这篇文章介绍如何在 Linux 上建立一个邮件服务器。使用的是 Postfix 作为 MTA、 Dovecot 作为 IMAP 和 POP3 服务器、Courier-authlib 来作为安全认证程序、MySQL 来存储虚拟用户、ExtMail 作为 WebMail 的前台并且使用 ExtMan 来管理帐号
在建立邮件服务器之前,首先要建立网页服务器来运行 ExtMail 和 ExtMan,可以选择LNMP(Linux+Nginx+MySQL+PHP)环境
首先安装必要的程序
Shell
yum install postfix dovecot* cyrus* expect libtool libtool-ltdl-devel gdbm gdbm-devel
前往 http://www.courier-mta.org/download.html#authlib 下载 courier-authlib,我们需要手动编译使其支持 MySQL 登陆
Shell
tar jxvf courier-authlib-0.66.1.tar.bz2
cd courier-authlib-0.66.1
./configure \
--prefix=/usr/local/courier-authlib \
--sysconfdir=/etc \
--with-authmysql \
--with-redhat \
--with-authmysqlrc=/etc/authmysqlrc \
--with-authdaemonrc=/etc/authdaemonrc
make && make install
# 这一行如果是 systemctl 的话才运行
cp courier-authlib.sysvinit /usr/local/courier-authlib/share/
chmod 0755 /usr/local/courier-authlib/share/courier-authlib.sysvinit
cp courier-authlib.service /usr/lib/systemd/system如果在 configure 的过程中出现找不到 mysqlclient.so 之类的情况,到 /usr/lib64/mysql 目录下看看是否有 libmysqlclient.so 这个文件,如果没有,创建一个符号连接把旁边的链接过来
然后需要安装 Unix-Syslog,这是 ExtMan 和 ExtMail 所需要的
Shell
yum install perl-DBD-MySQL perl-CGI perl-FCGI perl-DB_File perl-Sys-Syslog perl-ExtUtils-MakeMaker
Shell
wget http://www.cpan.org/authors/id/M/MH/MHARNISCH/Unix-Syslog-1.1.tar.gz
tar zxvf Unix-Syslog-1.1.tar.gz
cd Unix-Syslog-1.1
perl Makefile.PL
make && make install添加一个用户(这个 uid 和 gid 以后会用到)
Shell
groupadd vmail -g 3311 useradd vmail -d /var/mailbox -s /sbin/nologin -g 3311 -u 3311
在这些都做完之后就可以开始配置邮件服务器了
修改 /etc/postfix/main.cf
Shell
myhostname = mail.miskcoo.com mydomain = miskcoo.com mynetworks = 127.0.0.0/8 inet_interfaces = all
修改 /etc/dovecot/dovecot.conf
C++
protocols = pop3s imap listen = * base_dir = /var/run/dovecot/ login_trusted_networks = 0.0.0.0/0
修改 /etc/dovecot/conf.d/10-ssl.conf
C++
ssl = yes
修改 /etc/dovecot/conf.d/10-auth.conf
C++
disable_plaintext_auth = yes
关闭 pop3 端口开启 pop3s 端口,修改 /etc/dovecot/conf.d/10-master.conf
C++
service pop3-login {
inet_listener pop3 {
#port = 110
port = 0
}
inet_listener pop3s {
port = 995
ssl = yes
}
}
然后关闭 Sendmail 服务(如果有的话),并且启动 Postfix 和 Dovecot
Shell
systemctl disable sendmail
systemctl stop sendmail
systemctl start postfix
systemctl enable postfix
systemctl start dovecot
systemctl enable dovecot
systemctl start saslauthd
systemctl enable saslauthd现在开始安装 ExtMan 和 ExtMail,前往 http://www.extmail.org/download 下载 ExtMail(WebMail 帐号登陆) 和 ExtMan(WebMail 帐号管理)
Shell
# 创建目录 mkdir /var/www/extsuite # 解压并且复制 ExtMail tar zxvf extmail-1.2.tar.gz mv extmail-1.2/ /var/www/extsuite/extmail cp /var/www/extsuite/extmail/webmail.cf.default /var/www/extsuite/extmail/webmail.cf # 解压并且复制 ExtMan tar zxvf extman-1.1.tar.gz mv extman-1.1/ /var/www/extsuite/extman cp /var/www/extsuite/extman/webman.cf.default /var/www/extsuite/extman/webman.cf
修改 /var/www/extsuite/extmail/webmail.cf
C++
SYS_CONFIG = /var/www/extsuite/extmail/ SYS_LANGDIR = /var/www/extsuite/extmail/lang SYS_TEMPLDIR = /var/www/extsuite/extmail/html SYS_SESS_DIR = /var/www/extsuite/tmp/extmail SYS_UPLOAD_TMPDIR = /var/www/extsuite/tmp/extmail/upload SYS_LOG_FILE = /var/log/extmail.log SYS_USER_LANG = zh_CN SYS_APP_TYPE = WebMail SYS_USER_TEMPLATE = default SYS_USER_CHARSET = utf-8 SYS_USER_TRYLOCAL = 1 SYS_USER_TIMEZONE = +0800 SYS_MIN_PASS_LEN = 8 SYS_AUTH_TYPE = mysql SYS_MAILDIR_BASE = /var/mailbox SYS_AUTH_SCHEMA = virtual SYS_CRYPT_TYPE = md5crypt SYS_MYSQL_USER = extmail SYS_MYSQL_PASS = extmail # 修改为你的数据库密码,默认是 extmail SYS_MYSQL_DB = extmail SYS_MYSQL_HOST = localhost SYS_MYSQL_SOCKET = /var/lib/mysql/mysql.sock SYS_AUTHLIB_SOCKET = /usr/local/courier-authlib/var/spool/authdaemon/socket
编辑 /var/www/extsuite/extman/webman.cf
C++
SYS_CONFIG = /var/www/extsuite/extman/ SYS_LANGDIR = /var/www/extsuite/extman/lang SYS_TEMPLDIR = /var/www/extsuite/extman/html SYS_MAILDIR_BASE = /var/mailbox SYS_SESS_DIR = /var/www/extsuite/tmp/extman/ SYS_MYSQL_USER = extmail SYS_MYSQL_PASS = extmail # 修改为你的数据库密码,默认是 extmail SYS_MYSQL_DB = extmail SYS_MYSQL_HOST = localhost SYS_MYSQL_SOCKET = /var/lib/mysql/mysql.sock
然后建立临时目录
Shell
cd /var/www/extsuite mkdir tmp mkdir tmp/extmail mkdir tmp/extmail/upload mkdir tmp/extman chown vmail.vmail -R tmp
现在导入数据库,首先进入 /var/www/extsuite/extman/docs 目录,然后登陆 mysql 服务
Shell
mysql -u root -p
之后运行
MySQL
/* 这两行导入数据库,并且增加 extmail 用户 */
source extmail.sql
source init.sql
/* 这两行修改 extmail 用户密码 */
GRANT all privileges on extmail.* TO extmail@localhost IDENTIFIED BY 'your-passwd';
GRANT all privileges on extmail.* TO extmail@127.0.0.1 IDENTIFIED BY 'your-passwd';
/* 这两行的 3311 就是原先 vmail 的 uid 和 gid */
ALTER TABLE mailbox ALTER uidnumber SET DEFAULT 3311;
ALTER TABLE mailbox ALTER gidnumber SET DEFAULT 3311;现在开始配置 Postfix 使其支持虚拟用户,首先生成配置文件
Shell
mkdir -p /etc/postfix/mysql
cp /var/www/extsuite/extman/docs/mysql_virtual_* /etc/postfix/mysql/编辑 /etc/postfix/main.cf 在末尾添加如下内容
C++
broken_sasl_auth_clients = yes local_transport = dovecot virtual_mailbox_base = /var/mailbox virtual_mailbox_maps = mysql:/etc/postfix/mysql/mysql_virtual_mailbox_maps.cf virtual_mailbox_domains = mysql:/etc/postfix/mysql/mysql_virtual_domains_maps.cf virtual_alias_domains = virtual_alias_maps = mysql:/etc/postfix/mysql/mysql_virtual_alias_maps.cf virtual_uid_maps = static:3311 virtual_gid_maps = static:3311 virtual_transport = virtual smtpd_sasl_authenticated_header = yes smtpd_sasl_local_domain = '' smtpd_sasl_security_options = noanonymous smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth smtpd_sasl_auth_enable = yes smtpd_client_restrictions = permit_sasl_authenticated smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, permit
编辑 /etc/postfix/master.cf
Shell
#submission inet n - - - - smtpd # -o syslog_name=postfix/submission # -o smtpd_tls_security_level=encrypt # -o smtpd_sasl_auth_enable=yes # -o smtpd_client_restrictions=permit_sasl_authenticated,reject # -o milter_macro_daemon_name=ORIGINATING 改为 submission inet n - - - - smtpd -o syslog_name=postfix/submission -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject -o milter_macro_daemon_name=ORIGINATING
并且在末尾添加(/usr/libexec/dovecot/deliver 的位置可能不一样)
C++
dovecot unix - n n - - pipe
flags=DRhu user=vmail:vmail argv=/usr/libexec/dovecot/deliver -d ${recipient}编辑 /etc/dovecot/conf.d/10-auth.conf
C++
disable_plaintext_auth = yes
#!include auth-system.conf.ext
!include auth-sql.conf.ext
#!include auth-ldap.conf.ext
#!include auth-passwdfile.conf.ext
#!include auth-checkpassword.conf.ext
#!include auth-vpopmail.conf.ext
#!include auth-static.conf.ext编辑 /etc/dovecot/conf.d/10-mail.conf
C++
mail_location = maildir:/var/mailbox/%d/%n/Maildir mail_uid = 3311 mail_gid = 3311 first_valid_uid = 3311 last_valid_uid = 3311
编辑 /etc/dovecot/conf.d/10-logging.conf
C++
log_path = /var/log/dovecot.log info_log_path = /var/log/dovecot.info log_timestamp = "%Y-%m-%d %H:%M:%S "
