Chinaunix首页 | 论坛 | 博客
  • 博客访问: 164657
  • 博文数量: 37
  • 博客积分: 2218
  • 博客等级: 大尉
  • 技术积分: 315
  • 用 户 组: 普通用户
  • 注册时间: 2010-02-04 23:35
文章分类

全部博文(37)

文章存档

2012年(1)

2011年(5)

2010年(31)

分类: LINUX

2010-04-09 10:31:35

      转自:http://blog.5ilinux.com/archives/2006/05/postfixamavisdn.html

     postfix + cyrus-sasl2 + courier-authlib + Courier-IMAP +postfixadmin

1.安装cyrus-sasl-2.x
删除以前的rpm包以及相关目录
rpm -e --nodeps cyrus-sasl-2.1.10-4 cyrus-sasl-plain-2.1.10-4 cyrus-sasl-md5-2.1.10-4 cyrus-sasl-devel-2.1.10-4
rm -rf /usr/lib/sasl
rm -rf /usr/lib/sasl2

wget  ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/cyrus-sasl-2.1.21.tar.gz

./configure
--enable-plain --enable-cram --enable-digest --enable-login --enable-sql
--disable-anon --disable-ntlm --disable-gssapi --disable-krb4 --disable-otp --disable-srp --disable-srp-setpass
-with-authdaemond=/usr/local/courier-authlib/var/spool/authdaemon/socket 
--with-mysql=/usr/local/mysql --with-mysql-includes=/usr/local/mysql/include/mysql --with-mysql-

libs=/usr/local/mysql/lib/mysql

make
make install

ln -s /usr/local/lib/sasl2 /usr/lib/sasl2

增加"/usr/local/lib"到你的"/etc/ld.so.conf",并执行ldconfig命令。

vi /usr/local/lib/sasl2/smtpd.conf

pwcheck_method: authdaemond
log_level: 3
mech_list: PLAIN LOGIN
authdaemond_path:/usr/local/courier-authlib/var/spool/authdaemon/socket
注意,这个文件的编辑不要多写一个空格,否则会出现smtp验证不过的问题

 
2.编译postfix2.x

wget ftp://postfix.cn99.com/postfix/official/postfix-2.2.10.tar.gz

tar zvxf postfix-2.2.10.tar.gz

下载VDA补丁,使postfix支持磁盘限额
wget

gzip -d  postfix-2.2.10-vda.patch.gz

chkconfig --level 2345 sendmail off

安装postfix之前添加相关的用户&用户组
groupadd postfix -g 1000 
groupadd postdrop
useradd postfix -u 1000 -g postfix -G postdrop
groupadd vmail -g 1001
useradd vmail -u 1001 -g 1001
mkdir /home/mail
chown vmail:vmail /home/mail
chmod -R 771 /home/mail

打补丁
patch -p1 < ../postfix-2.2.10-vda.patch


make tidy

make makefiles 'CCARGS=-DHAS_MYSQL -I/usr/local/mysql/include/mysql -DUSE_SASL_AUTH -I/usr/local/include/sasl' 'AUXLIBS=-

L/usr/local/mysql/lib/mysql -lmysqlclient -lm -lz -L/usr/local/lib -lsasl2'

make
make install


mv /etc/aliases /etc/aliases.old
ln -s /etc/postfix/aliases /etc/aliases
echo 'root: admin@example.com'>>/etc/postfix/aliases
/usr/bin/newaliases

touch /etc/postfix/mysql_virtual_alias_maps.cf
touch /etc/postfix/mysql_virtual_domains_maps.cf
touch /etc/postfix/mysql_virtual_mailbox_maps.cf
touch /etc/postfix/mysql_virtual_limit_maps.cf

vi /etc/postfix/main.cf

myhostname = mail.example.com         # mail.example.com是安装Postfix软件的主机名
mydomain = example.com                # example.com是安装Postfix软件的主机名中的域名部分 
myorigin = $mydomain
mydestination =
alias_maps = hash:/etc/aliases
home_mailbox = Maildir/               # 使用Maildir作为邮件的存储格式


