Postfix +extmail+extman+maildrop+courier-authlib+cyrus-sasl+courier-imap 配置

 

这个配置,算是所有postfox 里最简单的配置呢。。

应该才配置好,就记录了下来。NND ITEYE太不给力了 ,发布全是乱的,又整理的半天

 

 

配置准备

 

 

hostname  mail.asktun.com
vim /etc/sysconfig/network   
--------------------------------------   
HOSTNAME=mail.asktun.com 
--------------------------------------

echo "mail.asktun.com" > /proc/sys/kernel/hostname
 

EMOS 1.5 YUM

 

 vim   /etc/yum.repos.d/EMOS-Base.repo

# EMOS-Base.repo
#
# Created by ExtMail Dev Team: http://www.extmail.org/
#
# $Id$ 
[EMOS-base]
name=EMOS-Base
baseurl=http://mirror.extmail.org/yum/emos/1.5/os/$basearch/
gpgcheck=0
priority=0
protect=0
 
[EMOS-update]
name=EMOS-Updates
baseurl=http://mirror.extmail.org/yum/emos/1.5/updates/$basearch/
gpgcheck=0
priority=0
protect=0

 

 

yum clean all
 

安装数据库和一些相关的应用

 


yum install mysql-server httpd php-gd php-mb*
 

 

删除原有的sendmail

 

rpm -e --nodeps sendmail sendmail-cf
 

配置 Postfix 

 

安装postfix 包

 

yum install postfix
postconf -n >/etc/postfix/main2.cf
mv /etc/postfix/main.cf /etc/postfix/main.cf.bak
mv /etc/postfix/main2.cf /etc/postfix/main.cf

  main.cf的默认配置

 

alias_database = hash:/etc/postfix/aliases
alias_maps = hash:/etc/postfix/aliases
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
html_directory = /usr/share/doc/postfix-2.6.2-documentation/html
mail_owner = postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
newaliases_path = /usr/bin/newaliases.postfix
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.6.2-documentation/readme
sample_directory = /etc/postfix
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
unknown_local_recipient_reject_code = 550
 

添加下面配置

 

# hostname
mynetworks = 127.0.0.1
myhostname = mail.asktun.com
mydomain = asktun.com
mydestination = $mynetworks $myhostname localhost localhost.$mydomain

# banner
mail_name = Postfix - by asktun.com
smtpd_banner = $myhostname ESMTP $mail_name

# response immediately
smtpd_error_sleep_time = 0s

# Message and return code control
message_size_limit = 5242880
mailbox_size_limit = 5242880
show_user_unknown_table_name = no

# Queue lifetime control
bounce_queue_lifetime = 1d
maximal_queue_lifetime = 1d

 

配置courier-authlib

yum install courier-authlib courier-authlib-mysql
 
修改authlib 配置文件
rm -f /etc/authlib/authmysqlrc

vim /etc/authlib/authmysqlrc
 
MYSQL_SERVER            localhost
MYSQL_USERNAME          extmail
MYSQL_PASSWORD          extmail
MYSQL_SOCKET            /var/lib/mysql/mysql.sock
MYSQL_PORT              3306
MYSQL_OPT               0
MYSQL_DATABASE          extmail
MYSQL_USER_TABLE        mailbox
MYSQL_CRYPT_PWFIELD     password
MYSQL_UID_FIELD         uidnumber
MYSQL_GID_FIELD         gidnumber
MYSQL_LOGIN_FIELD       username
MYSQL_HOME_FIELD        homedir
MYSQL_NAME_FIELD        name
MYSQL_MAILDIR_FIELD     maildir
MYSQL_QUOTA_FIELD       quota
MYSQL_SELECT_CLAUSE     SELECT username,password,"",uidnumber,gidnumber,\
                        CONCAT('/home/domains/',homedir),               \
                        CONCAT('/home/domains/',maildir),               \
                        quota,                                          \
                        name                                            \
                        FROM mailbox                                    \
                        WHERE username = '$(local_part)@$(domain)'

 

修改authmysqlrc 的权限和拥有者
chown daemon.daemon /etc/authlib/authmysqlrc
chmod 660 /etc/authlib/authmysqlrc

 

修改authdaemonrc 以下内容
authmodulelist="authmysql"
authmodulelistorig="authmysql"
 
启动 # service courier-authlib start
Starting Courier authentication services: authdaemond
# 显示启动成功

 

