Contos7 postfix dovecot及postfixAdmin Roundcube整合配置

接上一篇內容，postfix及dovecot基本安裝成功，但沒有管理界面，不方便操作，下面開始集成postadmin及Roundcube。

一、安裝LNMP

推薦一種方便快捷安裝方式 https://lnmp.org/install.html

二、配置postfixadmin

1、下載postfixadmin，

地址：https://sourceforge.net/projects/postfixadmin/，本例使用的是postfixadmin-3.2.tar.gz。
解壓到nginx的網頁目錄（/chroot/www/postfixadmin/）。

2、創建配置數據庫

修改配置文件/chroot/www/postfixadmin/config.inc.php

$CONF['database_type'] = 'mysqli';
$CONF['database_host'] = '127.0.0.1';
$CONF['database_user'] = 'postfix';
$CONF['database_password'] = 'postfix';
$CONF['database_name'] = 'postfix';

爲postfixadmin創建Mysql數據庫與權限記錄　
啓動數據庫，進入數據庫
創建postfix數據庫，並創建postfix用戶且授權

mysql> create database postfix; 
mysql> grant all on postfix.* to postfix@'localhost' identified by 'postfix'; 
mysql> flush privileges;

測試postfix能否登錄成功。

[root@home html]# mysql -u postfix -p
Enter password: 
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 53806
Server version: 5.6.31 MySQL Community Server (GPL)
 
Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
 
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
 
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> show databases; 
+--------------------+ 
| Database           | 
+--------------------+ 
| information_schema | 
| postfix            | 
| test               | 
+--------------------+ 
3 rows in set (0.00 sec) 
mysql> use postfix 
Database changed
mysql> 

安裝配置

打開安裝配置界面
http://ip地址/postfixadmin/public/setup.php
接下來就是按界面提示配置相關數據庫用戶名及密碼，生成數據結構，設置超級管理員信息。

進入登錄界面
http://ip/postfixadmin/public/login.php
配置我們需要的域名信息，在域名下創建郵箱信息。

配置Postfix

虛擬域名配置

在上一次安裝的過程中配置支持虛擬域名。
/etc/postfix/main.cf

#虛擬域名配置 
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql_virtual_domains_maps.cf 
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql_virtual_alias_maps.cf 
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf 

# Additional for quota support 
#virtual_create_maildirsize = yes 
#virtual_mailbox_extended = yes 
virtual_mailbox_limit_maps = mysql:/etc/postfix/mysql_virtual_mailbox_limit_maps.cf 
#virtual_mailbox_limit_override = yes 
#virtual_maildir_limit_message = Sorry, this user has exceeded their disk space quota, please try again later. 
#virtual_overquota_bounce = yes 
#Specify the user/group that owns the mail folders. I'm not sure if this is strictly necessary when using Dovecot's LDA. 
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps

注意:
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
這裏根據實現情況修改默認的用戶ID及用戶組ID號，當前配置使用的是5000

創建Mysql腳本

創建/etc/postfix/mysql_virtual_domains_maps.cf文件

[root@home ~]# vim /etc/postfix/mysql_virtual_domains_maps.cf 
user = postfix 
password = postfix 
hosts = 127.0.0.1  
dbname = postfix 
query = SELECT domain FROM domain WHERE domain='%s' AND active = '1'

創建/etc/postfix/mysql_virtual_alias_maps.cf文件

[root@home ~]# vim /etc/postfix/mysql_virtual_alias_maps.cf 
user = postfix 
password = postfix 
hosts = 127.0.0.1  
dbname = postfix 
query = SELECT goto FROM alias WHERE address='%s' AND active = '1'

創建/etc/postfix/mysql_virtual_mailbox_maps.cf文件

[root@home ~]# vim /etc/postfix/mysql_virtual_mailbox_maps.cf 
user = postfix 
password = postfix 
hosts = 127.0.0.1  
dbname = postfix 
query = SELECT CONCAT(domain,'/',maildir) FROM mailbox WHERE username='%s' AND active = '1'

