This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
сервис_mta [2019/11/21 12:10] val [Настройка MTA на релеинг почты на основе аутентификации] |
сервис_mta [2023/03/09 09:34] val [Использование почтовых псевдонимов] |
||
---|---|---|---|
Line 33: | Line 33: | ||
=== Debian/Ubuntu (postfix) === | === Debian/Ubuntu (postfix) === | ||
<code> | <code> | ||
+ | root@server:~# debconf-set-selections <<< "postfix postfix/main_mailer_type string 'Internet Site'" | ||
+ | root@server:~# debconf-set-selections <<< "postfix postfix/mailname string corpX.un" | ||
+ | |||
root@server:~# apt install postfix | root@server:~# apt install postfix | ||
- | ... | ||
- | General type of mail configuration: Internet Site | ||
- | System mail name: server.corpX.un | ||
- | ... | ||
+ | root@server:~# debconf-show postfix | grep destinations | ||
root@server:~# man 1 postconf | root@server:~# man 1 postconf | ||
Line 47: | Line 47: | ||
root@server:~# postconf -d | root@server:~# postconf -d | ||
+ | </code> | ||
+ | |||
+ | === Exim === | ||
+ | |||
+ | !!! В конфигурации остается запрет отправлять почту на сервера с "серыми" ip (на курсах) | ||
+ | |||
+ | <code> | ||
+ | # dpkg-reconfigure exim4-config | ||
+ | ... | ||
+ | intenet site, все остальное по умолчанию | ||
+ | ... | ||
</code> | </code> | ||
Line 71: | Line 82: | ||
<code> | <code> | ||
server# nslookup -q=A corpX.un | server# nslookup -q=A corpX.un | ||
+ | </code> | ||
+ | |||
+ | === Настройка MTA postfix (Debian/Ubuntu) === | ||
+ | <code> | ||
+ | root@server:~# cat /etc/postfix/main.cf | ||
+ | </code><code> | ||
+ | ... | ||
+ | mydestination = server.corpX.un, localhost.corpX.un, , localhost, corpX.un | ||
+ | ... | ||
+ | </code><code> | ||
+ | root@server:~# postconf | ||
+ | |||
+ | root@server:~# service postfix check | ||
+ | |||
+ | root@server:~# service postfix reload | ||
</code> | </code> | ||
Line 94: | Line 120: | ||
[server:/etc/mail] # /etc/rc.d/sendmail restart | [server:/etc/mail] # /etc/rc.d/sendmail restart | ||
</code> | </code> | ||
+ | ==== Настройка MTA на релеинг почты из LAN ==== | ||
- | === Настройка MTA postfix (Debian/Ubuntu) === | + | === postfix (Debian/Ubuntu) === |
<code> | <code> | ||
- | root@server:~# cat /etc/postfix/main.cf | + | root@gate:~# cat /etc/postfix/main.cf |
</code><code> | </code><code> | ||
... | ... | ||
- | mydestination = server.corpX.un, localhost.corpX.un, , localhost, corpX.un | + | mynetworks = ... 192.168.X.0/24 |
... | ... | ||
</code><code> | </code><code> | ||
- | root@server:~# postconf | + | root@gate:~# service postfix reload |
- | + | ||
- | root@server:~# service postfix check | + | |
- | + | ||
- | root@server:~# service postfix reload | + | |
- | + | ||
</code> | </code> | ||
- | |||
- | ==== Настройка MTA на релеинг почты из LAN ==== | ||
=== sendmail (FreeBSD) === | === sendmail (FreeBSD) === | ||
Line 135: | Line 154: | ||
[server:/etc/mail] # /etc/rc.d/sendmail restart | [server:/etc/mail] # /etc/rc.d/sendmail restart | ||
</code> | </code> | ||
+ | ==== Настройка MTA на использование MTA провайдера ==== | ||
