分类:
2011-08-02 09:28:31
Applies To:
This article aims to demonstrate how to use the YaST modules in SLES to create a very functional mail server. Users for the server are stored in a LDAP directory, and the server offers them access via POP3, IMAP, and SMTP. This set-up requires the combined efforts of several modules including:
Several underlying projects are used to accomplish this configuration. The major ones include:
Because the configuration relies on a LDAP database, it works well with the user authentication scheme described in the article, .
The server needs to be configured with a LDAP database to store the user information. The easiest way to accomplish this is to select LDAP user authentication while installing the system. This is the default behavior while installing SLES. In addition, the mail server should have a static IP address, and be assigned a DNS name.
Following is a brief overview of the recommended installation settings.
Proceed with a nomal SLES installation. When network configuration is reached, make sure that the server has a static IP address, and is configured with its designated DNS name. In this example the DNS name is mail.example.com.
Figure 1: Static IP Address
Figure 2: Hostname
Be sure to create a certificate and LDAP database (this is the default behavior). If the defaults are accepted, the database has a base DN of dc=example,dc=com, an administrator user cn=Administrator, and a password matching the root password already given.
Figure 3: Certificate and LDAP Database
Make sure that the system is configured to authenticate users via LDAP (default).
Figure 4: User Authentication Method
No changes should need to be made in the LDAP Client Configuration, but note that Create Default Configuration Objects must be selected under Advanced Configuration.
Figure 5: LDAP Client Configuration
Figure 6: Advanced Configuration
Proceed through the rest of the installation, creating any users which are needed. Mail users can be added now and configured as such later. If the mail users should not be allowed to log-in locally to the server, be sure to change their Login Shell to /bin/false in the Details... screen.
The mail server requires that the Bind DNS server is running, it stores its information in the LDAP database, and that it has at least one zone configured with a MX entry. These tasks are all easily accomplished through the YaST DNS Server module, accessible under Network Services > DNS Server.
Note: It is important to remember that the following DNS configuration is only one possible set-up. This example only demonstrates the most basic configuration necessary to get the mail server running. Specific requirements may necessitate a more complex configuration.
After Launching the DNS Server module the package bind may be installed it it is not already.
The first step is to set-up forwarders. For this example, just hit Next.
Figure 7: Forwarders
Next, add a new master zone. In this case example.com was added as a master zone. When the zone is added select Edit Zone and add a MX record for mail.example.com. Press OK and Next to continue.
Figure 8: DNS Zones
Figure 9: Adding a MX Record
On the final screen, enable the DNS server on start-up, and enable LDAP support. When the LDAP support check box is activated additional packages may be installed. When Finish is selected the LDAP configuration is written. This may require the LDAP password to be entered.
Figure 10: Finish Wizard
Now that the LDAP and DNS servers are configured the mail server can be installed.
By default there is no Mail Server module in YaST. There is a Mail Transfer Agent module, but it serves a different purpose than a mail server. Begin by using the Install and Remove Software module in YaST to remove the Mail Transfer Agent module (yast2-mail) and install the Mail Server module (yast2-mail-server). Then, launch the module.
Figure 11: Install and Remove Software
Because it depends on a LDAP database, the LDAP password is prompted for. Next, a menu is presented to configure the different components of the mail server.
Figure 12: Mail Server Components
The first component is the Global Settings. It allows for the configuration of:
Figure 13: Global Settings
Next, the method users receive their mail is configured. To enable IMAP and POP3, select Cyrus IMAP. Other settings, such as encryption and quotas can be set.
Figure 14: Local Delivery
The next module allows local transports to be configured. This setting allows mail to be routed to another server. For a simple server no transports are necessary.
Figure 15: Mail Transports
The mail server can be configured with black-lists, virus scanning, etc. This module allows for configuration of these tools.
Figure 16: Mailserver Prevention
The next screen allows trusted networks to be defined. These networks are allowed to relay non-local mail.
Figure 17: Mailserver Relaying
If mail needs to be fetched from another server, this configuration is accomplished in this screen.
Figure 18: Fetching Mail
The next screen lets the domains that this server considers itself the final destination to be defined.
Figure 19: Mailserver Domains
When the desired settings are complete, select OK to commit them. Congratulations, the mail server is now configured!
Adding mail users is simply done through the Edit and Create Users module. Any LDAP user can be configured to use the mail server. To do so simply add or edit a LDAP user, and select Details.... Select Next to proceed to the Additional User Settings screen. Make sure that the Edit user mail parameters plug-in is active (gray box on the left). If the mail server is already configured and the user is now being added for the first time the plug-in is active by default. Launching the plug-in allows the mail aliases and quotas to be established.
Figure 20: Enable Mail Plug-in.
Figure 21: Mail Parameters
Configuring a client to use the mail server is simple. In the above example the configuration for the user geekowould be:
SLES makes creating a mail server easy and painless. This walk through just showed a basic configuration involving a single mail server with a local LDAP database. This example can be expanded on to create a very flexible and powerful mail system.