linux 搭建免费企业邮箱

一、邮件服务架构

bind：域名解析
postfix：实现SMTP协议，用于发件
dovecot：实现POP3和IMAP协议，用于收件
Cyrus-SASL函数库：用于用户认证
courier-authlib：使用MySQL数据库中的表进行身份验证
extmail和extman：提供webmail
1
2
3
4
5
6

在这里插入图片描述
二、部署bind
2.1、yum安装

yum -y install bind bind-utils
1

2.2、配置bind
主配置文件

vim /etc/named.conf 
        //listen-on port 53 { 127.0.0.1; };
        //listen-on-v6 port 53 { ::1; };
       //allow-query     { localhost; };
1
2
3
4

直接注释listen与allow-query，就可以监听在所有地址上并且允许所有主机访问

定义正反向区域配置文件

vim /etc/named.rfc1912.zones
zone "zhongdianjizhi.com" IN {
        type master;
        file "zhongdianjizhi.com.zone";
};      
zone "118.168.192.in-addr.arpa" {
        type master;
        file "zhongdianjizhi.com.local";
}; 
1
2
3
4
5
6
7
8
9

定义区域解析库文件（配置A记录与MX记录）

cd /var/named
cp -p named.localhost zhongdianjizhi.com.zone
cp -p named.localhost zhongdianjizhi.com.local 
vim /var/named/zhongdianjizhi.com.zone
$TTL 86400
@       IN SOA   ns.zhongdianjizhi.com. admin.zhongdianjizhi.com. (
                                        201902  ; serial
                                        2H      ; refresh
                                        10M      ; retry
                                        3D      ; expire
                                        1D )    ; minimum
        IN      NS       ns
        IN      MX 10    mail
ns       IN   A       192.168.118.100
mail     IN   A       192.168.118.100
vim /var/named/zhongdianjizhi.com.local
$TTL 86400
@       IN SOA   ns.zhongdianjizhi.com. admin.zhongdianjizhi.com. (
                                        201902  ; serial
                                        2H      ; refresh
                                        10M      ; retry
                                        3D      ; expire
                                        1D )    ; minimum
 
        IN      NS       ns.zhongdianjizhi.com.
1        IN      PTR      ns.zhongdianjizhi.com.
1        IN      PTR      mail.zhongdianjizhi.com.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27

2.3、检查配置文件是否有语法错误

named-checkzone "zhongdianjizhi.com.zone" /var/named/zhongdianjizhi.com.zone
named-checkzone "118.168.192.in-addr.arpa" /var/named/zhongdianjizhi.com.local 
1
2

2.4、修改区域解析库文件权限与属组

chgrp named /var/named/zhongdianjizhi.com.*
chmod 640 /var/named/zhongdianjizhi.com.*
1
2

2.5、将本机dns解析指向本机dns服务器

vim /etc/resolv.conf 
nameserver 192.168.118.100
1
2

2.6、修改主机名

hostnamectl set-hostname mail.zhongdianjizhi.com
1

2.7、启动named服务（bind是包名，服务名为named）

systemctl start named
systemctl enable named
1
2

2.8、测试解析

dig -t A mail.zhongdianjizhi.com @192.168.118.100
dig -x 192.168.118.100 @192.168.118.100
1
2

三、编译安装postfix
3.1、准备
移除系统自带的postfix

rpm -e postfix
1

删除postfix用户

userdel postfix
groupdel postdrop
1
2

新建用户

groupadd -g 2525 postfix
useradd -g 2525 -u 2525 -M -s /sbin/nologin postfix
groupadd -g 2526 postdrop
useradd -g 2526 -u 2526 -M -s /sbin/nologin postdrop
1
2
3
4

3.2下载postfix源码包，目前的稳定版为3.4版本

wget ftp://ftp.cuhk.edu.hk/pub/packages/mail-server/postfix/official/postfix-3.4.5.tar.gz
1

3.3、安装mariadb

yum -y install mariadb-server mariadb-devel 
systemctl start mariadb.service 
1
2

3.4、安装编译环境及其他所需包

yum -y install gcc gcc-c++ make pcre-devel expat-devel perl
yum -y install   openssl openssl-devel db4-devel ntpdate  bzip2 php-mysql cyrus-sasl-md5 perl-GD perl-DBD-MySQL perl-GD perl-CPAN perl-CGI perl-CGI-Session cyrus-sasl-lib cyrus-sasl-plain cyrus-sasl cyrus-sasl-devel libtool-ltdl-devel telnet mail libicu-devel m4 expect httpd
1
2

