邮件服务搭建(postfix+mysql+maild…

postfix:postfix+mysql+maildrop+courier-imap+cyrus-sasl+eximail
操作系统（OS） RHEL5U3 RHEL 5 update 3
邮件传输代理（MTA） Postfix 2.5.3 使用最新版本2.5.3
数据库/目录服务 MySQL 5.0  可选openLDAP或NetScape LDAP，本文以MySQL为蓝本
邮件投递代理（MDA） maildrop 2.0.x 支持过滤和强大功能
Web帐户管理后台 ExtMan 0.2.5 支持无限域名、无限用户
POP3 服务器 Courier-IMAP 对于大部分企业而言完全足够
WebMail 系统 ExtMail 1.1 支持多语言、全部模板化，功能基本齐全
SMTP认证库 Cyrus SASL  标准的SASL实现库，可以支持Courier authlib
其他数据认证库 Courier Authlib 0.60 authlib是maildrop, courier-imap等服务的关键部件
日志分析及显示 mailgraph_ext 在ExtMan中已经包含了
Web 服务器 Apache 2.x OS 自带
ppp3:用于离线方式
imp4：在线与离线均可以
1. 安装postfix
[root@localhost postfix]# postconf -m  检测postfix加载的模块
btree
cidr
environ
hash
ldap
nis
pcre
proxy
regexp
static
unix
[root@localhost postfix]# rpm -e postfix  删除postfix
warning: /etc/postfix/main.cf saved as /etc/postfix/main.cf.rpmsave
[root@localhost postfix]# rm -rf /etc/postfix/  彻底删除相关文件
[root@localhost postfix]# rpm -q sendmail
sendmail-8.13.8-8.el5
[root@localhost postfix]# netstat -ntpl|grep 25     查看端口是否被占用
tcp        0      0 127.0.0.1:25                0.0.0.0:*                   LISTEN      2950/sendmail: acce
[root@localhost postfix]# service sendmail stop 
关闭 sm-client：                                           [确定]
关闭 sendmail：                                            [确定]
[root@localhost postfix]# chkconfig sendmail off   开机不启动
LAMP LNMP (enginxe x)  （插曲）

重新配置yum
[root@localhost postfix]# mkdir /iso
[root@localhost postfix]# mount -o loop EMOS_1.5_i386.iso /iso
[root@localhost postfix]# cd /iso
boot.cat   images    RELEASE-NOTES-en_US.html  repodata
ChangeLog  isolinux  RELEASE-NOTES-zh_CN.html  Thank-You-zh_HK.html
EMOS       README    RELEASE-NOTES-zh_TW.html  TRANS.TBL
配置yum
[root@localhost iso]# yum clean all
Loaded plugins: rhnplugin, security
Cleaning up Everything
[root@localhost iso]# yum list

[root@localhost iso]# yum install postfix
如果出现问题是缺少包：mysql-devel pcre prce-devel
报错：
[root@appServer EMOS]# rpm -vih postfix-2.6.2-5hzq.i386.rpm
error: Failed dependencies:
 libmysqlclient.so.15 is needed by postfix-2.6.2-5hzq.i386
 libmysqlclient.so.15(libmysqlclient_15) is needed by postfix-2.6.2-5hzq.i386
 libpcre.so.0 is needed by postfix-2.6.2-5hzq.i386
 
