7. 安装Postfix
7.1. 下载
http://www.postfix.org/ftp-sites.html
wget http://postfix.energybeam.com/source/official/postfix-1.1.11.tar.gz
7.2. 编译与安装
如果你的系统上原来有sendmail,先将其停止并将其文件改名:
# /etc/init.d/sendmail stop
# mv /usr/bin/newaliases /usr/bin/newaliases.OFF
# mv /usr/bin/mailq /usr/bin/mailq.OFF
# mv /usr/sbin/sendmail /usr/sbin/sendmail.OFF
然后添加两个组:postfix和maildrop和一个用户:postfix
# groupadd –g 12345 postfix
# groupadd -g 54321 postdrop
# useradd –u 12345 –g 12345 -c postfix -M -d/no/where -s/no/shell postfix
这里的组和用户的ID是系统中未使用的ID。
编译Postfix,并支持mysql和sasl:
# tar -xvzf postfix-1.1.11.tar.gz
# cd postfix-1.1.11
# make -f Makefile.init makefiles 'CCARGS=-DUSE_SASL_AUTH -DHAS_MYSQL
-I/usr/include/mysql' 'AUXLIBS=-L/usr/lib/mysql -lmysqlclient –lsasl -lz -lm'
# make install
安装时,安装程序会提问一些问题,可以直接按回车采用默认值。
给postfix用户做一个系统别名,使用/etc/aliases别名数据库中:
# echo 'postfix: root' >> /etc/aliases
生成/etc/aliases别名数据库:
# postaliases /etc/aliases
7.3. 配置
修改/etc/postfix/master.cf中的cyrus的配置,将如下一行:
flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
修改为:
flags=R user=cyrus argv=/usr/cyrus/bin/deliver –r ${sender} -m
${extension} ${user}
这里要把cyrus的路径修改为你的cyrus实际安装路径。
修改/etc/postfix/main.cf的配置:
myhostname = mail00.cngnu.org
mydomain = cngnu.org
myorigin = cngnu.org
mydestination = $mydomain,$myhostname
mailbox_transport = cyrus
virtual_maps =
hash:/etc/postfix/virtual,mysql:/etc/postfix/mysql-virtual.cf
smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions = permit_sasl_authenticated
permit_auth_destination reject
broken_sasl_auth_clients = yes
smtpd_sasl_security_options = noanonymous
创建/etc/postfix/mysql-virtual.cf,它提供了本地用户和邮件转发功能。forward字段和username 字段值默认是相同的,此时邮件本地递交到用户邮箱:username里面;forward是另外一个邮件地址或用户时,邮件转发到新的地址。此外,由于 Postfix对于邮箱区别大小写,通过virtual功能的重写,可以保证大小写的邮件地址都可以正确接收。
#
# mysql config file for alias lookups on postfix
#
# the user name and password to log into the mysql server
hosts = localhost
user = mail
password = secret
# the database name on the servers
dbname = mail
# the table name
table = user
select_field = forward
where_field = username
additional_conditions = and status = '1'
创建上面指定的/etc/postfix/virtual的DB库,并将超级用户的邮箱转发到一个普通用户如tester:
# echo 'root tester' >> /etc/postfix/aliases
# postmap /etc/postfix/virtual
保留db3格式的virtual库是为了系统添加一些虚拟域和转发方便起见。
8. 安装Cyrus-IMAP
8.1. 下载
http://asg.web.cmu.edu/cyrus/download/
wget ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/cyrus-imapd-2.0.16.tar.gz
8.2. 编译与安装
编译Cyrus-IMAP,并取消kerberos支持(在Redhat中,kerberos库有问题,很难编译通过,Mandrake则可以通过;此外,我们也不需要kerberos的支持):
# tar -zxf cyrus-imapd-2.0.16.tar.gz
# cd cyrus-imapd-2.0.16
# ./configure --with-cyrus-prefix=/usr/local/cyrus
--with-sasl=/usr/local/lib/sasl –-with-auth=unix
# make depend
# make all CFLAGS=-O
# make install
Cyrus-IMAP的安装脚本有问题,cyradm(现在使用的是Perl版本,原来的TCL版本不再支持)所需要的perl模块被安装到一些不在Perl的@INC的目录里,需要手工安装.
