RHEL6 postfix+dovecot 邮件服务配置
环境:RHEL6.6软件:postfix-3.0.0bind-9.8.2-0.30 mysql-5.5.42dovecot-2.0.9-7软件源:本地源,epel源,remi源邮件服务器IP:192.168.1.110 主机名为mail.mingxiao.info客户端 IP 192.168.1.77WinXP,Outlook Express收发邮件
请确保selinux处于permissive状态,防火墙处于关闭状态。
添加几个测试用户,为了测试方便,密码和用户名相同# useradd jianpan# passwd jianpan# useradd shubiao# passwd shubiao
步骤1:配置DNS
# yum install bind bind-utils
编辑/etc/named.conf,将options内去掉 listen-on port 53 { 127.0.0.1; }; listen-on-v6 port 53 { ::1; };这两项,如下:
options {
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { localhost; };
recursion yes;
......
编辑/etc/named.rfc1912.zones,在尾部添加如下内容:
zone "mingxiao.info" IN {
type master;
file "mingxiao.info.zone";
allow-update { none; };
allow-transfer { none; };
};
zone "1.168.192.in-addr.arpa" IN {
type master;
file "192.168.1.zone";
allow-update { none; };
allow-transfer { none; };
};
新建/var/named/mingxiao.info.zone并添加如下内容:
$TTL 86400
@ IN SOA ns.mingxiao.info admin.mingxiao.info. (
20150526
2H
10M
3D
1D )
IN NS ns
IN MX 10 mail
ns IN A 192.168.1.110
mail IN A 192.168.1.110
新建/var/named/192.168.1.zone并添加如下内容
$TTL 86400
@ IN SOA ns.mingxiao.info admin.mingxiao.info. (
20150526
2H
10M
3D
1D )
IN NS ns.mingxiao.info.
110 IN PTR ns.mingxiao.info.
110 IN PTR mail.mingxiao.info.
更改权限及属组
# chmod 640 /var/named/mingxiao.info.zone
# chmod 640 /var/named/192.168.1.zone
# chgrp named 192.168.1.zone mingxiao.info.zone
DNS指向自己主机
# echo "nameserver 192.168.1.110" > /etc/resolv.conf
启动named,并测试解析是否正常,请确保解析正常。
# service named start
# dit -t A mail.mingxiao.info
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.30.rc1.el6 <<>> -t A mail.mingxiao.info
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56173
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
;; QUESTION SECTION:
;mail.mingxiao.info. IN A
;; ANSWER SECTION:
mail.mingxiao.info. 86400 IN A 192.168.1.110
;; AUTHORITY SECTION:
mingxiao.info. 86400 IN NS ns.mingxiao.info.
;; ADDITIONAL SECTION:
ns.mingxiao.info. 86400 IN A 192.168.1.110
;; Query time: 0 msec
;; SERVER: 192.168.1.110#53(192.168.1.110)
;; WHEN: Mon Mar 30 16:19:25 2015
;; MSG SIZErcvd: 85
步骤2:安装mysql
# yum install mysql-server mysql-devel
# service mysqld restart
步骤3:安装postfix
编译安装postfix,首先关闭原先postfix,并改名即可。
# service postfix stop
Shutting down postfix:
# mv /etc/init.d/postfix /etc/init.d/postfix.old
删除原来的postfix用户及组,并重新添加。
# userdel del postfix
# groupadd -g 2525 postfix
# useradd -g postfix -u 2525 -s /sbin/nologin -M postfix
# tar xf postfix-3.0.0.tar.gz
# cd postfix-3.0.0
make makefiles 'CCARGS=-DHAS_MYSQL -I/usr/include/mysql -DUSE_SASL_AUTH -DUSE_CYRUS_SASL -I/usr/include/sasl-DUSE_TLS '
'AUXLIBS=-L/usr/lib/mysql -lmysqlclient -lz -lm -L/usr/lib/sasl2 -lsasl2-lssl -lcrypto'
make
make install
注意:make install 过程中会让您输入一些路径,全部敲回车使用默认即可。
提供SysV风格的服务启动脚本,新建/etc/init.d/postfix文件,并加入以下内容:
#!/bin/bash
#
# postfix Postfix Mail Transfer Agent
#
# chkconfig: 2345 80 30
# description: Postfix is a Mail Transport Agent, which is the program \
# that moves mail from one machine to another.
# processname: master
# pidfile: /var/spool/postfix/pid/master.pid
# config: /etc/postfix/main.cf
# config: /etc/postfix/master.cf
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
. /etc/sysconfig/network
# Check that networking is up.
[ $NETWORKING = "no" ] && exit 3
[ -x /usr/sbin/postfix ] || exit 4
[ -d /etc/postfix ] || exit 5
[ -d /var/spool/postfix ] || exit 6
RETVAL=0
prog="postfix"
start() {
# Start daemons.
echo -n $"Starting postfix: "
/usr/bin/newaliases >/dev/null 2>&1
/usr/sbin/postfix start 2>/dev/null 1>&2 && success || failure $"$prog start"
RETVAL=$?
