mysql和dovecot用于认证用户
mailscanner, clamav用作垃圾邮件的过滤和病毒扫描
Postfix + mysql + postfixadmin + dovecot
Os: Openbsd
dependence:
apache+php+postfixadmin来做后台的数据库管理
mysql和dovecot用于认证用户
mailscanner, clamav用作垃圾邮件的过滤和病毒扫描
1. install apache with php support
2. install mysql
#groupadd mysql
#useradd -g mysql mysql
#gunzip < mysql-VERSION.tar.gz | tar -xvf -
#cd mysql-VERSION
#./configure --prefix=/usr/local/mysql
#make
#make install
#cp support-files/my-medium.cnf /etc/my.cnf
#cd /usr/local/mysql
#chown -R mysql .
#chgrp -R mysql .
#bin/mysql_install_db --user=mysql
(you can see the following information here:
PLEASE REMEMBER TO SET A PASSWORD FOR THE MySQL root USER !
To do so, start the server, then issue the following commands:
/usr/local/mysql/bin/mysqladmin -u root password 'new-password'
/usr/local/mysql/bin/mysqladmin -u root -h xia.gfed.net password
'new-password'
See the manual for more instructions.
You can start the MySQL daemon with:
cd /usr/local/mysql ; /usr/local/mysql/bin/mysqld_safe &
)
chown -R root .
chown -R mysql var
bin/mysqld_safe --user=mysql &
3.install postfixadmin
unzip postfixadmin-[version].tar.gz to your Apache DocumentRoot
folder.
#tar zxvf postfixadmin-[version].tar.gz
#mv postfixadmin-[version] postfixadmin
or
#ln -s postfixadmin-[version] postfixadmin
Create database for postfixadmin
#mysql -u root -p < DATABASE_MYSQL.txt
to check if database was created:
#mysql -u root
>show databases;
if you can see a database named "postfix". it means database is ready.
用户可以通过http://xxxx.xxx.xxx.xxx/postfixadmin/admin进入配置页面,这很不安全,所以用认证的方式来进行访问控制
modify apache configuration file (httpd.conf) for postfixadmin, add following lines into it:
<Directory "/usr/local/httpd/htdocs/postfixadmin">
Options ExecCGI
AllowOverride None
Order allow,deny
Allow from all
AuthName "Postfixadmin Access"
AuthType Basic
AuthUserFile /usr/local/httpd/conf/htpasswd.users
Require valid-user
</Directory>
to build httpasswd.users file, this is tha authz file for each
users:
htpasswd -c /usr/local/httpd/conf/htpasswd.users postfixadmin
#cp config.inc.php.sample to config.inc.php
open your browser to open http://127.0.0.1/postfixadmin/
根据页面的提示, 将conf.inc.php.sample改名为conf.inc.php
然后将setup.php删除或者改名
remove ro rename setup.php
#rm setup.php
#mv setup.php setup.php_old
open your browser again to open
http://127.0.0.1/postfixadmin/
now, create virtual domain and users
4.add vmail user and vmail
增加vmail用户和组,并指定uid和gid
# groupadd -g 5000 vmail
# useradd -g vmail -u 5000 -d /home/vmail -m vmail
#id vmail
uid=5000(vmail) gid=5000(vmail) groups=5000(vmail)
5,install dovecot and config it
安装dovecot,
usually, dovecot configuration file located in
dovecot.conf main strutcure below:
1st, we need to define protocol we want
2nd, setup protocol one by one
3rd, setup auth
we set imap and pop for example
example below:
#we use imap pop and imaps pops
protocols = imap imaps pop3 pop3s
#define imap
protocol imap {
}
#disable plaintext
disable_plaintext_auth = yes
verbose_ssl = yes
first_valid_uid = 5000
last_valid_uid = 5000
#this mail_location is very important, you must setup it
according to your setting.
