当前位置: 首页 > 图文教程 > 服务器 > Linux服务器 > sendmail+squirrelmail设置邮件服务器

Linux服务器
linux下用cron定时执行任务的方法
.htaccess绑定域名到子目录的方法
linux apache下虚拟主机配置方法
apache 局域网访问配置方案
linux Apache服务器系统安全设置与优化
linux中mac地址绑定方法
linux托盘不断闪烁之解决方法
Apache配置 虚拟转向实例
Apache No space left on device的解决办法
Apache rewrite的重写相关的参数说明
LINUX入门级常用命令20条整理
Ubuntu设置开机自动挂载所有格式硬盘分区
5个可能被你忽略的Linux安全设置方法
学习Apache的mod rewrite、access写法
改版时保留原链接,创建新的URL的方法
rsync中文手册之使用rsync实现网站镜像和备份linux
rsync 数据同步使用详解
linux URL的301重定向代码分析
eclipse3.2.2 + MyEclipse5.5 + Tomcat5.5.27 配置数据库连接池
Apache服务器二级域名的完美实现

Linux服务器 中的 sendmail+squirrelmail设置邮件服务器


出处:互联网   整理: 软晨网(RuanChen.com)   发布: 2009-10-18   浏览: 69 ::
收藏到网摘: n/a

配置环境redhatAS3
kernellinux2.4.21-4.EL
sendmail-8.12.10-1
sendmail-cf-8.12.10-1
httpd-devel-2.0.46-25.ent
httpd-2.0.46-25.ent
squirrelmail-1.4.10a

1设置DNS

采用希网http://www.3322.org/提供的域名绑定功能(支持固定IP静态绑定,稳定不需要客户端软件),设置域名为myname.3322.org邮件服务器(mx)也为myname.3322.org

