Linux extmail的邮件服务器搭建

注:本文来源于《extmail搭建



一、背景介绍

ExtMail Solution 是一个基于优秀开源软件的电子邮件系统解决方案,核心部件包括了Postfix、Amavisd-new、ClamAV、ExtMail、ExtMan、Courier系列软件。是一个功能相对比较齐全的免费电子邮件系统。本次环境中使用的是CentOS。

二、实战演练

2.1 操作系统安装

采用系统光盘进行安装,然后按照日常安装步骤依次进行是否校验介质、安装界面语言等选项……注意必须安装MYSQL数据库。

设置静态ip

#查看ip信息
[root@localhost ~]# ifconfig
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.100 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 fe80::bb54:1d80:c29:8994 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:b4:d7:9a txqueuelen 1000 (Ethernet)
RX packets 565964 bytes 840298037 (801.3 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 88788 bytes 5501690 (5.2 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1 (Local Loopback)
RX packets 40 bytes 4556 (4.4 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 40 bytes 4556 (4.4 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 virbr0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 192.168.122.1 netmask 255.255.255.0 broadcast 192.168.122.255
ether 52:54:00:f5:70:0a txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
#显示电脑以及操作系统的相关信息
[root@localhost ~]# uname -a
Linux localhost.localdomain 3.10.0-693.el7.x86_64 #1 SMP Tue Aug 22 21:09:27 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
#显示电脑以及操作系统的相关信息
[root@localhost ~]# cat /proc/version
Linux version 3.10.0-693.el7.x86_64 (builder@kbuilder.dev.centos.org) (gcc version 4.8.5 20150623 (Red Hat 4.8.5-16) (GCC) ) #1 SMP Tue Aug 22 21:09:27 UTC 2017
#显示的是发行版本信息
[root@localhost ~]# cat /etc/issue
\S
Kernel \r on an \m

[root@localhost network-scripts]# clear

[root@localhost network-scripts]# ls
ifcfg-ens33 ifdown-eth ifdown-isdn ifdown-sit ifup ifup-ib ifup-plip ifup-routes ifup-tunnel network-functions-ipv6
ifcfg-lo ifdown-ib ifdown-post ifdown-Team ifup-aliases ifup-ippp ifup-plusb ifup-sit ifup-wireless
ifdown ifdown-ippp ifdown-ppp ifdown-TeamPort ifup-bnep ifup-ipv6 ifup-post ifup-Team init.ipv6-global
ifdown-bnep ifdown-ipv6 ifdown-routes ifdown-tunnel ifup-eth ifup-isdn ifup-ppp ifup-TeamPort network-functions
[root@localhost network-scripts]# vi ifcfg-ens33 TYPE="Ethernet"
PROXY_METHOD="none"
BROWSER_ONLY="no"
BOOTPROTO="static"
DEFROUTE="yes"
IPV4_FAILURE_FATAL="no"
IPV6INIT="yes"
IPV6_AUTOCONF="yes"
IPV6_DEFROUTE="yes"
IPV6_FAILURE_FATAL="no"
IPV6_ADDR_GEN_MODE="stable-privacy"
NAME="ens33"
UUID="4377cd68-ba42-4378-9d8b-072301cac6f0"
DEVICE="ens33"
ONBOOT="yes"
IPADDR="192.168.1.110"
GATEWAY="192.168.1.1"
NETWORK=192.168.1.1
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
"ifcfg-ens33" 18L, 377C written
[root@localhost network-scripts]# service network restart
Restarting network (via systemctl):
Last login: Thu Oct  4 11:24:38 2018 from 192.168.1.107
[root@localhost ~]# ifconfig
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.110 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 fe80::bb54:1d80:c29:8994 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:b4:d7:9a txqueuelen 1000 (Ethernet)
RX packets 2452 bytes 174855 (170.7 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 507 bytes 96479 (94.2 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1 (Local Loopback)
RX packets 48 bytes 5244 (5.1 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 48 bytes 5244 (5.1 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 virbr0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 192.168.122.1 netmask 255.255.255.0 broadcast 192.168.122.255
ether 52:54:00:f5:70:0a txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 [root@localhost ~]# cd /etc/sysconfig/network-scripts/
[root@localhost network-scripts]# ls
ifcfg-ens33 ifdown-eth ifdown-isdn ifdown-sit ifup ifup-ib ifup-plip ifup-routes ifup-tunnel network-functions-ipv6
ifcfg-lo ifdown-ib ifdown-post ifdown-Team ifup-aliases ifup-ippp ifup-plusb ifup-sit ifup-wireless
ifdown ifdown-ippp ifdown-ppp ifdown-TeamPort ifup-bnep ifup-ipv6 ifup-post ifup-Team init.ipv6-global
ifdown-bnep ifdown-ipv6 ifdown-routes ifdown-tunnel ifup-eth ifup-isdn ifup-ppp ifup-TeamPort network-functions
[root@localhost network-scripts]# cat ifcfg-ens33
TYPE="Ethernet"
PROXY_METHOD="none"
BROWSER_ONLY="no"
BOOTPROTO="static"
DEFROUTE="yes"
IPV4_FAILURE_FATAL="no"
IPV6INIT="yes"
IPV6_AUTOCONF="yes"
IPV6_DEFROUTE="yes"
IPV6_FAILURE_FATAL="no"
IPV6_ADDR_GEN_MODE="stable-privacy"
NAME="ens33"
UUID="4377cd68-ba42-4378-9d8b-072301cac6f0"
DEVICE="ens33"
ONBOOT="yes"
IPADDR="192.168.1.110"
GATEWAY="192.168.1.1"
NETWORK=192.168.1.1
[root@localhost network-scripts]#

