所需软件:
平台,RHEL5.8
postfix-2.9.15
dovecot系统自带
courier-authlib-0.62.4高与0.64本平台可能无法使用
mysql 5.7 含:
mysql-5.7.12-1.el5.x86_64.rpm
mysql-community-client-5.7.12-1.el5.x86_64.rpm
mysql-community-common-5.7.12-1.el5.x86_64.rpm
mysql-community-devel-5.7.12-1.el5.x86_64.rpm
mysql-community-libs-5.7.12-1.el5.x86_64.rpm
mysql-community-libs-compat-5.7.12-1.el5.x86_64.rpm
mysql-community-server-5.7.12-1.el5.x86_64.rpm
可以到:http://dev.mysql.com/downloads/mysql/ 上面上载
extmail-1.2 + extman-1.1
附加软件包(可以yum install直接安装):
httpd, mysql-devel, openssl-devel, libtool-ltdl-devel,libtool-ltdl,perl-DBD-MySQL, tcl, tcl-devel, libart_lgpl, libart_lgpl-devel , expect,cyrus-sasl.x86_64,cyrus-sasl-devel,cyrus-sasl-lib,cyrus-sasl-plain
并安装以下开发所用到的rpm包组:
Development Libraries
Development Tools
方法:
yum groupinstall "Development Libraries" "Development Tools"
一、准备工作:
1、关闭或卸载sendmail,并将它的随系统自动启动功能关闭:
service sendmail stop
chkconfig sendmail off
或
rpm -e --nodeps sendmail
2、如果要用mysql 5.5/5.7等高版本mysql,请把系统自带的mysql相关软件包也卸载了,以确保不冲突
对于5.1以上的版本,系统的存储引擎为InnoDB,extman的脚本可能要修改,如果不想麻烦,可以用系统自带的,可能不用修改sql脚本
3、启动saslauthd服务,并将其加入到自动启动队列:
# service saslauthd start
# chkconfig saslauthd on
二、安装配置postfix
# groupadd -g 2525 postfix
# useradd -g postfix -u 2525 -s /sbin/nologin -M postfix
# groupadd -g 2526 postdrop
# useradd -g postdrop -u 2526 -s /sbin/nologin -M postdrop
# cd postfix-2.9.15
1、编译安装
# make makefiles ‘CCARGS=-DHAS_MYSQL -I/usr/include/mysql -DUSE_SASL_AUTH -DUSE_CYRUS_SASL -I/usr/include/sasl -DUSE_TLS ‘ ‘AUXLIBS=-L/usr/lib/mysql -lmysqlclient -lz -lm -L/usr/lib/sasl2 -lsasl2 -lssl -lcrypto‘
# make
# make install
按照以下的提示输入相关的路径([]号中的是缺省值,”]”后的是输入值,省略的表示采用默认值)
install_root: [/] /
tempdir: [/root/postfix-2.9.3] /tmp/postfix
config_directory: [/etc/postfix] /etc/postfix
daemon_directory: [/usr/libexec/postfix]
command_directory: [/usr/sbin]
queue_directory: [/var/spool/postfix]
sendmail_path: [/usr/sbin/sendmail]
newaliases_path: [/usr/bin/newaliases]
mailq_path: [/usr/bin/mailq]
mail_owner: [postfix]
setgid_group: [postdrop]
html_directory: [no]/var/www/html/postfix
manpages: [/usr/local/man]
readme_directory: [no]
生成别名二进制文件:
# newaliases
还有不要忘记了执行这个,否则启动可能出错报:
warning: unable to look up public/pickup: No such file or directory
warning: unable to look up public/pickup: No such file or directory
fatal: the Postfix mail system is not running
fatal: scan_dir_push: open directory maildrop: Permission denied
fatal: Postfix integrity check failed!
