我在将 CentOS7 配置为使用 Windows Server 作为 DNS 的邮件服务器时遇到问题,无法找出问题所在。邮件服务器和 Windows 服务器连接到设置为路由器的 centOS。以下是 centOS 外部和 Linux 服务器的 iptables 规则
Linux 服务器
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
11307 7356K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
1 52 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
21 1392 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT 14630 packets, 3635K bytes)
pkts bytes target prot opt in out source destination
[root@az-ls13 tcattral]#
Linux 路由器
Chain INPUT (policy DROP 29 packets, 2088 bytes)
pkts bytes target prot opt in out source destination
54745 45M ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
195 14820 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:123
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:2113
10 520 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22
6277 1270K ACCEPT all -- * * 168.63.129.16 0.0.0.0/0
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:53
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:53
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:53
Chain FORWARD (policy DROP 154 packets, 8176 bytes)
pkts bytes target prot opt in out source destination
22786 4584K ACCEPT tcp -- * * 172.16.13.4 0.0.0.0/0 tcp spt:3389
22527 1460K ACCEPT tcp -- * * 0.0.0.0/0 172.16.13.4 tcp dpt:3389
16783 1041K ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22
10392 1559K ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:22
33 1971 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80
16 1068 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:80
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 21,9990:10000
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport sports 21,9990:10000
0 0 ACCEPT tcp -- * * 0.0.0.0/0 172.16.13.4 tcp dpt:53
0 0 ACCEPT tcp -- * * 172.16.13.4 0.0.0.0/0 tcp spt:53
384 27511 ACCEPT udp -- * * 0.0.0.0/0 172.16.13.4 udp dpt:53
384 61432 ACCEPT udp -- * * 172.16.13.4 0.0.0.0/0 udp spt:53
0 0 ACCEPT tcp -- * * 0.0.0.0/0 172.16.13.5 tcp spt:25 dpt:25
0 0 ACCEPT tcp -- * * 0.0.0.0/0 172.16.13.5 tcp spt:143 dpt:143
0 0 ACCEPT tcp -- * * 0.0.0.0/0 172.16.13.5 tcp spt:3306 dpt:3306
Chain OUTPUT (policy ACCEPT 7294 packets, 1249K bytes)
pkts bytes target prot opt in out source destination
56429 17M ACCEPT all -- * * 0.0.0.0/0 168.63.129.16
postfix/main.cf 配置
mydomain = mail.tcattral.com myorigin = $mydomain inet_interfaces = all mydestination = $mydomain, $myhostname, localhost.$mydomain, localhost mailbox_command = /usr/libexec/dovecot/dovecot -lda -f "$SENDER" -a "$RECIPIENT"
dovecot 配置
/dovecot/dovecot.conf 协议 = imap
/dovecot/conf.d/10-ssl.conf ssl = 是
/dovecot/conf.d/10-auth.conf disable_plaintext_auth = no
/dovecot/conf.d/10-mail.conf mail_location = maildir:~/Maildir
具有 Thunderbird 网络配置的 Windows 客户端
Windows IP Configuration
Host Name . . . . . . . . . . . . : az-wc13
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
Ethernet adapter Ethernet:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Hyper-V Network Adapter
Physical Address. . . . . . . . . : 00-0D-3A-1C-8D-02
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::c8e5:ad5e:1856:b43d%5(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.13.4(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.13.1
DHCPv6 IAID . . . . . . . . . . . : 100666682
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-27-B4-7E-5C-00-0D-3A-1C-8D-02
DNS Servers . . . . . . . . . . . : 172.16.13.4
NetBIOS over Tcpip. . . . . . . . : Enabled
Windows 服务器网络配置
Windows IP Configuration
Host Name . . . . . . . . . . . . : az-ws13
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
Ethernet adapter Ethernet:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Hyper-V Network Adapter
Physical Address. . . . . . . . . : 00-0D-3A-16-94-72
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::848d:f887:5e5:7c68%6(Preferred)
IPv4 Address. . . . . . . . . . . : 172.16.13.4(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 172.16.13.1
DHCPv6 IAID . . . . . . . . . . . : 100666682
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-27-B2-C9-C1-00-0D-3A-16-94-72
DNS Servers . . . . . . . . . . . : 172.16.13.4
8.8.8.8
NetBIOS over Tcpip. . . . . . . . : Enabled
答案1
我发现问题在于 iptables 规则阻止了 apache、imap、smtp 和 mysql。