Zoo siab txais tos! Niaj hnub no peb yuav qhia koj yuav ua li cas ua qhov pib nqis ntawm lub rooj vag xa ntawv - Fortinet email kev ruaj ntseg daws teeb meem. Nyob rau hauv tsab xov xwm peb yuav saib cov layout peb yuav ua hauj lwm nrog thiab ua tus configuration , tsim nyog rau kev txais thiab xyuas cov ntawv, thiab peb tseem yuav sim nws qhov kev ua tau zoo. Raws li peb cov kev paub dhau los, peb tuaj yeem hais yam xyuam xim tias cov txheej txheem yooj yim heev, thiab txawm tias tom qab kev teeb tsa tsawg heev koj tuaj yeem pom cov txiaj ntsig.
Cia peb pib nrog qhov kev teeb tsa tam sim no. Nws muaj nyob rau hauv daim duab hauv qab no.
Ntawm sab xis peb pom tus neeg siv sab nraud lub computer, uas peb yuav xa ntawv mus rau tus neeg siv ntawm lub network sab hauv. Lub network sab hauv muaj tus neeg siv lub khoos phis tawj, tus tswj hwm sau npe nrog DNS server khiav ntawm nws, thiab xa ntawv xa mus. Nyob rau ntawm ntug ntawm lub network muaj firewall - FortiGate, lub ntsiab feature ntawm uas yog los teeb tsa SMTP thiab DNS kev xa mus.
Cia peb them tshwj xeeb rau DNS.
Muaj ob cov ntaub ntawv DNS siv los xa email hauv Is Taws Nem-cov ntaub ntawv A thiab MX cov ntaub ntawv. Feem ntau, cov ntaub ntawv DNS no tau teeb tsa ntawm pej xeem DNS neeg rau zaub mov, tab sis vim muaj kev txwv layout, peb tsuas xa DNS los ntawm firewall (uas yog, tus neeg siv sab nraud muaj qhov chaw nyob 10.10.30.210 sau npe ua DNS server).
MX cov ntaub ntawv yog cov ntaub ntawv uas muaj lub npe ntawm tus xa ntawv xa tuaj rau lub npe, nrog rau qhov tseem ceeb ntawm tus xa ntawv xa ntawv no. Hauv peb cov ntaub ntawv nws zoo li no: test.local -> mail.test.local 10.
Cov ntaub ntawv yog cov ntaub ntawv uas hloov lub npe sau rau hauv qhov chaw nyob IP, rau peb nws yog: mail.test.local -> 10.10.30.210.
Thaum peb cov neeg siv sab nraud sim xa email rau [email tiv thaiv], nws yuav nug nws DNS MX server rau test.local sau cov ntaub ntawv. Peb lub DNS server yuav teb nrog lub npe ntawm tus xa ntawv - mail.test.local. Tam sim no tus neeg siv yuav tsum tau txais IP chaw nyob ntawm tus neeg rau zaub mov no, yog li nws rov nkag mus rau DNS rau A cov ntaub ntawv thiab tau txais IP chaw nyob 10.10.30.210 (yog, nws dua :) ). Koj tuaj yeem xa ib tsab ntawv. Yog li ntawd, nws sim tsim kom muaj kev sib txuas rau qhov chaw nyob IP tau txais ntawm qhov chaw nres nkoj 25. Siv cov cai ntawm firewall, qhov kev sib txuas no raug xa mus rau tus neeg xa ntawv.