- | === postfix (Ubuntu) === | + | === postfix (Debian/Ubuntu) === |
<code> | <code> | ||
root@server:~# cat /etc/postfix/main.cf | root@server:~# cat /etc/postfix/main.cf | ||
</code><code> | </code><code> | ||
... | ... | ||
- | mynetworks = ... 192.168.X.0/24 | + | relayhost = gate.corpX.un |
... | ... | ||
</code><code> | </code><code> | ||
root@server:~# service postfix reload | root@server:~# service postfix reload | ||
</code> | </code> | ||
- | ==== Настройка MTA на использование MTA провайдера ==== | ||
=== sendmail (FreeBSD) === | === sendmail (FreeBSD) === | ||
Line 166: | Line 185: | ||
</code> | </code> | ||
- | === postfix (Debian/Ubuntu) === | + | |
+ | |||
+ | ==== Настройка MTA на релеинг почты домена corpX.un ==== | ||
+ | |||
+ | === Debian/Ubuntu === | ||
<code> | <code> | ||
- | root@server:~# cat /etc/postfix/main.cf | + | root@gate:~# cat /etc/postfix/main.cf |
</code><code> | </code><code> | ||
... | ... | ||
- | relayhost = gate.corpX.un | + | relay_domains = $mydestination, corpX.un |
- | ... | + | |
</code><code> | </code><code> | ||
- | root@server:~# /etc/init.d/postfix reload | + | root@gate:~# service postfix reload |
- | </code> | + | |
- | ==== Настройка MTA на релеинг почты домена corpX.un ==== | + | root@gate:~# tail -f /var/log/mail.log |
+ | </code> | ||
=== FreeBSD === | === FreeBSD === | ||
Line 200: | Line 222: | ||
[gate:~] # tail -f /var/log/maillog | [gate:~] # tail -f /var/log/maillog | ||
</code> | </code> | ||
- | |||
- | === Debian/Ubuntu === | ||
- | <code> | ||
- | root@gate:~# cat /etc/postfix/main.cf | ||
- | </code><code> | ||
- | ... | ||
- | relay_domains = $mydestination, corpX.un | ||
- | </code><code> | ||
- | root@gate:~# service postfix reload | ||
- | |||
- | root@gate:~# tail -f /var/log/mail.log | ||
- | </code> | ||
- | |||
==== Настройка MTA на релеинг почты на основе аутентификации ==== | ==== Настройка MTA на релеинг почты на основе аутентификации ==== | ||
Line 221: | Line 230: | ||
<code> | <code> | ||
# cat /etc/postfix/main.cf | # cat /etc/postfix/main.cf | ||
+ | </code><code> | ||
+ | ... | ||
+ | smtpd_tls_cert_file = /root/server.crt | ||
+ | smtpd_tls_key_file = /root/server.key | ||
+ | smtpd_use_tls = yes | ||
+ | ... | ||
+ | smtpd_relay_restrictions = ... permit_sasl_authenticated ... | ||
... | ... | ||
smtpd_sasl_path = private/auth | smtpd_sasl_path = private/auth | ||
smtpd_sasl_auth_enable = yes | smtpd_sasl_auth_enable = yes | ||
smtpd_sasl_type = dovecot | smtpd_sasl_type = dovecot | ||
+ | |||
+ | #for kerberos gssapi | ||
+ | line_length_limit = 8192 | ||
</code> | </code> | ||
==== Использование почтовых псевдонимов ==== | ==== Использование почтовых псевдонимов ==== | ||
- | === FreeBSD === | + | * [[Регистрация событий в Linux]] |
- | <code> | + | |
- | # cat /etc/mail/aliases | + | |
- | </code> | + | |
=== Debina/Ubuntu === | === Debina/Ubuntu === | ||
<code> | <code> | ||
# cat /etc/aliases | # cat /etc/aliases | ||
- | </code> | + | </code><code> |
- | + | ||
- | === FreeBSD/Debina/Ubuntu === | + | |
- | <code> | + | |
... | ... | ||
- | root: val@isp.un | + | root: userX@isp.un |
+ | |||
