大纲
一、mail部署说明
二、安装准备
三、LMAP环境配置
四、配置postfixadmin
五、配置postfix
六、配置dovecot
七、测试SMTP和POP3服务
八、配置Roundcubemail
一、mail部署说明
- 操作系统:Linux(CentOS6.5)
- 本例采用的是LAMP+Postfix+Dovcot+PostfixAdmin+Roundcubemail搭建的邮件服务器。阅读本例请先参考:【Mail】邮件的基础知识和原理。
LAMP一种软件环境,Postfix:一种邮件传输代理软件,通常用来发送邮件;Dovcot:邮件检索代理软件,通常用来接收邮件;PostfixAdmin:是一个基于Web的 Postfix 邮件发送服务器的管理工具;Roundcubemail:采用PHP+Ajax开发并且需要MySQL数据库来存储数据的email客户端。 - 邮件发送和接收流程如下图:
发送流程:客户端Mail Client发出邮件 ——> Postfix接收,通过Dovecot进行认证(查询数据库是否存在用户) ——> Dovecot把邮件存放在本地 (Mail Dir)
接收流程:客户端WebMail发出获取邮件请求 ——> Dovecot接收请求,验证用户(查询数据库是否存在用户)——> Dovecot把邮件从本地拿出,交给客户端。
二、安装准备
- 添加DNS解析记录
- 先添加 A 记录 mail.yourdomain.com 解析为你的邮件服务器IP
- 再添加 MX 记录指向 mail.yourdomain.com
- 关闭防火墙与SELinux
- 关闭防火墙命令:service iptables stop
- 关闭SELinux命令:vim /etc/selinux/config
- 配置hostname
- 修改主机名命令:vim /etc/sysconfig/network
- 修改主机名命令:vim /etc/sysconfig/network
- 配置软件源
- 配置好yun,保证云能正常安装软件
-
创建一个vmail用户,用作管理虚拟邮箱的文件夹
useradd-u 2000 -d/var/vmail-m -s/sbin/nologinvmail
三、LMAP环境配置
- LAMP环境配置请参照:【Linux】LAMP环境的搭建;本例的环境:
- 并安装好phpMyAdmin,参照:【Mysql】phpMyAdmin安装与配置。
四、配置postfixadmin
- 下载postfixadmin,地址:https://sourceforge.net/projects/postfixadmin/,本例使用的是postfixadmin-2.93.tar.gz。
- 解压到apache的网页目录(/var/www/html/)并修改文件名:
[root@mail ~]# tar xf postfixadmin-2.93.tar.gz -C /var/www/html/
[root@mail ~]# cd /var/www/html/
[root@mail html]# ls
index.php postfixadmin-2.93
[root@mail html]# mv postfixadmin-2.93 postfixadmin
[root@mail html]# ls
index.php postfixadmin
[root@mail html]# - 配置并测试
[root@mail html]# cd postfixadmin/
#修改前先备份一下配置文件
[root@mail postfixadmin]# cp config.inc.php config.inc.php.bak
[root@mail postfixadmin]# cp setup.php setup.php.bak
[root@mail postfixadmin]# vim config.inc.php
#找到下面几行并修改
$CONF['configured'] = true;
$CONF['database_type'] = 'mysql';
$CONF['database_host'] = 'localhost';
$CONF['database_user'] = 'postfix';
$CONF['database_password'] = 'postfix';
$CONF['database_name'] = 'postfix';
$CONF['admin_email'] = 'postmaster@free.com';
$CONF['encrypt'] = 'dovecot:CRAM-MD5';
$CONF['dovecotpw'] = "/usr/bin/doveadm pw";
$CONF['domain_path'] = 'YES';
$CONF['domain_in_mailbox'] = 'NO';
$CONF['aliases'] = '1000';
$CONF['mailboxes'] = '1000';
$CONF['maxquota'] = '1000';
$CONF['fetchmail'] = 'NO';
$CONF['quota'] = 'YES';
$CONF['used_quotas'] = 'YES';
$CONF['new_quota_table'] = 'YES'; - 为postfixadmin创建Mysql数据库与权限记录
- 启动数据库,进入数据库
- 创建postfix数据库,并创建postfix用户且授权
1 mysql> create database postfix;
2 mysql> grant all on postfix.* to postfix@'localhost' identified by 'postfix';