創建/etc/postfix/mysql_virtual_mailbox_limit_maps.cf文件

[root@home ~]# vim /etc/postfix/mysql_virtual_mailbox_limit_maps.cf 
user = postfix 
password = postfix 
hosts = 127.0.0.1 
dbname = postfix 
query = SELECT quota FROM mailbox WHERE username='%s' AND active = '1'

SMTP 認證設定

SMTP（Simple Mail Transfer Protocol）即簡單郵件傳輸協議,它是一組用於由源地址到目的地址傳送郵件的規則，由它來控制信件的中轉方式　
查看postfix支持的認證，默認支持dovecot

[root@home ~]# postconf -a 
cyrus 
dovecot

修改/etc/postfix/main.cf配置文件
用系統用戶SMTP認證配置如下(修改前)

smtpd_sasl_type = dovecot 
smtpd_sasl_path = private/auth 
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous 
smtpd_sasl_local_domain = $myhostname 

修改爲以下配置內容(修改後)

smtpd_sasl_auth_enable = yes 
smtpd_sasl_type = dovecot 
smtpd_sasl_path = /var/run/dovecot/auth-client 
smtpd_sasl_security_options = noanonymous 
broken_sasl_auth_clients = yes 
smtpd_recipient_restrictions =  permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination

使用Dovecot做爲投遞

[root@home ~]# vim /etc/postfix/main.cf 
# TRANSPORT MAP 
virtual_transport = dovecot 
dovecot_destination_recipient_limit = 1 

#修改master.cf文件

[root@home ~]# vim /etc/postfix/master.cf 
#在最後增加這兩行,注意flags前面有兩個空格，不然會報錯 
dovecot   unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail:vmail argv=/usr/libexec/dovecot/dovecot-lda -f ${sender} -d ${recipient}

二、配置dovecot

前面已經安裝了dovecot,現在配置dovecot的配置文件,主要是集成數據庫相關配置。

修改配置

修改/etc/dovecot/dovecot.conf

[root@home ~]# vim /etc/dovecot/dovecot.conf 
protocols = imap pop3 
listen = * 
dict { 
   quota = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext 
} 
!include conf.d/*.conf

修改/etc/dovecot/conf.d/10-auth.conf

[root@home ~]# vim /etc/dovecot/conf.d/10-auth.conf 
disable_plaintext_auth = no 
auth_mechanisms = plain login cram-md5 
!include auth-sql.conf.ext

修改/etc/dovecot/conf.d/10-mail.conf

[root@home ~]# vim /etc/dovecot/conf.d/10-mail.conf 
mail_location = maildir:%hMaildir 
mbox_write_locks = fcntl

修改/etc/dovecot/conf.d/10-master.conf

[root@home ~]# vim /etc/dovecot/conf.d/10-master.conf 
service imap-login { 
   inet_listener imap { 
   } 
   inet_listener imaps { 
   } 
} 
service pop3-login { 
   inet_listener pop3 { 
   } 
   inet_listener pop3s { 
   } 
} 
service lmtp { 
   unix_listener lmtp { 
   } 
} 
service imap { 
} 
service pop3 { 
} 
service auth { 
   unix_listener auth-userdb { 
      mode = 0600 
      user = vmail 
      group = vmail 
   } 
   #新加下面一段，爲smtp做認證 
   unix_listener auth-client { 
      mode = 0600 
      user = postfix 
      group = postfix 
   } 
}
service auth-worker { 
} 
service dict { 
   unix_listener dict { 
   mode = 0600 
   user = vmail 
   group = vmail 
  } 
}

修改/etc/dovecot/conf.d/15-lda.conf

[root@home ~]# vim /etc/dovecot/conf.d/15-lda.conf 
protocol lda { 
  mail_plugins = quota
  postmaster_address = [email protected] #管理員郵箱 
}

