Saita Sabis na Imel (SMTP, Taimako da Taswira) da Ƙuntata Samun SMTP - Kashi na 7
A LFCE (Linux Foundation Certified Engineer) ƙwararren ƙwararren ƙwararren ƙwararren ne wanda ke da ƙwarewar shigarwa, sarrafawa, da magance ayyukan cibiyar sadarwa a cikin tsarin Linux, kuma shine ke kula da ƙira, aiwatarwa da ci gaba da kiyaye tsarin gine-ginen tsarin da gudanar da mai amfani.
Gabatar da Shirin Takaddar Gidauniyar Linux.
A cikin koyaswar da ta gabata mun tattauna yadda ake shigar da abubuwan da suka dace na sabis na wasiku. Idan har yanzu ba ku shigar da Postfix da Dovecot ba tukuna, da fatan za a koma zuwa Sashe na 1 na wannan jerin don umarnin yin haka kafin ci gaba.
- Shigar da Sabar Saƙon Postfix da Dovecot – Kashi na 1
A cikin wannan sakon, zan nuna muku yadda ake daidaita sabar saƙon ku da yadda ake aiwatar da ayyuka masu zuwa:
- Shigar da laƙabi na imel
- Shigar da sabis na IMAP da IMAPS
- Shigar da sabis na smtp
- Ƙuntata shiga uwar garken smtp
Lura: Cewa saitin namu zai rufe sabar saƙon kawai don cibiyar sadarwar yanki inda injinan ke yanki ɗaya. Aika saƙonnin imel zuwa wasu yankuna na buƙatar saiti mai rikitarwa, gami da ƙarfin ƙudurin sunan yanki, wanda bai wuce iyakokin takaddun shaida na LFCE.
Amma da farko, bari mu fara da ƴan ma'anoni.
Abubuwan da Aika Wasiku, Sufuri da Tsarin Isarwa
Hoton da ke gaba yana kwatanta tsarin jigilar imel ɗin farawa daga mai aikawa har saƙon ya isa akwatin saƙon mai karɓa:
Don yin hakan, abubuwa da yawa suna faruwa a bayan fage. Domin isar da saƙon imel daga aikace-aikacen abokin ciniki (kamar Thunderbird, Outlook, ko sabis na saƙon gidan yanar gizo kamar Gmail ko Yahoo! Mail) zuwa sabar saƙon sa/ta daga can zuwa uwar garken inda aka nufa kuma a ƙarshe zuwa ga mai karɓar sa. , Dole ne sabis na SMTP (Simple Mail Transfer Protocol) ya kasance a wurin kowace sabar.
Lokacin magana game da sabis na imel, za ku sami waɗannan sharuɗɗan da aka ambata sau da yawa:
MTA (gajeren Mail ko Agent Transport), wato mail relay, software ce da ke kula da isar da saƙon imel daga uwar garken. zuwa abokin ciniki (da sauran hanyar kusa da). A cikin wannan jerin, Postfix yana aiki azaman MTA.
MUA, ko Agent User Mail, shirin kwamfuta ne da ake amfani da shi don samun dama da sarrafa akwatunan saƙon imel na mai amfani. Misalan MUA sun haɗa da, amma ba'a iyakance su ba, Thunderbird, Outlook, da mu'amalar saƙon gidan yanar gizo kamar Gmail, Outlook.com, don suna kaɗan. A cikin wannan silsilar, za mu yi amfani da Thunderbird a cikin misalan mu.
MDA (gajeren Saƙon ko Wakilin Isar da Wasiku) shine ɓangaren software wanda a zahiri ke isar da saƙonnin imel zuwa akwatunan saƙo na mai amfani. A cikin wannan koyawa, za mu yi amfani da Dovecot azaman MDA. Dovecot kuma zai kula da amincin mai amfani.
Domin wadannan sassan su sami damar yin magana da juna, dole ne su yi magana iri daya harshen (ko yarjejeniya), wato SMTP (Simple Mail Transfer Protocol. yanayin uwar garken.