编辑 /etc/dovecot/conf.d/10-master.conf
C++
service auth {
# auth_socket_path points to this userdb socket by default. It's typically
# used by dovecot-lda, doveadm, possibly imap process, etc. Users that have
# full permissions to this socket are able to get a list of all usernames and
# get the results of everyone's userdb lookups.
#
# The default 0666 mode allows anyone to connect to the socket, but the
# userdb lookups will succeed only if the userdb returns an "uid" field that
# matches the caller process's UID. Also if caller's uid or gid matches the
# socket's uid or gid the lookup succeeds. Anything else causes a failure.
#
# To give the caller full permissions to lookup all users, set the mode to
# something else than 0666 and Dovecot lets the kernel enforce the
# permissions (e.g. 0777 allows everyone full permissions).
unix_listener auth-userdb {
#mode = 0666
#user =
#group =
}
# Postfix smtp-auth
# 你要修改的是这部分
unix_listener /var/spool/postfix/private/auth {
mode = 0666
user = postfix
group = postfix
}
# Auth process is run as this user.
#user = $default_internal_user
}
编辑 /etc/dovecot/conf.d/auth-sql.conf.ext
C++
passdb {
driver = sql
# Path for SQL configuration file, see example-config/dovecot-sql.conf.ext
args = /etc/dovecot/dovecot-sql.conf.ext
}
userdb {
driver = sql
args = /etc/dovecot/dovecot-sql.conf.ext
}新建文件 /etc/dovecot/auth-sql.conf.ext
C++
driver = mysql
connect = host=localhost dbname=extmail user=extmail password=your-password # 替换成你的密码
default_pass_scheme = CRYPT
user_query = SELECT CONCAT('/var/mailbox/', maildir) AS maildir, uidnumber AS uid, gidnumber AS gid FROM mailbox WHERE username = '%u' AND active='1'
password_query = SELECT username AS user,password AS password FROM mailbox WHERE username = '%u' AND active='1'现在编辑 Courier-authlib 的配置文件
Shell
chmod 755 /usr/local/courier-authlib/var/spool/authdaemon cp /etc/authdaemonrc.dist /etc/authdaemonrc cp /etc/authmysqlrc.dist /etc/authmysqlrc
编辑 /etc/authdaemonrc
Shell
authmodulelist="authmysql" authmodulelistorig="authmysql"
编辑 /etc/authmysqlrc
C++
MYSQL_SERVER localhost MYSQL_PORT 3306 MYSQL_USERNAME extmail #连接数据库的用户名 MYSQL_PASSWORD your-password #连接数据库的密码 MYSQL_SOCKET /var/lib/mysql/mysql.sock MYSQL_DATABASE extmail MYSQL_USER_TABLE mailbox MYSQL_CRYPT_PWFIELD password MYSQL_UID_FIELD '3311' MYSQL_GID_FIELD '3311' MYSQL_LOGIN_FIELD username MYSQL_HOME_FIELD concat('/var/mailbox/',homedir) MYSQL_NAME_FIELD name MYSQL_MAILDIR_FIELD concat('/var/mailbox/',maildir)
编辑 /etc/sasl2/smtpd.conf
C++
pwcheck_method: authdaemond log_level: 3 mech_list: PLAIN LOGIN authdaemond_path: /usr/local/courier-authlib/var/spool/authdaemon/socket
运行
Shell
saslpasswd2 /etc/sasldb2
现在启动 courier-authlib 的服务程序
Shell
systemctl enable courier-authlib
systemctl start courier-authlib好!现在来测试一下
Shell
/usr/local/courier-authlib/sbin/authtest -s login postmaster@extmail.org extmail
如果你看见下面的输出,那么就说明成功了
Shell
Authentication succeeded.
Authenticated: postmaster@extmail.org (uid 3311, gid 3311)
Home Directory: /var/mailbox/extmail.org/postmaster
Maildir: /var/mailbox/extmail.org/postmaster/Maildir/
Quota: (none)
Encrypted Password: $1$phz1mRrj$3ok6BjeaoJYWDBsEPZb5C0
Cleartext Password: extmail
Options: (none)接下来我们来配置 nginx 来让外部能够访问站点,编辑 /usr/local/nginx/conf/nginx.conf(如果用的是 yum 安装是 /etc/nginx/nginx.conf)
C++
编辑 /usr/local/nginx/conf/conf.d/extsuite.conf
C++
server
{
server_name mailtest.miskcoo.com;
root /var/www/extsuite;
location /extmail {
alias /var/www/extsuite/extmail/html;
}
location /extman {
alias /var/www/extsuite/extman/html;
}
location ~ \.cgi$ {
fastcgi_pass 127.0.0.1:8888;
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_ROOT $document_root;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
}
}
然后重新启动 nginx 服务
Shell
systemctl restart nginx然后编辑 /usr/lib/systemd/system/extsuite-cgi.service 来创建一个脚本自动启动
C++
[Unit] Description=ExtMail and ExtMan CGI Server [Service] Type=forking RemainAfterExit=true ExecStart=/var/www/extsuite/extmail/dispatch-init start ExecStop=/var/www/extsuite/extmail/dispatch-init stop [Install] WantedBy=multi-user.target
之后运行
Shell
systemctl start extsuite-cgi
systemctl enable extsuite-cgi现在你可以访问你的 WebMail 了!
301
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
