Linux (10)

# #telnet # #
1. Restrict the remote use of Telnet to an IP host
[Email protected] ~]# Cd/etc/postfix
[[email protected] postfix]# VIM access
Write within file: IP REJECT (example: 172.25.27.10 REJECT)
[Email protected] postfix]# postmap Access # #加密access文件
[[email protected] postfix]# postconf-e "smtpd_client_restrictions = check_client_access hash:/etc/postfix/access" # # Write parameters into the main.cf file
[Email protected] postfix]# systemctl restart Postfix # #重启服务使改变生效
Test:
[[Email protected]/]# Telnet 172.25.27.11 25
Trying 172.25.27.11 ...
Connected to 172.25.27.11.
Escape character is ' ^] '.
Linux.linux.com ESMTP Postfix
Mail From:[email protected]
2.1.0 Ok
RCPT To:[email protected]
554 5.7.1 <unknown[172.25.27.10]>: Client host rejected:access denied
2. Restrict a user from sending mail
[[email protected] postfix]# VIM Sender
Write within file: user @ suffix REJECT (example: [email protected] REJECT)
[[email protected] postfix]# Postmap Sender
[Email protected] postfix]# postconf-e "smtpd_sender_restrictions = check_sender_access Hash:/etc/postfix/sender"
[Email protected] postfix]# systemctl restart Postfix
Test:
[[Email protected]/]# Telnet 172.25.27.11 25
Trying 172.25.27.11 ...
Connected to 172.25.27.11.
Escape character is ' ^] '.
Linux.linux.com ESMTP Postfix
Mail From:[email protected]
2.1.0 Ok
RCPT To:[email protected]
554 5.7.1 <[email Protected]>: Sender address rejected:access denied
3. Restrict a user from accepting messages
[Email protected] postfix]# vim Recip
[Email protected] postfix]# Postmap RECIP
Write within file: user @ suffix REJECT (example: [email protected] REJECT)
[Email protected] postfix]# postconf-e "smtpd_recipient_restrictions = check_recipient_access hash:/etc/postfix/ Recip
[Email protected] postfix]# systemctl restart Postfix
Test:
[[Email protected]/]# Telnet 172.25.27.11 25
Trying 172.25.27.11 ...
Connected to 172.25.27.11.
Escape character is ' ^] '.
Linux.linux.com ESMTP Postfix
Mail From:[email protected]
2.1.0 Ok
RCPT To:[email protected]
554 5.7.1 <[email Protected]>: Recipient address rejected:access denied
# # #电子邮件系统 # #
Related agreements:
SMTP: Used to send or relay mail port 25
POP3: Port 110
IMAP: Port 143
Pop3s: Port 993
Imaps: Port 995
View port: [[email protected] dovecot]# Cat/etc/services | grep IMAP
Postfix provides mail delivery service SMTP
Dovecot provide mail to receive service
# #dovecot # #
(1) Local Users
[email protected] ~]# Yum install dovecot-y
[Email protected] ~]# Cd/etc/dovecot
[email protected] dovecot]# LL
Total 20
Drwxr-xr-x. 2 root root 4096 December 7 02:44 CONF.D
-rw-r--r--. 1 root root 4412 December 6 20:30 dovecot.conf
[Email protected] dovecot]# vim dovecot.conf
protocols = IMAP POP3 LMTP
Login_trusted_networks =0.0.0.0/0
Disable_plaintext_auth=no
[Email protected] dovecot]# CD conf.d/
[Email protected] conf.d]# vim 10-mail.conf
Mail_location = mbox:~/mail:inbox=/var/mail/%u
[Email protected] conf.d]# Cd/etc/skel
[Email protected] skel]# mkdir mail/.imap-p
[email protected] skel]# Touch Mail/.imap/inbox
Test:
[email protected] ~]# Yum install mutt-y
[Email protected] ~]# mutt-f Pop://[email protected]
Login in Thunderbird, view and send mail

650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M02/8B/4B/wKioL1hJJ5Pzu4ukAAC19mobXbA052.png "style=" float: none; "Title=" screenshot from 2016-12-07 20:02:57.png "alt=" Wkiol1hjj5pzu4ukaac19mobxba052.png "/>

650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M00/8B/4F/wKiom1hJJ5jgdXhhAACwsTJG21s701.png "style=" float: none; "Title=" screenshot from 2016-12-07 20:03:11.png "alt=" Wkiom1hjj5jgdxhhaacwstjg21s701.png "/>

