Postfix+extmail+dovecot+ courier-authlib 实现公网邮件服务器
系统环境: Centos 6.5 x64
准备工作:关 selinux 、iptables
基于: lnmp 环境
先安装 epel yum源 :
Rpm -ivh epel-release-6-8.noarch.rpm
安装所需rpm包:
为了方便,yum安装的php、mysql
yum -y install vim gcc gcc-c++ openssl openssl-devel db4-devel ntpdate mysql* php* cyrus-sasl-md5 perl-GD perl-DBD-MySQL perl-GD perl-CPAN perl-CGI perl-CGI-Session cyrus-sasl-lib cyrus-sasl-plain cyrus-sasl cyrus-sasl-devel libtool-ltdl-devel telnet mail libicu-devel perl-Unix-Syslog* perl-FCGI*
安装postfix
卸载系统自带的postfix , 删除用户,重建用户
yum -y remove postfix
Userdel postfix
Groupdel postdrop
Groupadd -g 1000 postfix #注意,此处postfix的uid一定要1000!
Useradd -g postfix -u 1000 -s /sbin/nologin -M postfix
Groupadd -g 2526 postdrop
Useradd -g postdrop -u 2526 -s /sbin/nologin -M postdrop
开启saslauthd,不然编译postfix 的时候会报错
service saslauthd start
chkconfig saslauthd on
安装postfix
wget http://mirrors.go-parts.com/postfix/source/official/postfix-3.0.1.tar.gz
tar -zxvf postfix-3.0.1.tar.gz
cd postfix-3.0.1
make makefiles 'CCARGS=-DHAS_MYSQL -I/usr/include/mysql -DUSE_SASL_AUTH -DUSE_CYRUS_SASL -I/usr/include/sasl -DUSE_TLS ' 'AUXLIBS=-L/usr/lib64/mysql -lmysqlclient -lz -lrt -lm -L/usr/lib64/sasl2 -lsasl2 -lssl -lcrypto'
make && make install
make install的时候会有个交互式的界面,自定义一些目录,我们这里只更改第二项临时文件目录,其他的全部默认。
Please specify the prefix for installed file names. Specify this ONLY
if you are building ready-to-install packages for distribution to OTHER
machines. See PACKAGE_README for instructions.
install_root: [/]
Please specify a directory for scratch files while installing Postfix. You
must have write permission in this directory.
tempdir: [/root/postfix-3.0.1] /tmp/extmail
…………………………
…………………………
shlib_directory: [no]
Please specify the final destination directory for non-executable files
that are shared among multiple Postfix instances, such as postfix-files,
dynamicmaps.cf, as well as the multi-instance template files main.cf.proto
and master.cf.proto.
meta_directory: [/etc/postfix]
更改目录属主属组
chown -R postfix:postdrop /var/spool/postfix
chown -R postfix:postdrop /var/lib/postfix/
chown root /var/spool/postfix
chown -R root /var/spool/postfix/pid
修改postfix的配置文件
[root@localhost ~]# vim /etc/postfix/main.cf
myhostname = mail.test.com //设置主机名
mydomain = test.com //指定域名
myorigin = $mydomain //指明发件人所在的域名
inet_interfaces = //all指定postfix系统监听的网络接口
mydestination = //一定要为空!!!指定postfix接收邮件时收件人的域名 [使用虚拟域需要禁用]
mynetworks =172.16.7.0/24, 127.0.0.0/8, 210.14.143.xx/27 //指定信任的客户端
relay_domains = $mydestination //指定允许中转邮件的域名
alias_maps = hash:/etc/aliases //设置邮件的别名
安装dovecot
[root@localhost ~]# yum install -y dovecot*
[root@localhost dovecot]# vim dovecot.conf //直接在配置文件最后添加即可
protocols = imap pop3
!include conf.d/*.conf
listen = *
base_dir = /var/run/dovecot/
[root@localhost dovecot]# cd conf.d/
[root@localhost conf.d]# vim 10-auth.conf
disable_plaintext_auth = no
[root@localhost conf.d]# vim 10-mail.conf
mail_location = maildir:~/Maildir
mail_location = maildir:/var/mailbox/%d/%n/Maildir
mail_privileged_group = mail
[root@localhost conf.d]# vim 10-ssl.conf
ssl = no
[root@localhost conf.d]# vim 10-logging.conf og_path = /var/log/dovecot.log
info_log_path = /var/log/dovecot.info
log_timestamp = "%Y-%m-%d %H:%M:%S "
[root@localhost conf.d]# cp auth-sql.conf.ext auth-sql.conf
