海运的博客

PVE/postfix配置smtp发送邮件

发布时间:December 9, 2021 // 分类: // No Comments

安装认证模块:

apt install libsasl2-modules
#如需pcre匹配安装
#apt install postfix-pcre

修改/etc/postfix/main.cf添加:

myhostname=pve.lan
#配置文件内有relayhost要先注释,465端口是SMTPS,587端口是STARTTLS
relayhost = smtp.qq.com:465

#此参数被smtp_tls_security_level取代
#smtp_use_tls = yes
#使用SMTPS非STARTTLS加密方式
smtp_tls_wrappermode = yes
#加密级别
smtp_tls_security_level = encrypt
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt

smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous

#本地用户替换为smtp认证用户,smtp_generic_maps和sender_canonical_maps都可以
smtp_generic_maps = hash:/etc/postfix/generic
#sender_canonical_maps = hash:/etc/postfix/sender_canonical
#使用pcre匹配本机用户
#sender_canonical_maps = pcre:/etc/postfix/sender_pcre_canonical
#header检查并替换发送者名称
smtp_header_checks = pcre:/etc/postfix/smtp_header_checks

sender_canonical或generic映射本机用户到smtp账号:

cat /etc/postfix/generic
#本机所有用户,注意pve.lan为主配置文件myhostname
@pve.lan support@haiyun.me
#下面2个等效
root support@haiyun.me
root@pve.lan support@haiyun.me

正则映射:

cat /etc/postfix/sender_pcre_canonical
#匹配所有hostname和所有用户
/.*/ support@haiyun.me

smtp账号密码:

cat /etc/postfix/sasl_passwd
smtp.qq.com support@haiyun.me:password

生成hash数据库,pcre不用生成:

postmap /etc/postfix/sasl_passwd
postmap /etc/postfix/generic
postmap /etc/postfix/sender_canonical

替换发件人姓名:

cat /etc/postfix/smtp_header_checks 
/^From:.*/ REPLACE From: 重要通知 <support@haiyun.me>

发送邮件测试:

apt install bsd-mailx
echo "www.haiyun.me" |mail -s test support@haiyun.me
echo "test" | /usr/bin/pvemailforward

将其它用户邮件转发到root用户:

cat /etc/aliases
postmaster: root
nobody: root
#也可使用~/.forward 
#root: support@haiyun.me
postalias /etc/aliases

将root用户邮件转发到外部邮箱:

cat ~/.forward 
support@haiyun.me

参考:
https://serverfault.com/questions/717719/how-can-i-strip-or-rewrite-the-senders-name-of-a-from-address-when-using-postfi
https://forum.proxmox.com/threads/get-postfix-to-send-notifications-email-externally.59940/

Postfix/dovecot配置SMTP/IMAP SSL加密连接

发布时间:July 10, 2012 // 分类:Mail,OpenSSL // No Comments

首先生成SSL证书,如需SSL证书认证可先生成证书请求文件再转交CA认证。
Postfix配置SSL:

#https://www.haiyun.me
cat /etc/postfix/main.cf
#smtpd_tls_auth_only = yes
smtpd_tls_key_file = /etc/postfix/CA/private/server.key
smtpd_tls_cert_file = /etc/postfix/CA/certs/server.crt
smtpd_tls_CAfile = /etc/postfix/CA/cacert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom

开启Postfix服务器SMTPS端口监听:

cat /etc/postfix/master.cf
smtps     inet  n       -       n       -       -       smtpd
  -o smtpd_tls_wrappermode=yes
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_client_restrictions=permit_sasl_authenticated,reject

测试SMTP SSL是否生效:

openssl s_client -connect smtp.haiyun.me:smtps
SSL-Session:
    Protocol  : TLSv1
    Cipher    : DHE-RSA-AES256-SHA
    Session-ID: 65424E5937C2EE0453E796BA179DF8F8D92A523FAD5F170CFE11A64E5A0441D3
    Session-ID-ctx: 
    Master-Key: 43EC9C65F8215B3304C62A4E860116D6CA58BFE732514F5B31EC67196D993F43A19E837CA9BD48D6008A06874ED83BB0
    Key-Arg   : None
    Krb5 Principal: None
    Start Time: 1341366288
    Timeout   : 300 (sec)
    Verify return code: 19 (self signed certificate in certificate chain)
---
220 mail.www.haiyun.me ESMTP Postfix
quit
221 2.0.0 Bye

