project4電子郵局

發(fā)布時(shí)間：2020-07-22 07:48:05 來源：網(wǎng)絡(luò) 閱讀：434 作者：jonny__wang 欄目：數(shù)據(jù)庫

www.extmail.net

本章目錄：

１、電子郵局介紹（成員的組成及工作原理）

２、回顧分析第一階段的郵局系統(tǒng)： postfix(MTA smtp)+dovecot(pop3/imap)+squirrelmail(webmail)＋apache+php+DNS

３、分析虛擬用戶郵局系統(tǒng)： postfix(MTA+maildrop+(MDA)couier-imap(MUA)+courier-authlib+apache(extmail/exman)+mysql

４、郵局部署之前的ＤＮＳ準(zhǔn)備（ＭＸ）

５、部署虛擬用戶郵局系統(tǒng)

郵件角色

MTA 郵件傳輸代理郵局 sendmail postfix qmail notes(IBM) exchange(MS)

MDA 郵件分發(fā)代理代理機(jī)制

MUA 郵件用戶代理客戶端 mail mutt webmail foxmail outlook

郵件協(xié)議

smtp 簡單郵件傳輸協(xié)議用于發(fā)送郵件 TCP 25 465

pop3 第三版郵局協(xié)議用于接收郵件 TCP 110 995 離線模式(1-100)

imap 互聯(lián)網(wǎng)郵件訪問協(xié)議用于接收郵件 TCP 443 993 在線模式(鎖定第幾封)

工作原理

---DNS MX -----

MUA ---smtpd:25--- MTA -smtpd--- MDA --smtpd--- MTA --pop3/imap--- MUA

回顧

postfix(MTA smtp)+dovecot(pop3/imap)+squirrelmail(webmail)＋apache+php+DNS + pam --> /etc/passwd|/etc/shadow

虛擬用戶郵局系統(tǒng)

postfix(MTA)+maildrop(MDA)+couier-imap(MUA)+courier-authlib+apache(extmail/exman)+mysql

++++++++++部署虛擬用戶郵件系統(tǒng)++++++++++++++++

1 配置DNS的MX記錄

[root@i ~]# vim /var/named/uplooking.com.zone

$TTL 1D

@ IN SOA dns.uplooking.com. root.uplooking.com. (

0 ; serial

1D ; refresh

1H ; retry

1W ; expire

3H ) ; minimum

@ NS dns.uplooking.com. --DNS服務(wù)器

dns A 192.168.0.254

@ MX 5 mail.uplooking.com. --郵件服務(wù)器

mail A 192.168.0.1

[root@node1 ~]# echo "nameserver 192.168.0.254" > /etc/resolv.conf

[root@node1 ~]# host mail.uplooking.com

mail.uplooking.com has address 192.168.0.1

2 配置本地ISO源與EMOS源

[root@node1 ~]# rm -fr /etc/yum.repos.d/*

[root@node1 ~]# vim /etc/yum.repos.d/emos.repo

[local]

baseurl=ftp://192.168.0.254/pub/rhel6/dvd

gpgcheck=0

[emos]

baseurl=ftp://192.168.0.254/EMOS

gpgcheck=0

3 安裝MTA postfix ---- 升級(jí)(qmail)

--升級(jí)postfix

[root@node1 ~]# yum -y install postfix

postfix是否加載mysql模塊

[root@node1 ~]# postconf -m |grep mysql

mysql

配置postfix(命令回顧)

