1. mysql 的安裝請參閱 : http://yves2005.pixnet.net/blog/post/64697083-freebsd-11-mysql57-server--how-to
設定: 登入前 postfixadmin 請執行
==>
a .For MySQL: 新增 postfix database 及帳號
CREATE DATABASE postfix;
CREATE USER 'postfix'@'localhost' IDENTIFIED BY 'choose_a_password';
GRANT ALL PRIVILEGES ON `postfix` . * TO 'postfix'@'localhost';
b. Configure PostfixAdmin so it can find the database
-----------------------------------------------------
修改 a config.local.php file for your local configuration:
$CONF['database_type'] = 'mysqli';
$CONF['database_user'] = 'postfix';
$CONF['database_password'] = 'postfixadmin';
$CONF['database_name'] = 'postfix';
$CONF['configured'] = true;
2. postfix 安裝 : cd /usr/port/mail/postfix/
==> make config , mysql support 要打勾。
a. 設定 main.cf
-----------------------------------------------------------------------------------------------------
mydestination = localhost // 走virtual domain 不需設定
mynetworks = 127.0.0.0/8 // 其他人要走dovecot認證才能寄信
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
home_mailbox = Maildir/
mail_spool_directory = /var/spool/mail
###########################
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions = permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
reject_non_fqdn_sender,
reject_unknown_sender_domain,
reject_rbl_client cbl.abuseat.org,
reject_rbl_client bl.spamcop.net,
reject_rbl_client sbl-xbl.spamhaus.org
broken_sasl_auth_clients = yes
smtpd_sasl_security_options = noanonymous
mailbox_size_limit = 512000000
message_size_limit = 10240000
####################################
##enable tls
smtp_tls_security_level = may
#smtpd_tls_CAfile = /etc/openssl/certs/ca.pem
smtpd_tls_cert_file = /etc/ssl/dovecot.pem
smtpd_tls_key_file = /etc/ssl/dovecot.pem //此為同一張憑證, public key + private key
#smtpd_tls_session_cache_database = btree:/var/run/smtpd_tls_session_cache
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
tls_random_source = dev:/dev/urandom
smtpd_tls_auth_only = yes
##########################################
#virtual_transport = lmtp:unix:private/dovecot-lmtp
virtual_mailbox_base = /var/mail/mailbox/
virtual_mailbox_maps = mysql:/usr/local/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_mailbox_domains = mysql:/usr/local/etc/postfix/mysql_virtual_domains_maps.cf
virtual_alias_maps = mysql:/usr/local/etc/postfix/mysql_virtual_alias_maps.cf
virtual_uid_maps = static:1007 // 此為新增user vmain 的uid 及gid ,自行新增
virtual_gid_maps = static:1007
-----------------------------------------------------------------------------------------------------
b. 新增三個檔案 :
mysql_virtual_mailbox_maps.cf
=>
user = postfix
password = postfix
hosts = localhost
dbname = postfix
table = mailbox
select_field = maildir
where_field = username
mysql_virtual_domains_maps.cf
=>
user = postfix
password = postfix
hosts = localhost
dbname = postfix
#table = domain
#select_field = domain
#where_field = domain
query = SELECT domain FROM domain WHERE domain = '%s'
mysql_virtual_alias_maps.cf
=>
user = postfix
password = postfix
hosts = localhost
dbname = postfix
table = alias
select_field = goto
where_field = address
==========================================================
3. 安裝 dovecot2 => cd /usr/ports/mail/dovecot2 ; make config , 確定mysql 有打勾 。
make install clean ;
a.先新增憑證檔
cd /usr/local/share/examples/dovecot/
=>修改此檔 : dovecot-openssl.cnf 符合你的需求
==>執行 sh mkcert.sh 將會產生憑證
b.組態設定:
cp -r /usr/local/etc/dovecot/example-config/* /usr/local/etc/dovecot
==============================================================================
vi dovecot-sql.conf.ext
# Database driver: mysql, pgsql, sqlite
driver = mysql
connect = host=127.0.0.1 dbname=postfix user=postfix password=postfix
password_query = SELECT password FROM mailbox WHERE username = '%u'
==============================================================================
root@fd11[/usr/local/etc/dovecot/conf.d]> vi auth-sql.conf.ext
passdb {
driver = sql
# Path for SQL configuration file, see example-config/dovecot-sql.conf.ext
args = /usr/local/etc/dovecot/dovecot-sql.conf.ext
