搭建基于虚拟域和虚拟用户的linux最新开源邮件系统

搭建基于虚拟域和虚拟用户的linux最新开源邮件系统Postfix+Dovecot+Cyrus-sasl+roundcubemail+mysql+postfixadmin

xishui1392015-07-10document7 次浏览0条评论

一.搭建配置缩略图 ---2015年7月9日

二.系统环境准备

(1).软件准备

(2).域名映射准备,一个域名,做好A记录,MX记录,SPF记录

Xishui139.com

 

 

(3).邮件服务器需要固定的外网ip地址.做必须的端口映射25.110

180.166.35.68

三.开始安装邮件服务器

1.linux fedora 22系统的安装步骤这里略过,需要注意的是如果邮件服务器需要对用户做磁盘限制,请给存放邮件的目录单独划分磁盘

2.fedora为red hat家族的软件,可以yum安装的软件有Apache,php,mysql,postfix, cyrus-sasl, dovecot,这里不再介绍

3.重点介绍courier-authlib的编译安装

从官网www.courier-mta.org下载courier-authlib-0.62.4.tar.bz2的安装包,格式是.tar.bz2

解压的命令是tar jxvf courier-authlib-0.62.4.tar.bz2

我使用的编译安装命令是

./configure --prefix=/usr/local/authlib --with-mailuser=postfix --with-mailgroup=vmail --sysconfdir=/etc --without-authpam --without-authldap --without-authpwd --without-authshadow --without-authvchkpw --without-authpgsql --with-authmysql --with-mysql-libs=/usr/lib/mysql --with-mysql-includes=/usr/include/mysql --with-redhat --with-authmysqlrc=/etc/authmysqlrc --with-authdaemonrc=/etc/authdaemonrc

 

注意:命令需要校对目录是否正确,如果不需要的参数删除,

如果遇到报错,只需要按照提示安装上需要的包即可.

重要参数

(1). --with-mysql-includes=/usr/include/mysql mysql库文件路径

(2). -with-authmysqlrc=/etc/authmysqlrc --with-authdaemonrc=/etc/authdaemonrc

安装完成后生成的配置文件位置,不加参数没有此文件

(3). --without-authpam --without-authldap --without-authpwd --without-authshadow --without-authvchkpw --without-authpgsql --with-authmysql

without不加的功能,with 启用的认证功能

(4) --with-mailuser=postfix 以postfix身份安装并后续运行此程序

(5). --prefix=/usr/local/authlib编译安装的路径

(6).编译命令记录

四.配置邮件服务器

(1).这里是本机于上周配置的系统单域名账号验证的完整参数,

Linux 邮件服务器postfix+dovecot配置参数

(2).dovecot配置---------(7)

!!!!!!!!!!由于虚拟多域名邮件配置内容过多,详细配置内容可以到

文章永久链接：http://www.xishui139.com/archives/652 查阅

 

(8)telnet测试smtp和po3 以及imap是否正常

注意:需要使用printf "xishui139@xishui139.com" | openssl base64(生成base64编码以供验证)

(8).1Smtp 测试

最后结果表明账号验证成功,此处的账号需要完全的电子邮件地址如:xishui139@xishui139.com

(8).1 pop3 测试

Logged in表示登陆认证成功

(8).2 imap 测试

Logged in表示登陆认证成功

至此已经可以正常的使用邮件收发功能

(9) 常规日志排错(在排查错误之前,需要打开postfix,dovecot,mysqlcourier-auth的日志功能,以便于查看完整的日志报错,方便排查)

1.Sasl认证错误

总结:认证方式不对,courier-auth没有正确配置

2.dovecot 认证问题

Jul 4 21:02:36 localhost postfix/master[4017]: terminating on signal 15

Jul 4 21:02:37 localhost postfix/postfix-script[5253]: starting the Postfix mail system

Jul 4 21:02:37 localhost postfix/master[5255]: daemon started -- version 3.0.1, configuration /etc/postfix

