> 搭建内部邮箱服务器，可以在员工离职回收邮箱，避免文件泄露。

 

## 配置postfix

 

```

# 设置主机名

[root@localhost ~]# hostnamectl --static set-hostname mail.hellopasswd.com

 

# 查看主机名

[root@mail ~]# hostname

```

 

> CentOS 7默认情况下已安装postfix

 

```

# 检测系统是否安装postfix

[root@mail ~]# rpm -q postfix

 

# 安装postfix

[root@mail ~]# yum install -y postfix

 

# 检查postfix是否支持devecot代理

[root@mail ~]# postconf -a

```

 

```

# 修改postfix的主配置文件main.cf

[root@mail ~]# vi /etc/postfix/main.cf

将#myhostname = host.domain.tld去除注释并修改为myhostname = mail.hellopasswd.com    #修改主机名

将#mydomain = domain.tld去除注释并修改为mydomain = hellopasswd.com    #设置域名

将#myorigin = $myhostname去除注释并修改为myorigin = $mydomain    #设置发送邮件时mail from的值

去除注释#inet_interfaces = all为inet_interfaces = all    #设置监听所有服务器接口

并将inet_interfaces = localhost注释#inet_interfaces = localhost

在mydestination = $myhostname, localhost.$mydomain, localhost后添加$mydomain为mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain    #设置邮件服务器可以接受哪些邮件

将#mynetworks = 168.100.189.0/28, 127.0.0.0/8去除注释并修改为mynetworks = 192.168.37.0/24, 127.0.0.0/8    #设置该服务器可以转发邮件的网络

将#relay_domains = $mydestination去除注释并修改为relay_domains = $mydomain    #该邮件服务器可以转发的邮件域名，表示该服务器可以转发本域名内的所有邮件

去除注释#home_mailbox = Maildir/为home_mailbox = Maildir/    #设置邮件的存储位置，为每一个邮件保存成一个文件

 

# 检查是否存在语法错误

[root@mail ~]# postfix check

```

 

```

# 开放smtp所使用的TCP端口

[root@mail ~]# firewall-cmd --permanent --add-port=25/tc

 

# 开放postfix所使用的smtp协议

[root@mail ~]# firewall-cmd --permanent --add-service=smtp

 

# 加载防火墙

[root@mail ~]# firewall-cmd --reload

 

# 启动postfix服务

[root@mail ~]# systemctl start postfix

 

# 设置开启自启

[root@mail ~]# systemctl enable postfix

 

# 查看postfix运行状态

[root@mail ~]# systemctl status postfix

```

 

## 配置devecot

 

```

# 安装dovecot

[root@mail ~]# yum install -y dovecot

 

# 检查dovecot是否安装成功

[root@mail ~]# rpm -q dovecot

```

 

```

# 修改dovecot服务配置

[root@mail ~]# vi /etc/dovecot/dovecot.conf

去除注释#protocols = imap pop3 lmtp为protocols = imap pop3 lmtp    #指定支持的收件协议

去除注释#listen = *, ::为listen = *, ::    #监听本机的所有网络接口

将#login_trusted_networks =去除注释并添加login_trusted_networks = 192.168.37.0/24    #指定允许登录的网络地址，表示与服务器同一网段都允许登录

 

# 修改邮件存储位置

[root@mail ~]# vi /etc/dovecot/conf.d/10-mail.conf

去除注释#   mail_location = maildir:~/Maildir为mail_location = maildir:~/Maildir    #表示存储邮件时，每一个邮件存储成一个文件

```

 

```

# 开放pop3协议

[root@mail ~]# firewall-cmd --permanent --add-service=pop3

 

# 开放pop3协议端口号

[root@mail ~]# firewall-cmd --permanent --add-port=110/tcp

 

# 开放imap协议

[root@mail ~]# firewall-cmd --permanent --add-service=imap

 

# 开放imap协议端口号

[root@mail ~]# firewall-cmd --permanent --add-port=143/tcp

 

# 加载防火墙

[root@mail ~]# firewall-cmd --reload

```

 

```

# 启动dovecot服务

[root@mail ~]# systemctl start dovecot

 

# 加入开机自启

[root@mail ~]# systemctl enable dovecot

 

# 查看状态

[root@mail ~]# systemctl status dovecot

```

 

## 邮件服务器创建用户以及使用telnet服务

 

```

# 服务器端创建测试用户组mail

[root@mail ~]# groupadd mail

 

# 创建测试用户user1

[root@mail ~]# useradd -g mail -s /sbin/nologin user1

 

# 创建测试用户user2

[root@mail ~]# useradd -g mail -s /sbin/nologin user2

 

# 设置测试用户密码

[root@mail ~]# passwd user1

123

[root@mail ~]# passwd user2

123

