转自:http://blog.5ilinux.com/archives/2006/05/postfixamavisdn.html
postfix + cyrus-sasl2 + courier-authlib + Courier-IMAP +postfixadmin
1.安装cyrus-sasl-2.x
删除以前的rpm包以及相关目录
rpm -e --nodeps cyrus-sasl-2.1.10-4 cyrus-sasl-plain-2.1.10-4 cyrus-sasl-md5-2.1.10-4 cyrus-sasl-devel-2.1.10-4
rm -rf /usr/lib/sasl
rm -rf /usr/lib/sasl2
wget ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/cyrus-sasl-2.1.21.tar.gz
./configure
--enable-plain --enable-cram --enable-digest --enable-login --enable-sql
--disable-anon --disable-ntlm --disable-gssapi --disable-krb4 --disable-otp --disable-srp --disable-srp-setpass
-with-authdaemond=/usr/local/courier-authlib/var/spool/authdaemon/socket
--with-mysql=/usr/local/mysql --with-mysql-includes=/usr/local/mysql/include/mysql --with-mysql-
libs=/usr/local/mysql/lib/mysql
make
make install
ln -s /usr/local/lib/sasl2 /usr/lib/sasl2
增加"/usr/local/lib"到你的"/etc/ld.so.conf",并执行ldconfig命令。
vi /usr/local/lib/sasl2/smtpd.conf
pwcheck_method: authdaemond
log_level: 3
mech_list: PLAIN LOGIN
authdaemond_path:/usr/local/courier-authlib/var/spool/authdaemon/socket
注意,这个文件的编辑不要多写一个空格,否则会出现smtp验证不过的问题
2.编译postfix2.x
wget ftp://postfix.cn99.com/postfix/official/postfix-2.2.10.tar.gz
tar zvxf postfix-2.2.10.tar.gz
下载VDA补丁,使postfix支持磁盘限额
wget
gzip -d postfix-2.2.10-vda.patch.gz
chkconfig --level 2345 sendmail off
安装postfix之前添加相关的用户&用户组
groupadd postfix -g 1000
groupadd postdrop
useradd postfix -u 1000 -g postfix -G postdrop
groupadd vmail -g 1001
useradd vmail -u 1001 -g 1001
mkdir /home/mail
chown vmail:vmail /home/mail
chmod -R 771 /home/mail
打补丁
patch -p1 < ../postfix-2.2.10-vda.patch
make tidy
make makefiles 'CCARGS=-DHAS_MYSQL -I/usr/local/mysql/include/mysql -DUSE_SASL_AUTH -I/usr/local/include/sasl' 'AUXLIBS=-
L/usr/local/mysql/lib/mysql -lmysqlclient -lm -lz -L/usr/local/lib -lsasl2'
make
make install
mv /etc/aliases /etc/aliases.old
ln -s /etc/postfix/aliases /etc/aliases
echo 'root: admin@example.com'>>/etc/postfix/aliases
/usr/bin/newaliases
touch /etc/postfix/mysql_virtual_alias_maps.cf
touch /etc/postfix/mysql_virtual_domains_maps.cf
touch /etc/postfix/mysql_virtual_mailbox_maps.cf
touch /etc/postfix/mysql_virtual_limit_maps.cf
vi /etc/postfix/main.cf
myhostname = mail.example.com # mail.example.com是安装Postfix软件的主机名
mydomain = example.com # example.com是安装Postfix软件的主机名中的域名部分
myorigin = $mydomain
mydestination =
alias_maps = hash:/etc/aliases
home_mailbox = Maildir/ # 使用Maildir作为邮件的存储格式
#=====================MySQL=====================
virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_mailbox_base = /home/mail
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_limit = 102400000
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_minimum_uid = 1001
virtual_uid_maps = static:1001
virtual_gid_maps = static:1001
virtual_transport = virtual
#"virtual_gid_maps"和"virtual_uid_maps"是postfix用户的gid和uid, "virtual_minimum_uid"应当≤"virtual_uid_maps",
"virtual_mailbox_limit"是每个邮箱的大小。
#=====================Quota=====================
virtual_create_maildirsize = yes
virtual_mailbox_extended = yes
virtual_mailbox_limit_maps = mysql:/etc/postfix/mysql_virtual_limit_maps.cf
virtual_mailbox_limit_override = yes
virtual_maildir_limit_message = Sorry, the user's maildir has overdrawn his diskspace quota, please try again later.
