Postfix + Dovecot + Squirrelmail na ndị ọrụ mpaghara - Netwọk SMB

General index nke usoro: Netwọk Kọmputa maka SMEs: Okwu Mmalite

Isiokwu a bụ ịga n'ihu na nke ikpeazụ nke miniseries:

• Nyocha Squid + PAM na CentOS 7.
• Onye ọrụ mpaghara na njikwa otu
• NSD Server DNS Server + Shorewall
• IM Prosody na ndị ọrụ mpaghara
  

Ndewo ndị enyi na ndị enyi!

na Ndị na-anụ ọkụ n'obi ha choro inwe sava ozi ha. Ha achoghi iji sava ebe “Nzuzo” di n’etiti ajuju ajuju. Onye na-ahụ maka itinye n'ọrụ na obere sava gị abụghị ọkachamara na isiokwu ahụ ma na-ebu ụzọ gbalịa ịwụnye isi ihe nkesa ozi n'ọdịnihu na zuru ezu. Bụ na "akụkụ" iji mee ka Full Mailserver dị ntakịrị nhịahụ ịghọta na itinye ya n'ọrụ. 😉

Nkọwa nke oke

• Ọ dị mkpa ịkọwapụta nke ọma ihe omume nke mmemme ọ bụla tinyere na Mailserver na-arụ. Dịka ntuziaka mbụ anyị na-enye usoro zuru ezu nke njikọ bara uru yana ebumnuche kwupụtara na a na-eleta ha.
• Imejuputa aka gi na ichota ozi ozi zuru oke bu ihe na-agwụ ike, belụsọ ma ị bụ otu n'ime "Ndị A Họpụtara" ndị na-arụ ụdị ọrụ a kwa ụbọchị. A Mail Server n'ozuzu mejupụtara dị iche iche na mmemme na iche iche aka SMTP, POP / IMAP, Nchekwa Obodo nke Ozi, ihe aga-eme metụtara ọgwụgwọ nke SPAM, Antivirus, wdg. Niile mmemme a gha ekwurita okwu n'etiti onwe ha.
• Onweghi otu nha dabara ma ọ bụ “omume kacha mma” etu esi ejikwa ndị ọrụ; ebe na otu esi echekwa ozi, ma obu otu esi eme ka ihe niile mejuputara dika otu.
• Mgbakọ ahụ na nhazi nke Mailserver na-abụ ihe jọgburu onwe ya n'okwu ndị dị ka ikikere na ndị nwe faịlụ, na-ahọrọ onye ọrụ ga-ahụ maka otu usoro, yana obere njehie emere na faịlụ nhazi esoteric ụfọdụ.
• Ọ gwụla ma ịmara nke ọma ihe ị na-eme, nsonaazụ njedebe ga-abụ enweghị nchekwa ozi ma ọ bụ na-arụ ọrụ anaghị arụ ọrụ. Na na njedebe nke mmejuputa iwu Ọ naghị arụ ọrụ, ọ ga-abụ na ọ ga-abụ obere ihe ọjọọ.
• Anyị nwere ike ịchọta na antanetị ezigbo ego esi eme otu esi eme Mail Server. Otu n'ime ihe zuru oke -n'echiche nke aka m- bu nke onye ode akwukwo nyere ivar Abraham na nke iri na atọ ya nke January 2017 «Esi melite ihe nkesa ozi na usoro GNU / Linux".
• Anyị na-atụ aro ịgụ isiokwu a «A Mailserver na Ubuntu 14.04: Postfix, Dovecot, MySQL«, ma obuA Mailserver na Ubuntu 16.04: Postfix, Dovecot, MySQL".
• Eziokwu. E nwere ike ịchọta akwụkwọ kacha mma na nke a n'asụsụ Bekee.
  • Ọ bụ ezie na anyị anaghị eme Mailserver ji ikwesị ntụkwasị obi na-eduzi ndị Olee otú ... ahụ e kwuru okwu ya na paragraf bu nke a ụzọ, naanị ịgbaso ya nzọụkwụ ga-eme ka anyị mata ihe anyị ga-eche ihu.
• Ọ bụrụ n’ịchọrọ ịnwe Mailserver zuru ezu na usoro ole na ole, ịnwere ike ibudata onyonyo a iRedOS-0.6.0-CentOS-5.5-i386.iso, ma ọ bụ chọọ nke ọhụrụ, ma ọ bụ iRedOS ma ọ bụ Arochukwu. Ọ bụ ụzọ m na-atụ aro.

Anyị ga-awụnye ma hazie:

• ndozi biputere dị ka ihe nkesa Mail Transport AGent (SMTP).
• Nduru dị ka ihe nkesa POP - IMAP.
• Asambodo maka njikọ site na TLS.
• Ogbe dị ka ntanetị weebụ maka ndị ọrụ.
• DNS ndekọ ikwu «Okpokoro Ozi N'uba»Ma ọ bụ SPF.
• Ọdịdị modul Diffie Hellman Otu iji mee ka nchekwa nke asambodo SSL dịkwuo elu.

Ọ ka ga-eme:

Ma ọ dịkarịa ala ọrụ ndị a ga-anọgide na-emejuputa:

• postgrey: Postfix nkesa na atumatu maka Grey Nsuso na-ajụ Junk Mail.
  
• Amavisd-ọhụrụ: edemede nke na-emepụta interface n'etiti MTA, na nyocha nje na nzacha ọdịnaya.
• Antivirus Clamav: antivirus suite
• SpamAssassin: wepụ Junk Mail
• Aziza (pyzor): SPAM weghaara site na ntaneti kesara na mmekorita. Vipul Razor netwọkụ na-ejigide akwụkwọ ndekọ emelitere nke mgbasa ozi spam ma ọ bụ ozi junk.
• DNS ndekọ "DomainKeys Identified Mail" ma ọ bụ Dkim.

Ihe ngwugwu postgrey, amavisd-ọhụrụ, clamav, spamassassin, agụba y yzzọ A na-ahụta ha na ebe nchekwa mmemme. Anyị ga-ahụkwa ihe omume openkim.

• Nkwupụta ziri ezi nke ndekọ DNS "SPF" na "DKIM" dị mkpa ma ọ bụrụ na anyị achọghị ka ihe nkesa ozi anyị ka na-arụ ọrụ, ka ekwupụta na ekwesighi ma ọ bụ onye na-emepụta SPAM ma ọ bụ Junk Mail, site na ọrụ ozi ndị ọzọ dị ka Gmail, Yahuhu, Hotmail, wdg.

Ndenye ego mbụ

Cheta na edemede a bu ihe ngbakwunye nke ndi ozo na amalite na Nyocha Squid + PAM na CentOS 7.

Ens32 LAN interface ejikọrọ na Internal Network

[mgbọrọgwụ @ linuxbox ~] # nano / etc / sysconfig / network-scripts / ifcfg-ens32
DEVICE=ens32
ONBOOT=yes
BOOTPROTO=static
HWADDR=00:0c:29:da:a3:e7
NM_CONTROLLED=no
IPADDR=192.168.10.5
NETMASK=255.255.255.0
GATEWAY=192.168.10.1
DOMAIN=desdelinux.fan
DNS1=127.0.0.1
MGBE = ọha

[mgbọrọgwụ @ Linux_ ~] # ifdown ens32 && ifup ens32

Ens34 WAN interface jikọọ na Internetntanetị

[mgbọrọgwụ @ linuxbox ~] # nano / etc / sysconfig / network-scripts / ifcfg-ens34
Ngwaọrụ = ens34 ONBOOT = ee BOOTPROTO = static HWADDR = 00: 0c: 29: da: a3: e7 NM_CONTROLLED = no IPADDR = 172.16.10.10 NETMASK = 255.255.255.0 # ADSL Router ejikọrọ na # interface a na # adreesị na-esonụ. IP GATEWAY = 172.16.10.1 DOMAIN = desdelinux.fan DNS1 = 127.0.0.1
Mpaghara = mpụga

Nhọrọ DNS site na LAN

[mgbọrọgwụ @ linuxbox ~] # pusi /etc/resolv.conf nyocha site na Linux.fan nameserver 127.0.0.1 nameserver 172.16.10.30 [mgbọrọgwụ @ linuxbox ~] # ọbịa ozi
mail.desdelinux.fan bụ utu aha maka linuxbox.desdelinux.fan. linuxbox.desdelinux.fan nwere adreesị 192.168.10.5 linuxbox.desdelinux.fan mail na-edozi ya site na 1 mail.desdelinux.fan.

