linux笔记13
主从DNS同步
当单一DNS无法满足客户需求是开启一个同步的次级DNS,他们dns的内容一致。
主机:
vim /etc/named.rfc1912.zones
zone "asd.com" IN {
type master;
file "asd.com.zone";
allow-update { none; };
allow-transfer { 172.25.254.225; }; 从机地址
};
systemctl restart named
从机:
yum install bind -y 安装服务
vim /etc/named.conf 修改配置文件
options {
listen-on port 53 { any; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; };
dnssec-validation no; 同主机一致
vim /etc/named.rfc1912.zones
zone "asd.com" IN {
type slave; 设置为从机
masters { 172.25.254.125; }; 主机地址
file "slaves/asd.com.zone";
allow-update { none; };
};
systemctl restart named 重启服务
(检测结果)
[root@localhost ~]# dig www.asd.com
; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> www.asd.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63544
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.asd.com.INA
;; ANSWER SECTION:
www.asd.com.86400INA172.25.254.126
DNS修改同步
从机:
systemctl stop firewalld 关闭火墙,允许通知通过
主机:
vim /etc/named.rfc1912.zones
zone "asd.com" IN {
type master;
file "asd.com.zone";
allow-update { none; };
allow-transfer { 172.25.254.225; };
also-notify { 172.25.254.225; }; 通知从机同步更新
};
vim /var/named/asd.com.zone
$TTL 1D
@ IN SOA dns.asd.com. root.asd.com. (
01 ; serial 修改serial,提示有更新(最多10位)文件在更新是查看的比较值
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.asd.com.
dns A 172.25.254.125
www A 172.25.254.128 DNS更新
systemctl restart named 重启服务并通知从机更新dns
『测试结果』
主从机DNS保持一致,主机更新,从机同步更新
DNS远程更新
主机(服务端)
setenforce 0 更改selinux
chmod 770 /var/named 更改目录权限
vim /etc/named.rfc1912.zones 修改文件
zone "asd.com" IN {
type master;
file "asd.com.zone";
allow-update { 172.25.254.225; }; 发送新的dns的地址
};
发送端:
nsupdate
> server 172.25.254.125 更改的dns ip
> update delete www.asd.com 删除
> send发送
> server 172.25.254.125
> update add www.asd.com 86400 A 172.25.254.120 添加新的dns (86400 缓存一天)
> send
> quit 退出
注:当完成> server 172.25.254.125
> update delete www.asd.com
> send
后主机端的/var/named/会出一个asd.com.zone.jnl
当systemctl retsart named 后 该文件会覆盖原本的asd.com.zone,所以建议提前备份
『测试结果』
远程可以更改主机的dns服务(可以进行删除和添加)
DNS远程更新(加密)
主机:
dnssec-keygen -a HMAC-MD5 -b 100 -n HOST gou (-a 加密类型 -b加密字节 -n 加密用途)
获得公钥和私钥
cp -p /etc/rndc.key /etc/gou.key 复制模版
vim /etc/gou.key 编写内容
key "gou" { 加密名称
algorithm hmac-md5; 格式
secret "/pLHdCuATXkKuZNjGQ=="; 密码
};
vim /etc/named.conf
43 include "/etc/gou.key";
vim /etc/named.rfc1912.zones 修改配置文件
zone "asd.com" IN {
type master;
file "asd.com.zone";
allow-update { key gou; }; 只接受有key的人的修改
};
scp Kgou.+157+64442.* root@172.25.254.225:/mnt 远程发送密码给用户以更新dnsderen
systemctl restart named 重启服务
发送端:
[root@localhost mnt]# nsupdate -k Kgou.+157+64442.private (-k 用密匙的方式)
> server 172.25.254.125
> update delete www.asd.com 删除
> send
> quit退出
『测试结果』
root@localhost named]# ls
asd.com.zone data named.ca named.localhost slaves
asd.com.zone.jnl dynamic named.empty named.loopback
root@localhost named]# dig www.asd.com
; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> www.asd.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55177
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.asd.com.INA
;; AUTHORITY SECTION:
asd.com.10800INSOAdns.asd.com. root.asd.com. 3 86400 3600 604800 10800
DDNS(花生壳)动态DNS获取
yum install dhcp -y 安装dhcp
cp /usr/share/doc/dhcp-4.2.5/dhcpd.conf.example /etc/dhcp/dhcpd.conf 复制模版
vim /etc/dhcp/dhcpd.conf 配置文件
6 # option definitions common to all supported networks...