mail_location = maildir:/home/vmail/%d/%u@%d/
重要!!这里的格式是/home/vamil/domain名/用户名@domainq名,需根据自己的来改变配置
#define pop3
protocol pop3 {
}
#define auth
#we use mysql to build virtual user, so we use mysql to do the
auth
auth default {
edit /etc/dovecot/docecot-sql.conf
driver = mysql
connect = host=localhost dbname=postfix user=root
password=123456
default_pass_scheme = MD5
user_query = SELECT '/home/vmail/%d/%u' as home,
'maildir:/home/vmail/%d/%u' as mail, 5000 AS uid, 5000 AS gid,
concat('dirsize:storage=', quota) AS quota FROM mailbox WHERE
username = '%u' AND active = '1'
password_query = SELECT username as user, password,
'/home/vmail/%d/%u' as userdb_home, 'maildir:/home/vmail/%d/%u' as
userdb_mail, 5000 as userdb_uid, 5000 as userdb_gid FROM mailbox
WHERE username = '%u' AND active = '1'
Now dovecot should works
6, config postfix
主要的文件为/etc/postfix/main.cf, 还有一个容易忽略的文件/etc/postfix/dynamicmaps.cf
请确保在dynamicmaps.cf中有下面这条与mysql相关的语句:
mysql
edit /etc/postfix/main.cf
example below:
------------------------------------file
start---------------------------------
## Base
myhostname = mail.huaxinit.com
mydomain = huaxinit.com
myorigin = $mydomain
biff = no
append_dot_mydomain = no
delay_warning_time = 4h
## VIRTUAL
## define virtual user
virtual_alias_maps =
proxy:mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_gid_maps = static:5000
virtual_mailbox_base = /home/vmail
virtual_mailbox_domains =
proxy:mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_limit = 51200000
virtual_mailbox_maps =
proxy:mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_minimum_uid = 5000
virtual_transport = virtual
virtual_uid_maps = static:5000
## SASL
## use dovecot to do the auth
mtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
broken_sasl_auth_clients = yes
## SSL/TLS
##enable ssl/tls
smtpd_tls_auth_only = no
smtp_use_tls = yes
smtpd_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_key_file = /etc/postfix/ssl/postfix_smtp.key
smtpd_tls_cert_file = /etc/postfix/ssl/postfix_smtp.crt
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
## Quota
#max mail size is 10M
message_size_limit = 104857600
virtual_mailbox_limit_inbox = no
virtual_mailbox_limit_override = yes
virtual_maildir_extended = yes
virtual_create_maildirsize = yes
virtual_mailbox_limit_maps =
proxy:mysql:/etc/postfix/mysql_virtual_mailbox_limit_maps.cf
virtual_mailbox_limit = 104857600
## Anti-spam, Anti-virus
header_checks = regexp:/etc/postfix/anti-spam/header_checks
6. Mailscanner and clamav
install mailscnner and clamav
edit /usr/local/etc/MailScanner/MailScanner.conf, make these line look like this example:
Run As User = postfix
Run As Group = postfix
Incoming Queue Dir = /var/spool/postfix/hold
Outgoing Queue Dir = /var/spool/postfix/incoming
MTA = postfix
Virus Scanners = clamav
Use SpamAssassin = yes
make folders which Mailscanner need:
mkdir /var/spool/MailScanner
mkdir /var/spool/MailScanner/incoming
mkdir /var/spool/MailScanner/quarantine
chown postfix:postfix /var/spool/MailScanner/incoming
chown postfix:postfix /var/spool/MailScanner/quarantine
touch /usr/local/etc/MailScanner/rules/bounce.rules
chmod -R 777 /var/spool/postfix
cp /usr/local/etc/MailScanner/mcp/10_example.cf.sample
/usr/local/etc/MailScanner/mcp/10_example.cf
cp
/usr/local/etc/MailScanner/mcp/mcp.spam.assassin.prefs.conf.sample
/usr/local/etc/MailScanner/mcp/mcp.spam.assassin.prefs.conf
then start Mailscanner
7. enable smtps (port 465)
edit /etc/postfix/master.cf
smtps
8. start your postfix and have fun