Postfix-2.11+Dovecot-2.0.9+MySQL+Cyrus-sasl+Extmail-1.2实现基于虚拟用户的邮件系统架构
系统:CentOS 6.5
IP:192.168.100.100
域名:mail.test.com
----------------------------------------------------------------------------------------
——安装前的准备工作
1)关闭Selinux
# vi /etc/selinux/configSELINUX=disabled 2)安装程序依赖包
# yum install db4-devel ntpdate cyrus-sasl-md5 perl-GD perl-DBD-MySQL perl-GD perl-CPAN perl-CGI perl-CGI-Session cyrus-sasl-lib cyrus-sasl-plain cyrus-sasl cyrus-sasl-devel libtool-ltdl-devel telnet mail -y 3)同步时间 [可选项]
# ntpdate ntp.sjtu.edu.cn 4)安装Unix-Syslog补丁
# wget http://www.cpan.org/authors/id/M/MH/MHARNISCH/Unix-Syslog-1.1.tar.gz
# tar fzvx Unix-Syslog-1.1.tar.gz
# cd Unix-Syslog-1.1
# perl Makefile.PL
# make && make install 注意:不安装此补丁的话使用extmail会报如下错误:
Unix::Syslog not found, please install it first! (in cleanup) Undefined subroutine &Ext::Logger::do_closelog called at /var/www/extsuite/extmail/libs/Ext/Logger.pm line 86.
5)在shell下面执行如下命令:
# perl -e shell -MCPAN
CPAN is the world-wide archive of perl resources. It consists of about
300 sites that all replicate the same contents around the globe. Many
countries have at least one CPAN site already. The resources found on
CPAN are easily accessible with the CPAN.pm module. If you want to use
CPAN.pm, lots of things have to be configured. Fortunately, most of
them can be determined automatically. If you prefer the automatic
configuration, answer 'yes' below.
If you prefer to enter a dialog instead, you can answer 'no' to this
question and I'll let you configure in small steps one thing after the
other. (Note: you can revisit this dialog anytime later by typing 'o
conf init' at the cpan prompt.)
Would you like me to configure as much as possible automatically? yes
.....
.....
.....
cpan shell -- CPAN exploration and modules installation (v1.9402)
Enter 'h' for help.
cpan> install CGI
......
.....
...
..
.
Checking if your kit is complete...
Looks good
Warning: prerequisite FCGI 0.67 not found.
Warning: prerequisite Test::More 0.98 not found. We have 0.92.
Writing Makefile for CGI
Could not read '/root/.cpan/build/CGI.pm-3.65-nKc3sL/META.yml'. Falling back to other methods to determine prerequisites
---- Unsatisfied dependencies detected during ----
---- MARKSTOS/CGI.pm-3.65.tar.gz ----
Test::More
FCGI
Shall I follow them and prepend them to the queue
of modules we are processing right now? yes
......
.....
....
...
..
.
Warning (usually harmless): 'YAML' not installed, will not store persistent state
cpan> quit
Terminal does not support GetHistory.
Lockfile removed. 注意:不执行上面的命令使用extmail会报如下类似错误:
Can't locate CGI.pm in @INC (@INC contains: /var/www/extsuite/extmail/libs /usr/local/lib/perl5 /usr/local/share/perl5 /usr/lib/perl5/vendor_perl
/usr/share/perl5/vendor_perl /usr/lib/perl5 /usr/share/perl5) at /var/www/extsuite/extmail/libs/Ext/CGI.pm line 20. BEGIN failed--compilation aborted at
/var/www/extsuite/extmail/libs/Ext/CGI.pm line 20. Compilation failed in require at /var/www/extsuite/extmail/libs/Ext/App.pm line 23. BEGIN failed--compilation
aborted at /var/www/extsuite/extmail/libs/Ext/App.pm line 23. Compilation failed in require at /var/www/extsuite/extmail/libs/Ext/App/Login.pm line 16. BEGIN failed--
compilation aborted at /var/www/extsuite/extmail/libs/Ext/App/Login.pm line 16. Compilation failed in require at /var/www/extsuite/extmail/cgi/index.cgi line 20.