7 option domain-name "asd.com"; 域名
8 option domain-name-servers 172.25.254.125;dns ip
13 # Use this to enble / disable dynamic dns updates globally.
14 ddns-update-style interim; 开启dhcp时通知dns
30 subnet 172.25.254.0 netmask 255.255.255.0 { 子网掩码
31 range 172.25.254.247 172.25.254.249; ip获取段
32 option routers 172.25.254.125;
33 }
34 key gou { key名称
35 algorithm hmac-md5; 加密方式
36 secret /pLHdCuATXkKuZNjGQ==;
37 };
38 zone asd.com. {
39 primary 127.0.0.1; 自循环
40 key gou;
41 }
vim /var/named/asd.com.zone 复原该文件
systemctl restart named
systemctl restart dhcpd 重启服务
客户端:
更改ip获取方式为dhcp
hostnamectl set-hostname bbq.asd.com 更改主机名(必须属于asd域)
systemctl restart network 重启服务
『测试结果』
dig bbq.asd.com
结果与客户端ip一致
数据库
yum install mariadb-server.x86_64 -y 数据库服务的安装
vim /etc/my.cnf 修改配置文件
# Settings user and group are ignored when systemd is used.
# If you need to run mysqld under a different user or group,
# customize your systemd unit file for mariadb according to the
# instructions in http://fedoraproject.org/wiki/Systemd
skip-networking=1 关闭网卡上的数据库端口
systemctl restart mariadb 重启服务
[root@localhost named]# mysql_secure_installation 开启安全机制
/usr/bin/mysql_secure_installation: line 379: find_mysql_client: command not found
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!
In order to log into MariaDB to secure it, we'll need the current
password for the root user. If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.
Enter current password for root (enter for none): 输入密码(无)
OK, successfully used password, moving on...
Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.
Set root password? [Y/n] y 设置密码
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
... Success!
By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.
Remove anonymous users? [Y/n] y 关闭匿名访问
... Success!
Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n] y 不允许root远程访问
... Success!
By default, MariaDB comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n] y 不允许临时数据库
- Dropping test database...
... Success!
- Removing privileges on test database...
... Success!
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n] y 刷新
... Success!
Cleaning up...
All done! If you've completed all of the above steps, your MariaDB
installation should now be secure.
Thanks for using MariaDB!
mysql -u root -p westos 登陆
数据库的查询(;表示命令输入完成)
MariaDB [(none)]> SHOW DATABASES; 显示数据库
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
+--------------------+
3 rows in set (0.00 sec)
MariaDB [(none)]> USE mysql; 进入数据库
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
MariaDB [mysql]> SHOW TABLES; 显示数据库中的表
+---------------------------+
| Tables_in_mysql |
+---------------------------+
| columns_priv |
| db |
| event |
| func |
| general_log |
| help_category |
| help_keyword |
| help_relation |
| help_topic |
| host |
| ndb_binlog_index |
| plugin |
| proc |
| procs_priv |
| proxies_priv |
| servers |
| slow_log |
| tables_priv |
| time_zone |
| time_zone_leap_second |
| time_zone_name |
| time_zone_transition |
| time_zone_transition_type |
| user |
+---------------------------+
24 rows in set (0.00 sec)
MariaDB [mysql]> SELECT User,Host,Password FROM user; 查看user表中的host,user,password字段
+------+-----------+-------------------------------------------+
| User | Host | Password |
+------+-----------+-------------------------------------------+
| root | localhost | *28C1E2BE21B45562A34B6CC34A19CFAFC2F88F96 |
| root | 127.0.0.1 | *28C1E2BE21B45562A34B6CC34A19CFAFC2F88F96 |