[root@localhost iso]# postconf -m 重新查看存在了mysql模块，其实目的就是为了加载mysql模块
btree
cidr
environ
hash
ldap
mysql
nis
pcre
proxy
regexp
static
tcp
unix
[root@localhost iso]# service postfix start 
Starting postfix:                                          [确定]
[root@localhost iso]# netstat -ntpl|grep 25
tcp        0      0 0.0.0.0:25                  0.0.0.0:*                   LISTEN      8375/master  
[root@localhost iso]# cd /etc/postfix/
[root@localhost postfix]# ls
main.cf   master.cf                main:postfix的主配置文件  master.cf:插件配置文件
配置postfix
[root@localhost postfix]# vim main.cf
77 myhostname=mail.up.com.cn
84 mydomain=up.com.cn
114 inet_interfaces = all
261 mynetworks = 192.168.1.0/24, 127.0.0.0/8,0.0.0.0/24
[root@localhost postfix]# service postfix restart
配置DNS：
[root@localhost postfix]# rpm -q bind bind-chroot caching-nameserver
bind-9.3.6-4.P1.el5_4.2
bind-chroot-9.3.6-4.P1.el5_4.2
caching-nameserver-9.3.6-4.P1.el5_4.2

[root@appServer postfix]# vim /var/named/chroot/etc/named.caching-nameserver.conf
options {
        listen-on port 53 { any; };
        listen-on-v6 port 53 { ::1; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";

        // Those options should be used carefully because they disable port
        // randomization
        // query-source    port 53;
        // query-source-v6 port 53;

        allow-query     { any; };
        allow-query-cache { any; };
};
logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};
view localhost_resolver {
        match-clients      { any; };
        match-destinations { any; };
        recursion yes;
        include "/etc/named.rfc1912.zones";
vim /etc/named.rfc1912.zones
zone "hitb1.com.cn" {
     type master;
     file "up.com.cn.zone";
};
[root@localhost named]# pwd
/var/named/chroot/var/named
[root@localhost named]# vim up.com.zone
$TTL    86400
@               IN SOA  mail       root (
                                        42              ; serial (d. adams)
                                        3H              ; refresh
                                        15M             ; retry
                                        1W              ; expiry
                                        1D )            ; minimum

                IN NS           mail
@               IN MX   10      mail.up.com.cn
mail            IN A            192.168.0.239
[root@mail ~]# cat /etc/resolv.conf
nameserver 192.168.0.6
search up.com.cn

[root@localhost named]# service named restart
[root@localhost named]# host mail.up.com.cn  查看是否可以解析
mail.up.com has address 192.168.0.239

2 通过验证库访问mysql  ： 使用authlib登陆验证.这样可以不用管后台用户数据是用什么方式存储的.比方说MySQL/LDAP
[root@localhost postfix]# yum install courier-authlib courier-authlib-mysql   连接库  加载支持mysql的插件
expect  对正则支持
shell awk php python perl
[root@localhost postfix]# rpm -qi courier-authlib  查看软件的详细信息
[root@localhost postfix]# rpm -ql courier-authlib  查看目录信息
[root@localhost postfix]# rpm -ql courier-authlib-mysql
[root@localhost postfix]# cd /etc/authlib/
[root@localhost authlib]# ls
authdaemonrc  authdaemonrc.dist  authldaprc  authldaprc.dist  authmysqlrc  authmysqlrc.dist
[root@localhost authlib]# vim authdaemonrc
27 authmodulelist="authuserdb authpam authldap authmysql authcustom authpipe"  authuserdb自己创建的数据库 authpam pam认证 ahthldap 轻量级目录反问协议认证 (改成) －－>
authmodulelist="authmysql"
34 authmodulelistorig="authmysql"   验证方法

修改authdaemon socket目录权限
如果该目录权限不正确修改，maildrop及postfix等将无法正确获取用户的信息及密码认证：
[root@localhost sasl]# chmod 777 /var/spool/authdaemon

