构建Postfix邮件服务器
实验前准备:
1、确定主机名,及主机IP
2、关闭防火墙,及SElinux安全机制
3、关闭sendmail服务
一、Postfix 安装配置
1、编译安装Postfix
a.创建运行Postfix服务的用户(postfix)和组(postfix、postdrop)
groupadd -g 1200 postdrop
groupadd -g 1000 postfix
useradd -M -u 1000 -g postfix -G postdrop -s /sbin/nologin postfix
b.解压并释放源码包,合并补丁包
tar zxvf postfix-2.4.6.tar.gz
gunzip postfix-2.4.6-vda-ng.patch.gz
cd postfix-2.4.6
patch -p1 < ../postfix-2.4.6-vda-ng.patch
c.预配置编译参数
【编译前需使用make makefiles命令调整参数,以便Postfix支持SASL认证和查询MySQL数据库】
[root@mail postfix-2.4.6]# make makefiles 'CCARGS=-DHAS_MYSQL -I/usr/local/mysql/include/mysql -DUSE_SASL_AUTH -DUSE_CYRUS_SASL -I/usr/include/sasl' 'AUXLIBS=-L/usr/local/mysql/lib/mysql -lmysqlclient -lz -lm -L/usr/lib/sasl2 -lsasl2 '
d.确定MySQL的库文件路径
[root@mail ~]# vim /etc/ld.so.conf
/usr/local/mysql/lib/mysql
[root@mail ~]# ldconfig //刷新库文件路径
e.编译安装
make && make install
2、编辑主配置文件
[root@mail ~]# vi /etc/postfix/main.cf
inet_interfaces = 173.17.17.11, 127.0.0.1
myhostname = mail.benet.com
mydomain = benet.com
myorigin = $mydomain
mydestination = $mydomain, $myhostname
home_mailbox = Maildir/
[root@mail postfix]# postfix reload
3、添加邮件用户账号
groupadd mailusers
useradd -g mailusers -s /sbin/nologin xiaoqi
useradd -g mailusers -s /sbin/nologin lisi
passwd xiaoqi
passwd lisi
4、SMTP发送邮件测试
telnet localhost 25
HELO localhost 宣告客户端主机地址
MAIL FROM:[email protected] 告知服务器发件人的地址
RCPT TO:[email protected] 告知服务器收件人的地址
DATA 告知服务器要传送数据
Subjec:A Test Mail 设置邮件主题
hi!This is a test mail 信件内容,【最后以点号结束】
.
QUIT 断开连接并退出
【cat /home/lisi/Maildir/new/..(接收成功则可自动补全)】
二、构建Dovecot服务器
1、编译安装Dovecot软件包
useradd -M -s /sbin/nologin dovecot
tar zxvf dovecot-1.1.4.tar.gz
cd /dovecot-1.1.4
./configure --sysconfdir=/etc --with-mysql
make && make install
2、建立dovecot.conf配置文件并进行简单设置
cp /etc/dovecot-example.conf /etc/dovecot.conf
vi /etc/dovecot.conf
87 ssl_disable = yes 禁止SSL机制
23 protocols = pop3 imap 指定支持的邮局协议
47 disable_plaintext_auth = no 允许明文密码验证
208 mail_location = maildir:~/Maildir 设置邮件存储格式及位置
3、创建PAM认证文件
vi /etc/pam.d/dovecot
auth required pam_nologin.so
auth include system-auth
account include system-auth
session include system-auth
4、启动dovecot服务
/usr/local/sbin/dovecot -c /etc/dovecot.conf
netstsat -nuptl | grep dovecot
5、POP3接收邮件测试
telnet localhost 110
user lisi
pass 123456
list 查看邮件列表
retr 1 收取并查看第一封邮件的内容
quit
三、扩展Postfix邮件系统的功能
1、依次安装程序包、中文语言包
tar zxvf squirremail-1.4.13.tar.gz -C /usr/src/apache2/htdocs/
cd /usr/src/apache2/htdocs
mv squirremail-1.4.13 webmail
cd webmail
tar jxvf ~/zh_CN-1.4.13-20071220.tar.bz2-C /usr/src/apache2/htdocs/
2、创建及调整数据目录、附件目录
mkdir -p attach data (attach存放附件的位置)
chown -R daemon:daemon attach/ data/
chmod 730 attach/
