所需軟件:
平臺,RHEL5.8
postfix-2.9.15
dovecot系統自帶
courier-authlib-0.62.4高與0.64本平臺可能無法使用
mysql 5.7 含:
mysql-5.7.12-1.el5.x86_64.rpm
mysql-community-client-5.7.12-1.el5.x86_64.rpm
mysql-community-common-5.7.12-1.el5.x86_64.rpm
mysql-community-devel-5.7.12-1.el5.x86_64.rpm
mysql-community-libs-5.7.12-1.el5.x86_64.rpm
mysql-community-libs-compat-5.7.12-1.el5.x86_64.rpm
mysql-community-server-5.7.12-1.el5.x86_64.rpm
可以到:http://dev.mysql.com/downloads/mysql/ 上面上載
extmail-1.2 + extman-1.1
附加軟件包(可以yum install直接安裝):
httpd, mysql-devel, openssl-devel, libtool-ltdl-devel,libtool-ltdl,perl-DBD-MySQL, tcl, tcl-devel, libart_lgpl, libart_lgpl-devel , expect,cyrus-sasl.x86_64,cyrus-sasl-devel,cyrus-sasl-lib,cyrus-sasl-plain
並安裝以下開發所用到的rpm包組:
Development Libraries
Development Tools
方法:
yum groupinstall "Development Libraries" "Development Tools"
一、準備工作:
1、關閉或卸載sendmail,並將它的隨系統自動啓動功能關閉:
service sendmail stop
chkconfig sendmail off
或
rpm -e --nodeps sendmail
2、如果要用mysql 5.5/5.7等高版本mysql,請把系統自帶的mysql相關軟件包也卸載了,以確保不衝突
對於5.1以上的版本,系統的存儲引擎爲InnoDB,extman的腳本可能要修改,如果不想麻煩,可以用系統自帶的,可能不用修改sql腳本
3、啓動saslauthd服務,並將其加入到自動啓動隊列:
# service saslauthd start
# chkconfig saslauthd on
二、安裝配置postfix
# groupadd -g 2525 postfix
# useradd -g postfix -u 2525 -s /sbin/nologin -M postfix
# groupadd -g 2526 postdrop
# useradd -g postdrop -u 2526 -s /sbin/nologin -M postdrop
# cd postfix-2.9.15
1、編譯安裝
# make makefiles 'CCARGS=-DHAS_MYSQL -I/usr/include/mysql -DUSE_SASL_AUTH -DUSE_CYRUS_SASL -I/usr/include/sasl -DUSE_TLS ' 'AUXLIBS=-L/usr/lib/mysql -lmysqlclient -lz -lm -L/usr/lib/sasl2 -lsasl2 -lssl -lcrypto'
# make
# make install
按照以下的提示輸入相關的路徑([]號中的是缺省值,”]”後的是輸入值,省略的表示採用默認值)
install_root: [/] /
tempdir: [/root/postfix-2.9.3] /tmp/postfix
config_directory: [/etc/postfix] /etc/postfix
daemon_directory: [/usr/libexec/postfix]
command_directory: [/usr/sbin]
queue_directory: [/var/spool/postfix]
sendmail_path: [/usr/sbin/sendmail]
newaliases_path: [/usr/bin/newaliases]
mailq_path: [/usr/bin/mailq]
mail_owner: [postfix]
setgid_group: [postdrop]
html_directory: [no]/var/www/html/postfix
manpages: [/usr/local/man]
readme_directory: [no]
生成別名二進制文件:
# newaliases
還有不要忘記了執行這個,否則啓動可能出錯報:
warning: unable to look up public/pickup: No such file or directory
warning: unable to look up public/pickup: No such file or directory
fatal: the Postfix mail system is not running
fatal: scan_dir_push: open directory maildrop: Permission denied
fatal: Postfix integrity check failed!
