实验环境:redhat5.4 32位
mail server: 192.168.1.121/24 mail.test.com
dns server: 192.168.1.120/24 dns.test.com
Clinet: 192.168.1.11/24
实验要求:
一、搭建DNS服务器能够解析mail.test.com为192.168.1.121
二、在mail服务器上源码包安装apache、mysql、php
三、在mail服务器中搭建Postfix邮件服务器
四、构建Dovecot服务器
五、配置SquirreMail
六、设置SMP认证,用户别名与群组,限制用户可发送邮件大小和使用邮箱空间大
实验步骤:
一、搭建DNS服务器能够解析mail.test.com为192.168.1.121
注明:dns安装软件包就在这不写了,请参考别的安装文件。
配置DNS主配置文件
#vim /var/named/chroot/etc/named.conf
//
// named.caching-nameserver.conf
//
// Provided by Red Hat caching-nameserver package to configure the
// ISC BIND named(8) DNS server as a caching only nameserver
// (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
// DO NOT EDIT THIS FILE - use system-config-bind or an editor
// to create named.conf - edits to this file will be lost on
// caching-nameserver package upgrade.
//
options {
listen-on port 53 { any; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
forwarders { 202.106.0.20; };
// Those options should be used carefully because they disable port
// randomization
// query-source port 53;
// query-source-v6 port 53;
allow-query { any; };
allow-query-cache { any; };
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
view localhost_resolver {
match-clients { any; };
match-destinations { any; };
recursion yes;
include "/etc/named.rfc1912.zones";
};
#
vim /var/named/chroot/etc/named.rfc1912.zones
添加如下
51 zone "test.com" IN {
52 type master;
53 file "t.test";
54 allow-update { none; };
55 };
56
57 zone "1.168.192.in-addr.arpa" IN {
58 type master;
59 file "t.fan";
60 allow-update { none; };
61 };
配置DNS区域文件
#vim /var/named/chroot/var/named/t.test
$TTL 86400
@ IN SOA test.com. root.test.com. (
20120327 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
IN NS dns.dns.cn.
IN MX 5 mail.test.com.
dns IN A 192.168.1.120
mail IN A 192.168.1.121
#vim /var/named/chroot/var/named/t.fan
$TTL 86400
@ IN SOA test.com. root.test.com. (
20120327 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
IN NS dns.dns.cn.
IN MX 5 mail.test.com.
120 IN PTR dns.dns.cn.
121 IN PTR mail.test.com.
启动服务named
# service named restart
二、在mail服务器上源码包安装apache、mysql、php
(1)配置dns
[root@localhost ~]# vim /etc/resolv.conf
nameserver 192.168.1.120
(2)卸载http、mysql、php rpm包
[root@mail ~]# rpm -e httpd --nodeps
[root@mail ~]# rpm -e mysql --nodeps
[root@mail ~]# rpm -e php --nodeps
(3)配置yum,安装gcc
[root@mail ~]# vim /etc/yum.repos.d/rhel-debuginfo.repo
[rhel-debuginfo]
name=Red Hat Enterprise Linux $releasever - $basearch - Debug
baseurl=file:///media/Server
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
[root@mail ~]#yum -y install *gcc*
[root@mail ~]#yum -y install openssl-devel
(4) 安装apache
[root@mail install]# tar -zxvf httpd-2.2.15.tar.gz
[root@mail install]# cd httpd-2.2.15
[root@mail httpd-2.2.15]# ./configure --prefix=/usr/local/apache2 --enable-rewrite --enable-so --enable-auth-digest --enable-cgi --with-ssl=/usr/lib --enable-ssl --enable-suexec --with-suexec-caller=daemon --with-suexec-docroot=/usr/local/apache2/htdocs
[root@mail httpd-2.2.15]#make
[root@mail httpd-2.2.15]#make install
[root@mail httpd-2.2.15]# cd /usr/local/apache2/bin/
[root@mail bin]# vim apachectl 添加如下