Dovecot配置SSL:

cat /etc/dovecot/conf.d/10-ssl.conf
ssl = yes
ssl_cert = </etc/pki/dovecot/certs/dovecot.pem
ssl_key = </etc/pki/dovecot/private/dovecot.pem

测试IMAP/POP SSL是否生效:

openssl s_client -connect smtp..haiyun.me:imaps
openssl s_client -connect smtp..haiyun.me:pops
SSL-Session:
    Protocol  : TLSv1
    Cipher    : DHE-RSA-AES256-SHA
    Session-ID: A6CD69E16438BB8CBEA7ABCDF74F1BDC844E00C4C7A3B2446FB87E230788D4A5
    Session-ID-ctx: 
    Master-Key: D6135140AC6BAD1AABFD85CE1A28FA66387B60CF6E6744B0F3BDCEFB82F6B7EA4FF28461E6A007DC03B91787C50CDFE0
    Key-Arg   : None
    Krb5 Principal: None
    Start Time: 1341363344
    Timeout   : 300 (sec)
    Verify return code: 18 (self signed certificate)
---
* OK Dovecot ready.

用Telnet发送/接收邮件、测试Mail服务器

发布时间:July 9, 2012 // 分类:Mail // No Comments

Telnet连接SMTP服务器发送邮件:

telnet mail.haiyun.me 25
Trying 192.168.1.2...
Connected to smtp.haiyun.me (192.168.1.2).
Escape character is '^]'.
220 mail.www.haiyun.me ESMTP Postfix
mail from:mail@haiyun.me #发件人
250 2.1.0 Ok
rcpt to:test@haiyun.me #收件人
250 2.1.5 Ok
data #输入数据
354 End data with <CR><LF>.<CR><LF>
test mail #邮件内容
. #输入结束
250 2.0.0 Ok: queued as 6239437EA2C
quit #退出
221 2.0.0 Bye

Telnet连接POP服务器接收邮件:

telnet mail.haiyun.me 110
+OK Dovecot ready.
user test #用户
+OK
pass passwd #密码
+OK Logged in.
list #列出当前邮件
+OK 2 messages:
1 972
2 466
.
retr 2 #查看编号2邮件
+OK 466 octets
Return-Path: <mail@haiyun.me>
X-Original-To: test@haiyun.me
Delivered-To: test@haiyun.me
Received: from (test.haiyun.me [192.168.1.3])
    by mail.haiyun.me (Postfix) with SMTP id 6239437EA2C
    for <test@haiyun.me>; Wed,  4 Jul 2012 12:56:45 +0800 (CST)
Message-Id: <20120704045706.6239437EA2C@mail.haiyun.me>
Date: Wed,  4 Jul 2012 12:56:45 +0800 (CST)
From: mail@haiyun.me
To: undisclosed-recipients:;

test mail
.
quit
+OK Logging out.

Telnet连接IMAP服务器接收邮件:

telnet mail.haiyun.me 143
* OK Dovecot ready.
A01 LOGIN test passwd #登入用户、密码
A01 OK Logged in.
A02 LIST "" * #列出信箱列表    
* LIST (\HasNoChildren) "." "INBOX"
A02 OK List completed.
A03 Select "INBOX"  #选择信箱    
* FLAGS (\Answered \Flagged \Deleted \Seen \Draft)
* OK [PERMANENTFLAGS (\Answered \Flagged \Deleted \Seen \Draft \*)] Flags permitted.
* 2 EXISTS
* 0 RECENT
* OK [UIDVALIDITY 1341377220] UIDs valid
* OK [UIDNEXT 3] Predicted next UID
A03 OK [READ-WRITE] Select completed.
A04 Search ALL #查询所有邮件
* SEARCH 1 2
A04 OK Search completed.
A05 Fetch 2 full #获取邮件2内容
* 2 FETCH (FLAGS (\Seen) INTERNALDATE "04-Jul-2012 12:57:25 +0800" RFC822.SIZE 466 ENVELOPE ("Wed, 4 Jul 2012 12:56:45 +0800 (CST)" NIL ((NIL NIL "404344922" "qq.com")) ((NIL NIL "404344922" "qq.com")) ((NIL NIL "404344922" "qq.com")) ((NIL NIL "undisclosed-recipients" NIL)(NIL NIL "" "MISSING_DOMAIN")(NIL NIL NIL NIL)) NIL NIL NIL "<20120704045706.6239437EA2C@mail.www.haiyun.me>") BODY ("text" "plain" ("charset" "us-ascii") NIL NIL "7bit" 11 1))
A05 OK Fetch completed.
A06 logout #登出
* BYE Logging out
A06 OK Logout completed.

Linux下命令行smtp客户端SendEmail

发布时间:June 4, 2012 // 分类:Mail // No Comments

SendEmailSendmail,为perl写的一款smtp客户端软件,只有一个执行脚本,安装使用都很方便。
安装:

wget http://caspian.dotconf.net/menu/Software/SendEmail/sendEmail-v1.56.tar.gz
tar zxvf sendEmail-v1.56.tar.gz 
cp -a sendEmail-v1.56/sendEmail /usr/local/bin
chmod +x /usr/local/bin/sendEmail

常用参数:

-f 发送方
-t 接收方
-u 邮件主题
-m 邮件内容
-a 添加附件
-cc 副本
-xu smtp验证用户
-xp 密码
-v 详细输出
-o message-file=/file.txt 正文从文件内读取
-o tls=yes

应用举例:

sendEmail -v -f ono@www.haiyun.me -t test@qq.com -s smtp.www.haiyun.me:995 -u "test" -m "测试sendemail" -xu user -xp passwd tls=yes

使用CentOS自带Mail命令发送邮件参考:https://www.haiyun.me/archives/linux-mail-smtp.html

Linux/Centos下mail连接到smtp服务器发送邮件

发布时间:April 15, 2012 // 分类:Mail // No Comments

自架邮件服务器麻烦还容易被拦截,可以使用Linuxmail命令连接到第三方邮件服务器商的smtp服务器发送邮件。

#/bin/bash
mailaddr=onovps@www.haiyun.me
smtpserver=smtp.www.haiyun.me
user=onovps
passwd=onovps
cat >> /etc/mail.rc <<EOF
set from=$mailaddr
set smtp=$smtpserver
set smtp-auth=login
set smtp-auth-user=$user
set smtp-auth-password=$passwd
EOF

发送邮件:

mail -v -s "主题" onovps@www.haiyun.me #Enter键后输入正文
mail -v -s "主题" onovps@www.haiyun.me < file #file内容为正文
echo "正文"|mail -v -s "主题" onovps@www.haiyun.me #以重定向输入为正文
分类
最新文章
最近回复
  • opnfense: 谢谢博主!!!解决问题了!!!我之前一直以为内置的odhcp6就是唯一管理ipv6的方式
  • liyk: 这个方法获取的IPv6大概20分钟之后就会失效,默认路由先消失,然后Global IPV6再消失
  • 海运: 不好意思,没有。
  • zongboa: 您好,請問一下有immortalwrt設定guest Wi-Fi的GUI教學嗎?感謝您。
  • 海运: 恩山有很多。
  • swsend: 大佬可以分享一下固件吗,谢谢。
  • Jimmy: 方法一 nghtp3步骤需要改成如下才能编译成功: git clone https://git...
  • 海运: 地址格式和udpxy一样,udpxy和msd_lite能用这个就能用。
  • 1: 怎么用 编译后的程序在家里路由器内任意一台设备上运行就可以吗?比如笔记本电脑 m参数是笔记本的...
  • 孤狼: ups_status_set: seems that UPS [BK650M2-CH] is ...