Sauran ka’idojin da ya kamata mu yi la’akari da su su ne IMAP4 (Ƙa'idar Samun Saƙon Intanet), wanda ke ba da damar sarrafa saƙonnin imel kai tsaye a kan uwar garke ba tare da sauke su zuwa rumbun kwamfutarka na abokinmu ba. , da POP3 (Post Office Protocol), wanda ke ba da damar saukar da saƙonni da manyan fayiloli zuwa kwamfutar mai amfani.
Yanayin gwajin mu shine kamar haka:
Mail Server OS : Debian Wheezy 7.5 IP Address : 192.168.0.15 Local Domain : example.com.ar User Aliases : [email is aliased to [email and [email
Mail Client OS : Ubuntu 12.04 IP Address : 192.168.0.103
A kan abokin ciniki, mun kafa ƙudurin DNS na farko yana ƙara layi mai zuwa zuwa fayil ɗin /etc/hosts.
192.168.0.15 example.com.ar mailserver
Ƙara Laƙabin Imel
Ta hanyar tsoho, saƙon da aka aika zuwa takamaiman mai amfani yakamata a isar da shi ga mai amfani kawai. Koyaya, idan kuna son isar da shi ga ƙungiyar masu amfani kuma, ko ga wani mai amfani daban, kuna iya ƙirƙirar wasiƙar wasiƙa ko amfani da ɗaya daga cikin waɗanda ke cikin /etc/postfix/aliases , bin wannan syntax:
user1: user1, user2
Don haka, imel ɗin da aka aika zuwa ga user1 za a kuma isar da su ga user2. Lura cewa idan kun bar kalmar user1 bayan hanjin, kamar a ciki
user1: user2
saƙonnin da aka aika zuwa user1 za a aika zuwa ga user2 kawai, ba ga user1 ba.
A cikin misalin da ke sama, user1 da user2 yakamata su kasance akan tsarin. Kuna iya komawa zuwa Sashe na 8 na jerin LFCS idan kuna buƙatar sabunta ƙwaƙwalwar ajiyar ku kafin ƙara sabbin masu amfani.
- Yadda ake Ƙara da Sarrafa Masu Amfani/Ƙungiyoyi a cikin Linux
- 15 Umarni don Ƙara Masu amfani a cikin Linux
A cikin takamaiman yanayin mu, za mu yi amfani da laƙabi mai zuwa kamar yadda aka yi bayani a baya (ƙara layin mai zuwa a /etc/aliases).
sysadmin: gacanepa, jdoe
Kuma gudanar da umarni mai zuwa don ƙirƙira ko sabunta teburin neman laƙabi.
postalias /etc/postfix/aliases
Don haka za a isar da saƙon da aka aika zuwa [email kare] zuwa akwatin saƙo na masu amfani da aka jera a sama.
Ana saita Postfix - Sabis na SMTP
Babban fayil ɗin daidaitawa don Postfix shine /etc/postfix/main.cf. Kuna buƙatar saita ƴan sigogi kawai kafin samun damar amfani da sabis na saƙo. Koyaya, yakamata ku saba da cikakkun sigogin daidaitawa (wanda za'a iya jera su tare da man 5 postconf) don saita amintaccen sabar saƙon da aka keɓancewa.
Lura: Wannan koyawa ya kamata kawai ya fara farawa a cikin wannan tsari kuma baya wakiltar cikakken jagora akan ayyukan imel tare da Linux.
Bude fayil ɗin /etc/postfix/main.cf tare da zaɓin editan ku kuma yi canje-canje kamar yadda aka bayyana.
# vi /etc/postfix/main.cf
1. myorigin yana ƙayyade yankin da ke bayyana a cikin saƙonnin da aka aika daga uwar garken. Kuna iya ganin fayil ɗin /etc/mailname da aka yi amfani da shi tare da wannan sigar. Jin kyauta don gyara shi idan an buƙata.
myorigin = /etc/mailname
Idan aka yi amfani da ƙimar da ke sama, za a aika wasiku azaman [email kare], inda mai amfani shine mai aika saƙon.
