前言:
Linux 的 Mail Server 中,比較有名的不外乎就是 Sendmail 和 Postfix。 Sendmail 是一個不錯的 MTA Server,但還是有些缺點,像是程式漏洞造成的安全性問題,因程式過於肥大而造成效能上的問題。而 Postfix 是一套比 Sendmail 更容易安裝、設定調整的 Mail Server,在設計上和 Sendmail 是相容的。在安全性上也比 Sendmail 來的好很多,也能擋掉許多 Sendmail 無法過濾的廣告信。在 Centos 6.x 預設的 mail server 已經從 Sendmail 改為 Postfix。
環境:
Centos 5.7 64位元
postfix-2.3.3-2.3.centos.mysql_pgsql
dovecot-1.2.17-2.el5.x86_64.rpm
dovecot-mysql-1.2.17-2.el5.x86_64.rpm
postfixadmin-2.3.5
內容:
一、 Postfix 和 Dovecot 安裝
二、 MySQL 配置
三、 PostfixAdmin 配置
四、 Poxtfix的main.cf配置
五、 Dovecot的配置
六、 資料庫連接設定
七、 Quota Table
八、 啟動和測試
九、 TLS(SSL)加密
十、 實地測試信件收發
十一、 debug處理
十二、 相關設定檔參考
十三、 參考資料
設定:
一、 Postfix 和 Dovecot 安裝
1. 更新和安裝 Apache、PHP、MySQL相關套件
[root@localhost ~]# yum install httpd mysql-server php php-mbstring php-imap php-mysql |
2. Postfix 和 Dovecot 配置
由於預設yum安裝的Postfix,是不支援MySQL的。因此要修改來源,使其能安裝到有支援MySQL的Postfix。
Dovecot在Linux/UNIX 系統中為IMAP server。包含一個小型的POP3 server,且支持maildir 或 mbox的郵件格式
2.1 修改yum來源
請修改[base] [updates] [centosplus] 添加修改黃色字體的部份
[root@localhost ~]# vim /etc/yum.repos.d/CentOS-Base.repo
[base] name=CentOS-$releasever – Base mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os #baseurl=http://mirror.centos.org/centos/$releasever/os/$basearch/ gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5 exclude=postfix-*
#released updates [updates] name=CentOS-$releasever – Updates mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=updates #baseurl=http://mirror.centos.org/centos/$releasever/updates/$basearch/ gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5 exclude=postfix-*
[centosplus] name=CentOS-$releasever – Plus mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=centosplus #baseurl=http://mirror.centos.org/centos/$releasever/centosplus/$basearch/ gpgcheck=1 enabled=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5 includepkgs=postfix-* |
2.2 安裝 Postfix 和 Dovecot
如果有設定成功 在安裝時會看到 Postfix 安裝 2:2.3.3-2.3.centos.mysql_pgsql 的版本
[root@localhost ~]# yum install postfix dovecot
Dependencies Resolved ================================================================================= Package Arch Versio Repository Size ================================================================================= Installing: postfix x86_64 2:2.3.3-2.3.centos.mysql_pgsql centosplus 3.8 M Updating: dovecot x86_64 1.0.7-7.el5_7.1 base 1.7 M Installing for dependencies: postgresql x86_64 8.1.23-1.el5_7.3 base 2.9 M
Transaction Summary ================================================================================= Install 2 Package(s) Upgrade 1 Package(s) |
2.3 查看Postfix是否有支援MySQL
如果有看到mysql的話就表示有安裝成功
[root@localhost ~]# postconf -m
btree cidr environ hash ldap mysql nis pcre pgsql proxy regexp static unix |
2.4 查看Postfix是否有通過Dovecot的認證
[root@localhost ~]# postconf -a
cyrus dovecot |
2.5 Upgrade Dovecot
由於在dovecot-1.0.7-7.el5_7.1這一版的dovecot有一些bug,如果覺得沒關係的話可跳過此步。若想升級請參考下面步驟。dovecot載點請參考 這邊 或 本站載點
[root@localhost ~]# yum remove dovecot
[root@localhost ~]# cd /tmp [root@localhost ~]# wget http://centos.alt.ru/repository/centos/5/x86_64/dovecot-1.2.17-2.el5.x86_64.rpm [root@localhost ~]# wget http://centos.alt.ru/repository/centos/5/x86_64/dovecot-mysql-1.2.17-2.el5.x86_64.rpm [root@localhost ~]# wget http://centos.alt.ru/repository/centos/5/x86_64/dovecot-devel-1.2.17-2.el5.x86_64.rpm [root@localhost ~]# wget http://centos.alt.ru/repository/centos/5/x86_64/dovecot-pgsql-1.2.17-2.el5.x86_64.rpm [root@localhost ~]# wget http://centos.alt.ru/repository/centos/5/x86_64/dovecot-pigeonhole-1.2.17-2.el5.x86_64.rpm [root@localhost ~]# rpm -Uvh dovecot-1.2.17-2.el5.x86_64.rpm [root@localhost ~]# rpm -Uvh dovecot-mysql-1.2.17-2.el5.x86_64.rpm [root@localhost ~]# rpm -Uvh dovecot-devel-1.2.17-2.el5.x86_64.rpm [root@localhost ~]# rpm -Uvh dovecot-pgsql-1.2.17-2.el5.x86_64.rpm [root@localhost ~]# rpm -Uvh dovecot-pigeonhole-1.2.17-2.el5.x86_64.rpm |
2.6 刪除sendmail
[root@localhost ~]# /etc/init.d/sendmail stop
[root@localhost ~]# yum remove sendmail |
二、 MySQL 配置
1. MySQL 初始化設定
初始化設定主要用途為優化資料庫的設定,減少不必要的東西。
[root@localhost ~]# /etc/init.d/mysqld start
[root@localhost ~]# chkconfig mysqld on [root@localhost ~]# /usr/bin/mysql_secure_installation NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MySQL SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!
In order to log into MySQL to secure it, we’ll need the current password for the root user. If you’ve just installed MySQL, and you haven’t set the root password yet, the password will be blank, so you should just press enter here.
Enter current password for root (enter for none): #如果還沒設過密碼請按ENTER OK, successfully used password, moving on…
Setting the root password ensures that nobody can log into the MySQL root user without the proper authorisation.
You already have a root password set, so you can safely answer ‘n’.
Change the root password? [Y/n] y #詢問是否要更改密碼 New password: #輸入新密碼 Re-enter new password: #確認新密碼 Password updated successfully! Reloading privilege tables.. … Success!
