Nginx搭建郵件代理服務器
A.搭建主服務器
#tar -cxvf turbomail_linux_500.tgz -C / ##安裝並啓動turbomail #yum -y install httpd php ##安裝php、apache服務,代理驗證用戶的關鍵 #vi /var/www/html/auth.php ##編輯驗證文件 <?php if (!isset($_SERVER["HTTP_AUTH_USER"] ) || !isset($_SERVER["HTTP_AUTH_PASS"] )){ fail(); } $username=$_SERVER["HTTP_AUTH_USER"] ; $userpass=$_SERVER["HTTP_AUTH_PASS"] ; $protocol=$_SERVER["HTTP_AUTH_PROTOCOL"] ; // default backend port $backend_port=110; if ($protocol=="imap") { $backend_port=143; } if ($protocol=="smtp") { $backend_port=25; } if($username == $username) { //驗證條件 $server_ip = "172.168.0.202"; //驗證完返回用戶訪問服務器ip }else{ exit; } pass($server_ip, $backend_port); //END function authuser($user,$pass){ return true; }
function fail(){ header("Auth-Status: Invalid login or password"); exit; }
function pass($server,$port){ header("Auth-Status: OK"); header("Auth-Server: $server"); header("Auth-Port: $port"); exit; } ?> |
B.搭建代理服務器(所有代理服務器都一樣配置安裝)
安裝Nginx # tar xf pcre-8.12.tar.bz2 ##安裝pcre正則表達式包,以便讓nginx支持正則表達式 # cd pcre-8.12 # ./configure && make && make install # useradd nginx -s /sbin/nologin # tar xzvf nginx-1.0.3.tar.gz ##Nginx源碼包 # cd nginx-1.0.3 #./configure --user=nginx --group=nginx --prefix=/opt/nginx/ --with-http_stub_status_module --with-http_ssl_module --with-mail --prefix=<dir> 指定安裝主目錄,默認爲/usr/local/nginx --user=<user> 指定用戶身份,如果沒有指定則默認使用nobody --group=<group> 指定組身份 --with-http_ssl_module 啓用https支持 --with-http_stub_status_module 啓用nginx連接狀態模塊 # make && make install ##不報錯就ok #vi /etc/init.d/nginx ##Nginx啓動腳本,編輯完記得給以執行權限 #!/bin/sh # # nginx - this script starts and stops the nginx daemon # # chkconfig: - 85 15 # description: Nginx is an HTTP(S) server, HTTP(S) reverse \ # proxy and IMAP/POP3 proxy server # processname: nginx # config: /etc/nginx/nginx.conf # config: /etc/sysconfig/nginx # pidfile: /var/run/nginx.pid
# Source function library. . /etc/rc.d/init.d/functions
# Source networking configuration. . /etc/sysconfig/network
# Check that networking is up. [ "$NETWORKING" = "no" ] && exit 0 nginx="/opt/nginx/sbin/nginx" prog=$(basename $nginx) NGINX_CONF_FILE="/opt/nginx/conf/nginx.conf" [ -f /etc/sysconfig/nginx ] && . /etc/sysconfig/nginx
lockfile=/var/lock/subsys/nginx start() { [ -x $nginx ] || exit 5 [ -f $NGINX_CONF_FILE ] || exit 6 echo -n $"Starting $prog: " daemon $nginx -c $NGINX_CONF_FILE retval=$? echo [ $retval -eq 0 ] && touch $lockfile return $retval } stop() { echo -n $"Stopping $prog: " killproc $prog -QUIT retval=$? echo [ $retval -eq 0 ] && rm -f $lockfile return $retval killall -9 nginx killall -9 nginx killall -9 nginx killall -9 nginx killall -9 nginx killall -9 nginx }
restart() { configtest || return $? stop sleep 1 start } reload() { configtest || return $? echo -n $"Reloading $prog: " killproc $nginx -HUP RETVAL=$? echo } force_reload() { restart } configtest() { $nginx -t -c $NGINX_CONF_FILE } rh_status() { status $prog } rh_status_q() { rh_status >/dev/null 2>&1 } case "$1" in start) rh_status_q && exit 0 $1 ;; stop) rh_status_q || exit 0 $1 ;; restart|configtest) $1 ;; reload) rh_status_q || exit 7 $1 ;; force-reload) force_reload ;; status) rh_status ;; condrestart|try-restart) rh_status_q || exit 0 ;; *) echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload|configtest}" exit 2 esac #chmod 755 /etc/init.d/nginx #vim /opt/nginx/conf/nginx.conf ##nginx配置文件
user nginx; worker_processes 4; #根據cpu設置
error_log logs/error.log; #error_log logs/error.log notice; #error_log logs/error.log info; pid logs/nginx.pid; events { worker_connections 5000; } http { include mime.types; default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '"$status" $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"';
access_log logs/access.log main;
client_max_body_size 25m;
client_header_timeout 3m; client_body_timeout 3m; send_timeout 3m;
client_header_buffer_size 32k; large_client_header_buffers 1 128k;
fastcgi_connect_timeout 300; fastcgi_send_timeout 300; fastcgi_read_timeout 300; fastcgi_buffer_size 512k; fastcgi_buffers 4 1024k;#8 128 fastcgi_busy_buffers_size 1024k; fastcgi_temp_file_write_size 1024k; fastcgi_intercept_errors on;
server_names_hash_bucket_size 128; server_names_hash_max_size 4096; ssi on; ssi_silent_errors on; ssi_types text/shtml; gzip on; gzip_min_length 1000; gzip_buffers 4 8k; gzip_types text/* text/css application/javascript application/x-javascript; gzip_comp_level 9; gzip_proxied any; gzip_vary on; gzip_http_version 1.0; output_buffers 4 32k; postpone_output 1460; sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 75 20; server_name_in_redirect off; upstream turbo { ip_hash; server 北京ip:8080; server 上海ip:8080; server 江蘇ip:8080; server 雲南ip:8080; }
server { listen 80; server_name mail.turbomail.org; index index.jsp; location / { proxy_pass http://turbo; proxy_redirect off; proxy_set_header Host $host; proxy_cache cache_one; proxy_cache_valid 200 302 1h; proxy_cache_valid 301 1d; proxy_cache_valid any 1m; expires 30d; } } #Mail Proxy mail { auth_http mail.postfix.cn:80/auth.php; pop3_capabilities "TOP" "USER"; imap_capabilities "IMAP4rev1" "UIDPLUS";
#POP3 Auth server { listen 110; protocol pop3; proxy on; }
#IMAP Auth server { listen 143; protocol imap; proxy on; }
#SMTP Auth server { listen 25; protocol smtp; proxy on; xclient off; smtp_auth login plain; } } #servicee nginx start #netstat -nltp | grep nginx ##檢查服務
=============================================================================== Ok完工,測試通過即可! |