postfix邮件网关之一-创新互联

1, 58.215.76.168 (内部接受邮件服务器)

创新互联公司是一家专业提供振兴企业网站建设,专注与成都网站制作、做网站、外贸营销网站建设H5响应式网站、小程序制作等业务。10年已为振兴众多企业、政府机构等服务。创新互联专业的建站公司优惠进行中。

接受邮局服务器

[root@mail6 conf]# cat main.cf

alias_database = hash:/usr/prima/postfix/conf/aliases

alias_maps = hash:/usr/prima/postfix/conf/aliases

append_at_myorigin = yes

append_dot_mydomain = no

command_directory = /usr/prima/postfix/sbin

config_directory = /usr/prima/postfix/conf

daemon_directory = /usr/prima/postfix/libexec

debug_peer_level = 2

disable_vrfy_command = yes

inet_interfaces = all

local_recipient_maps = $alias_maps hash:/usr/prima/postfix/conf/virtual

mail_owner = postfix

mailbox_transport = maildrop

maildrop_checkquota = yes

# The maildrop_checkquota_all controls whether reject mail only when all

# receipts are out of quota. This should be turned off.

maildrop_checkquota_all = no

maildrop_destination_recipient_limit = 1

mailq_path = /usr/bin/mailq

manpage_directory = /usr/prima/postfix/man

maximal_backoff_time = 3600s

maximal_queue_lifetime = 5400s

minimal_backoff_time = 1800s

mydestination = $myhostname $transport_maps

myhostname = mail6.edong.com

mynetworks = 127.0.0.0/8

mynetworks_style = subnet

newaliases_path = /usr/bin/newaliases

queue_directory = /var/spool/postfix

queue_run_delay = 60s

readme_directory = /usr/prima/postfix/conf/README_FILES

sample_directory = /usr/prima/postfix/conf/samples

sendmail_path = /usr/sbin/sendmail

setgid_group = postdrop

smtp_skip_4xx_greeting = no

smtpd_etrn_restrictions = reject

smtpd_helo_required = yes

smtpd_recipient_limit = 100

# freemail host checks

smtpd_restriction_classes = from_freemail_host

from_freemail_host = xheader_if_reject check_client_access hash:/usr/prima/postfix/conf/freemail_hosts,

    reject

smtpd_recipient_restrictions = reject_unauth_pipelining,

    permit_mynetworks,

    reject_unknown_recipient_domain,

    permit_sasl_authenticated,

#    xheader_if_reject reject_unknown_client,

#    xheader_if_reject reject_unknown_hostname,

#    xheader_if_reject reject_unknown_sender_domain,

#     xheader_if_reject reject_invalid_hostname,

#     xheader_if_reject reject_non_fqdn_hostname,

#     xheader_if_reject reject_non_fqdn_sender,

#     xheader_if_reject reject_non_fqdn_recipient,

#    check_sender_access hash:/usr/prima/postfix/conf/freemail_access,

    reject_unauth_destination,

    check_client_access hash:/usr/prima/postfix/conf/filter_server,

    check_recipient_access regexp:/usr/prima/postfix/conf/mail_filter,

    check_client_access hash:/usr/prima/postfix/conf/white_list_server,

    reject_rbl_client zen.spamhaus.org

smtpd_sasl_auth_enable = yes

smtpd_sasl_local_domain = $myhostname

soft_bounce = no

strict_rfc821_envelopes = yes

transport_maps = hash:/usr/prima/postfix/conf/transport

virtual_alias_maps = hash:/usr/prima/postfix/conf/virtual

bounce_queue_lifetime = 0

smtpd_timeout = 60s

parent_domain_matches_subdomains =

relayhost = [gw2.edong.com]

always_bcc =

message_size_limit = 31457280

2, filter_server主要作用是接受来自如下两ip的信件。

(注:在76.168接受所有邮件后会通过mail_filter转向到gw1.edong.com及203.191.144.138上,所以在通过main.cf内check_client_access hash:/usr/prima/postfix/conf/filter_server,

   check_recipient_access regexp:/usr/prima/postfix/conf/mail_filter,

的过滤后来接受来自网关的信件。这样可以过滤点一大部分垃圾邮件。)