Cia peb kuaj xyuas qhov ua haujlwm ntawm kev xa ntawv hauv lub xeev tam sim no ntawm kev teeb tsa. Txhawm rau ua qhov no, peb yuav siv cov khoom siv swaks ntawm tus neeg siv sab nraud lub computer. Nrog nws cov kev pab, koj tuaj yeem kuaj qhov ua tau zoo ntawm SMTP los ntawm kev xa tus neeg txais tsab ntawv nrog cov txheej txheem ntau yam. Yav dhau los, tus neeg siv nrog lub mailbox twb tau tsim nyob rau hauv mail server [email tiv thaiv]. Cia peb sim xa nws tsab ntawv:
Tam sim no cia peb mus rau tus neeg siv lub tshuab sab hauv thiab xyuas kom meej tias tsab ntawv tuaj txog:
Tsab ntawv tau tuaj txog (nws tseem ceeb hauv daim ntawv teev npe). Qhov no txhais tau tias qhov layout ua haujlwm raug. Tam sim no yog lub sijhawm txav mus rau FortiMail. Cia peb ntxiv rau peb layout:
FortiMail tuaj yeem xa mus rau hauv peb hom:
- Gateway - ua raws li MTA tag nrho: nws siv tag nrho cov ntawv xa tuaj, xyuas nws, thiab tom qab ntawd xa mus rau tus xa ntawv xa ntawv;
- Pob tshab - los yog ua lwm yam lus, pob tshab hom. Nws yog ntsia rau pem hauv ntej ntawm tus neeg rau zaub mov thiab xyuas cov ntawv xa tuaj thiab tawm. Tom qab ntawd, nws xa mus rau lub server. Tsis xav tau kev hloov pauv rau lub network configuration.
- Server - nyob rau hauv cov ntaub ntawv no, FortiMail yog ib tug tag nrho-fledged mail server nrog lub peev xwm los tsim mailboxes, txais thiab xa ntawv, nrog rau lwm yam functionality.
Peb yuav xa FortiMail hauv Gateway hom. Cia peb mus rau qhov chaw virtual tshuab. ID nkag mus yog admin, tsis muaj lo lus zais tau teev tseg. Thaum koj nkag rau hauv thawj zaug, koj yuav tsum teeb tus password tshiab.
Tam sim no cia peb teeb tsa lub tshuab virtual kom nkag mus rau lub vev xaib interface. Nws tseem yuav tsum tau hais tias lub tshuab muaj kev siv Internet. Cia peb teeb lub interface. Peb tsuas xav tau port1. Nrog nws cov kev pab peb yuav txuas mus rau lub web interface, thiab nws kuj yuav siv tau rau hauv Internet. Kev nkag mus rau Is Taws Nem yog xav tau los hloov kho cov kev pab cuam (cov npe tiv thaiv kab mob, thiab lwm yam). Rau configuration, sau cov lus txib:
config system interface
kho qhov chaw nres nkoj 1
teeb ip 192.168.1.40 255.255.255.0
teeb tso cai nkag mus https http ssh ping
kawg
Tam sim no cia peb configure routing. Txhawm rau ua qhov no koj yuav tsum nkag mus rau cov lus txib hauv qab no:
config system txoj kev
kho 1
teeb rooj vag 192.168.1.1
teeb interface port1
kawg
Thaum nkag mus rau cov lus txib, koj tuaj yeem siv cov tab kom tsis txhob ntaus lawv tag nrho. Tsis tas li ntawd, yog tias koj tsis nco qab qhov lus txib yuav tsum los tom ntej, koj tuaj yeem siv tus yuam sij "?".
Tam sim no cia saib koj qhov kev sib txuas hauv Is Taws Nem. Txhawm rau ua qhov no, cia peb ping Google DNS:
Raws li koj tau pom, tam sim no peb muaj Internet. Thawj qhov teeb tsa raug rau txhua yam khoom siv Fortinet tau ua tiav, thiab tam sim no koj tuaj yeem mus rau kev teeb tsa ntawm lub vev xaib interface. Txhawm rau ua qhov no, qhib nplooj ntawv tswj hwm:
Thov nco ntsoov tias koj yuav tsum ua raws li qhov txuas hauv hom ntawv /admin. Txwv tsis pub, koj yuav tsis tuaj yeem nkag mus rau nplooj ntawv tswj hwm. Los ntawm lub neej ntawd, nplooj ntawv yog nyob rau hauv tus qauv configuration hom. Rau kev teeb tsa peb xav tau Advanced hom. Cia peb mus rau admin-> Saib cov ntawv qhia zaub mov thiab hloov hom mus rau Advanced:
Tam sim no peb yuav tsum rub tawm daim ntawv tso cai sim. Qhov no tuaj yeem ua tiav hauv cov ntawv qhia zaub mov Daim ntawv tso cai → VM → Hloov tshiab:
Yog tias koj tsis muaj daim ntawv tso cai sim, koj tuaj yeem thov ib qho los ntawm kev tiv tauj .
