendEmail-v1.56.tar.gz -C /usr/local/
cp /usr/local/sendEmail-v1.56/sendEmail /usr/local/bin/发邮件相关参数
-f [email protected] 发件人邮箱
-t [email protected] 收件人邮箱
-s smtp.163.com 发件人邮箱的smtp服务器
-u "邮件主题" 邮件的标题
-o message-content-type=html 邮件内容的格式,html表示它是html格式
-o message-charset=utf8 邮件内容编码为utf8
-xu [email protected] 发件人邮箱的用户名
-xp passwd 发件人邮箱授权密码
-m "邮件内容" 邮件的具体内容
-a /data/test.txt 发送test.txt 这个文件试用:
sendEmail -f "[email protected]" -xu "admin" -xp "123456" -u "cat title" -m "cat miao" -s mail.cat.com:25 -t "[email protected]"查看qq邮箱收到邮件,或许在垃圾箱
如果公司内部发邮件其实也可以不用DNS,直接用ip发真实的主机名也不用改,postfix的配置文件配好就行,像这样:
sendEmail -f "[email protected]" -xu "admin" -xp "123456" -u "cat title" -m "cat miao" -s 192.168.20.136:25 -t "[email protected]"