Postfix + Dovecot + Squirrelmail me nga kaiwhakamahi o te rohe - SMB Networks

Taupū whanui o te raupapa: Tuihono Rorohiko mo nga SME: Whakataki

Ko tenei tuhinga ko te haere tonu me te whakamutunga o nga miihini iti:

• Squid + PAM Motuhēhēnga kei runga i te CentOS 7.
• Kaiwhakamahi o te rohe me te whakahaere roopu
• NSD Kaituku DNS Kaiwhakahaere + Papamuri
• Prosody IM me nga kaiwhakamahi o te rohe
  

Kia ora e hoa ma, e hoa ma!

te Ngakau hihiri kei te hiahia ratou ki te whai i ta raatau ake kaituku mēra. Kaore ratou e hiahia ki te whakamahi i nga kaiwhakarato kei hea te "Tūmataitinga" i waenga i nga tohu paatai. Ko te kaitiaki mo te whakamahi i to ratonga ki to kaitoha iti ehara i te tohunga mo tenei kaupapa ka timata ia ki te whakauru i te kaupapa o te kaituku mēra a meake nei. Koina nga "wharite" hei hanga i te Mailserver Katoa he uaua ki te maarama me te whakamahi. 😉

Tuhipoka Tuhipoka

• He mea tika kia maarama mo tehea mahinga o ia hotaka e uru ana ki te Mailserver e mahi ana. Hei kaiarahi tuatahi ka hoatu e matou he hononga honohono ki te kaupapa kua whakapaetia kua tirohia.
• Ko te whakamahi a-ringa mai i te wahanga ko te Ratonga Mutu Katoa he mahi ngenge, ki te kore ko koe tetahi o nga "I kowhiria" e mahi ana i enei momo mahi ia ra. Ko te Kaiwhakarato Mera he maha nga momo hotaka e haangai wehe ana SMTP, POP / IMAP, Te Penapena Rohe o nga Karere, nga mahi e pa ana ki te maimoatanga o nga SPAM, Pareketo, etc. KATOA o enei mahinga me tika te whakawhitiwhiti korero ki a ratau ano.
• Kaore he rahi kotahi e uru katoa ana ki nga "mahinga pai" ranei me pehea te whakahaere i nga kaiwhakamahi; kei hea me pehea te penapena korero, me pehea ranei te mahi i nga waahanga katoa hei mahi kotahi.
• Ko te huihuinga me te whakatikatika i te Mailserver he mea kino ki nga mea penei i nga whakaaetanga me nga rangatira o nga konae, te kowhiri ko wai te kaitautoko hei whakahaere i tetahi waahanga, me nga hapa iti i mahia i etahi konae whirihora.
• Engari ki te kore koe e tino mohio ki taau e mahi nei, ko te mutunga ko te ahuru me te kore o te mahi Kaihoko Mera. I te mutunga o te whakatinanatanga Kaore e mahi, tera pea ka iti ake te kino.
• Ka kitea i runga i te Ipurangi te maha o nga tohutao me pehea te mahi i tetahi Kaihoko Mera. Ko tetahi o nga tino mahi -ki taku ake whakaaro ake- Ko ta te kaituhi tenei i tuku Ivar Abrahamamsen i tana putanga tekau ma toru o Hanuere 2017 «Me pehea te whakarite i tetahi kaituku mēra ki te punaha GNU / Linux".
• Ka tūtohu ano matou ki te panui i te tuhinga «He Mailserver i runga i te Ubuntu 14.04: Postfix, Dovecot, MySQL«, ranei «He Mailserver i runga i te Ubuntu 16.04: Postfix, Dovecot, MySQL".
• Pono. Ko nga tuhinga tino pai mo tenei mea e kitea ana i te reo Ingarihi.
  • Ahakoa kaore maatau e hanga pono i tetahi Mailserver e te Me pehea ... kua whakahuatia i te whiti o mua, ma te whai noa i te whai i ia taahi ka whai whakaaro nui taatau ka anga atu.
• Mena kei te hiahia koe kia oti te Mailserver i roto i etahi waahanga noa, ka taea e koe te tango i te ahua iRedOS-0.6.0-CentOS-5.5-i386.iso, tirohia ranei tetahi atu mea hou, ahakoa iRedOS ranei iRedMera. Ko te huarahi tenei e taunaki ana ahau.

Ka whakauru maatau ka whirihora hoki:

• Pouaka hei kaiwhakarato MTuhinga o mua Transport Angawari (SMTP).
• Dovecot hei POP - kaiwhakarato IMAP.
• Tiwhikete mo nga hononga na roto i TLS.
• Whakawhirinaki hei atanga tukutuku mo nga kaiwhakamahi.
• Rekoata DNS e pā ana ki te «Te Anga Kaupapa here Kaituku»Ranei SPF.
• Whakatupuranga module Rōpū Diffie Hellman ki te whakapiki i te ahuru o nga tiwhikete SSL.

Me mahi tonu:

Ko te mea ke ko nga ratonga e whai ake nei ka waiho tonu hei whakatinana:

• Panekereke: Nga kaupapa here a te kaiwhakarato paanui mo nga Rarangi Kerei ka paopao i te Mera Paraurehe.
  
• Amavisd-hou: tuhinga e hanga hononga ana i waenga i te MTA, me nga matawai huaketo me nga taatari ihirangi.
• Clamav Pareketo: huinga wheori
• SpamAssassin: tango Moko Paraurehe
• heu (pyzor): Hopu SPAM na roto i te hononga tohatoha me te hononga. Kei te whatunga Vipul Razor tetahi papaarangi kua whakahoutia mo te whakatipuranga o nga miihini paraurehe, ki te SPAM ranei.
• Ko te rekoata DNS "DomainKeys Identified Mail" ranei DKIM.

Mōkene postgrey, amavisd-hou, clamav, spamassassin, heu y mokamoka E kitea ana i nga putunga korero o te hotaka. Ka kitea hoki e tatou te kaupapa openkim.

• Ko te whakapuakitanga tika o nga rekoata DNS "SPF" me te "DKIM" he mea nui mena kaore tatou e hiahia ki te whakamahi noa i ta maatau kaituku mēra, kia kiia he kore, he kaihanga ranei mo te SPAM, te Paraurehe Meta ranei, na etahi atu ratonga mēra penei Gmail, Yahoo, Hotmail, etc..

Arowhai tuatahi

Kia mahara ko tenei tuhinga he whakaputanga o etahi atu ka tiimata i te Squid + PAM Motuhēhēnga kei runga i te CentOS 7.

Ko te atanga Ens32 LAN e hono ana ki te Whatunga a-roto

[root @ linuxbox ~] # nano / etc / sysconfig / tuhinga-tuhi / ifcfg-ens32
DEVICE=ens32
ONBOOT=yes
BOOTPROTO=static
HWADDR=00:0c:29:da:a3:e7
NM_CONTROLLED=no
IPADDR=192.168.10.5
NETMASK=255.255.255.0
GATEWAY=192.168.10.1
DOMAIN=desdelinux.fan
DNS1=127.0.0.1
ZONE = iwi whanui

[root @ linuxbox ~] # Ifdown ens32 && mena ka whai ake

Hanga34 WAN atanga hono ki te Ipurangi

[root @ linuxbox ~] # nano / etc / sysconfig / tuhinga-tuhi / ifcfg-ens34
DEVICE = ens34 ONBOOT = ae BOOTPROTO = static HWADDR = 00: 0c: 29: da: a3: e7 NM_CONTROLLED = kore IPADDR = 172.16.10.10 NETMASK = 255.255.255.0 # Kua honoa te pouara ADSL ki # tenei atanga me # te wahitau e whai ake nei GATEWAY IP = 172.16.10.1 DOMAIN = desdelinux.fan DNS1 = 127.0.0.1
ZONE = waho

Te taumira DNS mai i te LAN

[root @ linuxbox ~] # ngeru /etc/resolv.conf rapua mai i linux.fan nameserver 127.0.0.1 nameserver 172.16.10.30 [root @ linuxbox ~] # host mail
mail.desdelinux.fan he ingoa ingoakore mo te linuxbox.desdelinux.fan. linuxbox.desdelinux.fan he wahitau 192.168.10.5 linuxbox.desdelinux.fan mēra ka whakahaerehia e te 1 mail.desdelinux.fan.

