Postfix邮件系统的完全安装（一）

Postfix邮件系统的完全安装 (postfix+mysql+cyrus-sasl+quota+Courier-imap+sqwebmail或igenus)

(2003-06-23 14:56:00)

本文主要讨论源代码方式的安装，对于postfix+sasl、postfix2+sasl2分别进行安装介绍，两者的配置文件相同。     修改历史：       2003.05.05 创建文档。       2003.05.27 修正postfix2.0版本的quota(磁盘限额)问题、修正postfix自启动脚本错误提示的问题。       2003.05.29 添加webmail部分，使用sqwebmail(英文版)。       2003.05.31 修正sqwebmail中quota显示问题、更改sqwebmail参数、配置。       2003.06.18 添加webmail第二部分，使用igenus(中文版)。       2003.06.23 添加mysql自启动脚本，提供igenus_docn.tar.gz下载。     从互联网下载以下几个程序,按如下步骤进行处理： 1、mysql-3.23.55.tar.gz 2、cyrus-sasl-1.5.28.tar.gz(sasl-1.5.28-ldap-ssl-filter-mysql-patch.tgz)或    cyrus-sasl-2.1.12.tar.gz、 3、pam_mysql-0.4.7.tar.gz(Linux下使用该包) 4、postfix-1.1.11.tar.gz(postfix-1.1.11_quota_maildirsize.patch.gz)或    postfix-2.0.10.tar.gz(postfix-2.0.10.patch.gz) 5、courier-imap-1.7.1.tar.bz2 (另需安装expect.tar.gz、tcl、gmake) 6、sqwebmail-3.5.1.tar.bz2 7、igenus_docn.tar.gz(此版是Docn由igenus_2_20030311_snap修改而来的) 安装mysql-3.23.55 1、添加mysql用户组及mysql用户 server# pw groupadd mysql server# pw useradd mysql -g mysql -s /nonexistent 2、配置安装 server# tar zxvf mysql-3.23.55.tar.gz server# cd mysql-3.23.55 server# ./configure --prefix=/usr/local/mysql --with-low-memory / --with-charset=gb2312 --without-debug server# make server# make install server# scripts/mysql_install_db server# chown -R root /usr/local/mysql server# chown -R mysql /usr/local/mysql/var server# chgrp -R mysql /usr/local/mysql server# cp support-files/my-medium.cnf /etc/my.cnf server# ln -s /usr/local/mysql/bin/safe_mysqld /usr/local/bin/safe_mysqld server# ln -s /usr/local/mysql/bin/mysqladmin /usr/local/bin/mysqladmin server# ln -s /usr/local/mysql/bin/mysql /usr/local/bin/mysql server# ln -s /usr/local/mysql/lib/mysql /usr/local/lib/mysql 3、编辑用户数据库mail.sql 示例：mail.sql 4、设置自启： server# edit /usr/local/etc/rc.d/mysqld.sh 示例：mysqld.sh server# chmod 755 /usr/local/etc/rc.d/mysqld.sh 1、安装cyrus-sals 1.1、安装cyrus-sasl-1.5.28.tar.gz server# tar zxvf cyrus-sasl-1.5.28.tar.gz server# tar zxvf sasl-1.5.28-ldap-ssl-filter-mysql-patch.tgz server# cp ldap-mysql_sasl-1.5.28/sasl-ldap+mysql.patch cyrus-sasl-1.5.28 server# cd cyrus-sasl-1.5.28 server# patch -p1 < sasl-ldap+mysql.patch server# ./configure --disable-sample --disable-pwcheck --disable-cram / --disable-digest --disable-krb4 --disable-gssapi --disable-anon / --with-saslauthd=/var/run/saslauthd --enable-plain --enable-login / --with-mysql=/usr/local/mysql/lib/mysql --oldincludedir=/usr/local/mysql/include/mysql server# make server# make install server# ln -s /usr/local/lib/sasl /usr/lib/sasl 1.2、安装cyrus-sasl-2.1.12 server# tar -zxvf cyrus-sasl-2.1.12.tar.gz server# cd cyrus-sasl-2.1.12 server# ./configure --disable-sample --disable-pwcheck --disable-cram / --disable-digest --disable-krb4 --disable-gssapi --disable-anon / --with-saslauthd=/var/run/saslauthd --enable-plain --enable-login server# make server# make install server# ln -s /usr/local/lib/sasl2 /usr/lib/sasl2 2、配置sasl的lib库 server# edit /etc/default/rc.conf(在ldconfig_paths="/usr/loca/lib后面加上/usr/local/lib/sasl或者/usr/local/lib/sasl2") server# shutdown -r now(使其生效) 3、运行saslauthd(如果使用pam直接认证，则该步骤可以省略) saslauthd.sh server# mkdir /var/run/saslauthd server# edit /usr/local/etc/rc.d/saslauthd.sh server# chmod 755 /usr/local/etc/rc.d/saslauthd.sh 4、准备postfix认证的配置文件 A)使用pam直接认证： server# echo pwcheck_method: pam > /usr/local/lib/sasl/smtpd.conf 或者： server# echo pwcheck_method: pam > /usr/local/lib/sasl2/smtpd.conf B)使用saslauthd调用pam认证： server# echo pwcheck_method: saslauthd > /usr/lib/sasl/smtpd.conf 或者： server# echo pwcheck_method: saslauthd > /usr/lib/sasl2/smtpd.conf 安装 pam_mysql-0.4.7(由于采用源码安装编译不能通过，故使用freebsd4.7自带的安装包) 1、安装 server# pkg_add pam_mysql-0.4.7.tgz server# cp /usr/local/lib/pam_mysql.so /usr/lib/ 2、配置pam.conf调用mysql支持sasl认证 server# edit /etc/pam.conf(将pop3 和imap的前面加上#)添加下列代码： smtp auth sufficient pam_mysql.so user=postfix passwd=liubinw host=localhost db=mail table=virtual_users usercolumn=id passwdcolumn=password crypt=1 smtp account required pam_mysql.so user=postfix passwd=liubinw host=localhost db=mail table=virtual_users usercolumn=id passwdcolumn=password crypt=1 (注：密码使用crypt加密，如果使用明文密码cyrpt=0,如果使用password()加密crypt=2) 安装postfix 1、停止sendmail server# mv /usr/bin/newaliases /usr/bin/newaliases.OFF server# mv /usr/bin/mailq /usr/bin/mailq.OFF server# mv /usr/sbin/sendmail /usr/sbin/sendmail.OFF server# mv /etc/rc.sendmail /etc/sendmail.OFF server# edit /etc/rc.conf(在sendmail="YES"前面添加# ) 2、添加postfix用户 server# pw groupadd postfix -g 2003 server# pw groupadd postdrop -g 2004 server# pw useradd postfix -u 2003 -g 2003 -d /dev/null -s /nologin 3、安装 3.1、安装postfix-1.1.11.tar.gz server# tar zxvf postfix-1.1.11.tar.gz server# gzip -d postfix-1.1.11_quota_maildirsize.patch.gz server# cp postfix-1.1.11_quota_maildirsize.patch postfix-1.1.11 server# cd postfix-1.1.11 server# patch -p1 < postfix-1.1.11_quota_maildirsize.patch server# make -f Makefile.init makefiles 'CCARGS=-DUSE_SASL_AUTH -DHAS_MYSQL -I/usr/local/mysql/include/mysql -I/usr/local/include' 'AUXLIBS=-L/usr/local/lib -L/usr/local/mysql/lib/mysql -lmysqlclient -lsasl -lz -lm' server# make server# make install 3.2、安装postfix-2.0.10.tar.gz server# tar zxvf postfix-2.0.10.tar.gz server# gzip -d postfix-2.0.10.patch.gz server# mv postfix-2.0.10.patch postfix-2.0.10 server# cd postfix-2.0.10 server# patch -p1 < postfix-2.0.10.patch server# make -f Makefile.init makefiles 'CCARGS=-DUSE_SASL_AUTH -DHAS_MYSQL -I/usr/local/mysql/include/mysql -I/usr/local/include/sasl' 'AUXLIBS=-L/usr/local/lib/ -L/usr/local/mysql/lib/mysql -lmysqlclient -lsasl2 -lz -lm' server# make server# make install(第一次安装使用此命令，安装过程中如果提示错误则在提示选择tmp的时候使用/tmp) server# make upgrade(升级老版本使用此命令) 4、配置 server# echo ‘postfix: root’ >> /etc/aliases server# /usr/bin/newaliases (注：如果提示postfix无法打开opiekeys文件则执行：# chown postfix:postfix /etc/opiekeys) A)编辑修改/etc/posftix/main.cf 