By default, a MySQL installation has an anonymous user, allowing anyone to log into MySQL without having to have a user account created for them. This is intended only for testing, and to make the installation go a bit smoother. You should remove them before moving into a production environment.
Remove anonymous users? [Y/n] y #詢問是否刪除匿名USER … Success!
Normally, root should only be allowed to connect from ‘localhost’. This ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n] y #詢問MySQL是否只給本機連結 … Success!
By default, MySQL comes with a database named ‘test’ that anyone can access. This is also intended only for testing, and should be removed before moving into a production environment.
Remove test database and access to it? [Y/n] y #詢問是否要刪除TEST資料庫 - Dropping test database… … Success! - Removing privileges on test database… … Success!
Reloading the privilege tables will ensure that all changes made so far will take effect immediately.
Reload privilege tables now? [Y/n] y #是否要現在刷新權限 … Success!
Cleaning up…
All done! If you’ve completed all of the above steps, your MySQL installation should now be secure.
Thanks for using MySQL! [root@localhost ~]# /etc/init.d/mysqld restart |
2. 建立郵件資料庫
建立一個mail資料庫給Postfix使用
mail_admin : 請設定mail此資料庫的帳號
PASSWORD : 請設定mail此資訊庫的密碼
[root@localhost ~]# mysql -uroot -p123456
mysql> CREATE DATABASE mail; mysql> GRANT ALL ON mail.* TO ‘mail_admin‘@’localhost’ IDENTIFIED BY ‘PASSWORD‘; mysql> FLUSH PRIVILEGES; mysql> quit; |
三、 PostfixAdmin 配置
1. 下載安裝PostfixAdmin
postfixadmin-2.3.5 下載頁 或 本站下載ˇ
[root@localhost ~]# cd /tmp
[root@localhost ~]# wget http://sourceforge.net/projects/postfixadmin/files/latest/download?source=directory [root@localhost ~]# tar -zxvpf postfixadmin-2.3.5.tar.gz [root@localhost ~]# mv postfixadmin-2.3.5 /var/www/html/postfixadmin |
2. 修改Apache的conf.d
把 PostfixAdmin 加入如此一來就可不分大小寫也能找到 PostfixAdmin。
[root@localhost ~]# vim /etc/httpd/conf.d/postfixadmin.conf
# Web application to manage Postfix email server
<Directory “/var/www/html/postfixadmin”> Order Allow,Deny Allow from all </Directory>
Alias /postfixadmin /var/www/html/postfixadmin Alias /PostFixAdmin /var/www/html/postfixadmin Alias /PostfixAdmin /var/www/html/postfixadmin |
3. 啟動Apache並設定開機啟動
[root@localhost ~]# /etc/init.d/httpd start
[root@localhost ~]# chkconfig httpd on |
若要查看該網頁,請輸入http://IP或domain/postfixadmin
4. 查看是否能連線
連接到http://IP或domain/postfixadmin,會看到下圖,有興趣的可以點選INSTALL.txt查看設定說明。若不想看的可接著下面的設定做就行了。
5. 修改PostfixAdmin設定檔
5.1 修改configured參數,使其能使用PostfixAdmin
[root@localhost ~]# vim /var/www/html/postfixadmin/config.inc.php
#修改前 $CONF['configured'] =false; #修改後 $CONF['configured'] =true; |
5.2 修改資料庫參數
資料庫的user和password請依個人設定做修改。
請對應到「3.1 MySQL 初始化設定」所做的設定
若安裝的為Centos5.5以上的MySQL應該為version 5,因此這邊設定為mysqli效能會比較好
[root@localhost ~]# vim /var/www/html/postfixadmin/config.inc.php
#修改前 $CONF['database_type'] = ‘mysql’; $CONF['database_host'] = ‘localhost’; $CONF['database_user'] = ‘postfix’; $CONF['database_password'] = ‘postfixadmin’; $CONF['database_name'] = ‘postfix’;
#修改後 $CONF['database_type'] = ’mysqli‘; $CONF['database_host'] = ‘localhost’; $CONF['database_user'] = ’postfix‘; $CONF['database_password'] = ’123456‘; $CONF['database_name'] = ’mail‘; |
5.3 設定PostfixAdmin的歡迎MAIL的地址
[root@localhost ~]# vim /var/www/html/postfixadmin/config.inc.php
#修改前 $CONF['admin_email'] = ‘postmaster@change-this-to-your.domain.tld’; #修改後 $CONF['admin_email'] = ‘postmaster@faq-test.tk‘; |
5.4 設定PostfixAdmin使用Dovecot的CRAM-MD5加密方式
[root@localhost ~]# vim /var/www/html/postfixadmin/config.inc.php
#修改前 $CONF['encrypt'] = ‘md5crypt’; #修改後 $CONF['encrypt'] = ‘dovecot:CRAM-MD5‘; |
5.5 設定預設語系
[root@localhost ~]# vim /var/www/html/postfixadmin/config.inc.php
#修改前 $CONF['default_language'] = ‘en’; #修改後 $CONF['default_language'] = ’cn‘; |
5.6 修改虛擬用戶存放的路徑的方式
[root@localhost ~]# vim /var/www/html/postfixadmin/config.inc.php
#修改前 $CONF['domain_path'] = ‘NO’; $CONF['domain_in_mailbox'] = ‘YES’; #修改後 $CONF['domain_path'] = ’YES‘; $CONF['domain_in_mailbox'] = ’NO‘; |
5.7 修改PostfixAdmin建立網域時所給的限制
[root@localhost ~]# vim /var/www/html/postfixadmin/config.inc.php
#修改前 $CONF['aliases'] = ’10′; $CONF['mailboxes'] = ’10′; $CONF['maxquota'] = ’10′;
#修改後 $CONF['aliases'] = ’100‘; #設定一個網域的別名數 $CONF['mailboxes'] = ’100‘; #設定一個網域信箱數量 $CONF['maxquota'] = ’50000‘; #設定一個網域整個信箱最大容量限制 MB |
5.8 是否提供Webmail使用。
若是不想給Webmail使用的話請把YES改為NO
Webmail 有下面這些SquirrelMail、Roundcube或到Postfix官網也有介紹
[root@localhost ~]# vim /var/www/html/postfixadmin/config.inc.php
$CONF['fetchmail'] = ‘YES‘; |
5.9 設定硬碟空間配額。若不想設定可跳過。
[root@localhost ~]# vim /var/www/html/postfixadmin/config.inc.php
