一、服务器数据库
[root@localhost ~]# yum install mysql-server -y[root@localhost ~]# /etc/init.d/mysqld start[root@localhost ~]# mysql_secure_installation 设置密码为westos[root@localhost ~]# yum install httpd -y[root@localhost ~]# lftp 192.168.0.1lftp 192.168.0.1:/pub/postfix> get extmail-1.2.tar.gz extman-1.1.tar.gz[root@localhost ~]# tar zxf extman-1.1.tar.gz[root@localhost ~]# tar zxf extmail-1.2.tar.gz[root@localhost ~]# cd extman-1.1/docs/[root@localhost docs]# mysql -pwestos < extmail.sql[root@localhost docs]# vim init.sqlINSERT INTO `mailbox` VALUES (‘postmaster@extmail.org’,’postmaster’,’westos’,”,’PostMaster’,”,’extmail.org/postmaster/Maildir/’,’extmail.org/postmaster’,’104857600S’,’52428800S’,’extmail.org’,1000,1000,’2007-02-14 15:10:04′,’2010-11-08′,1,0,0,0,0,0,0,0,’my question’,’my answer’);INSERT INTO `manager` VALUES (‘root@extmail.org’,’westos’,’admin’,’root’,’Super User’,’my question’,’my answer’,’0′,’2007-02-14 15:10:04′,’2010-11-08′,1);[root@localhost docs]# mysql -pwestos < init.sql[root@localhost docs]# useradd -u 800 vmail[root@localhost docs]# postconf -e virtual_mailbox_base=/home/vmail/[root@localhost docs]# postconf -e virtual_uid_maps=static:800[root@localhost docs]# postconf -e virtual_gid_maps=static:800[root@localhost docs]# cp mysql_virtual_alias_maps.cf mysql_virtual_domains_maps.cf mysql_virtual_mailbox_maps.cf /etc/postfix/[root@localhost postfix]# postconf -e virtual_alias_maps=mysql:/etc/postfix/mysql_virtual_alias_maps.cf[root@localhost postfix]# postconf -e virtual_mailbox_domains=mysql:/etc/postfix/mysql_virtual_domains_maps.cf[root@localhost postfix]# postconf -e virtual_mailbox_maps=mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf[root@localhost postfix]# postfix reload[root@localhost postfix]# yum install mailx-12.4-6.el6.x86_64 -y[root@localhost postfix]# mail support@extmail.orgSubject: testqwertyuiopasdfghjklEOT[root@localhost postfix]# mailqMail queue is empty这时候,在/home/vmail/extmail.org/postmaster/Maildir/new下会有一封新的邮件
二、3月30日 第二天从这里开始
[root@localhost docs]# mkdir /var/www/extsuite[root@localhost ~]# mv extman-1.1 /var/www/extsuite/extman[root@localhost ~]# mv extmail-1.2 /var/www/extsuite/extmail[root@localhost ~]# cd /var/www/extsuite/[root@localhost extsuite]# chown vmail.vmail * -R[root@localhost extsuite]# cp extmail/webmail.cf.default extmail/webmail.cf[root@localhost extsuite]# cp extman/webman.cf.default extman/webman.cf/etc/httpd/conf/httpd.conf 加入NameVirtualHost *:80<VirtualHost *:80>ServerName mail.extmail.orgDocumentRoot /var/www/extsuite/extmail/html/ScriptAlias /extmail/cgi /var/www/extsuite/extmail/cgiAlias /extmail /var/www/extsuite/extmail/htmlScriptAlias /extman/cgi /var/www/extsuite/extman/cgiAlias /extman /var/www/extsuite/extman/htmlSuexecUserGroup vmail vmail</VirtualHost>主机名修改为mail.extmail.org[root@localhost extsuite]# /etc/init.d/httpd restart[root@localhost extsuite]# vi extmail/webmail.cf修改配置文件extmail/webmail.cfSYS_LOG_ON = 