----------------------------
LAMP下部署
Postfix+Dovecot+SquirrelMail+Extmail+Extman+SpamAssassin防垃圾邮件
实验软件包:(都存放到/usr/src下)
实验环境:RHEL5.4
Mail.Dns server:192.168.1.126/24 dns.crazylinux.com
Clinet: 192.168.1.105/24
实验要求:
一、搭建DNS服务器能够解析dns.crazylinux.com 为192.168.1.126
二、在mail服务器上源码安装apache,mysql,php
三、在mail服务器中搭建Postfix邮件服务器
四、构建Dovecot服务器
五、配置SquirrelMail
六、设置SMTP认证,用户别名与群组,限制用户可发送邮件大小和使用邮箱空间大小
七、配置Postfix支持Mysql虚拟用户
八、部署Extmail
九、部署Extman
十、DRBD主从
实验步骤:(红色的地方表示修改的)
一、搭建DNS服务器能够解析nds.crazylinux.com 为192.168.1.126
1、前体条件(设置ip与主机名)
[root@dns ~]# ifconfig eth0 | grep "inet addr" inet addr:192.168.1.126 Bcast:192.168.0.255 Mask:255.255.255.0 [root@dns ~]# grep HOSTNAME /etc/sysconfig/network HOSTNAME=dns.crazylinux.com |
2、配置本地yum仓库(把RHEL5.4挂载到/media下)
[root@dns ~]# cd /etc/yum.repos.d/ [root@dns yum.repos.d]# vim rhel-debuginfo.repo [rhel-debuginfo] name=Red Hat Enterprise Linux $releasever - $basearch - Debug baseurl=file:///media/Server (确定/media下有Server目录) enabled=1 gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release |
3、安装DNS软件包
[root@dns ~]# yum -y install bind bind-chroot caching-nameserver |
4、配置DNS主配置文件
[root@dns ~]# cd /var/named/chroot/etc/ [root@dns etc]# cp -p named.caching-nameserver.conf named.conf 14 options { 15 listen-on port 53 { any; }; 16 listen-on-v6 port 53 { ::1; }; 17 directory "/var/named"; 18 dump-file "/var/named/data/cache_dump.db"; 19 statistics-file "/var/named/data/named_stats.txt"; 20 memstatistics-file "/var/named/data/named_mem_stats.txt"; 27 allow-query { any; }; 28 allow-query-cache { any; }; 29 }; 30 logging { 31 channel default_debug { 32 file "data/named.run"; 33 severity dynamic; 34 }; 35 }; 36 view localhost_resolver { 37 match-clients { any; }; 38 match-destinations { any; }; 39 recursion yes; 40 include "/etc/named.rfc1912.zones"; 41 }; [root@dns etc]# vim named.rfc1912.zones 在文件最后添加如下内容 zone "crazylinux.com" IN { type master; file "cl.zheng"; }; zone "0.168.192.in-addr.arpa" IN { type master; file "cl.fan"; }; |
5、配置DNS区域文件
[root@dns etc]# cd /var/named/chroot/var/named/ [root@dns named]# cp -p named.zero cl.zheng [root@dns named]# cat cl.zheng $TTL 86400 @ IN SOA crazylinux.com. root.crazylinux.com. ( 2010090701 ; serial (d. adams) 3H ; refresh 15M ; retry 1W ; expiry 1D ) ; minimum IN NS dns.crazylinux.com. IN MX 5 dns.crazylinux.com. dns IN A 192.168.1.126 mail IN A 192.168.1.126 [root@dns named]# cp -p cl.zheng cl.fan [root@dns named]# cat cl.fan $TTL 86400 @ IN SOA crazylinux.com. root.crazylinux.com. ( 2010090701 ; serial (d. adams) 3H ; refresh 15M ; retry 1W ; expiry 1D ) ; minimum IN NS dns.crazylinux.com. IN MX 5 mail.crazylinux.com. 126 IN PTR dns.crazylinux.com. 126 IN PTR mail.crazylinux.com. |
6、启动DNS服务
[root@dns named]# service named start [root@dns named]# chkconfig named on |
二、在mail服务器上源码安装apache,mysql,php(先卸载http mysqlphp的rpm包)
1、前体条件(设置ip与主机名,把实验中所需要的源码包拷贝到/home目录)
[root@ ~]# ifconfig eth0 | grep "inet addr" inet addr:192.168.1.126 Bcast:192.168.0.255 Mask:255.255.255.0 [root@dns ~]# grep HOSTNAME /etc/sysconfig/network HOSTNAME=dns.crazylinux.com |
2、配置本地yum仓库(把RHEL5.4挂载到/media下)
[root@dns ~]# cd /etc/yum.repos.d/ [root@dns yum.repos.d]# vim rhel-debuginfo.repo [rhel-debuginfo] name=Red Hat Enterprise Linux $releasever - $basearch - Debug baseurl=file:///media/Server (确定/media下有Server目录) enabled=1 gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release |
3、安装Apache