2.2 制作YUM仓库

使用EMOS光盘制作本地 yum仓库,CentOS系统安装完成之后在/etc/yum.repos.d/下会生成4个配置文件。其中CentOS-Media.repo是本地YUM源的配置文件,可以在该配置文件中把EMOS光盘的路径进行添加完成本地YUM源的配置。

搭建本地yum

# 安装

# 3.1本地YUM源

# 3.1.1 ISO源

# 准备rpm包 

# 挂载CentOS-7-x86_64-Everything-1511.iso,把里面所有文件都拷贝到本地目录/yum/yum-iso

[root@linuxidc.com ~]# mkdir /mnt/yum-iso
[root@linuxidc.com ~]# mount /dev/cdrom /mnt/yum-iso/
mount: /dev/sr0 is write-protected, mounting read-only
[root@linuxidc.com ~]# mkdir /yum/
[root@linuxidc.com ~]# cp -a /mnt/yum-iso/ /yum/
[root@linuxidc.com ~]# ll /yum/
total 4
dr-xr-xr-x. 8 root root 4096 Dec 10 2015 yum-iso
[root@linuxidc.com ~]# ll /yum/yum-iso/
total 640
-r--r--r--. 1 root root 14 Dec 10 2015 CentOS_BuildTag
dr-xr-xr-x. 3 root root 33 Dec 10 2015 EFI
-r--r--r--. 1 root root 215 Dec 10 2015 EULA
-r--r--r--. 1 root root 18009 Dec 10 2015 GPL
dr-xr-xr-x. 3 root root 69 Dec 10 2015 images
dr-xr-xr-x. 2 root root 4096 Dec 10 2015 isolinux
dr-xr-xr-x. 2 root root 41 Dec 10 2015 LiveOS
dr-xr-xr-x. 2 root root 483328 Dec 10 2015 Packages
dr-xr-xr-x. 2 root root 4096 Dec 10 2015 repodata
-r--r--r--. 1 root root 1690 Dec 10 2015 RPM-GPG-KEY-CentOS-7
-r--r--r--. 1 root root 1690 Dec 10 2015 RPM-GPG-KEY-CentOS-Testing-7
-r--r--r--. 1 root root 2883 Dec 10 2015 TRANS.TBL
[root@linuxidc.com ~]# # 备份、移除其他repo [root@linuxidc.com ~]# cd /etc/yum.repos.d/
[root@linuxidc.com yum.repos.d]# ll
-rw-r--r--. 1 root root 1664 Dec 9 2015 CentOS-Base.repo
-rw-r--r--. 1 root root 1309 Dec 9 2015 CentOS-CR.repo
-rw-r--r--. 1 root root 649 Dec 9 2015 CentOS-Debuginfo.repo
-rw-r--r--. 1 root root 290 Dec 9 2015 CentOS-fasttrack.repo
-rw-r--r--. 1 root root 630 Dec 9 2015 CentOS-Media.repo
-rw-r--r--. 1 root root 1331 Dec 9 2015 CentOS-Sources.repo
-rw-r--r--. 1 root root 1952 Dec 9 2015 CentOS-Vault.repo
[root@linuxidc.com yum.repos.d]# tar zcvf repo-bk.tar.gz CentOS-*
CentOS-Base.repo
CentOS-CR.repo
CentOS-Debuginfo.repo
CentOS-fasttrack.repo
CentOS-Media.repo
CentOS-Sources.repo
CentOS-Vault.repo
[root@linuxidc.com yum.repos.d]# rm -f CentOS-Base.repo CentOS-CR.repo CentOS-Debuginfo.repo CentOS-fasttrack.repo CentOS-Sources.repo CentOS-Vault.repo # 配置本地repo [root@linuxidc.com yum.repos.d]# vi CentOS-Media.repo # 填入如下内容 [c7-media]
name=CentOS-$releasever - Media
baseurl=file:///yum/yum-iso/
gpgcheck=0
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 # 注释:配置repo路径、关闭gbp校验、启用这个repo # 制作cache [root@linuxidc.com yum.repos.d]# yum clean all
Loaded plugins: fastestmirror
Cleaning repos: c7-media
Cleaning up everything
Cleaning up list of fastest mirrors
[root@linuxidc.com yum.repos.d]# yum makecache
Loaded plugins: fastestmirror
c7-media | 3.6 kB 00:00:00
(1/4): c7-media/group_gz | 155 kB 00:00:00
(2/4): c7-media/primary_db | 5.3 MB 00:00:00
(3/4): c7-media/filelists_db | 6.2 MB 00:00:00
(4/4): c7-media/other_db | 2.3 MB 00:00:00
Determining fastest mirrors
Metadata Cache Created
[root@linuxidc.com yum.repos.d]# # 这样就可以使用yum安装软件啦 [root@linuxidc.com yum.repos.d]# yum groupinstall "Development tools"
Loaded plugins: fastestmirror
There is no installed groups file.
Maybe run: yum groups mark convert (see man yum)
Loading mirror speeds from cached hostfile
Resolving Dependencies
--> Running transaction check
---> Package autoconf.noarch 0:2.69-11.el7 will be installed
--> Processing Dependency: perl >= 5.006 for package: autoconf-2.69-11.el7.noarch
--> Processing Dependency: m4 >= 1.4.14 for package: autoconf-2.69-11.el7.noarch
--> Processing Dependency: perl(warnings) for package: autoconf-2.69-11.el7.noarch # 或者 [root@linuxidc.com yum.repos.d]# yum install tree
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
