斑竹网络专注为中小企业客户提供以管理服务为核心的IT全方位服务 https://www.sysadm.cn
分类: 系统运维
2013-12-13 11:44:52
postfix在centos上安装
(整理时间:2012-02-08)
(系统:CentOS 5.7 2.6.18)
一、 安装前准备
1.安装时加上mysql server ,其它以默认安装(如果安装时忘记安装mysql,可以运行 yum install mysql-server 来安装);
2.关闭防火墙;
3.关闭SELINUX
4.删除系统原来安好的sendmail # rpm -e --nodeps sendmail sendmail-cf
5.vi 使用高亮 # vi ~/.bashrc 中在alias下面另上一行 alias vi='vim' 后重启(这一步可有可无)
6.建立EMOS1.5 的YUM源
# vi /etc/yum.repos.d/EMOS-Base.repo #建立EMOS的库
# EMOS-Base.repo # # Created by ExtMail Dev Team: # # $Id$ [EMOS-base] name=EMOS-Base baseurl= gpgcheck=0 priority=0 protect=0 [EMOS-update] name=EMOS-Updates baseurl= gpgcheck=0 priority=0 protect=0 |
# yum clean all 保存退出后清空原来的记录
二、 配置MTA—postfix
yum install postfix
# postconf -n >/etc/postfix/main2.cf
# mv /etc/postfix/main.cf /etc/postfix/main.cf.bak
# mv /etc/postfix/main2.cf /etc/postfix/main.cf
# vi /etc/postfix/main.cf
添加如下内容:
mynetworks = 127.0.0.1,192.168.7.3
# banner
mail_name = Mail server - by Wayne Wang
smtpd_banner = $myhostname ESMTP $mail_name
# response immediately
smtpd_error_sleep_time = 0s
# Message and return code control
message_size_limit = 5242880
mailbox_size_limit = 5242880
show_user_unknown_table_name = no
# Queue lifetime control
bounce_queue_lifetime = 1d
maximal_queue_lifetime = 1d
三、 配置courier-authlib
# yum install courier-authlib courier-authlib-mysql
修改authlib 配置文件
# mv /etc/authlib/authmysqlrc /etc/authlib/authmysqlrc_bak
# vi /etc/authlib/authmysqlrc
MYSQL_SERVER localhost
MYSQL_USERNAME extmail
MYSQL_PASSWORD mko09ijn
MYSQL_SOCKET /var/lib/mysql/mysql.sock
MYSQL_PORT 3306
MYSQL_OPT 0
MYSQL_DATABASE mail
MYSQL_USER_TABLE mailbox
MYSQL_CRYPT_PWFIELD password
MYSQL_UID_FIELD uidnumber
MYSQL_GID_FIELD gidnumber
MYSQL_LOGIN_FIELD username
MYSQL_HOME_FIELD homedir
MYSQL_NAME_FIELD name
MYSQL_MAILDIR_FIELD maildir
MYSQL_QUOTA_FIELD quota
MYSQL_SELECT_CLAUSE SELECT username,password,"",uidnumber,gidnumber,\
CONCAT('/app/mail/domains/',homedir), \
CONCAT('/app/mail/domains/',maildir), \
quota, \
name \
FROM mailbox \
WHERE username = '$(local_part)@$(domain)'
修改authmysqlrc 的权限和拥有者
# chown daemon.daemon /etc/authlib/authmysqlrc
# chmod 660 /etc/authlib/authmysqlrc
修改/etc/authlib/authdaemonrc 以下内容
authmodulelist="authmysql" authmodulelistorig="authmysql" |
启动
# service courier-authlib start
Starting Courier authentication services: authdaemond
修改authdaemon socket 目录权限,否则以下面的测试SMTP认证就不能通过
# chmod 755 /var/spool/authdaemon/
四、 配置maildrop
# yum install maildrop
配置master.cf 为了使Postfix支持Maildrop,必须修改/etc/postfix/master.cf文件,注释掉原来的maildrop的配置内容,并改为:
maildrop unix - n n - - pipe flags=DRhu user=vuser argv=maildrop -w 90 -d ${user}@${nexthop} ${recipient} ${user} ${extension} {nexthop} |
# vi /etc/postfix/master.cf
配置main.cf 由于maildrop不支持一次接收多个收件人,因此必须在/etc/postfix/main.cf里增加如下参数:
maildrop_destination_recipient_limit = 1 |
五、 配置apache
修改apache配置文件
# vi /etc/httpd/conf/httpd.conf
在最后一行加上
NameVirtualHost *:80
#vi conf.d/httpd-vhost.conf
# VirtualHost for ExtMail Solution
ServerName webmail.bzhy.com
DocumentRoot /app/www/extsuite/extmail/html/
ScriptAlias /extmail/cgi/ /app/www/extsuite/extmail/cgi/
