需求:内网邮件系统,LAMP+Postfix+Dovecot+Postfixadmin

环境:centos7.3 lnmp

一.部署 Bind DNS 服务

1. 卸载系统自带的sendmail服务

Shell > yum -y remove sendmail

2. 修改服务器主机名称

Shell > hostnamectl set-hostname mail

$hostname

$mail


3. 安装DNS服务

3.1 yum 安装

Shell > yum -y install bind

3.2 配置DNS服务

Shell > vim /etc/named.conf

centos7.3搭建内网postfix 邮件系统_第1张图片

修改图中红框的两项值为any,表示监听所有地址,允许所有人访问

  Shell > vim /etc/named.rfc1912.zones

centos7.3搭建内网postfix 邮件系统_第2张图片

进入到/var/named 目录 分别复制named.localhost 为xx.com.zone,  复制named.loopback 为 xx.com.local 然后进行编辑

Shell > cp -rf named.localhost hy.com.zone

 

Shell > cp -rf named.loopback 2.168.192.local

 

Shell > vim hy.com.zone

centos7.3搭建内网postfix 邮件系统_第3张图片 

Shell > vim 2.168.192.local

 centos7.3搭建内网postfix 邮件系统_第4张图片

3.3 启动并验证DNS服务

Shell > systemctl start named

Shell > systemctl enable named

使用netstat工具查看端口、nslookup工具进行验证

 238.png 

 nslookup.png

二.postfix 安装配置

yum 安装postfix

Shell > yum -y install postfix

到postfix的配置文件main.cf中修改配置

Shell > vim /etc/postfix/main.cf

myhostname = mail.hy.com

mydomain = hy.com

myorigin = $myhostname

inet_interfaces = all

mydestination = $myhostname, localhost.$mydomain, localhost

Shell > systemctl start postfix

Shell > systemctl enable postfix

三.Dovecot 安装配置

yum安装dovecot

Shell > yum -y install dovecot dovecot-devel dovecot-mysql pam-devel

Shell > dovecot --version

创建dovecot工作的用户及用户组

Shell > groupadd -g 2000 vmail

Shell > useradd -g vmail -u 2000 -s /sbin/nologin -M vmail

dovecot的配置文件都在/etc/dovecot/目录下。

Shell > vim /etc/dovecot/dovecot.conf

protocols = imap pop3 lmtp

listen = *

login_trusted_networks =192.168.2.0/24

!include conf.d/*.conf

Shell > vim /etc/dovecot/conf.d/10-auth.conf

disable_plaintext_auth = no

auth_mechanisms = plain login

!include auth-system.conf.ext

Shell > vim /etc/dovecot/conf.d/10-ssl.conf

ssl = no

启用dovecot的日志,日志路径可以自定义

Shell > vim /etc/dovecot/conf.d/10-logging.confspacer.gif 

 centos7.3搭建内网postfix 邮件系统_第5张图片

启动dovecot服务

Shell > systemctl start dovecot

四.postfix虚拟用户配置

1、 修改main.cf 文件

Shell > vim /etc/postfix/main.cf

#启用SMTP认证

smtpd_sasl_type = dovecot

smtpd_sasl_path = /var/spool/postfix/private/auth

smtpd_sasl_application_name = smtpd

smtpd_sasl_auth_enable = yes

smtpd_sasl_local_domain = $myhostname

broken_sasl_auth_clients = yes

smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination,reject_unknown_sender_domain

smtpd_sasl_security_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination

smtpd_client_restrictions = permit_sasl_authenticated

smtpd_sasl_security_options = noanonymous

proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps

#启用虚拟用户

virtual_mailbox_base = /home/vmail/

virtual_mailbox_domains = proxy:mysql:/etc/postfix/sql/mysql_virtual_domains_maps.cf

virtual_alias_maps =

   proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_maps.cf,

   proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_maps.cf,

   proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_catchall_maps.cf

virtual_mailbox_maps =

   proxy:mysql:/etc/postfix/sql/mysql_virtual_mailbox_maps.cf,

   proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_mailbox_maps.cf

virtual_uid_maps = static:2000

virtual_gid_maps = static:2000

virtual_transport = dovecot

dovecot_destination_recipient_limit = 1

2. 修改master.cf 文件

Shell > vim /etc/postfix/master.cf

dovecot   unix  -       n       n       -       -       pipe

flags=DRhu user=vmail:vmail argv=/usr/libexec/dovecot/dovecot-lda -f ${sender} -d ${recipient}

特别注意:flages前面有两个空格,不然会报错,不要入坑-_-.

