码迷,mamicode.com
首页 > 数据库 > 详细

poxtfix+dovecot+saslauthd+courier-authlib +mysql + extmail 完整虚拟邮箱系统部署

时间:2016-05-13 05:22:34      阅读:394      评论:0      收藏:0      [点我收藏+]

标签:dovecot   poxtfix   saslauthd   


所需软件:

平台,RHEL5.8

postfix-2.9.15 

dovecot系统自带

courier-authlib-0.62.4高与0.64本平台可能无法使用

mysql 5.7 含:

    mysql-5.7.12-1.el5.x86_64.rpm 

    mysql-community-client-5.7.12-1.el5.x86_64.rpm

    mysql-community-common-5.7.12-1.el5.x86_64.rpm

    mysql-community-devel-5.7.12-1.el5.x86_64.rpm

    mysql-community-libs-5.7.12-1.el5.x86_64.rpm

    mysql-community-libs-compat-5.7.12-1.el5.x86_64.rpm

    mysql-community-server-5.7.12-1.el5.x86_64.rpm

可以到:http://dev.mysql.com/downloads/mysql/ 上面上载

extmail-1.2 + extman-1.1

附加软件包(可以yum install直接安装):

httpd, mysql-devel, openssl-devel, libtool-ltdl-devel,libtool-ltdl,perl-DBD-MySQL, tcl, tcl-devel, libart_lgpl, libart_lgpl-devel , expect,cyrus-sasl.x86_64,cyrus-sasl-devel,cyrus-sasl-lib,cyrus-sasl-plain

并安装以下开发所用到的rpm包组:

Development Libraries

Development Tools

方法:

yum groupinstall "Development Libraries" "Development Tools"

一、准备工作:

1、关闭或卸载sendmail,并将它的随系统自动启动功能关闭:

service sendmail stop

chkconfig sendmail off

rpm -e --nodeps sendmail 

2、如果要用mysql 5.5/5.7等高版本mysql,请把系统自带的mysql相关软件包也卸载了,以确保不冲突

对于5.1以上的版本,系统的存储引擎为InnoDB,extman的脚本可能要修改,如果不想麻烦,可以用系统自带的,可能不用修改sql脚本


3、启动saslauthd服务,并将其加入到自动启动队列:

# service saslauthd start

# chkconfig saslauthd on


二、安装配置postfix


# groupadd -g 2525 postfix

# useradd -g postfix -u 2525 -s /sbin/nologin -M postfix

# groupadd -g 2526 postdrop

# useradd -g postdrop -u 2526 -s /sbin/nologin -M postdrop

# cd postfix-2.9.15

1、编译安装

# make makefiles ‘CCARGS=-DHAS_MYSQL -I/usr/include/mysql -DUSE_SASL_AUTH -DUSE_CYRUS_SASL -I/usr/include/sasl  -DUSE_TLS ‘ ‘AUXLIBS=-L/usr/lib/mysql -lmysqlclient -lz -lm -L/usr/lib/sasl2 -lsasl2  -lssl -lcrypto‘

# make

# make install


按照以下的提示输入相关的路径([]号中的是缺省值,”]”后的是输入值,省略的表示采用默认值)


  install_root: [/] /

  tempdir: [/root/postfix-2.9.3] /tmp/postfix

  config_directory: [/etc/postfix] /etc/postfix

  daemon_directory: [/usr/libexec/postfix] 

  command_directory: [/usr/sbin] 

  queue_directory: [/var/spool/postfix]

  sendmail_path: [/usr/sbin/sendmail]

  newaliases_path: [/usr/bin/newaliases]

  mailq_path: [/usr/bin/mailq]

  mail_owner: [postfix]

  setgid_group: [postdrop]   

    html_directory: [no]/var/www/html/postfix 

    manpages: [/usr/local/man]

    readme_directory: [no]


生成别名二进制文件:

#  newaliases

还有不要忘记了执行这个,否则启动可能出错报:

warning: unable to look up public/pickup: No such file or directory

warning: unable to look up public/pickup: No such file or directory

fatal: the Postfix mail system is not running

fatal: scan_dir_push: open directory maildrop: Permission denied

fatal: Postfix integrity check failed!

