Shulou(Shulou.com)06/02 Report--

Table of contents:

(1) understand the whole sending and receiving process of email

(2) configure postfix mail server

(3) use the graphics client to send and receive mail

(1) understand the whole sending and receiving process of email

(1.1) E-mail is a frequently used information transmission service in our daily life. We may use our own company's mail server, or we may use the well-known mail servers provided on the Internet, such as QQ Mail, 163,126mailboxes, etc., the process of sending and receiving email is the same. Suppose there is a 126mail server with two accounts on the mail server, tom@126.com and bob@126.com. At this time, if tom wants to send mail to bob, then after he sends the mail, the mail will first arrive at the 126mail server and marked "to:bob@126.com". At this time, the server finds that the mail sent belongs to its own registered user. When bob enters his mailbox and finds that he has an unread email, the tom user completes the need to send email to bob, which is the process of sending email in the same mail server.

Now there is another QQ mail server mail.qq.com in our environment, and there is also a domain name resolution server ns.qq.com in the domain of QQ, which resolves the domain names of all hosts in the domain, assuming that there is a mary@qq.com account on the QQ server. Tom@126.com is ready to send an email to the mary@qq.com user and mark "to:mary@qq.com". When the server receives the email, it finds that mary@qq.com is not an account in its own server, so the server needs to know the IP address of the QQ mail server. The server will first send the request to query the IP address to the DNS server in its own domain. The mail server in the domain 126 queries the DNS server mainly through recursive query. At this time, the DNS server in the 126domain will query 13 root domain name servers around the world. Through iterative query, it has experienced root domain, top-level domain, first-level domain and secondary domain. Finally, the DNS server in the QQ domain is found, and the DNS server in the QQ domain sends a query request to the DNS server in the QQ domain: "do you know which mail server is in the QQ domain?" At this point, the DNS server in the QQ domain will query the MX record on its own server to find the high-priority mail server, and respond to the DNS server in the domain: "Yes, the mail server in the domain is mail1.qq.com." then the DNS server in the domain continues to ask, "what is the A record of the mail1.qq.com host?" At this time, the DNS server in the QQ domain will reply, "Yes, the A record of mail1.qq.com is xxx". At this time, the DNS server in the 126domain will tell the mail server in the QQ domain the result of the query. When the mail server in the QQ domain knows the mail server in the QQ domain, it will send the "to:mary@qq.com" mail from the server to the mail server in the QQ domain. At this time, the QQ mail server finds that mary is an account in its own server, and the mail will be delivered to the mary account. Mary can check the mail in its own account through the browser or mail client. This is the workflow of the entire mail server.

We usually use some clients when sending and receiving email, such as Outlook mailbox, Foxmail mailbox, Thunderbird mailbox and so on. For these client tools, we call them MUA (Mail user Agent). When we send mail, we use SMTP (simple Mail transfer Protocol), in which the simple Mail transfer Protocol uses port 25 of TCP; when receiving mail, we use POP3 (Post Office Protocol version 3) or IMAP (Interactive Mail access Protocol). For POP3, port 110of TCP is used, and port 143of TCP is used for IMAP. If we want to build a host into a mail server, then we need to install the corresponding software, such as postfix, sendmail, Exchange Server, etc., which we call MTA (Mail transfer Agent). When the user tom sends an email to bob or mary, the mail will first arrive at the 126mail server, and then the 126mail server will deliver the mail. This process of mail delivery, which we call MDA (Mail delivery Agent), is a process in postfix. The protocol we use on the client side is POP3 or IMAP, which is provided by dovecot. After installation, users can receive mail normally, which we call MRA (Mail receiving Agent). After receiving the mail sent by tom, the mailbox finds that it needs to be forwarded to mary. This forwarding process is called relay (forwarding). At this time, it will lead to a concept of openrelay, indicating that there are no restrictions on a mail server, and anyone in the world can send and forward mail to my server, even without registering on my mail server, or directly ask my server to send and forward mail. At this time, our mail server is in the state of openrelay. There will be a subscription RBL (real-time blacklist) on the Internet, which will add abnormal mail servers in the Internet to the real-time blacklist of RBL. At this time, if the target mail server subscribes to RBL, it will no longer receive the mail sent by our abnormal mail server.

(2) configure postfix mail server

First, we configure the DNS service on the vms001 host, create an aa.conf configuration file in the / etc/unbound/local.d directory, and fill in the corresponding DNS parsing entry. Then, after we set the DNS server to 192.168.26.101 on the vms002 host, we can query the hostname of the example.com domain as vms002.example.com, and then query the A record through the hostname to find that the IP address of the vms002 host is 192.168.26.102, and the query result is correct.

# host-t mx example.com

# host-t A vms002.example.com

(2.2) the postfix service is installed by default in our system. Go to the / etc/postfix directory and view the main.cf file. Of course, the configuration parameters in the main.cf file do not contain all the contents. If we want to see all the parameter information, we can use the postconf command, where postconf is the current value of all parameters, and postconf-d is the default value of all parameters. There are 816 parameters in Postconf, and only the commonly used parameters are placed in the main.cf file.