[root@localhost authlib]# vim authmysqlrc
MYSQL_SERVER            localhost
MYSQL_USERNAME          extmail
MYSQL_PASSWORD          extmail
49 MYSQL_SOCKET            /var/lib/mysql/mysql.sock  通过套结字连接
56 MYSQL_PORT              3306
68 MYSQL_DATABASE          extmail   创建数据库
83 MYSQL_USER_TABLE        mailbox  用户表
92 MYSQL_CRYPT_PWFIELD     password  存密码
113 MYSQL_UID_FIELD         uidnumber
119 MYSQL_GID_FIELD         gidnumber
128 MYSQL_LOGIN_FIELD       username
133 MYSQL_HOME_FIELD        concat('/var/mailbox/',homedir)   连接字符串功能
139 MYSQL_NAME_FIELD        name    描述信息
150 MYSQL_MAILDIR_FIELD     concat('/var/mailbox/',maildir)
[root@localhost authlib]# service courier-authlib start  启动courier-authlib
Starting Courier authentication services: authdaemond
[root@localhost authlib]# chkconfig courier-authlib on
[root@localhost authlib]# chkconfig postfix on
[root@localhost authlib]# chkconfig named on
[root@localhost authlib]# mkdir /var/mailbox  创建存邮件的目录

3. 安装courier-imap
[root@localhost authlib]# yum install courier-imap -y 收邮件提供pop3
[root@localhost authlib]# cd /usr/lib/courier-imap/etc/
[root@localhost etc]# ls
imapd       imapd-ssl       pop3d.cnf   pop3d-ssl.dist        shared.tmp
imapd.cnf   imapd-ssl.dist  pop3d.dist  quotawarnmsg.example
imapd.dist  pop3d           pop3d-ssl   shared

ExtMail目前还没有正式支持IMAP目录，因此需要屏蔽IMAP，只提供pop3服务。而就目前的使用情况来看，IMAP使用的非常少，绝大部分OutLook/Foxmail用户都习惯使用POP3而非IMAP。
[root@localhost etc]# vim /usr/lib/courier-imap/etc/imapd
414 IMAPDSTART=NO  不使用imap4
[root@localhost etc]# vim /usr/lib/courier-imap/etc/imapd-ssl
75 IMAPDSSLSTART=NO  同上
[root@localhost etc]# service courier-imap start  启动courier-imap
Starting Courier-IMAP server: pop3 generating-SSL-certificate... pop3-ssl
[root@localhost etc]# chkconfig courier-imap on  开机启动

4 安装maildrop:maildrop是一个使用C++编写的用来代替本地MDA的带有过滤功能邮件投递代理，是courier邮件系统组件之一，我们在此将使用maildrop来代替postfix自带的MDA。
[root@localhost postfix]# yum install maildrop
[root@localhost postfix]# vim /etc/postfix/master.cf   为了使Postfix支持Maildrop，必须修改/etc/postfix/master.cf文件：
105 maildrop unix        -          n          n       -       -      pipe
106  flags=DRhu user=vuser argv=maildrop -w 90 -d ${user}@${nexthop} ${recipient} ${user} ${extension} ${nexthop}                 注解： flags前面有空格
[root@localhost postfix]# vim /etc/postfix/main.cf                                       
maildrop_destination_recipient_limit=1  配置main.cf 由于maildrop不支持一次接收多个收件人，因此必须在main.cf里增加如下参数
maildrop -v   测试
[root@mail ~]# maildrop -v
maildrop 2.0.4 Copyright 1998-2005 Double Precision, Inc.
GDBM extensions enabled.
Courier Authentication Library extension enabled.
Maildir quota extension enabled.
This program is distributed under the terms of the GNU General Public
License. See COPYING for additional information.
  检查安装结果，请确保有"Courier Authentication Library extension enabled."一句出现：
maildrop RPM包安装时，会自动创建vuser用户及vgroup用户组，专门用于邮件的存储，vuser:vgroup的uid/gid都是1000
修改邮箱目录属性：
chown vuser.vgroup /var/mailbox/ -R

5 安装cyrus-sasl:开启postfix的smtp认证
vim  /etc/postfix/main.cf postfix支持虚拟用户
smtpd_sasl_auth_enable=yes
smtpd_recipient_restrictions=permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
virtual_alias_maps=mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_mailbox_domains=mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_maps=mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_transport=maildrop
local_recipient_maps=   可以注释去掉

