环境:Centos5,extmail的依赖包很多,对环境要求比较苛刻,所以建议在Centos5上安装。
本次主机名为:centos.mail.com 域名:jinnicat.com
官方参考文档:http://http://wiki.extmail.org/extmail_solution_for_centos-5
视频参考:http://www.tudou.com/programs/view/Zct0ANsC0UI/
1、制作EMOS yum源。
#vim /etc/yum.repos.d/emos.repo
[EMOS-base]
name=EMOS-Base
baseurl=http://mirror.extmail.org/yum/emos/1.5/os/$basearch/
gpgcheck=0
priority=0
protect=0
[EMOS-update]
name=EMOS-Updates
baseurl=http://mirror.extmail.org/yum/emos/1.5/updates/$basearch/
gpgcheck=0
priority=0
protect=0
2、配置MTA-Postfix
准备工作:
# yum install -y httpd mysql-server php-mysql
安装postfix
2.1安装postfix
# yum install -y postfix
# rpm -e sendmail(注:sendmail会对后面smtp验证产生影响)
2.2、配置postfix
# postconf -n >/etc/postfix/main2.cf
# mv /etc/postfix/main.cf /etc/postfix/main.cf.old
# mv /etc/postfix/main2.cf /etc/postfix/main.cf
编辑main.cf:
# vim /etc/postfix/main.cf
增加如下内容:
# hostname
mynetworks = 127.0.0.1
myhostname = centos.mail.com
mydestination = $mynetworks $myhostname
# banner
mail_name = Postfix - by mail.com
smtpd_banner = $myhostname ESMTP $mail_name
# response immediately
smtpd_error_sleep_time = 0s
#Message and return coolcode control
message_size_limit = 5242880
mailbox_size_limit = 5242880
show_user_unknown_table_name = no
#Queue lifetime control
bounce_queue_lifetime = 1d
maximal_queue_lifetime = 1d
maildrop_destination_recipient_limit = 1(由于maildrop不支持一次接收多个收件人,因此需要参数
)
(注:myhostname改为自己的。)
设置postfix开机自启:
#chkconfig postfix on
3、配置courier-authlib
3.1、安装Courier-Authlib
# yum -y install courier-authlib
# yum -y install courier-authlib-mysql
删除并编辑/etc/authlib/authmysqlrc文件:
# cat /dev/null >/etc/authlib/authmysqlrc
# vim /etc/authlib/authmysqlrc
增加如下内容:
MYSQL_SERVER localhost
MYSQL_USERNAME extmail
MYSQL_PASSWORD extmail
MYSQL_SOCKET /var/lib/mysql/mysql.sock
MYSQL_PORT 3306
MYSQL_OPT 0
MYSQL_DATABASE extmail
MYSQL_USER_TABLE mailbox
MYSQL_CRYPT_PWFIELD password
MYSQL_UID_FIELD uidnumber
MYSQL_GID_FIELD gidnumber
MYSQL_LOGIN_FIELD username
MYSQL_HOME_FIELD homedir
MYSQL_NAME_FIELD name
MYSQL_MAILDIR_FIELD maildir
MYSQL_QUOTA_FIELD quota
MYSQL_SELECT_CLAUSE SELECT username,password,"",uidnumber,gidnumber,\
CONCAT('/home/domains/',homedir), \
CONCAT('/home/domains/',maildir), \
quota,\
name \
FROM mailbox \
WHERE username = '$(local_part)@$(domain)'
修改authdaemonrc文件
# vim /etc/authlib/authdaemonrc
修改如下内容:
authmodulelist="authmysql"
authmodulelistorig="authmysql"
3.2、启动courier-authlib:
# service courier-authlib start
如一切正常,命令行将返回如下信息:
Starting Courier authentication services: authdaemond
修改authdaemon socket目录权限:
(注:如果该目录权限不正确修改,maildrop及postfix等将无法正确获取用户的信息及密码认证)
# chmod 755 /var/spool/authdaemon/
4、配置maildrop
4.1、安装maildrop
# yum install maildrop
配置master.cf 为了使Postfix支持Maildrop,必须修改vim /etc/postfix/master.cf文件,注释掉原来的maildrop的配置内容,并改为:
maildrop unix - n n - - pipe
flags=DRhu user=vuser argv=maildrop -w 90 -d ${user}@${nexthop} ${recipient} ${user} ${extension} {nexthop}
(注:flags前面有“两个空格”,“key” = ”value“)
4.2、测试maildrop对authlib支持
# maildrop -v
看是否出现以下内容:
maildrop 2.1.0 Copyright 1998-2005 Double Precision, Inc.
GDBM/DB extensions enabled.
Courier Authentication Library extension enabled.
Maildir quota extension enabled.
This program is distributed under the terms of the GNU General Public
License. See COPYING for additional information.