[root@mail6 conf]# cat filter_server

203.191.144.138 OK

203.191.144.137 OK

3, 接受客户发来的信件

[root@mail6 conf]# cat white_list_server

58.215.76.168 OK

4,  将接受到的邮件发到网关gw1.edong.com进行过滤后再返回正常进入接受队列。

[root@mail6 conf]# cat mail_filter

/techsun.com.cn/ FILTER spamfilter:[gw1.edong.com]:10025

#/[c-fC-F].*.com.cn/ FILTER spamfilter:[gw1.edong.com]:10025

/thh@cnagg.com/ FILTER spamfilter:[gw1.edong.com]:10025

#/.*/ FILTER spamfilter:[gw1.edong.com]:10025

5,

transport_maps这个参数对应的是所有目标接受方的地址。

[root@mail6 conf]# cat transport

weilesci.com maildrop:

talentbright.com maildrop:

shbizun.com maildrop:

zambon.com.cn smtp:

ags.co.th smtp:

oweb.cn smtp:oweb.cn

decens.cn maildrop:

6,master.conf

spamfilter unix -    -    n    -    -    smtp   -o smtp_send_xforward_command=yes

需要注意的是这条,spamfilter是通过这条来对初次接收到的邮件转发到网关上去,它主要这个功能。

有些老的postfix不只能spamfilter的功能,需要|grep spamfilter,看是否有相关的rpm,如果有则支持。

# ==========================================================================

# service type private unpriv chroot wakeup maxproc command + args

#        (yes)  (yes)  (yes)  (never) (100)

# ==========================================================================

smtp    inet n    -    n    -    -    smtpd

#628    inet n    -    n    -    -    qmqpd

pickup   fifo n    -    n    60    1    pickup

cleanup  unix n    -    n    -    0    cleanup

#qmgr    fifo n    -    n    300   1    qmgr

qmgr   fifo n    -    n    300   1    nqmgr

rewrite  unix -    -    n    -    -    trivial-rewrite

bounce   unix -    -    n    -    0    bounce

defer   unix -    -    n    -    0    bounce

flush   unix n    -    n    1000?  0    flush

proxymap unix -    -    n    -    -    proxymap

smtp    unix -    -    n    -    -    smtp

relay   unix -    -    n    -    -    smtp

#    -o smtp_helo_timeout=5 -o smtp_connect_timeout=5

showq   unix n    -    n    -    -    showq

error   unix -    -    n    -    -    error

local   unix -    n    n    -    -    local

virtual  unix -    n    n    -    -    virtual

lmtp    unix -    -    n    -    -    lmtp

#

# Interfaces to non-Postfix software. Be sure to examine the manual

# pages of the non-Postfix software to find out what options it wants.

#

# maildrop. See the Postfix MAILDROP_README file for details.

#

maildrop unix -    n    n    -    -    pipe

flags=DORhu user=vmail argv=/usr/prima/maildrop/bin/maildrop -d ${recipient} -w 90

#

# The Cyrus deliver program has changed incompatibly, multiple times.

#

old-cyrus unix -    n    n    -    -    pipe

flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}

# Cyrus 2.1.5 (Amos Gouaux)

cyrus   unix -    n    n    -    -    pipe

user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}

uucp    unix -    n    n    -    -    pipe

flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)

ifmail   unix -    n    n    -    -    pipe

flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)

bsmtp   unix -    n    n    -    -    pipe

flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient

spamfilter unix -    -    n    -    -    smtp   -o smtp_send_xforward_command=yes

2009-04-28

另外有需要云服务器可以了解下创新互联cdcxhl.cn,海内外云服务器15元起步,三天无理由+7*72小时售后在线,公司持有idc许可证,提供“云服务器、裸金属服务器、高防服务器、香港服务器、美国服务器、虚拟主机、免备案服务器”等云主机租用服务以及企业上云的综合解决方案,具有“安全稳定、简单易用、服务可用性高、性价比高”等特点与优势,专为企业上云打造定制,能够满足用户丰富、多元化的应用场景需求。


分享名称:postfix邮件网关之一-创新互联
本文链接:http://ybzwz.com/article/dogejs.html