Postfix 电子邮件系统精要(1)(6)
这是邮件系统的核心部分,因此安装和配置是比较复杂的,特别是做配置时要格外小心,有时还需要反复修改,反复测试。
(1)安装postfix.
[root@mailserv2 ~]# cd
[root@mailserv2 ~]# tar zxvf postfix-2.2.11.tar.gz
[root@mailserv2 ~]# cd postfix-2.2.11
[root@mailserv2 postfix-2.2.11]# make -f Makefile.init makefiles 'CCARGS=-DHAS_MYSQL -I/usr/local/mysql/include/mysql -DUSE_SASL_AUTH -I/usr/local/include/sasl' 'AUXLIBS=-L/usr/local/mysql/lib/mysql -lmysqlclient -lz -lm -L/usr/local/lib -lsasl2'
如果没有意外,make这一步很快就执行完了,接下来就是安装,使用的命令是:
[root@mailserv2 postfix-2.2.11]# make install
程序先自动执行一阵子,然后会进入交互状态,等待用户的输入,一般情况下,一路回车即可完成所有的安装。
(2)配置postfix。Postfix有本身有2个需要修改的配置文件/etc/postfix/main.cf和/etc/postfix/master.cf,因为我们要用mysql虚拟帐号,因此需要手动加一些配置文件,下面挨个来做这些配置。
①main.cf。这个文件有很多行注释,察看起来不是很方便,先用命令 [root@mailserv2 postfix]# sed -n '/^#/!p' /etc/postfix/main.cf > /etc/postfix/main.cf.new 去掉注释行并生成新文件/etc/postfix/main.cf.new,然后再把它覆盖到 /etc/postfix/main.cf (cp /etc/postfix/main.cf.new /etc/postfix/main.cf)。修改后的文件如下所示:
[root@mailserv2 postfix]# more main.cf
|
config_directory = /etc/postfix readme_directory = no sample_directory = /etc/postfix sendmail_path = /usr/sbin/sendmail html_directory = no setgid_group = postdrop command_directory = /usr/sbin manpage_directory = /usr/local/man daemon_directory = /usr/libexec/postfix newaliases_path = /usr/bin/newaliases mailq_path = /usr/bin/mailq queue_directory = /var/spool/postfix mail_owner = postfix ########################################################### content_filter = smtp-amavis:[127.0.0.1]:10024 max_use = 10
#=====================BASE========================= myhostname = mail2.sery.com mydomain = mail.sery.com myorigin = $mydomain mydestination = $myhostname localhost localhost.$mydomain mynetworks = 127.0.0.0/8 220.94.159.0/24 inet_interfaces = all
#=====================Vritual Mailbox settings====================== virtual_mailbox_base = /var/mailbox virtual_mailbox_maps = mysql:/etc/postfix/mysql/mysql_virtual_mailbox_maps.cf virtual_mailbox_domains = mysql:/etc/postfix/mysql/mysql_virtual_domains_maps.cf virtual_alias_maps = mysql:/etc/postfix/mysql/mysql_virtual_alias_maps.cf virtual_uid_maps = static:1001 virtual_gid_maps = static:1001 virtual_transport = maildrop maildrop_destination_recipient_limit = 1 maildrop_destination_concurrency_limit = 1
#====================QUOTA======================== message_size_limit = 14336000 virtual_mailbox_limit = 20971520 virtual_create_maildirsize = yes virtual_mailbox_extended = yes virtual_mailbox_limit_maps = mysql:/etc/postfix/mysql/mysql_virtual_mailbox_limit_maps.cf virtual_mailbox_limit_override = yes virtual_maildir_limit_message = Sorry, the user's maildir has overdrawn his diskspace quota, please try again later. virtual_overquota_bounce = yes
#====================SASL======================== broken_sasl_auth_clients = yes smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_invalid_hostname, reject_non_fqdn_hostname, reject_unknown_sender_domain, reject_non_fqdn_sender,reject_non_fqdn_recipient, reject_unknown_recipient_domain,reject_unauth_pipelining, reject_unauth_destination, permit smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = smtpd_sasl_security_options = noanonymous smtpd_sasl_application_name = smtpd smtpd_banner=$myhostname ESMTP "Version not Available"
alias_maps = hash:/etc/aliases unknown_local_recipient_reject_code = 450 |
上述配置中,需要特别注意的是mydomain和myhostname,这2个项的值不要设置成一样,否则postfix将不能正确启动。第2个要注意的地方是 virtual_uid_maps及virtual_gid_maps的值,它是vmail用户的uid和vmail组的gid,与前面的文件/usr/local/authlib/etc/authlib/authmysqlrc的"MYSQL_UID_FIELD""MYSQL_GID_FIELD"一定要保持一致,本案的uid和gid都是1001.任何情况下,通过执行
|
root@mailserv2 postfix]# id vmail uid=1001(vmail) gid=1001(vmail) groups=1001(vmail) |
察看uid和gid。"content_filter = smtp-amavis:[127.0.0.1]:10024"这一行是防病毒和反垃圾邮件用的,稍后再做说明。
②创建目录/etc/postfix/mysql,然后手动创建四个配置文件:mysql_virtual_alias_maps.cf,mysql_virtual_domains_maps.cf,mysql_virtual_mailbox_limit_maps.cf,mysql_virtual_mailbox_maps.cf。这4个文件的内容分别如下:
|
[root@mailserv2 mysql]# more mysql_virtual_alias_maps.cf user = postfix password = postfix hosts = localhost dbname = postfix table = alias select_field = goto where_field = address [root@mailserv2 mysql]# more mysql_virtual_domains_maps.cf user = postfix password = postfix hosts = localhost dbname = postfix table = domain select_field = description where_field = domain [root@mailserv2 mysql]# more mysql_virtual_mailbox_limit_maps.cf user = postfix password = postfix hosts = localhost dbname = postfix table = mailbox select_field = quota where_field = username [root@mailserv2 mysql]# more mysql_virtual_mailbox_maps.cf user = postfix password = postfix hosts = localhost dbname = postfix table = mailbox select_field = maildir where_field = username |
