📄 1413.html
字号:
</TD>
<TD rowSpan=2><IMG src="images/header_r1_c7.gif" tppabs="http://www.linuxhero.com/docs/images/header_r1_c7.gif" width=26 border=0 name=header_r1_c7></TD>
<TD><IMG height=83 src="images/spacer.gif" tppabs="http://www.linuxhero.com/docs/images/spacer.gif" width=1 border=0></TD></TR>
<TR>
<TD background="images/bgline.gif" tppabs="http://www.linuxhero.com/docs/images/bgline.gif"><IMG height=22
src="images/header_r2_c1.gif" tppabs="http://www.linuxhero.com/docs/images/header_r2_c1.gif" width=296 border=0
name=header_r2_c1></TD>
<TD background="images/bgline.gif" tppabs="http://www.linuxhero.com/docs/images/bgline.gif" colSpan=5>
<DIV align=right><FONT class=normalfont>当前位置:
<A href="index.html" tppabs="http://www.linuxhero.com/docs/index.html">本站首页</A>
<font color="#FF6699">>></font>
<A href="type19.html" tppabs="http://www.linuxhero.com/docs/type19.html">email</A> | <A href="copyright.html" tppabs="http://www.linuxhero.com/docs/copyright.html">版权说明</A></font></DIV>
</TD>
<TD><IMG height=22 src="images/spacer.gif" tppabs="http://www.linuxhero.com/docs/images/spacer.gif" width=1
border=0></TD></TR></TBODY></TABLE>
<TABLE cellSpacing=10 cellPadding=0 width="100%" bgColor=#ffffff
border=0>
<TR>
<TD>
<TABLE cellSpacing=0 cellPadding=3 width="100%" border=0>
<TR>
<TD vAlign=top align=middle width="60%">
<TABLE cellSpacing=0 cellPadding=0 width="100%"
background="images/back.gif" tppabs="http://www.linuxhero.com/docs/images/back.gif" border=0>
<TBODY>
<TR>
<TD vAlign=top width="80%">
<DIV align=center>
<FORM action="search.html" tppabs="http://www.linuxhero.com/docs/search.html" method=get>
</FORM>
<TABLE cellSpacing=0 cellPadding=0 width="95%"
border=0><TBODY>
<TR>
<TD background="images/bgi.gif" tppabs="http://www.linuxhero.com/docs/images/bgi.gif"
height=30></TD></TR></TBODY></TABLE>
<TABLE cellSpacing=0 cellPadding=3 width="95%"
align=center border=0>
<TBODY>
<TR>
<TD>
<TABLE cellSpacing=0 cellPadding=3 width="100%"
border=0>
<TBODY>
<TR>
<TD vAlign=top>
<p><FONT class=normalfont><B><font color=blue>Redhat7.1下的Sendmail SASL认证的实现</font></B></FONT><BR><FONT class=smallfont color=#ff9900>2004-04-23 15:18 pm</FONT><BR><FONT class=normalfont>作者:作者<br>来自:Linux知识宝库<br>联系方式:无名<br><br>一: 本文目的 <br>
<br>
利用RedHat 7.1中的默认配置方便地设置一台利用SASL库进行用户名和密码认证的SMTP服务器, <br>
以允许外面的用户以用户名和密码认证来relay邮件。 <br>
<br>
二: 网络系统 <br>
Redhat 7.1 <br>
__________ <br>
| | <br>
| SMTP | <br>
| Server |smtp.domain.com <br>
________ |_________| (1.2.3.4) <br>
Intranet | | | ________ <br>
_________________|Firewall|_____________|____________| Router|____Internet <br>
| | |_______| <br>
|________| <br>
<br>
公司域名 : domain.com <br>
用来认证的SMTP服务器全称域名: smtp.domain.com <br>
<br>
三: 为什么要这样用? <br>
<br>
假设上面的公司有专线接入Internet, 且在其它城市有多个分支机构, 公司有统一的域名 <br>
domain.com,所有员工的邮件地址类似如staffname@domain.com。 但是分支机构大多数没 <br>
有专线接入,用ISDN或者普通拨号方式入网, 并且越来越多的ISP不允许以非ISP的邮件地址 <br>
域名后缀发送邮件, 即使你是他们的拨号用户。 <br>
<br>
还有一种情况是移动用户,经常地,公司派遣用户在外出差旅行期间,用户需要发送邮件, <br>
则也同样需要一种认证方案去允许正确的用户relay邮件。 <br>
<br>
现在我们考虑做公司自己内部的邮件relay系统。 <br>
<br>
就是设置一台SMTP服务器在防火墙之外,安装Redhat 7.1,选择‘服务器系统’方式安装所有 <br>
需要的包,然后设置Sendmail,配置一台基于SASL的用户名和密码认证的邮件服务器,以relay <br>
自己公司的员工的邮件。 <br>
<br>
四: 配置Sendmail <br>
<br>
1. 选择‘服务器系统’安装Redhat 7.1 <br>
<br>
2. 进入目录 /usr/share/sendmail-cf/cf 。 <br>
如果你没有该目录,说明你还没有安装sendmail-cf-8.11.2-14 RPM包,从你的安装CD中安装它。 <br>
<br>
3. 修改文件redhat.mc如下 <br>
<br>
divert(-1) <br>
dnl This is the sendmail macro config file. If you make changes to this file, <br>
