阿里云
发表主题 回复主题
  • 5227阅读
  • 3回复

[基础常识]在Debian 8 系统里安装简易电子邮局系统 postfix mysql dovecot postfixadmin roundcube

级别: 论坛版主
发帖
13534
云币
30974

前一个帖子 里,是用 iRedMail 快速建邮局,现在尝试手动安装。安装过程主要参考国外的一个教程。 #SLi v  
ld~*w  
环境: debian 8 64位,mail 用户组数字ID是 8。假设 postfixadmin 的访问网址是:https://yun.anqun.org/postfixamdinroundcube 的访问网址是: https://yun.anqun.org/webmail IL8&MA%  
gO~>*q &  
GB >h8yXH  
c1%ki%J#  
过程: ^YPw'cZZ&  
^sZHy4-yK#  
1. 更改ECS实例的主机名: 0J)VEMC  
  1. hostname yun.anqun.org
K!jau|FS  
2. 更改 /etc/hostname 文件中的名称,如本例是: kD+B8TrW  
  1. yun
bir tA{q  
3. 更改 /etc/hosts 文件中的完整主机名称,如本例是: @(st![i+  
  1. 127.0.0.1  yun.anqun.org yun localhost localhost.localdomain
6mrfkYK  
4. 更新软件 %c c<>Hi  
  1. apt-get update
p t{/|P  
5. 安装 nginx + php5 + mariadb 的 web 运行环境:https://bbs.aliyun.com/read/288162.html .Wyx#9  
d~d~Cd`V  
6. 假设已经获取了 yun.anqun.org 的证书,为 nginx 配置 https 访问 ]kkH|b$[T  
+>h'^/rAE  
6. 安装相关的软件: !P:~oo =  
  1. apt-get install postfix postfix-mysql dovecot-core dovecot-imapd dovecot-lmtpd dovecot-mysql php5-imap php5-mysql php5-mcrypt php5-intl php-apc php5-memcache php5-curl php5-gd php-xml-parser php5-imap
{u7_<G7  
7. 创建一个新的mysql数据库 postfdb :数据用户 postuser:密码是 aqtest46 ,给予相应权限,预备给 postfixadmin 使用:
  1. create database postfdb;
  2. grant all on postfdb.* to 'postuser'@'localhost' identified by 'aqtest46';
|w^nCsv  
8. 下载 postfixadmin 的安装文件包: W^nG\"T^  
  1. wget http://nchc.dl.sourceforge.net/project/postfixadmin/postfixadmin/postfixadmin-3.0/postfixadmin-3.0.tar.gz
== i?lbj  
9. 将 postfixadmin 解压到 /var/www/html/postfixadmin,创建 config.local.php 配置文件,包含 mysql 的连接信息
  1. <?php
  2. $CONF['database_type'] = 'mysqli';
  3. $CONF['database_user'] = 'postuser';
  4. $CONF['database_password'] = 'aqtest46';
  5. $CONF['database_name'] = 'postfdb';
  6. $CONF['configured'] = true;
  7. $CONF['domain_path'] = 'NO';
  8. $CONF['domain_in_mailbox'] = 'YES';
  9. ?>
0SLn0vD!  
10.安装过程中,会让您新设配置密码,再让您创建邮局管理员账号 s2+s1%^Ll  
Yg7C"3;Vt  
11.设置一个系统用户vmail(用户ID 150,属于mail组,用户目录在/var/vmail),用来“托管”所有的虚拟邮箱服务 8-R; &  
  1. useradd -r -u 150 -g mail -d /var/vmail -s /sbin/nologin -c "Virtual MailDir Handler" vmail
hz+x)M`Y  
12.创建相应的目录,修改合适的权限
  1. mkdir -p /var/vmail
  2. chown vmail:mail /var/vmail
  3. chmod 770 /var/vmail
13.开始配置 dovecot,修改数据库配置文件 /etc/dovecot/dovecot-sql.conf.ext ,内容如下: [318Q%W&  
  1. # Database driver: mysql, pgsql, sqlite
  2. driver = mysql
  3. # Database Connection:
  4. #   connect = host=192.168.1.1 dbname=users
  5. #   connect = host=sql.example.com dbname=virtual user=virtual password=blarg
  6. #   connect = /etc/dovecot/authdb.sqlite
  7. #
  8. connect = host=127.0.0.1 dbname=postfdb user=postuser password=aqtest46
  9. # Default password scheme.
