Postfix + Dovecot + Squirrelmail ma tagata faʻaoga - SMB Networks

Faʻasino lautele o le faʻasologa: Fesootaiga komepiuta mo SMEs: Faatomuaga

Lenei tusitusiga o le faʻaauauina ma mulimuli o miniseries:

• Squid + PAM Faamaoniga i luga ole CentOS 7.
• Tagata faʻaoga ma le pulega vaega
• NSD Faʻamalosia DNS Server + Shorewall
• Prosody IM ma tagata faʻaoga i le lotoifale
  

Talofa uo ma uo!

le Tagata fiafia latou te mananaʻo e fai sa latou lava server meli. Latou te le mananaʻo e faʻaaoga ni tautua peʻa iai le "Privacy" i le va o faʻailoga fesili. O le tagata o loʻo gafa ma le faʻatinoina o le tautua i luga o lau laʻau faigaluega e leʻo se tagata poto faapitoa i lenei mataupu ma o le a muamua taumafai e faʻapipiʻi le autu o se lumanaʻi ma maeʻa meli tautua. O le "faʻatusatusaga" lea e faia ai se Full Mailserver e fai si faigata ona malamalama ma faʻaoga. 😉

Faʻamatalaga pito i lalo

• E tatau ona manino e uiga i galuega tauave taʻitasi polokalama aofia ai i se Mailserver faʻatinoina. I le avea ai o se uluaʻi taiala matou te tuʻuina atu se atoa faʻasologa o aoga fesoʻotaʻiga ma le folafolaina mafuaʻaga ua latou asia.
• Faʻaaoga lima ma mai le valu le Atoa Meli Auaunaga o se lelava gaioiga, seʻi vagana o oe o se tasi o le "Filifilia" o loʻo faia lenei ituaiga o galuega i aso uma. O le Meli Server ua fausia -i se auala lautele- e polokalame eseese e eseʻese taulimaina SMTP, POP / IMAP, Lotoifale Teuina o Savali, galuega e fesoʻotaʻi ma le togafitiga o le SPAM, Antivirus, ma isi UMA o nei polokalama e tatau ona fesoʻotaʻi saʻo i le tasi ma le isi.
• E leai se tasi lapoʻa fetaui lelei uma pe "faʻataʻitaʻiga sili" ile faʻafefea ona pulea tagata faʻaoga; o fea ma faʻafefea ona teuina feʻau, pe faʻafefea ona fai uma vaega ia galue o se tasi atoa.
• O le faʻaputuga ma le faʻaleleia o se Mailserver e mataga tele i mataupu e pei o faʻatagaga faʻatagaina ma tagata e anaina, filifilia poʻo ai le tagata e pule i se faiga, ma i ni mea sese laiti na faia i nisi faila faʻamaumauga esoteric.
• Vagana ua e iloa lelei le mea o loʻo e faia, o le iʻuga o le a le maua se puipuiga poʻo le le faʻaaogaina Mail Server. O lena i le faʻaiuga o le faʻatinoina E Leʻi Galue, atonu o le sili ona leaga o mea leaga.
• E mafai ona matou mauaina i luga o le Initaneti le tele o fua o fua pe faʻafefea ona fai se Meli Tautua. Tasi o le sili ona maeʻa -i loʻu lava manatu- o le tasi na ofoina mai e le tusitala Ivar Abrahamamsen i lona sefulu ma le tolu lomiga o Ianuari 2017 «Faʻafefea ona seti se meli tautua luga o le GNU / Linux faiga".
• Matou te fautuaina foʻi le faitauina o le tala «O se Mailserver i le Ubuntu 14.04: Postfix, Dovecot, MySQL«, pe «O se Mailserver i le Ubuntu 16.04: Postfix, Dovecot, MySQL".
• Moni O tusitusiga sili ona lelei i lenei tulaga o le a maua i le Igilisi.
  • E ui lava matou te le faia ma faʻamaoni le Mailserver e le Faʻafefea ona ... taʻua i le parakalafa talu ai, o le naʻo le mulimuli i lea laʻasaga ma lea laasaga o le a aumaia ia i tatou se sili lelei manatu o le mea o le a tatou feagai.
• Afai e te manaʻo ia i ai se atoa Mailserver i ni nai sitepu, oe mafai ona download mai le ata iRedOS-0.6.0-CentOS-5.5-i386.iso, pe vaʻai mo se sili ona po nei, pe iRedOS pe iRedMail. O le auala ou te fautuaina totino.

O le a matou faapipiiina ma faʻamau:

• Faʻalauiloa o se tautua Ma Transport Aaliʻi (SMTP).
• Lulu pei ole POP - IMAP server.
• Tusi faʻamaonia mo fesoʻotaʻiga ala TLS.
• squirrelmail o se upega tafailagi mo tagata faʻaaoga.
• DNS faamaumauga faʻatatau i le «Auina Faʻavae Faʻavae Faʻavae»Poʻo SPF.
• Faiga faʻavae Diffie Hellman Vaega ia faʻateleina le saogalemu o tusi faʻamaonia SSL.

E tumau pea ona fai:

Le mea sili o tautua nei o le a tumau pea ona faʻaogaina:

• postgrey: Faʻavae server tulaga faʻavae mo Gray Lisi ma teʻena Junk Mail.
  
• Amavisd-fou: tusitusiga e fausia ai se fesoʻotaʻiga i le va o le MTA, ma siama scanner ma mataupu aofia.
• Clamav Antivirus: antivirus suite
• SpamAssassin: aveese Junk Mail
• tafi (pyzor): SPAM puʻeina e ala i se tufatufaina ma galulue faʻatasi fesoʻotaʻiga. O le Vipul Razor network o loʻo iai se lisi lata mai ole faʻateleina ole meli meli poʻo le SPAM.
• DNS faamaumauga "DomainKeys Faailoaina Meli" pe DKIM.

Afifi postgrey, amavisd-new, clamav, spamassassin, tafi y pyzor O loʻo maua i latou i fale teu oloa. O le a tatou mauaina foi le polokalama openkim.

• E taua le faʻailoaina saʻo o le DNS faʻamaumauga "SPF" ma le "DKIM" pe a fai tatou te le mananaʻo e faʻailoa mai le le manaʻomia o le tatou meli fou poʻo le gaosiaina o le SPAM poʻo le Junk Mail, e isi tautua meli pei o Gmail, YAue, Hotmail, ma isi.

Siaki muamua

Manatua o lenei tusitusiga o se faʻaauau a isi e amata ile Squid + PAM Faamaoniga i luga ole CentOS 7.

Conn32 fesoʻotaʻiga fesoʻotaʻi LAN i le Totonu Fesootaiga

[root @ linuxbox ~] # nano / etc / sysconfig / network-scripts / ifcfg-ens32
DEVICE=ens32
ONBOOT=yes
BOOTPROTO=static
HWADDR=00:0c:29:da:a3:e7
NM_CONTROLLED=no
IPADDR=192.168.10.5
NETMASK=255.255.255.0
GATEWAY=192.168.10.1
DOMAIN=desdelinux.fan
DNS1=127.0.0.1
ZONE = lautele

[root @ linuxbox ~] # ifdown ens32 && ifup ens32

Fesoʻotaʻi fesoʻotaʻi ma le34 WAN i le Initaneti

[root @ linuxbox ~] # nano / etc / sysconfig / network-scripts / ifcfg-ens34
TUSI = ens34 ONBOOT = ioe BOOTPROTO = tumau HWADDR = 00: 0c: 29: da: a3: e7 NM_CONTROLLED = leai IPADDR = 172.16.10.10 NETMASK = 255.255.255.0 # O le ADSL router e fesoʻotaʻi i # lenei fesoʻotaʻiga ma # le tuatusi lenei IP GATEWAY = 172.16.10.1 DOMAIN = desdelinux.fan DNS1 = 127.0.0.1
ZONE = fafo

DNS iugafono mai le LAN

[root @ linuxbox ~] # cat /etc/resolv.conf search mai linux.fan nameserver 127.0.0.1 nameserver 172.16.10.30 [root @ linuxbox ~] # talimalo talimalo
mail.desdelinux.fan o se igoa faʻaigoa mo linuxbox.desdelinux.fan. linuxbox.desdelinux.fan ei ai le tuatusi 192.168.10.5 linuxbox.desdelinux.fan meli o loʻo tagofia e le 1 mail.desdelinux.fan.