Resolving Dependencies
--> Running transaction check
---> Package tree.x86_64 0:1.6.0-10.el7 will be installed
--> Finished Dependency Resolution # 3.1.2 自定义YUM源 [root@linuxidc.com yum.repos.d]# yum -y install createrepo # 准备rpm包 # (需要自己确定依赖包)、目录。这里使用tree做演示。 [root@linuxidc.com ~]# mkdir -p /yum/yum-custom/packages
[root@linuxidc.com ~]# cp tree-1.6.0-10.el7.x86_64.rpm /yum/yum-custom/packages/ # 创建repo [root@linuxidc.com ~]# createrepo -u -d /yum/yum-custom/
Spawning worker 0 with 1 pkgs
Spawning worker 1 with 0 pkgs
Workers Finished
Saving Primary metadata
Saving file lists metadata
Saving other metadata
Generating sqlite DBs
Sqlite DBs complete
[root@linuxidc.com ~]# ll /yum/yum-custom/
total 4
drwxr-xr-x. 2 root root 41 Dec 20 07:03 packages
drwxr-xr-x. 2 root root 4096 Dec 20 07:08 repodata
[root@linuxidc.com ~]# # 配置自定义repo [root@linuxidc.com ~]# vi /etc/yum.repos.d/CentOS-Media.repo # 填入如下内容 [c7-media]
name=CentOS-$releasever - Media
baseurl=file:///yum/yum-custom/
gpgcheck=0
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 # 制作cache [root@linuxidc.com ~]# yum clean all
Loaded plugins: fastestmirror
Cleaning repos: c7-media
Cleaning up everything
Cleaning up list of fastest mirrors
[root@linuxidc.com ~]#
[root@linuxidc.com ~]# yum makecache
Loaded plugins: fastestmirror
c7-media | 3.0 kB 00:00:00
(1/3): c7-media/filelists_db | 880 B 00:00:00
(2/3): c7-media/primary_db | 1.8 kB 00:00:00
(3/3): c7-media/other_db | 1.3 kB 00:00:00
Determining fastest mirrors
Metadata Cache Created
[root@linuxidc.com ~]# # 使用自定义repo [root@linuxidc.com ~]# yum install tree
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
Resolving Dependencies
--> Running transaction check
---> Package tree.x86_64 0:1.6.0-10.el7 will be installed
--> Finished Dependency Resolution # 3.2 局域网YUM源 # 局域网YUM源可以配成:本地YUM源 + FTP服务器 # 这里使用自定义源yum-custom(见上面) + VSFTP演示。 # 下载vsftpd [root@linuxidc.com ~]# yum -y install vsftpd # 配置vsftpd # 编辑vsftp.conf [root@linuxidc.com ~]# vi /etc/vsftpd/vsftpd.conf # 并增加匿名用户root目录(默认已经启用匿名访问) anon_root=/yum/ # 注意目录权限如下 [root@linuxidc.com ~]# ll -a /yum/
total 8
drwxr-xr-x. 4 root root 37 Dec 20 07:37 .
dr-xr-xr-x. 18 root root 4096 Dec 20 06:32 ..
drwxr-xr-x. 4 root root 36 Dec 20 07:08 yum-custom
dr-xr-xr-x. 8 root root 4096 Dec 10 2015 yum-iso # 关闭selinux # 临时 [root@linuxidc.com ~]# setenforce 0 # 或者,永久: # 编辑config [root@linuxidc.com ~]# vi /etc/selinux/config # 设置 SELINUX=disabled # 重启 [root@linuxidc.com ~]# reboot # 启用vsftp [root@linuxidc.com ~]# systemctl start vsftpd
[root@linuxidc.com ~]# systemctl enable vsftpd
Created symlink from /etc/systemd/system/multi-user.target.wants/vsftpd.service to /usr/lib/systemd/system/vsftpd.service.
[root@linuxidc.com ~]# # 局域网使用 # 局域网另外一台机器min-client, # 配置repo # 编辑repo [root@min-client ~]# vim /etc/yum.repos.d/CentOS-Media.repo # 内容如下 [c7-media]
name=CentOS-$releasever - Media
baseurl=ftp://192.168.118.133/yum-custom
gpgcheck=0
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 # 其中192.168.118.133为上面vsftp服务器地址 # 启用这个局域网的repo [root@min-client ~]# yum clean all
Loaded plugins: fastestmirror
Cleaning repos: c7-media
Cleaning up everything
[root@min-client ~]# yum makecache
Loaded plugins: fastestmirror
c7-media | 3.0 kB 00:00
(1/3): c7-media/filelists_db | 880 B 00:00
(2/3): c7-media/other_db | 1.3 kB 00:00
(3/3): c7-media/primary_db | 1.8 kB 00:00
Determining fastest mirrors
Metadata Cache Created
[root@min-client ~]# # 使用 [root@linuxidc.com ~]# yum -y install tree
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
Resolving Dependencies
--> Running transaction check
---> Package tree.x86_64 0:1.6.0-10.el7 will be installed