  10. #
  11. # List of supported schemes is in
  12. # http://wiki2.dovecot.org/Authentication/PasswordSchemes
  13. #
  14. # Weak but common encryption scheme:
  15. default_pass_scheme = MD5-CRYPT
  16. #
  17. # Comment the above out and uncomment below
  18. # for stronger encryption:
  19. #default_pass_scheme - SHA256-CRYPT
  20. # Define the query to obtain a user password.
  21. password_query = \
  22.   SELECT username as user, password, '/var/vmail/%d/%n' as userdb_home, \
  23.   'maildir:/var/vmail/%d/%n' as userdb_mail, 150 as userdb_uid, 8 as userdb_gid \
  24.   FROM mailbox WHERE username = '%u' AND active = '1'
  25. # Define the query to obtain user information.
  26. user_query = \
  27.   SELECT '/var/vmail/%d/%n' as home, 'maildir:/var/vmail/%d/%n' as mail, \
  28.   150 AS uid, 8 AS gid, concat('dirsize:storage=', quota) AS quota \
  29.   FROM mailbox WHERE username = '%u' AND active = '1'
{Uu|NA87Cd  
A0Hsd  
14.修改认证配置文件 /etc/dovecot/conf.d/10-auth.conf,内容如下:
  1. # Disable LOGIN command and all other plaintext authentications unless
  2. # SSL/TLS is used (LOGINDISABLED capability). Note that if the remote IP
  3. # matches the local IP (ie. you're connecting from the same computer), the
  4. # connection is considered secure and plaintext authentication is allowed.
  5. disable_plaintext_auth = yes
  6. # Space separated list of wanted authentication mechanisms:
  7. #   plain login digest-md5 cram-md5 ntlm rpa apop anonymous gssapi otp skey
  8. #   gss-spnego
  9. # NOTE: See also disable_plaintext_auth setting.
  10. auth_mechanisms = plain login
  11. ##
  12. ## Password and user databases
  13. ##
  14. #
  15. # Password database is used to verify user's password (and nothing more).
  16. # You can have multiple passdbs and userdbs. This is useful if you want to
  17. # allow both system users (/etc/passwd) and virtual users to login without
  18. # duplicating the system users into virtual database.
  19. #
  20. # <doc/wiki/PasswordDatabase.txt>
  21. #
  22. # User database specifies where mails are located and what user/group IDs
  23. # own them. For single-UID configuration use "static" userdb.
  24. #
  25. # <doc/wiki/UserDatabase.txt>
  26. # Use the SQL database configuration rather than any of the others.
  27. !include auth-sql.conf.ext
  28. 15.修改邮件相关的配置文件:/etc/dovecot/conf.d/10-mail.conf,内容如下:
  29. # Location for users' mailboxes. The default is empty, which means that Dovecot
  30. # tries to find the mailboxes automatically. This won't work if the user
  31. # doesn't yet have any mail, so you should explicitly tell Dovecot the full
  32. # location.
  33. #
  34. # If you're using mbox, giving a path to the INBOX file (eg. /var/mail/%u)
  35. # isn't enough. You'll also need to tell Dovecot where the other mailboxes are
  36. # kept. This is called the "root mail directory", and it must be the first
  37. # path given in the mail_location setting.
  38. #
  39. # There are a few special variables you can use, eg.:
  40. #
  41. #   %u - username
  42. #   %n - user part in user@domain, same as %u if there's no domain
  43. #   %d - domain part in user@domain, empty if there's no domain
  44. #   %h - home directory
  45. #
  46. # See doc/wiki/Variables.txt for full list. Some examples:
  47. #
  48. #   mail_location = maildir:~/Maildir
  49. #   mail_location = mbox:~/mail:INBOX=/var/mail/%u
  50. #   mail_location = mbox:/var/mail/%d/%1n/%n:INDEX=/var/indexes/%d/%1n/%n
  51. #
  52. # <doc/wiki/MailLocation.txt>
  53. #
  54. mail_location = maildir:/var/vmail/%d/%n
  55. # System user and group used to access mails. If you use multiple, userdb
  56. # can override these by returning uid or gid fields. You can use either numbers
  57. # or names. <doc/wiki/UserIds.txt>
  58. mail_uid = vmail
  59. mail_gid = mail
  60. # Valid UID range for users, defaults to 500 and above. This is mostly
  61. # to make sure that users can't log in as daemons or other system users.
  62. # Note that denying root logins is hardcoded to dovecot binary and can't
  63. # be done even if first_valid_uid is set to 0.
  64. #
  65. # Use the vmail user uid here.
  66. first_valid_uid = 150
  67. last_valid_uid = 150
  68. # If you need to set multiple mailbox locations or want to change default
  69. # namespace settings, you can do it by defining namespace sections.