3.5、找到mysql与sasl的头文件以及库文件安装位置

rpm -ql mariadb-devel
Mysql include：/usr/include/mysql
Mysql lib：/usr/lib64/mysql
 
rpm -ql cyrus-sasl-devel
Sasl lib：/usr/lib64/sasl2
Sasl include：/usr/include/sasl
1
2
3
4
5
6
7

3.6、准备编译

cd /usr/local/src/; tar -xf postfix-3.4.5.tar.gz
cd postfix-3.4.5/
1
2

#编译时指定上一步找到的头文件以及库文件位置

make makefiles 'CCARGS=-DHAS_MYSQL -I/usr/include/mysql -DUSE_SASL_AUTH -DUSE_CYRUS_SASL -I/usr/include/sasl -DUSE_TLS ' 'AUXLIBS=-L/usr/lib64/mysql -lmysqlclient -lz -lrt -lm -L/usr/lib64/sasl2 -lsasl2   -lssl -lcrypto'
make && make install
1
2

在make install过程中交互式的填写配置文件

Please specify the prefix for installed file names. Specify this ONLY
if you are building ready-to-install packages for distribution to OTHER
machines. See PACKAGE_README for instructions.
install_root: [/] 
Please specify a directory for scratch files while installing Postfix. You
must have write permission in this directory.
tempdir: [/usr/local/src/postfix-3.0.11] /tmp/extmail     #更改tmp目录，其他的全部默认
Please specify the final destination directory for installed Postfix
configuration files.
config_directory: [/etc/postfix] 
Please specify the final destination directory for installed Postfix
administrative commands. This directory should be in the command search
path of adminstrative users.
command_directory: [/usr/sbin] 
Please specify the final destination directory for installed Postfix
daemon programs. This directory should not be in the command search path
of any users.
daemon_directory: [/usr/libexec/postfix] 
Please specify the final destination directory for Postfix-writable
data files such as caches or random numbers. This directory should not
be shared with non-Postfix software.
data_directory: [/var/lib/postfix] 
Please specify the final destination directory for the Postfix HTML
files. Specify "no" if you do not want to install these files.
html_directory: [no] 
Please specify the owner of the Postfix queue. Specify an account with
numerical user ID and group ID values that are not used by any other
accounts on the system.
mail_owner: [postfix] 
Please specify the final destination pathname for the installed Postfix
mailq command. This is the Sendmail-compatible mail queue listing command.
mailq_path: [/usr/bin/mailq] 
Please specify the final destination directory for the Postfix on-line
manual pages. You can no longer specify "no" here.
manpage_directory: [/usr/local/man] 
Please specify the final destination pathname for the installed Postfix
newaliases command. This is the Sendmail-compatible command to build
alias databases for the Postfix local delivery agent.
newaliases_path: [/usr/bin/newaliases] 
Please specify the final destination directory for Postfix queues.
queue_directory: [/var/spool/postfix] 
Please specify the final destination directory for the Postfix README
files. Specify "no" if you do not want to install these files.
readme_directory: [no]
Please specify the final destination pathname for the installed Postfix
sendmail command. This is the Sendmail-compatible mail posting interface.
sendmail_path: [/usr/sbin/sendmail] 
Please specify the group for mail submission and for queue management
commands. Specify a group name with a numerical group ID that is
not shared with other accounts, not even with the Postfix mail_owner
account. You can no longer specify "no" here.
setgid_group: [postdrop] 
Please specify the final destination directory for Postfix shared-library
files.
shlib_directory: [no]
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55

3.7、配置postfix

主配置文件：/etc/postfix/main.cf
maildrop配置文件：/etc/postfix/master.cf 可通过postconf -e修改

备份
cp /etc/postfix/main.cf{,.bak}
配置文件main.cf
#第94行 修改邮局主机名
myhostname = mail.zhongdianjizhi.com
#第102行 修改邮局域名
mydomain = zhongdianjizhi.com
#第118行 寄出邮件域名，删除注释
myorigin = $mydomain
#第132行 修改监听所有网卡，删除注释
inet_interfaces = all
#第180行 修改可接收邮件的主机名和域名，可被中继的域名
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
#第279 修改可接收邮件的主机名和域名，可被中继的主机
mynetworks = 192.168.118.0/24, 127.0.0.0/8
#第434行，取消注释
home_mailbox = Maildir/
#第676行 开启同时使用ipv4和ipv6协议，定义postfix进程监听的IP地址
inet_protocols = all
#第266行 指定信任网段类型
mynetworks_style = host   
#第311行 指定允许中转邮件的域名，取消注释
relay_domains = $mydestination      
#第401行，设置邮件的别名映射表，取消注释
alias_maps = hash:/etc/aliases       
配置结束后使用postconf -n查看配置并核对
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29