[root @ linuxbox ~] # host mail.fromlinux.fan
mail.desdelinux.fan he ingoa ingoakore mo te linuxbox.desdelinux.fan. linuxbox.desdelinux.fan he wahitau 192.168.10.5 linuxbox.desdelinux.fan mēra ka whakahaerehia e te 1 mail.desdelinux.fan.

Te taumira DNS mai i te Ipurangi

buzz @ sysadmin: ~ $ host mail.fromlinux.fan 172.16.10.30
Te whakamahi i te kaitohu rohe: Ingoa: 172.16.10.30 Wāhitau: 172.16.10.30 # 53 Ingoakē: mail.desdelinux.fan he ingoakē mō desdelinux.fan.
mai i linux.fan he wahitau 172.16.10.10
desdelinux.fan mēra ka whakahaerehia e te 10 mail.desdelinux.fan.

Nga raru e whakatau ana i te ingoa ingoa "desdelinux.fan" i te rohe

Mena he raru koe ki te whakatau i te ingoa ingoa «fromlinux.fanTuhinga ka whai mai LAN, ngana ki te korero i te raina konae /etc/dnsmasq.conf te wahi e kiia ana rohe = / mai i linux.fan /. Muri iho, tiimata ano te Dnsmasq.

[root @ linuxbox ~] # nano /etc/dnsmasq.conf # Korerohia te raina i raro:
# rohe = / desdelinux.fan /

[root @ linuxbox ~] # ratonga dnsmasq ka tiimata ano
Ko te anga ki te / ipu / systemctl ka tiimata ano te dnsmasq.service

[root @ linuxbox ~] # ratonga dnsmasq mana

[root @ linuxbox ~] # Kaihautu mai i linux.fan
desdelinux.fan he wahitau 172.16.10.10 desdelinux.fan mēra ka whakahaerehia e 10 mail.desdelinux.fan.

Paerua me te Dovecot

Ko nga tuhinga tino whanui o te Postfix me te Dovecot ka kitea i:

[root @ linuxbox ~] # ls /usr/share/doc/postfix-2.10.1/
bounce.cf.default LICENSE README-Postfix-SASL-RedHat.txt KAUPAPA matua.cf.default TLS_ACKNOWLEDGEMENTS tauira README_FILES TLS_LICENSE

[root @ linuxbox ~] # ls /usr/share/doc/dovecot-2.2.10/
AUTHORS COPYING.MIT dovecot-openssl.cnf NEWS wiki COPYING ChangeLog tauira-config README COPYING.LGPL tuhinga.txt mkcert.sh solr-schema.xml

I roto i te CentOS 7, ka whakauruhia e te taunoa te Metaapuna MTA ka kowhiria e maatau te waahanga o te Kaiwhakarato Hangangai. Me matua mohio taatau ko te horopaki SELinux ka ahei te tuhi ki a Potfix i roto i te rarangi karere a rohe.

[root @ linuxbox ~] # getsebool -a | grep postfix
pouwhakaaro_whaiti_ tuhi_mihana_hono -> on

Whakakētanga kei te PātūahiD

Ma te whakamahi i te atanga whakairoiro hei whirihora i te PātūahiD, me kī taurangi ko nga ratonga me nga tauranga e whai ake nei kua whakahohea mo ia Rohe

# ----------------- -----
# Whakatika i te PatuahiD
# ----------------- -----
# Patuahi
# Rohe a te iwi: http, https, imap, pop3, ratonga smtp
# Rohe a-iwi: tauranga 80, 443, 143, 110, 25

# Rohe a-Waho: http, https, imap, pop3s, ratonga smtp
# Rohe a-waho: tauranga 80, 443, 143, 995, 25

Ka whakauruhia e maatau a Dovecot me nga papatono e tika ana

[root @ linuxbox ~] # yum whakauruhia te kukupa mod_ssl waea imeera imeera

Whirihoranga Dovecot Iti

[root @ linuxbox ~] # nano /etc/dovecot/dovecot.conf
tikanga =imap pop3 lmtp
whakarongo =*, ::
takiuru_greeting = Kua rite te Dovecot!

Ka taea e maatau te whakakore i te pono pono a Dovecot:

[root @ linuxbox ~] # nano /etc/dovecot/conf.d/10-auth.conf 
whakaweto_plaintext_auth = āe

Ka whakaatuhia e matou te Rōpū me nga mea tika kia uru ki te Dovecot, me te waahi o nga korero:

[root @ linuxbox ~] # nano /etc/dovecot/conf.d/10-mail.conf
mail_location = mbox: ~ / mēra: INBOX = / var / mail /% u
mail_privileged_group = mēra
mail_access_groups = mēra

Nga Tiwhikete mo te Kukupa

Ka mahi a Dovecot i o tiwhikete whakamatautau i runga i nga raraunga o te konae /etc/pki/dovecot/dovecot-openssl.cnf. Kia hangaia he tiwhikete hou e ai ki a maatau whakaritenga, me mahi e maatau nga huarahi e whai ake nei:

[root @ linuxbox ~] # cd / etc / pki / kukupa /
[root @ linuxbox dovecot] # nano dovecot-openssl.cnf
[req] default_bits = 1024 encrypt_key = ae distaced_name = req_dn x509_extensions = tohu tiwhikete tohu = kore [req_dn] # whenua (2 waehere reta) C = CU # State State ranei Ingoa Ingoa (ingoa katoa) ST = Cuba # Ingoa Rohe (hei. pa. ) L = Habana # Whakahaere (hei tauira. Kamupene) O = Mai iLinux.Fan # Ingoa Wae Whakahaere (hei tauira. Wahanga) OU = Ngahau # Ingoa noa (* .aeaa te tauira.com ka taea) CN = *. Desdelinux.fan # E -mera whakapā imeeraAddress=buzz@desdelinux.fan [tiwhikete_tae] nsCertType = tūmau

Ka whakakorehia e maatau nga tiwhikete whakamatautau

[root @ linuxbox dovecot] # rm certs / dovecot.pem 
rm: mukua te konae "certs / dovecot.pem"? (y / n) y
[root @ linuxbox dovecot] # rm motuhake / dovecot.pem 
rm: mukua te konae auau "motuhake / dovecot.pem"? (y / n) y

Ka taarua ka mahi i te tuhinga mkcert.sh mai i te raarangi tuhinga

[root @ linuxbox dovecot] # cp /usr/share/doc/dovecot-2.2.10/mkcert.sh [root @ linuxbox dovecot] # bash mkcert.sh 
Te whakaputa i te 1024 moka RSA ratau muna ...... ++++++ ................ ++++++ te tuhi i tetahi ki motuhake ake ki '/ etc / pki / dovecot / private / dovecot.pem '----- kaupapa = /C=CU/ST=Cuba/L=Habana/O=DesdeLinux.Fan/OU=Entusiasts/CN=*.desdelinux.fan/emailAddress= buzz@desdelinux.fan SHA1 Maihao = 5F: 4A: 0C: 44: EC: EC: EF: 95: 73: 3E: 1E: 37: D5: 05: F8: 23: 7E: E1: A4: 5A