[root@dns ~]# yum -y install *gcc* openssl-devel [root@dns ~]# rpm -e httpd –nodeps [root@dns ~]# rpm -e mysql --nodeps [root@dns ~]# rpm -e php --nodeps [root@dns ~]# cd /home/ [root@dns home]# tar -zxvf httpd-2.2.15.tar.gz -C /usr/src/ [root@dns home]# cd /usr/src/httpd-2.2.15/ [root@dns httpd-2.2.15]# ./configure --prefix=/usr/local/apache2 --enable-rewrite --enable-so --enable-auth-digest --enable-cgi --with-ssl=/usr/lib --enable-ssl --enable-suexec --with-suexec-caller=daemon --with-suexec-docroot=/usr/local/apache2/htdocs [root@dns httpd-2.2.15]# make [root@dns httpd-2.2.15]# make install [root@dns httpd-2.2.15]# cd /usr/local/apache2/bin/ [root@dns bin]# vim apachectl 添加以下2句话 #!/bin/sh # chkconfig: 35 85 15 # description: Apache is a World Wide Web Server [root@dns bin]# cp apachectl /etc/init.d/apache [root@dns bin]# chkconfig --add apache [root@dns bin]# chkconfig apache on [root@dns bin]# service apache start httpd: apr_sockaddr_info_get() failed for mail.crazylinux.com httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName 解决办法: [root@dns bin]# vim /usr/local/apache2/conf/httpd.conf ServerName mail.crazylinux.com [root@dns bin]# service apache stop [root@dns bin]# service apache start |
4、Mysql服务器的搭建
[root@dns bin]# cd /home/ [root@dns home]# tar -zxvf mysql-5.1.44.tar.gz -C /usr/src/ [root@dns home]# cd /usr/src/mysql-5.1.44/ [root@dns mysql-5.1.44]# useradd -M -s /sbin/nologin mysql [root@dns mysql-5.1.44]# yum -y install libtermcap-devel [root@dns mysql-5.1.44]# ./configure --prefix=/usr/local/mysql --with-mysqld-user=mysql [root@dns mysql-5.1.44]# make [root@dns mysql-5.1.44]# make install [root@dns mysql-5.1.44]# cp support-files/my-medium.cnf /etc/my.cnf [root@dns mysql-5.1.44]# /usr/local/mysql/bin/mysql_install_db --user=mysql [root@dns mysql-5.1.44]# chown -R root:mysql /usr/local/mysql/ [root@dns mysql-5.1.44]# chown -R mysql /usr/local/mysql/var/ [root@dns mysql-5.1.44]# echo "/usr/local/mysql/lib/mysql" >> /etc/ld.so.conf [root@dns mysql-5.1.44]# ldconfig [root@dns mysql-5.1.44]# cp support-files/mysql.server /etc/init.d/mysqld [root@dns mysql-5.1.44]# chmod o+x /etc/init.d/mysqld [root@dns mysql-5.1.44]# chkconfig --add mysqld [root@dns mysql-5.1.44]# chkconfig mysqld on [root@dns mysql-5.1.44]# service mysqld start [root@dns mysql-5.1.44]# ps -e | grep mysqld 2880 pts/0 00:00:00 mysqld_safe 2988 pts/0 00:00:00 mysqld [root@dns mysql-5.1.44]# netstat -nutlp | grep mysqld tcp 0 0 0.0.0.0:33060.0.0.0:* LISTEN 2988/mysqld [root@dns mysql-5.1.44]# export PATH=$PATH:/usr/local/mysql/bin [root@dns mysql-5.1.44]# echo "PATH=$PATH:/usr/local/mysql/bin" >> /etc/profile [root@dns mysql-5.1.44]# mysqladmin -u root password 123456 [root@dns mysql-5.1.44]# mysql -u root -p Enter password: (输入密码123456) Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 2 Server version: 5.1.44-log Source distribution Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. mysql>quit |
5、PHP环境的搭建
[root@dns mysql-5.1.44]# cd /home/ [root@dns home]# tar -zxvf php-5.2.13.tar.gz -C /usr/src/ [root@dns home]# cd /usr/src/php-5.2.13/ [root@dns php-5.2.13]# yum -y install *libxml2* [root@dns php-5.2.13]# ./configure --prefix=/usr/local/php5 --enable-mbstring --with-apxs2=/usr/local/apache2/bin/apxs --with-mysql=/usr/local/mysql --with-config-file-path=/usr/local/php5 [root@dns php-5.2.13]#make [root@dns php-5.2.13]#make test [root@dns php-5.2.13]#make install [root@dns php-5.2.13]# cp php.ini-dist /usr/local/php5/php.ini [root@dns php-5.2.13]# vim /usr/local/apache2/conf/httpd.conf 53 LoadModule php5_module modules/libphp5.so 54 AddType application/x-httpd-php .php 167 <IfModule dir_module> 168 DirectoryIndex index.php index.html 169 </IfModule> [root@dns php-5.2.13]# cat /usr/local/apache2/htdocs/index.php <?php phpinfo(); ?> [root@dns php-5.2.13]# service apache stop [root@dns php-5.2.13]# service apache start |
