Postfix+Dovecot
文章目錄
- Postfix+Dovecot
- 資源列表
- 基礎環境
- 一、部署DNS
- 二、部署postfix和dovecot
- 2.1、配置postfix
- 2.2、配置dovecot
- 2.3、創建郵件用戶
- 三、發送郵件測試
- 3.1、windows安裝poxmail
- 3.2、登錄郵箱
- 3.3、發送接收郵件
- 四、搭建SSL認證加密
- 4.1、生成私鑰
- 4.2、生成公鑰
- 4.3、生成自簽證書
- 4.4、更改證書權限
- 4.5、配置發件SSL
- 4.6、配置收件SSL
- 五、驗證SSL
資源列表
| 操作系統 | 配置 | 主機名 | IP | 所需軟件 |
|---|---|---|---|---|
| CentOS 7.9 | 2C4G | ns.bdqn.com | 192.168.93.101 | bind postfix dovecot ssl證書 |
| Windows 10 | 2C4G | client | IP:192.168.93.100 網關:192.168.93.101 | FoxmailSetup_7.2.23.121 |
基礎環境
- 關閉防火墻
systemctl stop firewalld
systemctl disable firewalld
- 關閉內核安全機制
setenforce 0
sed -i "s/^SELINUX=.*/SELINUX=disabled/g" /etc/selinux/config
- 修改主機名
hostnamectl set-hostname ns.bdqn.com
一、部署DNS
- 郵件服務器做下面操作 (ns.bdqn.com)
[root@ns ~]# yum -y install bind*
# 備份主配置文件
[root@ns ~]# cp /etc/named.conf /tmp/named.conf.bak[root@ns ~]# vim /etc/named.conf
# 原有的基礎上修改
options {listen-on port 53 { 192.168.93.101; };allow-query { any; };# 末尾添加即可
zone "bdqn.com" IN {type master;file "bdqn.com.zone";allow-transfer {192.168.93.100;};
};# 拷貝一個正向解析區域文件進行修改
[root@ns ~]# cp -p /var/named/named.localhost /var/named/bdqn.com.zone
[root@ns ~]# vim /var/named/bdqn.com.zone
$TTL 1D
@ IN SOA bdqn.com. admin.bdqn.com. (0 ; serial1D ; refresh1H ; retry1W ; expire3H ) ; minimum
@ NS ns.bdqn.com.MX 10 mail.bdqn.com.
ns A 192.168.93.101
mail A 192.168.93.101
* A 192.168.93.101# 重新設置權限
[root@ns ~]# chown named:named /etc/named.conf
[root@ns ~]# chown named:named /var/named/bdqn.com.zone [root@ns ~]# systemctl start named
[root@ns ~]# systemctl enable named-
Windows 10 修改DNS
-
測試DNS
# Winsows 10 打開CMD進行ping測試
ping mail.bdqn.com
ping ns.bdqn.com
ping web.bdqn.com
二、部署postfix和dovecot
- ns.bdqn.com節點操作
2.1、配置postfix
- postfix:提供發郵件功能
[root@ns ~]# yum -y install postfix # 默認已經安裝以下操作均默認存在,只需要在原有的配置上進行修改即可
[root@ns ~]# vim /etc/postfix/main.cf
myhostname = ns.bdqn.com # 填寫服務器主機名
mydomain = bdqn.com # 設置服務器域名
inet_interfaces = 192.168.93.101 # 修改監聽地址,也可以寫成all
mydestination = $mydomain,$myhostname # 定義可接受的主機或域名列表
home_mailbox = Maildir/ # 郵箱保存路徑
[root@ns ~]# systemctl restart postfix.service # 監聽postfix端口,25
[root@ns ~]# netstat -anpt | grep 25
tcp 0 0 192.168.93.101:25 0.0.0.0:* LISTEN 14995/master 2.2、配置dovecot
- dovecot:提供發郵件功能
[root@ns ~]# yum -y install dovecot* # 安裝發郵件服務先進行全局搜索配置項,有的話就修改,沒有就添加
[root@ns ~]# vim /etc/dovecot/dovecot.conf
!include conf.d/10-auth.conf
ssl=no
disable_plaintext_auth = no
mail_location=maildir:~/Maildir[root@ns ~]# systemctl start dovecot
[root@ns ~]# systemctl enable dovecot# 監聽dovecot端口、110
[root@ns ~]# netstat -anpt | grep 110
tcp 0 0 0.0.0.0:110 0.0.0.0:* LISTEN 15233/dovecot
tcp6 0 0 :::110 :::* LISTEN 15233/dovecot
2.3、創建郵件用戶
[root@ns ~]# groupadd mailusers
[root@ns ~]# useradd -g mailusers -s /sbin/nologin test01
[root@ns ~]# useradd -g mailusers -s /sbin/nologin test02
[root@ns ~]# echo "123" | passwd --stdin test01