#修改前 $CONF['quota'] = ‘NO’; $CONF['used_quotas'] = ‘NO’; $CONF['new_quota_table'] = ‘NO’;
#修改後 $CONF['quota'] = ’YES‘; #可使用配額 $CONF['used_quotas'] = ’YES‘; #在PostfixAdmin顯示使用量 $CONF['new_quota_table'] = ’YES‘; #若在上面有把Dovecot升級,就可使用新的配額表 |
6 PostfixAdmin安裝設定
6.1 測試config.inc.php是否正確
先登入到PostfixAdmin的安裝頁面http://IP或domain/postfixadmin/setup.php
PostfixAdmin會檢查看看config.inc.php設定有沒有問題。如果有錯他會顯示出來,然後在到config.inc.php修改。
6.2 設定密碼
登入到PostfixAdmin的安裝頁面 http://IP或domain/postfixadmin/setup.php
請輸入所要設定的密碼,然後按下「Generate password hash」
此時會出現一行亂數,且提示要你到「config.inc.php」 「$CONF['setup_password'] =」把這行亂數加入
[root@localhost ~]# vim /var/www/html/postfixadmin/config.inc.php
#修改前 $CONF['setup_password'] = ‘changeme’; #修改後 $CONF['setup_password'] = ‘899cdb7e38fc0c6b13bbc282165683fe:b17944045ffd005187beb093bdf87fbf2a0537dd‘; |
6.3 創立管理帳號
登入到PostfixAdmin的安裝頁面 http://IP或domain/postfixadmin/setup.php
Setup password : 請輸入剛剛所設定的密碼
Admin : 請設定帳號(此帳號需要為mail的格式)
Password: 請輸入此帳號所要設定的密碼
Password (again) : 再輸入一次密碼
設定完成後按下Add Admin
若看到下圖提式就表示創立帳號成功
6.4 測試是否能登入
http://IP或domain/postfixadmin 若是能登入就表示設定正確
6.5安全性設定
如果在創立帳號後確定不會在建立管理員帳號的話,可以考慮把setup.php刪除(依個人情況設定)
[root@localhost ~]# cd /var/www/html/postfixadmin/
[root@localhost ~]# rm -rf setup.php |
四、 Poxtfix的main.cf配置
1. 創建一個用戶帳號
提供Poxtfix和dovecot設定使用,不提供登入主機的權限
[root@localhost ~]# useradd -u 5000 -d /var/mail/vhosts/ -m -s /sbin/nologin vmail |
2. Poxtfix的main.cf配置
2.1 main.cf基本配置
有關基本的配置方式可參考 Postfix Basic Configuration README
[root@localhost ~]# vim /etc/postfix/main.cf
#修改前 #myhostname = host.domain.tld #mydomain = domain.tld #myorigin = $mydomain inet_interfaces = localhost mydestination = $myhostname, localhost.$mydomain, localhost #mynetworks = 168.100.189.0/28, 127.0.0.0/8 #修改後 myhostname = mail.faq-test.tk mydomain = faq-test.tk myorigin = $mydomain inet_interfaces = all mydestination = localhost, localhost.localdomain mynetworks = 127.0.0.0/8 |
2.2 main.cf 虛擬網域配置
有關虛擬網域的配置方式可參考 Postfix Virtual Domain Hosting Howto,也可參考存放在/var/www/html/postfixadmin/DOCUMENTS/POSTFIX_CONF.txt的文檔
為了讓虛擬網域的Poxtfix和MySQL能連接,因此需要多設定一些參數。
直接到最後一行添加以下參數
[root@localhost ~]# vim /etc/postfix/main.cf
#=====================Vritual Mailbox settings (虛擬郵箱域配置)============= # ADDRESS REDIRECTION (VIRTUAL DOMAIN) # # The VIRTUAL_README document gives information about the many forms # of domain hosting that Postfix supports. # The follwing lines connect Postfix with the MySQL database that contains information about # the virtual users/accounts hosted. See proxymap(8) virtual(5) and mysql_table(5) # virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql_virtual_domains_maps.cf virtual_alias_maps = proxy:mysql:/etc/postfix/mysql_virtual_alias_maps.cf virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf # # Additional for quota support virtual_create_maildirsize = yes virtual_mailbox_extended = yes virtual_mailbox_limit_maps = mysql:/etc/postfix/mysql_virtual_mailbox_limit_maps.cf virtual_mailbox_limit_override = yes virtual_maildir_limit_message = Sorry, this user has exceeded their disk space quota, please try again later. virtual_overquota_bounce = yes # #Specify the user/group that owns the mail folders. I’m not sure if this is strictly necessary when using Dovecot’s LDA. virtual_uid_maps = static:5000 virtual_gid_maps = static:5000 # #Specifies which tables proxymap can read: http://www.postfix.org/postconf.5.html#proxy_read_maps proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps |
2.3 建立MySQL對應的文件
main.cf所設定的mysql_virtual_domains_maps.cf…等參數所對應的文件。
設定這些文件的時後請注意,在 user、password 和 dbname 的部份請依個人先前的設定而做修改。
2.3.1 mysql_virtual_domains_maps.cf
[root@localhost ~]# vim /etc/postfix/mysql_virtual_domains_maps.cf
user = postfix password = 123456 hosts = localhost dbname = mail table = domain select_field = domain where_field = domain query = SELECT domain FROM domain WHERE domain=’%s’ AND active = ’1′ #optional query to use when relaying for backup MX #query = SELECT domain FROM domain WHERE domain=’%s’ AND backupmx = ’0′ AND active = ’1′ |
2.3.2 mysql_virtual_alias_maps.cf
[root@localhost ~]# vim /etc/postfix/mysql_virtual_alias_maps.cf
user = postfix password = 123456 hosts = localhost dbname = mail query = SELECT goto FROM alias WHERE address=’%s’ AND active = ’1′ |
2.3.3 mysql_virtual_mailbox_maps.cf
[root@localhost ~]# vim /etc/postfix/mysql_virtual_mailbox_maps.cf
user = postfix password = 123456 hosts = localhost dbname = mail query = SELECT CONCAT(domain,’/',maildir) FROM mailbox WHERE username=’%s’ AND active = 1 |
2.3.4 mysql_virtual_mailbox_limit_maps.cf
[root@localhost ~]# vim /etc/postfix/mysql_virtual_mailbox_limit_maps.cf
