编译安装Postfix:由于系统自带的Postfix不支持mysql扩展,因此需要自己编译安装
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
|
# service sendmail stop //关闭并卸载自带的sendmail服务
# rpm -e sendmail --nodeps
# rpm -ivh postfix-2.3.3-6.el5.src.rpm
# cd /usr/src/redhat/SPECS
# vi postfix.spec
%define LDAP 2
%define MYSQL 1
//
添加Mysql的支持(默认已注释)
%define PCRE 1
%define SASL 2
%define TLS 1
%define IPV6 1
%define POSTDROP_GID 90
%define PFLOGSUMM 1
# rpmbuild -bb postfix.spec
# cd ../RPMS/x86_64
# rpm -ivh postfix-2.3.3-6.x86_64.rpm
# vi /etc/postfix/main.cf
queue_directory =
/var/spool/postfix
command_directory =
/usr/sbin
daemon_directory =
/usr/libexec/postfix
mail_owner = postfix
myhostname = mail.xfcy.org
mydomain = xfcy.org
myorigin = $mydomain
inet_interfaces = all
mydestination =
unknown_local_recipient_reject_code = 550
mynetworks = 192.168.0.0
/24
, 127.0.0.0
/8
alias_maps =
hash
:
/etc/aliases
alias_database =
hash
:
/etc/aliases
# chkconfig postfix on
# /etc/init.d/postfix start
|
Postfix邮件的外发测试:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
|
# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is
'^]'
.
220 mail.xfcy.org ESMTP Postfix
ehlo mail.xfcy.org
250-mail.xfcy.org
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
mail from:root@xfcy.org
250 2.1.0 Ok
rcpt to:zyp19891128@163.com
250 2.1.5 Ok
data
354 End data with <CR><LF>.<CR><LF>
subject:
test
postfix
test
.
250 2.0.0 Ok: queued as 5212B96E83
quit
221 2.0.0 Bye
Connection closed by foreign host.
# tailf /var/log/maillog
May 17 12:52:50 mail postfix
/smtpd
[15176]: connect from mail.xfcy.org[192.168.0.89]
May 17 12:53:04 mail postfix
/smtpd
[15176]: DF4B796E26: client=mail.xfcy.org[192.168.0.89]
May 17 12:53:15 mail postfix
/cleanup
[15210]: DF4B796E26: message-
id
=<20130517045304.DF4B796E26@mail.xfcy.org>
May 17 12:53:15 mail postfix
/qmgr
[3050]: DF4B796E26: from=<root@xfcy.org>, size=379, nrcpt=1 (queue active)
May 17 12:53:16 mail postfix
/smtp
[15214]: DF4B796E26: host 163mx03.mxmail.netease.com[220.181.14.159] said: 451 DT:SPM mx44, XsCowEBpUEu7t5VRWqdEAw--.1675S2, please try again 1368766395 http:
//mail
.163.com
/help/help_spam_16
.htm?ip=210.13.194.138&hostid=mx44&
time
=1368766395 (
in
reply to end of DATA
command
)
May 17 12:53:17 mail postfix
/smtp
[15214]: DF4B796E26: to=<zyp19891128@163.com>, relay=163mx01.mxmail.netease.com[220.181.14.139]:25, delay=16, delays=14
/0
.02
/1
.6
/0
.24, dsn=2.0.0, status=sent (250 Mail OK queued as mx10,PMCowEBJElK8t5VRT8XKFQ--.914S2 1368766396)
May 17 12:53:17 mail postfix
/qmgr
[3050]: DF4B796E26: removed
May 17 12:53:23 mail postfix
/smtpd
[15176]: disconnect from mail.xfcy.org[192.168.0.89]
|
安装配置Dovecot:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
|
# yum -y install dovecot
# vi /etc/dovecot.conf
mail_location = maildir:
/var/maildata/domains/
%d/%n
/Maildir
auth default {
mechanisms = plain
#把pam { }这一项注释掉
passdb sql {
args =
/etc/dovecot-mysql
.conf
}
userdb
passwd
{
}
userdb sql {
args =
/etc/dovecot-mysql
.conf
}
user = root
}
# vi /etc/dovecot-mysql.conf //创建mysql认证文件
driver = mysql
connect = host=localhost dbname=extmail user=extmail password=extmail
default_pass_scheme = CRYPT
password_query = SELECT username AS user,password AS password FROM mailbox WHERE username =
