需求:内网邮件系统,LAMP+Postfix+Dovecot+Postfixadmin
环境:centos7.3 lnmp
一.部署 Bind DNS 服务
1. 卸载系统自带的sendmail服务
Shell > yum -y remove sendmail
2. 修改服务器主机名称
Shell > hostnamectl set-hostname mail
$hostname
3. 安装DNS服务
3.1 yum 安装
Shell > yum -y install bind
3.2 配置DNS服务
Shell > vim /etc/named.conf
修改图中红框的两项值为any,表示监听所有地址,允许所有人访问
Shell > vim /etc/named.rfc1912.zones
进入到/var/named 目录 分别复制named.localhost 为xx.com.zone, 复制named.loopback 为 xx.com.local 然后进行编辑
Shell > cp -rf named.localhost hy.com.zone
Shell > cp -rf named.loopback 2.168.192.local
Shell > vim hy.com.zone
Shell > vim 2.168.192.local
3.3 启动并验证DNS服务
Shell > systemctl start named
Shell > systemctl enable named
使用netstat工具查看端口、nslookup工具进行验证
二.postfix 安装配置
yum 安装postfix
Shell > yum -y install postfix
到postfix的配置文件main.cf中修改配置
Shell > vim /etc/postfix/main.cf
myhostname = mail.hy.com
mydomain = hy.com
myorigin = $myhostname
inet_interfaces = all
mydestination = $myhostname, localhost.$mydomain, localhost
Shell > systemctl start postfix
Shell > systemctl enable postfix
三.Dovecot 安装配置
yum安装dovecot
Shell > yum -y install dovecot dovecot-devel dovecot-mysql pam-devel
Shell > dovecot --version
创建dovecot工作的用户及用户组
Shell > groupadd -g 2000 vmail
Shell > useradd -g vmail -u 2000 -s /sbin/nologin -M vmail
dovecot的配置文件都在/etc/dovecot/目录下。
Shell > vim /etc/dovecot/dovecot.conf
protocols = imap pop3 lmtp
listen = *
login_trusted_networks =192.168.2.0/24
!include conf.d/*.conf
Shell > vim /etc/dovecot/conf.d/10-auth.conf
disable_plaintext_auth = no
auth_mechanisms = plain login
!include auth-system.conf.ext
Shell > vim /etc/dovecot/conf.d/10-ssl.conf
ssl = no
启用dovecot的日志,日志路径可以自定义
Shell > vim /etc/dovecot/conf.d/10-logging.conf
启动dovecot服务
Shell > systemctl start dovecot
四.postfix虚拟用户配置
1、 修改main.cf 文件
Shell > vim /etc/postfix/main.cf
#启用SMTP认证
smtpd_sasl_type = dovecot
smtpd_sasl_path = /var/spool/postfix/private/auth
smtpd_sasl_application_name = smtpd
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination,reject_unknown_sender_domain
smtpd_sasl_security_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination
smtpd_client_restrictions = permit_sasl_authenticated
smtpd_sasl_security_options = noanonymous
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps
#启用虚拟用户
virtual_mailbox_base = /home/vmail/
virtual_mailbox_domains = proxy:mysql:/etc/postfix/sql/mysql_virtual_domains_maps.cf
virtual_alias_maps =
proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_maps.cf,
proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_maps.cf,
proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_catchall_maps.cf
virtual_mailbox_maps =
proxy:mysql:/etc/postfix/sql/mysql_virtual_mailbox_maps.cf,
proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_mailbox_maps.cf
virtual_uid_maps = static:2000
virtual_gid_maps = static:2000
virtual_transport = dovecot
dovecot_destination_recipient_limit = 1
2. 修改master.cf 文件
Shell > vim /etc/postfix/master.cf
dovecot unix - n n - - pipe
flags=DRhu user=vmail:vmail argv=/usr/libexec/dovecot/dovecot-lda -f ${sender} -d ${recipient}
特别注意:flages前面有两个空格,不然会报错,不要入坑-_-.
2.1 数据库连接相关文件
连接数据库相关文件有7个,在创建配置文件之前,我们要在/etc/postfix/目录下建立sql目录用来存放这些配置如下:
Shell > mkdir /etc/postfix/sql
Shell > vim /etc/postfix/sql/mysql_virtual_alias_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
query = SELECT goto FROM alias WHERE address='%s' AND active = '1'
Shell > vim /etc/postfix/sql/mysql_virtual_alias_domain_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
query = SELECT goto FROM alias,alias_domain WHERE alias_domain.alias_domain = '%d' and alias.address = CONCAT('%u', '@', alias_domain.target_domain) AND alias.active = 1 AND alias_domain.active='1'
Shell > vim /etc/postfix/sql/mysql_virtual_alias_domain_catchall_maps.cf
Shell > vim /etc/postfix/sql/mysql_virtual_alias_domain_catchall_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
query = SELECT goto FROM alias,alias_domain WHERE alias_domain.alias_domain = '%d' and alias.address = CONCAT('@', alias_domain.target_domain) AND alias.active = 1 AND alias_domain.active='1'
Shell > vim /etc/postfix/sql/mysql_virtual_domains_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
query = SELECT domain FROM domain WHERE domain='%s' AND active = '1'
Shell > vim /etc/postfix/sql/mysql_virtual_mailbox_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
