快速搭建基於web的postfix郵件系統
需求:建立一個基於web的郵件服務器。
環境:
[root@cc ~]# cat /etc/redhat-release
CentOS release 4.6 (Final)
[root@cc ~]# uname -a
Linux cc 2.6.9-67.ELsmp #1 SMP Fri Nov 16 12:48:03 EST 2007 i686 i686 i386 GNU/Linux
所有軟件包:
postfix-2.4.7.tar.gz
mysql-5.0.45-linux-i686.tar.gz
cyrus-sasl-2.1.22.tar.gz
DB-4.5.20
httpd-2.2.6.tar.gz
php-5.2.5.tar.bz2
courier-authlib-0.59.1.tar.bz2
courier-imap-4.0.4.tar.bz2
extmail-1.0.2.tar.gz
extman-0.2.2.tar.gz
maildrop-2.0.4
Unix-Syslog-0.100.tar.gz
DBD-mysql-3.0002_4.tar.gz
DBI-1.604.tar.gz
libjpeg-devel-6b-33.i386.rpm
libpng-devel-1.2.7-3.el4_5.1.i386.rpm
zlib-devel-1.2.1.2-1.2.i386.rpm
主機名: mail.test.com
域名: test.com
一. 卸載sendmail
shell> sudo rpm -e sendmail-8.13.1-3.2.el4 --nodeps
二. 安裝mysql
# groupadd mysql
# useradd -g mysql -s /bin/false -M mysql
# tar -zxvf mysql-5.0.51a-linux-i686-glibc23.tar.gz
# cd mysql-5.0.51a-linux-i686-glibc23
# mkdir /usr/local/mysql
# ./configure --prefix=/usr/local/mysql --enable-thread-safe-client --enable-local-infile --with-charset=gbk --with-extra-charset=all --with-low-memory
# make
# make install
# cp support-files/my-medium.cnf /etc/my.cnf
# cd /usr/local/mysql
# chown -R mysql .
# chgrp -R mysql .
# ./bin/mysql_install_db --user=mysql
# chown -R root .
# chown -R mysql var
# ./bin/mysqld_safe --user=mysql &
# cd /usr/local/src/mysql-5.0.45 (這裏的目錄指的是原壓縮包解壓後的目錄)
# cp support-files/mysql.server /etc/rc.d/init.d/mysqld
# chmod 700 /etc/rc.d/init.d/mysqld
加入自動啓動服務隊列:
# chkconfig --add mysqld
# chkconfig --level 345 mysqld on
測試
# /usr/local/mysql/bin/mysqladmin ping
# /usr/local/mysql/bin/mysqladmin version
# /usr/local/mysql/bin/mysql
添加root密碼
# /usr/local/mysql/bin/mysqladmin -uroot -p 'newpasswd'
說明:此時mysql的root用戶的密碼爲空
配置庫文件搜索路徑
# echo "/usr/local/mysql/lib/mysql" >> /etc/ld.so.conf
# ldconfig -v
添加/usr/local/mysql/bin到環境變量PATH中
#export PATH=$PATH:/usr/local/mysql/bin
三、安裝sasl-2.1.22
#tar zxvf cyrus-sasl-2.1.22.tar.gz
#cd cyrus-sasl-2.1.22
#./configure --prefix=/usr/local/sasl2 --disable-gssapi --disable-anon --disable-sample --disable-digest --enable-plain --enable-login --enable-sql --with-mysql=/usr/local/mysql --with-mysql-includes=/usr/local/mysql/include/mysql --with-mysql-libs=/usr/local/mysql/lib/mysql --with-authdaemond=/usr/local/courier-authlib/var/spool/authdaemon/socket
#make
#make install
關閉原有的sasl:
# mv /usr/lib/libsasl2.a /usr/lib/libsasl2.a.OFF
# mv /usr/lib/libsasl2.la /usr/lib/libsasl2.la.OFF
# mv /usr/lib/libsasl2.so.2.0.19 /usr/lib/libsasl2.so.2.0.19.OFF
# mv /usr/lib/sasl2 /usr/lib/sasl2.OFF
# rm /usr/lib/libsasl2.so
# rm /usr/lib/libsasl2.so.2
# ln -sv /usr/local/sasl2/lib/* /usr/lib
postfix 2.3以後的版本會分別在/usr/local/lib和/usr/local/include中搜索sasl庫文件及頭文件,故還須將其鏈接至此目錄中:
# ln -sv /usr/local/sasl2/lib/* /usr/local/lib
# ln -sv /usr/local/sasl2/include/sasl/* /usr/local/include
創建運行時需要的目錄並調試啓動
# mkdir -pv /var/state/saslauthd
# /usr/local/sasl2/sbin/saslauthd -a shadow pam -d
啓動並測試
# /usr/local/sasl2/sbin/saslauthd -a shadow pam
# /usr/local/sasl2/sbin/testsaslauthd -u root -p root用戶密碼
配置庫文件搜索路徑
# echo "/usr/local/sasl2/lib" >> /etc/ld.so.conf
# echo "/usr/local/sasl2/lib/sasl2" >> /etc/ld.so.conf
# ldconfig -v
開機自動啓動
# echo "/usr/local/sasl2/sbin/saslauthd -a shadow pam">>/etc/rc.local
四、安裝berkeley db。
#mkdir /usr/local/BerkeleyDB
#tar zxvf db-4.5.20.tar.gz
#cd db-4.5.20/build_unix
#../dist/configure --prefix=/usr/local/BerkeleyDB
#make
#make install
修改相應的頭文件指向
# mv /usr/include/db4 /usr/inculde/db4.OFF
# rm /usr/include/db_cxx.h
# rm /usr/include/db.h
# rm /usr/include/db_185.h
# ln -sv /usr/local/BerkeleyDB/include /usr/include/db4
# ln -sv /usr/local/BerkeleyDB/include/db.h /usr/include/db.h
# ln -sv /usr/local/BerkeleyDB/include/db_cxx.h /usr/include/db_cxx.h
配置庫文件搜索路徑
# echo "/usr/local/BerkeleyDB/lib" >> /etc/ld.so.conf
# ldconfig -v
五、安裝httpd-2.2.6
#tar jxvf httpd-2.2.6.tar.gz
#cd httpd-2.2.6
#./configure
--prefix=/usr/local/apache
--sysconfdir=/etc/httpd
--enable-so
--enable-ssl
--with-ssl=/usr/local/ssl
--enable-track-vars
--enable-rewrite
--with-zlib
--enable-mods-shared=most
--enable-suexec (後面extmail切換”運行時用戶”時要用到)
--with-suexec-caller=daemon
#make
#make install
#echo "/usr/local/apache/bin/apachectl start" >> /etc/rc.d/rc.local(系統啓動時服務自動啓動)
六、安裝php-5.2.5
# tar -zvxf php-5.2.5.tar.gz
# mkdir -p /usr/local/php
# cd php-5.2.5
# ./configure --prefix=/usr/local/php
--with-apxs2=/usr/local/apache/bin/apxs
--with-mysql=/usr/local/mysql
--with-mysqli=/usr/local/mysql/bin/mysql_config
--with-xml
--with-png
--with-jpeg
--with-zlib
--with-freetype
--with-gd
--enable-track-vars
--enable-mbstring=all
# make
# make install
# cp php.ini-dist /usr/local/php/lib/php.ini
注:編輯apache配置文件httpd.conf,以apache支持php
# vi /etc/httpd/httpd.conf
1、添加如下二行
AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps
2、定位至DirectoryIndex index.html
修改爲:
DirectoryIndex index.php index.html
3、按照使用習慣,這裏將網站根目錄指定到/var/www:
找到DocumentRoot “/usr/local/apache/htdocs”
修改爲:DocumentRoot “/var/www”(後文中我們還會註釋掉此行,以啓用虛擬主機)
找到<Directory “/usr/local/apache/htdocs”>
修改爲:<Directory “/var/www”>
說明:這個對本文來說並非是不可少的。
七、安裝Postfix-2.4.5
1.安裝
#groupadd -g 2525 postfix
#useradd -g postfix -u 2525 -s /sbin/nologin -M postfix
#groupadd -g 2526 postdrop
#useradd -g postdrop -u 2526 -s /bin/false -M postdrop
#tar zxvf postfix-2.4.5.tar.gz
#cd postfix-2.4.5
#make makefiles 'CCARGS=-DHAS_MYSQL -I/usr/local/mysql/include/mysql -DUSE_SASL_AUTH -DUSE_CYRUS_SASL -I/usr/local/sasl2/include/sasl -I/usr/local/BerkeleyDB/include -DUSE_TLS -I/usr/local/ssl/include/openssl ' 'AUXLIBS=-L/usr/local/mysql/lib/mysql -lmysqlclient -lz -lm -L/usr/local/sasl2/lib -lsasl2 -L/usr/local/BerkeleyDB/lib -L/usr/local/ssl/lib -lssl -lcrypto'
#make
#make install
按照以下的提示輸入相關的路徑([]號中的是缺省值,”]”後的是輸入值)
install_root: [/] /
tempdir: [/usr/local/src/ postfix-2.4.5] /tmp
config_directory: [/etc/postfix] /etc/postfix
daemon_directory: [/usr/libexec/postfix] /usr/local/postfix/libexec
command_directory: [/usr/sbin] /usr/local/postfix/sbin
queue_directory: [/var/spool/postfix]
sendmail_path: [/usr/sbin/sendmail]
newaliases_path: [/usr/bin/newaliases]
mailq_path: [/usr/bin/mailq]
mail_owner: [postfix]
setgid_group: [postdrop]
html_directory: [no] /var/www/postfix_html
manpages: [/usr/local/man] /usr/local/postfix/man
readme_directory: [no]
說明:這裏的postfix將安裝在獨立的目錄/usr/local/postfix中,目的是爲了方便管理;您亦可以採用默認安裝的方式,可能這樣使用起來會更爲方便些;
生成別名二進制文件,這個步驟如果忽略,會造成postfix效率極低:
# newaliases
2.進行一些基本配置,測試啓動postfix並進行發信
#vi /etc/postfix/main.cf
修改以下幾項爲您需要的配置
myhostname = mail.test.com
myorigin = test.com
mydomain = test.com
mydestination = $myhostname, localhost.$mydomain, localhost, $hostname
mynetworks = 192.168.1.0/24, 127.0.0.0/8
說明:
myorigin參數用來指明發件人所在的域名;
mydestination參數指定postfix接收郵件時收件人的域名,即您的postfix系統要接收到哪個域名的郵件;
myhostname 參數指定運行postfix郵件系統的主機的主機名,默認情況下,其值被設定爲本地機器名;
mydomain參數指定您的域名,默認情況下,postfix將myhostname的第一部分刪除而作爲mydomain的值;
mynetworks 參數指定你所在的網絡的網絡地址,postfix系統根據其值來區別用戶是遠程的還是本地的,如果是本地網絡用戶則允許其訪問;
inet_interfaces 參數指定postfix系統監聽的網絡接口;
注意:
1、在postfix的配置文件中,參數行和註釋行是不能處在同一行中的;
2、任何一個參數的值都不需要加引號,否則,引號將會被當作參數值的一部分來使用;
3、每修改參數及其值後執行 postfix reload 即可令其生效;但若修改了inet_interfaces,則需重新啓動postfix;
4、如果一個參數的值有多個,可以將它們放在不同的行中,只需要在其後的每個行前多置一個空格即可;postfix會把第一個字符爲空格或tab的文本行視爲上一行的延續;
啓動postfix
/usr/local/postfix/sbin/postfix start
連接postfix,驗正服務啓動狀況:
# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 mail.benet.org ESMTP Postfix
ehlo mail.benet.org
250-mail.benet.org
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
mail from:[email protected]
250 2.1.0 Ok
rcpt to:[email protected]
250 2.1.5 Ok
data
354 End data with <CR><LF>.<CR><LF>
subject:Mail test!