[root @ linuxbox dovecot] # ls -l certs /
katoa 4 -whe -------. 1 pakiaka pakiaka 1029 Mei 22 16:08 kukupa.pem
[root @ linuxbox dovecot] # ls -l takitahi /
katoa 4 -whe -------. 1 pakiaka pakiaka 916 Mei 22 16:08 kukupa.pem

[root @ linuxbox dovecot] # ratonga kukupa ka tiimata ano
[root @ linuxbox dovecot] # ratonga mana kukupa

Tiwhikete mo te Paerua Whakahou

[root @ linuxbox ~] # cd / etc / pki / tls / [root @ linuxbox tls] # openssl req -sha256 -x509 -nodes -newkey rsa: 4096 -day 1825 \ -out certs / desdelinux.fan.crt -keyout takitahi / desdelinux.fan.key

Kei te whakaputa i te 4096 moka RSA ratau muna tuturu ......... ++ .. ++ te tuhi i tetahi raka tuuturu hou ki 'muna / domain.tld.key' ----- Ka tonoa koe kia whakauruhia nga korero ka whakauruhia atu ki to tono tiwhikete. Ko taau e tomo atu nei ko te mea e kiia ana he Ingoa Rongonui he DN ranei. He nui noa nga mara engari ka waatea e koe etahi mo nga mara he uara taunoa, ki te whakauru koe '.', Ka waatea noa iho te mara. ----- Ingoa Whenua (2 reta waehere) [XX]: CU State, Porowini Ingoa ranei (ingoa katoa) []: Cuba Ingoa Takiwa (hei tauira, taone) [Taone Taunoa]: Habana Whakamaa Ingoa (hei tauira, kamupene) [ Kamupene Taunoa Ltd]: Mai i Linux. Ingoa Wae Whakahaere Whakahaere (hei tauira, waahanga) []: Kaingākau Ingoa noa (hei tauira, ko to ingoa te ingoa ingoa o to kaituku) []: desdelinux.fan Wāhitau Ime []: buzz@desdelinux.fan

Whirihoranga Paerewa iti

Ka taapirihia e maatau ki te pito o te konae / etc / nga ingoa te muri:

pakiaka: buzz

Kia whai hua ai nga whakarereketanga ka mahia e matou enei ture e whai ake nei:

[root @ linuxbox ~] # hou hou

Ma te whakatika tika i te konae e taea ai te whakarite whirihora /etc/postfix/main.cf ma te whakahau ranei pouakiri -e kia tupato ko nga waahanga katoa e hiahia ana matou ki te whakarereke ki te taapiri ranei, ka kitea i roto i te raina kotahi o te papatohu:

• Me kii e ia ake nga whiringa e maarama ana ratou, e hiahiatia ana hoki!.

[root @ linuxbox ~] # postconf -e 'myhostname = desdelinux.fan'
[root @ linuxbox ~] # postconf -e 'mydomain = desdelinux.fan'
[root @ linuxbox ~] # postconf -e 'myorigin = $ mydomain'
[root @ linuxbox ~] # postconf -e 'inet_interfaces = katoa'
[root @ linuxbox ~] # postconf -e 'mydestination = $ myhostname, localhost. $ mydomain, localhost, $ mydomain, mail. $ mydomain, www. $ mydomain, ftp. $ mydomain'

[root @ linuxbox ~] # postconf -e 'mynetworks = 192.168.10.0/24, 172.16.10.0/24, 127.0.0.0/8'
[root @ linuxbox ~] # postconf -e 'mailbox_command = / usr / bin / procmail -a "$ EXTENSION"'
[root @ linuxbox ~] # postconf -e 'smtpd_banner = $ myhostname ESMTP $ mail_name ($ mail_version)'

Ka taapirihia e maatau ki te pito o te konae /etc/postfix/main.cf nga whiringa i homai i raro ake nei. Kia mohio ai koe ki te tikanga o ia, me tuku e maatau nga tuhinga e whai ake nei.

biff = kaore
taapiri_dot_mydomain = kaore
roa_whakaaro_ wā = 4h
readme_directory = kaore
smtpd_tls_cert_file = / etc / pki / certs / desdelinux.fan.crt
smtpd_tls_key_file = / etc / pki / takitahi / desdelinux.fan.key
smtpd_use_tls = ae
smtpd_tls_session_cache_database = btree: $ {data_directory} / smtpd_scache
smtp_tls_session_cache_database = btree: $ {data_directory} / smtp_scache
smtpd_relay_restrictions = whakaahei_akunetworks permit_sasl_authenticated defer_unauth_destination

# Te rahi o te pouaka pouaka 1024 megabytes = 1 g me te g
pouaka-pouaka_size_limit = 1073741824

kaiwhiwhi_delimiter = +
maximal_queue_lifetime = 7d
header_checks = regexp: / etc / postfix / header_checks
body_checks = regexp: / etc / postfix / body_checks

# Nga kaute e tuku ana i te kape o nga meera whakauru ki tetahi atu nama
kaiwhiwhi_bcc_maps = hash: / etc / postfix / accounts_ forwarding_copy

Ko nga raarangi e whai ake nei he mea nui ki te whakatau ko wai ka tuku i nga meera me te tuku ki etahi atu kaiwhakarato, kia kore ai e whirihorahia te whirihora i tetahi "whakapapa tuwhera" ka taea ai e nga kaiwhakamahi kore pono te tuku meera. Me matua tirotiro ki nga whaarangi awhina Postfix kia maarama he aha te tikanga o ia whiringa.

• Me kii e ia ake nga whiringa e maarama ana ratou, e hiahiatia ana hoki!.

smtpd_helo_restrictions = whakaaetanga_aku whatunga,
 whakatupato_if_reject rej_non_fqdn_hostname,
 whakakore_invalid_hostname,
 tukua e

smtpd_sender_restrictions = whakaaetanga_sasl_authenticated,
 whakaaetanga_aku whatunga,
 whakatupato_if_reject rej_non_fqdn_sender,
 menolak_unknown_sender_domain,
 Whakakahore_unauth_pipelining,
 tukua e

smtpd_client_restrictions = rej_rbl_client sbl.spamhaus.org,
 Whakakahore_rbl_client blackholes.easynet.nl

# PANUI: Ko te whiringa "check_policy_service inet: 127.0.0.1: 10023"
# whakahohea te kaupapa Postgrey, kaua hoki e uru ki te whakauru
# ki te kore ka whakamahia e matou a Postgrey

smtpd_recipient_restrictions = pana_unauth_pipelining,
 whakaaetanga_aku whatunga,
 permit_sasl_autuhua,
 menolak_non_fqdn_recipient,
 Whakakahore_unknown_recipient_domain,
 menolak_unauth_destination,
 takina_policy_service inet: 127.0.0.1: 10023,
 tukua e

smtpd_data_restrictions = whakakore_unauth_pipelining

smtpd_relay_restrictions = pana_unauth_pipelining,
 whakaaetanga_aku whatunga,
 permit_sasl_autuhua,
 menolak_non_fqdn_recipient,
 Whakakahore_unknown_recipient_domain,
 menolak_unauth_destination,
 takina_policy_service inet: 127.0.0.1: 10023,
 tukua e
 
smtpd_helo_required = āe
smtpd_delay_reject = āe
whakaweto_vrfy_command = ae

Ka hangaia e matou nga konae / etc / pouwhakaahua / body_check y / etc / paerewa / nama_ whakamua_ kape, ka whakarerekehia e matou te konae / etc / pouwhakahoki / pane_paki.

• Me kii e ia ake nga whiringa e maarama ana ratou, e hiahiatia ana hoki!.
  