  70. #
  71. # You can have private, shared and public namespaces. Private namespaces
  72. # are for user's personal mails. Shared namespaces are for accessing other
  73. # users' mailboxes that have been shared. Public namespaces are for shared
  74. # mailboxes that are managed by sysadmin. If you create any shared or public
  75. # namespaces you'll typically want to enable ACL plugin also, otherwise all
  76. # users can access all the shared mailboxes, assuming they have permissions
  77. # on filesystem level to do so.
  78. namespace inbox {
  79.   # Namespace type: private, shared or public
  80.   #type = private
  81.   # Hierarchy separator to use. You should use the same separator for all
  82.   # namespaces or some clients get confused. '/' is usually a good one.
  83.   # The default however depends on the underlying mail storage format.
  84.   #separator =
  85.   # Prefix required to access this namespace. This needs to be different for
  86.   # all namespaces. For example "Public/".
  87.   #prefix =
  88.   # Physical location of the mailbox. This is in same format as
  89.   # mail_location, which is also the default for it.
  90.   #location =
  91.   # There can be only one INBOX, and this setting defines which namespace
  92.   # has it.
  93.   inbox = yes
  94.   # If namespace is hidden, it's not advertised to clients via NAMESPACE
  95.   # extension. You'll most likely also want to set list=no. This is mostly
  96.   # useful when converting from another server with different namespaces which
  97.   # you want to deprecate but still keep working. For example you can create
  98.   # hidden namespaces with prefixes "~/mail/", "~%u/mail/" and "mail/".
  99.   #hidden = no
  100.   # Show the mailboxes under this namespace with LIST command. This makes the
  101.   # namespace visible for clients that don't support NAMESPACE extension.
  102.   # "children" value lists child mailboxes, but hides the namespace prefix.
  103.   #list = yes
  104.   # Namespace handles its own subscriptions. If set to "no", the parent
  105.   # namespace handles them (empty prefix should always have this as "yes")
  106.   #subscriptions = yes
  107. }
[<{+tAdn)  
16.修改ssl证书路径,/etc/dovecot/conf.d/10-ssl.conf ,内容如下:
  1. ssl = yes
  2. ssl_cert = </etc/ssl/certs/yun_anqun_org.pem
  3. ssl_key = </etc/ssl/private/yun_anqun_org.key
~lLIq!!\  
17.修改配置文件 /etc/dovecot/conf.d/10-master.conf ,更改相应的用户和组,内容如下:
  1. #default_process_limit = 100
  2. #default_client_limit = 1000
  3. # Default VSZ (virtual memory size) limit for service processes. This is mainly
  4. # intended to catch and kill processes that leak memory before they eat up
  5. # everything.
  6. #default_vsz_limit = 256M
  7. # Login user is internally used by login processes. This is the most untrusted
  8. # user in Dovecot system. It shouldn't have access to anything at all.
  9. #default_login_user = dovenull
  10. # Internal user is used by unprivileged processes. It should be separate from
  11. # login user, so that login processes can't disturb other processes.
  12. #default_internal_user = dovecot
  13. service imap-login {
  14.   inet_listener imap {
  15.     #port = 143
  16.   }
  17.   inet_listener imaps {
  18.     #port = 993
  19.     #ssl = yes
  20.   }
  21.   # Number of connections to handle before starting a new process. Typically
  22.   # the only useful values are 0 (unlimited) or 1. 1 is more secure, but 0
  23.   # is faster. <doc/wiki/LoginProcess.txt>
  24.   #service_count = 1
  25.   # Number of processes to always keep waiting for more connections.
  26.   #process_min_avail = 0
  27.   # If you set service_count=0, you probably need to grow this.
  28.   #vsz_limit = $default_vsz_limit
  29. }
  30. service pop3-login {
  31.   inet_listener pop3 {
  32.     #port = 110
  33.   }
  34.   inet_listener pop3s {
  35.     #port = 995
  36.     #ssl = yes
  37.   }
  38. }
  39. service lmtp {
  40.   unix_listener lmtp {
  41.     #mode = 0666
  42.   }
  43.   # Create inet listener only if you can't use the above UNIX socket
  44.   #inet_listener lmtp {
  45.     # Avoid making LMTP visible for the entire internet
  46.     #address =
  47.     #port =
  48.   #}
  49. }
  50. service imap {
  51.   # Most of the memory goes to mmap()ing files. You may need to increase this
  52.   # limit if you have huge mailboxes.
