Learn linux with me 15-Linux Enterprise Application-Linux server application information. The following is a detailed description. We will continue to learn the content of Lesson 14.
Sorry, it's really slow to update things recently, but I won't be a eunuch.
I decided to write this tutorial and despise the eunuch who did not reply to the post.
1. I would like to remind you that the root user cannot receive or send emails, and sendmail is a listener.
At port 25
2. Create a user to receive and send emails
[Root @ zy root] # useradd redhat
[Root @ zy root] # passwd redhat
3. the email system must have an alias file aliases and cannot be empty.
[Root @ zy mail] # echo "root: redhat">/etc/mail/aliases
We will forward all emails sent to the root user to redhat.
To make this aliases take effect, we need to run
[Root @ zy mail] # newaliases
It automatically creates a new database account.
4. [root @ zy mail] # telnet localhost 25
Connect to the local server. After the connection is successful, it will
220 zy.zhaoyong.com ESMTP Sendmail 8.12.10/8.14.1; Tue, 31 Jul
2007 11:07:46 + 0800
The above message shows the sendmail version number and logon time. We will write the standard
Sendmail statement
Mail from: root@zhaoyong.com indicates that the message is sent from here zhaoyong.com is
My domain, it will respond to information
250 2.1.0 root@zhaoyong.com... Sender OK
Next we write
Rcpt to: redhat@zhaoyong.com, rcpt to represents who to send, send here
To the local redhat user, the following response indicates that the message is successfully sent.
250 2.1.5 redhat@zhaoyong.com... Recipient OK
Enter the data command and enter the following information:
Data
354 Enter mail, end with "." on a line by itself
Zhaoyongaimeinv.
.
250 2.0.0 l6V3U9SP002895 Message accepted for delivery
. Indicates the end of this line. A single row. indicates that the write is complete.
Then we quit.
5. [root @ zy mail] # tail/var/log/maillog check the log to determine whether to send or not
Succeeded. As shown in the last line, stat = send indicates that the operation is successful.
6. sendmail is sent. Now we configure the receiving server. Now we configure imap
Email receiving server
[Root @ zy RPMS] # rpm-ivh -- aid imap-* first install the imap service in the third
Inventory
1: imap-devel ##################################### # [50%]
2: imap ################################## [100%]
[Root @ zy root] # chkconfig imap on enable imap service
However, imap cannot run independently. It requires the xinetd super service to start.
[Root @ zy root] # ls/etc/xinetd. d you can view the imap service here
[Root @ zy root] # service xinetd restart start Super service
[Root @ zy root] # grep imap/etc/services from/etc/services
The starting port of the imap service is 143.
Imap 143/tcp
Imap 143/udp
[Root @ zy root] # netstat-tnl | grep 143 check whether the port is enabled
Tcp 0 0 0.0.0.0: 143 0.0.0.0: * LISTEN
The result shows that our service is successfully started.
Now let's test it with outlook.
Click Start-Program-outlook-tool-account-add-mail-display name zhaoyong-
Redhat@zhaoyong.com-my mail receiving server is choosing imap to receive mail addresses
And the email Sending address is 192.168.1.144. You can write the email address according to your settings-
The account name is redhat, And the password is 123.
Next, let's create an email for your own experiment.
At this time, we can only work inside the server. If you want to work on the Internet, you still need
7. Here we will talk about server forwarding. When the recipient is not the server itself but another
The server needs to forward the relay
Edit the configuration file
The configuration of Sendmail is very complex. Its configuration file is sendmail. cf, bit
In the/etc/mail directory. Because the syntax of sendmail. cf is profound and difficult to understand, few people directly
Modify the file to configure the Sendmail server. We generally use m4 macros for processing.
Program to generate the required sendmail. cf file. A template file is also required during the creation process.
By default, the system has a sendmail. mc template file under the/etc/mail directory.
We can generate the sendmail. cf file based on the simple and intuitive sendmail. mc template,
You do not need to directly edit the sendmail. cf file. You can directly modify the sendmail. mc Template
To customize the sendmail. cf file. This section describes how to create the sendmail. cf file
Steps:
[Root @ zy root] # Add vi/etc/mail/sendmail. mc to the following sentence:
FEATURE ('Access _ db') dnl indicates opening the access_db database.
Because FEATURE is a macro definition, we need to add this sentence.
Include ('/usr/share/sendmail/cf/m4/cf. m4') dnl, which is set by default.