[mgbọrọgwụ @ Linux_ ~] # host mail.fromlinux.fan
mail.desdelinux.fan bụ utu aha maka linuxbox.desdelinux.fan. linuxbox.desdelinux.fan nwere adreesị 192.168.10.5 linuxbox.desdelinux.fan mail na-edozi ya site na 1 mail.desdelinux.fan.

Nhọrọ DNS site na Internetntanetị

buzz @ sysadmin: ~ $ kwadoro mail.fromlinux.fan 172.16.10.30
Iji na ngalaba nkesa: Aha: 172.16.10.30 okwu: 172.16.10.30 # 53 Aliases: mail.desdelinux.fan bụ utu aha maka desdelinux.fan.
site na Linux.fan nwere adreesị 172.16.10.10
desdelinux.fan na-edozi 10 mail.desdelinux.fan.

Nsogbu idozi aha nnabata "desdelinux.fan" na mpaghara

Ọ bụrụ na ị nwere nsogbu idozi hostname «site na Linux.fan"site na LAN, gbalịa ịza ajụjụ faịlị faịlụ / wdg / dnsmasq.conf ebe ekwuputara ya obodo = / si Linux.fan /. Emechaa, bidogharịa Dnsmasq.

[mgbọrọgwụ @ linuxbox ~] # nano /etc/dnsmasq.conf # Ikwu okwu n'okpuru:
# obodo = / desdelinux.fan /

[mgbọrọgwụ @ linuxbox ~] # ọrụ dnsmasq Malitegharịa ekwentị
Nyegharịa ka / biini / systemctl Malitegharịa ekwentị dnsmasq.service

[mgbọrọgwụ @ linuxbox ~] # ọrụ dnsmasq ọnọdụ

[mgbọrọgwụ @ Linux_ ~] # ọbịa site na Linux.fan
desdelinux.fan nwere adreesị 172.16.10.10 desdelinux.fan na-edozi ozi site na 10 mail.desdelinux.fan.

Postfix na nduru

Enwere ike ịchọta akwụkwọ sara mbara nke Postfix na Dovecot na:

[mgbọrọgwụ @ Linux_ ~ ~ # ls /usr/share/doc/postfix-2.10.1/
bounce.cf.dabere LICENSE README-Postfix-SASL-RedHat.txt Mmekọrịta main.cf.dabara TLS_ACKNOWLEDGEMENTS ihe atụ README_FILES TLS_LICENSE

[mgbọrọgwụ @ Linux_ ~ ~ # ls /usr/share/doc/dovecot-2.2.10/
AUTHORS COPYING.MIT dovecot-openssl.cnf OZI wiki COPYING ChangeLog ihe atụ-config README COPYING.LGPL documentation.txt mkcert.sh solr-schema.xml

Na CentOS 7, Postfix MTA arụnyere na ndabara mgbe anyị na-ahọrọ nhọrọ Server Infrastructure. Anyi aghaghi ilele na onodu SELinux na-enye ohere ide ihe na Potfix na uzo ozi obodo:

[mgbọrọgwụ @ linuxbox ~] # getsebool -a | grep postfix
postfix_local_write_mail_spool -> on

Mgbanwe na FirewallD

Iji eserese eserese iji hazie FirewallD, anyị ga-ahụrịrị na ọrụ na ọdụ ụgbọ mmiri ndị a na-enyere maka Mpaghara ọ bụla:

# ------------------------------------------------- -----
# Mmezi na FirewallD
# ------------------------------------------------- -----
# firewall
# Mpaghara obodo: http, https, imap, pop3, ọrụ smtp
# Mpaghara ọha: ọdụ ụgbọ mmiri 80, 443, 143, 110, 25

# Mpaghara mpụga: http, https, imap, pop3s, ọrụ smtp
# Mpaghara mpụga: ọdụ ụgbọ mmiri 80, 443, 143, 995, 25

Anyị na-etinye Dovecot na mmemme dị mkpa

[mgbọrọgwụ @ Linux_ ~] # yum wụnye dovecot mod_ssl procmail telnet

Obere ndokwa Dovecot

[mgbọrọgwụ @ linuxbox ~] # nano /etc/dovecot/dovecot.conf
usoro iwu = map pop3 lmtp
ege =,, ::
nbanye_ekele = Dovecot dị njikere!

Anyị na-gbanyụọ nyocha doro anya nke Dovecot:

[mgbọrọgwụ @ Linux_ ~ ~ # nano /etc/dovecot/conf.d/10-auth.conf 
disable_plaintext_auth = ee

Anyị na-ekwupụta otu nwere ikike dị mkpa iji mekọrịta Dovecot, yana ọnọdụ nke ozi ndị ahụ:

[mgbọrọgwụ @ linuxbox ~] # nano /etc/dovecot/conf.d/10-mail.conf
mail_location = mbox: ~ / mail: INBOX = / var / mail /% ị
mail_privileged_group = akwụkwọ ozi
mail_access_groups = akwụkwọ ozi

Asambodo maka Dovecot

Dovecot na - enweta asambodo ule gị na akpaghị aka site na data dị na faịlụ ahụ /etc/pki/dovecot/dovecot-opensl.cnf. Iji nweta asambodo ohuru emere dika ihe anyi choro, anyi aghaghi ime usoro ndi a:

[mgbọrọgwụ @ linuxbox ~] # cd / etc / pki / dovecot /
[mgbọrọgwụ @ linuxbox dovecot] # nano dovecot-openssl.cnf
[req] default_bits = 1024 encrypt_key = ee distinguished_name = req_dn x509_extensions = cert_type prompt = no [req_dn] # obodo (2 leta koodu) C = CU # State or Province Name (full name) ST = Cuba # Aha Obodo (eg. obodo ) L = Habana # Organizationtù (eg. Companylọ ọrụ) O = FromLinux.Fan # Ahazị Unit aha (eg. Nkebi) OU = Ndị na-anụ ọkụ n'obi # Aha Aha (* .example.com dịkwa ike) CN = *. Desdelinux.fan # E -mail kọntaktị emailAddress=buzz@desdelinux.fan [cert_type] nsCertType = nkesa

Anyị na-ewepụ asambodo nnwale

[mgbọrọgwụ @ linuxboxbox dovecot] # rm certs / dovecot.pem 
rm: hichapụ faịlụ mgbe niile "certs / dovecot.pem"? (y / n) y
[mgbọrọgwụ @ l Linuxbox dovecot] # rm nkeonwe / dovecot.pem 
rm: hichapụ faịlụ mgbe niile "nkeonwe / dovecot.pem"? (y / n) y

Anyị na-e copyomi ma na-eme ihe ederede mkporo.sh site na ndekọ akwụkwọ

[mgbọrọgwụ @ linuxboxbox dovecot] # cp /usr/share/doc/dovecot-2.2.10/mkcert.sh. [mgbọrọgwụ @ l Linuxbox dovecot] # bash mkcert.sh 
Nweta igodo nzuzo 1024 bit RSA ...... ++++++ ................ ++++++ ede ederede igodo ohuru na '/ etc / pki / dovecot / private / dovecot.pem '----- subject = /C=CU/ST=Cuba/L=Habana/O=DesdeLinux.Fan/OU=Entusiasts/CN=*.desdelinux.fan/emailAddress= buzz@desdelinux.fan SHA1 Mkpisiaka = 5F: 4A: 0C: 44: EC: EC: EF: 95: 73: 3E: 1E: 37: D5: 05: F8: 23: 7E: E1: A4: 5A

