之前一直使用Postfix+Courier+Sasl+Extmail邮件服务器方案,并配置了MailDrop做邮件转发和Mailman邮件列表,在两年多时间里,运行良好。可是现生产环境使用Nginx越来越多,为了一个Webmail单独配置Apache+Perl资源开销大,Courier+Sasl配置也相对比较繁琐
之前一直使用Postfix+Courier+Sasl+Extmail 邮件服务器方案,并配置了MailDrop
做邮件转发和Mailman邮件列表,在两年多时间里,运行良好。可是现生产环境使用Nginx 越来越多,为了一个Webmail
单独配置Apache+Perl 资源开销大,Courier+Sasl
配置也相对比较繁琐,抽了两天时间,结合网上一些实例,对邮件服务器做了一些改进。
Dovecot 不仅可以做POP3,IMAP服务器,也可以用来做SMTP验证,省去了Cyrus
Sasl,并且效率资源占用也相对Courier 好很多,同时支持LOGIN验证方式,可以满足Outlook,Foxmail
客户端登录访问,本文配置了SMTP发件认证,POP3接收认证,WEBMail 功能,邮件转发,防病毒未有进行配置。
软件包说明:
Postfix-2.8.12.tar.gz Postfix
MTA(邮件传输代理)
Dovecot-2.1.8.tar.gz IMAP 和 POP3
邮件服务器
Postfixadmin-2.3.5.tar.gz
采用PHP编写的开源WEB邮箱及域名账号管理工具
Roundcubemail-0.8.1.tar.gz 采用PHP编写的开源IMAP邮件WEB客户端
1.准备工作:
安装配置在 CentOS 6.3 x64 最小化安装环境上进行,先安装好
Nginx(Apache)+PHP+MySQL,Roundcube 需要PHP
IMAP扩展支持,如果在编译PHP时没开启IMAP支持,可以用下面的方法添加扩展
# yum install libc-client-devel libc-client
安装 php-imap 扩展依赖的的廉包
进入到php源码包 imap 扩展库路径下 如 /opt/php-5.3.12/ext/imap 执行
# /usr/local/php/bin/phpize
# ./configure --with-php-cOnfig=/usr/local/php/bin/php-config --with-kerberos --with-imap-ssl
检查系统配置过程中国如果提示出错,可以尝试将libc-client 库做个链接到lib 下
# ln -s /usr/lib64/libc-client.so /usr/lib/libc-client.so
# make && make install
安装后修改 php.ini 的 extension_dir路径 ,并加入 extension=”imap.so”
扩展
卸载系统自带的sendmail 或 postfix
# yum remove sendmail postfix
2. 编译安装Postfix
# yum -y install db4-devel
//安装依赖的DB4开发包
# useradd -M -s /sbin/nologin postfix
# useradd -M -s /sbin/nologin postdrop
//添加Postfix,maildrop 用户
# tar zxf postfix-2.8.12.tar.gz
# cd postfix-2.8.12/
# make makefiles 'CCARGS=-DHAS_MYSQL -I/usr/local/
mysql/include -DUSE_SASL_AUTH -DDEF_SERVER_SASL_TYPE=\"dovecot\"' 'AUXLIBS=-L/usr/local/
mysql/lib -lmysqlclient -lz -lm -lssl -lcrypto'
//如果MySQL 安装在其他路径,请注意修改MySQL Include 和 lib 路径
# make
# make install
安装路径和参数配置
install_root: /
//相对目录
tempdir:
/tmp
//临时目录
config_directory: /etc/postfix //配置文件位置
command_directory
/usr/local/postfix/sbin //命令执行路径
daemon_directory /usr/local/postfix/libexec
//Daemon路径
data_directory /var/lib/postfix
//邮件数据
html_directory no
mail_owner
postfix //postfix
所有者账号
mailq_path
/usr/bin/mailq //mailq
位置
manpage_directory
/usr/local/postfix/man //帮助文档
newaliases_path
/usr/bin/newaliases //newaliases
位置
queue_directory
/var/spool/postfix //队列路径
readme_directory
no
sendmail_path
/usr/sbin/sendmail
//Sendmail 路径
setgid_group:
postdrop
3.配置Postfix
# vi /etc/postfix/main.cf 查找并修改 mynetworks = all
否则SMTP发件认证不生效
在最底部添加虚拟邮箱配置和验证设置
# Virtual mailbox settings.
virtual_mailbox_base = /var/vmail
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_uid_maps = static:邮件POSTFIX用户ID
virtual_gid_maps = static:邮件POSTFIX组ID
virtual_transport = virtual
message_size_limit = 10240000
virtual_mailbox_limit = 209715200
virtual_create_maildirsize = yes
virtual_mailbox_extended = yes
virtual_mailbox_limit_maps = mysql:/etc/postfix/mysql_virtual_limit_maps.cf
virtual_mailbox_limit_override = yes
virtual_maildir_limit_message = Sorry, the user's maildir has exceeded the quota.
