- 论坛徽章:
- 0
|
freebsd+postfix+sasl+mysql完全ports安装,支持密码加密认证。
本系统在winxpsp2+VMWARE5.0+freebsd4.10系统中测试通过。ports最后更新日期为5月1日。
freebsd系统采用最小安装并添加cvsup。
本系统最大的优点是简单,认证部分使用courier认证,是同一个进程,效率更高。
apache、mysql、php、phpmyadmin(修改Makefile中的/www/为/www/data/)、postfixadmin(
修改Makefile中的/www/为/www/data/,有很多处,全部改,因我不想修改httpd.conf)等软件直
接通过ports安装,不说了。
这里重点主要讲一讲sasl认证。
一、在安装步骤上,我们首先安装courier-imap,并选中mysql认证,
然后添加/etc/rc.conf增加courier_authdaemond_enable="YES"自启动,并启动
/usr/local/etc/rc.d/courier_authdaemond.sh start。此时会在/var/run/authdaemond/下产
生socket。
chmod +x /var/run/authdaemond
二、SASL
1、cd /usr/ports/security/cyrus-sasl2;make install WITH_AUTHDAEMON=yes ;
2、ee /usr/local/lib/sasl2/smtpd.conf ;
pwcheck_method: authdaemond
log_level: 3
mech_list: PLAIN LOGIN
authdaemond_path:/var/run/authdaemond/socket
至此,认证部分基本完成。
三、POSTFIX
安装时选中sasl2+tls+mysql+vda+test等。
ee /usr/local/etc/postfix/main.cf
在最后添加:
#======= BASE ==============
myhostname = mail.chinake.com
mydomain = chinake.com
home_mailbox = Maildir/
mydestination = $myhostname
local_recipient_maps =
#======= MYSQL =============
virtual_gid_maps = static:80
virtual_mailbox_base = /usr/local/virtual
virtual_uid_maps = static:80
virtual_minimum_uid = 80
virtual_alias_maps = mysql:/usr/local/etc/postfix/mysql_virtual_alias_maps.cf
virtual_mailbox_domains =
mysql:/usr/local/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_maps = mysql:/usr/local/etc/postfix/mysql_virtual_mailbox_maps.cf
#======= Quota ============
message_size_limit = 5242880
virtual_mailbox_limit_inbox = no
virtual_mailbox_limit_override = yes
virtual_maildir_extended = yes
virtual_create_maildirsize = yes
virtual_mailbox_limit_maps =
mysql:/usr/local/etc/postfix/mysql_virtual_mailbox_limit_maps.cf
virtual_mailbox_limit = 52428800
#======== SASL ================
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_sasl_authenticated permit_auth_destination
reject
#smtpd_sasl_local_domain = $mydomain
smtpd_client_restrictions = permit_sasl_authenticated
几个配置文件:
1、mysql_virtual_alias_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
table = alias
select_field = goto
where_field = address
2、mysql_virtual_domains_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
table = domain
select_field = description
where_field = domain
#additional_conditions = and backupmx = '0' and active = '1'
3、mysql_virtual_mailbox_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
table = mailbox
select_field = maildir
where_field = username
#additional_conditions = and active = '1'
4、mysql_virtual_mailbox_limit_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
table = mailbox
select_field = quota
where_field = username
#additional_conditions = and active = '1'
这里我使用80用户,即WWW(HTTP)并修改:
chown www:www /usr/local/virtual
chmod 771 /usr/local/virtual
四、COURIER
ee authmysqlrc
DEFAULT_DOMAIN chinake.com
MYSQL_CRYPT_PWFIELD password
MYSQL_DATABASE postfix
MYSQL_GID_FIELD '80'
MYSQL_HOME_FIELD '/usr/local/virtual'
MYSQL_LOGIN_FIELD username
MYSQL_MAILDIR_FIELD maildir
MYSQL_NAME_FIELD name
MYSQL_OPT 0
MYSQL_PASSWORD postfix
#MYSQL_PORT 0
# Uncomment below if you want quota support.
#MYSQL_QUOTA_FIELD quota
MYSQL_SERVER localhost
# Default FreeBSD Socket
#MYSQL_SOCKET /var/mysql/mysql.sock
# Default RedHat Socket
#MYSQL_SOCKET /var/lib/mysql/mysql.sock
MYSQL_UID_FIELD '80'
MYSQL_USERNAME postfix
MYSQL_USER_TABLE mailbox
这里用户也修改为80
ee authdaemonrc
authmodulelist="authmysql authpam authuserdb"
authmodulelistorig="authmysql authpam authuserdb"
version="authdaemond.mysql"
数据库我使用postfixadmin自带的。 |
|
免费注册
发表于 2005-05-05 19:35