  53.   #vsz_limit = $default_vsz_limit
  54.   # Max. number of IMAP processes (connections)
  55.   #process_limit = 1024
  56. }
  57. service pop3 {
  58.   # Max. number of POP3 processes (connections)
  59.   #process_limit = 1024
  60. }
  61. service auth {
  62.   # auth_socket_path points to this userdb socket by default. It's typically
  63.   # used by dovecot-lda, doveadm, possibly imap process, etc. Users that have
  64.   # full permissions to this socket are able to get a list of all usernames and
  65.   # get the results of everyone's userdb lookups.
  66.   #
  67.   # The default 0666 mode allows anyone to connect to the socket, but the
  68.   # userdb lookups will succeed only if the userdb returns an "uid" field that
  69.   # matches the caller process's UID. Also if caller's uid or gid matches the
  70.   # socket's uid or gid the lookup succeeds. Anything else causes a failure.
  71.   #
  72.   # To give the caller full permissions to lookup all users, set the mode to
  73.   # something else than 0666 and Dovecot lets the kernel enforce the
  74.   # permissions (e.g. 0777 allows everyone full permissions).
  75.   unix_listener auth-userdb {
  76.     mode = 0666
  77.     user = vmail
  78.     group = mail
  79.   }
  80.   # Postfix smtp-auth
  81.   unix_listener /var/spool/postfix/private/auth {
  82.     mode = 0666
  83.     user = postfix
  84.     group = postfix
  85.   }
  86.   # Auth process is run as this user.
  87.   #user = $default_internal_user
  88. }
  89. service auth-worker {
  90.   # Auth worker process is run as root by default, so that it can access
  91.   # /etc/shadow. If this isn't necessary, the user should be changed to
  92.   # $default_internal_user.
  93.   #user = root
  94. }
  95. service dict {
  96.   # If dict proxy is used, mail processes should have access to its socket.
  97.   # For example: mode=0660, group=vmail and global mail_access_groups=vmail
  98.   unix_listener dict {
  99.     #mode = 0600
  100.     #user =
  101.     #group =
  102.   }
  103. }
]^^mJt.Iv  
18.更改权限,让dovecot和邮箱用户能读取相应的配置文件内容
  1. chown -R vmail:dovecot /etc/dovecot
  2. chmod -R o-rwx /etc/dovecot
9a9{OJa6M  
20.开始配置postfix,检查mysql的监听地址是否为 127.0.0.1 pEE.%U  
  1. cat /etc/mysql/my.cnf | grep bind-address
v iY&D  
21.创建配置文件,/etc/postfix/mysql_virtual_alias_domainaliases_maps.cf,内容如下:
  1. user = postuser
  2. password = aqtest46
  3. hosts = 127.0.0.1
  4. dbname = postfdb
  5. query = SELECT goto FROM alias,alias_domain WHERE alias_domain.alias_domain = '%d' AND alias.address=concat('%u', '@', alias_domain.target_domain) AND alias.active = 1
22.创建配置文件,/etc/postfix/mysql_virtual_alias_maps.cf ,内容如下: :>g*!hpb  
  1. user = postuser
  2. password = aqtest46
  3. hosts = 127.0.0.1
  4. dbname = postfdb
  5. table = alias
  6. select_field = goto
  7. where_field = address
  8. additional_conditions = and active = '1'
"o[j'  
23.创建配置文件,/etc/postfix/mysql_virtual_domains_maps.cf,内容如下:
  1. user = postuser
  2. password = aqtest46
  3. hosts = 127.0.0.1
  4. dbname = postfdb
  5. table = domain
  6. select_field = domain
  7. where_field = domain
  8. additional_conditions = and backupmx = '0' and active = '1'
Nu'T0LPNq(  
24.创建配置文件,/etc/postfix/mysql_virtual_mailbox_domainaliases_maps.cf ,内容如下:
  1. user = postuser
  2. password = aqtest46
  3. hosts = 127.0.0.1
  4. dbname = postfdb
  5. query = SELECT maildir FROM mailbox, alias_domain
  6.   WHERE alias_domain.alias_domain = '%d'
  7.   AND mailbox.username=concat('%u', '@', alias_domain.target_domain )
  8.   AND mailbox.active = 1
3"hPplE  
25.创建配置文件,/etc/postfix/mysql_virtual_mailbox_maps.cf,内容如下:
  1. user = postuser
  2. password = aqtest46
  3. hosts = 127.0.0.1
  4. dbname = postfdb
  5. table = mailbox
  6. select_field = CONCAT(domain, '/', local_part)
  7. where_field = username
  8. additional_conditions = and active = '1'
!N1DJd  
26.创建配置文件,/etc/postfix/header_checks ,内容如下:
  1. /^Received:/                 IGNORE
  2. /^User-Agent:/               IGNORE
  3. /^X-Mailer:/                 IGNORE
  4. /^X-Originating-IP:/         IGNORE
  5. /^x-cr-[a-z]*:/              IGNORE
  6. /^Thread-Index:/             IGNORE
W`-AN}C#  
27.更改配置文件,/etc/postfix/main.cf ,内容如下:
  1. # See /usr/share/postfix/main.cf.dist for a commented, more complete version
  2. # The first text sent to a connecting process.
