« 《Postfix权威指南》 | 首页 | Maildrop安装调试笔记 »
May 7, 2006
笔记postfix + cyrus-sasl2 + courier-authlib + Courier-IMAP + postfixadmin
postfix + cyrus-sasl2 + courier-authlib + Courier-IMAP + postfixadmin
最终修改:2006.5.10
1.安装cyrus-sasl-2.x
删除以前的rpm包以及相关目录
rpm -e --nodeps cyrus-sasl-2.1.10-4 cyrus-sasl-plain-2.1.10-4 cyrus-sasl-md5-2.1.10-4 cyrus-sasl-devel-2.1.10-4
rm -rf /usr/lib/sasl
rm -rf /usr/lib/sasl2
wget ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/cyrus-sasl-2.1.21.tar.gz
./configure
--enable-plain --enable-cram --enable-digest --enable-login --enable-sql
--disable-anon --disable-ntlm --disable-gssapi --disable-krb4 --disable-otp --disable-srp --disable-srp-setpass
-with-authdaemond=/usr/local/courier-authlib/var/spool/authdaemon/socket
--with-mysql=/usr/local/mysql --with-mysql-includes=/usr/local/mysql/include/mysql --with-mysql-
libs=/usr/local/mysql/lib/mysql
make
make install
ln -s /usr/local/lib/sasl2 /usr/lib/sasl2
增加"/usr/local/lib"到你的"/etc/ld.so.conf",并执行ldconfig命令。
vi /usr/local/lib/sasl2/smtpd.conf
pwcheck_method: authdaemond
log_level: 3
mech_list: PLAIN LOGIN
authdaemond_path:/usr/local/courier-authlib/var/spool/authdaemon/socket
注意,这个文件的编辑不要多写一个空格,否则会出现smtp验证不过的问题
2.编译postfix2.x
wget ftp://postfix.cn99.com/postfix/official/postfix-2.2.10.tar.gz
tar zvxf postfix-2.2.10.tar.gz
下载VDA补丁,使postfix支持磁盘限额
wget http://web.onda.com.br/nadal/postfix/VDA/postfix-2.2.10-vda.patch.gz
gzip -d postfix-2.2.10-vda.patch.gz
chkconfig --level 2345 sendmail off
安装postfix之前添加相关的用户&用户组
groupadd postfix -g 1000
groupadd postdrop
useradd postfix -u 1000 -g postfix -G postdrop
groupadd vmail -g 1001
useradd vmail -u 1001 -g 1001
mkdir /home/mail
chown vmail:vmail /home/mail
chmod -R 771 /home/mail
打补丁
patch -p1 < ../postfix-2.2.10-vda.patch
make tidy
make makefiles 'CCARGS=-DHAS_MYSQL -I/usr/local/mysql/include/mysql -DUSE_SASL_AUTH -I/usr/local/include/sasl' 'AUXLIBS=-
L/usr/local/mysql/lib/mysql -lmysqlclient -lm -lz -L/usr/local/lib -lsasl2'
make
make install
mv /etc/aliases /etc/aliases.old
ln -s /etc/postfix/aliases /etc/aliases
echo 'root: admin@example.com'>>/etc/postfix/aliases
/usr/bin/newaliases
touch /etc/postfix/mysql_virtual_alias_maps.cf
touch /etc/postfix/mysql_virtual_domains_maps.cf
touch /etc/postfix/mysql_virtual_mailbox_maps.cf
touch /etc/postfix/mysql_virtual_limit_maps.cf
vi /etc/postfix/main.cf
myhostname = mail.example.com # mail.example.com是安装Postfix软件的主机名
mydomain = example.com # example.com是安装Postfix软件的主机名中的域名部分
myorigin = $mydomain
mydestination =
alias_maps = hash:/etc/aliases
home_mailbox = Maildir/ # 使用Maildir作为邮件的存储格式
#=====================MySQL=====================
virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_mailbox_base = /home/mail
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_limit = 102400000
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_minimum_uid = 1001
virtual_uid_maps = static:1001
virtual_gid_maps = static:1001
virtual_transport = virtual
#"virtual_gid_maps"和"virtual_uid_maps"是postfix用户的gid和uid, "virtual_minimum_uid"应当≤"virtual_uid_maps",
"virtual_mailbox_limit"是每个邮箱的大小。
#=====================Quota=====================
virtual_create_maildirsize = yes
virtual_mailbox_extended = yes
virtual_mailbox_limit_maps = mysql:/etc/postfix/mysql_virtual_limit_maps.cf
virtual_mailbox_limit_override = yes
virtual_maildir_limit_message = Sorry, the user's maildir has overdrawn his diskspace quota, please try again later.