3、建立config.php文件
cp config/config_deault.php config/config.php
vi config/config.php
1000 $squirrelmail_default_language = 'zh_CN';
1015 $default_charset = 'zh_CN.UTF-8';
146 $smtpServerAddress = 'localhost';
118 $domain = 'benet.com';
231 $imap_server_type = 'dovecot';
487 $data_dir = '/usr/local/apache2/htdocs/webmail/data/';
505 $attachment_dir = '/usr/local/apache2/htdocs/webmail/attach/';
4、启动httpd服务器:
/usr/local/apache2/bin/apachectl start
5、浏览器中登录SquirrelMail系统
访问:http://mail.benet.com/webmail/
四、设置SMTP用户认证
rpm -qa | grep cryus
1、.设置Cryus SASL函数库,并启动saslauthd服务
cp /usr/lib/sasl2/Sendmail.conf /usr/lib/sasl2/smtpd.conf
vi /usr/lib/sasl2/smptd.conf
pwcheck_method:saslauthd
service saslauthd start
chkconfig --level 35 saslauthd on
2、.修改main.cf文件,添加SMTP认证相关的配置参数,并重新加载配置
vi /etc/postfix/main.cf
smtpd_sasl_auth_enable=yes
smtpd_sasl_security_options=noanonymous
mynetworks=127.0.0.1
smtpd_recipient_restrictions
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination
3、测试SMTP发信认证
1)使用telnet命令进行认证
【认证时需要用户口令,加密的字串符编码格式为BASE64】
【获取密码】:printf "xiaoqi" | openssl base64 (用户名xiaoqi)
printf "123456" | openssl base64 (密码123456)
telnet mail.benet.com 25
EHLO localhost
AUTH LOGIN
加密的用户名
加密的口令 (显示Authentication successful时,则用户验证成功,否则失败)
MAIL FROM:[email protected]
RCPT TO:[email protected]
DATA
Something important
.
QUIT
《一》配置虚拟用户支持 ―― MySQL
service mysqld start //启动mysql
tar zxvf /mnt/extman-0.2.5.tar.gz �CC /usr/local
[root@mail LNS-SG7]# cd /usr/local/extman-0.2.5/docs
[root@mail docs]# mysql -u root -p < extmail.sql //导入数据库
[root@mail docs]# mysql -u root -p < init.sql
将Extman软件包提供的虚拟用户映射表样例文件复制到/etc/postfix/目录中
[root@s2 docs]# cp -p mysql_virtual_* /etc/postfix/
《二》配置虚拟用户支持 ―― postfix
[root@mail ~]# vi /etc/postfix/main.cf
inet_interfaces = 192.168.1.16, 127.0.0.1
myhostname = mail.benet.com
mydomain = benet.com
myorigin = $mydomain
#mydestination = $mydomain, $myhostname
home_mailbox = Maildir/
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
mynetworks = 127.0.0.1
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination
virtual_mailbox_base = /mailbox
virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_uid_maps = static:1000
virtual_gid_maps = static:1000
《三》配置虚拟用户支持 ―― SMTP认证
[root@mail LNS-SG7]# tar -jxvf courier-authlib-0.60.2.tar.bz2 -C /usr/local/
[root@mail LNS-SG7]# cd /usr/local/courier-authlib-0.60.2/
[root@s2 courier-authlib-0.60.2]# ./configure --prefix=/usr/local/courier-authlib --without-stdheaderdir --with-authmysql --with-redhat --with-mysql-libs=/usr/local/mysql/lib/mysql/ --with-mysql-includes=/usr/local/mysql/include/mysql/ && make && make install && make install-configure