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/postfix
echo
return $RETVAL
}
stop() {
# Stop daemons.
echo -n $"Shutting down postfix: "
/usr/sbin/postfix stop 2>/dev/null 1>&2 && success || failure $"$prog stop"
RETVAL=$?
[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/postfix
echo
return $RETVAL
}
reload() {
echo -n $"Reloading postfix: "
/usr/sbin/postfix reload 2>/dev/null 1>&2 && success || failure $"$prog reload"
RETVAL=$?
echo
return $RETVAL
}
abort() {
/usr/sbin/postfix abort 2>/dev/null 1>&2 && success || failure $"$prog abort"
return $?
}
flush() {
/usr/sbin/postfix flush 2>/dev/null 1>&2 && success || failure $"$prog flush"
return $?
}
check() {
/usr/sbin/postfix check 2>/dev/null 1>&2 && success || failure $"$prog check"
return $?
}
restart() {
stop
start
}
# See how we were called.
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
stop
start
;;
reload)
reload
;;
abort)
abort
;;
flush)
flush
;;
check)
check
;;
status)
status master
;;
condrestart)
[ -f /var/lock/subsys/postfix ] && restart || :
;;
*)
echo $"Usage: $0 {start|stop|restart|reload|abort|flush|check|status|condrestart}"
exit 1
esac
exit $?
# END# chmod +x /etc/init.d/postfix# chkconfig postfix on# service postfix startStarting postfix: 出现错误,首先查看日志# tail /var/log/maillog Mar 30 16:46:26 mail postfix/postfix-script: warning: not owned by postfix: /var/lib/postfix/./master.lockMar 30 16:46:26 mail postfix/postfix-script: starting the Postfix mail systemMar 30 16:46:26 mail postfix/master: fatal: open lock file /var/lib/postfix/master.lock: cannot open file: Permission deniedMar 30 16:46:27 mail postfix/master: fatal: daemon initialization failureMar 30 16:46:28 mail postfix/postfix-script: fatal: mail system startup failed解决办法:
# rm -f /var/lib/postfix/./master.lock# service postfix startStarting postfix: 启动成功,查看日志,看有无错误警告信息。
# newaliases编辑/etc/postfix/main.cf配置文件,修改以下内容:myhostname=mail.mingxiao.infomydomain=mingxiao.infomyorigin=$mydomaininet_interfaces=allmydestination=$myhostname,localhost.$mydomain,localhost,$mydomain,ns.$mydomainmynetworks=192.168.1.0/24,127.0.0.0/8
# service postfix restart# telnet mail.mingxiao.info 25Trying 192.168.1.110...
Connected to mail.mingxiao.info.
Escape character is '^]'.
220 mail.mingxiao.info ESMTP Postfix
helo mail.mingxiao.info
250 mail.mingxiao.info
mail from:jianpan@mingxiao.info
250 2.1.0 Ok
rcpt to:shubiao@mingxiao.info
250 2.1.5 Ok
data
354 End data with <CR><LF>.<CR><LF>
How are you.
.
250 2.0.0 Ok: queued as 9A07960408
quit
221 2.0.0 Bye
Connection closed by foreign host.
查看日志发送状态信息:可以发现状态是delevered to mailbox,发送成功。
# tail /var/log/maillogMar 30 17:02:46 mail postfix/local: 9A07960408: to=<shubiao@mingxiao.info>, relay=local, delay=28, delays=28/0.02/0/0.01, dsn=2.0.0, status=sent (delivered to mailbox)Mar 30 17:02:46 mail postfix/qmgr: 9A07960408: removedMar 30 17:02:49 mail postfix/smtpd: disconnect from ns.mingxiao.info helo=1 mail=1 rcpt=1 data=1 quit=1 commands=5
切换到shubiao用户# su - shubiao$ mailHeirloom Mail version 12.4 7/29/08.Type ? for help.
"/var/spool/mail/shubiao": 1 message 1 new
>N1 jianpan@mingxiao.infMon Mar 30 17:0213/503
& 1
Message1:
From jianpan@mingxiao.infoMon Mar 30 17:02:46 2015
Return-Path: <jianpan@mingxiao.info>
X-Original-To: shubiao@mingxiao.info
Delivered-To: shubiao@mingxiao.info
Date: Mon, 30 Mar 2015 17:02:18 +0800 (CST)
From: jianpan@mingxiao.info
Status: R
How are you.
