搭建基於虛擬域和虛擬用戶的linux最新開源郵件系統Postfix+Dovecot+Cyrus-sasl+roundcubemail+mysql+postfixadmin
一.搭建配置縮略圖 ---2015年7月9日
二.系統環境準備
(1).軟件準備
(2).域名映射準備,一個域名,做好A記錄,MX記錄,SPF記錄
Xishui139.com
(3).郵件服務器需要固定的外網ip地址.做必須的端口映射25.110
180.166.35.68
三.開始安裝郵件服務器
1.linux fedora 22系統的安裝步驟這裏略過,需要注意的是如果郵件服務器需要對用戶做磁盤限制,請給存放郵件的目錄單獨劃分磁盤
2.fedora爲red hat家族的軟件,可以yum安裝的軟件有Apache,php,mysql,postfix, cyrus-sasl, dovecot,這裏不再介紹
3.重點介紹courier-authlib的編譯安裝
從官網www.courier-mta.org下載courier-authlib-0.62.4.tar.bz2的安裝包,格式是.tar.bz2
解壓的命令是tar jxvf courier-authlib-0.62.4.tar.bz2
我使用的編譯安裝命令是
./configure --prefix=/usr/local/authlib --with-mailuser=postfix --with-mailgroup=vmail --sysconfdir=/etc --without-authpam --without-authldap --without-authpwd --without-authshadow --without-authvchkpw --without-authpgsql --with-authmysql --with-mysql-libs=/usr/lib/mysql --with-mysql-includes=/usr/include/mysql --with-redhat --with-authmysqlrc=/etc/authmysqlrc --with-authdaemonrc=/etc/authdaemonrc
注意:命令需要校對目錄是否正確,如果不需要的參數刪除,
如果遇到報錯,只需要按照提示安裝上需要的包即可.
重要參數
(1). --with-mysql-includes=/usr/include/mysql mysql庫文件路徑
(2). -with-authmysqlrc=/etc/authmysqlrc --with-authdaemonrc=/etc/authdaemonrc
安裝完成後生成的配置文件位置,不加參數沒有此文件
(3). --without-authpam --without-authldap --without-authpwd --without-authshadow --without-authvchkpw --without-authpgsql --with-authmysql
without不加的功能,with 啓用的認證功能
(4) --with-mailuser=postfix 以postfix身份安裝並後續運行此程序
(5). --prefix=/usr/local/authlib編譯安裝的路徑
(6).編譯命令記錄
四.配置郵件服務器
(1).這裏是本機於上週配置的系統單域名賬號驗證的完整參數,
Linux 郵件服務器postfix+dovecot配置參數
(2).dovecot配置---------(7)
!!!!!!!!!!由於虛擬多域名郵件配置內容過多,詳細配置內容可以到
文章永久鏈接:http://www.xishui139.com/archives/652 查閱
(8)telnet測試smtp和po3 以及imap是否正常
注意:需要使用printf "[email protected]" | openssl base64(生成base64編碼以供驗證)
(8).1Smtp 測試
最後結果表明賬號驗證成功,此處的賬號需要完全的電子郵件地址如:[email protected]
(8).1 pop3 測試
Logged in表示登陸認證成功
(8).2 imap 測試
Logged in表示登陸認證成功
至此已經可以正常的使用郵件收發功能
(9) 常規日誌排錯(在排查錯誤之前,需要打開postfix,dovecot,mysqlcourier-auth的日誌功能,以便於查看完整的日誌報錯,方便排查)
1.Sasl認證錯誤
總結:認證方式不對,courier-auth沒有正確配置
2.dovecot 認證問題
Jul 4 21:02:36 localhost postfix/master[4017]: terminating on signal 15
Jul 4 21:02:37 localhost postfix/postfix-script[5253]: starting the Postfix mail system
Jul 4 21:02:37 localhost postfix/master[5255]: daemon started -- version 3.0.1, configuration /etc/postfix
Jul 4 21:17:49 localhost postfix/smtpd[5753]: connect from localhost.localdomain[127.0.0.1]
Jul 4 21:17:49 localhost postfix/smtpd[5753]: warning: SASL: Connect to /var/lib/dovecot/run/dovecot/auth-login failed: Permission denied
Jul 4 21:17:49 localhost postfix/smtpd[5753]: fatal: no SASL authentication mechanisms
Jul 4 21:17:50 localhost postfix/master[5255]: warning: process /usr/libexec/postfix/smtpd pid 5753 exit status 1
Jul 4 21:17:50 localhost postfix/master[5255]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling
Jul 4 21:19:30 localhost postfix/anvil[5755]: statistics: max connection rate 1/60s for (smtp:127.0.0.1) at Jul 4 21:17:49
Jul 4 21:19:30 localhost postfix/anvil[5755]: statistics: max connection count 1 for (smtp:127.0.0.1) at Jul 4 21:17:49
Jul 4 21:19:30 localhost postfix/anvil[5755]: statistics: max cache size 1 at Jul 4 21:17:49
總結:沒有配置認證參數,導致提示權限不足,選擇postfix認證,或者dovecot自身認證.mysql認證都可以.