5、配置Apache
5.1、虚拟主机设置
编辑httpd.conf文件:
# vim /etc/httpd/conf/httpd.conf
在最后一行加上:
NameVirtualHost *:80
Include conf/vhost_*.conf
编辑 vhost_extmail.conf
/etc/httpd/conf/vhost_extmail.conf
里面定义虚拟主机的相关内容:
# VirtualHost forExtMail Solution
<VirtualHost *:80>
ServerName mail.extmail.org
DocumentRoot /var/www/extsuite/extmail/html/
ScriptAlias /extmail/cgi/ /var/www/extsuite/extmail/cgi/
Alias /extmail /var/www/extsuite/extmail/html/
ScriptAlias /extman/cgi/ /var/www/extsuite/extman/cgi/
Alias /extman /var/www/extsuite/extman/html/
# Suexec config
SuexecUserGroup vuser vgroup
</VirtualHost>
设置apache开机启动
# chkconfig httpd on
6、配置Webmail-ExtMail
6.1、安装ExtMail
# yum install extsuite-webmail
6.2、编辑webmail.cf
# cd /var/www/extsuite/extmail
# cp webmail.cf.default webmail.cf
# vim webmail.cf
主要变动的内容见下:
SYS_PERMIT_NOQUOTA = 1(登录用户是不需要验证码)
SYS_SESS_DIR = /var/www/tmp
SYS_MYSQL_USER = extmail
SYS_MYSQL_PASS = extmail
SYS_MYSQL_DB = extmail
注意事项:(默认设置在/tmp/extman下面)
由于RedHat发行版中包含了一个叫tmpwatch的工具,该工具会定期扫描/tmp/下的文件,如果这些文件很久都没被使用,将被删除,因此如果后台长期不使用,/tmp/extman目录有可能被tmpwatch删除,所以要修改webman.cf将临时目录修改到另一个地方。
# mkdir /var/www/tmp
修改权限:
# chown -R vuser:vgroup /var/www/tmp
更新cgi目录权限 由于SuEXEC的需要,必须将extmail和extman的cgi目录修改成vuser:vgroup权限:
# chown -R vuser:vgroup /var/www/extsuite/extmail/cgi/
# chown -R vuser:vgroup /var/www/extsuite/extman/cgi/
7、配置管理后台-ExtMan
7.1、yum安装ExtMan
# yum install extsuite-webman
7.2、数据库初始化
启动Mysql
# service mysqld start
# chkconfig mysqld on
# cd /var/www/extsuite/extman/docs
# sed -i s/extmail\.org/jinnicat\.com/g extmail.sql
# sed -i s/extmail\.org/jinnicat\.com/g init.sql
导入mysql数据库结构及初始化数据,root密码默认为空
# mysql -u root -p < /var/www/extsuite/extman/docs/extmail.sql
# mysql -u root -p < /var/www/extsuite/extman/docs/init.sql
7.3、设置虚拟域和虚拟用户的配置文件
# cp mysql_virtual_alias_maps.cf /etc/postfix/
# cp mysql_virtual_domains_maps.cf /etc/postfix/
# cp mysql_virtual_mailbox_maps.cf /etc/postfix/
# cp mysql_virtual_sender_maps.cf /etc/postfix/
配置main.cf:
# vim /etc/postfix/main.cf
增加以下内容:
# extmail config here
virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_transport = maildrop:
重启postfix :
# service postfix restart
7.4、测试authlib
建立刚才导入mysql的postmaster@jinnicat.com帐户的Maildir,请输入如下命令:
# cd /var/www/extsuite/extman/tools
# ./maildirmake.pl /home/domains/jinnicat.com/postmaster/Maildir
# chown -R vuser:vgroup /home/domains/jinnicatl.com
在命令行下执行:
# /usr/sbin/authtest -s login postmaster@jinnicat.com extmail
结果如下:
Authentication succeeded.