(2) Users in the database
[email protected] skel]# Yum install mariadb mariadb-server dovecot-mysql-y
[Email protected] skel]# systemctl start mariadb
[Email protected] skel]# Mysql-uroot-predhat
MariaDB [(None)]> CREATE database email;
MariaDB [(none)]> use email;
MariaDB [email]> CREATE TABLE Muser (username varchar, password varchar (), domain varchar (50), Maildir varchar ));
MariaDB [email]> INSERT INTO muser values (' [email protected] ', ' 123 ', ' westos.org ', ' westos.org/admin/');
MariaDB [email]> INSERT INTO muser values (' [email protected] ', ' 123 ', ' redhat.org ', ' redhat.org/lee/');
MariaDB [email]> SELECT * from Muser;
+------------------+----------+------------+-------------------+
| Username | password | Domain | Maildir |
+------------------+----------+------------+-------------------+
| [Email protected] | 123 | redhat.org | redhat.org/lee/|
| [Email protected] | 123 | westos.org | westos.org/admin/|
+------------------+----------+------------+-------------------+
MariaDB [email]> Create user [email protected] identified by "postfix";
MariaDB [email]> Grant Insert,update,select on email.muser to [email protected];

[Email protected] skel]# Groupadd-g 666 vmail
[Email protected] skel]# useradd-u 666-g 666 vmail
[Email protected] skel]# Cd/etc/postfix
[Email protected] postfix]# vim mysql-users.conf
Hosts=localhost
User=postfix
Password=postfix
Dbname=email
Table=muser
Select_field=username
Where_field=username
[Email protected] postfix]# vim mysql-domain.conf
Hosts=localhost
User=postfix
Password=postfix
Dbname=email
Table=muser
Select_field=domain
Where_field=domain
[Email protected] postfix]# vim mysql-maildir.conf
Hosts=localhost
User=postfix
Password=postfix
Dbname=email
Table=muser
Select_field=maildir
Where_field=username
[Email protected] postfix]# postconf-e "virtual_uid_maps = static:666"
[Email protected] postfix]# postconf-e "virtual_gid_maps = static:666"
[Email protected] postfix]# postconf-e "virtual_mailbox_base =/home/vmail"
[Email protected] postfix]# postconf-e "virtual_alias_maps = mysql:/etc/postfix/mysql-users.conf"
[Email protected] postfix]# postconf-e "virtual_mailbox_domains = mysql:/etc/postfix/mysql-domain.conf"
[Email protected] postfix]# postconf-e "virtual_mailbox_maps = mysql:/etc/postfix/mysql-maildir.conf"

[Email protected] dovecot]# CD conf.d/
[Email protected] conf.d]# vim 10-mail.conf
Mail_location = maildir:/home/vmail/%d/%n
168 First_valid_uid = 666
175 First_valid_gid = 666
[Email protected] conf.d]# vim 10-auth.conf
123!include Auth-sql.conf.ext
[Email protected] dovecot]# vim Dovecot-sql.conf.ext
Driver = MySQL
Host=localhost Dbname=email User=postfix Password=postfix
Default_pass_scheme = PLAIN
107 password_query = \
108 SELECT username, domain, password \
109 from Muser WHERE username = '%u ' and domain = '%d '
126 User_query = SELECT Maildir, 666 as UID, 666 as GID from muser WHERE domain = '%d '

Install Thunderbird, open Thunderbird

# #邮件中转 # #
DNS settings:
[Email protected] named]# Vim/etc/named.rfc1912.zones
PNS zone "westos.org" in {
Type master;
"Westos.org.zone";
allow-update {none;};
[Email protected] named]# vim Westos.org.zone
1 $TTL 1D
2 @ in SOA dns.westos.org. Rname.invalid. (
3 0; Serial
4 1D; Refresh
5 1H; Retry
6 1W; Expire
7 3H); Minimum
8 NS dns.westos.org.
9 DNS A 172.25.254.127
Ten westos.org. MX 1 172.25.254.227.
[Email protected] ~]# vim/etc/resolv.conf
3 nameserver 172.25.254.127
Postfix settings:
[Email protected] ~]# VIM/ETC/POSTFIX/MAIN.CF
Myorigin = westos.org
164 Mydestination =
313 Relayhost = 172.25.254.127
[Email protected] ~]# systemctl restart Postfix
[Email protected] ~]# VIM/ETC/POSTFIX/MAIN.CF
Mynetworks = 172.25.254.227
[Email protected] ~]# systemctl restart Postfix
Test:
[Email protected] ~]# mail [email protected]
subject:999999999999999999999999999999999
999999999999999999999999999999999999999
.
EOT


[email protected] cur]# cat 1481182495.vfd01i1a9f09am780283.westos.westos.com\:2\,s
Return-path: <[email protected]>
x-original-to: [Email protected]
delivered-to: [Email protected]
Received:from linux.linux.com (Unknown [172.25.254.227])
by Westos.westos.com (Postfix) with ESMTP ID a7344ea3db
For <[email protected]>; Thu, 8 Dec 02:34:55-0500 (EST)
Received:by linux.linux.com (Postfix, from UserID 0)
ID abaf626e0e9; Thu, 8 Dec 02:34:55-0500 (EST)
Date:thu, Dec 2016 02:34:55-0500
To: [Email protected]
subject:999999999999999999999999999999999
User-agent:heirloom MAILX 12.5 7/5/10
mime-version:1.0
Content-type:text/plain; Charset=us-ascii
Content-transfer-encoding:7bit
Message-id: <[email protected]>
From: [Email protected] (root)