#!/bin/sh
# chkconfig: 35 85 15
# description: Apache is a World Wide Web Serve
[root@mail bin]# cp apachectl /etc/init.d/apache
[root@mail bin]# chkconfig --add apache
[root@mail bin]# chkconfig apache on
[root@mail bin]# vim /usr/local/apache2/conf/httpd.conf
97 ServerName mail.test.com:80
[root@mail bin]# service apache start
(5)安装mysql
[root@mail install]# tar -zxvf mysql-5.1.44.tar.gz
[root@mail install]# cd mysql-5.1.44
[root@mail mysql-5.1.44]# rpm -qa | grep libtermcap-devel
[root@mail mysql-5.1.44]# useradd -M -s /sbin/nologin mysql
[root@mail mysql-5.1.44]# cp support-files/my-medium.cnf /etc/my.cnf
[root@mail mysql-5.1.44]# /usr/local/mysql/bin/mysql_install_db --user=mysql
[root@mail mysql-5.1.44]# chown -R mysql:mysql /usr/local/mysql/
[root@mail mysql-5.1.44]# chown -R mysql /usr/local/mysql/var/
[root@mail mysql-5.1.44]# echo "/usr/local/mysql/lib/mysql" >> /etc/ld.so.conf
[root@mail mysql-5.1.44]# ldconfig
[root@mail mysql-5.1.44]# chown -R mysql:mysql /usr/local/mysql/
[root@mail mysql-5.1.44]# chown -R mysql /usr/local/mysql/var/
[root@mail mysql-5.1.44]# echo "/usr/local/mysql/lib/mysql" >> /etc/ld.so.conf
[root@mail mysql-5.1.44]# ldconfig
[root@mail mysql-5.1.44]# cp support-files/mysql.server /etc/init.d/mysqld
[root@mail mysql-5.1.44]# chmod o+x /etc/init.d/mysqld
[root@mail mysql-5.1.44]# chkconfig --add mysqld
[root@mail mysql-5.1.44]# chkconfig mysqld on
[root@mail mysql-5.1.44]# service mysqld start
Starting MySQL. [ OK ]
[root@mail mysql-5.1.44]# ps -e | grep mysqld
17748 pts/0 00:00:00 mysqld_safe
17851 pts/0 00:00:00 mysqld
[root@mail mysql-5.1.44]# export PATH=$PATH:/usr/local/mysql/bin/
[root@mail mysql-5.1.44]# echo "export PATH=$PATH:/usr/local/mysql/bin" >> /etc/profile
[root@mail mysql-5.1.44]# mysqladmin -u root password 123456
[root@mail mysql-5.1.44]# mysql -u root -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 2
Server version: 5.1.44-log Source distributio
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement
mysql> quit
(6)安装php
[root@mail install]# tar -zxvf php-5.2.13.tar.gz
[root@mail install]# cd php-5.2.13
[root@mail php-5.2.13]# rpm -qa | grep libxml2
libxml2-python-2.6.26-2.1.2.8
libxml2-2.6.26-2.1.2.8
libxml2-devel-2.6.26-2.1.2.8
[root@mail php-5.2.13]# ./configure --prefix=/usr/local/php5 --enable-mbstring --with-apxs2=/usr/local/apache2/bin/apxs --with-mysql=/usr/local/mysql --with-config-file-path=/usr/local/php5
[root@mail php-5.2.13]#make
[root@mail php-5.2.13]#make install
[root@mail php-5.2.13]#cp php.ini-dist /usr/local/php5/php.ini
[root@mail php-5.2.13]#vim /usr/local/apache2/conf/httpd.conf
52 # LoadModule foo_module modules/mod_foo.so
53 LoadModule php5_module modules/libphp5.so
54 AddType application/x-httpd-php .php
167 <IfModule dir_module>
168 DirectoryIndex index.php index.html
169 </IfModule>
[root@mail php-5.2.13]#vim /usr/local/apache2/htdocs/index.php
[root@mail ~]# service apache stop
[root@mail ~]# service apache start
测试:http://mail.test.com
出现php页面
三、在mail服务器中搭建Postfix邮件服务器
[root@mail install]# service sendmail stop
[root@mail install]# chkconfig sendmail off
[root@mail install]# groupadd -g 1200 postdrop
