环境:CentOS 6.4(最小化安装)
关闭防火墙和selinux
Sendmail的配置文件
/etc/mail/sendmail.cf :Sendmail的主配置文件;
/etc/mail/access :中继访问控制;
/etc/mail/domaintable ;域名映射;
/etc/mail/local-host-names ;本地主机别名;
/etc/mail/mailertable :为特定的域指定特殊的路由规则;
/etc/mail/virtusertable :虚拟域配置
Sendmail为发送服务器
[root@localhost ~]# yum -y install sendmail sendmail-cf openssl-devel dovecot cyrus* [root@localhost ~]# nslookup > mail.com Server: 192.168.100.243 Address:192.168.100.243#53 Name:mail.com Address: 192.168.100.243 > 192.168.100.243 Server: 192.168.100.243 Address:192.168.100.243#53 243.100.168.192.in-addr.arpaname = com. 243.100.168.192.in-addr.arpaname = mail.com. 243.100.168.192.in-addr.arpaname = aa.com. > exit [root@localhost ~]#
或者
[root@localhost ~]# tail -1 /etc/hosts 192.168.100.243 mail.com mail mail.com.com localhost localhost.localdomain [root@localhost ~]# [root@localhost ~]# sed -i '/^\:OUTPUT ACCEPT/a\-A INPUT \-m state \-\-state NEW \-m tcp \-p tcp \-\-dport 25 \-j ACCEPT' /etc/sysconfig/iptables [root@localhost ~]# sed -i '/^\:OUTPUT ACCEPT/a\-A INPUT \-m state \-\-state NEW \-m tcp \-p tcp \-\-dport 110 \-j ACCEPT' /etc/sysconfig/iptables [root@localhost ~]# /etc/init.d/iptables restart iptables: Flushing firewall rules: [ OK ] iptables: Setting chains to policy ACCEPT: filter [ OK ] iptables: Unloading modules: [ OK ] iptables: Applying firewall rules: [ OK ] [root@localhost ~]# chkconfig iptables on [root@localhost ~]# setenforce 0 [root@localhost ~]# /etc/init.d/postfix stop Shutting down postfix: [ OK ] [root@localhost ~]# chkconfig postfix off
[root@localhost ~]# echo 'mail.com RELAY' >>/etc/mail/access [root@localhost ~]# echo '192.168.100. RELAY' >>/etc/mail/access [root@localhost ~]# sed -i "/confCACERT_PATH/s/^dnl//g" /etc/mail/sendmail.mc [root@localhost ~]# sed -i "/confCACERT_PATH/s/^[ \t]//g" /etc/mail/sendmail.mc [root@localhost ~]# sed -i "/ca-bundle.crt/s/^dnl//g" /etc/mail/sendmail.mc [root@localhost ~]# sed -i "/ca-bundle.crt/s/^[ \t]//g" /etc/mail/sendmail.mc [root@localhost ~]# sed -i "/confSERVER_CERT/s/^dnl//g" /etc/mail/sendmail.mc [root@localhost ~]# sed -i "/confSERVER_CERT/s/^[ \t]//g" /etc/mail/sendmail.mc [root@localhost ~]# sed -i "/confSERVER_KEY/s/^dnl//g" /etc/mail/sendmail.mc [root@localhost ~]# sed -i "/confSERVER_KEY/s/^[ \t]//g" /etc/mail/sendmail.mc [root@localhost ~]# sed -i "/TRUST_AUTH_MECH/s/^dnl//g" /etc/mail/sendmail.mc [root@localhost ~]# sed -i "/TRUST_AUTH_MECH/s/^[ \t]//g" /etc/mail/sendmail.mc [root@localhost ~]# sed -i "/confAUTH_MECHANISMS/s/^dnl//g" /etc/mail/sendmail.mc [root@localhost ~]# sed -i "/confAUTH_MECHANISMS/s/^[ \t]//g" /etc/mail/sendmail.mc [root@localhost ~]# sed -i '/^DAEMON_OPTIONS/s/127\.0\.0\.1/0\.0\.0\.0/g' /etc/mail/sendmail.mc [root@localhost ~]# sed -i '/UUCP_MAILER_MAX/s/2/4/g' /etc/mail/sendmail.mc //限制附件的大小 [root@localhost ~]# cd /etc/mail/ [root@localhost mail]# m4 sendmail.mc > sendmail.cf
限制邮件的大小:
[root@localhost ~]# sed -i '/MaxMessageSize/s/^#//g' /etc/mail/sendmail.cf [root@localhost ~]# sed -i '/MaxMessageSize/s/0/4000000/g' /etc/mail/sendmail.cf
配置DOVECOT:
[root@localhost ~]# sed -i '/protocols/s/^#//g' /etc/dovecot/dovecot.conf
如果不做下面的操作,会报:-ERR Plaintext authentication disallowed on non-secure (SSL/TLS) connections错误