[root@localhost conf.d]# vim auth-sql.conf
passdb { driver = sql # Path for SQL configuration file, see example-config/dovecot-sql.conf.ext args = /etc/dovecot/dovecot-sql.conf.ext}
userdb { driver = sql args = /etc/dovecot/dovecot-sql.conf.ext}
编辑dovecot通过mysql认证的配置文件
[root@localhost conf.d]# vim /etc/dovecot-mysql.conf
driver = mysql
connect = host=localhost dbname=extmail user=extmail password=extmail
default_pass_scheme = CRYPT
password_query = SELECT username AS user,password AS password FROM mailbox WHERE username = '%u'
user_query = SELECT maildir, uidnumber AS uid, gidnumber AS gid FROM mailbox WHERE username = '%u'
安装courier-authlib
先安装 courier-unicode ,不然会报错
[root@localhost ~]# wget http://sourceforge.net/projects/courier/files/courier-unicode/1.2/courier-unicode-1.2.tar.bz2
[root@localhost ~]# tar xf courier-unicode-1.2.tar.bz2
[root@localhost ~]# cd courier-unicode-1.2
[root@localhost courier-unicode-1.2]# ./configure
[root@localhost courier-unicode-1.2]# make && make install
下载解压并并编译
[root@localhost ~]#
wget http://sourceforge.net/projects/courier/files/authlib/0.66.2/courier-authlib-0.66.2.tar.bz2
[root@localhost ~]# tar xf courier-authlib-0.66.2.tar.bz2
[root@localhost ~]# cd courier-authlib-0.66.2
[root@localhost ~]# ./configure \
--prefix=/usr/local/courier-authlib \
--sysconfdir=/etc \
--without-authpam \
--without-authshadow \
--without-authvchkpw \
--without-authpgsql \
--with-authmysql \
--with-mysql-libs=/usr/lib64/mysql \
--with-mysql-includes=/usr/include/mysql \
--with-redhat \
--with-authmysqlrc=/etc/authmysqlrc \
--with-authdaemonrc=/etc/authdaemonrc \
--with-mailuser=postfix
[root@localhost ~]# make && make install
配置:
[root@localhost courier-authlib-0.66.2]# chmod 755 /usr/local/courier-authlib/var/spool/authdaemon
[root@localhost courier-authlib-0.66.2]# cp /etc/authdaemonrc.dist /etc/authdaemonrc
[root@localhost courier-authlib-0.66.2]# cp /etc/authmysqlrc.dist /etc/authmysqlrc
[root@localhost courier-authlib-0.66.2]# vim /etc/authdaemonrc //配置文件里的验证方法比较多,我们这里只使用authmysql
authmodulelist="authmysql"
authmodulelistorig="authmysql"
[root@localhost courier-authlib-0.66.2]# vim /etc/authmysqlrc //直接添加到配置文件尾部,然后去上面将响应系统默认的注视掉,或者删除即可
MYSQL_SERVER localhost
MYSQL_USERNAME extmail
MYSQL_PASSWORD extmail
MYSQL_SOCKET /var/lib/mysql/mysql.sock
MYSQL_PORT 3306
MYSQL_DATABASE extmail
MYSQL_USER_TABLE mailbox
MYSQL_CRYPT_PWFIELD password
DEFAULT_DOMAIN test.com
MYSQL_UID_FIELD '1000'
MYSQL_GID_FIELD '1000'
MYSQL_LOGIN_FIELD username
MYSQL_HOME_FIELD concat('/var/mailbox/',homedir)
MYSQL_NAME_FIELD name
MYSQL_MAILDIR_FIELD concat('/var/mailbox/',maildir)
courier-authlib添加服务启动脚本及其他
[root@localhost courier-authlib-0.66.2]# cp courier-authlib.sysvinit /etc/init.d/courier-authlib
[root@localhost courier-authlib-0.66.2]# chmod +x /etc/init.d/courier-authlib
[root@localhost courier-authlib-0.66.2]# chkconfig --add courier-authlib
[root@localhost courier-authlib-0.66.2]# chkconfig courier-authlib on
[root@localhost courier-authlib-0.66.2]# echo "/usr/local/courier-authlib/lib/courier-authlib" >> /etc/ld.so.conf.d/courier-authlib.conf
[root@localhost courier-authlib-0.66.1]# ldconfig
[root@localhost courier-authlib-0.66.1]# service courier-authlib start
Starting Courier authentication services: authdaemond
