邮件服务器实例（debian+posfix+cyrus+squirrelmail）_───────────────────────┤ postfix configuration ├─-优快云博客

本文详细介绍了基于Debian系统的DNS服务器配置和邮件系统搭建流程，包括DNS配置、邮件服务器安装与配置、Web邮件管理器SquirrelMail的安装与配置、测试过程，以及邮件收发测试方法。

摘要生成于 C知道，由 DeepSeek-R1 满血版支持，前往体验 >

1．按附录方法安装和配置DNS服务器。
2．安装过程开始：
# apt-get install postfix cyrus21-admin cyrus21-clients cyrus21-common cyrus21-doc cyrus21-imapd cyrus21-pop3d squirrelmail squirrelmail-locales libsasl2-modules libsasl2 sasl2-bin
The following extra packages will be installed:
apache2 apache2-common apache2-mpm-prefork apache2-utils gawk
libapache2-mod-php4 libapr0 libcyrus-imap-perl21 libhesiod0 libsnmp4.2
libzephyr3 libzzip-0-12 openssl php4-common ssl-cert

┌─────────────┤ Configuring libhesiod0 ├────────────┐
│ Hesiod looks up keys using the standard Domain Name System. Enter the │
│ right-hand side of the domain name to do searches in. This name should │
│ begin with a ".". │
│ │
│ Hesiod domain for searches │
│ │
│ .athena.mit.edu__________________________________________________________ │
│ │
│ <Ok> │
│ │
└────────────────────────────────────────┘
　　将“.athena.mit.edu”改为“.yx.edu.cn”。
┌─────────────┤ Postfix Configuration ├─────────────┐
│ │
│ You have several choices for general configuration at this point. If #
│ you have your debconf priority set to 'low' or 'medium', you will be ▒
│ asked more questions later. You can always run "dpkg-reconfigure ▒
│ --priority=low postfix" at a later point if you want to see these ▒
│ questions again. ▒
│ ▒
│ No configuration - IF YOU WANT THE INSTALL TO LEAVE YOUR CONFIG ALONE, ▒
│ CHOOSE THIS OPTION. No configuration changes will be done now: If you ▒
│ have not already configured Postfix, your mail system will be broken and ▒
│ should not be used. You must then do the configuration yourself by ▒
│ editing /usr/share/postfix/main.cf.dist and saving your changes as ▒
│ /etc/postfix/main.cf, or by running dpkg-reconfigure Postfix. main.cf ▒
│ will not be modified by the Postfix install process. ▒
│ ▒
│
│ <Ok>
│ │
└────────────────────────────────────────┘
┌─┤ Postfix Configuration ├───┐
│ General type of configuration? │
│ │
│ No configuration │
│ Internet Site │
│ Internet with smarthost │
│ Satellite system │
│ Local only │
│ │
│ │
│ <Ok> <Cancel> │
│ │
└──────────────────┘
　　默认“Internet Site”。
┌─────────────┤ Postfix Configuration ├─────────────┐
│ The user root (and any other users with a uid of 0) must have mail │
│ redirected via an alias, or their mail may be delivered to │
│ /var/mail/nobody. This is by design: mail is not delivered to external │
│ delivery agents as root. │
│ │
│ If you already have a /etc/aliases file, then you possibly need to add │
│ this entry. (I will only add it if I am creating a new /etc/aliases.) │
│ │
│ What address should I add to /etc/aliases, if I create the file? (Enter │
│ NONE to not add one.) │
│ │
│ Where should mail for root go │
│ │
│ NONE_____________________________________________________________________ │
│ │
│ <Ok> <Cancel> │
│ │
└────────────────────────────────────────┘
　　这里将设置root用户的邮件由哪个普通用户来接收，把“NONE”改为这个普通用户名即可(本测试机是“uu”)，网络实验室安装时这个普通用户是 “stu”。注：默认情况下大多数默认系统帐号的别名都被设置成root，并且在安装Debian(默认已安装Exim4)时已把root的别名设成了第一个普通用户帐号，所以在“/etc/aliases”文件中已保存了相关的别名。直接回车就可以了。
┌─────────────┤ Postfix Configuration ├────────────┐
│ Your `mail name' is the hostname portion of the address to be shown on │
│ outgoing news and mail messages (following the username and @ sign). │
│ │
│ This name will be used by other programs besides Postfix; it should be │
│ the single, full domain name (FQDN) from which mail will appear to │
│ originate. │
│ │
│ Mail name? │
│ │
│ localhost.localdomain___________________________________________________ │
│ │
│ <Ok> <Cancel> │
│ │
└───────────────────────────────────────┘
　　设置外发邮件名的后缀。将“localhost.localdomain”改为“yx.edu.cn”。
┌────────────┤ Postfix Configuration ├──────────────┐
│ Specify a domain, host, host 扮鬼脸