如果是php5.3版的需要修改几个参数:
(因为php是5.3版,具体详情看http://crazylinux.blog.51cto.com/)
[root@dns webmail]# vim /usr/local/php5/php.ini |
6、客户端的测试
在XP上设置ip与DNS的参数,然后输入http://mail.crazylinux.com测试
三、在mail服务器中搭建Postfix邮件服务器
[root@dns ~]# service sendmail stop [root@dns ~]# chkconfig sendmail off [root@dns ~]# groupadd -g 1200 postdrop [root@dns ~]# groupadd -g 1000 postfix [root@dns ~]# useradd -M -u 1000 -g postfix -G postdrop -s /sbin/nologin postfix [root@dns ~]# cd /home/ [root@dns home]# tar -zxvf postfix-2.6.5.tar.gz -C /usr/src/ [root@dns home]# cp postfix-2.6.5-vda-ng.patch.gz /usr/src/ [root@dns home]# cd /usr/src/ [root@dns src]# gunzip postfix-2.6.5-vda-ng.patch.gz [root@dns src]# cd postfix-2.6.5 [root@dns postfix-2.6.5]# patch -p1 < ../postfix-2.6.5-vda-ng.patch [root@dns postfix-2.6.5]# yum -y install db*-devel cyrus-sasl-devel [root@dns postfix-2.6.5]# make makefiles 'CCARGS=-DHAS_MYSQL -I/usr/local/mysql/include/mysql -DUSE_SASL_AUTH -DUSE_CYRUS_SASL -I/usr/include/sasl' 'AUXLIBS=-L/usr/local/mysql/lib/mysql -lmysqlclient -lz -lm -L/usr/lib/sasl2 -lsasl2' 注解:CCARGS主要是提供额外参数 AUXLIBS指出位于标准位置之外的额外函数库 [root@dns postfix-2.6.5]# make [root@dns postfix-2.6.5]# make install [root@dns postfix-2.6.5]# cd /etc/postfix/ [root@dns postfix]# postconf -n > main2.cf [root@dns postfix]# mv main.cf main.cf.bak [root@dns postfix]# mv main2.cf main.cf [root@dns postfix]# vim /etc/postfix/main.cf 17 inet_interfaces = 192.168.1.126, 127.0.0.1 //监听ip 18 myhostname = dns.crazylinux.com //主机名 19 mydomain = crazylinux.com //使用邮件域 20 myorigin = $mydomain //外发邮件时发件人的邮件域名 21 mydestination = $mydomain, $myhostname //可接受邮件地址域名 22 home_mailbox = Maildir/ //邮件存储位置和格式 [root@dns postfix]# postfix start [root@dns postfix]# echo "/usr/sbin/postfix start" >> /etc/rc.local [root@dns postfix]# netstat -antlp | grep :25 tcp 0 0 192.168.1.126:25 0.0.0.0:* LISTEN 27213/master tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 27213/master [root@dns postfix]# groupadd mailusers [root@dns postfix]# useradd -g mailusers -s /sbin/nologin tom [root@dns postfix]# useradd -g mailusers -s /sbin/nologin jerry [root@dns postfix]# passwd tom [root@dns postfix]# passwd jerry [root@dns postfix]# telnet localhost 25 Trying 127.0.0.1... Connected to localhost.localdomain (127.0.0.1). Escape character is '^]'. 220 mail.crazylinux.com ESMTP Postfix helo localhost 250 mail.crazylinux.com mail from:tom@crazylinux.com 250 2.1.0 Ok rcpt to:jerry@crazylinux.com 250 2.1.5 Ok data 354 End data with <CR><LF>.<CR><LF> Subject:A test mail Hello This is a test mail . 250 2.0.0 Ok: queued as AA4BD157939 quit 221 2.0.0 Bye Connection closed by foreign host. # cat /home/jerry/Maildir/new/1283859902.V802Id7956M227440.mail.crazylinux.com Return-Path: <tom@crazylinux.com> X-Original-To: jerry@crazylinux.com Delivered-To: jerry@crazylinux.com Received: from localhost (localhost.localdomain [127.0.0.1]) by mail.crazylinux.com (Postfix) with SMTP id AA4BD157939 for <jerry@crazylinux.com>; Tue, 7 Sep 2010 19:44:27 +0800 (CST) Subject:A test mail Message-Id: <20100907114438.AA4BD157939@mail.crazylinux.com> Date: Tue, 7 Sep 2010 19:44:27 +0800 (CST) From: tom@crazylinux.com To: undisclosed-recipients:; Hello This is a test mail |
四、构建Dovecot服务器
[root@dns ~]# useradd -M -s /sbin/nologin dovecot [root@dns ~]# cd /home/ [root@dns home]# tar -zxvf dovecot-1.2.11.tar.gz -C /usr/src/ [root@dns home]# cd /usr/src/dovecot-1.2.11/ [root@dns dovecot-1.2.11]# yum -y install pam-devel [root@dns dovecot-1.2.11]# ./configure --sysconfdir=/etc --with-mysql [root@dns dovecot-1.2.11]# make [root@dns dovecot-1.2.11]# make install [root@dns dovecot-1.2.11]# cp /etc/dovecot-example.conf /etc/dovecot.conf [root@dns dovecot-1.2.11]# vim /etc/dovecot.conf 24 protocols = pop3 imap 48 disable_plaintext_auth = no 89 ssl = no 218 mail_location = maildir:~/Maildir [root@dns dovecot-1.2.11]# cat /etc/pam.d/dovecot auth required pam_nologin.so auth include system-auth account include system-auth session include system-auth [root@dns dovecot-1.2.11]# /usr/local/sbin/dovecot -c /etc/dovecot.conf [root@dns dovecot-1.2.11]# echo "/usr/local/sbin/dovecot -c /etc/dovecot.conf" >> /etc/rc.local [root@dns dovecot-1.2.11]# netstat -tulnp | grep dovecot tcp 0 0 0.0.0.0:1100.0.0.0:* LISTEN 18303/dovecot tcp 0 0 0.0.0.0:1430.0.0.0:* LISTEN 18303/dovecot [root@dns dovecot-1.2.11]# telnet localhost 110 Trying 127.0.0.1... Connected to localhost.localdomain (127.0.0.1). Escape character is '^]'. +OK Dovecot ready. user jerry +OK pass 123 +OK Logged in. list +OK 1 messages: 1 505 . retr 1 +OK 505 octets Return-Path: <tom@crazylinux.com> X-Original-To: jerry@crazylinux.com Delivered-To: jerry@crazylinux.com Received: from localhost (localhost.localdomain [127.0.0.1]) by mail.crazylinux.com (Postfix) with SMTP id AA4BD157939 for <jerry@crazylinux.com>; Tue, 7 Sep 2010 19:44:27 +0800 (CST) Subject:A test mail Message-Id: <20100907114438.AA4BD157939@mail.crazylinux.com> Date: Tue, 7 Sep 2010 19:44:27 +0800 (CST) From: tom@crazylinux.com To: undisclosed-recipients:; Hello This is a test mail . quit +OK Logging out. Connection closed by foreign host. |
五、配置SquirrelMail
[root@dns ~]# cd /home/ [root@dns home]# tar -zxvf squirrelmail-1.4.18.tar.gz -C /usr/local/apache2/htdocs/ [root@dns home]# cd /usr/local/apache2/htdocs/ [root@dns htdocs]# mv squirrelmail-1.4.18/ webmail [root@dns htdocs]# cd webmail/ [root@dns webmail]# tar -zxvf /home/zh_CN-1.4.18-20090526.tar.gz [root@dns webmail]# mkdir –p attach data [root@dns webmail]# chown -R daemon:daemon attach/ data/ [root@dns webmail]# chmod 730 attach/ [root@dns webmail]# cp config/config_default.php config/config.php [root@dns webmail]# vim config/config.php 118 $domain = 'crazylinux.com'; 231 $imap_server_type = 'dovecot'; 499 $data_dir = '/usr/local/apache2/htdocs/webmail/data/'; 517 $attachment_dir = '/usr/local/apache2/htdocs/webmail/attach/'; 1012 $squirrelmail_default_language = 'zh_CN'; 1027 $default_charset = 'zh_CN.UTF-8'; [root@dns webmail]# vim /usr/local/apache2/conf/httpd.conf 99 ServerName mail.crazylinux.com:80 [root@dns webmail]# service apache stop [root@dns webmail]# service apache start |
测试:
六、设置SMTP认证,用户别名与群组,限制用户可发送邮件大小和使用邮箱空间大小
[root@dns webmail]# rpm -qa | grep -i "sasl" cyrus-sasl-plain-2.1.22-5.el5 cyrus-sasl-lib-2.1.22-5.el5 cyrus-sasl-2.1.22-5.el5 cyrus-sasl-devel-2.1.22-5.el5 [root@dns webmail]# cp /usr/lib/sasl2/Sendmail.conf /usr/lib/sasl2/smtpd.conf [root@dns webmail]# cat /usr/lib/sasl2/smtpd.conf pwcheck_method:saslauthd [root@dns webmail]# service saslauthd restart [root@dns webmail]# chkconfig saslauthd on [root@dns webmail]# vim /etc/postfix/main.cf 23 mailbox_size_limit = 524288000 //限制用户邮箱大小500M 24 message_size_limit = 50889600 //限制可发送邮件大小50M 25 alias_maps = hash:/etc/aliases //实现邮件别名群发 