欢迎各位兄弟 发布技术文章
这里的技术是共享的
cyrus-sasl 连接mysql过于底层,所以通过 Courier-authlib 来连接mysql
Postfix 直接 找 Courier-authlib配置过于复杂,所以 要通过 Cyrus-sasl
Courier-authlib 是一个美籍俄罗斯人,是一个独立完整的邮件系统
https://www.courier-mta.org/authlib/
http://www.courier-mta.org/authlib/
http://www.courier-mta.org/download.html#authlib
https://sourceforge.net/projects/courier/files/
https://osdn.net/projects/sfnet_courier/downloads/authlib/0.65.0/courier-authlib-0.65.0.tar.bz2/ 这里看看下载
[root@mail ~]# wget http://svwh.dl.sourceforge.net/project/courier/authlib/0.65.0/courier-authlib-0.65.0.tar.bz2
[root@mail ~]# tar xf courier-authlib-0.65.0.tar.bz2
[root@mail ~]# cd courier-authlib-0.65.0
[root@mail courier-authlib-0.65.0]#
上图的反斜线叫续行符
可以不使用 --without-authpam 等 without ,但是可能配置起来会麻烦一点
authmysqlrc 这里 rc 表示的资源配置文件(resource config ?)
authlib 要用到 ltdl的功能 所以要带上 with-ltdl-lib 和 with-ltdl-include
ltdl 是什么?
[root@mail courier-authlib-0.65.0]# yum list all | grep ltdl
file:///media/cdrom/Server/repodata/repomd.xml: [Errno 5] OSError: [Errno 2] 没有那个文件或目录: '/media/cdrom/Server/repodata/repomd.xml'
Trying other mirror.
libtool-ltdl.i386 1.5.22-7.el5_4 Cdrom_Base
libtool-ltdl-devel.i386 1.5.22-7.el5_4 Cdrom_Base
[root@mail courier-authlib-0.65.0]# yum install libtool-ltdl libtool-ltdl-devel # 进行安装
[root@mail courier-authlib-0.65.0]# rpm -qi libtool-ltdl
Name : libtool-ltdl Relocations: (not relocatable)
Version : 1.5.22 Vendor: Red Hat, Inc.
Release : 7.el5_4 Build Date: 2009年11月23日 星期一 22时59分46秒
Install Date: 2020年07月05日 星期日 10时48分40秒 Build Host: hs20-bc1-5.build.redhat.com
Group : System Environment/Libraries Source RPM: libtool-1.5.22-7.el5_4.src.rpm
Size : 50893 License: LGPL
Signature : DSA/SHA1, 2009年12月05日 星期六 03时50分36秒, Key ID 5326810137017186
Packager : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla>
URL : http://www.gnu.org/software/libtool/
Summary : GNU Libtool 动态模块加载程序的运行时库函数
Description :
The libtool-ltdl package contains the GNU Libtool Dynamic Module Loader, a
library that provides a consistent, portable interface which simplifies the
process of using dynamic modules.
These runtime libraries are needed by programs that link directly to the
system-installed ltdl libraries; they are not needed by software built using the
rest of the GNU Autotools (including GNU Autoconf and GNU Automake).
[root@mail courier-authlib-0.65.0]# ./configure \
--prefix=/usr/local/courier-authlib \
--sysconfdir=/etc \
--without-authpam \
--without-authshadow \
--without-authvchkpw \
--without-authpgsql \
--with-authmysql \
--with-mysql-libs=/usr/lib/mysql \
--with-mysql-includes=/usr/include/mysql \
--with-redhat \
--with-authmysqlrc=/etc/authmysqlrc \
--with-authdaemonrc=/etc/authdaemonrc \
--with-mailuser=postfix \
--with-mailgroup=postfix \
--with-ltdl-lib=/usr/lib \
--with-ltdl-include=/usr/include
上面配置执行完毕后
[root@mail courier-authlib-0.65.0]# make && make install
由下面 sqlite-devel 己经装上去了
[root@mail courier-authlib-0.65.0]# yum list all | grep sqlite
This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.
python-sqlite.i386 1.1.7-1.2.1 installed
sqlite.i386 3.3.6-7 installed
sqlite-devel.i386 3.3.6-7 installed
qt4-sqlite.i386 4.2.1-1.el5_7.1 cdrom
[root@mail courier-authlib-0.65.0]#
[root@mail courier-authlib-0.65.0]# ./configure --help | less
`configure' configures courier-authlib 0.65.0 to adapt to many kinds of systems.
Usage: ./configure [OPTION]... [VAR=VALUE]...
To assign environment variables (e.g., CC, CFLAGS...), specify them as
VAR=VALUE. See below for descriptions of some of the useful variables.
Defaults for the options are specified in brackets.
Configuration:
-h, --help display this help and exit
--help=short display options specific to this package
--help=recursive display the short help of all the included packages
-V, --version display version information and exit
-q, --quiet, --silent do not print `checking ...' messages
--cache-file=FILE cache test results in FILE [disabled]
-C, --config-cache alias for `--cache-file=config.cache'
-n, --no-create do not create output files
--srcdir=DIR find the sources in DIR [configure dir or `..']
