4강_DNS, sendmail, pop3
주DNS
- // named.conf for Red Hat caching-nameserver
options {
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
}; - controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
}; - zone "." IN {
type hint;
file "named.ca";
}; - zone "2.10.10.in-addr.arpa" IN {
type master;
file "zonefile/10.10.2.rzone";
allow-update { 10.10.2.64; };
}; - zone "255.in-addr.arpa" IN {
type master;
file "named.broadcast";
allow-update { none; };
}; - zone "0.in-addr.arpa" IN {
type master;
file "named.zero";
allow-update { none; };
}; - include "/etc/rndc.key";
- include "conf/second.conf";
include "conf/primary.conf";
- // 10.10.2.rzone
- $TTL 86400
@ IN SOA @ root (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum - IN NS @
63 IN PTR www.bae.com
63 IN PTR www.june.com
63 IN PTR www.hwan.com
65 IN PTR ftp.bae.com
65 IN PTR mail.bae.com
부 DNS
- // named.conf for Red Hat caching-nameserver
options {
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
}; - controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
}; - zone "." IN {
type hint;
file "named.ca";
}; - zone "2.10.10.in-addr.arpa" IN {
type slave;
file "zonefile/10.10.2.rzone";
masters { 10.10.2.64; };
}; - zone "255.in-addr.arpa" IN {
type slave;
file "named.broadcast";
masters { 10.10.2.63; };
}; - zone "0.in-addr.arpa" IN {
type master;
file "named.zero";
allow-update { none; };
}; - include "/etc/rndc.key";
- include "conf/second.conf";
include "conf/primary.conf";
- // /var/named/chroot/var/named/xxxxx.conf
-
zone "june.com" IN {
type slave;
file "zonefile/primary.zone";
masters { 10.10.2.63; };
}; - zone "bae.com" IN {
type slave;
file "zonefile/primary.zone";
masters { 10.10.2.63; };
}; - zone "hwan.com" IN {
type slave;
file "zonefile/primary.zone";
masters { 10.10.2.63; };
};
셋팅후 데몬 restart
#chown named.named /var/named/chroot/var/named/conf -R
#chown named.named /var/named/chroot/var/named/zonefile -R
(주dns와 부dns 둘다 해줄것.)
/etc/host.conf
ip가 아닌 문자로 질의할때 로컬호스트에서 검색순서
hosts (ip맵핑), -> bind(DNS)
/etc/resolv.conf
nameserver ip (DNS지정)
domain
serch
Mail server (Sendmail, Pop3, Imap)
smtp : tcp 25 / pop3 : tcp 101 / imap : tcp 143
MTA : sendmail, Qmail
MUA : Outlook, 썬더버드
/var/named/chroot/var/named/conf
지정해준 xxxx.conf 파일에
mail IN A mail_server_IP
IN MX 10 mail_server_IP
두줄추가
telnet localhost 25 로 테스트가능
- /etc/mail/sendmail.cf
- cwlocalhost cwjune.com (89)
- #dj$w.foo.com (sendmial의 hostname (95))
- FR -O /etc/mail/relay-domain (릴레이를 허용할 도메인 이름 (121)
- kaccess hash -T<TMPF> -o /etc/mail/access.db (access.db 바이너리파일(160)
- O Ailasfile = /etc/alias (그룹을 대표하는 계정생성. 여러개의 계정을 묶을수 있다 (180))
- O MaxMessagesize (메시지 제한값(186))
- O DaemonPortoption\port\smtp,addr=127.0.0.1,nam=MTA (로컬호스트에서 보내는것만 신뢰 0.0.0.0 모두허용(265))
- O Queuedirectory = /var/spool/mqueue (임시큐대기파일 (307))
vi /etc/mail/access
10.10.2. RELAY
spam.co.kr REJECT
access 파일로 access.db 생성
makemap hash /etc/mail/access < /etc/mail/access.db
vi local-host-names (메일을 송수신할 도메인 명시 ex)june.com)
-- smtp 설정끝
dovecot 설치되어 있는지 확인
vi /etc/dovecot.conf
protocols = pop3 imap (MTU가 MUA 통신시 사용될 프로토콜 (14))
imap_listen = *