[root @ linuxbox ~] # talimalo meli.fromlinux.fan
mail.desdelinux.fan o se igoa faʻaigoa mo linuxbox.desdelinux.fan. linuxbox.desdelinux.fan ei ai le tuatusi 192.168.10.5 linuxbox.desdelinux.fan meli o loʻo tagofia e le 1 mail.desdelinux.fan.

DNS iugafono mai le Initaneti

buzz @ sysadmin: ~ $ talimalo meli.fromlinux.fan 172.16.10.30
Faʻaaogaina le tuatusi: Igoa: 172.16.10.30 Tuatusi: 172.16.10.30 # 53 Igoa: mail.desdelinux.fan o se igoa faʻaigoa mo desdelinux.fan.
mai linux.fan ei ai le tuatusi 172.16.10.10
desdelinux.fan meli o loʻo tagofia e 10 mail.desdelinux.fan.

Faʻafitauli ile foia o le hostname "desdelinux.fan" i le lotoifale

Afai ei ai ni ou faʻafitauli foʻia le igoa igoa «mailinux.fan"mai le LAN, taumafai e faʻailoa mai le laina faila /etc/dnsmasq.conf lea e folafola ai local = / mai le linux.fan /. A maeʻa, toe amata le Dnsmasq.

[root @ linuxbox ~] # nano /etc/dnsmasq.conf # Faʻamatala le laina i lalo:
# local = / desdelinux.fan /

[root @ linuxbox ~] # tautua dnsmasq toe amata
Toe faʻafoʻi i le / bin / systemctl toe amata le dnsmasq.service

[root @ linuxbox ~] # tautua dnsmasq tulaga

[root @ linuxbox ~] # talimalo mai linux.fan
desdelinux.fan ei ai le tuatusi 172.16.10.10 desdelinux.fan meli o loʻo tagofia e 10 mail.desdelinux.fan.

Postfix ma Dovecot

O le sili lautele faʻamaumauga o Postfix ma Dovecot mafai ona maua i:

[root @ linuxbox ~] # ls /usr/share/doc/postfix-2.10.1/
bounce.cf.default LICENSE README-Postfix-SASL-RedHat.txt FUAFUAGA main.cf.default TLS_ACKNOWLEDGEMENTS faʻataʻitaʻiga README_FILES TLS_LICENSE

[root @ linuxbox ~] # ls /usr/share/doc/dovecot-2.2.10/
AUTHORS COPYING.MIT dovecot-openssl.cnf TALA FOU wiki COPYING ChangeLog faataitaiga-config README COPYING.LGPL faʻamaumauga.txt mkcert.sh solr-schema.xml

I le CentOS 7, o le Postfix MTA e faʻapipiʻiina pe a matou filifilia le filifiliga o se Infrastructure Server. E tatau ona tatou siakiina o le SELinux faʻatulagaina faʻatagaina tusitusiga i Potfix i le lotoifale savali laina:

[root @ linuxbox ~] # getebool -a | grep postfix
postfix_local_write_mail_spool -> on

Fesuiaiga i le FirewallD

I le faʻaaogaina o le graphic interface e faʻatulagaina ai le FirewallD, e tatau ona tatou mautinoa o auaunaga nei ma uafu e mafai mo itu taʻitasi:

# ----------------- -----
# Faʻamau i totonu FirewallD
# ----------------- -----
# Maugaafi
# Nofoaga lautele: http, https, imap, pop3, smtp tautua
# Nofoaga lautele: uafu 80, 443, 143, 110, 25

# Sone i fafo: http, https, imap, pop3s, smtp tautua
# Sone i fafo: uafu 80, 443, 143, 995, 25

Matou te faʻapipiʻi le Dovecot ma polokalama talafeagai

[root @ linuxbox ~] # yum install dovecot mod_ssl procmail telnet

Laʻititi le faʻatulagaina o Dovecot

[root @ linuxbox ~] # nano /etc/dovecot/dovecot.conf
togafiti = imap pop3 lmtp
faalogo = *, ::
login_greeting = Ua sauni Dovecot!

Matou te faʻamalamalamaina ma le manino le faʻamaoniga a le Dovecot:

[root @ linuxbox ~] # nano /etc/dovecot/conf.d/10-auth.conf 
disable_plaintext_auth = ioe

Matou te faʻalauiloa le Vaega ma avanoa talafeagai e fegasoloaʻi ai ma le Dovecot, ma le nofoaga o feʻau:

[root @ linuxbox ~] # nano /etc/dovecot/conf.d/10-mail.conf
mail_location = mbox: ~ / meli: INBOX = / var / meli /% u
mail_privileged_group = meli
mail_access_groups = meli

Tusi faamaonia mo le Dovecot

Dovecot otometi gaosia lau suʻega tusi faʻavae faʻavae i luga o faʻamatalaga i le faila /etc/pki/dovecot/dovecot-openssl.cnf. Ina ia maua ni tusi pasi fou e tusa ma a matou manaʻoga, e tatau ona tatou faia laʻasaga nei:

[root @ linuxbox ~] # cd / etc / pki / dovecot /
[root @ linuxbox dovecot] # nano dovecot-openssl.cnf
[req] default_bits = 1024 encrypt_key = ioe distished_name = req_dn x509_extensions = cert_type prompt = leai [req_dn] # atunuu (2 tusi code) C = CU # Setete poʻo le Itumalo Igoa (igoa atoa) ST = Cuba # Nofoaga Nofoaga (eg. taulaga ) L = Habana # Organisation (eg Kamupani) O = FromLinux.Fan # Organizational Unit Name (eg. Vaega) OU = Tagata faʻafiafia # Igoa masani (* .example.com e mafai foi) CN = *. Desdelinux.fan # E -mail fesoʻotaʻi imeliAddress=buzz@desdelinux.fan [cert_type] nsCertType = server

Matou te aveʻese tusi faʻamaonia

[root @ linuxbox dovecot] # rm certs / dovecot.pem 
rm: aveese le faila masani "certs / dovecot.pem"? (y / n) l
[root @ linuxbox dovecot] # rm tumaoti / dovecot.pem 
rm: aveese le faila masani "tumaoti / dovecot.pem"? (y / n) l

Matou te kopiina ma faʻatino le tusitusiga mkcert.sh mai le tusi faʻamaumauga

[root @ linuxbox dovecot] # cp /usr/share/doc/dovecot-2.2.10/mkcert.sh [root @ linuxbox dovecot] # bash mkcert.sh 
Fausiaina o le 1024 bit RSA tumaʻoti ki ...... ++++++ ................ ++++++ tusia fou tutoatasi ki i '/ etc / pki / dovecot / private / dovecot.pem '----- subject = /C=CU/ST=Cuba/L=Habana/O=DesdeLinux.Fan/OU=Entusiasts/CN=*.desdelinux.fan/emailAddress= buzz@desdelinux.fan SHA1 Fingerprint = 5F: 4A: 0C: 44: EC: EC: EF: 95: 73: 3E: 1E: 37: D5: 05: F8: 23: 7E: E1: A4: 5A