6)重启服务器
# reboot ——安装postfix
1)卸载系统自带的postfix软件和用户组
# yum remove postfix -y
# userdel postfix
# groupdel postdrop 2)添加postfix用户和组
# groupadd -g 2525 postfix
# useradd -g postfix -u 2525 -s /sbin/nologin -M postfix
# groupadd -g 2526 postdrop
# useradd -g postdrop -u 2526 -s /sbin/nologin -M postdrop 3)下载postfix
# mkdir /tmp/soft
# cd /tmp/soft
# wget ftp://ftp.cuhk.edu.hk/pub/packages/mail-server/postfix/official/postfix-2.11.0.tar.gz 3)解压并安装postfix
# tar xfv postfix-2.11.0.tar.gz
# cd postfix-2.11.0
# make makefiles \
'CCARGS=-DHAS_MYSQL -I/usr/include/mysql -DUSE_SASL_AUTH \
-DUSE_CYRUS_SASL -I/usr/include/sasl -DUSE_TLS ' \
'AUXLIBS=-L/usr/lib64/mysql -lmysqlclient -lz -lrt -lm -L/usr/lib64/sasl2 -lsasl2 -lssl -lcrypto'
# make && make install 4)配置相应权限
# chown -R postfix:postdrop /var/spool/postfix
# chown -R postfix:postdrop /var/lib/postfix/
# chown root /var/spool/postfix
# chown -R root /var/spool/postfix/pid 5)配置postfix
# vi /etc/postfix/main.cf
#设置主机名
myhostname = mail.test.com
#指定域名
mydomain = test.com
#指明发件人所在的域名
myorigin = $mydomain
#指定postfix系统监听的网络接口
inet_interfaces = all
#指定postfix接收邮件时收件人的域名 [使用虚拟域需要禁用]
mydestination = $myhostname, localhost.$mydomain, localhost,$mydomain
#指定信任网段类型
mynetworks_style = host
#指定信任的客户端
mynetworks = 192.168.40.0/24, 127.0.0.0/8
#指定允许中转邮件的域名
relay_domains = $mydestination
#设置邮件的别名
alias_maps = hash:/etc/aliases 4)添加Postfix启动脚本 [脚本内容省略,太长]
# vi /etc/init.d/postfix 5)添加执行权限
# chmod +x /etc/init.d/postfix
6)设置开启启动
# chkconfig --add postfix
# chkconfig postfix on
# service postfix restart
# netstat -antup |grep 25
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 1917/master ——安装Dovecot
1)安装Dovecot
# yum install -ydovecot dovecot-devel dovecot-mysql 2)配置Dovecot
# cd /etc/dovecot/
# vi dovecot.conf
protocols = imap pop3
!include conf.d/*.conf
listen = *
base_dir = /var/run/dovecot/
# cd conf.d/
# vi 10-auth.conf
disable_plaintext_auth = no
# vi 10-mail.conf
mail_location = maildir:~/Maildir
mail_location = maildir:/var/mailbox/%d/%n/Maildir
mail_privileged_group = mail
# vi 10-ssl.conf
ssl = no
# vi 10-logging.conf
log_path = /var/log/dovecot.log
info_log_path = /var/log/dovecot.info
log_timestamp = "%Y-%m-%d %H:%M:%S "
# cp auth-sql.conf.ext auth-sql.conf
# vi auth-sql.conf
passdb {
driver = sql
args = /etc/dovecot/dovecot-sql.conf
}
userdb {
driver = sql
args = /etc/dovecot/dovecot-sql.conf
} 3)编辑dovecot通过mysql认证的文件
[
root@node1 conf.d]# vi /etc/dovecot-mysql.conf
driver = mysql
connect = host=localhost dbname=extmail user=extmail password=extmail
default_pass_scheme = CRYPT
password_query = SELECT username AS user,password AS password FROM mailbox WHERE username = '%u'