Tom qab nkag mus rau daim ntawv tso cai, lub cuab yeej yuav tsum reboot. Nyob rau hauv lub neej yav tom ntej, nws yuav pib rub hloov tshiab rau nws cov databases los ntawm cov servers. Yog tias qhov no tsis tshwm sim, koj tuaj yeem mus rau System → FortiGuard cov ntawv qhia zaub mov thiab hauv Antivirus, Antispam tabs nyem rau ntawm lub pob hloov tshiab tam sim no.
Yog tias qhov no tsis pab, koj tuaj yeem hloov cov chaw nres nkoj siv rau kev hloov tshiab. Feem ntau tom qab qhov no tag nrho cov ntawv tso cai tshwm sim. Thaum kawg nws yuav tsum zoo li no:
Cia peb teeb tsa lub sijhawm kom raug, qhov no yuav muaj txiaj ntsig zoo thaum kuaj xyuas cov cav. Txhawm rau ua qhov no, mus rau System → Configuration menu:
Peb kuj tseem yuav teeb tsa DNS. Peb yuav teeb tsa lub DNS server sab hauv raws li lub ntsiab DNS server, thiab tawm hauv DNS server muab los ntawm Fortinet ua tus thaub qab.
Tam sim no cia peb mus rau qhov kev lom zem. Raws li koj tau pom, lub cuab yeej tau teeb tsa rau Gateway hom los ntawm lub neej ntawd. Yog li ntawd, peb tsis tas yuav hloov nws. Cia peb mus rau Domain & User → Domain teb. Cia peb tsim ib lub npe tshiab uas yuav tsum tau tiv thaiv. Ntawm no peb tsuas yog yuav tsum tau qhia lub npe sau npe thiab chaw xa ntawv chaw nyob (koj tuaj yeem qhia nws lub npe sau npe, hauv peb rooj plaub mail.test.local):
Tam sim no peb yuav tsum muab lub npe rau peb lub rooj vag xa ntawv. Qhov no yuav siv rau hauv MX thiab A cov ntaub ntawv, uas peb yuav tsum tau hloov tom qab:
Los ntawm Lub Npe Lub Npe thiab Lub Zos Lub Npe Lub Npe, FQDN tau muab tso ua ke, uas yog siv rau hauv cov ntaub ntawv DNS. Hauv peb qhov xwm txheej, FQDN = fortimail.test.local.
Tam sim no cia peb teeb tsa txoj cai txais. Peb xav tau tag nrho cov emails uas tuaj ntawm sab nraud thiab raug xa mus rau tus neeg siv hauv lub npe kom xa mus rau tus xa ntawv xa mus. Ua li no, mus rau cov ntawv qhia zaub mov Txoj Cai → Access Control. Ib qho piv txwv teeb yog qhia hauv qab no:
Cia wb mus saib ntawm Txoj Cai Tau Txais Txoj Cai. Ntawm no koj tuaj yeem teeb tsa qee cov cai rau kev txheeb xyuas cov ntawv: yog tias xa ntawv los ntawm tus sau example1.com, koj yuav tsum tau xyuas nws nrog cov txheej txheem teeb tsa tshwj xeeb rau lub npe no. Muaj twb yog ib txoj cai nyob rau hauv tag nrho cov xa ntawv, thiab rau tam sim no nws suits peb. Koj tuaj yeem pom txoj cai no hauv daim duab hauv qab no:
Lub sijhawm no, kev teeb tsa ntawm FortiMail tuaj yeem suav tias ua tiav. Qhov tseeb, muaj ntau ntau qhov ua tau, tab sis yog tias peb pib xav txog lawv tag nrho, peb tuaj yeem sau ib phau ntawv :) Thiab peb lub hom phiaj yog tsim FortiMail hauv kev sim hom nrog kev siv zog tsawg.
