Ubuntu 12.04安装配置Postfix dovecot cyrus sasl(mysql虚拟用户)

有服务器方面的问题无法解决?点击这里寻求帮助。

文章目录
[隐藏]

本文是基于ubuntu 12.04配置的邮件服务器,利用postfix提供邮件smtp服务,dovecot提供pop3或imap代理收信服务。使用mysql管理和验证邮件用户。以下操作经本人亲试通过,涉及域名centos.bz的请替换为自己的。

一、安装必要包

  1. apt-get install postfix postfix-mysql postfix-doc mysql-client mysql-server dovecot-common dovecot-imapd dovecot-pop3d libsasl2-2 libsasl2-modules libsasl2-modules-sql sasl2-bin libpam-mysql openssl telnet mailutils dovecot-mysql

二、设置MySQL数据库

  1. mysql -u root -p
  1. mysql> CREATE DATABASE mail;
  2. mysql> USE mail;
  3. mysql> GRANT SELECT, INSERT, UPDATE, DELETE ON mail.* TO 'mail_admin'@'localhost' IDENTIFIED BY 'password-for-mail_admin';
  4. mysql> GRANT SELECT, INSERT, UPDATE, DELETE ON mail.* TO 'mail_admin'@'127.0.0.1' IDENTIFIED BY 'password-for-mail_admin';
  5. mysql> FLUSH PRIVILEGES;
  6. mysql> CREATE TABLE domains (domain varchar(50) NOT NULL, PRIMARY KEY (domain) );
  7. mysql> CREATE TABLE forwardings (source varchar(80) NOT NULL, destination TEXT NOT NULL, PRIMARY KEY (source) );
  8. mysql> CREATE TABLE users (email varchar(80) NOT NULL, password varchar(20) NOT NULL, PRIMARY KEY (email) );
  9. mysql> CREATE TABLE transport ( domain varchar(128) NOT NULL default '', transport varchar(128) NOT NULL default '', UNIQUE KEY domain (domain) );
  10. mysql> quit

注:请替换password-for-mail_admin为用户mail_admin的密码,以下出现password-for-mail_admin的也请替换下。

三、配置Postfix使用MySQL

文件:/etc/postfix/mysql-virtual_domains.cf

  1. user = mail_admin
  2. password = password-for-mail_admin
  3. dbname = mail
  4. query = SELECT domain AS virtual FROM domains WHERE domain='%s'
  5. hosts = 127.0.0.1

文件:/etc/postfix/mysql-virtual_forwardings.cf

  1. user = mail_admin
  2. password = password-for-mail_admin
  3. dbname = mail
  4. query = SELECT destination FROM forwardings WHERE source='%s'
  5. hosts = 127.0.0.1

文件:/etc/postfix/mysql-virtual_mailboxes.cf

  1. user = mail_admin
  2. password = password-for-mail_admin
  3. dbname = mail
  4. query = SELECT CONCAT(SUBSTRING_INDEX(email,'@',-1),'/',SUBSTRING_INDEX(email,'@',1),'/') FROM users WHERE email='%s'
  5. hosts = 127.0.0.1

文件:/etc/postfix/mysql-virtual_email2email.cf

  1. user = mail_admin
  2. password = password-for-mail_admin
  3. dbname = mail
  4. query = SELECT email FROM users WHERE email='%s'
  5. hosts = 127.0.0.1

设置权限:

  1. chmod o= /etc/postfix/mysql-virtual_*.cf
  2. chgrp postfix /etc/postfix/mysql-virtual_*.cf

建立用户:

  1. groupadd -g 5000 vmail
  2. useradd -g vmail -u 5000 vmail -d /home/vmail -m

配置postfix:

  1. postconf -e 'myhostname = centos.bz'
  2. postconf -e 'mydestination = centos.bz, localhost, localhost.localdomain'
  3. postconf -e 'mynetworks = 127.0.0.0/8'
  4. postconf -e 'message_size_limit = 30720000'
  5. postconf -e 'virtual_alias_domains ='
  6. postconf -e 'virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, mysql:/etc/postfix/mysql-virtual_email2email.cf'
  7. postconf -e 'virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf'
  8. postconf -e 'virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf'
  9. postconf -e 'virtual_mailbox_base = /home/vmail'
  10. postconf -e 'virtual_uid_maps = static:5000'
  11. postconf -e 'virtual_gid_maps = static:5000'
  12. postconf -e 'smtpd_sasl_auth_enable = yes'
  13. postconf -e 'broken_sasl_auth_clients = yes'
  14. postconf -e 'smtpd_sasl_authenticated_header = yes'
  15. postconf -e 'smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination'
  16. postconf -e 'smtpd_use_tls = yes'
  17. postconf -e 'smtpd_tls_cert_file = /etc/postfix/smtpd.cert'
  18. postconf -e 'smtpd_tls_key_file = /etc/postfix/smtpd.key'
  19. postconf -e 'proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps'
  20. postconf -e 'virtual_transport = dovecot'
  21. postconf -e 'local_transport = dovecot'