[root @ linuxbox dovecot] # ls -l certs /
aofaʻi 4 -rw -------. 1 aʻa aʻa 1029 Me 22 16:08 dovecot.pem
[root @ linuxbox dovecot] # ls -l tumaoti /
aofaʻi 4 -rw -------. 1 aʻa aʻa 916 Me 22 16:08 dovecot.pem

[root @ linuxbox dovecot] # tautua dovecot toe amata
[root @ linuxbox dovecot] # tautua dovecot tulaga

Tusi faamaonia mo Postfix

[root @ linuxbox ~] # cd / etc / pki / tls / [root @ linuxbox tls] # openssl req -sha256 -x509 -nodes -newkey rsa: 4096 -days 1825 \ -out certs / desdelinux.fan.crt -keyout tumaoti / desdelinux.fan.key

Fausia se 4096 bit RSA tumaʻoti ki ......... ++ .. ++ tusia fou tumaʻoti ki i 'tumaoti / domain.tld.key' ----- O le a fesiligia oe e ulufale i faʻamatalaga lena o le a tuʻufaʻatasia i lau tusi pasi talosaga. Ole mea o le a e ulufale atu o le mea e taʻu o le Distinguished Name poʻo le DN. E i ai ni nai fanua ae e mafai ona e tuua ni avanoa Mo nisi fanua o le ai ai se faʻaletonu aoga, Afai e te ulufale '.', O le fanua o le a tuʻufua avanoa. ----- Country Country (2 letter code) [XX]: CU State or Province Name (igoa atoa) []: Cuba Locality Name (eg, city) [Default City]: Habana Organization Name (eg, kamupani) [ Default Company Ltd]: desdeLinux.Fan Organizational Unit Igoa (eg, vaega) []: Entusiasts Masani Igoa (eg, lou igoa poʻo le igoa o lau 'auʻaunaga hostname) []: desdelinux.fan Imeli tuatusi

Laʻititi postonfiguraga

Matou te faʻaopopo i le pito o le faila / etc / faʻasologa igoa o le isi:

aʻa: buzz

Mo suiga ia aoga matou te faʻatinoina le faʻatonuga lenei:

[root @ linuxbox ~] # fou

O le Postifx configure mafai ona faia e ala i le faʻasaʻo saʻo o le faila /etc/postfix/main.cf pe i le faʻatonuga postconf -e vaʻaia lelei o vaega uma matou te mananaʻo e toe faʻaleleia pe faʻaopopo o loʻo atagia mai i le tasi laina o le faʻamafanafanaga.

• Taʻitasi ma tatau folafola atu filifiliga latou malamalama ma manaʻomia!.

[root @ linuxbox ~] # postconf -e 'myhostname = desdelinux.fan'
[root @ linuxbox ~] # postconf -e 'mydomain = desdelinux.fan'
[root @ linuxbox ~] # postconf -e 'myorigin = $ mydomain'
[root @ linuxbox ~] # postconf -e 'inet_interfaces = uma'
[root @ linuxbox ~] # postconf -e 'mydestination = $ myhostname, localhost. $ mydomain, localhost, $ mydomain, meli. $ mydomain, www. $ mydomain, ftp. $ mydomain'

[root @ linuxbox ~] # postconf -e 'mynetworks = 192.168.10.0/24, 172.16.10.0/24, 127.0.0.0/8'
[root @ linuxbox ~] # postconf -e 'mailbox_command = / usr / bin / procmail -a "$ EXTENSION"'
[root @ linuxbox ~] # postconf -e 'smtpd_banner = $ myhostname ESMTP $ mail_name ($ mail_version)'

Matou te faʻaopopo i le pito o le faila /etc/postfix/main.cf filifiliga na tuuina atu i lalo. Ina ia iloa le uiga o ia mea taʻitasi, matou te fautuaina le faitauina o faʻamatalaga o loʻo sosoʻo mai.

biff = leai
append_dot_mydomain = leai
tuai_lapataiga_taimi = 4h
readme_directory = leai
smtpd_tls_cert_file = / etc / pki / certs / desdelinux.fan.crt
smtpd_tls_key_file = / etc / pki / private / desdelinux.fan.key
smtpd_use_tls = ioe
smtpd_tls_session_cache_database = btree: $ {data_directory} / smtpd_scache
smtp_tls_session_cache_database = btree: $ {data_directory} / smtp_scache
smtpd_relay_restritions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination

# Ole aofaʻi ole pusameli tele 1024 megabytes = 1 g ma le g
pusameli_size_limit = 1073741824

taliaina_delimiter = +
tele_queue_lifetime = 7d
header_checks = regexp: / etc / postfix / header_checks
body_checks = regexp: / etc / postfix / body_checks

# Teugatupe e lafoina se kopi o meli sau i se isi teuga tupe
tagata mauaina_bcc_maps = hash: / etc / postfix / accounts_ forwarding_copy

O laina nei e taua e fuafua ai poʻo ai e mafai ona lafoina meli ma lafo atu i isi tautua, ina ia tatou le faʻafuaseʻi ona faʻatulagaina se "tatala moligafua" e faʻatagaina ai tagata le faʻamaoniaina e lafo meli. E tatau ona tatou faʻafesoʻotaʻia le itulau e fesoasoani ai i le Postfix ia malamalama ai i uiga o filifiliga taʻitasi

• Taʻitasi ma tatau folafola atu filifiliga latou malamalama ma manaʻomia!.

smtpd_helo_restritions = permit_mynetworks,
 warn_if_reject rej_non_fqdn_hostname,
 menolak_invalid_hostname,
 faʻataga

smtpd_sender_restrictions = faataga_sasl_authenticated,
 faataga_mynetworks,
 warn_if_reject rej_non_fqdn_sender,
 menolak_unknown_sender_domain,
 Talia_unauth_pipelining,
 faʻataga

smtpd_client_restrictions = deny_rbl_client sbl.spamhaus.org,
 Talia_rbl_client blackholes.easynet.nl

# FAʻAALIGA: O le filifiliga "check_policy_service inet: 127.0.0.1: 10023"
# mafai ai le polokalame Postgrey, ma e le tatau ona tuʻuina iai
# a leai o le a matou faʻaaogaina le Postgrey

smtpd_recipient_restricts = teʻena le faʻamaeaga
 faataga_mynetworks,
 faataga_sasl_authenticated,
 teena_non_fqdn_recipient,
 rej_unknown_recipient_domain,
 teteʻe_unauth_destination,
 check_policy_service inet: 127.0.0.1: 10023,
 faʻataga

smtpd_data_restrictions = rej_unauth_pipelining

smtpd_relay_restrictions = rej_unauth_pipelining,
 faataga_mynetworks,
 faataga_sasl_authenticated,
 teena_non_fqdn_recipient,
 rej_unknown_recipient_domain,
 teteʻe_unauth_destination,
 check_policy_service inet: 127.0.0.1: 10023,
 faʻataga
 
smtpd_helo_required = ioe
smtpd_delay_reject = ioe
disable_vrfy_command = ioe

Matou te faia faila / etc / postfix / body_check y / etc / postfix / accounts_forwarding_copy, ma matou te fesuiaʻi le faila / etc / postfix / header_checks.

• Taʻitasi ma tatau folafola atu filifiliga latou malamalama ma manaʻomia!.
  