user_query = SELECT maildir, uidnumber AS uid, gidnumber AS gid FROM mailbox WHERE username = '%u' ——安装courier-authlib
1)下载安装courier-authlib
# wget http://jaist.dl.sourceforge.net/project/courier/authlib/0.66.1/courier-authlib-0.66.1.tar.bz2 2)解压并编译安装
# tar fvx courier-authlib-0.66.1.tar.bz2
# cd courier-authlib-0.66.1
# ./configure \
--prefix=/usr/local/courier-authlib \
--sysconfdir=/etc \
--without-authpam \
--without-authshadow \
--without-authvchkpw \
--without-authpgsql \
--with-authmysql \
--with-mysql-libs=/usr/lib64/mysql \
--with-mysql-includes=/usr/include/mysql \
--with-redhat \
--with-authmysqlrc=/etc/authmysqlrc \
--with-authdaemonrc=/etc/authdaemonrc \
--with-mailuser=postfix
# make && make install 3)配置courier-authlib
# chmod 755 /usr/local/courier-authlib/var/spool/authdaemon
# cp /etc/authdaemonrc.dist/etc/authdaemonrc
# cp /etc/authmysqlrc.dist/etc/authmysqlrc
# vi /etc/authdaemonrc
authmodulelist="authmysql"
authmodulelistorig="authmysql"
# vi /etc/authmysqlrc
MYSQL_SERVER localhost
MYSQL_USERNAME extmail
MYSQL_PASSWORD extmail
MYSQL_SOCKET /var/lib/mysql/mysql.sock
MYSQL_PORT 3306
MYSQL_DATABASE extmail
MYSQL_USER_TABLE mailbox
MYSQL_CRYPT_PWFIELD password
DEFAULT_DOMAIN test.com
MYSQL_UID_FIELD '2525'
MYSQL_GID_FIELD '2525'
MYSQL_LOGIN_FIELD username
MYSQL_HOME_FIELD concat('/var/mailbox/',homedir)
MYSQL_NAME_FIELD name
MYSQL_MAILDIR_FIELD concat('/var/mailbox/',maildir) 4)设置courier-authlib开机启动
# cp courier-authlib.sysvinit /etc/init.d/courier-authlib
# chmod +x /etc/init.d/courier-authlib
# chkconfig --add courier-authlib
# chkconfig courier-authlib on
# echo "/usr/local/courier-authlib/lib/courier-authlib" >> /etc/ld.so.conf.d/courier-authlib.conf
# ldconfig
# service courier-authlib start
Starting Courier authentication services: authdaemond 5)设置smtpd认证
# vi /usr/lib64/sasl2/smtpd.conf
pwcheck_method: authdaemond
log_level: 3
mech_list: PLAIN LOGIN
authdaemond_path:/usr/local/courier-authlib/var/spool/authdaemon/socket 6)配置postfix支持SMTP
# vi /etc/postfix/main.cf
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = ''
smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination
broken_sasl_auth_clients=yes
smtpd_client_restrictions = permit_sasl_authenticated
smtpd_sasl_security_options = noanonymous 7)配置postfix支持虚拟用户
# vi /etc/postfix/main.cf
virtual_mailbox_base = /var/mailbox
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_alias_domains =
virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_uid_maps = static:2525
virtual_gid_maps = static:2525
virtual_transport = virtual ——安装Extmail
1)创建相关目录并解压extmail
