之前一直使用Postfix+Courier+Sasl+Extmail 郵件服務(wù)器方案,并配置了MailDrop 做郵件轉(zhuǎn)發(fā)和Mailman郵件列表,在兩年多時間里,運(yùn)行良好。可是現(xiàn)生產(chǎn)環(huán)境使用Nginx 越來越多,為了一個Webmail 單獨(dú)配置Apache+Perl 資源開銷大,Courier+Sasl 配置也相對比較繁瑣,抽了兩天時間,結(jié)合網(wǎng)上一些實例,對郵件服務(wù)器做了一些改進(jìn)。
Dovecot 不僅可以做POP3,IMAP服務(wù)器,也可以用來做SMTP驗證,省去了Cyrus Sasl,并且效率資源占用也相對Courier 好很多,同時支持LOGIN驗證方式,可以滿足Outlook,Foxmail 客戶端登錄訪問,本文配置了SMTP發(fā)件認(rèn)證,POP3接收認(rèn)證,WEBMail 功能,郵件轉(zhuǎn)發(fā),防病毒未有進(jìn)行配置。
軟件包說明:
Postfix-2.8.12.tar.gz Postfix MTA(郵件傳輸代理)
Dovecot-2.1.8.tar.gz IMAP 和 POP3 郵件服務(wù)器
Postfixadmin-2.3.5.tar.gz 采用PHP編寫的開源WEB郵箱及域名賬號管理工具
Roundcubemail-0.8.1.tar.gz 采用PHP編寫的開源IMAP郵件WEB客戶端
1.準(zhǔn)備工作:
安裝配置在 CentOS 6.3 x64 最小化安裝環(huán)境上進(jìn)行,先安裝好 Nginx(Apache)+PHP+MySQL,Roundcube 需要PHP IMAP擴(kuò)展支持,如果在編譯PHP時沒開啟IMAP支持,可以用下面的方法添加擴(kuò)展
安裝 php-imap 擴(kuò)展依賴的的廉包
進(jìn)入到php源碼包 imap 擴(kuò)展庫路徑下 如 /opt/php-5.3.12/ext/imap 執(zhí)行
# ./configure --with-php-config=/usr/local/php/bin/php-config --with-kerberos --with-imap-ssl
檢查系統(tǒng)配置過程中國如果提示出錯,可以嘗試將libc-client 庫做個鏈接到lib 下
# ln -s /usr/lib64/libc-client.so /usr/lib/libc-client.so# make && make install
安裝后修改 php.ini 的 extension_dir路徑 ,并加入 extension=”imap.so” 擴(kuò)展
卸載系統(tǒng)自帶的sendmail 或 postfix
2. 編譯安裝Postfix
# yum -y install db4-devel//安裝依賴的DB4開發(fā)包
# useradd -M -s /sbin/nologin postfix
# useradd -M -s /sbin/nologin postdrop
//添加Postfix,maildrop 用戶
# tar zxf postfix-2.8.12.tar.gz
# cd postfix-2.8.12/
# make makefiles 'CCARGS=-DHAS_MYSQL -I/usr/local/mysql/include -DUSE_SASL_AUTH -DDEF_SERVER_SASL_TYPE="dovecot"' 'AUXLIBS=-L/usr/local/mysql/lib -lmysqlclient -lz -lm -lssl -lcrypto'
//如果MySQL 安裝在其他路徑,請注意修改MySQL Include 和 lib 路徑
# make
# make install
安裝路徑和參數(shù)配置
install_root: / //相對目錄
tempdir: /tmp //臨時目錄
config_directory: /etc/postfix //配置文件位置
command_directory /usr/local/postfix/sbin //命令執(zhí)行路徑
daemon_directory /usr/local/postfix/libexec //Daemon路徑
data_directory /var/lib/postfix //郵件數(shù)據(jù)
html_directory no mail_owner postfix //postfix 所有者賬號
mailq_path /usr/bin/mailq //mailq 位置
manpage_directory /usr/local/postfix/man //幫助文檔
newaliases_path /usr/bin/newaliases //newaliases 位置
queue_directory /var/spool/postfix //隊列路徑
readme_directory no
sendmail_path /usr/sbin/sendmail //Sendmail 路徑
setgid_group: postdrop
3.配置Postfix
# vi /etc/postfix/main.cf 查找并修改 mynetworks = all 否則SMTP發(fā)件認(rèn)證不生效
在最底部添加虛擬郵箱配置和驗證設(shè)置
virtual_mailbox_base = /var/vmail
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_uid_maps = static:郵件POSTFIX用戶ID
virtual_gid_maps = static:郵件POSTFIX組ID
virtual_transport = virtual
message_size_limit = 10240000
virtual_mailbox_limit = 209715200
virtual_create_maildirsize = yes
virtual_mailbox_extended = yes
virtual_mailbox_limit_maps = mysql:/etc/postfix/mysql_virtual_limit_maps.cf
virtual_mailbox_limit_override = yes
virtual_maildir_limit_message = Sorry, the user's maildir has exceeded the quota.