#post-install set-permissions

2、做简单配置

# vim /etc/postfix/main.cf

修改以下几项为您需要的配置,注意,要顶格写,否则系统会认为是上一行的延续

myhostname = mail.test.com

myorigin = test.com

mydomain = test.com

mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain

mynetworks = 192.168.1.0/24, 127.0.0.0/8

保存退出

3、为postfix编写启动服务脚本/etc/rc.d/init.d/postfix:

#!/bin/bash

#

# postfix      Postfix Mail Transfer Agent

#

# chkconfig: 2345 80 30

# description: Postfix is a Mail Transport Agent, which is the program \

#              that moves mail from one machine to another.

# processname: master

# pidfile: /var/spool/postfix/pid/master.pid

# config: /etc/postfix/main.cf

# config: /etc/postfix/master.cf


# Source function library.

. /etc/rc.d/init.d/functions


# Source networking configuration.

. /etc/sysconfig/network


# Check that networking is up.

[ $NETWORKING = "no" ] && exit 3


[ -x /usr/sbin/postfix ] || exit 4

[ -d /etc/postfix ] || exit 5

[ -d /var/spool/postfix ] || exit 6


RETVAL=0

prog="postfix"


start() {

# Start daemons.

echo -n $"Starting postfix: "

        /usr/bin/newaliases >/dev/null 2>&1

/usr/sbin/postfix start 2>/dev/null 1>&2 && success || failure $"$prog start"

RETVAL=$?

[ $RETVAL -eq 0 ] && touch /var/lock/subsys/postfix

        echo

return $RETVAL

}


stop() {

  # Stop daemons.

echo -n $"Shutting down postfix: "

/usr/sbin/postfix stop 2>/dev/null 1>&2 && success || failure $"$prog stop"

RETVAL=$?

[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/postfix

echo

return $RETVAL

}


reload() {

echo -n $"Reloading postfix: "

/usr/sbin/postfix reload 2>/dev/null 1>&2 && success || failure $"$prog reload"

RETVAL=$?

echo

return $RETVAL

}


abort() {

/usr/sbin/postfix abort 2>/dev/null 1>&2 && success || failure $"$prog abort"

return $?

}


flush() {

/usr/sbin/postfix flush 2>/dev/null 1>&2 && success || failure $"$prog flush"

return $?

}


check() {

/usr/sbin/postfix check 2>/dev/null 1>&2 && success || failure $"$prog check"

return $?

}


restart() {

stop

start

}


# See how we were called.

case "$1" in

  start)

start

;;

  stop)

stop

;;

  restart)

stop

start

;;

  reload)

reload

;;

  abort)

abort

;;

  flush)

flush

;;

  check)

check

;;

  status)

  status master

;;

  condrestart)

[ -f /var/lock/subsys/postfix ] && restart || :

;;

  *)

echo $"Usage: $0 {start|stop|restart|reload|abort|flush|check|status|condrestart}"

exit 1

esac


exit $?


# END

4、赋予执行权限并启动postfix:

# chmod +x /etc/rc.d/init.d/postfix


添加至服务列表:

# chkconfig --add postfix


开机自动启动:

# chkconfig postfix on


使用脚本重新启动服务:

# service postfix restart


5、为postfix开启基于cyrus-sasl的认证功能


验正postfix是否支持cyrussasl认证,确保出出以下结果:

# /usr/local/postfix/sbin/postconf  -a

cyrus

dovecot


#vi /etc/postfix/main.cf

############CYRUS-SASL ###################

smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination

smtpd_sasl_auth_enable = yes

smtpd_sasl_local_domain = $myhostname

smtpd_sasl_security_options = noanonymous

smtpd_sasl_path = smtpd

smtpd_banner = ESMTP,Warning:system not work!