ort, [address] or [address] 扮鬼脸

ort. Use the │
│ form [destination] to turn off MX lookups. Leave this blank for no │
│ relay host. │
│ │
│ The relayhost parameter specifies the default host to send mail to when │
│ no entry is matched in the optional transport(5) table. When no │
│ relayhost is given, mail is routed directly to the destination. │
│ │
│ SMTP relay host? (blank for none) │
│ │
│ smtp.localdomain_________________________________________________________ │
│ │
│ <Ok> <Cancel> │
│ │
└────────────────────────────────────────┘
　　设置SMTP中继主机。将“smtp.localdomain”改为“mail.yx.edu.cn”。
┌──────────┤ Postfix Configuration ├────────────────┐
│ Give a comma-separated list of domains that this machine should consider │
│ itself the final destination for. If this is a mail domain gateway, you │
│ probably want to include the top-level domain. │
│ │
│ Other destinations to accept mail for? (blank for none) │
│ │
│ yx.edu.cn, localhost.localdomain, localhost.localdomain, localhost_______ │
│ │
│ <Ok> <Cancel> │
│ │
└────────────────────────────────────────┘
　　直接回车。
┌─────────────┤ Postfix Configuration ├─────────────┐
│ │
│ If synchronous updates are forced, then mail is processed more slowly. │
│ If not forced, then there is a remote chance of losing some mail if the │
│ system crashes at an inopportune time, and you are not using a journaled │
│ filesystem (such as ext3). │
│ │
│ The default is "off". │
│ │
│ Force synchronous updates on mail queue? │
│ │
│ <Yes> <No> │
│ │
└────────────────────────────────────────┘
　　直接回车。
Postfix is now set up with a default configuration. If you need to make
changes, edit
/etc/postfix/main.cf (and others) as needed. To view Postfix configuration
values, see postconf(1).

After modifying main.cf, be sure to run '/etc/init.d/postfix reload'.

Running newaliases
Starting mail transport agent: Postfix.

Setting up cyrus21-common (2.1.18-1) ...
Creating/updating cyrus user account...
Adding user `cyrus' to group `sasl'...
Done.
Creating cyrus control directories in /var/lib/cyrus...
Creating partition spool /var/spool/cyrus/mail...
Creating partition spool /var/spool/cyrus/news...
Trying to optimize Cyrus partitions, edit /etc/default/cyrus21 to disable...
Setting attributes to -S -j for /var/lib/cyrus...
Setting attributes to -S -j for /var/spool/cyrus/mail...
Setting attributes to -S -j for /var/spool/cyrus/news...
Starting Cyrus IMAPd: cyrmaster.

Setting up cyrus21-doc (2.1.18-1) ...

Setting up cyrus21-imapd (2.1.18-1) ...
Setting up cyrus21-pop3d (2.1.18-1) ...
Setting up squirrelmail-locales (1.4.4-20050308-1) ...
Setting up squirrelmail (1.4.4-6sarge1) ...
Installing default squirrelmail config.
Run /usr/sbin/squirrelmail-configure as root to configure/upgrade config.
　　安装过程结束。
------------------------------------------------------------------

------------------------------------------------------------------
3．配置过程开始：
To setup Cyrus so that you can administer it (i.e. create users),
and get email inside it for those users:

1. Make sure libsasl2-modules, libsasl2 and sasl2-bin are installed
# apt-get install libsasl2-modules libsasl2 sasl2-bin # 注：前面已经安装，这里略去。
2. Make sure /etc/sasldb2 is readable by group sasl. Pay attention
to overrides (dpkg-statoverride)!
# ls -l /etc/sasldb2
-rw-rw---- 1 root sasl 12288 2005-11-14 01:04 /etc/sasldb2
3. Make sure user cyrus belongs to group sasl (cyrus21-common's install
tries to do this automatically for you).
查看/etc/group文件可知，cyrus已经属于sasl组了。
4. Edit /etc/cyrus.conf, and make sure the services you need are
enabled. These are most probably "imap", "pop3", "lmtpunix".

