- 论坛徽章:
- 0
|
HEL5.8_64全部源码编译搭建postfix,目前卡在sasl & courier-authlib认证这一块上快一个月了,导致无法发邮件 以下
为部分安装代码
手动安装mysql
[root@dns src]# tar xf mysql-5.5.28-linux2.6-x86_64.tar.gz -C /usr/local/
[root@dns src]# cd /usr/local/
[root@dns local]# mv mysql-5.5.28-linux2.6-x86_64 mysql
[root@dns local]# ln -sv /usr/local/mysql/include /usr/include/mysql
[root@dns local]# echo "/usr/local/mysql/lib" >> /etc/ld.so.conf.d/mysql.conf
[root@dns local]# ldconfig -v
[root@dns local]# sed -i '45a\/usr/local/mysql/man' /etc/man.config
[root@dns local]# echo "PATH=$PATH:/usr/local/mysql/bin" > /etc/profile.d/mysql.sh
[root@dns local]# source /etc/profile
[root@dns local]# groupadd mysql
[root@dns local]# useradd -r -g mysql mysql
[root@dns local]# cd mysql
[root@dns mysql]# chgrp -R mysql .
[root@dns mysql]# mkdir /mdata
[root@dns mysql]# chown -R mysql.mysql /mdata
[root@dns mysql]# scripts/mysql_install_db --datadir=/mdata --user=mysql
[root@dns mysql]# cp support-files/my-large.cnf /etc/my.cnf
[root@dns mysql]# cp support-files/mysql.server /etc/init.d/mysqld
[root@dns mysql]# service mysqld start
Starting MySQL.The server quit without updating PID file (/usr/local/mysql/data/dns.xxoo.com.pid).[失败]
[root@dns mysql]#
[root@dns mysql]# vi /etc/my.cnf
# The MySQL server
[mysqld]
port = 3306
socket = /tmp/mysql.sock
添加下面一行
datadir = /mdata/
[safe_mysqld]
err-log = /var/log/mysqld.log
pid-file = /mdata/localhost.localdomain.pid
----------------------------------------------------------------------------------------
编译安装cyrus-sasl
[root@dns ~]# mv /usr/lib/sasl2 /usr/lib/sasl2.OFF
./configure \
--prefix=/usr/local/sasl2
--disable-crm \
--disable-digest \
--disable-otp \
--disable-krb4 \
--disable-gssapi \
--disable-anon \
--enable-plain \
--enable-login \
--enable-sql \
--with-mysql=/usr/local/mysql \
--with-mysql-libs=/usr/local/mysql/lib/mysql \
--with-mysql-includes=/usr/local/mysql/include/mysql \
--with-authdaemond=/usr/local/courier-authlib/var/spool/authdaemon/socket
[root@dns ~]# ln -s /usr/local/sasl2/lib/sasl2 /usr/lib/
[root@dns ~]# echo "/usr/local/sasl2/lib/sasl2 " >> /etc/ld.so.conf && ldconfig
[root@dns ~]# echo "/usr/local/sasl2/lib" >> /etc/ld.so.conf && ldconfig
[root@dns ~]# vi /usr/local/sasl2/lib/sasl2/smtpd.conf
pwcheck_method: saslauthd
mech_list: PLAIN LOGIN
[root@dns ~]# mkdir -pv /var/state/saslauthd
[root@dns ~]# /usr/local/sasl2/sbin/saslauthd -a shadow pam -d
[root@dns ~]# /usr/local/sasl2/sbin/saslauthd -a shadow pam
[root@dns ~]# /usr/local/sasl2/sbin/testsaslauthd -u root -p oracle
0: OK "Success."
