简介

安装环境：CENTOS 7.3 Mysql Nginx Postfix Dovecot
web 模块是最先需要确定的，因为它决定了邮箱系统最核心的数据结构，这里选用国产的 extmail，其他所有模块都按照 extmail 的结构进行配置修改。
如果在main.cf里设置virtual_transport = virtual，就表示对于包含在 virtual_mailbox_domains域名里的邮件，都使用 virtual 进行投递。
用户信息存储方式也有很多可选的，比如 mysql,ldap 等。这里选 mysql，原因是各个模块，包括 extmail 等对这个支持最好最方便最简单。在投递邮件的时候，需要确定一些数据，比如收件用户的 Maildir 的路径，保存邮件用的 uid，gid，邮箱容量等，这些数据需要 courier-authlib 来提供。
整个系统模块间的作用和关系是：
postfix 作为 MTA(Mail Transfer Agent), 负责创建 smtp 服务（smtpd）接收本域用户或其他域名服务器投递来的邮件，负责向其他服务器投递（发送）邮件，管理邮件队列；
courier-authlib 为 maildrop 提供与用户相关的信息查询；
dovecot 提供系统的 POP3 和 IMAP 服务，同时给 postfix 提供 SMTP 的 SASL 认证服务。

系统基础配置

创建邮箱存储目录 /var/mail，子目录结构为 ./[domain]/[username]

一、准备工作

关闭Selinux,关闭firewalld防火墙

由于CentOS7默认安装的是MariaDB，所以要添加MySQL的yum源，有些编译需要的devel包只有epel扩展源有，所以把epel源也一并添加。

wget http://dev.mysql.com/get/mysql-community-release-el7-5.noarch.rpm
rpm -ivh mysql-community-release-el7-5.noarch.rpm
wget http://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
rpm -ivh epel-release-latest-7.noarch.rpm

安装编译环境及其他所需要的包

yum install nginx vim gcc gcc-c++ openssl openssl-devel db4-devel ntpdate \
mysql mysql-devel mysql-server bzip2 php-mysql cyrus-sasl-md5 perl-GD perl-DBD-MySQL \
perl-GD perl-CPAN perl-CGI perl-CGI-Session cyrus-sasl-lib cyrus-sasl-plain cyrus-sasl \
cyrus-sasl-devel libtool-ltdl-devel telnet mail libicu-devel  -y

二、安装postfix

1.卸载系统自带的postfix，删除postfix用户，重新指定uid、gid创建新用户postfix，postdrop

yum remove postfix -y
userdel postfix
groupdel postdrop
groupadd -g 5000 postfix
useradd -g postfix -u 5000 -s /sbin/nologin -M postfix
groupadd -g 5001 postdrop
useradd -g postdrop -u 5001 -s /sbin/nologin -M postdrop

再把存放邮件目录授权给新建的用户

1 2	chown vmail:vmail /var/mail chmod 700 /var/mail

2.下载源码包并编译安装

wget ftp://ftp.cuhk.edu.hk/pub/packages/mail-server/postfix/official/postfix-3.3.2.tar.gz
tar xf postfix-3.3.2.tar.gz
cd postfix-3.3.2
make makefiles 'CCARGS=-DHAS_MYSQL -I/usr/include/mysql -DUSE_SASL_AUTH -DUSE_CYRUS_SASL -I/usr/include/sasl -DUSE_TLS ' \
'AUXLIBS=-L/usr/lib64/mysql -lmysqlclient -lz -lrt -lm -L/usr/lib64/sasl2 -lsasl2   -lssl -lcrypto'
make && make install

make install 的时候会有个交互式的界面，自定义一些目录，我们这里只更改第二项临时文件目录为 /tmp/extmail，其他的全部默认。
3.改目录的属主和属组

chown -R postfix:postdrop /var/spool/postfix
chown -R postfix:postdrop /var/lib/postfix/
chown root /var/spool/postfix
chown -R root /var/spool/postfix/pid

4.修改postfix的配置文件

1	vim /etc/postfix/main.cf

myhostname = mail.example.com        //设置主机名
mydomain = example.com        //指定域名
myorigin = $mydomain        //指明发件人所在的域名
inet_interfaces =         //all指定postfix系统监听的网络接口
mynetworks_style = host        //指定信任网段类型
mynetworks = 192.168.100.1/24, 127.0.0.0/8        //指定信任的客户端
relay_domains = $mydestination        //指定允许中转邮件的域名
alias_maps = hash:/etc/aliases        //设置邮件的别名

启动 postfix

1	systemctl start postfix

启动后注意查看 /var/log/maillog 里是否有错误消息

5.用 telnet 测试是否正常

Yum install telnet
Telnet 127.0.0.1 25
填写发件人 MAIL FROM:<test@domain.com>
填写收件人 RCPT TO:xxxx@163.com
写邮件内容 DATA 回车
- 输入标题 Subject: test message
- 写内容 test body
- 以 . 结束
- 若提示 250 2.0.0 Ok: queued as 88D6D32A94 则说明已发送