编辑安装文件里面的perl/imap/Makefile文件,修改其中下列部分:
prefix=/usr/local
INSTALLPRIVLIB = $(PREFIX)/lib/5.6.1
INSTALLARCHLIB = $(PREFIX)/lib/5.6.1/i386-linux
INSTALLSITELIB = $(PREFIX)/lib/site_perl/5.6.1
INSTALLSITEARCH = $(PREFIX)/lib/site_perl/5.6.1/i386-linux
修改为:
prefix=/usr
INSTALLPRIVLIB = $(PREFIX)/lib/perl5/5.6.1
INSTALLARCHLIB = $(PREFIX)/lib/perl5/5.6.1/i386-linux
INSTALLSITELIB = $(PREFIX)/lib/perl5/site_perl/5.6.1
INSTALLSITEARCH = $(PREFIX)/lib/perl5/site_perl/5.6.1/i386-linux
然后进行安装:
# cd perl/imap
# make install
8.3. 配置
创建主配置文件/etc/cyrus.conf:
# cp master/conf/normal.conf /etc/cyrus.conf
添加cyrus-imap的管理账号cryus:
# useradd -g mail cyrus
# passwd cyrus
Changing password for user cyrus.
New password:
Retype new password:
passwd: all authentication tokens updated successfully.
创建IMAP配置文件/etc/imapd.conf,管理员是cyrus:
configdirectory: /var/imap
partition-default: /var/spool/imap
admins: cyrus
sasl_pwcheck_method: pam
建立Cyrus-IMAP服务器的目录结构:
# mkdir –p /var/imap/sieve
# mkdir /var/spool/imap
# chown –R cyrus:mail /var/imap
# chown –R cyrus:mail /var/spool/imap
# su cyrus
$ tools/mkimap
$ exit
这里tools/mkimap这个实用程序在cyrus-imap的源程序目录里面。
创建日志:
# touch /var/log/imapd.log /var/log/auth.log
# echo local6.debug /var/log/imapd.log >> /etc/syslog.conf
# echo auth.debug /var/log/auth.log >> /etc/syslog.conf
# /etc/rc.d/init.d/syslog restart
设置邮件限额:
# chattr +S /var/imap/user /var/imap/user/*
# chattr +S /var/imap/quota /var/imap/quota/*
# chattr +S /var/spool/imap /var/spool/imap/*
由于Cyrus-IMAP的主控进程和Postfix的主控进程名字一样,容易混淆而且不方便控制,所以将Cyrus-IMAP服务器的主控进程做个别名连接:cyrusd。
# cd /usr/cyrus/bin
# ln –s master cyrusd
9. 测试
9.1. 启动
9.1.1. 启动MySQL
MySQL在前面配置的时候已经启动。
启动命令如下:
# /etc/init.d/mysqld start
9.1.2. 启动Postfix
启动命令如下:
# /usr/sbin/postfix start
或:
# /etc/rc.d/init.d/sendmail start
9.1.3. 启动Cyrus-IMAP
启动命令如下:
# /usr/local/cyrus/bin/cyrusd&
9.1.4. 启动脚本
可以编写一个启动脚本mailsys来启动这些进程,这样就不需要单独启动postfix和cyrusd了:
#!/bin/bash
#
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
. /etc/sysconfig/network
# Check that networking is up.
[ ${NETWORKING} = "no" ] && exit 0
[ -f /usr/sbin/postfix ] || exit 0
[ -f /usr/cyrus/bin/cyrusd ] || exit 0
RETVAL=0
prog="Mail System"
start() {
# Start daemons.
echo -n $"Starting $prog: "
echo -n $"SMTP "
/usr/sbin/postfix start > /dev/null 2&>1 &
echo -n $"POP3 IMAP4 "
/usr/cyrus/bin/cyrusd > /dev/null 2&>1 &
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/mailsys
return $RETVAL
}
stop() {
# Stop daemons.
echo -n $"Shutting down $prog: "
echo -n $"SMTP "
/usr/sbin/postfix stop > /dev/null 2&>1 &
echo -n $"POP3 IMAP4 "
killproc `pidof cyrusd`
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/mailsys
return $RETVAL
}
# See how we were called.
case "$1" in
start)
start
;;
stop)
stop
;;
restart|reload)
stop
start
RETVAL=$?
