Mail Server 電算中心「2015年全校短期資訊推廣課程」 資管二 A 郭子德 [email protected] 2015/05/17 

課程大綱  簡介 Mail Server  Mail Server 的運作流程  簡單嘗試直接對現有 Mail Server 操作  設定 Mail Server (Postfix)  其他補充 & QA 2 

簡介 Mail Server 3 

郵件伺服器的運作原理  Mail User Agent (MUA) Help user read and compose mails  Mail Transport Agent (MTA) Route mails among machines  Delivery Agent (DA) Place mails in users’ mail boxes  Access Agent (AA) Connects the user agent to the mail  Submission Agent (SA) Route mails to local MTA box using POP or IMAP protocols 4 

郵件伺服器的運作原理  Mail User Agent (MUA) Help user read and compose mails  Mail Transport Agent (MTA) Route mails among machines  Delivery Agent (DA) Place mails in users’ mail boxes  Access Agent (AA) Connects the user agent to the mail  Submission Agent (SA) Route mails to local MTA box using POP or IMAP protocols 5 

Mail Server 的運作流程 6 

Transport Agent (TA)  Route mails among machines  Accept mail from UA, examine the recipients’ addresses, and delivery the mail to the correct host  Protocols  SMTP (Simple Mail Transport Protocol)  RFC 821  ESMTP (Extended SMTP)  RFC 1869, 1870, 1891, 1985  Popular transport agents  sendmail http://www.sendmail.org/  Postfix http://www.postfix.org/ 7 

Transport Agent (TA) 8 

Transport Agent (TA) $ telnet mailserver.domain 25 Trying 192.168.11.1... Connected to mailserver.domain. Escape character is '^]'. 220 mailserver.domain ESMTP Sendmail 8.13.8/8.13.8 HELP 214-2.0.0 This is sendmail version 8.13.8 214-2.0.0 Topics: 214-2.0.0 HELO EHLO MAIL RCPT DATA 214-2.0.0 RSET NOOP QUIT HELP VRFY 214-2.0.0 EXPN VERB ETRN DSN AUTH 214-2.0.0 STARTTLS 214-2.0.0 For more info use "HELP ". 214 2.0.0 End of HELP info HELO mailclient 250 mailserver.domain Hello mailserver.domain [192.168.11.1], pleased to meet you QUIT 221 2.0.0 mailserver.domain closing connection Connection closed by foreign host. 9 

Mail eXchanger (MX)  Where to send the mail?  When you want to send the mail to [email protected], the MTA will:  First, lookup up the mail exchanger of “eating.domain” $ dig mx eating.domain ;; ANSWER SECTON: eating.domain. 7200 IN MX 5 mx2.eating.domain. eating.domain. 7200 IN MX 10 mx1.eating.domain. eating.domain. 7200 IN MX 5 mx3.eating.domain.  If there is any MX records, choose the higher preference(lower MX) one  If this preferred one can not be connected, choose another  If all the MX servers can not be connected (or not available), mail it directly to the host 10 

Mail eXchanger (MX)  Why using “Mail eXchanger”?  We can centralize all the mail tasks to group of servers  Multiple mail exchangers make it more robust 11 

Components of a mail 12 

Components of a mail  Three major components  The envelope  Invisible to users  Determine where the message should be delivered, or to whom it  The headers  Information about the messages, defined in RFC822 should be returned  From, To, Date, Time, MTA, ...  The message body  Plain text only  Various MIME contents are encoded as printable characters using radix-64 algorithm 13 The Letter 

Mail Headers  Defined by RFC822 which is obsoleted by RFC2822  Mail reader will hide some uninteresting header information 14 Date: Wed, 18 Apr 2007 14:05:04 +0800 From: 肚子好餓 Subject: 好想吃東西 To: 換樂頌 User-Agent: Mutt/1.5.15 (2007-04-06) 我好想吃東西噢 