三、安装dovecot

1.安装 dovecot

1	yum install -y dovecot dovecot-mysql

2.配置 dovecot
cd /etc/dovecot

1	vim dovecot.conf

添加下面几行

protocols = imap pop3
!include conf.d/*.conf
Listen = * 
Base_dir = /var/run/dovecot/

3.设置认证方式
cd conf.d
vim 10-auth.conf
disable_plaintext_auth = no

4.设置邮件存放目录

1	vim 10-mail.conf

1
2
3

mail_location = maildir:~/Maildir
mail_location = maildir:/var/mail/%d/%n/Maildir
mail_privileged_group = mail

5.配置不启用SSL加密
vim 10-ssl.conf
ssl = no
6.配置dovecot日志
vim 10-logging.conf

1
2
3

log_path = /var/log/dovecot.log
info_log_path = /var/log/dovecot.info
log_timestamp = "%Y-%m-%d %H:%M:%S "

7.修改 mysql 认证

1 2	cp auth-sql.conf.ext auth-sql.conf Vim auth-sql.conf

passdb {  
  driver = sql  
  # Path for SQL configuration file, see example-config/dovecot-sql.conf.ext  
  args = /etc/dovecot/dovecot-mysql.conf}
userdb {  
  driver = sql  
  args = /etc/dovecot/dovecot-mysql.conf}

8.编辑 dovecot 通过 mysql 认证的配置文件

1	vim /etc/dovecot/dovecot-mysql.conf

driver = mysql
connect = host=localhost dbname=extmail user=extmail password=extmail
default_pass_scheme = CRYPT
password_query = SELECT username AS user,password AS password FROM mailbox WHERE username = '%u'
user_query = SELECT maildir, uidnumber AS uid, gidnumber AS gid FROM mailbox WHERE username = '%u'

四、安装 Courier-authlib

先下载courier-unicode-1.2并编译安装，否则编译会报如下错：
configure: error: The Courier Unicode Library 1.2 appears not to be installed. You may need to install a separate development subpackage, in addition to the main package

wget https://sourceforge.net/projects/courier/files/courier-unicode/1.2/courier-unicode-1.2.tar.bz2
tar xf courier-unicode-1.2.tar.bz2 
cd courier-unicode-1.2
./configure
make && make install

1.下载courier-authlib解压并编译

1 2	wget https://sourceforge.net/projects/courier/files/authlib/0.66.2/courier-authlib-0.66.2.tar.bz2 && tar xf courier-authlib-0.66.2.tar.bz2

编译：

./configure \
--prefix=/usr/local/courier-authlib \
    --sysconfdir=/etc \
	--without-authpam \
	--without-authshadow \
	--without-authvchkpw \
	--without-authpgsql \
	--with-authmysql \
	--with-mysql-libs=/usr/lib64/mysql \
	--with-mysql-includes=/usr/include/mysql \
	--with-redhat \
	--with-authmysqlrc=/etc/authmysqlrc \
	--with-authdaemonrc=/etc/authdaemonrc \
	--with-mailuser=postfix

安装：

1	Make && make install

2.配置
chmod 755 /usr/local/courier-authlib/var/spool/authdaemon

1 2	cp /etc/authdaemonrc.dist /etc/authdaemonrc cp /etc/authmysqlrc.dist /etc/authmysqlrc

设置 Sql 模式

1	vim /etc/authdaemonrc

1 2	authmodulelist="authmysql" authmodulelistorig="authmysql"

配置 MySQL 参数

1	vim /etc/authmysqlrc

MYSQL_SERVER            localhost
MYSQL_USERNAME          extmail
MYSQL_PASSWORD          extmail
MYSQL_SOCKET            /var/lib/mysql/mysql.sock
MYSQL_PORT               3306
MYSQL_DATABASE          extmail
MYSQL_USER_TABLE        mailbox
MYSQL_CRYPT_PWFIELD     password
DEFAULT_DOMAIN          test.com
MYSQL_UID_FIELD         '5000'
MYSQL_GID_FIELD         '5000'
MYSQL_LOGIN_FIELD       username
MYSQL_HOME_FIELD        concat('/var/mailbox/',homedir)
MYSQL_NAME_FIELD        name
MYSQL_MAILDIR_FIELD     concat('/var/mailbox/',maildir)