+ | # root: "|logger -t mail-to-root -p mail.info" | ||
+ | |||
+ | #nagios: userX@isp.un | ||
+ | #nagios: student@corpX.un | ||
support: user1, user2 | support: user1, user2 | ||
Line 248: | Line 266: | ||
</code><code> | </code><code> | ||
# newaliases | # newaliases | ||
+ | |||
+ | # apt install logwatch | ||
+ | ... | ||
# mail root | # mail root | ||
Line 265: | Line 286: | ||
=== Добавление учетных записей пользователей виртуальных доменов === | === Добавление учетных записей пользователей виртуальных доменов === | ||
- | [[Управление учетными записями в Linux]], [[Управление учетными записями в FreeBSD]] | + | [[Управление учетными записями в Linux]] |
=== Настройка MTA на поддержку виртуального домена === | === Настройка MTA на поддержку виртуального домена === | ||
+ | |||
+ | == postfix (Debian/Ubuntu) == | ||
+ | <code> | ||
+ | root@server:~# cat /etc/postfix/main.cf | ||
+ | </code><code> | ||
+ | ... | ||
+ | mydestination = server.corpX.un, localhost.corpX.un, corpX.un, compX.un, localhost | ||
+ | virtual_alias_maps = hash:/etc/postfix/virtual | ||
+ | ... | ||
+ | </code><code> | ||
+ | root@server:~# cat /etc/postfix/virtual | ||
+ | </code><code> | ||
+ | info@corpX.un user1 | ||
+ | info@compX.un user2 | ||
+ | </code><code> | ||
+ | root@server:~# postmap /etc/postfix/virtual | ||
+ | |||
+ | root@server:~# service postfix reload | ||
+ | |||
+ | gate.isp.un$ mail info@corpX.un | ||
+ | |||
+ | gate.isp.un$ mail info@compX.un | ||
+ | |||
+ | server# mail -u user1 | ||
+ | |||
+ | server# mail -u user2 | ||
+ | </code> | ||
== sendmail (FreeBSD) == | == sendmail (FreeBSD) == | ||
Line 296: | Line 344: | ||
[server:/etc/mail] # /etc/rc.d/sendmail restart | [server:/etc/mail] # /etc/rc.d/sendmail restart | ||
</code> | </code> | ||
- | |||
- | == postfix (Debian/Ubuntu) == | ||
- | <code> | ||
- | root@server:~# cat /etc/postfix/main.cf | ||
- | </code><code> | ||
- | ... | ||
- | mydestination = server.corpX.un, localhost.corpX.un, corpX.un, compX.un, localhost | ||
- | virtual_alias_maps = hash:/etc/postfix/virtual | ||
- | ... | ||
- | </code><code> | ||
- | root@server:~# cat /etc/postfix/virtual | ||
- | </code><code> | ||
- | info@corpX.un user1 | ||
- | info@compX.un user2 | ||
- | </code><code> | ||
- | root@server:~# postmap /etc/postfix/virtual | ||
- | |||
- | root@server:~# service postfix reload | ||
- | </code> | ||
- | |||
- | === Тестирование === | ||
- | <code> | ||
- | gate# mail info@corpX.un | ||
- | |||
- | gate# mail info@compX.un | ||
- | |||
- | server# mail -u user1 | ||
- | |||
- | server# mail -u user2 | ||
- | </code> | ||
- | |||
==== Сокрытие названия сервиса ==== | ==== Сокрытие названия сервиса ==== | ||
- | === Ubuntu (postfix) === | + | === Debian/Ubuntu (postfix) === |
<code> | <code> | ||
# postconf -d | grep mail_name | # postconf -d | grep mail_name | ||
Line 337: | Line 354: | ||
# postconf -e 'smtpd_banner = $myhostname ESMTP $mail_name (Windows 2008R2)' | # postconf -e 'smtpd_banner = $myhostname ESMTP $mail_name (Windows 2008R2)' | ||
- | # /etc/init.d/postfix reload | + | # service postfix reload |
</code> | </code> | ||