Authenticated: postmaster@jinnicat.com (uid 1000, gid 1000)
Home Directory: /home/domains/jinnicat.com/postmaster
Maildir: /home/domains/jinnicat.com/postmaster/Maildir/
Quota: 104857600S
Encrypted Password: $1$phz1mRrj$3ok6BjeaoJYWDBsEPZb5C0
Cleartext Password: extmail
Options: (none)
7.5、配置图形化日志
启动mailgraph_ext
# /usr/local/mailgraph_ext/mailgraph-init start
启动cmdserver(在后台显示系统信息)
# /var/www/extsuite/extman/daemon/cmdserver --daemon
加入开机自启动:
# echo "/usr/local/mailgraph_ext/mailgraph-init start" >> /etc/rc.d/rc.local
# echo "/var/www/extsuite/extman/daemon/cmdserver -v -d" >> /etc/rc.d/rc.local
使用方法: 等待大约15分钟左右,如果邮件系统有一定的流量,即可登陆到extman里,点“图形日志”即可看到图形化的日志。具体每天,周,月,年的则点击相应的图片进入即可。
添加定时任务:
# crontab -e
添加以下内容:
0 4 * * * /var/www/extsuite/extman/tools/expireusers.pl -all postmaster@jinnicat.com
30 4 * * * /var/www/extsuite/extman/tools/reportusage.pl -all /home/domains postmaster@jinnicat.com
8、配置Cyrus-SASL
8.1、安装cyrus-sasl
删除系统的cyrus-sasl:
# rpm -e cyrus-sasl --nodeps
安装新的支持authdaemon的软件包
# yum install cyrus-sasl
8.2、配置main.cf文件
Postfix的SMTP认证需要透过Cyrus-SASL,连接到authdaemon获取认证信息。
编辑main.cf
# vi /etc/postfix/main.cf
增加如下内容:
# smtpd related config
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_non_fqdn_hostname,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unauth_destination,
reject_unauth_pipelining,
reject_invalid_hostname,
# SMTP sender login matching config
smtpd_sender_restrictions =
permit_mynetworks,
reject_sender_login_mismatch,
reject_authenticated_sender_login_mismatch,
reject_unauthenticated_sender_login_mismatch
smtpd_sender_login_maps =
mysql:/etc/postfix/mysql_virtual_sender_maps.cf,
mysql:/etc/postfix/mysql_virtual_alias_maps.cf
# SMTP AUTH config here
broken_sasl_auth_clients = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_security_options = noanonymous
8.3、编辑smtpd.conf文件
# vi /usr/lib/sasl2/smtpd.conf
确保其内容为:
pwcheck_method: authdaemond
log_level: 3
mech_list: PLAIN LOGIN
authdaemond_path:/var/spool/authdaemon/socket
重启所有服务:
service httpd restart
service courier-authlib restart
service courier-imap restart
service postfix restart
service mysqld restart
添加个用户:访问http://192.168.217.134/extman/ 里增加一个新帐户,ExtMan的默认超级管理员帐户:root@extmail.org,初始密码:extmail*123*,登陆成功后,建议将密码修改,以确保安全。
之后创建用户test,测试。
重新启动postfix:
# service postfix start
8.4、测试SMTP认证
通过以下命令获得test@jinnicat.com的用户名及密码的BASE64编码:
# perl -e 'use MIME::Base64; print encode_base64("test\@jinnicat.com")'
内容如下:
cG9zdG1hc3RlckBleHRtYWlsLm9yZw==
# perl -e 'use MIME::Base64; print encode_base64("123456")'
内容如下:
ZXh0bWFpbA==
然后本机测试:
# telnet localhost 25
其过程如下:
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 mail.extmail.org ESMTP Postfix - by extmail.org
ehlo demo.domain.tld << 输入内容
250-mail.extmail.org
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
auth login << 输入内容
334 VXNlcm5hbWU6
cG9zdG1hc3RlckBleHRtYWlsLm9yZw== << 输入内容
334 UGFzc3dvcmQ6
ZXh0bWFpbA== << 输入内容
235 2.0.0 Authentication successful
quit << 输入内容
221 2.0.0 Bye
最后出现235 Authentication Successful 表明认证成功了。
9、配置Courier-IMAP
9.1、安装Courier-imap
默认的courier-authlib及courier-imap都会增加系统自启动设置,因此下一次服务器启动将自动启动相应的authlib及POP3服务
# yum install courier-imap
配置courier-imap
由于Courier-imap的IMAP目录是按UTF-7编码的,ExtMail目前还没有正式支持IMAP目录,因此需要屏蔽IMAP,只提供pop3服务。而就目前的使用情况来看,IMAP使用的非常少,绝大部分OutLook/Foxmail用户都习惯使用POP3而非IMAP。
# vi /usr/lib/courier-imap/etc/imapd
修改内容如下:(关闭IPAM)
IMAPDSTART=NO
# vi /usr/lib/courier-imap/etc/imapd-ssl
修改内容如下:
IMAPDSSLSTART=NO
然后重新启动courier-imap:
# service courier-imap start
测试POP3 请按如下步骤输入pop3命令测试其是否正常工作。依然是test用户测试。
# telnet localhost 110
其过程如下:
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
+OK Hello there.
user test@jinnicat.com << 输入内容
+OK Password required.
pass 123456 << 输入内容
+OK logged in.
list << 输入内容
+OK POP3 clients that break here, they violate STD53.
.
quit << 输入内容
+OK Bye-bye.
Connection closed by foreign host.
##至此:extmail配置完成。
附1:hostname的设置:
安装extmail时,hostname的准确性十分重要!
我们可以在实验开始之前先设置hostname:
#vim /etc/sysconfig/network
#vim /etc/hosts
附2:去除登陆时的验证码:
Extmail登陆时的验证码十分烦人,我们可以去除它。
#vim /var/www/extsuite/extman/webman.cf
SYS_CAPTCHA_ON = 0
附3修改web页面默认的域名:
vim /var/www/extsuite/extmail/html/default/index.html
162 < TD >< INPUT TYPE="text" class="input_n" NAME="domain" value="jinnicat.com" >< /TD >