RedHAT 4+Postfix+dovecot+SASL+Apache+Openwebmail 完全安装配置与测试实际演练
1、安装Postfix
[root@shanghai RPMS]# rpm -ivh postfix-2.2.10-1.2.1.el4_7.i386.rpm
warning: postfix-2.2.10-1.2.1.el4_7.i386.rpm: V3 DSA signature: NOKEY, key ID db42a60e
Preparing... ########################################### [100%]
1:postfix ########################################### [100%]
postfix: warning: My hostname shanghai is not a fully qualified name - set myhostname or mydomain in
/etc/postfix/main.cf
postfix: fatal: config variable inet_interfaces: host not found: localhost
2、进入到/etc/init.d目录启动Postfix服务
[root@shanghai init.d]# ./postfix start
Starting postfix: [ OK ]
[root@shanghai init.d]# ./postfix start
Starting postfix: [FAILED]
是由于配置文件的问题
inet_interfaces = all
#inet_interfaces = $myhostname
#inet_interfaces = $myhostname, localhost
#inet_interfaces = localhost ---把这个注释掉即可成功启动
3、查看系统是否有安装dovecot软件包,若没有则安装,可考虑从自带的ISO镜像盘装,也可去google搜一下
个人认为像这些老外开发的软件去google搜比较容易找到
[root@shanghai init.d]# rpm -qa|grep dovecot
dovecot-0.99.11-9.EL4
4、进入到/etc/init.d目录启动dovecot服务
[root@shanghai init.d]# ./dovecot start
Starting Dovecot Imap: [ OK ]
5、进入到/etc目录修改dovecot.conf文件
[root@shanghai etc]# vi dovecot.conf
# Protocols we want to be serving:
# imap imaps pop3 pop3s
#protocols = imap imap3
更改为:
protocols = imap imap3 pop3 pop3s
[root@shanghai init.d]# ./dovecot restart
Stopping Dovecot Imap: [ OK ]
Starting Dovecot Imap: Fatal: Unknown protocol imap3 ---启动失败是因为不支持imap3的协议,取消掉即
可
[FAILED]
把protocols = imap pop3 pop3s的imap3去掉即可启来
[root@shanghai init.d]# ./dovecot start
Starting Dovecot Imap: [ OK ]
6、进入到/etc/postfix目录下对main.cf文件进行修改
# other configuration parameters.
#
#myhostname = host.domain.tld 8%的地方
更改为:
myhostname = mail.test.com (指定运行Postfix邮件系统的主机名称)
#myhostname = virtual.domain.tld
# parameters.
#
#mydomain = domain.tld 8%的地方
更改为:
mydomain = test.com (指定Postfix邮件系统使用的域名比例: test.com)
# to recipient addresses that have no @domain part.
#
#myorigin = $myhostname
#myorigin = $mydomain 10%的地方
更改为:
myorigin = test.com (指定发件人所在的域名比例:test.com)
# RECEIVING MAIL
# Note: you need to stop/start Postfix when this parameter changes.
#
#inet_interfaces = all 12%的地方
更改为:
inet_interfaces = all (指定Postfix邮件系统监视的网络接口)
#mydestination = $myhostname, localhost.$mydomain, localhost
#mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
#mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain, mail.$mydomain, ,
更改为: 22%的地方
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain,
mail.$mydomain, ,
# REJECTING MAIL FOR UNKNOWN LOCAL USERS
#mynetworks_style = class
#mynetworks_style = subnet
#mynetworks_style = host 33%的地方
更改为:
mynetworks_style = host
7、端口25测试
[root@shanghai init.d]# telnet mail.test.com 25
Trying 192.168.1.106...
Connected to mail.test.com (192.168.1.106).
Escape character is '^]'.
220 mail.test.com ESMTP Postfix
quit
221 Bye
Connection closed by foreign host.