# postconf--查詢所有已經(jīng)生效配置

# postconf -n--查詢自定義的配置

# postconf -d--查詢默認(rèn)配置

# postconf -m--查詢postfix支持的模塊列表

# postconf -e--通過非交互模式配置文件修改，用于腳本方式配置postfix

生成配置文件

[root@node1 ~]# postconf -n >> /etc/postfix/main.cf.new

[root@node1 ~]# mv /etc/postfix/main.cf /etc/postfix/main.cf.old

[root@node1 ~]# cp /etc/postfix/main.cf.new /etc/postfix/main.cf

[root@node1 ~]# vim /etc/postfix/main.cf

alias_database = hash:/etc/postfix/aliases

alias_maps = hash:/etc/postfix/aliases

command_directory = /usr/sbin

config_directory = /etc/postfix

daemon_directory = /usr/libexec/postfix

data_directory = /var/lib/postfix

debug_peer_level = 2

html_directory = /usr/share/doc/postfix-2.7.3-documentation/html

mail_owner = postfix

mailq_path = /usr/bin/mailq.postfix

manpage_directory = /usr/share/man

newaliases_path = /usr/bin/newaliases.postfix

queue_directory = /var/spool/postfix

readme_directory = /usr/share/doc/postfix-2.7.3-documentation/readme

sample_directory = /etc/postfix

sendmail_path = /usr/sbin/sendmail.postfix

setgid_group = postdrop

unknown_local_recipient_reject_code = 550

# hostname --郵件主機(jī)信息

mynetworks = 127.0.0.1

myhostname = mail.uplooking.com

mydomain = uplooking.com

mydestination = $mynetworks $myhostname $mydomain

# banner --歡迎信息

mail_name = Postfix - by uplooking.com

smtpd_banner = $myhostname ESMTP $mail_name

# response immediately --錯(cuò)誤報(bào)告立刻返回

smtpd_error_sleep_time = 0s

# Message and return code control --單位字節(jié) 單封郵件與郵件家目錄的限制

message_size_limit = 50000000

mailbox_size_limit = 1024000000

show_user_unknown_table_name = no

# Queue lifetime control --生命周期

bounce_queue_lifetime = 1d

maximal_queue_lifetime = 1d

4 安裝MDA (maildrop)

[root@node1 ~]# yum -y install maildrop

定義maildrop程序

[root@node1 ~]# id vuser

uid=1000(vuser) gid=1000(vgroup) 組=1000(vgroup)

[root@node1 ~]# vim /etc/postfix/master.cf

maildrop unix - n n - - pipe

flags=DRhu user=vuser argv=maildrop -w 90 -d ${user}@${nexthop} ${recipient} ${user} ${extension} {nexthop}

5 安裝配置Courier-Authlib驗(yàn)證中間件：

[root@node1 ~]# rpm -qa |grep authlib

courier-authlib-0.62.4-1.el6.FT.x86_64

[root@node1 docs]# yum -y install courier-authlib courier-authlib-mysql

[root@node1 ~]# rpm -ql courier-authlib |grep mysql

/etc/authlib/authmysqlrc.dist

/usr/share/doc/courier-authlib-0.62.4/README.authmysql.html

/usr/share/doc/courier-authlib-0.62.4/README.authmysql.myownquery

--清空配置文件重新定義中間件程序如何連接數(shù)據(jù)庫

[root@node1 ~]# :> /etc/authlib/authmysqlrc

[root@node1 ~]# vim /etc/authlib/authmysqlrc

MYSQL_SERVER localhost

MYSQL_USERNAME extmail

MYSQL_PASSWORD extmail

MYSQL_SOCKET /var/lib/mysql/mysql.sock

MYSQL_PORT 3306

MYSQL_OPT 0

MYSQL_DATABASE extmail

MYSQL_USER_TABLE mailbox

MYSQL_CRYPT_PWFIELD password

MYSQL_UID_FIELD uidnumber

MYSQL_GID_FIELD gidnumber

MYSQL_LOGIN_FIELD username

MYSQL_HOME_FIELD homedir

MYSQL_NAME_FIELD name

MYSQL_MAILDIR_FIELD maildir

MYSQL_QUOTA_FIELD quota

MYSQL_SELECT_CLAUSE SELECT username,password,"",uidnumber,gidnumber,\

CONCAT('/home/domains/',homedir), \

CONCAT('/home/domains/',maildir), \

quota, \

name \

FROM mailbox \

WHERE username = '$(local_part)@$(domain)'

[root@node1 ~]# vim /etc/authlib/authdaemonrc

authmodulelist="authmysql"

authmodulelistorig="authmysql"

啟動(dòng)服務(wù)

[root@node1 ~]# /etc/rc.d/init.d/courier-authlib start

[root@node1 ~]# chkconfig courier-authlib on

修改authdaemon socket目錄權(quán)限,如果該目錄權(quán)限不正確修改，maildrop及postfix等將無法正確獲取用戶的信息及密碼認(rèn)證：

思路 MTA--postfix--maildrop ---/var/spool/authdaemon/socket----- authdaemonrc---/etc/authlib/authmysqlrc

[root@node1 ~]# chmod 755 /var/spool/authdaemon/

6 虛擬主機(jī)設(shè)置

[root@node1 ~]# yum -y install httpd

[root@node1 ~]# vim /etc/httpd/conf.d/vhost_mail.uplooking.conf

NameVirtualHost *:80

ServerName mail.uplooking.com

DocumentRoot /var/www/extsuite/extmail/html/

ScriptAlias /extmail/cgi/ /var/www/extsuite/extmail/cgi/

Alias /extmail /var/www/extsuite/extmail/html/

ScriptAlias /extman/cgi/ /var/www/extsuite/extman/cgi/

Alias /extman /var/www/extsuite/extman/html/

# Suexec config

SuexecUserGroup vuser vgroup

</VirtualHost>

7 安裝與配置頁面

安裝頁面后臺(tái) webman --extsuite-webman

[root@node1 ~]# yum -y install extsuite-webman

安裝頁面前端 extmail --extsuite-webmail

[root@node1 ~]# yum -y install extsuite-webmail

配置頁面

[root@node1 ~]# cp /var/www/extsuite/extmail/webmail.cf.default /var/www/extsuite/extmail/webmail.cf