[root@mail courier-authlib-0.60.2]# vi /etc/ld.so.conf //将库文件添加到系统中
/usr/local/courier-authlib/lib/courier-authlib
[root@mail courier-authlib-0.60.2]# ldconfig //刷新数据库
[root@mail courier-authlib-0.60.2]# cd /usr/local/courier-authlib/etc/authlib/ //修改主配置,authdaemonrc文件
[root@mail authlib]# cp authdaemonrc authdaemonrc.bak
[root@mail authlib]# vi authdaemonrc
authmodulelist="authmysql" //只保留这些项
authmodulelistorig="authmysql"
[root@mail authlib]# chmod -R 755 /usr/local/courier-authlib/var/spool/authdaemon/ //给予权限否则无法获得用户数据和密码
[root@mail authlib]# cp authmysqlrc authmysqlrc.bak
[root@mail authlib]# vi authmysqlrc
MYSQL_SERVER localhost mysql数据库服务器位置
MYSQL_USERNAME extmail 数据库管理员帐户
MYSQL_PASSWORD extmail 数据库管理员帐户密码
MYSQL_SOCKET /tmp/mysql.sock mysql.sock文件位置
MYSQL_DATABASE extmail 虚拟用户数据库
MYSQL_USER_TABLE mailbox 从mailbox表获得邮件帐户的信息
MYSQL_CRYPT_PWFIELD password 从pssword字段获得帐户密码
MYSQL_UID_FIELD uidnumber 从uidnumber字段获得映射的本地用户UID
MYSQL_GID_FIELD gidnumber 从gidnumber字段获得映射的本地组GID
MYSQL_LOGIN_FIELD username 从username字段获得帐户名称(带@后缀)
MYSQL_HOME_FIELD concat(‘/mailbox/’,homedir) 合并出用户的宿主目录完整路径
MYSQL_NAME_FIELD name 从name字段获得帐户名称(不带@后缀)
MYSQL_MAILDIR_FIELD concat(‘/mailbox/’,maildir) 合并出用户的完整邮件存储路径
[root@mail authlib]# cp /usr/local/courier-authlib-0.60.2/courier-authlib.sysvinit /etc/init.d/courier-authlib //添加启动脚本
[root@mail authlib]# chmod 755 /etc/init.d/courier-authlib
[root@mail authlib]# chkconfig --add courier-authlib
[root@mail authlib]# chkconfig --level 35 courier-authlib on
[root@mail authlib]# service courier-authlib start
Starting Courier authentication services: authdaemond //启动成功
[root@mail authlib]# vi /usr/lib/sasl2/smtpd.conf //修改Cyrus sasl 配置
pwcheck_method:authdaemond //将认证方式更改为authdaemond
authdaemond_path:/usr/local/courier-authlib/var/spool/authdaemon/socket // 指定SOCKET文件位置
《四》配置虚拟用户支持 ―― dovecot
[root@mail authlib]# cp /etc/dovecot.conf /etc/dovecot.conf.bak
[root@mail authlib]# grep -v "#" /etc/dovecot.conf.bak | grep -v "^$" > /etc/dovecot.conf
[root@mail ~]# vi /etc/dovecot.conf
mail_location = maildir:/mailbox/%d/%n/Maildir //修改
……
auth default {
mechanisms = plain
passdb sql { //添加
args = /etc/dovecot-mysql.conf
}
userdb sql {
args = /etc/dovecot-mysql.conf
}
2. 创建数据查询配置文件
[root@mail ~]# vi /etc/dovecot-mysql.conf
driver = mysql
connect = host=localhost dbname=extmail user=extmail password=extmail
default_pass_scheme = CRYPT
password_query = SELECT username AS user,password AS password FROM mailbox WHERE username = '%u'
user_query = SELECT maildir,uidnumber AS uid ,gidnumber AS gid FROM mailbox WHERE username = '%u'
3. 建立邮箱目录,并调整权限
[root@mail ~]# mkdir -p /mailbox/extmail.org/postmaster/Maildir/