2配置sendmail

2.1编辑/etc/mail/sendmail.mc
divert(-1)dnl//为m4定义一个缓冲动作,当n=-1时缓冲被删除,n=0时开始一个新缓冲
include(`/usr/share/sendmail-cf/m4/cf.m4')dnl
VERSIONID(`setupforRedHatLinux')dnl
OSTYPE(`linux')dnl//定义宏所使用的操作系统,该宏允许m4程序增加同相关操作系统相关的文件
define(`SMART_HOST',`myname.3322.org')//设置邮件服务器域名(有时不是必须的)
dnl#
define(`confDEF_USER_ID',``8:12'')dnl
dnldefine(`confAUTO_REBUILD')dnl
define(`confTO_CONNECT',`1m')dnl
define(`confTRY_NULL_MX_LIST',true)dnl
define(`confDONT_PROBE_INTERFACES',true)dnl
define(`PROCMAIL_MAILER_PATH',`/usr/bin/procmail')dnl
define(`ALIAS_FILE',`/etc/aliases')dnl
dnldefine(`STATUS_FILE',`/etc/mail/statistics')dnl
define(`UUCP_MAILER_MAX',`2000000')dnl
define(`confUSERDB_SPEC',`/etc/mail/userdb.db')dnl
define(`confPRIVACY_FLAGS',`authwarnings,novrfy,noexpn,restrictqrun')dnl
define(`confAUTH_OPTIONS',`A')dnl
dnl#
dnl#Thefollowingallowsrelayingiftheuserauthenticates,anddisallows
dnl#plaintextauthentication(PLAIN/LOGIN)onnon-TLSlinks
dnl#
dnldefine(`confAUTH_OPTIONS',`Ap')dnl
dnl#
dnl#PLAINisthepreferredplaintextauthenticationmethodandusedby
dnl#MozillaMailandEvolution,thoughOutlookExpressandotherMUAsdo
dnl#useLOGIN.Othermechanismsshouldbeusediftheconnectionisnot
dnl#guaranteedsecure.
dnl#
TRUST_AUTH_MECH(`EXTERNALDIGEST-MD5CRAM-MD5LOGINPLAIN')dnl
//设定smtp认证,它的意思是如果access.db访问控制
//没有设置,则启用此验证方式进行smtp验证
define(`confAUTH_MECHANISMS',`EXTERNALGSSAPIDIGEST-MD5CRAM-MD5LOGINPLAIN')dnl
dnl#
dnl#RudimentaryinformationoncreatingcertificatesforsendmailTLS:
dnl#make-C/usr/share/ssl/certsusage
dnl#
dnldefine(`confCACERT_PATH',`/usr/share/ssl/certs')
dnldefine(`confCACERT',`/usr/share/ssl/certs/ca-bundle.crt')
dnldefine(`confSERVER_CERT',`/usr/share/ssl/certs/sendmail.pem')
dnldefine(`confSERVER_KEY',`/usr/share/ssl/certs/sendmail.pem')
dnl#
dnl#ThisallowssendmailtouseakeyfilethatissharedwithOpenLDAP's
dnl#slapd,whichrequiresthefiletobereadblebygroupldap
dnl#
dnldefine(`confDONT_BLAME_SENDMAIL',`groupreadablekeyfile')dnl
dnl#
dnldefine(`confTO_QUEUEWARN',`4h')dnl
dnldefine(`confTO_QUEUERETURN',`5d')dnl
dnldefine(`confQUEUE_LA',`12')dnl
dnldefine(`confREFUSE_LA',`18')dnl
define(`confTO_IDENT',`0')dnl
dnlFEATURE(delay_checks)dnl
FEATURE(`no_default_msa',`dnl')dnl
FEATURE(`smrsh',`/usr/sbin/smrsh')dnl
FEATURE(`mailertable',`hash-o/etc/mail/mailertable.db')dnl
FEATURE(`virtusertable',`hash-o/etc/mail/virtusertable.db')dnl
FEATURE(redirect)dnl
FEATURE(always_add_domain)dnl
FEATURE(use_cw_file)dnl
FEATURE(use_ct_file)dnl
dnl#
dnl#The-toptionwillretrydeliveryife.g.theuserrunsoverhisquota.
dnl#
FEATURE(local_procmail,`',`procmail-t-Y-a$h-d$u')dnl
FEATURE(`access_db',`hash-T<TMPF>-o/etc/mail/access.db')dnl
FEATURE(`blacklist_recipients')dnl
EXPOSED_USER(`root')dnl
dnl#
dnl#ThefollowingcausessendmailtoonlylistenontheIPv4loopbackaddress
dnl#127.0.0.1andnotonanyothernetworkdevices.Removetheloopback
dnl#addressrestrictiontoacceptemailfromtheinternetorintranet.
dnl#
DAEMON_OPTIONS(`Port=smtp,Addr=0.0.0.0,Name=MTA')dnl//设置成0.0.0.0方可接收外部邮件,局//域网邮件服务器可以设成127.0.0.1
dnl#
dnl#Thefollowingcausessendmailtoadditionallylistentoport587for
dnl#mailfromMUAsthatauthenticate.Roaminguserswhocan'treachtheir
dnl#preferredsendmaildaemonduetoport25beingblockedorredirectedfind
dnl#thisuseful.
dnl#
dnlDAEMON_OPTIONS(`Port=submission,Name=MSA,M=Ea')dnl
dnl#
dnl#Thefollowingcausessendmailtoadditionallylistentoport465,but
dnl#startingimmediatelyinTLSmodeuponconnecting.Port25or587followed
dnl#bySTARTTLSispreferred,butroamingclientsusingOutlookExpresscan't
dnl#doSTARTTLSonportsotherthan25.MozillaMailcanONLYuseSTARTTLS
dnl#anddoesn'tsupportthedeprecatedsmtps;Evolution<1.1.1usessmtps
dnl#whenSSLisenabled--STARTTLSsupportisavailableinversion1.1.1.
dnl#
dnl#ForthistoworkyourOpenSSLcertificatesmustbeconfigured.
dnl#
dnlDAEMON_OPTIONS(`Port=smtps,Name=TLSMTA,M=s')dnl
dnl#
dnl#ThefollowingcausessendmailtoadditionallylistenontheIPv6loopback
dnl#device.Removetheloopbackaddressrestrictionlistentothenetwork.
dnl#
dnl#NOTE:bindingbothIPv4andIPv6daemontothesameportrequires
dnl#akernelpatch
dnl#
dnlDAEMON_OPTIONS(`port=smtp,Addr=::1,Name=MTA-v6,Family=inet6')dnl
dnl#
dnl#Westronglyrecommendnotacceptingunresolvabledomainsifyouwantto
dnl#protectyourselffromspam.However,thelaptopandusersoncomputers
dnl#thatdonothave24x7DNSdoneedthis.
dnl#
FEATURE(`accept_unresolvable_domains')dnl
dnl#
dnlFEATURE(`relay_based_on_MX')dnl
dnl#
dnl#Alsoacceptemailsentto"localhost.localdomain"aslocalemail.
dnl#
LOCAL_DOMAIN(`localhost.localdomain')dnl
dnl#
dnl#Thefollowingexamplemakesmailfromthishostandanyadditional
dnl#specifieddomainsappeartobesentfrommydomain.com
dnl#
dnlMASQUERADE_AS(`mydomain.com')dnl//定义sendmail来应答邮件的其它主机名
dnl#
dnl#masqueradenotjusttheheaders,buttheenvelopeaswell
dnl#
dnlFEATURE(masquerade_envelope)dnl
dnl#
dnl#[email protected],but@*.mydomainalias.comaswell
dnl#
dnlFEATURE(masquerade_entire_domain)dnl
dnl#
dnlMASQUERADE_DOMAIN(localhost)dnl
dnlMASQUERADE_DOMAIN(localhost.localdomain)dnl
dnlMASQUERADE_DOMAIN(mydomainalias.com)dnl
dnlMASQUERADE_DOMAIN(mydomain.lan)dnl
MAILER(smtp)dnl//定义sendmail使用的邮件传输方法smtp
MAILER(procmail)dnl