```

 

```

# 服务器安装telnet服务器

[root@mail ~]# yum install -y telnet-server

 

# 启动telnet服务

[root@mail ~]# systemctl start telnet.socket

 

# 将telnet服务设置为开启自启

[root@mail ~]# systemctl enable telnet.socket

 

# 开放telnet服务

[root@mail ~]# firewall-cmd --permanent --add-service=telnet

 

# 开放telnet端口

[root@mail ~]# firewall-cmd --permanent --add-port=23/tcp

 

# 重新加载防火墙

[root@mail ~]# firewall-cmd --reload

```

 

## 客户端收发邮件测试

 

```

# 客户端安装telnet软件

[root@localhost ~]# yum install telnet.x86_64

 

# 硬解析

[root@localhost ~]# vi /etc/hosts

添加192.168.37.137    mail.hellopasswd.com    #添加服务器IP以及邮箱解析域名

 

# 连接邮件服务器的25端口，进行客户端发送邮件测试

[root@localhost ~]# telnet mail.hellopasswd.com 25

mail from:user1@hellopasswd.com    #告知发件人

rcpt to:user2@hellopasswd.com    #告知收件人

DATA    #告知服务器要开始传送数据

subject:The first mail    #邮件主题

Hello World!    #内容

.    #邮件已点结束

quit    #退出邮件服务器

```

 

```

# 客户端连接服务器的110端口，进行客户端接收邮件测试

[root@localhost ~]# telnet mail.hellopasswd.com 110

user user2    #收件人用户名user2

pass 123    #user2的密码

list    #列出邮箱中的所有邮件

retr 1    #检索第一封邮件

quit    #退出并结束telnet会话

```

 

## 常见故障

 

```

# 接收邮件填写用户名时出现报错信息

-ERR [AUTH] Plaintext authentication disallowed on non-secure (SSL/TLS) connections.

 

# 解决方法

[root@mail ~]# vi /etc/dovecot/conf.d/10-auth.conf

将#disable_plaintext_auth = yes去除注释并修改disable_plaintext_auth = no

 

[root@mail ~]# vi /etc/dovecot/conf.d/10-ssl.conf

将ssl = required修改为ssl = no

 

[root@mail ~]# systemctl restart dovecot

```

 

```

# 完整发送邮件内容

[root@localhost ~]# telnet 192.168.37.137 25

Trying 192.168.37.137...

Connected to 192.168.37.137.

Escape character is '^]'.

220 mail.hellopasswd.com ESMTP Postfix

mail from:user1@hellopasswd.com

250 2.1.0 Ok

rcpt to:user2@hellopasswd.com

250 2.1.5 Ok

DATA

354 End data with <CR><LF>.<CR><LF>

subject:The first mail

Hello World!

.

250 2.0.0 Ok: queued as 9CE072019CD6

quit

221 2.0.0 Bye

Connection closed by foreign host.

 

# 完整接收邮件内容

[root@localhost ~]# telnet 192.168.37.137 110

Trying 192.168.37.137...

Connected to 192.168.37.137.

Escape character is '^]'.

+OK Dovecot ready.

user user2

+OK

pass 123

+OK Logged in.

list

+OK 1 messages:

1 335

.

retr 1

+OK 335 octets

Return-Path: <user1@hellopasswd.com>

X-Original-To: user2@hellopasswd.com

Delivered-To: user2@hellopasswd.com

Received: from unknown (unknown [192.168.37.110])

by mail.hellopasswd.com (Postfix) with SMTP id 9CE072019CD6

for <user2@hellopasswd.com>; Thu, 30 Jul 2020 10:00:40 +0800 (CST)

subject:The first mail

 

Hello World!

.

quit

+OK Logging out.

Connection closed by foreign host.

```

 

## 配置空壳邮件服务器作为邮件代理

 

```

# 空壳邮件服务的主机设置为Null

[root@localhost ~]# hostnamectl --static set-hostname Null.hellopasswd.com

 

# 查看主机名

[root@Null ~]# hostname