}
userdb {
driver = static
args = uid=vmail gid=vmail home=/var/mail/mailbox/%d/%n
}
==============================================================================
root@fd11[/usr/local/etc/dovecot/conf.d]> vi 10-mail.conf
mail_location = maildir:/var/mail/mailbox/%d/%n
==============================================================================
root@fd11[/usr/local/etc/dovecot/conf.d]> vi 10-auth.conf
disable_plaintext_auth = yes
auth_mechanisms = plain login
#!include auth-system.conf.ext //預設為 /etc/passwd 認證,要改為sql 認證
!include auth-sql.conf.ext
==============================================================================
root@fd11[/usr/local/etc/dovecot/conf.d]> vi 10-logging.conf
info_log_path = /var/log/dovecot.log
debug_log_path = /var/log/dovecot.log
auth_verbose = yes
log_timestamp = "%b %d %H:%M:%S "
login_log_format = %$: %s
then touch /var/log/dovecot.log
==============================================================================
root@fd11[/usr/local/etc/dovecot/conf.d]> vi 10-master.conf
service auth {
#unix_listener auth-userdb {
unix_listener /var/spool/postfix/private/auth {
mode = 0660
user = postfix
group = postfix
}
==============================================================================
root@fd11[/usr/local/etc/dovecot/conf.d]> vi 10-ssl.conf
ssl = yes
ssl_cert = </etc/ssl/dovecot.pem
ssl_key = </etc/ssl/dovecot.pem
==============================================================================
啟動 : /usr/local/etc/rc.d/dovecot onestart
/usr/local/etc/rc.d/postfix onestart
檢查 : sockset -4l
root@fd11[/usr/local/etc/dovecot/conf.d]> sockstat -4l
USER COMMAND PID FD PROTO LOCAL ADDRESS FOREIGN ADDRESS
mysql mysqld 84875 25 tcp4 127.0.0.1:3306 *:*
www httpd 81277 4 tcp4 *:80 *:*
root dovecot 81124 26 tcp4 *:110 *:*
root dovecot 81124 28 tcp4 *:995 *:*
root dovecot 81124 41 tcp4 *:143 *:*
root dovecot 81124 43 tcp4 *:993 *:*
root master 80401 13 tcp4 *:25 *:*
==============================================================================
新增 mailbox 目錄 => mkdir /var/mail/mailbox/
chown vmail:vmail mailbox/
==============================================================================
測試 log :
新增二個virtual domain : lab.com , xyz.com , 從 lab.com 寄信到 xyz.com
以後有需求可直接由 postfixadmin 網頁來新增管理帳號及網域
---------------------------------------------------------------------------------------------------------------------------------------------------------------
Dec 13 10:33:21 fd11 postfix/qmgr[85478]: 34CAD892A3: from=<yves@lab.com>, size=1325, nrcpt=1 (queue active)
Dec 13 10:33:21 fd11 postfix/smtpd[85525]: disconnect from fd90.lab.com[192.168.40.222] ehlo=1 auth=1 mail=1 rcpt=1 data=1 quit=1 commands=6
Dec 13 10:33:21 fd11 postfix/virtual[85530]: 34CAD892A3: to=<admin@xyz.com>, relay=virtual, delay=0.13, delays=0.12/0.01/0/0, dsn=2.0.0, status=sent (delivered to maildir)
寄去 gmail , 記得開啟 SSL 連線,否則會寄信失敗, 收信也會失敗。
Dec 13 10:35:23 fd11 postfix/qmgr[85541]: C6EB7892A3: from=<yves@lab.com>, size=1420, nrcpt=1 (queue active)
Dec 13 10:35:23 fd11 postfix/smtpd[85546]: disconnect from fd90.lab.com[192.168.40.222] ehlo=2 starttls=1 auth=1 mail=1 rcpt=1 data=1 quit=1 commands=8
Dec 13 10:35:25 fd11 postfix/smtp[85554]: C6EB7892A3: to=<xxxxxxxx@gmail.com>, relay=gmail-smtp-in.l.google.com[74.125.203.26]:25, delay=1.2, delays=0.13/0.02/0.59/0.49, dsn=2.0.0, status=sent (250 2.0.0 OK 1481596419 59si46041330pld.76 - gsmtp)
Dec 13 10:35:25 fd11 postfix/qmgr[85541]: C6EB7892A3: removed
==============================================
其他 : 啟動 ssl 前 :
root@fd11[/usr/local/etc/postfix]> telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 mail.lab.com ESMTP Postfix (3.1.3)
ehlo localhost
250-mail.lab.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250 SMTPUTF8
quit
221 2.0.0 Bye
啟動ssl 後:
root@fd11[/usr/local/etc/postfix]> telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 mail.lab.com ESMTP Postfix (3.1.3)
ehlo localhost
250-mail.lab.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250 SMTPUTF8
留言列表
Linux (6)