Mail test!!!
.
250 2.0.0 Ok: queued as AB94A1A561
quit
221 2.0.0 Bye
Connection closed by foreign host.
切換到redhat用戶進行收信:
# su - redhat
$ mail
Mail version 8.1 6/6/93. Type ? for help.
"/var/spool/mail/redhat": 1 message 1 new
>N 1 [email protected] Wed Sep 5 10:59 15/488 "Mail test!"
&
八、爲postfix開啓基於cyrus-sasl的認證功能
使用以下命令驗正postfix是否支持cyrus風格的sasl認證,如果您的輸出爲以下結果,則是支持的:
# /usr/local/postfix/sbin/postconf -a
cyrus
dovecot
#vi /etc/postfix/main.cf
添加以下內容:
############################CYRUS-SASL############################
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,
reject_invalid_hostname,reject_non_fqdn_hostname,
reject_unknown_sender_domain,reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unknown_recipient_domain,
reject_unauth_pipelining,reject_unauth_destination # 都寫在一行
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_security_options = noanonymous
smtpd_sasl_application_name = smtpd
smtpd_banner = Welcome to our $myhostname ESMTP,Warning: Version not Available!
#vi /usr/local/lib/sasl2/smtpd.conf
添加如下內容:
pwcheck_method: saslauthd
mech_list: PLAIN LOGIN
讓postfix重新加載配置文件
#/usr/local/postfix/sbin/postfix reload
# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 Welcome to our mail.benet.org ESMTP,Warning: Version not Available!
ehlo mail.benet.org
250-mail.benet.org
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN (請確保您的輸出以類似兩行)
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
九、讓postfix支持虛擬域和虛擬用戶
1、編輯/etc/postfix/main.cf,添加如下內容:
########################Virtual Mailbox Settings#########################
virtual_mailbox_base = /var/mailbox
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_alias_domains =
virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_uid_maps = static:2525
virtual_gid_maps = static:2525
virtual_transport = virtual
maildrop_destination_recipient_limit = 1
maildrop_destination_concurrency_limit = 1
##########################QUOTA Settings#################################
message_size_limit = 14336000
virtual_mailbox_limit = 20971520
virtual_create_maildirsize = yes
virtual_mailbox_extended = yes
virtual_mailbox_limit_maps = mysql:/etc/postfix/mysql_virtual_mailbox_limit_maps.cf
virtual_mailbox_limit_override = yes
virtual_maildir_limit_message = Sorry, the user's maildir has overdrawn his diskspace quota, please Tidy your mailbox and try again later.
virtual_overquota_bounce = yes
2、添加爲支持虛擬域和虛擬用戶所用到的配置文件
編輯/etc/postfix/mysql_virtual_alias_maps.cf ,添加如下內容:
user = extmail
password = extmail
hosts = localhost
dbname = extmail
table = alias
select_field = goto
where_field = address
編輯/etc/postfix/mysql_virtual_domains_maps.cf ,添加如下內容:
user = extmail
password = extmail
hosts = localhost
dbname = extmail
table = domain
select_field = description
where_field = domain
編輯/etc/postfix/mysql_virtual_mailbox_limit_maps.cf ,添加如下內容:
user = extmail
password = extmail
hosts = localhost
dbname = extmail
table = mailbox
select_field = quota
where_field = username
編輯/etc/postfix/mysql_virtual_mailbox_maps.cf ,添加如下內容:
user = extmail
password = extmail
hosts = localhost
dbname = extmail
table = mailbox
select_field = maildir
where_field = username
說明:
1、這裏用到的數據庫及用戶的建立可以後文中的extmail說明部分來實現,您可以參照那一部分來理解這裏指定的數據庫及其用戶名等;
2、以上新建文件亦可以從extman安裝文件中獲得,您也可以由此不用手動輸入;
3、虛擬用戶郵箱目錄我這裏沿用了/var/mailbox,你可以指定爲別的目錄,比如常見到的/var/spool/mail,或者/home/domains等;但如果這裏做了修改,請在後文中用到時作了相應的修改;
十、安裝Courier authentication library
# tar jxvf courier-authlib-0.59.1.tar.bz2
# cd courier-authlib-0.59.1
# ./configure --prefix=/usr/local/courier-authlib --sysconfdir=/etc --without-authpam --without-authldap --without-authpwd --without-authshadow --without-authvchkpw --without-authpgsql --with-authmysql --with-mysql-libs=/usr/local/mysql/lib/mysql --with-mysql-includes=/usr/local/mysql/include/mysql --with-redhat --with-authmysqlrc=/etc/authmysqlrc --with-authdaemonrc=/etc/authdaemonrc CFLAGS="-march=i686 -O2 -fexpensive-optimizations" CXXFLAGS="-march=i686 -O2 -fexpensive-optimizations"
# make
# make install
# chmod 755 /usr/local/courier-authlib/var/spool/authdaemon
# cp /etc/authdaemonrc.dist /etc/authdaemonrc
# cp /etc/authmysqlrc.dist /etc/authmysqlrc
修改/etc/authdaemonrc 文件
authmodulelist="authmysql"
authmodulelistorig="authmysql"
daemons=10
編輯/etc/authmysqlrc 爲以下內容,其中2525,2525 爲postfix 用戶的UID和GID。
MYSQL_SERVER localhost
MYSQL_PORT 3306 (指定你的mysql監聽的端口,這裏使用默認的3306)
MYSQL_USERNAME extmail (這時爲後文要用的數據庫的所有者的用戶名)
MYSQL_PASSWORD extmail (密碼)
MYSQL_SOCKET /tmp/mysql.sock
MYSQL_DATABASE extmail
MYSQL_USER_TABLE mailbox
MYSQL_CRYPT_PWFIELD password
MYSQL_UID_FIELD '2525'
MYSQL_GID_FIELD '2525'
MYSQL_LOGIN_FIELD username
MYSQL_HOME_FIELD concat('/var/mailbox/',maildir)
MYSQL_NAME_FIELD name
MYSQL_MAILDIR_FIELD concat('/var/mailbox/',maildir)
# cp courier-authlib.sysvinit /etc/init.d/courier-authlib
# chmod 755 /etc/init.d/courier-authlib
# chkconfig --add courier-authlib
# chkconfig --level 2345 courier-authlib on
#echo "/usr/local/courier-authlib/lib/courier-authlib" >> /etc/ld.so.conf
# ldconfig -v
# service courier-authlib start (啓動服務)
十一、安裝Courier-IMAP
# tar jxvf courier-imap-4.1.3.tar.bz2
# cd courier-imap-4.1.3
# mkdir /usr/local/courier-imap
# ./configure
--prefix=/usr/local/courier-imap
--with-redhat
--enable-unicode
--disable-root-check
--with-trashquota
--without-ipv6
CPPFLAGS='-I/usr/local/ssl/include/openssl -I/usr/local/courier-authlib/include'
LDFLAGS='-L/usr/local/courier-authlib/lib/courier-authlib'
COURIERAUTHCONFIG='/usr/local/courier-authlib/bin/courierauthconfig'
# make
# make install
# cp /usr/local/courier-imap/etc/imapd.dist /usr/local/courier-imap/etc/imapd
# cp /usr/local/courier-imap/etc/imapd-ssl.dist /usr/local/courier-imap/etc/imapd-ssl
# cp /usr/local/courier-imap/etc/pop3d.dist /usr/local/courier-imap/etc/pop3d
# cp /usr/local/courier-imap/etc/pop3d-ssl.dist /usr/local/courier-imap/etc/pop3d-ssl
配置Courier-IMAP,爲用戶提供pop3服務:
vi /usr/local/courier-imap/etc/pop3d
POP3DSTART=YES
注:如果你想爲用戶提供IMAP服務,則需在"/usr/local/courier-imap/etc/imapd"文件中設置"IMAPDSTART=yes";其它類同;
新建虛擬用戶郵箱所在的目錄,並將其權限賦予postfix用戶:
#mkdir -pv /var/mailbox
#chown -R postfix /var/mailbox