修改authdaemon socket 目录权限,否则以下面的测试SMTP认证就不能通过
chmod 755 /var/spool/authdaemon/

 

配置 maildrop

 

yum install maildrop
 
配置master.cf 为了使Postfix支持Maildrop,必须修改/etc/postfix/master.cf文件,注释掉原来的maildrop的配置内容,并改为
vim /etc/postfix/master.cf
 
maildrop  unix  -       n       n       -       -       pipe
  flags=DRhu  user=vuser  argv=/usr/bin/maildrop  -w 90 -d ${user}@${nexthop} ${recipient} ${user} ${extension} {nexthop}
 
maildrop不支持一次接收多个收件人,因此必须在/etc/postfix/main.cf里增加如下参数
#maildrop_destination_recipient_limit=1
#这里去掉后 Postfix无法启动 查找原因在
 
测试maildrop对authlib支持
maildrop -v
 
题外话
maildrop RPM包安装时,会自动创建vuser用户及vgroup用户组,专门用于邮件的存储,vuser:vgroup的uid/gid都是1000
 

 

 

配置 apache

修改apache配置文件
# vim /etc/httpd/conf/httpd.conf

NameVirtualHost *:80

Include conf/vhost_*.conf
 
vim /etc/httpd/conf/vhost_extmail.conf
# VirtualHost for ExtMail Solution
<VirtualHost *:80>
ServerName mail.asktun.com
DocumentRoot /var/www/extsuite/extmail/html/

ScriptAlias /extmail/cgi/ /var/www/extsuite/extmail/cgi/
Alias /extmail /var/www/extsuite/extmail/html/

ScriptAlias /extman/cgi/ /var/www/extsuite/extman/cgi/
Alias /extman /var/www/extsuite/extman/html/

# Suexec config
SuexecUserGroup vuser vgroup
</VirtualHost>

 

chkconfig httpd on
 

配置  extmail+extman

安装extmail 和extman
yum install extsuite-webmail extsuite-webman

 

cp /var/www/extsuite/extmail/webmail.cf.default /var/www/extsuite/extmail/webmail.cf

vim /var/www/extsuite/extmail/webmail.cf
SYS_MYSQL_USER = extmail
SYS_MYSQL_PASS = extmail
  
更新cgi目录权限 由于SuEXEC的需要,必须将cgi目录修改成vuser:vgroup权限
chown -R vuser:vgroup /var/www/extsuite/extmail/cgi/
chown -R vuser:vgroup /var/www/extsuite/extman/cgi/

 

链接基本库到Extmail
mkdir /tmp/extman
chown -R vuser:vgroup /tmp/extman/

 

建议修改 /var/www/extsuite/extman/webman.cf
mkdir /var/www/extsuite/extman/tmp
chown -R vuser:vgroup /var/www/extsuite/extman/tmp

sed -i "s#SYS_SESS_DIR = /tmp/extman/#SYS_SESS_DIR = /var/www/extsuite/extman/tmp/#g" /var/www/extsuite/extman/webman.cf

 

 

 

数据库库初始化
# service mysqld start

# chkconfig mysqld on

 

 

修改导入数据库的域名
sed -i "s#extmail.org#asktun.com#g" /var/www/extsuite/extman/docs/init.sql

mysql -u root -p < /var/www/extsuite/extman/docs/extmail.sql
mysql -u root -p < /var/www/extsuite/extman/docs/init.sql
vim  /etc/my.cnf
bind-address = 127.0.0.1

 

注意
上述导入初始化SQL时,默认的uidnumber/gidnumber都是1000,这和vuser:vgroup 的uid/gid一致,是因为maildrop投递时会从数据库里取uidnumber/gidnumber,而在master.cf里已经定义好了投递时的运行身份(vuser:vgroup),所以这两个字段的内容必须为1000,否则将出现投递错误,例如报0×06等错误。
 

 

设置虚拟域和虚拟用户的配置文件
cp /var/www/extsuite/extman/docs/mysql_virtual_alias_maps.cf  /etc/postfix/
cp /var/www/extsuite/extman/docs/mysql_virtual_domains_maps.cf  /etc/postfix/
cp /var/www/extsuite/extman/docs/mysql_virtual_mailbox_maps.cf  /etc/postfix/
cp /var/www/extsuite/extman/docs/mysql_virtual_sender_maps.cf  /etc/postfix/
 

 

 

 

添加新的内容 vim /etc/postfix/main.cf 写道
# extmail config here
virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_transport = maildrop:

 

重启postfix
service postfix restart
 
测试authlib
authtest -s login [email protected] extmail
-------------------------------------------------------------------
Authentication succeeded.