3.Courier-authlib添加服务启动脚本及启动服务：

[root@localhost  courier-authlib-0.66.2]# cp courier-authlib.sysvinit /etc/init.d/courier-authlib
[root@localhost  courier-authlib-0.66.2]# chmod +x /etc/init.d/courier-authlib
[root@localhost  courier-authlib-0.66.2]# chkconfig --add courier-authlib
[root@localhost  courier-authlib-0.66.2]# chkconfig courier-authlib on
[root@localhost  courier-authlib-0.66.2]# echo "/usr/local/courier-authlib/lib/courier-authlib" >> /etc/ld.so.conf.d/courier-authlib.conf
[root@localhost  courier-authlib-0.66.1]# ldconfig

1	service courier-authlib start

smtp以及虚拟用户相关的设置：
vim /usr/lib64/sasl2/smtpd.conf //文件不存在，需要创建

pwcheck_method: authdaemond
log_level: 3
mech_list: PLAIN LOGIN
authdaemond_path:/usr/local/courier-authlib/var/spool/authdaemon/socket

vim /etc/postfix/main.cf

##postfix支持SMTP##
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = ''
smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination
broken_sasl_auth_clients=yes
smtpd_client_restrictions = permit_sasl_authenticated
smtpd_sasl_security_options = noanonymous
##postfix支持虚拟用户##
virtual_mailbox_base = /var/mailbox
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf   //这里的配置文件需在后面extman
里复制过来
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_alias_domains =
virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
virtual_transport = virtual

五、安装extmail

extmail 和 extman 可到官网[http://www.extmail.org/download]自行下载
1.创建目录并解压
mkdir -p /var/www/extsuite
tar xf extmail-1.2.tar.gz -C /var/www/extsuite/
mv /var/www/extsuite/extmail-1.2/ /var/www/extsuite/extmail

2.更改extmail的配置文件
cd /var/www/extsuite/extmail

1	cp webmail.cf.default webmail.cf

编辑配置文件：Vim webmail.conf

SYS_SESS_DIR = /tmp/extmail                 //更改属组为postfix
SYS_UPLOAD_TMPDIR = /tmp/extmail/upload   //需要使用 mkdir 创建
SYS_USER_LANG = zh_CN
SYS_MIN_PASS_LEN = 8
SYS_MAILDIR_BASE = /var/mailbox
SYS_MYSQL_USER = extmail
SYS_MYSQL_PASS = extmail
SYS_MYSQL_DB = extmail
SYS_MYSQL_HOST = localhost
SYS_MYSQL_SOCKET = /var/lib/mysql/mysql.sock
SYS_MYSQL_TABLE = mailbox
SYS_MYSQL_ATTR_USERNAME = username
SYS_MYSQL_ATTR_DOMAIN = domain
SYS_MYSQL_ATTR_PASSWD = password
SYS_AUTHLIB_SOCKET = /usr/local/courier-authlib/var/spool/authdaemon/socket

3.建立临时文件目录与session目录
mkdir -p /tmp/extmail/upload
chown -R postfix.postfix /tmp/extmail/

六、安装extman

解压extman
tar xf extman-1.1.tar.gz -C /var/www/extsuite/
cd /var/www/extsuite/
mv extman-1.1/ extman
更改 extman 配置
cd extman
1
cp webman.cf.default webman.cf
更改cgi目录属主属组
chown -R postfix.postfix /var/www/extsuite/extman/cgi/
chown -R postfix.postfix /var/www/extsuite/extmail/cgi/

导入数据库
由于数据库不能识别TYPE= MyISAM ，所以这里直接导入会出错，先编辑extmail.sql数据库文件，将TYPE=MyISAM更改为ENGINE=MyISAM

docs/extmail.sql

1	:% s/TYPE/ENGINE/g

再需要修改my.cnf配置文件

1
2

vim /etc/my.cnf
#sql_mode=NO_ENGINE_SUBSTITUTION,STRICT_TRANS_TABLES   //将这行注视掉，重启mysql，需要注意等数据库导入成功后，这项是不可以去掉注释的，不然mysql就启动不了。

1 2	mysql -uroot < extman/docs/extmail.sql mysql -uroot < extman/docs/init.sql

创建数据库用户 extmail 并授予权限

1 2	mysql> GRANT ALL ON extmail.* to extmail@'localhost' identified by 'extmail'; mysql> FLUSH PRIVILEGES;

复制配置文件

1 2	cd /var/www/extsuite/extman/docs/ cp mysql_virtual_* /etc/postfix/

为extman创建临时目录：

1 2	mkdir /tmp/extman chown -R postfix.postfix /tmp/extman/

测试虚拟用户
/usr/local/courier-authlib/sbin/authtest -s login postmaster@extmail.org extmail

