Centos5.8 x64安装mysql+postfix+extmail+extman+courier-authlib+courier-imap

之前在sina的博客地址http://blog.sina.com.cn/s/blog_6eee53080101bwfw.html

前面的apache+php或者nginx+php-fpm就不在介绍!
记得把mysql的lib放进ld.so.conf里面,以免在后面编译sasl的时候出现问题

本次使用的软件:

准备工作:
1、安装一些perl的模块和其他的软件
DBI、DBI::Mysql、Unix:syslogd、perl-GD、Time::HiRes、File::Tail
rrdtool、giflib、libgdiplus、mono-core、dbus-sharp、dbus-sharp-devel、dbh、dbh-devel、pcre、pcre-devel

2、添加用户和属组
groupadd -g 1000 vgroup
useradd -g 1000 -u 1000 -M -s /bin/false vuser
说明:vuser和vgroup是重要的用户和输组,而且uid、gid必须是1000(如果不是1000,后面很多地方都需要调整,有点麻烦而且很容易遗忘造成一些问题的出现)
groupadd postdrop
useradd -d /var/spool/postfix -s /bin/true -g postfix -G postdrop postfix

3、安装courier-authlib
tar jxf courier-authlib-0.61.0.tar.bz2
./configure \
–prefix=/usr/local/courier-authlib \
–without-stdheaderdir \
–without-authuserdb \
–without-authpam \
–without-authldap \
–without-authpwd \
–without-authshadow \
–without-authvchkpw \
–without-authpgsql \
–without-authcustom \
–with-authmysql \
–with-mysql-libs=/usr/local/mysql/lib/mysql \
–with-mysql-includes=/usr/local/mysql/include/mysql \
–with-redhat \
–with-mailuser=vuser \
–with-mailgroup=vgroup

(因为改变了 courier-authlib 的安装位置,所以需要加选项 –without-stdheaderdir,不然找不到header之类)
编译 courier-authlib 必须要加入–with-mailuser,–with-mailgroup 这两项;否则在 postfix 收取邮件的时候就会出现错误,在 /var/log/maillog 日志文件中可以看到这个错误提示:
temporary failure. Command output: ERR: authdaemon: s_connect() failed: Permission denied maildrop: Temporary authentication failure. )
make && make install
make install-migrate
make install-configure
echo “/usr/local/courier-authlib/lib/courier-authlib” >> /etc/ld.so.conf
ldconfig -v
记得在此运行ldconfig让刚才的ld.so.conf生效,不然在后面测试maildrop -v时会报错:maildrop:error while loading shared libraries: libcourierauth.so.0)
设置courier-authlib的开机启动
cp courier-authlib.sysvinit /etc/init.d/courier-authlib
chkconfig –add courier-authlib
chkconfig courier-authlib on
chmod 755 /usr/local/courier-authlib/var/spool/authdaemon

设置认证
cd  /usr/local/courier-authlib/etc/authlib
vim authdaemonrc
修改
authmodulelist=”authmysql”
authmodulelistorig=”authmysql”

vim authmysqlrc

MYSQL_SERVER  localhost
MYSQL_USERNAME  extmail
MYSQL_PASSWORD  extmail
MYSQL_SOCKET  /tmp/mysql.sock  (注意这里修改成你实际mysql.sock的位置)
YSQL_PORT  3306
MYSQL_OPT  0
MYSQL_DATABASE  extmail
MYSQL_USER_TABLE  mailbox
MYSQL_CRYPT_PWFIELD  password
MYSQL_UID_FIELD  uidnumber
MYSQL_GID_FIELD  gidnumber
MYSQL_LOGIN_FIELD  username
MYSQL_HOME_FIELD  homedir
MYSQL_NAME_FIELD  name
MYSQL_MAILDIR_FIELD  maildir
MYSQL_QUOTA_FIELD  quota
MYSQL_SELECT_CLAUSE  SELECT username,””,password,uidnumber,gidnumber,  \
CONCAT(‘/home/domains/’,homedir),  \
CONCAT(‘/home/domains/’,maildir),  \
quota,  \
name,  \
CONCAT(“disableimap=”,disableimap,”,disablepop3=”,  \
disablepop3,”,disablewebmail=”,disablewebmail,  \
“,disablesmtpd=”,disablesmtpd,”,disablesmtp=”,  \
disablesmtp,”,disablenetdisk=”,disablenetdisk,  \
“,netdiskquota=”,netdiskquota)  \
FROM mailbox  \
WHERE username = ‘$(local_part)@$(domain)’
注意在select_clause里面别写错了,或则客户端认证要失败的。。。。

