|
|
一、模块说明
postfix是centos系统自带的邮件发送服务,本模块只实现邮件发送和SASL认证功能,目的是为了给程序提供发送注册等通知类邮件给用户的功能。
二、目录结构
三、代码展示 1、manifests目录 init.pp 1
2
3
| class postfix{
include postfix::install,postfix::config,postfix::service
}
|
install.pp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
| class postfix::install {
package { ['postfix','cyrus-sasl','cyrus-sasl-plain','cyrus-sasl-md5']:
ensure => installed,
before => User["postfix"],
}
package { 'sendmail':
ensure => absent,
}
file { '/usr/lib/sasl2':
ensure => directory,
}
file {"/home/service1":
ensure => directory,
group => service1,
owner => service1,
mode => 755,
}
user { "service1":
ensure => present,
shell => '/sbin/nologin',
home => '/home/service1',
password => '$6$mFk7ouL3$pJ1OHG1HF4nM/DKF14iPxn5UQOVoGnQcfngAnukn9.JCflW18mI10zUUVgEzDk21zLhdKTqSy0quvL1jH46qk0',
}
user { "postfix":
ensure => present,
groups => 'root',
}
Exec{ path => ['/usr/bin','/usr/sbin','/bin','/sbin'] }
exec { 'open_port_25':
command => 'iptables -I INPUT -p tcp --dport 25 -j ACCEPT',
unless => 'grep "tcp --dport 25" /etc/sysconfig/iptables 2>/dev/null',
}
exec { 'save_port_25':
command => 'service iptables save',
refreshonly => true,
subscribe => Exec['open_port_25'],
}
}
|
config.pp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
| class postfix::config {
file { '/etc/postfix/main.cf':
ensure => file,
content => template("postfix/main.cf.erb"),
owner => root,
group => root,
mode => '0644',
require => Class['postfix::install'],
}
file { '/usr/lib/sasl2/smtpd.conf':
ensure => file,
content => template("postfix/smtpd.conf.erb"),
owner => root,
group => root,
mode => '0644',
require => Class['postfix::install'],
}
file { '/etc/sysconfig/saslauthd':
ensure => file,
content => template("postfix/saslauthd.erb"),
owner => root,
group => root,
mode => '0644',
require => Class['postfix::install'],
}
}
|
service.pp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
| class postfix::service {
service { 'postfix':
ensure => 'running',
enable => 'true',
hasrestart => 'true',
hasstatus => 'true',
subscribe => File['/etc/postfix/main.cf'],
}
service { 'saslauthd':
ensure => 'running',
enable => 'true',
hasrestart => 'true',
hasstatus => 'true',
subscribe => File[['/usr/lib/sasl2/smtpd.conf'],['/etc/sysconfig/saslauthd']],
}
}
|
2、templates目录
main.cf.erb #配置文件,centos6.5默认会安装postfix2.6.6版本;根据网络环境修改mynetworks参数
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
| alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
html_directory = no
inet_interfaces = all
inet_protocols = all
mail_owner = postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
mydestination = $myhostname, localhost.$mydomain, localhost,$mydomain
newaliases_path = /usr/bin/newaliases.postfix
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.6.6/README_FILES
sample_directory = /usr/share/doc/postfix-2.6.6/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
