Linux Email服务搭建与应用

1.规划节点
部署 mail 服务的节点规划
IP 主机名 结点
172.16.51.20 mail.testmail.com Mail服务器
172.166.51.8 master DNS服务器

2.基础准备
使 用 VMWare Workstation 软件 安装 CentOS 7.2 操作 系统， 镜像 使用 提供 的
CentOS-7-x86_64-DVD-1511.iso。最小化 CentOS 7.2 虚拟机一台，另需要 DNS 服务器一台，
安装配置请参考 3.5 实战案例——DNS 服务与管理。YUM 源使用本地 CetnOS 7.2 系统源。

3 案例实施
1.基础配置
（1）修改 mail 节点主机名

[root@localhost ~]# hostnamectl set-hostname mail.testmail.com

退出重新登录生效
（2）YUM 源备份

[root@localhost ~]# mv /etc/yum.repos.dsample/ for example named configuration files.
//
options {
 listen-on port 53 { any; };
// listen-on-v6 port 53 { ::1; };
 directory "/var/named";
 dump-file "/var/named/data/cache_dump.db";
 statistics-file "/var/named/data/named_stats.txt";
 memstatistics-file "/var/named/data/named_mem_stats.txt";
 allow-query { any; };
 notify yes;
 also-notify { 172.16.51.21 ;}; 
 
 recursion yes;
 dnssec-enable yes;
 dnssec-validation yes;
 
 bindkeys-file "/etc/named.iscdlv.key";
 managed-keys-directory "/var/named/dynamic";
 pid-file "/run/named/named.pid";
 session-keyfile "/run/named/session.key";
};
logging {
 channel default_debug {
 file "data/named.run";
 severity dynamic;
 };
};
zone "test.com" {
 type master;
 file "test.com.zon";
 allow-transfer {172.16.51.21;};
 notify yes;
 also-notify {172.16.51.21;}; 
};
//添加代码
zone "testmail.com" IN {
 type master;
 file "testmail.com.zone";
}; 
zone "51.16.172.in-addr.arpa" {
//主机网段倒序填写，实验网段是 172.16.51.0
 type master;
 file "testmail.com.local";
}; 
//添加代码
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";

（2）修改区域解析库文件，添加解析记录

[root@master ~]# cd /var/named/chroot/var/named/
[root@master named]# cp -p named.localhost testmail.com.zone
[root@master named]# cp -p named.localhost testmail.com.local
[root@master named]# vi testmail.com.zone 
$TTL 86400
@ IN SOA ns.testmail.com. admin.testmail.com. (
 2019008 ; serial
 2H ; refresh
 10M ; retry
 3D ; expire
 1D ; minimum
)
 IN NS ns1
 IN MX 10 mail
ns1 IN A 172.16.51.20
mail IN A 172.16.51.20
[root@master named]# vi testmail.com.local 
$TTL 86400
@ IN SOA ns.testmail.com. admin.testmail.com. (
 2019003; serial
 2H ; refresh
 10M ; retry
 3D ; expire
 1D ; minimum
)
 IN NS ns.testmail.com.
1 IN PTR ns.testmail.com.
1 IN PTR mail.testmail.com.

（3）检查配置文件是否有语法错误

[root@master named]# named-checkzone testmail.com testmail.com.zone
[root@master named]# named-checkzone testmail.com testmail.com.local

（4）重启 bind 服务

[root@master named]# systemctl restart named-chroot

（5）将 mail 主机 DNS 解析指向 DNS 服务器

[root@mail ~]# vi /etc/resolv.conf 
; generated by /usr/sbin/dhclient-script
search openstacklocal localdomain.localdomain
nameserver 172.16.51.8

（6）测试解析
①安装 dig 命令

[root@mail ~]# yum install -y bind-utils

②解析域名，结果如图 所示。

[root@mail ~]# dig -t A mail.testmail.com

3.安装配置 postfix
（1）删除 postfix
①清除 postfix 软件包

[root@mail ~]# rpm -e postfix

②删除 postfix 用户

[root@mail ~]# userdel postfix
[root@mail ~]# groupdel postdrop

③新建用户

[root@mail ~]# groupadd -g 2525 postfix
[root@mail ~]# useradd -g 2525 -u 2525 -M -s /sbin/nologin postfix
[root@mail ~]# groupadd -g 2526 postdrop
[root@mail ~]# useradd -g 2526 -u 2526 -M -s /sbin/nologin 