4、安装cyrus-sasl-2.1.22
把系统自带的crrus-sasl卸载
rpm -qa|grpe cyrus-sasl
rpm -e –nodeps cyrus-sasl-2.1.22-4 cyrus-sasl-plain-2.1.22-4 cyrus-sasl-devel-2.1.22-4 cyrus-sasl-lib-2.1.22-4
如果报错可以使用rpm的参数–allmatches
rpm -e –allmatches –nodeps cyrus-sasl-2.1.22-4 cyrus-sasl-plain-2.1.22-4 cyrus-sasl-devel-2.1.22-4 cyrus-sasl-lib-2.1.22-4
rm -rf /usr/lib/sasl2
rm -rf /usr/lib/sasl2
tar cyrus-sasl-2.1.22.tar.gz
cd cyrus-sasl-2.1.22.tar.gz
./configure –prefix=/usr/local/cyrus-sasl \
–enable-plain \
–enable-cram \
–enable-digest \
–enable-login \
–enable-sql \
–disable-anon \
–disable-ntlm \
–disable-gssapi \
–disable-krb4 \
–disable-otp \
–disable-srp \
–disable-srp-setpass \
–with-authdaemond=/usr/local/courier-authlib/var/spool/authdaemon/socket \
–with-mysql \
–with-mysql-includes=/usr/local/mysql/include/mysql \
–with-mysql-libs=/usr/local/mysql/lib/mysql

make && make install
ln -s /usr/local/cyrus-sasl/lib/sasl2/ /usr/lib/sasl2
echo “/usr/local/cyrus-sasl/lib/sasl2” >>/etc/ld.so.conf
ldconfig
设置认证部分
mkdir -p /etc/sasl2
vim /etc/sasl2/smtpd.conf
pwcheck_method: authdaemond
log_level: 3
mech_list: PLAIN LOGIN
authdaemond_path:/usr/local/courier-authlib/var/spool/authdaemon/socket

5、安装postfix
postfix需要pcre,提前安装好,安装之前需要把系统自带的sendmail关闭
注意添加上“-DUSE_CYRUS_SASL”,不然在postconf -a的时候不显示支持cyrus
tar zxf postfix-2.8.12.tar.gz
cd postfix-2.8.12
make tidy
make makefiles CCARGS=”-DUSE_SASL_AUTH -DUSE_CYRUS_SASL -I/usr/local/include/sasl” AUXLIBS=”-L/usr/local/lib/sasl2 -lsasl2″
make -f Makefile.init makefiles ‘CCARGS=-DHAS_MYSQL -I/usr/local/mysql/include/mysql’ ‘AUXLIBS=-L/usr/local/mysql/lib/mysql -R/usr/local/mysql/lib/mysql -lmysqlclient -lz -lm’
make && make install
出现一个询问框
===================================
install_root: [/]
tempdir: [/mnt/softs/postfix-2.4.6] /tmp
config_directory: [/etc/postfix]
daemon_directory: [/usr/libexec/postfix]
command_directory: [/usr/sbin]
queue_directory: [/var/spool/postfix]
sendmail_path: [/usr/sbin/sendmail]
newaliases_path: [/usr/bin/newaliases]
mailq_path: [/usr/bin/mailq]
mail_owner: [postfix]
setgid_group: [postdrop]
manpage_directory: [/usr/local/man]
===================================根据实际情况输入即可。
mv /etc/aliases /etc/aliases.old
ln -s /etc/postfix/aliases /etc/aliases
生成二进制文件,这个步骤如果忽略,可能会造成postfix效率极低。
echo ‘root:admin@yourdomains.com’ >>/etc/postfix/aliases
/usr/bin/newaliases

postconf -n >/etc/postfix/main2.cf
cd /etc/postfix
mv main.cf main.cf_old
mv main2.cf main.cf