[root@mail install]# groupadd -g 1000 postfix
[root@mail install]# useradd -M -u 1000 -g postfix -G postdrop -s /sbin/nologin postfix
[root@mail install]# tar -zxvf postfix-2.6.5.tar.gz -C /usr/src/
[root@mail install]# cp postfix-2.6.5-vda-ng.patch.gz /usr/src/
[root@mail install]# cd /usr/src/
[root@mail src]# gunzip postfix-2.6.5-vda-ng.patch.gz
[root@mail src]# cd postfix-2.6.5
[root@mail postfix-2.6.5]# patch -p1 < ../postfix-2.6.5-vda-ng.patch
[root@mail postfix-2.6.5]# yum -y install db*-devel
注明:卸载系统默认安装cyrus包在安装cyrus
[root@mail Server]# rpm -ivh cyrus-* --nodeps
Preparing... ########################################### [100%]
1:cyrus-sasl-lib ########################################### [ 8%]
2:cyrus-sasl ########################################### [ 15%]
3:cyrus-sasl-devel ########################################### [ 23%]
4:cyrus-sasl-gssapi ########################################### [ 31%]
5:cyrus-sasl-ldap ########################################### [ 38%]
6:cyrus-sasl-md5 ########################################### [ 46%]
7:cyrus-sasl-ntlm ########################################### [ 54%]
8:cyrus-sasl-plain ########################################### [ 62%]
9:cyrus-sasl-sql ########################################### [ 69%]
10:cyrus-imapd-perl ########################################### [ 77%]
11:cyrus-imapd-utils ########################################### [ 85%]
12:cyrus-imapd ########################################### [ 92%]
13:cyrus-imapd-devel ########################################### [100%]
[root@mail postfix-2.6.5]# make makefiles 'CCARGS=-DHAS_MYSQL -I/usr/local/mysql/include/mysql -DUSE_SASL_AUTH -DUSE_CYRUS_SASL -I/usr/include/sasl' 'AUXLIBS=-L/usr/local/mysql/lib/mysql -lmysqlclient -lz -lm -L/usr/lib/sasl2 -lsasl2'
[root@mail postfix-2.6.5]# make
[root@mail postfix-2.6.5]# make install 注明:在执行安装是出现提示一直回车即可。
[root@mail postfix-2.6.5]# cd /etc/postfix/
[root@mail postfix]# postconf -n > main2.cf
[root@mail postfix]# mv main.cf main.cf.bak
[root@mail postfix]# mv main2.cf main.cf
[root@mail postfix]# vim /etc/postfix/main.cf 添加如下行
17 inet_interfaces = 192.168.1.121,127.0.0.1
18 myhostname = mail.test.com
19 mydomain = test.com
20 myorigin = $mydomain
21 mydestination = $mydomain,$myhostname
22 home_mailbox = Maildir/
[root@mail postfix]# postfix start
postfix/postfix-script: starting the Postfix mail system
[root@mail postfix]# echo "/usr/sbin/postfix start" >> /etc/rc.local
[root@mail postfix]# netstat -antlp | grep 25
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 2525/portmap
tcp 0 0 0.0.0.0:624 0.0.0.0:* LISTEN 2562/rpc.statd
tcp 0 0 192.168.1.121:25 0.0.0.0:* LISTEN 3988/master
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 3988/master
[root@mail postfix]# groupadd mailusers
[root@mail postfix]# useradd -g mailusers -s /sbin/nologin tom
[root@mail postfix]# useradd -g mailusers -s /sbin/nologin jerry
[root@mail postfix]# useradd -g mailusers -s /sbin/nologin test
[root@mail postfix]# useradd -g mailusers -s /sbin/nologin test1
[root@mail postfix]# passwd test 注明:为这几个系统用户创建密码:11QQ···
测试:
[root@mail postfix]# telnet mail.test.com 25
Trying 192.168.1.121...
