注:本文介绍的是有关软件的安装过程和配置方法,不涉及原理介绍。如要了解邮件系统的运行原理,请参考附件中的链接。文中涉及技术和资料来源于网络,非本人原创,本文仅供个人总结和学习参考。
首先介绍下搭建所需的软件和部署环境:
MTA: Postfix 3.0.3
SASL: Cyrus-sasl 2.1.23 ; Courier-authlib 0.66.1+Courier-unicode 1.1(Courier-authlib使用Cyrus-sasl库文件访问MySQL)
MDA: Dovecot 2.0.9
DataBase: MySQL 5.1.73
WebMail: ExtMail 1.2(普通用户界面); ExtMan 1.1(管理员界面)
Web服务器(用于发布WebMail程序): Apache 2.2.15
服务器操作系统版本:RHEL 6.5
下面介绍搭建步骤:
1.通过yum安装mysql服务器和开发包
由于postfix的编译安装的配置参数中需要链接MySQL的开发头文件、库文件和SASL的开发头文件,因此首先安装mysql-server和mysql-devel包:
[root@mail postfix-3.0.3]# yum install mysql-server [root@mail postfix-3.0.3]# yum install mysql-devel
2.通过yum安装cyrus-sasl包和cyrus-sasl-devel包
[root@mail postfix-3.0.3]# yum install cyrus-sasl [root@mail postfix-3.0.3]# yum install cyrus-sasl-devel
3.编译安装postfix
在RHEL6.5上,默认安装了postfix,并通过postfix来发送邮件:
[root@mail ~]# netstat -tunlp | grep 25 tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 3510/master tcp 0 0 ::1:25 :::* LISTEN 3510/master [root@mail ~]# ps -ef | grep 3510 root 3510 1 0 2014 ? 00:01:11 /usr/libexec/postfix/master postfix 3521 3510 0 2014 ? 00:00:15 qmgr -l -t fifo -u postfix 11818 3510 0 20:41 ? 00:00:00 pickup -l -t fifo -u root 11989 11958 0 21:43 pts/0 00:00:00 grep 3510
但是默认安装的postfix,其配置不太明确,因此建议将其卸载掉,重新编译安装。
首先停止服务,卸载postfix:
[root@mail ~]# service postfix stop Shutting down postfix: [ OK ] [root@mail ~]# rpm -e postfix
通过postfix的官网(http://www.postfix.org/)下载安装包并上传到服务器,解压并进行编译安装,在编译时注意配置mysql和cyrus-sasl所提供的头文件和库文件所在的路径:
[root@mail ~]# ls -l postfix-3.0.3.tar.gz -rw-r--r--. 1 root root 4240588 Dec 20 09:35 postfix-3.0.3.tar.gz [root@mail ~]# tar -xf postfix-3.0.3.tar.gz [root@mail ~]# cd postfix-3.0.3/ [root@mail postfix-3.0.3]# make makefiles 'CCARGS=-DHAS_MYSQL -I /usr/include/mysql \ -DUSE_SASL_AUTH \ -DUSE_CYRUS_SASL -I /usr/include/sasl \ -DUSE_TLS'\ 'AUXLIBS= -L/usr/lib64/mysql\ -lmysqlclient \ -lz \ -lrt \ -lm \ -L/usr/lib64/sasl2 \ -lsasl2 \ -lssl \ -lcrypto'
之后执行make&&make install操作,在执行make install操作后,安装程序会进行交互,要求对postfix进行配置:
[root@mail postfix-3.0.3]# make && make install ... Please specify the prefix for installed file names. Specify this ONLY if you are building ready-to-install packages for distribution to OTHER machines. See PACKAGE_README for instructions. install_root: [/] Please specify a directory for scratch files while installing Postfix. You must have write permission in this directory. tempdir: [/root/postfix-3.0.3] /tmp/postfix Please specify the final destination directory for installed Postfix configuration files. config_directory: [/etc/postfix] Please specify the final destination directory for installed Postfix administrative commands. This directory should be in the command search path of adminstrative users. command_directory: [/usr/sbin] Please specify the final destination directory for installed Postfix daemon programs. This directory should not be in the command search path of any users. daemon_directory: [/usr/libexec/postfix] Please specify the final destination directory for Postfix-writable data files such as caches or random numbers. This directory should not be shared with non-Postfix software. data_directory: [/var/lib/postfix] Please specify the final destination directory for the Postfix HTML files. Specify "no" if you do not want to install these files. html_directory: [no] Please specify the owner of the Postfix queue. Specify an account with numerical user ID and group ID values that are not used by any other accounts on the system. mail_owner: [postfix] Please specify the final destination pathname for the installed Postfix mailq command. This is the Sendmail-compatible mail queue listing command. mailq_path: [/usr/bin/mailq] Please specify the final destination directory for the Postfix on-line manual pages. You can no longer specify "no" here. manpage_directory: [/usr/local/man] Please specify the final destination pathname for the installed Postfix newaliases command. This is the Sendmail-compatible command to build alias databases for the Postfix local delivery agent. newaliases_path: [/usr/bin/newaliases] Please specify the final destination directory for Postfix queues. queue_directory: [/var/spool/postfix] Please specify the final destination directory for the Postfix README files. Specify "no" if you do not want to install these files. readme_directory: [no] Please specify the final destination pathname for the installed Postfix sendmail command. This is the Sendmail-compatible mail posting interface. sendmail_path: [/usr/sbin/sendmail] Please specify the group for mail submission and for queue management commands. Specify a group name with a numerical group ID that is not shared with other accounts, not even with the Postfix mail_owner account. You can no longer specify "no" here. setgid_group: [postdrop] Please specify the final destination directory for Postfix shared-library files. shlib_directory: [no] Please specify the final destination directory for non-executable files that are shared among multiple Postfix instances, such as postfix-files, dynamicmaps.cf, as well as the multi-instance template files main.cf.proto and master.cf.proto. meta_directory: [/etc/postfix] Updating /etc/postfix/main.cf.proto... ...