Jul 4 21:17:49 localhost postfix/smtpd[5753]: connect from localhost.localdomain[127.0.0.1]

Jul 4 21:17:49 localhost postfix/smtpd[5753]: warning: SASL: Connect to /var/lib/dovecot/run/dovecot/auth-login failed: Permission denied

Jul 4 21:17:49 localhost postfix/smtpd[5753]: fatal: no SASL authentication mechanisms

Jul 4 21:17:50 localhost postfix/master[5255]: warning: process /usr/libexec/postfix/smtpd pid 5753 exit status 1

Jul 4 21:17:50 localhost postfix/master[5255]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling

Jul 4 21:19:30 localhost postfix/anvil[5755]: statistics: max connection rate 1/60s for (smtp:127.0.0.1) at Jul 4 21:17:49

Jul 4 21:19:30 localhost postfix/anvil[5755]: statistics: max connection count 1 for (smtp:127.0.0.1) at Jul 4 21:17:49

Jul 4 21:19:30 localhost postfix/anvil[5755]: statistics: max cache size 1 at Jul 4 21:17:49

总结:没有配置认证参数,导致提示权限不足,选择postfix认证,或者dovecot自身认证.mysql认证都可以.

3.postfix认证问题

Jul 4 22:59:20 localhost postfix/master[7912]: terminating on signal 15

Jul 4 22:59:21 localhost postfix/postfix-script[8140]: starting the Postfix mail system

Jul 4 22:59:21 localhost postfix/master[8142]: daemon started -- version 3.0.1, configuration /etc/postfix

Jul 4 22:59:31 localhost postfix/smtpd[8151]: connect from localhost.localdomain[127.0.0.1]

Jul 4 22:59:31 localhost postfix/smtpd[8151]: fatal: no SASL authentication mechanisms

Jul 4 22:59:32 localhost postfix/master[8142]: warning: process /usr/libexec/postfix/smtpd pid 8151 exit status 1

Jul 4 22:59:32 localhost postfix/master[8142]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling

Jul 4 23:04:54 localhost postfix/postfix-script[8320]: refreshing the Postfix mail system

总结:初始配置,未做sasl认证. no SASL authentication mechanisms

4.pop3登陆查询存储邮件问题

Jul 5 00:23:23 localhost dovecot: pop3-login: Login: user=<xishui139>, method=PLAIN, rip=192.168.198.18, lip=192.168.198.18, mpid=10162, secured, session=<ePRnFw8a7ADAqMYS>

Jul 5 00:23:23 localhost dovecot: pop3(xishui139): Error: User initialization failed: Namespace '': Mail storage autodetection failed with home=/home/xishui139

Jul 5 00:23:23 localhost dovecot: pop3(xishui139): Error: Invalid user settings. Refer to server log for more information.

Jul 5 00:25:29 localhost dovecot: pop3-login: Login: user=<xishui139>, method=PLAIN, rip=192.168.198.18, lip=192.168.198.18, mpid=10198, secured, session=<NK/qHg8a7QDAqMYS>

Jul 5 00:25:29 localhost dovecot: pop3(xishui139): Error: User initialization failed: Namespace '': Mail storage autodetection failed with home=/home/xishui139

Jul 5 00:25:29 localhost dovecot: pop3(xishui139): Error: Invalid user settings. Refer to server log for more information.