Connected to mail.test.com (192.168.1.121).
Escape character is '^]'.
220 mail.test.com ESMTP Postfix
helo mail.test.com
250 mail.test.com
250 2.1.0 Ok
250 2.1.5 Ok
data
354 End data with <CR><LF>.<CR><LF>
Subject:A test mail
Hello
This is a test mail
.
250 2.0.0 Ok: queued as 6D14A250174
quit
221 2.0.0 Bye
Connection closed by foreign host.
四、构建Dovecot服务器
卸载默认系统安装dovecot软件
[root@mail install]# rpm -qa | grep dovecot
dovecot-1.0.7-7.el5
[root@mail install]# useradd -M -s /sbin/nologin dovecot
[root@mail install]# tar -zxvf dovecot-1.2.11.tar.gz
[root@mail install]# cd dovecot-1.2.11
[root@mail dovecot-1.2.11]# yum -y install pam-devel
[root@mail dovecot-1.2.11]# ./configure --sysconfdir=/etc --with-mysql --with-pam
[root@mail dovecot-1.2.11]# make
[root@mail dovecot-1.2.11]# make install
[root@mail dovecot-1.2.11]# cp /etc/dovecot-example.conf /etc/dovecot.conf
[root@mail dovecot-1.2.11]# vim /etc/dovecot.conf 注明:修改如下行
24 protocols = pop3 imap
48 disable_plaintext_auth = no
89 ssl = no
218 mail_location = maildir:~/Maildir
[root@mail dovecot-1.2.11]# vim /etc/pam.d/dovecot 注明:添加如下行
auth required pam_nologin.so
auth include system-auth
account include system-auth
session indlude system-auth
[root@mail dovecot-1.2.11]# /usr/local/sbin/dovecot -c /etc/dovecot.conf
[root@mail dovecot-1.2.11]# echo "/usr/local/sbin/dovecot -c /etc/dovecot.conf" >> /etc/rc.local
[root@mail dovecot-1.2.11]# netstat -tulnp | grep dovecot
tcp 0 0 0.0.0.0:110 0.0.0.0:* LISTEN 17309/dovecot
tcp 0 0 0.0.0.0:143 0.0.0.0:* LISTEN 17309/dovecot
(1)测试发信
[root@mail ~]# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 mail.test.com ESMTP Postfix
helo mail.test.com
250 mail.test.com
250 2.1.0 Ok
250 2.1.5 Ok
data
354 End data with <CR><LF>.<CR><LF>
ni hao wo shi peng liang
.
250 2.0.0 Ok: queued as A07272501B9
quit
221 2.0.0 Bye
Connection closed by foreign host.
(2)测试收信
[root@mail ~]# telnet localhost 110
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
+OK Dovecot ready.
user test1
+OK
pass 11qq```
+OK Logged in.
list
+OK 3 messages:
1 472
2 431
3 453
.
top 3 453
+OK
Received: from mail.test.com (localhost.localdomain [127.0.0.1])
by mail.test.com (Postfix) with SMTP id A07272501B9
Date: Wed, 28 Mar 2012 17:46:25 +0800 (CST)
To: undisclosed-recipients:;
ni hao wo shi peng liang
.
-ERR Unknown command: .
quit
+OK Logging out.
Connection closed by foreign host.
