在这种情况下，我们可以设置一张拒绝列表，阻止垃圾邮件。

# vi /etc/postfix/main.cf

找到或者添加 smtpd_sender_restrictions 项

smtpd_sender_restrictions = reject_unknown_sender_domain reject_non_fqdn_sender hash:/etc/postfix/reject_sender

然后在/etc/postfix/新建 reject_sender文件，添加您想阻止的服务器，或者送信地址

linux@hogehoge.com
hogehoge.org

这样,linux@hogehoge.com来的邮件，或者从服务器hogehoge.org来的邮件都会被阻止了

有些时候由于我们的一些疏忽，或者犯一些小错误，可能会导致致命的系统瘫痪。

前些日子我就碰到过这样的例子，客户添加一个用户test，因为是测试用户，准备用完就删除，所以没有设置密码。

后来经过一连串的操作之后，忘了删除这个没有密码的test用户。

噩梦从此就开始了。

他的邮件服务器被盗用了，利用test@****.com海量往外发邮件，

骇客放了2000多万封垃圾广告邮件在他的待发邮件队列里面。

这样别说几天，可能一个月都发不完，就算发完了，骇客又会把新的垃圾邮件放到队列中。

照成的后果就是，公司正式的邮件没有发出去的日子，

并且这样疯狂的发垃圾邮件的话，会被google，yahoo等巨头列为黑名单，以后所有从@****.com发送的邮件都会被拒收。

当我们使用outlook，thunderbird等软件从外部连接服务器时，用户名与密码有可能被盗，所以给他们加密是有必要的。这里的加密只是在使用客户端与服务器之间，与别人的服务器之间的通信并没有加密。

1 制作SSL证书

[root@srv certs]# cd /etc/pki/tls/certs/  ←　跳转到certs
[root@srv certs]# make dragreen.pem       ←　服务器证书生成
umask 77 ; \
        PEM1=`/bin/mktemp /tmp/openssl.XXXXXX` ; \
        PEM2=`/bin/mktemp /tmp/openssl.XXXXXX` ; \
        /usr/bin/openssl req -utf8 -newkey rsa:2048 -keyout $PEM1 -nodes -x509 -days 365 -out $PEM2 -set_serial 0 ; \
        cat $PEM1 >  dragreen.pem ; \
        echo ""    >> dragreen.pem ; \
        cat $PEM2 >> dragreen.pem ; \
        rm -f $PEM1 $PEM2
Generating a 2048 bit RSA private key
.............+++
....+++
writing new private key to '/tmp/openssl.EhqMMH'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:CN  ← 国家名
State or Province Name (full name) []:Shanghai  ← 省份
Locality Name (eg, city) [Default City]:Gaoxinqu  ← 市区
Organization Name (eg, company) [Default Company Ltd]:Dragreen  ← 公司名
Organizational Unit Name (eg, section) []:
Common Name (eg, your name or your server's hostname) []:srv.dragreen.com  ← 主机域名   
Email Address []:admin@dragreen.com  ← 管理者邮箱地址
[root@srv certs]# ls -lh dragreen.pem  ← 查看是否生成了证书
-rw------- 1 root root 3.1K 11月 30 16:27 2013 dragreen.pem
[root@srv certs]# 

2 修改配置文件
修改/etc/postfix/main.cf　文件的最后面添加SSL加密功能

[root@srv certs]# vim /etc/postfix/main.cf
#
sample_directory = /usr/share/doc/postfix-2.6.6/samples

# readme_directory: The location of the Postfix README files.
#
readme_directory = /usr/share/doc/postfix-2.6.6/README_FILES

smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination
message_size_limit = 10485760

smtpd_use_tls = yes  ←  添加
smtpd_tls_cert_file = /etc/pki/tls/certs/dragreen.pem  ←  添加
smtpd_tls_key_file = /etc/pki/tls/certs/dragreen.pem   ←  添加
smtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_scache   ←  添加