# mkdir -p /var/www/extsuite
# tar fzvx extmail-1.2.tar.gz -C /var/www/extsuite/
# cp /var/www/extsuite/extmail-1.2 /var/www/extsuite/extmail
# cd /var/www/extsuite/extmail 2)修改Extmail的主配置文件
# cp webmail.cf.default webmail.cf
# vi webmail.cf
SYS_SESS_DIR = /tmp/extmail
SYS_UPLOAD_TMPDIR = /tmp/extmail/upload
SYS_USER_LANG = zh_CN
SYS_MIN_PASS_LEN = 8
SYS_MAILDIR_BASE = /var/mailbox
SYS_MYSQL_USER = extmail
SYS_MYSQL_PASS = extmail
SYS_MYSQL_DB = extmail
SYS_MYSQL_HOST = localhost
SYS_MYSQL_SOCKET = /var/lib/mysql/mysql.sock
SYS_MYSQL_TABLE = mailbox
SYS_MYSQL_ATTR_USERNAME = username
SYS_MYSQL_ATTR_DOMAIN = domain
SYS_MYSQL_ATTR_PASSWD = password
SYS_AUTHLIB_SOCKET = /usr/local/courier-authlib/var/spool/authdaemon/socket 3)建立extmail的临时文件目录及session目录
# mkdir -p /tmp/extmail/upload
# chown postfix.postfix -R /tmp/extmail/ ——安装Extman
1)解压extmail
# tar fzvx extman-1.1.tar.gz -C /var/www/extsuite/
# cd /var/www/extsuite/extmail
# mv extman-1.1 extman
# cd extman 2)修改Extman的主配置文件
# cp webman.cf.default webman.cf
# vi webman.cf
SYS_MAILDIR_BASE = /var/mailbox
SYS_DEFAULT_UID = 2525
SYS_DEFAULT_GID = 2525
SYS_MYSQL_USER = extmail
SYS_MYSQL_PASS = extmail
SYS_MYSQL_DB = extmail
SYS_MYSQL_HOST = localhost
SYS_MYSQL_SOCKET = /var/lib/mysql/mysql.sock 3)修改cgi目录的属主
# chown -R postfix.postfix /var/www/extsuite/extman/cgi/
# chown -R postfix.postfix /var/www/extsuite/extmail/cgi/ 4)导入Extman的数据库
# cd docs/
# vi extmail.sql
将文件里面所有的TYPE=MyISAM改为ENGINE=MyISAM、命令如下:
:% s/TYPE/ENGINE/g
# mysql -u root < extmail.sql
# mysql -u root < init.sql 5)授予用户extmail访问extmail数据库的权限
# mysql -u root
MariaDB [(none)]> GRANT all privileges on extmail.* TO extmail@localhost IDENTIFIED BY 'extmail';
Query OK, 0 rows affected (0.52 sec)
MariaDB [(none)]> GRANT all privileges on extmail.* TO extmail@127.0.0.1 IDENTIFIED BY 'extmail';
Query OK, 0 rows affected (0.05 sec)
MariaDB [(none)]> quit
Bye 6)为Extman创建临时目录并给予权限
# mkdir /tmp/extman
# chown postfix.postfix -R /tmp/extman/ ——重启postfix、dovecot、saslauthd、nginx
# service postfix restart
# service dovecot restart
# service saslauthd restart ——测试虚拟用户实现结果
1)测试Postfix 支持虚拟用户
# /usr/local/courier-authlib/sbin/authtest -s login postmaster@extmail.org extmail
Authentication succeeded. //表示成功
Authenticated: postmaster@extmail.org (uid 1000, gid 1000)
Home Directory: /mailbox/extmail.org/postmaster
Maildir: /mailbox/extmail.org/postmaster/Maildir/
Quota: (none)
Encrypted Password: $1$phz1mRrj$3ok6BjeaoJYWDBsEPZb5C0
Cleartext Password: extmail
Options: (none) 2)测试虚拟用户SMPT发信认证
# printf "postmaster@extmail.org" | openssl base64
cG9zdG1hc3RlckBleHRtYWlsLm9yZw==
# printf "extmail" | openssl base64
ZXh0bWFpbA==