[root @ linuxbox ~] # nano / etc / postfix / body_check
# Afai e toe faʻaleleia lenei faila, e le manaʻomia # e tamoʻe ai le postmap # E faʻataʻitaʻi ia tulafono, tamoʻe e fai ma aʻa: # postmap -q 'maoae fou v1agra' regexp: / etc / postfix / body_checks
# Tatau toe foʻi: # TALI Tulafono # 2 Aneti Spam Savali Tino
/ viagra / REJECT Rule # 1 Anti Spam o le savali tino
/ maoae fou v [i1] agra / REJECT Tulafono # 2 Aneti Spam o le tino feʻau

[root @ linuxbox ~] # nano / etc / postfix / accounts_ forwarding_copy
# A maeʻa ona sui, e tatau ona e faʻatino: # postmap / etc / postfix / accounts_ forwarding_copy
# ma o le faila ua fausia pe fuaina: # /etc/postfix/accounts_forwarding_copy.db
# ---------------------------- # Le tala e tasi e lafo ai le tasi BCC kopi # BCC = Black Carbon Copy # Faʻataʻitaʻiga: # webadmin@desdelinux.fan buzz@desdelinux.fan

[Root @ linuxbox ~] # postmap / etc / postfix / accounts_ forwarding_copy

[Root @ linuxbox ~] # nano / etc / postfix / header_checks
# Faʻaopopo i le pito o le faila # AUA LE manaʻomia Postmap ona o latou masani o faʻaaliga
/ ^ Mataupu: =? Big5? / TETEE Faʻailogaina Saina e le taliaina e lenei sapalai
/ ^ Mataupu: =? EUC-KR? / TALIA E le faʻatagaina e le auʻaunaga lenei gagana Korea
/ ^ Mataupu: ADV: / REJECT Faʻasalalauga e le taliaina e lenei tautua
/ ^^From:.*\@.*\.cn/ TOLOA Faʻamalie atu, Saina meli e le faʻatagaina iinei
/ ^^From:.*\@.*\.kr/ TOLOA Faʻamalie atu, Korea meli e le faʻatagaina iinei
/ ^^From:.*\@.*\.tr/ TALITOLAGA Faʻamalie atu, e leʻi faʻatagaina imeli a Take iinei
/ ^^From:.*\@.*\.ro/ TOLAFI Faʻamalie atu, Romanian meli e le faʻatagaina iinei
/ ^^(Received|Message-IdicationX-(MaileromiaSender)):.*\b(AutoMail|E-BroadcasterflixEmailer Platinum | Thunder Server | eMarksman | Extractor | e-Merge | mai le gaoia [^.] | Global Messenger | GroupMaster | Mailcast | MailKing | Match10 | MassE-Mail | massmail \ .pl | News Breaker | Powermailer | Quick Shot | Ready Aim Fire | WindoZ | WorldMerge | Yourdora | Lite) \ b / TALI E leai se tele meli e faʻatagaina.
/ ^ Mai: "spammer / REJECT
/ ^ Mai: "spam / REJECT
/ ###Mataupu autu :.*viagra/ TAGATA
# Faʻaopoopoga mataʻutia
/ name = [^> Iluminación * \. (bat | cmd | exe | com | pif | scr | vb | vbe | vbs) / REJECT REJECT Matou te le taliaina faʻapipiʻiga ma nei faʻaopoopoga

Matou te siakiina le faʻamatalaga, toe amata Apache ma Postifx, ma faʻaavanoa ma amata Dovecot

[root @ linuxbox ~] # siaki mulimuli
[Root @ linuxbox ~] #

[root @ linuxbox ~] # systemctl toe amata httpd
[Root @ linuxbox ~] # systemctl tulaga httpd

[Root @ linuxbox ~] # systemctl toe amataina le postfix
[Root @ linuxbox ~] # systemctl tulaga postfix

[root @ linuxbox ~] # systemctl tulaga dovecot
● dovecot.service - Dovecot IMAP / POP3 imeli server Avega: utaina (/usr/lib/systemd/system/dovecot.service; le atoatoa; faleoloa faʻatonu: le atoatoa) Toaga: le toaga (maliu)

[Root @ linuxbox ~] # systemctl faʻaavanoa dovecot
[root @ linuxbox ~] # systemctl amata lupe
[root @ linuxbox ~] # systemctl toe amata dovecot
[root @ linuxbox ~] # systemctl tulaga dovecot

Faʻamatalaga o tulaga o le Console-level

• E taua tele ae e te leʻi faʻaauauina le faʻapipiʻiina ma le faʻatulagaina o isi polokalame, e faia ai le laʻititi manaʻomia siaki o le SMTP ma POP tautua.

Lotoifale mai le sapalai lava ia

Matou te lafoina se imeli i le tagata faʻaoga Legolas.

[root @ linuxbox ~] # echo "Talofa. O le feau lea o le suʻega" | meli "Tofotofoga" legolas

Matou te siakiina le pusameli o Legolas.

[root @ linuxbox ~] # openssl s_client -crlf -connect 127.0.0.1aktos110 -starttls pop3

Ina ua maeʻa le feau Ua Sauni le Dovecot! tatou faʻaauau:

---
+ Ua sauni le Dovecot!
USER legolas + OK PASS legolas + OK Logged in. STAT + OK 1 559 LISI + OK 1 feʻau: 1 559. RETR 1 + OK 559 octets Faʻaletonu-Ala: X-Original-To: legolas Delivered-To: legolas@desdelinux.fan Mauaina: e desdelinux.fan (Postfix, mai le userid 0) id 7EA22C11FC57; Aso Lua, 22 Me 2017 10: 47: 10 -0400 (EDT) Aso: Aso Lua, 22 Me 2017 10:47:10 -0400 Ia: legolas@desdelinux.fan Mataupu: Suʻega a Tagata-Sui: Tofi mailx 12.5 7/5 / 10 MIME-Version: 1.0 Aano-Ituaiga: tusitusiga / manino; charset = us-ascii Content-Transfer-Encoding: 7bit Message-Id: <20170522144710.7EA22C11FC57@desdelinux.fan> Mai: root@desdelinux.fan (root) Talofa. Lenei o se feau tofotofoga. FAʻAʻA
[Root @ linuxbox ~] #

Mamao mai se komepiuta i luga o le LAN

Tatou lafo se isi feau ia Legolas mai seisi komupiuta i luga ole LAN. Manatua o le TLS saogalemu e LE matua talafeagai i totonu ole SME Network.

buzz @ sysadmin: ~ $ sendemail -f buzz@deslinux.fan \
-t legolas@desdelinux.fan \
-u "Talofa" \
-m "Faʻafeiloaʻi Legolas mai lau uo Buzz" \
-s mail.desdelinux.fan -o tls = leai
Me 22 10:53:08 sysadmin sendemail [5866]: Na manuia le lafoina o le imeli!

Afai tatou te taumafai e faʻafesoʻotaʻi i totonu telenet Mai le talimalo i luga o le LAN - pe mai le Initaneti, ioe - i le Dovecot, o le a tupu le mea nei ona matou te le faʻamaonia le faʻamaoniga moni:

buzz @ sysadmin: ~ $ telnet mail.fromlinux.fan 110Tofotofoina 192.168.10.5 ...
Fesoʻotaʻi ile linuxbox.fromlinux.fan. Sola ese le amio o le '^]'. + Ua sauni le Dovecot! tagata faʻaoga legolas
-ERR [AUTH] Faʻamaonia le taliaina e le Plaintext luga o fesoʻotaiga le saogalemu (SSL / TLS).
tuʻu + OK Lelei le alu i fafo Connection tapunia e tagata mai fafo.
buzz @ sysadmin: ~ $