3 mysql> flush privileges; - 测试postfix能否登录成功。
1 [root@mail html]# mysql -u postfix -p
2 Enter password:
3 Welcome to the MySQL monitor. Commands end with ; or \g.
4 Your MySQL connection id is 53806
5 Server version: 5.6.31 MySQL Community Server (GPL)
6
7 Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
8
9 Oracle is a registered trademark of Oracle Corporation and/or its
10 affiliates. Other names may be trademarks of their respective
11 owners.
12
13 Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
14
15 mysql> show databases;
16 +--------------------+
17 | Database |
18 +--------------------+
19 | information_schema |
20 | postfix |
21 | test |
22 +--------------------+
23 3 rows in set (0.00 sec)
24 mysql> use postfix
25 Database changed
26 mysql>
- postfixadmin具体配置流程
- 启动apache,由浏览器进入postfix项目的设置界面,地址:http://ip:端口/postfixadmin/setup.php
注:检查PHP环境,并初始化数据库 - 可以看出上面步骤在跟新了数据库postfix
- 创建设置密码,修改配置文件的设置密码
点击生成hash码秘钥(Generate password hash)。 - 刷新界面,设置超级管理员账号
- 点击新增,应该会出现错误,说没有dovecotpw,是因为我们还没安装dovecot。
- 这里先来安装一下dovecot,后面再进行配置!
[root@mail postfixadmin]# yum install -y dovecot dovecot-devel dovecot-mysql
[root@mail postfixadmin]# chkconfig dovecot on #加入开机自启动
[root@mail postfixadmin]# chkconfig dovecot --list
dovecot 0:关闭 1:关闭 2:启用 3:启用 4:启用 5:启用 6:关闭
[root@mail postfixadmin]# - 再来设置一下管理员的账户与密码
- 进入postfixadmin登入界面,地址:http://ip:端口/postfixadmin/login.php,输入管理员账号和密码登录
- 启动apache,由浏览器进入postfix项目的设置界面,地址:http://ip:端口/postfixadmin/setup.php
- postfxiadmin不能自动创建目录,得增加自动建立目录的功能
- 建立创建虚拟邮箱脚本,脚本名称 /usr/local/bin/maildir-creation.sh,脚本内容如下:
注:邮件文件就保存在HOME_DIR(及/var/vamai)中,自己可以下载查看[root@mail ~]#vim /usr/local/bin/maildir-creation.sh
#!/bin/bash
#
HOME_DIR="/var/vmail"
USER_NAME="vmail"
GROUP_NAME="vmail"
if [ ! -d ${HOME_DIR}/$1 ] ; then
mkdir ${HOME_DIR}/$1
chown -R ${USER_NAME}.${GROUP_NAME} ${HOME_DIR}/$1
fi
mkdir ${HOME_DIR}/$1/$2
chown -R ${USER_NAME}.${GROUP_NAME} ${HOME_DIR}/$1/$2 - 建立删除虚拟邮箱脚本,脚本名称 /usr/local/bin/maildir-deletion.sh ,脚本内容如下:
[root@mail ~]#vim /usr/local/bin/maildir-deletion.sh
#!/bin/bash
#
# vmta ALL = NOPASSWD: /usr/local/bin/maildir-deletion.sh
#
if [ $# -ne 2 ] ; then
exit 127
fi
DOMAIN="$1"
USER="$2"
HOME_DIR="/var/vmail"
USER_DIR="${HOME_DIR}/${DOMAIN}/${USER}"
TRASH_DIR="${HOME_DIR}/deleted-maildirs"
DATE=`date "+%Y%m%d_%H%M%S"`
if [ ! -d "${TRASH_DIR}/${DOMAIN}" ] ; then
mkdir -p "${TRASH_DIR}/${DOMAIN}"
fi
if [ -d "${USER_DIR}" ] ; then
mv ${USER_DIR} ${TRASH_DIR}/${DOMAIN}/${USER}-${DATE}
fi
- 建立创建虚拟邮箱脚本,脚本名称 /usr/local/bin/maildir-creation.sh,脚本内容如下:
- 建立删除目录
1 [root@mail ~]# mkdir /var/vmail/deleted-maildirs
2 [root@mail ~]# chown -R vmail.vmail /var/vmail/deleted-maildirs/ - 赋予脚本可执行权限
[root@mail ~]# chmod 750 /usr/local/bin/maildir-*
[root@mail ~]# chown vmail.vmail /usr/local/bin/maildir-* - 配置sudo
[root@mail ~]#vim /etc/sudoers
#在 /etc/sudoers 最后增加两行
vmail ALL = NOPASSWD: /usr/local/bin/maildir-creation.sh
vmail ALL = NOPASSWD: /usr/local/bin/maildir-deletion.sh
#在/etc/sudoers 注释掉下面内容
#Defaults requiretty
:wq! #由于这个文件是只读的,所以得强制保存并退出 - 修改postfixadmin的相关文件
[root@mail ~]# cd /var/www/html/postfixadmin/
[root@mail postfixadmin]# vim create-mailbox.php
修改create-mailbox.php 文件,229行内容应该是:
db_log ($SESSID_USERNAME, $fDomain, 'create_mailbox', "$fUsername");
在该行前面增加下面一行,
system("sudo /usr/local/bin/maildir-creation.sh $fDomain ".$_POST['fUsername']);
[root@mail postfixadmin]# vim delete.php
修改delete.php 文件,146行内容应该是,
db_log ($SESSID_USERNAME, $fDomain, 'delete_mailbox', $fDelete);
在该行下面增加下面4行,
$userarray=explode("@",$fDelete);
$user=$userarray[0];
$domain=$userarray[1];
system("sudo /usr/local/bin/maildir-deletion.sh $domain $user");------------------------------至此postfixadmin配置全部完成---------------------------
五、配置Postfix
注:Postfix用CentOS6.5系统自带的,因为CentOS6.5里面的postfix包已经支持mysql
- 查看postfix版本
[root@mail deleted-maildirs]# rpm -qa | grep postfix
postfix-2.6.6-6.el6_7.1.x86_64 - 修改postfix的配置文件
[root@mail ~]# vim /etc/postfix/main.cf
#基本配置
myhostname = mail.yourdomain.com
mydomain = yourdomain.com
myorigin = $mydomain
inet_interfaces = all
mynetworks_style = host
mynetworks = 192.168.18/24, 127.0.0.0/8
#虚拟域名配置
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
# Additional for quota support
virtual_create_maildirsize = yes
virtual_mailbox_extended = yes
virtual_mailbox_limit_maps = mysql:/etc/postfix/mysql_virtual_mailbox_limit_maps.cf
virtual_mailbox_limit_override = yes
virtual_maildir_limit_message = Sorry, this user has exceeded their disk space quota, please try again later.
virtual_overquota_bounce = yes
#Specify the user/group that owns the mail folders. I'm not sure if this is strictly necessary when using Dovecot's LDA.