3.postfix認證問題
Jul 4 22:59:20 localhost postfix/master[7912]: terminating on signal 15
Jul 4 22:59:21 localhost postfix/postfix-script[8140]: starting the Postfix mail system
Jul 4 22:59:21 localhost postfix/master[8142]: daemon started -- version 3.0.1, configuration /etc/postfix
Jul 4 22:59:31 localhost postfix/smtpd[8151]: connect from localhost.localdomain[127.0.0.1]
Jul 4 22:59:31 localhost postfix/smtpd[8151]: fatal: no SASL authentication mechanisms
Jul 4 22:59:32 localhost postfix/master[8142]: warning: process /usr/libexec/postfix/smtpd pid 8151 exit status 1
Jul 4 22:59:32 localhost postfix/master[8142]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling
Jul 4 23:04:54 localhost postfix/postfix-script[8320]: refreshing the Postfix mail system
總結:初始配置,未做sasl認證. no SASL authentication mechanisms
4.pop3登陸查詢存儲郵件問題
Jul 5 00:23:23 localhost dovecot: pop3-login: Login: user=<xishui139>, method=PLAIN, rip=192.168.198.18, lip=192.168.198.18, mpid=10162, secured, session=<ePRnFw8a7ADAqMYS>
Jul 5 00:23:23 localhost dovecot: pop3(xishui139): Error: User initialization failed: Namespace '': Mail storage autodetection failed with home=/home/xishui139
Jul 5 00:23:23 localhost dovecot: pop3(xishui139): Error: Invalid user settings. Refer to server log for more information.
Jul 5 00:25:29 localhost dovecot: pop3-login: Login: user=<xishui139>, method=PLAIN, rip=192.168.198.18, lip=192.168.198.18, mpid=10198, secured, session=<NK/qHg8a7QDAqMYS>
Jul 5 00:25:29 localhost dovecot: pop3(xishui139): Error: User initialization failed: Namespace '': Mail storage autodetection failed with home=/home/xishui139
Jul 5 00:25:29 localhost dovecot: pop3(xishui139): Error: Invalid user settings. Refer to server log for more information.
總結: 郵件存儲自動檢測失敗,就是dovecot和系統已經創建的目錄不匹配,而dovecot也沒有權限在配置的目錄創建mail目錄
5.dovecot 郵件目錄沒有配置報錯
Jul 5 00:30:28 localhost dovecot: master: Dovecot v2.2.18 starting up for imap, pop3, lmtp (core dumps disabled)
Jul 5 00:30:38 localhost dovecot: pop3-login: Aborted login (no auth attempts in 8 secs): user=<>, rip=192.168.198.18, lip=192.168.198.18, secured, session=<hhFfMQ8a7wDAqMYS>
Jul 5 00:30:49 localhost dovecot: pop3-login: Login: user=<xishui139>, method=PLAIN, rip=192.168.198.18, lip=192.168.198.18, mpid=10317, secured, session=<iS8FMg8a8ADAqMYS>
Jul 5 00:30:49 localhost dovecot: pop3(xishui139): Error: User initialization failed: Namespace '': Root mail directory not given
Jul 5 00:30:49 localhost dovecot: pop3(xishui139): Error: Invalid user settings. Refer to server log for more information.
Jul 5 00:34:41 localhost dovecot: pop3-login: Login: user=<xishui139>, method=PLAIN, rip=192.168.198.18, lip=192.168.198.18, mpid=10355, secured, session=<qQLTPw8a8QDAqMYS>
Jul 5 00:34:41 localhost dovecot: pop3(xishui139): Error: User initialization failed: Namespace '': Root mail directory not given
Jul 5 00:34:41 localhost dovecot: pop3(xishui139): Error: Invalid user settings. Refer to server log for more information.
總結:配置mail目錄
6.virtual 和系統使用的uid和gid有差異,報錯
Jul 5 01:38:21 localhost postfix/qmgr[9629]: 53320C13C4: from=<[email protected]>, size=530, nrcpt=1 (queue active)
Jul 5 01:38:21 localhost postfix/virtual[10858]: warning: recipient [email protected]: bad uid 89 in virtual_uid_mapsJul 5 01:38:21 localhost postfix/virtual[10858]: 53320C13C4: to=<[email protected]>, relay=virtual, delay=4739, delays=4739/0.14/0/0.06, dsn=4.3.5, status=deferred (mail system configuration error)
此時我在virtual使用的uid和gid是5000
7.地址賬號不存在
Jul 5 10:15:53 localhost postfix/smtpd[15739]: NOQUEUE: reject: RCPT from mail.xishui139.com[192.168.198.18]: 550 5.1.1 <pulish>: Recipient address rejected: User unknown in local recipient table; from=<xishui139> to=<pulish> proto=ESMTP helo=<mail>
總結:本地賬號不存在.