user = postfix password = 123456 hosts = localhost dbname = mail query = SELECT quota FROM mailbox WHERE username=’%s’ AND active = ’1′ |
3. SMTP 認證配置
新增以下的參數設定
[root@localhost ~]# vim /etc/postfix/main.cf
#============SASL SMTP Authentication (SMTP認證配置)=================== #SASL SUPPORT FOR CLIENTS # # The following options set parameters needed by Postfix to enable # SMTP AUTH support using Dovecot’s SASL component for authentication of mail clients. # See: /usr/share/doc/postfix-2.3.3/README_FILES/SASL_README – http://www.postfix.org/SASL_README.html # And /usr/share/doc/dovecot-1.0.7/wiki/HowTo.PostfixAndDovecotSASL.txt – http://wiki.dovecot.org/HowTo/PostfixAndDovecotSASL
# Turns on sasl authorization smtpd_sasl_auth_enable = yes
#Use dovecot for authentication smtpd_sasl_type = dovecot
# Path to UNIX socket for SASL smtpd_sasl_path = /var/run/dovecot/auth-client
#Disable anonymous login. We don’t want to run an open relay for spammers. smtpd_sasl_security_options = noanonymous
#Adds support for email software that doesn’t follow RFC 4954. #This includes most versions of Microsoft Outlook before 2007. broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination |
4. Postfix 使用 Dovecot’s LDA 寄信設定
可參考 Dovecot LDA
4.1使用Dovecot’s LDA來寄送信件,除了基本的功能外,還添加了一些額外的功能。如配額的執行、自動回覆。
[root@localhost ~]# vim /etc/postfix/main.cf
# TRANSPORT MAP virtual_transport = dovecot dovecot_destination_recipient_limit = 1 |
4.2 設定master.cf
在最下面新增以下設定
[root@localhost ~]# vim /etc/postfix/master.cf
# Dovecot LDA, as explained here: http://wiki.dovecot.org/LDA/Postfix dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/usr/libexec/dovecot/deliver -f ${sender} -d {recipient} |
若想啟用587的SMTP連接port的話,請將下列註解拿掉
[root@localhost ~]# vim /etc/postfix/master.cf
submission inet n - n - - smtpd |
五、 Dovecot的配置
1. Dovecot的配置
在此之前已經設定好由Postfix訪問Dovecot的設定,因此現在來設定Dovecot願意提供服務給Postfix
1.1 基本配置
刪除以下兩行的註解
Protocols 設定的是MAIL連線的協議
[root@localhost ~]# vim /etc/dovecot.conf
#修改前 #protocols = imap imaps pop3 pop3s #disable_plaintext_auth = no #listen = *, [::] #修改後 protocols = imap imaps pop3 pop3s disable_plaintext_auth = no listen = * |
設定Mail 用戶信件存放的位置
[root@localhost ~]# vim /etc/dovecot.conf
#修改前 #mail_location = #修改後 mail_location = maildir:%hMaildir |
啟用auth_debug設置
[root@localhost ~]# vim /etc/dovecot.conf
#修改前 #auth_debug_passwords = no #auth_debug = no #修改後 auth_debug_passwords = yes auth_debug = yes |
Log檔的設定
[root@localhost ~]# mkdir /var/log/dovecot
[root@localhost ~]# vim /etc/dovecot.conf #修改前 #log_path = #info_log_path = #log_timestamp = “%b %d %H:%M:%S “ #修改後 log_path = /var/log/dovecot/dovecot.log info_log_path = /var/log/dovecot/dovecot.info log_timestamp = “%Y.%m.%d %H:%M:%S “ |
1.2 Namespace
可讓使用IMAP的user自行設定資料夾名稱。可參考 Namespaces
有修改的部份用黃色字體表示
[root@localhost ~]# vim /etc/dovecot.conf
#修改前 #namespace private { # Hierarchy separator to use. You should use the same separator for all # namespaces or some clients get confused. ‘/’ is usually a good one. # The default however depends on the underlying mail storage format. #separator =
# Prefix required to access this namespace. This needs to be different for # all namespaces. For example “Public/”. #prefix =
# Physical location of the mailbox. This is in same format as # mail_location, which is also the default for it. #location =
# There can be only one INBOX, and this setting defines which namespace # has it. #inbox = no
# If namespace is hidden, it’s not advertised to clients via NAMESPACE # extension. You’ll most likely also want to set list=no. This is mostly # useful when converting from another server with different namespaces which # you want to deprecate but still keep working. For example you can create # hidden namespaces with prefixes “~/mail/”, “~%u/mail/” and “mail/”. #hidden = yes
# Show the mailboxes under this namespace with LIST command. This makes the # namespace visible for clients that don’t support NAMESPACE extension. # “children” value lists child mailboxes, but hides the namespace prefix. #list = yes
# Namespace handles its own subscriptions. If set to “no”, the parent # namespace handles them (empty prefix should always have this as “yes”) #subscriptions = yes #}
#修改後 namespace private { # Hierarchy separator to use. You should use the same separator for all # namespaces or some clients get confused. ‘/’ is usually a good one. # The default however depends on the underlying mail storage format. separator = .
# Prefix required to access this namespace. This needs to be different for # all namespaces. For example “Public/”. prefix = INBOX.