[root@ns ~]# echo "123" | passwd --stdin test02
[root@ns ~]# chmod 600 /var/mail/*三、發送郵件測試
3.1、windows安裝poxmail
- 下面是下載軟件地址
https://dldir1.qq.com/foxmail/windows/FoxmailSetup_7.2.23.121.exe
3.2、登錄郵箱
- 登錄test01用戶賬號
- 登錄test02郵箱賬號
3.3、發送接收郵件
四、搭建SSL認證加密
- 安裝搭建SSL認證加密,防止有人竊取文件
[root@ns ~]# yum -y install openssl # 默認已經安裝
4.1、生成私鑰
# 生成私鑰
[root@ns ~]# cd /etc/pki/tls/certs/
[root@ns certs]# make server.key
umask 77 ; \
/usr/bin/openssl genrsa -aes128 2048 > server.key
Generating RSA private key, 2048 bit long modulus
.....................................+++
.........................................................................................+++
e is 65537 (0x10001)
Enter pass phrase: # 密碼123456
Verifying - Enter pass phrase: # 確認密碼[root@ns certs]# openssl rsa -in server.key -out server.key
Enter pass phrase for server.key: # 輸入剛剛的密碼123456
writing RSA key4.2、生成公鑰
# 生成公鑰
[root@ns certs]# make server.csr
umask 77 ; \
/usr/bin/openssl req -utf8 -new -key server.key -out server.csr
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:CN #中國
State or Province Name (full name) []:HeNan #河南
Locality Name (eg, city) [Default City]:ZhengZhou #鄭州
Organization Name (eg, company) [Default Company Ltd]:kgc #單位
Organizational Unit Name (eg, section) []:jisuanji #組織單位
Common Name (eg, your name or your server's hostname) []:bdqn.com
Email Address []: #回車Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []: #回車
An optional company name []: #回車4.3、生成自簽證書
[root@ns certs]# openssl x509 -in server.csr -out server.crt -req -signkey server.key -days 3650
Signature ok
subject=/C=CN/ST=HeNan/L=ZhengZhou/O=kgc/OU=jisuanji/CN=bdqn.com
Getting Private key4.4、更改證書權限
[root@ns certs]# chmod 400 server.*
[root@ns certs]# ls server.*
server.crt server.csr server.key
4.5、配置發件SSL
[root@ns certs]# vim /etc/postfix/main.cf
# 末尾添加即可
smtpd_use_tls = yes
smtpd_tls_cert_file = /etc/pki/tls/certs/server.crt
smtpd_tls_key_file = /etc/pki/tls/certs/server.key[root@ns certs]# vim /etc/postfix/master.cf
# 26、28行取消注釋
smtps inet n - n - - smtpd-o smtpd_tls_wrappermode=yes# 監聽端口、465
[root@ns certs]# systemctl restart postfix.service
[root@ns certs]# netstat -anpt | grep 465
tcp 0 0 192.168.93.101:465 0.0.0.0:* LISTEN 15621/master
4.6、配置收件SSL
[root@ns certs]# vim /etc/dovecot/dovecot.conf
# 將下面一行配置端更改為*
!include conf.d/*.conf
# 刪除下面兩行配置項
ssl=no
disable_plaintext_auth = no[root@ns certs]# vim /etc/dovecot/conf.d/10-ssl.conf
ssl = yes # 更改為yes
# 修改下面兩行配置項
ssl_cert = </etc/pki/tls/certs/server.crt
ssl_key = </etc/pki/tls/certs/server.key
[root@ns certs]# systemctl restart dovecot# 監聽端口、995
[root@ns certs]# netstat -anpt | grep 995
tcp 0 0 0.0.0.0:995 0.0.0.0:* LISTEN 15752/dovecot
tcp6 0 0 :::995 :::* LISTEN 15752/dovecot
五、驗證SSL
-
test01、test02都開啟SSL端口分別為995、465
-
進行發送跟接收文件步驟和第三步驟一樣,重復一遍即可
)
![YOLOv8_pose預測流程-原理解析[關鍵點檢測理論篇]](http://pic.xiahunao.cn/YOLOv8_pose預測流程-原理解析[關鍵點檢測理論篇])
)