另外一个配置文件是/etc/postfix/master.cf,由于需要修改的地方不是很多,可以先在这里把它配置好。
|
[root@mailserv2 postfix]# more master.cf # # Postfix master process configuration file. For details on the format # of the file, see the Postfix master(5) manual page. # # ========================================================================== # service type private unpriv chroot wakeup maxproc command + args # (yes) (yes) (yes) (never) (100) # ========================================================================== smtp inet n - n - - smtpd #submission inet n - n - - smtpd # -o smtpd_etrn_restrictions=reject # -o smtpd_client_restrictions=permit_sasl_authenticated,reject #smtps inet n - n - - smtpd # -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes #submission inet n - n - - smtpd # -o smtpd_etrn_restrictions=reject # -o smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes #628 inet n - n - - qmqpd pickup fifo n - n 60 1 pickup cleanup unix n - n - 0 cleanup qmgr fifo n - n 300 1 qmgr #qmgr fifo n - n 300 1 oqmgr tlsmgr unix - - n 1000? 1 tlsmgr rewrite unix - - n - - trivial-rewrite bounce unix - - n - 0 bounce defer unix - - n - 0 bounce trace unix - - n - 0 bounce verify unix - - n - 1 verify flush unix n - n 1000? 0 flush proxymap unix - - n - - proxymap smtp unix - - n - - smtp # When relaying mail as backup MX, disable fallback_relay to avoid MX loops relay unix - - n - - smtp -o fallback_relay= # -o smtp_helo_timeout=5 -o smtp_connect_timeout=5 showq unix n - n - - showq error unix - - n - - error discard unix - - n - - discard local unix - n n - - local virtual unix - n n - - virtual lmtp unix - - n - - lmtp anvil unix - - n - 1 anvil scache unix - - n - 1 scache # # ==================================================================== # Interfaces to non-Postfix software. Be sure to examine the manual # pages of the non-Postfix software to find out what options it wants. # # Many of the following services use the Postfix pipe(8) delivery # agent. See the pipe(8) man page for information about ${recipient} # and other message envelope options. # ==================================================================== # # maildrop. See the Postfix MAILDROP_README file for details. # Also specify in main.cf: maildrop_destination_recipient_limit=1 # maildrop unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/usr/local/maildrop/bin/maildrop -d ${recipient} # # The Cyrus deliver program has changed incompatibly, multiple times. # old-cyrus unix - n n - - pipe flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user} # Cyrus # Also specify in main.cf: cyrus_destination_recipient_limit=1 cyrus unix - n n - - pipe user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user} # # See the Postfix UUCP_README file for configuration details. # uucp unix - n n - - pipe flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient) # # Other external delivery methods. # ifmail unix - n n - - pipe flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) bsmtp unix - n n - - pipe flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient ############################################################################# # antispam # ############################################################################# smtp-amavis unix - - n - 2 smtp -o smtp_data_done_timeout=1200 -o smtp_send_xforward_command=yes -o disable_dns_lookups=yes localhost:10025 inet n - n - - smtpd -o content_filter= -o local_recipient_maps= -o relay_recipient_maps= -o mynetworks=127.0.0.0/8 -o smtpd_helo_restrictions= -o smtpd_client_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o strict_rfc821_envelopes=yes -o smtpd_error_sleep_time=0 -o smtpd_soft_error_limit=1001 -o smtpd_hard_error_limit=1000 |
这个配置文件,"flags=DRhu user=vmail:vmail argv=/usr/local/maildrop/bin/maildrop -d ${recipient}"是修改过的,flags前面必须有2个空格,这点值得注意。至于"argv=/usr/local/maildrop/bin/maildrop"则是maildrop安装的路径及maildrop二进制执行文件的位置,当我们安装maildrop文件时,一定要和这个位置相一致。文件从注释框 "antispam"后的一部分内容,是过滤垃圾邮件用的。
到这里,postfix的配置文件基本上算配好了,但是其它相依赖的软件还没有安装和配置好,因此不能运行和测试postfix,等所有的相关软件安装和配置正确后再进行这个步骤。
评论暂时关闭