#post-install set-permissions
2、做簡單配置
# vim /etc/postfix/main.cf
修改以下幾項爲您需要的配置,注意,要頂格寫,否則系統會認爲是上一行的延續
myhostname = mail.test.com
myorigin = test.com
mydomain = test.com
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
mynetworks = 192.168.1.0/24, 127.0.0.0/8
保存退出
3、爲postfix編寫啓動服務腳本/etc/rc.d/init.d/postfix:
#!/bin/bash
#
# postfix Postfix Mail Transfer Agent
#
# chkconfig: 2345 80 30
# description: Postfix is a Mail Transport Agent, which is the program \
# that moves mail from one machine to another.
# processname: master
# pidfile: /var/spool/postfix/pid/master.pid
# config: /etc/postfix/main.cf
# config: /etc/postfix/master.cf
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
. /etc/sysconfig/network
# Check that networking is up.
[ $NETWORKING = "no" ] && exit 3
[ -x /usr/sbin/postfix ] || exit 4
[ -d /etc/postfix ] || exit 5
[ -d /var/spool/postfix ] || exit 6
RETVAL=0
prog="postfix"
start() {
# Start daemons.
echo -n $"Starting postfix: "
/usr/bin/newaliases >/dev/null 2>&1
/usr/sbin/postfix start 2>/dev/null 1>&2 && success || failure $"$prog start"
RETVAL=$?
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/postfix
echo
return $RETVAL
}
stop() {
# Stop daemons.
echo -n $"Shutting down postfix: "
/usr/sbin/postfix stop 2>/dev/null 1>&2 && success || failure $"$prog stop"
RETVAL=$?
[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/postfix
echo
return $RETVAL
}
reload() {
echo -n $"Reloading postfix: "
/usr/sbin/postfix reload 2>/dev/null 1>&2 && success || failure $"$prog reload"
RETVAL=$?
echo
return $RETVAL
}
abort() {
/usr/sbin/postfix abort 2>/dev/null 1>&2 && success || failure $"$prog abort"
return $?
}
flush() {
/usr/sbin/postfix flush 2>/dev/null 1>&2 && success || failure $"$prog flush"
return $?
}
check() {
/usr/sbin/postfix check 2>/dev/null 1>&2 && success || failure $"$prog check"
return $?
}
restart() {
stop
start
}
# See how we were called.
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
stop
start
;;
reload)
reload
;;
abort)
abort
;;
flush)
flush
;;
check)
check
;;
status)
status master
;;
condrestart)
[ -f /var/lock/subsys/postfix ] && restart || :
;;
*)
echo $"Usage: $0 {start|stop|restart|reload|abort|flush|check|status|condrestart}"
exit 1
esac
exit $?
# END
4、賦予執行權限並啓動postfix:
# chmod +x /etc/rc.d/init.d/postfix
添加至服務列表:
# chkconfig --add postfix
開機自動啓動:
# chkconfig postfix on
使用腳本重新啓動服務:
# service postfix restart
5、爲postfix開啓基於cyrus-sasl的認證功能
驗正postfix是否支持cyrussasl認證,確保出出以下結果:
# /usr/local/postfix/sbin/postconf -a
cyrus
dovecot
#vi /etc/postfix/main.cf
############CYRUS-SASL ###################
smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_security_options = noanonymous
smtpd_sasl_path = smtpd
smtpd_banner = ESMTP,Warning:system not work!
# vi /usr/lib64/sasl2/smtpd.conf
添加如下內容:
pwcheck_method: saslauthd
mech_list: PLAIN LOGIN
重啓postfix並測試
#/usr/sbin/postfix restart
# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 Welcome to our mail.test.com ESMTP,Warning:system not work!
ehlo mail.magedu.com
