分类: LINUX
2012-03-21 09:52:49
前言
本系统基于Red Hat Enterprise Linux 5.6(rhel5.6)
Centos 5.6类似。文章中提到的软件全部由RPM包安装,简单上手。
系统基本功能:邮件收发,发信SMTP认证(这个认证我是基于dovecot做得,而没有用cyrus-sasl),postfix和dovecot都做了ssl,但是文中没有具体提到怎么制作证书。
实现过程中参考:
互联网运行技术—田逸
基于postfix邮件系统安装手册—zhoulijun(2011年1月)
postfix+dovecot+mysql+postfixadmin+apache+php
本文实验前做了DNS,解析example.com域,对于本实验必须要做MX记录,查询mx记录方法如下
安装postfixadmin
首先安装mysql
主要是mysql,mysql-devel,mysql-server,
启动mysql,边检查是否启动
创建邮件数据库,及相关账号密码
数据库postfix,用户postfixuser,密码password
quit退出数据库管理
安装php
安装完成以后重启apache
安装postfixadmin
[root@localhost~]# wget
修改config.inc.php以下四项(主要是这四项,如出现问题,请下载其他版本,并参考网上其他方法搭建postfixadmin),与你设置的数据库对应
$CONF['database_user'] = 'postfixuser';
$CONF['database_password'] = 'password';
$CONF['database_name'] = 'postfix';
$CONF['configured'] = true;
配置Postfix MTA
首先检查sendmail,rhel5默认自带sendmail,必须关闭或者卸载
关闭:
Netstat –tlupn | grep sendmail
/etc/init.d/sendmail stop
或者卸载:
rpm –e –nodeps sendmail
rhel5自带postfix不支持mysql,必须下载源码包重新编译
(参考)
下载src.rpm的包并安装
下载和src.rpm主版本一致的VDA patch包并解压
修改postfix.spec文件添加mysql支持
%define MYSQL 0
改成
%define MYSQL 1
在# Patches这个段的后面追加
Patch11: postfix-2.3.3-vda.patch
在# Apply obligatory patches这个段后面追加
%patch11 -p1 -b .vda
用rpmbuild生成rpm包,这个地方可能会依赖一些开发包,直接yum安装即可。
rpm包已经生成了,安装查看是否支持mysql
编辑main.cf,完整内容如下:
[root@localhost postfix]# postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
debug_peer_level = 2
disable_vrfy_command = yes
home_mailbox = Maildir/
html_directory = no
inet_interfaces = all
mail_name = on WinWebMail [3.8.0.1] ready.
mail_owner = postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
mydestination = $myhostname, localhost.$mydomain, localhost
myhostname = mail.example.com
mynetworks = 0.0.0.0/0
newaliases_path = /usr/bin/newaliases.postfix
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES
sample_directory = /usr/share/doc/postfix-2.3.3/samples
sendmail_path = /usr/sbin/sendmail.postfix
smtpd_banner = ESMTP $mail_name
smtpd_delay_reject = no
smtpd_recipient_restrictions = permit_sasl_authenticated, reject_unauth_destination, reject_unknown_recipient_domain, reject_non_fqdn_recipient
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_sender_login_maps = mysql:/etc/postfix/mysql_virtual_sender_maps.cf
smtpd_sender_restrictions = reject_authenticated_sender_login_mismatch
smtpd_tls_CAfile = /etc/postfix/cacert.pem
smtpd_tls_cert_file = /etc/postfix/mail_signed_cert.pem
smtpd_tls_key_file = /etc/postfix/postfix_mailkey.pem
smtpd_use_tls = yes
unknown_local_recipient_reject_code = 550
virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_gid_maps = static:5000
virtual_mailbox_base = /var/vmta
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_transport = dovecot
virtual_uid_maps = static:5000
message_size_limit = 51200000 (限制单封邮件发送大小为50M)
mysql_virtual_sender_maps.cf内容如下:
user = postfixuser