```

 

```

# 修改postfix的主配置文件main.cf

[root@Null ~]# vi /etc/postfix/main.cf

将#myhostname = host.domain.tld去除注释并修改为myhostname = Null.hellopasswd.com    #修改邮件服务器主机名

将#mydomain = domain.tld去除注释并修改为mydomain = hellopasswd.com    #修改空壳服务器所在的域

将#myorigin = $myhostname去除注释并修改为myorigin = Null.com    #设置邮件服务器发送邮件是mail from的值

去除注释#inet_interfaces = all为inet_interfaces = all    #修改服务器的监听接口

并将注释inet_interfaces = localhost为#inet_interfaces = localhost

将mydestination = $myhostname, localhost.$mydomain, localhost修改为mydestination =    #由于空壳邮件服务器不接收任何邮件，因此将mydestination的值设置为空

将#mynetworks = 168.100.189.0/28, 127.0.0.0/8去除注释并修改为mynetworks = 192.168.37.0/24, 127.0.0.0/8    #修改邮件服务器可以转发邮件的网络ip地址

将#relayhost = [an.ip.add.ress]去除注释并修改为relayhost = 192.168.37.137    #修改邮件可以转发到指定的服务器

 

# 检查是否存在语法错误

[root@Null ~]# postfix check

```

 

```

# 开放smtp协议服务

[root@Null ~]# firewall-cmd --permanent --add-service=smtp

 

# 开放smtp协议的TCP的25端口

[root@Null ~]# firewall-cmd --permanent --add-port=25/tcp

 

# 重新加载防护墙

[root@Null ~]# firewall-cmd --reload

 

# 启动postfix服务

[root@Null ~]# systemctl start postfix

 

# 加入开机自启

[root@Null ~]# systemctl enable postfix

 

# 查看postfix运行状态

[root@Null ~]# systemctl status postfix

```

 

## 空壳邮件服务器发送邮件测试

 

```

# 通过安装mailx使用mail命令在空壳邮件服务器进行发送邮件测试

[root@Null ~]# yum install -y mailx

 

[root@Null ~]# mail user2@hellopasswd.com    #发送邮件给user2

Subject: The last mail    #邮件主题

Goodbye!    #邮件内容

.    #邮件内容已点结束

 

# 查看日志是否发送邮件成功

[root@Null ~]# cat /var/log/maillog

Jul 28 02:32:19 localhost postfix/postfix-script[2567]: starting the Postfix mail system

Jul 28 02:32:19 localhost postfix/master[2584]: daemon started -- version 2.10.1, configuration /etc/postfix

Jul 28 06:07:11 localhost postfix/pickup[19974]: 9234A20E472E: uid=0 from=<root>

Jul 28 06:07:11 localhost postfix/cleanup[20036]: 9234A20E472E: message-id=<20200727220711.9234A20E472E@Null.hellopasswd.com>

Jul 28 06:07:11 localhost postfix/qmgr[2602]: 9234A20E472E: from=<root@Null.com>, size=447, nrcpt=1 (queue active)

Jul 28 06:07:13 localhost postfix/smtp[20038]: 9234A20E472E: to=<user2@hellopasswd.com>, relay=192.168.37.137[192.168.37.137]:25, delay=2.4, delays=0.09/0.05/2.2/0.03, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 7BFB92019CD6)

Jul 28 06:07:13 localhost postfix/qmgr[2602]: 9234A20E472E: removed

```

 

## 客户端接收邮件测试

 

```

# 客户端硬解析

[root@localhost ~]# vi /etc/hosts

添加192.168.37.137    mail.hellopasswd.com    #添加服务器IP以及邮箱解析域名

 

# 客户端在通过110端口连接dovecot服务接收邮件测试

[root@localhost ~]# telnet mail.hellopasswd.com 110

Trying 192.168.37.137...

Connected to mail.hellopasswd.com.

Escape character is '^]'.

+OK Dovecot ready.

user user2

+OK

pass 123

+OK Logged in.

list

+OK 2 messages:

1 335

2 748

.

retr 2

+OK 748 octets

Return-Path: <root@Null.com>

X-Original-To: user2@hellopasswd.com

Delivered-To: user2@hellopasswd.com

Received: from Null.hellopasswd.com (unknown [192.168.37.110])

by mail.hellopasswd.com (Postfix) with ESMTP id 7BFB92019CD6

for <user2@hellopasswd.com>; Thu, 30 Jul 2020 11:03:51 +0800 (CST)

Received: by Null.hellopasswd.com (Postfix, from userid 0)

id 9234A20E472E; Tue, 28 Jul 2020 06:07:11 +0800 (CST)

Date: Tue, 28 Jul 2020 06:07:11 +0800

To: user2@hellopasswd.com

Subject: The last mail

User-Agent: Heirloom mailx 12.5 7/5/10

MIME-Version: 1.0

Content-Type: text/plain; charset=us-ascii

Content-Transfer-Encoding: 7bit

Message-Id: <20200727220711.9234A20E472E@Null.hellopasswd.com>

From: root@Null.com (root)

 

Goodbye!

.

quit

+OK Logging out.

Connection closed by foreign host.

```