#cp courier-imap.sysvinit /etc/rc.d/init.d/courier-imapd
#chmod 755 /etc/rc.d/init.d/courier-imapd
#chkconfig --add courier-imapd
#chkconfig --level 2345 courier-imapd on
#service courier-imapd start
接下來重新配置SMTP 認證,編輯 /usr/local/lib/sasl2/smtpd.conf ,確保其爲以下內容:
pwcheck_method: authdaemond
log_level: 3
mech_list:PLAIN LOGIN
authdaemond_path:/usr/local/courier-authlib/var/spool/authdaemon/socket
十二、安裝Extmail-1.0.2
1、安裝
# tar zxvf extmail-1.0.2.tar.gz
# mkdir -pv /usr/local/apache/htdocs/extsuite
# mv extmail-1.0.2 /usr/local/apache/htdocs/extsuite/extmail
# cp /usr/local/apache/htdocs/extsuite/extmail/webmail.cf.default /usr/local/apache/htdocs/extsuite/extmail/webmail.cf
2、修改主配置文件
#vi /usr/local/apache/htdocs/extsuite/extmail/webmail.cf
部分修改選項的說明:
SYS_MESSAGE_SIZE_LIMIT = 5242880
用戶可以發送的最大郵件
SYS_USER_LANG = en_US
語言選項,可改作:
SYS_USER_LANG = zh_CN
SYS_MAILDIR_BASE = /home/domains
此處即爲您在前文所設置的用戶郵件的存放目錄,可改作:
SYS_MAILDIR_BASE = /var/mailbox
SYS_MYSQL_USER = db_user
SYS_MYSQL_PASS = db_pass
以上兩句句用來設置連接數據庫服務器所使用用戶名、密碼和郵件服務器用到的數據庫,這裏修改爲:
SYS_MYSQL_USER = postfix
SYS_MYSQL_PASS = 123456
SYS_MYSQL_HOST = localhost
指明數據庫服務器主機名,這裏默認即可
SYS_MYSQL_SOCKET = /var/lib/mysql/mysql.sock
連接數據庫的sock文件位置,這裏修改爲:
SYS_MYSQL_SOCKET = /tmp/mysql.sock
SYS_MYSQL_TABLE = mailbox
SYS_MYSQL_ATTR_USERNAME = username
SYS_MYSQL_ATTR_DOMAIN = domain
SYS_MYSQL_ATTR_PASSWD = password
以上用來指定驗正用戶登錄裏所用到的表,以及用戶名、域名和用戶密碼分別對應的表中列的名稱;這裏默認即可
SYS_AUTHLIB_SOCKET = /var/spool/authdaemon/socket
此句用來指明authdaemo socket文件的位置,這裏修改爲:
SYS_AUTHLIB_SOCKET = /usr/local/courier-authlib/var/spool/authdaemon/socket
3、apache相關配置
由於extmail要進行本地郵件的投遞操作,故必須將運行apache服務器用戶的身份修改爲您的郵件投遞代理的用戶;本例中打開了apache服務器的suexec功能,故使用以下方法來實現虛擬主機運行身份的指定。此例中的MDA爲postfix自帶,因此將指定爲postfix用戶:
<VirtualHost *:80>
ServerName mail.benet.org
DocumentRoot /var/www/extsuite/extmail/html/
ScriptAlias /extmail/cgi /var/www/extsuite/extmail/cgi
Alias /extmail /var/www/extsuite/extmail/html
SuexecUserGroup postfix postfix
</VirtualHost>
修改 cgi執行文件屬主爲apache運行身份用戶:
# chown -R postfix.postfix /usr/local/postfix/htdocs/extsuite/extmail/cgi/
如果您沒有打開apache服務器的suexec功能,也可以使用以下方法解決:
# vi /etc/httpd/httpd.conf
User postfix
Group postfix
<VirtualHost *:80>
ServerName mail.benet.org
DocumentRoot /var/www/extsuite/extmail/html/
ScriptAlias /extmail/cgi /var/www/extsuite/extmail/cgi
Alias /extmail /var/www/extsuite/extmail/html
</VirtualHost>
4、依賴關係的解決
extmail將會用到perl的DBD::Mysql和Unix::syslogd功能,可以去http://search.cpan.org搜索下載原碼包進行安裝。
# tar zxvf Unix-Syslog-0.100.tar.gz
# cd Unix-Syslog-0.100
# perl Makefile.PL
# make
# make install
DBD-Mysql目前最新的版本爲DBD-mysql-4.005,但它和系統中的perl結合使用時會造成extmail無法正常使用,因此我們採用3的版本:
# tar zxvf DBD-mysql-3.0002_4.tar.gz
# cd cd DBD-mysql-3.0002_4
# perl Makefile.PL (此步驟中如果出現類同Can't exec "mysql_config": No such file or directory at Makefile.PL line 76.的錯誤是因爲您的mysql的bin目錄沒有輸出至$PATH環境變量)
# make
# make install
十三、安裝Extman-0.2.2
1、安裝及基本配置
#tar zxvf extman-0.2.2.tar.gz
# mv extman-0.2.2 /usr/local/apache/htdocs/extsuite/extman
修改配置文件以符合本例的需要:
# vi /usr/local/apache/htdocs/extsuite/extman/webman.cf
SYS_MAILDIR_BASE = /home/domains
此處即爲您在前文所設置的用戶郵件的存放目錄,可改作:
SYS_MAILDIR_BASE = /var/mailbox
SYS_MYSQL_SOCKET = /var/lib/mysql/mysql.sock
此處修改爲:
SYS_MYSQL_SOCKET = /tmp/mysql.sock
使用extman源碼目錄下docs目錄中的extmail.sql和init.sql建立數據庫:
# cd /usr/local/apache/htdocs/extsuite/extman/docs
# mysql -u root -p <extmail.sql
# mysql -u root -p <init.sql
修改cgi目錄的屬主:
# chown -R postfix.postfix /usr/local/apache/htdocs/extsuite/extman/cgi/
如果extman訪問數據庫權限不足的話,可採用以下命令將新生成的數據庫賦予webman用戶具有所有權限:
mysql> GRANT all privileges on extmail.* TO webman@localhost IDENTIFIED BY 'webman';
mysql> GRANT all privileges on extmail.* TO [email protected] IDENTIFIED BY 'webman';
在apache的主配置文件中Extmail的虛擬主機部分,添加如下兩行:
ScriptAlias /extman/cgi /usr/local/apache/htdocs/extsuite/extman/cgi
Alias /extman /usr/local/apache/htdocs/extsuite/extman/html
創建其運行時所需的臨時目錄,並修改其相應的權限:
#mkdir -pv /tmp/extman
#chown postfix:postfix /tmp/extman
將/usr/local/apache/htdocs/下所有的內容的所有者權限交付給postfix。
# chown -R postfix:postfix /usr/local/apache/htdocs/
建立/var/www的映射:
#ln -s /usr/local/apache/htdocs /var/www
去掉登錄管理界面中的驗證碼:
編輯/var/www/extsuite/extman/webman.cf,
將:SYS_CAPTCHA_ON = 1
改爲:SYS_CAPTCHA_ON = 0
在mysql數據庫中新建postfix的用戶,對extmail數據庫有完全控制權限。
好了,到此爲止,重新啓動apache服務器後,您的Webmail和Extman已經可以使用了,可以在瀏覽器中輸入指定的虛擬主機的名稱進行訪問,如下:
http://mail.test.com
選擇管理即可登入extman進行後臺管理了。默認管理帳號爲:[email protected] 密碼爲:extmail*123*
說明:
(1) 如果您安裝後無法正常顯示校驗碼,安裝perl-GD模塊會解決這個問題。如果想簡單,您可以到以下地址下載適合您的平臺的rpm包,安裝即可: http://dries.ulyssis.org/rpm/packages/perl-GD/info.html
(2) extman-0.2.2自帶了圖形化顯示日誌的功能;此功能需要rrdtool的支持,您需要安裝此些模塊纔可能正常顯示圖形日誌。
2、(新增2007.9.18)配置Mailgraph_ext,使用Extman的圖形日誌:
接下來安裝圖形日誌的運行所需要的軟件包Time::HiRes、File::Tail和rrdtool,其中前兩個包您可以去http://search.cpan.org搜索並下載獲得,後一個包您可以到 http://oss.oetiker.ch/rrdtool/pub/?M=D下載獲得; 注意安裝順序不能改換。
安裝Time::HiRes
#tar zxvf Time-HiRes-1.9707.tar.gz
#cd Time-HiRes-1.9707
#perl Makefile.PL
#make
#make test
#make install
安裝File::Tail
#tar zxvf File-Tail-0.99.3.tar.gz
#cd File-Tail-0.99.3
#perl Makefile
#make
#make test
#make install
安裝rrdtool-1.2.23
#tar zxvf rrdtool-1.2.23.tar.gz
#cd rrdtool-1.2.23
#./configure --prefix=/usr/local/rrdtool
#make
#make install
創建必要的符號鏈接(Extman會到這些路徑下找相關的庫文件)
#ln -sv /usr/local/rrdtool/lib/perl/5.8.5/i386-linux-thread-multi/auto/RRDs/RRDs.so /usr/lib/perl5/5.8.5/i386-linux-thread-multi/
#ln -sv /usr/local/rrdtool/lib/perl/5.8.5/RRDp.pm /usr/lib/perl5/5.8.5
#ln -sv /usr/local/rrdtool/lib/perl/5.8.5/i386-linux-thread-multi/RRDs.pm /usr/lib/perl5/5.8.5
複製mailgraph_ext到/usr/local,並啓動之
# cp -r /var/www/extsuite/extman/addon/mailgraph_ext /usr/local
# / usr/local/mailgraph_ext/mailgraph-init start
# /usr/local/mailgraph_ext/qmonitor-init start
添加到自動啓動隊列
echo "/usr/local/mailgraph_ext/mailgraph-init start" >> /etc/rc.local
echo "/usr/local/mailgraph_ext/qmonitor-init start" >> /etc/rc.local
好了,接下來您就可以到extman的後臺查看圖表日誌了。
十四、安裝maildrop-2.0.4
maildrop是一個使用C++編寫的用來代替本地MDA的帶有過濾功能郵件投遞代理,是courier郵件系統組件之一。它從標準輸入接受信息並投遞到用戶郵箱;maildrop既可以將郵件投遞到mailboxes格式郵箱,亦可以將其投遞到maildirs格式郵箱。同時,maildrop可以從文件中讀取入站郵件過濾指示,並由此決定是將郵件送入用戶郵箱或者轉發到其它地址等。和procmail不同的是,maildrop使用結構化的過濾語言,因此,郵件系統管理員可以開發自己的過濾規則並應用其中。