Installation directories:
--prefix=PREFIX install architecture-independent files in PREFIX
:
sqlite 用不上 我们 配置时去掉它吧
在上面的 ./configure 命令中 加上 --without-authsqlite
即
./configure \
--prefix=/usr/local/courier-authlib \
--sysconfdir=/etc \
--without-authpam \
--without-authshadow \
--without-authvchkpw \
--without-authpgsql \
--without-authsqlite \
--with-authmysql \
--with-mysql-libs=/usr/lib/mysql \
--with-mysql-includes=/usr/include/mysql \
--with-redhat \
--with-authmysqlrc=/etc/authmysqlrc \
--with-authdaemonrc=/etc/authdaemonrc \
--with-mailuser=postfix \
--with-mailgroup=postfix \
--with-ltdl-lib=/usr/lib \
--with-ltdl-include=/usr/include
# 清理一个刚才编译的结果
[root@mail courier-authlib-0.65.0]# make clean
[root@mail courier-authlib-0.65.0]# ./configure \
--prefix=/usr/local/courier-authlib \
--sysconfdir=/etc \
--without-authpam \
--without-authshadow \
--without-authvchkpw \
--without-authpgsql \
--without-authsqlite \
--with-authmysql \
--with-mysql-libs=/usr/lib/mysql \
--with-mysql-includes=/usr/include/mysql \
--with-redhat \
--with-authmysqlrc=/etc/authmysqlrc \
--with-authdaemonrc=/etc/authdaemonrc \
--with-mailuser=postfix \
--with-mailgroup=postfix \
--with-ltdl-lib=/usr/lib \
--with-ltdl-include=/usr/include
再装一下 expect (这个其实可以安全忽略掉的)
[root@mail courier-authlib-0.65.0]# yum install expect
再执行 ./configure 命令,还报同样的错
[root@mail courier-authlib-0.65.0]# ldconfig -v
再再执行 ./configure 命令,还还报同样的错
看下 sqlite-devel 的头文件和库文件路径
[root@mail courier-authlib-0.65.0]# rpm -ql sqlite-devel
把 ./configure 改下,再执行
下面的代码与上面的代码相比 是去掉了 --without-authsqlite \
加上了
--with-sqlite-libs=/usr/lib \
--with-sqlite-includes=/usr/include \
./configure \
--prefix=/usr/local/courier-authlib \
--sysconfdir=/etc \
--without-authpam \
--without-authshadow \
--without-authvchkpw \
--without-authpgsql \
--with-sqlite-libs=/usr/lib \
--with-sqlite-includes=/usr/include \
--with-authmysql \
--with-mysql-libs=/usr/lib/mysql \
--with-mysql-includes=/usr/include/mysql \
--with-redhat \
--with-authmysqlrc=/etc/authmysqlrc \
--with-authdaemonrc=/etc/authdaemonrc \
--with-mailuser=postfix \
--with-mailgroup=postfix \
--with-ltdl-lib=/usr/lib \
--with-ltdl-include=/usr/include
其实一开始的时候,马哥就让我们装一大堆东西
[root@mail courier-authlib-0.65.0]# make && make install
( 解决问题的思路,是看报错信息, 然后 yum list all | grep 关键字 ,,,然后 yum install 一下 它和它的devel 包,不行的话,再把信息复制到谷歌上 搜一下 )
(头文件和库文件都有,仍然报错,有可能就是 这个软件的本身的bug,也有可能就是版本不匹配,比如现在需要的sqlite版本与已经发装的sqlite版本不一致,,,,我们降低courier-authlib的版本,也许需要的sqlite版本就低了,就能与sqlite版本保持一致了 )
我们降低 courier-authlib的版本试试 (使用 courier-authlib-0.64.0)
所以 ./configure命令里面可以去掉
--with-sqlite-libs=/usr/lib \
--with-sqlite-includes=/usr/include \
这两行
即
[root@mail courier-authlib-0.64.0]# ./configure \
--prefix=/usr/local/courier-authlib \
--sysconfdir=/etc \
--without-authpam \
--without-authshadow \
--without-authvchkpw \
--without-authpgsql \
--with-authmysql \
--with-mysql-libs=/usr/lib/mysql \
--with-mysql-includes=/usr/include/mysql \
--with-redhat \
--with-authmysqlrc=/etc/authmysqlrc \
--with-authdaemonrc=/etc/authdaemonrc \
--with-mailuser=postfix \
--with-mailgroup=postfix \
--with-ltdl-lib=/usr/lib \
--with-ltdl-include=/usr/include
[root@mail courier-authlib-0.64.0]# make && make install
[root@mail courier-authlib-0.64.0]# ./configure --help | less
[root@mail courier-authlib-0.64.0]# cd /usr/local/courier-authlib/
[root@mail courier-authlib]# ls
bin include lib libexec sbin share var
[root@mail courier-authlib]# cd var/
[root@mail var]# ls
spool
[root@mail var]# cd spool/
[root@mail spool]# ls
authdaemon
[root@mail spool]# cd authdaemon/
[root@mail authdaemon]# ls
[root@mail authdaemon]# pwd
/usr/local/courier-authlib/var/spool/authdaemon
默认是这个路径,等courier-authlib服务启动后,在这个目录下会生成 socket 文件的,这个socket文件是与其它的服务进行通信的
[root@mail authdaemon]#
改下 /usr/local/courier-authlib/var/spool/authdaemon 这个目录的权限
[root@mail authdaemon]# chmod 755 /usr/local/courier-authlib/var/spool/authdaemon
[root@mail authdaemon]#
开另一个窗口
[root@mail ~]# cd courier-authlib-0.64.0
[root@mail courier-authlib-0.64.0]# ls
aclocal.m4 authpipe.lo courier-authlib.spec
authchangepwdir.h authpipe.o courier-authlib.spec.in
authcustom.c authpiperc.h courier-authlib.sysvinit
authcustom.h authpwd.c courier-authlib.sysvinit.in
authcustom.lo authpwdenumerate.c courierauthsaslclient.h
authcustom.o authpwdenumerate.lo courierauthsasl.h
authdaemon.c authpwdenumerate.o courierauthstaticlist.h
authdaemond auth_sasl.3 cramlib.c
authdaemond.c authsasl.c cramlib.h
authdaemond.in authsaslclient.c cramlib.lo
authdaemond.o authsaslclientcram.c cramlib.o
authdaemondprog authsaslclientcram.lo cryptpassword.c
authdaemonlib.c authsaslclientcrammd5.c cryptpassword.lo