Muaj ob yam tseem tshuav - hloov MX thiab A cov ntaub ntawv, thiab tseem hloov cov cai xa mus rau chaw nres nkoj ntawm firewall.
MX cov ntaub ntawv test.local -> mail.test.local 10 yuav tsum tau hloov mus rau test.local -> fortimail.test.local 10. Tab sis feem ntau thaum tsav tsheb cov ntaub ntawv MX thib ob nrog qhov tseem ceeb dua ntxiv. Piv txwv li:
test.local -> mail.test.local 10
test.local -> fortimail.test.local 5
Cia kuv ceeb toom rau koj tias qhov qis dua tus lej ntawm cov neeg xa ntawv nyiam hauv MX cov ntaub ntawv, qhov tseem ceeb dua.
Thiab qhov nkag tsis tuaj yeem hloov pauv, yog li peb tsuas yog tsim ib qho tshiab: fortimail.test.local -> 10.10.30.210. Tus neeg siv sab nraud yuav hu rau qhov chaw nyob 10.10.30.210 ntawm qhov chaw nres nkoj 25, thiab lub firewall yuav xa qhov txuas mus rau FortiMail.
Txhawm rau hloov txoj cai xa mus rau FortiGate, koj yuav tsum hloov qhov chaw nyob hauv cov khoom siv Virtual IP sib raug:
Txhua yam yog npaj txhij. Cia peb kuaj. Cia peb xa tsab ntawv rov los ntawm tus neeg siv sab nraud lub computer. Tam sim no cia peb mus rau FortiMail hauv Monitor → Logs menu. Hauv thaj chaw Keeb Kwm koj tuaj yeem pom cov ntaub ntawv uas tau txais tsab ntawv. Yog xav paub ntxiv, koj tuaj yeem right-click ntawm qhov nkag thiab xaiv Cov Lus Qhia:
Txhawm rau ua kom tiav daim duab, cia peb xyuas seb FortiMail hauv nws qhov kev teeb tsa tam sim no tuaj yeem thaiv cov email uas muaj spam thiab kab mob. Txhawm rau ua qhov no, peb yuav xa tus kab mob eicar kuaj thiab tsab ntawv kuaj pom nyob rau hauv ib qho ntawm spam mail databases (http://untroubled.org/spam/). Tom qab no, cia peb rov qab mus rau lub cav saib cov ntawv qhia zaub mov:
Raws li peb tuaj yeem pom, ob qho tib si spam thiab tsab ntawv nrog tus kab mob tau pom zoo.
Qhov kev teeb tsa no txaus los muab kev tiv thaiv yooj yim tiv thaiv kab mob thiab spam. Tab sis kev ua haujlwm ntawm FortiMail tsis txwv rau qhov no. Txhawm rau tiv thaiv kom zoo dua, koj yuav tsum kawm txog cov txheej txheem muaj thiab kho kom haum rau koj cov kev xav tau. Nyob rau hauv lub neej yav tom ntej, peb npaj yuav qhia txog lwm yam, ntau dua nta ntawm no mail gateway.
Yog tias koj muaj teeb meem lossis lus nug txog kev daws teeb meem, sau lawv hauv cov lus, peb yuav sim teb lawv sai.
Koj tuaj yeem xa daim ntawv thov rau daim ntawv tso cai sim mus kuaj qhov kev daws teeb meem .
Sau: Alexey Nikulin. Information Security Engineer Fortiservice.
Tau qhov twg los: www.hab.com