postfix-webmail,Dovecot,centos;qmail 002
.
建议postfix增加spf dkim 证书认证等措施
http://bbs.linuxtone.org/thread-24070-1-1.html
经过几天的学习和研究,终于完成了基于MySQL的虚拟账号认证的邮件系统的搭建。发现搭建邮件系统及庞大而又复杂,涉及到多方面的知识:DNS的搭建,服务脚本的编写,证书加密原理,数据库的搭建,垃圾邮件的过滤等等。关于其中涉及到的相关独立知识点,之后会单独写日志。另外,需要说明的是本技术文档,基本上全部是使用的最新版本,核心软件全部使用源码包编译安装。其中,也包括搭建过程中遇到的各种问题的解决方法。
所需源码软件:
postfix-2.10.0.tar.gz
cyrus-sasl-2.1.25.tar.gz
dovecot-2.2.0.tar.gz
extmail-1.2.tar.gz
extman-1.1.tar.gz
File-Tail-0.99.3.tar.gz
GDGraph-1.44_01.tar.gz
rrdtool-1.4.7.tar.gz
libtool-2.4.2.tar.gz
Time-HiRes-1.9725.tar.gz
mysql-5.5.28-linux2.6-x86_64.tar.gz
Unix-Syslog-1.1.tar.gz
概述:
postfix默认是基于IP地址的本地用户认知,受限于本地网络。而基于虚拟用户的认证,最大的好处是不受地理位置的影响,所以可以查收邮件。同时也便于管理和维护。
原理简述:
首先, MUA请求于MTA(postfix),而MTA(postfix)本身不具备认证功能,因此MTA需要借助SASL(简单认证安全层)协议来实现认证功能。但SASL要实现基于MySQL的虚拟账号认证,需要借助于Courier-authlib,最后,Courier-authlib再实现与MySQL的通信。
说明:所有的源码包都在/usr/local/src底下
##############################MySQL##########################
############环境配置###########
1. tar xf mysql-5.5.28-linux2.6-x85_64.tar.gz -C /usr/local/
2. ln -sv mysql-5.5.28-linux2.6-x85_64.tar.gz mysql
3. ln -sv /usr/local/mysql/include /usr/include/mysql
4. echo "/usr/local/mysql/lib" >> /etc/ld.so.conf.d/mysql.conf
5. ldconfig -v
6. sed -i '45a\/usr/local/mysql/man' /etc/man.config
7. echo "PATH=$PATH:/usr/local/mysql/bin" > /etc/profile.d/mysql.sh
8. source /etc/profile
#############建立数据库分区###########
1. fdisk -cu /dev/sdb ------>/dev/sdb1(分区过程略)
2. pvcreate /dev/sdb1
3. vgcreate vg_mysql /dev/sdb1
4. lvcreate -L 10G -n lv_mdata vg_mysql
5. mkfs.ext4 /dev/vg_mysql/lv_mdata
6. mkdir /mdata
7. echo "/dev/vg_mysql/lv_mdata /mdata ext4 defaults,acl 0 0" >> /etc/fstab
8. mount -a
#############添加用户并初始化#########
1. groupadd mysql
2. useradd -r -g mysql mysql
3. cd mysql
4. chgrp -R mysql .
5. chown -R mysql.mysql /mdata
6. scripts/mysql_install_db --datadir=/mdata --user=mysql
7. cp support-files/my-large.cnf /etc/my.cnf
8. cp support-files/mysql.server /etc/init.d/mysqld
9. service mysqld start 注:此处若启动不成功,就再次将第6步重新执行一遍。
10.chkconfig --add mysqld
11.chkconfig mysqld on
12.pgrep mysqld
#####################Cyrus-SASL#####################################
#####编译安装#####(如果对源码包安装所涉及到的库文件和头文件等知识不太了解的话,此处建议是使用rpm包安装。否则后面出现的问题会相当难解决。)
1. tar xf cyrus-sasl-2.1.25.tar.gz ; cd cyrus-sasl-2.1.25
2. ./configure \
--disable-crm \
--disable-digest \
--disable-otp \
--disable-krb4 \
--disable-gssapi \
--disable-anon \
--enable-sql \
--with-mysql=/usr \
--with-login \
--with-plain \
--with-authdaemond=/usr/local/courier-authlib/var/spool/authdaemon/socket
3. make (注:1.此处或许遇到找不到des.h文件的情况,只要将./mac/libdes/public/des.h考到当前 目录即可。
2.此处也或许与到找不到mysql.h的情况,只需将--with-mysql=/usr/local/mysql改为 --with-mysql=/usr即可.
3.如果报libsql.la错误的话,则将--with-mysql=/usr/local/mysql改为--with-mysql=/usr/local/mysql/lib即可)
4. make install
5. echo "/usr/local/lib" >> /etc/ld.so.conf && ldconfig
6. ln -sv /usr/local/lib/sasl2 /usr/lib4/sasl2 (注:因为默认系统可能已经安装了rpm包的cyrus-sasl,此时,若你的系统是64位的的话,
那么默认查找路径应该是/usr/lib64/sasl2。为了避免库文件查找错误,需要先把以rpm包安装在/usr/lib64位下的libsasl2.so*文件删除,
然后运行ldconfig命令即可。)
#####编写saslauthd服务控制脚本#####
7. vim /etc/init.d/saslauthd
#!/bin/bash
#
#chkconfig:2345 70 30
#
#Called functions
. /etc/rc.d/init.d/functions
#
#Defined variables
prog=saslauthd
path=/usr/local/sbin/saslauthd
mech=shadow
retval=0
#
#Defined control functions
start() {
echo -n $"Starting $prog: "
daemon $path -a $mech
echo
retval=$?
}
stop() {
echo -n $"Stopping $prog: "
killproc $path
echo
retval=$?
}
#
case $1 in
start)
start
;;
stop)
stop
;;
restart)
stop
start
retval=$?
;;
status)
status $prog
;;
*)
echo $"Usage: $prog {start|stop|restart|status|}"
esac
exit $retval
8. chkconfig --add saslauthd
9. service saslauthd start
################Postfix################
#####添加使用的用户与组#####
1. groupadd -g 2525 postfix
useradd -u 2525 -g 2525 -s /sbin/nologin -M postfix
groupadd -g 2526 postdrop
useradd -u 2526 -g postdrop -s /sbin/nologin -M postdrop
#####编译安装#####
2. make makefiles CCARGS="-DHAS_MYSQL -I/usr/local/mysql/include -DUSE_SASL_AUTH -DUSE_CYRUS_SASL -I/usr/local/include/sasl -DUSE_TLS"
AUXLIBS="-L/usr/local/mysql/lib -lmysqlclient -lz -lm -L/usr/local/lib -lsasl2 -lssl -lcrypto"
注:此处或许遇到找不到db.h文件的情况,只需yum -y install db4-devel就可以。另外因为是rpm包安装的openssl,所以此处不需要指定头文件和库文件的路径,假如是编译安装的话,则需要单独指定路径。
3. make && make install
#####编写postfix服务启动脚本#####
4. vim /etc/init.d/postfix
#!/bin/bash
#
# chkconfig:2345 75 25
#
# Called functions
. /etc/rc.d/init.d/functions
# Defined variables
prog=postfix
smtpd=/usr/libexec/postfix/master
retval=0
# Defined control functions
start() {
echo -n $"Starting $prog: "
daemon $prog start
echo
retval=$?