[mgbọrọgwụ @ Linux] dovecot] # ls -l certs /
ngụkọta 4 -rw -------. 1 mgbọrọgwụ 1029 Mee 22 16:08 dovecot.pem
[mgbọrọgwụ @ linuxbox dovecot] # ls -l nkeonwe /
ngụkọta 4 -rw -------. 1 mgbọrọgwụ 916 Mee 22 16:08 dovecot.pem

[mgbọrọgwụ @ linuxbox dovecot] # ọrụ dovecot Malitegharịa ekwentị
[mgbọrọgwụ @ Linuxbox dovecot] # ọrụ dovecot ọnọdụ

Asambodo maka Postfix

[mgbọrọgwụ @ linuxbox ~] # cd / etc / pki / tls / [mgbọrọgwụ @ linuxbox tls] # openssl req -sha256 -x509 -nodes -newkey rsa: 4096 -days 1825 \ -out certs / desdelinux.fan.crt -keyout onwe / desdelinux.fan.key

Nweta igodo nzuzo 4096 bit RSA ......... ++ .. ++ na-ede igodo nzuzo ohuru na 'onwe / domain.tld.key' ----- A ga-agwa gị ka ị banye ozi a ga-webata gị akwụkwọ arịrịọ. Ihe ị na-achọ ịbanye bụ ihe akpọrọ Aha Ahapụrụ ma ọ bụ DN. Enwere ubi ole na ole mana ị nwere ike ịhapụ oghere maka ụfọdụ mpaghara ga-enwe uru ndabara, ọ bụrụ na ị banye '.', A ga-ahapụ oghere oghere. ----- Aha obodo (koodu abuo abuo) Ndabere Ltdlọ Ọrụ Ltd]: desdeLinux.Fan Aha Nhazi Aha (dịka, ngalaba) []: Ndị na-anụ ọkụ n'obi Aha (dịka, aha gị ma ọ bụ aha nnabata sava gị) []: desdelinux.fan Adreesị Email []: buzz@desdelinux.fan

Nhazi nhazi pere mpe

Anyị na-agbakwunye na njedebe nke faịlụ ahụ / wdg / aha otutu nke na-esote:

mgbọrọgwụ: uzu

Maka mgbanwe iji rụọ ọrụ, anyị na-eme iwu ndị a:

[mgbọrọgwụ @ linuxbox ~] # newaliases

Enwere ike ịhazi nhazi Postifx site na ịdezi faịlụ ahụ ozugbo /etc/postfix/main.cf ma ọ bụ site n'iwu postconf -e na-elekọta na niile oke na anyị chọrọ gbanwee ma ọ bụ tinye na-egosi na a otu akara nke console:

• Onye obula aghaghi igosiputa nhọrọ ha ghotara ma choo!.

[mgbọrọgwụ @ linuxbox ~] # postconf -e 'myhostname = desdelinux.fan'
[mgbọrọgwụ @ linuxbox ~] # postconf -e 'mydomain = desdelinux.fan'
[mgbọrọgwụ @ linuxbox ~] # postconf -e 'myorigin = $ mydomain'
[mgbọrọgwụ @ linuxbox ~] # postconf -e 'inet_interfaces = all'
[mgbọrọgwụ @ linuxbox ~] # postconf -e 'mydestination = $ myhostname, localhost. $ mydomain, localhost, $ mydomain, mail. $ mydomain, www. $ mydomain, ftp $ mydomain'

[mgbọrọgwụ @ linuxbox ~] # postconf -e 'mynetworks = 192.168.10.0/24, 172.16.10.0/24, 127.0.0.0/8'
[mgbọrọgwụ @ linuxbox ~] # postconf -e 'mailbox_command = / usr / bin / procmail -a "$ EXTENSION"'
[mgbọrọgwụ @ linuxbox ~] # postconf -e 'smtpd_banner = $ myhostname ESMTP $ mail_name ($ mail_version)'

Anyị na-agbakwunye na njedebe nke faịlụ ahụ /etc/postfix/main.cf nhọrọ nyere n'okpuru. Iji mata ihe nke ọ bụla n’ime ha pụtara, anyị na-atụ aro ka ị na-agụ akwụkwọ ndị so ya.

biff = mba
append_dot_mydomain = mba
igbu oge_oge = 4h
readme_directory = mba
smtpd_tls_cert_file = / etc / pki / certs / desdelinux.fan.crt
smtpd_tls_key_file = / etc / pki / nkeonwe / desdelinux.fan.key
smtpd_use_tls = ee
smtpd_tls_session_cache_database = btree: $ {data_directory} / smtpd_scache
smtp_tls_session_cache_database = btree: $ {data_directory} / smtp_scache
smtpd_relay_restrictions = allow_mynetworks permit_sasl_authenticated defer_unauth_destination

# Oke igbe akwụkwọ ozi kacha 1024 megabytes = 1 g na g
mailbox_size_limit = 1073741824

nnata_delimiter = +
maximal_queue_lifetime = 7d
header_checks = regexp: / etc / postfix / header_checks
body_checks = regexp: / wdg / postfix / ahụ_checks

# Akaụntụ na-eziga otu akwụkwọ ozi na-abata na akaụntụ ọzọ
nnata_bcc_maps = hash: / wdg / postfix / accounts_ forwarding_copy

Usoro ndị a dị mkpa iji chọpụta onye nwere ike izipu ozi na nfegharị na sava ndị ọzọ, ka anyị wee ghara ịhazigharị "mepee ọsọ agba ọsọ" nke na-enye ndị ọrụ enweghị ikike izipu ozi. Anyị ga-enyocha akwụkwọ enyemaka Postfix iji ghọta ihe nhọrọ ọ bụla pụtara.

• Onye obula aghaghi igosiputa nhọrọ ha ghotara ma choo!.

smtpd_helo_restrictions = faye_mynetworks,
 kashe_if_reject juru_non_fqdn_hostname,
 jụ_invalid_hostname,
 akwụkwọ ikike

smtpd_sender_restrictions = ikike_sasl_authenticated,
 idenye_mynetworks,
 kashe_if_reject juru_non_fqdn_sender,
 jụ_unknown_sender_domain,
 ju__agha_pipelining,
 akwụkwọ ikike

smtpd_client_restrictions = jụ_rbl_client sbl.spamhaus.org,
 jụ_rbl_client blackholes.easynet.nl

# IHE: Nhọrọ "lelee_policy_service inet: 127.0.0.1: 10023"
# na-enyere mmemme Postgrey aka, anyị ekwesịghị ịgụnye ya
# ma ọ bụghị na anyị ga-eji Postgrey

smtpd_recipient_restrictions = jụ_unauth_pipelining,
 idenye_mynetworks,
 Ikike_sasl_authenticated,
 ju_non_fqdn_recipient,
 juru_unknown_recipient_domain,
 ju_nauth_destination,
 check_policy_service inet: 127.0.0.1: 10023,
 akwụkwọ ikike

smtpd_data_restrictions = jụ_unauth_pipelining

smtpd_relay_restrictions = jụ_unauth_pipelining,
 idenye_mynetworks,
 Ikike_sasl_authenticated,
 ju_non_fqdn_recipient,
 juru_unknown_recipient_domain,
 ju_nauth_destination,
 check_policy_service inet: 127.0.0.1: 10023,
 akwụkwọ ikike
 
smtpd_helo_required = ee
smtpd_delay_reject = ee
disable_vrfy_command = ee

Anyị mepụtara faịlụ / wdg / postfix / ahụ anya y / wdg / postfix / accounts_forwarding_copy, ma gbanwee faịlụ ahụ / wdg / postfix / header_checks.

• Onye obula aghaghi igosiputa nhọrọ ha ghotara ma choo!.
  

