马哥 26_02 _邮件服务系列之虚拟域、虚拟用户和webmail 有大用

星期日, 2020-07-05 01:39 — adminshiping1

cyrus-sasl 连接mysql过于底层,所以通过 Courier-authlib 来连接mysql

Postfix 直接找 Courier-authlib配置过于复杂,所以要通过 Cyrus-sasl

Courier-authlib 是一个美籍俄罗斯人,是一个独立完整的邮件系统

https://www.courier-mta.org/authlib/

http://www.courier-mta.org/

http://www.courier-mta.org/authlib/

http://www.courier-mta.org/download.html#authlib

https://sourceforge.net/projects/courier/files/

https://osdn.net/projects/sfnet_courier/downloads/authlib/0.65.0/courier-authlib-0.65.0.tar.bz2/ 这里看看下载

[root@mail ~]# wget http://svwh.dl.sourceforge.net/project/courier/authlib/0.65.0/courier-authlib-0.65.0.tar.bz2

[root@mail ~]# tar xf courier-authlib-0.65.0.tar.bz2

[root@mail ~]# cd courier-authlib-0.65.0

[root@mail courier-authlib-0.65.0]#

上图的反斜线叫续行符

可以不使用 --without-authpam 等 without ,但是可能配置起来会麻烦一点

authmysqlrc 这里 rc 表示的资源配置文件(resource config ?)

authlib 要用到 ltdl的功能所以要带上 with-ltdl-lib 和 with-ltdl-include

ltdl 是什么?

[root@mail courier-authlib-0.65.0]# yum list all | grep ltdl

file:///media/cdrom/Server/repodata/repomd.xml: [Errno 5] OSError: [Errno 2] 没有那个文件或目录: '/media/cdrom/Server/repodata/repomd.xml'

Trying other mirror.

libtool-ltdl.i386 1.5.22-7.el5_4 Cdrom_Base

libtool-ltdl-devel.i386 1.5.22-7.el5_4 Cdrom_Base

[root@mail courier-authlib-0.65.0]# yum install libtool-ltdl libtool-ltdl-devel # 进行安装

[root@mail courier-authlib-0.65.0]# rpm -qi libtool-ltdl

Name : libtool-ltdl Relocations: (not relocatable)

Version : 1.5.22 Vendor: Red Hat, Inc.

Release : 7.el5_4 Build Date: 2009年11月23日星期一 22时59分46秒

Install Date: 2020年07月05日星期日 10时48分40秒 Build Host: hs20-bc1-5.build.redhat.com

Group : System Environment/Libraries Source RPM: libtool-1.5.22-7.el5_4.src.rpm

Size : 50893 License: LGPL

Signature : DSA/SHA1, 2009年12月05日星期六 03时50分36秒, Key ID 5326810137017186

Packager : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla>

URL : http://www.gnu.org/software/libtool/

Summary : GNU Libtool 动态模块加载程序的运行时库函数

Description :

The libtool-ltdl package contains the GNU Libtool Dynamic Module Loader, a

library that provides a consistent, portable interface which simplifies the

process of using dynamic modules.

These runtime libraries are needed by programs that link directly to the

system-installed ltdl libraries; they are not needed by software built using the

rest of the GNU Autotools (including GNU Autoconf and GNU Automake).

[root@mail courier-authlib-0.65.0]# ./configure \

--prefix=/usr/local/courier-authlib \

--sysconfdir=/etc \

--without-authpam \

--without-authshadow \

--without-authvchkpw \

--without-authpgsql \

--with-authmysql \

--with-mysql-libs=/usr/lib/mysql \

--with-mysql-includes=/usr/include/mysql \

--with-redhat \

--with-authmysqlrc=/etc/authmysqlrc \

--with-authdaemonrc=/etc/authdaemonrc \

--with-mailuser=postfix \

--with-mailgroup=postfix \

--with-ltdl-lib=/usr/lib \

--with-ltdl-include=/usr/include

上面配置执行完毕后

[root@mail courier-authlib-0.65.0]# make && make install

由下面 sqlite-devel 己经装上去了

[root@mail courier-authlib-0.65.0]# yum list all | grep sqlite

This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.

python-sqlite.i386 1.1.7-1.2.1 installed

sqlite.i386 3.3.6-7 installed

sqlite-devel.i386 3.3.6-7 installed

qt4-sqlite.i386 4.2.1-1.el5_7.1 cdrom

[root@mail courier-authlib-0.65.0]#

[root@mail courier-authlib-0.65.0]# ./configure --help | less

`configure' configures courier-authlib 0.65.0 to adapt to many kinds of systems.

Usage: ./configure [OPTION]... [VAR=VALUE]...

To assign environment variables (e.g., CC, CFLAGS...), specify them as

VAR=VALUE. See below for descriptions of some of the useful variables.

Defaults for the options are specified in brackets.

Configuration:

-h, --help display this help and exit

--help=short display options specific to this package

--help=recursive display the short help of all the included packages

-V, --version display version information and exit

-q, --quiet, --silent do not print `checking ...' messages

--cache-file=FILE cache test results in FILE [disabled]

-C, --config-cache alias for `--cache-file=config.cache'

-n, --no-create do not create output files

--srcdir=DIR find the sources in DIR [configure dir or `..']

