|
由于工作的需要,需要在Red hat AS3下面搭建email邮件服务器。感觉网上的资料不全,写一篇较完整的资料供大家使用 ,这里只讲配置,不具体讲配置的参数的意思
OS环境:Red Hat AS2.1
硬件 :PC机器
IP :192.168.1.120
软件 :sendmail,imap,bind等
域名 :internal.com
一 安装DNS域名服务
在 Linux 上面﹐提供 DNS 服务的套件是叫 bind﹐ 在red hat 第二张光盘RPMS目录中找到bind-9.1.3-5.i386.rpm 和 bindconf-1.6.1-1.noarch.rpm 并安装它
#rpm -ihv bind-9.1.3-5.i386.rpm
#rpm -ihv bindconf-1.6.1-1.noarch.rmp.这是DNS图形配置工具,本文不使用它
二 配置DNS
(1)修改/etc/namec.conf的:
## named.conf - configuration for bind
#
# Generated automatically by bindconf, alchemist et al.
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
include "/etc/rndc.key";
options {
directory "/var/named/";
};
zone "." {
type hint;
file "named.ca";
};
zone "0.0.127.in-addr.arpa" {
type master;
file "0.0.127.in-addr.arpa.zone";
};
zone "1.168.192.in-addr.arpa" {
type master;
file "1.168.192.in-addr.arpa.zone";
};
zone "localhost" {
type master;
file "localhost.zone";
};
zone "internal.com" {
type master;
file "internal.com.zone";
};
注意:1)在bind安装后有时没有文件named.ca,我们需要在/var/named/下加入这个文件,内容见附录
2)zode internal.com和1.168.192.in-addr.arpa是我加入的。
(2)增加逆向DNS解析文件 (可以解决telnet IP 很慢的问题)
/var/named/1.168.192.in-addr.arpa.zone,内容为:
$TTL 86400
@ IN SOA linux-server2. root.localhost (
2 ; serial
28800 ; refresh
7200 ; retry
604800 ; expire
86400 ; ttk
)
@ IN NS linux-server2.
120 IN PTR linux-server2.
注意:1) linux-server2是我的机器名,120 是我机器IP地址的最后三位(192.168.1.120)
(3)增加正向解析文件/var/named/internal.com.zone,内容为:
$TTL 86400
@ IN SOA internal.com. root.internal.com. (
3 ; serial
28800 ; refresh
7200 ; retry
604800 ; expire
86400 ; ttl
)
@ IN NS internal.com.
@ IN MX 20 internal.com.
@ IN MX 30 mail.internal.com.
www IN A 192.168.1.120
linux-server2 IN A 192.168.1.120
linux IN A 192.168.1.133
localhost IN A 127.0.0.1
mail IN A 192.168.1.120
注意:1) linux-server2是我的机器名,我机器IP地址是192.168.1.120,linux是另一台linux机器(可以不写)
(4)修改/etc/resolv.conf文件:加入如下内容
domain internal.com
nameserver 192.168.1.120
(5) 启动DNS服务
#/etc/rc.d/init.d/named start
(6)在windows 客户端配置:
在网络中的TCP/IP属性里加入DNS Server IP:192.168.1.120 即可
在cmd下ping www.internal.com or ping mail.internal.com:
ping mail.internal.com
Pinging mail.internal.com [192.168.1.120] with 32 bytes of data:
Reply from 192.168.1.120: bytes=32 time<1ms TTL=255
Reply from 192.168.1.120: bytes=32 time<1ms TTL=255
Reply from 192.168.1.120: bytes=32 time<1ms TTL=255
Reply from 192.168.1.120: bytes=32 time<1ms TTL=255
C:/Documents and Settings/zhoudshu>ping www.internal.com
Pinging www.internal.com [192.168.1.120] with 32 bytes of data:
Reply from 192.168.1.120: bytes=32 time<1ms TTL=255
Reply from 192.168.1.120: bytes=32 time<1ms TTL=255
Reply from 192.168.1.120: bytes=32 time<1ms TTL=255
Reply from 192.168.1.120: bytes=32 time<1ms TTL=255
二 安装sendMail软件
(1)测试DNS服务
nslookup
Note: nslookup is deprecated and may be removed from future releases.
Consider using the `dig' or `host' programs instead. Run nslookup with
the `-sil[ent]' option to prevent this message from appearing.