#=====================MySQL=====================
virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_mailbox_base = /home/mail
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf 
virtual_mailbox_limit = 102400000
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_minimum_uid = 1001
virtual_uid_maps = static:1001
virtual_gid_maps = static:1001
virtual_transport = virtual 
#"virtual_gid_maps"和"virtual_uid_maps"是postfix用户的gid和uid, "virtual_minimum_uid"应当≤"virtual_uid_maps",

"virtual_mailbox_limit"是每个邮箱的大小。

#=====================Quota=====================
virtual_create_maildirsize = yes
virtual_mailbox_extended = yes
virtual_mailbox_limit_maps = mysql:/etc/postfix/mysql_virtual_limit_maps.cf
virtual_mailbox_limit_override = yes 
virtual_maildir_limit_message = Sorry, the user's maildir has overdrawn his diskspace quota, please try again later.
virtual_overquota_bounce = yes
#virtual_trash_count=yes
#virtual_trash_name=.Trash

#====================SASL======================
smtpd_recipient_restrictions =
 permit_mynetworks,
 permit_sasl_authenticated,
 reject_non_fqdn_hostname,
 reject_non_fqdn_sender,
 reject_non_fqdn_recipient, 
 reject_unauth_destination,
 reject_unauth_pipelining,
 reject_invalid_hostname
 #reject_rbl_client opm.blitzed.org,
 #reject_rbl_client list.dsbl.org,
 #reject_rbl_client bl.spamcop.net,
 #reject_rbl_client sbl-xbl.spamhaus.org
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname 
smtpd_sasl_security_options = noanonymous 
broken_sasl_auth_clients = yes

#=============================================
mail_owner = postfix
mailq_path = /usr/bin/mailq
manpage_directory = /usr/local/man
newaliases_path = /usr/bin/newaliases
queue_directory = /var/spool/postfix 
readme_directory = no
sample_directory = /etc/postfix
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
unknown_local_recipient_reject_code = 550


编辑cf配置文件

vi /etc/postfix/mysql_virtual_alias_maps.cf

user = postfix
password = postfix
hosts = localhost
dbname = postfix
table = alias
select_field = goto
where_field = address
additional_conditions = AND active = '1'

=================================

vi /etc/postfix/mysql_virtual_domains_maps.cf

user = postfix
password = postfix
hosts = localhost
dbname = postfix
table = domain
select_field = description
where_field = domain
additional_conditions = AND active = '1'

=================================

vi /etc/postfix/mysql_virtual_mailbox_maps.cf

user = postfix
password = postfix
hosts = localhost
dbname = postfix
table = mailbox
select_field = maildir
where_field = username
additional_conditions = AND active = '1'

=================================

vi /etc/postfix/mysql_virtual_limit_maps.cf

user = postfix
password = postfix
hosts = localhost
dbname = postfix
table = mailbox
select_field = quota
where_field = username
additional_conditions = AND active = '1'


启动和挺直postfix服务
/usr/sbin/postfix start
/usr/sbin/postfix stop

3.编译courier-authlib

wget

tar jvxf courier-authlib-0.58.tar.bz2

./configure
--prefix=/usr/local/courier-authlib --without-stdheaderdir
--without-authuserdb --without-authpam --without-authldap --without-authpwd --without-authshadow --without-authvchkpw --without-authpgsql --without-authcustom
--with-authmysql --with-mysql-libs=/usr/local/mysql/lib/mysql --with-mysql-includes=/usr/local/mysql/include/mysql 
--with-redhat

一个关键点:

如果courier-authlib安装到非标准位置(例如安装到/usr/local下),一定记得在./configure时增加--without-stdheaderdir,这样以后在编译Courier-IMAP和maildrop的时候,不用特别指定courier-authlib的库文件位置


make
make install
make install-configure

增加"/usr/local/courier-authlib/lib/courier-authlib"到你的"/etc/ld.so.conf",并执行ldconfig命令。
chmod +x /usr/local/courier-authlib/var/spool/authdaemon

vi /usr/local/courier-authlib/etc/authlib/authdaemonrc    可以不修改
authmodulelist="authmysql"
authmodulelistorig="authmysql"
daemons=10