--> Finished Dependency Resolution
#
# 目前差不多这些就够用了。以后有时间把163的YUM源爬下来,当本地源用。 # 安装 # 3.1本地YUM源 # 3.1.1 ISO源 # 准备rpm包 # 挂载CentOS-7-x86_64-Everything-1511.iso,把里面所有文件都拷贝到本地目录/yum/yum-iso [root@linuxidc.com ~]# mkdir /mnt/yum-iso
[root@linuxidc.com ~]# mount /dev/cdrom /mnt/yum-iso/
mount: /dev/sr0 is write-protected, mounting read-only
[root@linuxidc.com ~]# mkdir /yum/
[root@linuxidc.com ~]# cp -a /mnt/yum-iso/ /yum/
[root@linuxidc.com ~]# ll /yum/
total 4
dr-xr-xr-x. 8 root root 4096 Dec 10 2015 yum-iso
[root@linuxidc.com ~]# ll /yum/yum-iso/
total 640
-r--r--r--. 1 root root 14 Dec 10 2015 CentOS_BuildTag
dr-xr-xr-x. 3 root root 33 Dec 10 2015 EFI
-r--r--r--. 1 root root 215 Dec 10 2015 EULA
-r--r--r--. 1 root root 18009 Dec 10 2015 GPL
dr-xr-xr-x. 3 root root 69 Dec 10 2015 images
dr-xr-xr-x. 2 root root 4096 Dec 10 2015 isolinux
dr-xr-xr-x. 2 root root 41 Dec 10 2015 LiveOS
dr-xr-xr-x. 2 root root 483328 Dec 10 2015 Packages
dr-xr-xr-x. 2 root root 4096 Dec 10 2015 repodata
-r--r--r--. 1 root root 1690 Dec 10 2015 RPM-GPG-KEY-CentOS-7
-r--r--r--. 1 root root 1690 Dec 10 2015 RPM-GPG-KEY-CentOS-Testing-7
-r--r--r--. 1 root root 2883 Dec 10 2015 TRANS.TBL
[root@linuxidc.com ~]# # 备份、移除其他repo [root@linuxidc.com ~]# cd /etc/yum.repos.d/
[root@linuxidc.com yum.repos.d]# ll
-rw-r--r--. 1 root root 1664 Dec 9 2015 CentOS-Base.repo
-rw-r--r--. 1 root root 1309 Dec 9 2015 CentOS-CR.repo
-rw-r--r--. 1 root root 649 Dec 9 2015 CentOS-Debuginfo.repo
-rw-r--r--. 1 root root 290 Dec 9 2015 CentOS-fasttrack.repo
-rw-r--r--. 1 root root 630 Dec 9 2015 CentOS-Media.repo
-rw-r--r--. 1 root root 1331 Dec 9 2015 CentOS-Sources.repo
-rw-r--r--. 1 root root 1952 Dec 9 2015 CentOS-Vault.repo
[root@linuxidc.com yum.repos.d]# tar zcvf repo-bk.tar.gz CentOS-*
CentOS-Base.repo
CentOS-CR.repo
CentOS-Debuginfo.repo
CentOS-fasttrack.repo
CentOS-Media.repo
CentOS-Sources.repo
CentOS-Vault.repo
[root@linuxidc.com yum.repos.d]# rm -f CentOS-Base.repo CentOS-CR.repo CentOS-Debuginfo.repo CentOS-fasttrack.repo CentOS-Sources.repo CentOS-Vault.repo # 配置本地repo [root@linuxidc.com yum.repos.d]# vi CentOS-Media.repo # 填入如下内容 [c7-media]
name=CentOS-$releasever - Media
baseurl=file:///yum/yum-iso/
gpgcheck=0
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 # 注释:配置repo路径、关闭gbp校验、启用这个repo # 制作cache [root@linuxidc.com yum.repos.d]# yum clean all
Loaded plugins: fastestmirror
Cleaning repos: c7-media
Cleaning up everything
Cleaning up list of fastest mirrors
[root@linuxidc.com yum.repos.d]# yum makecache
Loaded plugins: fastestmirror
c7-media | 3.6 kB 00:00:00
(1/4): c7-media/group_gz | 155 kB 00:00:00
(2/4): c7-media/primary_db | 5.3 MB 00:00:00
(3/4): c7-media/filelists_db | 6.2 MB 00:00:00
(4/4): c7-media/other_db | 2.3 MB 00:00:00
Determining fastest mirrors
Metadata Cache Created
[root@linuxidc.com yum.repos.d]# # 这样就可以使用yum安装软件啦 [root@linuxidc.com yum.repos.d]# yum groupinstall "Development tools"
Loaded plugins: fastestmirror
There is no installed groups file.
Maybe run: yum groups mark convert (see man yum)
Loading mirror speeds from cached hostfile
Resolving Dependencies
--> Running transaction check
---> Package autoconf.noarch 0:2.69-11.el7 will be installed
--> Processing Dependency: perl >= 5.006 for package: autoconf-2.69-11.el7.noarch
--> Processing Dependency: m4 >= 1.4.14 for package: autoconf-2.69-11.el7.noarch
--> Processing Dependency: perl(warnings) for package: autoconf-2.69-11.el7.noarch # 或者 [root@linuxidc.com yum.repos.d]# yum install tree
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
Resolving Dependencies
--> Running transaction check
---> Package tree.x86_64 0:1.6.0-10.el7 will be installed