> mail.internal.com
Server: 192.168.1.120
Address: 192.168.1.120#53
Name: mail.internal.com
Address: 192.168.1.120
>
(2)缺省linux的安装等安装sendmail软件,在此我们只需要配置即可。可以使用命令检查是否安装了
#rpm -qa |grep sendmail
如果没有安装
#rpm -ivh sendmail.*.rpm(把sendmail的几个rpm包都装上,在RED HAT第一张光盘有)
(3)修改配置文件 /etc/sendmail.cf
#vi sendmail.cf(在264行的地方)
把O DaemonPortOptions=Port=smtp,Addr=127.0.0.1, Name=MTA
修改成
O DaemonPortOptions=Port=smtp,Addr=192.168.1.120, Name=MTA
如果没有这个文件,可以到/etc/mail/下运行命令:
# m4 sendmail.mc > sendmail.cf
# cp m4 sendmail.cf ../
(4)修改/etc/mail/access(没有的话创建一个)
localhost.localdomain RELAY
localhost RELAY
127.0.0.1 RELAY
192.168.1.0 RELAY
mail.internal.com RELAY
internal.com RELAY
# make access.db (run :)
(5)修改/etc/mail/local-host-names
mail.internal.com
internal.com
(6)启动sendmail程序:
#/etc/rc.d/init.d/sendmail restart
(7)使用netstat -tl 查看结果:
netstat -nl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:32768 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:199 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:110 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:143 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:6000 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:22289 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN
tcp 0 0 192.168.1.120:53 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:23 0.0.0.0:* LISTEN
tcp 0 0 192.168.1.120:25 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:33084 0.0.0.0:* LISTEN
udp 0 0 0.0.0.0:32768 0.0.0.0:*
udp 0 0 0.0.0.0:32772 0.0.0.0:*
udp 0 0 0.0.0.0:161 0.0.0.0:*
udp 0 0 192.168.1.120:53 0.0.0.0:*
udp 0 0 127.0.0.1:53 0.0.0.0:*
udp 0 0 0.0.0.0:111 0.0.0.0:*
三 需要安装IMAP
现在你可以收到所有来自外部的邮件.并且允许信赖的客户在远程传递信件.接下去你想要做的可能是如何在远程收取这些信件.要达到这个目的,你需要安装IMAP 或者 POP. redhat 7.1 默认安装的时候并没有安装POP/IMAP,所以你需要安装imap-2000-9 rpm包.
(1) 要查看这个包的安装状态,可以用下面的命令:rpm -aq | grep -i imap.如果发现没有安装,那就把redhat 7.1第二张安装光盘放到光驱里.然后运行如下命令:
[root@testmail mail]# mount /dev/cdrom /mnt/cdrom
mount: block device /dev/cdrom is write-protected, mounting read-only
(Successful Mount of Read-Only Media)
mount上光盘后运行这个命令来安装这个包:rpm -Uvh /mnt/cdrom/RedHat/RPMS/imap-2000-9.i386.rpm.
[root@testmail mail]# rpm -Uvh /mnt/cdrom/RedHat/RPMS/imap-2000-9.i386.rpm
Preparing... ########################################### [100%]
1:imap ########################################### [100%]
再运行一次 rpm -aq | grep -i imap
IMAP 包就罗列出来了。
[root@testmail mail]# rpm -aq | grep -i imap
imap-2000-9
[root@testmail mail]#
(2)这需要修改/etc/xinetd.d/下面的ipop3文件,把disable的值改成no。这个文件大致是这样的:
# default: off
# description: The POP3 service allows remote users to access their mail
# using an POP3 client such as Netscape Communicator, mutt,
# or fetchmail.
service pop3
{
socket_type = stream
wait = no
user = root
server = /usr/sbin/ipop3d
log_on_success += USERID
log_on_failure += USERID
disable = no
}
(3)重新启动xinetd来是它生效:
[root@testmail xinetd.d]# /etc/init.d/xinetd restart
Stopping xinetd: [ OK ]
Starting xinetd: [ OK ]
[root@testmail xinetd.d]#
(4)使用netstat -nl 查看结果:
# netstat -tl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 *:32768 *:* LISTEN
tcp 0 0 *:smux *:* LISTEN
tcp 0 0 *:pop3 *:* LISTEN
tcp 0 0 *:imap *:* LISTEN
tcp 0 0 *:sunrpc *:* LISTEN
tcp 0 0 *:x11 *:* LISTEN
tcp 0 0 *:wnn4_Cn *:* LISTEN
tcp 0 0 *:ftp *:* LISTEN
tcp 0 0 linux-server2:domain *:* LISTEN
tcp 0 0 linux-server2:domain *:* LISTEN
tcp 0 0 *:ssh *:* LISTEN
tcp 0 0 *:telnet *:* LISTEN
tcp 0 0 linux-server2:smtp *:* LISTEN
tcp 0 0 linux-server2:rndc *:* LISTEN
tcp 0 0 linux-server2:33084 *:* LISTEN
四 设置email用户
(1)email用户使用Linux系统下的用户,所以我们需要添加linux用户,就是email的用户
(2)配置虚拟用户表/etc/mail/virtusertable
creco@internal.com creco
liubj@internal.com liubj
zengjl@internal.com zengjl
yehm@internal.com yehm
zhouds@internal.com zhouds
#make virtusertable.db(运行此命令使之生效)
(3)设置组用户。
在/etc/aliases文件中加入一行:
ats: zhouds,yehm,liubj,zengjl
然后运行命令:#newaliases 使之修改生效。这样我们就可以 使用 ats@internal.com来发送email给四个人
(4)重启动sendmail程序使之配置文件生效:
#/etc/rc.d/init.d/sendmail restart
五 windows foxmail的配置
email地址:zhouds@internal.com
smtp:mail.internal.com
pop3:mail.internal.com
user/passwd 是linux系统用户和密码
六 问题:
(1)优化一下服务器的性能。或许你会收到这样的抱怨,说是当客户端程序运行在防火墙后面的话会发生连接pop端口速度变慢。
造成这个延时的原因是你的e-mail服务器初始一个IDENT会话来确认客户端的身份。如果这个询问没有反应,那服务器就会在5秒后发出一个超时信号。这个值可以降低到1秒,从而减少IDENT产生影响。修改/etc/SendMail.cf文件,把timeout的值改成你想要的值。
# timeouts (many of these)
#O Timeout.ident=5s
change to
O Timeout.ident=1s
(2)系统log日志的目录是/var/log/
我们可以查看messege文件来定位哪儿出现了问题(尤其当named,sendmail,imap启动不了时)
附录:named.ca 的内容
; This file holds the inFORMation on root name servers needed to
; initialize cache of Internet domain name servers
; (e.g. reference this file in the "cache . "
; configuration file of BIND domain name servers).
;
; This file is made available by InterNIC registration services
; under anonymous FTP as
; file /domain/named.root
; on server FTP.RS.INTERNIC.NET
; -OR- under Gopher at RS.INTERNIC.NET
; under menu InterNIC Registration Services (NSI)
; submenu InterNIC Registration Archives
; file named.root
;
; last update: Aug 22, 1997
; related version of root zone: 1997082200
;
;
; FORMerly NS.INTERNIC.NET
;
. 3600000 IN NS A.ROOT-SERVERS.NET.
A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4
;
; FORMerly NS1.ISI.EDU
;
. 3600000 NS B.ROOT-SERVERS.NET.
B.ROOT-SERVERS.NET. 3600000 A 128.9.0.107
;
; FORMerly C.PSI.NET
;
. 3600000 NS C.ROOT-SERVERS.NET.
C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12
;
; FORMerly TERP.UMD.EDU
;
. 3600000 NS D.ROOT-SERVERS.NET.
D.ROOT-SERVERS.NET. 3600000 A 128.8.10.90
;
; FORMerly NS.NASA.GOV
;
. 3600000 NS E.ROOT-SERVERS.NET.
E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10
;
; FORMerly NS.ISC.ORG
;
. 3600000 NS F.ROOT-SERVERS.NET.
F.ROOT-SERVERS.NET. 3600000 A 192.5.5.241
;
; FORMerly NS.NIC.DDN.MIL
;
. 3600000 NS G.ROOT-SERVERS.NET.
G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4
;
; FORMerly AOS.ARL.ARMY.MIL
;
. 3600000 NS H.ROOT-SERVERS.NET.
H.ROOT-SERVERS.NET. 3600000 A 128.63.2.53
;
; FORMerly NIC.NORDU.NET
;
. 3600000 NS I.ROOT-SERVERS.NET.
I.ROOT-SERVERS.NET. 3600000 A 192.36.148.17
;
; temporarily housed at NSI (InterNIC)
;
. 3600000 NS J.ROOT-SERVERS.NET.
J.ROOT-SERVERS.NET. 3600000 A 198.41.0.10
;
; housed in LINX, operated by RIPE NCC
;
. 3600000 NS K.ROOT-SERVERS.NET.
K.ROOT-SERVERS.NET. 3600000 A 193.0.14.129
;
; temporarily housed at ISI (IANA)
;
. 3600000 NS L.ROOT-SERVERS.NET.
L.ROOT-SERVERS.NET. 3600000 A 198.32.64.12
;
; housed in Japan, operated by WIDE
;
. 3600000 NS M.ROOT-SERVERS.NET.
M.ROOT-SERVERS.NET. 3600000 A 202.12.27.33
; End of File
| 
转播