总结: 邮件存储自动检测失败,就是dovecot和系统已经创建的目录不匹配,而dovecot也没有权限在配置的目录创建mail目录

5.dovecot 邮件目录没有配置报错

Jul 5 00:30:28 localhost dovecot: master: Dovecot v2.2.18 starting up for imap, pop3, lmtp (core dumps disabled)

Jul 5 00:30:38 localhost dovecot: pop3-login: Aborted login (no auth attempts in 8 secs): user=<>, rip=192.168.198.18, lip=192.168.198.18, secured, session=<hhFfMQ8a7wDAqMYS>

Jul 5 00:30:49 localhost dovecot: pop3-login: Login: user=<xishui139>, method=PLAIN, rip=192.168.198.18, lip=192.168.198.18, mpid=10317, secured, session=<iS8FMg8a8ADAqMYS>

Jul 5 00:30:49 localhost dovecot: pop3(xishui139): Error: User initialization failed: Namespace '': Root mail directory not given

Jul 5 00:30:49 localhost dovecot: pop3(xishui139): Error: Invalid user settings. Refer to server log for more information.

Jul 5 00:34:41 localhost dovecot: pop3-login: Login: user=<xishui139>, method=PLAIN, rip=192.168.198.18, lip=192.168.198.18, mpid=10355, secured, session=<qQLTPw8a8QDAqMYS>

Jul 5 00:34:41 localhost dovecot: pop3(xishui139): Error: User initialization failed: Namespace '': Root mail directory not given

Jul 5 00:34:41 localhost dovecot: pop3(xishui139): Error: Invalid user settings. Refer to server log for more information.

总结:配置mail目录

6.virtual 和系统使用的uid和gid有差异,报错

Jul 5 01:38:21 localhost postfix/qmgr[9629]: 53320C13C4: from=<i_j@live.cn>, size=530, nrcpt=1 (queue active)

Jul 5 01:38:21 localhost postfix/virtual[10858]: warning: recipient user01@xishui139.com: bad uid 89 in virtual_uid_mapsJul 5 01:38:21 localhost postfix/virtual[10858]: 53320C13C4: to=<user01@xishui139.com>, relay=virtual, delay=4739, delays=4739/0.14/0/0.06, dsn=4.3.5, status=deferred (mail system configuration error)

此时我在virtual使用的uid和gid是5000

7.地址账号不存在

Jul 5 10:15:53 localhost postfix/smtpd[15739]: NOQUEUE: reject: RCPT from mail.xishui139.com[192.168.198.18]: 550 5.1.1 <pulish>: Recipient address rejected: User unknown in local recipient table; from=<xishui139> to=<pulish> proto=ESMTP helo=<mail>

总结:本地账号不存在.

8.提供的认证方式都失败

Jul 5 10:53:14 localhost dovecot: pop3-login: Aborted login (tried to use disallowed plaintext auth): user=<>, rip=180.166.35.68, lip=192.168.198.18, session=<F4/t4xcajwC0piNE>

Jul 5 10:53:21 localhost postfix/smtpd[16155]: connect from mail.xishui139.com[192.168.198.18]

总结,按照提供的认证进行正确的认证.

9.virtual认证接收地址不存在

Jul 9 11:19:44 localhost postfix/smtpd[20010]: connect from unknown[180.166.35.68]

Jul 9 11:19:44 localhost authdaemond: received auth request, service=smtp, authtype=login

Jul 9 11:19:44 localhost authdaemond: authmysql: trying this module

Jul 9 11:19:44 localhost authdaemond: SQL query: SELECT username, password, "", 89, 89, maildir, concat('/vmail/',maildir), "", name, "" FROM mailbox WHERE username = 'smtp_blog@xishui139.com'

Jul 9 11:19:44 localhost authdaemond: password matches successfully

Jul 9 11:19:44 localhost authdaemond: authmysql: sysusername=<null>, sysuserid=89, sysgroupid=89, homedir=xishui139.com/smtp_blog/, address=smtp_blog@xishui139.com, fullname=smtp_blog, maildir=/vmail/xishui139.com/smtp_blog/, quota=<null>, options=<null>

Jul 9 11:19:44 localhost authdaemond: authmysql: clearpasswd=<null>, passwd=$1$ecde18f9$PLg5AdxChGH3enyVgfUI21