dnl you need the sendmail-cf rpm installed and then have to generate a <br>
dnl new /etc/sendmail.cf by running the following command: <br>
dnl <br>
dnl m4 /etc/mail/sendmail.mc > /etc/sendmail.cf <br>
dnl <br>
include(`../m4/cf.m4') <br>
VERSIONID(`linux setup for Red Hat Linux')dnl <br>
OSTYPE(`linux') <br>
define(`confDEF_USER_ID',``8:12'')dnl <br>
undefine(`UUCP_RELAY')dnl <br>
undefine(`BITNET_RELAY')dnl <br>
define(`confAUTO_REBUILD')dnl <br>
define(`confTO_CONNECT', `1m')dnl <br>
define(`confTRY_NULL_MX_LIST',true)dnl <br>
define(`confDONT_PROBE_INTERFACES',true)dnl <br>
define(`PROCMAIL_MAILER_PATH',`/usr/bin/procmail')dnl <br>
define(`ALIAS_FILE', `/etc/aliases')dnl <br>
define(`STATUS_FILE', `/var/log/sendmail.st')dnl <br>
define(`UUCP_MAILER_MAX', `2000000')dnl <br>
define(`confUSERDB_SPEC', `/etc/mail/userdb.db')dnl <br>
define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl <br>
define(`confAUTH_OPTIONS', `A')dnl <br>
define(QUEUE_DIR,`/var/spool/mqueue/q*') <br>
TRUST_AUTH_MECH(`DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl <br>
define(`confAUTH_MECHANISMS', `DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl <br>
DAEMON_OPTIONS(`Port=25,Name=MTA')dnl <br>
DAEMON_OPTIONS(`Port=587,Name=MSA,M=Ea')dnl <br>
dnl define(`confTO_QUEUEWARN', `4h')dnl <br>
dnl define(`confTO_QUEUERETURN', `5d')dnl <br>
dnl define(`confQUEUE_LA', `12')dnl <br>
dnl define(`confREFUSE_LA', `18')dnl <br>
dnl FEATURE(delay_checks)dnl <br>
FEATURE(`no_default_msa',`dnl')dnl <br>
FEATURE(`smrsh',`/usr/sbin/smrsh')dnl <br>
FEATURE(`mailertable',`hash -o /etc/mail/mailertable')dnl <br>
FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable')dnl <br>
FEATURE(redirect)dnl <br>
FEATURE(always_add_domain)dnl <br>
FEATURE(use_cw_file)dnl <br>
FEATURE(use_ct_file)dnl <br>
FEATURE(local_procmail)dnl <br>
FEATURE(`access_db')dnl <br>
FEATURE(`blacklist_recipients')dnl <br>
EXPOSED_USER(`root')dnl <br>
dnl This changes sendmail to only listen on the loopback device 127.0.0.1 <br>
dnl and not on any other network devices. Comment this out if you want <br>
dnl to accept email over the network. <br>
dnl DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA') <br>
dnl We strongly recommend to comment this one out if you want to protect <br>
dnl yourself from spam. However, the laptop and users on computers that do <br>
dnl not have 24x7 DNS do need this. <br>
dnl FEATURE(`accept_unresolvable_domains')dnl <br>
dnl FEATURE(`relay_based_on_MX')dnl <br>
MAILER(smtp)dnl <br>
MAILER(procmail)dnl <br>
<br>
其中,我加了下面的行: <br>
<br>
1. define(QUEUE_DIR,`/var/spool/mqueue/q*') <br>
2. TRUST_AUTH_MECH(`DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl <br>
3. define(`confAUTH_MECHANISMS', `DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl <br>
4. DAEMON_OPTIONS(`Port=25,Name=MTA')dnl <br>
5. DAEMON_OPTIONS(`Port=587,Name=MSA,M=Ea')dnl <br>
<br>
注: <br>
<br>
第1行 我启动了多个邮件队列,希望得到更好的队列处理和性能改进。 <br>
第2,3行 移走前面的注释,打开相应的各种认证机制。 <br>
第4,5行 设置相应的MTA和MSA所在的端口号。 <br>
<br>
<br>
且注释出了 <br>
1. dnl DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA') <br>
2. dnl FEATURE(`accept_unresolvable_domains')dnl <br>
<br>
第1行 允许通过网络连接Sendmail。 <br>
第2行 禁止不可解析的域名relay邮件 <br>
<br>
最后运行 <br>
<br>
#m4 /etc/mail/sendmail.mc > /etc/sendmail.cf <br>
写到/etc/sendmail.cf文件中 <br>
<br>
<br>
既然我们打开了多个队列,现在我们在/var/spool/mqueue/下创建任意多个队列目录如 <br>
<br>
#cd /var/spool/mqueue <br>
#mkdir q1 q2 q3 q4 q5 q6 <br>
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -