5.安裝postfix 2.2.3
如果你的系統(tǒng)上原來(lái)有sendmail��,先將其停止并將其文件改名:
# /etc/init.d/sendmail stop
# chkconfig --level 0123456 sendmail off
# mv /usr/bin/newaliases /usr/bin/newaliases.orig
# mv /usr/bin/mailq /usr/bin/mailq.orig
# mv /usr/sbin/sendmail /usr/sbin/sendmail.orig
開(kāi)始安裝
# groupadd -g 12345 postfix
# useradd -u 12345 -g 12345 -c postfix -d/dev/null -s/bin/false postfix
# groupadd -g 54321 postdrop
# wget ftp://postfix.cn99.com/postfix/official/postfix-2.2.3.tar.gz
# tar -zxvf postfix-2.2.3.tar.gz
# cd postfix-2.2.3
(Building Postfix with SASL authentication and mysql support)
# make -f Makefile.init makefiles \
'CCARGS=-DHAS_MYSQL -I/usr/local/mysql/include/mysql -DUSE_SASL_AUTH -I/usr/local/include/sasl' \
'AUXLIBS=-L/usr/local/mysql/lib/mysql -lmysqlclient -lz -lm -L/usr/local/lib -lsasl2'
# make install
如果/etc/aliases文件不存在�����,請(qǐng)用如下命令創(chuàng)建:
# echo postfix: root >> /etc/aliases
# /usr/bin/newaliases
注意:
本例中Mysql安裝在/usr/lcoal/mysql����,sasl2安裝在/usr/lib/sasl2。如果安裝路徑不同���,請(qǐng)自行修改編譯時(shí)CCARGS和AUXLIBS選項(xiàng)�����。
在執(zhí)行make install的時(shí)候可能會(huì)得到如下的提示(如果沒(méi)有就不用管了):
/usr/libexec/ld-elf.so.1: Shared object "libmysqlclient.so.12" not found
這是因?yàn)閙ysql不是安裝在默認(rèn)目錄中的���,所以需要告訴postfix應(yīng)該到哪里去找libmysqlclient.so.12,使用ldconfig就可以達(dá)到這個(gè)目的:
# echo /usr/local/mysql/lib/mysql >> /etc/ld.so.conf
# ldconfig
Go to top.
6.安裝postfixadmin 2.1.0
建立apache和maildrop的用戶(hù)和組
# groupadd vmail -g 1001
# useradd vmail -u 1001 -g 1001 -s/bin/false -d/dev/null
# vi /usr/local/apache/conf/httpd.conf
把
User nobody
Group #-1
改為
User vmail
Group vmail
# wget http:///postfixadmin/download.php?file=postfixadmin-2.1.0.tgz
# tar -zxvf postfixadmin-2.1.0.tgz
# mv postfixadmin-2.1.0 /var/www/postfixadmin
更改權(quán)限��,假定運(yùn)行apache的用戶(hù)和組為vmail
# chown -R vmail:vmail /var/www/postfixadmin
# cd /var/www/postfixadmin
# chmod 640 *.php *.css
# cd /var/www/postfixadmin/admin/
# chmod 640 *.php .ht*
# cd /var/www/postfixadmin/images/
# chmod 640 *.gif *.png
# cd /var/www/postfixadmin/languages/
# chmod 640 *.lang
# cd /var/www/postfixadmin/templates/
# chmod 640 *.tpl
# cd /var/www/postfixadmin/users/
# chmod 640 *.php
建立mysql表
# cd /var/www/postfixadmin
# mysql -u root [-p] < DATABASE_MYSQL.TXT
# cp config.inc.php.sample config.inc.php
# vi config.inc.php
本例中的配置如下:
// Language config
// Language files are located in './languages'.
$CONF['default_language'] = 'cn';
// Database Config
// 'database_type' is for future reference.