E tatau ona tatou faia uma tatala. O le faʻatinoga atoa o le faʻatonuga o le:

buzz @ sysadmin: ~ $ openssl s_client -crlf -connect mail.desdelinux.fanʻandro110 -starttls pop3
Fesootaʻi (00000003)
loloto = 0 C = CU, ST = Cuba, L = Havana, O = FromLinux.Fan, OU = Tagata Faʻafiafia, CN = * .fromlinux.fan, emailAddress = buzz@desdelinux.fan
faamaonia sese: num = 18: oe lava saini tusi faamaonia faʻamaonia le toe foʻi mai: 1
loloto = 0 C = CU, ST = Cuba, L = Havana, O = FromLinux.Fan, OU = Tagata Faʻafiafia, CN = * .fromlinux.fan, emailAddress = buzz@fromlinux.fan faʻamaonia le toe foʻi mai: 1
--- Tusi filifili 0 s: /C=CU/ST=Cuba/L=Habana/O=DesdeLinux.Fan/OU=Entusiasts/CN = *. Desdelinux.fan/emailAddress=buzz@desdelinux.fan i: / C =CU/ST=Cuba/L=Habana/O=DesdeLinux.Fan/OU=Entusiasts/CN=*.desdelinux.fan/emailAddress=buzz@desdelinux.fan --- Tusi faamaonia a le aufaigaluega ----- BEGIN CERTIFICATE-- --- MIICyzCCAjSgAwIBAgIJAKUHI / 2ZD + MeMA0GCSqGSIb3DQEBBQUAMIGbMQswCQYD VQQGEwJDVTENMAsGA1UECBMEQ3ViYTEPMA0GA1UEBxMGSGFiYW5hMRcwFQYDVQQK Ew5EZXNkZUxpbnV4LkZhbjEUMBIGA1UECxMLRW50dXNpYXN0YXMxGTAXBgNVBAMU ECouZGVzZGVsaW51eC5mYW4xIjAgBgkqhkiG9w0BCQEWE2J1enpAZGVzZGVsaW51 eC5mYW4wHhcNMTcwNTIyMjAwODEwWhcNMTgwNTIyMjAwODEwWjCBmzELMAkGA1UE BhMCQ1UxDTALBgNVBAgTBEN1YmExDzANBgNVBAcTBkhhYmFuYTEXMBUGA1UEChMO RGVzZGVMaW51eC5GYW4xFDASBgNVBAsTC0VudHVzaWFzdGFzMRkwFwYDVQQDFBAq LmRlc2RlbGludXguZmFuMSIwIAYJKoZIhvcNAQkBFhNidXp6QGRlc2RlbGludXgu ZmFuMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC7wckAiNNfYSz5hdePzKuZ Bnk m2MMuhGDvwrDSPDEcVutznbZSgJ9bvTo445TR + + + nBmqxzJbpc OZ80lujS2hP XR7E9eWIXxr4fP4HpRrCA8NxlthEsapVMSHW + lnPBqF2b / Bt2eYyR7g JhtlP6gRG V57MmgL8BdYAJLvxqxDIxQIDAQABoxUwEzARBglghkgBhvhCAQEEBAMCBkAwDQYJ KoZIhvcNAQEFBQADgYEAAuYU1nIXTbXtddW + QkLskum7ESryHZonKOCelfn2vnRl 8oAgHg7Hbtg / e6sR / W9m3DObP5DEp3lolKKIKor7ugxtfA4PBtmgizddfDKKMDql TUTU + MV5 / DP1pjQbxTsaLlZfveNxfLRHkQY13asePy4fYJFOIZ4OojDEGQ6 / VQBI8 = ----- ----- IʻUGA mataupu TUSI FAAMAONIA = / C = CU / ST = Cuba / L = Havana / Le = DesdeLinux.Fan /OU=Entusiasts/CN=*.desdelinux.fan/emailAddress=buzz@desdelinux.fan namu = / C = CU / ST = Cuba / L = Habana / O = DesdeLinux.Fan / OU = Entusiasts / CN = *. Desdelinux .fan / emailAddress = buzz @ desdelinux.fan --- Leai se client client CA igoa na lafoina Server Temp Key: ECDH, secp384r1, 384 bits --- O le faatalofa a SSL na faitau 1342 bytes ma tusia 411 bytes --- Fou, TLSv1 / SSLv3 O le Cipher o le ECDHE-RSA-AES256-GCM-SHA384 Server lautele ki o le 1024 bit Secure Renegotiation IS lagolagoina Compression: NONE Expansion: NONE SSL-Session: Protocol: TLSv1.2 Cipher: ECDHE-RSA-AES256-GCM-SHA384 Session- ID: C745B4A0236204E16234CB15DC9CDBC3D084125FF5989F5DB6C5295BF4E2D73A Session-ID-ctx: Master-Key : 1904D204C564B76361CEA50373F8879AF793AF7D7506C04473777F6F3503A9FD919CD1F837BC67BFF29E309F352526F5 Key-Arg: E leai se tasi Krb5 Autu: E leai se tasi 300 PSK e iloagofie ai: E leai se tasi faaiteite faasinomaga PSK: hS 0000F4F3A8FD29CD7F4BC63BFF72E7F6F4 Key-Arg: E leai se tasi Krb7 Autu: E leai se tasi 1 PSK e iloagofie ai: E leai se tasi PSK faaiteite e iloagofie ai: sauniga hS XNUMXTLS XNUMX sekone XNUMX f leai se tasi XNUMX sauniga XNUMX f Nonec pepa XNUMX sekone XNUMX FXNUMXFXNUMX pepa ec XNUMXe XNUMXc N:.) zOcr ... O .. ~.
 0010 - 2c d4 be a8 be 92 2e ae-98 7e 87 6d 45 c5 17 a8, ........ ~ .mE ...
 0020 - db 3a 86 80 df 8b dc 8d-f8 1f 68 6e db a7 e3 86 .: ........ hn ....
 0030 - 08 35 e5 eb 98 b8 a4 98-68 b1 ea f7 72 f7 c1 79 .5 ...... h ... r..y 0040 - 89 4a 28 e3 85 a4 8b da-e9 7a 29 c7 77 bf 22 0d .J (...... z) .w. ".
 0050 - bd 5c f6 61 8c a1 14 bd-cb 31 27 66 7a dc 51 28. \. A ..... 1'fz.Q (0060 - b7 de 35 bd 2b 0f d4 ec-d3 e0 14 c8 65 03 b1 35 ..5. + ....... e..5 0070 - 38 34 f8 de 48 da ae 31-90 bd f6 b0 e6 9c cf 19 84..H..1 ..... ...
 0080 - f5 42 56 13 88 b0 8c db-aa ee 5a d7 1b 2c dd 71 .BV ....... Z ..,. Q 0090 - 7a f1 03 70 90 94 c9 0a-62 e5 0f 9c bf dc 3c a0 z..p .... b ..... <.

+ Ua sauni le Dovecot!
USER legolas
OK
PASS legolas
+ Ua Lelei i totonu.
LIST
+ OK 1 feau: 1 1021.
RETR 1
+ Ua lelei 1021 octets Return-Path: X-Original-To: legolas@desdelinux.fan Auina atu-I: legolas@desdelinux.fan Mauaina: mai le sysadmin.desdelinux.fan (faitotoa [172.16.10.1]) saunia e desdelinux.fan (Postfix) ma ESMTP id 51886C11E8C0 mo ; Aso Lua, 22 Me 2017 15:09:11 -0400 (EDT) Savali-ID: <919362.931369932-sendEmail@sysadmin> Mai: "buzz@deslinux.fan" Ia: "legolas@desdelinux.fan" Mataupu: Talofa Aso: Mon, 22 Me 2017 19:09:11 +0000 X-Mailer: sendEmail-1.56 MIME-Version: 1.0 Aano-Ituaiga: multipart / fesoʻotaʻi; boundary = "---- MIME delimiter for sendEmail-365707.724894495" O se feʻau tele lea i le MIME format. Ina ia faʻaali lelei lenei feʻau e te manaʻomia se MIME-Version 1.0 tausisi imeli polokalama. ------ MIME delimiter mo sendEmail-365707.724894495 Aano-Ituaiga: tusitusiga / manino; charset = "iso-8859-1" Content-Transfer-Encoding: 7bit Faʻafeiloaʻi Legolas mai lau uo Buzz ------ MIME delimiter mo sendEmail-365707.724894495--.
FAI
+ Ua lelei le alu i fafo. tapunia
buzz @ sysadmin: ~ $

squirrelmail

squirrelmail o se 'upega tafaʻilagi tagata maʻi tusi atoa i le PHP. E aofia ai le lagolago PHP moni mo faʻatonuga IMAP ma SMTP, ma maua ai le maualuga fetaui lelei ma le eseese browser i le faʻaaogaina. E alu saʻo i luga o soʻo se server IMAP. O loʻo iai uma au galuega e te manaʻomia mai se imeli meli e aofia ai le MIME lagolago, tusi tuatusi ma le pulega faʻatonutonu.

