Postfix企业级邮件系统进阶版

       本文也是参考了网上的一些案例，但是在进行实际的操作过程中还是错误百出。经过几个白昼和黑夜的摸索，终于练成了--《Postfix企业级邮件系统进阶版》秘籍！

       我比较崇尚开源精神，于是乎将自己的心得、知识和广大的互联网朋友们一起分享！

       此邮件系统包含了，基本邮件发送接收、垃圾邮件过滤、病毒扫描、虚拟用户、后台管理、WebMail、转发、邮件防止伪造、自动回复等功能。

1、LAMP 配置在此不做配置，安装系统时选择好软件apache+php+mysql等。

2.安装courier-authlib

下载地址:

你可以通过下列地址查码安装代码: http://sourceforge.net/projects/courier/

安装之前添加postfix和maildrop相关的用户&用户组

groupadd postfix

groupadd postdrop

useradd postfix -g postfix -c "Postfix user" -d /home/postfix -s /sbin/nologin

groupadd vmail 

useradd vmail -g vmail -d /mailbox

#### 特别提示 1:这个主要是设定邮件管理账号/进程启动帐号. 记住postfix和pstdrop组都中包含用户 

postfix, vmail组中包括vmail用户,你可以通过直接编/etc/group文件,把这些用户加入相关的组。同时 

，请记住这里的vmail的GI--502和UID--501，在下面文章的多处针使用到）.

 

[root@mail~]# mkdir /home/mail

[root@mail~]# chown vmail:vmail /mailbox

[root@mail~]# chmod -R 775 /mailbox

[root@mail~]# cd /usr/src/

[root@usr/src/]# tar jvxf courier-authlib-0.60.2.tar.bz2 

[root@usr/src/]#cd /usr/src/courier-authlib-0.60.2

./configure --prefix=/usr/local/courier-authlib --without-authpam --without-authldap --without-authpwd --without-authshadow --without-authvchkpw --without-authpgsql  --with-authmysql --with-mysql-libs=/usr/lib/mysql --with-mysql-includes=/usr/include/mysql --with-redhat  --with-authmysqlrc=/usr/local/courier-authlib/etc/authmysqlrc  --with-authdaemonrc=/usr/local/courier-authlib/etc/authdaemonrc CFLAGS="-march=i686 -O2 -fexpensive-optimizations" CXXFLAGS="-march=i686 -O2 -fexpensive-optimizations" 

 

[root@usr/src/courier-authlib-0.60.2]# make

[root@usr/src/courier-authlib-0.60.2]# make install

[root@net-server:/]# cd /usr/local/courier-authlib/etc/

[root@usr/local/courier-authlib/etc]# cp authmysqlrc.dist authmysqlrc

[root@usr/local/courier-authlib/etc]# cp authdaemonrc.dist authdaemonrc

[root@usr/local/courier-authlib/etc]# vi authdaemonrc

authmodulelist="authmysql"               <--使用Mysql用户认证-->

authmodulelistorig="authmysql"           <--使用Mysql用户认证-->

daemons=5                                <--已经存在, 没有就增加-->

authdaemonvar=/var/spool/authdaemon      <--authlib会自己设定好此路径->

DEBUG_LOGIN=0                             <--已经存在, 没有就增加, 2 为详细Debug模式，可以看更详细的日志-->

DEFAULTOPTIONS=""                         <--已经存在, 没有就增加-->

LOGGEROPTS=""                             <--已经存在, 没有就增加-->

 

[root@usr/local/courier-authlib/etc]# vi authmysqlrc

MYSQL_SERVER  localhost            <--mysql服务器名或IP地址-->

MYSQL_USERNAME  postfix                   <--mysql用户名-->

MYSQL_PASSWORD  ×××××                <--mysql用户名密码-->

MYSQL_SOCKET  /var/lib/mysql/mysql.sock       <--mysql SOCKET,请根据你的实情而定-->

MYSQL_PORT  3306                       <--mysql 端口号,请根据你的实情而定-->

MYSQL_OPT  0

MYSQL_DATABASE  postfix

MYSQL_USER_TABLE  mailbox

MYSQL_CRYPT_PWFIELD  password

MYSQL_UID_FIELD  501                    <--mysql表中, 管理authlib用户的UID.前面我们就用的vmail-->