[root @ linuxbox ~] # nano / etc / postfix / body_checks
# Mena ka whakarereke tenei konae, kaore e tika te # ki te whakahaere i te pou pou # Hei whakamatautau i nga ture, rere hei pakiaka: # panui -q 'super hou v1agra' regexp: / etc / pouwhakaraki / body_check
# Me hoki ano: # Whakakahore Ture # 2 Tino Karere mo te Tino Karere
/ viagra / REJECT Ture # 1 Anti Spam o te tinana korero
/ super hou v [i1] agra / REJECT Ture # 2 Anti korero Spam tinana tinana

[root @ linuxbox ~] # nano / etc / postfix / accounts_ whakamua_copy
# Whai muri i te whakarereke, me mahi e koe: # panui / aha / peera / nama / whakamua_ kape
# ana ka hangahia te konae: # /etc/postfix/accounts_forwarding_copy.db
# ----------------- # He kaute kotahi hei tuku i tetahi Kopae BCC # BCC = Tika Waro Pango # Tauira: # webadmin@desdelinux.fan buzz@desdelinux.fan

[root @ linuxbox ~] # panui / aha / peera / nama / whakamua_ kape

[root @ linuxbox ~] # nano / etc / postfix / header_checks
# Taapirihia i te pito o te konae # KAUA E TONO I Te Paetukutuku Postmap na te mea he Whakahua Auau
/ ^ Kaupapa: =? Nui5? / KAUPONO I te whakawae Hainamana kaore i whakaaetia e tenei kaituku
/ ^ Kaupapa: =? EUC-KR? / Whakapaapae i te whakawaehere a Korea kaore i whakaaetia e tenei kaituku
/ ^ Kaupapa: ADV: / REJECT Panui kaore i whakaaetia e tenei kaituku
/ ^^Mai:.*\@.*\.cn/ WHAKATAHI Aroha mai, kaore i whakaaetia nga mēra Haina
/ ^^Mai:.*\@.*\.kr/ WHAKATAHI Aroha mai, kaore i whakaaetia nga mēra Korea
/ ^^Mai:.*\@.*\.tr/ KAUPONO, aroha mai, kaore i whakaaetia nga miera a Turiki i konei
/ ^^Mai:.*\@.*\.ro/ WHAKATAHI Aroha mai, kaore i whakaaetia nga miera Romana i konei
/^(Ra riro mai teMessage-IdflixX-(MaileromiaSender)):.*\b(AutoMailflixE-BroadcasterflixEmailer Platinum | Thunder Server | eMarksman | Tango | e-Hanumi | mai puku Karere a-ao | roopu roopu | Mailcast | MailKing | Match10 | MassE-Mail | massmail \ .pl | Kaituku purongo
/ ^ Mai i: "spammer / REJECT
/ ^ Mai i: "spam / REJECT
/SiKaupapa :.*viagra / WHAKATAHI
# Toronga whakaraerae
/ name = [^> Iluminación * \. (bat | cmd | exe | com | pif | scr | vb | vbe | vbs) / REJECT REJECT Kaore matou e whakaae ki nga taapiri me enei whakaroanga

Ka tirohia e matou te taarua, ka tiimata ano te Apache me te Postifx, ka whakahohe ka tiimata te Dovecot

[root @ linuxbox ~] # taki paeroa
[root @ linuxbox ~] #

[root @ linuxbox ~] # systemctl kia tiimata te httpd
[root @ linuxbox ~] # systemctl mana httpd

[root @ linuxbox ~] # systemctl whakaaraara ano i te paarua
[root @ linuxbox ~] # systemctl mana whakarereketanga

[root @ linuxbox ~] # systemctl mana kukupa
● dovecot.service - Kaiwhakarite imeera IMAP / POP3 Kua utaina: utaina (/usr/lib/systemd/system/dovecot.service; monokia; kaihoko tatūkē: monokia) Hohe: koretake (kua mate)

[root @ linuxbox ~] # systemctl whakahohea te kukupa
[root @ linuxbox ~] # systemctl tiimata te kukupa
[root @ linuxbox ~] # systemctl whakaara ano i te kukupa
[root @ linuxbox ~] # systemctl mana kukupa

Arowhai taumata-Papatohu

• He mea tino nui i mua i te haere tonu me te whakauru me te whirihora i etahi atu papatono, kia iti ake te tirotiro i nga ratonga SMTP me te POP.

Paetata mai i te kaitoha ake

Ka tukuna he imeera ki te kaiwhakamahi o te rohe Legolas.

[root @ linuxbox ~] # echo "Kia ora. He korero whakamatautau tenei" | mēra -s "Whakamatau" legolas

Ka tirohia e maatau te pouaka pouaka o Legolas.

[root @ linuxbox ~] # openssl s_client -crlf -hono 127.0.0.1aktos110 -starttls pop3

I muri o te korero Kua Rite te Dovecot! haere tonu matou:

---
+ OK Kua Rite te Dovecot!
USER legolas + OK PASS legolas + OK Whakauru. STAT + OK 1 559 LIST + OK 1 nga karere: 1 559. RETR 1 + OK 559 oketeti Whakahoki-Ara: X-Taketake-Ki: legolas I Tukuna-Ki: legolas@desdelinux.fan Kua riro: na desdelinux.fan (Paetukutuku, mai i te kaiwhakamahi 0) id 7EA22C11FC57; Mane, 22 Mei 2017 10:47:10 -0400 (EDT) Te Ra: Mane, 22 Mei 2017 10:47:10 -0400 Ki: legolas@desdelinux.fan Kaupapa: Whakamatau Kaiwhakamahi-Maakete: Heirloom mailx 12.5 7/5 / 10 MIME-Putanga: 1.0 Momo-Ihirangi: tuhinga / mania; charset = us-ascii Ihirangi-Whakawhiti-Whakawaehere: 7bit Karere-Id: <20170522144710.7EA22C11FC57@desdelinux.fan> Mai i: root@desdelinux.fan (pakiaka) Kia ora. He korero whakamatautau tenei. MUTU MUTIA
[root @ linuxbox ~] #

Mamao mai i te rorohiko i te LAN

Tukuna atu he korero ki Legolas mai i tetahi atu rorohiko i te LAN. Kia mahara kaore e tino hiahiatia te haumarutanga TLS i roto i te Whatunga SME.

buzz @ sysadmin: ~ $ sendemail -f buzz@deslinux.fan \
-t legolas@ desdelinux.fan \
-u "Kia ora" \
-m "Tena koutou Legolas mai i to hoa Buzz" \
-s mail.desdelinux.fan -o tls = no
May 22 10:53:08 sysadmin sendemail [5866]: I tutuki pai te tuku imeera!

Mena ka ngana tatou ki te hono atu telnet Mai i te kaihautu i te LAN - mai i te Ipurangi, ko te tikanga - ki te Dovecot, ka whai ake na te mea ka whakakorehia e matou te motuhēhēnga tuhituhi:

buzz @ sysadmin: ~ $ telnet mail.fromlinux.fan 110Te whakamatautau ana i te 192.168.10.5 ...
Kua hono atu ki te linuxbox.fromlinux.fan. Ko te tohu mawhiti ko '^]'. + OK Kua Rite te Dovecot! legolas kaiwhakamahi
-ERR [AUTH] I whakaaetia te motuhēhēnga Plaintext i runga i nga hononga kore-haumaru (SSL / TLS).
whakamutua + OK Te takiuru Kua honoa te hononga e te manene ke.
buzz @ sysadmin: ~ $