postdrop
（2）安装 postfix

[root@mail ~]# yum install -y postfix

（3）配置 postfix，修改内容

[root@mail ~]# vi /etc/postfix/main.cf
#修改邮局主机名
myhostname = mail.testmail.com
#修改邮局域名
mydomain = testmail.com
#寄出邮件域名，删除注释
myorigin = $mydomain
#修改监听所有网卡，删除注释
inet_interfaces = all
#修改可接收邮件的主机名和域名，可被中继的域名
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
#修改可接收邮件的主机名和域名，可被中继的主机
#按实际情况填写
mynetworks = 172.16.51.0/24, 127.0.0.0/8
#取消注释
home_mailbox = Maildir/
#指定信任网段类型
mynetworks_style = host 
#指定允许中转邮件的域名，取消注释
relay_domains = $mydestination 

（4）添加权限，设置开机启动并重启服务

[root@mail ~]# chown postfix.postfix -R /var/lib/postfix/
[root@mail ~]# chown postfix.postfix /var/spool/ -R
[root@mail ~]# systemctl enable postfix
[root@mail ~]# systemctl restart postfix

（5）测试发送邮件
①创建测试邮件接收用户，并设置密码，如图 3-6-2 所示。

[root@mail ~]# useradd cwl
[root@mail ~]# echo "111111" | passwd --stdin cwl

②安装 Telnet 服务，如图所示。

[root@mail ~]# yum -y install telnet

③Telnet 连接邮件服务器 25 端口，发送邮件。

[root@mail ~]# telnet mail.testmail.com 25
Trying 172.16.51.20...
Connected to mail.testmail.com.
Escape character is '^]'.
220 mail.testmail.com ESMTP Postfix
mail from:root@testmail.com //发件人
250 2.1.0 Ok
rcpt to:cwl //收件人
250 2.1.5 Ok
data //填写邮件
354 End data with .
hello,this is test mail. //输入邮件内容
. //以“.”结束输入
250 2.0.0 Ok: queued as DC5693000085
quit //退出
221 2.0.0 Bye
Connection closed by foreign host

（6）查看发送状态

[root@mail ~]# tail /var/log/maillog|grep sent
Oct 6 07:20:12 localhost postfix/local[2755]: DC5693000085: to=, 
orig_to=, relay=local, delay=31, delays=31/0.01/0/0.02, dsn=2.0.0, status=sent (delivered to 
maildir)

4.安装配置 dovecot
①安装 dovecot，如图

[root@mail ~]# yum install -y dovecot

②修改 dovecot 相关配置文件，示例代码如下：

[root@mail ~]# vi /etc/dovecot/dovecot.conf
#如果不使用 IPv6，请修改为*
listen = *
[root@mail ~]# vi /etc/dovecot/conf.d/10-auth.conf
#9 行: 取消注释并修改
#是否允许在沒有 SSL/TLS 下以明码登录
disable_plaintext_auth = no
#97 行: 添加
auth_mechanisms = plain login
[root@mail ~]# vi /etc/dovecot/conf.d/10-mail.conf
#30 行: 取消注释并添加
mail_location = maildir:~/Maildir
[root@mail ~]# vi /etc/dovecot/conf.d/10-master.conf
#88-90 行: 取消注释并添加 Postfix smtp 验证
unix_listener /var/spool/postfix/private/auth {
 mode = 0666
 user = postfix
 group = postfix
}

③重启 dovecot 服务，命令如下：

[root@mail ~]# systemctl restart dovecot

④测试接收邮件，示例代码如下：

[root@mail ~]# telnet mail.testmail.com 110
Trying 172.16.51.20...
Connected to mail.testmail.com.
Escape character is '^]'.
+OK Dovecot ready.
user cwl //登录用户
+OK
pass 111111 //密码
+OK Logged in.
List //邮件列表
+OK 1 messages:
1 404
.
retr 1 //输入邮件编号查看邮件
+OK 404 octets
Return-Path: 
X-Original-To: cwl
Delivered-To: cwl@testmail.com
54
Received: from unknown (unknown [172.16.51.20])
 by mail.testmail.com (Postfix) with SMTP id DC5693000085
 for ; Sun, 6 Oct 2019 07:19:41 +0000 (UTC)
Message-Id: <20191006071952.DC5693000085@mail.testmail.com>
Date: Sun, 6 Oct 2019 07:19:41 +0000 (UTC)
From: root@testmail.com
hello,this is test mail.
.quit //退出
+OK Logging out
Connection closed by foreign host.