dovecot+mysql空壳邮件iptables如何操作
发布时间:2023-09-14 15:27:46 所属栏目:MySql教程 来源:
导读:groupadd -g 666 vmail
useradd -s /sbin/nologin -u 666 vmail -g 666
#############dovecot+mysql##################
1
yum install dovecot-mysql.x86_64 -y
#dovecot-mysql dovecot软件的插
useradd -s /sbin/nologin -u 666 vmail -g 666
#############dovecot+mysql##################
1
yum install dovecot-mysql.x86_64 -y
#dovecot-mysql dovecot软件的插
|
groupadd -g 666 vmail useradd -s /sbin/nologin -u 666 vmail -g 666 #############dovecot+mysql################## 1 yum install dovecot-mysql.x86_64 -y #dovecot-mysql dovecot软件的插件,让此软件可以识别mysql 2 vim /etc/dovecot/dovecot.conf 24 protocols = imap pop3 lmtp #支持收件协议 48 login_trusted_networks = 0.0.0.0/0 #信任网络 49 disable_plaintext_auth = no #开启明文认证 vim /etc/dovecot/conf.d/10-auth.conf 123 !include auth-sql.conf.ext #开启mysql的认证方式 dovecot+mysql空壳邮件iptables如何设置 #生成dovecot读取mysql的配置 cp /usr/share/doc/dovecot-2.2.10/example-config/dovecot-sql.conf.ext /etc/dovecot/dovecot-sql.conf.ext vim /etc/dovecot/dovecot-sql.conf.ext 32 driver = mysql #数据库类型 71 connect = host=localhost dbname=email user=postuser password=postuser #查询时用到的信息 78 default_pass_scheme = PLAIN #默认认证方式为明文 107 password_query = \ #查询密码匹配 108 SELECT username, domain, password \ ##查询用户,域名,密码 109 FROM emailuser WHERE username = '%u' AND domain = '%d' ##从emailuser表中查询 125 user_query = SELECT maildir, 666 AS uid, 666 AS gid FROM emailuser WHERE use rname = '%u' ##查询邮件内部内容 vim /etc/dovecot/conf.d/10-mail.conf 30 mail_location = maildir:/home/vmail/%d/%n #指定邮件位置 168 first_valid_uid = 666 #邮件文件查询用户身份 175 first_valid_gid = 666 systemctl restart dovecot systemctl status httpd.service systemctl status mariadb.service systemctl status firewalld 测试 yum install telnet -y [root@westos-mail ~]# telnet 172.25.254.117 110 Trying 172.25.254.117... Connected to 172.25.254.117. Escape character is '^]'. +OK [XCLIENT] Dovecot ready. user jia@jia.com #建立表中的用户名 +OK pass jia #建立表中的密码(可在网页上查看) +OK Logged in. quit +OK Logging out. Connection closed by foreign host. ################空壳邮件################## reset 217 配置eth0 yum hostnamectl set-hostname nullmail.example.com 1 vim /etc/postfix/main.cf 75 myhostname = nullmail.example.com 83 mydomain = example.com 99 myorigin = westos.com # 设置为真实的主机域名 113 inet_interfaces = all 164 mydestination = ##空壳邮件不接受邮件,所以不设置 316 relayhost = 172.25.254.117 ##接替的真实主机的IP systemctl restart postfix.service 测试 217 [root@nullmail ~]# mail root Subject: 345 2 . EOT [root@nullmail ~]# mailq Mail queue is empty 117 [root@westos-mail ~]# mail Heirloom Mail version 12.5 7/5/10. Type ? for help. "/var/spool/mail/root": 3 messages 2 unread >U 1 Mail Delivery System Wed May 31 04:15 73/2309 "Undelivered Mail Retu" 2 root Wed May 31 10:07 22/752 "fdsf" U 3 root Wed May 31 10:09 22/750 "345" & 3 Message 3: From root@westos.com Wed May 31 10:09:02 2017 Return-Path: <root@westos.com> X-Original-To: root@westos.com Delivered-To: root@westos.com Date: Wed, 31 May 2017 10:09:03 -0400 To: root@westos.com Subject: 345 User-Agent: Heirloom mailx 12.5 7/5/10 Content-Type: text/plain; charset=us-ascii From: root@westos.com (root) Status: RO ##################iptables################### iptables是一个工作于用户空间的防火墙应用软件 三表五链 filter表 mangle表 nat表 INPUT链 OUTPUT链 FORWARD链 PREROUTING链 POSTROUTING链 reset 117,217 systemctl stop firewalld systemctl disable firewalld 117 双网卡 217 IPADDR=172.25.0.217 PREFIX=24 GATEWAY=172.25.0.117 iptables -t ##指定表名称 -n ##不做解析 -L ##列出指定表中的策略 -A ##增加策略 -p ##网络协议 --dport ##端口 -s ##数据来源 -j ##动作 ACCEPT ##允许 REJECT ##拒绝 DROP##丢弃 -N ##增加链 -E ##修改链名称 -X ##删除链 -D ##删除指定策略 -I ##插入 -R ##修改策略 -P ##修改默认策略 dovecot+mysql空壳邮件iptables如何设置 iptables -t filter -nL #查看filter表中的策略 Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination iptables -F #刷掉filter表中的所有策略,当没有用-t指定表名称时默认是filter service iptables save #保存当前策略 iptables: Saving firewall rules to /etc/sysconfig/iptables:[ OK ] iptables -A INPUT -i lo -j ACCEPT #允许lo iptables -A INPUT -p tcp --dport 22 -j ACCEPT #允许访问22 端口 iptables -A INPUT -s 172.25.254.250 -j ACCEPT #允许250主机访问 iptables -A INPUT -j REJECT #拒绝所有主机的数据来源 iptables -N redhat #增加链redhat iptables -E redhat westos #改变链名称 iptables -X westos #删除westos链 iptables -D INPUT 2 #删除INPUT链中的第二条策略 iptables: Index of deletion too big. iptables -I INPUT -p tcp --dport 80 -j REJECT #插入策略到INPUT中的第一条 iptables -R INPUT 1 -p tcp --dport 80 -j ACCEPT #修改第一条策略 iptables -P INPUT DROP #把INPUT表中的默认策略改为drop iptables -P INPUT ACCEPT #把INPUT表中的默认策略改为accept dovecot+mysql空壳邮件iptables如何设置 提高访问速度,缓解访问压力方法 iptables -A INPUT -i lo -m state --state NEW -j ACCEPT ##允许回环接口访问 iptables -A INPUT -p tcp --dport 22 -m state --state NEW -j ACCEPT ##允许状态是NEW访问22端口 iptables -A INPUT -p tcp --dport 80 -m state --state NEW -j ACCEPT ##允许访状态是NEW问80端口 [iptables -A INPUT -p tcp --dport 443 -m state --state NEW -j ACCEPT ##允许访状态是NEW问443端口 iptables -A INPUT -p tcp --dport 53 -m state --state NEW -j ACCEPT ##允许访状态是NEW问53端口 iptables -A INPUT -j REJECT ##拒绝所有主机数据来源 sysctl -a | grep forward ##查看forward状态 net.ipv4.ip_forward = 0 vim /etc/sysctl.conf ##开启内核路由 net.ipv4.ip_forward = 1 sysctl -p ##使生效 iptables -t nat -A PREROUTING -i eth0 -j DNAT --to-dest 172.25.0.117 ####进入路由设置 iptables -t nat -A PREROUTING -o eth0 -j SNAT --to-source 172.25.254.117 ####出路由设置 ##eth0为0网段的网卡 (编辑:聊城站长网) 【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容! |
推荐文章
站长推荐