Jul 9 11:19:44 localhost authdaemond: Authenticated: sysusername=<null>, sysuserid=89, sysgroupid=89, homedir=xishui139.com/smtp_blog/, address=smtp_blog@xishui139.com, fullname=smtp_blog, maildir=/vmail/xishui139.com/smtp_blog/, quota=<null>, options=<null>

Jul 9 11:19:44 localhost authdaemond: Authenticated: clearpasswd=123456, passwd=$1$ece1f9PLgAdxCnygfU21

Jul 9 11:19:44 localhost postfix/smtpd[20010]: NOQUEUE: reject: RCPT from unknown[180.166.35.68]: 550 5.1.1 <user@xishui139.com>: Recipient address rejected: User unknown in virtual mailbox table; from=<smtp_blog@xishui139.com> to=<user@xishui139.com> proto=ESMTP helo=<mail.xishui139.com>

总结:在mysql mailbox中创建收件人地址.

10.virtual smtp认证失败

Jul 10 21:33:29 localhost postfix/smtpd[7059]: warning: localhost.localdomain[127.0.0.1]: SASL login authentication failed: another step is needed in authentication

总结:密码不正确

11.SQL 语句不正确

Jul 9 09:04:15 localhost authdaemond: received auth request, service=smtp, authtype=login

Jul 9 09:04:15 localhost authdaemond: authmysql: trying this module

Jul 9 09:04:15 localhost authdaemond: authmysqllib: connected. Versions: header 100020, client 100020, server 100020Jul 9 09:04:15 localhost authdaemond: SQL query: SELECT username, crypt, "", 5000, 5000, concat('/home/',homedir, concat('/home/',maildir), "", name, "" FROM mailbox WHERE username = 'smtp_blog@xishui139.com'Jul 9 09:04:15 localhost authdaemond: mysql_query failed, reconnecting: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'FROM mailbox WHERE username = 'smtp_blog@xishui139.com'' at line 1

Jul 9 09:04:15 localhost authdaemond: authmysqllib: connected. Versions: header 100020, client 100020, server 100020Jul 9 09:04:15 localhost authdaemond: mysql_query failed second time, giving up: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'FROM mailbox WHERE username = 'smtp_blog@xishui139.com'' at line 1

Jul 9 09:04:15 localhost authdaemond: authmysql: TEMPFAIL - no more modules will be tried

Jul 9 09:04:15 localhost postfix/smtpd[18296]: warning: SASL authentication failure: could not verify password

Jul 9 09:04:15 localhost postfix/smtpd[18296]: warning: unknown[180.166.35.68]: SASL LOGIN authentication failed: generic failure

Jul 9 09:04:15 localhost postfix/smtpd[18296]: disconnect from unknown[180.166.35.68] ehlo=1 auth=0/1 quit=1 commands=2/3

总结:sql查询语句不正确,就是/etc/authmysqlrc文件配置不正确

我的这个报错是因为MYSQL_HOME_FIELD maildir (错误配置MYSQL_HOME_FIELD concat('/home/',homedir)

12.dovecot以dovecot的id进行数据查询报错

Jul 9 13:58:17 localhost dovecot: pop3-login: Login: user=<publish_blog>, method=PLAIN, rip=180.166.35.68, lip=192.168.198.18, mpid=21794, secured, session=<YjUY8WoaHQC0piNE>

Jul 9 13:58:17 localhost dovecot: pop3(publish_blog): Error: User initialization failed: Namespace '': mkdir(/home/vmail//publish_blog/Maildir) failed: Permission denied (euid=1004(publish_blog) egid=1004(publish_blog) missing +w perm: /home/vmail/, we're not in group 89(postfix), dir owned by 89:89 mode=0775)

Jul 9 13:58:17 localhost dovecot: pop3(publish_blog): Error: Invalid user settings. Refer to server log for more information.