| root | ::1 | *28C1E2BE21B45562A34B6CC34A19CFAFC2F88F96 |
+------+-----------+-------------------------------------------+
3 rows in set (0.00 sec)
MariaDB [mysql]> CREATE DATABASE asd ; 创建一个数据库
MariaDB [mysql]> USE asd; 进入数据库
MariaDB [asd]> CREATE TABLE UTAB ( uer varchar(10) not null, password varchar(8) not null, age varchar(3) ); 创建一张表(用户名【10】不能没有,密码【8】不能没有,年龄【3】可以不添)
MariaDB [asd]> SHOW TABLES; 显示数据库
+---------------+
| Tables_in_asd |
+---------------+
| UTAB |
+---------------+
MariaDB [asd]> DESC UTAB ; 显示表的属性
+----------+-------------+------+-----+---------+-------+
| Field | Type | Null | Key | Default | Extra |
+----------+-------------+------+-----+---------+-------+
| uer | varchar(10) | NO | | NULL | |
| password | varchar(8) | NO | | NULL | |
| age | varchar(3) | YES | | NULL | |
+----------+-------------+------+-----+---------+-------+
MariaDB [asd]> INSERT INTO UTAB VALUES ('asd','qwe','24'); 添加内容进表
Query OK, 1 row affected (0.00 sec)
MariaDB [asd]> SELECT * FROM UTAB ; 显示表
+-----+----------+------+
| uer | password | age |
+-----+----------+------+
| asd | qwe | 24 |
+-----+----------+------+
MariaDB [asd]> ALTER TABLE UTAB ADD class varchar(8) AFTER password ; 添加一个字段在password后
Query OK, 1 row affected (0.03 sec)
Records: 1 Duplicates: 0 Warnings: 0
MariaDB [asd]> UPDATE UTAB SET ; class附值
Query OK, 1 row affected (0.00 sec)
Rows matched: 1 Changed: 1 Warnings: 0
MariaDB [asd]> SELECT * FROM UTAB;
+-----+----------+-------+------+
| uer | password | class | age |
+-----+----------+-------+------+
| asd | qwe | 1 | 24 |
+-----+----------+-------+------+
MariaDB [asd]> UPDATE UTAB SET WHERE uer='asd'; class值的修改
Query OK, 1 row affected (0.01 sec)
Rows matched: 1 Changed: 1 Warnings: 0
MariaDB [asd]> SELECT * FROM UTAB;
+-----+----------+-------+------+
| uer | password | class | age |
+-----+----------+-------+------+
| asd | qwe | 3 | 24 |
+-----+----------+-------+------+
MariaDB [asd]> INSERT INTO UTAB VALUES ('asd','qwe','24');
ERROR 1136 (21S01): Column count doesn't match value count at row 1
MariaDB [asd]> INSERT INTO UTAB VALUES ('gou','qwe','','24');
Query OK, 1 row affected (0.01 sec)
MariaDB [asd]> SELECT * FROM UTAB;
+-----+----------+-------+------+
| uer | password | class | age |
+-----+----------+-------+------+
| asd | qwe | 3 | 24 |
| gou | qwe | | 24 |
+-----+----------+-------+------+
MariaDB [asd]> DELETE FROM UTAB uer='gou'; 删除某一列
ERROR 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'uer='gou'' at line 1
MariaDB [asd]> DELETE FROM UTAB WHERE uer='gou';
Query OK, 1 row affected (0.01 sec)
MariaDB [asd]> SELECT * FROM UTAB;
+-----+----------+-------+------+
| uer | password | class | age |
+-----+----------+-------+------+
| asd | qwe | 3 | 24 |
+-----+----------+-------+------+
MariaDB [asd]> DROP TABLE UTAB 删除表
-> ;
Query OK, 0 rows affected (0.00 sec)
MariaDB [asd]> SELECT * FROM UTAB;
ERROR 1146 (42S02): Table 'asd.UTAB' doesn't exist
MariaDB [asd]> DROP DATABASE asd; 删除库
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> SELECT * FROM UTAB;
ERROR 1046 (3D000): No database selected
MariaDB [(none)]> SHOW DATABASES
-> ;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
+--------------------+
3 rows in set (0.00 sec)
数据库 用户的权限和访问
MariaDB [(none)]> CREATE USER we@localhost identified by 'westos';
Query OK, 0 rows affected (0.00 sec) 创建用户we,密码为westos,仅可本地登陆(we@'%'可远程登陆)
MariaDB [(none)]> GRANT CREATE ON *.* TO we@localhost ;
Query OK, 0 rows affected (0.00 sec) 授权可以在任意库的任意表中创建