Installation directories:

--prefix=PREFIX install architecture-independent files in PREFIX

sqlite 用不上我们配置时去掉它吧

在上面的 ./configure 命令中加上 --without-authsqlite

即

./configure \

--prefix=/usr/local/courier-authlib \

--sysconfdir=/etc \

--without-authpam \

--without-authshadow \

--without-authvchkpw \

--without-authpgsql \

--without-authsqlite \

--with-authmysql \

--with-mysql-libs=/usr/lib/mysql \

--with-mysql-includes=/usr/include/mysql \

--with-redhat \

--with-authmysqlrc=/etc/authmysqlrc \

--with-authdaemonrc=/etc/authdaemonrc \

--with-mailuser=postfix \

--with-mailgroup=postfix \

--with-ltdl-lib=/usr/lib \

--with-ltdl-include=/usr/include

# 清理一个刚才编译的结果

[root@mail courier-authlib-0.65.0]# make clean

[root@mail courier-authlib-0.65.0]# ./configure \

--prefix=/usr/local/courier-authlib \

--sysconfdir=/etc \

--without-authpam \

--without-authshadow \

--without-authvchkpw \

--without-authpgsql \

--without-authsqlite \

--with-authmysql \

--with-mysql-libs=/usr/lib/mysql \

--with-mysql-includes=/usr/include/mysql \

--with-redhat \

--with-authmysqlrc=/etc/authmysqlrc \

--with-authdaemonrc=/etc/authdaemonrc \

--with-mailuser=postfix \

--with-mailgroup=postfix \

--with-ltdl-lib=/usr/lib \

--with-ltdl-include=/usr/include

再装一下 expect (这个其实可以安全忽略掉的)

[root@mail courier-authlib-0.65.0]# yum install expect

再执行 ./configure 命令,还报同样的错

[root@mail courier-authlib-0.65.0]# ldconfig -v

再再执行 ./configure 命令,还还报同样的错

看下 sqlite-devel 的头文件和库文件路径

[root@mail courier-authlib-0.65.0]# rpm -ql sqlite-devel

把 ./configure 改下,再执行

下面的代码与上面的代码相比是去掉了 --without-authsqlite \

加上了

--with-sqlite-libs=/usr/lib \

--with-sqlite-includes=/usr/include \

./configure \

--prefix=/usr/local/courier-authlib \

--sysconfdir=/etc \

--without-authpam \

--without-authshadow \

--without-authvchkpw \

--without-authpgsql \

--with-sqlite-libs=/usr/lib \

--with-sqlite-includes=/usr/include \

--with-authmysql \

--with-mysql-libs=/usr/lib/mysql \

--with-mysql-includes=/usr/include/mysql \

--with-redhat \

--with-authmysqlrc=/etc/authmysqlrc \

--with-authdaemonrc=/etc/authdaemonrc \

--with-mailuser=postfix \

--with-mailgroup=postfix \

--with-ltdl-lib=/usr/lib \

--with-ltdl-include=/usr/include

其实一开始的时候,马哥就让我们装一大堆东西

[root@mail courier-authlib-0.65.0]# make && make install

( 解决问题的思路,是看报错信息, 然后 yum list all | grep 关键字 ,,,然后 yum install 一下它和它的devel 包,不行的话,再把信息复制到谷歌上搜一下 )

(头文件和库文件都有,仍然报错,有可能就是这个软件的本身的bug,也有可能就是版本不匹配,比如现在需要的sqlite版本与已经发装的sqlite版本不一致,,,,我们降低courier-authlib的版本,也许需要的sqlite版本就低了,就能与sqlite版本保持一致了 )

我们降低 courier-authlib的版本试试 (使用 courier-authlib-0.64.0)

所以 ./configure命令里面可以去掉

--with-sqlite-libs=/usr/lib \

--with-sqlite-includes=/usr/include \

这两行

即

[root@mail courier-authlib-0.64.0]# ./configure \

--prefix=/usr/local/courier-authlib \

--sysconfdir=/etc \

--without-authpam \

--without-authshadow \

--without-authvchkpw \

--without-authpgsql \

--with-authmysql \

--with-mysql-libs=/usr/lib/mysql \

--with-mysql-includes=/usr/include/mysql \

--with-redhat \

--with-authmysqlrc=/etc/authmysqlrc \

--with-authdaemonrc=/etc/authdaemonrc \

--with-mailuser=postfix \

--with-mailgroup=postfix \

--with-ltdl-lib=/usr/lib \

--with-ltdl-include=/usr/include

[root@mail courier-authlib-0.64.0]# make && make install

[root@mail courier-authlib-0.64.0]# ./configure --help | less

[root@mail courier-authlib-0.64.0]# cd /usr/local/courier-authlib/

[root@mail courier-authlib]# ls

bin include lib libexec sbin share var

[root@mail courier-authlib]# cd var/

[root@mail var]# ls

spool

[root@mail var]# cd spool/

[root@mail spool]# ls

authdaemon

[root@mail spool]# cd authdaemon/

[root@mail authdaemon]# ls

[root@mail authdaemon]# pwd

/usr/local/courier-authlib/var/spool/authdaemon

默认是这个路径,等courier-authlib服务启动后,在这个目录下会生成 socket 文件的,这个socket文件是与其它的服务进行通信的

[root@mail authdaemon]#

改下 /usr/local/courier-authlib/var/spool/authdaemon 这个目录的权限

[root@mail authdaemon]# chmod 755 /usr/local/courier-authlib/var/spool/authdaemon