# Physical location of the mailbox. This is in same format as # mail_location, which is also the default for it. #location =
# There can be only one INBOX, and this setting defines which namespace # has it. inbox = yes
# If namespace is hidden, it’s not advertised to clients via NAMESPACE # extension. You’ll most likely also want to set list=no. This is mostly # useful when converting from another server with different namespaces which # you want to deprecate but still keep working. For example you can create # hidden namespaces with prefixes “~/mail/”, “~%u/mail/” and “mail/”. #hidden = yes
# Show the mailboxes under this namespace with LIST command. This makes the # namespace visible for clients that don’t support NAMESPACE extension. # “children” value lists child mailboxes, but hides the namespace prefix. #list = yes
# Namespace handles its own subscriptions. If set to “no”, the parent # namespace handles them (empty prefix should always have this as “yes”) #subscriptions = yes } |
2. 協議設置
2.1 IMAP 協議
[root@localhost ~]# vim /etc/dovecot.conf
#請找到此段開頭 protocol imap { #加入以下設定 mail_plugins = quota imap_quota |
2.2 POP3協議
[root@localhost ~]# vim /etc/dovecot.conf
#請找到此段開頭 protocol pop3 {
#取消下列參數的註解 pop3_uidl_format = %08Xu%08Xv #修改下列參數 mail_plugins = quota |
2.3 LDA協議
黃色字體為有修改的地方
[root@localhost ~]# vim /etc/dovecot.conf
#請找到此段開頭 protocol lda {
#修改下列參數 #修改前 protocol lda { # Address to use when sending rejection mails (e.g. postmaster@example.com). #postmaster_address =
# Hostname to use in various parts of sent mails, eg. in Message-Id. # Default is the system’s real hostname. #hostname =
# Support for dynamically loadable plugins. mail_plugins is a space separated # list of plugins to load. #mail_plugins = #mail_plugin_dir = /usr/lib/dovecot/lda
# If user is over quota, return with temporary failure instead of # bouncing the mail. #quota_full_tempfail = no
# Format to use for logging mail deliveries. You can use variables: # %$ – Delivery status message (e.g. “saved to INBOX”) # %m – Message-ID # %s – Subject # %f – From address #deliver_log_format = msgid=%m: %$
# Binary to use for sending mails. #sendmail_path = /usr/lib/sendmail
# Subject: header to use for rejection mails. You can use the same variables # as for rejection_reason below. #rejection_subject = Rejected: %s
# Human readable error message for rejection mails. You can use variables: # %n = CRLF, %r = reason, %s = original subject, %t = recipient #rejection_reason = Your message to <%t> was automatically rejected:%n%r
# UNIX socket path to master authentication server to find users. #auth_socket_path = /var/run/dovecot/auth-master }
#修改後 protocol lda { # Address to use when sending rejection mails (e.g. postmaster@example.com). postmaster_address = postmaster@faq-test.tk
# Hostname to use in various parts of sent mails, eg. in Message-Id. # Default is the system’s real hostname. #hostname =
# Support for dynamically loadable plugins. mail_plugins is a space separated # list of plugins to load. mail_plugins = quota #mail_plugin_dir = /usr/lib/dovecot/lda
# If user is over quota, return with temporary failure instead of # bouncing the mail. #quota_full_tempfail = no
# Format to use for logging mail deliveries. You can use variables: # %$ – Delivery status message (e.g. “saved to INBOX”) # %m – Message-ID # %s – Subject # %f – From address #deliver_log_format = msgid=%m: %$
# Binary to use for sending mails. #sendmail_path = /usr/lib/sendmail
# Subject: header to use for rejection mails. You can use the same variables # as for rejection_reason below. #rejection_subject = Rejected: %s
# Human readable error message for rejection mails. You can use variables: # %n = CRLF, %r = reason, %s = original subject, %t = recipient #rejection_reason = Your message to <%t> was automatically rejected:%n%r
# UNIX socket path to master authentication server to find users. #auth_socket_path = /var/run/dovecot/auth-master } |
3. 認證
3.1 Mechanisms(機制)
Login是純文字的身份驗證,因Outlook版本過多所以添加cram-md5來做驗證。
有關認證說明可參考 Authentication Mechanisms
[root@localhost ~]# vim /etc/dovecot.conf
#請找到此段開頭 auth default {
#修改參數 #修改前 mechanisms = plain #修改後 mechanisms = plain login cram-md5 |
3.2 認證的方法
不使用PAM認證改用SQL的方式
3.2.1 註解PAM
[root@localhost ~]# vim /etc/dovecot.conf
#請找到此段開頭 passdb pam { #修改參數(請把此參數的頭尾都註解掉) #passdb pam { #} |
3.2.2 使用SQL
[root@localhost ~]# vim /etc/dovecot.conf
#修改前 #passdb sql { # Path for SQL configuration file, see doc/dovecot-sql-example.conf #args = #}
#修改後(將頭尾註解拿掉並告知到那找資料庫訊息) passdb sql { # Path for SQL configuration file, see doc/dovecot-sql-example.conf args = /etc/dovecot-sql.conf } |
[root@localhost ~]# vim /etc/dovecot.conf
#修改前 #userdb prefetch { #}
# System users (NSS, /etc/passwd, or similiar). In many systems nowadays this # uses Name Service Switch, which is configured in /etc/nsswitch.conf. # <doc/wiki/AuthDatabase.Passwd.txt> userdb passwd { # [blocking=yes] – By default the lookups are done in the main dovecot-auth # process. This setting causes the lookups to be done in auth worker # proceses. Useful with remote NSS lookups that may block. # NOTE: Be sure to use this setting with nss_ldap or users might get # logged in as each others! #args = }
#修改後 (拿掉userdb prefetch的註解,把userdb passwd註解起來) userdb prefetch { }