我們在此將使用maildrop來代替postfix自帶的MDA,並以此爲基礎擴展後文的郵件殺毒和反垃圾郵件功能的調用;在此可能會修改前文中的許多設置,請確保您的設置也做了相應的修改。
1、安裝
將courier-authlib的頭文件及庫文件鏈接至/usr目錄(編譯maildrop時會到此目錄下找此些相關的文件):
# ln -sv /usr/local/courier-authlib/bin/courierauthconfig /usr/bin
# ln -sv /usr/local/courier-authlib/include/* /usr/include
maildrop需要pcre的支持,因此,接下來將首先安裝pcre
# tar jxvf pcre-7.3.tar.bz2
# cd pcre-7.3
# ./configure
# make
# make check
# make install
# groupadd -g 1001 vmail
# useradd -g vmail -u 1001 -M -s /sbin/nologin vmail
# tar jxvf maildrop-2.0.4.tar.bz2
# cd maildrop-2.0.4
# ./configure
--enable-sendmail=/usr/sbin/sendmail
--enable-trusted-users='root vmail'
--enable-syslog=1 --enable-maildirquota
--enable-maildrop-uid=1001
--enable-maildrop-gid=1001
--with-trashquota --with-dirsync
# make
# make install
檢查安裝結果,請確保有"Courier Authentication Library extension enabled."一句出現:
# maildrop -v
maildrop 2.0.4 Copyright 1998-2005 Double Precision, Inc.
GDBM extensions enabled.
Courier Authentication Library extension enabled.
Maildir quota extension enabled.
This program is distributed under the terms of the GNU General Public
License. See COPYING for additional information.
2、新建其配置文件/etc/maildroprc文件,首先指定maildrop的日誌記錄位置:
# vi /etc/maildroprc
添加:
logfile "/var/log/maildrop.log"
# touch /var/log/maildrop.log
# chown vmail.vmail /var/log/maildrop.log
3、配置Postfix
編輯master.cf
# vi /etc/postfix/master.cf
啓用如下兩行
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
注意:定義transport的時候,即如上兩行中的第二行,其參數行必須以空格開頭,否則會出錯。
編輯main.cf
# vi /etc/postfix/main.cf
virtual_transport = virtual
修改爲:
virtual_transport = maildrop
將下面兩項指定的UID和GID作相應的修改:
virtual_uid_maps = static:2525
virtual_gid_maps = static:2525
修改爲:
virtual_uid_maps = static:1001
virtual_gid_maps = static:1001
4、編輯/etc/authmysqlrc
# vi /etc/authmysqrc
MYSQL_UID_FIELD '2525'
MYSQL_GID_FIELD '2525'
更改爲:
MYSQL_UID_FIELD '1001'
MYSQL_GID_FIELD '1001'
注意:沒有此處的修改,maildrop可能會報告 “signal 0x06”的錯誤報告。
5、編輯/etc/httpd/httpd.conf,修改運行用戶:
如果啓用了suexec的功能,則將虛擬主機中指定的
SuexecUserGroup postfix postfix
修改爲:
SuexecUserGroup vmail vmail
如果沒有使用上面的功能,則修改User和Group指令後的用戶爲vmail
將前文中的如下項
User postfix
Group postfix
修改爲:
User vmail
Group vmail
6、將用戶郵件所在的目錄/var/mailbox和extman的臨時目錄/tmp/extman的屬主和屬組指定爲vmail
#chown -R vmail.vmail /var/mailbox
#chown -R vmail.vmail /tmp/extman
#chown -R vmail:vmail /usr/local/apache/htdocs/extsuite
接下來重新啓動postfix和apache,進行發信測試後,如果日誌中的記錄類同以下項,則安裝成功
Sep 16 12:04:43 Ixor postfix/pipe[14266]: 46B491A5CB: to=<[email protected]>, relay=maildrop, delay=2306, delays=2306/0.04/0/0.07, dsn=2.0.0, status=sent (delivered via maildrop service)
[ 本帖最後由 marion 於 2008-1-8 12:25 編輯 ]
問題:
maillog日誌中提示:
Apr 16 14:12:02 cc postfix/trivial-rewrite[3379]: warning: do not list domain test.com in BOTH mydestination and virtual_mailbox_domains,並且郵件被髮送到了/var/mail/中,而不是/var/mailbox
解決:
編輯/etc/postfix/main.cf,將mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain 改爲 mydestination = $myhostname, localhost.$mydomain, localhost, $hostname 就好了
原因:
$mydestination和$virtual_mailbox_domains衝突了
問題:
如何對附件大小做限制。
解決:
編輯 /etc/postfix/main.cf
寫入 message_size_limit = 20000000 (限制爲20M,已byte爲單位)
編輯 extmail下的webmail.cf
修改 SYS_MESSAGE_SIZE_LIMIT = 20242880 (限制爲20M,以byte爲單位)
問題:
如何限制外發郵件,即只允許向某個域發送郵件,下面的方法是限制某幾個賬戶,將@以及前面的部分刪掉就限制了域:
限制部分Postfix用戶只能內部收發的例子(完整版)
原來的帖子:http://www.extmail.org/forum/viewthread.php?tid=524 這裏實現的功能有些缺陷,對於限制的用戶,其實只能對其外發(或者說rcpt to)做限制,而對於任意來信人給其發來的email則沒有限制能力,真正的內部收發郵件用戶,應該是隻允許它和指定的內部域名(用戶)聯繫,對於發向任何外部郵件域,或任意外部郵件域發來的郵件,都是禁止的。
這裏給出一個配置,僅供大家參考。
配置方法:
1)在main.cf裏定義如下的smtpd_restriction_classes:
QUOTE:
# restrictions
smtpd_restriction_classes = local_out_only local_in_only
local_out_only = check_recipient_access hash:/etc/postfix/local_domains, reject
local_in_only = check_sender_access hash:/etc/postfix/local_domains, reject
2)將main.cf裏的smtpd_recipient_restrctions定義爲:
QUOTE:
smtpd_recipient_restrictions =
check_sender_access hash:/etc/postfix/local_out_only
check_recipient_access hash:/etc/postfix/local_in_only
permit_mynetworks
permit_sasl_authenticated
reject_non_fqdn_hostname
reject_non_fqdn_sender
reject_non_fqdn_recipient
reject_unauth_destination
reject_unauth_pipelining
reject_invalid_hostname
3)編輯/etc/postfix/local_in_only:
QUOTE:
[email protected] local_in_only
[email protected] local_in_only
4)編輯/etc/postifx/local_out_senders:
QUOTE:
[email protected] local_out_only
[email protected] local_out_only
5)編輯/etc/postfix/local_domains:
QUOTE:
internal.foo.com OK
internal.bar.com OK
6)爲3,4,5建立對應的hash文件:
QUOTE:
# postmap hash:/etc/postfix/local_in_only
# postmap hash:/etc/postfix/local_out_only
# postmap hash:/etc/postfix/local_domains
這樣就定義了extmail.org域名裏兩個用戶foo和bar,只允許和internal.foo.com和internel.bar.com 兩個內部域的用戶來往郵件,對於外部的郵件則沒有收或發的能力。如果外部郵件企圖給這2個用戶發送,則遇到如下錯誤:
QUOTE:
554 5.7.1 <[email protected]>: Recipient address rejected: Access denied
如果這2個內部用戶要給外部用戶發email,將遇到如下錯誤:
QUOTE:
554 5.7.1 <[email protected]>: Sender address rejected: Access denied
目前這樣的配置就可以比較完整的實現內部用戶的功能需求了。其實這種配置的方法和之前的帖子道理一樣,關鍵得分清楚什麼階段,調用什麼restrictions即可。
環境:
[root@cc ~]# cat /etc/redhat-release
CentOS release 4.6 (Final)
[root@cc ~]# uname -a
Linux cc 2.6.9-67.ELsmp #1 SMP Fri Nov 16 12:48:03 EST 2007 i686 i686 i386 GNU/Linux
所有軟件包:
postfix-2.4.7.tar.gz
mysql-5.0.45-linux-i686.tar.gz
cyrus-sasl-2.1.22.tar.gz
DB-4.5.20
httpd-2.2.6.tar.gz
php-5.2.5.tar.bz2
courier-authlib-0.59.1.tar.bz2
courier-imap-4.0.4.tar.bz2
extmail-1.0.2.tar.gz
extman-0.2.2.tar.gz
maildrop-2.0.4
Unix-Syslog-0.100.tar.gz
DBD-mysql-3.0002_4.tar.gz
DBI-1.604.tar.gz
libjpeg-devel-6b-33.i386.rpm
libpng-devel-1.2.7-3.el4_5.1.i386.rpm
zlib-devel-1.2.1.2-1.2.i386.rpm
主機名: mail.test.com
域名: test.com
一. 卸載sendmail
shell> sudo rpm -e sendmail-8.13.1-3.2.el4 --nodeps
二. 安裝mysql
# groupadd mysql
# useradd -g mysql -s /bin/false -M mysql
# tar -zxvf mysql-5.0.51a-linux-i686-glibc23.tar.gz
# cd mysql-5.0.51a-linux-i686-glibc23
# mkdir /usr/local/mysql
# ./configure --prefix=/usr/local/mysql --enable-thread-safe-client --enable-local-infile --with-charset=gbk --with-extra-charset=all --with-low-memory