完成sendmail.mc文档的编写后就可以用m4程序生成正式的sendmail.cf配置文档。语法如
下:
#m4sendmail.mc>sendmail.cf
检测SMTP认证
#telnetmyname.3322.org25
Trying159.226.XX.XX...
Connectedtomail.myname.3322.org(159.226.XX.XX).
Escapecharacteris'^]'.
220mail.myname.3322.orgESMTPSendmail8.12.10/8.12.10;Wed,16May200717:24:38+0800
ehlomyname.3322.org(输入此命令)
250-mail.myname.3322.orgHellomail.myname.3322.org[159.226.XX.XX],pleasedtomeetyou
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-AUTHGSSAPIDIGEST-MD5CRAM-MD5LOGINPLAIN(出现此行代表设定正确)
250-DELIVERBY
250HELP
^]---ctrl+]中断
telnet>q---q退出
Connectionclosed.

2.2设定收发限制
修改/etc/mail/access:
localhostRELAY
159.226RELAY
localhost.localdomainRELAY
127.0.0.1RELAY
然后
#makemap-vhash/etc/mail/access</etc/mail/access

2.3将主机域名加到/etc/mail/local-host-names文件中内容如下:
myname.3322.org//好像也是非必须

3设定POP与IMAP服务器.

1)首先确定/etc/servicese有以下内容
pop2109/tcppop-2postoffice#POPversion2
pop2109/udppop-2
pop3110/tcppop-3#POPversion3
pop3110/udppop-3
.......
imap143/tcpimap2#InterimMailAccessProtov2
imap143/udpimap2
利用xinetd启动POP,IMAP,
#vi/etc/xinetd.d/imap
serviceimap
{
disable=no
socket_type=stream
wait=no
user=root
server=/usr/sbin/imapd
log_on_success+=HOSTDURATION
log_on_failure+=HOST
}
[root@mis010/]#vi/etc/xinetd.d/ipop3
servicepop3
{
disable=no
socket_type=stream
wait=no
user=root
server=/usr/sbin/ipop3d
log_on_success+=HOSTDURATION
log_on_failure+=HOST
}
[root@mis010/]#vi/etc/xinetd.d/ipop2
servicepop2
{
disable=no
socket_type=stream
wait=no
user=root
server=/usr/sbin/ipop2d
log_on_success+=HOSTDURATION
log_on_failure+=HOST
}
让xinetd重新读取设定值.
#/etc/rc.d/init.d/xinetdreload
测试POP3
telnetmyname.3322.org110
测试imap
telnetmyname.3322.org53

4安装squirrelmail

(这是一个比较流行的webmail程序,使用php4开发,可以使用它来基于web收发邮件)

4.1下载squirrelmail-1.4.10a.tar.gz
4.2安装:
解压后复制到/var/www/html/squirrelmail
4.3配置squirrelmail
#/var/www/html/squirrelmail/configure
1)配置基本信息,需要配置的是组织名称,登录logo,logo大小,标题,这些都可以后来配置,首先要配置的是:第5项和第6项,配置的值分别是空格(5项)和ISO-2022-CN(6项目)
2)配置服务器参数,domain:配置为的邮件服务器的域(这里为myname.3322.org),SendmailorSMTP:配置为sendmail输入R返回
4)进入常规配置
配置1.DataDirectory:/var/www/html/squirrelmail/data/
配置2.AttachmentDirectory:/var/www/html/squirrelmail/attachments/(可能需要自己创建)
返回;
8)进入插件管理,添加所由插件(输入数字可以选择),返回;选择S,保存数据,选择Q退出)

5测试

5.1创建测试帐号:
#useradd-s/bin/falsetest#passwdtest
5.2启动apache,使用如下命令:
#servicehttpdstart
5.3测试
在浏览起中输入http://myname.3322.org/squirrelmail/,使用test登录,即可进行邮件的收发了。

6小结

目前163,sina,mails.tsinghua.edu.cn,mails.gucas.ac.cn,home.ipe.ac.cn,gmail均可向该邮箱发信,其中sina,mails.tsinghua无法接受该邮箱发信,怀疑是由于该邮箱采用3322.org后缀,直接被过滤
另外由于3322.org绑定域名不支持反向域名解析,可能会有部分公网邮箱收不到该邮箱发信(目前没有遇到)
同时还需要进一步加强安全性防范