[mgbọrọgwụ @ linuxbox ~] # nano / etc / postfix / body_checks
# Ọ bụrụ na gbanwee faịlụ a, ọ dịghị mkpa # iji gbaa postmap # Iji nwalee iwu, gbaa ọsọ dị ka mgbọrọgwụ: # postmap -q 'ohuru ohuru v1agra' regexp: / wdg / postfix / body_checks
# Kwesịrị ịlaghachi: # JJR # Iwu # 2 Anti Spam Message Body
/ viagra / JJR Ru Iwu # 1 Anti Spam nke ozi ahu
/ super ọhụrụ v [i1] agra / JJR Ru Iwu # 2 Anti Spam ozi ahụ

[mgbọrọgwụ @ linuxbox ~] # nano / etc / postfix / accounts_ forwarding_copy
# Mgbe emezigharị, ị ga-eme: # postmap / wdg / postfix / accounts_ forwarding_copy
# na faịlị ahụ kere ma ọ bụ tụọ: # /etc/postfix/accounts_forwarding_copy.db
# --------------------------------------------- Otu Akaụntụ iji zipu otu BCC oyiri # BCC = Black Carbon Detuo # Ihe Nlereanya: # webadmin@desdelinux.fan buzz@desdelinux.fan

[mgbọrọgwụ @ Linux_ ~] # postmap / wdg / postfix / accounts_ forwarding_copy

[mgbọrọgwụ @ Linux_ ~] # nano / wdg / postfix / header_checks
# Tinye na njedebe faịlụ ahụ # Achọghị ka ị nweta akwụkwọ ozi ka ha bụ Nkwupụta Okwu Oge
/ ^ Isiokwu: =? Big5? / Gbanyụọ koodu China nke sava a anabataghị
/ ^ Isiokwu: =? EUC-KR? / Gbanyụọ koodu Korea nke sava a ekweghị
/ ^ Isiokwu: ADV: / REJECT Mgbasa ozi nke sava a anaghị anabata
/^From:.* \@.* \ // JJR Sor Ndo, ezigaghị ozi ndị China ebe a
/^From:.* \@.* \.kr/ JJR SorỌ ndo, A naghị ekwe ka ozi Korea gaa ebe a
/^From:.* \@.*\.tr/ JJR SorỌ ndo, a naghị ekwe ka ozi Turkish ebe a
/^From:.* \
/^(Anataere Ozi-Id|X-(Mailer|Sender)):.*\b(AutoMail|E-Broadcaster|Emailer Platinum | Thunder Server | eMarksman | Extraor | e-Merge | site na stealth [^.] | Global Messenger | GroupMaster | Mailcast | MailKing | Match10 | MassE-Mail | massmail \ .pl | Onye na-emebi akụkọ | Powermailer | ngwa ngwa gbara ọsọ ọsọ | Ọkụ Dị njikere | WindoZ | WorldMerge | Yourdora | Lite) \ b / REJECT Enweghị ikike izipu ndị mmadụ.
/ ^ Site na: "spammer / JJR.
/ ^ Site: "spam / REJECT
/^Subject :.*viagra/ DISCARD
# Mgbatị ndị dị ize ndụ
/ name = [^> Iluminación * \. (bat | cmd | exe | com | pif | reg | scr | vb | vbe | vbs) / REJECT REJECT Anyị anaghị anabata mgbakwunye na mgbakwunye ndị a

Anyị na-enyocha syntax ahụ, bidogharịa Apache na Postifx, ma kwado ma bido Dovecot

[mgbọrọgwụ @ Linux_ ~] # postfix nyocha
[mgbọrọgwụ @ Linux_ ~] #

[mgbọrọgwụ @ linuxbox ~] # systemctl Malitegharịa ekwentị httpd
[mgbọrọgwụ @ linuxbox ~] # systemctl ọnọdụ httpd

[mgbọrọgwụ @ linuxbox ~] # systemctl Malitegharịa ekwentị postfix
[mgbọrọgwụ @ Linux_ ~] # systemctl ọnọdụ postfix

[mgbọrọgwụ @ linuxbox ~] # systemctl status dovecot
Dovecot.service - Dovecot IMAP / POP3 email server Loaded: loaded (/usr/lib/systemd/system/dovecot.service; nwere nkwarụ; na-ere ahịa preset: nkwarụ) Ọrụ: adịghị arụ ọrụ (nwụrụ anwụ)

[mgbọrọgwụ @ Linux_ ~] # systemctl enyere dovecot aka
[mgbọrọgwụ @ Linux_ ~] # systemctl bido dovecot
[mgbọrọgwụ @ Linux_ ~] # systemctl Malitegharịa ekwentị dovecot
[mgbọrọgwụ @ linuxbox ~] # systemctl status dovecot

Nlekọta njikwa njikwa

• Ọ dị ezigbo mkpa tupu ịga n'ihu na ntinye na nhazi nke mmemme ndị ọzọ, iji mee nyocha kacha nta dị mkpa nke ọrụ SMTP na POP..

Mpaghara si nkesa n'onwe ya

Anyị na-eziga onye ọrụ mpaghara ozi email Legolas.

[mgbọrọgwụ @ linuxbox ~] # nkuzi "Ndewo. Nke a bụ ozi ule" | mail -s "Ule" legolas

Anyị na-elele igbe akwụkwọ ozi nke Legolas.

[mgbọrọgwụ @ linuxbox ~] # openssl s_client -crlf -connect 127.0.0.1:110 -starttls pop3

Mgbe ozi ahụ gasịrị Dovecot dị njikere! anyị gaba:

---
+ OK Dovecot dị njikere!
Ọkachamara legolas + OK ngafe legolas + OK wee banye. STAT + OK 1 559 Ndepụta + OK 1 ozi: 1 559. RETR 1 + OK 559 octets Return-athzọ: X-Original-To: legolas nyefere-le: legolas@desdelinux.fan Anatala: site na desdelinux.fan (Postfix, site na userid 0) id 7EA22C11FC57; Mon, 22 Mee 2017 10:47:10 -0400 (EDT) :bọchị: Mon, 22 Mee 2017 10:47:10 -0400 Iji: legolas@desdelinux.fan Isiokwu: Nnwale onye ọrụ: Heirloom mailx 12.5 7/5 / 10 MIME-Version: 1.0 Ọdịnaya-:dị: ederede / larịị; charset = us-ascii Content-Transfer-Encoding: 7bit Message-Id: <20170522144710.7EA22C11FC57@desdelinux.fan> Site: root@desdelinux.fan (mgbọrọgwụ) Ndewo. Nke a bụ ozi ule. Kwụsị Emela
[mgbọrọgwụ @ Linux_ ~] #

Remote site na kọmputa na LAN

Ka anyị zigara ọzọ ozi Legolas site na kọmputa ọzọ na LAN. Rịba ama na nchekwa TLS abụghị ezigbo mkpa n'ime SME Network.

buzz @ sysadmin: ~ $ sendemail -f buzz@deslinux.fan \
-t legolas@desdelinux.fan \
-u "Ndewo" \
-m "Ekele gị Legolas n'aka enyi gị Buzz" \
-s mail.desdelinux.fan -o tls = mba
Mee 22 10:53:08 sysadmin sendemail [5866]: E zigara email nke ọma!