smtp以及虚拟用户相关的设置
[root@localhost ~]# vim /usr/lib64/sasl2/smtpd.conf //文件不存在,要自己创建
pwcheck_method: authdaemond
log_level: 3
mech_list: PLAIN LOGIN
authdaemond_path:/usr/local/courier-authlib/var/spool/authdaemon/socket
[root@localhost ~]# vim /etc/postfix/main.cf
##postfix支持SMTP##
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =
smtpd_recipient_restrictions =
permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination
broken_sasl_auth_clients=yes
smtpd_client_restrictions = permit_sasl_authenticated
smtpd_sasl_security_options = noanonymous
##postfix支持虚拟用户##
virtual_mailbox_base = /var/mailbox
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf //这里的配置文件需在后面extman里复制过来
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_alias_domains =
virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_uid_maps = static:1000
virtual_gid_maps = static:1000
virtual_transport = virtual
安装extmail
下载链接:
http://7xivyw.com1.z0.glb.clouddn.com/extmail-1.2.tar.gz
http://7xivyw.com1.z0.glb.clouddn.com/extman-1.1.tar.gz
[root@localhost ~]# mkdir -p /var/www/extsuite
[root@localhost ~]# tar xf extmail-1.2.tar.gz -C /var/www/extsuite/
[root@localhost ~]# mv /var/www/extsuite/extmail-1.2/ /var/www/extsuite/extmail
更改extmail的配置文件
[root@localhost ~]# cd /var/www/extsuite/extmail
[root@localhost extmail]# cp webmail.cf.default webmail.cf
[root@localhost extmail]# vim webmail.cf
SYS_SESS_DIR = /tmp/extmail
SYS_UPLOAD_TMPDIR = /tmp/extmail/upload
SYS_USER_LANG = zh_CN
SYS_MIN_PASS_LEN = 8
SYS_SESS_TIMEOUT = 8h #解决extmail报session问题,登录的时候顺便把ip安全取消
SYS_MAILDIR_BASE = /var/mailbox
SYS_MYSQL_USER = extmail
SYS_MYSQL_PASS = extmail
SYS_MYSQL_DB = extmail
SYS_MYSQL_HOST = localhost
SYS_MYSQL_SOCKET = /var/lib/mysql/mysql.sock
SYS_MYSQL_TABLE = mailbox
SYS_MYSQL_ATTR_USERNAME = username
SYS_MYSQL_ATTR_DOMAIN =domain
SYS_MYSQL_ATTR_PASSWD = password
SYS_AUTHLIB_SOCKET = /usr/local/courier-authlib/var/spool/authdaemon/socket
建立临时文件目录与session目录
[root@localhost extmail]# mkdir -p /tmp/extmail/upload
[root@localhost extmail]# chown -R postfix.postfix /tmp/extmail/
安装extman
[root@localhost ~]# tar xf extman-1.1.tar.gz -C /var/www/extsuite/
[root@localhost ~]# cd /var/www/extsuite/
[root@localhost extsuite]# mv extman-1.1/ extman
[root@localhost extsuite]# cd extman/
[root@localhost extman]# cp webman.cf.default webman.cf
修改extman的配置文件!避免蛋疼问题!
更改cgi目录属主属组
[root@localhost extman]# chown -R postfix.postfix /var/www/extsuite/extman/cgi/
[root@localhost extman]# chown -R postfix.postfix /var/www/extsuite/extmail/cgi/
导入数据库
由于数据库不能识别TYPE=MyISAM,所以这里直接导入会出错,先编辑extmail.sql数据库文件,将TYPE=MyISAM更改为ENGINE=MyISAM
[root@localhost extman]# vim docs/extmail.sql
:% s/TYPE/ENGINE/g
共有五处修改
导入还是会报错
[root@localhost extman]# mysql -uroot < docs/extmail.sql
ERROR 1364 (HY000) at line 31: Field 'ssl_cipher' doesn't have a default value
此处需要修改my.cnf配置文件
[root@localhost extman]# vim /etc/my.cnf
# Recommended in standard MySQL setup
#sql_mode=NO_ENGINE_SUBSTITUTION,STRICT_TRANS_TABLES //将这行注视掉,重启mysql,这里需要注意的是,等数据库导入成功后,这项是不可以去掉注释的,不然mysql就启动不起来了。
再次导入数据库
[root@localhost extman]# mysql -uroot < docs/extmail.sql
[root@localhost extman]# mysql -uroot < docs/init.sql
创建数据库用户extmail并授予权限
mysql> GRANT ALL ON extmail.* to extmail@'%' identified by 'extmail'; //这里直接在授权任何权限在任意地址上了