修改 /etc/postfix/master.cf

vi /etc/postfix/master.cf
# Do not forget to execute "postfix reload" after editing this file.
#
# ==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (yes)   (never) (100)
# ==========================================================================
smtp      inet  n       -       n       -       -       smtpd
#submission inet n       -       n       -       -       smtpd
#  -o smtpd_tls_security_level=encrypt
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#  -o milter_macro_daemon_name=ORIGINATING
smtps     inet  n       -       n       -       -       smtpd    ←　去掉头部的#
  -o smtpd_tls_wrappermode=yes                                   ←　去掉头部的#
  -o smtpd_sasl_auth_enable=yes                                  ←　去掉头部的#
#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#  -o milter_macro_daemon_name=ORIGINATING
#628      inet  n       -       n       -       -       qmqpd
pickup    fifo  n       -       n       60      1       pickup
cleanup   unix  n       -       n       -       0       cleanup
qmgr      fifo  n       -       n       300     1       qmgr
#qmgr     fifo  n       -       n       300     1       oqmgr
tlsmgr    unix  -       -       n       1000?   1       tlsmgr   ←　去掉头部的#
rewrite   unix  -       -       n       -       -       trivial-rewrite
bounce    unix  -       -       n       -       0       bounce
defer     unix  -       -       n       -       0       bounce
trace     unix  -       -       n       -       0       bounce
verify    unix  -       -       n       -       1       verify
flush     unix  n       -       n       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
proxywrite unix -       -       n       -       1       proxymap
smtp      unix  -       -       n       -       -       smtp

修改 /etc/dovecot/conf.d/10-ssl.conf

[root@srv certs]# vim /etc/dovecot/conf.d/10-ssl.conf
##
## SSL settings
##

# SSL/TLS support: yes, no, required. <doc/wiki/SSL.txt>
ssl = yes  ←　去掉#，使ssl有效

# PEM encoded X.509 SSL/TLS certificate and private key. They're opened before
# dropping root privileges, so keep the key file unreadable by anyone but
# root. Included doc/mkcert.sh can be used to easily generate self-signed
# certificate, just make sure to update the domains in dovecot-openssl.cnf
ssl_cert = </etc/pki/tls/certs/dragreen.pem  ← 指定证明书
ssl_key = </etc/pki/tls/certs/dragreen.pem   ← 指定证明书

# If key file is password protected, give the password here. Alternatively
# give it when starting dovecot with -p parameter. Since this file is often
# world-readable, you may want to place this setting instead to a different
# root owned 0600 file by using ssl_key_password = <path.
#ssl_key_password =

修改 /etc/dovecot/dovcot.conf

## Dovecot configuration file

# If you're in a hurry, see http://wiki.dovecot.org/QuickConfiguration

# "doveconf -n" command gives a clean output of the changed settings. Use it
# instead of copy&pasting files when posting to the Dovecot mailing list.

# '#' character and everything after it is treated as comments. Extra spaces
# and tabs are ignored. If you want to use either of these explicitly, put the
# value inside quotes, eg.: key = "# char and trailing whitespace  "

# Default values are shown for each setting, it's not required to uncomment
# those. These are exceptions to this though: No sections (e.g. namespace {})
# or plugin settings are added by default, they're listed only as examples.
# Paths are also just examples with the real defaults being based on configure
# options. The paths listed here are for configure --prefix=/usr
# --sysconfdir=/etc --localstatedir=/var

# Protocols we want to be serving.
protocols = imap pop3   　←　虽然我们使用imaps和pop3s，但是dovecot设置不用加上这两个，否则反而在重启时发生错误。

# A comma separated list of IPs or hosts where to listen in for connections. 
# "*" listens in all IPv4 interfaces, "::" listens in all IPv6 interfaces.
# If you want to specify non-default ports or anything more complex,
# edit conf.d/master.conf.
#listen = *, ::
listen = *   　←　 添加这一行

# Base directory where to store runtime data.
#base_dir = /var/run/dovecot/

# Greeting message for clients.
#login_greeting = Dovecot ready.

修改 /etc/dovecot/conf.d/10-master.conf

# login user, so that login processes can't disturb other processes.
#default_internal_user = dovecot

service imap-login {
  inet_listener imap {
    port = 143  　←　打开imap端口
  }
  inet_listener imaps {  ←　允许imaps，允许ssl
    port = 993
    ssl = yes
  }

  # Number of connections to handle before starting a new process. Typically
  # the only useful values are 0 (unlimited) or 1. 1 is more secure, but 0
  # is faster. <doc/wiki/LoginProcess.txt>
  #service_count = 1

