project4电子邮局

www.extmail.net

本章目录:

        1、电子邮局介绍(成员的组成及工作原理)

        2、回顾分析第一阶段的邮局系统:        postfix(MTA smtp)+dovecot(pop3/imap)+squirrelmail(webmail)apache+php+DNS

        3、分析虚拟用户邮局系统:              postfix(MTA+maildrop+(MDA)couier-imap(MUA)+courier-authlib+apache(extmail/exman)+mysql

        4、邮局部署之前的DNS准备(MX)

        5、部署虚拟用户邮局系统

 

邮件角色

MTA 邮件传输代理  邮局    sendmail postfix qmail notes(IBM) exchange(MS)

MDA 邮件分发代理  代理机制

MUA 邮件用户代理  客户端  mail mutt  webmail foxmail outlook

 

邮件协议

smtp  简单邮件传输协议   用于发送邮件  TCP  25 465

pop3  第三版邮局协议     用于接收邮件  TCP 110 995   离线模式(1-100)

imap  互联网邮件访问协议 用于接收邮件  TCP 443 993   在线模式(锁定第几封)

 

工作原理

                                          ---DNS MX -----

            MUA ---smtpd:25--- MTA  -smtpd--- MDA --smtpd--- MTA  --pop3/imap--- MUA

 

 

回顾

postfix(MTA smtp)+dovecot(pop3/imap)+squirrelmail(webmail)apache+php+DNS + pam --> /etc/passwd|/etc/shadow

虚拟用户邮局系统

postfix(MTA)+maildrop(MDA)+couier-imap(MUA)+courier-authlib+apache(extmail/exman)+mysql

 


++++++++++部署虚拟用户邮件系统++++++++++++++++

 

 

1 配置DNSMX记录

 

[root@i ~]# vim /var/named/uplooking.com.zone

$TTL 1D

@       IN SOA  dns.uplooking.com. root.uplooking.com. (

                                        0       ; serial

                                        1D      ; refresh

                                        1H      ; retry

                                        1W      ; expire

                                        3H )    ; minimum

@       NS      dns.uplooking.com.  --DNS服务器

dns     A       192.168.0.254

 

@       MX 5    mail.uplooking.com.  --邮件服务器

mail    A       192.168.0.1

 

 

[root@node1 ~]# echo "nameserver 192.168.0.254" > /etc/resolv.conf

[root@node1 ~]# host mail.uplooking.com

mail.uplooking.com has address 192.168.0.1

 

 

 

 

2  配置本地ISO源与EMOS

 

[root@node1 ~]# rm -fr /etc/yum.repos.d/*

 

[root@node1 ~]# vim /etc/yum.repos.d/emos.repo

[local]

baseurl=ftp://192.168.0.254/pub/rhel6/dvd

gpgcheck=0

 

 

[emos]

baseurl=ftp://192.168.0.254/EMOS

gpgcheck=0

 

3 安装MTA postfix  ---- 升级(qmail)

 

--升级postfix

[root@node1 ~]# yum -y install postfix

 

postfix是否加载mysql模块

[root@node1 ~]# postconf -m |grep mysql

mysql

 

 

配置postfix(命令回顾)

# postconf--查询所有已经生效配置

# postconf -n--查询自定义的配置

# postconf -d--查询默认配置

# postconf -m--查询postfix支持的模块列表

# postconf -e--通过非交互模式配置文件修改,用于脚本方式配置postfix

 

生成配置文件

[root@node1 ~]# postconf -n >> /etc/postfix/main.cf.new

[root@node1 ~]# mv /etc/postfix/main.cf /etc/postfix/main.cf.old

[root@node1 ~]# cp /etc/postfix/main.cf.new /etc/postfix/main.cf

 

[root@node1 ~]# vim /etc/postfix/main.cf

alias_database = hash:/etc/postfix/aliases

alias_maps = hash:/etc/postfix/aliases

command_directory = /usr/sbin

config_directory = /etc/postfix

daemon_directory = /usr/libexec/postfix

data_directory = /var/lib/postfix

debug_peer_level = 2

html_directory = /usr/share/doc/postfix-2.7.3-documentation/html

mail_owner = postfix

mailq_path = /usr/bin/mailq.postfix

manpage_directory = /usr/share/man

newaliases_path = /usr/bin/newaliases.postfix

queue_directory = /var/spool/postfix

readme_directory = /usr/share/doc/postfix-2.7.3-documentation/readme

sample_directory = /etc/postfix

sendmail_path = /usr/sbin/sendmail.postfix

setgid_group = postdrop

unknown_local_recipient_reject_code = 550

 