virtual_overquota_bounce = yes
# SASL settings
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $mydomain
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_sasl_path = /var/lib/dovecot/run/dovecot/auth-login
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_invalid_hostname, reject_non_fqdn_hostname, reject_non_fqdn_sender, reject_non_fqdn_recipient
virtual_uid_maps 和 virtual_gid_maps 改成postfix 用户的uid和gid
如果不知道ID,可用 id postfix 命令获取
添加数据库查询配置文件,根据需要修改数据库用户名密码,主机名,数据库名配置信息,在后面创建MYSQL数据库,登录用户的时候需要用到。
建立数据库别名查询配置文件
vi /etc/postfix/mysql_virtual_alias_maps.cf
user = postfix
password = postfixpassword
hosts = localhost
dbname = postfix
table = alias
select_field = goto
where_field = address
additional_conditions = and active = '1'
#query = SELECT goto FROM alias WHERE address='%s' AND active = '1'
建立数据库虚拟域查询配置文件
vi /etc/postfix/mysql_virtual_domains_maps.cf
user = postfix
password = postfixpassword
hosts = localhost
dbname = postfix
table = domain
select_field = domain
where_field = domain
additional_conditions = and active = '1'
#query = SELECT domain FROM domain WHERE domain='%s' AND active = '1'
建立数据库邮箱配额查询配置文件
vi /etc/postfix/mysql_virtual_mailbox_limit_maps.cf
user = postfix
password = postfixpassword
hosts = localhost
dbname = postfix
table = mailbox
select_field = quota
where_field = username
additional_conditions = and active = '1'
#query = SELECT quota FROM mailbox WHERE username='%s' AND active = '1'
建立数据库虚拟邮箱查询配置文件
vi /etc/postfix/mysql_virtual_mailbox_maps.cf
user = postfix
password = postfixpassword
hosts = localhost
dbname = postfix
table = mailbox
select_field = CONCAT(domain,'/',maildir)
where_field = username
additional_conditions = and active = '1'
#query = SELECT CONCAT(domain,'/',maildir) FROM mailbox WHERE username='%s' AND active = '1'
启动postfix
# /usr/local/postfix/sbin/postfix start
4.安装 Dovecot
# tar zxf dovecot-2.1.8.tar.gz
# cd dovecot-2.1.8
# ./configure --prefix=/usr/local/dovecot --syscOnfdir=/etc --localstatedir=/var --with-sql --with-mysql --with-zlib --with-ssl LDFLAGS=-L/usr/local/mysql/lib
//指定安装及配置文件路径
//如果mysql安装在其他位置,需要手动指定 mysql lib库路径
# make
# make install
cp -r /usr/local/dovecot/share/doc/dovecot/example-config/* /etc/dovecot/
//复制配置文件示例到配置文件夹中,此步骤不是必须的,只是方便查阅,后面的配置不会用到这些文件
5. 配置 Doevcot
mv /etc/dovecot/dovecot.conf /etc/dovecot/dovecot.old
如果复制了示例配置,先改名备份
vi /etc/dovecot/dovecot.conf
建立新配置文件,加入以下内容,此配置文件只适用于 Doevcot 2.x 不能用于1.x
rotocols = pop3 imap
# 开启pop3 imap listen = *
default_login_user=postfix
default_internal_user=postfix
# 使用postfix 用户
disable_plaintext_auth = no
log_path = /var/log/dovecot.log
# 日志路径
#info_log_path = /var/log/dovecot.info
log_timestamp = "%Y-%m-%d %H:%M:%S "
ssl = no mail_location = maildir:/var/vmail/%d/%u
# 邮件存储路径
mail_privileged_group = mail
first_valid_uid =
502
# postfix 用户UID
protocol pop3 {
pop3_uidl_format = %08Xu%08Xv
}
auth_mechanisms = plain login
passdb {
driver=sql
args = /etc/dovecot/dovecot-mysql.conf
}
userdb {
driver=sql
args = /etc/dovecot/dovecot-mysql.conf
}
# 用于SMTP验证
service auth {
unix_listener /var/spool/postfix/private/auth {
group = postfix
user = postfix
mode = 0660
}
}
建立MYSQL 配置文件,注意修改连接用户名密码,和前面的postfix配置一致
vi /etc/dovecot/dovecot-mysql.conf
driver = mysql
connect = host=localhost dbname=postfix user=postfix password=postfixpassword
default_pass_scheme = MD5-CRYPT
password_query = SELECT password FROM mailbox WHERE username = '%u'
user_query = SELECT maildir, 502 AS uid, 502 AS gid FROM mailbox WHERE username = '%u'
建立邮箱文件夹,并给予postfix 用户权限
mkdir -pv /var/vmail
chown -R postfix.postfix /var/vmail
启动服务
/usr/local/dovecot/sbin/dovecot
6.安装配置 Postfixadmin
解压 postfixadmin.tar.gz 并复制到站点目录下面
修改 config.inc.php 文件,参考下面的配置进行,这里的数据库用户名密码均和前面的配置一致
$CONF['configured'] = true;
$CONF['default_language'] = 'en';
$CONF['database_type'] = 'mysql';
$CONF['database_host'] = 'localhost';
$CONF['database_user'] = 'postfix';
$CONF['database_password'] = 'postfixpassword';
登录mysql 控制台建立postfix数据库,并建立一个postifx用户指定对 posfix 数据库本地访问权限
> create database postfix;
> grant all privileges on postfix.* to postfix@localhost identified by 'postfix密码';
> flush privileges;
> exit
配置完成后执行 http://ip地址/postfixadmin/setup.php 进行安装
安装后将 修改配置密码,把得到的 加密 密码字串复制并再次修改config.inc.php 文件
$CONF['setup_password'] = ‘密码字串’;
然后在页面上输入配置密码,并建立管理员账号,完成后 删除 setup.php
登录 http://ip地址/postfixadmin 可以建立虚拟域和邮箱
如图所示
7. 配置RoundCube
解压 roundclube.tar.gz 并放置在网站目录下
登录mysql 控制台建立roundcube数据库,并建立一个roundcube用户指定对
roundcube数据库本地访问权限
> create database roundcube;
> grant all privileges on roundcube.* to
roundcube@localhost identified by 'roundcube密码';
> flush privileges;
> exit
打开浏览器 http://yourdomain/webmail/installer/
填写配置后将 main.inc.php 配置 和 db.inc.php 配置复制并覆盖 config/ 下对应文件即可
京公网安备 11010802041100号