$CONF['database_type'] = 'mysql';
$CONF['database_host'] = 'localhost';
$CONF['database_user'] = 'postfixadmin';
$CONF['database_password'] = 'postfixadmin';
$CONF['database_name'] = 'postfix';
//$CONF['encrypt'] = 'md5crypt';
$CONF['encrypt'] = 'cleartext';
// Mailboxes
// If you want to store the mailboxes per domain set this to 'YES'.
// Example: /usr/local/virtual/domain.tld/username@domain.tld
$CONF['domain_path'] = 'YES';
// If you don't want to have the domain in your mailbox set this to 'NO'.
// Example: /usr/local/virtual/domain.tld/username
$CONF['domain_in_mailbox'] = 'NO';
// Quota
// When you want to enforce quota for your mailbox users set this to 'YES'.
$CONF['quota'] = 'YES';
// You can either use '1024000' or '1048576'
$CONF['quota_multiplier'] = '1024000';
我們?cè)谶@里使用明文口令方式���,如果想使用密文��,請(qǐng)把$CONF['encrypt']='cleartext';改成$CONF['encrypt']='md5crypt';
郵箱的存儲(chǔ)格式使用domain.ltd/username的形式�����,所以設(shè)置:
$CONF['domain_path'] = 'YES';
$CONF['domain_in_mailbox'] = 'NO';
然后打開(kāi)瀏覽器����,進(jìn)入postfixadmin的歡迎界面,點(diǎn)擊網(wǎng)頁(yè)上的setup�,看看檢查是否通過(guò),記得要?jiǎng)h除setup.php文件�。然后進(jìn)入http://www./postfixadmin/admin/index.php,就可以新建域名�、管理員以及郵箱了。
Go to top.
# vi /etc/postfix/main.cf
#=====================BASE=========================
#主機(jī)名稱(chēng)(用 FQDN 的方式來(lái)寫(xiě))
myhostname = www.test.com
#domain 名稱(chēng)
mydomain = test.com
#郵件標(biāo)頭上面的 mail from 的那個(gè)地址
myorigin = $mydomain
#可用來(lái)收件的主機(jī)名稱(chēng)(這里沒(méi)有使用$mydomain是因?yàn)槲覀儗⑹褂胿irtualhost)
mydestination = $myhostname localhost localhost.$mydomain
#允許不使用smtp發(fā)信認(rèn)證的網(wǎng)段
mynetworks = 127.0.0.0/8
inet_interfaces = all
#使用的郵箱格式
#home_mailbox = Maildir/
#mailbox_transport = maildrop
#=====================Vritual Mailbox settings=========================
# 指定用戶(hù)郵箱所在的根目錄
virtual_mailbox_base = /var/mailbox/
#指定postfix如何去檢索郵件用戶(hù),這里是采用mysql (用戶(hù)郵箱的目錄)
virtual_mailbox_maps = mysql:/etc/postfix/mysql/mysql_virtual_mailbox_maps.cf
virtual_mailbox_domains = mysql:/etc/postfix/mysql/mysql_virtual_domains_maps.cf
virtual_alias_domains =
virtual_alias_maps = mysql:/etc/postfix/mysql/mysql_virtual_alias_maps.cf
#郵件賬號(hào)的uid, 使用apache的運(yùn)行用戶(hù)
virtual_uid_maps = static:1001
virtual_gid_maps = static:1001
#virtual_uid_maps = mysql:/etc/postfix/mysql/mysql-virtual_uid_maps.cf
#virtual_gid_maps = mysql:/etc/postfix/mysql/mysql-virtual_gid_maps.cf
# use this for virtual delivery(如果沒(méi)有安裝maildrop�,則此處為virtual)
#virtual_transport = virtual
#use this for maildrop-delivery (如果有maildrop,則此處為maildrop)
virtual_transport = maildrop
#Maildrop-Options for usage with maildrop
maildrop_destination_recipient_limit = 1
maildrop_destination_concurrency_limit = 1
#/var/mailbox/最后的"/"字符不能省略
#所有的MySQL查詢(xún)配置文件統(tǒng)一存放在/etc/postfix/mysql中
#====================QUOTA========================
#每封信的最大大小(10M),postfix的默認(rèn)值是10M, 但這指的是郵件正文和編碼后附件的總和, 經(jīng)過(guò)#base64編碼,附件的大小會(huì)增加35%左右, 因此這里設(shè)定可接受郵件的大小為14M
message_size_limit = 14336000
#郵箱的默認(rèn)大小(10M)
virtual_mailbox_limit = 20971520
virtual_create_maildirsize = yes
virtual_mailbox_extended = yes
#指定postfix如何獲得用戶(hù)的quota信息(每個(gè)用戶(hù)的郵箱大小)
virtual_mailbox_limit_maps = mysql:/etc/postfix/mysql/mysql_virtual_mailbox_limit_maps.cf
# 是否允許覆蓋默認(rèn)郵箱的大小
virtual_mailbox_limit_override = yes
virtual_maildir_limit_message = Sorry, the user's maildir has overdrawn his diskspace quota, please try again later.