# System users (NSS, /etc/passwd, or similiar). In many systems nowadays this # uses Name Service Switch, which is configured in /etc/nsswitch.conf. # <doc/wiki/AuthDatabase.Passwd.txt> #userdb passwd { # [blocking=yes] – By default the lookups are done in the main dovecot-auth # process. This setting causes the lookups to be done in auth worker # proceses. Useful with remote NSS lookups that may block. # NOTE: Be sure to use this setting with nss_ldap or users might get # logged in as each others! #args = #} |
設置userdb sql
[root@localhost ~]# vim /etc/dovecot.conf
#修改前 # SQL database <doc/wiki/AuthDatabase.SQL.txt> #userdb sql { # Path for SQL configuration file, see doc/dovecot-sql-example.conf #args = #}
#修改後 # SQL database <doc/wiki/AuthDatabase.SQL.txt> userdb sql { # Path for SQL configuration file, see doc/dovecot-sql-example.conf args = /etc/dovecot-sql.conf } |
若是不清楚11.2.1和11.2.2為什麼要這樣設定的話,可參考Prefetch User Database
3.3設定使用帳戶
設定Dovecot身份的帳號
[root@localhost ~]# vim /etc/dovecot.conf
#修改前 # User to use for the process. This user needs access to only user and # password databases, nothing else. Only shadow and pam authentication # requires roots, so use something else if possible. Note that passwd # authentication with BSDs internally accesses shadow files, which also # requires roots. Note that this user is NOT used to access mails. # That user is specified by userdb above. user = root
#修改後 # User to use for the process. This user needs access to only user and # password databases, nothing else. Only shadow and pam authentication # requires roots, so use something else if possible. Note that passwd # authentication with BSDs internally accesses shadow files, which also # requires roots. Note that this user is NOT used to access mails. # That user is specified by userdb above. #user = root user = vmail |
3.4 連接認證
把master和client兩邊的身份認證做連接
[root@localhost ~]# vim /etc/dovecot.conf
#修改前 # It’s possible to export the authentication interface to other programs: #socket listen { #master { # Master socket provides access to userdb information. It’s typically # used to give Dovecot’s local delivery agent access to userdb so it # can find mailbox locations. #path = /var/run/dovecot/auth-master #mode = 0600 # Default user/group is the one who started dovecot-auth (root) #user = #group = #} #client { # The client socket is generally safe to export to everyone. Typical use # is to export it to your SMTP server so it can do SMTP AUTH lookups # using it. #path = /var/run/dovecot/auth-client #mode = 0660 #} #}
#修改後 # It’s possible to export the authentication interface to other programs: socket listen { master { # Master socket provides access to userdb information. It’s typically # used to give Dovecot’s local delivery agent access to userdb so it # can find mailbox locations. path = /var/run/dovecot/auth-master mode = 0600 # Default user/group is the one who started dovecot-auth (root) user = vmail #group = } client { # The client socket is generally safe to export to everyone. Typical use # is to export it to your SMTP server so it can do SMTP AUTH lookups # using it. path = /var/run/dovecot/auth-client mode = 0660 user = postfix group = postfix } } |
六、 資料庫連接設定
1. 複製設定檔
[root@localhost ~]# cp /usr/share/doc/dovecot-dovecot --version /examples/dovecot-sql-example.conf /etc/dovecot-sql.conf |
2 修改dovecot-sql.conf設定
2.1 指定資料庫
[root@localhost ~]# vim /etc/dovecot-sql.conf
#修改前 #driver = #修改後 driver = mysql |
2.2 設定連接資料庫的帳密
dbname 輸入資料庫名稱
user 輸入dbname帳號
password 輸入dbname密碼
[root@localhost ~]# vim /etc/dovecot-sql.conf
#修改前 #connect = #修改後 connect = host=localhost dbname=mail user=postfix password=123456 |
2.3 設定資料庫加密方式
[root@localhost ~]# vim /etc/dovecot-sql.conf
#修改前 #default_pass_scheme = MD5 #修改後 default_pass_scheme = CRAM-MD5 |
2.4 設定資料存放位置(讓資料庫可查詢使
[root@localhost ~]# vim /etc/dovecot-sql.conf
#修改前 #user_query = \ #修改後 user_query = SELECT CONCAT(‘/var/mail/vhosts/’, maildir) AS home, 5000 AS uid, 5000 AS gid, CONCAT(‘*:bytes=’, quota) as quota_rule FROM mailbox WHERE username = ‘%u’ AND active=’1′ |
2.5 設定資料庫的密碼查詢
[root@localhost ~]# vim /etc/dovecot-sql.conf
#修改前(約為倒數第4行) #password_query = \ #修改後 password_query = SELECT username AS user, password, CONCAT(‘/var/mail/vhosts/’, maildir) AS userdb_home, 5000 AS userdb_uid, 5000 AS userdb_gid, CONCAT(‘*:bytes=’, quota) as userdb_quota_rule FROM mailbox WHERE username = ‘%u’ AND active=’1′ |
七、 Quota Table
1. Quota Table的dovecot.conf設定
[root@localhost ~]# vim /etc/dovecot.conf
#修改前 dict { #quota = mysql:/etc/dovecot-dict-quota.conf #expire = db:/var/lib/dovecot/expire.db } #修改後 dict { #quota = mysql:/etc/dovecot-dict-quota.conf #expire = db:/var/lib/dovecot/expire.db quotadict = mysql:/etc/dovecot-dict-quota.conf } |