Ọ bụrụ na anyị gbalịa jikọọ telnet Site na ndị ọbịa na LAN - ma ọ bụ sitere na thentanetị, n'ezie - na Dovecot, ihe ndị a ga - eme n'ihi na anyị gbanyụọ nyocha ederede:

buzz @ sysadmin: ~ $ telnet mail.fromlinux.fan 110 na-anwale 192.168.10.5 ...
Jikọọ na Linuxbox.fromlinux.fan. Characterzọ mgbapụ bụ '^]'. + OK Dovecot dị njikere! onye ọrụ legolas
-ERR [AUTH] Achọpụtaghị nkwenye ederede ederede na njikọ na-enweghị nchebe (SSL / TLS).
kwụsị + OK outbanye Njikọ nke ndị ọbịa mba ọzọ mechiri.
uzu @ sysadmin: ~ $

Anyị ga-emerịrị ya openssl. Mmepụta zuru ezu nke iwu ahụ ga-abụ:

buzz @ sysadmin: ~ $ openssl s_client -crlf -connect mail.fromlinux.fan:110 -starttls pop3
Jikọtara (00000003)
omimi = 0 C = CU, ST = Cuba, L = Havana, O = FromLinux.Fan, OU = Ndị na-anụ ọkụ n'obi, CN = * .fromlinux.fan, emailAddress = buzz@desdelinux.fan
inyocha njehie: num = 18: onwe aka akwụkwọ nyochaa nyochaa nloghachi: 1
omimi = 0 C = CU, ST = Cuba, L = Havana, O = FromLinux.Fan, OU = Ndị na-anụ ọkụ n'obi, CN = * .fromlinux.fan, emailAddress = buzz@fromlinux.fan nyochaa ịlaghachi: 1
--- Akwụkwọ ntinye akwụkwọ 0 s: /C=CU/ST=Cuba/L=Habana/O=DesdeLinux.Fan/OU=Entusiasts/CN = *. Desdelinux.fan/emailAddress=buzz@desdelinux.fan i: / C =CU/ST=Cuba/L=Habana/O=DesdeLinux.Fan/OU=Entusiasts/CN=*.desdelinux.fan/emailAddress=buzz@desdelinux.fan --- Akwụkwọ asambodo ----- BEGIN CERTIFICATE-- --- MIICyzCCAjSgAwIBAgIJAKUHI / 2ZD + MeMA0GCSqGSIb3DQEBBQUAMIGbMQswCQYD VQQGEwJDVTENMAsGA1UECBMEQ3ViYTEPMA0GA1UEBxMGSGFiYW5hMRcwFQYDVQQK Ew5EZXNkZUxpbnV4LkZhbjEUMBIGA1UECxMLRW50dXNpYXN0YXMxGTAXBgNVBAMU ECouZGVzZGVsaW51eC5mYW4xIjAgBgkqhkiG9w0BCQEWE2J1enpAZGVzZGVsaW51 eC5mYW4wHhcNMTcwNTIyMjAwODEwWhcNMTgwNTIyMjAwODEwWjCBmzELMAkGA1UE BhMCQ1UxDTALBgNVBAgTBEN1YmExDzANBgNVBAcTBkhhYmFuYTEXMBUGA1UEChMO RGVzZGVMaW51eC5GYW4xFDASBgNVBAsTC0VudHVzaWFzdGFzMRkwFwYDVQQDFBAq LmRlc2RlbGludXguZmFuMSIwIAYJKoZIhvcNAQkBFhNidXp6QGRlc2RlbGludXgu ZmFuMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC7wckAiNNfYSz5hdePzKuZ Bnk m2MMuhGDvwrDSPDEcVutznbZSgJ9bvTo445TR + + + nBmqxzJbpc OZ80lujS2hP XR7E9eWIXxr4fP4HpRrCA8NxlthEsapVMSHW + lnPBqF2b / Bt2eYyR7g JhtlP6gRG V57MmgL8BdYAJLvxqxDIxQIDAQABoxUwEzARBglghkgBhvhCAQEEBAMCBkAwDQYJ KoZIhvcNAQEFBQADgYEAAuYU1nIXTbXtddW + QkLskum7ESryHZonKOCelfn2vnRl 8oAgHg7Hbtg / e6sR / W9m3DObP5DEp3lolKKIKor7ugxtfA4PBtmgizddfDKKMDql lt + MV5 / DP1pjQbxTsaLlZfveNxfLRHkQY13asePy4fYJFOIZ4OojDEGQ6 / VQBI8 = ----- ----- Ọgwụgwụ akwụkwọ isiokwu = / C = Cu / ST = Cuba / L = Havana / O = DesdeLinux.Fan /OU=Entusiasts/CN=*.desdelinux.fan/emailAddress=buzz@desdelinux.fan issuer = / C = CU / ST = Cuba / L = Habana / O = DesdeLinux.Fan / OU = Entusiasts / CN = *. .fan / emailAddress = buzz @ desdelinux.fan --- Ọ dịghị ahịa akwụkwọ CA aha zigara Server Temp Key: ECDH, secp384r1, 384 bits --- SSL okwukwe aka agụọla 1342 bytes ma dee 411 bytes --- Ọhụrụ, TLSv1 / SSLv3 , Cipher bụ ECDHE-RSA-AES256-GCM-SHA384 Isi igodo ọha na eze bụ 1024 bit Secure Renegotiation B supported na-akwado mkpakọ: Ọ BONEGH Exp Mgbasawanye: Ọ BONEGHONE SSL-Oge: Protocol: TLSv1.2 Cipher: ECDHE-RSA-AES256-GCM-SHA384 Session- ID: C745B4A0236204E16234CB15DC9CDBC3D084125FF5989F5DB6C5295BF4E2D73A Oge-ID-ctx: Master-Key : 1904D204C564B76361CEA50373F8879AF793AF7D7506C04473777F6F3503A9FD919CD1F837BC67BFF29E309F352526F5 Key-Arg: Ọ dịghị onye Krb5 isi: ọ dịghị onye PSK 300 njirimara: Ọ dịghị onye PSK njirimara ndumodu: hS 0000F4F3A8FD29CD7F4BC63BFF72E7F6F4 Key-Arg: Ọ dịghị onye Krb7 isi: ọ dịghị onye 1 PSK njirimara: Ọ dịghị onye PSK njirimara ndumodu: hS XNUMX TLS nnọkọ XNUMX sekọnd XNUMX f Nonec XNUMX tiketi nnọkọ XNUMX f XNUMX sekọnd XNUMX FXNUMXFXNUMX tiketi ec XNUMXe XNUMXc N :.) zOcr ... O .. ~.
 0010 - 2c d4 ibu a8 be 92 2e ae-98 7e 87 6d 45 c5 17 a8, ........ ~ .mE ...
 0020 - db 3a 86 80 df 8b dc 8d-f8 1f 68 6e db a7 e3 86 .: ........ hn ....
 0030 - 08 35 e5 eb 98 b8 a4 98-68 b1 ea f7 72 f7 c1 79 .5 ...... h ... r..y 0040 - 89 4a 28 e3 85 a4 8b da-e9 7a 29 c7 77 bf 22 0d .J (...... z) .w. ".
 0050 - bd 5c f6 61 8c a1 14 bd-cb 31 27 66 7a dc 51 28. \. A ..... 1'fz.Q (0060 - b7 de 35 bd 2b 0f d4 ec-d3 e0 14 c8 65 03 b1 35 ..5. + ....... e..5 0070 - 38 34 f8 de 48 da ae 31-90 bd f6 b0 e6 9c cf 19 84..H..1 ..... ...
 0080 - f5 42 56 13 88 b0 8c db-aa ee 5a d7 1b 2c dd 71 .BV ....... Z ..,. Q 0090 - 7a f1 03 70 90 94 c9 0a-62 e5 0f 9c bf dc 3c a0 z..p .... b ..... <.