2. Mydestination ya lissafa wuraren da wannan na'ura za ta isar da saƙon imel a cikin gida, maimakon tura zuwa wata na'ura (aiki azaman tsarin relay). Saitunan tsoho za su ishi a yanayin mu (tabbatar da gyara fayil ɗin don dacewa da yanayin ku).
Inda fayil ɗin /etc/postfix/transport ke bayyana alakar da ke tsakanin yanki da sabar na gaba wanda yakamata a tura saƙon saƙo. A cikin yanayinmu, tunda za mu isar da saƙo zuwa cibiyar sadarwar yankin mu kawai (ta haka ketare duk wani ƙuduri na DNS na waje), saitin mai zuwa zai wadatar.
example.com.ar local: .example.com.ar local:
Bayan haka, muna buƙatar musanya wannan fayil ɗin rubutu na fili zuwa tsarin .db, wanda ke ƙirƙirar tebirin neman wanda Postfix zai yi amfani da shi a zahiri don sanin abin da za a yi da saƙo mai shigowa da mai fita.
# postmap /etc/postfix/transport
Kuna buƙatar tunawa don sake ƙirƙirar wannan tebur idan kun ƙara ƙarin shigarwar zuwa fayil ɗin rubutu daidai.
3. mynetworks yana bayyana ma'anar cibiyoyin sadarwa masu izini Postfix zai tura saƙonni daga. Ƙimar tsoho, cibiyar sadarwa, tana gaya wa Postfix don tura wasiku daga abokan ciniki na SMTP a cikin hanyoyin sadarwar IP iri ɗaya kamar injin gida kawai.
mynetworks = subnet
4. relay_domains yana ƙayyade wuraren da ya kamata a aika imel zuwa gare su. Za mu bar ƙimar tsoho ba a taɓa shi ba, wanda ke nuna ƙaddara. Ka tuna cewa muna kafa sabar saƙo don LAN ɗin mu.
relay_domains = $mydestination
Lura cewa zaku iya amfani da $mydestination maimakon jera ainihin abinda ke ciki.
5. inet_interfaces yana bayyana wace hanyar sadarwa ce da sabis ɗin saƙo ya kamata ya saurara. Tsohuwar, duk, tana gaya wa Postfix don amfani da duk mu'amalar hanyar sadarwa.
inet_interfaces = all
6. A ƙarshe, mailbox_size_limit da message_size_limit za a yi amfani da su don saita girman akwatin saƙon kowane mai amfani da iyakar adadin da aka ba da izini na kowane saƙon, bi da bi, cikin bytes.
mailbox_size_limit = 51200000 message_size_limit = 5120000
Ƙuntata Samun shiga uwar garken SMTP
Sabar Postfix SMTP na iya amfani da wasu ƙuntatawa ga kowane buƙatun haɗin abokin ciniki. Ba duk abokan ciniki yakamata a bar su su bayyana kansu zuwa uwar garken wasikun ta hanyar amfani da umarnin smtp HELO ba, kuma tabbas ba duka bane yakamata a ba su damar aikawa ko karɓar saƙon.
Don aiwatar da waɗannan hane-hane, za mu yi amfani da umarni masu zuwa a cikin fayil ɗin main.cf. Ko da yake suna bayyana kansu, an ƙara sharhi don dalilai na bayani.
# Require that a remote SMTP client introduces itself with the HELO or EHLO command before sending the MAIL command or other commands that require EHLO negotiation. smtpd_helo_required = yes # Permit the request when the client IP address matches any network or network address listed in $mynetworks # Reject the request when the client HELO and EHLO command has a bad hostname syntax smtpd_helo_restrictions = permit_mynetworks, reject_invalid_helo_hostname # Reject the request when Postfix does not represent the final destination for the sender address smtpd_sender_restrictions = permit_mynetworks, reject_unknown_sender_domain # Reject the request unless 1) Postfix is acting as mail forwarder or 2) is the final destination smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination
Ma'aunin daidaitawa na Postfix shafi na postconf na iya zuwa da amfani don ƙarin bincika zaɓuɓɓukan da ake da su.