[root@mail authdaemon]#

开另一个窗口

[root@mail ~]# cd courier-authlib-0.64.0

[root@mail courier-authlib-0.64.0]# ls

aclocal.m4 authpipe.lo courier-authlib.spec

authchangepwdir.h authpipe.o courier-authlib.spec.in

authcustom.c authpiperc.h courier-authlib.sysvinit

authcustom.h authpwd.c courier-authlib.sysvinit.in

authcustom.lo authpwdenumerate.c courierauthsaslclient.h

authcustom.o authpwdenumerate.lo courierauthsasl.h

authdaemon.c authpwdenumerate.o courierauthstaticlist.h

authdaemond auth_sasl.3 cramlib.c

authdaemond.c authsasl.c cramlib.h

authdaemond.in authsaslclient.c cramlib.lo

authdaemond.o authsaslclientcram.c cramlib.o

authdaemondprog authsaslclientcram.lo cryptpassword.c

authdaemonlib.c authsaslclientcrammd5.c cryptpassword.lo

authdaemonlib.lo authsaslclientcrammd5.lo cryptpassword.o

authdaemonlib.o authsaslclientcrammd5.o dbobj.config

authdaemon.lo authsaslclientcram.o dbobj.config.in

authdaemon.o authsaslclientcramsha1.c dbobj.h

authdaemonrc authsaslclientcramsha1.lo dbobj.h.in

authdaemonrc.h authsaslclientcramsha1.o debug.c

authdaemonrc.in authsaslclientexternal.c debug.lo

authdaemontest authsaslclientexternal.lo debug.o

authdaemontest.c authsaslclientexternal.o depcomp

authdaemontest.o authsaslclient.h gdbmobj

authenumerate authsaslclient.lo INSTALL

auth_enumerate.3 authsaslclientlogin.c INSTALL.html

authenumerate.c authsaslclientlogin.lo install-sh

auth_enumerate.html authsaslclientlogin.o libauthcustom.la

authenumerate.o authsaslclient.o libauthldap.la

auth_generic.3 authsaslclientplain.c libauthmysql.la

auth_generic.html authsaslclientplain.lo libauthpipe.la

auth_getoption.3 authsaslclientplain.o libauthuserdb.la

auth_getoption.html authsaslcram.c libcourierauthcommon.la

auth_getuserinfo.3 authsaslcram.lo libcourierauth.la

auth_getuserinfo.html authsaslcram.o libcourierauthsaslclient.la

auth.h auth_sasl_ex.3 libcourierauthsasl.la

authinfo.c authsaslfrombase64.c libhmac

authinfo.o authsaslfrombase64.lo liblock

authldap.c authsaslfrombase64.o liblog

authldapescape.c auth_sasl.html libtool

authldapescape.lo authsasl.lo ltmain.sh

authldapescape.o authsasllogin.c mailusergroup.h

authldap.h authsasllogin.lo makedat

authldap.ldif authsasllogin.o Makefile

authldaplib.c authsasl.o Makefile.am

authldaplib.lo authsaslplain.c Makefile.in

authldaplib.o authsaslplain.lo md5

authldap.lo authsaslplain.o missing

authldap.o authsasltobase64.c NEWS

authldaprc authsasltobase64.lo NEWS.html

authldaprc.h authsasltobase64.o numlib

authldap.schema authshadow.c packageversion.h

authlib.3 authsyschangepwd.c pgpkeys.txt

authlib.3.in authsyschangepwd.lo pkgincludedir.h

authlib.html authsyschangepwd.o pkglibdir.h

authlib.html.in authsyscommon.c preauthcustom.c

auth_login.3 authsyscommon.lo preauthcustom.lo

auth_login.html authsyscommon.o preauthcustom.o

authmigrate authsystem.passwd preauthdaemon.c

authmigrate.in authsystem.passwd.in preauthdaemon.lo

authmksock authtest preauthdaemon.o

authmksock.c authtest.1 preauthldap.c

authmksock.o authtest.c preauthldap.lo

authmoduser2.c authtest.html preauthldap.o

authmoduser2.lo authtest.o preauthmysql.c

authmoduser2.o authuserdb.c preauthmysql.lo

authmoduser3.c authuserdb.lo preauthmysql.o

authmoduser3.lo authuserdb.o preauthpam.c

authmoduser3.o authuserdbpwd.c preauthpgsql.c

authmysql.c authuserdbpwd.lo preauthpwd.c

authmysql.h authuserdbpwd.o preauthshadow.c

authmysqllib.c authwait.h preauthuserdb.c

authmysqllib.lo bdbobj preauthuserdbcommon.c

authmysqllib.o ChangeLog preauthuserdbcommon.lo

authmysql.lo checkpassword.c preauthuserdbcommon.o

authmysql.o checkpassword.lo preauthuserdb.lo

authmysqlrc checkpasswordmd5.c preauthuserdb.o

authmysqlrc.h checkpasswordmd5.lo random128

authoption.c checkpasswordmd5.o README

authoption.lo checkpassword.o README.authdebug.html

authoption.o checkpasswordsha1.c README.authdebug.html.in

AUTHORS checkpasswordsha1.lo README_authlib.html

authpam.c checkpasswordsha1.o README_authlib.html.in

authpasswd config.guess README.authmysql.html

authpasswd.1 config.log README.authmysql.myownquery

auth_passwd.3 config.status README.authpostgres.html

authpasswd.c config.sub README.html

auth_passwd.html configure README.ldap

authpasswd.html configure.in rfc822

authpasswd.o COPYING samplepipe.pl

authpgsql.c COPYING.GPL sbindir.h

authpgsql.h courierauthconfig sha1

authpgsqllib.c courier_auth_config.h stamp-h1

authpgsqlrc courier_auth_config.h.in sysconftool

authpgsqlrc.h courierauthdebug.h unicode

authpipe.c courierauth.h userdb

authpipelib.c courier-authlib.lpspec userdb-test-cram-md5.pl

authpipelib.h courier-authlib.lpspec.in userdb-test-cram-md5.pl.in

authpipelib.lo courier-authlib.service

authpipelib.o courier-authlib.service.in

[root@mail courier-authlib-0.64.0]#

复制这两个配置文件

[root@mail authdaemon]# cp /etc/authdaemonrc.dist /etc/authdaemonrc

[root@mail authdaemon]# cp /etc/authmysqlrc.dist /etc/authmysqlrc

[root@mail authdaemon]#

[root@mail authdaemon]# vim /etc/authdaemonrc

........................

#authmodulelist="authuserdb authldap authmysql authcustom authpipe"

authmodulelist="authmysql"

........................

#authmodulelistorig="authuserdb authldap authmysql authcustom authpipe"

authmodulelistorig="authmysql"

..........................

daemons=5

..........................

authdaemonvar=/usr/local/courier-authlib/var/spool/authdaemon #这里可以改成 /var/spool/authdaemon 但需要建目录,改目录权限

..........................