[root@localhost ~]# sed -i '/login_trusted_networks/s/^#//g' /etc/dovecot/dovecot.conf [root@localhost ~]# sed -i '/login_trusted_networks/s/\=/\= 0\.0\.0\.0\/0/g' /etc/dovecot/dovecot.conf [root@localhost ~]# sed -i '/INBOX\=/s/^#//g' /etc/dovecot/conf.d/10-mail.conf [root@localhost ~]# sed -i '/INBOX\=/s/^[ \t]*//g' /etc/dovecot/conf.d/10-mail.conf [root@localhost ~]# echo 'mail.com' >> /etc/mail/local-host-names [root@localhost ~]# sed -i '/MECH\=/s/pam/shadow/' /etc/sysconfig/saslauthd [root@localhost ~]# chkconfig sendmail on [root@localhost ~]# chkconfig dovecot on [root@localhost ~]# chkconfig saslauthd on [root@localhost ~]# /etc/init.d/sendmail restart [root@localhost ~]# /etc/init.d/dovecot restart [root@localhost ~]# /etc/init.d/saslauthd restart
如果报-ERR [IN-USE] Couldn't open INBOX: Internal error occurred. Refer to server log for more information. 错误则
[yfshare@aa ~]$ mkdir -p /home/yfshare/mail/.imap/INBOX即可
在这里添加上即可(执行上面脚本也可):
[root@localhost ~]# tail -n 5 /etc/skel/.bashrc |head -n 3 if [ ! -d ~/mail/.imap/INBOX ];then mkdir -p ~/mail/.imap/INBOX fi [root@localhost ~]#
[root@localhost ~]# useradd yfshare [root@localhost ~]# useradd bob [root@localhost ~]# useradd jerry [root@localhost ~]# passwd yfshare [root@localhost ~]# passwd bob [root@localhost ~]# passwd jerry
[root@localhost ~]# echo -e "group1:\tyfshare,bob" >>/etc/aliases [root@localhost ~]# newaliases /etc/aliases: 77 aliases, longest 11 bytes, 782 bytes total [root@localhost ~]# /etc/init.d/sendmail restart Shutting down sm-client: [ OK ] Shutting down sendmail: [ OK ] Starting sendmail: [ OK ] Starting sm-client: [ OK ] [root@localhost ~]#
[root@localhost ~]# saslauthd -v //查看是否支持pam或shadow saslauthd 2.1.23 authentication mechanisms: getpwent kerberos5 pam rimap shadow ldap [root@localhost ~]# testsaslauthd -u yfshare -p wang1024** 0: OK "Success." [root@localhost ~]# testsaslauthd -u bob -p wang1024** 0: OK "Success." [root@localhost ~]# testsaslauthd -u jerry -p wang1024** 0: OK "Success." [root@localhost ~]# 如果显示0: OK “Success.”则表明saslauthd工作正常 [root@localhost ~]# mailq //查看sendmail队列 /var/spool/mqueue is empty Total requests: 0 [root@localhost ~]# [root@localhost ~]# mailstats //查看邮件系统的状态 Statistics from Wed Sep 9 17:41:02 2015 M msgsfr bytes_from msgsto bytes_to msgsrej msgsdis msgsqur Mailer ===================================================================== T 0 0K 0 0K 0 0 0 C 0 0 0 [root@localhost ~]#
验证:
[root@localhost ~]# telnet mail.com 25 Trying 192.168.100.243... Connected to mail.com. Escape character is '^]'. 220 aa.com ESMTP Sendmail 8.14.4/8.14.4; Thu, 10 Sep 2015 14:03:34 +0800 mail from:[email protected] 250 2.1.0 [email protected]... Sender ok rcpt to:[email protected] 250 2.1.5 [email protected]... Recipient ok data 354 Enter mail, end with "." on a line by itself this is test mail~~~!! . 250 2.0.0 t8A63Yf6002353 Message accepted for delivery quit 221 2.0.0 aa.com closing connection Connection closed by foreign host. [root@localhost ~]#
[bob@aa ~]$ mail Heirloom Mail version 12.4 7/29/08. Type ? for help. "/var/spool/mail/bob": 1 message > 1 [email protected] Thu Sep 10 14:05 13/471 &
注:如果用IMAP来接收邮件,在邮件帐号里面直接写用户名,不加@mail.com
上面搭建的邮件服务器是使用明文传输的,不安全。
下面给邮件服务器弄个SSL:(dovecot默认就支持pop3s和imaps)
pop3 |
110 |
pop3s |
995 |
smtp |
25 |
smtps |
465 |
imap |
143 |
