Linux_Mail_Server
mail服務器分爲發郵件和收郵件,發郵件主要由sendmail來完成,收郵件主要由dovecot來完成,固然也有其它的軟件,該文介紹sendmail+dovecot=mail服務器的架設。
配置mail服務器所需軟件
配置mail服務器所需軟件
[root@ding ~]# rpm -qa | grep sendmail sendmail-cf-8.13.8-8.1.el5_7 sendmail-8.13.8-8.1.el5_7 [root@ding ~]# rpm -qa | grep m4 m4-1.4.5-3.el5.1
配置主配置文件 node
[root@ding ~]# vi /etc/mail/sendmail.mc
52 TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl 開啓認證
53 define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLA
IN')dnl
116 DAEMON_OPTIONS(`Port=smtp,Addr=0.0.0.0, Name=MTA')dnl 修改成全網段監聽
寫進真正的配置文件 shell
[root@ding ~]# m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf
配置短域名 服務器
[root@ding ~]# vi /etc/mail/local-host-names 1 # local-host-names - include all aliases for your machine here. 2 ding 3 mail.ding
啓動sendmail dom
[root@ding ~]# service sendmail restart Shutting down sm-client: [ OK ] Shutting down sendmail: [ OK ] Starting sendmail: [ OK ] Starting sm-client: [ OK ] [root@ding ~]# service saslauthd restart Stopping saslauthd: [ OK ] Starting saslauthd: [ OK ] [root@ding ~]# netstat -ntl | grep 25 tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN
配置dovecot tcp
[root@ding ~]# rpm -qa | grep dovecot dovecot-1.0.7-8.el5_9.1 [root@ding ~]# vi /etc/dovecot.conf 20 protocols = imap imaps pop3 pop3s [root@ding ~]# service dovecot restart Stopping Dovecot Imap: [ OK ] Starting Dovecot Imap: [ OK ] [root@ding ~]# netstat -ntl | grep 143 tcp 0 0 :::143 :::* LISTEN
配置foxmail客戶端 oop
Email Adress: dh@ding passsword: ******** Receiver type: pop3 Account: dh password: ******** IMAP server: mail.ding SMTP server: mail.ding
mail.ding郵箱自發自收成功 ui
[root@ding ~]# mail -s "hello" dh@mail.ding hi, I am ding. . Cc: tail -F /var/log/maillog Jan 1 17:25:08 ding sendmail[11012]: t021P8LM011012: from=root, size=44, class=0, nrcpts=1, msgid=<201501020125.t021P8LM011012@ding.net>, relay=root@localhost Jan 1 17:25:08 ding sendmail[11013]: t021P8cw011013: from=<root@ding.net>, size=295, class=0, nrcpts=1, msgid=<201501020125.t021P8LM011012@ding.net>, proto=ESMTP, daemon=MTA, relay=ding [127.0.0.1] Jan 1 17:25:08 ding sendmail[11014]: t021P8cw011013: forward /home/dh/.forward.localhost: World writable directory Jan 1 17:25:08 ding sendmail[11014]: t021P8cw011013: forward /home/dh/.forward: World writable directory Jan 1 17:25:08 ding sendmail[11012]: t021P8LM011012: to=dh@mail.ding, ctladdr=root (0/0), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=30044, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (t021P8cw011013 Message accepted for delivery) Jan 1 17:25:08 ding sendmail[11014]: t021P8cw011013: to=<dh@mail.ding>, delay=00:00:00, xdelay=00:00:00, mailer=local, pri=30471, dsn=2.0.0, stat=Sent
ding sendmail server(192.168.0.114)和 hding sendmail server(192.168.0.111)互發郵件: XP(192.168.0.101)用foxmail做爲客戶端: .net
分析:兩臺server分別有本身的DNS server,分別有本身的sendmail server,即它們是互相獨立的,如何能讓對方認出本身,給本身發郵件,須要DNS互相解析,其中這邊應用的是forward DNS rest
[root@hding ~]# vi /etc/named.conf
26 zone "ding" {
27 type forward;
28 forwarders {192.168.0.114;};
29 };
[root@ding ~]# vi /etc/named.conf
