邮箱服务器搭建
DNS 安装配置
主机名设置
[root@mail ~]# hostname mail.cx.com [root@mail ~]# vi /etc/sysconfig/network NETWORKING=yes HOSTNAME=mail.cx.com
dns安装配置
[root@mail ~]# yum -y install bind bind-utils
[root@mail ~]# vim /etc/named.conf
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
options {
listen-on port 53 { localhost; }; 改成localhost
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
// allow-query { localhost; }; 注释掉,保存退出
recursion yes;
dnssec-enable yes;
[root@mail ~]# vim /etc/named.rfc1912.zones
zone "cx.com" IN { #正向区域文件
type master;
file "cx.com";
allow-update { none; };
};
zone "10.168.192.in-addr.arpa" IN { 反向区域文件
type master;
file "cx.mail";
allow-update { none; };
};
配置区域数据库
[root@mail ~]# vim /var/named/cx.com
$TTL 1D
@ IN SOA @ rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS mail.cx.com.
MX 10 mail.cx.com.
mail IN A 192.168.10.36
www IN A 192.168.10.36
[root@mail ~]# vim /var/named/cx.mail
$TTL 1D
@ IN SOA @ rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS mail.cx.com.
MX 10 mail.cx.com.
36 PTR mail.cx.com.
[root@mail ~]# /etc/init.d/named start
Generating /etc/rndc.key: [确定]
启动 named: [确定]
使用本机DNS解析
[root@mail ~]# vim /etc/resolv.conf
# Generated by NetworkManager
nameserver 192.168.10.36
[root@mail ~]# dig www.baidu.com
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6_10.1 <<>> www.baidu.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 65518
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 2, ADDITIONAL: 2
;; QUESTION SECTION:
;www.baidu.com. IN A
;; ANSWER SECTION:
www.baidu.com. 1200 IN CNAME www.a.shifen.com.
www.a.shifen.com. 300 IN CNAME www.wshifen.com.
www.wshifen.com. 300 IN A 103.235.46.39
;; AUTHORITY SECTION:
wshifen.com. 172799 IN NS ns3.wshifen.com.
wshifen.com. 172799 IN NS ns4.wshifen.com.
;; ADDITIONAL SECTION:
ns3.wshifen.com. 172799 IN A 180.76.8.250
ns4.wshifen.com. 172799 IN A 180.76.9.250
;; Query time: 2272 msec
;; SERVER: 192.168.10.36#53(192.168.10.36)
;; WHEN: Wed Dec 19 19:45:49 2018
;; MSG SIZE rcvd: 168
[root@mail ~]# dig www.cx.com
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6_10.1 <<>> www.cx.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35134
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
;; QUESTION SECTION:
;www.cx.com. IN A
;; ANSWER SECTION:
www.cx.com. 86400 IN A 192.168.10.36
;; AUTHORITY SECTION:
cx.com. 86400 IN NS mail.cx.com.
;; ADDITIONAL SECTION:
mail.cx.com. 86400 IN A 192.168.10.36
;; Query time: 1 msec
;; SERVER: 192.168.10.36#53(192.168.10.36)
;; WHEN: Wed Dec 19 19:47:01 2018
;; MSG SIZE rcvd: 79
[root@mail ~]# dig mail.cx.com
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6_10.1 <<>> mail.cx.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18162
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;mail.cx.com. IN A
;; ANSWER SECTION:
mail.cx.com. 86400 IN A 192.168.10.36
;; AUTHORITY SECTION:
cx.com. 86400 IN NS mail.cx.com.
;; Query time: 1 msec
;; SERVER: 192.168.10.36#53(192.168.10.36)
;; WHEN: Wed Dec 19 19:47:10 2018
;; MSG SIZE rcvd: 59
关闭防火墙与seLinux安全策略
[root@mail ~]# /etc/init.d/iptables stop
iptables:将链设置为政策 ACCEPT:filter [确定]
iptables:清除防火墙规则: [确定]
iptables:正在卸载模块: [确定]
[root@mail ~]# setenforce 0
[root@mail ~]# chkconfig iptables off
[root@mail ~]# vim /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these two values:
# targeted - Targeted processes are protected,
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
安装mysql
[root@mail ~]# yum -y install mysql-server mysql mysql-devel [root@mail ~]# service mysqld start 初始化 MySQL 数据库: Installing MySQL system tables... OK Filling help tables... OK To start mysqld at boot time you have to copy support-files/mysql.server to the right place for your system PLEASE REMEMBER TO SET A PASSWORD FOR THE MySQL root USER ! To do so, start the server, then issue the following commands: /usr/bin/mysqladmin -u root password 'new-password' /usr/bin/mysqladmin -u root -h mail.cx.com password 'new-password' Alternatively you can run: /usr/bin/mysql_secure_installation which will also give you the option of removing the test databases and anonymous user created by default. This is strongly recommended for production servers. See the manual for more instructions. You can start the MySQL daemon with: cd /usr ; /usr/bin/mysqld_safe & You can test the MySQL daemon with mysql-test-run.pl cd /usr/mysql-test ; perl mysql-test-run.pl Please report any problems with the /usr/bin/mysqlbug script! [确定] 正在启动 mysqld: [确定] [root@mail ~]# chkconfig mysqld on
安装Linux开发包组
[root@mail ~]# yum groupinstall "Development Tools" -y
安装postfix
[root@mail ~]# yum -y erase postfix 卸载旧的安装包 [root@mail ~]# yum -y install postfix [root@mail ~]# chkconfig postfix on 设置为开机自启动 [root@mail ~]# chkconfig postfix --list postfix 0:关闭 1:关闭 2:启用 3:启用 4:启用 5:启用 6:关闭
配置postfix
[root@mail ~]# vim /etc/postfix/main.cf 69 # 70 # The myhostname parameter specifies the internet hostname of this 71 # mail system. The default is to use the fully-qualified domain name 72 # from gethostname(). $myhostname is used as a default value for many 73 # other configuration parameters. 74 # 75 #myhostname = host.domain.tld 76 #myhostname = virtual.domain.tld 77 myhostname = mail.cx.com # 与主机名相同 84 #mydomain = domain.tld 85 mydomain = cx.com 域名 101 myorigin = $mydomain 118 inet_interfaces = all 监听的IP地址 166 #mydestination = $myhostname, localhost.$mydomain, localhost 167 mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain 266 #mynetworks = 168.100.189.0/28, 127.0.0.0/8 267 #mynetworks = $config_directory/mynetworks 268 mynetworks = 192.168.10.0/24 网段定义
启动查看日志及端口
[root@mail ~]# service postfix restart
关闭 postfix: [确定]
启动 postfix: [确定]
[root@mail ~]# ss -lntp
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 50 *:3306 *:*
users:(("mysqld",1635,10))LISTEN 0 3 ::1:53 :::*
users:(("named",1407,22))LISTEN 0 3 192.168.10.36:53 *:*
users:(("named",1407,21))LISTEN 0 3 127.0.0.1:53 *:*
users:(("named",1407,20))LISTEN 0 128 :::22 :::*
users:(("sshd",1254,4))LISTEN 0 128 *:22 *:*
users:(("sshd",1254,3))LISTEN 0 100 :::25 :::*
users:(("master",1774,13))LISTEN 0 100 *:25 *:*
users:(("master",1774,12))LISTEN 0 128 ::1:953 :::*
users:(("named",1407,24))LISTEN 0 128 127.0.0.1:953 *:*
users:(("named",1407,23))[root@mail ~]# cat /var/log/maillog
Dec 20 03:29:02 mail postfix/postfix-script[1357]: starting the Postfix mail system
Dec 20 03:29:02 mail postfix/master[1358]: daemon started -- version 2.6.6, configuration /etc/postfix
Dec 20 03:38:36 mail postfix/postfix-script[1592]: stopping the Postfix mail system
Dec 20 03:38:36 mail postfix/master[1358]: terminating on signal 15
Dec 20 03:39:58 mail postfix/postfix-script[1332]: starting the Postfix mail system
Dec 20 03:39:58 mail postfix/master[1333]: daemon started -- version 2.6.6, configuration /etc/postfix
Dec 20 03:57:14 mail postfix/postfix-script[1701]: stopping the Postfix mail system
Dec 20 03:57:14 mail postfix/master[1333]: terminating on signal 15
Dec 20 03:57:15 mail postfix/postfix-script[1773]: starting the Postfix mail system
Dec 20 03:57:15 mail postfix/master[1774]: daemon started -- version 2.6.6, configuration /etc/postfix
创建用户使用telnet测试
[root@mail ~]# useradd chenxi [root@mail ~]# telnet mail.cx.com 25 Trying 192.168.10.36... Connected to mail.cx.com. Escape character is '^]'. 220 mail.cx.com ESMTP Postfix mail from: root@cx.com 250 2.1.0 Ok rcpt to:chenxi@cx.com 250 2.1.5 Ok data 354 End data with <CR><LF>.<CR><LF> Subject:he haha . 250 2.0.0 Ok: queued as EBC539F475 quit 221 2.0.0 Bye Connection closed by foreign host. [root@mail ~]# tail /var/log/maillog Dec 20 03:57:14 mail postfix/master[1333]: terminating on signal 15 Dec 20 03:57:15 mail postfix/postfix-script[1773]: starting the Postfix mail system Dec 20 03:57:15 mail postfix/master[1774]: daemon started -- version 2.6.6, configuration /etc/postfix Dec 20 04:02:28 mail postfix/smtpd[1818]: connect from mail.cx.com[192.168.10.36] Dec 20 04:04:58 mail postfix/smtpd[1818]: EBC539F475: client=mail.cx.com[192.168.10.36] Dec 20 04:05:25 mail postfix/cleanup[1821]: EBC539F475: message-id=<20181219200458.EBC539F475@mail.cx.com> Dec 20 04:05:25 mail postfix/qmgr[1777]: EBC539F475: from=<root@cx.com>, size=337, nrcpt=1 (queue active) Dec 20 04:05:25 mail postfix/local[1822]: EBC539F475: to=<chenxi@cx.com>, relay=local, delay=85, delays=85/0.06/0/0, dsn=2.0.0, status=sent (delivered to mailbox) Dec 20 04:05:25 mail postfix/qmgr[1777]: EBC539F475: removed Dec 20 04:05:31 mail postfix/smtpd[1818]: disconnect from mail.cx.com[192.168.10.36]
安装dovecot
[root@mail ~]# yum -y install dovecot
配置dovecot
[root@mail ~]# grep -i "^[^#]" /etc/dovecot/dovecot.conf
protocols = pop3
login_trusted_networks = 0.0.0.0/0
dict {
#quota = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext
#expire = sqlite:/etc/dovecot/dovecot-dict-sql.conf.ext
}
!include conf.d/*.conf
[root@mail ~]# grep -i "^[^ #]" /etc/dovecot/conf.d/10-mail.conf
mail_location = mbox:~/mail:INBOX=/var/mail/%u
mbox_write_locks = fcntl
启动服务查看端口
[root@mail ~]# /etc/init.d/dovecot start
正在启动 Dovecot Imap: [确定]
[root@mail ~]# ss -lntp
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 100 :::993 :::*
users:(("dovecot",1869,27))LISTEN 0 100 *:993 *:*
users:(("dovecot",1869,26))LISTEN 0 100 :::995 :::*
users:(("dovecot",1869,21))LISTEN 0 100 *:995 *:*
users:(("dovecot",1869,20))LISTEN 0 50 *:3306 *:*
users:(("mysqld",1635,10))LISTEN 0 100 :::110 :::*
users:(("dovecot",1869,19))LISTEN 0 100 *:110 *:*
users:(("dovecot",1869,18))LISTEN 0 100 :::143 :::*
users:(("dovecot",1869,25))LISTEN 0 100 *:143 *:*
users:(("dovecot",1869,24))LISTEN 0 3 ::1:53 :::*
users:(("named",1407,22))LISTEN 0 3 192.168.10.36:53 *:*
users:(("named",1407,21))LISTEN 0 3 127.0.0.1:53 *:*
users:(("named",1407,20))LISTEN 0 128 :::22 :::*
users:(("sshd",1254,4))LISTEN 0 128 *:22 *:*
users:(("sshd",1254,3))LISTEN 0 100 :::25 :::*
users:(("master",1774,13))LISTEN 0 100 *:25 *:*
users:(("master",1774,12))LISTEN 0 128 ::1:953 :::*
users:(("named",1407,24))LISTEN 0 128 127.0.0.1:953 *:*
users:(("named",1407,23))[root@mail ~]#
配置sasl用户认证,并启动查看进程
[root@mail ~]# vim /etc/sysconfig/saslauthd
1 # Directory in which to place saslauthd's listening socket, pid file, and so
2 # on. This directory must already exist.
3 SOCKETDIR=/var/run/saslauthd
4
5 # Mechanism to use when checking passwords. Run "saslauthd -v" to get a list
6 # of which mechanism your installation was compiled with the ablity to use.
7 #MECH=pam
8 MECH=shadow
9
10 # Options sent to the saslauthd. If the MECH is other than "pam" uncomment the next lin
e. 11 # DAEMONOPTS=--user saslauth
12
13 # Additional flags to pass to saslauthd on the command line. See saslauthd(8)
14 # for the list of accepted flags.
15 FLAGS=
[root@mail ~]# /etc/init.d/saslauthd start
正在启动 saslauthd: [确定]
[root@mail ~]# ps -aux |grep sasl
Warning: bad syntax, perhaps a bogus '-'? See /usr/share/doc/procps-3.2.8/FAQ
root 1886 0.0 0.0 66500 1028 ? Ss 04:19 0:00 /usr/sbin/saslauthd -m /var/run/saslauthd -a shadow
root 1887 0.0 0.0 66500 712 ? S 04:19 0:00 /usr/sbin/saslauthd -m /var/run/saslauthd -a shadow
root 1888 0.0 0.0 66500 712 ? S 04:19 0:00 /usr/sbin/saslauthd -m /var/run/saslauthd -a shadow
root 1889 0.0 0.0 66500 712 ? S 04:19 0:00 /usr/sbin/saslauthd -m /var/run/saslauthd -a shadow
root 1890 0.0 0.0 66500 712 ? S 04:19 0:00 /usr/sbin/saslauthd -m /var/run/saslauthd -a shadow
root 1895 0.0 0.0 103340 892 pts/0 S+ 04:19 0:00 grep sasl
测试sasl用户认证
[root@mail ~]# passwd chenxi 更改用户 chenxi 的密码 。 新的 密码: 重新输入新的 密码: passwd: 所有的身份验证令牌已经成功更新。 [root@mail ~]# testsaslauthd -uchenxi -p123.com 0: OK "Success."
配置postfix通过sasl完成认证
[root@mail ~]# vim /etc/sasl2/smtpd.conf
pwcheck_method: saslauthd
mech_list: PLAIN LOGIN
log_level: 3
[root@mail ~]# /etc/init.d/saslauthd restart
停止 saslauthd: [确定]
正在启动 saslauthd: [确定]
[root@mail ~]# vim /etc/postfix/main.cf
# The default setting is 550 (reject mail) but it is safer to start
# You can specify the list of "trusted" network addresses by hand
# or you can let Postfix do it for you (which is the default).
# clients in the same IP subnetworks as the local machine.
258 # Specify an explicit list of network/netmask patterns, where the
259 # mask specifies the number of bits in the network part of a host
260 # address.
261 #
262 # You can also specify the absolute pathname of a pattern file instead
263 # of listing the patterns here. Specify type:table for table-based lookups
264 # (the value on the table right-hand side is not used).
265 #
266 #mynetworks = 168.100.189.0/28, 127.0.0.0/8
267 #mynetworks = $config_directory/mynetworks
268 mynetworks = 127.0.0.0/8 改成本机地址
679 ############################CYRUS-SASL############################ 文件尾部添加
680 broken_sasl_auth_clients = yes
681 smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject_invalid_hostname,reject_non_fqdn_hostname,reject_unknown_sender_domain,reject_non_fqdn_sender,reject_non_fq
dn_recipient,reject_unknown_recipient_domain,reject_unauth_pipelining,reject_unauth_destination682 smtpd_sasl_auth_enable = yes
683 smtpd_sasl_local_domain = $myhostname
684 smtpd_sasl_security_options = noanonymous
685 smtpd_sasl_application_name = smtpd
686 smtpd_banner = Welcome to our $myhostname ESMTP,Warning: Version not Available!
~
[root@mail ~]# /etc/init.d/postfix restart
关闭 postfix: [确定]
启动 postfix: [确定]
[root@mail ~]# ss -lntp | grep 25
LISTEN 0 100 :::143 :::* users:(("dovecot",1869,25))
LISTEN 0 128 :::22 :::* users:(("sshd",1254,4))
LISTEN 0 128 *:22 *:* users:(("sshd",1254,3))
LISTEN 0 100 :::25 :::* users:(("master",2024,13))
LISTEN 0 100 *:25 *:* users:(("master",2024,12))
安装courier
[root@mail ~]# wget http://ftpmirror.gnu.org/libtool/libtool-2.4.6.tar.gz [root@mail ~]# yum groupinstall "Development Tools" -y 安装开发包组 [root@mail ~]# tar xf libtool-2.4.6.tar.gz [root@mail ~]# cd libtool-2.4.6 [root@mail libtool-2.4.6]# ./configure --prefix=/usr/local/libtool-2.4.6 --enable-ltdl-install [root@mail libtool-2.4.6]# make && make install [root@mail ~]# cd [root@mail ~]# tar jxvf courier-authlib-0.64.0.tar.bz2 [root@mail ~]# yum -y install libtool-ltdl-devel libtool-ltdl libmongodb-devel gdbm-devel [root@mail ~]# cd courier-authlib-0.64.0 [root@mail courier-authlib-0.64.0]# ./configure \ > --prefix=/usr/local/courier-authlib \ > --sysconfdir=/etc \ > --without-authpam \ > --without-authshadow \ > --without-authvchkpw \ > --without-authpgsql \ > --with-authmysql \ > --with-mysql-libs=/usr/lib/mysql \ > --with-mysql-includes=/usr/include/mysql \ > --with-redhat \ > --with-authmysqlrc=/etc/authmysqlrc \ > --with-authdaemonrc=/etc/authdaemonrc \ > --with-mailuser=postfix \ > --with-mailgroup=postfix \ > --with-ltdl-lib=/usr/local/libtool-2.4.6/lib \ > --with-ltdl-include=/usr/local/libtool-2.4.6/include [root@mail courier-authlib-0.64.0]# make && make install
配置courier
[root@mail ~]# cp /etc/authdaemonrc.dist /etc/authdaemonrc
[root@mail ~]# cp /etc/authmysqlrc.dist /etc/authmysqlrc
[root@mail ~]# vim /etc/authdaemonrc
27 authmodulelist="authmysql" 基于mysql
34 authmodulelistorig="authmysql"
53 daemons=5 工作进程个数
75 DEBUG_LOGIN=2 debug 级别
[root@mail ~]# vim /etc/authmysqlrc
26 MYSQL_SERVER localhost mysql主机
27 MYSQL_USERNAME extmail mysql用户名
28 MYSQL_PASSWORD extmail mysql密码
49 MYSQL_SOCKET /var/lib/mysql/mysql.sock 本机通信套接字文件
56 MYSQL_PORT 3306 端口
68 MYSQL_DATABASE extmail 注意库是自己创建的
83 MYSQL_USER_TABLE mailbox 用户名存放的表
92 MYSQL_CRYPT_PWFIELD password 那个字段用户密码
113 MYSQL_UID_FIELD 89 这个uid是postfix用户的uid
119 MYSQL_GID_FIELD 89 这个gid是postfix组的gid
128 MYSQL_LOGIN_FIELD username 那个字段存放用户的名字
133 MYSQL_HOME_FIELD concat('/var/mailbox/',homedir) 指明用户家目录
139 MYSQL_NAME_FIELD name 用户全名
150 MYSQL_MAILDIR_FIELD concat('/var/mailbox/',maildir) 报存邮件目录
[root@mail courier-authlib-0.64.0]# cp courier-authlib.sysvinit /etc/rc.d/init.d/courier-authlib 提供启动脚本
[root@mail courier-authlib-0.64.0]# chmod 755 /etc/init.d/courier-authlib
[root@mail courier-authlib-0.64.0]# chkconfig --add courier-authlib 加启动列表
[root@mail courier-authlib-0.64.0]# chkconfig --level 2345 courier-authlib on
[root@mail courier-authlib-0.64.0]# service courier-authlib start
Starting Courier authentication services: authdaemond
配置postfix支持虚拟域与虚拟用户
说明: 1、启用虚拟域以后,需要取消中心域,即注释掉myhostname, mydestination, mydomain, myorigin几个指令;当然,你也可以把mydestionation的值改为你自己需要的。 2、对于MySQL-5.1以后版本,其中的服务脚本extmail.sql执行会有语法错误;可先使用如下命令修改extmail.sql配置文件,而后再执行。修改方法如下: # sed -i 's@TYPE=MyISAM@ENGINE=InnoDB@g' extmail.sql
#yum -y install httpd # tar zxvf extman-1.1.tar.gz # cd extman-1.1/docs [root@mail docs]# mysql -uroot < extmail.sql [root@mail docs]# mysql -uroot < init.sql [root@mail docs]# mysql Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 4 Server version: 5.1.73 Source distribution Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. mysql> GRANT all privileges on extmail.* TO extmail@localhost IDENTIFIED BY 'extmail'; Query OK, 0 rows affected (0.00 sec) mysql> GRANT all privileges on extmail.* TO extmail@127.0.0.1 IDENTIFIED BY 'extmail'; Query OK, 0 rows affected (0.00 sec) mysql> FLUSH PRIVILEGES; Query OK, 0 rows affected (0.00 sec) mysql> EXIT Bye [root@mail docs]# cp mysql_virtual_* /etc/postfix/ [root@mail docs]# vim /etc/postfix/main.cf [root@mail docs]# cd /etc/postfix/ [root@mail postfix]# vim main.cf 62 # the local delivery agent for delivery to external file or command. 63 # These rights are used in the absence of a recipient user context. 64 # DO NOT SPECIFY A PRIVILEGED USER OR THE POSTFIX OWNER. 65 # 66 #default_privs = nobody 67 68 # INTERNET HOST AND DOMAIN NAMES 69 # 70 # The myhostname parameter specifies the internet hostname of this 71 # mail system. The default is to use the fully-qualified domain name 72 # from gethostname(). $myhostname is used as a default value for many 73 # other configuration parameters. 74 # 75 #myhostname = host.domain.tld 76 #myhostname = virtual.domain.tld 77 #myhostname = mail.cx.com 取消中心主机配置 79 # The mydomain parameter specifies the local internet domain name. 80 # The default is to use $myhostname minus the first component. 81 # $mydomain is used as a default value for many other configuration 82 # parameters. 83 # 84 #mydomain = domain.tld 85 #mydomain = cx.com 取消中心域 86 87 # SENDING MAIL 88 # 89 # The myorigin parameter specifies the domain that locally-posted 90 # mail appears to come from. The default is to append $myhostname, 91 # which is fine for small sites. If you run a domain with multiple 92 # machines, you should (1) change this to $mydomain and (2) set up 93 # a domain-wide alias database that aliases each user to 94 # user@that.users.mailhost. 95 # 96 # For the sake of consistency between sender and recipient addresses, 97 # myorigin also specifies the default domain name that is appended 98 # to recipient addresses that have no @domain part. 99 # 100 #myorigin = $myhostname 101 #myorigin = $mydomain 167 #mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain 注释掉 [root@mail postfix]# /etc/init.d/postfix restart 关闭 postfix: [确定] 启动 postfix: [确定]
