- 论坛徽章:
- 0
|
50可用积分
postfix PostfixAdmin MySQL Cyrus-sasl Courier-authlib Dovecot
使用outlook连接时候反复要求输入密码, 就是连接不上
Sep 26 13:43:54 mail pop3-login: Disconnected [::ffff:192.168.77.11]
Sep 26 13:44:05 mail last message repeated 5 times
Sep 26 13:44:06 mail postfix/smtpd[8453]: connect from unknown[192.168.77.11]
Sep 26 13:44:06 mail postfix/smtpd[8453]: warning: SASL authentication failure: cannot connect to Courier authdaemond: Permission denied
Sep 26 13:44:06 mail postfix/smtpd[8453]: warning: unknown[192.168.77.11]: SASL LOGIN authentication failed
Sep 26 13:44:06 mail postfix/smtpd[8453]: lost connection after AUTH from unknown[192.168.77.11]
Sep 26 13:44:06 mail postfix/smtpd[8453]: disconnect from unknown[192.168.77.11]
我参照的手册 后面防垃圾和OPENSSL WEBMAIL 没做 其他都照做了:
- RedHat Postfix + MySQL + Cyrus-sasl + Dovecot 用RPM方式实现
- RedHat Enterprise Linux Server 4.2 + Postfix + PostfixAdmin + MySQL + Cyrus-sasl + Courier-authlib + Dovecot + Antivir-Mailgate + MailScanner + OpenSSL + Extmail
- 作者:Fandy
- 电子邮箱:[email]cbbc@163.com[/email]、[email]cbbc@avl.com.cn[/email]
- QQ号码:332018422
- 建立日期:2006年01月01日,最后修改日期:2006年01月12日
- 版本号:v 0.2
- 版权说明:本文章的内容归作者版权所有,同时也接受大家的转贴,但一定要保存作者信息和出处,多谢!
- 近来网上流行的热门文章“在RHEL 4 上配置全功能的Postfix 服务器”,是不份相当不错的好文章。但是也存在着一些操作和配置说明不清晰的地方,本人看了一些配置过程后就有一种冲动就是想写一编更加完整和功能更加强大的文章。
- 文章的特色就是采用“图文并茂”和软件包安装环境使用详尽说明的方式,目的就是令读者更加容易了解全功能邮件系统的安装和配置。可以做到初学Linux的新手也能配置一个功能强大Postfix邮件服务器!
- 不足的地方:小弟Linux水平有限所以会存在错误的地方请大家加以改正错误,以方便及时改正错误和完善文章的内容,多谢!(注在配置以下的信息前,以下的操作请使用root用户来操作)
- Setp0、参考资料:
- 1、 在RHEL 4 上配置全功能的Postfix 服务器;
- 2、 Red Hat 企业版4.1 + F-Prot Antivirus + MailScanner 4.46.2-2安装笔记;
- 3、 Red Hat 企业版4.2 + Master DNS + Slave DNS安装笔记;
- Setp1、RedHat Enterprise Linux Server 4.2系统安装截图说明:
- 磁盘配置:
- 设备 类型 大小
- / ext3 39911
- swap 1024
- 网络基本配置:
- etho IP/Gateway:192.168.1.253/255.255.255.0
- 主机名:mail.easy.com
- 网关:192.168.1.1
- 主/次DNS:192.168.1.254/192.168.1.253/202.96.128.68
- 防火墙基本配置:
- ⊙ 无防火墙
- ⊙ 是否启用 SELinux:已禁用
- 安装方式的选项:
- ⊙ 定制要安装的软件包(C)
- 桌面选项:
- (√) X窗口系统 (选取全部)
- (√) GNOME桌面环境 (选取全部)
- 应用程序选项:
- (√) 工程和科学 (选取默认)
- (√) 图形化互联网 (选取默认)
- (√) 基于文本的互联网 (选取默认)
- (√) 办公/生产率 (选取默认)
- 服务器选项:
- (√) 服务器配置工具 (选取全部)
- (√) 万维网服务器 (选取全部)
- (√) 邮件服务器(自行选全部)
- (√) Windows文件服务器 (选取全部)
- (√) DNS名称服务器 (选取全部)
- (√) SQL数据库 (选取全部)
- 邮件服务器的细节选项:
- (√) perl-Cyrus - Cyrus IMAP server utility Perl modules.