# make
# make install
# cp support-files/my-medium.cnf /etc/my.cnf
# cd /usr/local/mysql
# chown -R mysql .
# chgrp -R mysql .
# ./bin/mysql_install_db --user=mysql
# chown -R root .
# chown -R mysql var
# ./bin/mysqld_safe --user=mysql &
# cd /usr/local/src/mysql-5.0.45 (這裏的目錄指的是原壓縮包解壓後的目錄)
# cp support-files/mysql.server /etc/rc.d/init.d/mysqld
# chmod 700 /etc/rc.d/init.d/mysqld
加入自動啓動服務隊列:
# chkconfig --add mysqld
# chkconfig --level 345 mysqld on
測試
# /usr/local/mysql/bin/mysqladmin ping
# /usr/local/mysql/bin/mysqladmin version
# /usr/local/mysql/bin/mysql
添加root密碼
# /usr/local/mysql/bin/mysqladmin -uroot -p 'newpasswd'
說明:此時mysql的root用戶的密碼爲空
配置庫文件搜索路徑
# echo "/usr/local/mysql/lib/mysql" >> /etc/ld.so.conf
# ldconfig -v
添加/usr/local/mysql/bin到環境變量PATH中
#export PATH=$PATH:/usr/local/mysql/bin
三、安裝sasl-2.1.22
#tar zxvf cyrus-sasl-2.1.22.tar.gz
#cd cyrus-sasl-2.1.22
#./configure --prefix=/usr/local/sasl2 --disable-gssapi --disable-anon --disable-sample --disable-digest --enable-plain --enable-login --enable-sql --with-mysql=/usr/local/mysql --with-mysql-includes=/usr/local/mysql/include/mysql --with-mysql-libs=/usr/local/mysql/lib/mysql --with-authdaemond=/usr/local/courier-authlib/var/spool/authdaemon/socket
#make
#make install
關閉原有的sasl:
# mv /usr/lib/libsasl2.a /usr/lib/libsasl2.a.OFF
# mv /usr/lib/libsasl2.la /usr/lib/libsasl2.la.OFF
# mv /usr/lib/libsasl2.so.2.0.19 /usr/lib/libsasl2.so.2.0.19.OFF
# mv /usr/lib/sasl2 /usr/lib/sasl2.OFF
# rm /usr/lib/libsasl2.so
# rm /usr/lib/libsasl2.so.2
# ln -sv /usr/local/sasl2/lib/* /usr/lib
postfix 2.3以後的版本會分別在/usr/local/lib和/usr/local/include中搜索sasl庫文件及頭文件,故還須將其鏈接至此目錄中:
# ln -sv /usr/local/sasl2/lib/* /usr/local/lib
# ln -sv /usr/local/sasl2/include/sasl/* /usr/local/include
創建運行時需要的目錄並調試啓動
# mkdir -pv /var/state/saslauthd
# /usr/local/sasl2/sbin/saslauthd -a shadow pam -d
啓動並測試
# /usr/local/sasl2/sbin/saslauthd -a shadow pam
# /usr/local/sasl2/sbin/testsaslauthd -u root -p root用戶密碼
配置庫文件搜索路徑
# echo "/usr/local/sasl2/lib" >> /etc/ld.so.conf
# echo "/usr/local/sasl2/lib/sasl2" >> /etc/ld.so.conf
# ldconfig -v
開機自動啓動
# echo "/usr/local/sasl2/sbin/saslauthd -a shadow pam">>/etc/rc.local
四、安裝berkeley db。
#mkdir /usr/local/BerkeleyDB
#tar zxvf db-4.5.20.tar.gz
#cd db-4.5.20/build_unix
#../dist/configure --prefix=/usr/local/BerkeleyDB
#make
#make install
修改相應的頭文件指向
# mv /usr/include/db4 /usr/inculde/db4.OFF
# rm /usr/include/db_cxx.h
# rm /usr/include/db.h
# rm /usr/include/db_185.h
# ln -sv /usr/local/BerkeleyDB/include /usr/include/db4
# ln -sv /usr/local/BerkeleyDB/include/db.h /usr/include/db.h
# ln -sv /usr/local/BerkeleyDB/include/db_cxx.h /usr/include/db_cxx.h
配置庫文件搜索路徑
# echo "/usr/local/BerkeleyDB/lib" >> /etc/ld.so.conf
# ldconfig -v
五、安裝httpd-2.2.6
#tar jxvf httpd-2.2.6.tar.gz
#cd httpd-2.2.6
#./configure
--prefix=/usr/local/apache
--sysconfdir=/etc/httpd
--enable-so
--enable-ssl
--with-ssl=/usr/local/ssl
--enable-track-vars
--enable-rewrite
--with-zlib
--enable-mods-shared=most
--enable-suexec (後面extmail切換”運行時用戶”時要用到)
--with-suexec-caller=daemon
#make
#make install
#echo "/usr/local/apache/bin/apachectl start" >> /etc/rc.d/rc.local(系統啓動時服務自動啓動)
六、安裝php-5.2.5
# tar -zvxf php-5.2.5.tar.gz
# mkdir -p /usr/local/php
# cd php-5.2.5
# ./configure --prefix=/usr/local/php
--with-apxs2=/usr/local/apache/bin/apxs
--with-mysql=/usr/local/mysql
--with-mysqli=/usr/local/mysql/bin/mysql_config
--with-xml
--with-png
--with-jpeg
--with-zlib
--with-freetype
--with-gd
--enable-track-vars
--enable-mbstring=all
# make
# make install
# cp php.ini-dist /usr/local/php/lib/php.ini
注:編輯apache配置文件httpd.conf,以apache支持php
# vi /etc/httpd/httpd.conf
1、添加如下二行
AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps
2、定位至DirectoryIndex index.html
修改爲:
DirectoryIndex index.php index.html
3、按照使用習慣,這裏將網站根目錄指定到/var/www:
找到DocumentRoot “/usr/local/apache/htdocs”
修改爲:DocumentRoot “/var/www”(後文中我們還會註釋掉此行,以啓用虛擬主機)
找到<Directory “/usr/local/apache/htdocs”>
修改爲:<Directory “/var/www”>
說明:這個對本文來說並非是不可少的。
七、安裝Postfix-2.4.5
1.安裝
#groupadd -g 2525 postfix
#useradd -g postfix -u 2525 -s /sbin/nologin -M postfix
#groupadd -g 2526 postdrop
#useradd -g postdrop -u 2526 -s /bin/false -M postdrop
#tar zxvf postfix-2.4.5.tar.gz
#cd postfix-2.4.5
#make makefiles 'CCARGS=-DHAS_MYSQL -I/usr/local/mysql/include/mysql -DUSE_SASL_AUTH -DUSE_CYRUS_SASL -I/usr/local/sasl2/include/sasl -I/usr/local/BerkeleyDB/include -DUSE_TLS -I/usr/local/ssl/include/openssl ' 'AUXLIBS=-L/usr/local/mysql/lib/mysql -lmysqlclient -lz -lm -L/usr/local/sasl2/lib -lsasl2 -L/usr/local/BerkeleyDB/lib -L/usr/local/ssl/lib -lssl -lcrypto'
#make
#make install
按照以下的提示輸入相關的路徑([]號中的是缺省值,”]”後的是輸入值)
install_root: [/] /
tempdir: [/usr/local/src/ postfix-2.4.5] /tmp
config_directory: [/etc/postfix] /etc/postfix
daemon_directory: [/usr/libexec/postfix] /usr/local/postfix/libexec
command_directory: [/usr/sbin] /usr/local/postfix/sbin
queue_directory: [/var/spool/postfix]
sendmail_path: [/usr/sbin/sendmail]
newaliases_path: [/usr/bin/newaliases]
mailq_path: [/usr/bin/mailq]
mail_owner: [postfix]
setgid_group: [postdrop]
html_directory: [no] /var/www/postfix_html
manpages: [/usr/local/man] /usr/local/postfix/man
readme_directory: [no]
說明:這裏的postfix將安裝在獨立的目錄/usr/local/postfix中,目的是爲了方便管理;您亦可以採用默認安裝的方式,可能這樣使用起來會更爲方便些;
生成別名二進制文件,這個步驟如果忽略,會造成postfix效率極低:
# newaliases
2.進行一些基本配置,測試啓動postfix並進行發信
#vi /etc/postfix/main.cf
修改以下幾項爲您需要的配置
myhostname = mail.test.com
myorigin = test.com
mydomain = test.com
mydestination = $myhostname, localhost.$mydomain, localhost, $hostname
mynetworks = 192.168.1.0/24, 127.0.0.0/8
說明:
myorigin參數用來指明發件人所在的域名;
mydestination參數指定postfix接收郵件時收件人的域名,即您的postfix系統要接收到哪個域名的郵件;
myhostname 參數指定運行postfix郵件系統的主機的主機名,默認情況下,其值被設定爲本地機器名;
mydomain參數指定您的域名,默認情況下,postfix將myhostname的第一部分刪除而作爲mydomain的值;
mynetworks 參數指定你所在的網絡的網絡地址,postfix系統根據其值來區別用戶是遠程的還是本地的,如果是本地網絡用戶則允許其訪問;
inet_interfaces 參數指定postfix系統監聽的網絡接口;
注意:
1、在postfix的配置文件中,參數行和註釋行是不能處在同一行中的;
2、任何一個參數的值都不需要加引號,否則,引號將會被當作參數值的一部分來使用;
3、每修改參數及其值後執行 postfix reload 即可令其生效;但若修改了inet_interfaces,則需重新啓動postfix;
4、如果一個參數的值有多個,可以將它們放在不同的行中,只需要在其後的每個行前多置一個空格即可;postfix會把第一個字符爲空格或tab的文本行視爲上一行的延續;
啓動postfix
/usr/local/postfix/sbin/postfix start
連接postfix,驗正服務啓動狀況:
# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 mail.benet.org ESMTP Postfix
ehlo mail.benet.org
250-mail.benet.org
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
mail from:[email protected]
250 2.1.0 Ok
rcpt to:[email protected]
250 2.1.5 Ok
data
354 End data with <CR><LF>.<CR><LF>
subject:Mail test!