[root@shanghai init.d]#
8、启动 apache
[root@shanghai init.d]# service httpd start
Starting httpd: httpd: Could not determine the server's fully qualified domain name, using 192.168.1.106 for
ServerName
[ OK ]
[root@shanghai init.d]#
9、安装openwebmail前需要安装如下软件,且这三个软件都是自带ISO里的
[root@shanghai RPMS]# ls -l perl-suidperl*
-r--r--r-- 73 root root 113911 Apr 3 00:40 perl-suidperl-5.8.5-49.el4.i386.rpm
[root@shanghai RPMS]# ls -l perl-Compress*
-r--r--r-- 204 root root 55299 Jul 13 2007 perl-Compress-Zlib-1.42-1.el4.i386.rpm
[root@shanghai RPMS]# ls -l perl*
-r--r--r-- 73 root root 12360272 Apr 3 00:40 perl-5.8.5-49.el4.i386.rpm
以下两个软件需要在google里搜到
[root@shanghai RPMS]# ls -l perl-Text*
ls: perl-Text*: No such file or directory
[root@shanghai RPMS]# ls -l perl-CGI*
ls: perl-CGI*: No such file or directory
[root@shanghai RPMS]# rpm -ivh perl-suidperl-5.8.5-49.el4.i386.rpm
warning: perl-suidperl-5.8.5-49.el4.i386.rpm: V3 DSA signature: NOKEY, key ID db42a60e
Preparing... ########################################### [100%]
1:perl-suidperl ########################################### [100%]
[root@shanghai RPMS]# rpm -ivh perl-Compress-Zlib-1.42-1.el4.i386.rpm
warning: perl-Compress-Zlib-1.42-1.el4.i386.rpm: V3 DSA signature: NOKEY, key ID db42a60e
Preparing... ########################################### [100%]
package perl-Compress-Zlib-1.42-1.el4 is already installed
[root@shanghai RPMS]# rpm -ivh perl-5.8.5-49.el4.i386.rpm
warning: perl-5.8.5-49.el4.i386.rpm: V3 DSA signature: NOKEY, key ID db42a60e
Preparing... ########################################### [100%]
package perl-5.8.5-49.el4 is already installed
[root@shanghai bk]# rpm -ivh perl-CGI-SpeedyCGI-2.22-1.2.el4.rf.i386.rpm
warning: perl-CGI-SpeedyCGI-2.22-1.2.el4.rf.i386.rpm: V3 DSA signature: NOKEY, key ID 6b8d79e6
Preparing... ########################################### [100%]
1:perl-CGI-SpeedyCGI ########################################### [100%]
[root@shanghai bk]# rpm -ivh perl-Text-Iconv-1.4-1.2.el4.rf.i386.rpm
warning: perl-Text-Iconv-1.4-1.2.el4.rf.i386.rpm: V3 DSA signature: NOKEY, key ID 6b8d79e6
Preparing... ########################################### [100%]
1:perl-Text-Iconv ########################################### [100%]
[root@shanghai bk]#
[root@shanghai bk]# rpm -ivh openwebmail-2.51-1.i386.rpm
warning: openwebmail-2.51-1.i386.rpm: V3 DSA signature: NOKEY, key ID cfb164d8
Preparing... ########################################### [100%]
1:openwebmail ########################################### [100%]
You may login with non-root account from
[root@shanghai bk]# cd /var/www/cgi-bin/openwebmail/
[root@shanghai openwebmail]# ls
auth openwebmail-main.pl openwebmail-vdomain.pl
etc openwebmail.pl openwebmail-viewatt.pl
misc openwebmail-prefs.pl openwebmail-webdisk.pl
modules openwebmail-read.pl preload.pl
openwebmail-abook.pl openwebmail-saprefs.pl quota
openwebmail-advsearch.pl openwebmail-send.pl shares
openwebmail-cal.pl openwebmail-spell.pl userstat.pl
openwebmail-folder.pl openwebmail-tool.pl vacation.pl
[root@shanghai openwebmail]# ./openwebmail --init --第一次自己装的时候执行到这步就任何反应,所以就往下执行
Please change './etc/dbm.conf' from
dbm_ext .db
dbmopen_ext none
dbmopen_haslock no
to
dbm_ext .db
dbmopen_ext .db
dbmopen_haslock no
And execute './openwebmail-tool.pl --init' again!
ps: If you are running openwebmail in persistent mode,
don't forget to 'touch openwebmail*.pl', so speedycgi
will reload all scripts, modules and conf files in --init.
理论上执行了上述命令后会出现以上信息,但我这次没出现,先不管它
10、修改 /var/www/cgi-bin/openwebmail/etc/openwebmail.conf 文件:
# To set options on per user basis, please put them in users.conf/username
#
releasedate 20050228
domainnames auto
更改为:
domainnames test.com (更改为自己定义的域名)
# Personal Information
default_language en 21%的地方
更改为:
default_language zh_CN.GB2312
default_timeoffset auto
# Display Preference
default_style Default
default_iconset Cool3D.Englist 34%的地方
更改为:
default_iconset Cool3D.Chinese.Simplified
11、修改/var/www/cgi-bin/openwebmail/etc/defaults/openwebmail.conf文件:
# host dependent configuration
##############################################################################
domainnames auto
smtpserver 127.0.0.1 6%的地方
更改为:
smtpserver 192.168.1.106 (更改smtp服务器的地址)
pop3_usessl_by_default no
authpop3_server localhost 49%的地方
更改为:
authpop3_server 192.168.1.106
authpop3_port 110
12、修改/var/www/cgi-bin/openwebmail/etc/defaults/dbm.conf文件:
dbmopen_ext none
更改为:
dbm_ext .db
dbmopen_ext .db
dbmopen_haslock no
更改为:
dbmopen_haslock yes
smtpserver 192.168.1.106 (添加smtp服务器的地址)
最好将dbm.conf拷贝一份到/var/www/cgi-bin/openwebmail/etc目录下
13、再次执行命令并解决问题
[root@shanghai openwebmail]# ./openwebmail-tool.pl --init
[root@shanghai openwebmail]# ls
在这里仍然没出来所需要的界面,需要修改如下地方:
[root@shanghai openwebmail]# more /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - SELinux is fully disabled.