[Root @ linuxbox ~] # yum faatuina squirrelmail
[root @ linuxbox ~] # tautua httpd toe amata

[root @ linuxbox ~] # nano /etc/squirrelmail/config.php
$ domain = 'desdelinux.fan';
$ imapServerAddress = 'mail.fromlinux.fan';
$ imapPort = 143;
$ smtpServerAddress = 'desdelinux.fan';

[root @ linuxbox ~] # tautua httpd toe uta

DNS Lafo Faʻavae Framenwork poʻo faʻamaumauga SPF

I totonu o le tusiga NSD Faʻamalosia DNS Server + Shorewall Na matou vaʻaia o le "desdelinux.fan" Sone na faʻataʻatia e pei ona taʻua i lalo:

aʻa @ ns: ~ # nano /etc/nsd/desdelinux.fan.zone
$ ORIGIN mai le linux.fan. $ TTL 3H @ I SOA ns.fromlinux.fan. aʻa.fromlinux.fan. (1; serial 1D; faʻafouina 1H; toe taumafai 1W; faamutaina 3H); maualalo pe; Le lelei le taimi o le teuina o le ola e ola ai; @ I NS ns.fromlinux.fan. @ I MX 10 meli.fromlinux.fan.
@ IN TXT "v = spf1 a: mail.desdelinux.fan -all"
; ; Faʻamau e foia ai eli fesili mai linux.fan @ IN A 172.16.10.10; ns I LE 172.16.10.30 meli I CNAME mai linux.fan. talanoa I le CNAME mai linux.fan. www I CNAME mai linux.fan. ; ; SRV faamaumauga faʻatatau i le XMPP
_xmpp-server._tcp I SRV 0 0 5269 mai linux.fan. _xmpp-client._tcp I SRV 0 0 5222 mai linux.fan. _jabber._tcp I SRV 0 0 5269 mai le linux.fan.

I totonu o le tusi resitala ua folafolaina:

@ IN TXT "v = spf1 a: mail.desdelinux.fan -all"

Ina ia maua le tutusa parakalafa configured mo le SME Network poʻo le LAN, e tatau ona tatou fesuiaʻia le Dnsmasq faʻatulagaina faila pei ona taʻua i lalo:

# TXT faʻamaumauga. E mafai foi ona matou faʻalauiloaina le SPF record txt-record = desdelinux.fan, "v = spf1 a: mail.desdelinux.fan -all"

Ona matou toe amataina lea o le tautua:

[root @ linuxbox ~] # tautua dnsmasq toe amata
[root @ linuxbox ~] # service dnsmasq status [root @ linuxbox ~] # host -t TXT mail.fromlinux.fan mail.fromlinux.fan o se igoa faʻaigoa mai fromlinux.fan. desdelinux.fan upu faʻamatala "v = spf1 a: mail.desdelinux.fan -all"

Oe lava saini Tusi Faʻamaonia ma Apache poʻo httpd

Tusa lava pe fai atu lau browser ia te oe «Le ana o meli.fromlinux.fan Ua e faʻalelei le faʻatulagaina o lau tulaga itulau i luga ole laiga. Ina ia puipuia au faʻamatalaga mai le gaoia, e leʻi fesoʻotaʻi Firefox i lenei 'upega tafaʻilagi ", le tusi faamaonia na faia muamua E AUA, ma o le a faʻatagaina agavaʻa i le va o le tagata maʻi ma le 'auʻauna e malaga faʻailoga, pe a uma ona tatou taliaina le tusi pasi.

Afai e te manaʻomia, ma o se auala e tuʻufaʻatasia ai tusi pasi, oe mafai ona faʻalauiloa mo Apache ia lava tusipasi na e folafolaina mo Postfix, e saʻo.

[Root @ linuxbox ~] # nano /etc/httpd/conf.d/ssl.conf
SSLCert CertificateFile /etc/pki/tls/certs/desdelinux.fan.crt
SSLCert CertificateKeyFile /etc/pki/tls/private/desdelinux.fan.key

[Root @ linuxbox ~] # tautua httpd toe amata
[Root @ linuxbox ~] # tautua httpd tulaga

Diffie-Hellman Vaega

O le mataupu o le Puipuiga e atili faigata i aso uma i luga o le Initaneti. O se tasi o osofaʻiga masani a luga o fesoʻotaʻiga SSL, o ia lea logjam ma e puipuia ai, e tatau ona e faʻaopopo ni tapulaʻa le masani ile faʻatulagaina ole SSL. Mo lenei o loo i ai le RFC-3526 «Sili Modular Exponential (MODP) Diffie–Hellman vaega mo Initaneti Fesuiaʻiga Key (IKE)".

[root @ linuxbox ~] # cd / etc / pki / tls /
[root @ linuxbox tls] # openssl dhparam -out tumaoti / dhparams.pem 2048
[root @ linuxbox tls] # chmod 600 tumaoti / dhparams.pem

E tusa ai ma le faʻamatalaga a le Apache ua matou faʻapipiʻiina, matou te faʻaaogaina le Diffie-Helman Group mai le faila /etc/pki/tls/dhparams.pem. Afai o se lomiga 2.4.8 pe mulimuli ane, ona tatau lea ona tatou faʻaopopo i le faila /etc/httpd/conf.d/ssl.conf o le laina lea:

SSLOpenSSLConfCmd DHParameter "/etc/pki/tls/private/dhparams.pem"

O le Apache version o loʻo matou faʻaaogaina o:

[Root @ linuxbox tls] # yum info httpd
Utaina plugins: saoasaoa o le pupuni, langpacks O loʻo faʻatautaia le televave faʻasolosolo mai le cache hostfile Faʻapipiʻi afifi Igoa: httpd Tusiata: x86_64
Faʻamatalaga: 2.4.6
Faʻalauiloa: 45.el7.centos tele: 9.4 M Fale teu oloa: faʻapipiʻi Mai fale teu oloa: Base-Repo Aotelega: Apache HTTP Server URL: http://httpd.apache.org/ Laisene: ASL 2.0 Faʻamatalaga: O le Apache HTTP Server o se mamana, lelei, ma extensible: 'upega tafaʻilagi tautua.

