Ubuntu之邮件服务器(Postfix, Dovecot, MySql)

前提

  • 系统为 Ubuntu , 版本为14.04, 其他版本问题应该不大
  • 系统 hostname 为 zjc - 详见设置linux主机名 —– 此步非必须 
    • $ sudo su
    • # echo zjc > /etc/hostname
    • # exit
  • 系统IP地址为10.1.6.49
  • 一些地址映射 要加入/etc/hosts文件或者DNS 
    • $ sudo apt-get install vim
    • $ sudo vim /etc/hosts #自然,也可以用其他文本编辑器
    •  #新添加的项 
      10.1.6.49 zjc zjc.com vzjc.com mail.vzjc.com
  • 修改完毕后最好重启一下机器 
    • $ sudo shutdown -r now

安装依赖包

$ sudo apt-get install openssl telnet libsasl2-2 libsasl2-modules libsasl2-modules-sql sasl2-bin libpam-mysql
  • 1

安装mysql

$ sudo apt-get install mysql-client mysql-server

首次安装后会提示输入mysql密码,输入确认并记住,以后还需要用到

设置MySQL数据库

其中的mail_adminpassword-for-mail_admin为生成的数据库mail的用户名和密码,可以修改成自己的,但是一旦修改,后文中出现的地方都要修改。

$ mysql -u root -p 
Enter password: input your password 
mysql> CREATE DATABASE mail; 
mysql> USE mail; 
mysql> GRANT SELECT, INSERT, UPDATE, DELETE ON mail.* TO 'mail_admin'@'localhost' IDENTIFIED BY 'password-for-mail_admin'; 
mysql> GRANT SELECT, INSERT, UPDATE, DELETE ON mail.* TO 'mail_admin'@'127.0.0.1' IDENTIFIED BY 'password-for-mail_admin'; 
mysql> FLUSH PRIVILEGES; 
mysql> CREATE TABLE domains (domain varchar(50) NOT NULL, PRIMARY KEY (domain) ); 
mysql> CREATE TABLE forwardings (source varchar(80) NOT NULL, destination TEXT NOT NULL, PRIMARY KEY (source) ); 
mysql> CREATE TABLE users (email varchar(80) NOT NULL, password varchar(20) NOT NULL, PRIMARY KEY (email) ); 
mysql> CREATE TABLE transport ( domain varchar(128) NOT NULL default '', transport varchar(128) NOT NULL default '', UNIQUE KEY domain (domain) ); 
mysql> quit 

安装Postfit及相关

$ sudo apt-get install postfix postfix-mysql postfix-doc mailutils

如果postfit弹出设置界面,那么

General type of mail configuration 选择 Internet Site 
System Mail Name 选择 vzjc.com

配置Postfit

虚拟domain配置文件

$ sudo vim /etc/postfix/mysql-virtual_domains.cf

user = mail_admin
password = password-for-mail_admin
dbname = mail
query = SELECT domain AS virtual FROM domains WHERE domain='%s'
hosts = 127.0.0.1
  • 1
  • 2
  • 3
  • 4
  • 5

虚拟forwarding配置文件

$ sudo vim /etc/postfix/mysql-virtual_forwardings.cf

user = mail_admin
password = password-for-mail_admin
dbname = mail
query = SELECT destination FROM forwardings WHERE source='%s'
hosts = 127.0.0.1
  • 1
  • 2
  • 3
  • 4
  • 5

虚拟mailbox配置文件

$ sudo vim /etc/postfix/mysql-virtual_mailboxes.cf

user = mail_admin
password = password-for-mail_admin
dbname = mail
query = SELECT CONCAT(SUBSTRING_INDEX(email,'@',-1),'/',SUBSTRING_INDEX(email,'@',1),'/') FROM users WHERE email='%s'
hosts = 127.0.0.1
  • 1
  • 2
  • 3
  • 4
  • 5

虚拟email2email配置文件

$ sudo vim /etc/postfix/mysql-virtual_email2email.cf

user = mail_admin
password = password-for-mail_admin
dbname = mail
query = SELECT email FROM users WHERE email='%s'
hosts = 127.0.0.1
  • 1
  • 2
  • 3
  • 4
  • 5

设置权限

$ sudo chmod o= /etc/postfix/mysql-virtual_*.cf
$ sudo chgrp postfix /etc/postfix/mysql-virtual_*.cf
  • 1
  • 2

建立用户

$ sudo groupadd -g 5000 vmail
$ sudo useradd -c 'VMail' -g vmail -u 5000 vmail -d /home/vmail -m
  • 1
  • 2