The file defined by the yihong,/usr/share/sendmail/cf/m4/cf. m4.
The course was created during the course 14. You can refer to the content of the course 14.
[Root @ zy mail] # m4 sendmail. mc> sendmail. cf then use m4 to set macro language
To the configuration file of sendnail. cf and then
[Root @ zy mail] # echo "192.168.1 RELAY"> access means access from
The IP address of 192.168.1 will be forwarded.
[Root @ zy mail] # makemap hash access <access and then create a table
The source is access
Then you will find an access. db file in the mail directory, which is the table you just created.
[Root @ zy mail] # killall-9 sendmail kills your sendmail server and
Restart
[Root @ zy mail] # sendmail-db-q1h-b:
-B specifies that Sendmail runs in the background and listens to requests on port 25.
-D: Specify Sendmail to run in Daemon mode (daemprocess ).
-Q: When Sendmail cannot successfully send the email to the destination, it will save the email in
Queue. This parameter specifies the time when the message is saved in the queue. In the example, 1 h indicates that the value is 1 small.
.
Then let's test and write a letter from zhaoyong.com to another
If you use the zy.com domain on one server, you can test it by yourself.
If an error occurs in this process, check whether your dns server is successful.
You can test your dns server first.
[Root @ zy mail] # tail/var/log/maillog check the error message
8. If your client address changes, we need to configure the User Authentication mode.
[Root @ zy root] # vi/etc/mail/sendmail. mc. We need to modify the User Authentication
Authentication Mechanism. Add the following lines to it:
Include ('/usr/share/sendmail/cf/m4/cf. m4') dnl is added above
Define ('confauth _ options'. 'A y') dnl
Item. A y must pass the authentication.
TRUST_AUTH_MECH ('login PLAIN ') dnl indicates a trusted authentication mechanism. We use
Login and plain are the authentication methods supported by most customer segments, such as outlook.
This authentication method
Define ('confauth _ MECHANISMS '. 'login PLAIN') dnl is defined by default.
The authentication mechanism is login and plain.
Wq save and exit
[Root @ zy mail] # m4 sendmail. mc> sendmail. cf re-use m4 to translate it into configuration
File
Sendmail itself does not provide authentication
Therefore, we must enable the saslauthd certification service.
[Root @ zy mail] # chkconfig saslauthd on
[Root @ zy mail] # services saslauthd restart and restart
[Root @ zy mail] # echo "pwcheck_method: saslauthd">
/Usr/lib/sasl2/sendmail. conf and then edit an authentication configuration file to redirect
Sasl2 uses the default sendmail. conf file to know how sendmail uses
User Authentication
[Root @ zy mail] # services saslauthd restart
[Root @ zy mail] # killall-9 sendmail kills your sendmail server and
Restart
[Root @ zy mail] # sendmail-db-q1h-b
Next we will test the user
[Root @ zy mail] # telnet localhost 25 to port 25 of the server
Input ehlo localhost
If 250-AUTHLOGIN PLAIN is displayed, the user authentication mechanism is enabled successfully.
Quit exit
Test in outlook, we select the attribute 192.168.1.144, and then select my service
Authentication is required.
For more information, see www.sendmail.org.
For more information, see www.postfix.org.
Below I have stolen an article set up by another buddy jackiesr's psotfix's email server. I think it is well written and everyone will study it and pay tribute to this buddy.
The email service is based on the c/s mode. For a complete email system, it consists of three parts: User proxy, email server, and email protocol. Currently, the main protocols used are SMTP, POP3, and IMAP4. POP3 and IMAP4 are used to receive emails. We can regard IMAP4 as a remote file server, and POP as a storage forwarding server.
Mainstream email servers include sendmail, postfix, and Qmail. Among them, sendmail is a very good mail server software, but its security is poor, and the postfix security is better, it can also maintain compatibility with sendmail to meet users' usage habits.
Install the postfix email server
By default, sendmail is installed in the OS. To use postfix, you must stop the sendmail service. Use netstat-nutlp | grep: 25 to check the existence of port 25. If yes, you must disable the sendmail service and enable the Automatic startup command as follows:
/Etc/rc. d/init. d/sendmail stop
Chkconfig sendmail off
Install the postfix service rpm-ivh postfix... rpm
Postfix email server configuration
The most commendable aspect of postfix is its high readability. Its main configuration file is/etc/postfix/main. cf although the configuration file contains a lot of content, most of the content is annotated and there are not many self-defined parameters. Even if these parameters are not defined, they can be run by default, however, it only listens to the 127 interface for sending and receiving mails.