vi /usr/local/courier-authlib/etc/authlib/authmysqlrc


MYSQL_SERVER localhost
MYSQL_USERNAME postfix
MYSQL_PASSWORD yourpassword

MYSQL_SOCKET /tmp/mysql.sock

MYSQL_DATABASE postfix
MYSQL_USER_TABLE mailbox

MYSQL_CRYPT_PWFIELD password

MYSQL_UID_FIELD 1001
MYSQL_GID_FIELD 1001

MYSQL_LOGIN_FIELD username
MYSQL_HOME_FIELD '/home/mail/' #设置postfix存储邮件的目录
MYSQL_NAME_FIELD name

MYSQL_MAILDIR_FIELD maildir
MYSQL_QUOTA_FIELD quota
MYSQL_WHERE_CLAUSE active='1'

启动courier-authlib
/usr/local/courier-authlib/sbin/authdaemond start


4.编译安装安装Courier-IMAP

wget
tar jvxf courier-imap-4.1.0.tar.bz2

./configure --prefix=/usr/local/courier-imap --with-redhat --enable-unicode --disable-root-check --with-trashquota --without

-ipv6 CPPFLAGS='-I/usr/local/courier-authlib/include' COURIERAUTHCONFIG='/usr/local/courier-authlib/bin/courierauthconfig'

CPPFLAGS='-I/usr/local/courier-authlib/include'    如果编译courier-authlib没有安装在默认路径,必须指定这个,如果之前编译courier-authlib加了--without-stdheaderdir,就不需要指定了

make

make install


cp /usr/local/courier-imap/etc/imapd.dist /usr/local/courier-imap/etc/imapd
cp /usr/local/courier-imap/etc/imapd-ssl.dist /usr/local/courier-imap/etc/imapd-ssl
cp /usr/local/courier-imap/etc/pop3d.dist /usr/local/courier-imap/etc/pop3d 
cp /usr/local/courier-imap/etc/pop3d-ssl.dist /usr/local/courier-imap/etc/pop3d-ssl

 配置Courier-IMAP,为用户提供pop3服务:
vi /usr/local/courier-imap/etc/pop3d
POP3DSTART=yes
 注:如果你想为用户提供IMAP服务,可以在"/usr/local/courier-imap/etc/imapd"文件中设置"IMAPDSTART=yes"。

cp courier-imap.sysvinit /etc/rc.d/init.d/imapd
chmod 755 /etc/rc.d/init.d/imapd
chkconfig --add imapd


5.编译安装postfixadmin

wget

tar -zxvf postfixadmin-2.1.0.tgz

把解压的目录改名拷贝到默认的web目录下,比如 /var/www

cd /var/www/postfixadmin

$ chmod 640 *.php *.css
$ cd /var/www/postfixadmin/admin
$ chmod 640 *.php .ht*
$ cd /var/www/postfixadmin/images/
$ chmod 640 *.gif *.png
$ cd /var/www/postfixadmin/languages/
$ chmod 640 *.lang
$ cd /var/www/postfixadmin/templates/
$ chmod 640 *.tpl
$ cd /var/www/postfixadmin/users/
$ chmod 640 *.php

导入数据库

mysql -uroot -p  < DATABASE_MYSQL.TXT

访问:
http://域名/postfixadmin/

 


6.FAQ:
1.出现authentication error: Input/output error错误的时候
估计是查询mysql时,authdaemond出错了。具体要打开authdaemonrc里的:

DEBUG_LOGIN=2    原来默认是0

然后看看/var/log/message或/var/log/maillog 在认证失败时有什么提示。根据提示去检查问题到底出在哪儿


2.warning: SASL authentication failure: cannot connect to Courier authdaemond: Permission denied
检查 authdaemond的socket所在目录及其父目录的属性是否对smtpd可读。如果不可读则出现这个问题(permission的问题)。

3.warning: SASL authentication failure: cannot connect to Courier authdaemond: No such file or directory
检查/usr/local/lib/sasl2/smtpd.conf,看看是否有多写一个空格,一般空格很难直观的发现
阅读(3833) | 评论(0) | 转发(0) |
给主人留下些什么吧!~~