Experimental requirements: For the company to build a mail server capable of receiving letters and letters (192.168.100.1), to provide services for employees, the company domain name is jinjianjun.com.
I. Modify the MX mail exchange record on the DNS server (192.168.100.2) to ensure that the client can resolve the mail server address
1. modifying DNS zone files
# Vim/var/named/jinjianjun.com.zone
$TTL 3H
@ in SOA jinjianjun.com. Root.jinjianjun.com. (
2014042601; Serial
1D; Refresh
1H; Retry
1W; Expire
3H); Minimum
NS dns1.jinjianjun.com.
In MX ten mail.jinjianjun.com.
Dns1 in A 192.168.100.2
Mail in A 192.168.100.1
......
2. Restart the service
# Service named restart
3. Can the client test resolve
# host-t MX jinjianjun.com 192.168.100.2//Query the MX record of the target domain
Using Domain Server:
name:192.168.100.2
address:192.168.100.2#53
Aliases:
Jinjianjun.com Mail is handled by ten mail.jinjianjun.com.
# host mail.jinjianjun.com 192.168.100.2//View the mail server parsing results
Using Domain Server:
name:192.168.100.2
address:192.168.100.2#53
Aliases:
Mail.jinjianjun.com has address 192.168.100.1
Two. Build Postfix server
1. Install the Package
# yum-y Install Postfix
2. Modify the master configuration file
[Email protected] ~]# cd/etc/postfix/
# postconf-n > Tmp.txt//Export non-default configuration
# MV MAIN.CF Main.cf.bak
# MV Tmp.txt MAIN.CF
# Vim MAIN.CF
...
9 #inet_interfaces = localhost//listening port
Myhostname = mail.jinjianjun.com//mail server host name
MyDomain = jinjianjun.com//mail server area
Myorigin = $mydomain//sender DNS Suffix
Mydestination = $mydomain//specify postfix allow messages to be processed
Home_mailbox = maildir///mailbox type
3. Check grammar start-up service
# postfix Check
# service Postfix Start
# chkconfig Postfix on
# NETSTAT-TULNP | GREP:25//Use SMTP protocol for sending letters
TCP 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 3564/master
TCP 0 0::: £ º::* LISTEN 3564/master
4. New mailbox user//mail user default to System user
# Useradd Damao
# echo 123456| passwd--stdin Damao
# Useradd Tom
# echo 123456| passwd--stdin Tom
5. Test the Sending function
# telnet mail.jinjianjun.com 25
Trying 192.168.100.1 ...
Connected to mail.jinjianjun.com.
Escape character is ' ^] '.
Mail.jinjianjun.com ESMTP Postfix
Helo localhost//announce client
Mail.jinjianjun.com
Mail From:[email protected]//Sender
2.1.0 Ok
RCPT To:[email protected]//Mail Recipient
2.1.5 Ok
Data//Message body
354 END data with <CR><LF>.<CR><LF>
Subject:test mail//Mail subject
Hello,tom//email content
. Independent. Indicates end of message
2.0.0 ok:queued as 9b6463fd97
Quit//exit
221 2.0.0 Bye
Connection closed by foreign host.
6. Verify that the message was sent successfully
# ls/home/tom/maildir/new/
1398492202.v803ibf420m185454.mail.jinjianjun.com
# cat/home/tom/maildir/new/1398492202.v803ibf420m185454.mail.jinjianjun.com
Return-path: <[email protected]>
x-original-to: [Email protected]
delivered-to: [Email protected]
Received:from localhost (unknown [192.168.100.1])
by Mail.jinjianjun.com (Postfix) with SMTP ID 9b6463fd97
For <[email protected]>; Fri, APR 23:00:32-0700 (PDT)
Subject:test Mail
Message-id: <[email protected]>
Date:fri, APR 23:00:32-0700 (PDT)
From: [Email protected]
To:undisclosed-recipients:;
Hello,tom
Three. Build Dovecot receiving server
1. Install the Package
# yum-y Install Dovecot
2. Modify the configuration file
# vim/etc/dovecot/dovecot.conf
......
#protocols = IMAP POP3 LMTP
protocols = IMAP POP3
# vim/etc/dovecot/conf.d/10-ssl.conf
......