}
stop() {
echo -n $"Stopping $prog: "
killproc $smtpd
echo
retval=$?
}
reload() {
echo -n $"Reloading $prog: "
daemon $prog reload
echo
retval=$?
}
case $1 in
start)
start
;;
stop)
stop
;;
restart)
stop
start
retval=$?
;;
status)
status $smtpd
;;
reload)
reload
;;
*)
echo $"Usage: $prog {start|stop|restart|status|reload}"
esac
exit $retval
5. chkconfig -add postfix
6. service postfix start
#####postfix基本配置#####
1. 更改/etc/postfix/main.cf
myhostname = server.example.com
mydomain = example.com
myorigin = $mydomain
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
mynetworks = 192.168.1.0/24, 127.0.0.0/8
inet_interfaces = all
2. service postfix restart
#####测试postfix#####
3. telnet 192.168.1.102 25
220 server.example.com ESMTP Postfix
helo server
250 server.example.com
mail from:test
250 2.1.0 Ok
rcpt to:yonchin@example.com
250 2.1.5 Ok
data
354 End data with <CR><LF>.<CR><LF>
test
.
250 2.0.0 Ok: queued as B6678A0AAC
quit
221 2.0.0 Bye
注:如果yonchin收到邮件的话证明postfix运行正常
#####让postfix支持SASL#####
1. postconf -a
cyrus
dovecot #检测postfix支持哪些认证方式
2. 添加以下参数到main.cf中
stmpd_sasl_auth_enable = yes
smtpd_recipient_restrictions = permit_mynetworks
permit_sasl_authenticated
reject_unauth_destination
reject_unauth_pipelining
reject_invalid_hostname
reject_non_fqdn_sender
reject_non_recipient
reject_unknown_sender_domain
reject_unknown_recipient_domain
smtpd_sasl_local_domain = $domain
smtpd_sasl_path = smtpd
smtpd_sasl_security_options = noanonymous
smtpd_sasl_authenticated = yes
smtpd_sasl_type = cyrus
broken_sasl_auth_clients = yes
注:要启用postfix的sasl认证功能至少需要配置前两条
3. 在/usr/local/lib/sasl2/下新建smtpd.conf文件,并添加如下内容:
pwcheck_method: saslauthd
mech_list: PLAIN LOGIN
#####测试postfix功能是否生效#####
4. telnet 192.168.1.102 25
220 server.example.com ESMTP Postfix
ehlo server
250-server.example.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
只要出现如上所示AUTH PLANIN LOGIN 和 AUTH=PLANIN LOGIN,就证明配置成功。
(注:测试postfix是否已经具有了认证功能,也可以使用更简单快捷smtptest命令,来进行测试。)
#####让postfix支持虚拟域和虚拟用户#####
1. 在/etc/postfix/main.cf添加以下配置
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_base = /var/mailbox
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_uid_maps = static:2525
virtual_gid_maps = static:2525
vritual_alias_domains =
virutal_alias_maps = mysql:/etc/postfix/mysql_virutal_alias_maps.cf
virutal_transport = virtual
2. mkdir /var/mailbox && chown -R postfix /var/mailbox
3. 编写mysql_virtual_domains_maps.cf,添加如下内容:
hosts = localhost
user = extmail
password = extmail
dbname = extmail
table = domain
select_field = domain
where_field = domain
additional_conditions = AND active = '1'
编写mysql_virtual_mailbox_maps.cf,添加如下内容:
hosts = localhost
user = extmail
password = extmail
dbname = extmail
table = mailbox
select_field = maildir
where_field = username
additional_conditions = AND active = '1'
编写mysql_virtual_mailbox_maps.cf,添加如下内容:
hosts = localhost
user = extmail
password = extmail
dbname = extmail
table = alias
select_field = goto
where_field = address
additional_conditions = AND active = '1'
########################Courier-authlib########################
1. 先编译安装libtool-2.4.2.tar.gz
tar xf /usr/local/src/libtool-2.4.2.tar.gz
2. make && make install
3. 编译安装courier-authlib-0.65.0.20130414.tar.bz2
tar xf courier-authlib-0.65.0.20130414.tar.bz2
./configure --prefix=/usr/local/courier-authlib \
--sysconfdir=/etc \
--without-authpam \
--without-authpwd \
--without-authshadow \
--without-authpgsql \
--without-authldap \
--without-authuserdb \
--with-authmysqlrc=/etc/authmysqlrc \
--with-authdaemonrc=/etc/authdaemonrc \
--with-mysql-libs=/usr/local/mysql/lib \
--with-mysql-includes=/usr/local/mysql/include \
--with-mailuser=postfix \
--with-mailgroup=postfix
4. make && make install
5. echo "/usr/local/courier-authlib/lib/courier-authlib" >/etc/ld.so.conf.d/courier-authlib.conf
cp courier-authlib.sysvinit /etc/init.d/courier-authlib
chmod +x /etc/init.d/courier-authlib
cp -a /etc/authmysqlrc.dist /etc/authmysqlrc
cp -a /etc/authdaemonrc.dist /etc/authdaemonrc
chkconfig --add courier-authlib
chkconfig courier-authlib on
6. 修改/etc/authdaemonrc
authmodulelist="authmysql"
authmodulelistoring="authmysql"
daemons=10
7. 修改/etc/authmysqlrc
MYSQL_SERVER localhost
MYSQL_USERNAME extmail
MYSQL_PASSWORD extmail
MYSQL_PORT 3306
MYSQL_BATABASE extmail
MYSQL_USER_TABLE mailbox
MYSQL_CRYPT_PWFIELD password
MYSQL_UID_FIELD 2525
MYSQL_GID_FILED 2525
MYSQL_LOGIN_FILED username
MYSQL_HOME_FILED concat('/var/mailbox/',homedir)
MYSQL_NAME_FILED name
MYSQL_MAILDIR_FIELD concat('/var/mailbox/',maildir)
8. 重新配置/usr/local/lib/sasl2/smtpd.conf
pwcheck_method: authdaemond
mech_list: PLAIN LOGIN
log_level: 3
authdaemond_path:/usr/local/courier-authlib/var/spool/authdaemon/socket
###############Extmail###############
1. mkdir -pv /var/www/extsuite/extmail
