Shulou(Shulou.com)06/01 Report--

SMTP (2)

Telnet remote link: (anyone can link, there is a security risk)

Telnet: forbid anyone to remotely link to my host to send email (any user of my host cannot be linked)

Vim / etc/postfix/access

172.25.254.131REJECT

Postmap access (generate access.db encrypted files)

Postconf-d | grep client

Postconf-e "smtpd_client_restrictions = check_client_accesshash:/etc/postfix/access" (check_client_access: testing customers)

Vim / etc/postfix/main.cf

Systemctl restart postfix.service

Test:

Delete this setting

Vim / etc/postfix/access (delete prohibition)

Postmap access (re-encryption)

Systemctl restart postfix.service

Set which of my host users cannot be linked remotely (locally) to send mail, but this user can receive mail (useless forbidden host users can link)

Vim / etc/postfix/sender

Postmap sender (write the full user name)

Postconf-d | grep sender

Postconf-e "smtpd_client_restrictions = check_sender_accesshash:/etc/postfix/sender" (check_sender_access: detect users)

Systemctl restart postfix.service

Test:

Which of my host users cannot receive email (those who log in remotely and those sent locally cannot receive it)

Before modification (student users can receive email)

Vim / etc/postfix/recip

Postconf-d | grep recip

Postconf-e "smtpd_recipient_restrictions = check_recipient_accesshash:/etc/postfix/recip"

Systemctl restart postfix.service

Test:

Log in to verify that the user receives email:

Yum install dovecot-y

Vim / etc/dovecot/dovecot.conf

Disable_plaintext_auth = no

Cd / etc/dovecot/conf.d

Vim 10-mail.conf

Mail_location = mbox:~/mail:INBOX=/var/mail/%u

Test: mutt-f imap://studnet@172.25.254.231 (provided the file / mail/.iamp/INDOX exists under / home/studnet)

Database connection mailbox:

Web page management database:

Create a database: mail

Create a table: muser

Create a user:

Give permission:

Query:

Cd / etc/postfix

Vim mysql-user.cf

Hosts = localhost

User = postfix

Password = postfix

Dbname = email

Table = muser

Select_field = username

Where_field = username

Query test: postmap-Q "admin@dd.org" / etc/postfix/mysql-user.cf

Vim mysql-domain.cf

Hosts = localhost

User = postfix

Password = postfix

Dbname = email

Table = muser

Select_field = domain

Where_field = domain

Query test: postmap-Q "dd.org" / etc/postfix/mysql-domain.cf

Vim mysql-maildri.cf

Hosts = localhost

User = postfix

Password = postfix

Dbname = email

Table = muser

Select_field = mailder

Where_field = username

Query test: postmap-Q "admin@dd.org" / etc/postfix/mysql-maildir.cf

Send email to virtual users in the database

Groupadd-g 666 vmail

Useradd-g 666-u 666 vmain

Virtual_gid_maps = static:666

Virtual_uid_maps = static:666

Virtual_mailbox_base = / home/vmail

Virtual_alias_maps = mysql:/etc/postfix/mysql-user.cf

Virtual_mailbox_domains = mysql:/etc/postfix/mysql-domain.cf

Virtual_mailbox_maps = mysql:/etc/postfix/mysql-maildir.cf

Cd / home/vmail

Virtual users in the database receive email

Vim dovecot.conf

Protocols = imap pop3 lmtp

Disable_plaintext_auth = no

Vim dovecot-sql.conf.ext

Driver = mysql

Connect = host=localhost dbname=email user=postfix password=postfix

Default_pass_scheme = PLAIN

Password_query =\

SELECT username, domain, password\

FROM muser WHERE username ='% u 'AND domain ='% d'

User_query = SELECT mailder, 666 AS uid, 666 AS gid FROM muserWHERE username ='% u'

Be careful and make sure you don't make mistakes.

Vim 10-auth.conf

! include auth-system.conf.ext

! include auth-sql.conf.ext

Vim 10-mail.conf

Mail_location

Maildir:/home/vmail/%d/%n

First_valid_uid = 666,

First_valid_gid = 666,

Empty mail shell:

Empty shell:

Configure dns:

Vim / etc/named.rfc1912.zones

Zone "dd.org" IN {

Type master

File "dd.org.zone"

Allow-update {none;}

}

Vim/var/name/dd.org.zone

(please refer to the knowledge of DNS mentioned above.)

Test: (the dd.org field really points to 172.25.254.131)

Configuration / etc/postfix/main.cf

Myhostname = dd.dd.com (real shell hostname)

Mydomain = dd.com (real domain name)

Myorigin = dd.org (empty shell of which domain)

Inet_interfaces = all (open interface 25)

Local_transport = error:local delivery disabled (error if sending mail to "empty shell")

Mydestination= (write nothing: because you don't receive and process any mail as an empty shell)

Relayhost = 172.25.254.231 (main mail processing server)

Systemctl restartpostfix.service

The real server that accepts mail: (MTA: Mail server)

Vim/etc/postfix/main.cf

Mynetworks = 172.25.254.131 (who is my empty shell)

Systemctl restartpostfix.service

Test:

To admin@dd.org.

Send an email

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.