# hostname  --邮件主机信息

mynetworks = 127.0.0.1

myhostname = mail.uplooking.com

mydomain = uplooking.com

mydestination = $mynetworks $myhostname $mydomain

 

# banner --欢迎信息

mail_name = Postfix - by uplooking.com

smtpd_banner = $myhostname ESMTP $mail_name

# response immediately  --错误报告立刻返回

smtpd_error_sleep_time = 0s

 

# Message and return code control --单位字节  单封邮件与邮件家目录的限制

message_size_limit = 50000000

mailbox_size_limit = 1024000000

show_user_unknown_table_name = no

 

# Queue lifetime control  --生命周期

bounce_queue_lifetime = 1d

maximal_queue_lifetime = 1d

 

4 安装MDA (maildrop)

[root@node1 ~]# yum -y install maildrop

 

定义maildrop程序

[root@node1 ~]# id vuser

uid=1000(vuser) gid=1000(vgroup) =1000(vgroup)

 

[root@node1 ~]# vim /etc/postfix/master.cf

maildrop   unix        -       n        n        -        -        pipe

   flags=DRhu user=vuser argv=maildrop -w 90 -d ${user}@${nexthop} ${recipient} ${user} ${extension} {nexthop}

 

5  安装配置Courier-Authlib验证中间件:

[root@node1 ~]# rpm -qa  |grep authlib

courier-authlib-0.62.4-1.el6.FT.x86_64

 

[root@node1 docs]# yum -y install courier-authlib courier-authlib-mysql

 

[root@node1 ~]# rpm -ql courier-authlib |grep mysql

/etc/authlib/authmysqlrc.dist

/usr/share/doc/courier-authlib-0.62.4/README.authmysql.html

/usr/share/doc/courier-authlib-0.62.4/README.authmysql.myownquery

--清空配置文件 重新定义中间件程序 如何 连接数据库

[root@node1 ~]# :> /etc/authlib/authmysqlrc

 

[root@node1 ~]# vim /etc/authlib/authmysqlrc

 

MYSQL_SERVER            localhost

MYSQL_USERNAME          extmail

MYSQL_PASSWORD          extmail

MYSQL_SOCKET            /var/lib/mysql/mysql.sock

MYSQL_PORT              3306

MYSQL_OPT               0

MYSQL_DATABASE          extmail

MYSQL_USER_TABLE        mailbox

MYSQL_CRYPT_PWFIELD     password

MYSQL_UID_FIELD         uidnumber

MYSQL_GID_FIELD         gidnumber

MYSQL_LOGIN_FIELD       username

MYSQL_HOME_FIELD        homedir

MYSQL_NAME_FIELD        name

MYSQL_MAILDIR_FIELD     maildir

MYSQL_QUOTA_FIELD       quota

MYSQL_SELECT_CLAUSE     SELECT username,password,"",uidnumber,gidnumber,\

                        CONCAT('/home/domains/',homedir),               \

                        CONCAT('/home/domains/',maildir),               \

                        quota,                                          \

                        name                                            \

                        FROM mailbox                                    \

                        WHERE username = '$(local_part)@$(domain)'

 

[root@node1 ~]# vim /etc/authlib/authdaemonrc

authmodulelist="authmysql"

authmodulelistorig="authmysql"

 

启动服务

[root@node1 ~]# /etc/rc.d/init.d/courier-authlib  start

[root@node1 ~]# chkconfig courier-authlib on

 

修改authdaemon socket目录权限,如果该目录权限不正确修改,maildroppostfix等将无法正确获取用户的信息及密码认证:

思路 MTA--postfix--maildrop ---/var/spool/authdaemon/socket----- authdaemonrc---/etc/authlib/authmysqlrc

 

[root@node1 ~]# chmod 755 /var/spool/authdaemon/

 

6 虚拟主机设置

 

[root@node1 ~]# yum -y install httpd

[root@node1 ~]# vim /etc/httpd/conf.d/vhost_mail.uplooking.conf

NameVirtualHost *:80

<VirtualHost *:80>

ServerName mail.uplooking.com

DocumentRoot /var/www/extsuite/extmail/html/

 

ScriptAlias /extmail/cgi/ /var/www/extsuite/extmail/cgi/

Alias /extmail /var/www/extsuite/extmail/html/

 

ScriptAlias /extman/cgi/ /var/www/extsuite/extman/cgi/

Alias /extman /var/www/extsuite/extman/html/

 

# Suexec config

SuexecUserGroup vuser vgroup

</VirtualHost>

7  安装与配置页面

安装页面  后台 webman --extsuite-webman

[root@node1 ~]# yum -y install extsuite-webman

 

安装页面  前端 extmail  --extsuite-webmail

[root@node1 ~]# yum -y install extsuite-webmail

 