27 zone "hding" {
28 type forward;
29 forwarders {192.168.0.111;};
30 };
客戶端也須要能解析這兩邊的地址,因此只須要指向他們其中的一個做爲DNS server則能所有解析出來 日誌
mail over ssl[root@hding ~]# cd /etc/pki/tls/certs/
[root@hding certs]# make sendmail.pem
umask 77 ; \
PEM1=`/bin/mktemp /tmp/openssl.XXXXXX` ; \
PEM2=`/bin/mktemp /tmp/openssl.XXXXXX` ; \
/usr/bin/openssl req -utf8 -newkey rsa:2048 -keyout $PEM1 -nodes -x509 -days 365 -out $PEM2 -set_serial 0 ; \
cat $PEM1 > sendmail.pem ; \
echo "" >> sendmail.pem ; \
cat $PEM2 >> sendmail.pem ; \
rm -f $PEM1 $PEM2
Generating a 2048 bit RSA private key
................................+++
....................+++
writing new private key to '/tmp/openssl.pw7007'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [GB]:
State or Province Name (full name) [Berkshire]:
Locality Name (eg, city) [Newbury]:
Organization Name (eg, company) [My Company Ltd]:
Organizational Unit Name (eg, section) []:qa
Common Name (eg, your name or your server's hostname) []:hding
Email Address []:dh@mail.hding
[root@hding certs]# vi /etc/mail/sendmail.mc
134 DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, M=s')dnl
60 define(`confCACERT_PATH', `/etc/pki/tls/certs')dnl
61 define(`confCACERT', `/etc/pki/tls/certs/ca-bundle.crt')dnl
62 define(`confSERVER_CERT', `/etc/pki/tls/certs/sendmail.pem')dnl
63 define(`confSERVER_KEY', `/etc/pki/tls/certs/sendmail.pem')dnl
[root@hding certs]# m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf
[root@hding certs]# service sendmail restart
Shutting down sm-client: [ OK ]
Shutting down sendmail: [ OK ]
Starting sendmail: [ OK ]
Starting sm-client: [ OK ]
[root@hding certs]# vi /etc/dovecot.conf
85 ssl_disable = no
91 ssl_cert_file = /etc/pki/dovecot/certs/dovecot.pem
92 ssl_key_file = /etc/pki/dovecot/private/dovecot.pem
[root@hding certs]# service dovecot restart
Stopping Dovecot Imap: [ OK ]
Starting Dovecot Imap: [ OK ]
[root@hding certs]# netstat -ntlp
tcp 0 0 0.0.0.0:465 0.0.0.0:* LISTEN 7063/sendmail: acce
tcp 0 0 :::995 :::* LISTEN 7097/dovecot
sendmail log: Jan 9 16:06:09 hding sendmail[7151]: STARTTLS=server, relay=[192.168.0.101], version=TLSv1/SSLv3, verify=NO, cipher=DHE-RSA-AES256-SHA, bits=256/256 Jan 9 16:06:10 hding sendmail[7151]: AUTH=server, relay=[192.168.0.101], authid=dh@hding, mech=LOGIN, bits=0 Jan 9 16:06:10 hding sendmail[7151]: t0A0696o007151: from=<dh@hding>, size=1237, class=0, nrcpts=1, msgid=<2015011822462078142417@hding>, proto=ESMTP, daemon=TLSMTA, relay=[192.168.0.101] Jan 9 16:06:23 hding sendmail[7153]: t0A0696o007151: to=<dh@mail.ding>, ctladdr=<dh@hding> (501/501), delay=00:00:13, xdelay=00:00:13, mailer=esmtp, pri=121237, relay=mail.ding. [192.168.0.114], dsn=2.0.0, stat=Sent (t0226na6011114 Message accepted for delivery) dovecot log: Jan 9 16:09:43 hding sendmail[7160]: STARTTLS=server, relay=[192.168.0.114], version=TLSv1/SSLv3, verify=NO, cipher=DHE-RSA-AES256-SHA, bits=256/256 Jan 9 16:09:43 hding sendmail[7160]: t0A09hjW007160: from=<dh@ding.net>, size=1395, class=0, nrcpts=1, msgid=<2015011822495417159318@ding>, proto=ESMTP, daemon=MTA, relay=[192.168.0.114] Jan 