使用postconf配置

此处有个需要注意的地方mynetworks应该包含本机的所有IP地址,例如我这里只有一个10.1.6.197,不然会导致发给自己的域的邮件接收不到。如果还是接收不到,那么重启机器看看

postconf -e 'myhostname = vzjc.com'
postconf -e 'mydestination = vzjc.com, localhost, localhost.localdomain'
postconf -e 'mynetworks = 127.0.0.0/8, 10.1.6.197'
postconf -e 'message_size_limit = 30720000'
postconf -e 'virtual_alias_domains ='
postconf -e 'virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, mysql:/etc/postfix/mysql-virtual_email2email.cf'
postconf -e 'virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf'
postconf -e 'virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf'
postconf -e 'virtual_mailbox_base = /home/vmail'
postconf -e 'virtual_uid_maps = static:5000'
postconf -e 'virtual_gid_maps = static:5000'
postconf -e 'smtpd_sasl_auth_enable = yes'
postconf -e 'broken_sasl_auth_clients = yes'
postconf -e 'smtpd_sasl_authenticated_header = yes'
postconf -e 'smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination'
postconf -e 'smtpd_use_tls = yes'
postconf -e 'smtpd_tls_cert_file = /etc/postfix/smtpd.cert'
postconf -e 'smtpd_tls_key_file = /etc/postfix/smtpd.key'
postconf -e 'proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps'
postconf -e 'virtual_transport = dovecot'
postconf -e 'local_transport = dovecot'
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21

为postfix创建证书

$ cd /etc/postfix
$ sudo openssl req -new -outform PEM -out smtpd.cert -newkey rsa:2048 -nodes -keyout smtpd.key -keyform PEM -days 3650 -x509
  • 1
  • 2

更改证书权限

$ sudo chmod o= /etc/postfix/smtpd.key

配置saslauthd

$ sudo mkdir -p /var/spool/postfix/var/run/saslauthd
$ sudo cp -a /etc/default/saslauthd /etc/default/saslauthd.bak
  • 1
  • 2

$ sudo vim /etc/default/saslauthd

START=yes
DESC="SASL Authentication Daemon"
NAME="saslauthd"
MECHANISMS="pam"
MECH_OPTIONS=""
THREADS=5
OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd -r"
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7

$ sudo vim /etc/pam.d/smtp

auth    required   pam_mysql.so user=mail_admin passwd=password-for-mail_admin host=127.0.0.1 db=mail table=users usercolumn=email passwdcolumn=password crypt=1
account sufficient pam_mysql.so user=mail_admin passwd=password-for-mail_admin host=127.0.0.1 db=mail table=users usercolumn=email passwdcolumn=password crypt=1
  • 1
  • 2

$ sudo vim /etc/postfix/sasl/smtpd.conf

pwcheck_method: saslauthd
mech_list: plain login
allow_plaintext: true
auxprop_plugin: sql
sql_engine: mysql
sql_hostnames: 127.0.0.1
sql_user: mail_admin
sql_passwd: password-for-mail_admin
sql_database: mail
sql_select: select password from users where email = '%u@%r'
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10

设置权限

$ sudo chmod o= /etc/pam.d/smtp
$ sudo chmod o= /etc/postfix/sasl/smtpd.conf
  • 1
  • 2

重启服务

$ sudo adduser postfix sasl
$ sudo service postfix restart
$ sudo service saslauthd restart
  • 1
  • 2
  • 3

安装dovecot及相关

安装dovecot

$ sudo apt-get install dovecot-common dovecot-imapd dovecot-pop3d dovecot-mysql

弹出的选项中选择生成根证书,并且生成的证书dovecot.pem应该在/etc/dovecot/下面,key在/etc/dovecot/private下面。请确认这一点 
hostname 填写 vzjc.com

配置dovecot

$ sudo vim /etc/postfix/master.cf

取消submission配置的注释:

submission inet n       -       -       -       -       smtpd
  -o syslog_name=postfix/submission
  -o smtpd_tls_security_level=encrypt
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_client_restrictions=$mua_client_restrictions
  -o milter_macro_daemon_name=ORIGINATING
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6

文件末尾增加

dovecot   unix  -       n       n       -       -       pipe
    flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -d ${recipient}