[root@localhost ~]# vim /etc/dovecot.conf
#請找到此段開頭 plugin {
#請在plugin {}之間找空白處加入以下內容 plugin { # Quota setting per /usr/share/postfixadmin/DOCUMENTS/DOVECOT.txt # http://wiki.dovecot.org/Quota/Dict quota = dict:user::proxy::quotadict } |
2. 編輯dovecot-dict-quota.conf設定
dbname 輸入資料庫名稱
user 輸入dbname帳號
password 輸入dbname密碼
[root@localhost ~]# vim /etc/dovecot-dict-quota.conf
connect = host=localhost dbname=mail user=postfix password=123456 map { pattern = priv/quota/storage table = quota2 username_field = username value_field = bytes } map { pattern = priv/quota/messages table = quota2 username_field = username value_field = messages } |
如果在步驟2.5 沒有把Dovecot更新的話,可參考這邊的設定Dictionary quota
八、 啟動和測試
安裝到目前為止先來測試和啟動看看有沒有什麼問題,有的話才好先行debug
1. 啟動Dovecot和postfix 且設定開機啟動
[root@localhost ~]# /etc/init.d/dovecot start
[root@localhost ~]# /etc/init.d/postfix start [root@localhost ~]# chkconfig dovecot on [root@localhost ~]# chkconfig postfix on |
如果在啟動dovecot有出現以下錯誤訊息的話
請參考【十一、debug處理】的錯誤訊息1~3
2. 測試 (若是測試結果如下差不多就是正確沒錯)
2.1 telnet 25 port
[root@localhost ~]# telnet localhost 25
Trying 127.0.0.1… Connected to localhost.localdomain (127.0.0.1). Escape character is ‘^]’. 220 mail.faq-test.tk ESMTP Postfix
EHLO mail.faq-test.tk
250-mail.faq-test.tk 250-PIPELINING 250-SIZE 10240000 250-VRFY 250-ETRN 250-AUTH PLAIN LOGIN CRAM-MD5 250-AUTH=PLAIN LOGIN CRAM-MD5 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN |
2.2 telnet 110 port
[root@localhost ~]# telnet localhost 110
Trying 127.0.0.1… Connected to localhost.localdomain (127.0.0.1). Escape character is ‘^]’. +OK Dovecot ready. |
2.3 telnet 143 port
[root@localhost ~]# telnet localhost 143
Trying 127.0.0.1… Connected to localhost.localdomain (127.0.0.1). Escape character is ‘^]’. * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE STARTTLS AUTH=PLAIN AUTH=LOGIN AUTH=CRAM-MD5] Dovecot ready. |
2.4 修改dovecot LOG權限
[root@localhost ~]# cd /var/log/dovecot
[root@localhost ~]# chown vmail.vmail dovecot.info dovecot.log |
設定到這邊就差不多完成了。如果想要設定TLS(SSL)加密,再接著往下做
九、 TLS(SSL)加密
在有些情況下使用MAIL會希望有加密,所以在這邊就來說明一下如何設定加密。
要使用加密前都會需要一個SSL憑證/KEY,在證書和KEY的部份可分為自行產生,和購買的方式。若是購買SSL憑證,還需要安裝供應商所提供的CA證書,如此一來在安裝的方式就會有所不同了。在這邊我們介紹的是自行產生的SSL憑證/KEY。
1.安裝套件crypto-utils
在產生KEY的方式有很多種,在這邊使用crypto-utils此套件來產生
[root@localhost ~]# yum install crypto-utils |
2. 產生KEY
2.1運行genkey來產生KEY
[root@localhost ~]# genkey –days 365 mail.faq-test.tk |
2.2 這是一些說明可直接選「Next」
2.3 選擇所要產生key的位元,基本上選1024或2048就夠了
2.4 產生中 需要一點時間
2.5 詢問是否要發送證書的請求(CSR)到證書頒發機構(CA)嗎
在這邊請選否,除非想購買憑證
2.6 請輸入一些相關資訊
Country Name (ISO 2 letter code) 國家名稱(ISO2字母代碼)
State or Province Name (full name) 州或省名稱(全稱)
Locality Name (e.g. city) 地方名稱(例如城市)
Organization Name (eg, company) 組織名稱(例如,公司)
Organizational Unit Name (eg, section) 組織單位的名稱(例如,一節)
Common Name (fully qualified domain name) 通用名稱(完全限定的域名)
2.7 詢問是否要對key加密
在這邊選不加密
2.8 看到以下訊息表示產生完成
Please wait – generating the key (this may take some time)
768 semi-random bytes loaded Generating RSA private key, 1024 bit long modulus ………………..++++++ ……….++++++ e is 65537 (0×10001) |
3. 產生KEY的路逕
mail.faq-test.tk.cert存放在:
/etc/pki/tls/certs
mail.faq-test.tk.key存放在:
/etc/pki/tls/private
可依個人需求搬移KEY所存放的路徑,在這邊就存放在預設路徑就好。
4. 告知Postfix KEY和證書存放的位置和設定使用
4.1添加以下設定在main.cf設定檔最後
[root@localhost ~]# vim /etc/postfix/main.cf
#====================TLS (SSL) Encryption========================== #TLS CERTIFICATE SETTINGS #See CentOS wiki at http://wiki.centos.org/HowTos/postfix_sasl
#Enables, but does not require use of TLS smtpd_tls_security_level = may #Location of private key smtpd_tls_key_file = /etc/pki/tls/private/mail.faq-test.tk.key #Public certificate smtpd_tls_cert_file = /etc/pki/tls/certs/mail.faq-test.tk.cert #Certificate atuhority certificate, if you need this for a commercial certificate. # smtpd_tls_CAfile = /etc/pki/tls/root.crt #Log TLS sessions smtpd_tls_loglevel = 1 #Cache TLS sessions for 1 hour to reduce CPU load smtpd_tls_session_cache_timeout = 3600s #Location to store cache smtpd_tls_session_cache_database = btree:/var/spool/postfix/smtpd_tls_cache #Raondom data source tls_random_source = dev:/dev/urandom #Require TLS security before allowing plaintext authentication #smtpd_tls_auth_only = no |
4.2 編輯dovecot.conf 設置證書和KEY的路徑
[root@localhost ~]# vim /etc/dovecot.conf
#修改前 #ssl_cert_file = /etc/pki/dovecot/certs/dovecot.pem #ssl_key_file = /etc/pki/dovecot/private/dovecot.pem #修改後 ssl_cert_file = /etc/pki/tls/certs/mail.faq-test.tk.cert ssl_key_file = /etc/pki/tls/private/mail.faq-test.tk.key |
若有必要的話也可自行設定CA證書,且修改 #ssl_ca_file = 就可以了
4.3 禁止使用較簡單的密碼
[root@localhost ~]# vim /etc/dovecot.conf
#修改前 #ssl_cipher_list = ALL:!LOW:!SSLv2 #修改後 ssl_cipher_list = ALL:!LOW:!SSLv2 |
5. 設定完成後重啟服務
[root@localhost ~]# /etc/init.d/postfix restart
[root@localhost ~]# /etc/init.d/dovecot restart |
十、 實地測試信件收發
1. 建立帳號
由於我們使用的是虛擬帳號的設定方式,所以首先要先建立新的網域和帳號
1.1 登入postfixadmin
http://faq-test.tk/postfixadmin/
請輸入PostfixAdmin 配置 6.3 ,所建立的管理員帳號密碼,也可選擇要登入的語系
1.2 建立新網域
1.2.1 [域名清單] → [新建域]
1.2.2 輸入相關資料
域名 : 輸入要建立的網域名稱
描述 : 依個人設定
別名數、郵箱數、最大容量限制 : 會依PostfixAdmin 配置 5.7設定而預設,也可自行修改