Jul 9 13:58:47 localhost dovecot: pop3-login: Login: user=<aliyun_blog>, method=PLAIN, rip=114.215.116.149, lip=192.168.198.18, mpid=21796, secured, session=<hwLp8moa7ABy13SV>

Jul 9 13:58:47 localhost dovecot: pop3(aliyun_blog): Error: User initialization failed: Namespace '': mkdir(/home/vmail//aliyun_blog/Maildir) failed: Permission denied (euid=1001(aliyun_blog) egid=1001(aliyun_blog) missing +w perm: /home/vmail/, we're not in group 89(postfix), dir owned by 89:89 mode=0775)

Jul 9 13:58:47 localhost dovecot: pop3(aliyun_blog): Error: Invalid user settings. Refer to server log for more information.

总结: dovecot以dovecot的id进行数据查询报错,需要dovecot以virtual设置的uid和gid进行查询,我设置的uid和gid是 89(postfix)

13. mail_location = maildir:/vmail/%d/%d/%n/ 多一个domain

Jul 9 15:17:46 localhost postfix/smtpd[22636]: BE0EAC1737: client=unknown[180.166.35.68], sasl_method=LOGIN, sasl_username=smtp_blog@xishui139.com

Jul 9 15:17:46 localhost postfix/cleanup[22643]: BE0EAC1737: message-id=<3020c63f6860e33db7d13931e8df156d@mail.xishui139.com>

Jul 9 15:17:46 localhost postfix/qmgr[18414]: BE0EAC1737: from=<smtp_blog@xishui139.com>, size=1705, nrcpt=1 (queue active)

Jul 9 15:17:46 localhost postfix/smtpd[22636]: disconnect from unknown[180.166.35.68] ehlo=1 auth=1 mail=1 rcpt=1 data=1 quit=1 commands=6

Jul 9 15:17:46 localhost postfix/virtual[22645]: BE0EAC1737: to=<user@xishui139.com>, relay=virtual, delay=0.03, delays=0.02/0/0/0.02, dsn=2.0.0, status=sent (delivered to maildir)

总结:这次设置对了,但是dovecot的maildir地址和virtual的maildir不一样需要进行调整于是有了参数mail_location = maildir:/vmail/%d/%d/%n/

14.不影响收发邮件的错误

Jul 9 15:22:15 localhost authdaemond: Authenticated: sysusername=<null>, sysuserid=89, sysgroupid=89, homedir=xishui139.com/smtp_blog/, address=smtp_blog@xishui139.com, fullname=smtp_blog, maildir=/vmail/xishui139.com/smtp_blog/, quota=<null>, options=<null>

总结:我的mail实际地址是/vmail/xishui139.com/xishui139.com/smtp_blog/目录,但是这个错误不影响收发邮件的原因是postfix把收发信的工作交给了virtual

即reply=virtual.virtual的maildir和dovecot的maildir已经设置在相同的目录下,因此收发邮件就正常了.postfix只是担当了 (转收发往本地外地的请求)

15.迁移旧目录邮件到新目录报错

Jul 9 16:04:01 localhost dovecot: imap(user@xishui139.com): Error: open(/vmail/xishui139.com/xishui139.com/user/cur/1436116338.Vfd01Ic1a3fM378499.localhost.localdomain:2,S) failed: Permission denied (euid=89(postfix) egid=89(postfix) missing +r perm: /vmail/xishui139.com/xishui139.com/user/cur/1436116338.Vfd01Ic1a3fM378499.localhost.localdomain:2,S)

总结:客户端报错,不能收发邮件,因为复制的邮件权限属于root更改邮件的权限为postfix 89:89 即可/

可以看到12.排错dovecot的目录邮件更正.

 

 

2015年7月9日 i_j@live.cn

结束

 

 

 

 

 

 

 

 

 

 

文章标题：搭建基于虚拟域和虚拟用户的linux最新开源邮件系统Postfix+Dovecot+Cyrus-sasl+roundcubemail+mysql+postfixadmin

文章链接：http://www.xishui139.com/archives/652

 

搜索

转载于:https://blog.51cto.com/xishui139/1673085