'%u'
user_query = SELECT maildir, uidnumber AS uid,gidnumber AS gid FROM mailbox WHERE username =
'%u'
# chkconfig dovecot on
# /etc/init.d/dovecot start
# netstat -lntp | grep dovecot
tcp 0 0 :::993 :::* LISTEN 5033
/dovecot
tcp 0 0 :::995 :::* LISTEN 5033
/dovecot
tcp 0 0 :::110 :::* LISTEN 5033
/dovecot
tcp 0 0 :::143 :::* LISTEN 5033
/dovecot
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
|
配置cyrus-sasl认证:
# yum -y install cyrus-sasl
# postconf -a
cyrus
dovecot
# vi /etc/postfix/main.cf //为postfix开启基于cyrus-sasl的认证功能
##====================SASL========================
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_non_fqdn_hostname,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unauth_destination,
reject_unauth_pipelining,
reject_invalid_hostname,
reject_unknown_sender_domain,
reject_unknown_recipient_domain
# SMTP sender login matching config
smtpd_sender_restrictions =
permit_mynetworks,
reject_sender_login_mismatch
# SMTP AUTH config here
broken_sasl_auth_clients =
yes
smtpd_sasl_auth_enable =
yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_security_options = noanonymous
# banner
mail_name = Postfix - by xfcy.org
smtpd_banner = Welcome to $myhostname ESMTP , $mail_name
# service postfix restart
# telnet localhost 25
Trying 192.168.0.89...
Connected to mail.xfcy.org (192.168.0.89).
Escape character is
'^]'
.
220 Welcome to mail.xfcy.org ESMTP , Postfix - by xfcy.org
ehlo mail.xfcy.org
250-mail.xfcy.org
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH PLAIN LOGIN
//
出现以下两行表示cyrus-sasl认证添加成功
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
quit
221 2.0.0 Bye
Connection closed by foreign host.
安装Courier-Authlib:
# tar jxvf courier-authlib-0.62.4.tar.bz2
# cd courier-authlib-0.62.4
# ./configure --prefix=/usr/local/courier-authlib --without-stdheaderdir --without-authuserdb --without-authpam --without-authldap --without-authpwd --without-authshadow --without-authvchkpw --without-authpgsql --without-authcustom --with-authmysql --with-redhat
# make
# make install
# make install-configure
# echo "/usr/local/courier-authlib/lib/courier-authlib" >> /etc/ld.so.conf
# ldconfig
# ldconfig -v | grep courier
/usr/local/courier-authlib/lib/courier-authlib
:
libcourierauthsasl.so -> libcourierauthsasl.so.0
libcourierauthsaslclient.so -> libcourierauthsaslclient.so.0
libcourierauth.so -> libcourierauth.so.0
libcourierauthcommon.so -> libcourierauthcommon.so.0
# cp courier-authlib.sysvinit /etc/rc.d/init.d/courier-authlib
# chmod 755 /etc/rc.d/init.d/courier-authlib
# chkconfig --add courier-authlib
# chkconfig courier-authlib on
# chmod 755 /usr/local/courier-authlib/var/spool/authdaemon/
# cp /usr/local/courier-authlib/etc/authlib/authmysqlrc /usr/local/courier-authlib/etc/authlib/authmysqlrc.bak
# vi /usr/local/courier-authlib/etc/authlib/authmysqlrc
MYSQL_SERVER 127.0.0.1
MYSQL_USERNAME extmail
MYSQL_PASSWORD extmail
MYSQL_SOCKET
/var/lib/mysql/mysql
.sock
MYSQL_PORT 3306
MYSQL_OPT 0
MYSQL_DATABASE extmail
MYSQL_USER_TABLE mailbox
MYSQL_CRYPT_PWFIELD password
MYSQL_UID_FIELD 1000
MYSQL_GID_FIELD 1000
MYSQL_LOGIN_FIELD username
MYSQL_HOME_FIELD concat(
'/var/maildata/domains/'