$ sudo cp -a /etc/dovecot/dovecot.conf /etc/dovecot/dovecot.conf.bak

清空文件/etc/dovecot/dovecot.conf,加入如下

$ sudo vim /etc/dovecot/dovecot.conf 
: 1,$d 
注意ssl_certssl_key指向的证书和私钥必须存在

log_timestamp = "%Y-%m-%d %H:%M:%S "
mail_location = maildir:/home/vmail/%d/%n/Maildir
namespace {
  inbox = yes
  location =
  prefix = INBOX.
  separator = .
  type = private
}
passdb {
  args = /etc/dovecot/dovecot-sql.conf
  driver = sql
}
protocols = imap pop3
disable_plaintext_auth = no
auth_mechanisms = plain login
service auth {
  unix_listener /var/spool/postfix/private/auth {
    group = postfix
    mode = 0660
    user = postfix
  }
  unix_listener auth-master {
    mode = 0600
    user = vmail
  }
  user = root
}
ssl = required
ssl_cert = </etc/dovecot/dovecot.pem
ssl_key = </etc/dovecot/private/dovecot.pem
userdb {
  args = uid=5000 gid=5000 home=/home/vmail/%d/%n allow_all_users=yes
  driver = static
}
protocol lda {
  auth_socket_path = /var/run/dovecot/auth-master
  log_path = /home/vmail/dovecot-deliver.log
  postmaster_address = postmaster@zjc.com
}
protocol pop3 {
  pop3_uidl_format = %08Xu%08Xv
}
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43

dovecot-sql.conf

$ sudo cp -a /etc/dovecot/dovecot-sql.conf /etc/dovecot/dovecot-sql.conf.bak

$ sudo vim /etc/dovecot/dovecot-sql.conf

driver = mysql
connect = host=127.0.0.1 dbname=mail user=mail_admin password=password-for-mail_admin
default_pass_scheme = CRYPT
password_query = SELECT email as user, password FROM users WHERE email='%u';
  • 1
  • 2
  • 3
  • 4

$ sudo service dovecot restart

$ sudo chgrp vmail /etc/dovecot/dovecot.conf

$ sudo chmod g+r /etc/dovecot/dovecot.conf

设置mail aliases - 详见aliases配置文件 – 这个是给sendmail程序用的吧,反正我是没看出来为啥要配置它

$ sudo vim /etc/aliases

postmaster: root 
root:admin@vzjc.com

测试

添加邮件账户

$ mysql -u root -p 
Enter password: input your password 
mysql> USE mail; 
mysql> INSERT INTO domains (domain) VALUES ('vzjc.com'); 
mysql> INSERT INTO users (email, password) VALUES ('test1@vzjc.com', ENCRYPT('password-for-test1')); 
mysql> INSERT INTO users (email, password) VALUES ('test2@vzjc.com', ENCRYPT('password-for-test2')); 
mysql> INSERT INTO users (email, password) VALUES ('admin@vzjc.com', ENCRYPT('111111')); 
mysql> quit

本来以为用户名可以用 test1 形式, 而不用 test1@vzjc.com 形式呢,结果如果不加@时候收发邮件是时灵时不灵的。。。不测试了,用户名直接加域名得了

重启机器

做完上面操作后如果用telnet vzjc.com 587,则显示不能连接,机器重启后就可以了 – 原因待查

$ sudo shutdown -r now

用telnet测试

$ telnet vzjc.com 587 
Trying 10.1.6.197… 
Connected to vzjc.com. 
Escape character is ‘^]’. 
220 vzjc.com ESMTP Postfix (Ubuntu)
 
ehlo vzjc.com 
250-vzjc.com 
250-PIPELINING 
250-SIZE 30720000 
250-VRFY 
250-ETRN 
250-STARTTLS 
250-ENHANCEDSTATUSCODES 
250-8BITMIME 
250 DSN 
quit 
221 2.0.0 Bye 
Connection closed by foreign host.
 
$ telnet vzjc.com smtp

$ telnet vzjc.com 110 
Trying 10.1.6.197… 
Connected to vzjc.com. 
Escape character is ‘^]’. 
+OK Dovecot (Ubuntu) ready. 
quit 
+OK Logging out 
Connection closed by foreign host.

用客户端测试

可以用ubuntu的thunderbird或者其他系统的outlook,foxmail等客户端测试,如果是其他机器上,注意一系列端口号一定要被服务器开放

这里写图片描述

FAQ:

解决Postfit不能群发的问题 解决方案

参考:

https://www.centos.bz/2013/06/ubuntu-12-04-deploy-postfix-dovecot-mysql-cyrus-sasl/ 
http://nonfu.me/p/2753.html 
http://blog.163.com/kssh0487596@126/blog/static/32111129201001911212786/

 
0
posted @ 2017-09-26 17:40  Vitascope  阅读(428)  评论(0编辑  收藏  举报