  3. smtpd_banner = $myhostname ESMTP $mail_name
  4. biff = no
  5. # appending .domain is the MUA's job.
  6. append_dot_mydomain = no
  7. readme_directory = no
  8. # SASL parameters
  9. # ---------------------------------
  10. # Use Dovecot to authenticate.
  11. smtpd_sasl_type = dovecot
  12. # Referring to /var/spool/postfix/private/auth
  13. smtpd_sasl_path = private/auth
  14. smtpd_sasl_auth_enable = yes
  15. broken_sasl_auth_clients = yes
  16. smtpd_sasl_security_options = noanonymous
  17. smtpd_sasl_local_domain =
  18. smtpd_sasl_authenticated_header = yes
  19. # TLS parameters
  20. # ---------------------------------
  21. # Replace this with your SSL certificate path if you are using one.
  22. smtpd_tls_cert_file=/etc/ssl/certs/yun_anqun_org.pem
  23. smtpd_tls_key_file=/etc/ssl/private/yun_anqun_org.key
  24. # The snakeoil self-signed certificate has no need for a CA file. But
  25. # if you are using your own SSL certificate, then you probably have
  26. # a CA certificate bundle from your provider. The path to that goes
  27. # here.
  28. #smtpd_tls_CAfile=/path/to/ca/file
  29. smtp_tls_note_starttls_offer = yes
  30. smtpd_tls_loglevel = 1
  31. smtpd_tls_received_header = yes
  32. smtpd_tls_session_cache_timeout = 3600s
  33. tls_random_source = dev:/dev/urandom
  34. #smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
  35. #smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
  36. # Note that forcing use of TLS is going to cause breakage - most mail servers
  37. # don't offer it and so delivery will fail, both incoming and outgoing. This is
  38. # unfortunate given what various governmental agencies are up to these days.
  39. # These are Postfix 2.2 only.
  40. #
  41. # Enable (but don't force) use of TLS on incoming smtp connections.
  42. smtpd_use_tls = yes
  43. smtpd_enforce_tls = no
  44. # Enable (but don't force) use of TLS on outgoing smtp connections.
  45. smtp_use_tls = yes
  46. smtp_enforce_tls = no
  47. # These are Postfix 2.3 and later.
  48. #
  49. # Enable (but don't force) all incoming smtp connections to use TLS.
  50. smtpd_tls_security_level = may
  51. # Enable (but don't force) all outgoing smtp connections to use TLS.
  52. smtp_tls_security_level = may
  53. # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
  54. # information on enabling SSL in the smtp client.
  55. # SMTPD parameters
  56. # ---------------------------------
  57. # Uncomment the next line to generate "delayed mail" warnings
  58. #delay_warning_time = 4h
  59. # will it be a permanent error or temporary
  60. unknown_local_recipient_reject_code = 450
  61. # how long to keep message on queue before return as failed.
  62. # some have 3 days, I have 16 days as I am backup server for some people
  63. # whom go on holiday with their server switched off.
  64. maximal_queue_lifetime = 7d
  65. # max and min time in seconds between retries if connection failed
  66. minimal_backoff_time = 1000s
  67. maximal_backoff_time = 8000s
  68. # how long to wait when servers connect before receiving rest of data
  69. smtp_helo_timeout = 60s
  70. # how many address can be used in one message.
  71. # effective stopper to mass spammers, accidental copy in whole address list
  72. # but may restrict intentional mail shots.
  73. smtpd_recipient_limit = 16
  74. # how many error before back off.
  75. smtpd_soft_error_limit = 3
  76. # how many max errors before blocking it.
  77. smtpd_hard_error_limit = 12
  78. # This next set are important for determining who can send mail and relay mail
  79. # to other servers. It is very important to get this right - accidentally producing
  80. # an open relay that allows unauthenticated sending of mail is a Very Bad Thing.
  81. #
  82. # You are encouraged to read up on what exactly each of these options accomplish.