2. tar xf /usr/local/src/extmail-1.2.tar.gz
cp -r /usr/local/src/extmail-1.2/* /var/www/extsuite/extmail
cp /var/www/extsuite/extmail/webmail.cf.default /var/www/extsuite/extmail/webmail.cf
3. 修改webmail.cf配置如下:
SYS_USER_LANG = zh_CN
SYS_MAILDIR_BASE = /var/mailbox
SYS_MYSQL_USER = extmail
SYS_MYSQL_PASS = extmail
SYS_MYSQL_SOCKET = /tmp/mysql.sock
SYS_AUTHLIB_SOCKET = /usr/local/courier-authlib/var/spool/authdaemon/socket
4. 添加虚拟主机(注:httpd使用rpm包安装)
NameVirtualHost *:80
<VirtualHost *:80>
ServerName mail.example.com
DocumentRoot /var/www/extsuite/extmail/html/
ScriptAlias /extmail/cgi /var/www/extsuite/extmail/cgi
Alias /extmail /var/www/extsuite/extmail/html
SuexecUserGroup postfix postfix
</VirtualHost>
5. chown -R postfix.postfix /var/www/extsuite/extmail/cgi
6. service httpd restart
7. yum -y install perl-CGI (若此处打开浏览器进行测试报找不到CGI.PM的错误,则需要安装此软件包
8. 编译安装extmail依赖包Unix-Syslog
tar xf Unix-Syslog-1.1.tar.gz
perl Makefile.PL (注:此处或许会报Can't locate ExtUtils/MakeMaker.pm的错误,则安装yum -y install per-ExtUtils- MakeMaker* 即可)
make
make install
到此打开网页即可正常显示webmail登陆界面
#################Extman########################
1. mkdir /var/www/extsuite/extman
2. tar xf /usr/local/src/extman-1.1.tar.gz
3. cp -r /usr/local/src/extman-1.1/* /var/www/extsuite/extman
4. cd /var/www/extsuite/extman
5. cp webman.cf.default webman.cf
6. 更改webman.cf配置如下:
SYS_MAILDIR_BASE = /var/mailbox
SYS_CAPTCHA_ON = 0
SYS_MYSQL_SOCKET = /tmp/mysql.sock
7. mkdir /tmp/extman && chown -R postfix.postfix /tmp/extman
8.在http.conf中虚拟主机中添加以下配置选项:
ScritpAlias /extman/cgi /var/www/extsuite/extman/cgi
Alias /extman /var/www/extsuite/extman/html
9. chown -R postfix.postfix /var/www/extsuite/extman/cgi
10. service httpd restart
################建立数据库#######################
1. 使用/var/www/extsuite/extman/docs下的extmail.sql和init.sql建立数据库
sed -i 's@TYPE=MyISAM@Engine=MyISAM@g' extmail.sql(注:因为mysql版本更新比extmail快,所以在使用extmail.sql建立数据 库前需要先将数据库引擎字段更改一下)
2. mysql -uroot -p < extmail.sql
3. mysql -uroot -p < init.sql
4. 打开网页登陆到邮件后台管理测试,会报Can't locate DBD/mysql.pm错误,则需安装perl-DBD-MySQL
yum -y install perl-DBD-MySQL
5. 为后台数据库管理账号webman授权:
GRANT all privileges ON extmail.* TO webman@localhost IDENTIFIED BY 'webman'
GRANT all privileges ON extmail.* TO webman@127.0.0.1 IDENTIFIED BY 'webman'
6. 到此基于虚拟域和虚拟账号的邮件web系统系统已经配置完毕。extman后台,默认管理账号是:root@extmail.org ,密码是:extmail*123*
#################配置Extman图形日志########################
到http://www.cpan.org下载Time-HiRes和File-Tail软件
到http://oss.oetiker.ch/rrdtool/pub/?M=D下载rrdtool
1.tar xf Time-HiRes-1.9725.tar.gz
cd Time-HiRes-1.9725
perl Makefile.PL
make
make test
make install
2.tar xf File-Tail-0.99.3.tar.gz
cd File-Tail-0.99.3
perl Makefile.PL
make
make install
3.tar xf rrdtool-1.4.7.tar.gz
cd rrdtool-1.4.7
./configure --prefix=/usr/local/rrdtool
make (注:此处要是编译时,需要解决依赖关系,需要安装:libxml2-devel,glib2-devel,cairo-devel,pango-devel)
make install
4. 建立默认rrdtool库文件查找路径的符号链接
ln -sv /usr/local/rrdtool/lib/perl/5.10.1/RRDp.pm /usr/lib64/perl5/
ln -sv /usr/local/rrdtool/lib/perl/5.10.1/x86_64-linux-thread-multi/RRDs.pm /usr/lib64/perl5/
mkdir -pv /usr/lib64/perl5/auto/RRDs
ln -sv /usr/local/rrdtool/lib/perl/5.10.1/x86_64-linux-thread-multi/auto/RRDs/RRDs.so /usr/lib64/perl5/auto/RRDs
5. 启动extman图形日志插件服务,并开机自动启动
cp -r /var/www/extsuite/extman/addon/mailgraph_ext /usr/local
cd /usr/local
./mailgraph-init start
echo "/usr/local/mailgraph_ext/mailgraph-init start" >> /etc/rc.local
########################Dovecot############################
1. useradd -M -s /sbin/nologin dovenull
useradd -M -s /sbin/nologin dovecot
2. ./configure --prefix=/usr/local/dovecot \
> --sysconfdir=/etc \
> --with-sql=yes \
> --with-mysql \
> --with-zlib \
> --with-bzlib \
> --with-ssl=openssl \
> --with-docs
注:此处若遇到“error: Can't build with bzlib support: bzlib.h not found”的错误,则需要安装bzip2-devel
3. make && make install
4. echo "/usr/local/dovecto/lib" >> /etc/ld.so.conf.d/dovecot.conf
5. echo "PATH=$PATH:/usr/local/dovecot/bin:/usr/local/dovecot/sbin" > /etc/profile.d/dovecot.sh
6. cp -r /usr/local/dovecot/share/doc/dovecot/example-config/* /etc/dovecot/
7.修改/etc/dovecot/dovecot.conf
protocols = imap pop3
修改/etc/dovecot/dovecot.d/10-mail.conf
mail_location = maildir:/var/mailbox/%d/%n/Maildir
修改/etc/dovecot/dovecot.d/10-auth.conf
disable_plaintext_auth = no
!include auth-sql.conf.ext(开启,默认是被注释掉的)
修改/etc/dovecot/dovecot-sql.conf.ext
connect = host=/tmp/mysql.sock dbname=extmail user=extmail password=extmail
default_pass_scheme = CRYPT
password_query = SELECT username AS user, password AS password \
FROM extmail WHERE username = '%u'
user_query = SELECT maildir, uidnumber AS uid, gidnumber AS gid \
FROM extmail WHERE username = '%u'
8. 启动服务:/usr/local/dovecot/sbin/dovecot
9. 测试:telnet 192.168.1.102 110
USER t1@test.com
PASS test
-ERR Authentication failed.