vim  main.cf

alias_maps = hash:/etc/aliases
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
html_directory = no
inet_interfaces = all
mail_owner = postfix
mailq_path = /usr/bin/mailq
manpage_directory = /usr/local/man
maps_rbl_reject_code = 450
message_size_limit = 512000000
mydestination = $myhostname, $mynetworks,localhost
mydomain = 52cp.cn
myhostname = mail.52cp.cn
mynetworks = 127.0.0.0/8
myorigin = $mydomain
newaliases_path = /usr/bin/newaliases
non_fqdn_reject_code = 450
queue_directory = /var/spool/postfix
readme_directory = no
sample_directory = /etc/postfix
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
smtpd_banner = $myhostname ESMTP $mail_name ($mail_version)
smtpd_recipient_limit = 100
smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_invalid_hostname,reject_non_fqdn_hostname,reject_unknown_sender_domain,reject_non_fqdn_sender,reject_non_fqdn_recipient,reject_unknown_recipient_domain,reject_unauth_pipelining,reject_unauth_destination,reject_rbl_client cblless.anti-spam.org.cn=127.0.8.5,permit
smtpd_reject_unlisted_recipient = no
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $mydomain
smtpd_sasl_security_options = noanonymous
smtpd_sender_login_maps = mysql:/etc/postfix/mysql_virtual_sender_maps.cf
smtpd_sender_restrictions = permit_mynetworks,reject_sender_login_mismatch
unknown_local_recipient_reject_code = 450
unknown_virtual_alias_reject_code = 450
unknown_virtual_mailbox_reject_code = 450
virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_transport = maildrop:

把extman/docs/mysql_* /etc/postfix/或者手动创建一下几个
vim /etc/postfix/mysql_virtual_alias_maps.cf

user = extmail
password = extmail
hosts = localhost
dbname = extmail
table = alias
select_field = goto
where_field = address
#additional_conditions = AND active = ‘1’

vim mysql_virtual_domains_maps.cf

user = extmail
password = extmail
hosts = localhost
dbname = extmail
table = domain
select_field = domain
where_field = domain
#additional_conditions = AND active = ‘1’

vim mysql_virtual_limit_maps.cf

user = extmail
password = extmail
hosts = localhost
dbname = extmail
table = mailbox
select_field = quota
where_field = username
additional_conditions = AND active = ‘1’

vim mysql_virtual_mailbox_maps.cf

user = extmail
password = extmail
hosts = localhost
dbname = extmail
table = mailbox
select_field = maildir
where_field = username
#additional_conditions = AND active = ‘1’

vim mysql_virtual_sender_maps.cf

user = extmail
password = extmail
hosts = localhost
dbname = extmail
table = mailbox
select_field = username
where_field = username
additional_conditions = AND active = ‘1’

SMTP认证需要透过cyrus-sasl,连接到authdaemon获取认证信息,编辑main.cf增加如下内容

broken_sasl_auth_clients = yes
smtpd_sender_login_maps = mysql:/etc/postfix/mysql_virtual_sender_maps.cf
smtpd_sender_restrictions = permit_mynetworks,reject_sender_login_mismatch

smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_invalid_hostname,reject_non_fqdn_hostname,reject_u
nknown_sender_domain,reject_non_fqdn_sender,reject_non_fqdn_recipient,reject_unknown_recipient_domain,reject_unauth_pipelining,rejec
t_unauth_destination,reject_rbl_client cblless.anti-spam.org.cn=127.0.8.5,permit

smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $mydomain
smtpd_sasl_security_options = noanonymous

编辑postfix的启动脚本:

vim /etc/init.d/postfix

===============================================================
#!/bin/sh
#
# postfix  Postfix Mail Transfer Agent
#
# chkconfig: 2345 80 30
# description: Postfix is a Mail Transport Agent, which is the program \
#  that moves mail from one machine to another.
# processname: master
# pidfile: /var/spool/postfix/pid/master.pid
# config: /etc/postfix/main.cf
# config: /etc/postfix/master.cf
#
# $Revision: 2.8 $
#

# Source function library.
. /etc/rc.d/init.d/functions

# Source networking configuration.
. /etc/sysconfig/network

# Check that networking is up.
[ ${NETWORKING} = “no” ] && exit 0

[ -x /usr/sbin/postfix ] || exit 0
[ -d /etc/postfix ] || exit 0
[ -d /var/spool/postfix ] || exit 0