Yana daidaita Dovecot
Nan da nan bayan shigar da dovecot, yana goyan bayan bayan-akwatin don POP3 da IMAP ladabi, tare da amintattun nau'ikan su, POP3S da IMAPS, bi da bi.
Ƙara layin masu zuwa a cikin fayil /etc/dovecot/conf.d/10-mail.conf.
# %u represents the user account that logs in # Mailboxes are in mbox format mail_location = mbox:~/mail:INBOX=/var/mail/%u # Directory owned by the mail group and the directory set to group-writable (mode=0770, group=mail) # You may need to change this setting if postfix is running a different user / group on your system mail_privileged_group = mail
Idan ka duba kundin adireshi na gidanka, za ka lura cewa akwai ƙaramin kundin wasiƙa tare da abubuwan ciki masu zuwa.
Hakanan, da fatan za a lura cewa fayil ɗin /var/mail/%u shine inda ake adana wasikun mai amfani akan yawancin tsarin.
Ƙara wannan umarni zuwa /etc/dovecot/dovecot.conf (lura cewa imap da pop3 suna nuna imaps da pop3s kuma).
protocols = imap pop3
Kuma a tabbata /etc/conf.d/10-ssl.conf ya ƙunshi layukan masu zuwa (in ba haka ba, ƙara su).
ssl_cert = </etc/dovecot/dovecot.pem ssl_key = </etc/dovecot/private/dovecot.pem
Yanzu bari mu sake farawa Dovecot kuma mu tabbatar da cewa yana sauraren tashoshin jiragen ruwa masu alaƙa da imap, imaps, pop3, da pop3s.
# netstat -npltu | grep dovecot
Saita Abokin Ciniki na Wasiku da Aika/ Karɓar Wasiku
A kan kwamfutocin mu, za mu buɗe Thunderbird sannan mu danna Fayil → Sabo → Asusun wasikun da ke wanzu. Za a sa mu shigar da sunan asusun da adireshin imel mai alaƙa, tare da kalmar sirri. Idan muka danna Ci gaba, Thunderbird zai yi ƙoƙarin haɗawa da sabar wasiƙa don tabbatar da saitunan.
Maimaita tsarin da ke sama don asusu na gaba ([email kare]) kuma akwatunan saƙo guda biyu masu zuwa yakamata su bayyana a ɓangaren hagu na Thunderbird.
A kan uwar garken mu, za mu rubuta saƙon imel zuwa sysadmin, wanda aka lakafta zuwa jdoe da gacanepa.
Rubutun wasiku (/var/log/mail.log) da alama yana nuna cewa imel ɗin da aka aika zuwa sysadmin an mayar da shi zuwa [email kare] b>, kamar yadda ake iya gani a hoto mai zuwa.
Za mu iya tabbatar da idan ainihin an isar da saƙon ga abokin cinikinmu, inda aka saita asusun IMAP a cikin Thunderbird.
A ƙarshe, bari mu yi ƙoƙarin aika sako daga [email kare].
A cikin jarrabawar za a umarce ku da ku yi aiki na musamman tare da abubuwan amfani da layin umarni. Wannan yana nufin ba za ku iya shigar da aikace-aikacen abokin ciniki na tebur kamar Thunderbird ba, amma za a buƙaci ku yi amfani da wasiku maimakon. Mun yi amfani da Thunderbird a cikin wannan babi don dalilai na misali kawai.
Kammalawa
A cikin wannan sakon mun yi bayanin yadda ake saita sabar saƙon IMAP don cibiyar sadarwar yankin ku da kuma yadda ake takurawa sabar SMTP. Idan kun sami matsala yayin aiwatar da saitin irin wannan a cikin yanayin gwajin ku, zaku so bincika takaddun kan layi na /etc/dovecot/dovecot.conf, bi da bi), amma a kowane hali kada ku yi shakka a tuntuɓe ni ta amfani da da comment form a kasa. Zan yi farin cikin taimaka muku.