Article Title: sendmail + squirrelmail: Set the mail server. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.
Configure the redhat AS3 Environment
Kernel linux 2.4.21-4.EL
Sendmail-8.12.10-1
Sendmail-cf-8.12.10-1
Httpd-devel-2.0.46-25.ent
Httpd-2.0.46-25.ent
Squirrelmail-1.4.10a
1. Set DNS
Use the domain name binding function of xiwanghttp://www.3322.org/listener (static binding of fixed IP addresses is supported, and client software is not required for stability). Set the domain name to myname.3322.org email server (mx) and myname.3322.org.
2 configure sendmail
2.1 edit/etc/mail/sendmail. mc
Divert (-1) dnl // defines a Buffer Action for m4. When n =-1, the buffer is deleted, and when n = 0, a new buffer is started.
Include ('/usr/share/sendmail-cf/m4/cf. m4') dnl
VERSIONID ('setup for Red Hat Linux ') dnl
OSTYPE ('linux ') dnl // specifies the operating system used by the Macro. This macro allows the m4 program to add files related to the relevant operating system.
Define ('smart _ host', 'myname .3322.org ') // set the email server domain name (sometimes not required)
Dnl #
Define ('confdef _ USER_ID ', ''8: 12 '') dnl
Dnl define ('confauto _ REBUILD ') dnl
Define ('confto _ CONNECT ', '1m') dnl
Define ('conftry _ NULL_MX_LIST ', true) dnl
Define ('confdont _ PROBE_INTERFACES ', true) dnl
Define ('procmail _ MAILER_PATH ','/usr/bin/procmail') dnl
Define ('Alias _ file', '/etc/aliases') dnl
Dnl define ('status _ file', '/etc/mail/statistics') dnl
Define ('ucp _ MAILER_MAX ', '2013') dnl
Define ('confuserdb _ SPEC ','/etc/mail/userdb. db') dnl
Define ('confprivacy _ FLAGS ', 'authwarnings, novrfy, noexpn, restrictqrun') dnl
Define ('confauth _ options', 'A') dnl
Dnl #
Dnl # The following allows relaying if the user authenticates, and disallows
Dnl # plaintext authentication (PLAIN/LOGIN) on non-TLS links
Dnl #
Dnl define ('confauth _ options', 'a p') dnl
Dnl #
Dnl # PLAIN is the preferred plaintext authentication method and used
Dnl # Mozilla Mail and Evolution, though Outlook Express and other MUAs do
Dnl # use LOGIN. Other mechanic ISMs shoshould be used if the connection is not
Dnl # guaranteed secure.
Dnl #
TRUST_AUTH_MECH ('external DIGEST-MD5 CRAM-MD5 login plain ') dnl
// Set smtp authentication, which means that if access. db access control
// If not set, this authentication method is enabled for smtp authentication
Define ('confauth _ MECHANISMS ', 'external GSSAPI DIGEST-MD5 CRAM-MD5 login plain') dnl
Dnl #
Dnl # Rudimentary information on creating certificates for sendmail TLS:
Dnl # make-C/usr/share/ssl/certs usage
Dnl #
Dnl define ('confcacert _ path', '/usr/share/ssl/certs ')
Dnl define ('confcacert ','/usr/share/ssl/certs/ca-bundle.crt ')
Dnl define ('confserver _ cert', '/usr/share/ssl/certs/sendmail. pem ')
Dnl define ('confserver _ key', '/usr/share/ssl/certs/sendmail. pem ')
Dnl #
Dnl # This allows sendmail to use a keyfile that is shared with OpenLDAP's
Dnl # slapd, which requires the file to be readble by group ldap
Dnl #
Dnl define ('confdont _ blame_sendmail', 'groupreadablekeyfile') dnl
Dnl #
Dnl define ('confto _ queuewarn', '4h ') dnl
Dnl define ('confto _ queuereturn', '5d ') dnl
Dnl define ('confqueue _ la', '12') dnl
Dnl define ('confrefuse _ la', '18') dnl
Define ('confto _ IDENT ', '0') dnl
Dnl FEATURE (delay_checks) dnl
FEATURE ('no _ default_msa ', 'dnl') dnl
FEATURE ('smrsh', '/usr/sbin/smrsh') dnl
FEATURE ('mailertable', 'hash-o/etc/mail/mailertable. db') dnl
FEATURE ('your usertable', 'hash-o/etc/mail/Your usertable. db') dnl
FEATURE (redirect) dnl
FEATURE (always_add_domain) dnl
FEATURE (use_cw_file) dnl
FEATURE (use_ct_file) dnl
Dnl #
Dnl # The-t option will retry delivery if e.g. the user runs over his quota.