authdaemonlib.lo authsaslclientcrammd5.lo cryptpassword.o
authdaemonlib.o authsaslclientcrammd5.o dbobj.config
authdaemon.lo authsaslclientcram.o dbobj.config.in
authdaemon.o authsaslclientcramsha1.c dbobj.h
authdaemonrc authsaslclientcramsha1.lo dbobj.h.in
authdaemonrc.h authsaslclientcramsha1.o debug.c
authdaemonrc.in authsaslclientexternal.c debug.lo
authdaemontest authsaslclientexternal.lo debug.o
authdaemontest.c authsaslclientexternal.o depcomp
authdaemontest.o authsaslclient.h gdbmobj
authenumerate authsaslclient.lo INSTALL
auth_enumerate.3 authsaslclientlogin.c INSTALL.html
authenumerate.c authsaslclientlogin.lo install-sh
auth_enumerate.html authsaslclientlogin.o libauthcustom.la
authenumerate.o authsaslclient.o libauthldap.la
auth_generic.3 authsaslclientplain.c libauthmysql.la
auth_generic.html authsaslclientplain.lo libauthpipe.la
auth_getoption.3 authsaslclientplain.o libauthuserdb.la
auth_getoption.html authsaslcram.c libcourierauthcommon.la
auth_getuserinfo.3 authsaslcram.lo libcourierauth.la
auth_getuserinfo.html authsaslcram.o libcourierauthsaslclient.la
auth.h auth_sasl_ex.3 libcourierauthsasl.la
authinfo.c authsaslfrombase64.c libhmac
authinfo.o authsaslfrombase64.lo liblock
authldap.c authsaslfrombase64.o liblog
authldapescape.c auth_sasl.html libtool
authldapescape.lo authsasl.lo ltmain.sh
authldapescape.o authsasllogin.c mailusergroup.h
authldap.h authsasllogin.lo makedat
authldap.ldif authsasllogin.o Makefile
authldaplib.c authsasl.o Makefile.am
authldaplib.lo authsaslplain.c Makefile.in
authldaplib.o authsaslplain.lo md5
authldap.lo authsaslplain.o missing
authldap.o authsasltobase64.c NEWS
authldaprc authsasltobase64.lo NEWS.html
authldaprc.h authsasltobase64.o numlib
authldap.schema authshadow.c packageversion.h
authlib.3 authsyschangepwd.c pgpkeys.txt
authlib.3.in authsyschangepwd.lo pkgincludedir.h
authlib.html authsyschangepwd.o pkglibdir.h
authlib.html.in authsyscommon.c preauthcustom.c
auth_login.3 authsyscommon.lo preauthcustom.lo
auth_login.html authsyscommon.o preauthcustom.o
authmigrate authsystem.passwd preauthdaemon.c
authmigrate.in authsystem.passwd.in preauthdaemon.lo
authmksock authtest preauthdaemon.o
authmksock.c authtest.1 preauthldap.c
authmksock.o authtest.c preauthldap.lo
authmoduser2.c authtest.html preauthldap.o
authmoduser2.lo authtest.o preauthmysql.c
authmoduser2.o authuserdb.c preauthmysql.lo
authmoduser3.c authuserdb.lo preauthmysql.o
authmoduser3.lo authuserdb.o preauthpam.c
authmoduser3.o authuserdbpwd.c preauthpgsql.c
authmysql.c authuserdbpwd.lo preauthpwd.c
authmysql.h authuserdbpwd.o preauthshadow.c
authmysqllib.c authwait.h preauthuserdb.c
authmysqllib.lo bdbobj preauthuserdbcommon.c
authmysqllib.o ChangeLog preauthuserdbcommon.lo
authmysql.lo checkpassword.c preauthuserdbcommon.o
authmysql.o checkpassword.lo preauthuserdb.lo
authmysqlrc checkpasswordmd5.c preauthuserdb.o
authmysqlrc.h checkpasswordmd5.lo random128
authoption.c checkpasswordmd5.o README
authoption.lo checkpassword.o README.authdebug.html
authoption.o checkpasswordsha1.c README.authdebug.html.in
AUTHORS checkpasswordsha1.lo README_authlib.html
authpam.c checkpasswordsha1.o README_authlib.html.in
authpasswd config.guess README.authmysql.html
authpasswd.1 config.log README.authmysql.myownquery
auth_passwd.3 config.status README.authpostgres.html
authpasswd.c config.sub README.html
auth_passwd.html configure README.ldap
authpasswd.html configure.in rfc822
authpasswd.o COPYING samplepipe.pl
authpgsql.c COPYING.GPL sbindir.h
authpgsql.h courierauthconfig sha1
authpgsqllib.c courier_auth_config.h stamp-h1
authpgsqlrc courier_auth_config.h.in sysconftool
authpgsqlrc.h courierauthdebug.h unicode
authpipe.c courierauth.h userdb
authpipelib.c courier-authlib.lpspec userdb-test-cram-md5.pl
authpipelib.h courier-authlib.lpspec.in userdb-test-cram-md5.pl.in
authpipelib.lo courier-authlib.service
authpipelib.o courier-authlib.service.in
[root@mail courier-authlib-0.64.0]#
复制这两个配置文件
[root@mail authdaemon]# cp /etc/authdaemonrc.dist /etc/authdaemonrc
[root@mail authdaemon]# cp /etc/authmysqlrc.dist /etc/authmysqlrc
[root@mail authdaemon]#
[root@mail authdaemon]# vim /etc/authdaemonrc
........................
#authmodulelist="authuserdb authldap authmysql authcustom authpipe"
authmodulelist="authmysql"
........................
#authmodulelistorig="authuserdb authldap authmysql authcustom authpipe"
authmodulelistorig="authmysql"
..........................
daemons=5
..........................
authdaemonvar=/usr/local/courier-authlib/var/spool/authdaemon #这里可以改成 /var/spool/authdaemon 但需要建目录,改目录权限
..........................