Authenticated: [email protected] (uid 1000, gid 1000)
Home Directory: /home/domains/asktun.com/postmaster
Maildir: /home/domains/asktun.com/postmaster/Maildir/
Quota: 104857600S
Encrypted Password: $1$phz1mRrj$3ok6BjeaoJYWDBsEPZb5C0
Cleartext Password: extmail
Options: (none)
--------------------------------------------------------------------

如输出上面结果证明 extman  正确安装,数据库也正确导入, courier-authlib  正确连接 mysql 数据库

 

配置图形化日志
/usr/local/mailgraph_ext/mailgraph-init start

echo "/usr/local/mailgraph_ext/mailgraph-init start" >> /etc/rc.d/rc.local
 

 

启动cmdserver 在后台显示系统信息
/var/www/extsuite/extman/daemon/cmdserver --daemon

echo "/var/www/extsuite/extman/daemon/cmdserver -v -d" >> /etc/rc.d/rc.local

 

 

登录extmail extman
Extmail url: http://ip/extmail
Extman url: http://ip/extman

login: [email protected]
pasword: extmail*123*

 

 

 

配置 cyrus-sasl

 

删除系统自带的Cyrus-sasl
rpm -e --nodeps cyrus-sasl

 

重新安装
yum install cyrus-sasl
 

 

添加新的main.cf 配置 vim /etc/postfix/main.cf 写道
# smtpd related config
smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_non_fqdn_hostname,reject_non_fqdn_sender,reject_non_fqdn_recipient,reject_unauth_destination,reject_unauth_pipelining,reject_invalid_hostname,

# SMTP sender login matching config
smtpd_sender_restrictions = permit_mynetworks,reject_sender_login_mismatch,reject_authenticated_sender_login_mismatch,reject_unauthenticated_sender_login_mismatch
smtpd_sender_login_maps = mysql:/etc/postfix/mysql_virtual_sender_maps.cf,mysql:/etc/postfix/mysql_virtual_alias_maps.cf

# SMTP AUTH config here
broken_sasl_auth_clients = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_security_options = noanonymous

 

配置smtpd.conf vim /usr/lib/sasl2/smtpd.conf 写道
清空内容 :1,$d

----------------------------
pwcheck_method: authdaemond
log_level: 3
mech_list: PLAIN LOGIN
authdaemond_path:/var/spool/authdaemon/socket

---------------------------

 

重启postfix后测试SMTP认证
service postfix restart

perl -e 'use MIME::Base64; print encode_base64("postmaster\@asktun.com")'

[   cG9zdG1hc3RlckBhc2t0dW4uY29t   ]

perl -e 'use MIME::Base64; print encode_base64("extmail")'

[   ZXh0bWFpbA==   ]
 

 

测试 telnet mail.asktun.com 25

220 mail.asktun.com ESMTP Postfix - by asktun.
ehlo asktun.com
250-mail.asktun.com
250-PIPELINING
250-SIZE 5242880
250-VRFY
250-ETRN
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
auth login
334 VXNlcm5hbWU6
cG9zdG1hc3RlckBhc2t0dW4uY29t334   UGFzc3dvcmQ6

 

 

配置 courier-imap

 

 

默认的courier-authlib及courier-imap都会增加系统自启动设置,因此下一次服务器启动将自动启动相应的authlib及POP3服务
yum install courier-imap
 
关闭IMAP
vim /usr/lib/courier-imap/etc/imapd

IMAPDSTART=NO

vim /usr/lib/courier-imap/etc/imapd-ssl

IMAPDSSLSTART=NO

直接复制下面执行:
sed -i "s#IMAPDSTART=YES#IMAPDSTART=NO#g" /usr/lib/courier-imap/etc/imapd

sed -i "s#IMAPDSSLSTART=YES#IMAPDSSLSTART=NO#g" /usr/lib/courier-imap/etc/imapd-ssl
 
启动courier-imap 测试pop3
service courier-imap start

telnet mail.asktun.com 110


+OK Hello there.
user [email protected]
+OK Password required.
pass 123456
+OK logged in.
list
+OK POP3 clients that break here, they violate STD53.
1 4174
2 1887
3 1744
4 1632
5 65288
6 4330
7 651
8 674
.
quit
+OK Bye-bye.


 

 

 

 

 

 

 

你可能感兴趣的:(postfix)