Query OK, 0 rows affected (0.00 sec)
mysql> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.00 sec)
复制四-4提到的配置文件
[root@localhost ~]# cd /var/www/extsuite/extman/docs/
[root@localhost docs]# cp mysql_virtual_* /etc/postfix/
为extman创建临时目录
[root@localhost extman]# mkdir /tmp/extman
[root@localhost extman]# chown -R postfix.postfix /tmp/extman/
启动postfix、dovecot
[root@localhost extman]# ss -tnluo | grep :25
tcp LISTEN 0 100 *:25 *:*
[root@localhost extman]# ps aux | grep dovecot
root 2220 0.1 0.3 15616 1508 ? Ss 03:02 0:00 /usr/sbin/dovecot -F
dovecot 2223 0.0 0.1 9312 1004 ? S 03:02 0:00 dovecot/anvil
root 2224 0.0 0.2 9440 1172 ? S 03:02 0:00 dovecot/log
root 2226 0.0 0.4 12428 2184 ? S 03:02 0:00 dovecot/config
root 2240 0.0 0.1 112640 972 pts/0 R+ 03:02 0:00 grep --color=auto dovecot
测试
[root@localhost courier-authlib-0.66.2]# /usr/local/courier-authlib/sbin/authtest -s login [email protected]extmail
Authentication succeeded. //显示这个表示成功,测试时使用的是[email protected],因为我们导入的数据库init.sql里面自带了这个。
Authenticated: [email protected] (uid 1000, gid 1000)
Home Directory: /var/mailbox/extmail.org/postmaster //这里需要注意/var/mailbox这个目录现在我们还没有创建,后面web访问的时候如果没有会报错,所以提前创建。
Maildir: /var/mailbox/extmail.org/postmaster/Maildir/
Quota: (none)
Encrypted Password: $1$phz1mRrj$3ok6BjeaoJYWDBsEPZb5C0
Cleartext Password: extmail
Options: (none)
创建邮箱目录并授权:
[root@localhost courier-authlib-0.66.2]# mkdir /var/mailbox
[root@localhost courier-authlib-0.66.2]# chown -R postfix.postfix /var/mailbox/
测试smtp发信
[root@localhost ~]# printf "postmaster@extmail.org" | openssl base64
cG9zdG1hc3RlckBleHRtYWlsLm9yZw==
[root@localhost ~]# printf "extmail" | openssl base64
ZXh0bWFpbA==
[root@localhost ~]# telnet localhost 25
Trying ::1...
telnet: connect to address ::1: Connection refused
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 mail.daen.com ESMTP Postfix
auth login
334 VXNlcm5hbWU6
cG9zdG1hc3RlckBleHRtYWlsLm9yZw==
334 UGFzc3dvcmQ6
ZXh0bWFpbA==
235 2.7.0 Authentication successful //成功
quit
221 2.0.0 Bye
Connection closed by foreign host.
测试成功!
启动extmail 自带的 cgi解析程序:
[root@localhost ~]# vim /var/www/extsuite/extmail/dispatch-init
SU_UID=postfix
SU_GID=postfix
启动dispatch-init
[root@localhost ~]# /var/www/extsuite/extmail/dispatch-init start
Starting extmail FCGI server...
启动cmdserver,不启动会出现Connection refused
[root@localhost ~]# /var/www/extsuite/extman/daemon/cmdserver -v -d
loaded ok
部署nginx , 不用启动php-fpm !
添加nginx虚拟主机
server {
listen 80;
server_name mail.test.com;
index index.html index.htm index.php index.cgi;
root /var/www/extsuite/extmail/html/;
location /extmail/cgi/ {
fastcgi_pass 127.0.0.1:8888; #extmail的cgi解析端口是8888
fastcgi_index index.cgi;
fastcgi_param SCRIPT_FILENAME /var/www/extsuite/extmail/cgi/$fastcgi_script_name;
include fastcgi.conf;
}
location /extmail/ {
alias /var/www/extsuite/extmail/html/;
}
location /extman/cgi/ {
fastcgi_pass 127.0.0.1:8888;
fastcgi_index index.cgi;
fastcgi_param SCRIPT_FILENAME /var/www/extsuite/extman/cgi/$fastcgi_script_name;
include fastcgi.conf;
}
location /extman/ {
alias /var/www/extsuite/extman/html/;
}
access_log /var/log/extmail_access.log;
}
访问就可以了,extman的登录账户为[email protected]密码为extmail*123*,首次使用需要先添加域,添加之后再修改域,改为可自由注册,再注册用户就可以登录发邮件了
部署完成!
文档转载自:http://www.iyunv.com/thread-63348-1-1.html