示例：main.cf #======= BASE ============== myhostname = docn.nankai.edu.cn mydomain = nankai.edu.cn home_mailbox=Maildir/ mydestination = $myhostname, $mydomain, $transport_maps local_recipient_maps = 为空 mailbox_command= /usr/lib/courier-imap/bin/deliverquota -w 90 ~/Maildir #======= MYSQL ============= transport_maps = mysql:/etc/postfix/transport.cf virtual_gid_maps = mysql:/etc/postfix/gids.cf virtual_mailbox_base = /var/mail virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual.cf virtual_maps = mysql:/etc/postfix/mysql.aliases.cf virtual_uid_maps = mysql:/etc/postfix/uids.cf #======= Quota ============ message_size_limit = 2097152 //限制每次发邮件的大小 2MB virtual_mailbox_limit_inbox = no virtual_mailbox_limit_maps = mysql:/etc/postfix/mailboxsize-mysql.cf virtual_mailbox_limit_override = yes virtual_maildir_extended = yes virtual_create_maildirsize = yes virtual_mailbox_limit = 10485760 //总邮箱的大小 10MB #====== SASL ================ smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous broken_sasl_auth_clients = yes smtpd_recipient_restrictions = permit_sasl_authenticated permit_auth_destinatio reject #smtpd_sasl_local_domain = $mydomain smtpd_client_restrictions = permit_sasl_authenticated B)确认/etc/postfix/master.cf的配置有如下内容 示例：master.cf virtual unix - n n - - virtual C)编辑/etc/posftix/transport.cf 示例：transport.cf D)编辑/etc/postfix/gids.cf 示例：gids.cf E)编辑/etc/postfix/uids.cf 示例：uids.cf F)编辑/etc/posftix/mysql_virtual.cf 示例：mysql_virtual.cf G)编辑/etc/postfix/mysql.aliases.cf 示例：mysql.aliases.cf H)编辑/etc/postfix/mailboxsize-mysql.cf 示例：mailboxsize-mysql.cf 5、设置自启动 server# edit /usr/local/etc/rc.d/postfix-server.sh 示例：postfix-server.sh server# chmod 755 /usr/local/etc/rc.d/postfix-server.sh 安装expect.tar.gz(need tcl) server# pkg_add tcl-version server# tar zxvf expect.tar.gz server# cd expect-5.38 server# ./configure --enable-threads --with-tcl=/usr/local/lib/tcl8.3 / --with-tclinclude=/usr/local/include/tcl8.3 server# make server# make install 安装Courier-imap-1.7.1(need gmake、expect) 1、安装 server# pkg_add gmake-version server# pw useradd docn -g wheel(the software MUST run the configure script as normal user, not root) server$ bunzip2 courier-imap-1.7.1.tar.bz2 server$ tar xvf courier-imap-1.7.1.tar server$ cd courier-imap-1.7.1 server# ./configure --without-ipv6 --enable-unicode / --enable-workarounds-for-imap-client-bugs / --with-mysql-libs=/usr/local/mysql/lib/mysql / --with-mysql-includes=/usr/local/mysql/include/mysql server$ gmake server# su root server# gmake install server# gmake install-configure 2、配置 编辑修改/usr/lib/courier-imap/etc/authmysqlrc 示例：authmysqlrc MYSQL_SERVER localhost MYSQL_USERNAME courier MYSQL_PASSWORD liubinw MYSQL_SOCKET /tmp/mysql.sock MYSQL_PORT 3306 MYSQL_OPT 0 MYSQL_DATABASE mail MYSQL_USER_TABLE virtual_users MYSQL_CRYPT_PWFIELD password MYSQL_UID_FIELD uid MYSQL_GID_FIELD gid MYSQL_LOGIN_FIELD id MYSQL_HOME_FIELD home MYSQL_NAME_FIELD name MYSQL_MAILDIR_FIELD maildir MYSQL_QUOTA_FIELD quota MYSQL_WHERE_CLAUSE imapok=1 编辑修改/usr/lib/courier-imap/etc/authdaemonrc 示例：authdaemonrc version="authdaemond.mysql" 3、设置自启动 server# cd /usr/local/etc/rc.d server# ln -s /usr/lib/courier-imap/libexec/imapd.rc imapd.sh server# ln -s /usr/lib/courier-imap/libexec/pop3d.rc pop3d.sh server# chmod 755 imapd.sh server# chmod 755 pop3d.sh Now!