Sendmail+Saslauthd+Dovecot部署邮件服务器

一、邮件服务器

1.基于Linux平台的邮件服务器包括：Sendmail、Postfix、Qmail

2.基于Windows平台的邮件服务器：Exchange

二、电子邮件基本概念

MUA（Mail User Agent）                    #接收邮件所使用的邮件客户端，使用IMAP或POP3协议与服务器通信
MTA（Mail Transfer Agent）                #通过SMTP协议发送、转发邮件
MDA（Mail Deliver Agent）                 #将MTA接收到的邮件保存到磁盘或指定地方，通常会进行垃圾邮件及病毒扫描
MRA（Mail Receive Agent）                 #负责实现IMAP与POP3协议，与MUA进行交互
SMTP（Simple Mail Transfer Protocol）     #传输发送邮件所使用的标准协议，TCP25端口，加密时使用TCP465端口
IMAP（Internet Message Access Protocol）  #接收邮件使用的标准协议之一，TCP143端口，加密时使用TCP993端口
POP3（Post Office Protocol 3）            #接收邮件使用的标准协议之一，TCP110端口，加密时使用TCP995端口#邮件服务器基本都有MTA、MDA、MRA组成
#常用的MUA有：outlook、thunderbird、Mac Mail、mutt
#常用的MTA有：sendmail、postfix
#常用的MDA有：procmail、dropmail
#常用的MRA有：dovecot

三、安装部署Sendmail

1.设置计算机名称、关闭防火墙、关闭selinux、语言设置为中文、卸载系统自带的postfix

hostnamectl set-hostname localhost.localdomainvi /etc/selinux/config
SELINUX=disabledlocalectl set-locale LANG='zh_CN.UTF-8'systemctl disable firewalldyum remove postfix

2.安装Sendmail

yum install sendmail* -yrpm -qa|grep sendmail
sendmail-milter-8.14.7-6.el7.x86_64  #拓展包
sendmail-doc-8.14.7-6.el7.noarch     #doc包
sendmail-cf-8.14.7-6.el7.noarch      #配置文件
sendmail-devel-8.14.7-6.el7.x86_64   #开发包
sendmail-8.14.7-6.el7.x86_64         #主程序包
sendmail-sysvinit-8.14.7-6.el7.noarch

3.Sendmail默认安装路径/etc/mail

rpm -ql sendmail
/etc/mail
/etc/mail/Makefile
/etc/mail/access
/etc/mail/access.db
/etc/mail/aliasesdb-stamp
/etc/mail/domaintablell /etc/mail
-rw-r--r-- 1 root root   469 Nov 28  2019 access            #控制邮件转发
-rw-r----- 1 root root 12288 Aug  5 15:31 access.db
-rw-r--r-- 1 root root     0 Aug  5 15:31 aliasesdb-stamp
-rw-r--r-- 1 root root   233 Nov 28  2019 domaintable
-rw-r----- 1 root root 12288 Aug  5 15:31 domaintable.db
-rw-r--r-- 1 root root  5584 Apr  1 12:28 helpfile
-rw-r--r-- 1 root root    64 Nov 28  2019 local-host-names  #配置邮件服务器域名
-rw-r--r-- 1 root root   997 Nov 28  2019 mailertable
-rw-r----- 1 root root 12288 Aug  5 15:31 mailertable.db
-rwxr-xr-x 1 root root  2700 Nov 28  2019 make
-rw-r--r-- 1 root root    92 Nov 28  2019 Makefile
-rw-r--r-- 1 root root 58498 Apr  1 12:28 sendmail.cf        #主配置文件
-rw-r--r-- 1 root root  7306 Nov 28  2019 sendmail.mc        #通过sendmail.mc生成sendmail.cf主配置文件
-rw-r--r-- 1 root root 41680 Apr  1 12:28 submit.cf
-rw-r--r-- 1 root root  1041 Apr  1 12:27 submit.mc
-rw-r--r-- 1 root root   127 Nov 28  2019 trusted-users
-rw-r--r-- 1 root root  1847 Nov 28  2019 virtusertable
-rw-r----- 1 root root 12288 Aug  5 15:31 virtusertable.db