250-mail.magedu.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN (請確保有這兩行輸出)
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
三、安裝Courier authentication library並配置其通過mysql進行驗證郵箱用戶
1、安裝Courier authentication library
# tar xf courier-authlib-0.62.4.tar.bz2
# cd courier-authlib-0.62.4
./configure \
--prefix=/usr/local/courier-authlib \
--sysconfdir=/etc \
--without-authpam \
--without-authshadow \
--without-authvchkpw \
--without-authpgsql \
--with-authmysql=yes \
--with-mysql-libs=/usr/lib64/mysql \
--with-mysql-includes=/usr/include/mysql \
--with-redhat \
--with-authmysqlrc=/etc/authmysqlrc \
--with-authdaemonrc=/etc/authdaemonrc \
--with-mailuser=postfix \
--with-mailgroup=postfix \
--with-ltdl-lib=/usr/lib64 \
--with-ltdl-include=/usr/include
注 意:這裏是rpm包版的mysql庫文件路徑,如果不是rpm包安裝的mysql,請用確保你的with-mysql-libs、with-mysql- includes的路徑是正確的,還有,一定要把--with-authmysql=yes寫上,否則,編譯出來的一樣不把持mysql
# make
# make install
# chmod 755 /usr/local/courier-authlib/var/spool/authdaemon
# cp /etc/authdaemonrc.dist /etc/authdaemonrc
# cp /etc/authmysqlrc.dist /etc/authmysqlrc
修改/etc/authdaemonrc 文件
authmodulelist="authmysql" --一定要確保這個列表中有autymysql出現,否則不支持mysql驗證
authmodulelistorig="authmysql"
daemons=10
2、配置mysql進行郵件用戶驗證
編輯/etc/authmysqlrc 爲以下內容,其中2525,2525 爲postfix 用戶的UID和GID。
MYSQL_SERVER localhost
MYSQL_PORT 3306 --mysql監聽端口,默認的3306
MYSQL_USERNAME extmail --數據庫的所有者的用戶名
MYSQL_PASSWORD extmail --密碼,根據自已的設置填寫
MYSQL_SOCKET /var/lib/mysql/mysql.sock --rpm包版的sock在這裏
MYSQL_DATABASE extmail
MYSQL_USER_TABLE mailbox
MYSQL_CRYPT_PWFIELD password
MYSQL_UID_FIELD '2525'
MYSQL_GID_FIELD '2525'
MYSQL_LOGIN_FIELD username
MYSQL_HOME_FIELD concat('/var/mailbox/',homedir)
MYSQL_NAME_FIELD name
MYSQL_MAILDIR_FIELD concat('/var/mailbox/',maildir)
3、啓動腳本
# cp courier-authlib.sysvinit /etc/rc.d/init.d/courier-authlib
# chmod 755 /etc/init.d/courier-authlib
# chkconfig --add courier-authlib
# chkconfig --level 2345 courier-authlib on
# echo "/usr/local/courier-authlib/lib/courier-authlib" >> /etc/ld.so.conf.d/courier-authlib.conf
# ldconfig -v
# service courier-authlib start
4、配置postfix通過courier-authlib驗證用戶
新建虛擬用戶郵箱目錄,並將其權限賦予postfix用戶:
#mkdir –pv /var/mailbox
#chown –R postfix /var/mailbox
接下來重新配置SMTP 認證,編輯 /usr/lib64/sasl2/smtpd.conf ,確保其爲以下內容:
pwcheck_method: authdaemond
log_level: 3
mech_list:PLAIN LOGIN
authdaemond_path:/usr/local/courier-authlib/var/spool/authdaemon/socket
四、讓postfix支持虛擬域和虛擬用戶
1、編輯/etc/postfix/main.cf,添加如下內容:
########################Virtual Mailbox Settings########################
virtual_mailbox_base = /var/mailbox
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_alias_domains =
virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_uid_maps = static:2525
virtual_gid_maps = static:2525
virtual_transport = virtual
注:/etc/postfix/mysql_virtual_*.cf 來自extman-1.1/docs,當然,我們需要配置其數據庫連接用到的用戶名,密碼
2、配置extman
用源碼目錄下docs目錄中的extmail.sql和init.sql建立數據庫:
mysql 5.0 可以直接使用 extmail.sql初始化數據庫,5.1以上要把數據庫存儲引擎修改爲InnoDB,5.7不用指定存儲引擎,還要在my.cnf中加上sql-mode='IGNORE',並對manager表的sql做簡單修改:
如下:
CREATE TABLE manager (
username varchar(255) NOT NULL default '',
password varchar(255) NOT NULL default '',
type varchar(64) NOT NULL default 'postmaster',
uid varchar(255) NOT NULL default '',
name varchar(255) NOT NULL default '',
question text ,
answer text ,
disablepwdchange smallint(1),
createdate datetime NOT NULL ,
expiredate DATE NOT NULL default '2030-12-30',
active tinyint(1) NOT NULL default '1',
PRIMARY KEY (username),
KEY username (username)
) COMMENT='Ext/Webman - Admin Accounts';
還有,5.7上的建用戶、建庫一定要用create user、create database語句,INSERT INTO user、INSERT INTO db 語句不可用,還要修改extmail.sql腳本
# tar zxvf extman-1.1.tar.gz
# cd extman-1.1/docs
# mysql -u root -p < extmail.sql
# mysql -u root -p <init.sql
# cp mysql* /etc/postfix/
3、授予用戶extmail訪問extmail數據庫
mysql> GRANT all privileges on extmail.* TO extmail@localhost IDENTIFIED BY 'youpassword';
mysql> GRANT all privileges on extmail.* TO [email protected] IDENTIFIED BY 'youpassword';
注:啓用虛擬域,要取消中心域,註釋掉myhostname, mydestination, mydomain, myorigin幾個指令
4、配置dovecot使用mysql驗證用戶
# vi /etc/dovecot.conf
mail_location = maildir:/var/mailbox/%d/%n/Maildir
auth default {
mechanisms = plain
passdb sql {
args = /etc/dovecot-mysql.conf
}
userdb sql {
args = /etc/dovecot-mysql.conf
}
# vim /etc/dovecot-mysql.conf
driver = mysql
connect = host=/tmp/mysql.sock dbname=extmail user=extmail password=不要照抄
default_pass_scheme = CRYPT
password_query = SELECT username AS user,password AS password FROM mailbox WHERE username = '%u'
user_query = SELECT maildir, uidnumber AS uid, gidnumber AS gid FROM mailbox WHERE username = '%u'
啓動dovecot服務:
# service dovecot start
# chkconfig dovecot on
五、安裝Extmail-1.2
1、安裝
# tar zxvf extmail-1.2.tar.gz
# mkdir -pv /var/www/extsuite
# mv extmail-1.2 /var/www/extsuite/extmail
# cp /var/www/extsuite/extmail/webmail.cf.default /var/www/extsuite/extmail/webmail.cf
2、配置
#vi /var/www/extsuite/extmail/webmail.cf
部分修改選項的說明:
SYS_MESSAGE_SIZE_LIMIT = 5242880
用戶可以發送的最大郵件
SYS_USER_LANG = en_US
語言選項,可改作:
SYS_USER_LANG = zh_CN
SYS_MAILDIR_BASE = /home/domains
此處即爲您在前文所設置的用戶郵件的存放目錄,可改作:
SYS_MAILDIR_BASE = /var/mailbox
SYS_MYSQL_USER = db_user
SYS_MYSQL_PASS = db_pass
以上兩句句用來設置連接數據庫服務器所使用用戶名、密碼和郵件服務器用到的數據庫,這裏修改爲:
SYS_MYSQL_USER = extmail
SYS_MYSQL_PASS = 你的密碼
SYS_MYSQL_SOCKET = /var/lib/mysql/mysql.sock --rpm包版的sock在這裏
SYS_MYSQL_HOST = localhost
數據庫服務器主機名
SYS_MYSQL_TABLE = mailbox
SYS_MYSQL_ATTR_USERNAME = username
SYS_MYSQL_ATTR_DOMAIN = domain
SYS_MYSQL_ATTR_PASSWD = password
以上用來指定驗正用戶登錄裏所用到的表,以及用戶名、域名和用戶密碼分別對應的表中列的名稱;這裏默認即可
SYS_AUTHLIB_SOCKET = /var/spool/authdaemon/socket
此句用來指明authdaemo socket文件的位置,這裏修改爲:
SYS_AUTHLIB_SOCKET = /usr/local/courier-authlib/var/spool/authdaemon/socket
3、加入apache
由 於extmail要進行本地郵件的投遞操作,故必須將運行apache服務器用戶的身份修改爲您的郵件投遞代理的用戶;本例中打開了apache服務器的 suexec功能,故使用以下方法來實現虛擬主機運行身份的指定。此例中的MDA爲postfix自帶,因此將指定爲postfix用戶:
<VirtualHost *:80>
ServerName mail.magedu.com
DocumentRoot /var/www/extsuite/extmail/html/
ScriptAlias /extmail/cgi /var/www/extsuite/extmail/cgi
Alias /extmail /var/www/extsuite/extmail/html