(2.3) the main.cf file of the vms002 host mainly contains common parameters, the specific format is as follows, and we must start with the top box when defining parameters in the configuration file, otherwise it will be the continuation of the previous line by default by the system. Myhostname is a very important parameter, if we do not set a specific value, then there will be a default value in postconf, which is usually the hostname.

Format:

Key1=value1,value11

Key2=value2

Key3=$key1,value3

At this time key3=value1,value11,value3

# postconf myhostname

# postconf | grep ^ myhost

(2.4) the default value of mydomain in the main.cf file will take the part after the first point of myhostname. If we modify the myhostname through the postconf-e parameter, then the modified result will be directly recorded in the main.cf file. At this time, when you use postconf to query mydomain, you will find that the result will also be changed to the part after the first point of myhostname. If the changes are made through the configuration file, then the service needs to be restarted to take effect, while the changes made through the command line will take effect immediately.

# postconf | grep ^ mydom

# postconf-e myhostname=aa.bb.cc.dd.ee.com

(2.5) the main function of the myorigin parameter in the main.cf file is to automatically complete the suffix name information of the recipient's mailbox. We query that the default value of the myorigin parameter is $myhostname. Now that we use the root user on the vms002 host to send an email to the jerry user, we try to use jerry or jerry@vms002.example.com as the recipient, and we find that the email sent in both ways can see the following message normally. So if you encounter a recipient who is not in a standard email format, such as jerry, then postfix will automatically complete it to jerry@$myorigin or jerry@vms002.example.com.

# mail-u jerry

# echo "Hello I'm root" | mail-s "Hello jerry" jerry@vms002.example.com

(2.6) the inet_interfaces in the main.cf file indicates the port that the current service is listening on. By default, it is listening on the host loopback interface. In this case, we should set it to listen on all interfaces. Finally, remember to add the firewall to the SMTP can be passed.

# systemctl restart postfix.service

# netstat-tunlp | grep: 25

# firewall-cmd-add-service=smtp-permanent

(2.7) inet_protocols in main.cf file indicates the listening protocol. You can choose to listen to ipv4 or ipv6. By default, you can listen to all all.

(2.8) mydestination in the main.cf file indicates that when the mail server delivers the mail that needs to be sent, it determines whether the recipient of the mail is a list library of its own registered user. For example, root users can normally deliver mail to the mailbox of jerry users by using jerry@vms002.example.com as the recipient name. However, using jerry@example.com as the recipient name cannot be delivered to the mailbox of jerry users by default. If we want to receive a recipient name in a regular format like jerry@example.com, we need to add the $mydomain parameter, because mydomain represents everything after the first point of myhostname, so open the configuration of the second line of mydestination (figure 2-20). When the option of $mydomain is added after the mydestination parameter in the main.cf file in the / etc/postfix/ directory and the service is restarted, the jerry@example.com recipient information can be identified normally and the mail can be delivered correctly (figure 2-22). If you do not add the $mydomain parameter, the vms002 mail server will constantly ask the DNS server what the address of the host to send mail is, while the DNS server will reply to the vms002 host itself. After forwarding it to yourself, you will find that the email suffix is not a mainland registered user of your domain name. This will ask DNS, creating an endless cycle, so it is recommended to add this parameter in general.

# tailf / var/log/maillog--- to view the backend log sent by email

# echo "Hello I'm root" | mail-s' Hello jerry' jerry@example.com

(2.9) mynetworks in the main.cf file represents the IP address range that allows the use of openrelay, and the mynetworks value represents the default IP address range. Only hosts in this range can use openrelay for mail forwarding (figure 2-29). Now we create a new host MailTest (192.168.26.103), and then configure the relevant CD image mount, YUM source and other information of the mail test host. At this time, there is no xxyy user on the vms002 host, but we can use the xxyy account on the MailTest host to send mail. We installed the telnet software on the MailTest host and edited the sent email message (figure 2-27). At this time, we found on the vms002 host that the jerry user has received the email sent by the xxyy account that does not exist (figure 2-28). However, in general, we use the company's mailbox to send and receive emails. if we get home, the IP address may not be in the scope of mynetworks. At this time, it will be very troublesome if the email cannot be forwarded, so the range allowed by mynetworks is as large as possible. However, at this time, we can use the authentication of SMTP to solve the problem of openrelay, using the authentication of SMTP, so that users must enter user name and password information.