query = SELECT maildir FROM mailbox WHERE username='%s' AND active = '1'
Shell > vim /etc/postfix/sql/mysql_virtual_alias_domain_mailbox_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
query = SELECT maildir FROM mailbox,alias_domain WHERE alias_domain.alias_domain = '%d' and mailbox.username = CONCAT('%u','@',alias_domain.target_domain) AND mailbox.active = 1 AND alias_domain.active='1'
Shell > vim /etc/postfix/sql/mysql_virtual_mailbox_limit_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
query = SELECT quota FROM mailbox WHERE username='%s' AND active = '1'
五.Dovecot 虚拟用户配置
1. 修改dovecot.conf文件
Shell > vim /etc/dovecot/dovecot.conf
protocols = imap pop3
listen = *
mail_location = maildir:/home/vmail/%d/%n (曾经掉坑过)
!include conf.d/*.conf
passdb {
driver = sql
args = /etc/dovecot/dovecot-sql.conf.ext
}
userdb {
driver = static
args = uid=5000 gid=5000 home=/home/vmail/%d/%n
}
#调试日志
auth_debug_passwords=yes
mail_debug=yes
auth_verbose=yes
auth_verbose_passwords=plain
2. 修改10-auth.conf文件
Shell > vim /etc/dovecot/conf.d/10-auth.conf
disable_plaintext_auth = no
auth_mechanisms = plain login cram-md5
!include auth-system.conf.ext
3. 修改10-ssl.conf文件
Shell > vim /etc/dovecot/conf.d/10-ssl.conf
ssl = no
4. 修改10-mail.conf文件
Shell > vim /etc/dovecot/conf.d/10-mail.conf
mail_location = maildir:/home/vmail/%d/%n/Maildir
mbox_write_locks = fcntl
5. 修改10-logging.conf文件
Shell > vim /etc/dovecot/conf.d/10-logging.conf
info_log_path = /var/log/dovecot_info.log
debug_log_path = /var/log/dovecot_debug.log
6. 修改10-master.conf文件
Shell > vim /etc/dovecot/conf.d/10-master.conf
service imap-login {
inet_listener imap {
port = 143
}
}
service pop3-login {
inet_listener pop3 {
port = 110
}
}
service auth {
unix_listener auth-userdb {
mode = 0600
user = vmail
group = vmail
}
# Postfix smtp-auth
unix_listener /var/spool/postfix/private/auth {
mode = 0666
user = postfix
}
}
7. 添加dovecot-sql.conf.ext文件
dovecot-sql.conf.ext 可能默认不在/etc/dovecot/
用find 命令查找一下此文件在哪,然后把此文件复制到/etc/dovecot/
Shell > find / -name dovecot-sql.conf.ext
Shell > vim /etc/dovecot/dovecot-sql.conf.ext
driver = mysql
connect = host=localhost dbname=postfix user=postfix password=postfix
default_pass_scheme = MD5-CRYPT
password_query = SELECT username AS user,password FROM mailbox WHERE username = '%u' AND active='1'
user_query = SELECT maildir, 2000 AS uid, 2000 AS gid, CONCAT('dict:storage=',floor(quota/1000),' proxy::quota') as quota FROM mailbox WHERE username = '%u' AND active='1'
六.postfixadmin配置
1. 下载postfixadmin源码包
Shell > wget \
https://nchc.dl.sourceforge.net/project/postfixadmin/postfixadmin/postfixadmin-3.2/postfixadmin-3.2.tar.gz
2. 把解压出来的postfixadmin-3.2 重命名下
Shell > mv postfixadmin-3.2 postfixadmin
然后放在nginx 网站根目录下
3. 创建config.local.php配置文件
Shell > vim config.local.php
$CONF['database_type'] = 'mysqli';
$CONF['database_user'] = 'postfix';
$CONF['database_host'] = '127.0.0.1';
$CONF['database_password'] = 'postfix';
$CONF['database_name'] = 'postfix';
$CONF['configured'] = true;
?>
4. 修改config.inc.php配置文件
Shell > vim config.inc.php
修改 $CONF['configured'] = false; 为 $CONF['configured'] = true;
修改 $CONF['default_language'] = 'en'; 为 $CONF['default_language'] = 'cn'; 修改成默认为中文
修改 $CONF['database_type'] = 'mysqli'; 为 $CONF['database_type'] = 'mysql';
修改 $CONF['database_host'] = 'localhost'; 为 $CONF['database_host'] = '127.0.0.1';
修改 $CONF['database_password'] = 'postfixadmin'; 为 $CONF['database_password'] = 'postfix';
修改 $CONF['admin_email'] = ''; 为 $CONF['admin_email'] = '[email protected]';
如下图所示:
5. 配置文件改完,然后再浏览器中打开:http://ip/postfixadmin/public/setup.php 或者 http://域名/postfixadmin/public/setup.php
有报错, 根据它的报错内容,在postfixadmin目录下新建一个templates_c目录,并授权 //我的postfixadmin 目录在/usr/share/nginx/html 下,
Shell > mkdir templates_c
Shell > chmod -R 755 templates_c # 或者777权限
6. 刷新页面后,如下图,有一个Error和Warning
注意:第一个提示说连不上数据库,这时候我们要检查config.local.php 和config.inc.php配置文件数据配置、数据账号、数据库名,密码、数据库地址等是否正确,可能是其中一个配置出错,才会有这样的报错。
第二个提示需要安装php的imap扩展:
Shell > yum -y install php56w-imap-5.6.40-1.w7.x86_64
在刷新,错误没了,
我们开始设置密码
这时候,我们要把红色方框中的 $CONF['setup_password'] = '264d4931e17c6ea7d7cead0123354f94:67d1764819b702ee631d6c73bfff2c169fd7c717'; 复制到 config.inc.php中。
Shell > vim config.inc.php
再刷新页面,添加管理员邮箱,如图
最后,删除 setup.php,用 http://ip/postfixadmin/public/index.php 登陆管理页面,如图:
参考了网上的链接如下:
https://blog.51cto.com/4746316/2314749
https://www.ilanni.com/?p=10963