上述配置过程中,有如下配置项需要注意:
mail_owner: postfix中邮件队列的所有者,要求是操作系统用户,因此通常是在操作系统中新建用户postix,并将用户名填入此项。
setgid_group:
要求填入一个用户组名,该组名不能同mail_owner的值相同。
可以新建2个普通用户,2个普通用户组:postfix和postdrop,需要注意的是RHEL6.5上已存在用户postfix和postdrop,该用户为特权用户,请先删除该用户和同名用户组后重新添加:
[root@mail postfix-3.0.3]# userdel postfix [root@mail postfix-3.0.3]# userdel postdrop [root@mail postfix-3.0.3]# groupdel postfix [root@mail postfix-3.0.3]# groupdel postdrop [root@mail postfix-3.0.3]# groupadd -g 2525 postfix [root@mail postfix-3.0.3]# useradd -g postfix -u 2525 -s /sbin/nologin -M postfix [root@mail postfix-3.0.3]# groupadd -g 2526 postdrop [root@mail postfix-3.0.3]# useradd -g postdrop -u 2526 -s /sbin/nologin -M postdrop [root@mail postfix-3.0.3]# id postfix uid=2525(postfix) gid=2525(postfix) groups=2525(postfix),12(mail) [root@mail postfix-3.0.3]# id postdrop uid=2526(postdrop) gid=2526(postdrop) groups=2526(postdrop)
注:在部署邮件服务器前,系统中已有部分文件属主属组为postfix或postdrop,如果遇到这些文件时,请将这些文件的属主属组重新修改成postfix或postdrop。
4.配置postfix并测试邮件发送
postfix有两个主要的配置文件,/etc/postfix/master.cf和/etc/postfix/maincf,其中:
postfix的服务是由多个daemon进程来协调完成的,master.cf定义了为实现特定的要求,哪些进程可以运行,将以何种方式运行。
main.cf则定义了postfix运行的环境参数。
编辑/etc/postfix/main.cf:
配置如下:
[root@mail ~]# cat /etc/postfix/main.cf | grep "^my" myhostname = mail.asika.com #邮件系统服务器主机名,应与操作系统的主机名相一致 mydomain = asika.com #提供邮件地址后缀 myorigin = $mydomain #用户域名,应与邮件地址后缀名相同 mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain #定义了当邮件地址后缀为这些字段时,将这些邮件视为本地邮件进行接收 mynetworks = 127.0.0.0/8 #允许通过如下网段访问邮件系统的用户使用中继,这里只给通过127.0.0.0,即来自本机的用户中继邮件
重启postfix服务:
[root@mail ~]# postfix stop;postfix start postfix/postfix-script: stopping the Postfix mail system postfix/postfix-script: starting the Postfix mail system
注:如果想通过SysV方式启停postfix服务,则可以搜索postfix SysV服务脚本,并添加。
重启完postfix服务后,可以看到postfix服务默认监听在25端口上:
[root@mail ~]# netstat -tunlp | grep master tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 22279/master [root@mail ~]# ps -ef | grep 22279 root 22279 1 0 21:30 ? 00:00:00 /usr/libexec/postfix/master -w postfix 22280 22279 0 21:30 ? 00:00:00 pickup -l -t unix -u postfix 22281 22279 0 21:30 ? 00:00:00 qmgr -l -t unix -u root 22406 22040 0 21:35 pts/1 00:00:00 grep 22279
使用telnet访问25号端口,可以对postfix发送邮件功能进行测试:
[root@mail ~]# telnet 127.0.0.1 25 Trying 127.0.0.1... Connected to 127.0.0.1. Escape character is '^]'. 220 mail.asika.com ESMTP Postfix ehlo mail.asika.com 250-mail.asika.com 250-PIPELINING 250-SIZE 10240000 250-VRFY 250-ETRN 250-AUTH LOGIN PLAIN 250-AUTH=LOGIN PLAIN 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN mail from:root 250 2.1.0 Ok rcpt to:root 250 2.1.5 Ok data 354 End data with <CR><LF>.<CR><LF> subject:hello 123 . 250 2.0.0 Ok: queued as 88B343AB