#post-install set-permissions
2、做简单配置
# vim /etc/postfix/main.cf
修改以下几项为您需要的配置,注意,要顶格写,否则系统会认为是上一行的延续
myhostname = mail.test.com
myorigin = test.com
mydomain = test.com
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
mynetworks = 192.168.1.0/24, 127.0.0.0/8
保存退出
3、为postfix编写启动服务脚本/etc/rc.d/init.d/postfix:
#!/bin/bash
#
# postfix Postfix Mail Transfer Agent
#
# chkconfig: 2345 80 30
# description: Postfix is a Mail Transport Agent, which is the program \
# that moves mail from one machine to another.
# processname: master
# pidfile: /var/spool/postfix/pid/master.pid
# config: /etc/postfix/main.cf
# config: /etc/postfix/master.cf
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
. /etc/sysconfig/network
# Check that networking is up.
[ $NETWORKING = "no" ] && exit 3
[ -x /usr/sbin/postfix ] || exit 4
[ -d /etc/postfix ] || exit 5
[ -d /var/spool/postfix ] || exit 6
RETVAL=0
prog="postfix"
start() {
# Start daemons.
echo -n $"Starting postfix: "
/usr/bin/newaliases >/dev/null 2>&1
/usr/sbin/postfix start 2>/dev/null 1>&2 && success || failure $"$prog start"
RETVAL=$?
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/postfix
echo
return $RETVAL
}
stop() {
# Stop daemons.
echo -n $"Shutting down postfix: "
/usr/sbin/postfix stop 2>/dev/null 1>&2 && success || failure $"$prog stop"
RETVAL=$?
[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/postfix
echo
return $RETVAL
}
reload() {
echo -n $"Reloading postfix: "
/usr/sbin/postfix reload 2>/dev/null 1>&2 && success || failure $"$prog reload"
RETVAL=$?
echo
return $RETVAL
}
abort() {
/usr/sbin/postfix abort 2>/dev/null 1>&2 && success || failure $"$prog abort"
return $?
}
flush() {
/usr/sbin/postfix flush 2>/dev/null 1>&2 && success || failure $"$prog flush"
return $?
}
check() {
/usr/sbin/postfix check 2>/dev/null 1>&2 && success || failure $"$prog check"
return $?
}
restart() {
stop
start
}
# See how we were called.
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
stop
start
;;
reload)
reload
;;
abort)
abort
;;
flush)
flush
;;
check)
check
;;
status)
status master
;;
condrestart)
[ -f /var/lock/subsys/postfix ] && restart || :
;;
*)
echo $"Usage: $0 {start|stop|restart|reload|abort|flush|check|status|condrestart}"
exit 1
esac
exit $?
# END
4、赋予执行权限并启动postfix:
# chmod +x /etc/rc.d/init.d/postfix
添加至服务列表:
# chkconfig --add postfix
开机自动启动:
# chkconfig postfix on
使用脚本重新启动服务:
# service postfix restart
5、为postfix开启基于cyrus-sasl的认证功能
验正postfix是否支持cyrussasl认证,确保出出以下结果:
# /usr/local/postfix/sbin/postconf -a
cyrus
dovecot
#vi /etc/postfix/main.cf
############CYRUS-SASL ###################
smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_security_options = noanonymous
smtpd_sasl_path = smtpd
smtpd_banner = ESMTP,Warning:system not work!
# vi /usr/lib64/sasl2/smtpd.conf
添加如下内容:
pwcheck_method: saslauthd
mech_list: PLAIN LOGIN
重启postfix并测试
#/usr/sbin/postfix restart
# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is ‘^]‘.
220 Welcome to our mail.test.com ESMTP,Warning:system not work!
ehlo mail.magedu.com