Me mahi e tatou i roto i openssl. Ko te putanga katoa o te whakahau ko te:

buzz @ sysadmin: ~ $ openssl s_client -crlf -mono hono.fromlinux.fanheast110 -starttls pop3
HONO (00000003)
hohonu = 0 C = CU, ST = Cuba, L = Havana, O = FromLinux.Fan, OU = Kaingakau, CN = * .fromlinux.fan, imeeraAddress = buzz@desdelinux.fan
manatoko hapa: num = 18: tiwhikete hainatanga kua hainahia te whakahoki mai: 1
hohonu = 0 C = CU, ST = Cuba, L = Havana, O = FromLinux.Fan, OU = Ngahau, CN = * .fromlinux.fan, imeeraAddress = buzz@fromlinux.fan manatoko hokinga: 1
--- Raina tiwhikete 0 s: /C=CU/ST=Cuba/L=Habana/O=DesdeLinux.Fan/OU=Entusiasts/CN = *. Desdelinux.fan/emailAddress=buzz@desdelinux.fan i: / C =CU/ST=Cuba/L=Habana/O=DesdeLinux.Fan/OU=Entusiasts/CN=*.desdelinux.fan/emailAddress=buzz@desdelinux.fan --- Tiwhikete Tūmau ----- KATOA KAUPAPA- --- MIICyzCCAjSgAwIBAgIJAKUHI / 2ZD + MeMA0GCSqGSIb3DQEBBQUAMIGbMQswCQYD VQQGEwJDVTENMAsGA1UECBMEQ3ViYTEPMA0GA1UEBxMGSGFiYW5hMRcwFQYDVQQK Ew5EZXNkZUxpbnV4LkZhbjEUMBIGA1UECxMLRW50dXNpYXN0YXMxGTAXBgNVBAMU ECouZGVzZGVsaW51eC5mYW4xIjAgBgkqhkiG9w0BCQEWE2J1enpAZGVzZGVsaW51 eC5mYW4wHhcNMTcwNTIyMjAwODEwWhcNMTgwNTIyMjAwODEwWjCBmzELMAkGA1UE BhMCQ1UxDTALBgNVBAgTBEN1YmExDzANBgNVBAcTBkhhYmFuYTEXMBUGA1UEChMO RGVzZGVMaW51eC5GYW4xFDASBgNVBAsTC0VudHVzaWFzdGFzMRkwFwYDVQQDFBAq LmRlc2RlbGludXguZmFuMSIwIAYJKoZIhvcNAQkBFhNidXp6QGRlc2RlbGludXgu ZmFuMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC7wckAiNNfYSz5hdePzKuZ Bnk m2MMuhGDvwrDSPDEcVutznbZSgJ9bvTo445TR + + + nBmqxzJbpc OZ80lujS2hP XR7E9eWIXxr4fP4HpRrCA8NxlthEsapVMSHW + lnPBqF2b / Bt2eYyR7g JhtlP6gRG V57MmgL8BdYAJLvxqxDIxQIDAQABoxUwEzARBglghkgBhvhCAQEEBAMCBkAwDQYJ KoZIhvcNAQEFBQADgYEAAuYU1nIXTbXtddW + QkLskum7ESryHZonKOCelfn2vnRl 8oAgHg7Hbtg / e6sR / W9m3DObP5DEp3lolKKIKor7ugxtfA4PBtmgizddfDKKMDql LT + MV5 / DP1pjQbxTsaLlZfveNxfLRHkQY13asePy4fYJFOIZ4OojDEGQ6 / VQBI8 = ----- ----- MUTUNGA pukapuka kaupapa = / C = CU / ST = Cuba / L = Havana / e = DesdeLinux.Fan /OU=Entusiasts/CN=*.desdelinux.fan/emailAddress=buzz@desdelinux.fan kaituku = / C = CU / ST = Cuba / L = Habana / O = DesdeLinux.Fan / OU = Entusiasts / CN = *. Desdelinux .fan / emailAddress = buzz @ desdelinux.fan --- Kaore he tiwhikete kaihoko i whakaingoa ingoa CA Tukuna Kihi Rangatira: ECDH, secp384r1, 384 paraire --- Kua paanui te ringaringa SSL 1342 paita me te tuhi 411 paita --- Hou, TLSv1 / SSLv3 , Ko te Cipher ko ECDHE-RSA-AES256-GCM-SHA384 Ko te taviri a te iwi mo te 1024 bit Haumaru Whakatikatika IS ka tautokohia te Whakawhitinga: KORE WHAKANUI: KORE SSL-Wāhanga: Kawa: TLSv1.2 Kaitiro: ECDHE-RSA-AES256-GCM-SHA384 Session- ID: C745B4A0236204E16234CB15DC9CDBC3D084125FF5989F5DB6C5295BF4E2D73A Sesi-ID-ctx: Matua-Kī : 1904D204C564B76361CEA50373F8879AF793AF7D7506C04473777F6F3503A9FD919CD1F837BC67BFF29E309F352526F5 Kī-Arg: Tetahi Krb5 Principal: Tetahi PSK 300 tuakiri: Tetahi tuakiri PSK tohu: hs 0000F4F3A8FD29CD7F4BC63BFF72E7F6F4 Key-Arg: Tetahi Krb7 Principal: tetahi 1 PSK tuakiri: tuakiri tetahi PSK tohu: hs XNUMX wātū TLS XNUMX hēkona XNUMX f Nonec XNUMX wātū titeti XNUMX f XNUMX hēkona XNUMX FXNUMXFXNUMX tīkiti ec XNUMXe XNUMXc N:. zOcr ... O .. ~.
 0010 - 2c d4 be a8 be 92 2e ae-98 7e 87 6d 45 c5 17 a8, ........ ~ .mE ...
 0020 - db 3a 86 80 df 8b dc 8d-f8 1f 68 6e db a7 e3 86 .: ........ hn ....
 0030 - 08 35 e5 eb 98 b8 a4 98-68 b1 ea f7 72 f7 c1 79 .5 ...... h ... r..y 0040 - 89 4a 28 e3 85 a4 8b da-e9 7a 29 c7 77 bf 22 0d .J (...... z) .w. ".
 0050 - bd 5c f6 61 8c a1 14 bd-cb 31 27 66 7a dc 51 28. \. A ..... 1'fz.Q (0060 - b7 de 35 bd 2b 0f d4 ec-d3 e0 14 c8 65 03 b1 35 ..5. + ....... e..5 0070 - 38 34 f8 de 48 da ae 31-90 bd f6 b0 e6 9c cf 19 84..H..1 ..... ...
 0080 - f5 42 56 13 88 b0 8c db-aa ee 5a d7 1b 2c dd 71 .BV ....... Z ..,. Q 0090 - 7a f1 03 70 90 94 c9 0a-62 e5 0f 9c bf dc 3c a0 z..p .... b ..... <.

+ OK Kua Rite te Dovecot!
Kaiwhakamahi legolas
+ OK
Tuhinga o mua
+ OK Whakauru.
Tuhinga
+ OK 1 nga karere: 1 1021.
PANUI 1
+ OK 1021 octets Whakahoki-Ara: X-Taketake-Ki: legolas@desdelinux.fan Tukuna-Ki: legolas@desdelinux.fan Kua riro: mai i sysadmin.desdelinux.fan (tomokanga [172.16.10.1]) na desdelinux.fan (Paetukutuku) me te ESMTP id 51886C11E8C0 mo ; Mane, 22 Mei 2017 15:09:11 -0400 (EDT) Karere-ID: <919362.931369932-sendEmail@sysadmin> Mai i: "buzz@deslinux.fan" Ki: "legolas@desdelinux.fan" Kaupapa: Kia Ora Ra: Mane, 22 Mei 2017 19:09:11 +0000 X-Kaitohu: sendEmail-1.56 MIME-Putanga: 1.0 Momo-Ihirangi: multipart / whanaunga; rohe = "---- MIME delimiter for sendEmail-365707.724894495" He korero maha-waahanga tenei kei te whakatakotoranga MIME. Ki te whakaatu tika i tenei panui me hiahia koe ki te -Mera-Putanga 1.0 papatono Emailmera ture. ------ Kaiutuutu MIME mo te sendEmail-365707.724894495-Momo Ihirangi: tuhinga / mania; charset = "iso-8859-1" Whakawhiti-Whakawhiti-Whakawaehere: 7bit Tena koe Legolas mai i to hoa a Buzz ------ Kaiwhaiti MIME mo te tukuEmail-365707.724894495--.
whakamutu
+ OK Te takiuru atu. kati
buzz @ sysadmin: ~ $

Whakawhirinaki

Whakawhirinaki he kaihoko paetukutuku kua oti te tuhituhi ki te PHP. Kei roto ko te tautoko PHP taketake mo nga kawa IMAP me SMTP, me te whakarato i te hototahi nui me nga kaitirotiro rereke e whakamahia ana. He tika te whakahaere i runga i tetahi kaituku IMAP. Kei a ia nga mahinga katoa e hiahiatia ana e koe mai i te kaihoko imeera tae atu ki te tautoko MIME, pukapuka wahitau me te whakahaere kōpaki.