# DEBUG_LOGIN=0 - turn off debugging

# DEBUG_LOGIN=1 - turn on debugging

# DEBUG_LOGIN=2 - turn on debugging + log passwords too

# ** YES ** - DEBUG_LOGIN=2 places passwords into syslog.

# Note that most information is sent to syslog at level 'debug', so

# you may need to modify your /etc/syslog.conf to be able to see it.

DEBUG_LOGIN=2 # 如果登录不了的话,可以改为2进行调试,调试好后改为0

..........................

[root@mail authdaemon]# vim /etc/authmysqlrc

#MYSQL_SERVER mysql.example.com

MYSQL_SERVER localhost

#MYSQL_USERNAME admin

MYSQL_USERNAME extmail

#MYSQL_PASSWORD admin

MYSQL_PASSWORD extmail

# MYSQL_SOCKET /var/mysql/mysql.sock

MYSQL_SOCKET /mydata/data/mysql.sock

#MYSQL_PORT 0

MYSQL_PORT 3306 #事实上我们主要是以sock通信的,所以 3306其实用不着

MYSQL_OPT 0 #额外选项

#MYSQL_DATABASE mysql

MYSQL_DATABASE extmail # 账号密码存在mysql的哪个数据库中,这个库是由 extmail程序创建的

#MYSQL_USER_TABLE passwd

MYSQL_USER_TABLE mailbox #mysql用户账号放在哪个表当中 mailbox这个表是extmail自动生成的

#MYSQL_CRYPT_PWFIELD crypt

MYSQL_CRYPT_PWFIELD password #mysql的哪个字段是用户的密码

#MYSQL_UID_FIELD uid

MYSQL_UID_FIELD 2525 #postfix用户的uid

##NAME: MYSQL_GID_FIELD:0

# Numerical groupid of the account

#MYSQL_GID_FIELD gid

MYSQL_GID_FIELD 2525 #postfix用户的gid 组id

#MYSQL_LOGIN_FIELD id

MYSQL_LOGIN_FIELD username #这是登录的账号名

#MYSQL_HOME_FIELD home

MYSQL_HOME_FIELD concat('/var/mailbox/',homedir) #没有家目录,就是放邮件的目录,用户家目录的绝对路径

MYSQL_NAME_FIELD name #登录号(用户名全名)

# MYSQL_MAILDIR_FIELD maildir

MYSQL_MAILDIR_FIELD concat('/var/mailbox/',maildir) #每个用户的邮件目录,与用户名保持一致

下面搜索看看 mysql.sock的路径

[root@mail courier-authlib-0.64.0]# locate mysql.sock

/mydata/data/mysql.sock

[root@mail courier-authlib-0.64.0]# ls /mydata/data/

auto.cnf localhost.localdomain.err mysql-bin.000002 performance_schema

ibdata1 mail.magedu.com.err mysql-bin.000003 test

ib_logfile0 mysql mysql-bin.index www.a.org.err

ib_logfile1 mysql-bin.000001 mysql.sock

[root@mail courier-authlib-0.64.0]#

复制 (创建) init.d脚本

[root@mail courier-authlib-0.64.0]# pwd

/root/courier-authlib-0.64.0

[root@mail courier-authlib-0.64.0]# cp courier-authlib.sysvinit /etc/rc.d/init.d/courier-authlib

[root@mail courier-authlib-0.64.0]#

加执行权限

[root@mail courier-authlib-0.64.0]# chmod +x /etc/rc.d/init.d/courier-authlib

[root@mail courier-authlib-0.64.0]#

加到服务列表中去

[root@mail authdaemon]# chkconfig --add courier-authlib

[root@mail authdaemon]#

检查一下 (2,3,4,5默认就是on了,也就不用手动on了?)

[root@mail authdaemon]# chkconfig --list courier-authlib

courier-authlib 0:关闭 1:关闭 2:启用 3:启用 4:启用 5:启用 6:关闭

[root@mail authdaemon]#

启动 courier-authlib 服务

[root@mail authdaemon]# service courier-authlib start

Starting Courier authentication services: authdaemond

[root@mail authdaemon]#

下面这两项用不着,可以不用做了

有六个进程,,一个是主控进程(控制进程,专门用来生成其它进程的),另外五个是工作进程,跟 prefork 一样

[root@mail authdaemon]# ps aux | grep auth

root 4097 0.0 0.1 7872 1864 ? S Jul03 0:00 dovecot-auth

root 4440 0.0 0.0 5720 492 ? Ss Jul03 0:00 /usr/sbin/saslauthd -m /var/run/saslauthd -a shadow

root 4441 0.0 0.0 5720 272 ? S Jul03 0:00 /usr/sbin/saslauthd -m /var/run/saslauthd -a shadow

root 4442 0.0 0.0 5720 268 ? S Jul03 0:00 /usr/sbin/saslauthd -m /var/run/saslauthd -a shadow

root 4443 0.0 0.0 5720 268 ? S Jul03 0:00 /usr/sbin/saslauthd -m /var/run/saslauthd -a shadow

root 4444 0.0 0.0 5720 268 ? S Jul03 0:00 /usr/sbin/saslauthd -m /var/run/saslauthd -a shadow

root 22656 0.0 0.0 1764 432 ? S 10:21 0:00 /usr/local/courier-authlib/sbin/courierlogger -pid=/usr/local/courier-authlib/var/spool/authdaemon/pid -start /usr/local/courier-authlib/libexec/courier-authlib/authdaemond

root 22657 0.0 0.1 6924 1484 ? S 10:21 0:00 /usr/local/courier-authlib/libexec/courier-authlib/authdaemond

root 22658 0.0 0.0 6924 500 ? S 10:21 0:00 /usr/local/courier-authlib/libexec/courier-authlib/authdaemond

root 22659 0.0 0.0 6924 500 ? S 10:21 0:00 /usr/local/courier-authlib/libexec/courier-authlib/authdaemond

root 22660 0.0 0.0 6924 500 ? S 10:21 0:00 /usr/local/courier-authlib/libexec/courier-authlib/authdaemond

root 22661 0.0 0.0 6924 500 ? S 10:21 0:00 /usr/local/courier-authlib/libexec/courier-authlib/authdaemond

root 22662 0.0 0.0 6924 500 ? S 10:21 0:00 /usr/local/courier-authlib/libexec/courier-authlib/authdaemond

root 22677 0.0 0.0 4280 700 pts/1 S+ 10:25 0:00 grep auth

[root@mail authdaemon]#

[root@mail authdaemon]# ls /etc/postfix/ 没有mysql_virtual_mailbox_maps.cf ,mysql_virtual_domains_maps.cf ,没关系,是extmail提供的,我们不用做任何修改

access canonical LICENSE makedefs.out TLS_LICENSE

aliases generic main.cf master.cf transport

bounce.cf.default header_checks main.cf.default relocated virtual

[root@mail authdaemon]#

邮箱格式两种:

Maildir:

Mailbox:

使用虚拟用户时,只能用 Maildir

[root@mail ~]# mkdir /var/mailbox

[root@mail ~]# chown postfix /var/mailbox

[root@mail ~]#

[root@mail ~]# vim /usr/lib/sasl2/smtpd.conf

pwcheck_method: authdaemond

log_level:3

mech_list: PLAIN LOGIN

authdaemond_path:/usr/local/courier-authlib/var/spool/authdaemon/socket

[root@mail ~]# service saslauthd restart (不启动也没关系,因为现在用不着saslauthd服务了)

停止 saslauthd： [确定]

启动 saslauthd： [确定]

[root@mail ~]#

[root@mail ~]# vim /etc/postfix/main.cf #以前的关于 cyrus-sasl的配置不要动 ,,(因为虚拟域和虚拟用户基于sasl)

#最结尾处添加下面的代码

#=====================Vritual Mailbox settings====================

# 指定用户邮箱所在的根目录

virtual_mailbox_base = /var/mailbox

virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf

virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf

virtual_alias_domains =

virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf

virtual_uid_maps = static:2525

virtual_gid_maps = static:2525

virtual_transport = virtual

#use this for virtual delivery（如果没有安装maildrop，则此处为virtual）#virtual_transport = virtual

#use this for maildrop-delivery （如果有maildrop，则此处为maildrop）virtual_transport = maildrop

#Maildrop-Options for usage with maildrop

maildrop_destination_recipient_limit = 1

maildrop_destination_concurrency_limit = 1

#====================QUOTA settings========================

message_size_limit = 14336000

virtual_mailbox_limit = 20971520

virtual_create_maildirsize = yes

virtual_mailbox_extended = yes

virtual_mailbox_limit_maps = mysql:/etc/postfix/mysql_virtual_mailbox_limit_maps.cf

virtual_mailbox_limit_override = yes

virtual_maildir_limit_message = Sorry, the user's maildir has overdrawn his diskspace quota, please Tidy your mailbox and try again later

virtual_overquota_bounce = yes

[root@mail ~]# postconf -n

broken_sasl_auth_clients = yes

command_directory = /usr/sbin

config_directory = /etc/postfix

daemon_directory = /usr/libexec/postfix

data_directory = /var/lib/postfix

debug_peer_level = 2

debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5

html_directory = no

inet_interfaces = all

inet_protocols = ipv4

mail_owner = postfix

mailq_path = /usr/bin/mailq

manpage_directory = /usr/local/man

message_size_limit = 14336000

mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain,ns.$mydomain

mydomain = magedu.com

myhostname = mail.magedu.com

mynetworks = 127.0.0.0/8

myorigin = $mydomain

newaliases_path = /usr/bin/newaliases

queue_directory = /var/spool/postfix

readme_directory = no

sample_directory = /etc/postfix

sendmail_path = /usr/sbin/sendmail

setgid_group = postdrop

smtpd_banner = Welcome to our $myhostname ESMTP,Warning: Version not Available!

smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_invalid_hostname,reject_non_fqdn_hostname,reject_unknown_sender_domain,reject_non_fqdn_sender,reject_non_fqdn_recipient,reject_unknown_recipient_domain,reject_unauth_pipelining,reject_unauth_destination

smtpd_sasl_auth_enable = yes

smtpd_sasl_local_domain = $myhostname

smtpd_sasl_security_options = noanonymous

unknown_local_recipient_reject_code = 550

virtual_alias_domains =

virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf

virtual_gid_maps = static:2525

virtual_mailbox_base = /var/mailbox

virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf

virtual_mailbox_limit = 20971520

virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf

virtual_transport = virtual

virtual_uid_maps = static:2525

postconf: warning: /etc/postfix/main.cf: unused parameter: maildrop_destination_concurrency_limit=1

postconf: warning: /etc/postfix/main.cf: unused parameter: virtual_overquota_bounce=yes

postconf: warning: /etc/postfix/main.cf: unused parameter: smtpd_sasl_application_name=smtpd

postconf: warning: /etc/postfix/main.cf: unused parameter: virtual_mailbox_limit_maps=mysql:/etc/postfix/mysql_virtual_mailbox_limit_maps.cf

postconf: warning: /etc/postfix/main.cf: unused parameter: virtual_maildir_limit_message=Sorry, the user's maildir has overdrawn his diskspace quota, please Tidy your mailbox and try again later

postconf: warning: /etc/postfix/main.cf: unused parameter: maildrop_destination_recipient_limit=1

postconf: warning: /etc/postfix/main.cf: unused parameter: virtual_create_maildirsize=yes

postconf: warning: /etc/postfix/main.cf: unused parameter: virtual_mailbox_extended=yes

postconf: warning: /etc/postfix/main.cf: unused parameter: virtual_mailbox_limit_override=yes