[root@dns ~]# echo "/usr/local/sasl2/sbin/saslauthd -a shadow pam">>/etc/rc.local
-------------------------------------------------------------------------------------------
[root@dns src]# rpm -e sendmail --nodeps
groupadd -g 2525 postfix
useradd -u 2525 -g 2525 -s /sbin/nologin -M postfix
groupadd -g 2526 postdrop
useradd -u 2526 -g postdrop -s /sbin/nologin -M postdrop
make makefiles CCARGS="-DHAS_MYSQL -I/usr/local/mysql/include -DUSE_SASL_AUTH -DUSE_CYRUS_SASL -
I/usr/local/sasl2/include/sasl -DUSE_TLS" AUXLIBS="-L/usr/local/mysql/lib -lmysqlclient -lz -lm -
L/usr/local/sasl2/lib -lsasl2 -lssl -lcrypto"
[root@dns postfix-2.10.3]# make &&make install
[root@dns postfix]# vi main.cf
############################POSTFIX############################
myhostname = dns.xxoo.com
mydomain = xxoo.com
myorigin = $mydomain
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
mynetworks = 10.10.0.0/16, 127.0.0.0/8
inet_interfaces = all
############################CYRUS-SASL############################
alias_maps = hash:/etc/aliases
smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions = permit_mynetworks
permit_sasl_authenticated
reject_unauth_destination
reject_unauth_pipelining
reject_invalid_hostname
reject_non_fqdn_sender
reject_non_recipient
reject_unknown_sender_domain
reject_unknown_recipient_domain
smtpd_sasl_local_domain = $mydomain
smtpd_sasl_path = smtpd
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = cyrus
broken_sasl_auth_clients = yes
[root@dns ~]# newaliases
------------------------------------------------------------
[root@dns postfix]# telnet 10.10.253.53 25
Trying 10.10.253.53...
Connected to dns.xxoo.com (10.10.253.53).
Escape character is '^]'.
220 dns.xxoo.com ESMTP Postfix
ehlo dns
250-dns.xxoo.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH PLAIN
250-AUTH=PLAIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
421 4.4.2 dns.xxoo.com Error: timeout exceeded
Connection closed by foreign host.
sasl说明认证成功了
------------------------------------------------------------------------------------------
安装courier-authlib,支持mysql
1. 先编译安装libtool-2.4.2.tar.gz
[root@dns src]# tar xf libtool-2.4.2.tar.gz
[root@dns src]# cd libtool-2.4.2
[root@dns libtool-2.4.2]# ./configure
[root@dns libtool-2.4.2]# make
[root@dns libtool-2.4.2]# make install
2. 编译安装courier-authlib-0.62.4.tar.bz2
[root@dns src]# tar xf courier-authlib-0.62.4.tar.bz2
[root@dns src]# cd courier-authlib-0.62.
[root@dns courier-authlib-0.62.4]#
./configure \
--prefix=/usr/local/courier-authlib \
--without-stdheaderdir \
--sysconfdir=/etc \
--without-authpam \
--without-authpwd \
--without-authshadow \
--without-authpgsql \
--without-authldap \
--without-authuserdb \
--with-authmysqlrc=/etc/authmysqlrc \
--with-authdaemonrc=/etc/authdaemonrc \
--with-mysql-libs=/usr/local/mysql/lib \
--with-mysql-includes=/usr/local/mysql/include \
--with-mailuser=postfix \
--with-mailgroup=postfix
[root@dns courier-authlib-0.62.4]# make
[root@dns courier-authlib-0.62.4]# make install
-----------------------------------------------------------------
[root@dns courier-authlib-0.62.4]# echo "/usr/local/courier-authlib/lib/courier-authlib"
>/etc/ld.so.conf.d/courier-authlib.conf
[root@dns courier-authlib-0.62.4]# cp courier-authlib.sysvinit /etc/init.d/courier-authlib
[root@dns courier-authlib-0.62.4]# chmod +x /etc/init.d/courier-authlib
[root@dns courier-authlib-0.62.4]# cp -a /etc/authmysqlrc.dist /etc/authmysqlrc
[root@dns courier-authlib-0.62.4]# cp -a /etc/authdaemonrc.dist /etc/authdaemonrc
[root@dns courier-authlib-0.62.4]# chkconfig --add courier-authlib