0SYS_MAILDIR_BASE = /home/vmailSYS_CRYPT_TYPE = plainSYS_MYSQL_USER = extmailSYS_MYSQL_PASS = extmail修改配置文件extman/webman.cfSYS_CAPTCHA_ON = 0SYS_MAILDIR_BASE = /home/vmailSYS_SESS_DIR = /tmp/SYS_CRYPT_TYPE = plainSYS_MYSQL_USER = webmanSYS_MYSQL_PASS = webman[root@localhost extsuite]# yum install perl-CGI -y客户端192.168.0.1做192.168.0.146 mail.extmail.org解析访问mail.extmail.org 用户 uname:postmaster passwd:westoshttp://mail.extmail.org/extman/cgi/index.cgi 管理员 passwd:westos后台运行,管理员可查看系统信息[root@localhost extsuite]# /var/www/extsuite/extman/daemon/cmdserver &
三、接下来添加功能1.打开LOG功能记录登录状况修改配置文件extmail/webmail.cfSYS_LOG_ON = 1[root@localhost ~]# tar zxf Unix-Syslog-1.1.tar.gz[root@localhost Unix-Syslog-1.1]# perl Makefile.PLCan’t locate ExtUtils/MakeMaker.pm in @INC (@INC contains: /usr/local/lib64/perl5 /usr/local/share/perl5 /usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5 /usr/share/perl5 .) at Makefile.PL line 1.BEGIN failed–compilation aborted at Makefile.PL line 1.[root@localhost Unix-Syslog-1.1]# yum install -y perl-ExtUtils-MakeMaker[root@localhost Unix-Syslog-1.1]# yum install make gcc -y[root@localhost Unix-Syslog-1.1]# perl Makefile.PL[root@localhost Unix-Syslog-1.1]# make install[root@localhost ~]# tail -f /var/log/maillog 查看日志2.加入验证码防暴力注册修改配置文件extman/webman.cfSYS_CAPTCHA_ON = 1[root@localhost ~]# yum localinstall perl-GD-2.45-1.el6.rfx.x86_64.rpm -y3.绘制图表查看登录频率等信息[root@localhost ~]# yum install rrdtool-perl-1.3.8-6.el6.x86_64.rpm -y[root@localhost ~]# cp -r /var/www/extsuite/extman/addon/mailgraph_ext/ /usr/local/lftp 192.168.0.1:~> get pub/postfix/File-Tail-0.99.3.tar.gz[root@localhost ~]# tar zxf File-Tail-0.99.3.tar.gz[root@localhost ~]# cd File-Tail-0.99.3[root@localhost File-Tail-0.99.3]# yum install perl-Time-HiRes -y[root@localhost File-Tail-0.99.3]# perl Makefile.PL[root@localhost File-Tail-0.99.3]# make install[root@localhost File-Tail-0.99.3]# /usr/local/mailgraph_ext/mailgraph-init start刷新管理员页面,点击Graph Log四、使用dovecot接收邮件
[root@mail ~]# yum install dovecot-mysql -y[root@mail conf.d]# vim 10-mail.confmail_location = maildir:/home/vmail/%d/%n/Maildirfirst_valid_uid = 800[root@mail conf.d]# vim 10-auth.conf#!include auth-system.conf.ext!include auth-sql.conf.ext[root@mail conf.d]# cp /usr/share/doc/dovecot-2.0.9/example-config/dovecot-sql.conf.ext /etc/dovecot/[root@mail dovecot]# vim dovecot-sql.conf.extdriver = mysqlconnect = host=localhost dbname=extmail user=extmail password=extmaildefault_pass_scheme = PLAINpassword_query = \ SELECT username, domain, password \ FROM mailbox WHERE username = ‘%u’ AND domain = ‘%d’user_query = SELECT maildir, 800 AS uid, 800 AS gid FROM mailbox WHERE username = ‘%u'[root@mail dovecot]# /etc/init.d/dovecot restart[root@mail ~]# yum install telnet* -y[root@mail dovecot]# telnet localhost 110Trying ::1…Connected to localhost.Escape character is ‘^]’.+OK Dovecot ready.user weifang@extmail.org+OKpass weifang+OK Logged in.list+OK 0 messages:.