virtual_overquota_bounce = yes
#virtual_trash_count=yes
#virtual_trash_name=.Trash
#====================SASL======================
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_non_fqdn_hostname,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unauth_destination,
reject_unauth_pipelining,
reject_invalid_hostname
#reject_rbl_client opm.blitzed.org,
#reject_rbl_client list.dsbl.org,
#reject_rbl_client bl.spamcop.net,
#reject_rbl_client sbl-xbl.spamhaus.org
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
#=============================================
mail_owner = postfix
mailq_path = /usr/bin/mailq
manpage_directory = /usr/local/man
newaliases_path = /usr/bin/newaliases
queue_directory = /var/spool/postfix
readme_directory = no
sample_directory = /etc/postfix
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
unknown_local_recipient_reject_code = 550
编辑cf配置文件
vi /etc/postfix/mysql_virtual_alias_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
table = alias
select_field = goto
where_field = address
additional_conditions = AND active = '1'
=================================
vi /etc/postfix/mysql_virtual_domains_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
table = domain
select_field = description
where_field = domain
additional_conditions = AND active = '1'
=================================
vi /etc/postfix/mysql_virtual_mailbox_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
table = mailbox
select_field = maildir
where_field = username
additional_conditions = AND active = '1'
=================================
vi /etc/postfix/mysql_virtual_limit_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
table = mailbox
select_field = quota
where_field = username
additional_conditions = AND active = '1'
启动和挺直postfix服务
/usr/sbin/postfix start
/usr/sbin/postfix stop
3.编译courier-authlib
wget http://kent.dl.sourceforge.net/sourceforge/courier/courier-authlib-0.58.tar.bz2
tar jvxf courier-authlib-0.58.tar.bz2
./configure
--prefix=/usr/local/courier-authlib --without-stdheaderdir
--without-authuserdb --without-authpam --without-authldap --without-authpwd --without-authshadow --without-authvchkpw --without-authpgsql --without-authcustom
--with-authmysql --with-mysql-libs=/usr/local/mysql/lib/mysql --with-mysql-includes=/usr/local/mysql/include/mysql
--with-redhat
一个关键点:
如果courier-authlib安装到非标准位置(例如安装到/usr/local下),一定记得在./configure时增加--without-stdheaderdir,这样以后在编译Courier-IMAP和maildrop的时候,不用特别指定courier-authlib的库文件位置
make
make install
make install-configure
增加"/usr/local/courier-authlib/lib/courier-authlib"到你的"/etc/ld.so.conf",并执行ldconfig命令。
chmod +x /usr/local/courier-authlib/var/spool/authdaemon
vi /usr/local/courier-authlib/etc/authlib/authdaemonrc 可以不修改
authmodulelist="authmysql"
authmodulelistorig="authmysql"
daemons=10
vi /usr/local/courier-authlib/etc/authlib/authmysqlrc
MYSQL_SERVER localhost
MYSQL_USERNAME postfix
MYSQL_PASSWORD yourpassword
MYSQL_SOCKET /tmp/mysql.sock