配置dovecot
[root@mail postfix]# vim /etc/dovecot/conf.d/10-mail.conf
##
## Mailbox locations and namespaces
##
# Location for users' mailboxes. The default is empty, which means that Dovecot
# tries to find the mailboxes automatically. This won't work if the user
# doesn't yet have any mail, so you should explicitly tell Dovecot the full
# location.
#
# If you're using mbox, giving a path to the INBOX file (eg. /var/mail/%u)
# isn't enough. You'll also need to tell Dovecot where the other mailboxes are
# kept. This is called the "root mail directory", and it must be the first
# path given in the mail_location setting.
#
# There are a few special variables you can use, eg.:
#
# %u - username
# %n - user part in user@domain, same as %u if there's no domain
# %d - domain part in user@domain, empty if there's no domain
# %h - home directory
#
# See doc/wiki/Variables.txt for full list. Some examples:
#
# mail_location = maildir:~/Maildir
# mail_location = mbox:~/mail:INBOX=/var/mail/%u
# mail_location = mbox:/var/mail/%d/%1n/%n:INDEX=/var/indexes/%d/%1n/%n
#
# <doc/wiki/MailLocation.txt>
#
mail_location = maildir:/var/mailbox/%d/%n/Maildir
[root@mail postfix]# vim /etc/dovecot/conf.d/auth-sql.conf
# Authentication for SQL users. Included from auth.conf.
#
# <doc/wiki/AuthDatabase.SQL.txt>
passdb {
driver = sql
# Path for SQL configuration file, see example-config/dovecot-sql.conf.ext
args = /etc/dovecot-mysql.conf
}
# "prefetch" user database means that the passdb already provided the
# needed information and there's no need to do a separate userdb lookup.
# <doc/wiki/UserDatabase.Prefetch.txt>
#userdb {
# driver = prefetch
#}
userdb {
driver = sql
args = /etc/dovecot-mysql.conf
}
[root@mail postfix]# vim /etc/dovecot-mysql.conf
driver = mysql
connect = host=localhost dbname=extmail user=extmail password=extmail
default_pass_scheme = CRYPT
password_query = SELECT username AS user,password AS password FROM mailbox WHERE username = '%u'
user_query = SELECT maildir, uidnumber AS uid, gidnumber AS gid FROM mailbox WHERE username = '%u'
[root@mail postfix]# /etc/init.d/dovecot restart
停止 Dovecot Imap: [确定]
正在启动 Dovecot Imap: [确定]
说明:如果mysql服务器是本地主机,即host=localhost时,如果mysql.sock文件不是默认的/var/lib/mysql/mysql.sock,可以使用host=“sock文件的路径”来指定新位置;例如,使用通用二进制格式安装的MySQL,其soc文件位置为/tmp/mysql.sock,相应地,connect应按如下方式定义。
connect = host=/tmp/mysql.sock dbname=extmail user=extmail password=extmail
安装Extmail-1.2
[root@mail postfix]# mkdir -pv /var/www/extsuite mkdir: 已创建目录 "/var/www/extsuite" [root@mail postfix]# cd [root@mail ~]# tar xf extmail-1.2.tar.gz [root@mail ~]# mv extmail-1.2 /var/www/extsuite/extmail [root@mail ~]# cd /var/www/extsuite/extmail [root@mail extmail]# ls AUTHORS ChangeLog dispatch.fcgi dispatch_lig.sh globabook.cf INSTALL libs README.fcgi README.vpopmail Version cgi CREDITS dispatch-init FAQ html lang README README.filter tools webmail.cf.default [root@mail extmail]# cp webmail.cf.default webmail.cf [root@mail extmail]# vim webmail.cf #vi /var/www/extsuite/extmail/webmail.cf 部分修改选项的说明: SYS_MESSAGE_SIZE_LIMIT = 5242880 用户可以发送的最大邮件 SYS_USER_LANG = en_US 语言选项,可改作: SYS_USER_LANG = zh_CN SYS_MAILDIR_BASE = /home/domains 此处即为您在前文所设置的用户邮件的存放目录,可改作: SYS_MAILDIR_BASE = /var/mailbox SYS_MYSQL_USER = db_user SYS_MYSQL_PASS = db_pass 以上两句句用来设置连接数据库服务器所使用用户名、密码和邮件服务器用到的数据库,这里修改为: SYS_MYSQL_USER = extmail SYS_MYSQL_PASS = extmail SYS_MYSQL_HOST = localhost 指明数据库服务器主机名,这里默认即可 SYS_MYSQL_TABLE = mailbox SYS_MYSQL_ATTR_USERNAME = username SYS_MYSQL_ATTR_DOMAIN = domain SYS_MYSQL_ATTR_PASSWD = password 以上用来指定验正用户登录里所用到的表,以及用户名、域名和用户密码分别对应的表中列的名称;这里默认即可 SYS_AUTHLIB_SOCKET = /var/spool/authdaemon/socket 此句用来指明authdaemo socket文件的位置,这里修改为: SYS_AUTHLIB_SOCKET = /usr/local/courier-authlib/var/spool/authdaemon/socket
httpd相关配置
[root@mail extmail]# vim /etc/httpd/conf/httpd.conf # # This is the main Apache server configuration file. It contains the # configuration directives that give the server its instructions. # See <URL:http://httpd.apache.org/docs/2.2/> for detailed information. # In particular, see # <URL:http://httpd.apache.org/docs/2.2/mod/directives.html> # for a discussion of each configuration directive. # # # Do NOT simply read the instructions in here without understanding # what they do. They're here only as hints or reminders. If you are unsure # consult the online docs. You have been warned. # # URLs and the SERVER_NAME and SERVER_PORT variables. # When set "Off", Apache will use the Hostname and Port