[root@mail Maildir]# chown -R postfix:postfix /mailbox
[root@mail authlib]# dovecot //查看dovecot运行情况
Fatal:Dovecotisalready running with PID 28607 (read from /usr/local/var/run/dovecot/master.pid)
[root@mail authlib]# kill 28607 //杀死dovecot
[root@mail authlib]# /usr/local/sbin/dovecot -c /etc/dovecot.conf //重新启动dovecot
[root@mail authlib]# dovecot
Fatal: Dovecot is already running with PID 7509 (read from /usr/local/var/run/dovecot/master.pid)
测试虚拟用户配置结果
[root@s2 authlib]# /usr/local/courier-authlib/sbin/authtest -s login [email protected] extmail
Authentication succeeded. //成功
使用 telnet 进行认证登录出的
[root@mail sbin]# printf "[email protected]" | openssl base64
cG9zdG1hc3RlckBleHRtYWlsLm9yZw==
[root@mail sbin]# printf "extmail" | openssl base64
ZXh0bWFpbA==
[root@mail ~]# telnet localhost 25
……
AUTH LOGIN
334 VXNlcm5hbWU6
cG9zdG1hc3RlckBleHRtYWlsLm9yZw==
334 UGFzc3dvcmQ6
ZXh0bWFpbA==
235 2.0.0 Authentication successful
QUIT
221 2.0.0 Bye
《五》部署Extmail邮件使用界面
[root@mail LNS-SG7]# tar -zxvf Unix-Syslog-1.1.tar.gz -C /usr/local/
[root@mail LNS-SG7]# tar -zxvf DBI-1.607.tar.gz -C /usr/local/
[root@mail LNS-SG7]# tar -zxvf DBD-mysql-4.011.tar.gz -C /usr/local/
[root@mail LNS-SG7]# cd /usr/local/Unix-Syslog-1.1/
[root@mail Unix-Syslog-1.1]# perl Makefile.PL
[root@mail Unix-Syslog-1.1]# make && make install
[root@mail local]# cd /DBI-1.607/
[root@mail DBI-1.607]# perl Makefile.PL
[root@mail DBI-1.607]# make && make intall
[root@mail DBI-1.607]# cd ../DBD-mysql-4.011/
[root@mail DBD-mysql-4.011]# perl Makefile.PL && make && make install
[root@mail DBD-mysql-4.011]# echo "export PATH=/usr/local/mysql/bin:$PATH" >> /etc/profile
[root@mail DBD-mysql-4.011]# source /etc/profile
2. 安装 extmail 程序套件
[root@mail LNS-SG7]# tar zxvf extmail-1.0.5.tar.gz -C /usr/local/apache2/htdocs/
[root@mail LNS-SG7]# cd /usr/local/apache2/htdocs/
[root@mail htdocs]# mv extmail-1.0.5/ extmail
[root@mail htdocs]# cd extmail/
[root@mail extmail]# chown -R postfix:postfix cgi
[root@mail extmail]# cp webmail.cf.default webmail.cf
[root@mail extmail]# vi /usr/local/apache2/htdocs/extmail/webmail.cf
SYS_CONFIG = /usr/local/apache2/htdocs/extmail/ //程序根目录
SYS_LANGDIR = /usr/local/apache2/htdocs/extmail/lang //语言包文件目录
SYS_TEMPLDIR = /usr/local/apache2/htdocs/extmail/html //系统模板目录
SYS_MAILDIR_BASE = /mailbox
SYS_MYSQL_USER = extmail
SYS_MYSQL_PASS = extmail
SYS_MYSQL_DB = extmail
SYS_MYSQL_HOST = localhost
SYS_MYSQL_SOCKET = /tmp/mysql.sock //MySQL套接字文件位置
修改上述配置项
调整HTTP文件配置。添加虚拟主机
[root@mail ~]# vi /usr/local/apache2/conf/httpd.conf
NameVirtualHost 192.168.1.4
<VirtualHost 192.168.1.4>
ServerName mail.benet.com