4.Sendmail服务配置

#备份文件
cp /etc/mail/sendmail.cf /etc/mail/sendmail.cf.back
cp /etc/mail/sendmail.mc /etc/mail/sendmail.mc.back#通过/etc/mail/local-host-names设置邮件服务器提供邮件服务的域名为swireb.cn
echo "swireb.cn" >>/etc/mail/local-host-names#配置监听服务网卡地址为0.0.0.0，任何主机都可以访问Sendmail服务
sed -i 's/Addr=127.0.0.1/Addr=0.0.0.0/g' /etc/mail/sendmail.mc#开启SMTP所有的用户必须认证（将下面两行的dnl去除）
vim /etc/mail/sendmail.mc
dnl TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl dnl define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl#通过sendmail.mc生成sendmail.cf主配置文件
m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf

四、安装部署cyrus-sasl

1.cyrus-sasl简介

#Saslauthd服务作用：提供SMTP用户验证，检查用户名和密码是否正确，基于系统shadow文件实现验证配置

2.安装cyrus-sasl

#默认安装的有这个认证软件cyrus-sasl
rpm -qa|grep cyrus
cyrus-sasl-lib-2.1.26-23.el7.x86_64
cyrus-sasl-2.1.26-23.el7.x86_64#没有软件的话yum安装一下
yum install -y cyrus-sasl*

3.开启Saslauthd服务，提供SMTP用户验证（服务统一在后面开启）

五、安装部署Dovecot

1.Dovecot简介

#Dovecot是一个开源的IMAP和POP3邮件服务器，支持Linux/Unix系统，作为IMAP/POP3服务器，Dovecot为邮件用户代理（MUA）提供了一种访问服务器上存储的邮件方法#PS:Dovecot并不负责从其他邮件服务器接受邮件，Dovecot只是将已存储在邮件服务器上的邮件通过MUA显示出来

2.安装Dovecot

yum install -y dovecot* 

3.Dovecot服务配置

#开启POP3协议
vim /etc/dovecot/dovecot.conf
# Protocols we want to be serving.
protocols = imap pop3 lmtp   #开启POP3# A comma separated list of IPs or hosts where to listen in for connections. 
# "*" listens in all IPv4 interfaces, "::" listens in all IPv6 interfaces.
# If you want to specify non-default ports or anything more complex,
# edit conf.d/master.conf.
listen = *   #监听全部

4.Dovecot服务配置禁止SSL登录，同时设置邮箱路径

vim /etc/dovecot/conf.d/10-ssl.conf 
# SSL/TLS support: yes, no, required. <doc/wiki/SSL.txt>
# disable plain pop3 and imap, allowed are only pop3+TLS, pop3s, imap+TLS and imaps
# plain imap and pop3 are still allowed for local connections
ssl = no vim /etc/dovecot/conf.d/10-auth.conf
# Disable LOGIN command and all other plaintext authentications unless
# SSL/TLS is used (LOGINDISABLED capability). Note that if the remote IP
# matches the local IP (ie. you're connecting from the same computer), the
# connection is considered secure and plaintext authentication is allowed.
# See also ssl=required setting.
disable_plaintext_auth = novim /etc/dovecot/conf.d/10-mail.conf
# See doc/wiki/Variables.txt for full list. Some examples:
#
# mail_location = maildir:~/Maildir
mail_location = mbox:~/mail:INBOX=/var/mail/%u
# mail_location = mbox:/var/mail/%d/%1n/%n:INDEX=/var/indexes/%d/%1n/%n

五、创建用户、邮箱、开启服务

1.创建用户

useradd -s /sbin/nologin test
echo 123456|passwd --stdin test 

2.创建邮箱并设置权限

mkdir -p /home/test/mail/.imap/INBOX
chown -R test.test /home/test

3.开启服务

systemctl restart sendmail
systemctl restart dovecot
systemctl restart saslauthd

4.检查端口是否以及在启用（此时监听25、110、143端口）

netstat -tnl 
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State      
tcp        0      0 0.0.0.0:25              0.0.0.0:*               LISTEN          
tcp        0      0 0.0.0.0:110             0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:143             0.0.0.0:*               LISTEN   

六、配置域名映射

1.域名解析设置

主机记录  记录类型  线路类型     记录值      优先级 TTL     最后操作时间           操作@	       A	   默认	95.214.177.67	-	600	2020-08-05 01:44:37	修改暂停删除mail	   A	   默认	95.214.177.67	-	600	2020-08-05 01:44:56	修改暂停删除mail	   MX	   默认	swireb.cn.	    5	600	2020-08-05 17:05:49	修改暂停删除