- (√) spamassassin - Spam filter for email which can be invoked from mail delivery age...
- 开发选项:
- (√) 开发工具 (选择全部)
- 系统选项:
- (√) 管理工具 (选取默认)
- (√) 打印支持 (选取默认)
- 杂项选项:
- 全部不要选择;
- Step2、OpenSSL详细配置过程:
- 特别说明:因为使用rpm方式来安装,所以openssl.cnf配置文件存放地址为:/usr/share/ssl/
- 修改/usr/share/ssl/目录下openssl.cnf文件,详细内容如下:
- 详细内容:
- default_days= 365 (设定凭证可使用之天数)
- 更改为:
- default_days= 3650
- default_bits= 1024 (设定金钥长度(bits))
- 更改为:
- default_bits= 2048
- Step3、PostfixAdmin软件源代码安装和配置过程:
- 软件包格式:postfixadmin-2.1.0.tgz
- 软件包的大小(KB):157KB
- 下载地址:[url]http://high5.net/postfixadmin/do[/url] ... tfixadmin-2.1.0.tgz
- PostfixAdmin软件包安装过程如下:
- 详细操作:
- # tar -zxvf postfixadmin-2.1.0.gz -C /var/www/html
- # cd /var/www/html
- # mv postfixadmin-2.1.0 postfixadmin
- 修改Apache系统的/etc/http/conf/httpd.conf配置文件:
- 详细内容:
- ServerAdmin [email]you@example.com[/email]
- 更改为:
- ServerAdmin [email]fandy@easy.com[/email]
- #ServerName [url]www.example.com:80[/url]
- 更改为:
- ServerName mail.easy.com:80
- AddDefaultCharset utf-8
- 更改为:
- AddDefaultCharset GB2312
- DirectoryIndex index.html index.html.var
- 更改为:
- DirectoryIndex index.html index.html.var index.php index.cgi
- 启动 Apache、MySQL 服务器:
- 详细操作:
- # service httpd start
- # service mysqld start
- 设定Mysql服务器root管理员的密码:
- 详细操作:
- # mysqladmin -u root password ‘jinbiao’
- 测试Mysql服务器是否正常运行:
- 详细操作:
- # mysql -u root -p
- Enter password:
- Welcome to the MySQL monitor. Commands end with ; or \g.
- Your MySQL connection id is 1 to server version: 5.0.17-log
- Type 'help;' or '\h' for help. Type '\c' to clear the buffer.
- mysql>
- 测试Apache是否正常运行,打开Mozilla Firefor或者Internet Explorer等浏览器输入以下地址:
- 详细操作:
- [url]http://mail.easy.com[/url]
- 建立 PostfixAdmin 所需要的数据表和config.inc.php文件:
- 详细操作:
- # cd /var/www/html/postfixadmin
- # mysql -u root -p < DATABASE_MYSQL.TXT
- Enter password:jinbiao (输入mysqladmin管理员root的密码)
- # cp config.inc.php.sample config.inc.php
- # sed -i "s/\@change-this-to-your.domain.tld/\@easy.com/g" config.inc.php
- # sed -i "s/change-this-to-your.domain.tld/mail.easy.com/g" config.inc.php
- 修改/usr/local/apache/htdocs/postfixadmin/config.inc.php文件的相关内容:
- 详细内容:
- $CONF['default_language'] = 'en';
- 更改为:
- $CONF['default_language'] = 'cn';
- 测试PostfixAdmin检查是否通过,打开Mozilla Firefor或者Internet Explorer等浏览器输入以下地址:
- 详细操作:
- [url]http://mail.easy.com/postfixadmin/index.php[/url]
- 详细操作:
- [url]http://mail.easy.com/postfixadmin/setup.php[/url]
- 测试PostfixAdmin检查通过后,为了系统安全着想请删除或者是移除setup.php文件:
- 详细操作:
- # cd /usr/local/apache/htdocs/postfixadmin
- # mv setup.php backup-setup.php
- 移除setup.php文件后,打开Mozilla Firefor或者Internet Explorer等浏览器输入以下地址:
- 详细操作:
- [url]http://mail.easy.com/postfixadmin/login.php[/url]
- 移除setup.php文件后,打开Mozilla Firefor或者Internet Explorer等浏览器输入以下地址:
- 详细操作:
- [url]http://mail.easy.com/postfixadmin/admin/[/url]
- 进入PostfixAdmin的admin介面后,根据页面提示信息需要删除或者是移除以下三个文件:
- 详细操作:
- # /usr/local/apache/htdocs/postfixadmin
- # mv motd.txt backup-motd.txt
- # mv motd-admin.txt backup-motd-admin.txt
- # mv motd-users.txt backup-motd-users.txt
- 移除motd.txt、motd-admin.txt、motd-users.txt文件后,打开Mozilla Firefor或者Internet Explorer等浏览器输入以下地址,然后就可以正常的建立和删除域名、用户邮箱:
- 详细操作:
- [url]http://mail.easy.com/postfixadmin/admin/index.php[/url]
- 利用PostfixAdmin的admin介面新建easy.com和fandy.com域名,打开Mozilla Firefor或者Internet Explorer等浏览器输入以下地址:
- 详细操作:
- [url]http://mail.easy.com/postfixadmin/admin/create-domain.php[/url]
- 利用PostfixAdmin的admin介面为easy.com和fandy.com域名分别新建一个用户邮箱,打开Mozilla Firefor或者Internet Explorer等浏览器输入以下地址:
- 详细操作:
- [url]http://mail.easy.com/postfixadmin/admin/create-mailbox.php[/url]
- 将Apache、Mysql服务器设置为开机自动启动:
- 详细操作:
- # chkconfig --level 33 httpd on (设置Apache服务器为开机自启动)
- # chkconfig --level 33 mysqld on (设置MySQL服务器为开机自启动)
- Step4、Postfix软件源代码安装和配置过程:
- 软件包格式:postfix-2.2.5-1.mysql.sasl2.vda.rhel4.i386.rpm
- 特别说明:本软件包默认以支持MySQL、SASL、VDA、TLS等功能;
- 软件包的大小(KB):3408KB
- 下载地址:[url]http://www.proficuous.com/postfi[/url] ... /index_4_2.2.5.html
- 安装Postfix前,请先删除系统安装时所自带的Sendmail软件包:
- 详细操作:
- # service sendmail stop (停止sendmail系统的运行)
- # rpm -e sendmail --nodeps (从操作系统中删除sendmail软件包)
- Postfix软件包详细安装过程:
- 详细操作:
- # rpm -ivh postfix-2.2.5-1.mysql.sasl2.vda.rhel4.i386.rpm (安装postfix软件包)
- Preparing... ########################################### [100%]
- 1:postfix ########################################### [100%]
- 建立存放用户邮件目录和设置相关权限:
- 详细操作:
- # mkdir /home/mailbox (建立存放用户邮件目录)
- # chown -R postfix.postfix /home/mailbox (分配存放用户电子邮件目录的用户权限)
- 查询postfix用户和所属组的ID资料:
- 详细操作:
- # id postfix (查询postfix用户、所属组的ID)
- uid=102(postfix) gid=103(postfix) groups=103(postfix),12(mail)
- 用户ID:102 所属组ID:103
- 使用postalias命令建立aliases.db文件:
- 详细操作:
- # cd /etc/
- # postalias aliases (建立aliases.db文件)
- 修改/etc/postfix/mail.cf文件,以下为完整文件的详细内容::
- 详细配置内容:
- #=====================BASE=========================#
- myhostname = mail.easy.com
- mydomain = easy.com
- myorigin = $mydomain
- mydestination = $myhostname localhost localhost.$mydomain
- mynetworks = 192.168.1.0/24 127.0.0.0/8
- inet_interfaces = all
- #=====================Vritual Mailbox settings=========================#
- virtual_mailbox_base = /home/mailbox (输入存放用户邮件目录)
- virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
- virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf
- virtual_alias_domains =
- virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
- virtual_uid_maps = static:102 (输入postfix用户的ID)
- virtual_gid_maps = static:103 (输入postfix用户组的ID)
- virtual_transport = virtual
- maildrop_destination_recipient_limit = 1
- maildrop_destination_concurrency_limit = 1
- #====================QUOTA========================#
- message_size_limit = 14336000
- virtual_mailbox_limit = 20971520
- virtual_create_maildirsize = yes