--> Finished Dependency Resolution # 3.1.2 自定义YUM源 [root@linuxidc.com yum.repos.d]# yum -y install createrepo # 准备rpm包 # (需要自己确定依赖包)、目录。这里使用tree做演示。 [root@linuxidc.com ~]# mkdir -p /yum/yum-custom/packages
[root@linuxidc.com ~]# cp tree-1.6.0-10.el7.x86_64.rpm /yum/yum-custom/packages/ # 创建repo [root@linuxidc.com ~]# createrepo -u -d /yum/yum-custom/
Spawning worker 0 with 1 pkgs
Spawning worker 1 with 0 pkgs
Workers Finished
Saving Primary metadata
Saving file lists metadata
Saving other metadata
Generating sqlite DBs
Sqlite DBs complete
[root@linuxidc.com ~]# ll /yum/yum-custom/
total 4
drwxr-xr-x. 2 root root 41 Dec 20 07:03 packages
drwxr-xr-x. 2 root root 4096 Dec 20 07:08 repodata
[root@linuxidc.com ~]# # 配置自定义repo [root@linuxidc.com ~]# vi /etc/yum.repos.d/CentOS-Media.repo # 填入如下内容 [c7-media]
name=CentOS-$releasever - Media
baseurl=file:///yum/yum-custom/
gpgcheck=0
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 # 制作cache [root@linuxidc.com ~]# yum clean all
Loaded plugins: fastestmirror
Cleaning repos: c7-media
Cleaning up everything
Cleaning up list of fastest mirrors
[root@linuxidc.com ~]#
[root@linuxidc.com ~]# yum makecache
Loaded plugins: fastestmirror
c7-media | 3.0 kB 00:00:00
(1/3): c7-media/filelists_db | 880 B 00:00:00
(2/3): c7-media/primary_db | 1.8 kB 00:00:00
(3/3): c7-media/other_db | 1.3 kB 00:00:00
Determining fastest mirrors
Metadata Cache Created
[root@linuxidc.com ~]# # 使用自定义repo [root@linuxidc.com ~]# yum install tree
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
Resolving Dependencies
--> Running transaction check
---> Package tree.x86_64 0:1.6.0-10.el7 will be installed
--> Finished Dependency Resolution # 3.2 局域网YUM源 # 局域网YUM源可以配成:本地YUM源 + FTP服务器 # 这里使用自定义源yum-custom(见上面) + VSFTP演示。 # 下载vsftpd [root@linuxidc.com ~]# yum -y install vsftpd # 配置vsftpd # 编辑vsftp.conf [root@linuxidc.com ~]# vi /etc/vsftpd/vsftpd.conf # 并增加匿名用户root目录(默认已经启用匿名访问) anon_root=/yum/ # 注意目录权限如下 [root@linuxidc.com ~]# ll -a /yum/
total 8
drwxr-xr-x. 4 root root 37 Dec 20 07:37 .
dr-xr-xr-x. 18 root root 4096 Dec 20 06:32 ..
drwxr-xr-x. 4 root root 36 Dec 20 07:08 yum-custom
dr-xr-xr-x. 8 root root 4096 Dec 10 2015 yum-iso # 关闭selinux # 临时 [root@linuxidc.com ~]# setenforce 0 # 或者,永久: # 编辑config [root@linuxidc.com ~]# vi /etc/selinux/config # 设置 SELINUX=disabled # 重启 [root@linuxidc.com ~]# reboot # 启用vsftp [root@linuxidc.com ~]# systemctl start vsftpd
[root@linuxidc.com ~]# systemctl enable vsftpd
Created symlink from /etc/systemd/system/multi-user.target.wants/vsftpd.service to /usr/lib/systemd/system/vsftpd.service.
[root@linuxidc.com ~]# # 局域网使用 # 局域网另外一台机器min-client, # 配置repo # 编辑repo [root@min-client ~]# vim /etc/yum.repos.d/CentOS-Media.repo # 内容如下 [c7-media]
name=CentOS-$releasever - Media
baseurl=ftp://192.168.118.133/yum-custom
gpgcheck=0
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 # 其中192.168.118.133为上面vsftp服务器地址 # 启用这个局域网的repo [root@min-client ~]# yum clean all
Loaded plugins: fastestmirror
Cleaning repos: c7-media
Cleaning up everything
[root@min-client ~]# yum makecache
Loaded plugins: fastestmirror
c7-media | 3.0 kB 00:00
(1/3): c7-media/filelists_db | 880 B 00:00
(2/3): c7-media/other_db | 1.3 kB 00:00
(3/3): c7-media/primary_db | 1.8 kB 00:00
Determining fastest mirrors
Metadata Cache Created
[root@min-client ~]# # 使用 [root@linuxidc.com ~]# yum -y install tree
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
Resolving Dependencies
--> Running transaction check
---> Package tree.x86_64 0:1.6.0-10.el7 will be installed
--> Finished Dependency Resolution
#
# 目前差不多这些就够用了。以后有时间把163的YUM源爬下来,当本地源用。