999999999999999999999999999999999999999

# # #apache # #
HTTPD Service, Port 80
Default Publish directory:/var/www/html
Default Publish file:/var/www/html/index.html
1.# #curl命令 # #
[Email protected] desktop]$ curl-i 172.25.254.27
http/1.1 403 Forbidden
Date:thu, Dec 07:43:05 GMT
server:apache/2.4.6 (CentOS)
Last-modified:thu, Oct 13:20:58 GMT
ETag: "1321-5058a1e728280"
Accept-ranges:bytes
content-length:4897
content-type:text/html; Charset=utf-8
2.# #httpd-manual# #手册
Installation: [[email protected] cur]# Yum install httpd-manual-y
Open: http://172.25.254.227/manual/
3. Change the default publishing directory and change the file reading order and listening port
[Email protected] ~]# Mkdir/test1
[Email protected] ~]# ls-zd/var/www/html
Drwxr-xr-x. Root root system_u:object_r:httpd_sys_content_t:s0/var/www/html
[Email protected] ~]# semanage fcontext-a-T httpd_sys_content_t '/test1 (/.*)? '
[Email protected] ~]# Restorecon-rvvf/test1
Restorecon Reset/test1 Context Unconfined_u:object_r:default_t:s0->system_u:object_r:httpd_sys_content_t:s0
[Email protected] ~]# vim/etc/httpd/conf/httpd.conf
DocumentRoot "/test1"
121 <directory "/test1" >
122 Require All granted
123 </Directory>
166 <ifmodule Dir_module>
167 DirectoryIndex File index.html
168 </IfModule>
[Email protected] ~]# echo Nihao >/test1/index.html
[Email protected] ~]# echo haha >/test1/file.html
[Email protected] ~]# systemctl restart httpd

[Email protected] test1]# RM-FR file.html
4. Restricting access to a user
[Email protected] ~]# vim/etc/httpd/conf/httpd.conf
121 <directory "/test1" >
122 Require All granted
123 Order Deny,allow
124 Deny from all
172.25.254.127 from
126 </Directory>
[Email protected] ~]# systemctl restart httpd
5. There are account and password users can view
[Email protected] test1]# CD/ETC/HTTPD
[Email protected] httpd]# htpasswd-cm htpasswdfile admin
New Password:
Re-type New Password:
Adding Password for user admin
[Email protected] httpd]# htpasswd-m htpasswdfile admin1
New Password:
Re-type New Password:
Adding Password for user admin1
[Email protected] ~]# vim/etc/httpd/conf/httpd.conf
DocumentRoot "/test1"
121 <directory "/test1" >
122 #Require All granted
123 AllowOverride All
124 Authuserfile/etc/httpd/htpasswdfile
AuthName "Password"
126 AuthType Basic
127 Require Valid-user
</Directory>
[Email protected] ~]# systemctl restart httpd

6.
[Email protected] httpd]# vim/etc/hosts
6 172.25.254.227 linux.com linux.linux.com news.linux.com music.linux.com
[Email protected] html]# mkdir-p/var/www/v/news/html
[Email protected] html]# mkdir-p/var/www/v/music/html
[Email protected] html]# echo news.linux.com >/var/www/v/news/html/index.html
[[Email Protected]x html]# echo music.linux.com >/var/www/v/music/html/index.html
[Email protected] html]# CD/ETC/HTTPD/CONF.D
[Email protected] conf.d]# vim default.conf
1 <virtualhost _default_:80>
2 documentroot/var/www/html
3 Customlog "Logs/default.log" combined
4 </virtualhost>
5 <directory "/var/www/html" >
6 Require all granted
7 </directory>
[Email protected] conf.d]# vim news.conf
1 <virtualhost *:80>
2 servername news.linux.com
3 documentroot/var/www/v/news/html
4 Customlog "Logs/news.log" combined
5 </virtualhost>
6 <directory "/var/www/v/news/html" >
7 Require all granted
8 </directory>
[Email protected] conf.d]# vim music.conf
1 <virtualhost *:80>
2 servername music.linux.com
3 documentroot/var/www/v/music/html
4 Customlog "Logs/music.log" combined
5 </virtualhost>
6 <directory "/var/www/v/music/html" >
7 Require all granted
8 </directory>
[Email protected] conf.d]# systemctl restart httpd
7. Generate the encryption certificate
[email protected] conf.d]# Yum install crypto-utils mod_ssl-y
[Email protected] conf.d]# Genkey linux.linux.com
[Email protected] conf.d]# vim ssl.conf
Sslcertificatefile/etc/pki/tls/certs/linux.linux.com.crt
107 Sslcertificatekeyfile/etc/pki/tls/private/linux.linux.com.key

Linux (10)