查看日志:在/var/log/maillog里发现:
Error: user t1@test.com: Initialization failed: Initializing mail storage from mail_location setting failed:
stat(/var/mailbox/test.com/t1/Maildir)failed: Permission denied (euid=1000(<unknown>) egid=1000(<unknown>)
missing +x perm: /var/mailbox/test.com, euid is not dir owner)
解决方法:1.修改/var/www/extsuite/extman/tools/userctl.pl
uidnumber => $uidnumber || 1000 (将1000改为2525,即你所指定的postfix的用户uid和gid)
gidnumber => $gidnumber || 1000 (将1000改为2525,即你所指定的postfix的用户uid和gid)
2.将数据库中uidnumber和gidnumber的默认值改为2525(即,你所指定的postfix的用户uid和gid)
ALTER TABLE mailbox ALTER uidnumber SET DEFAULT 2525;
ALTER TABLE mailbox ALTER gidnumber SET DEFAULT 2525;
(注:如果在修改默认值之前创建过虚拟域和虚拟账号,则最好将其删除干净,否则在你创建同名的虚拟域和账号时还会报以上的错误)
10. 注释掉/etc/postfix/main.cf中以下几行(否则会报错):
#myhostname = server.example.com
#mydomain = example.com
#myorigin = $mydomain
#mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
#mynetworks = 192.168.1.0/24, 127.0.0.0/8
11. service postfix restart
####################让dovecot支持pop3s和imaps###################
建立自签名证书
1. cd /etc/pki/CA/private/
2.(umask 077; openssl genrsa -out cakey.pem 1024)
3. cd /etc/pki/CA
4. openssl req -new -x509 -key private/cakey.pem -out cacert.pem -days 365
5. touch index.txt
6. echo 01 >serial
7. mkdir /etc/dovecot/.ssl
8. cd /etc/dovecot/.ssl
9. (umask 077; openssl genrsa -out dovecot.key 1024)
10. openssl req -new -key dovecot.key -out dovecot.csr
11. openssl ca -in dovecot.csr -out dovecot.crt
12. 修改/etc/dovecot/dovecot.d/10-auth.conf
disable_plaintext_auth = yes
13. 修改/etc/dovecot/conf.d/10-ssl.conf
ssl = yes
ssl_cert = </etc/dovecot/.ssl/dovecot.crt
ssl_key = </etc/dovecot/.ssl/dovecot.key
14. service dovecot restart
15. 此时若是使用outlook来收邮件则必须将pop3的端口号改为995
#############################防病毒/垃圾邮件##############################
所需软件:spamassassin-3.3.1-2.el6.x86_64
clamav-db-0.97.7-1.el6.rf.x86_64.rpm (下载地址:http://pkgs.repoforge.org/clamav/)
clamav-0.97.7-1.el6.rf.x86_64.rpm (下载地址:http://pkgs.repoforge.org/clamav/)
MailScanner-4.84.5-3.rpm.tar.gz (下载地址:http://www.mailscanner.info/downloads.html)
1. yum -y install spamassassin
2. 修改/etc/mail/spamassassin/local.cf
required_hits 10
report_safe 0
rewrite_header Subject [SPAM]
use_bayes 1
ok_locales all
3. cd /usr/local/src
4. yum -y localinstall clamav-0.97.7-1.el6.rf.x86_64.rpm
5. tar xf MailScanner-4.84.5-3.rpm.tar.gz
6. ./install.sh
7. 编辑/etc/MailScanner/MailScanner.conf
%org-name% = example
%org-long-name% = example.com
%web-site$ = mail.example.com
Run As User = postfix
Run As Group = postfix
Incoming Queue Dir = /var/spool/postfix/hold
Outgoing Queue Dir = /var/spool/postfix/incoming
MTA = postfix
Virus Scanning = yes
Virus Scanners = clamav
Use SpamAssassin = yes
Always Include SpamAssassin Report = yes
SpamAssassin User State Dir = /var/spool/MailSanner/spamassassin
SpamAssassin Install Dir = /usr/bin
SpamAssassin Local Rules Dir = /etc/mail/spamassassin
8. 修改/etc/postfix/main.cf
header_checks = regexp:/etc/postfix/header_checks
9. 修改/etc/postfix/header_checks
/^Received:/ HOLD
/^Received:.*\[127\.0\.0\.1/ IGNORE
/^Received:.*\[192\.168\.1\.[0-255]/ IGNORE
10. postmap /etc/postfix/header_check
11. chown -R postfix:postfix /var/spool/MailSanner
12. service postfix restart
service MailSanner restart
到此,webmail 和 outlook 都可以进行接收发送邮件的服务了。配置完成。
=================================================
http://vnimos.blog.51cto.com/2014866/1203138
http://vnimos.blog.51cto.com/2014866/1203162
http://vnimos.blog.51cto.com/2014866/1203166
http://vnimos.blog.51cto.com/2014866/1203580
| 操作系统 | RHEL5.5 x86_64 | |
| Web 服务器 | Apache | 系统自带 |
| 数据库 | MySQL | 系统自带 |
| 邮件传输代理 MTA | Postfix-2.3.3-6 | 支持MySQL |
| 邮件接收代理 MRA | Dovecot | 系统自带 |
| 邮件投递代理 MDA | Maildrop-2.2.0 | 支持过滤和强大功能 |
| Web账户管理后台 | Extman-1.1 | 支持无限域名、无限用户 |
| WebMail系统 | Extmail-1.2 | |
| mailgraph_ext | ||
| Cyrus SASL |
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
|
# yum -y install bind caching-nameserver# vi /var/named/chroot/etc/named.confoptions { listen-on port 53 { 192.168.0.0/24; }; directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; memstatistics-file "/var/named/data/named_mem_stats.txt"; allow-query { 192.168.0.0/24; }; allow-query-cache { 192.168.0.0/24; };};logging { channel default_debug { file "data/named.run"; severity dynamic; };};zone "." IN { type hint; file "named.ca"; };zone "xfcy.org" IN { type master; file "xfcy.org.zone"; allow-update { none; };};zone "0.168.192.in-addr.arpa" IN { type master; file "192.168.0.zone"; allow-update { none; };};# vi /var/named/chroot/var/named/xfcy.org.zone$TTL 86400@ IN SOA mail.xfcy.org. root.mail.xfcy.org. ( 2013051801 ; serial (d. adams) 3H ; refresh 15M ; retry 1W ; expiry 1D ) ; minimum@ IN NS mail.xfcy.org.@ IN A 192.168.0.89@ IN MX 5 mail.xfcy.org.mail IN A 192.168.0.89# vi /var/named/192.168.0.zone$TTL 86400@ IN SOA mail.xfcy.org. root.mail.xfcy.org. ( 2013051801 ; Serial 28800 ; Refresh 14400 ; Retry 3600000 ; Expire 86400 ) ; Minimum IN NS mail.xfcy.org.89.168.0.192.in-addr.arpa IN PTR mail.xfcy.org.# ln -s /var/named/chroot/etc/named.conf /etc/# ln -s /var/named/chroot/var/named/named.ca /var/named/# ln -s /var/named/chroot/var/named/xfcy.org.zone /var/named/# ln -s /var/named/chroot/var/named/192.168.0.zone /var/named/# chkconfig named on# /etc/init.d/named start |
|