1. Set the mail host name and domain name for running the postfix Service
Myhostname = mail.163.com
Mydomain = 163.com
2. Set the domain name or Host Name of the mail sent by the Local Machine
Myorigin = $ mydomain
Myorigin = $ myhostname
3. The network interface for setting postfix Service Listening is usually to open all network interfaces to receive emails from any network interfaces. Inet_interfaces = all
4. Set the host name or domain name for receiving emails
Mydestination = $ mydomain, $ myhostname
5. set which network emails can be forwarded (Relay)
Mynetworks = 192.168.1.0/24,127.0 .0.1/8
Note: In addition to mynetworks, mynetworks-style is also a parameter used to control network mail forwarding. It is mainly used to set the network type of convertible mail. There are usually three methods.
Class: in this way, the postfix automatically learns the IP address type of the email host.
Subnet: This is the default value of postfix. postfix will know the ip network segment to be opened based on the ip address and subnet mask set on the network interface of the mail host.
Host: In this mode, postfix only opens the local machine.
Generally, you do not set the mynetworks-style parameter, but directly set the mynetworks parameter. If both parameters are set, the mynetworks parameter settings are valid.
6. set which domains can be forwarded for mail
The mynetworks parameter is set for the IP address of the mail source, while the relay_domains parameter is set for the domain name or Host Name of the mail source. Relay_domains = 163.com indicates that any emails sent from the domain 163.com will be considered trusted, and postfix will be automatically forwarded.
After completing the above basic settings, restart the postfix service. This mail host is basically ready. However, it currently only supports sending from the client, and does not support receiving.
In addition, DNS must be configured to enable it to transfer emails in the internal network of the Organization.
When the postfix master configuration file/etc/postfix/main is edited. to facilitate debugging, you can run the/usr/sbin/postconf command to directly read all types of data in the file without opening the file.
Postconf-n
Virtual alias domain settings
Using the virtual alias domain, you can actually send emails sent to the virtual domain to the user's mailbox in the real domain; you can implement the group mail function, that is, specify a virtual mail address, any email sent to this email address will be automatically forwarded by the email server to the mailbox of a group of users in the real domain. The virtual domain here can be a nonexistent domain, and the real domain can be a local region (that is, main. the domain specified by the mydestination parameter in the cf file), or remote or internet domain. A virtual domain is a real alias. In fact, a virtual alias table is used to redirect the email address from a virtual domain to a real domain.
Vi/etc/postfix/main. cf
Edit virtual_alias_domains = dzxx.cn, jackie.com
Virtual_alias_maps = hash:/etc/postfix/virtual
Here, virtual_alias_domains is used to specify the name of the virtual alias domain.
Virtual_alias_maps is used to specify the file path that contains the virtual alias domain definition.
Vi/etc/postfix/virtual
@ Dzxx.cn @ jackie.com
Admin@jackie.com lbt
St0321@jackie.com st0321001, st0321002...
Daliu@jackie.com lbt, liu@163.com
After these two files are modified, execute the commands in the/usr/sbin directory respectively.
Postmap/etc/postfix/virtual generate database files that can be read by postfix/etc/postfix/virtual. db
Postfix reload main. cf main configuration file
User alias settings
The most important feature of using user aliases is to implement the group mail (also called the mail list) function, it can forward emails sent to an alias email address to the mailboxes of multiple real users.
In practical application, the example configuration is as follows:
1. Open the postfix main configuration file/etc/postfix/main. cf, and check that the file contains the following two default statements.
Alias_maps = hash:/etc/aliases is used to specify the file path that contains the user alias.
Alias_database = hash:/etc/aliases specifies the path of the database file in the alias table.
2. Edit the configuration file/etc/aliases
St0322: st0322001, st0322002 ,.....
St0323: include:/etc/mail/st0323 do not forget to edit the/etc/mail/st0323 file.
3. postalias/etc/aliases
Postfix reload
Note: This method is only applicable to root users. to implement your own mail list, you should create a. forward file in the user directory. For details, see relevant information.
SMTP authentication Configuration
If anyone can forward emails through an email server, I believe everyone will think of its disadvantages. By default, Postfix does not enable the forwarding function, but only forwards data to the local machine. However, in practice, you must set the mynetworks and relay_domains parameters in the postfix note configuration file to enable some trusted CIDR blocks or domains, so this email server has almost no purpose. After these trusted CIDR blocks or domains are enabled, you can set up SMTP authentication to authenticate the clients that require Email Forwarding. Currently, the popular verification mechanism is implemented through the cyrus SASL package.