A o i ai sa matou faʻamatalaga ae leʻi oʻo i le 2.4.8, matou te faʻaopopoina i le faaiuga o le tusi faamaonia CRT na muamua faia, o mea o loʻo i totonu o le Diffie-Helman Group:

[root @ linuxbox tls] # pusi tumaoti / dhparams.pem >> certs / desdelinux.fan.crt

Afai e te manaʻo e siaki pe na faʻapea na faʻaopoopo lelei tapulaʻa DH i le tusi faʻamaonia o le CRT, fai faʻatonuga nei:

[root @ linuxbox tls] # pusi tumaoti / dhparams.pem 
----- AMATA DH PARAMETERS -----
MIIBCAKCAQEAnwfWSlirEuMwJft0hgAdB0km9d3qGGiErRXPfeZU+Tqp/ZFOCdzP
/O6NeXuHI4vnsTDWEAjXmpRzq/z1ZEWQa6j+l1PgTgk2XqaMViD/gN+sFPnx2EmV
keVcMDqG03gnmCgO9R4aLYT8uts5T6kBRhvxUcrk9Q7hIpGCzGtdgwaVf1cbvgOe
8kfpc5COh9IxAYahmNt+5pBta0SDlmoDz4Rk/4AFXk2mjpDYoizaYMPeIInGUzOv
/LE6Y7VVRY/BJG9EZ5pVYJPCruPCUHkhvm+r9Tt56slk+HE2d52uFRSDd2FxK3n3
cN1vJ5ogsvmHayWUjVUA18LLfGSxEFsc4wIBAg==
----- FAʻAIUINA DH PARAMETERS -----

[root @ linuxbox tls] # pusi certs / desdelinux.fan.crt 
-----BEGIN CERTIFICATE-----
MIIGBzCCA++gAwIBAgIJANd9FLCkDBfzMA0GCSqGSIb3DQEBCwUAMIGZMQswCQYD
VQQGEwJDVTENMAsGA1UECAwEQ3ViYTEPMA0GA1UEBwwGSGFiYW5hMRcwFQYDVQQK
DA5EZXNkZUxpbnV4LkZhbjEUMBIGA1UECwwLRW50dXNpYXN0YXMxFzAVBgNVBAMM
DmRlc2RlbGludXguZmFuMSIwIAYJKoZIhvcNAQkBFhNidXp6QGRlc2RlbGludXgu
ZmFuMB4XDTE3MDUyMjE0MDQ1MloXDTIyMDUyMTE0MDQ1MlowgZkxCzAJBgNVBAYT
AkNVMQ0wCwYDVQQIDARDdWJhMQ8wDQYDVQQHDAZIYWJhbmExFzAVBgNVBAoMDkRl
c2RlTGludXguRmFuMRQwEgYDVQQLDAtFbnR1c2lhc3RhczEXMBUGA1UEAwwOZGVz
ZGVsaW51eC5mYW4xIjAgBgkqhkiG9w0BCQEWE2J1enpAZGVzZGVsaW51eC5mYW4w
ggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCn5MkKRdeFYiN+xgGdsRn8
sYik9X75YnJcbeZrD90igfPadZ75ehtfYIxxOS+2U+omnFgr/tCKYUVJ50seq/lB
idcLP4mt7wMrMZUDpy1rlWPOZGKkG8AdStCYI8iolvJ4rQtLcsU6jhRzEXsZxfOb
O3sqc71yMIj5qko55mlsEVB3lJq3FTDQAY2PhXopJ8BThW1T9iyl1HlYpxj7OItr
/BqiFhxbP17Fpd3QLyNiEl+exVJURYZkvuZQqVPkFAlyNDh5I2fYfrI9yBVPBrZF
uOdRmT6jv6jFxsBy9gggcy+/u1nhlKssLBEhyaKfaQoItFGCAmevkyzdl1LTYDPY
ULi79NljQ1dSwWgraZ3i3ACZIVO/kHcOPljsNxE8omI6qNFWqFd1qdPH5S4c4IR1
5URRuwyVNffEHKaCJi9vF9Wn8LVKnN/+5zZGRJA8hI18HH9kF0A1sCNj1KKiB/xe
/02wTzR/Gbj8pkyO8fjVBvd/XWI8EMQyMc1gvtIAvZ00SAB8c1NEOCs5pt0Us6pm
1lOkgD6nl90Dx9p805mTKD+ZcvRaShOvTyO3HcrxCxOodFfZQCuHYuQb0dcwoK2B
yOwL77NmxNH1QVJL832lRARn8gpKoRAUrzdTSTRKmkVrOGcfvrCKhEBsJ67Gq1+T
YDLhUiGVbPXXR9rhAyyX2QIDAQABo1AwTjAdBgNVHQ4EFgQURGCMiLVLPkjIyGZK
UrZgMkO0X8QwHwYDVR0jBBgwFoAURGCMiLVLPkjIyGZKUrZgMkO0X8QwDAYDVR0T
BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAdy1tH1DwfCW47BNJE1DW8Xlyp+sZ
uYTMOKfNdnAdeSag1WshR6US6aCtU6FkzU/rtV/cXDKetAUIzR50aCYGTlfMCnDf
KKMZEPjIlX/arRwBkvIiRTU1o3HTniGp9d3jsRWD/AvB3rSus4wfuXeCoy7Tqc9U
FaXqnvxhF8/ptFeeCeZgWu16zyiGBqMj4ZaQ7RxEwcoHSd+OByg8E9IE2cYrWP2V
6P7hdCXmw8voMxCtS2s++VRd1fGqgGxXjXT8psxmY2MrseuTM2GyWzs+18A3VVFz
UXLD2lzeYs638DCMXj5/BMZtVL2a4OhMSYY4frEbggB3ZgXhDDktUb7YhnBTViM3
2sgJJOSTltOgAnyOPE0CDcyktXVCtu3PNUc+/AB3UemI9XCw4ypmTOMaIZ2Gl6Uo
pmTk41fpFuf8pqW3ntyu43lC5pKRBqhit6MoFGNOCvFYFBWcltpqnjsWfY2gG/b5
8D5HsedueqkAsVblKPBFpv1BB9X0HhBUYsrz8jNGZGbkgR4XQoIoLbQZHEB35APU
4yT1Lzc3jk34yZF5ntmFt3wETSWwJZ+0cYPw7n4E6vbs1C7iKAMQRVy+lI5f8XYS
YKfrieiPPdmQ22Zm2Tbkqi4zjJBWmstrw6ezzAQNaaAkiOiJIwvXU81KYsN37THh
Nf0/JsEjPklCugE=
-----END CERTIFICATE-----
-----BEGIN DH PARAMETERS-----
MIIBCAKCAQEAnwfWSlirEuMwJft0hgAdB0km9d3qGGiErRXPfeZU+Tqp/ZFOCdzP
/O6NeXuHI4vnsTDWEAjXmpRzq/z1ZEWQa6j+l1PgTgk2XqaMViD/gN+sFPnx2EmV
keVcMDqG03gnmCgO9R4aLYT8uts5T6kBRhvxUcrk9Q7hIpGCzGtdgwaVf1cbvgOe
8kfpc5COh9IxAYahmNt+5pBta0SDlmoDz4Rk/4AFXk2mjpDYoizaYMPeIInGUzOv
/LE6Y7VVRY/BJG9EZ5pVYJPCruPCUHkhvm+r9Tt56slk+HE2d52uFRSDd2FxK3n3
cN1vJ5ogsvmHayWUjVUA18LLfGSxEFsc4wIBAg==
----- FAʻAIUINA DH PARAMETERS -----

A maeʻa nei suiga, e tatau ona tatou toe amataina le Postfix ma le httpd auaunaga:

[Root @ linuxbox tls] # tautua postfix toe amataina
[Root @ linuxbox tls] # tautua tulaga toe sui tulaga
[root @ linuxbox tls] # tautua httpd toe amata
[root @ linuxbox tls] # tautua httpd tulaga

O le aofia ai o le Diffie-Helman Group i totonu o a matou tusi TLS atonu e fai si tuai, ae o le faʻaopopoga o le puipuiga e aoga tele.

Siakiina Squirrelmail

MAFAI o tusi faʻamaonia o loʻo faia saʻo ma matou faʻamaonia la latou saʻo faʻagaioiga e pei ona matou faia e ala i le faʻamafanafanaina faʻatonuga, faʻasino lau mea e fia vaʻai ai i le URL http://mail.desdelinux.fan/webmail ma o le a fesoʻotaʻi i le 'upega tafaʻilagi tagata o tausia pe a uma ona taliaina le tutusa tusi pasi Manatua tusa lava pe e te faʻamaotiina le HTTP protocol, o le a toe tuʻuina atu i le HTTPS, ma o lenei mafuaʻaga ona o le le masani a setiina CentOS ofa mo Squirrelmail. Vaʻai le faila /etc/httpd/conf.d/squirrelmail.conf.