26 smtpd_sasl_auth_enable = yes 27 smtpd_sasl_security_options = noanonymous 28 mynetworks = 127.0.0.1 29 smtpd_recipient_restrictions = 30 permit_mynetworks, 31 permit_sasl_authenticated, 32 reject_unauth_destination [root@dns webmail]# postfix reload [root@dns webmail]# tail -n 1 /etc/aliases mike: jerry //发送mike的邮件将自动发给jerry用户 [root@dns webmail]# newaliases 测试SMTP认证 [root@dns webmail]# printf "tom" | openssl base64 dG9t [root@dns webmail]# printf "123" | openssl base64 MTIz [root@dns webmail]# telnet mail.crazylinux.com 25 Trying 192.168.1.126... Connected to mail.crazylinux.com (192.168.1.126). Escape character is '^]'. 220 mail.crazylinux.com ESMTP Postfix ehlo localhost // 宣告客户端主机地址 250-mail.crazylinux.com 250-PIPELINING 250-SIZE 50889600 250-VRFY 250-ETRN 250-AUTH PLAIN LOGIN //支持认证 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN mail from:tom@crazylinux.com 250 2.1.0 Ok rcpt to:jerry@sohu.com 554 5.7.1 <jerry@sohu.com>: Relay access denied //未使用smtp认证发信失败 AUTH LOGIN 334 VXNlcm5hbWU6 dG9t //使用tom用户BASE64编码 334 UGFzc3dvcmQ6 MTIz //密码123的BASE64编码 235 2.7.0 Authentication successful //用户通过认证 rcpt to:jerry@sohu.com 250 2.1.5 Ok data 354 End data with <CR><LF>.<CR><LF> this is from tom@crazylinux.com . 250 2.0.0 Ok: queued as 9BCE5EA876 quit 221 2.0.0 Bye Connection closed by foreign host. |
七、配置Postfix支持Mysql虚拟用户
1、建立虚拟用户数据库
[root@dns ~]# cd /home/ [root@dns home]# tar -zxvf extman-0.2.5.tar.gz -C /usr/src/ [root@dns home]# cd /usr/src/extman-0.2.5/docs/ [root@dns docs]# mysql -u root -p < extmail.sql Enter password: [root@dns docs]# mysql -u root -p < init.sql Enter password: [root@dns docs]# vim /etc/postfix/main.cf 21 #mydestination = $mydomain, $myhostname 33 virtual_mailbox_base = /mailbox 34 virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf 35 virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf 36 virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf 37 virtual_uid_maps = static:1000 38 virtual_gid_maps = static:1000 [root@dns docs]# cp mysql_virtual_* /etc/postfix/ |
2、为虚拟用户设置SMTP发信认证
[root@dns docs]# cd /home/ [root@dns home]# tar -jxvf courier-authlib-0.63.0.tar.bz2 -C /usr/src/ [root@dns home]# cd /usr/src/courier-authlib-0.63.0/ [root@dns courier-authlib-0.63.0]# ./configure --prefix=/usr/local/courier-authlib --without-stdheaderdir --with-authmysql --with-redhat --with-mysql-libs=/usr/local/mysql/lib/mysql --with-mysql-includes=/usr/local/mysql/include/mysql [root@dns courier-authlib-0.63.0]# make [root@dns courier-authlib-0.63.0]# make install [root@dns courier-authlib-0.63.0]# make install-configure [root@dns courier-authlib-0.63.0]# echo "/usr/local/courier-authlib/lib/courier-authlib" >> /etc/ld.so.conf [root@dns courier-authlib-0.63.0]# ldconfig [root@dns courier-authlib-0.63.0]# cd /usr/local/courier-authlib/etc/authlib/ [root@dns authlib]# cp authdaemonrc authdaemonrc.bak [root@dns authlib]# vim authdaemonrc 27 authmodulelist="authmysql" 34 authmodulelistorig="authmysql" [root@dns authlib]# chmod -R 755 /usr/local/courier-authlib/var/spool/authdaemon/ [root@dns authlib]# cp authmysqlrc authmysqlrc.bak [root@dns authlib]# vim authmysqlrc 26 MYSQL_SERVER localhost //mysql数据库服务器位置 27 MYSQL_USERNAME extmail //管理员帐号 28 MYSQL_PASSWORD extmail //密码 49 MYSQL_SOCKET /tmp/mysql.sock 68 MYSQL_DATABASE extmail //虚拟用户数据库 83 MYSQL_USER_TABLE mailbox //从mailbox表获取邮件账户信息 92 MYSQL_CRYPT_PWFIELD password //从password获取密码 113 MYSQL_UID_FIELD uidnumber //从uidnumber字段映射本地uid 119 MYSQL_GID_FIELD gidnumber //从gidnumber字段映射本地gid 