virtual_overquota_bounce = yes
# SASL settings
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $mydomain
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_sasl_path = /var/lib/dovecot/run/dovecot/auth-login
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_invalid_hostname, reject_non_fqdn_hostname, reject_non_fqdn_sender, reject_non_fqdn_recipient
virtual_uid_maps 和 virtual_gid_maps 改成postfix 用戶的uid和gid 如果不知道ID,可用 id postfix 命令獲取
添加數(shù)據(jù)庫查詢配置文件,根據(jù)需要修改數(shù)據(jù)庫用戶名密碼,主機(jī)名,數(shù)據(jù)庫名配置信息,在后面創(chuàng)建MYSQL數(shù)據(jù)庫,登錄用戶的時候需要用到。
建立數(shù)據(jù)庫別名查詢配置文件
vi /etc/postfix/mysql_virtual_alias_maps.cf
password = postfixpassword
hosts = localhost
dbname = postfix
table = alias
select_field = goto
where_field = address
additional_conditions = and active = '1'
#query = SELECT goto FROM alias WHERE address='%s' AND active = '1'
建立數(shù)據(jù)庫虛擬域查詢配置文件
vi /etc/postfix/mysql_virtual_domains_maps.cf
password = postfixpassword
hosts = localhost
dbname = postfix
table = domain
select_field = domain
where_field = domain
additional_conditions = and active = '1'
#query = SELECT domain FROM domain WHERE domain='%s' AND active = '1'
建立數(shù)據(jù)庫郵箱配額查詢配置文件
vi /etc/postfix/mysql_virtual_mailbox_limit_maps.cf
password = postfixpassword
hosts = localhost
dbname = postfix
table = mailbox
select_field = quota
where_field = username
additional_conditions = and active = '1'
#query = SELECT quota FROM mailbox WHERE username='%s' AND active = '1'
建立數(shù)據(jù)庫虛擬郵箱查詢配置文件
vi /etc/postfix/mysql_virtual_mailbox_maps.cf
password = postfixpassword
hosts = localhost
dbname = postfix
table = mailbox
select_field = CONCAT(domain,'/',maildir)
where_field = username
additional_conditions = and active = '1'
#query = SELECT CONCAT(domain,'/',maildir) FROM mailbox WHERE username='%s' AND active = '1'
啟動postfix
# /usr/local/postfix/sbin/postfix start4.安裝 Dovecot
# tar zxf dovecot-2.1.8.tar.gz# cd dovecot-2.1.8
# ./configure --prefix=/usr/local/dovecot --sysconfdir=/etc --localstatedir=/var --with-sql --with-mysql --with-zlib --with-ssl LDFLAGS=-L/usr/local/mysql/lib
//指定安裝及配置文件路徑
//如果mysql安裝在其他位置,需要手動指定 mysql lib庫路徑
# make
# make install
cp -r /usr/local/dovecot/share/doc/dovecot/example-config/* /etc/dovecot/
//復(fù)制配置文件示例到配置文件夾中,此步驟不是必須的,只是方便查閱,后面的配置不會用到這些文件
5. 配置 Doevcot
mv /etc/dovecot/dovecot.conf /etc/dovecot/dovecot.old
如果復(fù)制了示例配置,先改名備份
vi /etc/dovecot/dovecot.conf