1
2
3
4
5
6
|
# yum -y install httpd php php-mysql mysql mysql-server mysql-devel openssl-devel dovecot perl-DBD-MySQL# chkconfig mysql on# /etc/init.d/mysqld start //初始化MySQL数据库# mysqladmin -u root password mysql //设置root密码# yum -y groupinstall "Development Libraries" "Development Tools" "Legacy Software Development" "X Software Development"# yum -y install tcl tcl-devel libart_lgpl libart_lgpl-devel libtool-ltdl libtool-ltdl-devel pcre-devel //安装后续编译软件所需的依赖包 |
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
|
# service sendmail stop //关闭并卸载自带的sendmail服务# rpm -e sendmail --nodeps# rpm -ivh postfix-2.3.3-6.el5.src.rpm# cd /usr/src/redhat/SPECS# vi postfix.spec%define LDAP 2%define MYSQL 1 //添加Mysql的支持(默认已注释)%define PCRE 1%define SASL 2%define TLS 1%define IPV6 1%define POSTDROP_GID 90%define PFLOGSUMM 1# rpmbuild -bb postfix.spec# cd ../RPMS/x86_64# rpm -ivh postfix-2.3.3-6.x86_64.rpm# vi /etc/postfix/main.cfqueue_directory = /var/spool/postfixcommand_directory = /usr/sbindaemon_directory = /usr/libexec/postfixmail_owner = postfixmyhostname = mail.xfcy.orgmydomain = xfcy.orgmyorigin = $mydomaininet_interfaces = allmydestination =unknown_local_recipient_reject_code = 550mynetworks = 192.168.0.0/24, 127.0.0.0/8alias_maps = hash:/etc/aliasesalias_database = hash:/etc/aliases# chkconfig postfix on# /etc/init.d/postfix start |
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
|
# telnet localhost 25Trying 127.0.0.1...Connected to localhost.localdomain (127.0.0.1).Escape character is '^]'.220 mail.xfcy.org ESMTP Postfixehlo mail.xfcy.org250-mail.xfcy.org250-PIPELINING250-SIZE 10240000250-VRFY250-ETRN250-ENHANCEDSTATUSCODES250-8BITMIME250 DSNmail from:root@xfcy.org250 2.1.0 Okrcpt to:zyp19891128@163.com250 2.1.5 Okdata354 End data with <CR><LF>.<CR><LF>subject:testpostfix test.250 2.0.0 Ok: queued as 5212B96E83quit221 2.0.0 ByeConnection closed by foreign host.# tailf /var/log/maillogMay 17 12:52:50 mail postfix/smtpd[15176]: connect from mail.xfcy.org[192.168.0.89]May 17 12:53:04 mail postfix/smtpd[15176]: DF4B796E26: client=mail.xfcy.org[192.168.0.89]May 17 12:53:15 mail postfix/cleanup[15210]: DF4B796E26: message-id=<20130517045304.DF4B796E26@mail.xfcy.org>May 17 12:53:15 mail postfix/qmgr[3050]: DF4B796E26: from=<root@xfcy.org>, size=379, nrcpt=1 (queue active)May 17 12:53:16 mail postfix/smtp[15214]: DF4B796E26: host 163mx03.mxmail.netease.com[220.181.14.159] said: 451 DT:SPM mx44, XsCowEBpUEu7t5VRWqdEAw--.1675S2, please try again 1368766395 http://mail.163.com/help/help_spam_16.htm?ip=210.13.194.138&hostid=mx44&time=1368766395 (in reply to end of DATA command)May 17 12:53:17 mail postfix/smtp[15214]: DF4B796E26: to=<zyp19891128@163.com>, relay=163mx01.mxmail.netease.com[220.181.14.139]:25, delay=16, delays=14/0.02/1.6/0.24, dsn=2.0.0, status=sent (250 Mail OK queued as mx10,PMCowEBJElK8t5VRT8XKFQ--.914S2 1368766396)May 17 12:53:17 mail postfix/qmgr[3050]: DF4B796E26: removedMay 17 12:53:23 mail postfix/smtpd[15176]: disconnect from mail.xfcy.org[192.168.0.89] |
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
|
# yum -y install dovecot# vi /etc/dovecot.confmail_location = maildir:/var/maildata/domains/%d/%n/Maildirauth default { mechanisms = plain #把pam { }这一项注释掉 passdb sql { args = /etc/dovecot-mysql.conf } userdb passwd { } userdb sql { args =/etc/dovecot-mysql.conf } user = root}# vi /etc/dovecot-mysql.conf //创建mysql认证文件driver = mysqlconnect = host=localhost dbname=extmail user=extmail password=extmaildefault_pass_scheme = CRYPTpassword_query = SELECT username AS user,password AS password FROM mailbox WHERE username ='%u'user_query = SELECT maildir, uidnumber AS uid,gidnumber AS gid FROM mailbox WHERE username ='%u'# chkconfig dovecot on# /etc/init.d/dovecot start# netstat -lntp | grep dovecottcp 0 0 :::993 :::* LISTEN 5033/dovecot tcp 0 0 :::995 :::* LISTEN 5033/dovecot tcp 0 0 :::110 :::* LISTEN 5033/dovecot tcp 0 0 :::143 :::* LISTEN 5033/dovecot |
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
|
配置cyrus-sasl认证:# yum -y install cyrus-sasl# postconf -acyrusdovecot# vi /etc/postfix/main.cf //为postfix开启基于cyrus-sasl的认证功能##====================SASL========================smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_hostname, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unauth_destination, reject_unauth_pipelining, reject_invalid_hostname, reject_unknown_sender_domain, reject_unknown_recipient_domain# SMTP sender login matching configsmtpd_sender_restrictions = permit_mynetworks, reject_sender_login_mismatch# SMTP AUTH config herebroken_sasl_auth_clients = yessmtpd_sasl_auth_enable = yessmtpd_sasl_local_domain = $myhostnamesmtpd_sasl_security_options = noanonymous# bannermail_name = Postfix - by xfcy.orgsmtpd_banner = Welcome to $myhostname ESMTP , $mail_name# service postfix restart# telnet localhost 25Trying 192.168.0.89...Connected to mail.xfcy.org (192.168.0.89).Escape character is '^]'.220 Welcome to mail.xfcy.org ESMTP , Postfix - by xfcy.orgehlo mail.xfcy.org250-mail.xfcy.org250-PIPELINING250-SIZE 10240000250-VRFY250-ETRN250-AUTH PLAIN LOGIN //出现以下两行表示cyrus-sasl认证添加成功250-AUTH=PLAIN LOGIN250-ENHANCEDSTATUSCODES250-8BITMIME250 DSNquit221 2.0.0 ByeConnection closed by foreign host.