MariaDB [(none)]> SHOW GRANTS FOR we@localhost ; 权限显示
+------------------------------------------------------------------------------------------------------------+
| Grants for we@localhost |
+------------------------------------------------------------------------------------------------------------+
| GRANT CREATE ON *.* TO 'we'@'localhost' IDENTIFIED BY PASSWORD '*28C1E2BE21B45562A34B6CC34A19CFAFC2F88F96' |
+------------------------------------------------------------------------------------------------------------+
1 row in set (0.00 sec)
MariaDB [(none)]> GRANT INSERT ON *.* to we@localhost ;
Query OK, 0 rows affected (0.00 sec) 可以在任意库的任意表中插入
MariaDB [(none)]> SHOW GRANTS FOR we@localhost ; 权限查看
+--------------------------------------------------------------------------------------------------------------------+
| Grants for we@localhost |
+--------------------------------------------------------------------------------------------------------------------+
| GRANT INSERT, CREATE ON *.* TO 'we'@'localhost' IDENTIFIED BY PASSWORD '*28C1E2BE21B45562A34B6CC34A19CFAFC2F88F96' |
+--------------------------------------------------------------------------------------------------------------------+
1 row in set (0.00 sec)
FLUSH PRIVILEGES ; 重载授权表
MariaDB [(none)]> REVOKE CREATE on *.* from we@localhost ;
Query OK, 0 rows affected (0.00 sec) 撤销用户创建权限
MariaDB [(none)]> DROP USER we@localhost ; 删除用户
Query OK, 0 rows affected (0.00 sec)
数据库密码
当忘记密码:
systemctl stop mariadb.service 停止服务
mysqld_safe --skip-grant-tables & 开启安全模式
[root@localhost ~]# fg
mysqld_safe --skip-grant-tables
^Z
[1]+ Stopped mysqld_safe --skip-grant-tables
mysql -u root 进入数据库
MariaDB [(none)]> UPDATE mysql.user set Password='redhat' WHERE User='root' ; 更新密码(明文)
Query OK, 3 rows affected (0.00 sec)
Rows matched: 3 Changed: 3 Warnings: 0
| localhost | root | redhat | Y | Y | Y | Y
MariaDB [(none)]> UPDATE mysql.user set Password=password('redhat') WHERE User='root' ; 更新密码(加密)
Query OK, 3 rows affected (0.00 sec)
Rows matched: 3 Changed: 3 Warnings: 0
| localhost | root | *84BB5DF4823DA319BBF86C99624479A198E6EEE9 | Y | Y
[root@localhost ~]# fg 查看后台
mysqld_safe --skip-grant-tables
^Z
[1]+ Stopped mysqld_safe --skip-grant-tables
[root@localhost ~]# killall -9 mysqld_safe 关闭后台进程
[1]+ Killed mysqld_safe --skip-grant-tables
[root@localhost ~]# ps aux | grep mysql 查看进程
mysql 3196 0.0 4.8 859060 91736 pts/0 Sl 20:52 0:00 /usr/libexec/mysqld --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib64/mysql/plugin --user=mysql --skip-grant-tables --log-error=/var/log/mariadb/mariadb.log --pid-file=/var/run/mariadb/mariadb.pid --socket=/var/lib/mysql/mysql.sock
root 3416 0.0 0.0 112640 940 pts/0 R+ 20:58 0:00 grep --color=auto mysql
[root@localhost ~]# kill -9 3196 关闭
systemctl start mariadb 开启服务(可以正常登陆)
修改密码:
mysqladmin -uroot -predhat password westos
数据库的备份和恢复
MariaDB [(none)]> CREATE DATABASE westos ;
MariaDB [westos]> CREATE TABLE UTAB (user varchar(10)not null, password varchar(10)not null, class varchar(5) );
MariaDB [westos]> INSERT INTO UTAB VALUES ('asd','123','4');
Query OK, 1 row affected (0.01 sec)
MariaDB [westos]> INSERT INTO UTAB VALUES ('lee','123','');
Query OK, 1 row affected (0.01 sec)
MariaDB [westos]> SELECT * FROM UTAB;
+------+----------+-------+
| user | password | class |
+------+----------+-------+
| asd | 123 | 4 |
| lee | 123 | |
+------+----------+-------+
(创建一个实验用的数据库)
[root@localhost ~]# mysqldump -uroot -pwestos westos > /mnt/westos.sql 备份数据库