四、为postfix创建证书:

  1. cd /etc/postfix
  2. openssl req -new -outform PEM -out smtpd.cert -newkey rsa:2048 -nodes -keyout smtpd.key -keyform PEM -days 365 -x509

更改证书权限:

  1. chmod o= /etc/postfix/smtpd.key

五、配置saslauthd

  1. mkdir -p /var/spool/postfix/var/run/saslauthd
  2. cp -a /etc/default/saslauthd /etc/default/saslauthd.bak

编辑文件:/etc/default/saslauthd,按以下内容修改:

  1. START=yes
  2. DESC="SASL Authentication Daemon"
  3. NAME="saslauthd"
  4. MECHANISMS="pam"
  5. MECH_OPTIONS=""
  6. THREADS=5
  7. OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd -r"

文件:/etc/pam.d/smtp

  1. auth    required   pam_mysql.so user=mail_admin passwd=password-for-mail_admin host=127.0.0.1 db=mail table=users usercolumn=email passwdcolumn=password crypt=1
  2. account sufficient pam_mysql.so user=mail_admin passwd=password-for-mail_admin host=127.0.0.1 db=mail table=users usercolumn=email passwdcolumn=password crypt=1

文件:/etc/postfix/sasl/smtpd.conf

  1. pwcheck_method: saslauthd
  2. mech_list: plain login
  3. allow_plaintext: true
  4. auxprop_plugin: sql
  5. sql_engine: mysql
  6. sql_hostnames: 127.0.0.1
  7. sql_user: mail_admin
  8. sql_passwd: password-for-mail_admin
  9. sql_database: mail
  10. sql_select: select password from users where email = '%u@%r'

设置权限:

  1. chmod o= /etc/pam.d/smtp
  2. chmod o= /etc/postfix/sasl/smtpd.conf

重启服务:

  1. adduser postfix sasl
  2. service postfix restart
  3. service saslauthd restart

六、配置Dovecot

文件:/etc/postfix/master.cf,按如下修改

取消submission配置的注释:

  1. #submission inet n       -       -       -       -       smtpd
  2. #  -o syslog_name=postfix/submission
  3. #  -o smtpd_tls_security_level=encrypt
  4. #  -o smtpd_sasl_auth_enable=yes
  5. #  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
  6. #  -o milter_macro_daemon_name=ORIGINATING
  7.  改为
  8. submission inet n       -       -       -       -       smtpd
  9.   -o syslog_name=postfix/submission
  10.   -o smtpd_tls_security_level=encrypt
  11.   -o smtpd_sasl_auth_enable=yes
  12.   -o smtpd_client_restrictions=permit_sasl_authenticated,reject
  13.   -o milter_macro_daemon_name=ORIGINATING

文件尾增加:

  1. dovecot   unix  -       n       n       -       -       pipe
  2.     flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -d ${recipient}
  1. cp -a /etc/dovecot/dovecot.conf /etc/dovecot/dovecot.conf.bak

清空文件/etc/dovecot/dovecot.conf,加入如下:

  1. log_timestamp = "%Y-%m-%d %H:%M:%S "
  2. mail_location = maildir:/home/vmail/%d/%n/Maildir
  3. namespace {
  4.   inbox = yes
  5.   location =
  6.   prefix = INBOX.
  7.   separator = .
  8.   type = private
  9. }
  10. passdb {
  11.   args = /etc/dovecot/dovecot-sql.conf
  12.   driver = sql
  13. }
  14. protocols = imap pop3
  15. disable_plaintext_auth = no
  16. auth_mechanisms = plain login
  17. service auth {
  18.   unix_listener /var/spool/postfix/private/auth {
  19.     group = postfix
  20.     mode = 0660
  21.     user = postfix
  22.   }
  23.   unix_listener auth-master {
  24.     mode = 0600
  25.     user = vmail
  26.   }
  27.   user = root
  28. }
  29. ssl = required
  30. ssl_cert = </etc/ssl/certs/dovecot.pem
  31. ssl_key = </etc/ssl/private/dovecot.pem
  32. userdb {
  33.   args = uid=5000 gid=5000 home=/home/vmail/%d/%n allow_all_users=yes
  34.   driver = static
  35. }
  36. protocol lda {
  37.   auth_socket_path = /var/run/dovecot/auth-master
  38.   log_path = /home/vmail/dovecot-deliver.log
  39.   postmaster_address = postmaster@example.com
  40. }
  41. protocol pop3 {
  42.   pop3_uidl_format = %08Xu%08Xv
  43. }
  1. cp -a /etc/dovecot/dovecot-sql.conf /etc/dovecot/dovecot-sql.conf.bak