250-mail.magedu.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN (请确保有这两行输出)
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
三、安装Courier authentication library并配置其通过mysql进行验证邮箱用户
1、安装Courier authentication library
# tar xf courier-authlib-0.62.4.tar.bz2
# cd courier-authlib-0.62.4
./configure \
--prefix=/usr/local/courier-authlib \
--sysconfdir=/etc \
--without-authpam \
--without-authshadow \
--without-authvchkpw \
--without-authpgsql \
--with-authmysql=yes \
--with-mysql-libs=/usr/lib64/mysql \
--with-mysql-includes=/usr/include/mysql \
--with-redhat \
--with-authmysqlrc=/etc/authmysqlrc \
--with-authdaemonrc=/etc/authdaemonrc \
--with-mailuser=postfix \
--with-mailgroup=postfix \
--with-ltdl-lib=/usr/lib64 \
--with-ltdl-include=/usr/include
注意:这里是rpm包版的mysql库文件路径,如果不是rpm包安装的mysql,请用确保你的with-mysql-libs、with-mysql-includes的路径是正确的,还有,一定要把--with-authmysql=yes写上,否则,编译出来的一样不把持mysql
# make
# make install
# chmod 755 /usr/local/courier-authlib/var/spool/authdaemon
# cp /etc/authdaemonrc.dist /etc/authdaemonrc
# cp /etc/authmysqlrc.dist /etc/authmysqlrc
修改/etc/authdaemonrc 文件
authmodulelist="authmysql" --一定要确保这个列表中有autymysql出现,否则不支持mysql验证
authmodulelistorig="authmysql"
daemons=10
2、配置mysql进行邮件用户验证
编辑/etc/authmysqlrc 为以下内容,其中2525,2525 为postfix 用户的UID和GID。
MYSQL_SERVER localhost
MYSQL_PORT 3306 --mysql监听端口,默认的3306
MYSQL_USERNAME extmail --数据库的所有者的用户名
MYSQL_PASSWORD extmail --密码,根据自已的设置填写
MYSQL_SOCKET /var/lib/mysql/mysql.sock --rpm包版的sock在这里
MYSQL_DATABASE extmail
MYSQL_USER_TABLE mailbox
MYSQL_CRYPT_PWFIELD password
MYSQL_UID_FIELD ‘2525‘
MYSQL_GID_FIELD ‘2525‘
MYSQL_LOGIN_FIELD username
MYSQL_HOME_FIELD concat(‘/var/mailbox/‘,homedir)
MYSQL_NAME_FIELD name
MYSQL_MAILDIR_FIELD concat(‘/var/mailbox/‘,maildir)
3、启动脚本
# cp courier-authlib.sysvinit /etc/rc.d/init.d/courier-authlib
# chmod 755 /etc/init.d/courier-authlib
# chkconfig --add courier-authlib
# chkconfig --level 2345 courier-authlib on
# echo "/usr/local/courier-authlib/lib/courier-authlib" >> /etc/ld.so.conf.d/courier-authlib.conf
# ldconfig -v
# service courier-authlib start
4、配置postfix通过courier-authlib验证用户
新建虚拟用户邮箱目录,并将其权限赋予postfix用户:
#mkdir –pv /var/mailbox
#chown –R postfix /var/mailbox
接下来重新配置SMTP 认证,编辑 /usr/lib64/sasl2/smtpd.conf ,确保其为以下内容:
pwcheck_method: authdaemond
log_level: 3
mech_list:PLAIN LOGIN
authdaemond_path:/usr/local/courier-authlib/var/spool/authdaemon/socket
四、让postfix支持虚拟域和虚拟用户
1、编辑/etc/postfix/main.cf,添加如下内容:
########################Virtual Mailbox Settings########################
virtual_mailbox_base = /var/mailbox
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_alias_domains =
virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_uid_maps = static:2525
virtual_gid_maps = static:2525
virtual_transport = virtual
注:/etc/postfix/mysql_virtual_*.cf 来自extman-1.1/docs,当然,我们需要配置其数据库连接用到的用户名,密码
2、配置extman
用源码目录下docs目录中的extmail.sql和init.sql建立数据库:
mysql 5.0 可以直接使用 extmail.sql初始化数据库,5.1以上要把数据库存储引擎修改为InnoDB,5.7不用指定存储引擎,还要在my.cnf中加上sql-mode=‘IGNORE‘,并对manager表的sql做简单修改:
如下:
CREATE TABLE manager (
username varchar(255) NOT NULL default ‘‘,
