CentOS7部署DNS和E-mail服務
配置DNS服務
安裝bind包
yum install bind bind-utils
編輯主配置文件,更改如下參數
vi /etc/named.conf
listen-on port 53 { any; };
allow-query { any; };
include "/etc/named.rfc1912.zones";
定義zone,正向和反向解析配置
vi /etc/named.rfc1912.zones
zone "localyum.com" IN {
type master;
file "localyum.com.zone";
allow-update { none; };
};
zone "71.80.168.192.in-addr.arpa" IN {
type master;
file "192.168.80.71.zone";
allow-update { none; };
};
定義正向解析文件
cd /var/named/
cp named.localhost localyum.com.zone
vi localyum.com.zone
$TTL 1D
$ORIGIN localyum.com.
@ IN SOA ns.localyum.com. admin.localyum.com. (
2017101401 ; serial
1H ; refresh
10M ; retry
1W ; expire
3H ) ; minimum
NS ns
MX 10 mail
ns A 192.168.80.71
mail A 192.168.80.71
www A 192.168.80.71定義反向解析文件
chmod .named localyum.com.zone
named-checkconf #檢查配置文件
named-checkzone localyum.com /var/named/localyum.com.zone #檢查域名配置
cp named.loopback 192.168.80.zone
vi 192.168.80.71.zone
$TTL 1D
@ IN SOA ns.localyum.com. admin.localyum.com. (
001 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS @
A 192.168.80.71
PTR www.localyum.com.
PTR mail.localyum.com.重載配置或重啟dns服務,註意看日誌是否報錯
chown .named 192.168.80.zone
named-checkconf
rndc reload 或者 systemctl restart named
ss -tnl
先測試外網dns解析
more /etc/resolv.conf
ip route
host www.baidu.com
dig -t NS www.qq.com
dig -t NS . #是否能夠解析互聯網根dns服務器
添加本地dns地址
cd /etc/sysconfig/network-scripts/
vi ifcfg-eth1
DNS1=192.168.80.71
DNS2=192.168.80.2
systemctl restart network
more /etc/resolv.conf #顯示如下
nameserver 192.168.80.71
nameserver 192.168.80.2
測試本地dns解析
ip route
host -t A www.localyum.com
dig -t A www.localyum.com @192.168.80.71
dig -t NS . @192.168.80.71
dig -t MX mail.localyum.com @192.168.80.71
dig -x 192.168.80.71 @192.168.80.71
MX記錄還是有問題!
解析結果:
[[email protected] named]# host -t A www.localyum.com
www.localyum.com has address 192.168.80.76
###正向解析
[[email protected] named]# dig -t A www.localyum.com @192.168.80.71
; <<>> DiG 9.9.4-RedHat-9.9.4-50.el7_3.1 <<>> -t A www.localyum.com @192.168.80.71 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60945 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;www.localyum.com. IN A ;; ANSWER SECTION: www.localyum.com. 86400 IN A 192.168.80.76 ;; AUTHORITY SECTION: localyum.com. 86400 IN NS ns.localyum.com. ;; ADDITIONAL SECTION: ns.localyum.com. 86400 IN A 192.168.80.71 ;; Query time: 0 msec ;; SERVER: 192.168.80.71#53(192.168.80.71) ;; WHEN: Sun Oct 15 20:45:59 CST 2017 ;; MSG SIZE rcvd: 94
###反向解析
[[email protected] named]# dig -x 192.168.80.71 @192.168.80.71
; <<>> DiG 9.9.4-RedHat-9.9.4-50.el7_3.1 <<>> -x 192.168.80.71 @192.168.80.71 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 46195 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 2 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;71.80.168.192.in-addr.arpa. IN PTR ;; ANSWER SECTION: 71.80.168.192.in-addr.arpa. 86400 IN PTR mail.localyum.com. 71.80.168.192.in-addr.arpa. 86400 IN PTR www.localyum.com. ;; AUTHORITY SECTION: 71.80.168.192.in-addr.arpa. 86400 IN NS 71.80.168.192.in-addr.arpa. ;; ADDITIONAL SECTION: 71.80.168.192.in-addr.arpa. 86400 IN A 192.168.80.71 ;; Query time: 1 msec ;; SERVER: 192.168.80.71#53(192.168.80.71) ;; WHEN: Sun Oct 15 20:45:24 CST 2017 ;; MSG SIZE rcvd: 134
##########################
配置E-mail服務
安裝軟件包
yum install postfix dovecot cyrus-sasl-*
配置postfix
vi /etc/postfix/main.cf #參考如下修改,有些參數是默認的不用改,最後的smtpd_sasl配置需手動添加
grep "^[^#]" /etc/postfix/man.cf
queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
mail_owner = postfix
myhostname = mail.localyum.com
mydomain = localyum.com
myorigin = $mydomain
inet_interfaces = all
inet_protocols = all
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain, mail.$mydomain, www.$mydomain, ftp.$mydomain
local_recipient_maps =
unknown_local_recipient_reject_code = 550
mynetworks = 0.0.0.0/0
relay_domains = $mydestination
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
home_mailbox = Maildir/
debug_peer_level = 2
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
ddd $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/sbin/sendmail.postfix
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq.postfix
setgid_group = postdrop
html_directory = no
manpage_directory = /usr/share/man
sample_directory = /usr/share/doc/postfix-2.10.1/samples
readme_directory = /usr/share/doc/postfix-2.10.1/README_FILES
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_sasl_authenticated,reject_unauth_destination,permit_mynetworks
smtpd_client_restrictions = permit_sasl_authenticated配置dovecot
vi /etc/dovecot/dovecot.conf
protocols = imap pop3 lmtp
listen = *, ::
vi /etc/dovecot/conf.d/10-auth.conf
disable_plaintext_auth = no
auth_mechanisms = plain
!include auth-system.conf.ext
vi /etc/dovecot/conf.d/10-mail.conf
mail_location = maildir:~/Maildir
namespace inbox {
first_valid_uid = 1000
mbox_write_locks = fcntl
vi /etc/dovecot/conf.d/10-ssl.conf
ssl = no
ssl_cert = </etc/pki/dovecot/certs/dovecot.pem
ssl_key = </etc/pki/dovecot/private/dovecot.pem
配置saslauthd認證
vi /etc/sysconfig/saslauthd
SOCKETDIR=/run/saslauthd
MECH=shadow
FLAGS=
vi /usr/lib64/sasl2/smtpd.conf #沒有的話就創建該文件
pwcheck_method: saslauthd
mech_list: PLAIN LOGIN
log_level: 3
啟動服務
systemctl restart postfix dovecot saslauthd
systemctl status postfix dovecot saslauthd
ss -tnl
新建用戶並測試收發郵件
more /etc/passwd
useradd usera
echo redhat | passwd --stdin usera
useradd userb
echo redhat | passwd --stdin userb
ll /home/usera/Maildir/
systemctl enable named postfix dovecot saslauthd
之後就可以通過Foxmail等郵件客戶端登錄互相收發郵件了,註意需要配置輔助dns為192.168.80.71,這樣才能解析本地域名mail.localyum.com
主機端口監聽情況如下:
[[email protected] ~]# ss -tnl
State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 100 *:110 *:* LISTEN 0 100 *:143 *:* LISTEN 0 10 192.168.80.71:53 *:* LISTEN 0 10 192.168.10.71:53 *:* LISTEN 0 10 127.0.0.1:53 *:* LISTEN 0 128 *:22 *:* LISTEN 0 100 *:25 *:* LISTEN 0 128 127.0.0.1:953 *:* LISTEN 0 100 :::110 :::* LISTEN 0 100 :::143 :::* LISTEN 0 10 ::1:53 :::* LISTEN 0 128 :::22 :::* LISTEN 0 100 :::25 :::* LISTEN 0 128 ::1:953 :::*
[[email protected] ~]# netstat -tnlp
Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:110 0.0.0.0:* LISTEN 1042/dovecot tcp 0 0 0.0.0.0:143 0.0.0.0:* LISTEN 1042/dovecot tcp 0 0 192.168.80.71:53 0.0.0.0:* LISTEN 2233/named tcp 0 0 192.168.10.71:53 0.0.0.0:* LISTEN 2233/named tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 2233/named tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1023/sshd tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 2233/named tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 1169/master tcp6 0 0 :::110 :::* LISTEN 1042/dovecot tcp6 0 0 :::143 :::* LISTEN 1042/dovecot tcp6 0 0 ::1:53 :::* LISTEN 2233/named tcp6 0 0 :::22 :::* LISTEN 1023/sshd tcp6 0 0 ::1:953 :::* LISTEN 2233/named tcp6 0 0 :::25 :::* LISTEN 1169/master
本文出自 “rackie” 博客,請務必保留此出處http://rackie386.blog.51cto.com/11279229/1972618
CentOS7部署DNS和E-mail服務