5. Edit /etc/imapd.conf, and make sure you have some admin users
listed in the entry "admins:". I suggest using "cyrus" as your
admin.

I also suggest enabling plain text logins, and setting
sasl_minimum_layer: 0
去掉“#admins:cyrus”和“#sasl_minimum_layer: 0”前的#号。

6. Restart Cyrus (/etc/init.d/cyrus21 restart)

7. Use saslpasswd2 -c to create an account for your admin:
# saslpasswd2 -c cyrus

8. Use sasldblistusers2 to make sure step 7 worked fine.
# sasldblistusers2
这一步可以在第9步后一起做。
9. Add other users to SASL likewise (saslpasswd2 -c).
请确保已经有“uu”和“stu”这两个系统用户，没有则新建，或者已有其他用户的话则本实例中的这两个用户名相对应换之。
# saslpasswd2 -c uu
# saslpasswd2 -c stu
# sasldblistusers2

10. Log in cyrus as the administrator, and create the mailboxes:
# cyradm --user cyrus localhost
cyradm --user cyrus localhost> cm user.uu
cyradm --user cyrus localhost> cm user.stu
cyradm --user cyrus localhost> cm user.root
按组合键“^D”退出。

(notice that there is an "user." in front of the mailbox name!)
You must use "user/bob", "user/anna" instead if you have the
unixhierarchysep option enabled in imapd.conf.

For this to work, you obviously need the cyrus21-admin package
installed.

11. Try to login as a normal user, using imtest or a IMAP/POP3 client.
If you have trouble with mutt and CRAM-MD5 or DIGEST-MD5, edit
/etc/imapd.conf, and look for sasl_mech_list. Set it to:
sasl_mech_list: plain cram-md5
(this will disable digest-md5, which causes trouble with mutt).
把这行前面的#号删除并添加cram-md5。

12. Setup your MTA to deliver email inside Cyrus. Basically that can
be done (easily) by:

a) running /usr/sbin/cyrdeliver (SLOW)
You need the lmtpunix service enabled in /etc/cyrus.conf for this
to work.

“/etc/cyrus.conf”文件中“lmtpunix service”默认已经“enabled”了。
但运行“/usr/sbin/cyrdeliver”命令后显示：
421-4.3.0 usage: deliver [-C <alt_config> ] [-m mailbox] [-a auth] [-r return_path] [-l] [-D]
421 4.3.0 v2.1.18-IPv6-Debian-2.1.18-1
提示中有这么多参数，不知道怎么用，请指点一下。

b) delivering using LMTP to /var/run/cyrus/socket/lmtp
You need the lmtpunix service enabled in /etc/cyrus.conf for this
to work.

“/etc/cyrus.conf”文件中“lmtpunix service”默认已经“enabled”了。
但运行“/var/run/cyrus/socket/lmtp”命令后显示：
bash: /var/run/cyrus/socket/lmtp: 权限不够
我用“root”身份运行的这条命令，怎么还权限不够？请指点！

Just make sure (and use dpkg-statoverride to do that) that your
MTA can get to /var/run/cyrus/socket/lmtp. It works just like any
file in a Unix system.

Cyrus REQUIRES a valid RFC2822 message, and will refuse messages with
bad headers (such as that From foobar header, notice the missing ':' 抛媚眼

,
embedded NULLs or any other crap.

That's it. See /usr/share/doc/cyrus21-common/README.{postfix,exim,sendmail}
for help on how to setup your MTA to correctly deliver to Cyrus.

