Complete MTA email sending proxy-sendmail configuration

Email Service

The email service is based on the customer/server model. For a complete email system, it consists of three components.

1. The user agent interface between the user and the email system is responsible for sending emails to the mail server and receiving emails from the mail server.

MUa (Mail User Agent) Mail User proxy, used to send and receive mail programs, the mainstream is outlook, Foxmail evolution Thunderbird

2. the email server is the core component of the email system.

MTA (Mail Transfer Agent) Mail Transfer proxy, the Mua mail is forwarded to the specified user, the most popular MTA are Sendmail, postmail Qmail, etc.

MDA (mail delivery agent) mail delivery agent, used to deliver mail mainstream MDA include pocmail, maildrop, etc.

Commonly used MRA for email access agents include IMAP cryus-iMap and Dovecot.

SASL simple authentication security layer provides a certification function

3. protocols used by email

SMTP Simple Mail Transfer Protocol

It is a set of rules used to send mails from the source address to the destination address. It controls the mail transit mode, which belongs to the TCP/IP protocol, help each computer find the next destination when sending or transferring emails

POP3 mail receiving protocol

It specifies how to connect a personal computer to an Internet mail server and the email download protocol, which is the first offline protocol standard for Internet mail, POP3 allows you to store emails on the server to a local host and delete emails stored on the server.

After understanding how the mail service works, we will introduce the configuration of the mail server.

Sendmail server

The sendmail installation package has three Sendmail, sendmail-CF (convert each configuration file to the desired format), and Sendmail-Doc

The default listening port is 25. The main program is/usr/sbin/sendmail. The process name is sendmail. The service script is/etc/init. d/sendmail, configuration Directory:/etc/mail main configuration file:/etc/mail/sendmail. MC defines alias:/etc/aliases defines access control:/etc/mail/access defines the domain managed by itself:/etc/mail/Local-host-Names/

SMTP: 25, smtps: 465, POP3: 110, POPs: 995, IMAP: 143, IMAPs: 993

 

View the main configuration directory and you will find that many of the directories have the same suffix names as the configuration files. DB file. This is because Sendmail reads binary files. We only need to install the sendmail-CF package. After configuring the service, restart the sendmail service, it will automatically generate the configured service. DB file. The binary file corresponding to sendmail. MC is sendmail. cf.

(The Sendmail experiment requires support for DNS forward and reverse resolution. Please configure DNS, MX record, mail a record, host name and domain name first)

Start a sendmail server.

After installing the three Sendmail packages, You can edit the configuration file.

1. VIM + 116/etc/mail/sendmail specifies the protocol and listening port

2. Vim/etc/mail/access allows forwarding to 0 network segments

3. Add Vim/etc/mail/Local-host-name to your domain

Now a basic sendmail service has been configured to enable the Service. Set up two users to send emails and test it.

Send email

Receive email

 

I. Now, the alias is defined in the format of/etc/aliases.

Body1: body2

The User Name of body1 may not exist, but any user sent to body1 will go to the mailbox of body2.

Define the alias Wendy for Redhat, forward all emails sent to RedHat to windy, and forward emails sent to the anyone user (virtual group) to Wendy, RedHat, root,

1 Vim/etc/aliases

 

Send emails to RedHat anyone respectively. The test shows that RedHat does not receive emails, and Wendy has two emails. All emails sent to RedHat are forwarded to Wendy.

Virtual user alias/etc/mail/login usertable as the name suggests, the previous domain or user is virtual, similar to aliase, with stronger domain definition capability

@ 123.com root # send all the messages sent to this domain to the root user

Admin@xxyz.com jdj # Send admin emails to jdj

Pagem@he.net lmiwtc@pg.com

@ CBA .com CBA @acl.com # forward all emails sent to the CBA .com domain to the CBA @acl.com

@ Doml.org % 1@dom2.org # The files sent to each user in the first domain are forwarded to the same user in the domain

 

II. Sendmail Access Control

1. Enable sendmail. MC (Sendmail is enabled by default)

Feature ('blacklist _ recipients ') DNL

2. Edit the control policy in/etc/mail/access.

Connect: 204.168.23 the reject explicitly rejects

Connect: abc.net discard quietly discarded

Connet: 10.3 OK, even if the protocol is rejected, it is OK.

To: Nobody @ error: 550 error informations error: error message

From: domain.com relay forward

To: user@dom9.com skip skipped

Take a look at the example

Do not allow explicit rejection of wendy@st.com emails

3. Perform address disguise and modify the domain name before sending.

1. edit/etc/mail/sendmail. MC to enable the following items:

Does masquerade_as ('mydomain. com') DNL disguise information?

Modify masquerade_as ('text. com') DNL to disguise as text.com Domain Name

Whether the feature (masquerade_envelope) DNL disguise the entire domain (including subdomains)

Feature (masquerade_entire_domain) DNL

Masquerade_domain (localhost) DNL disguise localhost domain

Masquerade_domain (localhost. localdomain) DNL

Disguise the locahost.com domain as text.com

4. Authenticate sendmail

The user must provide the account and password for sending the mail.

1 main configuration document/etc/mail/sendmail. MC

Enable the following two

2. Force the user to pass authentication and send mail

3. Activate the SASL Service

You can test whether Sendmail supports authentication.

Run the command to ensure that the marked text appears.

The attempt to send the email is no longer sent by yunxu

Now base64 code is used for the Natasha user name and password

# Copy CG = first letter