Dnl #
FEATURE (local_procmail, '', 'procmail-t-Y-a $ h-d $ U') dnl
FEATURE ('Access _ db', 'hash-T -O/etc/mail/access. db') dnl
FEATURE ('blacklist _ recipients ') dnl
EXPOSED_USER ('root') dnl
Dnl #
Dnl # The following causes sendmail to only listen on the IPv4 loopback address
Dnl #127.0.0.1 and not on any other network devices. Remove the loopback
Dnl # address restriction to accept email from the internet or intranet.
Dnl #
DAEMON_OPTIONS ('port = smtp, Addr = 0.0.0.0, Name = MTA ') dnl // you can set it to 0.0.0.0 to receive external emails, and set it to 127.0.0.1 on the local/Local Area Network email server.
Dnl #
Dnl # The following causes sendmail to additionally listen to port 587
Dnl # mail from MUAs that authenticate. Roaming users who can't reach their
Dnl # preferred sendmail daemon due to port 25 being blocked or redirected find
Dnl # this useful.
Dnl #
Dnl DAEMON_OPTIONS ('port = submission, Name = MSA, M = Ea ') dnl
Dnl #
Dnl # The following causes sendmail to additionally listen to port 465,
Dnl # starting immediately in TLS mode upon connecting. Port 25 or 587 followed
Dnl # by STARTTLS is preferred, but roaming clients using Outlook Express can't
Dnl # do STARTTLS on ports other than 25. Mozilla Mail can ONLY use STARTTLS
Dnl # and doesn' t support the deprecated smtps; Evolution <1.1.1 uses smtps
Dnl # when SSL is enabled -- STARTTLS support is available in version 1.1.1.
Dnl #
Dnl # For this to work your OpenSSL certificates must be configured.
Dnl #
Dnl DAEMON_OPTIONS ('port = smtps, Name = TLSMTA, M = S') dnl
Dnl #
Dnl # The following causes sendmail to additionally listen on the IPv6 loopback
Dnl # device. Remove the loopback address restriction listen to the network.
Dnl #
Dnl # NOTE: binding both IPv4 and IPv6 daemon to the same port requires
Dnl # a kernel patch
Dnl #
Dnl DAEMON_OPTIONS ('port = smtp, Addr =: 1, Name = MTA-v6, Family = inet6 ') dnl
Dnl #
Dnl # We stronugly recommend not accepting unresolvable domains if you want
Dnl # protect yourself from spam. However, the laptop and users on computers
Dnl # that do not have 24x7 DNS do need this.
Dnl #
FEATURE ('Accept _ unresolvable_domains ') dnl
Dnl #
Dnl FEATURE ('relay _ based_on_MX ') dnl
Dnl #
Dnl # Also accept email sent to "localhost. localdomain" as local email.
Dnl #
LOCAL_DOMAIN ('localhost. localdomain ') dnl
Dnl #
Dnl # The following example makes mail from this host and any additional
Dnl # specified domains appear to be sent from mydomain.com
Dnl #
Dnl MASQUERADE_AS ('mydomain. com') dnl // defines other host names for sendmail to respond to emails
Dnl #
Dnl # masquerade not just the headers, but the envelope as well
Dnl #
Dnl FEATURE (masquerade_envelope) dnl
Dnl #
Dnl # masquerade not just @ mydomainalias.com, but @ * .mydomainalias.com as well
Dnl #
Dnl FEATURE (masquerade_entire_domain) dnl
Dnl #
Dnl MASQUERADE_DOMAIN (localhost) dnl
Dnl MASQUERADE_DOMAIN (localhost. localdomain) dnl
Dnl MASQUERADE_DOMAIN (mydomainalias.com) dnl
Dnl MASQUERADE_DOMAIN (mydomain. lan) dnl
MAILER (smtp) dnl // defines the mail Transmission Method smtp used by sendmail
MAILER (procmail) dnl
After writing the sendmail. mc document, you can use the m4 program to generate the official sendmail. cf configuration document. The syntax is as follows:
Below:
# M4 sendmail. mc> sendmail. cf
Detect SMTP authentication
# Telnet myname.3322.org 25
Trying 159.226.xx.xx...