8.提供的認證方式都失敗
Jul 5 10:53:14 localhost dovecot: pop3-login: Aborted login (tried to use disallowed plaintext auth): user=<>, rip=180.166.35.68, lip=192.168.198.18, session=<F4/t4xcajwC0piNE>
Jul 5 10:53:21 localhost postfix/smtpd[16155]: connect from mail.xishui139.com[192.168.198.18]
總結,按照提供的認證進行正確的認證.
9.virtual認證接收地址不存在
Jul 9 11:19:44 localhost postfix/smtpd[20010]: connect from unknown[180.166.35.68]
Jul 9 11:19:44 localhost authdaemond: received auth request, service=smtp, authtype=login
Jul 9 11:19:44 localhost authdaemond: authmysql: trying this module
Jul 9 11:19:44 localhost authdaemond: SQL query: SELECT username, password, "", 89, 89, maildir, concat('/vmail/',maildir), "", name, "" FROM mailbox WHERE username = '[email protected]'
Jul 9 11:19:44 localhost authdaemond: password matches successfully
Jul 9 11:19:44 localhost authdaemond: authmysql: sysusername=<null>, sysuserid=89, sysgroupid=89, homedir=xishui139.com/smtp_blog/, address=[email protected], fullname=smtp_blog, maildir=/vmail/xishui139.com/smtp_blog/, quota=<null>, options=<null>
Jul 9 11:19:44 localhost authdaemond: authmysql: clearpasswd=<null>, passwd=$1$ecde18f9$PLg5AdxChGH3enyVgfUI21
Jul 9 11:19:44 localhost authdaemond: Authenticated: sysusername=<null>, sysuserid=89, sysgroupid=89, homedir=xishui139.com/smtp_blog/, address=[email protected], fullname=smtp_blog, maildir=/vmail/xishui139.com/smtp_blog/, quota=<null>, options=<null>
Jul 9 11:19:44 localhost authdaemond: Authenticated: clearpasswd=123456, passwd=$1$ece1f9PLgAdxCnygfU21
Jul 9 11:19:44 localhost postfix/smtpd[20010]: NOQUEUE: reject: RCPT from unknown[180.166.35.68]: 550 5.1.1 <[email protected]>: Recipient address rejected: User unknown in virtual mailbox table; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<mail.xishui139.com>
總結:在mysql mailbox中創建收件人地址.
10.virtual smtp認證失敗
Jul 10 21:33:29 localhost postfix/smtpd[7059]: warning: localhost.localdomain[127.0.0.1]: SASL login authentication failed: another step is needed in authentication
總結:密碼不正確
11.SQL 語句不正確
Jul 9 09:04:15 localhost authdaemond: received auth request, service=smtp, authtype=login
Jul 9 09:04:15 localhost authdaemond: authmysql: trying this module
Jul 9 09:04:15 localhost authdaemond: authmysqllib: connected. Versions: header 100020, client 100020, server 100020Jul 9 09:04:15 localhost authdaemond: SQL query: SELECT username, crypt, "", 5000, 5000, concat('/home/',homedir, concat('/home/',maildir), "", name, "" FROM mailbox WHERE username = '[email protected]'Jul 9 09:04:15 localhost authdaemond: mysql_query failed, reconnecting: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'FROM mailbox WHERE username = '[email protected]'' at line 1
Jul 9 09:04:15 localhost authdaemond: authmysqllib: connected. Versions: header 100020, client 100020, server 100020Jul 9 09:04:15 localhost authdaemond: mysql_query failed second time, giving up: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'FROM mailbox WHERE username = '[email protected]'' at line 1
Jul 9 09:04:15 localhost authdaemond: authmysql: TEMPFAIL - no more modules will be tried
Jul 9 09:04:15 localhost postfix/smtpd[18296]: warning: SASL authentication failure: could not verify password
Jul 9 09:04:15 localhost postfix/smtpd[18296]: warning: unknown[180.166.35.68]: SASL LOGIN authentication failed: generic failure
Jul 9 09:04:15 localhost postfix/smtpd[18296]: disconnect from unknown[180.166.35.68] ehlo=1 auth=0/1 quit=1 commands=2/3
總結:sql查詢語句不正確,就是/etc/authmysqlrc文件配置不正確
我的這個報錯是因爲MYSQL_HOME_FIELD maildir (錯誤配置MYSQL_HOME_FIELD concat('/home/',homedir)
12.dovecot以dovecot的id進行數據查詢報錯
Jul 9 13:58:17 localhost dovecot: pop3-login: Login: user=<publish_blog>, method=PLAIN, rip=180.166.35.68, lip=192.168.198.18, mpid=21794, secured, session=<YjUY8WoaHQC0piNE>
Jul 9 13:58:17 localhost dovecot: pop3(publish_blog): Error: User initialization failed: Namespace '': mkdir(/home/vmail//publish_blog/Maildir) failed: Permission denied (euid=1004(publish_blog) egid=1004(publish_blog) missing +w perm: /home/vmail/, we're not in group 89(postfix), dir owned by 89:89 mode=0775)
Jul 9 13:58:17 localhost dovecot: pop3(publish_blog): Error: Invalid user settings. Refer to server log for more information.