  83. # Requirements for the HELO statement
  84. smtpd_helo_restrictions = permit_mynetworks, warn_if_reject reject_non_fqdn_hostname, reject_invalid_hostname, permit
  85. # Requirements for the sender details
  86. smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks, warn_if_reject reject_non_fqdn_sender, reject_unknown_sender_domain, reject_unauth_pipelining, permit
  87. # Requirements for the connecting server
  88. # This is primarily the RBL (Realtime Blacklist) Filtering
  89. smtpd_client_restrictions = reject_rbl_client b.barracudacentral.org, reject_rbl_client zen.spamhaus.org
  90. # Requirement for the recipient address. Note that the entry for
  91. # "check_policy_service inet:127.0.0.1:10023" enables Postgrey.
  92. smtpd_recipient_restrictions = reject_unauth_pipelining, permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_unauth_destination, permit
  93. smtpd_data_restrictions = reject_unauth_pipelining
  94. # This is a new option as of Postfix 2.10+, and is required in addition to
  95. # smtpd_recipient_restrictions for things to work properly in this setup.
  96. smtpd_relay_restrictions = reject_unauth_pipelining, permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_unauth_destination, permit
  97. # require proper helo at connections
  98. smtpd_helo_required = yes
  99. # waste spammers time before rejecting them
  100. smtpd_delay_reject = yes
  101. disable_vrfy_command = yes
  102. # General host and delivery info
  103. # ----------------------------------
  104. myhostname = yun.anqun.org
  105. myorigin = /etc/hostname
  106. # Some people see issues when setting mydestination explicitly to the server
  107. # subdomain, while leaving it empty generally doesn't hurt. So it is left empty here.
  108. # mydestination = mail.example.com, localhost
  109. mydestination =
  110. # If you have a separate web server that sends outgoing mail through this
  111. # mailserver, you may want to add its IP address to the space-delimited list in
  112. # mynetworks, e.g. as 111.222.333.444/32.
  113. mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
  114. mailbox_size_limit = 0
  115. recipient_delimiter = +
  116. inet_interfaces = all
  117. mynetworks_style = host
  118. # This specifies where the virtual mailbox folders will be located.
  119. virtual_mailbox_base = /var/vmail
  120. # This is for the mailbox location for each user. The domainaliases
  121. # map allows us to make use of Postfix Admin's domain alias feature.
  122. virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf, mysql:/etc/postfix/mysql_virtual_mailbox_domainaliases_maps.cf
  123. # and their user id
  124. virtual_uid_maps = static:150
  125. # and group id
  126. virtual_gid_maps = static:8
  127. # This is for aliases. The domainaliases map allows us to make
  128. # use of Postfix Admin's domain alias feature.
  129. virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf, mysql:/etc/postfix/mysql_virtual_alias_domainaliases_maps.cf
  130. # This is for domain lookups.
  131. virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf
  132. # Integration with other packages
  133. # ---------------------------------------
  134. # Tell postfix to hand off mail to the definition for dovecot in master.cf
  135. virtual_transport = dovecot
  136. dovecot_destination_recipient_limit = 1
  137. # Use amavis for virus and spam scanning
  138. # content_filter = amavis:[127.0.0.1]:10024
  139. # Header manipulation
  140. # --------------------------------------
  141. # Getting rid of unwanted headers. See: https://posluns.com/guides/header-removal/
  142. header_checks = regexp:/etc/postfix/header_checks
  143. # getting rid of x-original-to
  144. enable_original_recipient = no
poYO  
28.编辑配置文件,/etc/postfix/master.cf ,内容如下:
  1. #
  2. # Postfix master process configuration file.  For details on the format
  3. # of the file, see the master(5) manual page (command: "man 5 master").
  4. #
  5. # Do not forget to execute "postfix reload" after editing this file.
  6. #
  7. # ==========================================================================
  8. # service type  private unpriv  chroot  wakeup  maxproc command + args
  9. #               (yes)   (yes)   (yes)   (never) (100)
  10. # ==========================================================================
  11. # SMTP on port 25, unencrypted.
  12. smtp      inet  n       -       -       -       -       smtpd
  13. #smtp      inet  n       -       -       -       1       postscreen
  14. #smtpd     pass  -       -       -       -       -       smtpd
  15. #dnsblog   unix  -       -       -       -       0       dnsblog
  16. #tlsproxy  unix  -       -       -       -       0       tlsproxy
  17. # SMTP with TLS on port 587.
  18. submission inet n       -       -       -       -       smtpd
  19.   -o syslog_name=postfix/submission
  20.   -o smtpd_tls_security_level=encrypt
  21.   -o smtpd_sasl_auth_enable=yes
  22.   -o smtpd_enforce_tls=yes
  23.   -o smtpd_client_restrictions=permit_sasl_authenticated,reject_unauth_destination,reject
  24.   -o smtpd_sasl_tls_security_options=noanonymous
  25. # SMTP over SSL on port 465.