# DEBUG_LOGIN=0 - turn off debugging
# DEBUG_LOGIN=1 - turn on debugging
# DEBUG_LOGIN=2 - turn on debugging + log passwords too
#
# ** YES ** - DEBUG_LOGIN=2 places passwords into syslog.
#
# Note that most information is sent to syslog at level 'debug', so
# you may need to modify your /etc/syslog.conf to be able to see it.
DEBUG_LOGIN=2 # 如果登录不了的话,可以改为2进行调试,调试好后改为0
..........................
[root@mail authdaemon]# vim /etc/authmysqlrc
[root@mail authdaemon]# vim /etc/authmysqlrc
#MYSQL_SERVER mysql.example.com
MYSQL_SERVER localhost
#MYSQL_USERNAME admin
MYSQL_USERNAME extmail
#MYSQL_PASSWORD admin
MYSQL_PASSWORD extmail
# MYSQL_SOCKET /var/mysql/mysql.sock
MYSQL_SOCKET /mydata/data/mysql.sock
#MYSQL_PORT 0
MYSQL_PORT 3306 #事实上我们主要是以sock通信的,所以 3306其实用不着
MYSQL_OPT 0 #额外选项
#MYSQL_DATABASE mysql
MYSQL_DATABASE extmail # 账号密码存在mysql的哪个数据库中,这个库是由 extmail程序创建的
#MYSQL_USER_TABLE passwd
MYSQL_USER_TABLE mailbox #mysql用户账号放在哪个表当中 mailbox这个表是extmail自动生成的
#MYSQL_CRYPT_PWFIELD crypt
MYSQL_CRYPT_PWFIELD password #mysql的哪个字段是用户的密码
#MYSQL_UID_FIELD uid
MYSQL_UID_FIELD 2525 #postfix用户的uid
##NAME: MYSQL_GID_FIELD:0
#
# Numerical groupid of the account
#MYSQL_GID_FIELD gid
MYSQL_GID_FIELD 2525 #postfix用户的gid 组id
#MYSQL_LOGIN_FIELD id
MYSQL_LOGIN_FIELD username #这是登录的账号名
#MYSQL_HOME_FIELD home
MYSQL_HOME_FIELD concat('/var/mailbox/',homedir) #没有家目录,就是放邮件的目录,用户家目录的绝对路径
MYSQL_NAME_FIELD name #登录号(用户名全名)
# MYSQL_MAILDIR_FIELD maildir
MYSQL_MAILDIR_FIELD concat('/var/mailbox/',maildir) #每个用户的邮件目录,与用户名保持一致
下面搜索看看 mysql.sock的路径
[root@mail courier-authlib-0.64.0]# locate mysql.sock
/mydata/data/mysql.sock
[root@mail courier-authlib-0.64.0]# ls /mydata/data/
auto.cnf localhost.localdomain.err mysql-bin.000002 performance_schema
ibdata1 mail.magedu.com.err mysql-bin.000003 test
ib_logfile0 mysql mysql-bin.index www.a.org.err
ib_logfile1 mysql-bin.000001 mysql.sock
[root@mail courier-authlib-0.64.0]#
复制 (创建) init.d脚本
[root@mail courier-authlib-0.64.0]# pwd
/root/courier-authlib-0.64.0
[root@mail courier-authlib-0.64.0]# cp courier-authlib.sysvinit /etc/rc.d/init.d/courier-authlib
[root@mail courier-authlib-0.64.0]#
加执行权限
[root@mail courier-authlib-0.64.0]# chmod +x /etc/rc.d/init.d/courier-authlib
[root@mail courier-authlib-0.64.0]#
加到服务列表中去
[root@mail authdaemon]# chkconfig --add courier-authlib
[root@mail authdaemon]#
检查一下 (2,3,4,5默认就是on了,也就不用手动on了?)
[root@mail authdaemon]# chkconfig --list courier-authlib
courier-authlib 0:关闭 1:关闭 2:启用 3:启用 4:启用 5:启用 6:关闭
[root@mail authdaemon]#
启动 courier-authlib 服务
[root@mail authdaemon]# service courier-authlib start
Starting Courier authentication services: authdaemond
[root@mail authdaemon]#
下面这两项用不着,可以不用做了
有六个进程,,一个是主控进程(控制进程,专门用来生成其它进程的),另外五个是工作进程,跟 prefork 一样
[root@mail authdaemon]# ps aux | grep auth
root 4097 0.0 0.1 7872 1864 ? S Jul03 0:00 dovecot-auth
root 4440 0.0 0.0 5720 492 ? Ss Jul03 0:00 /usr/sbin/saslauthd -m /var/run/saslauthd -a shadow
root 4441 0.0 0.0 5720 272 ? S Jul03 0:00 /usr/sbin/saslauthd -m /var/run/saslauthd -a shadow
root 4442 0.0 0.0 5720 268 ? S Jul03 0:00 /usr/sbin/saslauthd -m /var/run/saslauthd -a shadow
root 4443 0.0 0.0 5720 268 ? S Jul03 0:00 /usr/sbin/saslauthd -m /var/run/saslauthd -a shadow
root 4444 0.0 0.0 5720 268 ? S Jul03 0:00 /usr/sbin/saslauthd -m /var/run/saslauthd -a shadow
root 22656 0.0 0.0 1764 432 ? S 10:21 0:00 /usr/local/courier-authlib/sbin/courierlogger -pid=/usr/local/courier-authlib/var/spool/authdaemon/pid -start /usr/local/courier-authlib/libexec/courier-authlib/authdaemond
root 22657 0.0 0.1 6924 1484 ? S 10:21 0:00 /usr/local/courier-authlib/libexec/courier-authlib/authdaemond
root 22658 0.0 0.0 6924 500 ? S 10:21 0:00 /usr/local/courier-authlib/libexec/courier-authlib/authdaemond
root 22659 0.0 0.0 6924 500 ? S 10:21 0:00 /usr/local/courier-authlib/libexec/courier-authlib/authdaemond
root 22660 0.0 0.0 6924 500 ? S 10:21 0:00 /usr/local/courier-authlib/libexec/courier-authlib/authdaemond
root 22661 0.0 0.0 6924 500 ? S 10:21 0:00 /usr/local/courier-authlib/libexec/courier-authlib/authdaemond
root 22662 0.0 0.0 6924 500 ? S 10:21 0:00 /usr/local/courier-authlib/libexec/courier-authlib/authdaemond