安装Courier-Authlib:# tar jxvf courier-authlib-0.62.4.tar.bz2# cd courier-authlib-0.62.4# ./configure --prefix=/usr/local/courier-authlib --without-stdheaderdir --without-authuserdb --without-authpam --without-authldap --without-authpwd --without-authshadow --without-authvchkpw --without-authpgsql --without-authcustom --with-authmysql --with-redhat# make# make install# make install-configure# echo "/usr/local/courier-authlib/lib/courier-authlib" >> /etc/ld.so.conf# ldconfig# ldconfig -v | grep courier/usr/local/courier-authlib/lib/courier-authlib: libcourierauthsasl.so -> libcourierauthsasl.so.0 libcourierauthsaslclient.so -> libcourierauthsaslclient.so.0 libcourierauth.so -> libcourierauth.so.0 libcourierauthcommon.so -> libcourierauthcommon.so.0# cp courier-authlib.sysvinit /etc/rc.d/init.d/courier-authlib# chmod 755 /etc/rc.d/init.d/courier-authlib# chkconfig --add courier-authlib# chkconfig courier-authlib on# chmod 755 /usr/local/courier-authlib/var/spool/authdaemon/# cp /usr/local/courier-authlib/etc/authlib/authmysqlrc /usr/local/courier-authlib/etc/authlib/authmysqlrc.bak# vi /usr/local/courier-authlib/etc/authlib/authmysqlrcMYSQL_SERVER 127.0.0.1MYSQL_USERNAME extmailMYSQL_PASSWORD extmailMYSQL_SOCKET /var/lib/mysql/mysql.sockMYSQL_PORT 3306MYSQL_OPT 0MYSQL_DATABASE extmailMYSQL_USER_TABLE mailboxMYSQL_CRYPT_PWFIELD passwordMYSQL_UID_FIELD 1000MYSQL_GID_FIELD 1000MYSQL_LOGIN_FIELD usernameMYSQL_HOME_FIELD concat('/var/maildata/domains/',homedir)MYSQL_NAME_FIELD nameMYSQL_MAILDIR_FIELD concat('/var/maildata/domains/',maildir)# vi /usr/local/courier-authlib/etc/authlib/authdaemonrcauthmodulelist="authmysql"authmodulelistorig="authmysql"daemons=10authdaemonvar=/usr/local/courier-authlib/var/spool/authdaemonDEBUG_LOGIN=0DEFAULTOPTIONS=""LOGGEROPTS=""# service courier-authlib startStarting Courier authentication services: authdaemond# ps -ef | grep authdaemond | grep -v greproot 9173 1 0 02:50 ? 00:00:00 /usr/local/courier-authlib/sbin/courierlogger-pid=/usr/local/courier-authlib/var/spool/authdaemon/pid -start /usr/local/courier-authlib/libexec/courier-authlib/authdaemondroot 9174 9173 0 02:50 ? 00:00:00 /usr/local/courier-authlib/libexec/courier-authlib/authdaemondroot 9175 9174 0 02:50 ? 00:00:00 /usr/local/courier-authlib/libexec/courier-authlib/authdaemondroot 9176 9174 0 02:50 ? 00:00:00 /usr/local/courier-authlib/libexec/courier-authlib/authdaemondroot 9177 9174 0 02:50 ? 00:00:00 /usr/local/courier-authlib/libexec/courier-authlib/authdaemondroot 9178 9174 0 02:50 ? 00:00:00 /usr/local/courier-authlib/libexec/courier-authlib/authdaemondroot 9179 9174 0 02:50 ? 00:00:00 /usr/local/courier-authlib/libexec/courier-authlib/authdaemondroot 9180 9174 0 02:50 ? 00:00:00 /usr/local/courier-authlib/libexec/courier-authlib/authdaemondroot 9181 9174 0 02:50 ? 00:00:00 /usr/local/courier-authlib/libexec/courier-authlib/authdaemondroot 9182 9174 0 02:50 ? 00:00:00 /usr/local/courier-authlib/libexec/courier-authlib/authdaemondroot 9183 9174 0 02:50 ? 00:00:00 /usr/local/courier-authlib/libexec/courier-authlib/authdaemondroot 9184 9174 0 02:50 ? 00:00:00 /usr/local/courier-authlib/libexec/courier-authlib/authdaemond# vi /usr/lib64/sasl2/smtpd.confpwcheck_method: authdaemondlog_level: 3mech_list:PLAIN LOGINauthdaemond_path:/usr/local/courier-authlib/var/spool/authdaemon/socket |
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
|
# groupadd -g 1000 vgroup# useradd -g 1000 -u 1000 -s /sbin/nologin -M vuser# tar jxvf maildrop-2.2.0.tar.bz2# cd maildrop-2.2.0/# ./configure --enable-sendmail=/usr/sbin/sendmail --enable-trusted-users='root vuser' --enable-syslog=1 --enable-maildirquota --enable-maildrop-uid=1000 --enable-maildrop-gid=1000 --with-trashquota --with-dirsync# make && make install# vi /etc/postfix/master.cfmaildrop unix - n n - - pipe flags=DRhu user=vuser argv=/usr/local/bin/maildrop -w 90 -d ${user}@${nexthop} ${recipient} ${user} ${extension} {nexthop}//flags前面有"两个空格"# vi /etc/postfix/main.cfmaildrop_destination_recipient_limit = 1# maildrop -v //测试maildrop对authlib支持maildrop 2.1.0 Copyright 1998-2005 Double Precision, Inc.GDBM/DB extensions enabled.Maildir quota extension enabled.This program is distributed under the terms of the GNU General PublicLicense. See COPYING for additional information. |
|
1
2
3
4
5
|
# mkdir /var/tmp/{extman,extmail} //创建session目录# chown vuser:vgroup /var/tmp/extma*# mkdir -p /var/maildata/domains/extmail.org/postmaster/Maildir //创建邮件存储目录# chown -R vuser:vgroup /var/maildata/# mkdir -p /var/www/extsuite/{extmail,extman} //创建extmail和extman网页文件目录 |
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
|
# tar zxvf extmail-1.2.tar.gz# cp -rp extmail-1.2/* /var/www/extsuite/extmail/# chmod -R 755 /var/www/extsuite/# cd /var/www/extsuite/extmail/# cp webmail.cf.default webmail.cf# vi webmail.cfSYS_SESS_DIR = /var/tmp/extmail/SYS_MAILDIR_BASE = /var/maildata/domains/SYS_USER_LANG = en_USSYS_MYSQL_USER = extmailSYS_MYSQL_PASS = extmailSYS_MYSQL_DB = extmailSYS_MYSQL_HOST = localhostSYS_MYSQL_DB = extmailSYS_MYSQL_TABLE = mailboxSYS_MYSQL_ATTR_USERNAME = usernameSYS_MYSQL_ATTR_DOMAIN = domainSYS_MYSQL_ATTR_PASSWD = passwordSYS_AUTHLIB_SOCKET = /usr/local/courier-authlib/var/spool/authdaemon/socket |
|