Connected to mail.myname.3322.org (159.226.XX.XX ).
Escape character is '^]'.
220 mail.myname.3322.org ESMTP Sendmail 8.12.10/8.12.10; Wed, 16 May 2007 17:24:38 + 0800
Ehlo myname.3322.org (enter this command)
250-mail.myname.3322.org Hello mail.myname.3322.org [159.226.XX.XX], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
December 250-SIZE
250-DSN
250-ETRN
250-AUTH GSSAPI DIGEST-MD5 CRAM-MD5 login plain (this line appears to indicate the setting is correct)
250-DELIVERBY
250 HELP
^] --- Ctrl +] interrupted
Telnet> q --- q quit
Connection closed.
2.2 set sending and receiving limits
Modify/etc/mail/access:
Localhost RELAY
159.226 RELAY
Localhost. localdomain RELAY
127.0.0.1 RELAY
Then
# Makemap-v hash/etc/mail/access </etc/mail/access
2.3 Add the host domain name to the/etc/mail/local-host-names file as follows:
Myname.3322.org // it seems that it is not required
3. Set POP and IMAP servers.
1) first, make sure that/etc/servicese has the following content:
Pop2 109/tcp pop-2 postoffice # POP version 2
Pop2 109/udp pop-2
Pop3 110/tcp pop-3 # POP version 3
Pop3 110/udp pop-3
.......
Imap 143/tcp imap2 # Interim Mail Access Proto v2
Imap 143/udp imap2
Use xinetd to start POP, IMAP,
# Vi/etc/xinetd. d/imap
Service imap
{
Disable = no
Socket_type = stream
Wait = no
User = root
Server =/usr/sbin/imapd
Log_on_success + = HOST DURATION
Log_on_failure + = HOST
}
[Root @ mis010/] # vi/etc/xinetd. d/ipop3
Service pop3
{
Disable = no
Socket_type = stream
Wait = no
User = root
Server =/usr/sbin/ipop3d
Log_on_success + = HOST DURATION
Log_on_failure + = HOST
}
[Root @ mis010/] # vi/etc/xinetd. d/ipop2
Service pop2
{
Disable = no
Socket_type = stream
Wait = no
User = root
Server =/usr/sbin/ipop2d
Log_on_success + = HOST DURATION
Log_on_failure + = HOST
}
Let xinetd re-read the set value.
#/Etc/rc. d/init. d/xinetd reload
Test POP3
Telnet myname.3322.org 110
Test imap
Telnet myname.3322.org 53
4. Install squirrelmail
(This is a popular webmail program, developed using php4, which can be used to send and receive mails Based on web)
4.1download squirrelmail-1.4.10a.tar.gz
4.2 installation:
Decompress the package and copy it to/var/www/html/squirrelmail.
4.3 configure squirrelmail
#/Var/www/html/squirrelmail/configure
1) configure the basic information, including the organization name, logon logo, logo size, and title. You can configure these items later. The first items to be configured are 5th and 6th, the values configured are spaces (5 items) and ISO-2022-CN (6 items), respectively)
2) Configure the server parameter, domain: the domain of the configured Mail Server (myname.3322.org here), Sendmail or SMTP: Enter R for sendmail to return
4) go to the general configuration page.
Configure 1. Data Directory:/var/www/html/squirrelmail/data/
Configure 2. Attachment Directory:/var/www/html/squirrelmail/attachments/(you may need to create it yourself)
Return;
8) Go to plug-in management, add the selected plug-in (enter a number to select from), and return. Select S to save the data and select Q to exit)
5 Test
5.1 create a test account:
# Useradd-s/bin/false test # passwd test
5.2 run the following command to start apache:
# Service httpd start
5.3 Test
Enter http://myname.3322.org/squirrelmail/in the browser, and use testbench to receive and send the mail.
6 Summary
Currently, 163, sina, mails.tsinghua.edu.cn, mails.gucas.ac.cn, home.ipe.ac.cn, and gmail can send emails to this mailbox, including sina and mails. tsinghua cannot send emails from this email address. It is suspected that the email address uses the 3322.org suffix and is directly filtered out.
In addition, because 3322.org does not support Reverse Domain name resolution, some public email may not receive this email (not encountered currently)
At the same time, we need to further strengthen security defense