root 22677 0.0 0.0 4280 700 pts/1 S+ 10:25 0:00 grep auth
[root@mail authdaemon]#
[root@mail authdaemon]# ls /etc/postfix/ 没有mysql_virtual_mailbox_maps.cf ,mysql_virtual_domains_maps.cf ,没关系,是extmail提供的,我们不用做任何修改
access canonical LICENSE makedefs.out TLS_LICENSE
aliases generic main.cf master.cf transport
bounce.cf.default header_checks main.cf.default relocated virtual
[root@mail authdaemon]#
邮箱格式两种:
Maildir:
Mailbox:
使用虚拟用户时,只能用 Maildir
[root@mail ~]# mkdir /var/mailbox
[root@mail ~]# chown postfix /var/mailbox
[root@mail ~]#
[root@mail ~]# vim /usr/lib/sasl2/smtpd.conf
[root@mail ~]# vim /usr/lib/sasl2/smtpd.conf
pwcheck_method: authdaemond
log_level:3
mech_list: PLAIN LOGIN
authdaemond_path:/usr/local/courier-authlib/var/spool/authdaemon/socket
[root@mail ~]# service saslauthd restart (不启动也没关系,因为现在用不着saslauthd服务了)
停止 saslauthd: [确定]
启动 saslauthd: [确定]
[root@mail ~]#
[root@mail ~]# vim /etc/postfix/main.cf #以前的关于 cyrus-sasl的配置不要动 ,,(因为虚拟域和虚拟用户基于sasl)
#最结尾处添加下面的代码
#=====================Vritual Mailbox settings====================
# 指定用户邮箱所在的根目录
virtual_mailbox_base = /var/mailbox
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_alias_domains =
virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_uid_maps = static:2525
virtual_gid_maps = static:2525
virtual_transport = virtual
#use this for virtual delivery(如果没有安装maildrop,则此处为virtual)#virtual_transport = virtual
#use this for maildrop-delivery (如果有maildrop,则此处为maildrop)virtual_transport = maildrop
#Maildrop-Options for usage with maildrop
maildrop_destination_recipient_limit = 1
maildrop_destination_concurrency_limit = 1
#====================QUOTA settings========================
message_size_limit = 14336000
virtual_mailbox_limit = 20971520
virtual_create_maildirsize = yes
virtual_mailbox_extended = yes
virtual_mailbox_limit_maps = mysql:/etc/postfix/mysql_virtual_mailbox_limit_maps.cf
virtual_mailbox_limit_override = yes
virtual_maildir_limit_message = Sorry, the user's maildir has overdrawn his diskspace quota, please Tidy your mailbox and try again later
virtual_overquota_bounce = yes
[root@mail ~]# postconf -n
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5
html_directory = no
inet_interfaces = all
inet_protocols = ipv4
mail_owner = postfix
mailq_path = /usr/bin/mailq
manpage_directory = /usr/local/man
message_size_limit = 14336000
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain,ns.$mydomain
mydomain = magedu.com
myhostname = mail.magedu.com
mynetworks = 127.0.0.0/8
myorigin = $mydomain
newaliases_path = /usr/bin/newaliases
queue_directory = /var/spool/postfix
readme_directory = no
sample_directory = /etc/postfix
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
smtpd_banner = Welcome to our $myhostname ESMTP,Warning: Version not Available!
smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_invalid_hostname,reject_non_fqdn_hostname,reject_unknown_sender_domain,reject_non_fqdn_sender,reject_non_fqdn_recipient,reject_unknown_recipient_domain,reject_unauth_pipelining,reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_security_options = noanonymous
unknown_local_recipient_reject_code = 550
virtual_alias_domains =
virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_gid_maps = static:2525
virtual_mailbox_base = /var/mailbox
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_limit = 20971520
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_transport = virtual
virtual_uid_maps = static:2525
postconf: warning: /etc/postfix/main.cf: unused parameter: maildrop_destination_concurrency_limit=1
postconf: warning: /etc/postfix/main.cf: unused parameter: virtual_overquota_bounce=yes
postconf: warning: /etc/postfix/main.cf: unused parameter: smtpd_sasl_application_name=smtpd
postconf: warning: /etc/postfix/main.cf: unused parameter: virtual_mailbox_limit_maps=mysql:/etc/postfix/mysql_virtual_mailbox_limit_maps.cf
postconf: warning: /etc/postfix/main.cf: unused parameter: virtual_maildir_limit_message=Sorry, the user's maildir has overdrawn his diskspace quota, please Tidy your mailbox and try again later
postconf: warning: /etc/postfix/main.cf: unused parameter: maildrop_destination_recipient_limit=1