[root@dns courier-authlib-0.62.4]# chkconfig courier-authlib on
[root@dns courier-authlib-0.62.4]# vi /etc/authdaemonrc
authmodulelist="authmysql"
authmodulelistorig="authmysql"
daemons=10
[root@dns courier-authlib-0.62.4]# vi /etc/authmysqlrc
MYSQL_SERVER localhost
MYSQL_USERNAME extmail
MYSQL_PASSWORD extmail
MYSQL_PORT 3306
MYSQL_DATABASE extmail
MYSQL_USER_TABLE mailbox
MYSQL_CRYPT_PWFIELD password
MYSQL_UID_FIELD 2525
MYSQL_GID_FIELD 2525
MYSQL_LOGIN_FIELD username
MYSQL_HOME_FIELD concat('/var/mailbox/',homedir)
MYSQL_NAME_FIELD name
MYSQL_MAILDIR_FIELD concat('/var/mailbox/',maildir)
[root@dns courier-authlib-0.62.4]# vi /usr/local/lib/sasl2/smtpd.conf
pwcheck_method: authdaemond
mech_list: PLAIN LOGIN
log_level: 3
authdaemond_path:/usr/local/courier-authlib/var/spool/authdaemon/socket
[root@dns courier-authlib-0.62.4]# mkdir –pv /var/mailbox
[root@dns courier-authlib-0.62.4]# chown -R postfix /var/mailbox
[root@dns courier-authlib-0.62.4]# vi /etc/postfix/main.cf
########################Virtual Mailbox Settings########################
virtual_mailbox_base = /var/mailbox
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_uid_maps = static:2525
virtual_gid_maps = static:2525
virtual_alias_domains =
virtual_transport = virtual
#maildrop_destination_recipient_limit = 1 一次投递一个
#maildrop_destination_concurrency_limit = 1 并发投递限制
[root@dns postfix]# vi mysql_virtual_domains_maps.cf
hosts = localhost
user = extmail
password = extmail
dbname = extmail
table = domain
select_field = domain
where_field = domain
additional_conditions = AND active = '1'
[root@dns postfix]# vi mysql_virtual_mailbox_maps.cf
hosts = localhost
user = extmail
password = extmail
dbname = extmail
table = mailbox
select_field = maildir
where_field = username
additional_conditions = AND active = '1'
[root@dns postfix]# vi mysql_virtual_alias_maps.cf
hosts = localhost
user = extmail
password = extmail
dbname = extmail
table = alias
select_field = goto
where_field = address
additional_conditions = AND active = '1'
------------------------------------------------------------------------------------
[root@dns src]# service courier-authlib restart
[root@dns src]# service postfix restart
问题现象:
[root@dns ~]# telnet 10.10.253.53 25
Trying 10.10.253.53...
Connected to dns.xxoo.com (10.10.253.53).
Escape character is '^]'.
ehlo dns
[root@dns ~]# tail -f /var/log/maillog
Mar 28 10:01:55 dns postfix/smtpd[6637]: warning: SASL per-process initialization failed: generic failure
Mar 28 10:01:55 dns postfix/smtpd[6637]: fatal: SASL per-process initialization failed
Mar 28 10:01:56 dns postfix/master[26772]: warning: process /usr/libexec/postfix/smtpd pid 6637 exit status
1
Mar 28 10:01:56 dns postfix/master[26772]: warning: /usr/libexec/postfix/smtpd: bad command startup --
throttling
Mar 28 10:02:56 dns postfix/smtpd[6639]: warning: SASL per-process initialization failed: generic failure
Mar 28 10:02:56 dns postfix/smtpd[6639]: fatal: SASL per-process initialization failed
Mar 28 10:02:57 dns postfix/master[26772]: warning: process /usr/libexec/postfix/smtpd pid 6639 exit status
1
Mar 28 10:02:57 dns postfix/master[26772]: warning: /usr/libexec/postfix/smtpd: bad command startup --
throttling
[root@dns ~]# tail -f /var/log/maillog
系统没有报错信息
[root@dns ~]# cd /usr/local/courier-authlib/var/spool/authdaemon/
[root@dns authdaemon]# ls -a
. .. pid pid.lock
[root@dns authdaemon]# find / -name socket
/usr/lib/cups/backend/socket
/var/run/avahi-daemon/socket
是不是没有socket文件,导致sasl认证通不过呢? 求各位大虾牛马鬼神分析下 |
|
免费注册
发表于 2014-03-28 11:09