DocumentRoot /usr/local/apache2/htdocs/extmail/html/
ScriptAlias /extmail/cgi/ /usr/local/apache2/htdocs/extmail/cgi/
Alias /extmail /usr/local/apache2/htdocs/extmail/html/
SuexecUserGroup postfix postfix
</VirtualHost>
[root@mail ~]# /usr/local/apache2/bin/apachectl restart
修改WINDOWS的HOST文件
C:\WINDOWS\system32\drivers\etc\hosts
验证成功。下面部署Extman Web管理界面
[root@mail /]# cd /mnt/LNS-SG7
[root@mail LNS-SG7]# tar -zxvf GD-2.41.tar.gz -C /usr/local/
[root@mail LNS-SG7]# tar zxvf File-Tail-0.99.3.tar.gz -C /usr/local/
[root@mail LNS-SG7]# cd /usr/local/GD-2.41/
[root@mail GD-2.41]# perl Makefile.PL && make && make install
[root@mail GD-2.41]# cd ../File-Tail-0.99.3/
[root@mail File-Tail-0.99.3]# perl Makefile.PL && make && make install
安装rrdtool绘图引擎包
[root@mail File-Tail-0.99.3]# cd /mnt/LNS-SG7
[root@mail LNS-SG7]# rpm -ivh rrdtool-1.2.23-3.el5.i386.rpm
[root@mail LNS-SG7]# rpm -ivh rrdtool-perl-1.2.23-3.el5.i386.rpm
安装并配置EXTMAN套件
[root@mail LNS-SG7]# tar zxvf extman-0.2.5.tar.gz -C /usr/local/apache2/htdocs/
[root@mail LNS-SG7]# cd /usr/local/apache2/htdocs
[root@mail htdocs]# mv extman-0.2.5 extman
调整cgi子目录的属主属组
[root@mail htdocs]# chown -R postfix:postfix /usr/local/apache2/htdocs/extman/cgi
创建系统临时会话保存目录
[root@mail htdocs]# mkdir /tmp/extman/
[root@mail htdocs]# chown -R postfix:postfix /tmp/extman/
修改webman.cf配置文件
[root@mail extmail]# vi /usr/local/apache2/htdocs/extman/webman.cf
SYS_CONFIG = /usr/local/apache2/htdocs/extman/
SYS_LANGDIR = /usr/local/apache2/htdocs/extman/lang
SYS_TEMPLDIR = /usr/local/apache2/htdocs/extman/html
SYS_MAILDIR_BASE = /mailbox
SYS_MYSQL_USER = webman
SYS_MYSQL_PASS = webman
SYS_MYSQL_DB = extmail
SYS_MYSQL_HOST = localhost
SYS_MYSQL_SOCKET = /tmp/mysql.sock
调整hhtpd.conf添加extman目录别名设置
[root@mail htdocs]# vi /usr/local/apache2/conf/httpd.conf
……
<VirtualHost 173.17.17.11>
ServerName mail.benet.com
DocumentRoot /usr/local/apache2/htdocs/extmail/html/
ScriptAlias /extmail/cgi/ /usr/local/apache2/htdocs/extmail/cgi/
Alias /extmail /usr/local/apache2/htdocs/extmail/html/
ScriptAlias /extman/cgi/ /usr/local/apache2/htdocs/extman/cgi/
Alias /extman /usr/local/apache2/htdocs/extman/html/
SuexecUserGroup postfix postfix
</VirtualHost>
[root@mail ~]# /usr/local/apache2/bin/apachectl restart
登录验证吧。。。。。。只要没有都执行好了就可以的。
用户名[email protected] 密码 extmail*123*
4. 启用 mailgraph_ext 图形日志插件
[root@mail ~]# cd /usr/local/apache2/htdocs/extman/addon/mailgraph_ext/
[root@mail mailgraph_ext]# mkdir /usr/local/mailgraph_ext/
[root@mail mailgraph_ext]# cp mailgraph_ext.pl qmonitor.pl /usr/local/mailgraph_ext/
[root@mail mailgraph_ext]# ./mailgraph-init start
[root@mail mailgraph_ext]# ./qmonitor-init start