#
# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 mail.benet.com ESMTP Postfix
auth login
334 VXNlcm5hbWU6
cG9zdG1hc3RlckBleHRtYWlsLm9yZw==
334 UGFzc3dvcmQ6
ZXh0bWFpbA==
235 2.0.0 Authentication successful //表示成功
quit
221 2.0.0 Bye
Connection closed by foreign host. ——启动extmail和extman的相关程序
1)修改dispatch-initSU_UID和SU_GID
# vi /var/www/extsuite/extmail/dispatch-init
SU_UID=postfix
SU_GID=postfix 2)启动dispatch-init并添加到/etc/rc.local [不启动dispatch-init]
# /var/www/extsuite/extmail/dispatch-init start
# echo "/var/www/extsuite/extmail/dispatch-init start" >> /etc/rc.local 注意:不启动dispatch-init 连接extmail时候会报502错误。
3)启动cmdserver并添加到/etc/rc.local
# /data/www/extman/daemon/cmdserver -v -d
# echo "/var/www/extsuite/extman/daemon/cmdserver -v -d " >> /etc/rc.local 注意:不启动cmdserver的话,extmail登录管理后台,系统信息里会报Connection refused错误
如果出现如下错误:Undefined subroutine &Ext::Utils::sort2name called at /var/www/extsuite/extmail/libs/Ext/App/Folders.pm line 387.
解决办法:
# cd /var/www/extsuite/extmail/libs/Ext
# cp Utils.pm /var/www/extsuite/extman/libs/
# cd /var/www/extsuite/extman/libs/Ext
# mv Utils.pm ManUtils.pm
# /var/www/extsuite/extmail/dispatch-init stop
# /var/www/extsuite/extmail/dispatch-init start ——Extmail虚拟主机配置 [这里用的是nginx]
1)配置extmail虚拟主机
# vi /usr/local/nginx/conf/conf.d/extmail.conf
server {
listen 8080;
server_namemail.test.com;
index index.html index.htm index.php index.cgi;
root/var/www/extsuite/extmail/html/;
location /extmail/cgi/ {
fastcgi_pass 127.0.0.1:8888;
fastcgi_index index.cgi;
fastcgi_paramSCRIPT_FILENAME /var/www/extsuite/extmail/cgi/$fastcgi_script_name;
include fcgi.conf;
}
location/extmail/{
alias/var/www/extsuite/extmail/html/;
}
location /extman/cgi/ {
fastcgi_pass 127.0.0.1:8888;
fastcgi_index index.cgi;
fastcgi_paramSCRIPT_FILENAME /var/www/extsuite/extman/cgi/$fastcgi_script_name;
include fcgi.conf;
}
location /extman/ {
alias/var/www/extsuite/extman/html/;
}
access_log/usr/local/nginx/logs/extmail_access.log;
} 2)创建fcgi.conf
# vi /usr/local/nginx/conf/fcgi.conf
fastcgi_paramGATEWAY_INTERFACECGI/1.1;
fastcgi_paramSERVER_SOFTWARE nginx;
fastcgi_paramQUERY_STRING $query_string;
fastcgi_paramREQUEST_METHOD $request_method;
fastcgi_paramCONTENT_TYPE $content_type;
fastcgi_paramCONTENT_LENGTH $content_length;
fastcgi_paramSCRIPT_NAME $fastcgi_script_name;
fastcgi_paramREQUEST_URI $request_uri;
fastcgi_paramDOCUMENT_ROOT $document_root;
fastcgi_paramSERVER_PROTOCOL $server_protocol;
fastcgi_paramREMOTE_ADDR $remote_addr;
fastcgi_paramREMOTE_PORT $remote_port;
fastcgi_paramSERVER_ADDR $server_addr;
fastcgi_paramSERVER_PORT $server_port;
fastcgi_paramSERVER_NAME $server_name; 3)重启nginx
# service nginx restart ——Extmail测试
待续...
页:
[1]