五、使用雷鸟客户端
在客户端安装thunderbird-17.0.2-1.el6.remi.x86_64设置账户就好了服务器[root@mail ~]# vim /etc/postfix/main.cfinet_interfaces = all为使功能健全,在/etc/rc.local 添加[root@localhost File-Tail-0.99.3]# vi /etc/rc.local/var/www/extsuite/extman/daemon/cmdserver &/usr/local/mailgraph_ext/mailgraph-init start[root@localhost ~]# chkconfig httpd on[root@localhost ~]# chkconfig mysqld on[root@mail ~]# chkconfig dovecot on
六、第二个周1、postfix升级
[root@mail postfix-2.11.0]# /etc/init.d/postfix stop[root@mail postfix-2.11.0]# yum install -y cyrus-sasl-*[root@mail postfix-2.11.0]# yum install openssl-devel.x86_64 -y[root@mail postfix-2.11.0]# yum install mysql-devel.x86_64 -y[root@mail postfix-2.11.0]# yum install db4-devel-4.7.25-17.el6.x86_64 -y[root@mail postfix-2.11.0]# make tidy[root@mail postfix-2.11.0]# make -f Makefile.init makefiles ‘CCARGS=-DHAS_MYSQL -I/usr/include/mysql -DUSE_SASL_AUTH -DUSE_CYRUS_SASL -I/usr/include/sasl -DUSE_TLS’ ‘AUXLIBS=-L/usr/lib64/mysql/ -lmysqlclient -lz -lm -L/usr/lib64 -lsasl2 -lssl -lcrypto'[root@mail postfix-2.11.0]# make upgrade[root@mail ~]# postconf mail_versionmail_version = 2.11.0查看版本[root@mail certs]# postconf -Acyrus[root@mail certs]# postconf -acyrusdovecot带上mysql[root@mail certs]# postconf -m
2、发信身份验证,使用统一密码
[root@mail ~]# yum localinstall -y cyrus-sasl-sql-2.1.23-13.el6.x86_64.rpm 注意版本
yum localinstall cyrus-sasl-sql-2.1.23-13.el6_3.1.x86_64.rpm[root@mail sasl2]# vim /etc/sasl2/smtpd.confpwcheck_method: auxpropauxprop_plugin: sqlmech_list: PLAIN LOGIN CRAM-MD5 DIGEST-MD5 NTLMsql_engine: mysqlsql_hostnames: 127.0.0.1sql_user: extmailsql_passwd: extmailsql_database: extmailsql_select: SELECT password FROM mailbox WHERE username = ‘%u@%r'[root@mail sasl2]# postconf -e smtpd_sasl_auth_enable=yes[root@mail sasl2]# postfix reload[root@mail sasl2]# perl -MMIME::Base64 -e ‘print encode_base64("\0weifang\@extmail.org\0weifang");’AHdlaWZhbmdAZXh0bWFpbC5vcmcAd2VpZmFuZw==[root@mail sasl2]# telnet localhost 25ehlo mail.extmail.orgauth plain AHdlaWZhbmdAZXh0bWFpbC5vcmcAd2VpZmFuZw==使用雷鸟outgoing server编辑connection noneauthentication password,transmitted insecurelyusername weifang@extmail.org之后,用户weifang@extmail.org发送邮件就会进行身份验证登录需要身份验证,发信也需要验证身份,防止身份伪造或者非邮箱本人发信
3、加密发送
[root@mail sasl2]# postconf -e smtpd_tls_auth_only=yes[root@mail sasl2]# postfix reload[root@mail sasl2]# telnet localhost 25ehlo localhost没有这个250-AUTH LOGIN CRAM-MD5 DIGEST-MD5 PLAIN改成no,就会有250-AUTH LOGIN CRAM-MD5 DIGEST-MD5 PLAIN[root@mail certs]# postconf -e smtpd_tls_auth_only=no[root@mail sasl2]# postconf -e smtpd_tls_security_level=may可以不加密发送就会多一条这个,表示开启TLS加密250-STARTTLS生成加密验证文件[root@mail sasl2]# cd /etc/pki/tls/certs/[root@mail certs]# make postfix.pemCountry Name (2 letter code) [XX]:CNState or Province Name (full name) []:shaanxiLocality Name (eg, city) [Default City]:xi’anOrganization Name (eg, company) [Default Company Ltd]:westosOrganizational Unit Name (eg, div) []:LINUXCommon Name (eg, your name or your server’s hostname) []:mail.extmail.orgEmail Address []:root@example.com[root@mail certs]# cp postfix.pem /etc/postfix/[root@mail certs]# postconf -d | grep ^smtpd_tls[root@mail certs]# postconf -e smtpd_tls_cert_file=/etc/postfix/postfix.pem[root@mail certs]# postconf -e ‘smtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_scache'[root@mail certs]# postconf -n加上这四条smtpd_tls_auth_only = nosmtpd_tls_cert_file = /etc/postfix/postfix.pemsmtpd_tls_security_level = maysmtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_scache这时,雷鸟设置outgoing为连接加密 connection STARTTLS 使用加密或者none不使用加密都可以正常发送认证方法 authentication normal password用户信息 username weifang@extmail.orgweifang发送邮件的话,需要确认网络环境安全,并得到验证文件,可以发送修改为强制加密[root@mail certs]# postconf -e smtpd_tls_security_level=encrypt[root@mail certs]# postconf -e smtpd_tls_auth_only=yes[root@mail certs]# postfix reload
如果不使用加密,就不能发送,这样就保证了安全连接加密 connection STARTTLS 使用加密认证方法 authentication normal password用户信息 username weifang@extmail.org
今天不想走,明天就要跑了。