  26. smtps     inet  n       -       -       -       -       smtpd
  27.   -o syslog_name=postfix/smtps
  28.   -o smtpd_tls_wrappermode=yes
  29.   -o smtpd_sasl_auth_enable=yes
  30.   -o smtpd_tls_auth_only=yes
  31.   -o smtpd_client_restrictions=permit_sasl_authenticated,reject_unauth_destination,reject
  32.   -o smtpd_sasl_security_options=noanonymous,noplaintext
  33.   -o smtpd_sasl_tls_security_options=noanonymous
  34. #628       inet  n       -       -       -       -       qmqpd
  35. pickup    fifo  n       -       -       60      1       pickup
  36.   -o content_filter=
  37.   -o receive_override_options=no_header_body_checks
  38. cleanup   unix  n       -       -       -       0       cleanup
  39. qmgr      fifo  n       -       n       300     1       qmgr
  40. #qmgr     fifo  n       -       n       300     1       oqmgr
  41. tlsmgr    unix  -       -       -       1000?   1       tlsmgr
  42. rewrite   unix  -       -       -       -       -       trivial-rewrite
  43. bounce    unix  -       -       -       -       0       bounce
  44. defer     unix  -       -       -       -       0       bounce
  45. trace     unix  -       -       -       -       0       bounce
  46. verify    unix  -       -       -       -       1       verify
  47. flush     unix  n       -       -       1000?   0       flush
  48. proxymap  unix  -       -       n       -       -       proxymap
  49. proxywrite unix -       -       n       -       1       proxymap
  50. smtp      unix  -       -       -       -       -       smtp
  51. relay     unix  -       -       -       -       -       smtp
  52. #       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
  53. showq     unix  n       -       -       -       -       showq
  54. error     unix  -       -       -       -       -       error
  55. retry     unix  -       -       -       -       -       error
  56. discard   unix  -       -       -       -       -       discard
  57. local     unix  -       n       n       -       -       local
  58. virtual   unix  -       n       n       -       -       virtual
  59. lmtp      unix  -       -       -       -       -       lmtp
  60. anvil     unix  -       -       -       -       1       anvil
  61. scache    unix  -       -       -       -       1       scache
  62. #
  63. # ====================================================================
  64. # Interfaces to non-Postfix software. Be sure to examine the manual
  65. # pages of the non-Postfix software to find out what options it wants.
  66. #
  67. # Many of the following services use the Postfix pipe(8) delivery
  68. # agent.  See the pipe(8) man page for information about ${recipient}
  69. # and other message envelope options.
  70. # ====================================================================
  71. #
  72. # maildrop. See the Postfix MAILDROP_README file for details.
  73. # Also specify in main.cf: maildrop_destination_recipient_limit=1
  74. #
  75. maildrop  unix  -       n       n       -       -       pipe
  76.   flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
  77. #
  78. # ====================================================================
  79. #
  80. # Recent Cyrus versions can use the existing "lmtp" master.cf entry.
  81. #
  82. # Specify in cyrus.conf:
  83. #   lmtp    cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4
  84. #
  85. # Specify in main.cf one or more of the following:
  86. #  mailbox_transport = lmtp:inet:localhost
  87. #  virtual_transport = lmtp:inet:localhost
  88. #
  89. # ====================================================================
  90. #
  91. # Cyrus 2.1.5 (Amos Gouaux)
  92. # Also specify in main.cf: cyrus_destination_recipient_limit=1
  93. #
  94. #cyrus     unix  -       n       n       -       -       pipe
  95. #  user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
  96. #
  97. # ====================================================================
  98. # Old example of delivery via Cyrus.
  99. #
  100. #old-cyrus unix  -       n       n       -       -       pipe
  101. #  flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
  102. #
  103. # ====================================================================
  104. #
  105. # See the Postfix UUCP_README file for configuration details.
  106. #
  107. uucp      unix  -       n       n       -       -       pipe
  108.   flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
  109. #
  110. # Other external delivery methods.
  111. #
  112. ifmail    unix  -       n       n       -       -       pipe
  113.   flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
  114. bsmtp     unix  -       n       n       -       -       pipe
  115.   flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
  116. scalemail-backend unix  -       n       n       -       2       pipe
  117.   flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
  118. mailman   unix  -       n       n       -       -       pipe
  119.   flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
  120.   ${nexthop} ${user}
  121. # The next two entries integrate with Amavis for anti-virus/spam checks.