2.1 数据库连接相关文件

连接数据库相关文件有7个,在创建配置文件之前,我们要在/etc/postfix/目录下建立sql目录用来存放这些配置如下:

Shell > mkdir /etc/postfix/sql

Shell > vim /etc/postfix/sql/mysql_virtual_alias_maps.cf

user = postfix

password = postfix

hosts = localhost

dbname = postfix

query = SELECT goto FROM alias WHERE address='%s' AND active = '1'

 

Shell > vim /etc/postfix/sql/mysql_virtual_alias_domain_maps.cf

user = postfix

password = postfix

hosts = localhost

dbname = postfix

query = SELECT goto FROM alias,alias_domain WHERE alias_domain.alias_domain = '%d' and alias.address = CONCAT('%u', '@', alias_domain.target_domain) AND alias.active = 1 AND alias_domain.active='1'

Shell > vim /etc/postfix/sql/mysql_virtual_alias_domain_catchall_maps.cf

 

Shell > vim /etc/postfix/sql/mysql_virtual_alias_domain_catchall_maps.cf

user = postfix

password = postfix

hosts = localhost

dbname = postfix

query = SELECT goto FROM alias,alias_domain WHERE alias_domain.alias_domain = '%d' and alias.address = CONCAT('@', alias_domain.target_domain) AND alias.active = 1 AND alias_domain.active='1'

 

 

Shell > vim /etc/postfix/sql/mysql_virtual_domains_maps.cf

user = postfix

password = postfix

hosts = localhost

dbname = postfix

query = SELECT domain FROM domain WHERE domain='%s' AND active = '1'

 

Shell > vim /etc/postfix/sql/mysql_virtual_mailbox_maps.cf

user = postfix

password = postfix

hosts = localhost

dbname = postfix

query = SELECT maildir FROM mailbox WHERE username='%s' AND active = '1'

 

Shell > vim /etc/postfix/sql/mysql_virtual_alias_domain_mailbox_maps.cf

user = postfix

password = postfix

hosts = localhost

dbname = postfix

query = SELECT maildir FROM mailbox,alias_domain WHERE alias_domain.alias_domain = '%d' and mailbox.username = CONCAT('%u','@',alias_domain.target_domain) AND mailbox.active = 1 AND alias_domain.active='1'

 

Shell > vim /etc/postfix/sql/mysql_virtual_mailbox_limit_maps.cf

user = postfix

password = postfix

hosts = localhost

dbname = postfix

query = SELECT quota FROM mailbox WHERE username='%s' AND active = '1'

 

五.Dovecot 虚拟用户配置

1. 修改dovecot.conf文件

Shell > vim /etc/dovecot/dovecot.conf

protocols = imap pop3

listen = *

mail_location = maildir:/home/vmail/%d/%n   (曾经掉坑过)

!include conf.d/*.conf

passdb {

  driver = sql

  args = /etc/dovecot/dovecot-sql.conf.ext

}

userdb {

  driver = static

  args = uid=5000 gid=5000 home=/home/vmail/%d/%n

}

#调试日志

auth_debug_passwords=yes

mail_debug=yes

auth_verbose=yes

auth_verbose_passwords=plain

 

2. 修改10-auth.conf文件

Shell > vim /etc/dovecot/conf.d/10-auth.conf

disable_plaintext_auth = no

auth_mechanisms = plain login cram-md5

!include auth-system.conf.ext

3. 修改10-ssl.conf文件

Shell > vim /etc/dovecot/conf.d/10-ssl.conf

 

ssl = no

4. 修改10-mail.conf文件

Shell > vim /etc/dovecot/conf.d/10-mail.conf

mail_location = maildir:/home/vmail/%d/%n/Maildir   

mbox_write_locks = fcntl

 

5. 修改10-logging.conf文件

Shell > vim /etc/dovecot/conf.d/10-logging.conf

info_log_path = /var/log/dovecot_info.log

debug_log_path = /var/log/dovecot_debug.log

 

