1.按附录方法安装和配置DNS服务器。 2.安装过程开始: # apt-get install postfix cyrus21-admin cyrus21-clients cyrus21-common cyrus21-doc cyrus21-imapd cyrus21-pop3d squirrelmail squirrelmail-locales libsasl2-modules libsasl2 sasl2-bin The following extra packages will be installed: apache2 apache2-common apache2-mpm-prefork apache2-utils gawk libapache2-mod-php4 libapr0 libcyrus-imap-perl21 libhesiod0 libsnmp4.2 libzephyr3 libzzip-0-12 openssl php4-common ssl-cert ┌─────────────┤ Configuring libhesiod0 ├────────────┐ │ Hesiod looks up keys using the standard Domain Name System. Enter the │ │ right-hand side of the domain name to do searches in. This name should │ │ begin with a ".". │ │ │ │ Hesiod domain for searches │ │ │ │ .athena.mit.edu__________________________________________________________ │ │ │ │ <Ok> │ │ │ └────────────────────────────────────────┘ 将“.athena.mit.edu”改为“.yx.edu.cn”。 ┌─────────────┤ Postfix Configuration ├─────────────┐ │ │ │ You have several choices for general configuration at this point. If # │ you have your debconf priority set to 'low' or 'medium', you will be ▒ │ asked more questions later. You can always run "dpkg-reconfigure ▒ │ --priority=low postfix" at a later point if you want to see these ▒ │ questions again. ▒ │ ▒ │ No configuration - IF YOU WANT THE INSTALL TO LEAVE YOUR CONFIG ALONE, ▒ │ CHOOSE THIS OPTION. No configuration changes will be done now: If you ▒ │ have not already configured Postfix, your mail system will be broken and ▒ │ should not be used. You must then do the configuration yourself by ▒ │ editing /usr/share/postfix/main.cf.dist and saving your changes as ▒ │ /etc/postfix/main.cf, or by running dpkg-reconfigure Postfix. main.cf ▒ │ will not be modified by the Postfix install process. ▒ │ ▒ │ │ <Ok> │ │ └────────────────────────────────────────┘ ┌─┤ Postfix Configuration ├───┐ │ General type of configuration? │ │ │ │ No configuration │ │ Internet Site │ │ Internet with smarthost │ │ Satellite system │ │ Local only │ │ │ │ │ │ <Ok> <Cancel> │ │ │ └──────────────────┘ 默认“Internet Site”。 ┌─────────────┤ Postfix Configuration ├─────────────┐ │ The user root (and any other users with a uid of 0) must have mail │ │ redirected via an alias, or their mail may be delivered to │ │ /var/mail/nobody. This is by design: mail is not delivered to external │ │ delivery agents as root. │ │ │ │ If you already have a /etc/aliases file, then you possibly need to add │ │ this entry. (I will only add it if I am creating a new /etc/aliases.) │ │ │ │ What address should I add to /etc/aliases, if I create the file? (Enter │ │ NONE to not add one.) │ │ │ │ Where should mail for root go │ │ │ │ NONE_____________________________________________________________________ │ │ │ │ <Ok> <Cancel> │ │ │ └────────────────────────────────────────┘ 这里将设置root用户的邮件由哪个普通用户来接收,把“NONE”改为这个普通用户名即可(本测试机是“uu”),网络实验室安装时这个普通用户是 “stu”。注:默认情况下大多数默认系统帐号的别名都被设置成root,并且在安装Debian(默认已安装Exim4)时已把root的别名设成了第一个普通用户帐号,所以在“/etc/aliases”文件中已保存了相关的别名。直接回车就可以了。 ┌─────────────┤ Postfix Configuration ├────────────┐ │ Your `mail name' is the hostname portion of the address to be shown on │ │ outgoing news and mail messages (following the username and @ sign). │ │ │ │ This name will be used by other programs besides Postfix; it should be │ │ the single, full domain name (FQDN) from which mail will appear to │ │ originate. │ │ │ │ Mail name? │ │ │ │ localhost.localdomain___________________________________________________ │ │ │ │ <Ok> <Cancel> │ │ │ └───────────────────────────────────────┘ 设置外发邮件名的后缀。将“localhost.localdomain”改为“yx.edu.cn”。 ┌────────────┤ Postfix Configuration ├──────────────┐ │ Specify a domain, host, hostort, [address] or [address]ort. Use the │ │ form [destination] to turn off MX lookups. Leave this blank for no │ │ relay host. │ │ │ │ The relayhost parameter specifies the default host to send mail to when │ │ no entry is matched in the optional transport(5) table. When no │ │ relayhost is given, mail is routed directly to the destination. │ │ │ │ SMTP relay host? (blank for none) │ │ │ │ smtp.localdomain_________________________________________________________ │ │ │ │ <Ok> <Cancel> │ │ │ └────────────────────────────────────────┘ 设置SMTP中继主机。将“smtp.localdomain”改为“mail.yx.edu.cn”。 ┌──────────┤ Postfix Configuration ├────────────────┐ │ Give a comma-separated list of domains that this machine should consider │ │ itself the final destination for. If this is a mail domain gateway, you │ │ probably want to include the top-level domain. │ │ │ │ Other destinations to accept mail for? (blank for none) │ │ │ │ yx.edu.cn, localhost.localdomain, localhost.localdomain, localhost_______ │ │ │ │ <Ok> <Cancel> │ │ │ └────────────────────────────────────────┘ 直接回车。 ┌─────────────┤ Postfix Configuration ├─────────────┐ │ │ │ If synchronous updates are forced, then mail is processed more slowly. │ │ If not forced, then there is a remote chance of losing some mail if the │ │ system crashes at an inopportune time, and you are not using a journaled │ │ filesystem (such as ext3). │ │ │ │ The default is "off". │ │ │ │ Force synchronous updates on mail queue? │ │ │ │ <Yes> <No> │ │ │ └────────────────────────────────────────┘ 直接回车。 Postfix is now set up with a default configuration. If you need to make changes, edit /etc/postfix/main.cf (and others) as needed. To view Postfix configuration values, see postconf(1). After modifying main.cf, be sure to run '/etc/init.d/postfix reload'. Running newaliases Starting mail transport agent: Postfix. Setting up cyrus21-common (2.1.18-1) ... Creating/updating cyrus user account... Adding user `cyrus' to group `sasl'... Done. Creating cyrus control directories in /var/lib/cyrus... Creating partition spool /var/spool/cyrus/mail... Creating partition spool /var/spool/cyrus/news... Trying to optimize Cyrus partitions, edit /etc/default/cyrus21 to disable... Setting attributes to -S -j for /var/lib/cyrus... Setting attributes to -S -j for /var/spool/cyrus/mail... Setting attributes to -S -j for /var/spool/cyrus/news... Starting Cyrus IMAPd: cyrmaster. Setting up cyrus21-doc (2.1.18-1) ... Setting up cyrus21-imapd (2.1.18-1) ... Setting up cyrus21-pop3d (2.1.18-1) ... Setting up squirrelmail-locales (1.4.4-20050308-1) ... Setting up squirrelmail (1.4.4-6sarge1) ... Installing default squirrelmail config. Run /usr/sbin/squirrelmail-configure as root to configure/upgrade config. 安装过程结束。 ------------------------------------------------------------------ ------------------------------------------------------------------ 3.配置过程开始: To setup Cyrus so that you can administer it (i.e. create users), and get email inside it for those users: 1. Make sure libsasl2-modules, libsasl2 and sasl2-bin are installed # apt-get install libsasl2-modules libsasl2 sasl2-bin # 注:前面已经安装,这里略去。 2. Make sure /etc/sasldb2 is readable by group sasl. Pay attention to overrides (dpkg-statoverride)! # ls -l /etc/sasldb2 -rw-rw---- 1 root sasl 12288 2005-11-14 01:04 /etc/sasldb2 3. Make sure user cyrus belongs to group sasl (cyrus21-common's install tries to do this automatically for you). 查看/etc/group文件可知,cyrus已经属于sasl组了。 4. Edit /etc/cyrus.conf, and make sure the services you need are enabled. These are most probably "imap", "pop3", "lmtpunix". 5. Edit /etc/imapd.conf, and make sure you have some admin users listed in the entry "admins:". I suggest using "cyrus" as your admin. I also suggest enabling plain text logins, and setting sasl_minimum_layer: 0 去掉“#admins:cyrus”和“#sasl_minimum_layer: 0”前的#号。 