可能就是在这里没通过，所以squireelmail中无法收到邮件，因为cyrus根本就没有取得邮件。
注：这12条是cyrus的readme文件中的。

------------------------------------------------------------------
Web邮件管理器SquirrelMail的配置：

(1)SquirrelMail runs on top of almost any IMAP server
　　用“/etc/squirrelmail/conf.pl”命令修改第10项为：
Language preferences
1. Default Language : zh_CN
2. Default Charset : utf-8
3. Enable lossy encoding : false

　　用“/etc/squirrelmail/conf.pl”命令修改“D. Set pre-defined settings for specific IMAP servers”：
Please select your IMAP server:
cyrus = Cyrus IMAP server
uw = University of Washington's IMAP server
exchange = Microsoft Exchange IMAP server
courier = Courier IMAP server
macosx = Mac OS X Mailserver
hmailserver = hMailServer
quit = Do not change anything
输入“cyrus”后回车。

用“s”命令保存修改结果。

或者也可以直接用文本编辑器修改“/etc/squirrelmail/config.php”文件的以下内容为：
$motd = "Welcome to Our Webmail !";
$squirrelmail_default_language = 'zh_CN';
$default_charset = 'utf-8';
$domain = 'yx.edu.cn';
$smtpServerAddress = 'mail.yx.edu.cn';
$imapServerAddress = 'localhost';
$imap_server_type = 'cyrus';
$optional_delimiter = 'detect';
$default_folder_prefix = '';
$auto_create_special = true;
$data_dir = '/var/lib/squirrelmail/data/';
$attachment_dir = '/var/spool/squirrelmail/attach/';
$theme_css = '';

(2)Configuring Apache with SquirrelMail
$ ln -s /etc/squirrelmail/apache.conf /etc/apache2/conf.d/squirrelmail.conf

(3)Virtual Hosts
There are some example Apache directives in /etc/squirrelmail/apache.conf
这里跟Apache里建虚拟主机方法一样，略。

(4)Adding a symlink in your webroot may be all you need. (建立一个快捷方式，可以用“http://域名或IP/squirrelmail”来访问)
# ln -s /usr/share/squirrelmail/ /var/www/squirrelmail

------------------------------------------------------------------
4．测试过程：
------------------------------------------------------------------
(1)检查smtp、pop3和imap是否已正常工作：

运行“postfix reload”重启Postfix。
运行telnet localhost 25，输入EHLO anywhere.org，应该可以看到一行：250-STARTTLS。干杯！TLS运行起来了！。
# telnet mail.yx.edu.cn 25
Trying 192.168.3.9...
Connected to dsjh.yx.edu.cn.
Escape character is '^]'.
220 localhost.localdomain ESMTP Postfix (Debian/GNU)
250-localhost.localdomain
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250 8BITMIME
^]
telnet> quit
Connection closed.

运行“/etc/init.d/cyrus21 restart”命令重启cyrus。
# telnet mail.yx.edu.cn 110
Trying 192.168.3.9...
Connected to dsjh.yx.edu.cn.
Escape character is '^]'.
+OK dsjh Cyrus POP3 v2.1.18-IPv6-Debian-2.1.18-1 server ready <85847085.1131896962@dsjh>
^]
telnet> quit
Connection closed.

# telnet mail.yx.edu.cn 143
Trying 192.168.3.9...
Connected to dsjh.yx.edu.cn.
Escape character is '^]'.
* OK dsjh Cyrus IMAP4 v2.1.18-IPv6-Debian-2.1.18-1 server ready
^]
telnet> quit
Connection closed.
------------------------------------------------------------------
------------------------------------------------------------------

(2)在浏览器中用“http://mail.yx.edu.cn/squirrelmail”可以访问了。
注意：这时可以用web方式发邮件到外网邮件服务器，但不能收外网发到本地的邮件，因为这个域名没有注册。

------------------------------------------------------------------
(3)使用fetchmail接收外网邮件服务器上的pop3邮件：

# apt-get install fetchmail
用“fetchmail -p pop3 -u lokay -c pop3.sohu.com”命令查看，
去掉“-c”就会接收邮件到本地。

------------------------------------------------------------------
(4)用mutt来发邮件和阅读邮件。
测试本地用户间的邮件互发和阅读，本地用户发邮件到外网用户，然后到外网去查看是否成功。

------------------------------------------------------------------
(5)另外一种像Windows中Outlook Express一样的图形界面邮件客户端软件：

# apt-get install mozilla-thunderbird
------------------------------------------------------------------

------------------------------------------------------------------
------------------------------------------------------------------
------------------------------------------------------------------
四、思考题：
1．Debian推荐的邮件服务器是什么？我们的实例中为何不用这个推荐软件？
2．实例中是直接使用系统用户做为邮件用户，如果设置稍有差错，就会对系统安全造成很大的威胁。解决这一矛盾的最佳方法是什么？