RETVAL=0

start() {
# Start daemons.
echo -n “Starting postfix: “
/usr/sbin/postfix start 2>/dev/null 1>&2 && success || failure
RETVAL=$?
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/postfix
echo
return $RETVAL
}

stop() {
# Stop daemons.
echo -n “Shutting down postfix: “
/usr/sbin/postfix stop 2>/dev/null 1>&2 && success || failure
RETVAL=$?
[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/postfix
echo
return $RETVAL
}

reload() {
echo -n “Reloading postfix: “
/usr/sbin/postfix reload 2>/dev/null 1>&2 && success || failure
RETVAL=$?
echo
return $RETVAL
}

restart() {
stop
start
}

abort() {
/usr/sbin/postfix abort 2>/dev/null 1>&2 && success || failure
return $?
}

flush() {
/usr/sbin/postfix flush 2>/dev/null 1>&2 && success || failure
return $?
}

check() {
/usr/sbin/postfix check 2>/dev/null 1>&2 && success || failure
return $?
}

# See how we were called.
case “$1” in
start)
start
;;
stop)
stop
;;
restart)
restart
;;
reload)
reload
;;
abort)
abort
;;
flush)
flush
;;
check)
check
;;
status)
status master
;;
condrestart)
# don’t use /var/lock/subsys/postfix, check for postfix running directly
daemon_directory=$(postconf -h daemon_directory)
$daemon_directory/master -t 2>/dev/null && : || restart
;;
*)
echo “Usage: postfix {start|stop|restart|reload|abort|flush|check|status|condrestart}”
exit 1
esac

exit $?

======================================================
chmod +x /etc/init.d/postfix
chkconfig –add postfix
chkconfig postfix on

6、安装maildrop
tar jxf maildrop-2.0.4.tar.bz2
cd maildrop-2.0.4
ln -s /usr/local/courier-authlib/bin/courierauthconfig /usr/bin/courierauthconfig

./configure \
–enable-sendmail=/usr/sbin/sendmail \
–enable-trusted-users=’root vuser’ \
–enable-syslog=1 \
–enable-maildirquota \
–enable-maildrop-uid=1000 \
–enable-maildrop-gid=1000 \
–with-trashquota \
–with-dirsync

make && make install
ln -s /usr/local/bin/maildrop /usr/bin

maildrop -v
检查信息,如果有 courier-authlib 则表示安装成功)

maildrop 2.0.4 Copyright 1998-2005 Double Precision, Inc.
GDBM extensions enabled.
Courier Authentication Library extension enabled.
Maildir quota extension enabled.
This program is distributed under the terms of the GNU General Public
License. See COPYING for additional information.

新建配置/etc/maildroprc
指定maildrop的日志位置
vim /etc/maildroprc
logfile “/var/log/maildrop.log”

touch /var/log/maildrop.log
chown vuser.vgroup /var/log/maildrop.log
chmod a+r /etc/maildroprc

7、安装courier-imap
tar jxf courier-imap-4.4.0.tar.bz2
cd courier-imap-4.4.0
./configure \
–prefix=/usr/local/courier-imap \
–with-redhat \
–enable-unicode \
–disable-root-check \
–with-trashquota \
–without-ipv6 COURIERAUTHCONFIG=’/usr/local/courier-authlib/bin/courierauthconfig’

make && make install

cd /usr/local/courier-imap/etc/
cp imapd.dist imapd
cp imapd-ssl.dist imapd-ssl
cp pop3d.dist pop3d
cp pop3d-ssl.dist pop3d-ssl

vim /usr/local/courier-imap/etc/pop3d
修改POP3DSTART = YES
如果想提供IMAP服务,把imapd里面的”IMAPDSTART = YES”即可

设置courier-imapd开机启动
cp courier-imap下的courier-imap.sysvinit /etc/init.d/courier-imapd
chmod +x /etc/init.d/courier-imapd
chkconfig –add courier-imapd
chkconfig courier-imapd on

8、安装extman和extmail,提供web界面的管理
tar zxf extmail-1.2.tar.gz
tar zxf extman-1.1.tar.gz
创建
/var/www/extsuite
导入extman和extmail需要的数据库
mysql -u root -p < /var/www/extsuite/extman/docs/extmail.sql
mysql -u root -p < /var/www/extsuite/extman/docs/init.sql
在mysql自动创建了extmail库,设置用户extmail对库extmail的权限和密码extmail

