Linux system, build Postfix server and its related configuration application under Centos7 version

Source: Internet
Author: User
Tags base64 imap set time dovecot nslookup squirrelmail

Lab Report

First, the experiment name: the construction of mail server and the configuration of related usage function
Second, the experimental environment and requirements: Linux system CENTOS7 version
Set up mail server to realize the basic function of sending and receiving letters
Realize the authentication function of sending letters
Set up the lamp environment, configure SquirrelMail to send and receive mail.
Third, the contents of the experiment:
1, check the version of information, postfix installation and support functions, start running;
2, set up the related DNS server, configure the DNS resolution function;
3, the configuration Postfix basic letter function, carries on the test;
4, the installation Dovecot provides the reception service, carries on the test;
5, the client uses the mailbox software to configure the test server function;
6, the letter authentication configuration;
7, build lamp environment, configure SquirrelMail send and receive mail

Experimental steps:

The first step:
Cat/etc/redhat-release//Check version information

※ Installation of Postfix (version comes with) The CENTOS7 version is still available with the minimal installation

POSTCONF-A//Verify that the Cyrus Dovecot feature is supported

Start Server Systemctl start postfix
NETSTAT-ANPT | grep 25//View listening port number

Step Two:
※ Build the DNS server associated with it, configure the DNS resolution function
Yum install bind//Installation Server program

vi/etc/named.conf//Edit Master Profile


※ The following area files are configured:
cd/var/named/into the file directory
Copy the template for the configuration file for modification:
Cp-p Named.localhost Yyf.com.zone
Cp-p Named.localhost yyf.com.local

Vi/var/named/yyf.com.zone Editing a forward zone file


vi/var/named/yyf.com.local Editing a reverse zone file


Above basic configuration edit complete
Systemctl start named//Start server
Netstat-anpu | grep name//detected UDP 53 port is functioning correctly on the listening server.
For DNS authentication
Vi/etc/resolv.conf
NameServer 192.168.80.18//point to DNS server address

RPM-IVH/MNT/PACKAGES/BIND-UTILS-9.9.4-50.EL7.X86_64.RPM//Install inspection command nslookup

Analytical
~nslookup mail.yyf.com//forward parsing

~nslookup 192.168.80.18//Reverse parsing

Parse Success!

Step Three:
-----configuration Postfix Basic Signaling function
VI/ETC/POSTFIX/MAIN.CF Edit the configuration file to modify the following:
Myhostname = mail.aa.com//native system host name
MyDomain = aa.com//Host domain name
Myorigin = $mydomain//Origin, Origin
Inet_interfaces = 192.168.80.18, 127.0.0.1//interface address
Inet_protocols = IPv4
Mydestination = $myhostname, $mydomain//scheduled, specified range
Home_mailbox = maildir///Mailbox Home Directory

Save exit after completion, check for syntax errors with postfix check command:

service Postfix restart//restart mail server

※ to test whether the sending function is active, we need to add users and join the same group of management:
-----Add Email Test Account
Groupadd mailusers//Add group account
Useradd-g mailusers-s/sbin/nologin Jack//Build user Jack joins the Mailusers group and does not log on to the system
passwd Jack (password set 123)
Useradd-g mailusers-s/sbin/nologin Tom//build user Tom Join the Mailusers group and not login system
passwd Tom (password set 123)

Test Preparation: Install Yum install Telnet
Start testing: Connect to the server's 25 port for a simple sending test
Telnet mail.yyf.com 25
Enter the following in turn:


Because the Inbox service is not currently installed, only the root Super administrator can be used to see if the message was sent successfully.

Use root to see if a Tom user receives a test message:
Ls-l/home/tom/maildir/new/In this directory there should be a message just sent

Use the cat command to view content
Mail send function Test success!

Fourth Step:
※ Installation of Dovecot provides the service of receiving credit

Yum Install Dovecot//Installation System program

VI/ETC/DOVECOT/DOVECOT.CONF//Configuration Program Files
* The following items are modified:
protocols = IMAP POP3 LMTP
Listen = //monitor all ports
!include conf.d/10-auth.conf//here * must be replaced
※ Manually add the following content:
SSL = No
Disable_plaintext_auth = No
Mail_location = Maildir:~/maildir

※ The above basic configuration is completed
Service Dovecot Start//Startup services
NETSTAT-ANPT | grep Dovecot//110 143 ports need to be monitored


Service starts successfully, works properly

※ Users can now test the mail (formerly root, can now use the account)
Test start: Telnet mail.yyf.com 110


Let's read the first email to see
Show

You can quit with quit
The test structure indicates that the receiving system is working properly

Since the current delivery method is too unfriendly, install the MUA software connection server to send and receive mail

※ Client loading and testing software:

Test with this software to see if the server is working properly
Basic settings:


Post-Login Pickup:

Message accepted as normal
Server is working properly

Fifth Step:
The following is a letter authentication configuration
Yum install cyrus-sasl* installation related packages

vi/etc/sasl2/smtpd.conf start editing the configuration file with the following content:
Pwcheck_method:saslauthd
Mech_list:plain Login
Log_level:3//Set log level to 3

VI/ETC/SYSCONFIG/SASLAUTHD//Edit authentication system configuration file
Mech=shadow

Service SASLAUTHD start//enable authentication function server

VI/ETC/POSTFIX/MAIN.CF//Edit configuration file
Added at the end
Smtpd_sasl_auth_enable = yes//enable authentication
Smtpd_sasl_security_options = noanonymous//Do not allow anonymous sending
Mynetworks = 127.0.0.0/8//Allowed network segment, if you increase the network segment of the machine will appear to allow non-authentication can also be sent to the other country
Smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination// Allow the local domain and the successful certification of the letter, refused to fail the certification of the letter