,homedir)
MYSQL_NAME_FIELD name
MYSQL_MAILDIR_FIELD concat(
'/var/maildata/domains/'
,maildir)
# vi /usr/local/courier-authlib/etc/authlib/authdaemonrc
authmodulelist=
"authmysql"
authmodulelistorig=
"authmysql"
daemons=10
authdaemonvar=
/usr/local/courier-authlib/var/spool/authdaemon
DEBUG_LOGIN=0
DEFAULTOPTIONS=
""
LOGGEROPTS=
""
# service courier-authlib start
Starting Courier authentication services: authdaemond
# ps -ef | grep authdaemond | grep -v grep
root 9173 1 0 02:50 ? 00:00:00
/usr/local/courier-authlib/sbin/courierlogger
-pid=
/usr/local/courier-authlib/var/spool/authdaemon/pid
-start
/usr/local/courier-authlib/libexec/courier-authlib/authdaemond
root 9174 9173 0 02:50 ? 00:00:00
/usr/local/courier-authlib/libexec/courier-authlib/authdaemond
root 9175 9174 0 02:50 ? 00:00:00
/usr/local/courier-authlib/libexec/courier-authlib/authdaemond
root 9176 9174 0 02:50 ? 00:00:00
/usr/local/courier-authlib/libexec/courier-authlib/authdaemond
root 9177 9174 0 02:50 ? 00:00:00
/usr/local/courier-authlib/libexec/courier-authlib/authdaemond
root 9178 9174 0 02:50 ? 00:00:00
/usr/local/courier-authlib/libexec/courier-authlib/authdaemond
root 9179 9174 0 02:50 ? 00:00:00
/usr/local/courier-authlib/libexec/courier-authlib/authdaemond
root 9180 9174 0 02:50 ? 00:00:00
/usr/local/courier-authlib/libexec/courier-authlib/authdaemond
root 9181 9174 0 02:50 ? 00:00:00
/usr/local/courier-authlib/libexec/courier-authlib/authdaemond
root 9182 9174 0 02:50 ? 00:00:00
/usr/local/courier-authlib/libexec/courier-authlib/authdaemond
root 9183 9174 0 02:50 ? 00:00:00
/usr/local/courier-authlib/libexec/courier-authlib/authdaemond
root 9184 9174 0 02:50 ? 00:00:00
/usr/local/courier-authlib/libexec/courier-authlib/authdaemond
# vi /usr/lib64/sasl2/smtpd.conf
pwcheck_method: authdaemond
log_level: 3
mech_list:PLAIN LOGIN
authdaemond_path:
/usr/local/courier-authlib/var/spool/authdaemon/socket
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
|
# groupadd -g 1000 vgroup
# useradd -g 1000 -u 1000 -s /sbin/nologin -M vuser
# tar jxvf maildrop-2.2.0.tar.bz2
# cd maildrop-2.2.0/
# ./configure --enable-sendmail=/usr/sbin/sendmail --enable-trusted-users='root vuser' --enable-syslog=1 --enable-maildirquota --enable-maildrop-uid=1000 --enable-maildrop-gid=1000 --with-trashquota --with-dirsync
# make && make install
# vi /etc/postfix/master.cf
maildrop unix - n n - - pipe
flags=DRhu user=vuser argv=
/usr/local/bin/maildrop
-w 90 -d ${user}@${nexthop} ${recipient} ${user} ${extension} {nexthop}
//flags
前面有
"两个空格"
# vi /etc/postfix/main.cf
maildrop_destination_recipient_limit = 1
# maildrop -v //测试maildrop对authlib支持
maildrop 2.1.0 Copyright 1998-2005 Double Precision, Inc.
GDBM
/DB
extensions enabled.
Maildir
quota
extension enabled.
This program is distributed under the terms of the GNU General Public
License. See COPYING
for
additional information.
|
如果maildrop使用RPM包安装时,会自动创建vuser用户及vgroup用户组,专门用于邮件的存储,vuser:vgroup的uid/gid都是1000,这与一般的邮件文档中提及用postfix用户存邮件不一样。因为postfix用户的uid一般都低于500,而Suexec模块编译时对UID/GID的要求是要大于500,因此使用postfix用户不能满足要求。其次,如果用Maildrop作为投递代理(MDA),以postfix身份投递的话,会导致postfix MTA错误。
本文转自Vnimos51CTO博客,原文链接:http://blog.51cto.com/vnimos/1203162,如需转载请自行联系原作者