[root@node1 ~]# vim /var/www/extsuite/extmail/webmail.cf

SYS_MYSQL_USER = extmail

SYS_MYSQL_PASS = extmail

SYS_MYSQL_DB = extmail

SYS_MYSQL_HOST = localhost

SYS_MYSQL_SOCKET = /var/lib/mysql/mysql.sock

修改權(quán)限

[root@node1 ~]# chown vuser.vgroup /var/www/extsuite/extmail/cgi/ -R

[root@node1 ~]# chown vuser.vgroup /var/www/extsuite/extman/cgi/ -R

[root@node1 ~]# mkdir /tmp/extman

[root@node1 ~]# chmod 777 /tmp/extman/

8 安裝數(shù)據(jù)庫

[root@node1 ~]# yum -y install mysql-server mysql

[root@node1 ~]# service mysqld start

導(dǎo)入mysql數(shù)據(jù)庫結(jié)構(gòu)及初始化數(shù)據(jù)，root密碼默認(rèn)為空

[root@node1 ~]# mysql < /var/www/extsuite/extman/docs/extmail.sql

[root@node1 ~]# mysql < /var/www/extsuite/extman/docs/init.sql

測試帳號(hào)

[root@node1 ~]# mysql -uextmail -pextmail extmail --SELECT，UPDATE

[root@node1 ~]# mysql -uwebman -pwebman extmail --SELECT, INSERT, UPDATE, DELETE

啟動(dòng)httpd

[root@node1 ~]# service httpd start

[root@node1 ~]# chkconfig httpd on

9 設(shè)置虛擬域和虛擬用戶的配置文件

[root@node1 ~]# cd /var/www/extsuite/extman/docs/

[root@node1 docs]# cp mysql_virtual_* /etc/postfix/

[root@node1 docs]# vim /etc/postfix/main.cf

#mydestination = $mynetworks $myhostname $mydomain

# extmail config here

virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf

virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf

virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf

virtual_transport = maildrop:

[root@node1 docs]# service postfix restart

登錄后臺(tái)注冊域名 uplooking.com

在注冊郵件用戶

http://mail.uplooking.com/extman/cgi/index.cgi

ExtMan的默認(rèn)超級(jí)管理員帳戶：root@extmail.org，初始密碼：extmail*123*，登陸成功后，建議將密碼修改，以確保安全。

-----------測試

手連接數(shù)據(jù)庫

[root@node1 ~]# mysql -uextmail -pextmail extmail

mysql> SELECT username,password,"",uidnumber,gidnumber,CONCAT('/home/domains/',homedir),CONCAT('/home/domains/',maildir),quota,name from mailbox where username='u01@uplooking.com'\G

*************************** 1. row ***************************

username: u01@uplooking.com

password: $1$DxNPON8B$yzxRpp7lQu5.WWi4ljINF/

uidnumber: 1000

gidnumber: 1000

CONCAT('/home/domains/',homedir): /home/domains/uplooking.com/u01

CONCAT('/home/domains/',maildir): /home/domains/uplooking.com/u01/Maildir/

quota: 5242880S

name: user01

1 row in set (0.00 sec)

使用命令自動(dòng)連接數(shù)據(jù)庫查詢

[root@node1 docs]# authtest -s /var/spool/authdaemon/socket u01@uplooking.com 123

Authentication succeeded.

Authenticated: u01@uplooking.com (uid 1000, gid 1000)

Home Directory: /home/domains/uplooking.com/u01

Maildir: /home/domains/uplooking.com/u01/Maildir/

Quota: 5242880S

Encrypted Password: $1$DxNPON8B$yzxRpp7lQu5.WWi4ljINF/

Cleartext Password: 123

Options: (none)

[root@node1 docs]# authtest -s /var/spool/authdaemon/socket u02@uplooking.com 456

Authentication succeeded.

Authenticated: u02@uplooking.com (uid 1000, gid 1000)

Home Directory: /home/domains/uplooking.com/u02

Maildir: /home/domains/uplooking.com/u02/Maildir/

Quota: 5242880S

Encrypted Password: $1$kIEJyc6F$MsDVCUtmS/mOw2vCpOOdg0

Cleartext Password: 456

Options: (none)

配置圖形化日志：[熱]

[root@node1 docs]# /usr/local/mailgraph_ext/mailgraph-init start

啟動(dòng)cmdserver(在后臺(tái)顯示系統(tǒng)信息)