MYSQL_GID_FIELD  502                    <--mysql表中, 管理authlib用户的GID.前面我们就用的vmail-->

### vmail---->UID:501, GID:502####

MYSQL_LOGIN_FIELD username

MYSQL_HOME_FIELD  concat('/home/mail/',maildir)

MYSQL_NAME_FIELD  name

MYSQL_MAILDIR_FIELD  concat('/home/mail/',maildir)

MYSQL_QUOTA_FIELD  quota

MYSQL_WHERE_CLAUSE active='1' 

 注意以上的文字最后不能有空格否则无法连接数据库！！！！

启动courier-authlib

[root@mail]# cp courier-authlib.sysvinit  /etc/init.d/courier-authlib

[root@mail~]#chmod 755 /etc/rc.d/init.d/courier-authlib

[root@mail~]# service courier-authlib start

[root@mail~]#chkconfig --add courier-authlib

[root@mail~]#chkconfig --level 35  courier-authlib on

 

=============================================================

编译安装配置认证cyrus-sasl

cyrus-sasl-2.1.22.tar.gz

./configure  --prefix=/usr/local/cyrus-sasl --enable-plain --enable-cram --enable-digest --enable-login --enable-sql --disable-anon --disable-ntlm --disable-gssapi --disable-krb4 --disable-otp --disable-srp --disable-srp-setpass --with-authdaemond=/usr/local/courier-authlib/var/spool/authdaemon/socket --with-mysql=/usr/lib/mysql --with-mysql-includes=/usr/include/mysql/ --with-mysql-libs=/usr/lib/mysql

make

make install

做软连接

ln -s /usr/local/cyrus-sasl/lib/sasl2/  /usr/lib/

vi /usr/local/cyrus-sasl/lib/sasl2/smtpd.conf 

vi /usr/lib/sasl2/smtpd.conf 为以下内容

vi /usr/lib/sasl/smtpd.conf

pwcheck_method: authdaemond

log_level:  3

mech_list:  plain login

authdaemond_path: /usr/local/courier-authlib/var/spool/authdaemon/socket

###

postfix/smtpd[6349]: sql_select option missing

postfix/smtpd[6349]: auxpropfunc error no mechanism available

###如有报告上述如下错误请添加如下代码

allow_plaintext: true

auxprop_plugin: mysql

sql_hostnames: localhost

sql_user: postfix

sql_passwd:  ×××××      

sql_database: postfix

sql_select: select password from mailbox where username='%u'

设置自启动：

chkconfig –-level  35  saslauthd on

service saslauthd start

=============================================================

安装postfix  postfix-2.5.1-1.mysql.sasl2.vda.rhel4.i386.rpm  #此版本支持mysql sasl2 免去编译的麻烦#

postfix-2.5.1-1.mysql.sasl2.vda.rhel5.i386.rpm

生成别名二进制文件，这个步骤如果忽略，会造成postfix效率极低

newaliases

rpm -e sendmail --nodeps 删除sendmail

相关配置文件

编辑/etc/postfix/main.cf 为以下内容

#=======================BASE Settings==========================

myhostname = mail.epanel.cn

mydomain = epanel.cn

myorigin = $mydomain

mydestination = $myhostname localhost localhost.$mydomain  

mynetworks = 192.168.1.0/24 127.0.0.0/8

inet_interfaces = all

#=====================Vritual Mailbox settings======================

virtual_mailbox_base = /home/mail

virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf

virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf

virtual_alias_domains =

virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf

virtual_uid_maps = static:501

virtual_gid_maps = static:502

virtual_transport = virtual

maildrop_destination_recipient_limit = 1

maildrop_destination_concurrency_limit = 1

#========================QUOTA============================

message_size_limit = 14336000

virtual_mailbox_limit = 20971520

virtual_create_maildirsize = yes

virtual_mailbox_extended = yes

virtual_mailbox_limit_maps = mysql:/etc/postfix/mysql_virtual_mailbox_limit_maps.cf

virtual_mailbox_limit_override = yes

virtual_maildir_limit_message = Sorry, the user's maildir has overdrawn his diskspace quota, please try again later.