  122. amavis      unix    -       -       -       -       3       smtp
  123.   -o smtp_data_done_timeout=1200
  124.   -o smtp_send_xforward_command=yes
  125.   -o disable_dns_lookups=yes
  126.   -o max_use=20
  127. 127.0.0.1:10025 inet    n       -       -       -       -       smtpd
  128.   -o content_filter=
  129.   -o local_recipient_maps=
  130.   -o relay_recipient_maps=
  131.   -o smtpd_restriction_classes=
  132.   -o smtpd_delay_reject=no
  133.   -o smtpd_client_restrictions=permit_mynetworks,reject
  134.   -o smtpd_helo_restrictions=
  135.   -o smtpd_sender_restrictions=
  136.   -o smtpd_recipient_restrictions=permit_mynetworks,reject
  137.   -o smtpd_data_restrictions=reject_unauth_pipelining
  138.   -o smtpd_end_of_data_restrictions=
  139.   -o mynetworks=127.0.0.0/8
  140.   -o smtpd_error_sleep_time=0
  141.   -o smtpd_soft_error_limit=1001
  142.   -o smtpd_hard_error_limit=1000
  143.   -o smtpd_client_connection_count_limit=0
  144.   -o smtpd_client_connection_rate_limit=0
  145.   -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks
  146. # Integration with Dovecot - hand mail over to it for local delivery, and
  147. # run the process under the vmail user and mail group.
  148. dovecot      unix   -        n      n       -       -   pipe
  149.   flags=DRhu user=vmail:mail argv=/usr/lib/dovecot/dovecot-lda -d $(recipient)
J_A5,K*r|  
=X11x)]F9  
29.重启相应的服务:
  1. service postfix restart
  2. service dovecot restart
\Z^YaKj&  
30.如报错,可查看 /var/log/mail.log 及 /var/log/mail.err eZm,K'/!  
F\Gi;6a  
31.下载 roundcubemail-1.2.2-complete.tar.gz,解压放到 /var/www/html/webmail ZLJfSnB  
C<\|4ERp  
32.更改程序目录权限 >I3#ALF  
  1. chown -R www-data:www-data /var/www/html/webmail
S]3t{s#JW7  
33.创建新数据库 roundcubemail ,数据库用户名 roundcube,密码 qtest87 ,并分配合适权限:
  1. CREATE DATABASE roundcubemail;
  2. GRANT ALL PRIVILEGES ON roundcubemail.* TO roundcube@localhost IDENTIFIED BY 'aqtest87';  
  3. FLUSH PRIVILEGES;
^U.8grA  
34.浏览器访问:https://yun.anqun.org/webmail/installer 开始安装 39QAj&  
c?{&=,u2  
参考: /bj D*rj  
1. https://www.atlantic.net/community/howto/postfix-mail-server-setup-ubuntu-14-04/ h$FpH\-  
2. http://wiki.ubuntu.org.cn/IRedMail#.E6.89.B9.E9.87.8F.E5.88.9B.E5.BB.BA.E7.94.A8.E6.88.B7 1#9Q1@'OS  
3. https://github.com/roundcube/roundcubemail/wiki/Installation uf (`I  
K_4}N%P/))  
S3u>a\  
[ 此帖被dongshan8在2016-11-18 18:38重新编辑 ]
Debian 是一个自由的操作系统 (OS),提供您安装在计算机上使用。操作系统就是能让您的计算机工作的一系列基本程序和实用工具。
级别: 架构狮
发帖
1217
云币
1936
只看该作者 沙发  发表于: 01-25
Re:在Debian 8 系统里安装简易电子邮局系统 postfix mysql dovecot postfixadmin roundc ..
`XP Tf#9j  
优秀文章-欢迎进行技术分享,感谢你的支持!
级别: 架构狮
发帖
1217
云币
1936
只看该作者 板凳  发表于: 01-25
Re:在Debian 8 系统里安装简易电子邮局系统 postfix mysql dovecot postfixadmin roundc ..
级别: 架构狮
发帖
1217
云币
1936
只看该作者 地板  发表于: 01-25
Re:在Debian 8 系统里安装简易电子邮局系统 postfix mysql dovecot postfixadmin roundc ..
55zy]|F"  
优秀文章-欢迎进行技术分享,感谢你的支持!
发表主题 回复主题
« 返回列表上一主题下一主题

限100 字节
如果您提交过一次失败了,可以用”恢复数据”来恢复帖子内容
 
验证问题: 阿里云官网域名是什么? 正确答案:www.aliyun.com
上一个 下一个