Mail Headers From [email protected] Wed Apr 18 14:07:21 2007 Return-Path: X-Original-To: [email protected] Delivered-To: [email protected] Received: from eating.domain (localhost [127.0.0.1]) by food.org (8.13.8/8.13.8) with ESMTP id l3I654P3060925 for ; Wed, 18 Apr 2007 14:05:04 +0800 (CST) (envelope-from [email protected]) Received: (from wanna@localhost) by eating.domain (8.13.8/8.13.8/Submit) id l3I654AY060924 for [email protected]; Wed, 18 Apr 2007 14:05:04 +0800 (CST) (envelope-from wanna) Date: Wed, 18 Apr 2007 14:05:04 +0800 From: =?utf-8?B?...?= To: =?utf-8?B?...?= Subject: =?utf-8?B?...?= Message-ID: <20070418060503.GA60903@[email protected]> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit User-Agent: Mutt/1.5.15 (2007-04-06) Status: RO Content-Length: 23 Lines: 1 我好想吃東西噢 15 

Mail Headers  Example  User “eric” on “knecht.sendmail.org” sends a email to user “evi” on “anchor.cs.colorado.edu”  % dig mx anchor.cs.colorado.edu  mroe.cs.colorado.edu 16 

Mail Headers  Headers in this example  From [email protected]  Added by mail.local when the mail is put in user’s mailbox  Used to separate message boundary  Return-Path: [email protected]  Used to send the error message to this address  May be different to the “From” address  Received: from knecht.sendmail.org (localhost [127.0.0.1]) by knecht.sendmail.org (8.9.3/8.9.2) with ESMTP id GAA18984; Fri 1 Oct 1999 06:04:02 -800 (PST)  Every machine that is ever processed this mail will add a “Received” record in top of headers  Sending machine  Receiving machine  Version of sendmail in receiving machine  Message unique identifier in receiving machine  Date and time 17 

Mail Headers  Received: from anchor.cs.colorado.edu (anchor.cs.colorado.edu [128.138.242.1]) by columbine.cs.colorado.edu (8.9.3/8.9.2) with ESMTP id HAA21741 for ; Fri, 1 Oct 1999 07:04:25 -0700 (MST)  Received: from mroe.cs.colorado.edu (mroe.cs.colorado.edu [128.138.243.1]) by anchor.cs.colorado.edu (8.9.3/8.9.2) with ESMTP id HAA26176 for ; Fri, 1 Oct 1999 07:04:24 -0700 (MST)  Received: from knecht.sendmail.org (knecht.sendmail.org [209.31.233.160]) by mroe.cs.colorado.edu (8.9.3/8.9.2) with ESMTP id HAA09899 for ; Fri, 1 Oct 1999 07:04:23 -700 (MST)  Received: from knecht.sendmail.org (localhost [127.0.0.1]) by knecht.sendmail.org(8.9.3/8.9.2) with ESMTP id GAA18984; Fri 1 Oct 1999 06:04:02 -800 (PST) 18 

Mail Headers  Message-Id: <[email protected])  Add by sender’s MTA  X-Mailer: exmh version 2.0.2 2/24/98  MUA  Non-standard header information  To: Evi Nemeth  Subject: Re: hi  Date: Fri, 1 Oct 1999 06:04:02 -800 19 

直接對 Mail Server 操作 20 

安裝軟體  安裝 telnet 來連線 SMTP  $ yum install telnet  安裝 postfix 來架設 Mail Server  $ yum install postfix 21 

連線 SMTP $ telnet localhost 25 Trying ::1... Connected to localhost Escape character is ‘^]’. 220 mail.localdomain ESMTP Postfix 22 SMTP port 

連線 SMTP $ telnet localhost 25 Trying ::1... Connected to localhost Escape character is ‘^]’. 220 mail.localdomain ESMTP Postfix HELO localhost 250 mail.localdomain 23 表明身份 

連線 SMTP HELO localhost 250 mail.localdomain MAIL FROM: Diana@localhost 250 2.1.0 Ok 24 寄件者 

連線 SMTP HELO localhost 250 mail.localdomain MAIL FROM: Diana@localhost 250 2.1.0 Ok RCPT TO: [email protected] 250 2.1.5 Ok 25 收件者 

連線 SMTP RCPT TO: [email protected] 250 2.1.5 Ok DATA 354 End data with . This is a testing mail. . 250 2.0.0 Ok: queued as EBD0C81AC179 26 以<換行>.<換行>做為結尾 

連線 SMTP DATA 354 End data with . This is a testing mail. . 250 2.0.0 Ok: queued as EBD0C81AC179 QUIT 221 2.0.0 Bye Connection closed by foreign host. 27 