  # Number of processes to always keep waiting for more connections.
  #process_min_avail = 0

  # If you set service_count=0, you probably need to grow this.
  #vsz_limit = 64M
}

service pop3-login {  　←　允许pop3，使ssl设置为yes，打开995端口
  inet_listener pop3 {
    port = 110  
  }
  inet_listener pop3s {  　←　允许pop3s
    port = 995
    ssl = yes
  }
}

注意，使imaps与pop3s有效，ssl前面的#去掉，不然dovecot有可能重启重启不了。

3 设置防火墙，打开 995，465，993，143端口

[root@srv certs]# vim /etc/sysconfig/iptables
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 20022 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 443 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 25 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 465 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 110 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 995 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 143 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 993 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 11211 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT

确认143,995,993,465端口被开放。

4 重新启动postfix，dovecot

[root@srv ~]# /etc/rc.d/init.d/postfix restart
postfix を停止中:                                          [  OK  ]
postfix を起動中:                                          [  OK  ]
[root@srv ~]# /etc/rc.d/init.d/dovecot restart
Dovecot Imap を停止中:                                     [  OK  ]
Dovecot Imap を起動中:                                     [  OK  ]
[root@srv ~]# 

结束，谢谢阅读！！

１ 添加安装cyrus-sasl-mdb5。
CentOS6中默认没有安装cyrus-sasl-mdb5,没有这个包的话，邮件服务器认证功能有时不能顺利安装。当然你也可以把cyru-sasl的包全部安装上。

[root@srv ~]# rpm -qa | grep "cyrus-sasl"
cyrus-sasl-devel-2.1.23-13.el6_3.1.x86_64
cyrus-sasl-md5-2.1.23-13.el6_3.1.x86_64
cyrus-sasl-gssapi-2.1.23-13.el6_3.1.x86_64
cyrus-sasl-ntlm-2.1.23-13.el6_3.1.x86_64
cyrus-sasl-2.1.23-13.el6_3.1.x86_64
cyrus-sasl-lib-2.1.23-13.el6_3.1.x86_64
cyrus-sasl-sql-2.1.23-13.el6_3.1.x86_64
cyrus-sasl-ldap-2.1.23-13.el6_3.1.x86_64
cyrus-sasl-plain-2.1.23-13.el6_3.1.x86_64
[root@srv ~]# 

如果上面没有出现”cyrus-sasl-md5-2.******”的话(******是版本号)，执行以下命令。

yum install -y cyrus-sasl*

2 更改/etc/postfix/main.cf文件

vi /etc/postfix/main.cf

在最后加上如下三行。

smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination

3 启动saslauthd服务

[root@centos ~]# /etc/rc.d/init.d/saslauthd start　←　saslauthd 启动
[root@centos ~]# chkconfig saslauthd on　←　saslauthd 设置为自动启动

4 重新启动postfix，dovecot

/etc/rc.d/init.d/postfix restart
/etc/rc.d/init.d/dovecot restart

6 测试sasl

[root@srv ~]# perl -MMIME::Base64 -e 'print encode_base64("\000sai\000sai1111");'   ←　用户名与密码编码成Base64的字符串
AHNhaQBxanJvbmc1NjQz   ←　生成 Base64的字符串
[root@srv ~]# telnet localhost smtp
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 srv.dragreen.com ESMTP unknown
EHLO localhost
250-srv.dragreen.com
250-PIPELINING
250-SIZE 10485760
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH LOGIN PLAIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
AUTH PLAIN AHNhaQBxanJvbmc1NjQz  ←　认证用户名密码（上面生成的Base64码字符串）
235 2.7.0 Authentication successful
quit
221 2.0.0 Bye
Connection closed by foreign host.
[root@srv ~]# 

Authentication successful 说明我们的认证成功了。
注意：1.这里的用户与密码是第一步中添加的用户名与密码。这里Base64 encode只是编码，并未加密，即我们的用户名：密码还不是安全的。
2.这里我们的认证用户名与密码采用的是系统的用户名与密码，如果要用与系统不同的用户名密码的话，请用saslpasswd2等命令实现。