1
2
3
4
5
6
7
8
9
|
# tar zxvf extman-1.1.tar.gz# cp -rp extman-1.1/* /var/www/extsuite/extman/# chown -R vuser:vgroup /var/www/extsuite/# cd /var/www/extsuite/extman/# cp webman.cf.default webman.cf# vi webman.cfSYS_CAPTCHA_ON = 0SYS_MAILDIR_BASE = /var/maildata/domains/SYS_SESS_DIR = /var/tmp/extman/ |
|
1
2
|
# mysql -u root -p < /var/www/extsuite/extman/docs/extmail.sql# mysql -u root -p < /var/www/extsuite/extman/docs/init.sql |
|
1
2
3
4
5
6
7
8
9
10
|
# cd /var/www/extsuite/extman/tools/# ./maildirmake.pl /var/maildata/domains/extmail.org/postmaster/Maildir/# chown -R vuser:vgroup /var/maildata/domains/# cp -r /var/www/extsuite/extman/docs/mysql_virtual_* /etc/postfix/# grep password /etc/postfix/mysql_virtual_*mysql_virtual_alias_maps.cf:password = extmailmysql_virtual_domains_maps.cf:password = extmailmysql_virtual_limit_maps.cf:password = extmailmysql_virtual_mailbox_maps.cf:password = extmailmysql_virtual_sender_maps.cf:password = extmail |
|
1
2
3
4
5
6
7
8
9
10
11
12
|
# vi /etc/postfix/main.cf##================ Virtual Mailbox Settings =====================#virtual_mailbox_base = /var/maildata/domainsvirtual_mailbox_maps =mysql:/etc/postfix/mysql_virtual_mailbox_maps.cfvirtual_mailbox_domains =mysql:/etc/postfix/mysql_virtual_domains_maps.cfvirtual_alias_domains =virtual_alias_maps =mysql:/etc/postfix/mysql_virtual_alias_maps.cfvirtual_uid_maps = static:1000virtual_gid_maps = static:1000virtual_transport = virtualmaildrop_destination_recipient_limit = 1maildrop_destination_concurrency_limit = 1 |
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
|
# vi /etc/httpd/conf/httpd.confNameVirtualHost *:80Include conf/vhost_*.conf# vi /etc/httpd/conf/vhost_extmail.conf# VirtualHost for ExtMail Solution# VirtualHost for ExtMail Solution<VirtualHost *:80> ServerName rhel5.vnimos.org DocumentRoot /var/www/extsuite/extmail/html/ ScriptAlias /extmail/cgi/ /var/www/extsuite/extmail/cgi/ Alias /extmail /var/www/extsuite/extmail/html/ ScriptAlias /extman/cgi/ /var/www/extsuite/extman/cgi/ Alias /extman /var/www/extsuite/extman/html/# Suexec config SuexecUserGroup vuser vgroup</VirtualHost># chkconfig httpd on# /etc/init.d/httpd start |
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
|
安装Time::HiRes#tar zxvf Time-HiRes-1.9725.tar.gz#cd Time-HiRes-1.9725#perl Makefile.PL#make#make test#make install 安装 File::Tail#tar zxvf File-Tail-0.99.3.tar.gz#cd File-Tail-0.99.3#perl Makefile#make#make test#make install 安装 rrdtool-1.4.5#tar zxvf rrdtool-1.4.5.tar.gz#cd rrdtool-1.4.5#./configure --prefix=/usr/local/rrdtool#make#make install# cp -rp /var/www/extsuite/extman/addon/mailgraph_ext /usr/local/# ln -s /usr/local/rrdtool/lib/perl/5.8.8/x86_64-linux-thread-multi/auto/RRDs/RRDs.so /usr/lib64/perl5/5.8.8/x86_64-linux-thread-multi/# ln -s /usr/local/rrdtool/lib/perl/5.8.8/RRDp.pm /usr/lib/perl5/5.8.8/# ln -s /usr/local/rrdtool/lib/perl/5.8.8/x86_64-linux-thread-multi/RRDs.pm /usr/lib/perl5/5.8.8/# /usr/local/mailgraph_ext/mailgraph-init start# /var/www/extsuite/extman/daemon/cmdserver --daemon# echo "/usr/local/mailgraph_ext/mailgraph-init start" >> /etc/rc.d/rc.local# echo "/var/www/extsuite/extman/daemon/cmdserver -v-d" >> /etc/rc.d/rc.local添加定时任务:# crontab -e0 4 * * * /var/www/extsuite/extman/tools/expireusers.pl -all postmaster@extmail.org30 4 * * * /var/www/extsuite/extman/tools/reportusage.pl -all /home/domains postmaster@extmail.org |
|
1
2
3
4
5
|
# tar zxf Unix-Syslog-1.0.tar.gz# cd Unix-Syslog-1.0# perl Makefile.PL# make# make install |
|
1
2
|
# /var/www/extsuite/extman/daemon/cmdserver -dloaded ok |
|
1
2
3
|
# setenforce 0# vi /etc/sysconfig/selinuxSELINUX=disabled |
|
1
|
# kill -9 `ps -ef | grep cmdserver | grep -v grep | awk '{print $2}'` |
|
1
2
|
# /var/www/extsuite/extman/daemon/cmdserver --daemonloaded ok |
|
1
2
|
# vi /etc/postfix/main.cfmydestination = |
|
1
2
3
4
|
# chown -R vuser.vgroup /var/maildata/domains/# vi /etc/postfix/main.cfvirtual_uid_maps = static:1000virtual_gid_maps = static:1000 |
######################################################################
http://xuet118.blog.51cto.com/6273201/1192668
http://xuet118.blog.51cto.com/6273201/1192669
postfix+extmail+extman实现虚拟用户邮件系统
如今主流的邮件服务器是基于web管理界面的,既简单又方便管理,下图大致描述了这种形式的邮件服务器的构成和工作原理:
用户通过邮件客户端编写邮件,通过邮件服务器(我们用postfix)把邮件发送出去,发送时需要进行身份验证,这样比较安全,同样,用户通过使用dovecot收件服务器来接收给自己的邮件,邮件未读取时都被放在自己的mailbox里,当用户收件时,需要进行身份验证。并不是说只有本机用户可以进行邮件的收发,邮件服务器通过courier-authlib组件来和mysql数据库连接,从而实现虚拟用户的登录,进行邮件收发,同时,为了方便用户们的发件和管理邮件,我们可以通过apache+extmail+extman实现对邮件的web界面管理,极大提高了邮寄服务器的便捷性。下面就让我们来共同学习一下通过web管理界面实现虚拟用户的邮件收发和注册。
环境:red hat 5.4
搭建步骤:
安装前确保搭建环境符合要求,要安装过一下四个开发工具
#yum grouplist
Development Libraries
Development Tools
Legacy Software Development
X Software Development
安装源码httpd
这里我使用的是httpd-2.4.4(在前面的博客里已经对httpd的源码安装已经有详细介绍,这里只做大概步骤的说明)
tar –jxvf httpd-2.4.4.tar.bz2 –C /usr/local/src/
编译安装需要依赖apr、apr-util、pcre-devel,这里apr、apr-util使用的源码安装,pcre-devel使用的系统光盘镜像