6. 修改10-master.conf文件

Shell > vim /etc/dovecot/conf.d/10-master.conf

service imap-login {

  inet_listener imap {

    port = 143

  }

}

service pop3-login {

  inet_listener pop3 {

    port = 110

  }

}

service auth {

   unix_listener auth-userdb {

mode = 0600

    user = vmail

    group = vmail

  }

  # Postfix smtp-auth

unix_listener /var/spool/postfix/private/auth {

    mode = 0666

    user = postfix

  }

}

7. 添加dovecot-sql.conf.ext文件

dovecot-sql.conf.ext 可能默认不在/etc/dovecot/

用find 命令查找一下此文件在哪,然后把此文件复制到/etc/dovecot/

Shell > find / -name dovecot-sql.conf.ext

sql1.png

Shell > vim /etc/dovecot/dovecot-sql.conf.ext

driver = mysql

connect = host=localhost dbname=postfix user=postfix password=postfix

default_pass_scheme = MD5-CRYPT

password_query = SELECT username AS user,password FROM mailbox WHERE username = '%u' AND active='1'

user_query = SELECT maildir, 2000 AS uid, 2000 AS gid, CONCAT('dict:storage=',floor(quota/1000),' proxy::quota') as quota FROM mailbox WHERE username = '%u' AND active='1'

 

六.postfixadmin配置

1. 下载postfixadmin源码包

Shell > wget  \

https://nchc.dl.sourceforge.net/project/postfixadmin/postfixadmin/postfixadmin-3.2/postfixadmin-3.2.tar.gz

2. 把解压出来的postfixadmin-3.2 重命名下

Shell > mv postfixadmin-3.2 postfixadmin

然后放在nginx 网站根目录下

3. 创建config.local.php配置文件

Shell > vim config.local.php

 

    $CONF['database_type'] = 'mysqli';

    $CONF['database_user'] = 'postfix';

    $CONF['database_host'] = '127.0.0.1';

    $CONF['database_password'] = 'postfix';

    $CONF['database_name'] = 'postfix';

    $CONF['configured'] = true;

?>

4. 修改config.inc.php配置文件

Shell > vim config.inc.php

修改 $CONF['configured'] = false; 为 $CONF['configured'] = true;

修改 $CONF['default_language'] = 'en'; 为 $CONF['default_language'] = 'cn';                                                 修改成默认为中文

修改 $CONF['database_type'] = 'mysqli'; 为 $CONF['database_type'] = 'mysql';                                              

修改 $CONF['database_host'] = 'localhost'; 为 $CONF['database_host'] = '127.0.0.1';                  

修改 $CONF['database_password'] = 'postfixadmin'; 为 $CONF['database_password'] = 'postfix';  

修改 $CONF['admin_email'] = ''; 为 $CONF['admin_email'] = '[email protected]';                                         

如下图所示:

centos7.3搭建内网postfix 邮件系统_第6张图片

centos7.3搭建内网postfix 邮件系统_第7张图片 

sql4.png

5. 配置文件改完,然后再浏览器中打开:http://ip/postfixadmin/public/setup.php 或者  http://域名/postfixadmin/public/setup.php

有报错, 根据它的报错内容,在postfixadmin目录下新建一个templates_c目录,并授权  //我的postfixadmin 目录在/usr/share/nginx/html 下,

Shell > mkdir templates_c

Shell > chmod -R 755 templates_c  # 或者777权限

6. 刷新页面后,如下图,有一个Error和Warning

注意:第一个提示说连不上数据库,这时候我们要检查config.local.php 和config.inc.php配置文件数据配置、数据账号、数据库名,密码、数据库地址等是否正确,可能是其中一个配置出错,才会有这样的报错。

 

第二个提示需要安装php的imap扩展:

centos7.3搭建内网postfix 邮件系统_第8张图片 

 

Shell > yum -y install php56w-imap-5.6.40-1.w7.x86_64

 

在刷新,错误没了,

我们开始设置密码

centos7.3搭建内网postfix 邮件系统_第9张图片 

这时候,我们要把红色方框中的 $CONF['setup_password'] = '264d4931e17c6ea7d7cead0123354f94:67d1764819b702ee631d6c73bfff2c169fd7c717'; 复制到 config.inc.php中。

Shell > vim config.inc.php

inc.png 

 

再刷新页面,添加管理员邮箱,如图

centos7.3搭建内网postfix 邮件系统_第10张图片 

最后,删除 setup.php,用 http://ip/postfixadmin/public/index.php 登陆管理页面,如图:

centos7.3搭建内网postfix 邮件系统_第11张图片 

 

参考了网上的链接如下:

https://blog.51cto.com/4746316/2314749

https://www.ilanni.com/?p=10963