重新启动服务器,邮件服务就可以自动运行了！ 现在我们开始测试： 1、设置用户： server# mysql mysql> use mail; 在数据库里你可以看到 mysql> show tables; +----------------+ | Tables_in_mail | +----------------+ | aliases        | | transport      | | virtual_users  | +----------------+ mysql> desc aliases; +-------+--------------+------+-----+---------+-------+ | Field | Type         | Null | Key | Default | Extra | +-------+--------------+------+-----+---------+-------+ | alias | varchar(255) |      | PRI |         |       | | rcpt  | varchar(255) | YES  |     | NULL    |       | +-------+--------------+------+-----+---------+-------+ mysql> insert aliases values('postmaster@nankai.edu.cn','docn@nankai.edu.cn'); mysql> insert aliases values('postmaster@freebsd.net','docn@freebse.net'); mysql> select * from aliases; +--------------------------+--------------------+ | alias                    | rcpt               | +--------------------------+--------------------+ | postmaster@nankai.edu.cn | docn@nankai.edu.cn | | postmaster@freebsd.net   | docn@freebse.net   | +--------------------------+--------------------+ mysql> desc transport; +-----------+-----------+------+-----+---------+-------+ | Field     | Type      | Null | Key | Default | Extra | +-----------+-----------+------+-----+---------+-------+ | domain    | char(128) |      | PRI |         |       | | transport | char(128) |      |     |         |       | +-----------+-----------+------+-----+---------+-------+ mysql> insert transport values('nankai.edu.cn','virtual:'); mysql> insert transport values('freebsd.net','virtual:'); mysql> select * from transport; +---------------+-----------+ | domain        | transport | +---------------+-----------+ | nankai.edu.cn | virtual:  | | freebsd.net   | virtual:  | +---------------+-----------+ mysql> desc virtual_users; +-----------+---------------------+------+-----+----------+----------------+ | Field     | Type                | Null | Key | Default  | Extra          | +-----------+---------------------+------+-----+----------+----------------+ | unique_id | int(32) unsigned    |      | MUL | NULL     | auto_increment | | id        | char(128)           |      | PRI |          |                | | password  | char(128)           | YES  |     | NULL     |                | | uid       | int(10) unsigned    | YES  |     | 104      |                | | gid       | int(10) unsigned    | YES  |     | 104      |                | | home      | char(255)           | YES  |     | NULL     |                | | maildir   | char(255)           | YES  |     | NULL     |                | | date_add  | date                | YES  |     | NULL     |                | | time_add  | time                | YES  |     | NULL     |                | | domain    | char(128)           | YES  |     | NULL     |                | | name      | char(255)           | YES  |     | NULL     |                | | imapok    | tinyint(3) unsigned | YES  |     | 1        |                | | quota     | char(255)           | YES  |     | 10485760 |                | +-----------+---------------------+------+-----+----------+----------------+ mysql> INSERT INTO virtual_users mysql> (id,home,password,maildir,date_add,time_add,domain,name) mysql> VALUES ('docn@nankai.edu.cn','/var/mail/',encrypt('liubinw'), mysql> 'nankai.edu.cn/docn/Maildir/','2003-04-23','01:18:24','nankai.edu.cn','docn'); mysql> INSERT INTO virtual_users mysql> (id,home,password,maildir,date_add,time_add,domain,name) mysql> VALUES ('liubinw@freebsd.net','/var/mail/',encrypt('liubinw'), mysql> 'freebsd.net/liubinw/Maildir/','2003-04-23','01:18:24','freebsd.net','liubinw'); mysql> quit 2、设置用户的目录与权限： server# mkdir -p /var/mail/nankai.edu.cn/docn server# mkdir -p /var/mail/freebsd.net/docn server# cd /usr/lib/courier-imap/bin server# maildirmake /var/mail/nankai.edu.cn/docn/Maildir server# maildirmake -q 5000000S /var/mail/nankai.edu.cn/docn/Maildir(如果使用igenus,该命令不用执行！) server# maildirmake /var/mail/freebsd.net/liubinw/Maildir server# maildirmake -q 5000000S /var/mail/freebsd.net/liubinw/Maildir(如果使用igenus,该命令不用执行！) server# chmod -R 700 /var/mail/nankai.edu.cn/ server# chmod -R 700 /var/mail/freebsd.net/ server# chown -R postfix:postfix /var/mail/nankai.edu.cn server# chown -R postfix:postfix /var/mail/freebsd.net 至此用户设置完毕，这里仅仅使用两个虚拟域，同理可以设置若干个虚拟域，如：mail.com 3、用户登录测试： server# telnet 0 25 Trying 0.0.0.0... Connected to 0. Escape character is '^]'. 220 server.nankai.edu.cn ESMTP Postfix ehlo server 250-server.nankai.edu.cn 250-PIPELINING 250-SIZE 10240000 250-VRFY 250-ETRN 250-AUTH LOGIN PLAIN OTP 250-AUTH=LOGIN PLAIN OTP 250-XVERP 250 8BITMIME auth login 334 VXNlcm5hbWU6 ZG9jbkBuYW5rYWkuZWR1LmNu (此为用户名id：docn@nankai.edu.cn) 334 UGFzc3dvcmQ6 bGl1Ymludw== (此为用户密码password：liubinw) 235 Authentication successful (OK,Postfix 登录成功) quit 221 Bye Connection closed by foreign host. server# telnet 0 110 Trying 0.0.0.0... Connected to 0. Escape character is '^]'. +OK Hello there. user docn@nankai.edu.cn +OK Password required. pass liubinw +OK logged in. (OK,pop 登录成功) quit +OK Bye-bye. Connection closed by foreign host.     你也可以使用任何其它的邮件客户端程序来测试，如foxmail、Outlook Express等等。 