安装apr
tar -zxvf apr-1.4.6.tar.gz
./configure --prefix=/usr/local/apr
Make && make install
安装apr-util
tar -zxvf apr-util-1.4.1.tar.gz
./configure –with-apr=/usr/local/apr/bin/apr-1-config
Make && make install
安装pcre-devel
rpm -ivh /mnt/cdrom/Server/pcre-devel-6.6-2.el5_1.7.i386.rpm
安装httpd
执行make和make install命令,这样就安装完毕了
为了使httpd能够方便的完成启动、关闭、重启功能我们为它编写一个脚本
这样httpd就搭建完成了
Mysql源码搭建(为了方便我们直接用的mysql二进制软件包)
Mysql为二进制软件包,直接解压到/usr/local目录下
Tar –zxvf mysql-5.5.15-linux2.6-i686.tar.gz –C /usr/local/
进入解压后的目录为mysql目录建一个软连接方便打开
# ln -s mysql-5.5.15-linux2.6-i686 mysql
打开INSTALL-BINARY文件,并参考它的安装步骤进行安装
这样就可以使用service对mysql进行直接控制了
为了直接使用mysql进入数据库,去修改/etc/profile文件加入mysql环境配置路径
修改完毕更新profile
# . /etc/profile
为数据库root用户创建密码
# mysqladmin -u root -p password '123456'
接下来设置mysql的库文件和头文件来使其他应用能够找到它
在/etc/ld.so.conf.d目录下创建mysql.conf文件并编辑,写上库文件的路径,编辑完后进行更新
#ldconfig
给头文件建立软连接
# ln -s include /usr/include/mysql
给Root用户一个登录密码
#mysqladmin –u root –p password ‘123456’
启动mysql
Mysql的安装就结束了
配置dns(安装使用yum)
#yum install bind bind-chroot caching-nameserver
切换到/var/named/chroot/etc目录下
并编辑
声明a.com域
#vim /var/named/chroot/etc/named.rfc1912.zones
生成a.com.zone文件
# cd /var/named/chroot/var/named/
# cp -p localhost.zone a.com.zone
并编辑
修改dns指向、修改主机名
# vim /etc/sysconfig/network
# vim /etc/hosts
# vim /etc/resolv.conf(加入以下内容)
重启dns服务,并测试
Dns配置完毕
安装其他所需要的软件包
#yum install openssl-devel dovecot perl-DBD-MySQL tcl tcl-devel libart_lgpl libart_lgpl-devel libtool-ltdl libtool-ltdl-devel expect
安装postfix
按照INSTALL文件的基本步骤来进行配置
# groupadd -g 2525 postfix
# useradd -g postfix -u 2525 -s /sbin/nologin -M postfix
# groupadd -g 2526 postdrop
# useradd -g postdrop -u 2526 -s /bin/false -M postdrop
# tar zxvf postfix-2.6.5.tar.gz
# cd postfix-2.6.5
# make
# make install
Make install之后的选项基本选为默认值
执行/usr/bin/newaliases(生成新的aliases文件来和postfix结合)
为了方便启动postfix,我们使用光盘镜像下的控制脚本,创建一个临时目录
# cp /mnt/cdrom/Server/postfix-2.3.3-2.1.el5_2.i386.rpm ./
拆解rpm包
# rpm2cpio postfix-2.3.3-2.1.el5_2.i386.rpm |cpio –id
在/tmp/abc/etc/rc.d/init.d目录下有一个postfix可执行文件,它就是postfix的控制文件,我们把它拷贝到/etc/init.d目录下即可
现在可以直接用service来控制postfix服务
Postfix正常工作需要我们去更改它的main.cf文件
# vim /etc/postfix/main.cf
更改完毕后重启服务即可,接下来验证
使用root用户给user1发邮件
可以看出user1已收到邮件,postfix没有问题
接下来我们对它做身份验证
# cd /usr/lib/sasl2/
# cp -p Sendmail.conf smtpd.conf
# vim smtpd.conf
开启认证服务
# service saslauthd start
# chkconfig saslauthd on
# vim /etc/postfix/main.cf(在最后一行加入以下认证内容)
重启postfix服务,进行验证
可以看到已经有验证的信息
为使虚拟用户能够登陆邮件服务器,我们需要把邮件服务器和数据库连接起来,cyrus-sasl不能提供这种服务,我们需要安装courier-authlib组件
之后make时会提示说mysql.h和errmsg.h文件找不到,我们需要在authmysqllib.c和authmysql.h文件里把它们的完整路径写在里面
# vim authmysqllib.c
# vim authmysql.h
更改完文件后再make&&make install
接下来
# cp authdaemonrc.dist authdaemonrc
# cp authmysqlrc.dist authmysqlrc
56 MYSQL_PORT 3306
68 MYSQL_DATABASE extmail
83 MYSQL_USER_TABLE mailbox
92 MYSQL_CRYPT_PWFIELD password
105 DEFAULT_DOMAIN a.com
113 MYSQL_UID_FIELD 2525
119 MYSQL_GID_FIELD 2525
128 MYSQL_LOGIN_FIELD username
133 MYSQL_HOME_FIELD concat('/var/mailbox/',homedir)
139 MYSQL_NAME_FIELD name
150 MYSQL_MAILDIR_FIELD concat('/var/mailbox/',maildir)
生成它的控制文件
建立库文件和头文件的链接
# vim /etc/ld.so.conf.d/courier-authlib.conf
加入以下内容
/usr/local/courier-authlib/lib/courier-authlib/
# ldconfig
# ln -s /usr/local/courier-authlib/include/ /usr/include/courier-authlib
让postfix支持虚拟域和虚拟用户
编辑/etc/postfix/main.cf,添加如下内容
============================
接postfix+extmail+extman实现虚拟用户邮件系统
使用extman源码目录下docs目录中的extmail.sql和init.sql建立数据库 # tar -zxvf extman-1.1.tar.gz
# cd extman-1.1/docs
导入数据库之前需要我们对extmail.sql进行更改,extmail.sql中所有含text的行把后面的default ‘’去掉,把TYPE=MyISAM COMMENT='ExtMail - Virtual Mailboxes'删掉,把87行改成can_signup varchar(255),,这是由于mysql版本过高的原因,然后再去导入,就行了
# mysql -u root -p <extmail.sql
# mysql -u root -p <init.sql
# cp mysql* /etc/postfix/
授予用户extmail访问extmail数据库的权限
cp mysql_virtual_* /etc/postfix/
重启postfix服务
编辑/usr/lib/sasl2/smtp.conf文件
重启服务
配置dovecot
创建mailbox
# mkdir /var/mailbox
# chown -R postfix /var/mailbox/
编辑dovecot.conf
创建dovecot和mysql连接时的配置文件
开启dovecot服务
安装extmail
# tar -zxvf extmail-1.2.tar.gz
# mkdir -pv /var/www/extsuite
# mv extmail-1.2 /var/www/extsuite/extmail
# cp /var/www/extsuite/extmail/webmail.cf.default /var/www/extsuite/extmail/webmail.cf
# vim /var/www/extsuite/extmail/webmail.cf
编辑apache的配置文件
# vim /etc/httpd/conf/httpd.conf
修改 cgi执行文件属主为apache运行身份用户
# chown -R postfix.postfix /var/www/extsuite/extmail/cgi/
依赖关系的解决
extmail将会用到perl的Unix::syslogd功能
# tar zxvf Unix-Syslog-0.100.tar.gz
# cd Unix-Syslog-0.100
Make && make install
配置extman
# mv extman-1.1 /var/www/extsuite/extman
# cp /var/www/extsuite/extman/webman.cf.default /var/www/extsuite/extman/webman.cf
# vim /var/www/extsuite/extman/webman.cf
# chown -R postfix.postfix /var/www/extsuite/extman/cgi/
在apache的主配置文件中Extmail的虚拟主机部分,添加如下两行:
ScriptAlias /extman/cgi /var/www/extsuite/extman/cgi
Alias /extman /var/www/extsuite/extman/html
创建其运行时所需的临时目录,并修改其相应的权限
# mkdir -pv /tmp/extman
# chown postfix.postfix /tmp/extman
为保险起见,重启各种服务
整个配置就完成了,我们去测试
在浏览器内输入http://192.168.129.253/extmail
默认管理帐号为:root@extmail.org 密码为:extmail*123*登录:
添加域:
注册新用户
进行发件
http://6320172.blog.51cto.com/6310172/1192219
浙公网安备 33010602011771号