9 16:09:43 hding sendmail[7161]: t0A09hjW007160: forward /home/dh/.forward.hding: World writable directory Jan 9 16:09:43 hding sendmail[7161]: t0A09hjW007160: forward /home/dh/.forward: World writable directory Jan 9 16:09:43 hding sendmail[7161]: t0A09hjW007160: to=<dh@mail.hding>, delay=00:00:00, xdelay=00:00:00, mailer=local, pri=31634, dsn=2.0.0, stat=Sent Jan 9 16:10:03 hding dovecot: pop3-login: Aborted login: user=<dh@hding>, method=PLAIN, rip=::ffff:192.168.0.101, lip=::ffff:192.168.0.111, TLS Jan 9 16:10:03 hding dovecot: pop3-login: Login: user=<dh>, method=PLAIN, rip=::ffff:192.168.0.101, lip=::ffff:192.168.0.111, TLS Jan 9 16:10:03 hding dovecot: POP3(dh): Disconnected: Logged out top=0/0, retr=1/1717, del=0/15, size=31636
此次server的搭建過程當中遇到的問題,總結以下:
1 foxmail中不讓用mail.ding做爲域名解析, 緣由不是由於尋找不到主機,而是由於我把client相應的DNS設置成備用的,設置成主用便可
2 foxmail中設置pop3與imap的方式不一樣,pop3設置帳號須要郵件全名dh@xxx, IMAP卻不能寫全名,只能寫dh而無需@xxx
3 Dec 31 19:53:45 ding sendmail[7647]: t013rjmj007645: to=<dh@mail.hding>, ctladdr=<dh@ding> (501/501), delay=00:00:00, xdelay=00:00:00, mailer=esmtp, pri=121182, relay=mail.hding. [192.168.0.111], dsn=5.6.0, stat=Data format error hosts中127.0.0.1中的主機名要排在第一個,比localhost前 [root@ding mail]# vi /etc/hosts 1 # Do not remove the following line, or various programs 2 # that require network functionality will fail. 3 127.0.0.1 ding ding.net 4 ::1 localhost6.localdomain6 localhost6
4 Jan 8 16:53:37 localhost sendmail[6444]: t090rb5Q006442: SYSERR(root): ding.localdomain. config error: mail loops back to me (MX problem?) Jan 8 16:53:37 localhost sendmail[6444]: t090rb5Q006442: to=<dh@ding.localdomain>, ctladdr=<root@localhost.localdomain> (0/0), delay=00:00:00, xdelay=00:00:00, mailer=esmtp, pri=120325, relay=ding.localdomain. [192.168.0.114], dsn=5.3.5, stat=Local configuration error 日誌看出是localdomain發出來的,顯然主機名不對,設置完主機名後須要重啓 vi /etc/hosts vi /etc/sysconfig/network hostname
5 Jan 8 17:08:03 localhost sendmail[6491]: t09180FI006491: to=dh@ding, ctladdr=root (0/0), delay=00:00:03, xdelay=00:00:03, mailer=relay, pri=30031, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (t09180Fo006492 Message accepted for delivery) Jan 8 17:08:25 localhost sendmail[6494]: t09180Fo006492: to=<dh@ding.com>, ctladdr=<root@hding.com> (0/0), delay=00:00:22, xdelay=00:00:22, mailer=esmtp, pri=120284, relay=ding-com.mail.protection.outlook.com. [213.199.154.23], dsn=5.7.1, stat=User unknown 不能發@ding, 必需是mail.ding
6 Jan 8 16:46:02 localhost sendmail[6394]: t090k2uo006392: to=<dh@ding>, ctladdr=<root@localhost.localdomain> (0/0), delay=00:00:00, xdelay=00:00:00, mailer=esmtp, pri=120313, relay=ding, dsn=5.1.2, stat=Host unknown (Name server: ding: host not found) 本地DNS不能解析對方的server,因此在發以前先用nslookup看看
7 Jan 8 10:55:04 localhost sendmail[5549]: t08It4xn005549: ding.terry.com [192.168.0.114] did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA MTA已是ding,主機名倒是ding.terry.com
目前兩臺server總算工做正常,中間也在網上找了不少資料,好不容易搞能了,但願能幫助其它人早日找到解決問題的辦法
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
歡迎關注本站公眾號,獲取更多信息