virtual_overquota_bounce = yes

#=======================SASL Settings=========================

broken_sasl_auth_clients = yes

smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_invalid_hostname,reject_non_fqdn_hostname,reject_unknown_sender_domain,reject_non_fqdn_sender,reject_non_fqdn_recipient,reject_unknown_recipient_domain,reject_unauth_pipelining,reject_unauth_destination,permit

smtpd_sasl_auth_enable = yes

smtpd_sasl_local_domain = $myhostname   注意 如果测试出错，删除！

smtpd_sasl_security_options = noanonymous

smtpd_sasl_application_name = smtpd

smtpd_banner=$myhostname ESMTP "Version not Available"

readme_directory = no

sample_directory = /etc/postfix

sendmail_path = /usr/sbin/sendmail

html_directory = no

setgid_group = postdrop

command_directory = /usr/sbin

manpage_directory = /usr/local/man

daemon_directory = /usr/libexec/postfix

newaliases_path = /usr/bin/newaliases

mailq_path = /usr/bin/mailq

queue_directory = /var/spool/postfix

mail_owner = postfix

 

#=======================ANTI-SPAM=========================

smtpd_recipient_restrictions = 

  permit_sasl_authenticated

  permit_mynetworks

  reject_invalid_hostname

  reject_non_fqdn_hostname

  reject_unknown_sender_domain

  reject_non_fqdn_sender

  reject_non_fqdn_recipient

  reject_unknown_recipient_domain

  reject_unauth_pipelining

  reject_unauth_destination

 

===========================================================

编辑 vi /etc/postfix/mysql_virtual_alias_maps.cf 为以下内容

user = postfix

password =  ×××××      

hosts = localhost

dbname = postfix

table = alias

select_field = goto

where_field = address

additional_conditions = AND active = '1'

 

编辑 vi /etc/postfix/mysql_virtual_domains_maps.cf 为以下内容

user = postfix

password =  ×××××      

hosts = localhost

dbname = postfix

table = domain

select_field = description

where_field = domain

additional_conditions = AND active = '1'

 

编辑 vi /etc/postfix/mysql_virtual_mailbox_limit_maps.cf 为以下内容

user = postfix

password =  ×××××      

hosts = localhost

dbname = postfix

table = mailbox

select_field = quota

where_field = username

additional_conditions = AND active = '1'

 

编辑 vi /etc/postfix/mysql_virtual_mailbox_maps.cf 为以下内容

user = postfix

password =  ×××××      

hosts = localhost

dbname = postfix

table = mailbox

select_field = maildir

where_field = username

additional_conditions = AND active = '1'

 

===========================================================

dovecot  POP3系统配置：

vi  dovecot.conf 为以下内容：

protocols=pop3 pop3s

listen=*

disable_plaintext_auth = no

auth_debug = yes

log_path = /var/log/dovecot.log

mail_location =maildir:/mailbox/%u

pop3_uidl_format=%08Xu%08Xv

first_valid_uid = 501

   auth default {

mechanisms = PLAIN LOGIN

    passdb sql {

args = /etc/dovecot-mysql.conf

   }

   userdb sql {

args = /etc/dovecot-mysql.conf

   }

socket listen {

   client {

path = /var/run/dovecot/auth-client

   mode = 0660

   user = postfix

   group = postfix

      }

   }

}

 

===========================================================

vi  dovecot-mysql.conf 以下内容：

driver = mysql

connect = host=localhost dbname=postfix user=postfix password= ×××××      

default_pass_scheme = MD5

user_query = SELECT maildir, 501 AS uid, 502 AS gid FROM mailbox WHERE username = '%u'

===========================================================

待完。。。。。。

     本文转自andylhz 51CTO博客，原文链接：http://blog.51cto.com/andylhz2009/818964，如需转载请自行联系原作者