安装sqwebmail-3.5.1(注意：user:docn) 1、安装 server$ bunzip2 sqwebmail-3.5.1.tar.bz2 server$ tar xvf sqwebmail-3.5.1.tar server$ cd sqwebmail-3.5.1 server$ ./configure --prefix=/usr/local/share/webmail / --enable-imagedir=/usr/local/apache/htdocs/webmails --enable-imageurl=/webmails / --enable-cgibindir=/usr/local/apache/cgi-bin/webmail3 --with-defaultlang=zh_CN / --enable-mimecharset=gb2312 --with-mysql-libs=/usr/local/mysql/lib/mysql / --with-mysql-includes=/usr/local/mysql/include/mysql --enable-unicode / --with-cachedir=/var/webmail/cache --enable-webpass=no --without-ospell / --with-maxmsgsize=5242880 --enable-maxpurge=7 --without-authldap / --without-authvchkpw --without-authshadow --with-fcgi --enable-https=auto / --with-cacheowner=postfix --with-maxformargsize=2097152 --with-maxmsgsize=5242880 / --enable-mimetypes server$ cd sqwebmail/html server$ make clone from=en-us to=zh_CN server$ echo zh_CN zh_CN >zh_CN/LANGUAGE_PREF server$ echo zh_CN > zh_CN/LOCALE server$ echo gb2312 >zh_CN/CHARSET server$ cd ../.. server$ ./configure --prefix=/usr/local/share/webmail / --enable-imagedir=/usr/local/apache/htdocs/webmails --enable-imageurl=/webmails / --enable-cgibindir=/usr/local/apache/cgi-bin/webmail3 --with-defaultlang=zh_CN / --enable-mimecharset=gb2312 --with-mysql-libs=/usr/local/mysql/lib/mysql / --with-mysql-includes=/usr/local/mysql/include/mysql --enable-unicode / --with-cachedir=/var/webmail/cache --enable-webpass=no --without-ospell / --with-maxmsgsize=5242880 --enable-maxpurge=7 --without-authldap / --without-authvchkpw --without-authshadow --with-fcgi --enable-https=auto / --with-cacheowner=postfix --with-maxformargsize=2097152 --with-maxmsgsize=5242880 / --enable-mimetypes server$ gmake configure-check server$ gmake server$ su server# gmake install-strip server# gmake install-configure 2、配置 编辑修改/usr/local/share/sqwebmail/authmysqlrc 示例：authmysqlrc MYSQL_SERVER localhost MYSQL_USERNAME courier MYSQL_PASSWORD liubinw MYSQL_SOCKET /tmp/mysql.sock MYSQL_PORT 3306 MYSQL_OPT 0 MYSQL_DATABASE mail MYSQL_USER_TABLE virtual_users MYSQL_CRYPT_PWFIELD password MYSQL_UID_FIELD uid MYSQL_GID_FIELD gid MYSQL_LOGIN_FIELD id MYSQL_HOME_FIELD home MYSQL_NAME_FIELD name MYSQL_MAILDIR_FIELD maildir MYSQL_QUOTA_FIELD quota MYSQL_WHERE_CLAUSE imapok=1 编辑修改/usr/local/share/sqwebmail/authdaemonrc 示例：authdaemonrc version="authdaemond.mysql" 3、设置自启动 server# edit /usr/local/etc/rc.d/authdeamond.sh 示例：authdaemond.sh server# chmod 755 /usr/local/etc/rc.d/authdeamond.sh 4、使用： 最后在浏览器的URL中输入： http://www.nankai.edu.cn/cig-bin/webmail3/sqwebmail 安装igenusigenus_2_20030311_snap(以下用的是由igenus_2_20030516_snap.tgz修改的版本) 1、安装： server# cd /var/mail server# tar zxvf igenus_docn.tar.gz server# edit /usr/local/apache/conf/httpd.conf 2、配置： 1、Group nobody、User nobody 修改为： Group postfix、User postfix 2、DocumentRoot "/usr/local/apache/htdocs" 修改为：DocumentRoot "/var/mail/webmail" 3、修改config_inc.php文件 $CFG_BASEPATH = "/var/mail/webmail"; $CFG_MYSQL_HOST = 'localhost'; $CFG_MYSQL_USER = 'postfix'; $CFG_MYSQL_PASS = 'liubinw';(同以上密码，均可以自己修改) $CFG_MYSQL_DB = 'mail'; 3、使用： 最后在浏览器的URL中输入： http://www.nankai.edu.cn 4、最后说明：最新使用postfix-2.0.12，因为安装测试不通过，所以建议使用2.0.10版本。我修改的igenus时现在已经发布到网上，如果连接失效的话，可以用qq或email和我联系索要！ 至此，Postfix的webmail邮件服务器系统架设完毕。