[root@node1 docs]# /var/www/extsuite/extman/daemon/cmdserver --daemon

10 安裝cyrus-sasl

[root@node1 docs]# yum -y install cyrus-sasl cyrus-sasl-lib cyrus-sasl-plain

[root@node1 docs]# vim /etc/postfix/main.cf

# smtpd related config ----收件人定義 rcpt to:

smtpd_recipient_restrictions =

permit_mynetworks,

permit_sasl_authenticated,

reject_non_fqdn_hostname,

reject_non_fqdn_sender,

reject_non_fqdn_recipient,

reject_unauth_destination,

reject_unauth_pipelining,

reject_invalid_hostname,

# SMTP sender login matching config -- --發(fā)件人定義 mail from:

smtpd_sender_restrictions =

permit_mynetworks,

reject_sender_login_mismatch,

reject_authenticated_sender_login_mismatch,

reject_unauthenticated_sender_login_mismatch

smtpd_sender_login_maps =

mysql:/etc/postfix/mysql_virtual_sender_maps.cf,

mysql:/etc/postfix/mysql_virtual_alias_maps.cf

# SMTP AUTH config here

broken_sasl_auth_clients = yes

smtpd_sasl_auth_enable = yes

smtpd_sasl_local_domain = $myhostname

smtpd_sasl_security_options = noanonymous

定義認(rèn)證模塊如何連接數(shù)據(jù)庫

[root@node1 docs]# vim /usr/lib64/sasl2/smtpd.conf

pwcheck_method: authdaemond

log_level: 3

mech_list: PLAIN LOGIN

authdaemond_path:/var/spool/authdaemon/socket

[root@node1 docs]# service postfix restart

測試SMTP認(rèn)證

通過以下命令獲得u01@uplooking.com的用戶名及密碼的BASE64編碼：

# perl -e 'use MIME::Base64; print encode_base64("u01\@uplooking.com")'

dTAxQHVwbG9va2luZy5jb20=

# perl -e 'use MIME::Base64; print encode_base64("123")'

MTIz

[root@node1 docs]# telnet mail.uplooking.com 25

Trying 192.168.0.1...

Connected to mail.uplooking.com.

Escape character is '^]'.

220 mail.uplooking.com ESMTP Postfix - by uplooking.com

ehlo localhost

250-mail.uplooking.com

250-PIPELINING

250-SIZE 50000000

250-VRFY

250-ETRN

250-AUTH LOGIN PLAIN

250-AUTH=LOGIN PLAIN

250-ENHANCEDSTATUSCODES

250-8BITMIME

250 DSN

auth login

334 VXNlcm5hbWU6

dTAxQHVwbG9va2luZy5jb20=

334 UGFzc3dvcmQ6

MTIz

235 2.7.0 Authentication successful

quit

221 2.0.0 Bye

Connection closed by foreign host.

11 安裝Courier-imap

[root@node1 docs]# yum -y install courier-imap

[root@node1 docs]# /etc/init.d/courier-imap start

[root@node1 docs]# chkconfig courier-imap on

測試

[root@node1 docs]# telnet mail.uplooking.com 110

Trying 192.168.0.1...

Connected to mail.uplooking.com.

Escape character is '^]'.

+OK Hello there.

user u01@uplooking.com

+OK Password required.

pass 123

+OK logged in.

list

+OK POP3 clients that break here, they violate STD53.

1 658

retr 1

進(jìn)入后臺(tái) 新增加新的域 qq.com

--配置DNS( 定義DNS的mx記錄)

[root@i ~]# vim /var/named/qq.com.zone

@ NS dns.qq.com.

dns A 192.168.0.254

@ MX 5 mail.qq.com.

mail A 192.168.0.1

--測試mx記錄是否解析

[root@node1 ~]# host mail.qq.com

mail.qq.com has address 192.168.0.1

域列表----域名 qq.com

用戶 ---- q01@qq.com 密碼123

進(jìn)入前端注冊郵箱地址 q02@qq.com 密碼456

http://mail.qq.com/extmail/cgi/index.cgi

測試帳號(hào)

[root@node1 ~]# authtest -s /var/spool/authdaemon/socket q01@qq.com 123

Authentication succeeded.

Authenticated: q01@qq.com (uid 1000, gid 1000)

Home Directory: /home/domains/qq.com/q01

Maildir: /home/domains/qq.com/q01/Maildir/

Quota: 5242880S

Encrypted Password: $1$x4TzQksX$V4CTLdRCYbdRVd8w8SPUK.

Cleartext Password: 123

Options: (none)

[root@node1 ~]# authtest -s /var/spool/authdaemon/socket q02@qq.com 456

Authentication succeeded.

測試 q01@qq.com ---- q02@qq.com

q02@qq.com ---- u01@uplooking.com

--------------------------------

安裝EMOS系統(tǒng)

[root@i ~]# vim /var/named/google.com.zone

@ NS dns.google.com.

dns A 192.168.0.254

@ MX 5 mail.google.com.

mail A 192.168.0.10

向AI問一下細(xì)節(jié)

project4電子郵局

猜你喜歡

最新資訊

相關(guān)推薦

相關(guān)標(biāo)簽