virtual_overquota_bounce = yes
#====================SASL========================
broken_sasl_auth_clients = yes
#In order to allow mail relaying by authenticated clients
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_invalid_hostname,
reject_non_fqdn_hostname,
reject_unknown_sender_domain,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unknown_recipient_domain,
reject_unauth_pipelining,
reject_unauth_destination,
permit
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_security_options = noanonymous
smtpd_sasl_application_name = smtpd
smtpd_banner=$myhostname ESMTP "Version not Available"
Go to top.
建立/var/mailbox并設(shè)置權(quán)限
# mkdir /var/mailbox
# chown -R vmail:vmail /var/mailbox
# chmod -R ug+rwx,o-rwx /var/mailbox
建立/etc/postfix/mysql文件夾和MySQL查詢(xún)配置文件
# mkdir /etc/postfix/mysql
1����、vi /etc/postfix/mysql/mysql_virtual_alias_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
table = alias
select_field = goto
where_field = address
2、vi /etc/postfix/mysql/mysql_virtual_domains_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
table = domain
select_field = description
where_field = domain
#additional_conditions = and backupmx = '0' and active = '1'
3�����、vi /etc/postfix/mysql/mysql_virtual_mailbox_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
table = mailbox
select_field = maildir
where_field = username
#additional_conditions = and active = '1'
4�、vi /etc/postfix/mysql/mysql_virtual_mailbox_limit_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
table = mailbox
select_field = quota
where_field = username
#additional_conditions = and active = '1'
Go to top.
配置 /usr/local/lib/sasl2/smtpd.conf
# vi /usr/local/lib/sasl2/smtpd.conf
pwcheck_method: auxprop
auxprop_plugin: sql
mech_list: plain login
sql_engine: mysql
sql_hostnames: localhost
sql_user: postfix
sql_passwd: postfix
sql_database: postfix
sql_select: SELECT password FROM mailbox WHERE username='%u@%r' and domain='%r' and active='1'
啟動(dòng)postfix
# postfix start
測(cè)試smtp
# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 www.test.com ESMTP "Version not Available"
ehlo www.test.com
250-www.test.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250 8BITMIME
Go to top.