[root @ linuxbox ~] # yum whakauruhia te squirrelmail
[root @ linuxbox ~] # ratonga httpd ka tiimata ano

[root @ linuxbox ~] # nano /etc/squirrelmail/config.php
$ domain = 'desdelinux.fan';
$ imapServerAddress = 'mail.fromlinux.fan';
$ imapPort = 143;
$ smtpServerAddress = 'desdelinux.fan';

[root @ linuxbox ~] # ratonga httpd uta ano

Tukuna te Mahere Kaupapahere DNS, te rekoata SPF ranei

I roto i te tuhinga NSD Kaituku DNS Kaiwhakahaere + Papamuri I kite maatau kua whirihorahia te Rohe "desdelinux.fan" penei:

pakiaka @ ns: ~ # nano /etc/nsd/desdelinux.fan.zone
$ ORIGIN mai i linux.fan. $ TTL 3H @ IN SOA ns.fromlinux.fan. pakiaka.fromlinux.fan. (1; 1D rangatū; tāmata 1H; ngana anō 1W; pau te 3H); iti rawa ranei; Te wa tirotiro kino kino hei oranga; @ IN NS ns.fromlinux.fan. @ IN MX 10 mēra.fromlinux.fan.
@ IN TXT "v = spf1 a: mail.desdelinux.fan -all"
; ; Whakauru ki te whakatau keri keri mai i linux.fan @ IN A 172.16.10.10; ns IN A 172.16.10.30 mail IN CNAME mai linux.fan. korerorero IN CNAME mai linux.fan. www IN CNAME mai i linux.fan. ; ; Nga rekoata a te SRV e pa ana ki te XMPP
_xmpp-server._tcp IN SRV 0 0 5269 mai i linux.fan. _xmpp-kaihoko._tcp IN SRV 0 0 5222 mai i linux.fan. _jabber._tcp IN SRV 0 0 5269 mai i linux.fan.

I roto i taua kohinga te rehita:

@ IN TXT "v = spf1 a: mail.desdelinux.fan -all"

Kia rite ano te whirihora mo te Whatunga SME, LAN ranei, me whakarereke te konae whirihoranga Dnsmasq penei:

# TXT rekoata. Ka taea hoki e taatau te whakaatu i te rekoata SPF rekoata = desdelinux.fan, "v = spf1 a: mail.desdelinux.fan -all"

Na ka tiimata ano e maatau te ratonga:

[root @ linuxbox ~] # ratonga dnsmasq ka tiimata ano
[root @ linuxbox ~] # service dnsmasq status [root @ linuxbox ~] # host -t TXT mail.fromlinux.fan mail.fromlinux.fan he ingoakii mo fromlinux.fan. desdelinux.fan tuhinga whakaahua "v = spf1 a: mail.desdelinux.fan -all"

Tiwhikete Kaitohu Tuakiri me te Apache httpd ranei

Ahakoa ka kiia atu e to tirotiro he «Te rangatira o mail.fromlinux.fan Kua he to whirihora i to paetukutuku. Kia kore ai e tahaetia o korero, kaore ano a Firefox kia hono atu ki tenei paetukutuku ”, te tiwhikete i hangaia i mua HE TINO, ka tuku i nga tohu i waenga i te kaihoko me te kaituku ki te haangai whakamuna, i muri i to maatau whakaae ki te tiwhikete.

Mena e hiahia ana koe, ana hei whakakotahi i nga tiwhikete, ka taea e koe te kii mo Apache nga tiwhikete ano i kiia e koe mo te Postfix, e tika ana.

[root @ linuxbox ~] # nano /etc/httpd/conf.d/ssl.conf
SSLCert CertificateFile /etc/pki/tls/certs/desdelinux.fan.crt
SSLCert CertificateKeyFile /etc/pki/tls/private/desdelinux.fan.key

[root @ linuxbox ~] # ratonga httpd tīmata
[root @ linuxbox ~] # ratonga httpd mana

Rōpū Diffie-Hellman

Ko te take o te Haumaru ka uaua ake i nga ra katoa i runga i te Ipurangi. Ko tetahi o nga whakaeke noa i te hononga hono SSL, ko ia ranei Takiuru me te aarai atu ki a ia me matua taapirihia nga waahanga kore-paerewa ki te whirihoranga SSL. Mo tenei kei reira te RFC-3526 «Pontahi atu Modular Exponential (MODP) Diffie–Hellman rōpū mo te Ipurangi Whakawhiti Ipurangi (IKE)".

[root @ linuxbox ~] # cd / etc / pki / tls /
[root @ linuxbox tls] # openssl dhparam -o te tangata takitahi / dhparams.pem 2048
[root @ linuxbox tls] # chmod 600 takitahi / dhparams.pem

E ai ki te putanga o Apache i whakauruhia e maatau, ka whakamahia e matou te Roopu Diffie-Helman mai i te konae /etc/pki/tls/dhparams.pem. Mena he putanga 2.4.8 ranei i muri mai, me taapiri atu ki te konae /etc/httpd/conf.d/ssl.conf te raina e whai ake nei:

SSLOpenSSLConfCmd DHParameter "/etc/pki/tls/private/dhparams.pem"

Ko te putanga Apache e whakamahia ana e matou ko:

[pakiaka @ linuxbox tls] # yum info httpd
Mono utaina: whakaata tere, awhiawera Kei te uta i nga tere whakaata mai i te papaaherehere whakauru Kua whakauruhia nga Ingoa: httpd Hoahoanga: x86_64
Putanga: 2.4.6
Tuku: 45.el7.centos Rahi: 9.4 M Whiwhi: kua whakauruhia Mai i te putunga: Whakarapopototanga-Papaa Whakarapopototanga: Apache HTTP Server URL: http://httpd.apache.org/ Raihana: ASL 2.0 Whakaahuatanga: Ko te Apache HTTP Server he he kaha, he whaihua, he whaanui: he kaituku paetukutuku.