檢查送信狀況 $ cat /var/log/maillog Apr 10 17:31:54 Mail postfix/smtpd[10636]: connect from localhost[::1] Apr 10 17:31:54 Mail postfix/smtpd[10636]: EBD0C81AC179: client=localhost[::1] Apr 10 17:31:54 Mail postfix/sqmgr[2489]: EBD0C81AC179: from=, size=320, nrcpt=1 (queue active) Apr 10 17:31:54 Mail postfix/smtpd[10636]: EBD0C81AC179: [email protected], relay=aspmx.l.google.com[74.125.23.26]:25, delay=154, delays=152/0.05/1.1/0.61, dsn=2.0.0, status=sent (250 2.0.0 OK 1428658714 bz13si2207119pdb.6 – gsmtp) Apr 10 17:31:54 Mail postfix/qmgr[2489]: EBD0C81AC179: removed 28 

檢查送信狀況 $ dig MX davy.tw ... ;; ANSWER SECTION: davy.tw. 284 IN MX 30 aspmx2.googlemail.com. davy.tw. 284 IN MX 20 alt2.aspmx.l.google.com. davy.tw. 284 IN MX 10 aspmx.l.google.com. davy.tw. 284 IN MX 30 aspmx3.googlemail.com. davy.tw. 284 IN MX 20 alt1.aspmx.l.google.com. ... 29 

查看結果 30 

查看結果 Delivered-To: [email protected] Received: by 10.202.204.2 with SMTP id c2csp963114oig; Fri, 10 Apr 2015 02:38:35 -0700 (PDT) X-Received: by 10.66.137.98 with SMTP id qh2mr1198888pab.76.1428658714365; Fri, 10 Apr 2015 02:38:34 -0700 (PDT) Return-Path: Received: from Diana.localdomain (96-203.dorm.ncu.edu.tw. [140.115.203.96]) by mx.google.com with ESMTP id bz13si2207119pdb.6.2015.04.10.02.38.33 for ; Fri, 10 Apr 2015 02:38:34 -0700 (PDT) Received-SPF: none (google.com: [email protected] does not designate permitted sender hosts) client-ip=140.115.203.96; Authentication-Results: mx.google.com; spf=none (google.com: [email protected] does not designate permitted sender hosts) [email protected] Received: from localhost (localhost [IPv6:::1]) by Diana.localdomain (Postfix) with SMTP id EBD0C81AC179 for ; Fri, 10 Apr 2015 17:36:00 +0800 (CST) Message-Id: <[email protected]> Date: Fri, 10 Apr 2015 17:36:00 +0800 (CST) From: [email protected] GOOD GOOD 31 

設定 Mail Server (Postfix) 32 

Postfix 設定檔 $ vim /etc/postfix/main.cf 33 

Postfix 設定檔 $ vim /etc/postfix/main.cf inet_interfaces = all myhostname = mail.eating.domain mydomain = eating.domain mydestination = $myhostname, localhost.$mydomain, localhost relay_domains = $mydestination 34 

Postfix 設定檔 $ vim /etc/postfix/main.cf inet_interfaces = all myhostname = mail.eating.domain mydomain = eating.domain mydestination = $myhostname, localhost.$mydomain, localhost relay_domains = $mydestination 35 / 搜尋 

Postfix 設定檔 $ vim /etc/postfix/main.cf inet_interfaces = all myhostname = mail.eating.domain mydomain = eating.domain mydestination = $myhostname, localhost.$mydomain, localhost relay_domains = $mydestination 36 / 搜尋 聽取所有連線 本機的 domain name (FQDN) 主要的 domain name 

Postfix 設定檔 $ vim /etc/postfix/main.cf inet_interfaces = all myhostname = mail.eating.domain mydomain = eating.domain mydestination = $myhostname, localhost.$mydomain, localhost relay_domains = $mydestination 37 / 搜尋 聽取所有連線 mail.ip-XX.nos.ncu.cc ip-XX.nos.ncu.cc 

Postfix 設定檔  myhostname  myhostname = mail.eating.domain  If un-specified, postfix will use ‘hostname’ command  mydomain  mydomain = eating.domain  If un-specified, postfix use myhostname minus the first component  mydestination  List all the domains that postfix should accept for local delivery  mydestination = $myhostname, localhost.$mydomain, $mydomain  This is the situation that mx will route mail to mailgate  mydestination = $myhostname, localhost.$mydomain 38 

Postfix 設定檔  Open relay  A mail server that permit anyone to relay mails  By default, postfix is not an open relay  A mail server should  Relay mail for trusted user  Relay mail for trusted domain 39 