------------------------------------------------------------------
------------------------------------------------------------------
------------------------------------------------------------------

附录：不使用Webmin配置DNS服务器
　　(1)用“# apt-get install bind9”命令安装DNS服务软件包。
　　(2)由于“/etc/bind/named.conf”文件中已经包含了“/etc/bind/named.conf.local”文件，所以只需要修改后者即可。用文本编辑器打开“/etc/bind/named.conf.local”文件，添加以下内容(其中包括一个正向主区域 “yx.edu.cn”和一个反向主区域“192.168.3”，注意要把网络号改为你所在网络的网络号)：
zone "yx.edu.cn" {
type master;
file "/etc/bind/yx.edu.cn.hosts";
};

zone "3.168.192.in-addr.arpa" {
type master;
file "/etc/bind/192.168.3.rev";
};
　　(3)再用文本编辑器编新建“/etc/bind/yx.edu.cn.hosts”正向主区域文件，内容为：
$ttl 38400
yx.edu.cn. IN SOA dsjh.yx.edu.cn. postmaster.yx.edu.cn. (
1131210215
10800
3600
604800
38400 )
yx.edu.cn. IN NS dsjh.yx.edu.cn.
dsjh.yx.edu.cn. IN A 192.168.3.9
mail.yx.edu.cn. IN CNAME dsjh
yx.edu.cn. IN MX 10 dsjh.yx.edu.cn.
　　(4)再用文本编辑器编新建“/etc/bind/192.168.3.rev”逆向主区域文件，内容(注意要把网络号改为你所在网络的网络号)为：
$ttl 38400
3.168.192.in-addr.arpa. IN SOA dsjh.yx.edu.cn. postmaster.yx.edu.cn. (
1131210438
10800
3600
604800
38400 )
3.168.192.in-addr.arpa. IN NS dsjh.yx.edu.cn.
9.3.168.192.in-addr.arpa. IN PTR dsjh.yx.edu.cn.
　　(5)用“/etc/init.d/bind9 restart”命令重启服务。
　　(6)编辑客户机的“/etc/resolv.conf”文件，在第一行前加入下一行内容：
nameserver 192.168.3.9
　　(7) 在客户机上用“nslookup”命令测试DNS是否已正常。
------------------------------------------------------------------

观念决定方向，思路决定出路，胸怀决定规模。

顶0

踩0

redware

用户头衔：注册会员

状态：我不在线

沙发

发表于 2005-11-16 11:12:07 | 只看该作者 | 倒序浏览

没有人用过cyrus，还是我提供的信息不详细？

观念决定方向，思路决定出路，胸怀决定规模。

顶0

踩0

redware

用户头衔：注册会员

状态：我不在线

板凳

发表于 2005-11-17 13:12:09 | 只看该作者 | 倒序浏览

dsjh:/home/uu# imtest -m login -a stu mail.yx.edu.cn
S: * OK dsjh Cyrus IMAP4 v2.1.18-IPv6-Debian-2.1.18-1 server ready
C: C01 CAPABILITY
S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES IDLE AUTH=CRAM-MD5 ANNOTATEMORE
S: C01 OK Completed
Please enter your password:
C: L01 LOGIN stu {6}
S: + go ahead
C: <omitted>
S: L01 OK User logged in
Authenticated.
Security strength factor: 0

. select inbox
* FLAGS (\Answered \Flagged \Draft \Deleted \Seen)
* OK [PERMANENTFLAGS (\Answered \Flagged \Draft \Deleted \Seen \*)]
* 0 EXISTS
* 0 RECENT
* OK [UIDVALIDITY 1131953081]
* OK [UIDNEXT 1]
. OK [READ-WRITE] Completed

. logout
* BYE LOGOUT received
. OK Completed
Connection closed.
dsjh:/home/uu#
这条命令证明stu用户可以登录进imapd。
但收件箱里并没有邮件，而用mutt查是有邮件的，那么前面的步骤中应该是没有指定邮箱路径或没有链接到真正存放邮件的位置。那么在哪儿少了呢？怎么做呢？