可以看到已经收到一封邮件。
在XP上用Outlook Express测试,使用shubiao账号登陆,给jianpan用户发送一封测试邮件:# su - jianpan
Heirloom Mail version 12.4 7/29/08.Type ? for help.
"/var/spool/mail/jianpan": 1 message 1 new
>N1 hi Mon Mar 30 17:2544/1534"test"
& 1
Message1:
From shubiao@mingxiao.infoMon Mar 30 17:25:58 2015
Return-Path: <shubiao@mingxiao.info>
X-Original-To: jianpan@mingxiao.info
Delivered-To: jianpan@mingxiao.info
From: "hi" <shubiao@mingxiao.info>
To: <jianpan@mingxiao.info>
Subject: test
Date: Mon, 30 Mar 2015 09:25:57 +0800
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_0022_01D06ACB.879E7AC0"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.5931
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.6157
Status: R
Content-Type: text/plain;
charset="gb2312"
Hi.
收信成功,但此时尚不能在windows上收取邮件,远程用户接收邮件需要有MRA(mail retrieval agent)服务器,使用pop3或imap协议接收邮件,因此安装dovecot。
步骤4:安装dovecot
# yum install dovecot
编辑/etc/dovecot/dovecot.conf,取消protocol并改为protocols = pop3
# telnet mail.mingxiao.info 110
Trying 192.168.1.110...
Connected to mail.mingxiao.info.
Escape character is '^]'.
+OK Dovecot ready.
USER jianpan
+OK
PASS jianpan
Connection closed by foreign host.
出错,查看日志报什么错误
# tail /var/log/maillog
Mar 30 17:35:33 mail dovecot: pop3-login: Login: user=<jianpan>, method=PLAIN, rip=192.168.1.110, lip=192.168.1.110, mpid=29824, secured
Mar 30 17:35:33 mail dovecot: pop3(jianpan): Error: user jianpan: Initialization failed: mail_location not set and autodetection failed: Mail storage autodetection failed with home=/home/jianpan
Mar 30 17:35:33 mail dovecot: pop3(jianpan): Error: Invalid user settings. Refer to server log for more information.
解决办法:mail_location没有设置,在配置文件中设置即可,即为邮件存放位置。
# vim /etc/dovecot/conf.d/10-mail.conf
mail_location = mbox:~/mail:INBOX=/var/mail/%u
# telnet mail.mingxiao.info 110
Trying 192.168.1.110...
Connected to mail.mingxiao.info.
Escape character is '^]'.
+OK Dovecot ready.
USER jianpan
+OK
PASS jianpan
-ERR Couldn't open INBOX: Internal error occurred. Refer to server log for more information.
Connection closed by foreign host.
出错,查看日志,发现是权限问题。
Mar 30 17:38:04 mail dovecot: pop3-login: Login: user=<jianpan>, method=PLAIN, rip=192.168.1.110, lip=192.168.1.110, mpid=29869, secured
Mar 30 17:38:04 mail dovecot: pop3(jianpan): Error: chown(/home/jianpan/mail/.imap/INBOX, -1, 12(mail)) failed: Operation not permitted (egid=500(jianpan), group based on /var/mail/jianpan)
Mar 30 17:38:04 mail dovecot: pop3(jianpan): Error: mkdir(/home/jianpan/mail/.imap/INBOX) failed: Operation not permitted
Mar 30 17:38:04 mail dovecot: pop3(jianpan): Error: Couldn't open INBOX: Internal error occurred. Refer to server log for more information.
Mar 30 17:38:04 mail dovecot: pop3(jianpan): Couldn't open INBOX top=0/0, retr=0/0, del=0/0, size=0
解决方法:
# vim /etc/dovecot/conf.d/10-mail.conf
mail_access_groups = mail
# telnet mail.mingxiao.info 110
Trying 192.168.1.110...
Connected to mail.mingxiao.info.
Escape character is '^]'.
+OK Dovecot ready.
USER jianpan
+OK
PASS jianpan
+OK Logged in.
LIST
+OK 2 messages:
1 1522
2 1526
.
可以使用dovecot接收邮件了。
测试发邮件给shubiao,在windows使用outlook express接收邮件是否成功。
# telnet 192.168.1.110 25
Trying 192.168.1.110...
Connected to 192.168.1.110.
Escape character is '^]'.