128 MYSQL_LOGIN_FIELD username 133 MYSQL_HOME_FIELD concat('/mailbox/',homedir) 139 MYSQL_NAME_FIELD name 150 MYSQL_MAILDIR_FIELD concat('/mailbox/',maildir) [root@dns authlib]# cp /usr/src/courier-authlib-0.63.0/courier-authlib.sysvinit /etc/init.d/courier-authlib [root@dns authlib]# chmod 755 /etc/init.d/courier-authlib [root@dns authlib]# chkconfig --level 35 courier-authlib on [root@dns authlib]# service courier-authlib start [root@dns authlib]# cat /usr/lib/sasl2/smtpd.conf pwcheck_method:authdaemond authdaemond_path: /usr/local/courier-authlib/var/spool/authdaemon/socket |
3、修改Dovecot配置
[root@dns authlib]# vim /etc/dovecot.conf (把875、908、913、916行注释) 218 mail_location = maildir:/mailbox/%d/%n/Maildir 837 auth default { 842 mechanisms = plain 950 passdb sql { 952 args = /etc/dovecot-mysql.conf 953 } 1028 userdb sql { 1030 args = /etc/dovecot-mysql.conf 1031 } [root@dns authlib]# cat /etc/dovecot-mysql.conf driver = mysql connect = host=localhost dbname=extmail user=extmail password=extmail default_pass_scheme = CRYPT password_query = SELECT username AS user,password AS password FROM mailbox WHERE username = '%u' user_query = SELECT maildir,uidnumber AS uid,gidnumber AS gid FROM mailbox WHERE username = '%u' [root@dns authlib]# mkdir -p /mailbox/extmail.org/postmaster/Maildir/ [root@dns authlib]# chown -R postfix:postfix /mailbox/ [root@dns authlib]# pkill dovecot [root@dns authlib]# dovecot # /usr/local/courier-authlib/sbin/authtest -s login postmaster@extmail.org extmail Authentication succeeded. Authenticated: postmaster@extmail.org (uid 1000, gid 1000) Home Directory: /mailbox/extmail.org/postmaster Maildir: /mailbox/extmail.org/postmaster/Maildir/ Quota: (none) Encrypted Password: $1$phz1mRrj$3ok6BjeaoJYWDBsEPZb5C0 Cleartext Password: extmail Options: (none) [root@dns authlib]# perl -e 'use MIME::Base64; print encode_base64("postmaster\@extmail.org")' cG9zdG1hc3RlckBleHRtYWlsLm9yZw== [root@dns authlib]# perl -e 'use MIME::Base64; print encode_base64("extmail")' ZXh0bWFpbA== [root@dns ~]# telnet localhost 25 Trying 127.0.0.1... Connected to localhost.localdomain (127.0.0.1). Escape character is '^]'. 220 mail.crazylinux.com ESMTP Postfix auth login 334 VXNlcm5hbWU6 cG9zdG1hc3RlckBleHRtYWlsLm9yZw== 334 UGFzc3dvcmQ6 ZXh0bWFpbA== 235 2.7.0 Authentication successful quit 221 2.0.0 Bye Connection closed by foreign host. |
八、部署Extmail
[root@dns ~]# cd /home/ [root@dns home]# tar -zxvf Unix-Syslog-1.1.tar.gz -C /usr/src/ [root@dns home]# tar -zxvf DBI-1.610_90.tar.gz -C /usr/src/ [root@dns home]# tar -zxvf DBD-mysql-4.013.tar.gz -C /usr/src/ [root@dns home]# cd /usr/src/Unix-Syslog-1.1/ [root@dns Unix-Syslog-1.1]# perl Makefile.PL [root@dns Unix-Syslog-1.1]# make [root@dns Unix-Syslog-1.1]# make install [root@dns Unix-Syslog-1.1]# cd ../DBI-1.610_90/ [root@dns DBI-1.610_90]# perl Makefile.PL [root@dns DBI-1.610_90]# make [root@dns DBI-1.610_90]# make install [root@dns DBI-1.610_90]# cd ../DBD-mysql-4.013/ [root@dns DBD-mysql-4.013]# perl Makefile.PL [root@dns DBD-mysql-4.013]# make [root@dns DBD-mysql-4.013]# make install [root@dns DBD-mysql-4.013]# tar -zxvf /home/extmail-1.2.tar.gz -C /usr/local/apache2/htdocs/ [root@dns DBD-mysql-4.013]# cd /usr/local/apache2/htdocs [root@dns htdocs]# mv extmail-1.2/ extmail [root@dns htdocs]# cd extmail/ [root@dns extmail]# chown -R postfix:postfix cgi [root@dns extmail]# cp webmail.cf.default webmail.cf [root@dns extmail]# vim webmail.cf 2 SYS_CONFIG = /usr/local/apache2/htdocs/extmail/ 5 SYS_LANGDIR = /usr/local/apache2/htdocs/extmail/lang 8 SYS_TEMPLDIR = /usr/local/apache2/htdocs/extmail/html 127 SYS_MAILDIR_BASE = /mailbox 139 SYS_MYSQL_USER = extmail 140 SYS_MYSQL_PASS = extmail 141 SYS_MYSQL_DB = extmail 142 SYS_MYSQL_HOST = localhost 143 SYS_MYSQL_SOCKET = /tmp/mysql.sock [root@dns extmail]# vim /usr/local/apache2/conf/httpd.conf 390 Include conf/extra/httpd-vhosts.conf [root@dns extmail]# cat /usr/local/apache2/conf/extra/httpd-vhosts.conf NameVirtualHost 192.168.1.126 <VirtualHost 192.168.1.126> DocumentRoot "/usr/local/apache2/htdocs/extmail/html" ServerName mail.crazylinux.com ScriptAlias /extmail/cgi/ /usr/local/apache2/htdocs/extmail/cgi/ Alias /extmail /usr/local/apache2/htdocs/extmail/html/ SuexecUserGroup postfix postfix </VirtualHost> [root@dns extmail]# service apache stop [root@dns extmail]# service apache start |
测试:在浏览器中输入http://mail.crazylinux.com
密码:extmail
九、部署Extman
[root@dns extmail]# cd /home/ [root@dns home]# tar -zxvf GD-2.44.tar.gz -C /usr/src/ [root@dns home]# tar -zxvf File-Tail-0.99.3.tar.gz -C /usr/src/ [root@dns home]# cd /usr/src/GD-2.44/ [root@dns ~]# yum -y install gd-devel [root@dns GD-2.44]# perl Makefile.PL [root@dns GD-2.44]# make [root@dns GD-2.44]# make install [root@dns GD-2.44]# cd ../File-Tail-0.99.3/ [root@dns File-Tail-0.99.3]# perl Makefile.PL [root@dns File-Tail-0.99.3]# make [root@dns File-Tail-0.99.3]# make install [root@dns File-Tail-0.99.3]# cd /home/ [root@dns home]# rpm -ivh rrdtool-* [root@dns home]# tar -zxvf extman-0.2.5.tar.gz -C /usr/local/apache2/htdocs/ [root@dns home]# cd /usr/local/apache2/htdocs/ [root@dns htdocs]# mv extman-0.2.5/ extman [root@dns htdocs]# chown -R postfix:postfix /usr/local/apache2/htdocs/extman/cgi/ [root@dns htdocs]# mkdir /tmp/extman [root@dns htdocs]# chown -R postfix:postfix /tmp/extman/ [root@dns htdocs]# vim extman/webman.cf 2 SYS_CONFIG = /usr/local/apache2/htdocs/extman/ 5 SYS_LANGDIR = /usr/local/apache2/htdocs/extman/lang 8 SYS_TEMPLDIR = /usr/local/apache2/htdocs/extman/html 12 SYS_MAILDIR_BASE = /mailbox 127 SYS_MYSQL_USER = webman 128 SYS_MYSQL_PASS = webman 129 SYS_MYSQL_DB = extmail 130 SYS_MYSQL_HOST = localhost 131 SYS_MYSQL_SOCKET = /tmp/mysql.sock [root@dns htdocs]# cat /usr/local/apache2/conf/extra/httpd-vhosts.conf NameVirtualHost 192.168.1.126 <VirtualHost 192.168.1.126> DocumentRoot "/usr/local/apache2/htdocs/extmail/html" ServerName mail.crazylinux.com ScriptAlias /extmail/cgi/ /usr/local/apache2/htdocs/extmail/cgi/ Alias /extmail /usr/local/apache2/htdocs/extmail/html/ ScriptAlias /extman/cgi/ /usr/local/apache2/htdocs/extman/cgi/ Alias /extman /usr/local/apache2/htdocs/extman/html/ SuexecUserGroup postfix postfix </VirtualHost> [root@dns htdocs]# service apache stop [root@dns htdocs]# service apache start |
测试:在浏览器中输入http://mail.crazylinux.com/extman
密码:extmail*123*
[root@dns ~]# mkdir /usr/local/mailgraph_ext [root@dns ~]# cd /usr/local/apache2/htdocs/extman/addon/mailgraph_ext/ [root@dns mailgraph_ext]# cp mailgraph_ext.pl qmonitor.pl /usr/local/mailgraph_ext/ [root@dns mailgraph_ext]# ln -sf /usr/local/apache2/htdocs/extman/addon/mailgraph_ext/mailgraph-init /usr/sbin/ [root@dns mailgraph_ext]# ln -sf /usr/local/apache2/htdocs/extman/addon/mailgraph_ext/qmonitor-init /usr/sbin/ [root@dns mailgraph_ext]# mailgraph-init start [root@dns mailgraph_ext]# qmonitor-init start [root@dns mailgraph_ext]# echo "/usr/sbin/mailgraph-init start" >> /etc/rc.local [root@dns mailgraph_ext]# echo "/usr/sbin/qmonitor-init start" >> /etc/rc.local |