virtual_uid_maps = static:2000
virtual_gid_maps = static:2000
#Specifies which tables proxymap can read: http://www.postfix.org/postconf.5.html#proxy_read_maps
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps
[root@mail ~]# postconf #检查配置文件是否有错误 - 创建Mysql脚本
- 创建/etc/postfix/mysql_virtual_domains_maps.cf文件
[root@mail ~]# vim /etc/postfix/mysql_virtual_domains_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
query = SELECT domain FROM domain WHERE domain='%s' AND active = '1'
#optional query to use when relaying for backup MX
#query = SELECT domain FROM domain WHERE domain='%s' AND backupmx = '0' AND active = '1' - 创建/etc/postfix/mysql_virtual_alias_maps.cf文件
[root@mail ~]# vim /etc/postfix/mysql_virtual_alias_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
query = SELECT goto FROM alias WHERE address='%s' AND active = '1' - 创建/etc/postfix/mysql_virtual_mailbox_maps.cf文件
[root@mail ~]# vim /etc/postfix/mysql_virtual_mailbox_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
query = SELECT CONCAT(domain,'/',maildir) FROM mailbox WHERE username='%s' AND active = '1' - 创建/etc/postfix/mysql_virtual_mailbox_limit_maps.cf文件
[root@mail ~]# vim /etc/postfix/mysql_virtual_mailbox_limit_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
query = SELECT quota FROM mailbox WHERE username='%s' AND active = '1'
- 创建/etc/postfix/mysql_virtual_domains_maps.cf文件
- SMTP 认证设定
SMTP(Simple Mail Transfer Protocol)即简单邮件传输协议,它是一组用于由源地址到目的地址传送邮件的规则,由它来控制信件的中转方式- 查看postfix支持的认证,默认支持dovecot
[root@mail ~]# postconf -a
cyrus
dovecot- 修改/etc/postfix/main.cf配置文件
[root@mail ~]#vim /etc/postfix/main.cf
#SASL SUPPORT FOR CLIENTS
# Turns on sasl authorization
smtpd_sasl_auth_enable = yes
#Use dovecot for authentication
smtpd_sasl_type = dovecot
# Path to UNIX socket for SASL
smtpd_sasl_path = /var/run/dovecot/auth-client
#Disable anonymous login. We don't want to run an open relay for spammers.
smtpd_sasl_security_options = noanonymous
#Adds support for email software that doesn't follow RFC 4954.
#This includes most versions of Microsoft Outlook before 2007.
broken_sasl_auth_clients = yes
#
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination
- 使用Dovecot做为投递
[root@mail ~]# vim /etc/postfix/main.cf
# TRANSPORT MAP
virtual_transport = dovecot
dovecot_destination_recipient_limit = 1
#修改master.cf文件
[root@mail ~]# vim /etc/postfix/master.cf
#在最后增加这两行,注意flags前面有两个空格,不然会报错
dovecot unix - n n - - pipe,
flags=DRhu user=vmail:vmail argv=/usr/libexec/dovecot/dovecot-lda -f ${sender} -d ${recipient}------------------------------至此postfix配置全部完成---------------------------
六、配置Dovecot
- 前面已经安装了dovecot,现在配置dovecot的配置文件
- 修改/etc/dovecot/dovecot.conf #主配置文件
[root@mail ~]# vim /etc/dovecot/dovecot.conf
protocols = imap pop3
listen = *
dict {
quota = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext
}
!include conf.d/*.conf - 修改/etc/dovecot/conf.d/10-auth.conf