2.本地hosts文件解析设置

C:\WINDOWS\system32\drivers\etc
172.1.1.15 mail.swireb.cn swireb.cn

七、使用Foxmail客户端进行邮件测试

1.使用Foxmail客户端进行配置

2.外网发送邮件失败，报RCPT错误

3.查看邮件日志

tail -f /var/log/maillog
Aug  6 11:48:39 localhost sendmail[4243]: 0763mc7p004243: ruleset=check_rcpt, arg1=<yangwn1992@163.com>, relay=[14.205.134.67], reject=450 4.4.0 <yangwn1992@163.com>... Relaying temporarily denied. Cannot resolve PTR record for 14.205.134.67

4.解决报错问题

vim /etc/mail/access
# package.
#
# If you want to use AuthInfo with "M:PLAIN LOGIN", make sure to have the 
# cyrus-sasl-plain package installed.
#
# By default we allow relaying from localhost...
Connect:localhost.localdomain           RELAY
Connect:localhost                       RELAY
Connect:127.0.0.1                       RELAY
Connect:14.205.134.67                   RELAY #安装报错信息新增14.205.134.67这个IP地址允许接收允许转发#不加标签的默认为Connect
Connect 检查对象域名或IP
From    检查对象　送信人地址
To      检查对象　收信人地址
#制约关键字含义
OK      只接收发给自己/本地的邮件. 其他的全部拒绝并向送信服务器返回错误消息（未指定制约关键字的默认值为OK）
RELAY   允许接收允许转发
REJECT  拒绝接收/转发，向送信服务器返回错误消息
500     与reject基本相同，拒绝接收/转发，并向送信服务器返回错误消息和原邮件
DISCARD 丢弃接收到的邮件，并且不向送信邮件服务器返回任何消息
ERROR   拒绝接收/转发并向发信服务器返回指定的错误消息，格式参见前面的示例#生成数据库文件
makemap hash /etc/mail/access < /etc/mail/access#重启sendmail服务
systemctl restart sendmail

八、使用mail命令进行邮件测试

1.安装mail命令软件

yum install -y mailx

2.使用mail命令进行邮件发送测试

#发送一份邮件给外网邮箱
echo "This is test Mail"|mail -s "Test Mail Sendmail" 1014575812@qq.com#查看邮件日志
tail -f /var/log/maillog
stat=Service unavailable  #此时日志报错，原因是root用户的邮箱为root@localhost.localdomain并非正确的邮箱地址
Aug  6 13:23:11 localhost sendmail[21798]: 0765NA3P021796: 0765NB3P021798: DSN: Service unavailable
Aug  6 13:23:12 localhost sendmail[21798]: 0765NB3P021798: to=<root@localhost.localdomain>, delay=00:00:01, xdelay=00:00:01, mailer=local, pri=31732, dsn=2.0.0, stat=Sent#解决报错问题
hostname swireb.cn #修改计算机名称为swireb.cn此时重新发送邮件即可

3.使用mail命令查看邮件

#邮件的保存路径：/var/spool/mail#mail命令默认查看当前用户的邮件（查看其他用户su命令切换后再进行查看）
mail
Heirloom Mail version 12.5 7/5/10.  Type ? for help.
"/var/spool/mail/root": 2 messages  #N代表未读邮件，没有N的代表已读邮件，查看邮件只需输入邮件编号即可
>   1 Mail Delivery Subsys  Thu Aug  6 13:23  71/2753  "Returned mail: see transcript for details"2 杨伟能                Thu Aug  6 13:38 138/7735  "Re:Test Mail Sendmail"
& helpmail commands
type <message list>             type messages
next                            goto and type next message
from <message list>             give head lines of messages
headers                         print out active message headers #列出邮件标题列表，直接输入h
delete <message list>           delete messages                  #删除指定邮件，例如 d2 d1-2
undelete <message list>         undelete messages
save <message list> folder      append messages to folder and mark as saved  #保存邮件，例如 s 2 /root/mail
copy <message list> folder      append messages to folder without marking them
write <message list> file       append message texts to file, save attachments
preserve <message list>         keep incoming messages in mailbox even if saved
Reply <message list>            reply to message senders
reply <message list>            reply to message senders and all recipients
mail addresses                  mail to specific recipients
file folder                     change to another folder
quit                            quit and apply changes to folder     
xit                             quit and discard changes made to folder
!                               shell escape
cd <directory>                  chdir to directory or home if none given
list                            list names of all available commandsA <message list> consists of integers, ranges of same, or other criteria
separated by spaces.  If omitted, mail uses the last message typed.