;;
*)
echo $"Usage: $0 {start|stop|restart}"
exit 1
esac
exit $RETVAL
9.2. 测试
为了清楚起见,以下输入的命令用红色字体标示,系统显示信息用黑色字体标示。
9.2.1. 测试MySQL
启动MySQL后,首先检查日志/var/log/messages有无错误信息,然后检查进程,应该有如下进程存在:
# pstree | grep safe-mysqld
|-safe-mysqld---safe-mysqld---safe-mysqld
接着检查端口,应该有如下端口打开:
# netstat -an | grep LISTEN
tcp
0
0 127.0.0.1:3306
0.0.0.0:*
LISTEN
再使用如下命令测试MySQL:
# mysql mail -u mail –p
Enter password: (secret)
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 99 to server version: 3.23.49
Type 'help;' or '\h' for help. Type '\c' to clear the buffer.
mysql> show tables;
+------------------+
| Tables_in_mail |
+------------------+
| user |
+------------------+
1 rows in set (0.00 sec)
mysql> select * from user;
+----------+----------+----------------------------+--------+
| USERNAME | PASSWORD | FORWARD | STATUS |
+----------+----------+----------------------------+--------+
| tester | testpw | tester | 1 |
+----------+----------+----------------------------+--------+
1 rows in set (0.00 sec)
mysql> \q
Bye
9.2.2. 测试Postfix
启动Postfix后,首先检查日志/var/log/messages有无错误信息,然后检查进程,应该有如下进程存在:检查端口及进程:
# pstree |grep master
|-master-+-pickup
接着检查端口,应该有如下端口打开:
# netstat -an |grep LISTEN
tcp
0
0 0.0.0.0:25
0.0.0.0:*
LISTEN
再检测SMTP服务是否正常:
# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 mail00.cngnu.org ESMTP Postfix
QUIT
221 Bye
Connection closed by foreign host.
使用如下命令测试postfix的SMTP的认证:
PLAIN认证方式:
# printf ‘tester\0000tester\0000testpw’|mmencode
dGVzdGVyAHRlc3RlcgB0ZXN0cHc=
# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 mail00.cngnu.org ESMTP Postfix
EHLO cngnu
250-mail00.cngnu.org
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250-XVERP
250 8BITMIME
AUTH PLAIN dGVzdGVyAHRlc3RlcgB0ZXN0cHc=
235 Authentication successful
QUIT
221 Bye
Connection closed by foreign host.
LOGIN认证方式:
# printf ‘tester’ |mmencode
dGVzdGVy
# printf ‘testpw’ |mmencode
dGVzdHB3
# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 mail00.cngnu.org ESMTP Postfix
EHLO cngnu
250-mail00.cngnu.org
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250-XVERP
250 8BITMIME
AUTH LOGIN
334 VXNlcm5hbWU6
dGVzdGVy
334 UGFzc3dvcmQ6
dGVzdHB3
235 Authentication successful
QUIT
221 Bye
Connection closed by foreign host.
9.2.3. 测试Cyrus-IMAP
启动Cyrus-IMAP后,首先检查日志/var/log/messages、/var/log/imapd.log和/var/log/auth.log有无错误信息,然后检查进程,应该有如下进程存在:
# pstree |grep cyrusd
|-cyrusd
接着检查端口,应该有如下端口打开:
# netstat -an |grep LISTEN
tcp
0
0 0.0.0.0:993
0.0.0.0:*
LISTEN
tcp
0
0 0.0.0.0:995
0.0.0.0:*
LISTEN
tcp
0
0 0.0.0.0:110
0.0.0.0:*
LISTEN
tcp
0
0 0.0.0.0:143
0.0.0.0:*
LISTEN
再检测POP3和IMAP服务:
# telnet localhost 110
+OK mail00.cngnu.org Cyrus POP3 v2.0.16 server ready
USER tester
+OK Name is a valid mailbox
PASS testpw
+OK Maildrop locked and ready
QUIT
+OK
# imtest -m login -a tester localhost
C: C01 CAPABILITY
S: * OK mail.cngnu.org Cyrus IMAP4 v2.0.16 server ready
S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ NAMESPACE UIDPLUS ID
NO_ATOMIC_RENAME UNSELECT MULTIAPPEND SORT THREAD=ORDEREDSUBJECT
THREAD=REFERENCES IDLE
S: C01 OK Completed
Password:
C: L01 LOGIN tester {6}
+ go ahead
C:
L01 OK User logged in
Authenticated.