DRBD主从部署
[root@dns ~] # wget http://oss.linbit.com/drbd/8.2/drbd-8.2.5.tar.gz
[root@dns ~] # tar xvf drbd-8.2.5.tar.gz
[root@dns ~] # cd drbd-8.2.5
[root@dns ~] # make KDIR=/usr/src/kernels/2.6.18-164.el5-i686/
[root@dns ~] # make install KDIR=/usr/src/kernels/2.6.18-164.el5-i686/
[root@dns ~] # chkconfig drbd on
在主从服务器上新建磁盘
在dns.carzylinux.com中
[root@dns ~] #vim /etc/hosts
127.0.0.1 localhost.localdomain localhost
::1 localhost6.localdomain6 localhost6
192.168.1.12 dns.carzylinux.com
192.168.1.14 dns1.carzylinux.com
并保证
[root@dns ~] #vim /etc/sysconfig/network
NETWORKING=yes
NETWORKING_IPV6=no
HOSTNAME=dns.carzylinux.com
在dns1.carzylinux.com中
[root@dns ~] #vim /etc/hosts
127.0.0.1 localhost.localdomain localhost
::1 localhost6.localdomain6 localhost6
192.168.1.126 dns.carzylinux.com
192.168.1.127 dns1.carzylinux.com
并保证
[root@dns ~] #vim /etc/sysconfig/network
NETWORKING=yes
NETWORKING_IPV6=no
HOSTNAME=dns.carzylinux.com
[root@dns ~] # vim /etc/drbd.conf
# 是否参加DRBD使用者统计.默认是yes
global {usage-count yes;}
# 设置主备节点同步时的网络速率最大值,单位是字节.
common {syncer { rate 10M; } }
# 一个DRBD设备(即:/dev/drbdX),叫做一个"资源".里面包含一个DRBD设备的主备节点的
# 相关信息.
#
resource r0{
# 使用协议C.表示收到远程主机的写入确认后,则认为写入完成.
protocol C;
#startup { wfc-timeout 0; degr-wfc-timeout 120; }
disk {on-io-error detach; }
syncer { rate 10M; }
net {
# 设置主备机之间通信使用的信息算法.
cram-hmac-alg sha1;
shared-secret "FooFunFactory";
}
# 每个主机的说明以"on"开头,后面是主机名.在后面的{}中为这个主机的配置.
ondns.carzylinux.com{
#/dev/drbd1使用的磁盘分区是/dev/sdb2
device /dev/drbd1;
disk /dev/sdb2;
# 设置DRBD的监听端口,用于与另一台主机通信
address 192.168.0.136:7898;
#address 10.0.0.194:7898;
#meta-disk /dev/xvdb5[0];
meta-disk internal;
#flexible-meta-disk internal;
}
ondns1.carzylinux.com {
device /dev/drbd1;
disk /dev/sdb2;
address 192.168.0.137:7898;
#address 10.0.0.195:7898;
meta-disk internal;
#meta-disk /dev/xvdb5[0];
#flexible-meta-disk internal;
}
}
[root@dns ~] #dd if=/dev/zero of=/dev/sdb2 bs=1M count=128
[root@dns ~] #drbdadm create-md r0
分别在dns.carzylinux.com和dns1.carzylinux.com上面执行
[root@dns ~] #/etc/init.d/drbd start
[root@dns ~] # cat /proc/drbd
在dns.crazylinux.com主节点执行命令
[root@dns ~] # drbdsetup /dev/drbd1 primary –o
[root@dns ~] # cat /proc/drbd 查看同步的进度
同步的时间有些长,500M内存同步5G硬盘同步了十分钟左右
同步完成
[root@dns ~]# mkfs.ext3 /dev/drbd1
然后将格式化好的磁盘挂在/system下
[root@dns ~]# mount /dev/drbd1 /system
[root@dns ~]# vim /etc/fstab
/dev/VolGroup00/LogVol00 / ext3 defaults 1 1
LABEL=/boot /boot ext3 defaults 1 2
tmpfs /dev/shm tmpfs defaults 0 0
devpts /dev/pts devpts gid=5,mode=620 0 0
sysfs /sys sysfs defaults 0 0
proc /proc proc defaults 0 0
/dev/VolGroup00/LogVol01 swap swap defaults 0 0
/dev/drbd1 /system/ ext3 defaults 0 0
测试过程
[root@dns ~]# ifdown eth0
对比一下可以看到st:Primary /Secondary 变成了 st:Primary/Unknow 找不到从节点了
从节点也找不到主节点的状态了。现在启动主网卡,启动网卡后还是未连接状态
在主节点执行如下命令
[root@dns ~]# drbdadm connect r0
显示连接可以使用了
如果是从节点挂掉了,它恢复正常后,想要再次连接主节点的话,考虑到可能会有数据丢失,可以采用以下方式来连接:
[root@dns1~]# drbdadminvalidate r0
它告诉drbd,secondary节点上的数据可能是不正确的,要以主节点上的为准。这个命令只能在从节点上使用,毕竟数据是以主节点为准的,而非从节点。不过,如果是主节点挂掉了,这个时候就应该把原来的从节点提升为主的角色,等原来的主恢复之后,只能先降级成为从节点了,否则是无法再次正确连接另一个节点的。
同步结果测试
[root@dns1 ~]# cp /usr/src/GD-2.41.tar.gz /mailbox/
然后,我们把主降级成从,把从提升成主
注意:把主降级前,一定要先umount设备才行。
[root@dns ~]# umount /dev/drbd1
[root@dns ~]# drbdadm secondary r0
然后提升从
[root@dns1 system]# drbdadm invalidate r0
[root@dns1 system]# drbdadm primary r0
同步成功即正常
把dns.crazylinux.com切换回主
在dns1执行
[root@dns1 system]# umount /system/
[root@dns1 system]# drbdadm secondary r0
然后进入dns执行
[root@dns ~]# drbdadm secondary r0
[root@dns ~]# drbdadm primary r0
[root@dns ~]# mount /dev/drbd1 /system/
挂载正常试验结束