password varchar(255) NOT NULL default ‘‘,
type varchar(64) NOT NULL default ‘postmaster‘,
uid varchar(255) NOT NULL default ‘‘,
name varchar(255) NOT NULL default ‘‘,
question text ,
answer text ,
disablepwdchange smallint(1),
createdate datetime NOT NULL ,
expiredate DATE NOT NULL default ‘2030-12-30‘,
active tinyint(1) NOT NULL default ‘1‘,
PRIMARY KEY (username),
KEY username (username)
) COMMENT=‘Ext/Webman - Admin Accounts‘;
还有,5.7上的建用户、建库一定要用create user、create database语句,INSERT INTO user、INSERT INTO db 语句不可用,还要修改extmail.sql脚本
# tar zxvf extman-1.1.tar.gz
# cd extman-1.1/docs
# mysql -u root -p < extmail.sql
# mysql -u root -p <init.sql
# cp mysql* /etc/postfix/
3、授予用户extmail访问extmail数据库
mysql> GRANT all privileges on extmail.* TO extmail@localhost IDENTIFIED BY ‘youpassword‘;
mysql> GRANT all privileges on extmail.* TO extmail@127.0.0.1 IDENTIFIED BY ‘youpassword‘;
注:启用虚拟域,要取消中心域,注释掉myhostname, mydestination, mydomain, myorigin几个指令
4、配置dovecot使用mysql验证用户
# vi /etc/dovecot.conf
mail_location = maildir:/var/mailbox/%d/%n/Maildir
auth default {
mechanisms = plain
passdb sql {
args = /etc/dovecot-mysql.conf
}
userdb sql {
args = /etc/dovecot-mysql.conf
}
# vim /etc/dovecot-mysql.conf
driver = mysql
connect = host=/tmp/mysql.sock dbname=extmail user=extmail password=不要照抄
default_pass_scheme = CRYPT
password_query = SELECT username AS user,password AS password FROM mailbox WHERE username = ‘%u‘
user_query = SELECT maildir, uidnumber AS uid, gidnumber AS gid FROM mailbox WHERE username = ‘%u‘
启动dovecot服务:
# service dovecot start
# chkconfig dovecot on
五、安装Extmail-1.2
1、安装
# tar zxvf extmail-1.2.tar.gz
# mkdir -pv /var/www/extsuite
# mv extmail-1.2 /var/www/extsuite/extmail
# cp /var/www/extsuite/extmail/webmail.cf.default /var/www/extsuite/extmail/webmail.cf
2、配置
#vi /var/www/extsuite/extmail/webmail.cf
部分修改选项的说明:
SYS_MESSAGE_SIZE_LIMIT = 5242880
用户可以发送的最大邮件
SYS_USER_LANG = en_US
语言选项,可改作:
SYS_USER_LANG = zh_CN
SYS_MAILDIR_BASE = /home/domains
此处即为您在前文所设置的用户邮件的存放目录,可改作:
SYS_MAILDIR_BASE = /var/mailbox
SYS_MYSQL_USER = db_user
SYS_MYSQL_PASS = db_pass
以上两句句用来设置连接数据库服务器所使用用户名、密码和邮件服务器用到的数据库,这里修改为:
SYS_MYSQL_USER = extmail
SYS_MYSQL_PASS = 你的密码
SYS_MYSQL_SOCKET = /var/lib/mysql/mysql.sock --rpm包版的sock在这里
SYS_MYSQL_HOST = localhost
数据库服务器主机名
SYS_MYSQL_TABLE = mailbox
SYS_MYSQL_ATTR_USERNAME = username
SYS_MYSQL_ATTR_DOMAIN = domain
SYS_MYSQL_ATTR_PASSWD = password
以上用来指定验正用户登录里所用到的表,以及用户名、域名和用户密码分别对应的表中列的名称;这里默认即可
SYS_AUTHLIB_SOCKET = /var/spool/authdaemon/socket
此句用来指明authdaemo socket文件的位置,这里修改为:
SYS_AUTHLIB_SOCKET = /usr/local/courier-authlib/var/spool/authdaemon/socket
3、加入apache
由于extmail要进行本地邮件的投递操作,故必须将运行apache服务器用户的身份修改为您的邮件投递代理的用户;本例中打开了apache服务器的suexec功能,故使用以下方法来实现虚拟主机运行身份的指定。此例中的MDA为postfix自带,因此将指定为postfix用户:
<VirtualHost *:80>
ServerName mail.magedu.com
DocumentRoot /var/www/extsuite/extmail/html/
ScriptAlias /extmail/cgi /var/www/extsuite/extmail/cgi
Alias /extmail /var/www/extsuite/extmail/html
SuexecUserGroup postfix postfix
</VirtualHost>
修改 cgi执行文件属主为apache运行身份用户:
# chown -R postfix.postfix /var/www/extsuite/extmail/cgi/
如果您没有打开apache服务器的suexec功能,也可以使用以下方法解决:
# vi /etc/httpd/conf/httpd.conf
User postfix
Group postfix
<VirtualHost *:80>
ServerName mail.magedu.com
DocumentRoot /var/www/extsuite/extmail/html/
ScriptAlias /extmail/cgi /var/www/extsuite/extmail/cgi
Alias /extmail /var/www/extsuite/extmail/html
</VirtualHost>
4、依赖关系的解决
extmail将会用到perl的Unix::syslogd功能,您可以去http://search.cpan.org搜索下载原码包进行安装。
# tar zxvf Unix-Syslog-0.100.tar.gz
# cd Unix-Syslog-0.100
# perl Makefile.PL
# make
# make install
启动apache服务
# service httpd start
# chkconfig httpd on
六、安装Extman-1.1
# tar zxvf extman-1.1.tar.gz
# mv extman-1.1 /var/www/extsuite/extman
修改配置文件以符合本例的需要:
# cp /var/www/extsuite/extman/webman.cf.default /var/www/extsuite/extman/webman.cf
# vi /var/www/extsuite/extman/webman.cf
SYS_MAILDIR_BASE = /home/domains
此处即为您在前文所设置的用户邮件的存放目录,可改作:
SYS_MAILDIR_BASE = /var/mailbox
SYS_DEFAULT_UID = 1000
SYS_DEFAULT_GID = 1000
此两处后面设定的ID号需更改为前而创建的postfix用户和postfix组的id号,我们使用的是2525,因此,上述两项需要修改为:
SYS_DEFAULT_UID = 2525
SYS_DEFAULT_GID = 2525
SYS_MYSQL_USER = webman
SYS_MYSQL_PASS = webman
修改为:
SYS_MYSQL_USER = extmail
SYS_MYSQL_PASS = 你的密码,不要照抄
SYS_MYSQL_SOCKET = /var/lib/mysql/mysql.sock --rpm包版的sock在这里
而后修改cgi目录的属主:
# chown -R postfix.postfix /var/www/extsuite/extman/cgi/
在apache的主配置文件中Extmail的虚拟主机部分,添加如下两行:
ScriptAlias /extman/cgi /var/www/extsuite/extman/cgi
Alias /extman /var/www/extsuite/extman/html
创建其运行时所需的临时目录,并修改其相应的权限:
#mkdir -pv /tmp/extman
#chown postfix.postfix /tmp/extman
修改
SYS_CAPTCHA_ON = 1
为
SYS_CAPTCHA_ON = 0
好了,到此为止,重新启动apache服务器后,您的Webmail和Extman已经可以使用了,可以在浏览器中输入指定的虚拟主机的名称进行访问,如下:
http://ip/extmail
选择管理即可登入extman进行后台管理了。默认管理帐号为:root@extmail.org 密码为:extmail*123*
七、配置Mailgraph_ext,使用Extman的图形日志:(下面所需的软件包面要自己下载)
接下来安装图形日志的运行所需要的软件包Time::HiRes、File::Tail和rrdtool,其中前两个包您可以去http://search.cpan.org搜索并下载获得,后一个包您可以到 http://oss.oetiker.ch/rrdtool/pub/?M=D下载获得; 注意安装顺序不能改换。
安装Time::HiRes
#tar zxvf Time-HiRes-1.9707.tar.gz
#cd Time-HiRes-1.9707
#perl Makefile.PL
#make
#make test
#make install
安装File::Tail
#tar zxvf File-Tail-0.99.3.tar.gz
#cd File-Tail-0.99.3
#perl Makefile
#make
#make test
#make install
安装rrdtool-1.2.23-1.el5.rf.x86_64.rpm依赖以下两个包,要三个一起安装才行
rrdtool-devel-1.2.23-1.el3.rf.x86_64.rpm
perl-rrdtool-1.2.23-1.el4.rf.x86_64.rpm
rpm -iv *rrdtool*
复制mailgraph_ext到/usr/local,并启动之
# cp -r /var/www/extsuite/extman/addon/mailgraph_ext /usr/local
# /usr/local/mailgraph_ext/mailgraph-init start
启动cmdserver(在后台显示系统信息)
# /var/www/extsuite/extman/daemon/cmdserver --daemon
添加到自动启动队列
# echo “/usr/local/mailgraph_ext/mailgraph-init start” >> /etc/rc.d/rc.local
# echo “/var/www/extsuite/extman/daemon/cmdserver -v -d” >> /etc/rc.d/rc.local
使用方法: 等待大约15分钟左右,如果邮件系统有一定的流量,即可登陆到extman里,点“图形日志”即可看到图形化的日志。具体每天,周,月,年的则点击相应的图片进入即可。
八、对于smtp、pop3f进行ssl加密这里不再说明,要想接受来自公网上的邮件,我们把25号端口映射到防火墙上即可,如果想用foxmail、outlook等MUA来收发邮件,把110(pop3)、995(pops)、25(smtp)、465(smtps)映射出去,注意:110、25是明文件传输密码的
poxtfix+dovecot+saslauthd+courier-authlib +mysql + extmail 完整虚拟邮箱系统部署
原文地址:http://832772.blog.51cto.com/822772/1772477