virtual_overquota_bounce = yes
#virtual_trash_count=yes
#virtual_trash_name=.Trash
#====================SASL======================
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_non_fqdn_hostname,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unauth_destination,
reject_unauth_pipelining,
reject_invalid_hostname
#reject_rbl_client opm.blitzed.org,
#reject_rbl_client list.dsbl.org,
#reject_rbl_client bl.spamcop.net,
#reject_rbl_client sbl-xbl.spamhaus.org
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
#=============================================
mail_owner = postfix
mailq_path = /usr/bin/mailq
manpage_directory = /usr/local/man
newaliases_path = /usr/bin/newaliases
queue_directory = /var/spool/postfix
readme_directory = no
sample_directory = /etc/postfix
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
unknown_local_recipient_reject_code = 550
编辑cf配置文件
vi /etc/postfix/mysql_virtual_alias_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
table = alias
select_field = goto
where_field = address
additional_conditions = AND active = '1'
=================================
vi /etc/postfix/mysql_virtual_domains_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
table = domain
select_field = description
where_field = domain
additional_conditions = AND active = '1'
=================================
vi /etc/postfix/mysql_virtual_mailbox_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
table = mailbox
select_field = maildir
where_field = username
additional_conditions = AND active = '1'
=================================
vi /etc/postfix/mysql_virtual_limit_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
table = mailbox
select_field = quota
where_field = username
additional_conditions = AND active = '1'
启动和挺直postfix服务
/usr/sbin/postfix start
/usr/sbin/postfix stop
3.编译courier-authlib
wget
tar jvxf courier-authlib-0.58.tar.bz2
./configure
--prefix=/usr/local/courier-authlib --without-stdheaderdir
--without-authuserdb --without-authpam --without-authldap --without-authpwd --without-authshadow --without-authvchkpw --without-authpgsql --without-authcustom
--with-authmysql --with-mysql-libs=/usr/local/mysql/lib/mysql --with-mysql-includes=/usr/local/mysql/include/mysql
--with-redhat
一个关键点:
如果courier-authlib安装到非标准位置(例如安装到/usr/local下),一定记得在./configure时增加--without-stdheaderdir,这样以后在编译Courier-IMAP和maildrop的时候,不用特别指定courier-authlib的库文件位置
make
make install
make install-configure
增加"/usr/local/courier-authlib/lib/courier-authlib"到你的"/etc/ld.so.conf",并执行ldconfig命令。
chmod +x /usr/local/courier-authlib/var/spool/authdaemon
vi /usr/local/courier-authlib/etc/authlib/authdaemonrc 可以不修改
authmodulelist="authmysql"
authmodulelistorig="authmysql"
daemons=10
vi /usr/local/courier-authlib/etc/authlib/authmysqlrc
MYSQL_SERVER localhost
MYSQL_USERNAME postfix
MYSQL_PASSWORD yourpassword
MYSQL_SOCKET /tmp/mysql.sock
MYSQL_DATABASE postfix
MYSQL_USER_TABLE mailbox
MYSQL_CRYPT_PWFIELD password
MYSQL_UID_FIELD 1001
MYSQL_GID_FIELD 1001
MYSQL_LOGIN_FIELD username
MYSQL_HOME_FIELD '/home/mail/' #设置postfix存储邮件的目录
MYSQL_NAME_FIELD name
MYSQL_MAILDIR_FIELD maildir
MYSQL_QUOTA_FIELD quota
MYSQL_WHERE_CLAUSE active='1'
启动courier-authlib
/usr/local/courier-authlib/sbin/authdaemond start
4.编译安装安装Courier-IMAP
wget
tar jvxf courier-imap-4.1.0.tar.bz2
./configure --prefix=/usr/local/courier-imap --with-redhat --enable-unicode --disable-root-check --with-trashquota --without
-ipv6 CPPFLAGS='-I/usr/local/courier-authlib/include' COURIERAUTHCONFIG='/usr/local/courier-authlib/bin/courierauthconfig'
CPPFLAGS='-I/usr/local/courier-authlib/include' 如果编译courier-authlib没有安装在默认路径,必须指定这个,如果之前编译courier-authlib加了--without-stdheaderdir,就不需要指定了
make
make install
cp /usr/local/courier-imap/etc/imapd.dist /usr/local/courier-imap/etc/imapd
cp /usr/local/courier-imap/etc/imapd-ssl.dist /usr/local/courier-imap/etc/imapd-ssl
cp /usr/local/courier-imap/etc/pop3d.dist /usr/local/courier-imap/etc/pop3d
cp /usr/local/courier-imap/etc/pop3d-ssl.dist /usr/local/courier-imap/etc/pop3d-ssl
配置Courier-IMAP,为用户提供pop3服务:
vi /usr/local/courier-imap/etc/pop3d
POP3DSTART=yes
注:如果你想为用户提供IMAP服务,可以在"/usr/local/courier-imap/etc/imapd"文件中设置"IMAPDSTART=yes"。
cp courier-imap.sysvinit /etc/rc.d/init.d/imapd
chmod 755 /etc/rc.d/init.d/imapd
chkconfig --add imapd
5.编译安装postfixadmin
wget
tar -zxvf postfixadmin-2.1.0.tgz
把解压的目录改名拷贝到默认的web目录下,比如 /var/www
cd /var/www/postfixadmin
$ chmod 640 *.php *.css
$ cd /var/www/postfixadmin/admin
$ chmod 640 *.php .ht*
$ cd /var/www/postfixadmin/images/
$ chmod 640 *.gif *.png
$ cd /var/www/postfixadmin/languages/
$ chmod 640 *.lang
$ cd /var/www/postfixadmin/templates/
$ chmod 640 *.tpl
$ cd /var/www/postfixadmin/users/
$ chmod 640 *.php
导入数据库
mysql -uroot -p < DATABASE_MYSQL.TXT
访问:
http://域名/postfixadmin/
6.FAQ:
1.出现authentication error: Input/output error错误的时候
估计是查询mysql时,authdaemond出错了。具体要打开authdaemonrc里的:
DEBUG_LOGIN=2 原来默认是0
然后看看/var/log/message或/var/log/maillog 在认证失败时有什么提示。根据提示去检查问题到底出在哪儿
2.warning: SASL authentication failure: cannot connect to Courier authdaemond: Permission denied
检查 authdaemond的socket所在目录及其父目录的属性是否对smtpd可读。如果不可读则出现这个问题(permission的问题)。
3.warning: SASL authentication failure: cannot connect to Courier authdaemond: No such file or directory
检查/usr/local/lib/sasl2/smtpd.conf,看看是否有多写一个空格,一般空格很难直观的发现