Mail test!!!
.
250 2.0.0 Ok: queued as AB94A1A561
quit
221 2.0.0 Bye
Connection closed by foreign host.
切換到redhat用戶進行收信:
# su - redhat
Mail version 8.1 6/6/93. Type ? for help.
"/var/spool/mail/redhat": 1 message 1 new
>N 1 [email protected] Wed Sep 5 10:59 15/488 "Mail test!"
&
八、爲postfix開啓基於cyrus-sasl的認證功能
使用以下命令驗正postfix是否支持cyrus風格的sasl認證,如果您的輸出爲以下結果,則是支持的:
# /usr/local/postfix/sbin/postconf -a
cyrus
dovecot
#vi /etc/postfix/main.cf
添加以下內容:
############################CYRUS-SASL############################
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,
reject_invalid_hostname,reject_non_fqdn_hostname,
reject_unknown_sender_domain,reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unknown_recipient_domain,
reject_unauth_pipelining,reject_unauth_destination # 都寫在一行
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_security_options = noanonymous
smtpd_sasl_application_name = smtpd
smtpd_banner = Welcome to our $myhostname ESMTP,Warning: Version not Available!
#vi /usr/local/lib/sasl2/smtpd.conf
添加如下內容:
pwcheck_method: saslauthd
mech_list: PLAIN LOGIN
讓postfix重新加載配置文件
#/usr/local/postfix/sbin/postfix reload
# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 Welcome to our mail.benet.org ESMTP,Warning: Version not Available!
ehlo mail.benet.org
250-mail.benet.org
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN (請確保您的輸出以類似兩行)
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
九、讓postfix支持虛擬域和虛擬用戶
1、編輯/etc/postfix/main.cf,添加如下內容:
########################Virtual Mailbox Settings#########################
virtual_mailbox_base = /var/mailbox
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_alias_domains =
virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_uid_maps = static:2525
virtual_gid_maps = static:2525
virtual_transport = virtual
maildrop_destination_recipient_limit = 1
maildrop_destination_concurrency_limit = 1
##########################QUOTA Settings#################################
message_size_limit = 14336000
virtual_mailbox_limit = 20971520
virtual_create_maildirsize = yes
virtual_mailbox_extended = yes
virtual_mailbox_limit_maps = mysql:/etc/postfix/mysql_virtual_mailbox_limit_maps.cf
virtual_mailbox_limit_override = yes
virtual_maildir_limit_message = Sorry, the user's maildir has overdrawn his diskspace quota, please Tidy your mailbox and try again later.
virtual_overquota_bounce = yes
2、添加爲支持虛擬域和虛擬用戶所用到的配置文件
編輯/etc/postfix/mysql_virtual_alias_maps.cf ,添加如下內容:
user = extmail
password = extmail
hosts = localhost
dbname = extmail
table = alias
select_field = goto
where_field = address
編輯/etc/postfix/mysql_virtual_domains_maps.cf ,添加如下內容:
user = extmail
password = extmail
hosts = localhost
dbname = extmail
table = domain
select_field = description
where_field = domain
編輯/etc/postfix/mysql_virtual_mailbox_limit_maps.cf ,添加如下內容:
user = extmail
password = extmail
hosts = localhost
dbname = extmail
table = mailbox
select_field = quota
where_field = username
編輯/etc/postfix/mysql_virtual_mailbox_maps.cf ,添加如下內容:
user = extmail
password = extmail
hosts = localhost
dbname = extmail
table = mailbox
select_field = maildir
where_field = username
說明:
1、這裏用到的數據庫及用戶的建立可以後文中的extmail說明部分來實現,您可以參照那一部分來理解這裏指定的數據庫及其用戶名等;
2、以上新建文件亦可以從extman安裝文件中獲得,您也可以由此不用手動輸入;
3、虛擬用戶郵箱目錄我這裏沿用了/var/mailbox,你可以指定爲別的目錄,比如常見到的/var/spool/mail,或者/home/domains等;但如果這裏做了修改,請在後文中用到時作了相應的修改;
十、安裝Courier authentication library
# tar jxvf courier-authlib-0.59.1.tar.bz2
# cd courier-authlib-0.59.1
# ./configure --prefix=/usr/local/courier-authlib --sysconfdir=/etc --without-authpam --without-authldap --without-authpwd --without-authshadow --without-authvchkpw --without-authpgsql --with-authmysql --with-mysql-libs=/usr/local/mysql/lib/mysql --with-mysql-includes=/usr/local/mysql/include/mysql --with-redhat --with-authmysqlrc=/etc/authmysqlrc --with-authdaemonrc=/etc/authdaemonrc CFLAGS="-march=i686 -O2 -fexpensive-optimizations" CXXFLAGS="-march=i686 -O2 -fexpensive-optimizations"
# make
# make install
# chmod 755 /usr/local/courier-authlib/var/spool/authdaemon
# cp /etc/authdaemonrc.dist /etc/authdaemonrc
# cp /etc/authmysqlrc.dist /etc/authmysqlrc
修改/etc/authdaemonrc 文件
authmodulelist="authmysql"
authmodulelistorig="authmysql"
daemons=10
編輯/etc/authmysqlrc 爲以下內容,其中2525,2525 爲postfix 用戶的UID和GID。
MYSQL_SERVER localhost
MYSQL_PORT 3306 (指定你的mysql監聽的端口,這裏使用默認的3306)
MYSQL_USERNAME extmail (這時爲後文要用的數據庫的所有者的用戶名)
MYSQL_PASSWORD extmail (密碼)
MYSQL_SOCKET /tmp/mysql.sock
MYSQL_DATABASE extmail
MYSQL_USER_TABLE mailbox
MYSQL_CRYPT_PWFIELD password
MYSQL_UID_FIELD '2525'
MYSQL_GID_FIELD '2525'
MYSQL_LOGIN_FIELD username
MYSQL_HOME_FIELD concat('/var/mailbox/',maildir)
MYSQL_NAME_FIELD name
MYSQL_MAILDIR_FIELD concat('/var/mailbox/',maildir)
# cp courier-authlib.sysvinit /etc/init.d/courier-authlib
# chmod 755 /etc/init.d/courier-authlib
# chkconfig --add courier-authlib
# chkconfig --level 2345 courier-authlib on
#echo "/usr/local/courier-authlib/lib/courier-authlib" >> /etc/ld.so.conf
# ldconfig -v
# service courier-authlib start (啓動服務)
十一、安裝Courier-IMAP
# tar jxvf courier-imap-4.1.3.tar.bz2
# cd courier-imap-4.1.3
# mkdir /usr/local/courier-imap
# ./configure
--prefix=/usr/local/courier-imap
--with-redhat
--enable-unicode
--disable-root-check
--with-trashquota
--without-ipv6
CPPFLAGS='-I/usr/local/ssl/include/openssl -I/usr/local/courier-authlib/include'
LDFLAGS='-L/usr/local/courier-authlib/lib/courier-authlib'
COURIERAUTHCONFIG='/usr/local/courier-authlib/bin/courierauthconfig'
# make
# make install
# cp /usr/local/courier-imap/etc/imapd.dist /usr/local/courier-imap/etc/imapd
# cp /usr/local/courier-imap/etc/imapd-ssl.dist /usr/local/courier-imap/etc/imapd-ssl
# cp /usr/local/courier-imap/etc/pop3d.dist /usr/local/courier-imap/etc/pop3d
# cp /usr/local/courier-imap/etc/pop3d-ssl.dist /usr/local/courier-imap/etc/pop3d-ssl
配置Courier-IMAP,爲用戶提供pop3服務:
vi /usr/local/courier-imap/etc/pop3d
POP3DSTART=YES
注:如果你想爲用戶提供IMAP服務,則需在"/usr/local/courier-imap/etc/imapd"文件中設置"IMAPDSTART=yes";其它類同;
新建虛擬用戶郵箱所在的目錄,並將其權限賦予postfix用戶:
#mkdir -pv /var/mailbox
#chown -R postfix /var/mailbox
#cp courier-imap.sysvinit /etc/rc.d/init.d/courier-imapd
#chmod 755 /etc/rc.d/init.d/courier-imapd
#chkconfig --add courier-imapd
#chkconfig --level 2345 courier-imapd on
#service courier-imapd start
接下來重新配置SMTP 認證,編輯 /usr/local/lib/sasl2/smtpd.conf ,確保其爲以下內容:
pwcheck_method: authdaemond
log_level: 3
mech_list:PLAIN LOGIN
authdaemond_path:/usr/local/courier-authlib/var/spool/authdaemon/socket
十二、安裝Extmail-1.0.2
1、安裝
# tar zxvf extmail-1.0.2.tar.gz
# mkdir -pv /usr/local/apache/htdocs/extsuite
# mv extmail-1.0.2 /usr/local/apache/htdocs/extsuite/extmail
# cp /usr/local/apache/htdocs/extsuite/extmail/webmail.cf.default /usr/local/apache/htdocs/extsuite/extmail/webmail.cf
2、修改主配置文件
#vi /usr/local/apache/htdocs/extsuite/extmail/webmail.cf
部分修改選項的說明:
SYS_MESSAGE_SIZE_LIMIT = 5242880
用戶可以發送的最大郵件
SYS_USER_LANG = en_US
語言選項,可改作:
SYS_USER_LANG = zh_CN
SYS_MAILDIR_BASE = /home/domains
此處即爲您在前文所設置的用戶郵件的存放目錄,可改作:
SYS_MAILDIR_BASE = /var/mailbox
SYS_MYSQL_USER = db_user
SYS_MYSQL_PASS = db_pass
以上兩句句用來設置連接數據庫服務器所使用用戶名、密碼和郵件服務器用到的數據庫,這裏修改爲:
SYS_MYSQL_USER = postfix
SYS_MYSQL_PASS = 123456
SYS_MYSQL_HOST = localhost
指明數據庫服務器主機名,這裏默認即可
SYS_MYSQL_SOCKET = /var/lib/mysql/mysql.sock
連接數據庫的sock文件位置,這裏修改爲:
SYS_MYSQL_SOCKET = /tmp/mysql.sock
SYS_MYSQL_TABLE = mailbox
SYS_MYSQL_ATTR_USERNAME = username
SYS_MYSQL_ATTR_DOMAIN = domain
SYS_MYSQL_ATTR_PASSWD = password
以上用來指定驗正用戶登錄裏所用到的表,以及用戶名、域名和用戶密碼分別對應的表中列的名稱;這裏默認即可
SYS_AUTHLIB_SOCKET = /var/spool/authdaemon/socket
此句用來指明authdaemo socket文件的位置,這裏修改爲:
SYS_AUTHLIB_SOCKET = /usr/local/courier-authlib/var/spool/authdaemon/socket
3、apache相關配置
由於extmail要進行本地郵件的投遞操作,故必須將運行apache服務器用戶的身份修改爲您的郵件投遞代理的用戶;本例中打開了apache服務器的suexec功能,故使用以下方法來實現虛擬主機運行身份的指定。此例中的MDA爲postfix自帶,因此將指定爲postfix用戶:
<VirtualHost *:80>
ServerName mail.benet.org
DocumentRoot /var/www/extsuite/extmail/html/
ScriptAlias /extmail/cgi /var/www/extsuite/extmail/cgi
Alias /extmail /var/www/extsuite/extmail/html
SuexecUserGroup postfix postfix
</VirtualHost>
修改 cgi執行文件屬主爲apache運行身份用戶:
# chown -R postfix.postfix /usr/local/postfix/htdocs/extsuite/extmail/cgi/
如果您沒有打開apache服務器的suexec功能,也可以使用以下方法解決:
# vi /etc/httpd/httpd.conf
User postfix
Group postfix
<VirtualHost *:80>
ServerName mail.benet.org
DocumentRoot /var/www/extsuite/extmail/html/
ScriptAlias /extmail/cgi /var/www/extsuite/extmail/cgi
Alias /extmail /var/www/extsuite/extmail/html
</VirtualHost>
4、依賴關係的解決
extmail將會用到perl的DBD::Mysql和Unix::syslogd功能,可以去http://search.cpan.org搜索下載原碼包進行安裝。
# tar zxvf Unix-Syslog-0.100.tar.gz
# cd Unix-Syslog-0.100
# perl Makefile.PL
# make
# make install
DBD-Mysql目前最新的版本爲DBD-mysql-4.005,但它和系統中的perl結合使用時會造成extmail無法正常使用,因此我們採用3的版本:
# tar zxvf DBD-mysql-3.0002_4.tar.gz
# cd cd DBD-mysql-3.0002_4
# perl Makefile.PL (此步驟中如果出現類同Can't exec "mysql_config": No such file or directory at Makefile.PL line 76.的錯誤是因爲您的mysql的bin目錄沒有輸出至$PATH環境變量)
# make
# make install
十三、安裝Extman-0.2.2
1、安裝及基本配置
#tar zxvf extman-0.2.2.tar.gz
# mv extman-0.2.2 /usr/local/apache/htdocs/extsuite/extman
修改配置文件以符合本例的需要:
# vi /usr/local/apache/htdocs/extsuite/extman/webman.cf
SYS_MAILDIR_BASE = /home/domains
此處即爲您在前文所設置的用戶郵件的存放目錄,可改作:
SYS_MAILDIR_BASE = /var/mailbox
SYS_MYSQL_SOCKET = /var/lib/mysql/mysql.sock
此處修改爲:
SYS_MYSQL_SOCKET = /tmp/mysql.sock
使用extman源碼目錄下docs目錄中的extmail.sql和init.sql建立數據庫:
# cd /usr/local/apache/htdocs/extsuite/extman/docs
# mysql -u root -p <extmail.sql
# mysql -u root -p <init.sql
修改cgi目錄的屬主:
# chown -R postfix.postfix /usr/local/apache/htdocs/extsuite/extman/cgi/
如果extman訪問數據庫權限不足的話,可採用以下命令將新生成的數據庫賦予webman用戶具有所有權限:
mysql> GRANT all privileges on extmail.* TO webman@localhost IDENTIFIED BY 'webman';
mysql> GRANT all privileges on extmail.* TO [email protected] IDENTIFIED BY 'webman';
在apache的主配置文件中Extmail的虛擬主機部分,添加如下兩行:
ScriptAlias /extman/cgi /usr/local/apache/htdocs/extsuite/extman/cgi
Alias /extman /usr/local/apache/htdocs/extsuite/extman/html
創建其運行時所需的臨時目錄,並修改其相應的權限:
#mkdir -pv /tmp/extman
#chown postfix:postfix /tmp/extman
將/usr/local/apache/htdocs/下所有的內容的所有者權限交付給postfix。
# chown -R postfix:postfix /usr/local/apache/htdocs/
建立/var/www的映射:
#ln -s /usr/local/apache/htdocs /var/www
去掉登錄管理界面中的驗證碼:
編輯/var/www/extsuite/extman/webman.cf,
將:SYS_CAPTCHA_ON = 1
改爲:SYS_CAPTCHA_ON = 0
在mysql數據庫中新建postfix的用戶,對extmail數據庫有完全控制權限。
好了,到此爲止,重新啓動apache服務器後,您的Webmail和Extman已經可以使用了,可以在瀏覽器中輸入指定的虛擬主機的名稱進行訪問,如下:
http://mail.test.com
選擇管理即可登入extman進行後臺管理了。默認管理帳號爲:[email protected] 密碼爲:extmail*123*
說明:
(1) 如果您安裝後無法正常顯示校驗碼,安裝perl-GD模塊會解決這個問題。如果想簡單,您可以到以下地址下載適合您的平臺的rpm包,安裝即可: http://dries.ulyssis.org/rpm/packages/perl-GD/info.html
(2) extman-0.2.2自帶了圖形化顯示日誌的功能;此功能需要rrdtool的支持,您需要安裝此些模塊纔可能正常顯示圖形日誌。
2、(新增2007.9.18)配置Mailgraph_ext,使用Extman的圖形日誌:
接下來安裝圖形日誌的運行所需要的軟件包Time::HiRes、File::Tail和rrdtool,其中前兩個包您可以去http://search.cpan.org搜索並下載獲得,後一個包您可以到 http://oss.oetiker.ch/rrdtool/pub/?M=D下載獲得; 注意安裝順序不能改換。
安裝Time::HiRes
#tar zxvf Time-HiRes-1.9707.tar.gz
#cd Time-HiRes-1.9707
#perl Makefile.PL
#make
#make test
#make install
安裝File::Tail
#tar zxvf File-Tail-0.99.3.tar.gz
#cd File-Tail-0.99.3
#perl Makefile
#make
#make test
#make install
安裝rrdtool-1.2.23
#tar zxvf rrdtool-1.2.23.tar.gz
#cd rrdtool-1.2.23
#./configure --prefix=/usr/local/rrdtool
#make
#make install
創建必要的符號鏈接(Extman會到這些路徑下找相關的庫文件)
#ln -sv /usr/local/rrdtool/lib/perl/5.8.5/i386-linux-thread-multi/auto/RRDs/RRDs.so /usr/lib/perl5/5.8.5/i386-linux-thread-multi/
#ln -sv /usr/local/rrdtool/lib/perl/5.8.5/RRDp.pm /usr/lib/perl5/5.8.5