+ OK Dovecot dị njikere!
ỌR le legolas
+ Ọ dị mma
Ngafe legolas
+ OK Banye.
Ndepụta
+ OK 1 ozi: 1 1021.
NT 1R XNUMX XNUMX
+ OK 1021 octets Return-athzọ: X-Original-To: legolas@desdelinux.fan Napụtara-To: legolas@desdelinux.fan Anatara: site na sysadmin.desdelinux.fan (ọnụ ụzọ ámá [172.16.10.1]) site na desdelinux.fan (Postfix) na ESMTP id 51886C11E8C0 maka ; Mon, 22 Mee 2017 15:09:11 -0400 (EDT) Ozi-ID: <919362.931369932-sendEmail@sysadmin> Site na: "buzz@deslinux.fan" To: "legolas@desdelinux.fan" Isiokwu: Ndewo :bọchị: Mọn, 22 Mee 2017 19:09:11 + 0000 X-Mailer: sendEmail-1.56 MIME-Version: 1.0 Ọdịnaya-:dị: multipart / metụtara; ókè = "---- MIME delimiter maka sendEmail-365707.724894495" Nke a bụ ozi ọtụtụ akụkụ na usoro MIME. Iji gosipụta ozi a nke ọma, ị ga-achọ mmemme Email mime 1.0 nke MIME. ------ MIME delimiter for sendEmail-365707.724894495 Ọdịnaya-:dị: ederede / larịị; charset = "iso-8859-1" Ọdịnaya-Nyefee-ngbanwe: 7bit Ekele Legolas n'aka enyi gị Buzz ------ MIME delimiter for sendEmail-365707.724894495--.
Kwụsị
+ OK gingpụ apụ. emechi
uzu @ sysadmin: ~ $

Ogbe

Ogbe bụ onye ahịa weebụ nke edere kpamkpam na PHP. Ọ na-agụnye nwa afọ PHP nkwado maka IMAP na SMTP ogbugba ndu, ma na-enye kacha ndakọrịta na dị iche iche nchọgharị na iji. Ọ na-agba ọsọ n'ụzọ ziri ezi na ihe ọ bụla IMAP nkesa. O nwere ọrụ niile ịchọrọ site na ndị ahịa email gụnyere nkwado MIME, akwụkwọ adreesị na njikwa nchekwa.

[mgbọrọgwụ @ Linux_ ~] # yum wụnye squirrelmail
[mgbọrọgwụ @ linuxbox ~] # ọrụ httpd Malitegharịa ekwentị

[mgbọrọgwụ @ linuxbox ~] # nano /etc/squirrelmail/config.php
$ ngalaba = 'desdelinux.fan';
$ imapServerAddress = 'mail.fromlinux.fan';
$ imapPort = 143;
$ smtpServerAddress = 'desdelinux.fan';

[mgbọrọgwụ @ linuxbox ~] # ọrụ httpd reload

DNS Send Iwu Framenwork ma ọ bụ SPF ndekọ

Ke ibuotikọ NSD Server DNS Server + Shorewall Anyị hụrụ na ahaziri "desdelinux.fan" dị ka ndị a:

mgbọrọgwụ @ ns: ~ # nano /etc/nsd/desdelinux.fan.zone
$ ORIGIN site na Linux.fan. $ TTL 3H @ IN SOA ns.fromlinux.fan. mgbọrọgwụ.fromlinux.fan. (1; serial 1D; nweta ume 1H; gbalịa 1W; gwụ 3H); opekempe ma ọ bụ; Oge na-adịghị mma caching iji bie ndụ; @ NS ns.fromlinux.fan. @ Na MX 10 mail.fromlinux.fan.
@ N'ỌZỌ "v = spf1 a: mail.desdelinux.fan -all"
; ; Abanye na-edozi igwu ajuju si linux.fan @ IN A 172.16.10.10; ns IN A 172.16.10.30 mail IN CNAME si linux.fan. ikori na IN CNAME si Linux.fan. www na aha na linux.fan. ; ; Ihe ndekọ SRV metụtara XMPP
_xmpp-server._tcp IN SRV 0 0 5269 si linux.fan. _xmpp-client._tcp IN SRV 0 0 5222 si linux.fan. _jabber._tcp NA SRV 0 0 5269 site na Linux.fan.

N'ime ya edepụtara ndekọ:

@ N'ỌZỌ "v = spf1 a: mail.desdelinux.fan -all"

Iji nweta otu oke ahaziri maka SME Network ma ọ bụ LAN, anyị ga-agbanwe faịlụ nhazi Dnsmasq dị ka ndị a:

# TXT ndekọ. Anyị nwekwara ike ikwupụta SPF ndekọ txt-ndekọ = desdelinux.fan, "v = spf1 a: mail.desdelinux.fan -all"

Mgbe ahụ, anyị maliteghachi ọrụ ahụ:

[mgbọrọgwụ @ linuxbox ~] # ọrụ dnsmasq Malitegharịa ekwentị
[mgbọrọgwụ @ linuxbox ~] # ọrụ dnsmasq ọnọdụ [mgbọrọgwụ @ linuxbox ~] # host -t TXT mail.fromlinux.fan mail.fromlinux.fan bụ utu aha nke fromlinux.fan. desdelinux.fan ederede nkọwa "v = spf1 a: mail.desdelinux.fan -all"

Onwe aka debanyere asambodo na Apache ma obu httpd

Ọbụna ma ọ bụrụ na ihe nchọgharị gị na-agwa gị na «Onye nwe ya mail.fromlinux.fan Have hazie weebụsaịtị gị nke ọma. Iji gbochie gị ohi na-zuru, Firefox adịghị jikọọ na ebe nrụọrụ weebụ a ”, na mbụ site akwụkwọ Ọ Baghị uru, na ga-ekwe ka nzere n'etiti ahịa na ihe nkesa na-njem ezoro ezo, mgbe anyị na-anabata akwụkwọ.

Ọ bụrụ n’ịchọrọ, na otu ụzọ iji jikọọ asambodo, ị nwere ike ikwupụta maka Apache otu asambodo ndị ị kwupụtara maka Postfix, nke ziri ezi.

[mgbọrọgwụ @ Linux_ ~] # nano /etc/httpd/conf.d/ssl.conf
SSLCertificateFile /etc/pki/tls/certs/fromlinux.fan.crt
SSLCertificateKeyFile /etc/pki/tls/private/fromlinux.fan.key

[mgbọrọgwụ @ Linux_ ~] # ọrụ httpd Malitegharịa ekwentị
[mgbọrọgwụ @ Linux_ ~] # ọrụ httpd ọnọdụ

Tù Diffie-Hellman

Isi okwu banyere Nchedo na-esiwanye ike kwa ụbọchị na ịntanetị. Otu n'ime ọgụ kachasị na njikọ SSL, bụ ya Ndebanye aha na ịgbachitere ya ọ dị mkpa ịgbakwunye usoro ndị na-abụghị ọkọlọtọ na nhazi SSL. Maka nke a, enwere Mgbasa ozi RF-3526 «More Modular ịkọwapụta (MODP) diffie-helman iche iche maka Exchange Key Key (IKE)".

[mgbọrọgwụ @ linuxbox ~] # cd / etc / pki / tls /
[mgbọrọgwụ @ linuxbox tls] # openssl dhparam -out onwe / dhparams.pem 2048
[mgbọrọgwụ @ linuxbox tls] # chmod 600 nzuzo / dhparams.pem

Dịka mbipute Apache nke anyị tinyeworo, anyị ga-eji Diffie-Helman Group si na faịlụ ahụ /etc/pki/tls/dhparams.pem. Ọ bụrụ na ọ bụ mbipute 2.4.8 ma ọ bụ karịa, mgbe ahụ, anyị ga-agbakwunye na faịlụ ahụ / wdg /httpd/conf.d/ssl.conf usoro a:

SSLOpenSSLConfCmd DHParameters "/etc/pki/tls/private/dhparams.pem"

Versiondị Apache anyị na-eji bụ:

[mgbọrọgwụ @ linuxbox tls] # yum info httpd
Akwado plugins: fastestmirror, langpacks Na-awụ ọsọ enyo site na nnabata ụlọ nchekwa echekwara Ihe ntinye aha: httpd Architecture: x86_64
Versiondị: 2.4.6
Hapụ: 45.el7.centos Size: 9.4 M Repository: arụnyere Site repository: Base-Repo Summary: Apache HTTP Server URL: http://httpd.apache.org/ License: ASL 2.0 Nkọwa: Apache HTTP Server dị ike , oru oma, na extensible: sava weebụ.