-- MySQL dump 10.14 Distrib 5.5.35-MariaDB, for Linux (x86_64)
--
-- Host: localhost Database: westos
-- ------------------------------------------------------
-- Server version5.5.35-MariaDB
/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
/*!40101 SET NAMES utf8 */;
/*!40103 SET @OLD_TIME_ZONE=@@TIME_ZONE */;
/*!40103 SET TIME_ZONE='+00:00' */;
/*!40014 SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0 */;
/*!40014 SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0 */;
/*!40101 SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='NO_AUTO_VALUE_ON_ZERO' */;
/*!40111 SET @OLD_SQL_NOTES=@@SQL_NOTES, SQL_NOTES=0 */;
--
-- Table structure for table `UTAB`
--
DROP TABLE IF EXISTS `UTAB`;
/*!40101 SET @saved_cs_client = @@character_set_client */;
/*!40101 SET character_set_client = utf8 */;
CREATE TABLE `UTAB` (
`user` varchar(10) NOT NULL,
`password` varchar(10) NOT NULL,
`class` varchar(5) DEFAULT NULL
) ENGINE=InnoDB DEFAULT CHARSET=latin1;
/*!40101 SET character_set_client = @saved_cs_client */;
--
-- Dumping data for table `UTAB`
--
LOCK TABLES `UTAB` WRITE;
/*!40000 ALTER TABLE `UTAB` DISABLE KEYS */;
INSERT INTO `UTAB` VALUES ('asd','123','4'),('lee','123','');
/*!40000 ALTER TABLE `UTAB` ENABLE KEYS */;
UNLOCK TABLES;
/*!40103 SET TIME_ZONE=@OLD_TIME_ZONE */;
/*!40101 SET SQL_MODE=@OLD_SQL_MODE */;
/*!40014 SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS */;
/*!40014 SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS */;
/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;
/*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */;
-- Dump completed on 2016-11-26 21:26:37
mysqldump -uroot -pwestos westos --no-data 只备份表格不备份其中数据
mysqldump -uroot -pwestos westos --all-database 备份全部
mysql -uroot -pwestos -e "SHOW DATABASES;"
mysql -uroot -pwestos -e "DROP westos;" 删除原有库(非交互)
mysql -uroot -pwestos -e "DROP DATABASE westos;"
mysql -uroot -pwestos -e "SHOW DATABASES;"
mysql -uroot -pwestos -e "CREATE DATABASE westos;"
mysql -uroot -pwestos westos < /mnt/westos.sql 恢复数据库
[root@localhost ~]# mysql -uroot -pwestos -e "SELECT * FROM westos.UTAB;"
+------+----------+-------+
| user | password | class |
+------+----------+-------+
| asd | 123 | 4 |
| lee | 123 | |
+------+----------+-------+
图形管理数据库
yum install httpd -y 安装服务
lftp 172.25.254.250 下载 phpMyAdmin-3.4.0-all-languages.tar.bz2
tar -jxf phpMyAdmin-3.4.0-all-languages.tar.bz2 解压
yum install php php-mysql -y 安装php
cd myadmin/
cp -p config.sample.inc.php config.inc.php 复制配置和i文件模版
vim config.inc.php 修改配置文件
17 $cfg['blowfish_secret'] = 'westos'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */
systemctl restart httpd 重启服务
邮件服务(smtp协议)
配置基础dns邮件服务
『结果』
(主机)
[root@localhost ~]# dig -t mx westos.com
; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> -t mx westos.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22032
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;westos.com.INMX
;; ANSWER SECTION:
westos.com.86400INMX1 172.25.254.225.
;; AUTHORITY SECTION:
westos.com.86400INNSdns.westos.com.
;; ADDITIONAL SECTION:
dns.westos.com.86400INA172.25.254.125
(从机)
[root@localhost ~]# dig -t mx linux.com
; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> -t mx linux.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42394
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;linux.com.INMX
;; ANSWER SECTION:
linux.com.86400INMX1 172.25.254.125.
;; AUTHORITY SECTION:
linux.com.86400INNSdns.linux.com.