Postfix check//checking syntax
service Postfix restart//restart server

※ Test General Letter
Telnet mail.yyf.com 25


Failure to send a certificate to an unauthenticated zone indicates that the authentication system is in effect
Quit quitting

※ The following test is sent using the system account
Encrypt the user name and password generation cipher:
printf "Jack" | OpenSSL base64//Generate ciphertext
amfjaw== (ciphertext)
printf "123" | OpenSSL base64//Generate ciphertext
Mtiz (ciphertext)

* Start with the character Terminal test Certificate:
Telnet mail.aa.com 25


If you are testing your real-computer mailbox software, just do the following:

Check the options in the Advanced settings to verify

Sixth step:
----The following is the configuration SquirrelMail send and receive mail content
Need to build a lamp environment.
--------Install lamp---------
Yum install-y \
HTTPD \
Mariadb-server mariadb \
PHP \
Php-mysql \
PHP-GD \
libjpeg* \
PHP-LDAP \
PHP-ODBC \
Php-pear \
Php-xml \
PHP-XMLRPC \
Php-mhash Note: Install the relevant package, where \ Indicates a forced line break operation

vi/etc/httpd/conf/httpd.conf//Edit configuration file
What you need to modify:
ServerName www.aa.com//server name
DirectoryIndex index.html index.php///support for static and dynamic Web pages

Vi/etc/php.ini//edit this configuration file
Date.timezone = PRC//Set time zone

Warning: The firewall in the system and secure Linux to confirm shutdown, otherwise affect the experiment
Systemctl Stop Firewalld.service
Setenforce 0

Systemctl start Httpd.service Web system startup
Systemctl Start Mariadb.service Database system startup

NETSTAT-ANPT | grep 80
NETSTAT-ANPT | grep 3306//port is listening, indicating that the server is up and running



※mysql_secure_installation for security checks, or not to set

Next
vi/var/www/html/index.php Editing a database file
The script is written as follows:
<?php
Phpinfo ();
?>

Test with a real-computer browser:
Http://192.168.80.18 will appear on the following page, stating that the setup was successful

※ Enter the database and create an authorized account
Mysql-u root-p
Set a password when entering the database: 123456
CREATE DATABASE BCD; Build database name BCD
GRANT all on bcd.* to ' mail ' @ '% ' identified by ' 123456 ';
Flush privileges; Refresh Permissions

The following test database is working properly
vi/var/www/html/index.php//Edit the configuration file, which is the database working directory
Delete the previous content and write the following:
<?php
$link =mysql_connect (' 192.168.80.18 ', ' Mail ', ' 123456 '); Description Address and password
if ($link) echo "else echo "fail!!"; Display fail!! If the connection fails
Mysql_close ();
?>
Save exit
Test:

Connection Successful!

Download the Little Squirrel Pack and the Chinese language pack at the following URL
http://www.squirrelmail.org/download.php
1, squirrelmail-webmail-1.4.22.tar.gz
2, all_locales-1.4.18-20090526.tar.gz

Upload the installation package to the Linux system for decompression
Tar xzvf squirrelmail-webmail-1.4.22.tar.gz
Tar xzvf all_locales-1.4.18-20090526.tar.gz-c squirrelmail-webmail-1.4.22//-c to extract the language packs into subsequent packages

CP-RV squirrelmail-webmail-1.4.22/var/www/html/mail//Copy the unpacked package to/var/www/html/mail (Web working directory)

Cd/var/www/html/mail//CD to PHP working directory
mkdir Attach//Create an attachment file directory
Chown-r Apache:apache attach/data//Modify Permissions

CD Config//to SquirrelMail configuration file
CP config_default.php config.php//Copy Template
VI config.php//start editing
The contents of the amendment are as follows:
$domain = ' aa.com '; Domain name
$imap _server_type = ' dovecot '; IMAP service type is Dovecot
$data _dir = '/var/www/html/mail/data '; Original Storage Address
$attachment _dir = '/var/www/html/mail/attach/'; Attachment Storage Address
$squirrelmail _default_language = ' ZH_CN '; Web page display language is Chinese
$default _charset = ' zh_cn. UTF-8 '; Chinese character encoding

Log in with a real-computer browser:
Http://192.168.80.181/mail
The login screen appears,

Enter account Login:
Shown below:


Successful entry and normal operation, the server is working properly.

Seventh Step:
※ Set up mail group below
Vi/etc/aliases Editing a configuration file
Add group name: Student:jack,tom
Newaliases//Generate hash database file
Systemctl restart Postfix//restart mail server br/> test sent to [email protected] when the Jack,tom will receive.

※ Send group mail to group mailbox with Tom

Check the receiving situation:



Test Results Meet requirements

※ Set Message size below
VI/ETC/POSTFIX/MAIN.CF//Edit configuration file
Manual write:
Message_size_limit = 5120000//Unit is byte
Quit after saving!
Systemctl restart Postfix//restart mail server
Test results by adding large attachments

※ The following limit user mailbox space by configuring user disk quotas
Mail storage directory under Home, mounted on/DEV/SDA5 disk

[email protected] ~]# umount/home
[email protected] ~]# mount-o usrquota,grpquota/dev/sda5
[email protected] ~]# Vi/etc/fstab
The last line adds:


To turn on disk quotas:
Edquota-u Jack.
Quota is hard 20M

Whether disk quotas are in effect in the user's system:

The quota has been exceeded and is in effect.

Testing with Client software:
Send a message with a size of 6.6M, successfully sent two (no single message should be larger than 5M configuration)

Third Send failed

View the remaining space in the directory, the limit of 20M, the case is less than 6.6M of space, so the third send must fail

So the disk quotas for Jack's users are in effect.

Linux system, build Postfix server and its related configuration application under Centos7 version

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.