配置页面

[root@node1 ~]# cp /var/www/extsuite/extmail/webmail.cf.default /var/www/extsuite/extmail/webmail.cf

[root@node1 ~]# vim /var/www/extsuite/extmail/webmail.cf

SYS_MYSQL_USER = extmail

SYS_MYSQL_PASS = extmail

SYS_MYSQL_DB = extmail

SYS_MYSQL_HOST = localhost

SYS_MYSQL_SOCKET = /var/lib/mysql/mysql.sock

 

修改权限

[root@node1 ~]# chown vuser.vgroup /var/www/extsuite/extmail/cgi/ -R

[root@node1 ~]# chown vuser.vgroup /var/www/extsuite/extman/cgi/ -R

[root@node1 ~]#  mkdir /tmp/extman

[root@node1 ~]#  chmod 777 /tmp/extman/

 

8  安装数据库

[root@node1 ~]# yum -y install mysql-server mysql

[root@node1 ~]# service mysqld start

 

导入mysql数据库结构及初始化数据,root密码默认为空

[root@node1 ~]# mysql < /var/www/extsuite/extman/docs/extmail.sql

[root@node1 ~]# mysql <   /var/www/extsuite/extman/docs/init.sql

 

测试帐号

[root@node1 ~]# mysql -uextmail -pextmail extmail  --SELECTUPDATE

[root@node1 ~]# mysql -uwebman -pwebman extmail    --SELECT, INSERT, UPDATE, DELETE

 

 

启动httpd

[root@node1 ~]# service httpd start

[root@node1 ~]# chkconfig httpd on

 

9 设置虚拟域和虚拟用户的配置文件

[root@node1 ~]# cd /var/www/extsuite/extman/docs/

[root@node1 docs]# cp mysql_virtual_* /etc/postfix/

 

[root@node1 docs]# vim /etc/postfix/main.cf

#mydestination = $mynetworks $myhostname $mydomain

# extmail config here

virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf

virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf

virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf

virtual_transport = maildrop:

[root@node1 docs]# service postfix restart

 

登录后台注册域名 uplooking.com

 

在注册邮件用户

 

http://mail.uplooking.com/extman/cgi/index.cgi

ExtMan的默认超级管理员帐户:[email protected],初始密码:extmail*123*,登陆成功后,建议将密码修改,以确保安全。

 

-----------测试

 

 

手连接数据库

 

[root@node1 ~]# mysql -uextmail -pextmail extmail

mysql> SELECT username,password,"",uidnumber,gidnumber,CONCAT('/home/domains/',homedir),CONCAT('/home/domains/',maildir),quota,name from mailbox where username='[email protected]'\G

*************************** 1. row ***************************

                        username: [email protected]

                        password: $1$DxNPON8B$yzxRpp7lQu5.WWi4ljINF/

                                :

                       uidnumber: 1000

                       gidnumber: 1000

CONCAT('/home/domains/',homedir): /home/domains/uplooking.com/u01

CONCAT('/home/domains/',maildir): /home/domains/uplooking.com/u01/Maildir/

                           quota: 5242880S

                            name: user01

1 row in set (0.00 sec)

使用命令 自动连接数据库查询

[root@node1 docs]# authtest -s /var/spool/authdaemon/socket [email protected] 123

Authentication succeeded.

 

     Authenticated: [email protected]  (uid 1000, gid 1000)

    Home Directory: /home/domains/uplooking.com/u01

           Maildir: /home/domains/uplooking.com/u01/Maildir/

             Quota: 5242880S

Encrypted Password: $1$DxNPON8B$yzxRpp7lQu5.WWi4ljINF/

Cleartext Password: 123

           Options: (none)

[root@node1 docs]# authtest -s /var/spool/authdaemon/socket [email protected] 456

Authentication succeeded.

 

     Authenticated: [email protected]  (uid 1000, gid 1000)

    Home Directory: /home/domains/uplooking.com/u02

           Maildir: /home/domains/uplooking.com/u02/Maildir/

             Quota: 5242880S

Encrypted Password: $1$kIEJyc6F$MsDVCUtmS/mOw2vCpOOdg0

Cleartext Password: 456

           Options: (none)

配置图形化日志:[]

[root@node1 docs]#  /usr/local/mailgraph_ext/mailgraph-init start

 

启动cmdserver(在后台显示系统信息)

[root@node1 docs]# /var/www/extsuite/extman/daemon/cmdserver --daemon

 