postconf: warning: /etc/postfix/main.cf: unused parameter: virtual_create_maildirsize=yes
postconf: warning: /etc/postfix/main.cf: unused parameter: virtual_mailbox_extended=yes
postconf: warning: /etc/postfix/main.cf: unused parameter: virtual_mailbox_limit_override=yes
看到上面的警告,,一些参数不能用,可以先注释掉
[root@mail ~]#
[root@mail ~]# vim /etc/postfix/main.cf #在这个文件里注释掉上面相应的参数
可以看到里面涉及到三个文件,我们 要准备一下
[root@mail ~]# postconf -n # 后面就看不到警告了
下载extman extmail
下图是马哥从他自己网盘上下载的
https://zh.osdn.net/projects/sfnet_ds5752/downloads/yu/extman-1.1.tar.gz/ 这里下载吧
[root@mail ~]# wget http://master.dl.sourceforge.net/project/ds5752/yu/extman-1.1.tar.gz
https://zh.osdn.net/projects/sfnet_ds5752/downloads/yu/extmail-1.2.tar.gz/ 这里下载吧
[root@mail ~]# wget http://master.dl.sourceforge.net/project/ds5752/yu/extmail-1.2.tar.gz
[root@mail ~]# tar xf extman-1.1.tar.gz
[root@mail ~]# cd extman-1.1
[root@mail extman-1.1]# ls
addon ChangeLog docs lang README.fcgi webman.cf.default
AUTHORS contrib html libs tools
cgi daemon INSTALL README Version
[root@mail extman-1.1]#
[root@mail extman-1.1]# cd docs/
[root@mail docs]# pwd
/root/extman-1.1/docs
[root@mail docs]#
[root@mail docs]# ls
backport ldap_virtual_mailbox_maps.cf
extmail.schema ldap_virtual_sender_maps.cf
extmail.sql mysql_virtual_alias_maps.cf
init.ldif mysql_virtual_domains_maps.cf
init.sql mysql_virtual_limit_maps.cf
ldap_virtual_alias_maps.cf mysql_virtual_mailbox_maps.cf
ldap_virtual_domains_maps.cf mysql_virtual_sender_maps.cf
ldap_virtual_limit_maps.cf README.postfix
[root@mail docs]#
[root@mail docs]# mysql -uroot -h127.0.0.1 < extmail.sql (如果报错,见 /node-admin/15287 )
[root@mail docs]# mysql -uroot -h127.0.0.1 < init.sql
[root@mail docs]# mysql -uroot -h127.0.0.1
# extmail.* 表示数据库extmail里面的所有表 extmail@localhost表示localhost上的extmail用户名
# IDENTIFIED BY 'extmail' 表示 密码为 extmail
mysql> GRANT ALL PRIVILEGES ON extmail.* TO extmail@localhost IDENTIFIED BY 'extmail';
Query OK, 0 rows affected (0.00 sec)
#下面一句是把 localhost 改为127.0.0.1
mysql> GRANT ALL PRIVILEGES ON extmail.* TO extmail@127.0.0.1 IDENTIFIED BY 'extmail';
Query OK, 0 rows affected (0.00 sec)
mysql> flush PRIVILEGES;
Query OK, 0 rows affected (0.00 sec)
mysql>
[root@mail docs]# pwd
/root/extman-1.1/docs
[root@mail docs]#
[root@mail docs]# ls
backport init.sql ldap_virtual_mailbox_maps.cf mysql_virtual_limit_maps.cf
extmail.schema ldap_virtual_alias_maps.cf ldap_virtual_sender_maps.cf mysql_virtual_mailbox_maps.cf
extmail.sql ldap_virtual_domains_maps.cf mysql_virtual_alias_maps.cf mysql_virtual_sender_maps.cf
init.ldif ldap_virtual_limit_maps.cf mysql_virtual_domains_maps.cf README.postfix
[root@mail docs]#
复制配置文件
[root@mail docs]# cp mysql_virtual_* /etc/postfix/
[root@mail docs]#
[root@mail postfix]# ls
access generic main.cf.default mysql_virtual_domains_maps.cf relocated
aliases header_checks makedefs.out mysql_virtual_limit_maps.cf TLS_LICENSE
bounce.cf.default LICENSE master.cf mysql_virtual_mailbox_maps.cf transport
canonical main.cf mysql_virtual_alias_maps.cf mysql_virtual_sender_maps.cf virtual
[root@mail postfix]#
[root@mail postfix]# vim mysql_virtual_domains_maps.cf
user = extmail
password = extmail
hosts = localhost
dbname = extmail
table = domain
select_field = domain
where_field = domain
additional_conditions = AND active = '1'
取消中心域 使用虚拟域 注释掉下面几个东西
[root@mail postfix]# vim /etc/postfix/main.cf
#myhostname = mail.magedu.com
#mydomain = magedu.com
#myorigin = $mydomain
#mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain,ns.$mydomain
重启 postfix
[root@mail postfix]# service postfix restart
关闭 postfix: [确定]
启动 postfix: [确定]
[root@mail postfix]#
[root@mail ~]# telnet 192.168.1.85 25
Trying 192.168.1.85...
Connected to www.a.org (192.168.1.85).
Escape character is '^]'.
220 Welcome to our mail.magedu.com ESMTP,Warning: Version not Available!
EHLO mail.magedu.com
250-mail.magedu.com
250-PIPELINING
250-SIZE 14336000
250-VRFY
250-ETRN
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
mail from:root@magedu.com
250 2.1.0 Ok
rcpt to:hadoop@magedu.com # 看到此时不能发邮件了
454 4.7.1 <hadoop@magedu.com>: Relay access denied
quit
221 2.0.0 Bye
Connection closed by foreign host.