linux下yum命令出现Loaded plugins: fastestmirror

# yum install的时候提示:Loaded plugins: fastestmirrorfastestmirror是yum的一个加速插件,这里是插件提示信息是插件不能用了。不能用就先别用呗,禁用掉,先yum了再说。1.修改插件的配置文件# vi  /etc/yum/pluginconf.d/fastestmirror.conf   enabled = 1//由1改为0,禁用该插件
...............................
#2.修改yum的配置文件
# vi /etc/yum.conf
........................
.plugins=1//改为0,不使用插件
........................

2.3 配置MTA-postfix

2.3.1安装postfix

# yum install postfix

# rpm -e sendmail

2.3.2配置postfix

# postconf -n > /etc/postfix/main2.cf

# mv
/etc/postfix/main.cf/etc/postfix/main.cf.old

# mv
/etc/postfix/main2.cf/etc/postfix/main.cf

# vi /etc/postfix/main.cf(编辑main.cf文件,将文件中标红的字体替换成自己的域名)

增加如下内容,最后保存退出:

# hostname

mynetworks = 127.0.0.1

myhostname = (mail.extmail.orgàmail.test.com)

mydestination = $mynetworks $myhostname

# banner

mail_name = Postfix - by (extmail.orgàtest.com)

smtpd_banner = $myhostname ESMTP $mail_name

# response immediately

smtpd_error_sleep_time = 0s

# Message and return code control

message_size_limit = 5242880

mailbox_size_limit = 5242880

show_user_unknown_table_name = no

# Queue lifetime control

bounce_queue_lifetime = 1d

maximal_queue_lifetime = 1d

设置postfix启动及开机自启:

#service postfix restart

#chkconfig postfix on

2.4 配置Courier-Authlib

2.4.1安装Courier-Authlib

# yum install courier-authlib

# yum install courier-authlib-mysql

2.4.2配置Courier-Authlib

# vi /etc/authlib/authmysqlrc

并将其内容清空,然后增加如下内容,最后保存退出:

MYSQL_SERVER            localhost

MYSQL_USERNAME          extmail

MYSQL_PASSWORD          extmail

MYSQL_SOCKET            /var/lib/mysql/mysql.sock

MYSQL_PORT              3306

MYSQL_OPT               0

MYSQL_DATABASE          extmail

MYSQL_USER_TABLE        mailbox

MYSQL_CRYPT_PWFIELD     password

MYSQL_UID_FIELD         uidnumber

MYSQL_GID_FIELD         gidnumber

MYSQL_LOGIN_FIELD       username

MYSQL_HOME_FIELD        homedir

MYSQL_NAME_FIELD        name

MYSQL_MAILDIR_FIELD     maildir

MYSQL_QUOTA_FIELD       quota

MYSQL_SELECT_CLAUSE     SELECTusername,password,"",uidnumber,gidnumber,\

CONCAT('/home/domains/',homedir),               \

CONCAT('/home/domains/',maildir),               \

quota,                           \                     name                                     \

FROM mailbox                                \

WHERE username ='$(local_part)@$(domain)'

# vi /etc/authlib/authdaemonrc

修改如下内容:

authmodulelist="authmysql"

authmodulelistorig="authmysql"

启动courier-authlib:

# service courier-authlib start

如一切正常,命令行将返回如下信息:

Starting Courier authentication
services:authdaemond

修改authdaemon socket目录权限,如果该目录权限不正确修改,maildrop及postfix等将无法正确获取用户的信息及密码认证:

# chmod 755 /var/spool/authdaemon/

2.5 配置Maildrop

2.5.1安装Maildrop

# yum install maildrop

2.5.2配置Maildrop

配置master.cf 为了使Postfix支持Maildrop,必须修改/etc/postfix/master.cf文件,注释掉maildrop中和图例1结构类似的配置内容,将该语句添加到maildrop配置文件中,注意:flags前面有“两个空格”。Linux extmail的邮件服务器搭建

配置main.cf,由于maildrop不支持一次接收多个收件人,因此必须在main.cf里增加如下参数:

maildrop_destination_recipient_limit = 1

2.5.3测试maildrop对authlib支持

# maildrop –v

看是否出现以下内容:

maildrop 2.1.0 Copyright 1998-2005 DoublePrecision,
Inc.

GDBM/DB extensions enabled.

Courier Authentication Library
extensionenabled.

Maildir quota extension enabled.

This program is distributed under the termsof the GNU
General Public

License. See COPYING for
additionalinformation.

注意事项:

1、如需重新编译Maildrop软件包,必须先获得其源码rpm包,并且必须先行安装courier-authlib及其devel软件包,否则编译后的maildrop将无法打开authlib支持。

2、maildrop
RPM包安装时,会自动创建vuser用户及vgroup用户组,专门用于邮件的存储,vuser:vgroup的uid/gid都是1000,这与一般的邮件文档中提及用postfix用户存邮件不一样。因为postfix用户的uid一般都低于500,而Suexec模块编译时对UID/GID的要求是要大于500,因此使用postfix用户不能满足要求。其次,如果用Maildrop作为投递代理(MDA),以postfix身份投递的话,会导致postfix
MTA错误。

2.6 配置Apache

# vi /etc/httpd/conf/httpd.conf

在最后一行加上:

NameVirtualHost *:80

Include conf/vhost_*.conf

# vi /etc/httpd/conf/vhost_extmail.conf

里面定义虚拟主机的相关内容(将文件中标红的字体替换成自己的域名):

# VirtualHost for ExtMail Solution

<VirtualHost *:80>

ServerName (mail.extmail.orgàmail.test.com)