220 mail.mingxiao.info ESMTP Postfix
helo mail.mingxiao.info
250 mail.mingxiao.info
mail from:jianpan@mingxiao.info
250 2.1.0 Ok
rcpt to:shubiao@mingxiao.info
250 2.1.5 Ok
data
354 End data with <CR><LF>.<CR><LF>
Hahaa!
.
在outlook express点击接收所有邮件,发现仍是不允许,查看日志信息。
Mar 30 18:04:42 mail dovecot: pop3-login: Disconnected (tried to use disabled plaintext auth): rip=192.168.1.77, lip=192.168.1.110
Mar 30 18:05:00 mail dovecot: pop3-login: Disconnected (tried to use disabled plaintext auth): rip=192.168.1.77, lip=192.168.1.110
解决办法:编辑/etc/dovecot/conf.d/10-auth.conf,将disable_plaintext_auth = no
默认的是disable_plaintext_auth=yes,如果客户端没有配置使用SSL/TLS,就不得不设置成disable_plaintext_auth=no
重启dovecot服务,重新点击接收所有邮件。接收邮件成功。
步骤5:为postfix开启基于cryus-sasl认证
# postconf -a列出可用的sasl服务的插件类型
cyrus
dovecot
编辑/etc/sysconfig/saslauthd,将MECH=pam改为MECH=shadow
新建/usr/lib/sasl2/smtpd.conf并添加如下内容
pwcheck_method: saslauthd
mech_list: PLAIN LOGIN
log_level: 3
编辑/etc/postfix/main.cf,添加如下内容
############################CYRUS-SASL############################
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject_invalid_hostname,reject_non_fqdn_hostname,reject_unknown_sender_domain,reject_non_fqdn_sender,reject_non_fqdn_recipient,reject_unknown_recipient_domain,reject_unauth_pipelining,reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_security_options = noanonymous
smtpd_sasl_path = smtpd
smtpd_banner = Welcome to our $myhostname ESMTP
# chkconfig saslauthd on
# service saslauthd start
# testsaslauthd -ushubiao -pjianpan 测试是否成功
步骤6:安装courier-authlib
# cd courier-authlib-0.66.1
在安装前,首先要安装libtool-ltdl libtool-ltdl-devel expect否则会出现错误
./configure \
--prefix=/usr/local/courier-authlib \
--sysconfdir=/etc \
--without-authpam \
--without-authshadow \
--without-authvchkpw \
--without-authpgsql \
--with-authmysql \
--with-mysql-libs=/usr/lib/mysql \
--with-mysql-includes=/usr/include/mysql \
--with-redhat \
--with-authmysqlrc=/etc/authmysqlrc \
--with-authdaemonrc=/etc/authdaemonrc \
--with-mailuser=postfix \
--with-mailgroup=postfix
make
make install
# chmod 755 /usr/local/courier-authlib/var/spool/authdaemon
# cp /etc/authdaemonrc.dist /etc/authdaemonrc
# cp /etc/authmysqlrc.dist /etc/authmysqlrc
编辑/etc/authdaemonrc文件
authmodulelist="authmysql"
authmodulelistorig="authmysql"
DEBUG_LOGIN=2
编辑/etc/authmysqlrc
MYSQL_SERVER localhost
MYSQL_USERNAME extmail
MYSQL_PASSWORD extmail
MYSQL_SOCKET /var/lib/mysql/mysql.sock
MYSQL_PORT 3306
MYSQL_DATABASE extmail
MYSQL_USER_TABLE mailbox
MYSQL_CRYPT_PWFIELD password
MYSQL_GID_FIELD 2525
MYSQL_UID_FIELD 2525
MYSQL_LOGIN_FIELD username
MYSQL_HOME_FIELD concat('/var/mailbox/',homedir)
MYSQL_NAME_FIELD concat('/var/mailbox/',maildir)
提供sysv风格启动脚本
# cp courier-authlib.sysvinit /etc/init.d/courier-authlib
# chmod +x /etc/init.d/courier-authlib
# service courier-authlib start
新建虚拟用户目录,并赋予postfix用户权限
# mkdir /var/mailbox
# chown -R postfix /var/mailbox
步骤7:让postfix支持虚拟域和虚拟用户
编辑/usr/lib/sasl2/smtpd.conf,并改为如下内容
pwcheck_method: authdaemond
log_level: 3
mech_list:PLAIN LOGIN
authdaemond_path:/usr/local/courier-authlib/var/spool/authdaemon/socket
# service saslauthd restart
编辑/etc/postfix/main.cf
########################Virtual Mailbox Settings########################
virtual_mailbox_base = /var/mailbox
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_alias_domains =
virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_uid_maps = static:2525
virtual_gid_maps = static:2525
virtual_transport = virtual
##########################QUOTA Settings########################
message_size_limit = 14336000
virtual_mailbox_limit = 20971520
# cd extman-1.1/docs/
# sed -i 's@TYPE=MyISAM@ENGINE=InnoDB@g' extmail.sql
# mysql < extmail.sql
# mysql < init.sql
# cp mysql_virtual_* /etc/postfix
连接到mysql,授予extmail访问extmail数据库的权限
mysql> GRANT all privileges on extmail.* TO extmail@localhost IDENTIFIED BY 'extmail';
Query OK, 0 rows affected (0.00 sec)
mysql> GRANT all privileges on extmail.* TO extmail@127.0.0.1 IDENTIFIED BY 'extmail';
Query OK, 0 rows affected (0.00 sec)
注意:虚拟域和中心域不能同时启用,所以要取消中心域,注释掉/etc/postfix/main.cf中myhostname,mydestination,mydomain,myorigin。
步骤8:配置dovecot
编辑/etc/dovecot/conf.d/10-mail.conf,maillocation改为
mail_location = maildir:/var/mailbox/%d/%n/Maildir
编辑/etc/dovecot/10-auth.conf 取消下行注释
!include auth-sql.conf.ext
编辑/etc/dovecot/conf.d/auth-sql.conf.ext,改为
passdb {
driver = sql
args = /etc/dovecot-mysql.conf
}
userdb {
driver = sql
args = /etc/dovecot-mysql.conf
}
编辑/etc/dovecot-mysql.conf
driver = mysql
connect = host=localhost dbname=extmail user=extmail password=extmail
default_pass_scheme = CRYPT
password_query = SELECT username AS user,password AS password FROM mailbox WHERE username = '%u'
user_query = SELECT maildir, uidnumber AS uid, gidnumber AS gid FROM mailbox WHERE username = '%u
步骤9:安装extmail-1.2
# mkdir -pv /var/www/extsuite
# mv extmail-1.2 /var/www/extsuite/extmail
# cp /var/www/extsuite/extmail/webmail.cf.default /var/www/extsuite/extmail/webmail.cf
编辑/var/www/extsuite/extmail/webmail.cf
SYS_USER_LANG = zh_CN
SYS_MAILDIR_BASE = /var/mailbox
SYS_MYSQL_USER = extmail
SYS_MYSQL_PASS = extmail
SYS_AUTHLIB_SOCKET = /usr/local/courier-authlib/var/spool/authdaemon/socket
# chown -R postfix.postfix /var/www/extsuite/extmail/cgi/
步骤10:安装extman-1.1
# mv extman-1.1 /var/www/extsuite/extman
# cp /var/www/extsuite/extman/webman.cf.default /var/www/extsuite/extman/webman.cf
编辑/var/www/extsuite/extman/webmail.cf
SYS_MAILDIR_BASE = /var/mailbox
SYS_DEFAULT_UID = 2525 postfix的UID和GID
SYS_DEFAULT_GID = 2525
SYS_MYSQL_USER = extmail
SYS_MYSQL_PASS = extmail
SYS_CAPTCHA_ON = 0
# chown -R postfix.postfix /var/www/extsuite/extmail/cgi/
# mkdir -pv /tmp/extman
# chown postfix.postfix /tmp/extman/
步骤11:Apache安装配置
# yum install httpd
编辑/etc/httpd/conf/httpd.conf
User postfix 以postfix用户,postfix组运行apache进程
Group postfix
<VirtualHost *:80>
ServerName mail.magedu.com
DocumentRoot /var/www/extsuite/extmail/html/
ScriptAlias /extmail/cgi /var/www/extsuite/extmail/cgi
Alias /extmail /var/www/extsuite/extmail/html
ScriptAlias /extman/cgi /var/www/extsuite/extman/cgi
Alias /extman /var/www/extsuite/extman/html
</VirtualHost>
# service httpd start
浏览器输入192.168.1.110/extmail/
有错误提示
Unix::Syslog not found, please install it first! (in cleanup) Undefined subroutine &Ext::Logger::do_closelog called at /var/www/extsuite/extmail/libs/Ext/Logger.pm line 86.
解决:extmail将会用到perl的Unix::syslogd功能,编译安装即可
# tar xf Unix-Syslog-1.1.tar.gz
# cd Unix-Syslog-1.1
# perl Makefile.PL
# make
# make install
浏览器192.168.1.110/extmail/
新建一个mingxiao.info域,新建两个用户xiaoming,xiaohong,
互发邮件成功,webmail基本功能已经实现。
页:
[1]