Cyrus Installation
I found only a few packages in rh9, but in my book there are actually 7 packages (rhel4). I would be very grateful to anyone who wants to answer these questions. In addition to the five packages, there are also two software packages, cyrus-sasl-SQL-... and cyrus-sasl-ntlm.
Password Verification Mechanism Of cyrus-sasl V2
By default, the cyrusSASL-v2 Edition uses the saslauthd daemon for Password Authentication and uses the following command to view the password verification mechanisms supported by the cyrusSASL-v2 in the current system.
If saslauthd-v succeeds, you can see the currently usable password verification method...
Test the authentication function of cyrus-sasl V2.
Ps aux | grep saslauthd check if the saslauthd process is running
If it is not running, you can start it/etc/init. d/saslauthd start
Set chkconfig saslauthd on
Then perform the following small test:/usr/sbin/testsaslauthd-u lbt-p 'mima'
Set postfix to enable SMTP authentication
By default, the SMTP authentication mechanism is not enabled for postfix. To enable it, you must configure the master configuration file/etc/postfix/main. cf. The following section describes the settings for SMTP authentication in the main. cf file, which is located at the end of the file.
Smtpd_sasl_auth_enable = yes whether to enable sasl as the SMTP authentication method
Smtpd_sasl_local_domain = ''if cyrus-SASL V2 is used for authentication, no configuration is set here.
Smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination indicates filtering emails sent from the client through the recipient address. Permit_mynetworks indicates that emails can be forwarded as long as the recipient address is located in the network segment specified in the mynetworks parameter. Permit_sasl_authenticated indicates that SASL-authorized emails can be forwarded. Reject_unauth_destination indicates that emails containing untrusted target addresses are rejected.
Broken_sasl_auth_clients = yes is compatible with non-standard authentication.
Smtpd_client_restrictions = permit_sasl_authenticated: Restrict clients that can initiate SMTP connections to postfix. If you want to prohibit unauthorized clients from initiating smtp connections to postfix, you can set this parameter value to permit_sasl_authenticated.
Smtpd_sasl_security_options = noanonymous is used to restrict certain login methods. Anonymous user logon is prohibited.
After completing the preceding configuration, use/etc/init. d/postfix reload or/etc/init. d/postfix restart to restart the service.
In addition, when postfix requires SMTP authentication, it will read/usr/lib/sasl2/smtpd. the content in the conf file is used to determine the authentication method used. Therefore, to use the saslauthd daemon for password authentication, you must ensure that the content in this file is: pwcheck_method: saslauthd
Test whether SMTP authentication is enabled for postfix.
Telnet mail.jackie.com 25
EHLO 163.com
Quit example
/Etc/init. d/postfix start
/Etc/init. d/postfix stop
/Etc/init. d/postfix restart
/Etc/init. d/postfix reload
Ntsysv automatically starts the postfix Service
Implementation of pop and imap email services
The postfix service is only MTA. It only provides the SMTP service, that is, it only provides Mail forwarding and local distribution functions. To achieve remote reception, you must also install the POP or IMAP service. Generally, the SMAP service and POP or IMAP service are installed on a host, which is also called an email server. In rhel4, dovecot and cyrus-imapd provide both pop and imap services.
The implementation of the dovecot service is installed on the fourth disc of rehl4.
The basic configuration file of dovecot is/etc/dovecot. conf. To enable the most basic dovcot service, you only need to modify the following content in the configuration file.
Protocols = pop3 indicates the service protocol to run
Pop3_listen = * (asterisk) specifies the service port to be listened to. The asterisk represents all ports.
Start the dovecot service and set it to auto start
/Etc/rc. d/init. d/dovecot start
Chkconfig -- level 345 dovecot on
Now you have installed the dovecot and postfix services, and then you can use this email server to send and receive emails.
Note: port 110 of the TCP protocol used by pop3.
The cyrus-imapd service is installed on the fourth disc. The following are related software packages.
