Chinaunix首页 | 论坛 | 博客
  • 博客访问: 101653
  • 博文数量: 13
  • 博客积分: 266
  • 博客等级: 二等列兵
  • 技术积分: 272
  • 用 户 组: 普通用户
  • 注册时间: 2011-08-25 19:30
文章分类

全部博文(13)

文章存档

2013年(4)

2012年(9)

分类: 系统运维

2013-02-28 12:16:14

一。软件安装


点击(此处)折叠或打开

  1. #apt-get install postfix postfix-ldap dovecot-common dovecot-pop3d dovecot-imapd
二。建立邮件账户


  1. #groupadd -g 1001 vmail
  2. #useradd -u 1001 -g 1001 -s /usr/sbin/nologin vmail

二。postfix配置


  1. #postconf -n
  2. alias_database = hash:/etc/aliases
  3. alias_maps = hash:/etc/aliases
  4. append_at_myorigin = no
  5. append_dot_mydomain = no
  6. biff = no
  7. broken_sasl_auth_clients = yes
  8. config_directory = /etc/postfix
  9. dovecot_destination_recipient_limit = 1
  10. ignore_mx_lookup_error = yes
  11. inet_interfaces = all
  12. inet_protocols = ipv4
  13. mailbox_size_limit = 524288000
  14. message_size_limit = 31457280
  15. mydomain = example.com
  16. myhostname = mail.example.com
  17. mynetworks = 0.0.0.0/0
  18. myorigin = $mydomain
  19. readme_directory = no
  20. recipient_delimiter = +
  21. smtp_tls_note_starttls_offer = yes
  22. smtp_use_tls = yes
  23. smtpd_banner = $mydomain ESMTP MAIL SYSTEM
  24. smtpd_helo_required = yes
  25. smtpd_recipient_restrictions = permit_sasl_authenticated, reject_unauth_destination, reject_non_fqdn_hostname, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unauth_pipelining, reject_invalid_hostname
  26. smtpd_sasl_auth_enable = yes
  27. smtpd_sasl_local_domain = $mydomain
  28. smtpd_sasl_path = private/auth
  29. smtpd_sasl_security_options = noanonymous
  30. smtpd_sasl_type = dovecot
  31. smtpd_sender_login_maps = ldap:/etc/postfix/ldap-users.cf
  32. smtpd_sender_restrictions = permit_sasl_authenticated,reject_unknown_sender_domain,reject
  33. smtpd_tls_CAfile = /etc/postfix/ssl/certs/cacert.pem
  34. smtpd_tls_auth_only = no
  35. smtpd_tls_cert_file = /etc/postfix/ssl/certs/smtpd.crt
  36. smtpd_tls_key_file = /etc/postfix/ssl/private/smtpd.key
  37. smtpd_tls_loglevel = 1
  38. smtpd_tls_received_header = yes
  39. smtpd_tls_session_cache_timeout = 3600s
  40. tls_random_source = dev:/dev/urandom
  41. virtual_gid_maps = static:1001
  42. virtual_mailbox_base = /data/vmail
  43. virtual_mailbox_domains = example.com
  44. virtual_mailbox_maps = ldap:/etc/postfix/ldap-users.cf
  45. virtual_transport = dovecot
  46. virtual_uid_maps = static:1001


ldap-users.cf配置


192.168.1.100是我的AD服务器

  1. server_host = 192.168.1.100
  2. search_base = dc=example,dc=com
  3. version=3
  4. query_filter = (&(objectclass=person)(|(sAMAccountName=%u)(othermailbox=%s))(!(userAccountControl=66050)))
  5. bind = yes
  6. bind_dn = vmail@example.com
  7. bind_pw = 1234567
  8. result_attribute = sAMAccountName
  9. result_format = /data/vmail/%u/Maildir/

四。dovecot配置


  1. #dovecot -n
  2. # 2.0.19: /etc/dovecot/dovecot.conf
  3. # OS: Linux 3.2.0-29-generic x86_64 Ubuntu 12.04.1 LTS ext3
  4. auth_debug = yes
  5. auth_debug_passwords = yes
  6. auth_mechanisms = plain login
  7. disable_plaintext_auth = no
  8. info_log_path = /var/log/dovecot-info.log
  9. listen = *
  10. log_path = /var/log/dovecot.log
  11. mail_gid = vmail
  12. mail_location = maildir:/data/vmail/%u/Maildir
  13. mail_uid = vmail
  14. passdb {
  15. driver = pam
  16. }
  17. passdb {
  18. args = /etc/dovecot/dovecot-ldap.conf.ext
  19. driver = ldap
  20. }
  21. protocols = " imap pop3"
  22. service auth {
  23. unix_listener /var/spool/postfix/private/auth {
  24. group = postfix
  25. mode = 0666
  26. user = postfix
  27. }
  28. unix_listener auth-userdb {
  29. group = vmail
  30. mode = 0600
  31. user = vmail
  32. }
  33. }
  34. service pop3-login {
  35. inet_listener pop3 {
  36. port = 110
  37. }
  38. inet_listener pop3s {
  39. port = 995
  40. ssl = yes
  41. }
  42. }
  43. ssl_cert =
  44. ssl_key =
  45. userdb {
  46. driver = passwd
  47. }
  48. userdb {
  49. args = /etc/dovecot/dovecot-ldap.conf.ext
  50. driver = ldap
  51. }
dovecot-ldap.conf.ext需要修改的如下:


  1. hosts = 192.168.1.100:389
  2. dn = cn=vmail,cn=Users,dc=example,dc=com
  3. dnpass = "1234567"
  4. tls = no
  5. debug_level = 10
  6. auth_bind = yes
  7. auth_bind_userdn = cn=%u,cn=Users,dc=example,dc=com
  8. ldap_version = 3
  9. base = cn=Users,dc=example,dc=com
  10. scope = subtree
  11. user_attrs = sAMAccountName=home=/data/vmail/%u/Maildir
  12. user_filter = (&(objectClass=*)(cn=%u))
  13. pass_attrs=uid=user, userPassword=password
  14. pass_filter = (&(objectClass=*)(cn=%u))

配置前证书的行请注释掉或者自己配置证书~

特别是配置dovecot的时候,配置文件很多,务必注意了~


如有疑问,请联系QQ46212635,一起探讨!



阅读(4516) | 评论(0) | 转发(0) |
给主人留下些什么吧!~~