SuexecUserGroup postfix postfix
</VirtualHost>
修改 cgi執行文件屬主爲apache運行身份用戶:
# chown -R postfix.postfix /var/www/extsuite/extmail/cgi/
如果您沒有打開apache服務器的suexec功能,也可以使用以下方法解決:
# vi /etc/httpd/conf/httpd.conf
User postfix
Group postfix
<VirtualHost *:80>
ServerName mail.magedu.com
DocumentRoot /var/www/extsuite/extmail/html/
ScriptAlias /extmail/cgi /var/www/extsuite/extmail/cgi
Alias /extmail /var/www/extsuite/extmail/html
</VirtualHost>
4、依賴關係的解決
extmail將會用到perl的Unix::syslogd功能,您可以去http://search.cpan.org搜索下載原碼包進行安裝。
# tar zxvf Unix-Syslog-0.100.tar.gz
# cd Unix-Syslog-0.100
# perl Makefile.PL
# make
# make install
啓動apache服務
# service httpd start
# chkconfig httpd on
六、安裝Extman-1.1
# tar zxvf extman-1.1.tar.gz
# mv extman-1.1 /var/www/extsuite/extman
修改配置文件以符合本例的需要:
# cp /var/www/extsuite/extman/webman.cf.default /var/www/extsuite/extman/webman.cf
# vi /var/www/extsuite/extman/webman.cf
SYS_MAILDIR_BASE = /home/domains
此處即爲您在前文所設置的用戶郵件的存放目錄,可改作:
SYS_MAILDIR_BASE = /var/mailbox
SYS_DEFAULT_UID = 1000
SYS_DEFAULT_GID = 1000
此兩處後面設定的ID號需更改爲前而創建的postfix用戶和postfix組的id號,我們使用的是2525,因此,上述兩項需要修改爲:
SYS_DEFAULT_UID = 2525
SYS_DEFAULT_GID = 2525
SYS_MYSQL_USER = webman
SYS_MYSQL_PASS = webman
修改爲:
SYS_MYSQL_USER = extmail
SYS_MYSQL_PASS = 你的密碼,不要照抄
SYS_MYSQL_SOCKET = /var/lib/mysql/mysql.sock --rpm包版的sock在這裏
而後修改cgi目錄的屬主:
# chown -R postfix.postfix /var/www/extsuite/extman/cgi/
在apache的主配置文件中Extmail的虛擬主機部分,添加如下兩行:
ScriptAlias /extman/cgi /var/www/extsuite/extman/cgi
Alias /extman /var/www/extsuite/extman/html
創建其運行時所需的臨時目錄,並修改其相應的權限:
#mkdir -pv /tmp/extman
#chown postfix.postfix /tmp/extman
修改
SYS_CAPTCHA_ON = 1
爲
SYS_CAPTCHA_ON = 0
好了,到此爲止,重新啓動apache服務器後,您的Webmail和Extman已經可以使用了,可以在瀏覽器中輸入指定的虛擬主機的名稱進行訪問,如下:
http://ip/extmail
選擇管理即可登入extman進行後臺管理了。默認管理帳號爲:[email protected] 密碼爲:extmail*123*
七、配置Mailgraph_ext,使用Extman的圖形日誌:(下面所需的軟件包面要自己下載)
接 下來安裝圖形日誌的運行所需要的軟件包Time::HiRes、File::Tail和rrdtool,其中前兩個包您可以去 http://search.cpan.org搜索並下載獲得,後一個包您可以到 http://oss.oetiker.ch/rrdtool/pub/?M=D下載獲得; 注意安裝順序不能改換。
安裝Time::HiRes
#tar zxvf Time-HiRes-1.9707.tar.gz
#cd Time-HiRes-1.9707
#perl Makefile.PL
#make
#make test
#make install
安裝File::Tail
#tar zxvf File-Tail-0.99.3.tar.gz
#cd File-Tail-0.99.3
#perl Makefile
#make
#make test
#make install
安裝rrdtool-1.2.23-1.el5.rf.x86_64.rpm依賴以下兩個包,要三個一起安裝才行
rrdtool-devel-1.2.23-1.el3.rf.x86_64.rpm
perl-rrdtool-1.2.23-1.el4.rf.x86_64.rpm
rpm -iv *rrdtool*
複製mailgraph_ext到/usr/local,並啓動之
# cp -r /var/www/extsuite/extman/addon/mailgraph_ext /usr/local
# /usr/local/mailgraph_ext/mailgraph-init start
啓動cmdserver(在後臺顯示系統信息)
# /var/www/extsuite/extman/daemon/cmdserver --daemon
添加到自動啓動隊列
# echo “/usr/local/mailgraph_ext/mailgraph-init start” >> /etc/rc.d/rc.local
# echo “/var/www/extsuite/extman/daemon/cmdserver -v -d” >> /etc/rc.d/rc.local
使用方法: 等待大約15分鐘左右,如果郵件系統有一定的流量,即可登陸到extman裏,點“圖形日誌”即可看到圖形化的日誌。具體每天,周,月,年的則點擊相應的圖片進入即可。
八、 對於smtp、pop3f進行ssl加密這裏不再說明,要想接受來自公網上的郵件,我們把25號端口映射到防火牆上即可,如果想用foxmail、 outlook等MUA來收發郵件,把110(pop3)、995(pops)、25(smtp)、465(smtps)映射出去,注意:110、25是 明文件傳輸密碼的