Security strength factor: 0
. logout
* BYE LOGOUT received
. OK Completed
现在创建邮箱。使用cyradm来创建和删除邮箱,它是Cyrus-IMAP自己带的交互式管理界面,现在的版本是用Perl写的。你也可以直接调用Cyrus::IMAP::Admin模块创建自己的CGI或脚本来做邮箱管理,可以参考Cyrus::IMAP::Shell模块的程序。
# cyradm -u cyrus localhost
IMAP Password: (cyrus)
mail00.cngnu.org> cm user.cyrus
mail00.cngnu.org> cm user.tester
mail00.cngnu.org> cm user.testdel
mail00.cngnu.org> lm
user.cyrus
user.tester
user.testdel
mail00.cngnu.org> sam user.testdel cyrus cd
mail00.cngnu.org> dm user.testdel
mail00.cngnu.org> lm
user.cyrus
user.tester
mail00.cngnu.org> quit
如果要删除一个IMAP邮箱,需要先给管理员cyrus授予C(Create)和D(Delete)的权限才可以删除。
9.2.4. 邮件测试
创建邮箱后,测试发信功能:
# mail tester
Subject: test by me
this is a test.
.
CC:
# mailq
Mail queue is empty
# tail /var/log/mail/*
使用mailq来查看邮件队列是否有错误,并查看/var/log/mail/*是否有错误信息。如果一切正常,说明信件已经发送到tester了。
测试收信,先测试POP3:
# telnet localhost 110
+OK mail00.cngnu.org Cyrus POP3 v2.0.16 server ready
USER tester
+OK Name is a valid mailbox
PASS testpw
+OK Maildrop locked and ready
LIST
1 400
TOP 1 10
Return-Path:
X-Sieve: cmu-sieve 2.0
Return-Path:
Received: by mail. (Postfix, from userid 0)
id 5F1EF90005; Mon, 20 May 2002 18:03:43 +0800 (CST)
To: tester@cngnu.org
Subject: test by me
Message-Id: <20020520100343.5F1EF90005@mail00.cngnu.org>
Date: Mon, 20 May 2002 18:03:43 +0800 (CST)
From: root@cngnu.org (root)
this is a test.
.
QUIT
+OK
再测试IMAP:
# imtest -m login -a tester localhost
C: C01 CAPABILITY
S: * OK mail.cngnu.org Cyrus IMAP4 v2.0.16 server ready
S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ NAMESPACE UIDPLUS ID
NO_ATOMIC_RENAME UNSELECT MULTIAPPEND SORT THREAD=ORDEREDSUBJECT
THREAD=REFERENCES IDLE
S: C01 OK Completed
Password:
C: L01 LOGIN tester {6}
+ go ahead
C:
L01 OK User logged in
Authenticated.
Security strength factor: 0
. select inbox
* FLAGS (\Answered \Flagged \Draft \Deleted \Seen)
* OK [PERMANENTFLAGS (\Answered \Flagged \Draft \Deleted \Seen \*)]
* 1 EXISTS
* 1 RECENT
* OK [UIDVALIDITY 1021736432]
* OK [UIDNEXT 3]
. OK [READ-WRITE] Completed
. fetch 1:1 (FLAGS BODY[HEADER.FIELDS (DATE FROM)])
* 1 FETCH (FLAGS (\Seen) BODY[HEADER.FIELDS (DATE FROM)] {68}
Date: Mon, 20 May 2002 09:26:09 +0800 (CST)
From: wxy@cngnu.org
)
. OK Completed
. logout
* BYE LOGOUT received
. OK Completed
你也可以使用任何其它的邮件客户端程序来测试,如kmail、Outlook Express等等。
OK,到此为止,我们的邮件系统就架设完毕了。如果有任何问题,请到论坛http://www.cngnu.org/forum/讨论。