Postfix 設定檔  Restricting relay access by mynetworks_style  mynetworks_style = subnet  Allow relaying from other hosts in the same subnet  mynetworks_style = host  Allow relaying for only local machine  mynetworks_style = class  Any host in the same class A, B or C  Restricting relay access by mynetworks  List individual IP or subnets in network/netmask notation  Ex: in /etc/postfix/mynetworks  127.0.0.0/8  140.115.0.0/16  10.113.0.0/16  Relay depends on what kind of your mail server is 40 

Postfix 設定檔  systemctl restart postfix  firewall-cmd --permanent --add-service=smtp  firewall-cmd --reload 41 

Postfix 設定檔  systemctl restart postfix  firewall-cmd --permanent --add-service=smtp  firewall-cmd --reload 42 防火牆放行 

連線 SMTP $ telnet localhost 25 Trying ::1... Connected to localhost Escape character is ‘^]’. 220 mail.eating.domain ESMTP Postfix 43 

連線 SMTP HELO localhost 250 mail.eating.domain MAIL FROM: [email protected]. 250 2.1.0 Ok RCPT TO: [email protected] 250 2.1.5 Ok 44 

連線 SMTP DATA 354 End data with . To: Davy From: Eating Subject: SMTP Example This is a testing mail. . 250 2.0.0 Ok: queued as EBD0C81AC189 QUIT 221 2.0.0 Bye Connection closed by foreign host. 45 

DATA 354 End data with . To: Davy From: Eating Subject: SMTP Example This is a testing mail. . 250 2.0.0 Ok: queued as EBD0C81AC189 QUIT 221 2.0.0 Bye Connection closed by foreign host. 連線 SMTP 46 Body Header 

查看結果 47 

查看結果 Delivered-To: [email protected] Received: by 10.202.204.2 with SMTP id c2csp1116258oig; Fri, 10 Apr 2015 07:22:22 -0700 (PDT) X-Received: by 10.68.191.101 with SMTP id gx5mr3106199pbc.148.1428675741997; Fri, 10 Apr 2015 07:22:21 -0700 (PDT) Return-Path: Received: from mail.eating.domain (96-203.dorm.ncu.edu.tw. [140.115.203.96]) by mx.google.com with ESMTP id bu2si3146086pbb.177.2015.04.10.07.22.21 for ; Fri, 10 Apr 2015 07:22:21 -0700 (PDT) Received-SPF: none (google.com: [email protected] does not designate permitted sender hosts) client-ip=140.115.203.96; Authentication-Results: mx.google.com; spf=none (google.com: [email protected] does not designate permitted sender hosts) [email protected] Received: from localhost (localhost [IPv6:::1]) by mail.eating.domain (Postfix) with SMTP id 5125A81AABD9 for ; Fri, 10 Apr 2015 22:21:27 +0800 (CST) To: Davy From: Eating Subject: SMTP Example Message-Id: <[email protected]> Date: Fri, 10 Apr 2015 22:21:27 +0800 (CST) This is a testing mail. 48 

收信？ 49 

收信？ HELO localhost 250 mail.eating.domain MAIL FROM: [email protected]. 250 2.1.0 Ok RCPT TO: davy 250 2.1.5 Ok 50 

DATA 354 End data with . This is a testing mail. . 250 2.0.0 Ok: queued as EBD0C81AD159 QUIT 221 2.0.0 Bye Connection closed by foreign host. 收信？ 51 

收信？ $ mail Heirloom Mail version 12.5 7/5/10. Type ? for help. “/var/spool/mail/davy”: 1 message > 1 [email protected] Fri Apr 10 22:05 14/467 52 

& 1 Message 1: From [email protected] Fri Apr 10 22:05:34 2015 Return-Path: X-Original-To: davy Delibered-To: [email protected] Date: Fri, 10 Apr 2015 22:05:21 +0800 (CST) From: [email protected] Status: RO This is a testing mail. 收信？ 53 

收信？ & d 刪除信件 & q 離開收件軟體 $ 54 

資料來源 55 

 《鳥哥的 Linux 私房菜》第二十二章、郵件伺服器： Postfix  http://linux.vbird.org/linux_server/0380mail.php  Send a test mail using Telnet  https://workaround.org/ispmail/lenny/test-mail-through- telnet  交通大學 2014 計算機網路管理教材  無法取得 56 

QA 57