- virtual_mailbox_extended = yes
- virtual_mailbox_limit_maps = mysql:/etc/postfix/mysql_virtual_mailbox_limit_maps.cf
- virtual_mailbox_limit_override = yes
- virtual_maildir_limit_message = Sorry, the user's maildir has overdrawn his diskspace quota, \
- please try again later. (请在一行内输写完)
- virtual_overquota_bounce = yes
- 继续main.cf文件内容:
- 详细配置内容:
- #====================SASL========================#
- broken_sasl_auth_clients = yes
- smtpd_recipient_restrictions = (可以在一行内输写完,也可以按以下的输写方法)
- permit_mynetworks,
- permit_sasl_authenticated,
- reject_invalid_hostname,
- reject_non_fqdn_hostname,
- reject_unknown_sender_domain,
- reject_non_fqdn_sender,
- reject_non_fqdn_recipient,
- reject_unknown_recipient_domain,
- reject_unauth_pipelining,
- reject_unauth_destination,
- permit
- smtpd_sasl_auth_enable = yes
- smtpd_sasl_local_domain = $myhostname
- smtpd_sasl_security_options = noanonymous
- smtpd_sasl_application_name = smtpd
- smtpd_banner=$myhostname ESMTP "Version not Available"
- #====================OTHER========================#
- readme_directory = no
- sample_directory = /etc/postfix
- sendmail_path = /usr/sbin/sendmail
- html_directory = no
- setgid_group = postdrop
- command_directory = /usr/sbin
- manpage_directory = /usr/local/man
- daemon_directory = /usr/libexec/postfix
- newaliases_path = /usr/bin/newaliases
- mailq_path = /usr/bin/mailq
- queue_directory = /var/spool/postfix
- mail_owner = postfix
- 在/etc/postfix/目录下建立mysql_virtual_alias_maps.cf配置文件,以下为完整文件的详细内容:
- 详细内容:
- user = postfix
- password = postfix
- hosts = localhost
- dbname = postfix
- table = alias
- select_field = goto
- where_field = address
- 在/etc/postfix/目录下建立mysql_virtual_domains_maps.cf配置文件,以下为完整文件的详细内容:
- 详细内容:
- user = postfix
- password = postfix
- hosts = localhost
- dbname = postfix
- table = domain
- select_field = description
- where_field = domain
- 在/etc/postfix/目录下建立mysql_virtual_mailbox_maps.cf配置文件,以下为完整文件的详细内容:
- 详细内容:
- user = postfix
- password = postfix
- hosts = localhost
- dbname = postfix
- table = mailbox
- select_field = maildir
- where_field = username'
- 在/etc/postfix/目录下建立mysql_virtual_mailbox_limit_maps.cf配置文件,以下为完整文件的详细内容:
- 详细内容:
- user = postfix
- password = postfix
- hosts = localhost
- dbname = postfix
- table = mailbox
- select_field = quota
- where_field = username
- 在/usr/local/lib/sasl2/目录下修改smtpd.conf用户认证文件,详细内容如下(注:如果/usr/local/lib/
- sasl2/目录下没有smtpd.conf可能新建),以下为完整文件的详细内容:
- 详细内容:
- pwcheck_method: authdaemond
- log_level: 3
- mech_list: PLAIN LOGIN
- authdaemond_path: /var/spool/authdaemon/socket
- 复制/usr/local/lib/sasl2/目录下smtpd.conf到/usr/local/lib/sasl/目录:
- 详细操作:
- # cp /usr/local/lib/sasl2/smtpd.conf /usr/local/lib/sasl/
- 启动Postfix服务器:
- 详细操作:
- # service postfix start
- 测试SMTP服务器下easy.com域是否正常:
- 详细内容:
- # telnet localhost 25 (远程连接到localhost端口为25)
- Trying 127.0.0.1...