I te mea he putanga kei mua i te 2.4.8, ka taapirihia ki te mutunga o te tiwhikete CRT i hangaia i mua, nga korero o te Roopu Diffie-Helman:

[root @ linuxbox tls] # ngeru takitahi / dhparams.pem >> certs / desdelinux.fan.crt

Mena e hiahia ana koe ki te tirotiro mena i tika te taapiri o nga waahanga DH ki te tiwhikete CRT, mahia enei whakahau e whai ake nei:

[root @ linuxbox tls] # ngeru takitahi / dhparams.pem 
----- KATOA DH PARAMETERS -----
MIIBCAKCAQEAnwfWSlirEuMwJft0hgAdB0km9d3qGGiErRXPfeZU+Tqp/ZFOCdzP
/O6NeXuHI4vnsTDWEAjXmpRzq/z1ZEWQa6j+l1PgTgk2XqaMViD/gN+sFPnx2EmV
keVcMDqG03gnmCgO9R4aLYT8uts5T6kBRhvxUcrk9Q7hIpGCzGtdgwaVf1cbvgOe
8kfpc5COh9IxAYahmNt+5pBta0SDlmoDz4Rk/4AFXk2mjpDYoizaYMPeIInGUzOv
/LE6Y7VVRY/BJG9EZ5pVYJPCruPCUHkhvm+r9Tt56slk+HE2d52uFRSDd2FxK3n3
cN1vJ5ogsvmHayWUjVUA18LLfGSxEFsc4wIBAg==
----- MURI DH PARAMETERS -----

[root @ linuxbox tls] # ngeru ngeru / desdelinux.fan.crt 
-----BEGIN CERTIFICATE-----
MIIGBzCCA++gAwIBAgIJANd9FLCkDBfzMA0GCSqGSIb3DQEBCwUAMIGZMQswCQYD
VQQGEwJDVTENMAsGA1UECAwEQ3ViYTEPMA0GA1UEBwwGSGFiYW5hMRcwFQYDVQQK
DA5EZXNkZUxpbnV4LkZhbjEUMBIGA1UECwwLRW50dXNpYXN0YXMxFzAVBgNVBAMM
DmRlc2RlbGludXguZmFuMSIwIAYJKoZIhvcNAQkBFhNidXp6QGRlc2RlbGludXgu
ZmFuMB4XDTE3MDUyMjE0MDQ1MloXDTIyMDUyMTE0MDQ1MlowgZkxCzAJBgNVBAYT
AkNVMQ0wCwYDVQQIDARDdWJhMQ8wDQYDVQQHDAZIYWJhbmExFzAVBgNVBAoMDkRl
c2RlTGludXguRmFuMRQwEgYDVQQLDAtFbnR1c2lhc3RhczEXMBUGA1UEAwwOZGVz
ZGVsaW51eC5mYW4xIjAgBgkqhkiG9w0BCQEWE2J1enpAZGVzZGVsaW51eC5mYW4w
ggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCn5MkKRdeFYiN+xgGdsRn8
sYik9X75YnJcbeZrD90igfPadZ75ehtfYIxxOS+2U+omnFgr/tCKYUVJ50seq/lB
idcLP4mt7wMrMZUDpy1rlWPOZGKkG8AdStCYI8iolvJ4rQtLcsU6jhRzEXsZxfOb
O3sqc71yMIj5qko55mlsEVB3lJq3FTDQAY2PhXopJ8BThW1T9iyl1HlYpxj7OItr
/BqiFhxbP17Fpd3QLyNiEl+exVJURYZkvuZQqVPkFAlyNDh5I2fYfrI9yBVPBrZF
uOdRmT6jv6jFxsBy9gggcy+/u1nhlKssLBEhyaKfaQoItFGCAmevkyzdl1LTYDPY
ULi79NljQ1dSwWgraZ3i3ACZIVO/kHcOPljsNxE8omI6qNFWqFd1qdPH5S4c4IR1
5URRuwyVNffEHKaCJi9vF9Wn8LVKnN/+5zZGRJA8hI18HH9kF0A1sCNj1KKiB/xe
/02wTzR/Gbj8pkyO8fjVBvd/XWI8EMQyMc1gvtIAvZ00SAB8c1NEOCs5pt0Us6pm
1lOkgD6nl90Dx9p805mTKD+ZcvRaShOvTyO3HcrxCxOodFfZQCuHYuQb0dcwoK2B
yOwL77NmxNH1QVJL832lRARn8gpKoRAUrzdTSTRKmkVrOGcfvrCKhEBsJ67Gq1+T
YDLhUiGVbPXXR9rhAyyX2QIDAQABo1AwTjAdBgNVHQ4EFgQURGCMiLVLPkjIyGZK
UrZgMkO0X8QwHwYDVR0jBBgwFoAURGCMiLVLPkjIyGZKUrZgMkO0X8QwDAYDVR0T
BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAdy1tH1DwfCW47BNJE1DW8Xlyp+sZ
uYTMOKfNdnAdeSag1WshR6US6aCtU6FkzU/rtV/cXDKetAUIzR50aCYGTlfMCnDf
KKMZEPjIlX/arRwBkvIiRTU1o3HTniGp9d3jsRWD/AvB3rSus4wfuXeCoy7Tqc9U
FaXqnvxhF8/ptFeeCeZgWu16zyiGBqMj4ZaQ7RxEwcoHSd+OByg8E9IE2cYrWP2V
6P7hdCXmw8voMxCtS2s++VRd1fGqgGxXjXT8psxmY2MrseuTM2GyWzs+18A3VVFz
UXLD2lzeYs638DCMXj5/BMZtVL2a4OhMSYY4frEbggB3ZgXhDDktUb7YhnBTViM3
2sgJJOSTltOgAnyOPE0CDcyktXVCtu3PNUc+/AB3UemI9XCw4ypmTOMaIZ2Gl6Uo
pmTk41fpFuf8pqW3ntyu43lC5pKRBqhit6MoFGNOCvFYFBWcltpqnjsWfY2gG/b5
8D5HsedueqkAsVblKPBFpv1BB9X0HhBUYsrz8jNGZGbkgR4XQoIoLbQZHEB35APU
4yT1Lzc3jk34yZF5ntmFt3wETSWwJZ+0cYPw7n4E6vbs1C7iKAMQRVy+lI5f8XYS
YKfrieiPPdmQ22Zm2Tbkqi4zjJBWmstrw6ezzAQNaaAkiOiJIwvXU81KYsN37THh
Nf0/JsEjPklCugE=
-----END CERTIFICATE-----
-----BEGIN DH PARAMETERS-----
MIIBCAKCAQEAnwfWSlirEuMwJft0hgAdB0km9d3qGGiErRXPfeZU+Tqp/ZFOCdzP
/O6NeXuHI4vnsTDWEAjXmpRzq/z1ZEWQa6j+l1PgTgk2XqaMViD/gN+sFPnx2EmV
keVcMDqG03gnmCgO9R4aLYT8uts5T6kBRhvxUcrk9Q7hIpGCzGtdgwaVf1cbvgOe
8kfpc5COh9IxAYahmNt+5pBta0SDlmoDz4Rk/4AFXk2mjpDYoizaYMPeIInGUzOv
/LE6Y7VVRY/BJG9EZ5pVYJPCruPCUHkhvm+r9Tt56slk+HE2d52uFRSDd2FxK3n3
cN1vJ5ogsvmHayWUjVUA18LLfGSxEFsc4wIBAg==
----- MURI DH PARAMETERS -----

Whai muri i enei whakarereketanga, me timata ano e tatou nga mahi Paerua me nga ratonga httpd:

[root @ linuxbox tls] # ratonga whakaahuru timata ano
[root @ linuxbox tls] # mana whakairinga ratonga
[root @ linuxbox tls] # ratonga httpd timata ano
[root @ linuxbox tls] # ratonga httpd mana

Ko te whakaurutanga o te Roopu Diffie-Helman ki roto i a maatau tiwhikete TLS tera pea ka tere haere te hono atu ki runga o HTTPS, engari ko te taapiri o te haumarutanga he pai te utu.