MYSQL_DATABASE postfix
MYSQL_USER_TABLE mailbox
MYSQL_CRYPT_PWFIELD password
MYSQL_UID_FIELD 1001
MYSQL_GID_FIELD 1001
MYSQL_LOGIN_FIELD username
MYSQL_HOME_FIELD '/home/mail/' #设置postfix存储邮件的目录
MYSQL_NAME_FIELD name
MYSQL_MAILDIR_FIELD maildir
MYSQL_QUOTA_FIELD quota
MYSQL_WHERE_CLAUSE active='1'
启动courier-authlib
/usr/local/courier-authlib/sbin/authdaemond start
4.编译安装安装Courier-IMAP
wget http://surfnet.dl.sourceforge.net/sourceforge/courier/courier-imap-4.1.0.tar.bz2
tar jvxf courier-imap-4.1.0.tar.bz2
./configure --prefix=/usr/local/courier-imap --with-redhat --enable-unicode --disable-root-check --with-trashquota --without
-ipv6 CPPFLAGS='-I/usr/local/courier-authlib/include' COURIERAUTHCONFIG='/usr/local/courier-authlib/bin/courierauthconfig'
CPPFLAGS='-I/usr/local/courier-authlib/include' 如果编译courier-authlib没有安装在默认路径,必须指定这个,如果之前编译courier-authlib加了--without-stdheaderdir,就不需要指定了
make
make install
cp /usr/local/courier-imap/etc/imapd.dist /usr/local/courier-imap/etc/imapd
cp /usr/local/courier-imap/etc/imapd-ssl.dist /usr/local/courier-imap/etc/imapd-ssl
cp /usr/local/courier-imap/etc/pop3d.dist /usr/local/courier-imap/etc/pop3d
cp /usr/local/courier-imap/etc/pop3d-ssl.dist /usr/local/courier-imap/etc/pop3d-ssl
配置Courier-IMAP,为用户提供pop3服务:
vi /usr/local/courier-imap/etc/pop3d
POP3DSTART=yes
注:如果你想为用户提供IMAP服务,可以在"/usr/local/courier-imap/etc/imapd"文件中设置"IMAPDSTART=yes"。
cp courier-imap.sysvinit /etc/rc.d/init.d/imapd
chmod 755 /etc/rc.d/init.d/imapd
chkconfig --add imapd
5.编译安装postfixadmin
wget http://high5.net/postfixadmin/download.php?file=postfixadmin-2.1.0.tgz
tar -zxvf postfixadmin-2.1.0.tgz
把解压的目录改名拷贝到默认的web目录下,比如 /var/www
cd /var/www/postfixadmin
$ chmod 640 *.php *.css
$ cd /var/www/postfixadmin/admin
$ chmod 640 *.php .ht*
$ cd /var/www/postfixadmin/images/
$ chmod 640 *.gif *.png
$ cd /var/www/postfixadmin/languages/
$ chmod 640 *.lang
$ cd /var/www/postfixadmin/templates/
$ chmod 640 *.tpl
$ cd /var/www/postfixadmin/users/
$ chmod 640 *.php
导入数据库
mysql -uroot -p < DATABASE_MYSQL.TXT
访问:
http://域名/postfixadmin/
6.FAQ:
1.出现authentication error: Input/output error错误的时候
估计是查询mysql时,authdaemond出错了。具体要打开authdaemonrc里的:
DEBUG_LOGIN=2 原来默认是0
然后看看/var/log/message或/var/log/maillog 在认证失败时有什么提示。根据提示去检查问题到底出在哪儿
2.warning: SASL authentication failure: cannot connect to Courier authdaemond: Permission denied
检查 authdaemond的socket所在目录及其父目录的属性是否对smtpd可读。如果不可读则出现这个问题(permission的问题)。
3.warning: SASL authentication failure: cannot connect to Courier authdaemond: No such file or directory
检查/usr/local/lib/sasl2/smtpd.conf,看看是否有多写一个空格,一般空格很难直观的发现
由 frank 发表于 May 7, 2006 8:45 PM
本网所有文章建立在 创作公用 协议下。版权声明:可以任意转载,转载时请务必以超链接形式标明文章原始出处和作者信息及以上“创作共用”声明。
在这段:make tidy
make makefiles 'CCARGS=-DHAS_MYSQL -I/usr/local/mysql/include/mysql -DUSE_SASL_AUTH -I/usr/local/include/sasl' 'AUXLIBS=-
L/usr/local/mysql/lib/mysql -lmysqlclient -lm -lz -L/usr/local/lib -lsasl2'
用mysql二进制包时,是否是/usr/local/mysql/include和/usr/local/mysql/lib/??