Jul 9 13:58:47 localhost dovecot: pop3-login: Login: user=<aliyun_blog>, method=PLAIN, rip=114.215.116.149, lip=192.168.198.18, mpid=21796, secured, session=<hwLp8moa7ABy13SV>
Jul 9 13:58:47 localhost dovecot: pop3(aliyun_blog): Error: User initialization failed: Namespace '': mkdir(/home/vmail//aliyun_blog/Maildir) failed: Permission denied (euid=1001(aliyun_blog) egid=1001(aliyun_blog) missing +w perm: /home/vmail/, we're not in group 89(postfix), dir owned by 89:89 mode=0775)
Jul 9 13:58:47 localhost dovecot: pop3(aliyun_blog): Error: Invalid user settings. Refer to server log for more information.
總結: dovecot以dovecot的id進行數據查詢報錯,需要dovecot以virtual設置的uid和gid進行查詢,我設置的uid和gid是 89(postfix)
13. mail_location = maildir:/vmail/%d/%d/%n/ 多一個domain
Jul 9 15:17:46 localhost postfix/smtpd[22636]: BE0EAC1737: client=unknown[180.166.35.68], sasl_method=LOGIN, sasl_username=[email protected]
Jul 9 15:17:46 localhost postfix/cleanup[22643]: BE0EAC1737: message-id=<[email protected]>
Jul 9 15:17:46 localhost postfix/qmgr[18414]: BE0EAC1737: from=<[email protected]>, size=1705, nrcpt=1 (queue active)
Jul 9 15:17:46 localhost postfix/smtpd[22636]: disconnect from unknown[180.166.35.68] ehlo=1 auth=1 mail=1 rcpt=1 data=1 quit=1 commands=6
Jul 9 15:17:46 localhost postfix/virtual[22645]: BE0EAC1737: to=<[email protected]>, relay=virtual, delay=0.03, delays=0.02/0/0/0.02, dsn=2.0.0, status=sent (delivered to maildir)
總結:這次設置對了,但是dovecot的maildir地址和virtual的maildir不一樣需要進行調整於是有了參數mail_location = maildir:/vmail/%d/%d/%n/
14.不影響收發郵件的錯誤
Jul 9 15:22:15 localhost authdaemond: Authenticated: sysusername=<null>, sysuserid=89, sysgroupid=89, homedir=xishui139.com/smtp_blog/, address=[email protected], fullname=smtp_blog, maildir=/vmail/xishui139.com/smtp_blog/, quota=<null>, options=<null>
總結:我的mail實際地址是/vmail/xishui139.com/xishui139.com/smtp_blog/目錄,但是這個錯誤不影響收發郵件的原因是postfix把收發信的工作交給了virtual
即reply=virtual.virtual的maildir和dovecot的maildir已經設置在相同的目錄下,因此收發郵件就正常了.postfix只是擔當了 (轉收發往本地外地的請求)
15.遷移舊目錄郵件到新目錄報錯
Jul 9 16:04:01 localhost dovecot: imap([email protected]): Error: open(/vmail/xishui139.com/xishui139.com/user/cur/1436116338.Vfd01Ic1a3fM378499.localhost.localdomain:2,S) failed: Permission denied (euid=89(postfix) egid=89(postfix) missing +r perm: /vmail/xishui139.com/xishui139.com/user/cur/1436116338.Vfd01Ic1a3fM378499.localhost.localdomain:2,S)
總結:客戶端報錯,不能收發郵件,因爲複製的郵件權限屬於root更改郵件的權限爲postfix 89:89 即可/
可以看到12.排錯dovecot的目錄郵件更正.
結束
文章標題:搭建基於虛擬域和虛擬用戶的linux最新開源郵件系統Postfix+Dovecot+Cyrus-sasl+roundcubemail+mysql+postfixadmin
文章鏈接:http://www.xishui139.com/archives/652