7.安裝Courier-authlib 0.55
新版本的imap不再包含authentication library,必須先安裝 Courier authentication library
# wget http://www./beta/courier-authlib/courier-authlib-0.55.20050407.tar.bz2
# tar -jxvf courier-authlib-0.55.20050407.tar.bz2
# cd courier-authlib-0.55.20050407
# ./configure \
--with-redhat \
--with-authmysql=yes \
--with-mailuser=vmail --with-mailgroup=vmail \
--with-mysql-libs=/usr/local/mysql/lib/mysql --with-mysql-includes=/usr/local/mysql/include/mysql/
# make
# make install
# make install-configure
# vi /usr/local/etc/authlib/authdaemonrc (確保只使用mysql認(rèn)證模塊)
authmodulelist="authmysql"
authmodulelistorig="authmysql"
# vi /usr/local/etc/authlib/authmysqlrc
MYSQL_SERVER localhost
MYSQL_SOCKET /tmp/mysql.sock
MYSQL_DATABASE postfix
MYSQL_USERNAME postfix
MYSQL_PASSWORD postfix
MYSQL_USER_TABLE mailbox
MYSQL_LOGIN_FIELD username
#MYSQL_CRYPT_PWFIELD password
MYSQL_CLEAR_PWFIELD password
MYSQL_UID_FIELD '1001'
MYSQL_GID_FIELD '1001'
MYSQL_HOME_FIELD '/var/mailbox/'
MYSQL_MAILDIR_FIELD maildir
MYSQL_NAME_FIELD name
MYSQL_QUOTA_FIELD quota
MYSQL_WHERE_CLAUSE active='1'
DEFAULT_DOMAIN test.com
注意:確認(rèn)在這個(gè)文件中不能用空格鍵���,只能用tab鍵��。
確認(rèn)只使用單引號(hào),比如:'/var/mailbox/','UID','GID'(本文為'1001')
localhost不能用單引號(hào)
確認(rèn)你的/etc/hosts文件中有l(wèi)ocalhost
編譯時(shí)如果支持Ipv6可能導(dǎo)致錯(cuò)誤
MYSQL_GID_FIELD 和MYSQL_UID_FIELD是maildrop的UID和GID����,而不是MySQL的�。
如果想使用md5密碼���,把MYSQL_CLEAR_PWFIELD password改成MYSQL_CRYPT_PWFIELD password
啟動(dòng)服務(wù)
要是想讓imap開(kāi)機(jī)就啟動(dòng)服務(wù):
# cp courier-authlib.sysvinit /etc/rc.d/init.d/courier-authlib
# chmod 755 /etc/rc.d/init.d/courier-authlib
# chkconfig --level 0123456 courier-authlib on
手動(dòng)啟動(dòng)服務(wù):
# authdaemond start
測(cè)試courier-authlib
檢查進(jìn)程:
# pstree |grep authdaemond
|-authdaemond.mys---5*[authdaemond.mys]
Go to top.
8.安裝Courier-imap 4.0.2
# wget http://www./beta/imap/courier-imap-4.0.2.20050403.tar.bz2
# tar -jxvf courier-imap-4.0.2.20050403.tar.bz2
# cd courier-imap-4.0.2.20050403
# ./configure \
--prefix=/usr/local/imap \
--with-redhat \
--disable-root-check \
--enable-unicode=utf-8,iso-8859-1,gb2312,gbk,gb18030 \
--with-trashquota \
--with-dirsync
# make
# make install-strip (先install-strip��,如果失敗�,再make install)
# make install-configure
# vi /usr/local/imap/etc/pop3d
將POP3DSTART=NO改為POP3DSTART=YES
# vi /usr/local/imap/etc/imapd
將IMAPDSTART=NO改為IMAPDSTART=YES
讓imap自啟動(dòng):
# cp courier-imap.sysvinit /etc/rc.d/init.d/courier-imap
# chmod 755 /etc/rc.d/init.d/courier-imap
# chkconfig --level 0123456 courier-imap on
手動(dòng)啟動(dòng)服務(wù):
# /usr/local/imap/libexec/pop3d.rc start
# /usr/local/imap/libexec/imapd.rc start
測(cè)試courier-imap
檢查進(jìn)程:
# pstree |grep courier
|-2*[courierlogger]
|-2*[couriertcpd]
檢查端口���,應(yīng)該有如下端口打開(kāi):
# netstat -an |grep LISTEN
tcp00 0.0.0.0:1100.0.0.0:*LISTEN
tcp00 0.0.0.0:1430.0.0.0:*LISTEN
檢測(cè)POP3和IMAP服務(wù):
# telnet localhost 110
+OK Hello there
USER test@test.com
+OK Password required.