supplied # by the client. When set "On", Apache will use the value of the # ServerName directive. # UseCanonicalName Off # # DocumentRoot: The directory out of which you will serve your # documents. By default, all requests are taken from this directory, but # symbolic links and aliases may be used to point to other locations. # #DocumentRoot "/var/www/html" 注释中心主机配置 <VirtualHost *:80> 底部定义虚拟主机 ServerName mail.magedu.com DocumentRoot /var/www/extsuite/extmail/html/ ScriptAlias /extmail/cgi /var/www/extsuite/extmail/cgi Alias /extmail /var/www/extsuite/extmail/html SuexecUserGroup postfix postfix </VirtualHost> [root@mail extmail]# httpd -t Syntax OK [root@mail extmail]# vim /etc/httpd/conf/httpd.conf # Load config files from the config directory "/etc/httpd/conf.d". # Include conf.d/*.conf # # ExtendedStatus controls whether Apache will generate "full" status # information (ExtendedStatus On) or just basic information (ExtendedStatus # Off) when the "server-status" handler is called. The default is Off. # #ExtendedStatus On # # If you wish httpd to run as a different user or group, you must run # httpd as root initially and it will switch. # # User/Group: The name (or #number) of the user/group to run httpd as. # . On SCO (ODT 3) use "User nouser" and "Group nogroup". # . On HPUX you may not be able to use shared memory as nobody, and the # suggested workaround is to create a user www and use that user. # NOTE that some kernels refuse to setgid(Group) or semctl(IPC_SET) # when the value of (unsigned)Group is above 60000; # don't use Group #-1 on these systems! # User postfix 修改运行用户运行组 Group postfix [root@mail extmail]# httpd -t Syntax OK [root@mail extmail]# chown -R postfix.postfix /var/www/extsuite/extmail/cgi/ [root@mail ~]# tar zxvf Unix-Syslog-0.100.tar.gz [root@mail ~]# cd Unix-Syslog-0.100 [root@mail Unix-Syslog-0.100]# yum install perl-ExtUtils-CBuilder perl-ExtUtils-MakeMaker cpan perl-CGI perl-GD [root@mail Unix-Syslog-0.100]# perl Makefile.PL [root@mail Unix-Syslog-0.100]# make && make install
配置extman
[root@mail ~]# mv extman-1.1 /var/www/extsuite/extman [root@mail ~]# cd /var/www/extsuite/extman [root@mail extman]# cp webman.cf.default webman.cf [root@mail extman]# vim webman.cf SYS_MAILDIR_BASE = /home/domains 此处即为您在前文所设置的用户邮件的存放目录,可改作: SYS_MAILDIR_BASE = /var/mailbox SYS_DEFAULT_UID = 1000 SYS_DEFAULT_GID = 1000 此两处后面设定的ID号需更改为前而创建的postfix用户和postfix组的id号,本文使用的是2525,因此,上述两项需要修改为: SYS_DEFAULT_UID = 2525 SYS_DEFAULT_GID = 2525 SYS_MYSQL_USER = webman SYS_MYSQL_PASS = webman 修改为: SYS_MYSQL_USER = extmail SYS_MYSQL_PASS = extmail [root@mail extman]# chown -R postfix.postfix /var/www/extsuite/extman/cgi/ [root@mail extman]# vim /etc/httpd/conf/httpd.conf # # Use name-based virtual hosting. # #NameVirtualHost *:80 # # NOTE: NameVirtualHost cannot be used without a port specifier # (e.g. :80) if mod_ssl is being used, due to the nature of the # SSL protocol. # # # VirtualHost example: # Almost any Apache directive may go into a VirtualHost container. # The first VirtualHost section is used for requests without a known # server name. # #<VirtualHost *:80> # ServerAdmin webmaster@dummy-host.example.com # DocumentRoot /www/docs/dummy-host.example.com # ServerName dummy-host.example.com # ErrorLog logs/dummy-host.example.com-error_log # CustomLog logs/dummy-host.example.com-access_log common #</VirtualHost> <VirtualHost *:80> ServerName mail.cx.com DocumentRoot /var/www/extsuite/extmail/html/ ScriptAlias /extmail/cgi /var/www/extsuite/extmail/cgi Alias /extmail /var/www/extsuite/extmail/html #SuexecUserGroup postfix postfix添加下面两行 ScriptAlias /extman/cgi /var/www/extsuite/extman/cgi Alias /extman /var/www/extsuite/extman/html </VirtualHost> 创建其运行时所需的临时目录,并修改其相应的权限: [root@mail extman]# mkdir -pv /tmp/extman mkdir: 已创建目录 "/tmp/extman" [root@mail extman]# chown postfix.postfix /tmp/extman [root@mail extman]# vim webman.cf # sys_templdir, the template dir SYS_TEMPLDIR = /var/www/extsuite/extman/html # maildir_base, the base dir of user maildir, use absolute path # if not set. SYS_MAILDIR_BASE = /var/mailbox # sys_warn, show system warning or not, default to yes SYS_SHOW_WARN = 0 # sys_sess_dir, the session dir SYS_SESS_DIR = /tmp/extman/ # sys_captcha_on 1|0 - to enable captcha feature or not SYS_CAPTCHA_ON = 1 是否启用验证码 [root@mail extman]# /etc/init.d/httpd restart 停止 httpd: [确定] 正在启动 httpd: [确定]
用户名密码管理即可登入extman进行后台管理了。默认管理帐号为:root@extmail.org 密码为:extmail*123*
草都可以从石头缝隙中长出来更可况你呢