编辑smtpd.conf文件，让虚拟用户到mysql数据库认证
[root@localhost sasl]# vim /usr/lib/sasl2/smtpd.conf
pwcheck_method: authdaemond
log_level: 3
mech_list: PLAIN LOGIN
authdaemond_path:/var/spool/authdaemon/socket
[root@localhost sasl]# ll /var/spool/authdaemon/
总计 4
-rw-r--r-- 1 root root 6 05-12 12:13 pid
-rw------- 1 root root 0 05-12 12:13 pid.lock
srwxrwxrwx 1 root root 0 05-12 12:13 socket

[root@localhost sasl]# service saslauthd start
启动 saslauthd：                                       [确定]

6 安装extmail和extman:
[root@localhost sasl]# yum install extsuite-webmail
[root@localhost sasl]# cd /var/www/extsuite/extmail/
[root@localhost extmail]# cp webmail.cf.default webmail.cf  默认webmail没有配置文件，所以复制一份进行修改
[root@localhost extmail]# vim webmail.cf
74 SYS_USER_LANG = zh_CN    语言选项
136 SYS_MYSQL_USER = extmail
137 SYS_MYSQL_PASS = extmail
138 SYS_MYSQL_DB = extmail
124 SYS_MAILDIR_BASE = /var/mailbox/   此处即为您在前文所设置的用户邮件的存放目录

[root@localhost extmail]# chown -R vuser:vgroup /var/www/extsuite/extmail/cgi/
[root@localhost extmail]# yum install extsuite-webman 管理作用软件
[root@localhost extmail]# vim /var/www/extsuite/extman/webman.cf
12 SYS_MAILDIR_BASE = /var/mailbox/   此处即为您在前文所设置的用户邮件的存放目录
21 SYS_CAPTCHA_ON = 1   需要验证马，简单时可以不设置改为 0
[root@localhost extmail]# mkdir /tmp/extman
[root@localhost extmail]# chown vuser:vgroup /tmp/extman
[root@localhost extmail]# chown -R vuser:vgroup /var/www/extsuite/extman/cgi/
[root@localhost docs]# pwd
/var/www/extsuite/extman/docs
[root@localhost docs]# vim README.postfix
设置虚拟域和虚拟用户的配置文件
[root@localhost docs]# cp mysql_virtual_* /etc/postfix/

安装php mysql apache:
[root@localhost docs]# yum install mysql-server php php-mysql httpd
[root@localhost docs]# service mysqld restart

导入mysql数据库结构及初始化数据
cd /var/www/extsuite/extman/docs
[root@localhost docs]# mysql -u root -p123456<extmail.sql
[root@localhost docs]# mysql -u root -p123456 <init.sql

修改httpd.conf文件
[root@localhost docs]# service httpd restart
[root@localhost docs]# vim /etc/httpd/conf/httpd.conf
NameVirtualHost *:80
<VirtualHost *:80>
ServerName mail.up.com.cn
DocumentRoot /var/www/extsuite/extmail/html/
ScriptAlias /extmail/cgi/ /var/www/extsuite/extmail/cgi/
Alias /extmail /var/www/extsuite/extmail/html/
ScriptAlias /extman/cgi/ /var/www/extsuite/extman/cgi/
Alias /extman /var/www/extsuite/extman/html/
SuexecUserGroup vuser vgroup
</VirtualHost>
[root@localhost docs]# service httpd restart

7. 访问及测试
启动验证：
[root@localhost docs]# firefox mail.up.com.cn             http://mail.up.com.cn/extman
管理用户名：root@extmail.org
密码：extmail*123*
去掉网关登录的速度会快一些
进入后注册个邮箱号
http://mail.hitb1.com.cn/extmail     登录邮箱

文本界面测试
[root@localhost postfix]# telnet localhost 25
ehlo localhsot
250-mail.up.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH LOGIN PLAIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
auth login
334 VXNlcm5hbWU6
mail from:dcw@up.com.cn
rcpt to:lcy@up.com.cn
data
lalalala
quit

chkconfig postfix on
chkconfig courier-imap on    接收，下载邮件
chkconfig htttpd on   
chkconfig mysqld on   到数据库验证
chkconfig courier-authlib on 检测是否合法
chkconfig saslauthd on 发送