DocumentRoot/var/www/extsuite/extmail/html/

ScriptAlias
/extmail/cgi//var/www/extsuite/extmail/cgi/

Alias
/extmail/var/www/extsuite/extmail/html/

ScriptAlias
/extman/cgi//var/www/extsuite/extman/cgi/

Alias /extman /var/www/extsuite/extman/html/

# Suexec config

SuexecUserGroup vuser vgroup

</VirtualHost>

设置apache重启及开机自启

#service httpd restart

# chkconfig httpd on

2.7 配置Webmail-ExtMail

2.7.1安装ExtMail

# yum install extsuite-webmail

2.7.2编辑webmail.cf

# cd /var/www/extsuite/extmail

# cp webmail.cf.default webmail.cf

# vi webmail.cf

主要变动的内容见下:

SYS_MYSQL_USER = extmail

SYS_MYSQL_PASS = extmail

SYS_MYSQL_DB = extmail

更新cgi目录权限由于SuEXEC的需要,必须将extmail的cgi目录修改成vuser:vgroup权限:

# chown -R
vuser:vgroup/var/www/extsuite/extmail/cgi/

2.8 配置管理后台-ExtMan

2.8.1yum安装ExtMan

# yum install extsuite-webman

更新cgi目录权限由于SuEXEC的需要,必须将extman的cgi目录修改成vuser:vgroup权限:

# chown -R
vuser:vgroup/var/www/extsuite/extman/cgi/

链接基本库到Extmail

# mkdir /tmp/extman

# chown -R vuser:vgroup /tmp/extman

2.8.2数据库初始化

启动Mysql且开机自启动

# service mysqld start

# chkconfig mysqld on

导入mysql数据库结构及初始化数据,root密码默认为空

# mysql -u root -p
</var/www/extsuite/extman/docs/extmail.sql

# mysql -u root -p
</var/www/extsuite/extman/docs/init.sql

备注1:上述导入初始化SQL时,默认的uidnumber/gidnumber都是1000,这和vuser:vgroup 的uid/gid一致,是因为maildrop投递时会从数据库里取uidnumber/gidnumber,而在master.cf里已经定义好了投递时的运行身份(vuser:vgroup),所以这两个字段的内容必须为1000,否则将出现投递错误,例如报0x06等错误。

注意:由于公网上的文档资料是以mail.extmail.org为域名,所以需要将数据库中的所有extmail.org替换成自己本地的域名(test.com),可以用linux下的Vi编辑器打开数据库文件,该文件的位置是/var/www/extsuite/extman/docs。然后依次打开init.sql和extmail.sql将所有的extmail.org替换成test.com。如图例2所示已经替换完成。最后使用update命令将数据库extmail中的所有表数据记录均完成extmail.org到test.com的替换。

Linux extmail的邮件服务器搭建

2.8.3设置虚拟域和虚拟用户的配置文件

# cd /var/www/extsuite/extman/docs

# cp
mysql_virtual_alias_maps.cf/etc/postfix/

# cp
mysql_virtual_domains_maps.cf/etc/postfix/

# cp
mysql_virtual_mailbox_maps.cf/etc/postfix/

# cp
mysql_virtual_sender_maps.cf/etc/postfix/

# vi /etc/postfix/main.cf

增加以下内容:

# extmail config here

virtual_alias_maps
=mysql:/etc/postfix/mysql_virtual_alias_maps.cf

virtual_mailbox_domains
=mysql:/etc/postfix/mysql_virtual_domains_maps.cf

virtual_mailbox_maps
=mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf

virtual_transport = maildrop:

# service postfix restart

2.8.4测试authlib

# cd /var/www/extsuite/extman/tools

#
./maildirmake.pl/home/domains/extmail.org/postmaster/Maildir

# chown -R
vuser:vgroup/home/domains/extmail.org

# /usr/sbin/authtest -s login postmaster@(extmail.org-->test.com) extmail

结果如下:

Authentication succeeded.

Authenticated:
postmaster@test.com (uid 1000, gid 1000)

Home Directory:
/home/domains/test.com/postmaster

Maildir:
/home/domains/test.com/postmaster/Maildir/

Quota:
104857600S

Encrypted
Password:$1$phz1mRrj$3ok6BjeaoJYWDBsEPZb5C0

Cleartext Password: extmail

Options:
(none)

这样表明ExtMan的正确安装,数据库也正确导入,courier-authlib能正确连接到mysql数据库

最后访问http://mail.test.com/extmail/,如无意外,将看到webmail的登陆页,不过此时还没有加正式的用户,所以不能登陆,包括postmaster@test.com也不行。必须要登陆到http://mail.test.com/extman/ 里增加一个新帐户才能登陆。

ExtMan的默认超级管理员帐户:root@test.com,初始密码:extmail*123*,登陆成功后,建议将密码修改,以确保安全。

2.8.5配置图形化日志

启动mailgraph_ext

#
/usr/local/mailgraph_ext/mailgraph-initstart

启动cmdserver(在后台显示系统信息)

#
/var/www/extsuite/extman/daemon/cmdserver–daemon

加入开机自启动:

# echo"/usr/local/mailgraph_ext/mailgraph-init start"
>>/etc/rc.d/rc.local

# echo"/var/www/extsuite/extman/daemon/cmdserver -v -d"
>>/etc/rc.d/rc.local

用方法:等待大约15分钟左右,如果邮件系统有一定的流量,即可登陆到extman里,点“图形日志”即可看到图形化的日志。具体每天,周,月,年的则点击相应的图片进入即可。

添加定时任务:

# crontab –e

Linux extmail的邮件服务器搭建

2.9 配置Cyrus-SASL

2.9.1安装cyrus-sasl

删除系统的cyrus-sasl:

# rpm -e cyrus-sasl –nodeps

安装新的支持authdaemon的软件包

# yum install cyrus-sasl

2.9.2配置main.cf文件

Postfix的SMTP认证需要透过Cyrus-SASL,连接到authdaemon获取认证信息。

# vi /etc/postfix/main.cf

增加如下内容:

# smtpd related config

smtpd_recipient_restrictions =

permit_mynetworks,

permit_sasl_authenticated,

reject_non_fqdn_hostname,

reject_non_fqdn_sender,

reject_non_fqdn_recipient,

reject_unauth_destination,

reject_unauth_pipelining,

reject_invalid_hostname,

# SMTP sender login matching config

smtpd_sender_restrictions =

permit_mynetworks,

reject_sender_login_mismatch,

reject_authenticated_sender_login_mismatch,

reject_unauthenticated_sender_login_mismatch

smtpd_sender_login_maps =

mysql:/etc/postfix/mysql_virtual_sender_maps.cf,

mysql:/etc/postfix/mysql_virtual_alias_maps.cf

# SMTP AUTH config here

broken_sasl_auth_clients = yes

smtpd_sasl_auth_enable = yes

smtpd_sasl_local_domain = $myhostname

smtpd_sasl_security_options = noanonymous

2.9.3编辑smtpd.conf文件

# vi /usr/lib/sasl2/smtpd.conf

确保其内容为:

pwcheck_method: authdaemond

log_level: 3

mech_list: PLAIN LOGIN

authdaemond_path:/var/spool/authdaemon/socket

重新启动postfix:

# service postfix start

2.9.4测试SMTP认证

通过以下命令获得postmaster@test.com的用户名及密码的BASE64编码:

# perl -e 'use MIME::Base64; print
encode_base64("postmaster\@test.com")'

内容如下结构:

cG9zdG1hc3RlckBleHRtYWlsLm9yZw==

# perl -e 'use MIME::Base64;
printencode_base64("extmail")'

内容如下结构:

ZXh0bWFpbA==

# telnet localhost 25(需要本机安装telnet软件包)

过程如下:

Trying 127.0.0.1...

Connected to
localhost.localdomain(127.0.0.1).

Escape character is '^]'.

220 mail.test.com ESMTP Postfix - by
test.com

ehlo demo.domain.tld     << 输入内容

250-mail.test.com

250-PIPELINING

250-SIZE 10240000

250-VRFY

250-ETRN

250-AUTH LOGIN PLAIN

250-AUTH=LOGIN PLAIN

250-ENHANCEDSTATUSCODES

250-8BITMIME

250 DSN

auth login     << 输入内容

334 VXNlcm5hbWU6

cG9zdG1hc3RlckBleHRtYWlsLm9yZw==     << 输入内容(通过per命令获取的用户名)

334 UGFzc3dvcmQ6

ZXh0bWFpbA==     << 输入内容(通过per命令获取的用户名密码)

235 2.0.0 Authentication successful

quit    << 输入内容

221 2.0.0 Bye

最后出现235
Authentication Successful 表明认证成功了。

2.10 配置Courier-IMAP

2.10.1安装Courier-imap

默认的courier-authlib及courier-imap都会增加系统自启动设置,因此下一次服务器启动将自动启动相应的authlib及POP3服务

# yum install courier-imap

由于Courier-imap的IMAP目录是按UTF-7编码的,ExtMail目前还没有正式支持IMAP目录,因此需要屏蔽IMAP,只提供pop3服务。

# vi /usr/lib/courier-imap/etc/imapd

修改内容如下:

IMAPDSTART=NO

# vi /usr/lib/courier-imap/etc/imapd-ssl

修改内容如下:

IMAPDSSLSTART=NO

然后重新启动courier-imap:

# service courier-imap start

2.10.2测试POP3工作是否正常

测试POP3 请按如下步骤输入pop3命令测试其是否正常工作,注意蓝色的信息是我们输入到POP3服务器的(请首先登录extman自行建立test@test.com用户,密码:123qaz!)

# telnet localhost 110

其过程如下:

Trying 127.0.0.1...

Connected to
localhost.localdomain(127.0.0.1).

Escape character is '^]'.

+OK Hello there.

user test@test.com     << 输入内容

+OK Password required.

pass 123qaz!     << 输入内容

+OK logged in.

list    << 输入内容

+OK POP3 clients that break here, theyviolate
STD53.

.

quit    << 输入内容

+OK Bye-bye.

Connection closed by foreign host.

出现以上内容说明配置正确。

三、注意事项

以上手册内容的结构体系引自http://wiki.extmail.org/extmail_solution_for_centos-5,但由于官网编写较粗略,其中个别细节问题需要注意。

  • 在2.9.4测试SMTP认证时会出现错误,通过查看错误信息/var/log/messages,执行#cp
    -f /usr/lib/sasl2/smtpd.conf
    /usr/lib64/sasl2/             #/etc/init.d/saslauthd restart完成以上两步操作之后就可以成功通过SMTP测试。

  • 在2.10.2测试POP3工作是否正常之前需要提前在mail.test.com/extman后台管理端添加用户,否则会出现错误。

上一篇:基于SIM 卡卡基不同制作工艺的研究


下一篇:java主线程捕获子线程中的异常