看到上面的警告,,一些参数不能用,可以先注释掉

[root@mail ~]#

[root@mail ~]# vim /etc/postfix/main.cf #在这个文件里注释掉上面相应的参数

可以看到里面涉及到三个文件,我们要准备一下

[root@mail ~]# postconf -n # 后面就看不到警告了

下载extman extmail

下图是马哥从他自己网盘上下载的

https://zh.osdn.net/projects/sfnet_ds5752/downloads/yu/extman-1.1.tar.gz/ 这里下载吧

[root@mail ~]# wget http://master.dl.sourceforge.net/project/ds5752/yu/extman-1.1.tar.gz

https://zh.osdn.net/projects/sfnet_ds5752/downloads/yu/extmail-1.2.tar.gz/ 这里下载吧

[root@mail ~]# wget http://master.dl.sourceforge.net/project/ds5752/yu/extmail-1.2.tar.gz

[root@mail ~]# tar xf extman-1.1.tar.gz

[root@mail ~]# cd extman-1.1

[root@mail extman-1.1]# ls

addon ChangeLog docs lang README.fcgi webman.cf.default

AUTHORS contrib html libs tools

cgi daemon INSTALL README Version

[root@mail extman-1.1]#

[root@mail extman-1.1]# cd docs/

[root@mail docs]# pwd

/root/extman-1.1/docs

[root@mail docs]#

[root@mail docs]# ls

backport ldap_virtual_mailbox_maps.cf

extmail.schema ldap_virtual_sender_maps.cf

extmail.sql mysql_virtual_alias_maps.cf

init.ldif mysql_virtual_domains_maps.cf

init.sql mysql_virtual_limit_maps.cf

ldap_virtual_alias_maps.cf mysql_virtual_mailbox_maps.cf

ldap_virtual_domains_maps.cf mysql_virtual_sender_maps.cf

ldap_virtual_limit_maps.cf README.postfix

[root@mail docs]#

[root@mail docs]# mysql -uroot -h127.0.0.1 < extmail.sql (如果报错,见 /node-admin/15287 )

[root@mail docs]# mysql -uroot -h127.0.0.1 < init.sql

[root@mail docs]# mysql -uroot -h127.0.0.1

# extmail.* 表示数据库extmail里面的所有表 extmail@localhost表示localhost上的extmail用户名

# IDENTIFIED BY 'extmail' 表示密码为 extmail

mysql> GRANT ALL PRIVILEGES ON extmail.* TO extmail@localhost IDENTIFIED BY 'extmail';

Query OK, 0 rows affected (0.00 sec)

#下面一句是把 localhost 改为127.0.0.1

mysql> GRANT ALL PRIVILEGES ON extmail.* TO extmail@127.0.0.1 IDENTIFIED BY 'extmail';

Query OK, 0 rows affected (0.00 sec)

mysql> flush PRIVILEGES;

Query OK, 0 rows affected (0.00 sec)

mysql>

[root@mail docs]# pwd

/root/extman-1.1/docs

[root@mail docs]#

[root@mail docs]# ls

backport init.sql ldap_virtual_mailbox_maps.cf mysql_virtual_limit_maps.cf

extmail.schema ldap_virtual_alias_maps.cf ldap_virtual_sender_maps.cf mysql_virtual_mailbox_maps.cf

extmail.sql ldap_virtual_domains_maps.cf mysql_virtual_alias_maps.cf mysql_virtual_sender_maps.cf

init.ldif ldap_virtual_limit_maps.cf mysql_virtual_domains_maps.cf README.postfix

[root@mail docs]#

复制配置文件

[root@mail docs]# cp mysql_virtual_* /etc/postfix/

[root@mail docs]#

[root@mail postfix]# ls

access generic main.cf.default mysql_virtual_domains_maps.cf relocated

aliases header_checks makedefs.out mysql_virtual_limit_maps.cf TLS_LICENSE

bounce.cf.default LICENSE master.cf mysql_virtual_mailbox_maps.cf transport

canonical main.cf mysql_virtual_alias_maps.cf mysql_virtual_sender_maps.cf virtual

[root@mail postfix]#

[root@mail postfix]# vim mysql_virtual_domains_maps.cf

user = extmail

password = extmail

hosts = localhost

dbname = extmail

table = domain

select_field = domain

where_field = domain

additional_conditions = AND active = '1'

取消中心域使用虚拟域注释掉下面几个东西

[root@mail postfix]# vim /etc/postfix/main.cf

#myhostname = mail.magedu.com

#mydomain = magedu.com

#myorigin = $mydomain

#mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain,ns.$mydomain

重启 postfix

[root@mail postfix]# service postfix restart

关闭 postfix： [确定]

启动 postfix： [确定]

[root@mail postfix]#

[root@mail ~]# telnet 192.168.1.85 25

Trying 192.168.1.85...

Connected to www.a.org (192.168.1.85).

Escape character is '^]'.

220 Welcome to our mail.magedu.com ESMTP,Warning: Version not Available!

EHLO mail.magedu.com

250-mail.magedu.com

250-PIPELINING

250-SIZE 14336000

250-VRFY

250-ETRN

250-AUTH PLAIN LOGIN

250-AUTH=PLAIN LOGIN

250-ENHANCEDSTATUSCODES

250-8BITMIME

250 DSN

mail from:root@magedu.com

250 2.1.0 Ok

rcpt to:hadoop@magedu.com # 看到此时不能发邮件了

454 4.7.1 <hadoop@magedu.com>: Relay access denied

quit

221 2.0.0 Bye

Connection closed by foreign host.

[root@mail ~]#

[root@mail ~]# mysql

Welcome to the MySQL monitor. Commands end with ; or \g.