pop3_listen = * (NIC카드에 여러개의 IP가 있을때 어떤 IP로 응답할건지 명시 ex)10.10.2.63:143)
service dovecot start
service sendmail setart
-- pop imap 설정끝
useradd --
passwd --
vi /etc/resolv.conf DNS 재설정
#mail username@test.com
확인 /var/spool/mail
최종정리판
<Mail Sever>
-
Sendmail 설치확인
- #rpm -qa | grep sendmail
-
방화벽 설정
- SMTP(TCP25), POP3(TCP110), IMAP(TCP143)
-
Vi etc/mail/sendmail.cf
- addr = 127.0.0.1
- addr = 0.0.0.0
-
vi /etc/mail/access 수정
- 상대방 mail server relay설정
- #makemap hash /etc/mail/access < /etc/mail/access
-
#vi /etc/mail/local-host-names
- 본인 Domain name 입력(ex june.com)
- #service sendmail restart
-
#vi /etc/dovecot.conf
- protocols = pop3 imap
- imap_listen = *
- pop3_listen = *
- #service dovecot start
- nslookup 으로 확인
- ,ail mail01@---.com
최종실습코드
- //june.com.zone
- $TTL 86400
@ IN SOA @ root (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum - IN NS ns.june.com.
IN MX 45 mail.june.com. - www IN A 10.10.2.64
mail IN A 10.10.2.63
IN AAAA ::1
- // named.conf for Red Hat caching-nameserver
// - options {
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
}; - //
// a caching only nameserver config
//
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
}; - zone "." IN {
type hint;
file "named.ca";
}; - zone "localdomain" IN {
type master;
file "localdomain.zone";
allow-update { none; };
}; - zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
}; - zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
}; - zone "this.com" IN {
type master;
file "this.com.zone";
allow-update { none; };
}; - zone "cjw.com" IN {
type master;
file "cjw.com.zone";
allow-update { none; };
}; - zone "dfhana.com" IN {
type master;
file "dfhana.com.zone";
allow-update { none; };
}; - zone "angel.com" IN {
type master;
file "angel.com.zone";
allow-update { none; };
}; - zone "yong.com" IN {
type master;
file "yong.com.zone";
allow-update { none; };
}; - zone "june.com" IN {
type master;
file "june.com.zone";
allow-update { none; };
}; - zone "jmg.co.kr" IN {
type master;
file "jmg.co.kr.zone";
allow-update { none; };
}; - zone "sungki.com" IN {
type master;
file "sungki.com.zone";
allow-update { none; };
}; - zone "cho.com" IN {
type master;
file "cho.com.zone";
allow-update { none; };
}; - zone "kaian.com" IN {
type master;
file "kaian.com.zone";
allow-update { none; };
}; - zone "zz.com" IN {
type master;
file "zz.com.zone";
allow-update { none; };
}; - zone "aaa.com" IN {
type master;
file "aaa.com.zone";
allow-update { none; };
}; - zone "yju.com" IN {
type master;
file "yju.com.zone";
allow-update { none; };
}; - # zone "2.10.10.in-addr.arpa" IN {
# type master;
# file "zonefile/10.10.2.rzone";
# allow-update { 10.10.2.228; };
# }; - zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
type master;
file "named.ip6.local";
allow-update { none; };
}; - zone "255.in-addr.arpa" IN {
type master;
file "named.broadcast";
allow-update { none; };
}; - zone "0.in-addr.arpa" IN {
type master;
file "named.zero";
allow-update { none; };
}; - include "/etc/rndc.key";
# include "conf/primary.conf";
# include "conf/secondary.conf";
History
Last edited on 11/13/2008 19:12 by 한휴리
Comments (0)