很早以前曾经写过Debian下安装Postfix的第一篇,由于时间问题,使用虚拟用户及多域名的配置一直没时间整理,现在终于完成了。
1. 安装相关软件
apt-get install postfix postfix-mysql
apt-get install courier-pop courier-imap courier-authlib-mysql courier-authdaemon
apt-get install libsasl2-2 sasl2-bin libsasl2-modules
apt-get install libpam-mysql
apt-get install ilohamail |
2. 安装postfixadmin
由于使用mysql支持postfix需要自己设计数据库的结构,在这里我们使用一个第三方的软件postfixadmin,幸运的是现在postfixadmin有了deb安装包。
修改/etc/config.inc.php
$CONF['configured'] = 'true';
$CONF['default_language'] = 'cn';
$CONF['domain_path'] = 'YES';
$CONF['domain_in_mailbox'] = 'NO';
$CONF['database_type'] = 'mysql';
$CONF['database_host'] = 'localhost';
$CONF['database_user'] = 'postfixadmin';
$CONF['database_password'] = 'postfixmaster';
$CONF['database_name'] = 'postfix'; |
其它的选项,您可以根据自己的喜好修改。在mysql中创建postfix所用数据库及帐户:
>create database postfix;
>grant all privileges on postfix.* to postfixadmin@localhost identified by 'postfixmaster';
[/td] |
从以下页面访问postfixadmin的管理界面:
| http://192.168.0.100/postfixadmin/ |
在各项检查通过后,即可创建一个管理员帐号(邮箱格式)。成功后删除/usr/share/postfixadmin/setup.php文件。再次登录postfixadmin界面后就可以用创建的管理员帐号进行管理了,如创建域名,创建邮箱,创建对某些域名具有管理权的管理员等。
3. 配置postfix支持mysql
修改/etc/postfix/main.cf文件如下:
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no
append_dot_mydomain = no
# 这里去掉了tls支持的配置部分
myhostname = mail.home.ddmdd.com
myorigin = /etc/mailname
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
inet_interfaces = all
virtual_gid_maps = static:108 # postfix组的gid
virtual_mailbox_base = /home/postfix
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_limit = 512000000
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_minimum_uid = 100
virtual_transport = virtual
virtual_uid_maps = static:103 # postfix用户的uid
virtual_create_maildirsize = yes
virtual_mailbox_extended = yes
virtual_mailbox_limit_maps = mysql:/etc/postfix/mysql_virtual_mailbox_limit_maps.cf
virtual_mailbox_limit_override = yes
virtual_maildir_limit_message = Sorry, the user's maildir has overdrawn his diskspace quota, please try again later.
virtual_overquota_bounce = yes
relay_domains = proxy:mysql:/etc/postfix/mysql_relay_domains_maps.cf
disable_vrfy_command = yes
smtpd_helo_required = yes
smtpd_recipient_restrictions =
permit_sasl_authenticated,
reject_unknown_recipient_domain,
reject_non_fqdn_recipient
reject_non_fqdn_hostname,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unauth_destination,
reject_unauth_pipelining,
reject_invalid_hostname,
reject_rbl_client cdl.anti-spam.org.cn,
reject_rbl_client cblplus.anti-spam.org.cn,
permit
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes |
并依次创建如下文件:
mysql_virtual_alias_maps.cf:
user = postfixadmin
password = postfixmaster
hosts = localhost
dbname = postfix
query = SELECT goto FROM alias WHERE address='%s' AND active = '1'
#expansion_limit = 100
mysql_virtual_domains_maps.cf:
user = postfixadmin
password = postfixmaster
hosts = localhost
dbname = postfix
query = SELECT domain FROM domain WHERE domain='%u'
#query = SELECT domain FROM domain WHERE domain='%s'
#expansion_limit = 100
mysql_virtual_mailbox_maps.cf:
user = postfixadmin
password = postfixmaster
hosts = localhost
dbname = postfix
query = SELECT CONCAT(domain,'/',maildir) FROM mailbox WHERE username='%s' AND active = '1'
#expansion_limit = 100 |
关于详细配置请见/usr/share/doc/postfixadmin/DOCUMENTS/POSTFIX_CONF.txt。
修改/etc/postfix/master.cf,将smtp的chroot改为n
| smtp inet n - n - - smtpd |
4. 配置并验证smtp的sasl认证
修改/etc/default/saslauthd文件设置 START=yes(注意yes一定要是小写),启用saslauthd服务:/etc/init.d/saslauthd start
新建sasl认证配置文件smtpd.conf
pwcheck_method: saslauthd
saslauthd_path: /var/run/saslauthd/mux
mech_list: PLAIN LOGIN |
将postfix用户加入sasl组,建立/etc/pam.d/smtp文件如下:
auth required pam_permit.so
auth required pam_mysql.so user=postfixadmin passwd=postfixmaster db=postfix table=mailbox usercolumn=username passwdcolumn=password crypt=1 sqllog=1
account sufficient pam_mysql.so user=postfixadmin passwd=postfixmaster db=postfix table=mailbox usercolumn=username passwdcolumn=password crypt=1 sqllog=1
|
修改/etc/default/saslauthd文件中options行
| OPTIONS="-c -r -m /var/run/saslauthd" # 增加-r参数,确保在验证用户名密码的时候使用邮箱全名做为用户名。 |
重启postfix服务: /etc/init.d/postfix restart
验证:
vmlinux:/etc/postfix# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 mail.home.ddmdd.com ESMTP Postfix (Debian/GNU)
ehlo localhost
250-mail.home.ddmdd.com
250-PIPELINING
250-SIZE 10240000
250-ETRN
250-STARTTLS
250-AUTH LOGIN NTLM CRAM-MD5 DIGEST-MD5 PLAIN # 出现这两行,就说明已支持smtp-auth了
250-AUTH=LOGIN NTLM CRAM-MD5 DIGEST-MD5 PLAIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
auth login
334 VXNlcm5hbWU6
bGl6ZkBob21lLmRkbWRkLmNvbQ== # 可以通过上篇介绍方法进行编码,注意用户名是带域名的邮件地址
334 UGFzc3dvcmQ6
bGl6Zg==
235 2.7.0 Authentication successful # smtp验证通过 |
或者用下列方法验证:
5. 验证邮件接收
在本地使用mail命令向新建用户发送邮件
# mail lizf@testmail.com
Subject: welcome to new mailbox
hello!!!
Cc:
# tail -f /var/log/mail.log
May 14 10:50:16 home postfix/pickup[2872]: 7895F6FB00: uid=0 from=<root>
May 14 10:50:16 home postfix/cleanup[2997]: 7895F6FB00: message-id=<20080514025016.7895F6FB00@mail.home.ddmdd.com>
May 14 10:50:16 home postfix/qmgr[2873]: 7895F6FB00: from=<root@home.ddmdd.com>, size=304, nrcpt=1 (queue active)
May 14 10:50:16 home postfix/virtual[3000]: 7895F6FB00: to=<lizf@testmail.com>, relay=virtual, delay=0.3, delays=0.2/0.03/0/0.07, dsn=2.0.0, status=sent (delivered to maildir) # 出现status=sent说明该邮件已投递成功
May 14 10:50:16 home postfix/qmgr[2873]: 7895F6FB00: removed |
如果接收到新邮件,会存放在/home/postfix/domain/user/new目录下.
6. 配置pop3和imap
修改/etc/courier/authdaemonrc文件中下行:
| authmodulelist="authmysql" |
修改/etc/courier/authmysqlrc文件如下:
MYSQL_SERVER localhost
MYSQL_USERNAME postfixadmin
MYSQL_PASSWORD postfixmaster
MYSQL_PORT 0
MYSQL_OPT 0
MYSQL_DATABASE postfix
MYSQL_USER_TABLE mailbox
MYSQL_CRYPT_PWFIELD password
MYSQL_UID_FIELD 103
MYSQL_GID_FIELD 108
MYSQL_LOGIN_FIELD username
MYSQL_HOME_FIELD CONCAT('/home/postfix/',domain) # 此行一般设为postfix的邮件目录'/home/postfix'就可以,我写这篇文章的时候出了些差错, 没找到原因, 根据auth日志修改成了这个值。
MYSQL_NAME_FIELD name
MYSQL_MAILDIR_FIELD maildir |
验证:
重启courier-authdaemon服务: /etc/init.d/courier-authdaemon restart
# authtest lizf@home.ddmdd.com pass
Authentication succeeded.
Authenticated: lizf@home.ddmdd.com (uid 103, gid 108)
Home Directory: /home/postfix/home.ddmdd.com
Maildir: lizf@home.ddmdd.com/
Quota: (none)
Encrypted Password: $1$240501f1$R5XhZrWAZxAsxXtdmo8cp/
Cleartext Password: pass
Options: (none) |
出现以上信息说明imap和pop3服务配置成功, 可以使用邮件客户端收发信件了。
7. 安装webmail
debian下的webmail试了许多, 发现ilohamail是配置最方便且界面友好的,最好修改以下几个地方。
登录界面调整修改文件/etc/IlohaMail/login.php:
$default_host = "127.0.0.1";
$adv_mode = 1;
$default_port = 143; # webmail中许多功能是需要imap协议才能支持的,所以建议选用143
$hide_host = 1;
$hide_protocol = 1;
$hide_rootdir = 1;
$default_lang = "cn/"; |
由于中文界面有些地方翻译的不是很好,需要修改/usr/share/IlohaMail/lang/cn目录下的一些文件。下面是已要修改完成的打包文件:
遗憾的是IlohaMail不支持修改密码,您可以修改IlohaMail的相关php文件,将postfixadmin的用户部分链接到常规设置中。
[
本帖最后由 如是 于 2008-5-15 23:06 编辑 ]