#ln -sv /usr/local/rrdtool/lib/perl/5.8.5/i386-linux-thread-multi/RRDs.pm /usr/lib/perl5/5.8.5
複製mailgraph_ext到/usr/local,並啓動之
# cp -r /var/www/extsuite/extman/addon/mailgraph_ext /usr/local
# / usr/local/mailgraph_ext/mailgraph-init start
# /usr/local/mailgraph_ext/qmonitor-init start
添加到自動啓動隊列
echo "/usr/local/mailgraph_ext/mailgraph-init start" >> /etc/rc.local
echo "/usr/local/mailgraph_ext/qmonitor-init start" >> /etc/rc.local
好了,接下來您就可以到extman的後臺查看圖表日誌了。
十四、安裝maildrop-2.0.4
maildrop是一個使用C++編寫的用來代替本地MDA的帶有過濾功能郵件投遞代理,是courier郵件系統組件之一。它從標準輸入接受信息並投遞到用戶郵箱;maildrop既可以將郵件投遞到mailboxes格式郵箱,亦可以將其投遞到maildirs格式郵箱。同時,maildrop可以從文件中讀取入站郵件過濾指示,並由此決定是將郵件送入用戶郵箱或者轉發到其它地址等。和procmail不同的是,maildrop使用結構化的過濾語言,因此,郵件系統管理員可以開發自己的過濾規則並應用其中。
我們在此將使用maildrop來代替postfix自帶的MDA,並以此爲基礎擴展後文的郵件殺毒和反垃圾郵件功能的調用;在此可能會修改前文中的許多設置,請確保您的設置也做了相應的修改。
1、安裝
將courier-authlib的頭文件及庫文件鏈接至/usr目錄(編譯maildrop時會到此目錄下找此些相關的文件):
# ln -sv /usr/local/courier-authlib/bin/courierauthconfig /usr/bin
# ln -sv /usr/local/courier-authlib/include/* /usr/include
maildrop需要pcre的支持,因此,接下來將首先安裝pcre
# tar jxvf pcre-7.3.tar.bz2
# cd pcre-7.3
# ./configure
# make
# make check
# make install
# groupadd -g 1001 vmail
# useradd -g vmail -u 1001 -M -s /sbin/nologin vmail
# tar jxvf maildrop-2.0.4.tar.bz2
# cd maildrop-2.0.4
# ./configure
--enable-sendmail=/usr/sbin/sendmail
--enable-trusted-users='root vmail'
--enable-syslog=1 --enable-maildirquota
--enable-maildrop-uid=1001
--enable-maildrop-gid=1001
--with-trashquota --with-dirsync
# make
# make install
檢查安裝結果,請確保有"Courier Authentication Library extension enabled."一句出現:
# maildrop -v
maildrop 2.0.4 Copyright 1998-2005 Double Precision, Inc.
GDBM extensions enabled.
Courier Authentication Library extension enabled.
Maildir quota extension enabled.
This program is distributed under the terms of the GNU General Public
License. See COPYING for additional information.
2、新建其配置文件/etc/maildroprc文件,首先指定maildrop的日誌記錄位置:
# vi /etc/maildroprc
添加:
logfile "/var/log/maildrop.log"
# touch /var/log/maildrop.log
# chown vmail.vmail /var/log/maildrop.log
3、配置Postfix
編輯master.cf
# vi /etc/postfix/master.cf
啓用如下兩行
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
注意:定義transport的時候,即如上兩行中的第二行,其參數行必須以空格開頭,否則會出錯。
編輯main.cf
# vi /etc/postfix/main.cf
virtual_transport = virtual
修改爲:
virtual_transport = maildrop
將下面兩項指定的UID和GID作相應的修改:
virtual_uid_maps = static:2525
virtual_gid_maps = static:2525
修改爲:
virtual_uid_maps = static:1001
virtual_gid_maps = static:1001
4、編輯/etc/authmysqlrc
# vi /etc/authmysqrc
MYSQL_UID_FIELD '2525'
MYSQL_GID_FIELD '2525'
更改爲:
MYSQL_UID_FIELD '1001'
MYSQL_GID_FIELD '1001'
注意:沒有此處的修改,maildrop可能會報告 “signal 0x06”的錯誤報告。
5、編輯/etc/httpd/httpd.conf,修改運行用戶:
如果啓用了suexec的功能,則將虛擬主機中指定的
SuexecUserGroup postfix postfix
修改爲:
SuexecUserGroup vmail vmail
如果沒有使用上面的功能,則修改User和Group指令後的用戶爲vmail
將前文中的如下項
User postfix
Group postfix
修改爲:
User vmail
Group vmail
6、將用戶郵件所在的目錄/var/mailbox和extman的臨時目錄/tmp/extman的屬主和屬組指定爲vmail
#chown -R vmail.vmail /var/mailbox
#chown -R vmail.vmail /tmp/extman
#chown -R vmail:vmail /usr/local/apache/htdocs/extsuite
接下來重新啓動postfix和apache,進行發信測試後,如果日誌中的記錄類同以下項,則安裝成功
Sep 16 12:04:43 Ixor postfix/pipe[14266]: 46B491A5CB: to=<[email protected]>, relay=maildrop, delay=2306, delays=2306/0.04/0/0.07, dsn=2.0.0, status=sent (delivered via maildrop service)
[ 本帖最後由 marion 於 2008-1-8 12:25 編輯 ]
問題:
maillog日誌中提示:
Apr 16 14:12:02 cc postfix/trivial-rewrite[3379]: warning: do not list domain test.com in BOTH mydestination and virtual_mailbox_domains,並且郵件被髮送到了/var/mail/中,而不是/var/mailbox
解決:
編輯/etc/postfix/main.cf,將mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain 改爲 mydestination = $myhostname, localhost.$mydomain, localhost, $hostname 就好了
原因:
$mydestination和$virtual_mailbox_domains衝突了
問題:
如何對附件大小做限制。
解決:
編輯 /etc/postfix/main.cf
寫入 message_size_limit = 20000000 (限制爲20M,已byte爲單位)
編輯 extmail下的webmail.cf
修改 SYS_MESSAGE_SIZE_LIMIT = 20242880 (限制爲20M,以byte爲單位)
問題:
如何限制外發郵件,即只允許向某個域發送郵件,下面的方法是限制某幾個賬戶,將@以及前面的部分刪掉就限制了域:
限制部分Postfix用戶只能內部收發的例子(完整版)
原來的帖子:http://www.extmail.org/forum/viewthread.php?tid=524 這裏實現的功能有些缺陷,對於限制的用戶,其實只能對其外發(或者說rcpt to)做限制,而對於任意來信人給其發來的email則沒有限制能力,真正的內部收發郵件用戶,應該是隻允許它和指定的內部域名(用戶)聯繫,對於發向任何外部郵件域,或任意外部郵件域發來的郵件,都是禁止的。
這裏給出一個配置,僅供大家參考。
配置方法:
1)在main.cf裏定義如下的smtpd_restriction_classes:
QUOTE:
# restrictions
smtpd_restriction_classes = local_out_only local_in_only
local_out_only = check_recipient_access hash:/etc/postfix/local_domains, reject
local_in_only = check_sender_access hash:/etc/postfix/local_domains, reject
2)將main.cf裏的smtpd_recipient_restrctions定義爲:
QUOTE:
smtpd_recipient_restrictions =
check_sender_access hash:/etc/postfix/local_out_only
check_recipient_access hash:/etc/postfix/local_in_only
permit_mynetworks
permit_sasl_authenticated
reject_non_fqdn_hostname
reject_non_fqdn_sender
reject_non_fqdn_recipient
reject_unauth_destination
reject_unauth_pipelining
reject_invalid_hostname
3)編輯/etc/postfix/local_in_only:
QUOTE:
[email protected] local_in_only
[email protected] local_in_only
4)編輯/etc/postifx/local_out_senders:
QUOTE:
[email protected] local_out_only
[email protected] local_out_only
5)編輯/etc/postfix/local_domains:
QUOTE:
internal.foo.com OK
internal.bar.com OK
6)爲3,4,5建立對應的hash文件:
QUOTE:
# postmap hash:/etc/postfix/local_in_only
# postmap hash:/etc/postfix/local_out_only
# postmap hash:/etc/postfix/local_domains
這樣就定義了extmail.org域名裏兩個用戶foo和bar,只允許和internal.foo.com和internel.bar.com 兩個內部域的用戶來往郵件,對於外部的郵件則沒有收或發的能力。如果外部郵件企圖給這2個用戶發送,則遇到如下錯誤:
QUOTE:
554 5.7.1 <[email protected]>: Recipient address rejected: Access denied
如果這2個內部用戶要給外部用戶發email,將遇到如下錯誤:
QUOTE:
554 5.7.1 <[email protected]>: Sender address rejected: Access denied
目前這樣的配置就可以比較完整的實現內部用戶的功能需求了。其實這種配置的方法和之前的帖子道理一樣,關鍵得分清楚什麼階段,調用什麼restrictions即可。