Alias /extmail /app/www/extsuite/extmail/html/
ScriptAlias /extman/cgi/ /app/www/extsuite/extman/cgi/
Alias /extman /app/www/extsuite/extman/html/
# Suexec config
SuexecUserGroup vuser vgroup
六、 配置 extmail+extman
安装extmail 和extman 自己安装的时候需要yum -y install perl-Unix-Syslog
# yum install extsuite-webmail extsuite-webman
# cp /app/www/extsuite/extmail/webmail.cf.default /app/www/extsuite/extmail/webmail.cf
# vi /app/www/extsuite/extmail/webmail.cf
修改以下两项
SYS_MYSQL_USER = extmail SYS_MYSQL_PASS = extmail |
更新cgi目录权限 由于SuEXEC的需要,必须将cgi目录修改成vuser:vgroup权限
# chown -R vuser:vgroup /app/www/extsuite/extmail/cgi/
# chown -R vuser:vgroup /app/www/extsuite/extman/cgi/
链接基本库到Extmail
# mkdir /tmp/extman
# chown -R vuser:vgroup /tmp/extman/
由于RedHat发行版中包含了一个叫tmpwatch的工具,该工具会定期扫描/tmp/下的文件,如果这些文件很久都没被使用,将被删除,因此如果后台长期不使用,/tmp/extman目录有可能被tmpwatch删除,所以要么定期登陆后台,要么修改 webman.cf将临时目录修改到另一个地方。此处暂以/tmp/extman默认值为例。
数据库库初始化
vi /app/www/extsuite/extman/docs/init.sql
把里面所有 extmail.org 的改为 9tong.com
# vi /app/www/extsuite/extman/docs/extmail.sql
将其中内容修改为实际需要的。
# mysql < /app/www/extsuite/extman/docs/extmail.sql
# mysql
注意:导入的先后顺序,否则会报错。
上述导入初始化SQL时,默认的uidnumber/gidnumber都是1000,这和vuser:vgroup 的uid/gid一致,是因为 maildrop投递时会从数据库里取uidnumber/gidnumber,而在master.cf里已经定义好了投递时的运行身份(vuser:vgroup),所以这两个字段的内容必须为1000,否则将出现投递错误,例如报0×06等错误
设置虚拟域和虚拟用户的配置文件
# cp /app/www/extsuite/extman/docs/mysql_virtual_alias_maps.cf /etc/postfix/
# cp /app/www/extsuite/extman/docs/mysql_virtual_domains_maps.cf /etc/postfix/
# cp /app/www/extsuite/extman/docs/mysql_virtual_mailbox_maps.cf /etc/postfix/
# cp /app/www/extsuite/extman/docs/mysql_virtual_sender_maps.cf /etc/postfix/
# vi /etc/postfix/main.cf
增加以下内容
# extmail config here virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf virtual_transport = maildrop: |
重启postfix
# service postfix restart
测试authlib
# /usr/sbin/authtest -s login postmaster@bzhy.com extmail
如输出以下结果证明extman 正确安装,数据库也正确导入,courier-authlib 正确连接mysql数据库
配置图形化日志
# /usr/local/mailgraph_ext/mailgraph-init start
启动cmdserver(在后台显示系统信息)
# /app/www/extsuite/extman/daemon/cmdserver –daemon
加入开机自启动
# echo "/usr/local/mailgraph_ext/mailgraph-init start" >>/etc/rc.d/rc.local
# echo "/app/www/extsuite/extman/daemon/cmdserver --daemon" >>/etc/rc.d/rc.local
七、 配置cyrus-sasl
删除系统自带的
# rpm -e --nodeps cyrus-sasl
安装EMOS1.5里的
# yum install cyrus-sasl
修改postfix 配置文件
# vi /etc/postfix/main.cf
增加以下内容:
# smtpd related config
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated,reject_non_fqdn_hostname,reject_non_fqdn_sender,reject_n
on_fqdn_recipient,reject_unauth_destination,reject_unauth_pipelining,reject_invalid_hostname
# SMTP sender login matching config
smtpd_sender_restrictions = permit_mynetworks,reject_sender_login_mismatch,reject_authenticated_sender_login_mismatch,reject_unauthe
nticated_sender_login_mismatch
smtpd_sender_login_maps = mysql:/etc/postfix/mysql_virtual_sender_maps.cf, mysql:/etc/postfix/mysql_virtual_alias_maps.cf
# SMTP AUTH config here
broken_sasl_auth_clients = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_security_options = noanonymous
配置smtpd.conf
# vi /usr/lib/sasl2/smtpd.conf
pwcheck_method: authdaemond