排错：
eg：错误提示
May 12 17:23:08 localhost authdaemond: failed to connect to mysql server (server=localhost, userid=extmail): Can't connect to local MySQL server through socket '/var/mysql/mysql.sock' (2)
解决：
[root@localhost postfix]# vim /etc/authlib/authmysqlrc
MYSQL_SOCKET            /var/lib/mysql/mysql.sock

[root@localhost docs]# tail -f /var/log/maillog
[root@localhost postfix]# /usr/sbin/authtest -s login postmaster@extmail.org extmail
成功：
Authentication succeeded.

     Authenticated: postmaster@extmail.org  (uid 1000, gid 1000)
    Home Directory: /var/mailbox/extmail.org/postmaster
           Maildir: /var/mailbox/extmail.org/postmaster/Maildir/
             Quota: (none)
Encrypted Password: $1$phz1mRrj$3ok6BjeaoJYWDBsEPZb5C0
Cleartext Password: extmail
           Options: (none)
失败：
Authentication FAILED: Input/output error

[root@localhost postfix]# service mysqld status
mysqld (pid 20047) 正在运行...
[root@localhost postfix]# mysql -u extmail -pextmail

测试maildrop，输出如下：
[root@localhost postfix]# echo "test mail" | maildrop -V 10 -d dcw@up.com.cn    以下为正确显示
maildrop: authlib: groupid=1000
maildrop: authlib: userid=1000
maildrop: authlib: logname=dcw@up.com.cn, home=/var/mailbox/up.com.cn/dcw, mail=/var/mailbox/up.com.cn/dcw/Maildir/
maildrop: Changing to /var/mailbox/hitb1..com.cn/dcw
Message start at 0 bytes, envelope sender=dcw@up.com.cn
maildrop: Attempting .mailfilter
maildrop: Delivery complete.

如果发信提示：
SMTP rcpt error: 5.1.1 : Recipient address rejected: User unknown in local recipient table
请在/etc/postfix/main.cf里面确保存在下面配置
local_recipient_maps =
如果发送邮件成功，但是无法接收邮件，请注释掉下面三项：
#mydestination

过滤：
8. extman图形日志：
/usr/local/mailgraph_ext/mailgraph-init start
/var/www/extsuite/extman/daemon/cmdserver --daemon
开机自启动：
# echo “/usr/local/mailgraph_ext/mailgraph-init start” >> /etc/rc.d/rc.local
# echo “/var/www/extsuite/extman/daemon/cmdserver -v -d” >> /etc/rc.d/rc.local

/etc/postfix/main.conf 文件的最终配置
[root@mail ~]# postconf -n
alias_database = hash:/etc/postfix/aliases
alias_maps = hash:/etc/postfix/aliases
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
html_directory = /usr/share/doc/postfix-2.6.2-documentation/html
inet_interfaces = all
mail_owner = postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
message_size_limit = 14336000
mydestination = $myhostname, localhost.$mydomain, localhost
mydomain = up.com.cn
myhostname = mail.up.com.cn
mynetworks = 0.0.0.0/0
myorigin = $mydomain
newaliases_path = /usr/bin/newaliases.postfix
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.6.2-documentation/readme
sample_directory = /etc/postfix
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtpd_banner = Welcome to our $myhostname ESMTP, Warning:Version not Available!
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_hostname,   reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unauth_destination, reject_unauth_pipelining,   reject_invalid_hostname,
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_security_options = noanonymous
unknown_local_recipient_reject_code = 550
virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_gid_maps = static:1000
virtual_mailbox_base = /var/mailbox/
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_limit = 20971520
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_transport = virtual
virtual_uid_maps = static:1000

 

 

 

 

如有问题，可以加我新浪微博：我心无悔dcw，咱们私信联系