另您的主机名是否是localhost,因在postfixadmin中 mysql -uroot -p < DATABASE_MYSQL.TXT 显示 错误
由 hehe 发表于 June 15, 2006 11:27 AM
我是2进制包自己编译的,路径是/usr/local/mysql所以有上面的编译参数。
至于第2个问题,跟主机名没关系,请先确认mysql是否正常启动,你先不导入数据,看看能否 mysql -uroot -p 正常访问数据库
由 frank 发表于 June 15, 2006 1:05 PM
张波您好!不知道这里留言您是否能看到.我刚刚接触LINUX,所以有些关于VSFTP的问题想请教,不知道您是否有MSN?我的是qingyuanyf@hotmail.com希望能得到您的指点.谢谢!
由 云飞 发表于 June 18, 2006 11:02 PM
你在调试SMTP认证时有没有碰到认证通不过的情况,在maillog中提示是:SQL查询不到结果,提示地址被改写成一个认证的用户名在 @前增加了缺省的域名,你是如何解决的,我的环境(centos4+mysql5.022+apache2.22+postfix2.2.10+php5.14+cyrus2.122+courier-authlib0.58+courier-imap4.11+postfixadmin2.1.0+maildrop2.02+squirrelmail1.46
由 向你学习 发表于 June 20, 2006 5:07 PM
您好!
我找了一份工作,很满意,先做初级的LINUX管理员,其实一直想学,现在好了,成了工作了,兴趣不说了,在搜资料的时候,偶然发现了你的网站,但在访问有些栏目时需要输入用户名和密码,那是旧版的吧,所以写封信想获得看技术文章的权限还有你的QQ或MSN,想跟您交流学习,谢谢。
由 TECH小兵 发表于 June 28, 2006 5:33 PM
好好既文章,但有無辦法可做測試,因為我完成但有問題。
由 Wing 发表于 July 31, 2006 8:12 AM
实际收发邮件不就测试了?
由 frank 发表于 August 6, 2006 5:06 PM
你好 ,我在编译安装 coueris-authlib 时出现一下错误
Compiling authmoduser3.c
gcc: language strconst not recognized
gcc: authmoduser3.c: linker input file unused because linking not done
mv: 不能存取 .deps/authmoduser3.Tpo
make[2]: *** [authmoduser3.lo] Error 2
make[2]: Leaving directory `/usr/local/courier-authlib'
make[1]: *** [all-recursive] Error 1
make[1]: Leaving directory `/usr/local/courier-authlib'
make: *** [all] Error 2
请问怎么解决? 感谢!
由 firemen 发表于 August 10, 2006 11:16 PM
张sir,感谢发出强帖,mysql我是参考别的贴做的,不知道是否能和贵贴做法能够吻合,不知道能否把mysql的做法也发出来呢?
另外我有个问题请教,我的apache已经配好,可以打开默认网页,但是我打不开postfixadmin,postfixadmin进行了配置,是不是需要php支持apache,才能打开postfixadmin的网页呢?望不吝赐教,谢谢
由 loukin ![[TypeKey Profile Page]](http://blog.5ilinux.com/nav-commenters.gif)
发表于 August 30, 2006 5:48 PM
Hi,从你这里获取了很多知识,我今天照着你的笔记装了一下postfix,可是到这一步的时候,因为没有这个文件进行不下去了
mysql -uroot -p < DATABASE_MYSQL.TXT
能不能发一份DATABASE_MYSQL.TXT到我的 邮箱里呢,谢谢了
由 honglidan 发表于 November 22, 2006 9:40 PM
Hi,从你这里获取了很多知识,我今天照着你的笔记装了一下postfix,可是到这一步的时候,因为没有这个文件进行不下去了
mysql -uroot -p < DATABASE_MYSQL.TXT
能不能发一份DATABASE_MYSQL.TXT到我的 邮箱里呢,谢谢了
由 honglidan 发表于 November 22, 2006 9:40 PM