[root@mail ~]# vim /etc/dovecot/conf.d/10-auth.conf
disable_plaintext_auth = no
auth_mechanisms = plain login cram-md5
!include auth-sql.conf.ext - 修改/etc/dovecot/conf.d/10-mail.conf
[root@mail ~]# vim /etc/dovecot/conf.d/10-mail.conf
mail_location = maildir:%hMaildir
mbox_write_locks = fcntl - 修改/etc/dovecot/conf.d/10-master.conf
[root@mail ~]# vim /etc/dovecot/conf.d/10-master.conf
service imap-login {
inet_listener imap {
}
inet_listener imaps {
}
}
service pop3-login {
inet_listener pop3 {
}
inet_listener pop3s {
}
}
service lmtp {
unix_listener lmtp {
}
}
service imap {
}
service pop3 {
}
service auth {
unix_listener auth-userdb {
mode = 0600
user = vmail
group = vmail
}
#新加下面一段,为smtp做认证
unix_listener auth-client {
mode = 0600
user = postfix
group = postfix
}
}
service auth-worker {
}
service dict {
unix_listener dict {
mode = 0600
user = vmail
group = vmail
}
} - 修改/etc/dovecot/conf.d/15-lda.conf
[root@mail ~]# vim /etc/dovecot/conf.d/15-lda.conf
protocol lda {
mail_plugins = quota
postmaster_address = postmaster@free.com #管理员邮箱
} - 修改/etc/dovecot/conf.d/20-imap.conf
[root@mail ~]# vim /etc/dovecot/conf.d/20-imap.conf
protocol imap {
mail_plugins = quota imap_quota
} - 修改/etc/dovecot/conf.d/20-pop3.conf
[root@mail ~]# vim /etc/dovecot/conf.d/20-pop3.conf
protocol pop3 {
pop3_uidl_format = %08Xu%08Xv
mail_plugins = quota
} - 修改/etc/dovecot/conf.d/90-quota.conf
[root@mail ~]# vim /etc/dovecot/conf.d/90-quota.conf
plugin {
quota_rule = *:storage=1G
}
plugin {
}
plugin {
quota = dict:User quota::proxy::quota
}
plugin {
} - 增加/etc/dovecot/dovecot-sql.conf.ext
[root@mail ~]# vim /etc/dovecot/dovecot-sql.conf.ext
driver = mysql
connect = host=localhost dbname=postfix user=postfix password=postfix
default_pass_scheme = CRAM-MD5
user_query = SELECT CONCAT('/var/vmail/', maildir) AS home, 2000 AS uid, 2000 AS gid, CONCAT('*:bytes=', quota) as quota_rule FROM mailbox WHERE username = '%u' AND active='1'
password_query = SELECT username AS user, password, CONCAT('/var/vmail/', maildir) AS userdb_home, 2000 AS userdb_uid, 2000 AS userdb_gid, CONCAT('*:bytes=', quota) as userdb_quota_rule FROM mailbox WHERE username = '%u' AND active='1' - 增加/etc/dovecot/dovecot-dict-sql.conf.ext
[root@mail ~]# vim /etc/dovecot/dovecot-dict-sql.conf.ext
connect = host=localhost dbname=postfix user=postfix password=postfix
map {
pattern = priv/quota/storage
table = quota2
username_field = username
value_field = bytes
}
map {
pattern = priv/quota/messages
table = quota2
username_field = username
value_field = messages
}
- 修改/etc/dovecot/dovecot.conf #主配置文件
- 重新启动postfix和dovecot服务
[root@mail ~]# service postfix restart
关闭 postfix: [确定]
启动 postfix: [确定]
[root@mail ~]# service dovecot restart
停止 Dovecot Imap: [失败]
正在启动 Dovecot Imap: [确定]
------------------------------至此dovecot配置全部完成---------------------------
七、测试SMTP和POP3服务
- 登录postfixadmin,地址http://ip:端口/postfixadmin/login.php,创建虚拟域
- 创建测试邮箱