E uiga i pusameli meli

Dovecot fausiaina IMAP pusa meli i le faila aiga o tagata faʻaaoga taʻitasi:

[root @ linuxbox ~] # ls -la /home/legolas/mail/.imap/
aofaʻi 12 drwxrwx ---. 5 legolas meli 4096 Me 22 12:39. drwx ------. 3 legolas legolas 75 Me 22 11:34 .. -rw -------. 1 legolas legolas 72 Me 22 11:34 dovecot.mailbox.log -rw -------. 1 legolas legolas Me 8 22 12:39 dovecot-uidvalidity -r - r - r--. 1 legolas legolas 0 Me 22 10:12 dovecot-uidvalidity.5922f1d1 drwxrwx ---. 2 legolas meli 56 Me 22 10:23 INBOX drwx ------. 2 legolas legolas 56 Me 22 12:39 Auina drwx ------. 2 legolas legolas 30 Me 22 11:34 lapisi

O loʻo teuina foʻi i / var / mail /

[root @ linuxbox ~] # itiiti / var / meli / legolas
Mai MAILER_DAEMON Aso Lua Me 22 10:28:00 2017 Aso: Aso Lua, 22 Me 2017 10:28:00 -0400 Mai: Meli Faʻamatalaga Lotoifale Faʻamaumauga Mataupu: AUA LE TETEʻEA LENEI SAVALI - FOLDER INTERNAL DATA Faʻamatalaga-ID: <1495463280 @ linuxbox> X-IMAP: 1495462351 0000000008 Tulaga: RO O lenei tusitusiga o se vaega o le faʻatulagaina i totonu o lau faila meli, ma e le o se moni . Na faia otometi e le meli polokalama polokalama. Afai e aveʻese, o le a leiloloa faʻamatalaga faila taua, ma o le a toe fausiaina faʻatasi ma le toe setiina faʻamatalaga i le amataga taua. Mai le root@desdelinux.fan Tofi Me 22 10:47:10 2017 Toe Fuatai: X-Original-To: legolas Delivered-To: legolas@desdelinux.fan Mauaina: e desdelinux.fan (Postfix, mai le userid 0) id 7EA22C11FC57; Aso Lua, 22 Me 2017 10: 47: 10 -0400 (EDT) Aso: Aso Lua, 22 Me 2017 10:47:10 -0400 Ia: legolas@desdelinux.fan Mataupu: Suʻega a Tagata-Sui: Tofi mailx 12.5 7/5 / 10 MIME-Version: 1.0 Aano-Ituaiga: tusitusiga / manino; charset = us-ascii Content-Transfer-Encoding: 7bit Message-Id: <20170522144710.7EA22C11FC57@desdelinux.fan> Mai: root@desdelinux.fan (root) X-UID: 7 Tulaga: RO Talofa. O le suʻega lea ole suʻega Mai buzz@deslinux.fan Tofi Me 22 10:53:08 2017 Toe Fuatai: X-Original-To: legolas@desdelinux.fan Auina mai-I: legolas@desdelinux.fan Mauaina: mai le sysadmin.desdelinux.fan (faitotoa [172.16.10.1]) saunia e desdelinux.fan (Postfix) ma ESMTP id C184DC11FC57 mo ; Aso Lua, 22 Me 2017 10:53:08 -0400 (EDT) Savali-ID: <739874.219379516-sendEmail@sysadmin> Mai: "buzz@deslinux.fan" Ia: "legolas@desdelinux.fan" Mataupu: Talofa Aso: Mon, 22 Me 2017 14:53:08 +0000 X-Mailer: sendEmail-1.56 MIME-Version: 1.0 Aano-Ituaiga: multipart / fesoʻotaʻi; tuaoi = "---- MIME delimiter mo sendEmail-794889.899510057
/ var / meli / legolas

PAM miniseries aotelega

Ua matou tilotilo i le totonugalemu o le Mailserver ma tuʻuina sina faamamafa i le puipuiga. Matou te faʻamoemoe o le tusitusiga avea ma se Entry Point i se mataupu e faigata ma faigofie i le faia o mea sese ona o le faʻatinoina o le Meli 'auʻaunaga lima.

Matou te faʻaaogaina le faʻamaoniga a tagata faʻaaoga i le lotoifale aua pe a tatou faitau saʻo i le faila /etc/dovecot/conf.d/10-auth.conf, o le a tatou vaʻaia o le iuga ua aofia ai -e le mafai- o le faʻamaoniga faila o le polokalama tagata faʻaaoga ! aofia ai auth-system.conf.ext. E tonu lava lenei faila taʻu mai ia i tatou i lona ulutala e:

[root @ linuxbox ~] # itiiti /etc/dovecot/conf.d/auth-system.conf.ext
# Faʻamaoniga mo tagata faʻaaoga faiga. Aofia mai le 10-auth.conf. # # # # Faʻamaoniga PAM. Faʻaaogaina i aso nei e le tele o faiga.
# PAM e masani ona faʻaaogaina faʻatasi ma le userdb passwd poʻo le userdb static. # MANATUA: E te manaʻomia /etc/pam.d/dovecot faila fausia mo PAM # faamaoniga e galue moni. passdb {driver = pam # [session = yes] [setcred = ioe] [failed_show_msg = ioe] [max_requests = ] # [cache_key = ] [ ] #args = lupe}

Ma o le isi faila o loʻo i ai /etc/pam.d/dovecot:

[root @ linuxbox ~] # pusi /etc/pam.d/dovecot 
#% PAM-1.0 auth manaʻomia pam_nologin.so auth aofia ai password-auth account aofia ai password-auth session aofia ai password-auth

O le a le mea o loʻo tatou taumafai e faʻailoa atu e uiga i le PAM faamaoniga?

• CentOS, Debian, Ubuntu, ma le tele o isi tufatufaina Linux faʻapipiʻi le Postifx ma le Dovecot ma faʻamaoniga i le lotoifale faʻatagaina e le mafai.
• Tele tusitusiga i luga ole Initaneti faʻaaogaina MySQL - ma lata mai nei MariaDB - e faʻapipiʻi ai tagata faʻaoga ma isi faʻamatalaga e uiga ile Mailserver. NEI o 'auʻaunaga ia mo le afe ma afe o tagata faʻaoga, ae le mo se SME Network masani ma - masalo - selau o tagata faʻaoga.
• O le faʻamaoniga e ala i le PAM e manaʻomia ma lava e saunia ai fesoʻotaʻiga tautua pe a fai latou te tamoʻe i luga o le tasi tautua e pei ona matou vaʻaia i nei miniseries.
• Tagata faʻaoga e teuina i se nofoaga faʻamaumauga a le LDAP e mafai ona faʻafanua e pei o ni tagata e faʻaaoga i le lotoifale, ma e mafai ona faʻaaogaina le faʻamaoniga a le PAM e tuʻuina atu ai auaunaga i luga ole laiga mai 'auʻaunaga eseese a Linux o loʻo avea ma tagata e faʻaaogaina le LDAP mo le nofoaga autu e faʻamaonia ai. I lenei auala, matou te galulue faʻatasi ai ma faʻamaoniga a tagata faʻaaoga o loʻo teuina i le nofoaga tutotonu o le LDAP server database, ma e LE manaʻomia le faʻamautuina o faʻamaumauga faʻatasi ma tagata faʻaoga i le lotoifale

Seia oʻo i le isi malaga!