log_level: 3
mech_list: PLAIN LOGIN
authdaemond_path:/var/spool/authdaemon/socket
注意:
如果操作系统是64位的,则将上述的内容添加到:/usr/lib64/sasl2/smtpd.conf 否则会出现SMTP认证不成功的错误。
八、 配置courier-imap
默认的courier-authlib及courier-imap都会增加系统自启动设置,因此下一次服务器启动将自动启动相应的authlib及POP3服务
# yum install courier-imap
出错如下错误:
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package courier-imap.x86_64 0:4.6.0-1 set to be updated
--> Processing Dependency: courier-authlib-devel >= 0.60.6.20080629 for package: courier-imap
--> Processing Dependency: libcourierauthsasl.so()(64bit) for package: courier-imap
--> Processing Dependency: libcourierauth.so()(64bit) for package: courier-imap
--> Finished Dependency Resolution
courier-imap-4.6.0-1.x86_64 from EMOS-base has depsolving problems
--> Missing Dependency: libcourierauth.so()(64bit) is needed by package courier-imap-4.6.0-1.x86_64 (EMOS-base)
courier-imap-4.6.0-1.x86_64 from EMOS-base has depsolving problems
--> Missing Dependency: courier-authlib-devel >= 0.60.6.20080629 is needed by package courier-imap-4.6.0-1.x86_64 (EMOS-base)
courier-imap-4.6.0-1.x86_64 from EMOS-base has depsolving problems
--> Missing Dependency: libcourierauthsasl.so()(64bit) is needed by package courier-imap-4.6.0-1.x86_64 (EMOS-base)
Error: Missing Dependency: libcourierauth.so()(64bit) is needed by package courier-imap-4.6.0-1.x86_64 (EMOS-base)
Error: Missing Dependency: libcourierauthsasl.so()(64bit) is needed by package courier-imap-4.6.0-1.x86_64 (EMOS-base)
Error: Missing Dependency: courier-authlib-devel >= 0.60.6.20080629 is needed by package courier-imap-4.6.0-1.x86_64 (EMOS-base)
You could try using --skip-broken to work around the problem
You could try running: package-cleanup --problems
package-cleanup --dupes
rpm -Va --nofiles --nodigest
The program package-cleanup is found in the yum-utils package
解决方法:
不在使用courier-imap rpm 安装,尔使用tar.gz 安装
[root@CentOSX64 yum.repos.d]# find / -name libcourierauthsasl.so
/usr/lib64/courier-authlib/libcourierauthsasl.so
[root@CentOSX64 yum.repos.d]# find / -name courier-authlib-devel
[root@CentOSX64 yum.repos.d]# find / -name libcourierauth.so
/usr/lib64/courier-authlib/libcourierauth.so
[root@CentOSX64 yum.repos.d]#
yum –y install courier-authlib-devel
tar -jxvf courier-imap-4.1.2.tar.bz2
cd courier-imap-4.1.2
./configure --prefix=/usr/local/courier-imap --with-redhat --enable-unicode --disable-root-check \
--with-trashquota --without-ipv6 CPPFLAGS='-I/usr/courier-authlib/include' \
COURIERAUTHCONFIG='/usr/bin/courierauthconfig' \
CPPFLAGS='-I/usr/courier-authlib/include'
make
make install
cp /usr/local/courier-imap/etc/imapd.dist /usr/local/courier-imap/etc/imapd
cp /usr/local/courier-imap/etc/imapd-ssl.dist /usr/local/courier-imap/etc/imapd-ssl
cp /usr/local/courier-imap/etc/pop3d.dist /usr/local/courier-imap/etc/pop3d
cp /usr/local/courier-imap/etc/pop3d-ssl.dist /usr/local/courier-imap/etc/pop3d-ssl
配置Courier-IMAP,为用户提供pop3服务:
vi /usr/local/courier-imap/etc/pop3d
POP3DSTART=yes
注:如果你想为用户提供IMAP服务,可以在"/usr/local/courier-imap/etc/imapd"文件中设置"IMAPDSTART=yes"。
设置courier-imap开机自动运行:
cp courier-imap.sysvinit /etc/rc.d/init.d/imapd