Dịka anyị nwere nsụgharị tupu 2.4.8, anyị na-agbakwunye ọdịnaya nke Diffie-Helman Group na njedebe nke akwụkwọ CRT ewepụtara na mbụ:

[mgbọrọgwụ @ linuxbox tls] # pusi nkeonwe / dhparams.pem >> certs / desdelinux.fan.crt

Ọ bụrụ n'ịchọrọ ịlele na etinyere DH DH na asambodo CRT n'ụzọ ziri ezi, gbue iwu ndị a:

[mgbọrọgwụ @ linuxbox tls] # pusi nkeonwe / dhparams.pem 
----- Bido NTARA IHE -----
MIIBCAKCAQEAnwfWSlirEuMwJft0hgAdB0km9d3qGGiErRXPfeZU+Tqp/ZFOCdzP
/O6NeXuHI4vnsTDWEAjXmpRzq/z1ZEWQa6j+l1PgTgk2XqaMViD/gN+sFPnx2EmV
keVcMDqG03gnmCgO9R4aLYT8uts5T6kBRhvxUcrk9Q7hIpGCzGtdgwaVf1cbvgOe
8kfpc5COh9IxAYahmNt+5pBta0SDlmoDz4Rk/4AFXk2mjpDYoizaYMPeIInGUzOv
/LE6Y7VVRY/BJG9EZ5pVYJPCruPCUHkhvm+r9Tt56slk+HE2d52uFRSDd2FxK3n3
cN1vJ5ogsvmHayWUjVUA18LLfGSxEFsc4wIBAg==
----- EGO DH NTARKWU -----

[mgbọrọgwụ @ linuxbox tls] # pusi certs / desdelinux.fan.crt 
-----BEGIN CERTIFICATE-----
MIIGBzCCA++gAwIBAgIJANd9FLCkDBfzMA0GCSqGSIb3DQEBCwUAMIGZMQswCQYD
VQQGEwJDVTENMAsGA1UECAwEQ3ViYTEPMA0GA1UEBwwGSGFiYW5hMRcwFQYDVQQK
DA5EZXNkZUxpbnV4LkZhbjEUMBIGA1UECwwLRW50dXNpYXN0YXMxFzAVBgNVBAMM
DmRlc2RlbGludXguZmFuMSIwIAYJKoZIhvcNAQkBFhNidXp6QGRlc2RlbGludXgu
ZmFuMB4XDTE3MDUyMjE0MDQ1MloXDTIyMDUyMTE0MDQ1MlowgZkxCzAJBgNVBAYT
AkNVMQ0wCwYDVQQIDARDdWJhMQ8wDQYDVQQHDAZIYWJhbmExFzAVBgNVBAoMDkRl
c2RlTGludXguRmFuMRQwEgYDVQQLDAtFbnR1c2lhc3RhczEXMBUGA1UEAwwOZGVz
ZGVsaW51eC5mYW4xIjAgBgkqhkiG9w0BCQEWE2J1enpAZGVzZGVsaW51eC5mYW4w
ggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCn5MkKRdeFYiN+xgGdsRn8
sYik9X75YnJcbeZrD90igfPadZ75ehtfYIxxOS+2U+omnFgr/tCKYUVJ50seq/lB
idcLP4mt7wMrMZUDpy1rlWPOZGKkG8AdStCYI8iolvJ4rQtLcsU6jhRzEXsZxfOb
O3sqc71yMIj5qko55mlsEVB3lJq3FTDQAY2PhXopJ8BThW1T9iyl1HlYpxj7OItr
/BqiFhxbP17Fpd3QLyNiEl+exVJURYZkvuZQqVPkFAlyNDh5I2fYfrI9yBVPBrZF
uOdRmT6jv6jFxsBy9gggcy+/u1nhlKssLBEhyaKfaQoItFGCAmevkyzdl1LTYDPY
ULi79NljQ1dSwWgraZ3i3ACZIVO/kHcOPljsNxE8omI6qNFWqFd1qdPH5S4c4IR1
5URRuwyVNffEHKaCJi9vF9Wn8LVKnN/+5zZGRJA8hI18HH9kF0A1sCNj1KKiB/xe
/02wTzR/Gbj8pkyO8fjVBvd/XWI8EMQyMc1gvtIAvZ00SAB8c1NEOCs5pt0Us6pm
1lOkgD6nl90Dx9p805mTKD+ZcvRaShOvTyO3HcrxCxOodFfZQCuHYuQb0dcwoK2B
yOwL77NmxNH1QVJL832lRARn8gpKoRAUrzdTSTRKmkVrOGcfvrCKhEBsJ67Gq1+T
YDLhUiGVbPXXR9rhAyyX2QIDAQABo1AwTjAdBgNVHQ4EFgQURGCMiLVLPkjIyGZK
UrZgMkO0X8QwHwYDVR0jBBgwFoAURGCMiLVLPkjIyGZKUrZgMkO0X8QwDAYDVR0T
BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAdy1tH1DwfCW47BNJE1DW8Xlyp+sZ
uYTMOKfNdnAdeSag1WshR6US6aCtU6FkzU/rtV/cXDKetAUIzR50aCYGTlfMCnDf
KKMZEPjIlX/arRwBkvIiRTU1o3HTniGp9d3jsRWD/AvB3rSus4wfuXeCoy7Tqc9U
FaXqnvxhF8/ptFeeCeZgWu16zyiGBqMj4ZaQ7RxEwcoHSd+OByg8E9IE2cYrWP2V
6P7hdCXmw8voMxCtS2s++VRd1fGqgGxXjXT8psxmY2MrseuTM2GyWzs+18A3VVFz
UXLD2lzeYs638DCMXj5/BMZtVL2a4OhMSYY4frEbggB3ZgXhDDktUb7YhnBTViM3
2sgJJOSTltOgAnyOPE0CDcyktXVCtu3PNUc+/AB3UemI9XCw4ypmTOMaIZ2Gl6Uo
pmTk41fpFuf8pqW3ntyu43lC5pKRBqhit6MoFGNOCvFYFBWcltpqnjsWfY2gG/b5
8D5HsedueqkAsVblKPBFpv1BB9X0HhBUYsrz8jNGZGbkgR4XQoIoLbQZHEB35APU
4yT1Lzc3jk34yZF5ntmFt3wETSWwJZ+0cYPw7n4E6vbs1C7iKAMQRVy+lI5f8XYS
YKfrieiPPdmQ22Zm2Tbkqi4zjJBWmstrw6ezzAQNaaAkiOiJIwvXU81KYsN37THh
Nf0/JsEjPklCugE=
-----END CERTIFICATE-----
-----BEGIN DH PARAMETERS-----
MIIBCAKCAQEAnwfWSlirEuMwJft0hgAdB0km9d3qGGiErRXPfeZU+Tqp/ZFOCdzP
/O6NeXuHI4vnsTDWEAjXmpRzq/z1ZEWQa6j+l1PgTgk2XqaMViD/gN+sFPnx2EmV
keVcMDqG03gnmCgO9R4aLYT8uts5T6kBRhvxUcrk9Q7hIpGCzGtdgwaVf1cbvgOe
8kfpc5COh9IxAYahmNt+5pBta0SDlmoDz4Rk/4AFXk2mjpDYoizaYMPeIInGUzOv
/LE6Y7VVRY/BJG9EZ5pVYJPCruPCUHkhvm+r9Tt56slk+HE2d52uFRSDd2FxK3n3
cN1vJ5ogsvmHayWUjVUA18LLfGSxEFsc4wIBAg==
----- EGO DH NTARKWU -----

Mgbe mgbanwe ndị a gasịrị, anyị ga-amalitegharịa ọrụ Postfix na ọrụ httpd:

[mgbọrọgwụ @ linuxbox tls] # ọrụ postfix Malitegharịa ekwentị
[mgbọrọgwụ @ linuxbox tls] # ọrụ postfix ọnọdụ
[mgbọrọgwụ @ linuxbox tls] # ọrụ httpd Malitegharịa ekwentị
[mgbọrọgwụ @ linuxbox tls] # ọrụ httpd ọnọdụ

Ntinye nke Diffie-Helman Group na asambodo TLS anyị nwere ike ime ka ijikọ HTTPS dị nwayọ nwayọ, mana mgbakwunye mgbakwunye nchebe kwesịrị ya.