按下新增後就可新增成功
1.3 建立該網域帳號
1.3.1 [虛擬用戶清單] → [新建郵箱]
1.3.2 輸入相關資料
用戶名 : 請輸入要創建的帳號名
密碼 : 請輸入密碼
密碼(再次輸入) : 再次輸入密碼
名字 : 此帳號使用者的名字
限制 : 限制該信箱的上限
2. 信箱收發測試
2.1 開啟收信軟體
可使用outlook測試,若沒outlook的話。這邊提供另一個mail 收發軟體「Foxmail」
2.2 信箱設定 (以下設定以Foxmail為範例outlook設定方式也差不多)
2.2.1請把「啟動Foxmail時始終檢查此項設定」的勾取消,並且選「否」
2.2.2 請選「否」不要匯入
2.2.3請輸入剛剛所新建的 MAIL帳號
2.2.3 設定收發信件的類型
郵箱類型 : 可依自行需要選擇,類型有IMAP、POP3、Exchange
密碼 : 輸入創建帳號時設的密碼
帳號描述 : 可自行修改
2.2.3 點選下圖的「測試」,可測試收信軟體和主機連接是否有問題
若以上測試都為正常,就可以開始收發信件測試了。
2.3 會收到一封歡迎信
2.4 收發信件測試
2.4.1 寄信測試
寄了一封Mail到gmail,有收到
2.4.2 收信測試
由gmail回覆信件回來,也有收到
如此一來mail的收發就正常了,可以開始使用了。
十一、 debug處理
在發現問題的時後,可以查看/var/log 裡的相關LOG。通常都會說明問題原因,可依照LOG來debug
錯誤訊息1
Starting Dovecot Imap:If you have trouble with authentication failures, enable auth_debug setting. See http://wiki.dovecot.org/WhyDoesItNotWork This message goes away after the first successful login. |
若出現此錯誤訊息請將auth_debug的功能開啟。
[root@localhost ~]#vim /etc/dovecot.conf
#修改前 #auth_debug = no #auth_debug_passwords = no #修改後 auth_debug = yes auth_debug_passwords = yes |
錯誤訊息2
Starting Dovecot Imap: ILoading modules from directory: /usr/lib64/dovecot/imap
IModule loaded: /usr/lib64/dovecot/imap/lib10_quota_plugin.so IModule loaded: /usr/lib64/dovecot/imap/lib11_imap_quota_plugin.so IEffective uid=99, gid=99, home=/tmp IQuota root: name=user backend=dict args=:proxy::quotadict Last died with error (see error log for more information): Auth process died too early – shutting down |
若出現此錯誤訊息表示在dovecot.conf多開啟了mail_debug,將其註解就行了。
[root@localhost ~]#vim /etc/dovecot.conf
#修改前 mail_debug = yes #修改後 #mail_debug = yes |
錯誤訊息3
Starting Dovecot Imap: Last died with error (see error log for more information): Auth process died too early – shutting down |
若出現此錯誤訊息表示沒安裝 dovecot-mysql
[root@localhost ~]# cd /tmp
[root@localhost ~]# wget http://centos.alt.ru/repository/centos/5/x86_64/dovecot-mysql-1.2.17-2.el5.x86_64.rpm [root@localhost ~]# rpm -Uvh dovecot-mysql-1.2.17-2.el5.x86_64.rpm |
錯誤訊息4
DEBUG INFORMATION: MySQL 3.x / 4.0 functions not available! (php5-mysql installed?) database_type = ‘mysql’ in config.inc.php, are you using a different database? Please check the documentation and website for more information. |
若出現此錯誤訊息表示MySQL版本不適用,請一併更新
[root@localhost ~]# yum httpd mysql mysql-server mysql-devel php php-mysql |
退信
以下是退信內容
This is the mail system at host mail.faq-test.tk.
I’m sorry to have to inform you that your message could not be delivered to one or more recipients. It’s attached below.
For further assistance, please send mail to <postmaster>
If you do so, please include this problem report. You can delete your own text from the attached returned message.
The mail system
<derek@faq-test.tk>: unknown user: “derek”
Final-Recipient: rfc822; derek@faq-test.tk Original-Recipient: rfc822;derek@faq-test.tk Action: failed Status: 5.1.1 Diagnostic-Code: X-Postfix; unknown user: “derek”
———- 轉寄訊息 ———- From: XXX <xxxxxxxxx@gmail.com> To: derek <derek@faq-test.tk> Cc: Date: Fri, 23 Mar 2012 22:21:14 +0800 Subject: Re: test test
derek <derek@faq-test.tk> 於 2012年3月23日下午10:20 寫道: test |
退信內容表示找不到此mail帳號,所以查看一下postfix的main.cf是否有設定錯誤
由於使用的是虛擬帳號的部份,因此在mydestination是不需要加入domain的。
[root@localhost ~]# vim /etc/postfix/main.cf
#修改前 mydestination = localhost, localhost.localdomain, faq-test,tk #修改後 mydestination = localhost, localhost.localdomain |
沒有退信也收不到信
查看maillog會發現下列錯誤訊息
此訊息告知在dovecot.log沒有足夠的權限能執行,所以請修改dovecot.log的權限
[root@localhost ~]# tail -f /var/log/maillog
(temporary failure. Command output: Can’t open log file /var/log/dovecot.log: Permission denied ) |
修改方式如下
[root@localhost ~]# cd /var/log
[root@localhost ~]# chown vmail.vmail dovecot.info dovecot.log [root@localhost ~]# chmod 700 dovecot.log dovecot.info |
十二、 相關設定檔參考
在此篇教學所提到的設定檔部份,在這邊提供給各位參考。裡面有一些細部設定還請依個人情況而修改。
PostfixAdmin 配置 config.inc.php
Poxtfix的main.cf配置 main.cf master.cf
Dovecot的配置 dovecot.conf dovecot-dict-quota.conf dovecot-sql.conf
十三、 參考資料
Install Postfix with Dovecot on CentOS
linux下編輯安裝postfix+mysql+dovecot+postfixadmin
你好,首先非常感谢你写的这篇文章,对我帮助很大。我是一个刚接触centos新手,正尝试在
centos6.2上配置一个简单的邮件服务器,用的是postfix和dovecot,参照着你的经验,我进行了
我自己的配置。在我将基本的postfix和dovecot都配置完以后,我测试已经可以正常的建立域,
也能新建邮箱,就如你文章中说的那样,可是我在测试25号端口,也就是用telnet localhost 25
时,总是出现connection closed by foreign host这样的错误,我查看maillog里说:fatal:no
sasl authentication mechanisms. 而当我把main.cf里的smtpd_sasl_auth_enable设为no时,
telnet localhost 25可以正常运行。之前,我也配置了smtpd_sasl_type=dovecot及相关的配置
,可是为什么会出现no saslauthentication这样的问题呢?对此我在网上查找了好久,可惜自己
对这些还处于一个相当菜的水平,故而一直仍就没有解决,不知道你是否有此相关配置的经验,
知道是什么原因导致了这个问题么?希望能够给我一些建议。最后再次感谢你,不论如何,这篇
文章让我学到许多东西。
「fatal:no sasl authentication mechanisms」此錯誤應該是沒裝sasl套件
rpm -qa|grep sasl (查看是否有安裝)
yum install cyrus-sasl-plain (若沒安裝可安裝此套件)
或是使用光碟中的相關rpm安裝
谢谢你的及时回复,我检查过了,我已经安装了cyrus-sasl相关套件,可是并没有进行相关的配置。我有个疑问,就是我在main.cf中配置的是smtpd_sasl_type=dovecot.那么还需要对cyrus-sasl进行相关的设置么?还是说我配置好cyrus-sasl的相关属性后,对main.cf的相关内容也要进行修改,采用cyrus-sasl进行认证?我对认证这个不清楚,还望能够帮我解释一下,谢谢!
在main.cf中配置的是smtpd_sasl_type=dovecot。那你可查看dovecot是否有設定錯誤。
至於你所提到的采用cyrus-sasl進行認證的部份,你可以試試看我目前也還沒試過。