password = password
hosts = 127.0.0.1
dbname = postfix
table = mailbox
query = SELECT username FROM mailbox WHERE username='%S'
mysql_virtual_alias_maps.cf内容如下:
user = postfixuser
password = password
hosts = 127.0.0.1
dbname = postfix
table = alias
select_field = goto
where_field = address
mysql_virtual_domains_maps.cf内容如下:
user = postfixuser
password = postfixmysql
hosts = 127.0.0.1
dbname = postfix
table = domain
select_field = domain
where_field = domain
mysql_virtual_mailbox_maps.cf内容如下:
user = postfixuser
password = password
hosts = 127.0.0.1
dbname = postfix
table = mailbox
select_field = maildir
where_field = username
配置/etc/postfix/master.conf,添加以下内容
dovecot unix - n n - - pipe
flags=DRhu user=vmta:vmta argv=/usr/libexec/dovecot/deliver -d ${recipient}
安装配置dovecot
下载dovecot src包dovecot-1.0.7-7.src.rpm
修改dovecot文件
将45行改成如下内容
BuildRequires: cyrus-sasl-devel openldap-level
若不需要支持openldap可去掉openldap-level
若提示安装其他包,按有求安装即可
安装完后修改dovecot配置文件
修改20行
protocols = imap imaps pop3 pop3s
修改45行
disable_plaintext_auth = no
修改61行
log_path = /var/log/dovecot.log
修改65行
info_log_path = /var/log/dovecot-info.log
修改69行
log_timestamp = "%Y-%m-%d %H %M %S "
修改86行ssl这里可以不改)
ssl_disable = no
修改93行(dovecot.pem制作请百度openssl生成认证的方法,这里不做赘述。如果不需要ssl这里可以不改)
ssl_cert_file = /etc/pki/tls/certs/dovecot.pem
ssl_key_file = /etc/pki/tls/private/dovecot.pem
修改119行(如果不需要ssl这里可以不改)
verbose_ssl = yes
修改212行
mail_location = maildir:/var/vmta/%u
修改279行
mail_debug = yes
修改328行
first_valid_uid = 5000
修改530行
mail_plugins = quota imap_quota
修改637行
mail_plugins = quota
修改665行
mail_plugins = quota
修改672行
auth_socket_path = /var/run/dovecot/auth-master
修改704行
auth_default_realm = example.com
修改736行
auth_verbose = yes
修改740行
auth_debug = yes
修改744行
auth_debug_passwords = yes
修改763行
mechanisms = plain login
修改870至873行
passdb sql {
args = /etc/dovecot-mysql.conf
}
修改931至934行
userdb sql {
args = /etc/dovecot-mysql.conf
}
修改951至952行
userdb prefetch {
}
修改979至999行
9 socket listen {
980 master {
984 path = /var/run/dovecot/auth-master
985 mode = 0600
987 user = vmta
988 group = vmta
989 }
990 client {
994 path = /var/spool/postfix/private/auth
995 mode = 0660
996 user = postfix
997 group = postfix
998 }
999 }
新建/etc/dovecot-mysql.conf,内容如下:
driver=mysql
connect = host=localhost dbname=postfix user=postfixuser password=password
default_pass_scheme = MD5
password_query = SELECT password, concat('/var/vmta/',maildir) AS home,5000 AS uid,5000 AS gid FROM mailbox WHERE username = '%u'
user_query = SELECT concat('/var/vmta/',maildir) AS home,5000 AS uid,5000 AS gid FROM mailbox WHERE username = '%u'
添加vmta用户
创建邮箱存储目录
测试发信:
① 用perl生成登录的账号密码
② 登录发信测试
出现queued as 2AFE936B89 表示邮件已经进入队列
查看日志
如果出现以上问题,表示postfix对deliver没有权限,请做如下修改
将刚才的邮件重新发送,在看日志
postqueue –f 表示让邮件队列中的邮件重新发送
邮件发送成功,现在去收邮件,观察dovecot有没有问题
邮件正常收到,至此简单邮件系统全部完成。