- Connected to localhost.localdomain (127.0.0.1).
- Escape character is '^]'.
- 220 mail.easy.com ESMTP "Version not Available"
- ehlo easy.com (测试easy.com是否正常)
- 250-mail.easy.com
- 250-PIPELINING
- 250-SIZE 14336000
- 250-VRFY
- 250-ETRN
- 250-AUTH LOGIN PLAIN
- 250-AUTH=LOGIN PLAIN
- 250 8BITMIME
- quit (退出本次测试)
- 221 Bye
- Connection closed by foreign host.
- 测试SMTP服务器下fandy.com域是否正常:
- 详细内容:
- # telnet localhost 25 (远程连接到localhost端口为25)
- Trying 127.0.0.1...
- Connected to localhost.localdomain (127.0.0.1).
- Escape character is '^]'.
- 220 mail.easy.com ESMTP "Version not Available"
- ehlo fandy.com (测试fandy.com是否正常)
- 250-mail.easy.com
- 250-PIPELINING
- 250-SIZE 14336000
- 250-VRFY
- 250-ETRN
- 250-AUTH LOGIN PLAIN
- 250-AUTH=LOGIN PLAIN
- 250 8BITMIME
- quit (退出本次测试)
- 221 Bye
- Connection closed by foreign host.
- Step5、Courier-authlib软件包安装和配置过程:
- 软件包格式: courier-authlib-0.58-1.ce4.i386.rpm
- courier-authlib-devel-0.58-1.ce4.i386.rpm
- courier-authlib-mysql-0.58-1.ce4.i386.rpm
- 软件包的大小(KB):121KB、32KB、13KB
- 下载地址:[url]http://www.phantom.atknet.ru/archives/cat_1011941725.html[/url]
- 安装Courier-authlib软件包安装过程如下(注:请严格按照以下的安装顺序来安装软件包):
- 详细操作:
- # rpm -ivh courier-authlib-0.58-1.ce4.i386.rpm (安装courier-authlib软件包)
- # rpm -ivh courier-authlib-devel-0.58-1.ce4.i386.rpm (安装courier-authlib-devel软件包)
- # rpm -ivh courier-authlib-mysql-0.58-1.ce4.i386.rpm (安装courier-authlib-mysql软件包)
- 更改authdaemon文件夹的属性:
- 详细操作:
- # chmod 755 /var/spool/authdaemon
- 修改/etc/authlib/目录下的authdaemonrc文件,修改内容以下:
- 详细内容:
- authmodulelist=" authpam authpgsql authldap authmysql authcustom authpipe"
- 更改为:
- authmodulelist="authmysql"
- authmodulelistorig="authpam authpgsql authldap authmysql authcustom authpipe"
- 更改为:
- authmodulelistorig="authmysql"
- daemons=5
- 更改为:
- daemons=10
- 修改/etc/authlib/目录下的authmysqlrc文件,以下为完整文件的详细内容:
- 详细内容:
- MYSQL_SERVER localhost
- MYSQL_USERNAME postfix
- MYSQL_PASSWORD postfix
- MYSQL_SOCKET /var/lib/mysql/mysql.sock
- MYSQL_DATABASE postfix
- MYSQL_USER_TABLE mailbox
- MYSQL_CRYPT_PWFIELD password
- MYSQL_UID_FIELD '102' (输入postfix用户的ID)
- MYSQL_GID_FIELD '103' (输入postfix用户组的ID)
- MYSQL_LOGIN_FIELD username
- MYSQL_HOME_FIELD concat('/home/mailbox/',maildir)
- MYSQL_MAILDIR_FIELD concat('/home/mailbox/',maildir)
- MYSQL_NAME_FIELD name
- 将Courier-authlib设置为开机自动启动:
- 详细操作:
- # chkconfig --level 33 courier-authlib on
- # service courier-authlib start
- Step6、Dovecot软件包安装和配置过程:
- 软件包格式: dovecot-0.99.14-1.2.el4.rf.i386.rpm
- 软件包的大小(KB):604KB
- 下载地址:[url]http://distro.ibiblio.org/pub/li[/url] ... th/devel/repo/RPMS/
- 安装Dovecot软件包安装过程如下(注:也可以使用系统自带软件,看个人喜欢啦(^_^)):
- 详细操作:
- # rpm -ivh dovecot-0.99.14-1.2.el4.rf.i386.rpm (安装Dovecot软件包)
- 修改/etc/目录下dovecot.conf文件,以下为完整文件的详细内容:
- 详细内容:
- base_dir = /var/run/dovecot/
- protocols = imap pop3
- imap_listen = [::]
- pop3_listen = [::]
- login_dir = /var/run/dovecot-login
- login = imap
- login = pop3
- mbox_locks = fcntl
- auth = default
- auth_mechanisms = plain
- auth_user = root
- default_mail_env = maildir:/home/mailbox/%u/
- auth_userdb = mysql /etc/dovecot-mysql.conf
- auth_passdb = mysql /etc/dovecot-mysql.conf
- first_valid_uid = 102 (输入postfix用户的ID)
- 在/etc/目录下新建dovecot-mysql.conf文件,以下为完整文件的详细内容:
- 详细内容:
- db_host = localhost
- db_port = 3306
- db_unix_socket = /var/lib/mysql/mysql.sock
- db = postfix
- db_user = postfix
- db_passwd = postfix
- db_client_flags = 0
- default_pass_scheme = PLAIN-MD5
- password_query = SELECT password FROM mailbox WHERE username = '%u'
- user_query = SELECT maildir, 102 AS uid, 103 AS gid FROM mailbox WHERE username = '%u'
- 将Dovecot设置为开机自动启动:
- 详细操作:
- # chkconfig --level 33 dovecot on
- # service dovecot start
- 测试POP3服务器是否正常:
- 详细内容:
- # telnet localhost 110 (远程连接到localhost端口为110)
- Trying 127.0.0.1...
- Connected to localhost.localdomain (127.0.0.1).
- Escape character is '^]'.
- +OK dovecot ready.
- quit (退出本次测试)
- +OK Logging out
- Connection closed by foreign host.
- Step7、F-Prot Antivirus软件包安装和配置过程:
- 软件包格式: fp-linux-ws.rpm
- 软件包的大小(KB):3970KB
- 下载地址:[url]http://files.f-prot.com/files/linux-x86/fp-linux-ws.rpm[/url]
- 安装F-Prot Antivirus软件包前,请先启动SpamAssassin服务器:
- 详细操作:
- # service spamassassin start (启动SpamAssassin服务器)
- 安装F-Prot Antivirus软件包安装过程如下:
- 详细操作:
- # rpm -ivh fp-linux-ws.rpm (安装F-Prot Antivirus软件包)
- Preparing... ########################################### [100%]
- 1:fp-linux-ws ########################################### [100%]
- ***************************************
- * F-Prot Antivirus Updater *
- ***************************************
- There's a new version of:
- "Document/Office/Macro viruses" signatures on the web.
- Starting to download...
- Download completed.
- There's a new version of:
- "Application/Script viruses and Trojans" signatures on the web.
- Starting to download...
- Download completed.
- Preparing to install Application/Script viruses and Trojans signatures.
- Application/Script viruses and Trojans signatures have successfully been installed.
- Preparing to install Document/Office/Macro viruses signatures.
- Document/Office/Macro viruses signatures have successfully been installed.
- ***************************************
- * Update completed successfully. *
- ***************************************
- 升级的F-Prot Antivirus病毒库的操作:
- 详细操作:
- # cd /usr/local/f-prot/tools/
- # ./check-updates.pl (升级命令)
复制代码
[ 本帖最后由 very_99 于 2007-9-27 14:10 编辑 ] |
最佳答案
查看完整内容
你的UID为102,GID为104的用户是哪个?它有访问数据库的权限么?
|