源码搭建全功能邮件系统（4）

四  Courier Authlib

最好先安装courier-authlib。为什么呢？因为后面配置 SASL验证smtp时需要authlib的socket路径。

1．安装

# ./configure \

--prefix=/usr/local/authlib --with-redhat --with-authmysql=yes  --with-mailuser=zhousong \

--with-mailgroup=zhousong --with-mysql-libs=/usr/local/mysql/lib/mysql \

--with-mysql-includes=/usr/local/mysql/include/mysql --without-stdheaderdir

注：--without-stdheaderdir该选项必须加否则maildrop –v出错。

# make
# make install
# make install-configure

2．配置

（1）#vim /usr/local/authlib/etc/authlib/authdaemonrc

修改成：

authdaemonvar=/usr/local/authlib/var/spool/authdaemon

# chmod 755 /usr/local/authlib/var/spool/authdaemon

注：如果该目录权限不正确修改，maildrop及postfix等将无法正确获取用户的信息及密码认证

（2）#ln -s /usr/local/authlib/bin/courierauthconfig /usr/bin/courierauthconfig

（3）#vim /usr/local/authlib/etc/authlib/authdaemonrc 

修改成：

authmodulelist="authmysql"

authmodulelistorig="authmysql"

DEBUG_LOGIN=2

（4）vim /usr/local/authlib/etc/authlib/authmysqlrc

按要求修改成：

MYSQL_SERVER            localhost

MYSQL_USERNAME          extmail

MYSQL_PASSWORD          extmail

MYSQL_SOCKET            /tmp/mysql.sock

MYSQL_PORT              3306

MYSQL_OPT               0

MYSQL_DATABASE          extmail

MYSQL_USER_TABLE        mailbox

MYSQL_CRYPT_PWFIELD     password

MYSQL_UID_FIELD         uidnumber

MYSQL_GID_FIELD         gidnumber

MYSQL_LOGIN_FIELD       username

MYSQL_HOME_FIELD        homedir

MYSQL_NAME_FIELD        name

MYSQL_MAILDIR_FIELD     maildir

MYSQL_QUOTA_FIELD       quota

MYSQL_SELECT_CLAUSE     SELECT username,password,"",uidnumber,gidnumber,\

                        CONCAT('/home/domains/',homedir),               \

                        CONCAT('/home/domains/',maildir),               \

                        quota,                                          \

                        name                                            \

                        FROM mailbox                                    \

                        WHERE username = '$(local_part)@$(domain)'

 

（5）配置启动

#cp courier-authlib.sysvinit /etc/init.d/courier-authlib

#chmod 755 /etc/init.d/courier-authlib

#chkconfig --add courier-authlib

3．  测试

 

五      Cyrus SASL

1． 安装

# ./configure  --prefix=/usr/local/cyrus-sasl

--disable-anon --enable-plain --enable-login \

--enable-sql --with-mysql=/usr/local/mysql \

--with-mysql-includes=/usr/local/mysql/include/mysql \

--with-mysql-libs=/usr/local/mysql/lib/mysql \

--with-authdaemond

#make

#make install

2．  配置

（1）       ln -s /usr/local/cyrus-sasl/lib/sasl2 /usr/lib/sasl2

（2）       #vim /etc/ld.so.conf

添加如下内容：

/usr/local/cyrus-sasl/lib

#ldconfig

（3）       创建文件/usr/local/cyrus-sasl/lib/sasl2/smtpd.conf,并加入如下内容：

pwcheck_method: authdaemond

mech_list: PLAIN LOGIN

log_level: 3

authdaemond_path: /usr/local/authlib/var/spool/authdaemon/socket

 

六  Postfix

1．  安装

#useradd postfix

# useradd postdrop

# make -f Makefile.init makefiles 'CCARGS=-DHAS_MYSQL -I/usr/local/mysql/include/mysql -DUSE_CYRUS_SASL -DUSE_SASL_AUTH -I/usr/local/cyrus-sasl/include/sasl' 'AUXLIBS=-L/usr/local/mysql/lib/mysql -lmysqlclient -lz -lm -L/usr/local/cyrus-sasl/lib -lsasl2'

#make install一路回车即可

2．  配置

（1）

# postconf -n > /etc/postfix/main2.cf

# mv /etc/postfix/main.cf /etc/postfix/main.cf.old

# mv /etc/postfix/main2.cf /etc/postfix/main.cf

#vim /etc/postfix/main.cf

增加如下内容：

# hostname

mynetworks = 127.0.0.1

myhostname = mail.zhousonglinux.com

mydestination = $mynetworks $myhostname

 

# banner

mail_name = Postfix - by zhousonglinux.com

smtpd_banner = $myhostname ESMTP $mail_name

 

# response immediately

smtpd_error_sleep_time = 0s

 

# Message and return code control

message_size_limit = 5242880

mailbox_size_limit = 5242880

show_user_unknown_table_name = no

 

# Queue lifetime control

bounce_queue_lifetime = 1d

maximal_queue_lifetime = 1d

 

（2）配置SASL验证

#vim /etc/postfix/main.cf

# smtpd related config

smtpd_recipient_restrictions =

        permit_mynetworks,

        permit_sasl_authenticated,

        reject_non_fqdn_hostname,

        reject_non_fqdn_sender,

        reject_non_fqdn_recipient,

        reject_unauth_destination,

        reject_unauth_pipelining,

        reject_invalid_hostname,

 

# SMTP sender login matching config

smtpd_sender_restrictions =

        permit_mynetworks,

        reject_sender_login_mismatch,

        reject_authenticated_sender_login_mismatch,

        reject_unauthenticated_sender_login_mismatch

 

smtpd_sender_login_maps =

        mysql:/etc/postfix/mysql_virtual_sender_maps.cf,

        mysql:/etc/postfix/mysql_virtual_alias_maps.cf

 

# SMTP AUTH config here

broken_sasl_auth_clients = yes

smtpd_sasl_auth_enable = yes

smtpd_sasl_local_domain = $myhostname

smtpd_sasl_security_options = noanonymous

本文出自 “周天琪” 博客，谢绝转载！