10 安装cyrus-sasl

[root@node1 docs]#  yum -y install cyrus-sasl cyrus-sasl-lib cyrus-sasl-plain

[root@node1 docs]# vim /etc/postfix/main.cf

# smtpd related config ----收件人定义  rcpt to:

smtpd_recipient_restrictions =                          

        permit_mynetworks,

        permit_sasl_authenticated,

        reject_non_fqdn_hostname,

        reject_non_fqdn_sender,

        reject_non_fqdn_recipient,

        reject_unauth_destination,

        reject_unauth_pipelining,

        reject_invalid_hostname,

# SMTP sender login matching config  -- --发件人定义 mail from:

smtpd_sender_restrictions =

        permit_mynetworks,

        reject_sender_login_mismatch,

        reject_authenticated_sender_login_mismatch,

        reject_unauthenticated_sender_login_mismatch

 

smtpd_sender_login_maps =

        mysql:/etc/postfix/mysql_virtual_sender_maps.cf,

        mysql:/etc/postfix/mysql_virtual_alias_maps.cf

 

# SMTP AUTH config here

broken_sasl_auth_clients = yes

smtpd_sasl_auth_enable = yes

smtpd_sasl_local_domain = $myhostname

smtpd_sasl_security_options = noanonymous

 

定义认证模块如何连接数据库

[root@node1 docs]# vim /usr/lib64/sasl2/smtpd.conf

pwcheck_method: authdaemond

log_level: 3

mech_list: PLAIN LOGIN

authdaemond_path:/var/spool/authdaemon/socket

[root@node1 docs]# service postfix restart

测试SMTP认证

通过以下命令获得[email protected]的用户名及密码的BASE64编码:

# perl -e 'use MIME::Base64; print encode_base64("u01\@uplooking.com")'

dTAxQHVwbG9va2luZy5jb20=

 

# perl -e  'use MIME::Base64; print encode_base64("123")'

MTIz

[root@node1 docs]# telnet mail.uplooking.com 25

Trying 192.168.0.1...

Connected to mail.uplooking.com.

Escape character is '^]'.

220 mail.uplooking.com ESMTP Postfix - by uplooking.com

ehlo localhost

250-mail.uplooking.com

250-PIPELINING

250-SIZE 50000000

250-VRFY

250-ETRN

250-AUTH LOGIN PLAIN

250-AUTH=LOGIN PLAIN

250-ENHANCEDSTATUSCODES

250-8BITMIME

250 DSN

auth login

334 VXNlcm5hbWU6

dTAxQHVwbG9va2luZy5jb20=

334 UGFzc3dvcmQ6

MTIz

235 2.7.0 Authentication successful

quit

221 2.0.0 Bye

Connection closed by foreign host.

11 安装Courier-imap

[root@node1 docs]# yum -y install courier-imap

[root@node1 docs]# /etc/init.d/courier-imap start

[root@node1 docs]# chkconfig courier-imap on

测试

[root@node1 docs]# telnet mail.uplooking.com 110

Trying 192.168.0.1...

Connected to mail.uplooking.com.

Escape character is '^]'.

+OK Hello there.

user [email protected]

+OK Password required.

pass 123

+OK logged in.

list

+OK POP3 clients that break here, they violate STD53.

1 658

.

retr 1

进入后台  新增加新的域 qq.com

--配置DNS( 定义DNSmx记录)

[root@i ~]# vim /var/named/qq.com.zone

@       NS      dns.qq.com.

dns     A       192.168.0.254

 

@       MX 5    mail.qq.com.

mail    A       192.168.0.1

 

--测试mx记录是否解析

[root@node1 ~]# host mail.qq.com

mail.qq.com has address 192.168.0.1

域列表----域名 qq.com

用户  ---- [email protected] 密码123

 

进入前端注册邮箱地址 [email protected] 密码456

http://mail.qq.com/extmail/cgi/index.cgi

测试帐号

[root@node1 ~]# authtest -s /var/spool/authdaemon/socket [email protected] 123

Authentication succeeded.

 

     Authenticated: [email protected]  (uid 1000, gid 1000)

    Home Directory: /home/domains/qq.com/q01

           Maildir: /home/domains/qq.com/q01/Maildir/

             Quota: 5242880S

Encrypted Password: $1$x4TzQksX$V4CTLdRCYbdRVd8w8SPUK.

Cleartext Password: 123

           Options: (none)

[root@node1 ~]# authtest -s /var/spool/authdaemon/socket [email protected] 456

Authentication succeeded.

  测试 [email protected] ---- [email protected]

       [email protected] ---- [email protected]

--------------------------------

安装EMOS系统

[root@i ~]# vim /var/named/google.com.zone

 

@       NS      dns.google.com.

dns     A       192.168.0.254

 

@       MX 5    mail.google.com.

mail    A       192.168.0.10

你可能感兴趣的:(Exchange,outlook,foxmail)