第二步结束，谢谢阅览！！

第一步：单纯架设postfix，dovecot服务器，实现邮件收发功能。

第二步：防止邮件被恶意中转发邮件，实现用户认证功能。

第三步：防止用户名：密码被盗，用自己发行的SSL进行加密。

CentOS6上架设(postfix+dovecot+ssl)邮件服务器三部曲之收发邮件

1.  配置postfix
CentOS6中postfix被默认安装，并且开机启动。我们只要配置 /etc/postfix/main.cf  就可以了

[root@srv ~]# vi /etc/postfix/main.cf　← 设置postfix的配置文件
# INTERNET HOST AND DOMAIN NAMES
#
# The myhostname parameter specifies the internet hostname of this
# mail system. The default is to use the fully-qualified domain name
# from gethostname(). $myhostname is used as a default value for many
# other configuration parameters.
#
#myhostname = host.domain.tld
#myhostname = virtual.domain.tld
myhostname = srv.dragreen.com　←　添加服务器FQND名

# The mydomain parameter specifies the local internet domain name.
# The default is to use $myhostname minus the first component.
# $mydomain is used as a default value for many other configuration
# parameters.
#
#mydomain = domain.tld
mydomain = dragreen.com　←　添加域名

# SENDING MAIL
#
# The myorigin parameter specifies the domain that locally-posted
# mail appears to come from. The default is to append $myhostname,
# which is fine for small sites.  If you run a domain with multiple
# machines, you should (1) change this to $mydomain and (2) set up
# a domain-wide alias database that aliases each user to
# user@that.users.mailhost.
#
# For the sake of consistency between sender and recipient addresses,
# myorigin also specifies the default domain name that is appended
# to recipient addresses that have no @domain part.
#
#myorigin = $myhostname
#myorigin = $mydomain
myorigin = $mydomain　←　添加内部测试用域名，例如 telnet localhost smtp 用sai 向外面送信时，自动将变为sai@dragreen.com

# The inet_interfaces parameter specifies the network interface
# addresses that this mail system receives mail on.  By default,
# the software claims all active interfaces on the machine. The
# parameter also controls delivery of mail to user@[ip.address].
#
# See also the proxy_interfaces parameter, for network addresses that
# are forwarded to us via a proxy or network address translator.
#
# Note: you need to stop/start Postfix when this parameter changes.
#
#inet_interfaces = all
#inet_interfaces = $myhostname
#inet_interfaces = $myhostname, localhost
inet_interfaces = localhost
↓
inet_interfaces = all　←　设置允许受到外面的来信

# The mydestination parameter specifies the list of domains that this# machine considers itself the final destination for.
#
# These domains are routed to the delivery agent specified with the
# local_transport parameter setting. By default, that is the UNIX
# compatible delivery agent that lookups all recipients in /etc/passwd
# and /etc/aliases or their equivalent.
#
# The default is $myhostname + localhost.$mydomain.  On a mail domain
# gateway, you should also include $mydomain.
#
# Do not specify the names of virtual domains - those domains are
# specified elsewhere (see VIRTUAL_README).
#
# Do not specify the names of domains that this machine is backup MX
# host for. Specify those names via the relay_domains settings for
# the SMTP server, or use permit_mx_backup if you are lazy (see
# STANDARD_CONFIGURATION_README).
#
# The local machine is always the final destination for mail addressed
# to user@[the.net.work.address] of an interface that the mail system
# receives mail on (see the inet_interfaces parameter).
#
# Specify a list of host or domain names, /file/name or type:table
# patterns, separated by commas and/or whitespace. A /file/name
# pattern is replaced by its contents; a type:table is matched when
# a name matches a lookup key (the right-hand side is ignored).
# Continue long lines by starting the next line with whitespace.
#
# See also below, section "REJECTING MAIL FOR UNKNOWN LOCAL USERS".
#
mydestination = $myhostname, localhost.$mydomain, localhost
↓
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain　←　来自自己域名的邮件也可以收信
#mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
#mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain,
#       mail.$mydomain, www.$mydomain, ftp.$mydomain

# DELIVERY TO MAILBOX
#
# The home_mailbox parameter specifies the optional pathname of a
# mailbox file relative to a user's home directory. The default
# mailbox file is /var/spool/mail/user or /var/mail/user.  Specify
# "Maildir/" for qmail-style delivery (the / is required).
#
#home_mailbox = Mailbox
#home_mailbox = Maildir/
home_mailbox = Maildir/　←　将邮件箱的形式设置为 Maildir格式