Na-elele Squirrelmail

MGBE na asambodo na-n'ụzọ ziri ezi site na na anyị nyochaa ha ziri ezi ọrụ dị ka anyị mere site na console iwu, ezo gị họọrọ nchọgharị na URL http://mail.desdelinux.fan/webmail ọ ga-ejikọkwa ya na onye na-azụ weebụ mgbe ịnakwere akwụkwọ kwekọrọ. Rịba ama na, n'agbanyeghị na ịkọwapụta usoro HTTP, a ga-ebutegharị ya na HTTPS, nke a bụ n'ihi nhazi ndabara nke CentOS na-enye maka Squirrelmail. Lee faịlụ /etc/httpd/conf.d/squirrelmail.conf.

Banyere igbe akwụkwọ ozi ndị ọrụ

Dovecot mepụtara igbe ozi IMAP na folda ahụ home nke ọ bụla onye ọrụ:

[mgbọrọgwụ @ linuxbox ~] # ls -la /home/legolas/mail/.imap/
ngụkọta 12 drwxrwx ---. 5 legolas mail 4096 Mee 22 12:39. drwx ------. 3 legolas legolas 75 Mee 22 11:34 .. -rw -------. 1 legolas legolas 72 Mee 22 11:34 dovecot.mailbox.log -rw -------. 1 legolas legolas Mee 8 22 12:39 dovecot-uidvalidity -r - r - r--. 1 legolas legolas 0 Mee 22 10:12 5922 dovecot-uidvalidity.1f1d2 drwxrwx ---. 56 legolas mail 22 Mee 10 23:2 INBOX drwx ------. 56 legolas legolas 22 Mee 12 39:2 Zigara drwx ------. 30 legolas legolas 22 Mee 11 34:XNUMX Mkpofu

A na-echekwa ha na / var / mail /

[mgbọrọgwụ @ linuxbox ~] # obere / var / mail / legolas
Site na MAILER_DAEMON Mon Mee 22 10:28:00 2017 Datebọchị: Mọnụ, 22 Mee 2017 10:28:00 -0400 Site na: Ozi Sistemu Isi Isiokwu: EBUP MLA Ozi A - FOLDER INTERNAL DATA Ozi-ID: <1495463280 @ linuxbox> X-IMAP: 1495462351 0000000008 Ọnọdụ: RO Ederede a bụ akụkụ nke ihe dị n’ime nke folda ozi gị, ọ bụghị ezigbo ozi. Emepụtara ya na akpaghị aka site na sistemụ sistemụ ozi Ọ bụrụ na ehichapụ ya, data nchekwa dị mkpa ga-efu, a ga-eweghachi ya na data nrụpụta na ụkpụrụ izizi. Site root@desdelinux.fan Mon Mee 22 10:47:10 2017 Weghachi-athzọ: X-Original-To: legolas nyefere-le: legolas@desdelinux.fan Anatala: site na desdelinux.fan (Postfix, site na userid 0) id 7EA22C11FC57; Mon, 22 Mee 2017 10:47:10 -0400 (EDT) :bọchị: Mon, 22 Mee 2017 10:47:10 -0400 Iji: legolas@desdelinux.fan Isiokwu: Nnwale onye ọrụ: Heirloom mailx 12.5 7/5 / 10 MIME-Version: 1.0 Ọdịnaya-:dị: ederede / larịị; charset = us-ascii Content-Transfer-Encoding: 7bit Message-Id: <20170522144710.7EA22C11FC57@desdelinux.fan> Site na: root@desdelinux.fan (mgbọrọgwụ) X-UID: 7 Ọnọdụ: RO Ndewo. Nke a bụ ozi nyocha Site buzz@deslinux.fan Mon Mee 22 10:53:08 2017 Return-Path: X-Original-To: legolas@desdelinux.fan Napụtara-To: legolas@desdelinux.fan Anatara: site na sysadmin.desdelinux.fan (ọnụ ụzọ ámá [172.16.10.1]) site na desdelinux.fan (Postfix) na ESMTP id C184DC11FC57 maka ; Mon, 22 Mee 2017 10:53:08 -0400 (EDT) Ozi-ID: <739874.219379516-sendEmail@sysadmin> Site na: "buzz@deslinux.fan" To: "legolas@desdelinux.fan" Isiokwu: Ndewo :bọchị: Mon, 22 Ka 2017 14:53:08 + 0000 X-Mailer: sendEmail-1.56 MIME-Version: 1.0 Ọdịnaya-:dị: multipart / metụtara; ókè = "---- MIME delimita maka izipuEmail-794889.899510057
/ var / mail / legolas

PAM miniseries nchịkọta

Anyị elebala anya na Mailserver ma tinye obere nchekwa na nchekwa. Anyị na-atụ anya na isiokwu ahụ na-eje ozi dị ka Ebe Ntinye aka na isiokwu dị ka ihe mgbagwoju anya ma nwee ike imehie ihe dịka ọ bụ mmejuputa ozi Mail Server na aka.

Anyị na-eji nyocha ndị ọrụ mpaghara n'ihi na ọ bụrụ na anyị gụọ faịlụ ahụ n'ụzọ ziri ezi /etc/dovecot/conf.d/10-auth.conf, anyị ga-ahụ na n'ikpeazụ ọ gụnyere -site na ndabara- faịlụ nyocha nke ndị ọrụ sistemụ ! gunyere auth-system.conf.ext. Kpọmkwem faịlụ a gwara anyị n'isi ya na:

[mgbọrọgwụ @ Linux_ ~] # less /etc/dovecot/conf.d/auth-system.conf.ext
# Nyocha maka ndị ọrụ sistemụ. Gụnyere na 10-auth.conf. # # # # Nyocha PAM. Oge kachasị sistemụ kachasị amasị anyị n'oge a.
# PAM a na-ejikarị ya ma userdb passwd ma ọ bụ userdb static. # Cheta: You'll ga - achọ faịlụ /etc/pam.d/dovecot nke emere maka PAM # nyocha iji rụọ ọrụ. passdb {driver = pam # [session = ee]] setcred = ee] [failure_show_msg = ee] [max_requests = ] # [cache_key = ] [ ] #args = nduru

Ma faịlụ ọzọ dị /etc/pam.d/dovecot:

[mgbọrọgwụ @ linuxbox ~] # pusi /etc/pam.d/dovecot 
#% PAM-1.0 auth chọrọ pam_nologin.so auth gụnyere paswọọdụ-auth akaụntụ gụnyere paswọọdụ-auth nnọkọ gụnyere paswọọdụ-auth

Kedu ihe anyị na-anwa ibuga gbasara nyocha PAM?

• CentOS, Debian, Ubuntu, na ọtụtụ nkesa Linux ndị ọzọ na-etinye Postifx na Dovecot na nyocha obodo ejirila nke ndabara rụọ ọrụ.
• Ọtụtụ isiokwu na ịntanetị na-eji MySQL - na nso nso a MariaDB - iji chekwaa ndị ọrụ na data ndị ọzọ gbasara Mailserver. MA ndị a bụ sava maka puku kwuru puku nke ndị ọrụ, ọ bụghị maka kpochapụwo SME Network na - ikekwe - ọtụtụ narị ndị ọrụ.
• Nyocha site na PAM dị mkpa ma zuru oke iji nye ọrụ netwọk ọ bụrụhaala na ha na-agba ọsọ na otu sava dị ka anyị hụworo na miniseries a.
• Ndị ọrụ echekwara na nchekwa data LDAP nwere ike ịdepụta dị ka a ga - asị na ha bụ ndị ọrụ mpaghara, yana enwere ike iji PAM iji nye ọrụ ntanetị sitere na sava Linux dị iche iche na - arụ ọrụ dịka ndị ahịa LDAP na sava nyocha etiti. N'ụzọ dị otú a, anyị ga-arụ ọrụ na nzere nke ndị ọrụ echekwara na nchekwa data nke ihe nkesa LDAP dị n'etiti, ọ gaghị abụ ihe dị mkpa iji debe nchekwa data na ndị ọrụ mpaghara.

Ruo mgbe njem ọzọ!