Cyrus-imapd-2.2.10-1.RHEL.1.I386.rpm
Cyrus-imapd-devel-2.2.10-1.rhel4.1.i386.rpm
Cyrus-imapd-murder-2.2.10-1.rhel4.1.i386.rpm
Cyrus-imapd-nntp-2.2.10-1.rhel4.1.i386.rpm
Cyrus-imapd-utils-2.2.10-1.rhel4.1.i386.rpm
Perl-cyrus-2.2.10-1.rhel4.1.i386.rpm
The last package must be installed before installing the cyrus-imapd-utils-2.2.10-1.rhel4.1.i386.rpm package.
There are three basic configuration files for the cyrus-imapd service.
/Etc/sysconfig/cyrus-imapd: the configuration file used to start the cyrus-imapd service.
/Etc/cyrus. conf: it is the main configuration file of the cyrus-imapd service, which contains the setting parameters of each component in the Service (imap, pop3, sieve, nntp, etc.
/Etc/imapd. conf: the configuration file of the imap service in the cyrus-imapd service.
By default, these configuration files are basically configured. As long as the cyrus-imapd service is started, pop and imap services can be provided at the same time. However, postfix does not support cyrus-imap by default. Therefore, to integrate postfix with cyrus-imapd, the main configuration file/etc/postfix/main of postfix must be located. join in cf
Mailbox_transport = lmtp: unix:/var/lib/imap/socket/lmtp
Cyrus-imapd starts and runs automatically
Service cyrus-imapd start
Chkconfig cyrus-imapd on
User email management
One thing about cyrus-imap is that it can create a mailbox for each user. By default, the mailbox of cyrus-imap is located in the/var/spool/imap directory. When creating a mailbox, the format of each email name is:
Letter Type. name [. Folder name [. Folder name ]]...
How to create and manage users' email addresses:
1. Set a password for cyrus-imap Administrator Account
Passwd curus
The cyrus-imap Administrator account is automatically created when the cyrus-imap service is installed. Before creating a mailbox for a user for the first time, you must set a password for the Account to authenticate the user identity when managing the user mailbox in the future.
2. Use the cyradm management tool to create email addresses for users
The cyradm management tool is located in the/usr/lib/cyrus-imapd directory. Run the following command to run the management tool. /Usr/lib/cyrus-imapd/cyradm-u cyrus localhost
In the command, you must use the parameter-u to specify the user account that runs the management tool, which is usually the Administrator account cyrus. When the command is executed, the system prompts you to enter the password. When you confirm that the password is correct, you can enter the management command line status.
Localhost. localdomain>
Use the following command to create a mail box for the user lbt.
Localhost. localdomain> createmailbox user. lbt
Use the listmailbox command to list the existing user email boxes in the cyrus-imap system.
3. Add other folders in the user's mailbox
Localhost. localdomain> createmailbox user. lbt. send (sender)
Localhost. localdomain> createmailbox user. lbt. trash (garbage bin)
Localhost. localdomain> createmailbox user. lbt. drafts (draft box)
4. Set a quota for the user's email box
Localhost. localdomain> setquota user. lbt 5210 sets a 5 MB quota for the user.
Localhost. localdomain> listquota user. lbt
You can also run the su-l cyrus-c/usr/lib/cyrus-imap/quota command on another linux prompt to view the user's mailbox usage.
5. Set permissions for the user's email address
By default, when the cyrus-imap administrator creates a mailbox for a user, only the user has full control over the mailbox.
[Table = 98%] [tr] [td] Permission restriction write [/td] [td] Description [/td] [/tr] [tr] [td] none [/td] [td] has no permission [/td] [/tr] [tr] [td] read [/td] [td] allows reading contents in the mailbox [/td] [/tr] [tr] [td] post [/td] [td] Allow reading and posting (email) to the mailbox) [/td] [/tr] [tr] [td] append [/td] [td] Allow reading and posting and inserting information to the mailbox [/td] [/tr] [tr] [td] write [/td] [td] Except for permission to append, you can also delete emails in the email box, however, it does not have the permission to change the mailbox [/td] [/tr] [tr] [td] all [/td] [td] It has all permissions [/td] [/tr] [/table]
Set permissions Note: The deletemailbox command is to delete the mailbox
Localhost. localdomain> setacl user. lbt cyrus all
In fact, the mailbox access permission is composed of nine permissions: l r s w I p c d.
Common cyradm management commands and their abbreviations are as follows:
Listmailbox lm
Createmailbox cm
Deleatemailbox dm
Renamemailbox renm
Setaclmailbox sam
Deleteaclmailbox dam
Listaclmailbox lam
Setquota sq
Listquota SCSI
Now the configuration of the email server is complete, and the rest is the configuration of the client. This is omitted.