五、配置SquirreMail
[root@mail install]# tar -zxvf squirrelmail-1.4.18.tar.gz -C /usr/local/apache2/htdocs/
[root@mail install]# cd /usr/local/apache2/htdocs/
[root@mail htdocs]# mv squirrelmail-1.4.18/ webmail
[root@mail htdocs]# cd webmail/
[root@mail webmail]# tar -zxvf /install/zh_CN-1.4.18-20090526.tar.gz
[root@mail webmail]# mkdir -p attach data
[root@mail webmail]# chown -R daemon:daemon attach/ data/
[root@mail webmail]# chmod 730 attach/
[root@mail webmail]# cp config/config_default.php config/config.php
[root@mail webmail]# vim config/config.php 注明:修改如下行
118 $domain = 'test.com';
231 $imap_server_type = 'dovecot';
499 $data_dir = '/usr/local/apache2/htdocs/webmail/data/';
517 $attachment_dir = '/usr/local/apache2/htdocs/webmail/attach/';
1012 $squirrelmail_default_language = 'zh_CN';
1028 $default_charset = 'zh_CN.UTF-8';
[root@mail webmail]# vim /usr/local/apache2/conf/httpd.conf
99 ServerName mail.test.com:80
重启动apache
[root@mail webmail]# service apache stop
[root@mail webmail]# service apache start
测试:http://mail.test.com/webmail
六、设置SMP认证,用户别名与群组,限制用户可发送邮件大小和使用邮箱空
[root@mail ~]# rpm -qa | grep -i "sasl"
cyrus-sasl-gssapi-2.1.22-5.el5
cyrus-sasl-ntlm-2.1.22-5.el5
cyrus-sasl-2.1.22-5.el5
cyrus-sasl-md5-2.1.22-5.el5
cyrus-sasl-lib-2.1.22-5.el5
cyrus-sasl-ldap-2.1.22-5.el5
cyrus-sasl-sql-2.1.22-5.el5
cyrus-sasl-plain-2.1.22-5.el5
cyrus-sasl-devel-2.1.22-5.el5
如果没有安装cyrus包在redhat5.4光盘上找到安装。
[root@mail ~]# cp /usr/lib/sasl2/Sendmail.conf /usr/lib/sasl2/smtpd.conf
[root@mail ~]# cat /usr/lib/sasl2/smtpd.conf
pwcheck_method:saslauthd
[root@mail ~]# service saslauthd restart
Stopping saslauthd: [FAILED]
Starting saslauthd: [ OK ]
[root@mail ~]# chkconfig saslauthd on
[root@mail ~]# vim /etc/postfix/main.cf
注明:添加如下行
23 mailbox_size_limit = 524288000
24 message_size_limit = 50889600
25 alias_maps = hash:/etc/aliases
26 smtpd_sasl_auth_enable = yes
27 smtpd_sasl_security_options = noanonymous
28 mynetworks = 127.0.0.1
29 smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination
[root@mail ~]# postfix reload
postfix/postfix-script: refreshing the Postfix mail system
[root@mail ~]# tail -n 1 /etc/aliases
如果没有jerry就写入/etc/aliases最后一行即可。
mike: jerry
[root@mail ~]# useradd -g mailusers -s /sbin/nologin test2
[root@mail ~]# passwd test2
Changing password for user test2.
New UNIX password: 123
BAD PASSWORD: it is WAY too short
Retype new UNIX password: 123
passwd: all authentication tokens updated successfully.
测试认证:
[root@mail ~]# printf "test2" | openssl base64
dGVzdDI=
[root@mail ~]# printf "123" | openssl base64
MTIz
[root@mail ~]# telnet mail.test.com 25
Trying 192.168.1.121...
Connected to mail.test.com (192.168.1.121).
Escape character is '^]'.
220 mail.test.com ESMTP Postfix
ehlo localhost
250-mail.test.com
250-PIPELINING
250-SIZE 50889600
250-VRFY
250-ETRN
250-AUTH DIGEST-MD5 CRAM-MD5 GSSAPI NTLM PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
250 2.1.0 Ok
250 2.1.5 Ok
data
354 End data with <CR><LF>.<CR><LF>
.
250 2.0.0 Ok: queued as D13352501CB
quit
221 2.0.0 Bye
Connection closed by foreign host.
本文出自 “dsafsa_技术博客” 博客,谢绝转载!