6 #ssl = yes
7 SSL = no//disable SSL encryption
3. Start the service
# service Dovecot Start
# Chkconfig Dovecot on
# NETSTAT-TULNP | grep dovecot
TCP 0 0 0.0.0.0:110 0.0.0.0:* LISTEN 4377/dovecot
TCP 0 0 0.0.0.0:143 0.0.0.0:* LISTEN 4377/dovecot
TCP 0 0::: +:::* LISTEN 4377/dovecot
TCP 0 0::: 143:::* LISTEN 4377/dovecot
4. Testing the Receiving service
# telnet Mail.jinjianjun.com 110
Trying 192.168.100.1 ...
Connected to mail.jinjianjun.com.
Escape character is ' ^] '.
+ok Dovecot ready.
User Tom
+ok
Pass 123456
+ok logged in.
List
+ok 1 messages:
1 479
.
RETR 1
+ok 479 octets
Return-path: <[email protected]>
x-original-to: [Email protected]
delivered-to: [Email protected]
Received:from localhost (unknown [192.168.100.1])
by Mail.jinjianjun.com (Postfix) with SMTP ID 9b6463fd97
For <[email protected]>; Fri, APR 23:00:32-0700 (PDT)
Subject:test Mail
Message-id: <[email protected]>
Date:fri, APR 23:00:32-0700 (PDT)
From: [Email protected]
To:undisclosed-recipients:;
Hello,tom
.
Quit
+ok Logging out.
Connection closed by foreign host.
Note: Telnet is only used for testing, in the actual application will not use Telnet to send and receive mail, but choose more intuitive, simple graphical software (Outlook, foxmail, etc.), or web mail system (NetEase mailbox, Sina mailbox, etc.).
Four. Start SMTP authentication, improve mail system security, reduce spam
1. Install the software, enable the service
# rpm-q CYRUS-SASL
cyrus-sasl-2.1.22-7.el5_8.1
# cat/etc/sasl2/smtpd.conf//Master config file
Pwcheck_method:saslauthd
Mech_list:plain Login
# service SASLAUTHD Start
# Chkconfig SASLAUTHD on
# testsaslauthd-u Damao-p 123456-s SMTP//Check SASLAUTHD service
0:ok "Success."
2. Modify the Postfix master profile to enable authentication
# VIM/ETC/POSTFIX/MAIN.CF
......
Mynetworks = 127.0.0.1//define local network
Smtpd_sasl_auth_enable = yes//enable SASL authentication
Smtpd_sasl_security_options = noanonymous//block anonymous hair
Smtpd_recipient_restrictions =//Set recipient filtering
Permit_mynetworks,//Allow client programs from Mynetworks
permit_sasl_authenticated,//Allow users who have passed SASL certification
Reject_unauth_destination//denies sending letters to unauthorized target mail domains
# service Postfix Restart
3. Client test does not authenticate to send an alien message
# telnet mail.jinjianjun.com 25
Trying 192.168.100.1 ...
Connected to mail.jinjianjun.com.
Escape character is ' ^] '.
Mail.jinjianjun.com ESMTP Postfix
Mail From:[email protected]
2.1.0 Ok
RCPT To:[email protected]
554 5.7.1 <[email protected]>: Relay access Denied//Send request rejected
421 4.4.2 mail.jinjianjun.com Error:timeout exceeded
Connection closed by foreign host.
So when a user sends a message to an alien without SMTP authentication, his or her request is rejected
4. Client tests use authentication login to send an alien message
User authentication, the user name, password information needs to be BASE64 encoded before being recognized, the execution command generates BASE64 encoded value:
# printf Damao | OpenSSL base64
zgftyw8=
# printf 123456 | OpenSSL base64
MTIzNDU2
[[Email protected] desktop]# Telnet mail.jinjianjun.com 25
Trying 192.168.100.1 ...
Connected to mail.jinjianjun.com.
Escape character is ' ^] '.
Mail.jinjianjun.com ESMTP Postfix
Auth Login//Perform authentication login
334 Vxnlcm5hbwu6
zgftyw8=//Enter BASE64 encoding for user name Damao
334 Ugfzc3dvcmq6
MTIzNDU2//Enter password 123456 for BASE64 encoding
235 2.7.0 Authentication Successful
Mail From:[email protected]
2.1.0 Ok
RCPT To:[email protected]
2.1.5 Ok
Data//Write message content
354 END data with <CR><LF>.<CR><LF>
Subect:test
Test mail
.
2.0.0 ok:queued as 5bfcd3fd16
Quit
221 2.0.0 Bye
Connection closed by foreign host.
This shows that users can use authentication to log in to send to other mail
http://jinjianjun.blog.51cto.com/8539251/1403389
RHEL6.4 postfix+dovecot Build mail server
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