unknown_local_recipient_reject_code = 550
myhostname = mail.eworkpal.com
mydomain = eworkpal.com
myorigin = $mydomain
mynetworks = 127.0.0.1,10.188.1.0/24
home_mailbox = Maildir/
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
|
saslauthd.erb
1
2
3
4
5
6
7
8
9
10
11
| # Directory in which to place saslauthd's listening socket, pid file, and so
# on. This directory must already exist.
SOCKETDIR=/var/run/saslauthd
# Mechanism to use when checking passwords. Run "saslauthd -v" to get a list
# of which mechanism your installation was compiled with the ablity to use.
MECH=shadow
# Options sent to the saslauthd. If the MECH is other than "pam" uncomment the next line.
# DAEMONOPTS=--user saslauth
# Additional flags to pass to saslauthd on the command line. See saslauthd(8)
# for the list of accepted flags.
FLAGS=
|
smtpd.conf.erb
1
| pwcheck_method: saslauthd
|
四、Foreman配置
参考前面文章,这里不需要设置参数
五、测试
1、设置DNS解析 A记录:mail.ewin.com 10.188.1.41 MX记录:mail.ewin.com 2、添加用户
1
| [iyunv@T-Master-41 postfix]#
|
3、测试sasl认证
1
| [iyunv@T-Master-41 postfix]#
|
4、测试SMTP认证
获取账号密码的加密字符串
1
2
3
4
| [iyunv@T-Master-41 postfix]# perl -e 'use MIME::Base64; print encode_base64("username01@ewin.com")'
c2VydmljZTFAZXdvcmtwYWwuY29t
[iyunv@T-Master-41 postfix]# perl -e 'use MIME::Base64; print encode_base64("password")'
ZXdpbmluZm8=
|
邮件发送测试
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
| [iyunv@T-Master-41 postfix]# telnet localhost 25
Trying 127.0.0.1... Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 mail.ewin.com ESMTP Postfix - by ewin.com
ehlo mail.ewin.com
250-mail.ewin.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH LOGIN PLAIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
mail from:username01@ewin.com
250 2.1.0 Ok
rcpt to:xxxxx@qq.com #这里换成你的正常邮箱
554 5.7.1 <xxxxx@qq.com>: Relay access denied #没有登陆,提示访问拒绝
auth login
334 VXNlcm5hbWU6
c2VydmljZTFAZXdvcmtwYWwuY29t #输入用户名加密字符串
334 UGFzc3dvcmQ6
ZXdpbmluZm8= #输入密码加密字符串
235 2.7.0 Authentication successful
rcpt to:xxxxx@qq.com
250 2.1.5 Ok
data
354 End data with <CR><LF>.<CR><LF>
subject:smtp test3
this is test mail3 .!
.
250 2.0.0 Ok: queued as 9E9EC40B0F
quit
221 2.0.0 Bye
Connection closed by foreign host.
|
5、查看日志
1
2
3
4
5
6
7
8
| [iyunv@T-Master-41 postfix]# tail -n 30 /var/log/maillog
Sep 19 19:13:13 T-Master-41 postfix/smtpd[26064]: connect from localhost[::1]
Sep 19 19:14:45 T-Master-41 postfix/smtpd[26064]: 9E9EC40B0F: client=localhost[::1], sasl_method=login, sasl_username=username01@ewin.com
Sep 19 19:15:19 T-Master-41 postfix/cleanup[26183]: 9E9EC40B0F: message-id=<20150919111445.9E9EC40B0F@mail.ewin.com>
Sep 19 19:15:19 T-Master-41 postfix/qmgr[16895]: 9E9EC40B0F: from=<username01@ewin.com>, size=383, nrcpt=1 (queue active)
Sep 19 19:15:22 T-Master-41 postfix/smtpd[26064]: disconnect from localhost[::1]
Sep 19 19:15:24 T-Master-41 postfix/smtp[26193]: 9E9EC40B0F: to=<xxxxx@qq.com>, relay=mail.qq.com[xxx.xx.x.xxx]:25, delay=44, delays=39/0.01/4.1/0.72, dsn=2.6.0, status=sent (250 2.6.0 <20150919111445.9E9EC40B0F@mail.ewin.com> [InternalId=618792] Queued mail for delivery)
Sep 19 19:15:24 T-Master-41 postfix/qmgr[16895]: 9E9EC40B0F: removed
|
6、查看邮箱目录
1
| /home/username01/Maildir
|
|
|
QQ群⑧:
窥视卡
雷达卡
发表于 2016-3-25 09:13:11
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
显身卡