# SHOW SOFTWARE VERSION OR NOT
#
# The smtpd_banner parameter specifies the text that follows the 220
# code in the SMTP server's greeting banner. Some people like to see
# the mail version advertised. By default, Postfix shows no version.
#
# You MUST specify $myhostname at the start of the text. That is an
# RFC requirement. Postfix itself does not care.
#
#smtpd_banner = $myhostname ESMTP $mail_name
#smtpd_banner = $myhostname ESMTP $mail_name ($mail_version)
smtpd_banner = $myhostname ESMTP unknown　←　送信时屏蔽邮件服务器软件名称

message_size_limit = 10485760　←　添加到最后，设置邮件大小不超过10M

2. 安装配置Dovecot
安装

[root@srv ~]# yum install -y dovecot

配置10-mail.conf

[root@centos ~]# vi /etc/dovecot/conf.d/10-mail.conf　←　10-mail.conf配置
# Location for users' mailboxes. The default is empty, which means that Dovecot
# tries to find the mailboxes automatically. This won't work if the user
# doesn't yet have any mail, so you should explicitly tell Dovecot the full
# location.
#
# If you're using mbox, giving a path to the INBOX file (eg. /var/mail/%u)
# isn't enough. You'll also need to tell Dovecot where the other mailboxes are
# kept. This is called the "root mail directory", and it must be the first
# path given in the mail_location setting.
#
# There are a few special variables you can use, eg.:
#
#   %u - username
#   %n - user part in user@domain, same as %u if there's no domain
#   %d - domain part in user@domain, empty if there's no domain
#   %h - home directory
#
# See doc/wiki/Variables.txt for full list. Some examples:
#
#   mail_location = maildir:~/Maildir
#   mail_location = mbox:~/mail:INBOX=/var/mail/%u
#   mail_location = mbox:/var/mail/%d/%1n/%n:INDEX=/var/indexes/%d/%1n/%n
#
#
#
#mail_location =
mail_location = maildir:~/Maildir　←　添加邮箱盒子的形式为Maildir

# ':' separated list of directories under which chrooting is allowed for mail
# processes (ie. /var/mail will allow chrooting to /var/mail/foo/bar too).
# This setting doesn't affect login_chroot, mail_chroot or auth chroot
# settings. If this setting is empty, "/./" in home dirs are ignored.
# WARNING: Never add directories here which local users can modify, that
# may lead to root exploit. Usually this should be done only if you don't

配置10-auth.conf

[root@centos ~]# vi /etc/dovecot/conf.d/10-auth.conf　←　10-auth.conf配置
# Disable LOGIN command and all other plaintext authentications unless
# SSL/TLS is used (LOGINDISABLED capability). Note that if the remote IP
# matches the local IP (ie. you're connecting from the same computer), the
# connection is considered secure and plaintext authentication is allowed.
#disable_plaintext_auth = yes
disable_plaintext_auth = no　←　允许平文认证

3. 添加用户时自动增加Maildir文件夹

[root@srv ~]# mkdir -p /etc/skel/Maildir/{new,cur,tmp}
[root@srv ~]# chmod -R 700 /etc/skel/Maildir/
[root@srv ~]# 

4. 添加不能登录系统的邮件用户

[root@srv ~]# useradd -s /sbin/nologin sai
[root@srv ~]# passwd sai

5. 配置防火墙，以开放25，110端口

# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 20022 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 443 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 25 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 465 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 110 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 995 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 143 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 993 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 11211 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT

这里只要25，110端口在上面的列表当中就可以。
设置完成后重新启动防火墙。

[root@srv ~]# /etc/rc.d/init.d/iptables restart

6. 送信收信测试

[root@srv ~]# telnet localhost smtp
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 srv.dragreen.com ESMTP unknown
ehlo localhost
250-srv.dragreen.com
250-PIPELINING
250-SIZE 10485760
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH LOGIN PLAIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
mail from:sai
250 2.1.0 Ok
rcpt to:k.dragreen@gmail.com
250 2.1.5 Ok
data
354 End data with .
From sai@dragreen.com
Subject:test mail by dragreen
Hello Sai
this is a test mail by Sai
.
250 2.0.0 Ok: queued as D8AEE100666
quit
221 2.0.0 Bye
Connection closed by foreign host.
[root@srv ~]#