文件:/etc/dovecot/dovecot-sql.conf

  1. driver = mysql
  2. connect = host=127.0.0.1 dbname=mail user=mail_admin password=password-for-mail_admin
  3. default_pass_scheme = CRYPT
  4. password_query = SELECT email as user, password FROM users WHERE email='%u';
  1. service dovecot restart
  2.  
  3.  
  4. chgrp vmail /etc/dovecot/dovecot.conf
  5. chmod g+r /etc/dovecot/dovecot.conf

七、设置Mail Aliases

文件/etc/aliases

  1. postmaster: root
  2. root: postmaster@centos.bz

八、测试

  1. mysql -u root -p
  1. USE mail;
  2. INSERT INTO domains (domain) VALUES ('centos.bz');
  3. INSERT INTO users (email, password) VALUES ('sales@centos.bz', ENCRYPT('password-for-sales'));
  4. quit

这里添加了一个sales@centos.bz的用户,密码为password-for-sales

最后,可以使用邮件客户端,如foxmail进行收信和发信的测试。

转载请保留原文链接:Linux运维日志 » Ubuntu 12.04安装配置Postfix dovecot cyrus sasl(mysql虚拟用户)

打赏

如果此文对你有所帮助,请随意打赏鼓励作者^_^

评论 15

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址
  1. Zoplor海哥啊 Centos怎么修改SSH登陆端口呢? /usr/sbin/sshd -p 貌似不起作用噢? 麻烦说下 谢谢了回复
    • 朱 茂海/etc/ssh/sshd_config,搜索port回复
      • Zoplor@朱 茂海 没用哦 亲,我试了回复
        • 朱 茂海重启ssh没有?回复
          • Zoplor@朱 茂海 Service sshd restart ok了但是用putty还是木有用 :smile: 好搞笑哦回复
  2. fangj1ngo@ubuntu-server:~$ sudo service postfix restart * Stopping Postfix Mail Transport Agent postfix [ OK ] * Starting Postfix Mail Transport Agent postfix [ OK ] go@ubuntu-server:~$ sudo service dovecot restart stop: Unknown instance: dovecot start/running, process 8220 go@ubuntu-server:~$ sudo ps -aux | grep dovecot Warning: bad ps syntax, perhaps a bogus '-'? See http://procps.sf.net/faq.html go 8253 0.0 0.0 8104 916 pts/0 S+ 09:17 0:00 grep --color=auto dovecot go@ubuntu-server:~$ netstat -l | grep :25 go@ubuntu-server:~$ netstat -l | grep :110 go@ubuntu-server:~$ netstat -l | grep :143 go@ubuntu-server:~$ go@ubuntu-server:~$ telnet localhost 25 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. 220 yahoo.org ESMTP Postfix (Ubuntu) go@ubuntu-server:~$ telnet localhost 110 Trying 127.0.0.1... telnet: Unable to connect to remote host: Connection refused 大神dovecot程序已经启动了, 为什么还是连接不了110啊 ???回复
    • 朱 茂海netstat -nlp 看下端口启动没回复
  3. pccom.camail dovecot: pop3-login: Disconnected (auth failed, 1 attempts): user=, method=PLAIN, rip=135.0.84.204, lip=192.168.1.20, TLS: Disconnected Jul 19 12:13:54 dovecot: last message repeated 2 times Jul 19 12:13:54 mail dovecot: pop3-login: Disconnected (tried to use disabled plaintext auth): rip=135.0.84.204, lip=192.168.1.20 按这个教程搞的,总是不能登陆啊!回复
    • 朱 茂海这个是因为禁用了明文验证,尝试编辑/etc/dovecot/dovecot.conf,在protocols = imap pop3加入: disable_plaintext_auth = no auth_mechanisms = plain login 重启dovecot: /etc/init.d/dovecot restart回复
  4. Daniel按照文中配置,可以收发邮件,但不能群发和抄送,请问大神,怎样配置?回复
    • 朱 茂海群发和抄送这个我没测试过,配置之前也没这个需求,所以我也不懂。回复
  5. nodust90535 5.7.8 Error: authentication failed: authentication failure是咋回事?密码不对?该怎么弄?回复
  6. 求教你好.这篇教程很傻瓜化,非常感谢. 有个问题,这里面的密码用了mysql encryppt()加密,我想直接用已有的用户表,加密方法是把用户名和明文密码连起来md5()一下.请问如何修改呢?.回复
  7. 今天蛋蛋疼照着做了 、客户端能连上 ,但是不能收 也不能发邮件。回复
  8. 今天蛋蛋疼发件人名称要在哪设置 ? 现在直接显示邮件地址。回复