由于 ExtMan 的体系与 ExtMail 比较类似,因此 ExtMan 需要使用 ExtMail 中几个基础 perl 模块,在extman 的源码包里,包含了一个叫 buildpkg.sh  的小脚本,该脚本完成了这些链接的工作,使用方法:
/var/www/extsuite/extman/libs/Ext/buildpkg.sh build /var/www/extsuite/extmail/libs/Ext
mkdir /var/www/extsuite/extman/tmp
chown -R vuser:vgroup /var/www/extsuite/extman/tmp

编辑extman下的webman.cf
修改SYS_SESS_DIR = /var/www/extsuite/extman/tmp

操作完毕后,需要建立刚才导入 mysql 的 test@extmail.org 帐户的 Maildir,请输入如下命令:
注:但实际导入的是postmaster@extmail.org
# cd /var/www/extsuite/extman/tools
# ./maildirmake.pl /home/domains/extmail.org/test/Maildir
# chown -R vuser:vgroup /home/domains/extmail.org
# chmod 700 /home

测试 maildrop:

# maildrop -V 10 -d test@extmail.org
这个时候,会出现“Invalid user specified”的错误,不要惊慌,这是正常的,因为Mysql数据库里只有postmaster@extmail.org,而你给的命令是test@extmail.org,当然它会告诉你,你指定的是非法用户。注意,这个时候,/home/domains/extmail.org下面的是test目录。现在输入/usr/local/mysql/bin/mysql -u root -p,然后回车,输入密码后,就进入了Mysql的命令行控制界面。以下如果没有说明,都是在Mysql提示符下面进行的操作
show databases; 这是检查目前已经建立的Mysql数据库,看见extmail就对了
use extmail;  你会看到database changed这样的提示,表示你已经选择了extmail数据库
show tables;  显示extmail数据库里面的所有表
select * from mailbox;  显示mailbox表里面所有的记录,当然目前只有一条
update mailbox set username=”test@extmail.org”;
update mailbox set uid=”test”;
update mailbox set name=”test”;
update mailbox set maildir=”extmail.org/test/Maildir/”;
update mailbox set homedir=”extmail.org/test”;
\q
以上语句均在Mysql提示符下进行操作,大家可以完全拷贝。经过这样操作之后,我们就把Mysql数据库里面的记录由Postmaster改成了test。

重新启动courier-authlib、courier-imap、postfix、apache

在apache配置extman和extmail

vim httpd-vhosts.conf

<VirtualHost *:80>
ServerAdmin lijun@domains.com
DocumentRoot “/var/www/extsuite/extmail/html/”
ServerName mail.domains.com
ScriptAlias  /extmail/cgi/ /var/www/extsuite/extmail/cgi/
Alias  /extmail/  /var/www/extsuite/extmail/html/
ScriptAlias  /extman/cgi/  /var/www/extsuite/extman/cgi/
Alias  /extman/  /var/www/extsuite/extman/html/
CustomLog “|/usr/local/sbin/cronolog /www/logs/monitor.domains.com-access_log.%Y%m%d” combined env=!IMAG
</VirtualHost>

注意:apache的运行用户必须是vuser和vgroup否则extmail不能通过apache创建用户目录等,只能在数据插入记录数据,等登陆的时候提示
can’t to domains/test/Maildir 没有权限之类。
访问:http://mail.domains.com 将看到web页面,此时没有加用户,所以不能登陆,登陆到管理后台
http://mail.domains.com/extman/ 增加新用户才能登陆
默认的超级管理员用户是  root@extmail.org  密码是“extmail*123*”,登陆后记得修改默认密码,同时增加相应邮件域和域管理员

如果要在Extman里面创建一个帐号之后,能够自动在/home/domain/下面创造目录,要不就把Apache的属主和属组改成vuser vgroup,要不采用suExeC方法
如果验证码不显示,安装perl-GD即可。
不能登陆系统显示session问题的,检查SYS_SESS_DIR目录和相应的权限是否是apache运行的权限。

此条目发表在Postfix分类目录,贴了, , , , , , 标签。将固定链接加入收藏夹。

发表评论

电子邮件地址不会被公开。 必填项已用*标注