- 使用telnet 进行测试
请参照:【Mail】telnet收发邮件过程
八、配置Roundcubemail
- 下载Roundcubemail(注意下载roundcubmail版本与php版本的兼容问题,本例使用的是roundcubemail-0.9.0.tar.gz),地址:https://roundcube.net,并且解压到apache目录中
[root@mail ~]# tar -xf roundcubemail-0.9.0.tar.gz -C /var/www/html/
[root@mail ~]# cd /var/www/html/
[root@mail html]# ls
admin index.php phpmyadmin roundcubemail-0.9.0
[root@mail html]# mv roundcubemail-0.9.0 webmail
[root@mail html]# ls
admin index.php phpmyadmin webmail
[root@mail html]# - 在浏览器中访问roundcubemail的安装界面,地址:http://ip:端口/webmail/installer
- 从上面可以看出时区有问题,其他都ok。所以修改php的配置文件。
- 修改php.ini
[root@mail installer]# vim /etc/php.ini
date.timezone = Asia/Shanghai - 修改apache中PHPini的位置,并重启apache服务
[root@mail installer]# vim /etc/httpd/conf/httpd.conf
PHPIniDir "/etc/php.ini"
[root@mail installer]# service httpd restart
Stopping httpd: [ OK ]
Starting httpd: [ OK ]
[root@mail installer]#
- 修改php.ini
- 修改所有Web文件的所属者与所属组
[root@mail ~]# cd /var/www/html/
[root@mail html]# ll
total 16
drwxrwxr-x 14 1000 1010 4096 Jul 11 05:25 admin
-rw-r--r-- 1 root root 18 Jul 11 04:12 index.php
drwxr-xr-x 9 root root 4096 Jul 11 04:17 phpmyadmin
drwxr-xr-x 11 501 80 4096 Jun 16 23:10 webmail
[root@mail html]# chown -R vmail.vmail admin
[root@mail html]# chown -R vmail.vmail phpmyadmin
[root@mail html]# chown -R vmail.vmail webmail - 查看session保存位置
[root@mail html]# vim /etc/php.ini
session.save_path = "/var/lib/php/session" - 修改session文件的所属组
[root@mail html]# cd /var/lib/php/
[root@mail php]# ll
total 4
drwxrwx--- 2 root apache 4096 Feb 22 10:56 session
[root@mail php]# chown -R .vmail session/
[root@mail php]# ll
total 4
drwxrwx--- 2 root vmail 4096 Feb 22 10:56 session
[root@mail php]# - 刷新roundcubemail的安装界面,地址:http://ip:端口/webmail/installer
- 点击NEXT,进行相关配置(下面是必须配置的选项)
- 配置webmail的显示名称
- 配置Webmail数据库相关(用户名和密码都是roundcude)
- 配置IMAP
- 配置SMTP服务器
- 配置完成效果如下,(配置好的选项都被列出来了,我们得下载两个配置文件main.inc.php和db.inc.php并上传到时服务器中)
- 上传至服务器相关目录中
1 [root@mail ~]# cd /var/www/html/webmail/config/
2 [root@mail config]# ll
3 total 92
4 -rw-r--r-- 1 root root 2905 Jul 10 22:15 db.inc.php
5 -rw-r--r-- 1 vmail vmail 2893 Jun 16 23:10 db.inc.php.dist
6 -rw-r--r-- 1 root root 38438 Jul 10 22:15 main.inc.php
7 -rw-r--r-- 1 vmail vmail 38414 Jun 16 23:10 main.inc.php.dist
8 -rw-r--r-- 1 vmail vmail 2731 Jun 16 23:10 mimetypes.php
9 [root@mail config]# - 给WebMail授权
mysql> CREATE DATABASE roundcubemail;
Query OK, 1 row affected (0.00 sec)
mysql> GRANT ALL PRIVILEGES ON roundcubemail.* TO roundcubemail@localhost IDENTIFIED BY 'roundcubemail';
FLUSH PRIVILEGES;Query OK, 0 rows affected (0.01 sec)
mysql> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.00 sec)
- 配置webmail的显示名称
- 单击CONTINUE继续
- 单击初始化数据库按钮
- 初始化完成并用phpmyadmin查看数据库
- 进行WebMail测试,地址:http://ip:端口/webmail,输入在postfixadmin中新增的邮箱账号和密码。
在roundcube里面即可发送邮件也可以接收邮件,就是一个网页邮件客户端。roundcude还有丰富的插件,可以自行百度安装。------------------------------至此roundcubemail配置全部完成---------------------------