SELINUX=disabled ---修改成disabled,原来是enforcing
重新再执行上面命令
[root@shanghai openwebmail]# ./openwebmail-tool.pl --init
creating db /var/www/cgi-bin/openwebmail/etc/maps/b2g ...done.
creating db /var/www/cgi-bin/openwebmail/etc/maps/g2b ...done.
creating db /var/www/cgi-bin/openwebmail/etc/maps/lunar ...done.
Welcome to the Open WebMail!
This program is going to send a short message back to the developer,
so we could have the idea that who is installing and how many sites are
using this software, the content to be sent is:
OS: Linux 2.6.9-89.ELsmp i686
Perl: 5.008005
WebMail: Open WebMail 2.51 20050228
Send the site report?(Y/n)
sending report...
Thank you.
# SELINUXTYPE= type of policy in use. Possible values are:
# targeted - Only targeted network daemons are protected.
# strict - Full SELinux protection.
SELINUXTYPE=targeted
14、用IE访问,即可看到成功打开openwebmail的登陆界面
15、增加限制用户发送电子邮件的权限
Fandy:不受发送限制(可以无限制的发送和接收Internal、internet的电子邮件)
Yer、Biao:受到发送限制(只可以发送和接收Internal内的电子邮件);
[root@shanghai ~]# useradd fandy
[root@shanghai ~]# useradd yer
[root@shanghai ~]# useradd biao
[root@shanghai ~]# passwd yer
Changing password for user yer.
New UNIX password:
BAD PASSWORD: it is too simplistic/systematic
Retype new UNIX password:
passwd: all authentication tokens updated successfully.
[root@shanghai ~]# passwd fandy
Changing password for user fandy.
New UNIX password:
BAD PASSWORD: it is too simplistic/systematic
Retype new UNIX password:
passwd: all authentication tokens updated successfully.
[root@shanghai ~]# passwd biao
Changing password for user biao.
New UNIX password:
BAD PASSWORD: it is too simplistic/systematic
Retype new UNIX password:
passwd: all authentication tokens updated successfully.
[root@shanghai ~]#
16、在main.cf文件中增加以下的代码:
[root@shanghai etc]# vi /etc/postfix/main.cf
# restrictions
smtpd_restriction_classes = local_only
local_only = check_recipient_access hash:/etc/postfix/local_domains, reject
smtpd_recipient_restrictions =check_sender_access
hash:/etc/postfix/local_senderspermit_mynetworks,permit_sasl_authenticated,reject_non_fqdn_sender,reject_non_fqdn_
recipient,reject_unauth_destination,reject_unauth_pipelining,reject_invalid_hostname
[root@shanghai postfix]# vi local_senders
local_only
local_only
~
[root@shanghai postfix]# vi local_domains
test.com OK
mail.test.com OK
为local_senders、local_domains两个文件建立hash:
[root@shanghai postfix]# postmap hash:/etc/postfix/local_senders
[root@shanghai postfix]# postmap hash:/etc/postfix/local_domains
[root@shanghai postfix]#
当和两个用户向其它域发送邮件时会出现以下的
错误信息:
554 5.7.1 <>: Sender address rejected: Access denied
554 5.7.1 <>: Sender address rejected: Access denied
17、测试webmail方式收发邮件
18、网络配置
[root@shanghai network-scripts]# vi ifcfg-eth0
DEVICE=eth0
BOOTPROTO=static
HWADDR=00:0C:29:B9:04:E4
ONBOOT=yes
TYPE=Ethernet
DHCP_HOSTNAME=localhost.localdomain
IPADDR=192.168.1.106
NETMAST=255.255.255.0
NETWORK=192.168.1.0
BROADCAST=192.168.1.255
GATEWAY=192.168.1.254
[root@shanghai network-scripts]# more /etc/resolv.conf
#search test.com
nameserver 192.168.1.106
nameserver 202.96.209.6
[root@shanghai network-scripts]#
这样的话,就可以通过这台虚拟机ping (外)和ping (内)
使用fandy发邮件到, 这个时候caowei可以收到所发的邮件