# telnet 192.168.26.102 25

\ > helo example.com

\ > mail from:xxyy@example.com

\ > rcpt to:jerry@example.com

\ > data

\ > ,I'm xxyy

\ >.-Terminator

\ > quit

# postconf | grep ^ mynetworks--- queries the default IP address range of mynetworks

(2.10) the relayhost in the main.cf file indicates which of our forwarding hosts is, and the host address on which we configure relayhost forwarding on the vms002 host is 192.168.26.103. We configure the relevant contents of the mail server on the MailTest host, first set the inet_interfaces of the MailTest host to listen on all addresses, then add the parameter mydestination to the $mydomain variable, and create a user jerry, restart the service on the MailTest host, and open the firewall of the MailTest host at the same time. At this time, after we restart the service on the vms002 host, although the vms002 host cannot resolve the domain name of the MailTest host, the email sent can still reach the middle-aged mailbox of the jerry user of the MailTest host normally, mainly because the value of relayhost is set (figure 2-35). Although the vms002 host found that jerry@server.example.com is not a registered user in its own domain name, it set the forwarding address relayhost So the vms002 host sends the mail directly to the MailTest host, while the MailTest host discovers that the mail is a registered user in its domain name through mydestination, so it delivers the mail directly to the mailbox of the jerry user.

# firewall-cmd-add-service=smtp-permanent

(2.11) at this time, if the root user on the vms002 host sends the email address to jerry@example.com, although the domain name of the MailTest host is example.com (figure 2-37), the domain name of the vms002 host is also example.com. Although we have configured the host address of relayhost forwarding on the vms002 host is 192.168.26.103, the final email will be received in the mailbox of the local jerry user (figure 2-36). This is because for the vms002 host, although relayhost is set, it will only take effect if the message sent is not a registered user of the vms002 host.

(2.12) if we want all the emails sent from the vms002 host to be forwarded to the MailTest host, we should set the value of mydestination to null at this time, and restart the mail service after setting the mydestination in the main.cf file to null on the vms002 host. We found that we did not receive any mail on the vms002 host, but the MailTest host received an email sent to the jerry@example.com address. This kind of mail forwarding function is generally used when the number of mail servers in the enterprise is very large. For example, the company has three mail servers, and we do not want the mail server to access the Internet directly. At this time, we can configure a mail gateway. At this time, all messages sent by the mail server are forwarded directly to the mail gateway. We can do more security policies, spam filtering policies, etc. To protect the security of our internal mail server. For example, the Edge Transport server, one of the five components in the Exchange server, plays this role.

(2.13) alias_maps in the main.cf file represents the configuration of alias information in the / etc/aliases file so that mail can be sent to the same type of user when sending mail. We define the alias all in the / etc/aliases file to represent a collection of root, jerry, and marry users that jerry@vms002.example.com receives when sending mail to all (figure 2-42). If we want to receive the mail in the normal format jerry@example.com, we can set myorigin=$mydomain to send mail to all at this time, and we can see the received mail information in all users' mailboxes on this machine (figure 2-44). Of course, if the number of users represented by all is very large, we can use the / etc/userlist file and then write the list of users to the userlist file.

# newaliases

(2.14) the home_mailbox in the main.cf file represents the file name that defines the user's mail storage. After the definition is completed, this file is usually stored in the user's home directory. By default, our mail is stored in the / var/spool/mail directory (figure 2-46). We set the value of home_mailbox to Mailbox, and then restart the mail service. At this time, a Mailbox file will be generated under all users' home directories to receive e-mail messages (figure 2-48). If we change the parameter of home_mailbox to Maildir/, after restarting the mail service, all sent messages will be stored in the Maildir directory under the user's own home directory.

# systemctl restart postfix.service

(3) use the graphics client to send and receive mail

Generally speaking, users are accustomed to using graphical interface when sending and receiving email, and POP3 or IMAP protocol is generally used when the client receives mail, listening on port 110and port 143respectively. If the client needs to connect to the server to receive mail, it needs to install dovecot software on the vms002 host. At the same time, you need to open the ports of pop3 and imap services at the firewall.

# yum install dovecot-y

# grep imap / etc/services--- query the port used by imap protocol

# grep pop3 / etc/services--- query the port used by pop3 protocol

# firewall-cmd-add-port=110/tcp-permanent

# firewall-cmd-add-port=143/tcp-permanent

Then we need to go to the / etc/dovecot/ directory to view the dovecot.conf configuration file, where the default value of the system protocols is these three parameters, where lmtp represents the local mail transfer protocol. Then you can go to the / etc/dovecot/conf.d/ directory, edit the 10-auth.conf configuration file, and whether to disable plaintext sending. Here we should set it to no. Then go to the / etc/dovecot/conf.d/ directory, edit the 10-mail.conf configuration file to set the value of mail_location to maildir:~/Maildir, and set the user to automatically receive the mail to the Maildir/ directory under the home directory after receiving the file. At the same time, we need to set the value of home_mailbox to Maildir/ in the main.cf file under the / etc/postfix/ directory on the vms002 host (figure 3-5-1) Finally, edit the 10-ssl.conf configuration file under the / etc/dovecot/conf.d/ directory. Since we do not need SSL verification, we set the value of ssl to no.

Then we found a Win7 system and installed the client Foxmail client software on the Win7 system, and then we chose to manually set up the mail server connected to the vms002 host and create the mailbox for the marry account.

Then we continue to create the mailbox of the jerry user on the mailbox client of Win7, and then we can try to use the jerry user to send mail to the marry user on the client side of the graphical interface.

At this point, we find that marry users can normally receive emails sent by jerry users on the client tools.

-this is the end of this article. Thank you for reading-

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.