6. Restart Cyrus (/etc/init.d/cyrus21 restart) 7. Use saslpasswd2 -c to create an account for your admin: # saslpasswd2 -c cyrus 8. Use sasldblistusers2 to make sure step 7 worked fine. # sasldblistusers2 这一步可以在第9步后一起做。 9. Add other users to SASL likewise (saslpasswd2 -c). 请确保已经有“uu”和“stu”这两个系统用户,没有则新建,或者已有其他用户的话则本实例中的这两个用户名相对应换之。 # saslpasswd2 -c uu # saslpasswd2 -c stu # sasldblistusers2 10. Log in cyrus as the administrator, and create the mailboxes: # cyradm --user cyrus localhost cyradm --user cyrus localhost> cm user.uu cyradm --user cyrus localhost> cm user.stu cyradm --user cyrus localhost> cm user.root 按组合键“^D”退出。 (notice that there is an "user." in front of the mailbox name!) You must use "user/bob", "user/anna" instead if you have the unixhierarchysep option enabled in imapd.conf. For this to work, you obviously need the cyrus21-admin package installed. 11. Try to login as a normal user, using imtest or a IMAP/POP3 client. If you have trouble with mutt and CRAM-MD5 or DIGEST-MD5, edit /etc/imapd.conf, and look for sasl_mech_list. Set it to: sasl_mech_list: plain cram-md5 (this will disable digest-md5, which causes trouble with mutt). 把这行前面的#号删除并添加cram-md5。 12. Setup your MTA to deliver email inside Cyrus. Basically that can be done (easily) by: a) running /usr/sbin/cyrdeliver (SLOW) You need the lmtpunix service enabled in /etc/cyrus.conf for this to work. “/etc/cyrus.conf”文件中“lmtpunix service”默认已经“enabled”了。 但运行“/usr/sbin/cyrdeliver”命令后显示: 421-4.3.0 usage: deliver [-C <alt_config> ] [-m mailbox] [-a auth] [-r return_path] [-l] [-D] 421 4.3.0 v2.1.18-IPv6-Debian-2.1.18-1 提示中有这么多参数,不知道怎么用,请指点一下。 b) delivering using LMTP to /var/run/cyrus/socket/lmtp You need the lmtpunix service enabled in /etc/cyrus.conf for this to work. “/etc/cyrus.conf”文件中“lmtpunix service”默认已经“enabled”了。 但运行“/var/run/cyrus/socket/lmtp”命令后显示: bash: /var/run/cyrus/socket/lmtp: 权限不够 我用“root”身份运行的这条命令,怎么还权限不够?请指点! Just make sure (and use dpkg-statoverride to do that) that your MTA can get to /var/run/cyrus/socket/lmtp. It works just like any file in a Unix system. Cyrus REQUIRES a valid RFC2822 message, and will refuse messages with bad headers (such as that From foobar header, notice the missing ':', embedded NULLs or any other crap. That's it. See /usr/share/doc/cyrus21-common/README.{postfix,exim,sendmail} for help on how to setup your MTA to correctly deliver to Cyrus. 可能就是在这里没通过,所以squireelmail中无法收到邮件,因为cyrus根本就没有取得邮件。 注:这12条是cyrus的readme文件中的。 ------------------------------------------------------------------ Web邮件管理器SquirrelMail的配置: (1)SquirrelMail runs on top of almost any IMAP server 用“/etc/squirrelmail/conf.pl”命令修改第10项为: Language preferences 1. Default Language : zh_CN 2. Default Charset : utf-8 3. Enable lossy encoding : false 用“/etc/squirrelmail/conf.pl”命令修改“D. Set pre-defined settings for specific IMAP servers”: Please select your IMAP server: cyrus = Cyrus IMAP server uw = University of Washington's IMAP server exchange = Microsoft Exchange IMAP server courier = Courier IMAP server macosx = Mac OS X Mailserver hmailserver = hMailServer quit = Do not change anything 输入“cyrus”后回车。 用“s”命令保存修改结果。 或者也可以直接用文本编辑器修改“/etc/squirrelmail/config.php”文件的以下内容为: $motd = "Welcome to Our Webmail !"; $squirrelmail_default_language = 'zh_CN'; $default_charset = 'utf-8'; $domain = 'yx.edu.cn'; $smtpServerAddress = 'mail.yx.edu.cn'; $imapServerAddress = 'localhost'; $imap_server_type = 'cyrus'; $optional_delimiter = 'detect'; $default_folder_prefix = ''; $auto_create_special = true; $data_dir = '/var/lib/squirrelmail/data/'; $attachment_dir = '/var/spool/squirrelmail/attach/'; $theme_css = ''; (2)Configuring Apache with SquirrelMail $ ln -s /etc/squirrelmail/apache.conf /etc/apache2/conf.d/squirrelmail.conf (3)Virtual Hosts There are some example Apache directives in /etc/squirrelmail/apache.conf 这里跟Apache里建虚拟主机方法一样,略。 (4)Adding a symlink in your webroot may be all you need. (建立一个快捷方式,可以用“http://域名或IP/squirrelmail”来访问) # ln -s /usr/share/squirrelmail/ /var/www/squirrelmail ------------------------------------------------------------------ 4.测试过程: ------------------------------------------------------------------ (1)检查smtp、pop3和imap是否已正常工作: 运行“postfix reload”重启Postfix。 运行telnet localhost 25,输入EHLO anywhere.org,应该可以看到一行:250-STARTTLS。干杯!TLS运行起来了!。 # telnet mail.yx.edu.cn 25 Trying 192.168.3.9... Connected to dsjh.yx.edu.cn. Escape character is '^]'. 220 localhost.localdomain ESMTP Postfix (Debian/GNU) 250-localhost.localdomain 250-PIPELINING 250-SIZE 10240000 250-VRFY 250-ETRN 250 8BITMIME ^] telnet> quit Connection closed. 运行“/etc/init.d/cyrus21 restart”命令重启cyrus。 # telnet mail.yx.edu.cn 110 Trying 192.168.3.9... Connected to dsjh.yx.edu.cn. Escape character is '^]'. +OK dsjh Cyrus POP3 v2.1.18-IPv6-Debian-2.1.18-1 server ready <85847085.1131896962@dsjh> ^] telnet> quit Connection closed. # telnet mail.yx.edu.cn 143 Trying 192.168.3.9... Connected to dsjh.yx.edu.cn. Escape character is '^]'. * OK dsjh Cyrus IMAP4 v2.1.18-IPv6-Debian-2.1.18-1 server ready ^] telnet> quit Connection closed. ------------------------------------------------------------------ ------------------------------------------------------------------ (2)在浏览器中用“http://mail.yx.edu.cn/squirrelmail”可以访问了。 注意:这时可以用web方式发邮件到外网邮件服务器,但不能收外网发到本地的邮件,因为这个域名没有注册。 ------------------------------------------------------------------ (3)使用fetchmail接收外网邮件服务器上的pop3邮件: # apt-get install fetchmail 用“fetchmail -p pop3 -u lokay -c pop3.sohu.com”命令查看, 去掉“-c”就会接收邮件到本地。 ------------------------------------------------------------------ (4)用mutt来发邮件和阅读邮件。 测试本地用户间的邮件互发和阅读,本地用户发邮件到外网用户,然后到外网去查看是否成功。 ------------------------------------------------------------------ (5)另外一种像Windows中Outlook Express一样的图形界面邮件客户端软件: # apt-get install mozilla-thunderbird ------------------------------------------------------------------ ------------------------------------------------------------------ ------------------------------------------------------------------ ------------------------------------------------------------------ 四、思考题: 1.Debian推荐的邮件服务器是什么?我们的实例中为何不用这个推荐软件? 2.实例中是直接使用系统用户做为邮件用户,如果设置稍有差错,就会对系统安全造成很大的威胁。解决这一矛盾的最佳方法是什么? ------------------------------------------------------------------ ------------------------------------------------------------------ ------------------------------------------------------------------ 附录:不使用Webmin配置DNS服务器 (1)用“# apt-get install bind9”命令安装DNS服务软件包。 (2)由于“/etc/bind/named.conf”文件中已经包含了“/etc/bind/named.conf.local”文件,所以只需要修改后者即可。用文本编辑器打开“/etc/bind/named.conf.local”文件,添加以下内容(其中包括一个正向主区域 “yx.edu.cn”和一个反向主区域“192.168.3”,注意要把网络号改为你所在网络的网络号): zone "yx.edu.cn" { type master; file "/etc/bind/yx.edu.cn.hosts"; }; zone "3.168.192.in-addr.arpa" { type master; file "/etc/bind/192.168.3.rev"; }; (3)再用文本编辑器编新建“/etc/bind/yx.edu.cn.hosts”正向主区域文件,内容为: $ttl 38400 yx.edu.cn. IN SOA dsjh.yx.edu.cn. postmaster.yx.edu.cn. ( 1131210215 10800 3600 604800 38400 ) yx.edu.cn. IN NS dsjh.yx.edu.cn. dsjh.yx.edu.cn. IN A 192.168.3.9 mail.yx.edu.cn. IN CNAME dsjh yx.edu.cn. IN MX 10 dsjh.yx.edu.cn. (4)再用文本编辑器编新建“/etc/bind/192.168.3.rev”逆向主区域文件,内容(注意要把网络号改为你所在网络的网络号)为: $ttl 38400 3.168.192.in-addr.arpa. IN SOA dsjh.yx.edu.cn. postmaster.yx.edu.cn. ( 1131210438 10800 3600 604800 38400 ) 3.168.192.in-addr.arpa. IN NS dsjh.yx.edu.cn. 9.3.168.192.in-addr.arpa. IN PTR dsjh.yx.edu.cn. (5)用“/etc/init.d/bind9 restart”命令重启服务。 (6)编辑客户机的“/etc/resolv.conf”文件,在第一行前加入下一行内容: nameserver 192.168.3.9 (7) 在客户机上用“nslookup”命令测试DNS是否已正常。 ------------------------------------------------------------------ |
|