;; ADDITIONAL SECTION:
dns.linux.com.86400INA172.25.254.125
邮件通信(smtp)
主机:
vim /etc/postfix/main.cf 修改postfix配置文件
75 myhostname = linux.com 主机名称
83 mydomain = linux.com 域名
99 myorigin = $mydomain 邮件后缀
113 inet_interfaces = all 开启所有网络端口
116 #inet_interfaces = localhost
164 mydestination = $myhostname, $mydomain, localhost 接受邮件类型
systemctl restart postfix.service 重启服务
scp /etc/postfix/main.cf root@172.25.254.225:/etc/postfix/main.cf 向从机发送模版
从机:
vim /etc/postfix/main.cf 修改postfix配置文件
75 myhostname = westos.com 主机名称
83 mydomain = westos.com 域名
99 myorigin = $mydomain 邮件后缀
113 inet_interfaces = all 开启所有网络端口
116 #inet_interfaces = localhost
164 mydestination = $myhostname, $mydomain, localhost 接受那些目的地过来的邮件
systemctl restart postfix.service 重启服务
『测试结果』
从机向主机
[root@localhost ~]# mail root@linux.com
Subject: asd
asd
asdqwe.
.
EOT
[root@localhost ~]# mailq
Mail queue is empty
主机
[root@localhost named]# mailq
Mail queue is empty
You have mail in /var/spool/mail/root
[root@localhost named]# mail
Heirloom Mail version 12.5 7/5/10. Type ? for help.
"/var/spool/mail/root": 1 message 1 new
>N 1 root Sun Nov 27 01:56 22/700 "asd"
& 1
Message 1:
From root@westos.com Sun Nov 27 01:56:18 2016
Return-Path:
X-Original-To: root@linux.com
Delivered-To: root@linux.com
Date: Sun, 27 Nov 2016 01:56:17 -0500
To: root@linux.com
Subject: asd
User-Agent: Heirloom mailx 12.5 7/5/10
Content-Type: text/plain; charset=us-ascii
From: root@westos.com (root)
Status: R
asd
asdqwe.
mailq 查看邮件信息
postsuper -d 4B9DE17E849 删除滞留邮件(4E..为邮件编号)
postsqueue -f 刷新滞留邮件
邮件别名
vim /etc/aliases
# Person who should get root's mail
#root: marc
qqq: root root的别名为qqq
more: :include:/etc/moreusers 多方用户
vim /etc/moreusers 配置多方用户
root
student (包含的用户)
postalias /etc/aliases 重新读取/etc/aliases文件
systemctl restart postfix.service 重启服务
『测试结果』
[root@localhost ~]# mail qqq@linux.com 向root的别名发送邮件(可接受)
Subject: 123
qweasd
.
EOT
[root@localhost ~]# mail more@linux.com 向多方发送邮件(root,student都可接受)
Subject: 234
aaqwe
.
EOT
postconf -e "inet_interface=localhost" 修改/etc/postfix/main.cf 文件
postconf -d 查找/etc/postfix/main.cf中的信息
postconf -n 列出/etc/postfix/main.cf中所有参数
邮件的匿名
从机
cd /etc/postfix
vim generic 修改匿名文件
root@westos.com 123@qq.com (最后一行 前为真实邮件地址;后为假的)
postmap generic 加密文件
postconf -e "smtp_generic_maps = hash:/etc/postfix/generic" 将文件写如配置文件参数
systemctl restart postfix.service 重启服务
『测试结果』
从机:
[root@localhost postfix]# mail root@linux.com 发送邮件
Subject: 456
asd
asd
.
EOT
主机:
[root@localhost ~]# mail
Heirloom Mail version 12.5 7/5/10. Type ? for help.
"/var/spool/mail/root": 1 message 1 new
>N 1 root Sun Nov 27 03:38 22/681 "456"
& 1
Message 1:
From 123@qq.com Sun Nov 27 03:38:52 2016 发送方变为匿名
Return-Path: <123@qq.com>
X-Original-To: root@linux.com
Delivered-To: root@linux.com
Date: Sun, 27 Nov 2016 03:38:52 -0500
To: root@linux.com
Subject: 456
User-Agent: Heirloom mailx 12.5 7/5/10
Content-Type: text/plain; charset=us-ascii
From: 123@qq.com (root)
Status: R
asd
asd
远程检测25端口
[root@localhost postfix]# telnet 172.25.254.125 25 链接25端口
Trying 172.25.254.125...
Connected to 172.25.254.125.
Escape character is '^]'.
220 linux.com ESMTP Postfix
ehlo hello 检测
250-linux.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
mail from:root@westos.com 邮件来自
250 2.1.0 Ok
rcpt to:root@linux.com 发送去
250 2.1.5 Ok
data 内容
354 End data with
asd
asdw
.
250 2.0.0 Ok: queued as D8C7C17E84F
quit 退出