Your MySQL connection id is 8

Server version: 5.0.95 Source distribution

Oracle is a registered trademark of Oracle Corporation and/or its

affiliates. Other names may be trademarks of their respective

owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> show databases;

+--------------------+

| Database |

+--------------------+

| information_schema |

| extmail |

| mysql |

| performance_schema |

| test |

+--------------------+

5 rows in set (0.00 sec)

mysql> use extmail

Reading table information for completion of table and column names

You can turn off this feature to get a quicker startup with -A

Database changed

mysql> show tables;

+-------------------+

| Tables_in_extmail |

+-------------------+

| alias |

| domain |

| domain_manager |

| mailbox |

| manager |

+-------------------+

5 rows in set (0.00 sec)

mysql> select * from domain

-> ;

+-------------+-------------------------------+-------------+----------+----------+----------- -+-----------------+-----------+------------+---------------+----------------------+---------- ------+--------------+-------------+----------------+----------------+-------------+---------- ---+---------------------+------------+--------+

| extmail.org | virtualDomain for extmail.org | A0/B0 | 50 | 50 | 1073741824 | 1073741824 | NULL | 1 | 5242880 | 5242880 | 1y | 0 | 0 | 0 | 0 | 1 | 0 | 2007-02-14 15:10:04 | 2010-11-08 | 1 |

1 row in set (0.00 sec)

mysql>

mysql> select * from domain\G; # 反斜线G表示纵向显示

*************************** 1. row ***************************

domain: extmail.org

description: virtualDomain for extmail.org

hashdirpath: A0/B0

maxalias: 50

maxusers: 50

maxquota: 1073741824

maxnetdiskquota: 1073741824

transport: NULL

can_signup: 1

default_quota: 5242880

default_netdiskquota: 5242880

default_expire: 1y

disablesmtpd: 0

disablesmtp: 0

disablewebmail: 0

disablenetdisk: 0

disableimap: 1

disablepop3: 0

createdate: 2007-02-14 15:10:04

expiredate: 2010-11-08

active: 1

1 row in set (0.00 sec)

ERROR:

No query specified

# 可以在表里加上 magedu.com 这个域, 表示就可以用这个域收邮件了,就不认为magedu.com是中继的了

mysql>

上图 %d 表示 domain 域名

%n 表示 name 用户名

[root@mail ~]# vim /etc/dovecot.conf

mail_location = maildir:/var/mailbox/%d/%n/Maildir

mechanisms = plain

# passdb pam {

..........................

# }

passdb sql {

# Path for SQL configuration file, see doc/dovecot-sql-example.conf

#args =

args = /etc/dovecot-mysql.conf

}

# userdb passwd {

......................

# }

userdb sql {

# Path for SQL configuration file, see doc/dovecot-sql-example.conf

#args =

args = /etc/dovecot-mysql.conf

}

[root@mail ~]# vim /etc/dovecot-mysql.conf

driver = mysql

connect = host=localhost dbname=extmail user=extmail password=extmail

default_pass_scheme = CRYPT

password_query = SELECT username AS user,password as password FROM mailbox WHERE username = '%u'

user_query = SELECT maildir, uidnumber AS uid, gidnumber AS gid FROM mailbox WHERE username = '%u'

[root@mail ~]# service dovecot restart

停止 Dovecot Imap： [确定]

启动 Dovecot Imap： [确定]

[root@mail ~]#

[root@mail ~]# pwd

/root

[root@mail ~]# mkdir /var/www/extsuite

[root@mail ~]# tar xf extmail-1.2.tar.gz

[root@mail ~]# mv extmail-1.2 /var/www/extsuite/extmail

[root@mail ~]#

[root@mail ~]# cd /var/www/extsuite/extmail

[root@mail extmail]# ls

AUTHORS dispatch.fcgi globabook.cf libs README.vpopmail

cgi dispatch-init html README tools

ChangeLog dispatch_lig.sh INSTALL README.fcgi Version

CREDITS FAQ lang README.filter webmail.cf.default

[root@mail extmail]#

[root@mail extmail]# cp webmail.cf.default webmail.cf

[root@mail extmail]# vim webmail.cf

照着上图中的配置改下就可以了

[root@mail ~]# vim /etc/httpd/conf/httpd.conf

...............

#用户和组由 apache 改为 (我的在 vim /etc/httpd/httpd.conf 中改)

User postfix

Group postfix

#取消中心主机

#DocumentRoot "/var/www/html"

#使用虚拟主机 (我的在 vim /etc/httpd/extra/httpd-vhosts.conf中改)

ServerName mail.magedu.com

DocumentRoot /var/www/extsuite/extmail/html

ScriptAlias /extmail/cgi /var/www/extsuite/extmail/cgi #使用cgi脚本

Alias /extmail /var/www/extsuite/extmail/html

SuexecUserGroup postfix postfix #

</VirtualHost>

...............

Suexec: 就是对这个专门的虚拟主机,以指定的用户运行的可能有些系统(比如我的系统)对Suexec支持不太好 (如果支持不太好的话,就把 apache的用户和组都改为 postfix吧))

apache,httpd

User

Group

httpd(apache,apache)-->cgi(postfix,postfix): (因为投递邮件的用户和用户组都是postfix)

检查语法

[root@mail ~]# httpd -t

Syntax OK

[root@mail extmail]# pwd

/var/www/extsuite/extmail

[root@mail extmail]#

[root@mail extmail]# ls

AUTHORS dispatch_lig.sh libs Version

cgi FAQ README webmail.cf

ChangeLog globabook.cf README.fcgi webmail.cf.default

CREDITS html README.filter

dispatch.fcgi INSTALL README.vpopmail

dispatch-init lang tools

[root@mail extmail]#

把 cgi目录的的用户和用户组改为 postfix

[root@mail extmail]# chown -R postfix.postfix cgi/

[root@mail extmail]#

[root@mail extmail]# service httpd restart

停止 httpd： [确定]

启动 httpd： [确定]

[root@mail extmail]#

看日志

马哥报的是如下的错

下载 Unix-Syslog-1.1.tar.gz 在 https://metacpan.org/pod/Unix::Syslog 这个网站可以看到下载

[root@mail ~]# wget http://cpan.metacpan.org/authors/id/M/MH/MHARNISCH/Unix-Syslog-1.1.tar.gz

[root@mail ~]# tar xf Unix-Syslog-1.1.tar.gz

[root@mail ~]# cd Unix-Syslog-1.1

[root@mail Unix-Syslog-1.1]#

[root@mail Unix-Syslog-1.1]# perl Makefile.PL # 对于perl来说这个相当于执行 ./configure

Checking if your kit is complete...