# vi /usr/lib64/sasl2/smtpd.conf

添加如下内容:

pwcheck_method: saslauthd

mech_list: PLAIN LOGIN

重启postfix并测试

#/usr/sbin/postfix restart

# telnet localhost 25

Trying 127.0.0.1...

Connected to localhost.localdomain (127.0.0.1).

Escape character is ‘^]‘.

220 Welcome to our mail.test.com ESMTP,Warning:system not work!

ehlo mail.magedu.com

250-mail.magedu.com

250-PIPELINING

250-SIZE 10240000

250-VRFY

250-ETRN

250-AUTH PLAIN LOGIN

250-AUTH=PLAIN LOGIN       (请确保有这两行输出)

250-ENHANCEDSTATUSCODES

250-8BITMIME

250 DSN


三、安装Courier authentication library并配置其通过mysql进行验证邮箱用户

1、安装Courier authentication library

# tar xf courier-authlib-0.62.4.tar.bz2

# cd courier-authlib-0.62.4

./configure \

    --prefix=/usr/local/courier-authlib \

    --sysconfdir=/etc \

    --without-authpam \

    --without-authshadow \

    --without-authvchkpw \

    --without-authpgsql \

    --with-authmysql=yes \

    --with-mysql-libs=/usr/lib64/mysql \

    --with-mysql-includes=/usr/include/mysql \

    --with-redhat \

    --with-authmysqlrc=/etc/authmysqlrc \

    --with-authdaemonrc=/etc/authdaemonrc \

    --with-mailuser=postfix \

    --with-mailgroup=postfix \

    --with-ltdl-lib=/usr/lib64 \

    --with-ltdl-include=/usr/include

注意:这里是rpm包版的mysql库文件路径,如果不是rpm包安装的mysql,请用确保你的with-mysql-libs、with-mysql-includes的路径是正确的,还有,一定要把--with-authmysql=yes写上,否则,编译出来的一样不把持mysql

# make

# make install

# chmod 755 /usr/local/courier-authlib/var/spool/authdaemon

# cp /etc/authdaemonrc.dist /etc/authdaemonrc

# cp /etc/authmysqlrc.dist /etc/authmysqlrc


修改/etc/authdaemonrc 文件

authmodulelist="authmysql" --一定要确保这个列表中有autymysql出现,否则不支持mysql验证

authmodulelistorig="authmysql"

daemons=10

2、配置mysql进行邮件用户验证

编辑/etc/authmysqlrc 为以下内容,其中2525,2525 为postfix 用户的UID和GID。

MYSQL_SERVER localhost

MYSQL_PORT 3306        --mysql监听端口,默认的3306

MYSQL_USERNAME  extmail    --数据库的所有者的用户名

MYSQL_PASSWORD extmail     --密码,根据自已的设置填写

MYSQL_SOCKET  /var/lib/mysql/mysql.sock --rpm包版的sock在这里

MYSQL_DATABASE  extmail

MYSQL_USER_TABLE  mailbox

MYSQL_CRYPT_PWFIELD  password

MYSQL_UID_FIELD  ‘2525‘

MYSQL_GID_FIELD  ‘2525‘

MYSQL_LOGIN_FIELD  username

MYSQL_HOME_FIELD  concat(‘/var/mailbox/‘,homedir)

MYSQL_NAME_FIELD  name

MYSQL_MAILDIR_FIELD  concat(‘/var/mailbox/‘,maildir)


3、启动脚本


# cp courier-authlib.sysvinit /etc/rc.d/init.d/courier-authlib

# chmod 755 /etc/init.d/courier-authlib

# chkconfig --add courier-authlib

# chkconfig --level 2345 courier-authlib on


# echo "/usr/local/courier-authlib/lib/courier-authlib" >> /etc/ld.so.conf.d/courier-authlib.conf

# ldconfig -v

# service courier-authlib start


4、配置postfix通过courier-authlib验证用户


新建虚拟用户邮箱目录,并将其权限赋予postfix用户:

#mkdir –pv /var/mailbox

#chown –R postfix /var/mailbox


接下来重新配置SMTP 认证,编辑 /usr/lib64/sasl2/smtpd.conf ,确保其为以下内容:

pwcheck_method: authdaemond

log_level: 3

mech_list:PLAIN LOGIN

authdaemond_path:/usr/local/courier-authlib/var/spool/authdaemon/socket


四、让postfix支持虚拟域和虚拟用户


1、编辑/etc/postfix/main.cf,添加如下内容:

########################Virtual Mailbox Settings########################

virtual_mailbox_base = /var/mailbox

virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf

virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf

virtual_alias_domains =

virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf

virtual_uid_maps = static:2525

virtual_gid_maps = static:2525

virtual_transport = virtual

注:/etc/postfix/mysql_virtual_*.cf 来自extman-1.1/docs,当然,我们需要配置其数据库连接用到的用户名,密码


2、配置extman

用源码目录下docs目录中的extmail.sql和init.sql建立数据库:

mysql 5.0 可以直接使用 extmail.sql初始化数据库,5.1以上要把数据库存储引擎修改为InnoDB,5.7不用指定存储引擎,还要在my.cnf中加上sql-mode=‘IGNORE‘,并对manager表的sql做简单修改:

如下:

CREATE TABLE manager (

  username varchar(255) NOT NULL default ‘‘,

  password varchar(255) NOT NULL default ‘‘,

  type varchar(64) NOT NULL default ‘postmaster‘,

  uid varchar(255) NOT NULL default ‘‘,

  name varchar(255) NOT NULL default ‘‘,

  question text ,

  answer text ,

  disablepwdchange smallint(1),

  createdate datetime NOT NULL ,

  expiredate DATE NOT NULL default ‘2030-12-30‘,

  active tinyint(1) NOT NULL default ‘1‘,

  PRIMARY KEY  (username),

  KEY username (username)

) COMMENT=‘Ext/Webman - Admin Accounts‘;

还有,5.7上的建用户、建库一定要用create user、create database语句,INSERT INTO user、INSERT INTO db 语句不可用,还要修改extmail.sql脚本

# tar zxvf  extman-1.1.tar.gz

# cd extman-1.1/docs

# mysql -u root -p < extmail.sql

# mysql -u root -p <init.sql

# cp mysql*  /etc/postfix/

3、授予用户extmail访问extmail数据库

mysql> GRANT all privileges on extmail.* TO extmail@localhost IDENTIFIED BY ‘youpassword‘;

mysql> GRANT all privileges on extmail.* TO extmail@127.0.0.1 IDENTIFIED BY ‘youpassword‘;

注:启用虚拟域,要取消中心域,注释掉myhostname, mydestination, mydomain, myorigin几个指令


4、配置dovecot使用mysql验证用户


# vi /etc/dovecot.conf

mail_location = maildir:/var/mailbox/%d/%n/Maildir


auth default {

    mechanisms = plain

    passdb sql {

        args = /etc/dovecot-mysql.conf

    }

    userdb sql {

        args = /etc/dovecot-mysql.conf

    }


# vim /etc/dovecot-mysql.conf                 

driver = mysql

connect = host=/tmp/mysql.sock dbname=extmail user=extmail password=不要照抄

default_pass_scheme = CRYPT

password_query = SELECT username AS user,password AS password FROM mailbox WHERE username = ‘%u‘                            

user_query = SELECT maildir, uidnumber AS uid, gidnumber AS gid FROM mailbox WHERE username = ‘%u‘


启动dovecot服务:


# service dovecot start

# chkconfig dovecot on


五、安装Extmail-1.2


1、安装

# tar zxvf extmail-1.2.tar.gz

# mkdir -pv /var/www/extsuite

# mv extmail-1.2 /var/www/extsuite/extmail

# cp /var/www/extsuite/extmail/webmail.cf.default  /var/www/extsuite/extmail/webmail.cf


2、配置

#vi /var/www/extsuite/extmail/webmail.cf


部分修改选项的说明:


SYS_MESSAGE_SIZE_LIMIT = 5242880

用户可以发送的最大邮件


SYS_USER_LANG = en_US

语言选项,可改作:

SYS_USER_LANG = zh_CN


SYS_MAILDIR_BASE = /home/domains

此处即为您在前文所设置的用户邮件的存放目录,可改作:

SYS_MAILDIR_BASE = /var/mailbox


SYS_MYSQL_USER = db_user

SYS_MYSQL_PASS = db_pass

以上两句句用来设置连接数据库服务器所使用用户名、密码和邮件服务器用到的数据库,这里修改为:

SYS_MYSQL_USER = extmail

SYS_MYSQL_PASS = 你的密码


SYS_MYSQL_SOCKET = /var/lib/mysql/mysql.sock --rpm包版的sock在这里


SYS_MYSQL_HOST = localhost

数据库服务器主机名


SYS_MYSQL_TABLE = mailbox

SYS_MYSQL_ATTR_USERNAME = username

SYS_MYSQL_ATTR_DOMAIN = domain

SYS_MYSQL_ATTR_PASSWD = password


以上用来指定验正用户登录里所用到的表,以及用户名、域名和用户密码分别对应的表中列的名称;这里默认即可


SYS_AUTHLIB_SOCKET = /var/spool/authdaemon/socket

此句用来指明authdaemo socket文件的位置,这里修改为:

SYS_AUTHLIB_SOCKET = /usr/local/courier-authlib/var/spool/authdaemon/socket



3、加入apache


由于extmail要进行本地邮件的投递操作,故必须将运行apache服务器用户的身份修改为您的邮件投递代理的用户;本例中打开了apache服务器的suexec功能,故使用以下方法来实现虚拟主机运行身份的指定。此例中的MDA为postfix自带,因此将指定为postfix用户:

<VirtualHost *:80>

ServerName mail.magedu.com

DocumentRoot /var/www/extsuite/extmail/html/

ScriptAlias /extmail/cgi /var/www/extsuite/extmail/cgi

Alias /extmail /var/www/extsuite/extmail/html

SuexecUserGroup postfix postfix

</VirtualHost>


修改 cgi执行文件属主为apache运行身份用户:

# chown -R postfix.postfix /var/www/extsuite/extmail/cgi/


如果您没有打开apache服务器的suexec功能,也可以使用以下方法解决:

# vi /etc/httpd/conf/httpd.conf

User postfix

Group postfix


<VirtualHost *:80>

ServerName mail.magedu.com

DocumentRoot /var/www/extsuite/extmail/html/

ScriptAlias /extmail/cgi /var/www/extsuite/extmail/cgi

Alias /extmail /var/www/extsuite/extmail/html

</VirtualHost>


4、依赖关系的解决


extmail将会用到perl的Unix::syslogd功能,您可以去http://search.cpan.org搜索下载原码包进行安装。

# tar zxvf Unix-Syslog-0.100.tar.gz

# cd Unix-Syslog-0.100

# perl Makefile.PL

# make

# make install


启动apache服务

# service httpd start

# chkconfig httpd on


六、安装Extman-1.1


# tar zxvf  extman-1.1.tar.gz

# mv extman-1.1 /var/www/extsuite/extman


修改配置文件以符合本例的需要:

# cp /var/www/extsuite/extman/webman.cf.default  /var/www/extsuite/extman/webman.cf

# vi /var/www/extsuite/extman/webman.cf


SYS_MAILDIR_BASE = /home/domains

此处即为您在前文所设置的用户邮件的存放目录,可改作:

SYS_MAILDIR_BASE = /var/mailbox


SYS_DEFAULT_UID = 1000

SYS_DEFAULT_GID = 1000

此两处后面设定的ID号需更改为前而创建的postfix用户和postfix组的id号,我们使用的是2525,因此,上述两项需要修改为:

SYS_DEFAULT_UID = 2525

SYS_DEFAULT_GID = 2525


SYS_MYSQL_USER = webman

SYS_MYSQL_PASS = webman

修改为:

SYS_MYSQL_USER = extmail

SYS_MYSQL_PASS = 你的密码,不要照抄


SYS_MYSQL_SOCKET = /var/lib/mysql/mysql.sock --rpm包版的sock在这里


而后修改cgi目录的属主:

# chown -R postfix.postfix /var/www/extsuite/extman/cgi/


在apache的主配置文件中Extmail的虚拟主机部分,添加如下两行:

ScriptAlias /extman/cgi /var/www/extsuite/extman/cgi

Alias /extman /var/www/extsuite/extman/html


创建其运行时所需的临时目录,并修改其相应的权限:

#mkdir  -pv  /tmp/extman

#chown postfix.postfix  /tmp/extman


修改

SYS_CAPTCHA_ON = 1

SYS_CAPTCHA_ON = 0


好了,到此为止,重新启动apache服务器后,您的Webmail和Extman已经可以使用了,可以在浏览器中输入指定的虚拟主机的名称进行访问,如下:

http://ip/extmail


选择管理即可登入extman进行后台管理了。默认管理帐号为:root@extmail.org  密码为:extmail*123*


七、配置Mailgraph_ext,使用Extman的图形日志:(下面所需的软件包面要自己下载)


接下来安装图形日志的运行所需要的软件包Time::HiRes、File::Tail和rrdtool,其中前两个包您可以去http://search.cpan.org搜索并下载获得,后一个包您可以到 http://oss.oetiker.ch/rrdtool/pub/?M=D下载获得; 注意安装顺序不能改换。


安装Time::HiRes

#tar zxvf Time-HiRes-1.9707.tar.gz

#cd Time-HiRes-1.9707

#perl Makefile.PL

#make

#make test

#make install


安装File::Tail

#tar zxvf File-Tail-0.99.3.tar.gz

#cd File-Tail-0.99.3

#perl Makefile

#make

#make test

#make install


安装rrdtool-1.2.23-1.el5.rf.x86_64.rpm依赖以下两个包,要三个一起安装才行

rrdtool-devel-1.2.23-1.el3.rf.x86_64.rpm

perl-rrdtool-1.2.23-1.el4.rf.x86_64.rpm

rpm -iv *rrdtool*


复制mailgraph_ext到/usr/local,并启动之

# cp -r /var/www/extsuite/extman/addon/mailgraph_ext  /usr/local

# /usr/local/mailgraph_ext/mailgraph-init start


启动cmdserver(在后台显示系统信息)

# /var/www/extsuite/extman/daemon/cmdserver --daemon


添加到自动启动队列

# echo “/usr/local/mailgraph_ext/mailgraph-init start” >> /etc/rc.d/rc.local

# echo “/var/www/extsuite/extman/daemon/cmdserver -v -d” >> /etc/rc.d/rc.local 


使用方法: 等待大约15分钟左右,如果邮件系统有一定的流量,即可登陆到extman里,点“图形日志”即可看到图形化的日志。具体每天,周,月,年的则点击相应的图片进入即可。


八、对于smtp、pop3f进行ssl加密这里不再说明,要想接受来自公网上的邮件,我们把25号端口映射到防火墙上即可,如果想用foxmail、outlook等MUA来收发邮件,把110(pop3)、995(pops)、25(smtp)、465(smtps)映射出去,注意:110、25是明文件传输密码的

poxtfix+dovecot+saslauthd+courier-authlib +mysql + extmail 完整虚拟邮箱系统部署

标签:dovecot   poxtfix   saslauthd   

原文地址:http://832772.blog.51cto.com/822772/1772477

(0)
(0)
   
举报
评论 一句话评论(0
登录后才能评论!
© 2014 mamicode.com 版权所有  联系我们:gaon5@hotmail.com
迷上了代码!