imaps | 993 |
生成sendmail.pem文件
[root@localhost ~]# cd /etc/pki/tls/certs/ [root@localhost certs]# make sendmail.pem
[root@localhost ~]# head -n 63 /etc/mail/sendmail.mc |tail -n 4 define(`confCACERT_PATH', `/etc/pki/tls/certs')dnl define(`confCACERT', `/etc/pki/tls/certs/ca-bundle.crt')dnl define(`confSERVER_CERT', `/etc/pki/tls/certs/sendmail.pem')dnl define(`confSERVER_KEY', `/etc/pki/tls/certs/sendmail.pem')dnl [root@localhost ~]#
开启SMTPS:
[root@localhost ~]# sed -i '/TLSMTA/s/^dnl//g' /etc/mail/sendmail.mc [root@localhost ~]# sed -i '/TLSMTA/s/^[ \t]*//g' /etc/mail/sendmail.mc [root@localhost ~]# cd /etc/mail/ [root@localhost mail]# cp sendmail.cf sendmail.cf.bak [root@localhost mail]# m4 sendmail.mc > sendmail.cf [root@localhost ~]# yum -y install xinetd [root@localhost ~]# /etc/init.d/xinetd restart [root@localhost ~]# ll /etc/pki/tls/certs/sendmail.pem -rw------- 1 root root 2913 Sep 10 11:45 /etc/pki/tls/certs/sendmail.pem [root@localhost ~]# [root@localhost ~]# /etc/init.d/sendmail restart Shutting down sm-client: [ OK ] Shutting down sendmail: [ OK ] Starting sendmail: [ OK ] Starting sm-client: [ OK ] [root@localhost ~]# [root@localhost ~]# /etc/init.d/dovecot restart Stopping Dovecot Imap: [ OK ] Starting Dovecot Imap: [ OK ] [root@localhost ~]# [root@localhost ~]# /etc/init.d/saslauthd restart Stopping saslauthd: [ OK ] Starting saslauthd: [ OK ] [root@localhost ~]#
[root@localhost ~]# netstat -anp|grep dovecot|head -n 4 tcp 0 0 0.0.0.0:110 0.0.0.0:* LISTEN 2642/dovecot tcp 0 0 0.0.0.0:143 0.0.0.0:* LISTEN 2642/dovecot tcp 0 0 0.0.0.0:993 0.0.0.0:* LISTEN 2642/dovecot tcp 0 0 0.0.0.0:995 0.0.0.0:* LISTEN 2642/dovecot [root@localhost ~]# [root@localhost ~]# netstat -anp|grep sendmail tcp 0 0 0.0.0.0:465 0.0.0.0:* LISTEN 2621/sendmail tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 2621/sendmail unix 2 [ ] DGRAM 15538 2629/sendmail: Queu unix 2 [ ] DGRAM 15523 2621/sendmail [root@localhost ~]#
测试成功:a/b/c三个用户,group包含a/b用户,c给a发送邮件并抄送给group,这时a只会收到一封邮件,Sendmail会过滤掉相同mailID的邮件。而Postfix则会给a发送两封一模一样的邮件
[root@localhost ~]# mailstats Statistics from Thu Sep 10 14:05:06 2015 M msgsfr bytes_from msgsto bytes_to msgsrej msgsdis msgsqur Mailer 4 4 12K 0 0K 0 0 0 esmtp 9 10 27K 16 40K 3 0 0 local ===================================================================== T 14 39K 16 40K 3 0 0 C 16 0 3 [root@localhost ~]#
如果把这行注释掉,Sendmail就不支持smtp发送邮件了,只支持smtps发送邮件
安装rainloop:
[root@localhost ~]# yum -y install php* [root@localhost ~]# unzip rainloop-latest.zip -d /var/www/html/ [root@localhost ~]# chown apache:apache /var/www/html/* -R [root@localhost ~]# sed -i '/^DirectoryIndex/s/html/html index.php/g' /etc/httpd/conf/httpd.conf [root@localhost ~]# sed -i '/post_max_size/s/8/4/g' /etc/php.ini [root@localhost ~]# sed -i '/upload_max_filesize/s/2/3/g' /etc/php.ini [root@localhost ~]# /etc/init.d/httpd restart Stopping httpd: [ OK ] Starting httpd: [ OK ] [root@localhost ~]# chkconfig httpd on
访问:http://192.168.100.243/?admin进入后台管理
不允许用户添加其他的账户
添加个性化标题:
访问:http://192.168.100.243进入web mail
如果出现无法载入邮件,把下面这个改成off,保存配置后再登录即可
[root@localhost ~]# grep autocreate_system_folders /var/www/html/data/_data_/_default_/configs/application.ini autocreate_system_folders = On [root@localhost ~]#
你应该知道的最好Webmail邮件客户端
Postfix+dovecot+saslauth