建立新配置文件,加入以下內(nèi)容,此配置文件只適用于 Doevcot 2.x 不能用于1.x
# 開啟pop3 imap listen = *
default_login_user=postfix
default_internal_user=postfix
# 使用postfix 用戶
disable_plaintext_auth = no
log_path = /var/log/dovecot.log
# 日志路徑
#info_log_path = /var/log/dovecot.info
log_timestamp = "%Y-%m-%d %H:%M:%S "
ssl = no mail_location = maildir:/var/vmail/%d/%u
# 郵件存儲路徑
mail_privileged_group = mail
first_valid_uid = 502
# postfix 用戶UID
protocol pop3 {
pop3_uidl_format = %08Xu%08Xv
}
auth_mechanisms = plain login
passdb {
driver=sql
args = /etc/dovecot/dovecot-mysql.conf
}
userdb {
driver=sql
args = /etc/dovecot/dovecot-mysql.conf
}
# 用于SMTP驗證
service auth {
unix_listener /var/spool/postfix/private/auth {
group = postfix
user = postfix
mode = 0660
}
}
建立MYSQL 配置文件,注意修改連接用戶名密碼,和前面的postfix配置一致
vi /etc/dovecot/dovecot-mysql.conf
connect = host=localhost dbname=postfix user=postfix password=postfixpassword
default_pass_scheme = MD5-CRYPT
password_query = SELECT password FROM mailbox WHERE username = '%u'
user_query = SELECT maildir, 502 AS uid, 502 AS gid FROM mailbox WHERE username = '%u'
建立郵箱文件夾,并給予postfix 用戶權(quán)限
mkdir -pv /var/vmail
chown -R postfix.postfix /var/vmail
啟動服務(wù)
/usr/local/dovecot/sbin/dovecot
6.安裝配置 Postfixadmin
解壓 postfixadmin.tar.gz 并復(fù)制到站點(diǎn)目錄下面
修改 config.inc.php 文件,參考下面的配置進(jìn)行,這里的數(shù)據(jù)庫用戶名密碼均和前面的配置一致
$CONF['default_language'] = 'en';
$CONF['database_type'] = 'mysql';
$CONF['database_host'] = 'localhost';
$CONF['database_user'] = 'postfix';
$CONF['database_password'] = 'postfixpassword';
登錄mysql 控制臺建立postfix數(shù)據(jù)庫,并建立一個postifx用戶指定對 posfix 數(shù)據(jù)庫本地訪問權(quán)限
> create database postfix;> grant all privileges on postfix.* to postfix@localhost identified by 'postfix密碼';
> flush privileges;
> exit
配置完成后執(zhí)行 http://ip地址/postfixadmin/setup.php 進(jìn)行安裝
安裝后將 修改配置密碼,把得到的 加密 密碼字串復(fù)制并再次修改config.inc.php 文件
$CONF['setup_password'] = ‘密碼字串’;
然后在頁面上輸入配置密碼,并建立管理員賬號,完成后 刪除 setup.php
登錄 http://ip地址/postfixadmin 可以建立虛擬域和郵箱
如圖所示
7. 配置RoundCube
解壓 roundclube.tar.gz 并放置在網(wǎng)站目錄下
登錄mysql 控制臺建立roundcube數(shù)據(jù)庫,并建立一個roundcube用戶指定對 roundcube數(shù)據(jù)庫本地訪問權(quán)限
> grant all privileges on roundcube.* to <a href="http://www.sulabs.net/mailto:roundcube@localhost">roundcube@localhost</a> identified by 'roundcube密碼';
> flush privileges;
> exit
打開瀏覽器 http://yourdomain/webmail/installer/
填寫配置后將 main.inc.php 配置 和 db.inc.php 配置復(fù)制并覆蓋 config/ 下對應(yīng)文件即可