Looks good

Writing Makefile for Unix::Syslog

[root@mail Unix-Syslog-1.1]#

[root@mail Unix-Syslog-1.1]# make

[root@mail Unix-Syslog-1.1]# make install

马哥的效果

我的方法

[root@mail html]# vim /etc/httpd/extra/httpd-vhosts.conf

ServerName mail.magedu.com

DocumentRoot /var/www/extsuite/extmail/html

ScriptAlias /extmail/cgi "/var/www/extsuite/extmail/cgi"

Alias /extmail /var/www/extsuite/extmail/html

#SuexecUserGroup postfix postfix

Options none

AllowOverride none

Require all granted

Order allow,deny

Allow from all

</Directory>

Options none

AllowOverride none

Require all granted

Order allow,deny

Allow from all

</Directory>

</VirtualHost>

[root@mail html]# vim /etc/httpd/httpd.conf

User postfix

#Group daemon

Group postfix

然后发现未执行perl脚本,

我就在 /etc/httpd/httpd.conf 里面开启cgi (不需要用 mod_perl.so 模块吧 (虽然extmail是一个perl脚本))

LoadModule cgid_module modules/mod_cgid.so

LoadModule cgi_module modules/mod_cgi.so

反正走了很多弯路,终于弄好了

现在配置 extman

[root@mail html]# cd

[root@mail ~]# pwd

/root

[root@mail ~]# mv extma

extmail-1.2.tar.gz extman-1.1/ extman-1.1.tar.gz

[root@mail ~]# mv extman-1.1 /var/www/extsuite/extman

[root@mail ~]# cd /var/www/extsuite/extman

[root@mail extman]# ls

addon ChangeLog docs lang README.fcgi webman.cf.default

AUTHORS contrib html libs tools

cgi daemon INSTALL README Version

[root@mail extman]#

[root@mail extman]# cp webman.cf.default webman.cf

[root@mail extman]# vim webman.cf

SYS_MAILDIR_BASE = /var/mailbox

SYS_SESS_DIR = /tmp/extman #没有要建一个,改属主属组为postfix(httpd进程的属主属组)

SYS_CAPTCHA_ON = 0 (验证码可能有问题不启用验证码吧)

SYS_DEFAULT_UID = 2525 (改成postfix的uid)

SYS_DEFAULT_GID = 2525 (改成postfix的gid)

SYS_MYSQL_USER = webman (使用默认的 webman(等下建这个账号) 不必改成 extmail,是为了安全,上面grant授权时,只授予select权限)

SYS_MYSQL_PASS = webman

SYS_MYSQL_DB = extmail

SYS_MYSQL_HOST = localhost

进 mysql 授权

[root@mail extman]# mysql

Welcome to the MySQL monitor. Commands end with ; or \g.

Your MySQL connection id is 12

Server version: 5.0.95 Source distribution

Oracle is a registered trademark of Oracle Corporation and/or its

affiliates. Other names may be trademarks of their respective

owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> GRANT ALL PRIVILEGES ON extmail.* TO webman@localhost IDENTIFIED BY 'webman';

Query OK, 0 rows affected (0.00 sec)

mysql> GRANT ALL PRIVILEGES ON extmail.* TO webman@127.0.0.1 IDENTIFIED BY 'webman';

Query OK, 0 rows affected (0.00 sec)

mysql> FLUSH PRIVILEGES;

Query OK, 0 rows affected (0.00 sec)

mysql>

[root@mail extman]# pwd

/var/www/extsuite/extman

改属主属组

[root@mail extman]# chown -R postfix.postfix cgi/

[root@mail extman]#

[root@mail extman]# vim /etc/httpd/extra/httpd-vhosts.conf

ServerName mail.magedu.com

DocumentRoot /var/www/extsuite/extmail/html

ScriptAlias /extmail/cgi "/var/www/extsuite/extmail/cgi"

Alias /extmail /var/www/extsuite/extmail/html

#加上下面这两行

ScriptAlias /extman/cgi "/var/www/extsuite/extman/cgi"

Alias /extman /var/www/extsuite/extman/html

#SuexecUserGroup postfix postfix

Options none

AllowOverride none

Require all granted

Order allow,deny

Allow from all

</Directory>

Options none

AllowOverride none

Require all granted

Order allow,deny

Allow from all

</Directory>

#加上下面

Options none

AllowOverride none

Require all granted

Order allow,deny

Allow from all

</Directory>

#加上下面

Options none

AllowOverride none

Require all granted

Order allow,deny

Allow from all

</Directory>

</VirtualHost>

[root@mail extman]# service httpd restart

停止 httpd： [确定]

启动 httpd： [确定]

[root@mail extman]#

密码是 extmail*123* (extman的默认密码?)

建目录,改属主属组

[root@mail extman]# mkdir /tmp/extman

[root@mail extman]# chown -R postfix.postfix /tmp/extman

[root@mail extman]#

刷新 http://mail.magedu.com/extman/cgi/sysinfo.cgi?sid=627f92bf0312b1d27cd67cdff7f365a6 后登录了

添加域

让用户在这儿注册

http://mail.magedu.com/extmail/cgi/index.cgi

再建一个用户,看两个用户能不能互发邮件

[root@mail extman]# tail /var/log/maillog

(由下面看到已发出邮件,)

(由下面认证日志已打开,应该关掉)

tom 上可以看到,已经收到邮件了

我们的pop服务器基于ssl 才更安全

原来用 pop3的,现打算改为 pop3s

原来用 imap的,现打算改为 imaps

普通分类:

linux

You are here

友情链接

搜索表单

用户登录

You are here

马哥 26_02 _邮件服务系列之虚拟域、虚拟用户和webmail 有大用

友情链接