[root@mail ~]#
[root@mail ~]# mysql
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 8
Server version: 5.0.95 Source distribution
Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| extmail |
| mysql |
| performance_schema |
| test |
+--------------------+
5 rows in set (0.00 sec)
mysql> use extmail
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
mysql> show tables;
+-------------------+
| Tables_in_extmail |
+-------------------+
| alias |
| domain |
| domain_manager |
| mailbox |
| manager |
+-------------------+
5 rows in set (0.00 sec)
mysql> select * from domain
-> ;
+-------------+-------------------------------+-------------+----------+----------+----------- -+-----------------+-----------+------------+---------------+----------------------+---------- ------+--------------+-------------+----------------+----------------+-------------+---------- ---+---------------------+------------+--------+
| domain | description | hashdirpath | maxalias | maxusers | maxquota | maxnetdiskquota | transport | can_signup | default_quota | default_netdiskquota | default_e xpire | disablesmtpd | disablesmtp | disablewebmail | disablenetdisk | disableimap | disablepo p3 | createdate | expiredate | active |
+-------------+-------------------------------+-------------+----------+----------+----------- -+-----------------+-----------+------------+---------------+----------------------+---------- ------+--------------+-------------+----------------+----------------+-------------+---------- ---+---------------------+------------+--------+
| extmail.org | virtualDomain for extmail.org | A0/B0 | 50 | 50 | 1073741824 | 1073741824 | NULL | 1 | 5242880 | 5242880 | 1y | 0 | 0 | 0 | 0 | 1 | 0 | 2007-02-14 15:10:04 | 2010-11-08 | 1 |
+-------------+-------------------------------+-------------+----------+----------+----------- -+-----------------+-----------+------------+---------------+----------------------+---------- ------+--------------+-------------+----------------+----------------+-------------+---------- ---+---------------------+------------+--------+
1 row in set (0.00 sec)
mysql>
mysql> select * from domain\G; # 反斜线G表示纵向显示
*************************** 1. row ***************************
domain: extmail.org
description: virtualDomain for extmail.org
hashdirpath: A0/B0
maxalias: 50
maxusers: 50
maxquota: 1073741824
maxnetdiskquota: 1073741824
transport: NULL
can_signup: 1
default_quota: 5242880
default_netdiskquota: 5242880
default_expire: 1y
disablesmtpd: 0
disablesmtp: 0
disablewebmail: 0
disablenetdisk: 0
disableimap: 1
disablepop3: 0
createdate: 2007-02-14 15:10:04
expiredate: 2010-11-08
active: 1
1 row in set (0.00 sec)
ERROR:
No query specified
# 可以在表里加上 magedu.com 这个域, 表示就可以用这个域收邮件了,就不认为magedu.com是中继的了
mysql>
上图 %d 表示 domain 域名
%n 表示 name 用户名
[root@mail ~]# vim /etc/dovecot.conf
mail_location = maildir:/var/mailbox/%d/%n/Maildir
mechanisms = plain
# passdb pam {
..........................
# }
passdb sql {
# Path for SQL configuration file, see doc/dovecot-sql-example.conf
#args =
args = /etc/dovecot-mysql.conf
}
# userdb passwd {
......................
# }
userdb sql {
# Path for SQL configuration file, see doc/dovecot-sql-example.conf
#args =
args = /etc/dovecot-mysql.conf
}
[root@mail ~]# vim /etc/dovecot-mysql.conf
driver = mysql
connect = host=localhost dbname=extmail user=extmail password=extmail
default_pass_scheme = CRYPT
password_query = SELECT username AS user,password as password FROM mailbox WHERE username = '%u'
user_query = SELECT maildir, uidnumber AS uid, gidnumber AS gid FROM mailbox WHERE username = '%u'
[root@mail ~]# service dovecot restart
停止 Dovecot Imap: [确定]
启动 Dovecot Imap: [确定]
[root@mail ~]#
[root@mail ~]# pwd
/root
[root@mail ~]# mkdir /var/www/extsuite
[root@mail ~]# tar xf extmail-1.2.tar.gz
[root@mail ~]# mv extmail-1.2 /var/www/extsuite/extmail
[root@mail ~]#
[root@mail ~]# cd /var/www/extsuite/extmail
[root@mail extmail]# ls
AUTHORS dispatch.fcgi globabook.cf libs README.vpopmail
cgi dispatch-init html README tools
ChangeLog dispatch_lig.sh INSTALL README.fcgi Version
CREDITS FAQ lang README.filter webmail.cf.default
[root@mail extmail]#
[root@mail extmail]# cp webmail.cf.default webmail.cf
[root@mail extmail]# vim webmail.cf
照着上图中的配置 改下就可以了
[root@mail ~]# vim /etc/httpd/conf/httpd.conf
...............
#用户和组由 apache 改为 (我的在 vim /etc/httpd/httpd.conf 中改)
User postfix
Group postfix
#取消中心主机
#DocumentRoot "/var/www/html"
#使用虚拟主机 (我的在 vim /etc/httpd/extra/httpd-vhosts.conf中改)
<VirtualHost *:80>
ServerName mail.magedu.com
DocumentRoot /var/www/extsuite/extmail/html
ScriptAlias /extmail/cgi /var/www/extsuite/extmail/cgi #使用cgi脚本
Alias /extmail /var/www/extsuite/extmail/html
SuexecUserGroup postfix postfix #
</VirtualHost>
...............
Suexec: 就是对这个专门的虚拟主机,以指定的用户运行的 可能有些系统(比如我的系统)对Suexec支持不太好 (如果支持不太好的话,就把 apache的用户和组都改为 postfix吧))
apache,httpd
User
Group
httpd(apache,apache)-->cgi(postfix,postfix): (因为投递邮件的用户和用户组都是postfix)
检查语法
[root@mail ~]# httpd -t
Syntax OK
[root@mail extmail]# pwd
/var/www/extsuite/extmail
[root@mail extmail]#
[root@mail extmail]# ls
AUTHORS dispatch_lig.sh libs Version
cgi FAQ README webmail.cf
ChangeLog globabook.cf README.fcgi webmail.cf.default
CREDITS html README.filter
dispatch.fcgi INSTALL README.vpopmail
dispatch-init lang tools
[root@mail extmail]#
把 cgi目录的 的用户和用户组 改为 postfix
[root@mail extmail]# chown -R postfix.postfix cgi/
[root@mail extmail]#
[root@mail extmail]# service httpd restart
停止 httpd: [确定]
启动 httpd: [确定]
[root@mail extmail]#
看日志
马哥报的是如下的错
下载 Unix-Syslog-1.1.tar.gz 在 https://metacpan.org/pod/Unix::Syslog 这个网站可以看到下载
[root@mail ~]# wget http://cpan.metacpan.org/authors/id/M/MH/MHARNISCH/Unix-Syslog-1.1.tar.gz
[root@mail ~]# tar xf Unix-Syslog-1.1.tar.gz
[root@mail ~]# cd Unix-Syslog-1.1
[root@mail Unix-Syslog-1.1]#
[root@mail Unix-Syslog-1.1]# perl Makefile.PL # 对于perl来说这个相当于 执行 ./configure
Checking if your kit is complete...