修改/etc/dovecot/conf.d/20-imap.conf

[root@home ~]# vim /etc/dovecot/conf.d/20-imap.conf 
protocol imap { 
        mail_plugins = quota imap_quota 
}

修改/etc/dovecot/conf.d/20-pop3.conf

[root@home ~]# vim /etc/dovecot/conf.d/20-pop3.conf
pop3_uidl_format = %08Xu%08Xv  
protocol pop3 {
  mail_plugins = quota
}

修改/etc/dovecot/conf.d/90-quota.conf

[root@home ~]# vim /etc/dovecot/conf.d/90-quota.conf 
plugin { 
   quota_rule = *:storage=1G 
} 
plugin { 
} 
plugin { 
   quota = dict:User quota::proxy::quota
} 
plugin { 
}

添加配置

增加新文件/etc/dovecot/dovecot-sql.conf.ext

[root@home ~]# vim /etc/dovecot/dovecot-sql.conf.ext 
driver = mysql 
connect = host=localhost dbname=postfix user=postfix password=postfix 
default_pass_scheme = CRAM-MD5 
user_query = SELECT CONCAT('/var/vmail/', maildir) AS home, 5000 AS uid, 5000 AS gid, CONCAT('*:bytes=', quota) as quota_rule FROM mailbox WHERE username = '%u' AND active='1'
password_query = SELECT username AS user, password, CONCAT('/var/vmail/', maildir) AS userdb_home, 2000 AS userdb_uid, 2000 AS userdb_gid, CONCAT('*:bytes=', quota) as userdb_quota_rule FROM mailbox WHERE username = '%u' AND active='1'

注意: 這裏的uid及gid也是使用當前系統vmail用戶的信息。

增加新文件/etc/dovecot/dovecot-dict-sql.conf.ext

[root@home ~]# vim /etc/dovecot/dovecot-dict-sql.conf.ext 
connect = host=localhost dbname=postfix user=postfix password=postfix 
map { 
   pattern = priv/quota/storage
   table = quota2 
   username_field = username 
   value_field = bytes 
 } 
 map { 
   pattern = priv/quota/messages
   table = quota2 
   username_field = username 
   value_field = messages 
}

三、配置Roundcubemail

下載Roundcubemail

下載Roundcubemail（注意下載roundcubmail版本與php版本的兼容問題，本例使用的是roundcubemail-1.2.9.tar.gz），地址：https://roundcube.net，並且解壓到nginx目錄中(chroot/www/webmail)

創建數據庫

mysql> CREATE DATABASE roundcubemail; 
Query OK, 1 row affected (0.00 sec) 
mysql> GRANT ALL PRIVILEGES ON roundcubemail.* TO roundcubemail@localhost IDENTIFIED BY 'roundcubemail'; 
FLUSH PRIVILEGES;Query OK, 0 rows affected (0.01 sec) 
mysql> FLUSH PRIVILEGES; 
Query OK, 0 rows affected (0.00 sec)

安裝配置

在瀏覽器中訪問roundcubemail的安裝界面，
地址：http://ip地址/webmail/installer/index.php?_step=1
根據界面提示配置相關信息…

根據界面提示需要打開php相關配置、添加相關擴展，生成相關數據配置信息即可。

如果在第三步中驗證沒有問題，那說明基本通信是正常了。

進入管理界面

根據在postfixadmin中創建的郵箱及密碼，在以下地址登錄。
地址: http://ip地址/webmail/?_task=mail&_err=session

四、測試驗證

內部郵件

向外郵件

接收郵件

總結

前前後後也花費了不少時間，心疼的兩個週末，不過總算結果是好的。主要問題出現在對email發送的流程不夠理解，修改配置文件不夠小心。當前只是demo走通，距離正式投入使用還有一些距離，例如SSL加密協議證書配置、數據備份機制、安全問題等有待解決。

Postfix+Dovecot+PostfixAdmin+Roundcube配置調試源碼可在以下地址下載:
https://download.csdn.net/download/xianglingchuan/10993649