[root@mail ~]# mail Heirloom Mail version 12.4 7/29/08. Type ? for help. "/var/spool/mail/root": 1 messages 1 new 1 unread >N 1 root@asika.com Mon Jan 4 21:43 14/420 "hello" & 1 Message 1: From root@asika.com Mon Jan 4 21:43:14 2016 Return-Path: <root@asika.com> X-Original-To: root Delivered-To: root@asika.com subject:hello Date: Mon, 4 Jan 2016 21:42:41 +0800 (CST) From: root@asika.com Status: R 123
[root@mail ~]# telnet 127.0.0.1 25 Trying 127.0.0.1... Connected to 127.0.0.1. Escape character is '^]'. 220 mail.asika.com ESMTP Postfix ehlo mail.asika.com 250-mail.asika.com 250-PIPELINING 250-SIZE 10240000 250-VRFY 250-ETRN 250-AUTH LOGIN PLAIN 250-AUTH=LOGIN PLAIN 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN mail from:a@b.com 250 2.1.0 Ok rcpt to:d@c.com 250 2.1.5 Ok data 354 End data with <CR><LF>.<CR><LF> subject:hello 123 . 250 2.0.0 Ok: queued as CE65F35F
查看/var/log/maillog日志,发现当收件人地址为本地(mydestination定义值)时,会将邮件投递到本地用户的mailbox中,如果收件人地址后缀非本机所在域名,会尝试访问地址后缀对应的网址,试图为该邮件进行中继:
[root@mail ~]# tail /var/log/maillog Jan 4 21:39:55 mail postfix/smtpd[22508]: connect from localhost[127.0.0.1] Jan 4 21:41:09 mail postfix/smtpd[22508]: disconnect from localhost[127.0.0.1] quit=1 commands=1 Jan 4 21:42:23 mail postfix/smtpd[22508]: connect from localhost[127.0.0.1] Jan 4 21:42:51 mail postfix/smtpd[22508]: 88B343AB: client=localhost[127.0.0.1] Jan 4 21:43:14 mail postfix/cleanup[22648]: 88B343AB: message-id=<20160104134251.88B343AB@mail.asika.com> Jan 4 21:43:14 mail postfix/qmgr[22281]: 88B343AB: from=<root@asika.com>, size=303, nrcpt=1 (queue active) Jan 4 21:43:14 mail postfix/local[22667]: warning: dict_nis_init: NIS domain name not set - NIS lookups disabled Jan 4 21:43:14 mail postfix/local[22667]: 88B343AB: to=<root@asika.com>, orig_to=<root>, relay=local, delay=33, delays=32/0.09/0/0.03, dsn=2.0.0, status=sent (delivered to mailbox) Jan 4 21:43:14 mail postfix/qmgr[22281]: 88B343AB: removed
[root@mail ~]# tail /var/log/maillog Jan 4 21:30:38 mail postfix/master[22279]: daemon started -- version 3.0.1, configuration /etc/postfix Jan 4 21:38:44 mail postfix/smtpd[22508]: warning: dict_nis_init: NIS domain name not set - NIS lookups disabled Jan 4 21:38:44 mail postfix/smtpd[22508]: connect from localhost[127.0.0.1] Jan 4 21:39:11 mail postfix/smtpd[22508]: CE65F35F: client=localhost[127.0.0.1] Jan 4 21:39:44 mail postfix/cleanup[22512]: CE65F35F: message-id=<20160104133911.CE65F35F@mail.asika.com> Jan 4 21:39:44 mail postfix/qmgr[22281]: CE65F35F: from=<a@b.com>, size=299, nrcpt=1 (queue active) Jan 4 21:39:44 mail postfix/smtp[22531]: CE65F35F: to=<d@c.com>, relay=none, delay=40, delays=40/0.13/0/0, dsn=4.4.3, status=deferred (Host or domain name not found. Name service error for name=c.com type=MX: Host not found, try again)
下一篇文章将介绍dovecot的安装和配置,并通过dovecot来接收邮件,以及使用sasl来对postfix的发件地址进行验证。