Looks good
Writing Makefile for Unix::Syslog
[root@mail Unix-Syslog-1.1]#
[root@mail Unix-Syslog-1.1]# make
[root@mail Unix-Syslog-1.1]# make install
马哥的效果
我的方法
[root@mail html]# vim /etc/httpd/extra/httpd-vhosts.conf
<VirtualHost *:80>
ServerName mail.magedu.com
DocumentRoot /var/www/extsuite/extmail/html
ScriptAlias /extmail/cgi "/var/www/extsuite/extmail/cgi"
Alias /extmail /var/www/extsuite/extmail/html
#SuexecUserGroup postfix postfix
<Directory "/var/www/extsuite/extmail/cgi">
Options none
AllowOverride none
Require all granted
Order allow,deny
Allow from all
</Directory>
<Directory "/var/www/extsuite/extmail/html">
Options none
AllowOverride none
Require all granted
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
[root@mail html]# vim /etc/httpd/httpd.conf
User postfix
#Group daemon
Group postfix
然后 发现未执行perl脚本,
我就在 /etc/httpd/httpd.conf 里面 开启cgi (不需要用 mod_perl.so 模块吧 (虽然extmail是一个perl脚本))
LoadModule cgid_module modules/mod_cgid.so
LoadModule cgi_module modules/mod_cgi.so
反正走了很多弯路,终于弄好了
现在配置 extman
[root@mail html]# cd
[root@mail ~]# pwd
/root
[root@mail ~]# mv extma
extmail-1.2.tar.gz extman-1.1/ extman-1.1.tar.gz
[root@mail ~]# mv extman-1.1 /var/www/extsuite/extman
[root@mail ~]# cd /var/www/extsuite/extman
[root@mail extman]# ls
addon ChangeLog docs lang README.fcgi webman.cf.default
AUTHORS contrib html libs tools
cgi daemon INSTALL README Version
[root@mail extman]#
[root@mail extman]# cp webman.cf.default webman.cf
[root@mail extman]# vim webman.cf
SYS_MAILDIR_BASE = /var/mailbox
SYS_SESS_DIR = /tmp/extman #没有要建一个,改属主属组为postfix(httpd进程的属主属组)
SYS_CAPTCHA_ON = 0 (验证码可能有问题不启用验证码吧)
SYS_DEFAULT_UID = 2525 (改成postfix的uid)
SYS_DEFAULT_GID = 2525 (改成postfix的gid)
SYS_MYSQL_USER = webman (使用默认的 webman(等下建这个账号) 不必改成 extmail,是为了安全,上面grant授权时,只授予select权限)
SYS_MYSQL_PASS = webman
SYS_MYSQL_DB = extmail
SYS_MYSQL_HOST = localhost
进 mysql 授权
[root@mail extman]# mysql
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 12
Server version: 5.0.95 Source distribution
Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> GRANT ALL PRIVILEGES ON extmail.* TO webman@localhost IDENTIFIED BY 'webman';
Query OK, 0 rows affected (0.00 sec)
mysql> GRANT ALL PRIVILEGES ON extmail.* TO webman@127.0.0.1 IDENTIFIED BY 'webman';
Query OK, 0 rows affected (0.00 sec)
mysql> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.00 sec)
mysql>
[root@mail extman]# pwd
/var/www/extsuite/extman
改属主属组
[root@mail extman]# chown -R postfix.postfix cgi/
[root@mail extman]#
[root@mail extman]# vim /etc/httpd/extra/httpd-vhosts.conf
<VirtualHost *:80>
ServerName mail.magedu.com
DocumentRoot /var/www/extsuite/extmail/html
ScriptAlias /extmail/cgi "/var/www/extsuite/extmail/cgi"
Alias /extmail /var/www/extsuite/extmail/html
#加上下面这两行
ScriptAlias /extman/cgi "/var/www/extsuite/extman/cgi"
Alias /extman /var/www/extsuite/extman/html
#SuexecUserGroup postfix postfix
<Directory "/var/www/extsuite/extmail/cgi">
Options none
AllowOverride none
Require all granted
Order allow,deny
Allow from all
</Directory>
<Directory "/var/www/extsuite/extmail/html">
Options none
AllowOverride none
Require all granted
Order allow,deny
Allow from all
</Directory>
#加上下面
<Directory "/var/www/extsuite/extman/cgi">
Options none
AllowOverride none
Require all granted
Order allow,deny
Allow from all
</Directory>
#加上下面
<Directory "/var/www/extsuite/extman/html">
Options none
AllowOverride none
Require all granted
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
[root@mail extman]# service httpd restart
停止 httpd: [确定]
启动 httpd: [确定]
[root@mail extman]#
密码是 extmail*123* (extman的默认密码?)
建目录,改属主属组
[root@mail extman]# mkdir /tmp/extman
[root@mail extman]# chown -R postfix.postfix /tmp/extman
[root@mail extman]#
刷新 http://mail.magedu.com/extman/cgi/sysinfo.cgi?sid=627f92bf0312b1d27cd67cdff7f365a6 后登录了
添加域
让用户在这儿注册
http://mail.magedu.com/extmail/cgi/index.cgi
再建一个用户,看两个用户能不能互发邮件
[root@mail extman]# tail /var/log/maillog
(由下面看到 已发出邮件,)
(由下面认证日志已打开,应该关掉)
tom 上可以看到,已经收到邮件了
我们的pop服务器基于ssl 才更安全
原来用 pop3的,现打算改为 pop3s
原来用 imap的,现打算改为 imaps