Authentication succeeded.                //显示这个表示成功，测试时使用的是postmaster@extmail.org，因为我们导入的数据库init.sql里面自带了这个。
Authenticated: postmaster@extmail.org  (uid 5000, gid 5000)
Home Directory: /var/mailbox/extmail.org/postmaster  //这里需要注意/var/mailbox这个目录现在我们还没有创建，后面web访问的时候如果没有会报错,所以提前创建。
                   Maildir: /var/mailbox/extmail.org/postmaster/Maildir/
                   Quota: (none)
           Encrypted Password: $1$phz1mRrj$3ok6BjeaoJYWDBsEPZb5C0
               Cleartext Password: extmail
                   Options: (none)

测试smtp发信：

[root@localhost ~]# printf   "postmaster@extmail.org" | openssl base64
cG9zdG1hc3RlckBleHRtYWlsLm9yZw==
[root@localhost ~]#  printf   "extmail" | openssl base64
ZXh0bWFpbA==
[root@localhost ~]# telnet localhost 25
Trying ::1...
telnet: connect to address ::1: Connection refused
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 mail.daen.com ESMTP Postfix
auth login
334 VXNlcm5hbWU6
cG9zdG1hc3RlckBleHRtYWlsLm9yZw==
334 UGFzc3dvcmQ6
ZXh0bWFpbA==
235 2.7.0 Authentication successful     //成功
quit
221 2.0.0 Bye
Connection closed by foreign host.

七、启动nginx实现web访问

Nginx本身并不能解析cgi，extmail 自带了解析 cgi 的程序，但是有些地方需要修改下：

1
2
3

[root@localhost ~]# vim /var/www/extsuite/extmail/dispatch-init
SU_UID=postfix
SU_GID=postfix

启动dispatch-init：

[root@localhost ~]# /var/www/extsuite/extmail/dispatch-init start
Starting extmail FCGI server...
[root@localhost ~]# /var/www/extsuite/extman/daemon/cmdserver -v -d 
loaded ok

添加nginx虚拟主机：
vim /etc/nginx/conf.d/extmail.conf

server {
   listen       8080;
   server_name  mail.example.com;
   index index.html index.htm index.php index.cgi;
   root  /var/www/extsuite/extmail/html/;
   location /extmail/cgi/ {
             fastcgi_pass          127.0.0.1:8888;
             fastcgi_index         index.cgi;
             fastcgi_param  SCRIPT_FILENAME   /var/www/extsuite/extmail/cgi/$fastcgi_script_name;
             include               fcgi.conf;
        }
        location  /extmail/  {
             alias  /var/www/extsuite/extmail/html/;
        }
        location /extman/cgi/ {
             fastcgi_pass          127.0.0.1:8888;
             fastcgi_index         index.cgi;
             fastcgi_param  SCRIPT_FILENAME   /var/www/extsuite/extman/cgi/$fastcgi_script_name;
             include            fcgi.conf;
        }
        location /extman/ {
             alias  /var/www/extsuite/extman/html/;
        }
      access_log  /var/log/extmail_access.log;
}

创建fcgi.conf文件：
vim /etc/nginx/fcgi.conf

fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
fastcgi_param  SERVER_SOFTWARE    nginx;
fastcgi_param  QUERY_STRING       $query_string;
fastcgi_param  REQUEST_METHOD     $request_method;
fastcgi_param  CONTENT_TYPE       $content_type;
fastcgi_param  CONTENT_LENGTH     $content_length;
fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
fastcgi_param  REQUEST_URI        $request_uri;
fastcgi_param  DOCUMENT_ROOT      $document_root;
fastcgi_param  SERVER_PROTOCOL    $server_protocol;
fastcgi_param  REMOTE_ADDR        $remote_addr;
fastcgi_param  REMOTE_PORT        $remote_port;
fastcgi_param  SERVER_ADDR        $server_addr;
fastcgi_param  SERVER_PORT        $server_port;
fastcgi_param  SERVER_NAME        $server_name;

安装Unix::Syslog：否则打开页面会无法显示提示需要安装Unix::Syslog

[root@localhost ~]# cd /usr/local/src/
[root@localhost /usr/local/src]# wget http://www.cpan.org/authors/id/M/MH/MHARNISCH/Unix-Syslog-1.1.tar.gz
[root@localhost /usr/local/src]# tar zxvf Unix-Syslog-1.1.tar.gz 
[root@localhost /usr/local/src]# cd Unix-Syslog-1.1
[root@localhost /usr/local/src/Unix-Syslog-1.1]# perl Makefile.PL
[root@localhost /usr/local/src/Unix-Syslog-1.1]# make && make install

启动nginx，访问服务器IP的8080端口即可

extman的登录账户为root@extmail.org密码为extmail*123*，首次使用需要先添加域，添加之后再修改域。
然后整个Web页面可以针对性的修改，作自由定制的登陆界面和自定义Logo.

Good Luck! And have fun!

share something

CentOS 7 基于 Postfix Dovecot Extmail 搭建邮件服务器

简介