PASS test
+OK Logged in.
QUIT
+OK bye-bye
Go to top.
9.安裝Courier-maildrop 1.8.0
# groupadd vmail -g 1001
# useradd vmail -u 1001 -g 1001 -s/bin/false -d/dev/null
# wget http://jaist.dl./sourceforge/courier/maildrop-1.8.0.tar.bz2
# tar jxvf maildrop-1.8.0.tar.bz2
# cd maildrop-1.8.0
# ./configure \
--prefix=/usr/local/maildrop \
--enable-sendmail=/usr/sbin/sendmail \
--enable-trusted-users='root vmail' \
--enable-syslog=1 \
--enable-maildirquota \
--enable-maildrop-uid=1001 \
--enable-maildrop-gid=1001 \
--with-trashquota \
--with-dirsync
# make
# make install
# cp /usr/local/maildrop/bin/maildrop /usr/bin
# chmod a+rx /usr/bin/maildrop
運(yùn)行maildrop -v應(yīng)該有如下提示信息:
maildrop 1.8.0 Copyright 1998-2004 Double Precision, Inc.
GDBM extensions enabled.
Courier Authentication Library extension enabled.
Maildir quota extension enabled.
This program is distributed under the terms of the GNU General Public
License. See COPYING for additional information.
新建/etc/maildroprc文件
# vi /etc/maildroprc
logfile "/var/mailbox/maildrop.log"
to "$HOME$DEFAULT"
# chmod a+r /etc/maildroprc
配置Postfix
# vi /etc/postfix/main.cf
virtual_transport = maildrop
maildrop_destination_recipient_limit = 1
# vi /etc/postfix/master.cf
maildrop unix - n n - - pipe
flags=DRhu user=vmail:vmail argv=/usr/local/maildrop/bin/maildrop -w 90 -d $
由于maildrop沒(méi)有建立及刪除maildir的功能,因此由腳本實(shí)現(xiàn)(是否有什么安全隱患�����?)
# vi /etc/sudoers
vmail ALL = NOPASSWD: /usr/sbin/maildirmake.sh , /usr/sbin/maildirdel.sh
新建/usr/sbin/maildirmake.sh文件
# vi /usr/sbin/maildirmake.sh
#!/bin/bash
set -e
if [ ! -f /var/mailbox/ ]
then
mkdir /var/mailbox/
fi
chown -R vmail:vmail /var/mailbox/
cd "/var/mailbox/"
/usr/local/imap/bin/maildirmake
chown -R 1001:12345 /var/mailbox//
chmod -R g=s /var/mailbox//
新建/usr/sbin/maildirdel.sh文件
# vi /usr/sbin/maildirmake.sh
#!/bin/bash
rm -rf /var/mailbox//
# chmod 755 /usr/sbin/maildirmake.sh
# chmod 755 /usr/sbin/maildirdel.sh
更改postfixadmin目錄及postfixadmin/admin目錄下的create-mailbox.php文件
在這兩個(gè)文件的$tQuota = $CONF['maxquota'];行后加一行:
# vi /var/www/postfixadmin/admin/create-mailbox.php (vi /var/www/postfixadmin/create-mailbox.php)
system("sudo /usr/sbin/maildirmake.sh $fDomain ".$_POST['fUsername']);
更改postfixadmin目錄及postfixadmin/admin目錄下的delete.php文件
在這兩個(gè)文件的$result = db_query ("SELECT * FROM mailbox WHERE username='$fDelete' AND domain='$fDomain'");行后加幾行:
# vi /var/www/postfixadmin/admin/delete.php (vi /var/www/postfixadmin/delete.php)
$userarray=explode("@",$fDelete);
$user=$userarray[0];
$domain=$userarray[1];
system("sudo /usr/sbin/maildirdel.sh $domain $user");
說(shuō)明:
建立的郵箱格式:/var/vmail/domain.tld/username
uid 1001 是vmail的用戶(hù)id�,也是目錄/var/vmail的owner
gid 12345 是postfix的組id
在postfixadmin中建立一測(cè)試帳戶(hù)test@test.com
測(cè)試maildrop
# maildrop -V 9 -d test@test.com
maildrop: authlib: groupid=1001
maildrop: authlib: userid=1001
maildrop: authlib: logname=test@test.com, home=/var/mailbox/, mail=test.com/test/
maildrop: Changing to /var/mailbox/
ctrl+c退出
下一步,查看日志(/var/log/maillog)看看postfix是不是和maildrop一起工作:
# cat /var/log/maillog | grep maildrop -A 2
Feb 28 11:50:41 malochia postfix/qmgr[7345]: 2875B7823E62: from=<remote@user.nl>, size=3308, nrcpt=1 (queue active)
Feb 28 17:18:05 malochia postfix/pipe[11615]: 04DD57822697: to=<user@domain.tld>, relay=maildrop, delay=0, status=sent (domain.tld)
如果沒(méi)有���,看看是不是由于配置不正確���,而使郵件在隊(duì)列中
# Mailq
配置quotas
新建文件/usr/local/maildrop/etc/quotawarnmsg
# vi /usr/local/maildrop/etc/quotawarnmsg
From: 管理員 test.com <postmaster@test.com>
Reply-To: postmaster@test.com
To: Valued Customer:;
Subject: 警告!您的郵箱空間即將用完��!
Mime-Version: 1.0
Content-Type: text/plain; charset=gb2312
Content-Transfer-Encoding: 8bit
親愛(ài)的用戶(hù),您的郵箱空間已用了90%��。如果還想繼續(xù)收到郵件的話(huà)�,請(qǐng)刪除一些郵件。
設(shè)置quotas
Postfixadmin的數(shù)據(jù)庫(kù)的maildrop表的quota字段是int類(lèi)型的�����,在maildrop下不能工作�����,不過(guò)我們可以修改 /usr/local/etc/authlib/authmysqlrc文件��,把其中的MYSQL_QUOTA_FIELD quota一行改為MYSQL_QUOTA_FIELD concat(quota,'S') �����,如果你想限制郵件的數(shù)量���,也可以改成MYSQL_QUOTA_FIELD concat(quota,'C')�。
如果我們把一個(gè)用戶(hù)的郵箱設(shè)為10M����,我們可以把quota的值改為“10000000S”。也可以用“C”����,“1000C”的意思是只能存放1000條郵件。
給test@test.com發(fā)一封信����,但是不用包含附件。然后:
# cd /var/mailbox/test.com/test
# cat maildirsize
1000000S
1622 1
maildirsize這個(gè)文件存儲(chǔ)了郵箱配額的信息�����,而且courier-imap也用這個(gè)文件����。
舉個(gè)例子說(shuō)明一下該文件,我的一個(gè)maildirsize文件的內(nèi)容如下:
# cat maildirsize
5000000S
42898 9
3403 1
1622 1
2371 1
說(shuō)明這個(gè)郵箱的容量是5M(如果你把quota字段的值刪除���,maildrop會(huì)自動(dòng)給它一個(gè)值�����,但是不要把它的值設(shè)置成null)�����,現(xiàn)在郵箱里有四封信���。
假設(shè)該用戶(hù)用掉了5M中的3M����,只剩2M了���,如果來(lái)了一封大于2M的郵件����,將會(huì)被退回�����,如果是1.7M的郵件��,maildrop會(huì)收下該郵件�����,更新maildirsize文件�����,重新計(jì)算quota,得知該用戶(hù)使用了90%(/etc/postfix/master.cf中的-w 90)以上的配額���,maildrop會(huì)拷貝/usr/local/maildrop/etc/quotawarnmsg文件到該用戶(hù)的郵箱中警告該用戶(hù)。
Go to top.