上Gmail邮箱确认以下看看，是否收到刚才的发送的邮件。

OK，邮件成功收到了。

现在在Gmail上回信，看看我们的服务器能不能收到回信。

[root@srv ~]# ls /home/sai/Maildir/new/
1385709224.Vfd02I2300010M95868.srv.dragreen.com

我们的邮箱盒子里来了一封新邮件，看看是不是刚才的回信

[root@srv ~]# telnet localhost pop3
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
+OK Dovecot ready.
user sai
+OK
pass 1111111
+OK Logged in.
list
+OK 3 messages:
1 4621
2 4600
3 2579
.
retr 3
+OK 2579 octets
Return-Path: <k.dragreen@gmail.com>
X-Original-To: sai@dragreen.com
Delivered-To: sai@dragreen.com
Received: from mail-vb0-f44.google.com (mail-vb0-f44.google.com [209.85.212.44])
	by srv.dragreen.com (Postfix) with ESMTPS id AC044100666
	for <sai@dragreen.com>; Fri, 29 Nov 2013 16:13:43 +0900 (JST)
Received: by mail-vb0-f44.google.com with SMTP id w20so6533151vbb.31
        for <sai@dragreen.com>; Thu, 28 Nov 2013 23:13:45 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:in-reply-to:references:date:message-id:subject:from:to
         :content-type;
        bh=5BM5T8oR1M5C1OV7WCY1bpJjBwPlppbAyOtoDNH5xss=;
        b=mFAhbkDv5y5Q45KOqybKbpl/s3Ou0X3s+59aZmNVG1866xTdFm6Zd9ras65Spv7kpR
         5et7BWIh8z4wcD91/E+J+8EHup+erHoevl0euBB1WjfcDAUaqXqwTdXlxX06lsPU0q7z
         D0ReSeQjhv0F9UAxJLDKae5pxRn08jwE7DDnXUHFySN6rsoWqqBcd5rLNG9bmSU+nQf8
         iISZluRVufID1mrMgnstcXGK98zU6gh0jkcIB3fegOYNaiyRBI0V4ORHXrPGXeaEKpKl
         dj8mP7xlKP6loO77MUBnkZr7rGSBsTVcekqvtE/VXmM5QWnFT1tWvTnemsDYZS6LosUy
         /kBQ==
MIME-Version: 1.0
X-Received: by 10.58.255.233 with SMTP id at9mr21370614ved.20.1385709225372;
 Thu, 28 Nov 2013 23:13:45 -0800 (PST)
Received: by 10.220.75.207 with HTTP; Thu, 28 Nov 2013 23:13:45 -0800 (PST)
In-Reply-To: <20131129065903.D8AEE100666@srv.dragreen.com>
References: <20131129065903.D8AEE100666@srv.dragreen.com>
Date: Fri, 29 Nov 2013 16:13:45 +0900
Message-ID: <CAC4rMpYmXAoArqVHVJOfXpHsiiXGW9GYpzc2aOODv_Oxz-08wg@mail.gmail.com>
Subject: Re: test mail by dragreen
From: kaiei sai <k.dragreen@gmail.com>
To: sai@dragreen.com
Content-Type: multipart/alternative; boundary=047d7bf15fc823fe3f04ec4b9266

--047d7bf15fc823fe3f04ec4b9266
Content-Type: text/plain; charset=ISO-8859-1

Dear Dragreen,

thank you for your mail.


2013/11/29 <sai@dragreen.com>

> Hello Sai
> this is a test mail by Sai
>

--047d7bf15fc823fe3f04ec4b9266
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr">Dear Dragreen,<div><br></div><div>thank you for your mail.=
</div></div><div class=3D"gmail_extra"><br><br><div class=3D"gmail_quote">2=
013/11/29  <span dir=3D"ltr">&lt;<a href=3D"mailto:sai@dragreen.com" target=
=3D"_blank">sai@dragreen.com</a>&gt;</span><br>
<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1p=
x #ccc solid;padding-left:1ex">Hello Sai<br>
this is a test mail by Sai<br>
</blockquote></div><br></div>

--047d7bf15fc823fe3f04ec4b9266--
.

OK,这封邮件确实是我们刚才回信的邮件，成功！

谢谢阅读！！！