Te tirotiro i te Squirrelmail

después e tika ana te hanga o nga tiwhikete me te tirotiro i ta raatau mahi tika i a maatau i roto i nga whakahau papatohu, tohua te kaitirotiro pai ki te URL http://mail.desdelinux.fan/webmail ana ka hono atu ki te kaihoko paetukutuku whai muri i te whakaae ki te tiwhikete e hangai ana. Kia mahara, ahakoa kua whakapumautia e koe te kawa HTTP, ka tukuna ki HTTPS, na te mea ko nga tautuhinga taunoa a CentOS mo Squirrelmail. Tirohia te konae /etc/httpd/conf.d/squirrelmail.conf.

Mo nga pouaka a nga kaiwhakamahi

Ka hangaia e Dovecot nga pouaka IMAP i roto i te kōpaki home o ia kaiwhakamahi:

[root @ linuxbox ~] # ls -la /home/legolas/mail/.imap/
12 katoa drwxrwx ---. 5 legolas mail 4096 May 22 12:39. drwx ------. 3 legolas legolas 75 Mei 22 11:34 .. -rw -------. 1 legolas legolas 72 Mei 22 11:34 kukupa.mailbox.log -rw -------. 1 legolas legolas Mei 8 22 12:39 kukupa-uidvalidity -r - r - r--. 1 legolas legolas 0 Mei 22 10:12 kukupa-uidvalidity.5922f1d1 drwxrwx ---. 2 legolas mail 56 May 22 10:23 INBOX drwx ------. 2 legolas legolas 56 Mei 22 12:39 Tukua drwx ------. 2 legolas legolas 30 Mei 22 11:34 Paraurehe

Kei te penapenahia ki / var / mēra /

[root @ linuxbox ~] # iti iho / var / mēra / legolas
Mai i MAILER_DAEMON Mane Mei 22 10:28:00 2017 Te Ra: Mane, 22 Haratua 2017 10:28:00 -0400 Mai i: Te Punaha Moni Roto Roto Kaupapa: KAUA E MUTU I TE KARERE NEI - KORE-KORE-KORE-KORE-KORE-KORE-P MessageAUPONO Karere-ID: <1495463280 @ linuxbox> X-IMAP: 1495462351 0000000008 Tūnga: RO Ko tenei tuhinga he waahanga o te whakatakotoranga o roto o to kōpaki mēra, a ehara i te tino korero . He mea hanga noa e te raupaparorohiko punaha. Mena ka mukua, ka ngaro nga raraunga kopaki nui, a ka hangaia ano me te tautuhi o nga raraunga ki nga uara tuatahi. Mai i te root@desdelinux.fan Man Mei 22 10:47:10 2017 Whakahoki-Ara: X-Taketake-Ki: legolas I Tukuna-Ki: legolas@desdelinux.fan Kua riro: na desdelinux.fan (Paetukutuku, mai i te kaiwhakamahi 0) id 7EA22C11FC57; Mane, 22 Mei 2017 10:47:10 -0400 (EDT) Rangi: Mane, 22 Mei 2017 10:47:10 -0400 Ki: legolas@desdelinux.fan Kaupapa: Kaiwhakamahi-Whakamatau Whakamatautau: Heirloom mailx 12.5 7/5 / 10 MIME-Putanga: 1.0 Momo-Ihirangi: tuhinga / mania; charset = us-ascii Ihirangi-Whakawhiti-Whakawaehere: 7bit Karere-Id: <20170522144710.7EA22C11FC57@desdelinux.fan> Mai i: root@desdelinux.fan (root) X-UID: 7 Tūnga: RO Kia ora. He korero whakamatautau tenei Na buzz@deslinux.fan Man Mei 22 10:53:08 2017 Ara-Hoki: X-Taketake-Ki: legolas@desdelinux.fan Tukuna-Ki: legolas@desdelinux.fan Kua riro: mai i sysadmin.desdelinux.fan (tomokanga [172.16.10.1]) na desdelinux.fan (Paetukutuku) me te ESMTP id C184DC11FC57 mo ; Mane, 22 Mei 2017 10:53:08 -0400 (EDT) Karere-ID: <739874.219379516-sendEmail@sysadmin> Mai i: "buzz@deslinux.fan" Ki: "legolas@desdelinux.fan" Kaupapa: Hello Date: Mane, 22 Mei 2017 14:53:08 +0000 X-Kaitohu: sendEmail-1.56 MIME-Putanga: 1.0 Momo-Ihirangi: multipart / e hono ana; rohe = "---- Kaiwhiwhi i te MIME mo te tukuImera-794889.899510057
/ var / mēra / legolas

Whakarapopototanga o nga miihini PAM

Kua tirohia te kiko o te Mailserver me te paku aro ki te ahuru. Ko te tumanako ko te tuhinga nei he Tohu Whakauru ki tetahi kaupapa uaua me te ngawari ki te mahi he i te mea ko te whakamahi a-ringa i tetahi Kaituku Mera.

Ka whakamahia e maatau te motuhēhēnga kaiwhakamahi o te rohe nā te mea mena ka tika taatau paanui i te konae /etc/dovecot/conf.d/10-auth.conf, ka kite taatau i te mutunga ka whakauruhia -taunoa- te konae motuhēhē mō ngā kaiwhakamahi punaha ! whakauruhia te auth-system.conf.ext. Tika ko tenei konae e kii mai ana i roto i tana pane:

[root @ linuxbox ~] # iti /etc/dovecot/conf.d/auth-system.conf.ext
# Motuhēhēnga mō ngā kaiwhakamahi punaha. Whakauruhia mai i te 10-auth.conf. # # # # Motuhēhēnga PAM. He pai ake i enei ra e te nuinga o nga punaha.
Ko te # PAM e whakamahia ana i te taha o te userdb passwd, te userdb ranei e tu ana # MAHI: Ka hiahia koe /etc/pam.d/dovecot kōnae i hangaia mo PAM # motuhēhēnga kia tino mahi. passdb {driver = pam # [session = yes] [setcred = ae] [failed_show_msg = ae] [max_requests = ] # [cache_key = ] [ ] #args = kukupa}

Ana kei kona ano tetahi atu konae /etc/pam.d/dovecot:

[root @ linuxbox ~] # ngeru /etc/pam.d/dovecot 
#% PAM-1.0 auth e hiahiatia ana pam_nologin.so auth whakauruhia ki te kaute-auth te kaute whakauru-whakauru kupu whakauru-whakauru kupu

He aha taatau e kaha ana ki te whakaputa mo te motuhaketanga PAM?

• Ko te CentOS, Debian, Ubuntu, me te maha atu o nga tohatoha Linux e whakauru ana i te Postifx me te Dovecot me te whakamotuhēhēnga o te rohe ka taea e te taunoa
• He maha nga tuhinga kei te Ipurangi e whakamahi ana i te MySQL - a tata tonu nei ko MariaDB - hei penapena i nga kaiwhakamahi me etahi atu korero mo te Mailserver. ENGARI he kaiwhakarato enei mo nga MANUUU KAUPAPA, kaore mo te Whatunga SME tawhito me - akene - rau nga kaiwhakamahi.
• Ko te whakatuturutanga ma te PAM e tika ana me te rawaka hei whakarato i nga ratonga whatunga i te mea e rere ana i runga i te kaituku kotahi i kitea e matou i roto i enei miihana iti.
• Ko nga kaiwhakamahi kua penapena ki te papaarangi korero LDAP ka taea te mahere me te mea he kaiwhakamahi o te rohe, ka taea te whakamahi i te motuhēhēnga PAM ki te whakarato ratonga whatunga mai i nga kaitoha Linux rereke e mahi ana hei kaihoko LDAP ki te kaituku tuuturu matua. Ma tenei, ka mahi maatau me nga tohu o nga kaiwhakamahi kua penapena ki te papa korero a te kaiwhakarato LDAP matua, a Kare he mea nui kia mau tonu he papaarangi me nga kaiwhakamahi o te rohe.

Tae noa ki te mahinga o muri!