3.8、配置服务启动脚本

vim /etc/init.d/postfix
#!/bin/bash
#
# postfix      Postfix Mail Transfer Agent
#
# chkconfig: 2345 80 30
# description: Postfix is a Mail Transport Agent, which is the program 
#              that moves mail from one machine to another.
# processname: master
# pidfile: /var/spool/postfix/pid/master.pid
# config: /etc/postfix/main.cf
# config: /etc/postfix/master.cf
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
. /etc/sysconfig/network
# Check that networking is up.
[ $NETWORKING = "no" ] && exit 3
[ -x /usr/sbin/postfix ] || exit 4
[ -d /etc/postfix ] || exit 5
[ -d /var/spool/postfix ] || exit 6
RETVAL=0
prog="postfix"
start() {
     # Start daemons.
     echo -n $"Starting postfix: "
        /usr/bin/newaliases >/dev/null 2>&1
     /usr/sbin/postfix start 2>/dev/null 1>&2 && success || failure $"$prog start"
     RETVAL=$?
     [ $RETVAL -eq 0 ] && touch /var/lock/subsys/postfix
        echo
     return $RETVAL
}
stop() {
  # Stop daemons.
     echo -n $"Shutting down postfix: "
     /usr/sbin/postfix stop 2>/dev/null 1>&2 && success || failure $"$prog stop"
     RETVAL=$?
     [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/postfix
     echo
     return $RETVAL
}
reload() {
     echo -n $"Reloading postfix: "
     /usr/sbin/postfix reload 2>/dev/null 1>&2 && success || failure $"$prog reload"
     RETVAL=$?
     echo
     return $RETVAL
}
abort() {
     /usr/sbin/postfix abort 2>/dev/null 1>&2 && success || failure $"$prog abort"
     return $?
}
flush() {
     /usr/sbin/postfix flush 2>/dev/null 1>&2 && success || failure $"$prog flush"
     return $?
}
check() {
     /usr/sbin/postfix check 2>/dev/null 1>&2 && success || failure $"$prog check"
     return $?
}
restart() {
     stop
     start
}
# See how we were called.
case "$1" in
  start)
     start
     ;;
  stop)
     stop
     ;;
  restart)
     stop
     start
     ;;
  reload)
     reload
     ;;
  abort)
     abort
     ;;
  flush)
     flush
     ;;
  check)
     check
     ;;
  status)
       status master
     ;;
  condrestart)
     [ -f /var/lock/subsys/postfix ] && restart || :
     ;;
  *)
     echo $"Usage: $0 {start|stop|restart|reload|abort|flush|check|status|condrestart}"
     exit 1
esac
exit $?

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101

添加权限，并开机启动

chmod +x /etc/init.d/postfix
chkconfig --add postfix
chkconfig postfix on
chown postfix.postfix -R /var/lib/postfix/
chown postfix.postfix /var/spool/ -R
1
2
3
4
5

3.9、生成别名

newaliases 
ls /etc/aliases.db 
1
2

3.10、启动并测试

useradd jym
systemctl start postfix
[root@mail ~]# telnet mail.zhongdianjizhi.com 25
Trying fe80::4c54:bb23:c6db:6473%ens33...
telnet: connect to address fe80::4c54:bb23:c6db:6473%ens33: Connection refused
Trying 192.168.118.100...
Connected to mail.zhongdianjizhi.com.
Escape character is '^]'.
220 mail.zhongdianjizhi.com ESMTP Postfix
mail from:root@zhongdianjizhi.com
250 2.1.0 Ok
rcpt to:jym@zhongdianjizhi.com
250 2.1.5 Ok
data
354 End data with <CR><LF>.<CR><LF>
hello,this is test mail.
.
250 2.0.0 Ok: queued as 13259132D75
quit
221 2.0.0 Bye
Connection closed by foreign host.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21

Note：写完邮件正文需要以.结束
发送成功

[root@mail ~]# tail /var/log/maillog|grep sent
Jul  1 16:29:56 mail postfix/local[8749]: 13259132D75: to=<jym@zhongdianjizhi.com>, relay=local, delay=66, dela
ys=66/0.01/0/0, dsn=2.0.0, status=sent (delivered to maildir)
1
2
3

四、安装dovecot
4.1、yum安装dovecot

yum -y install dovecot dovecot-mysql
1

依赖包：clucene-core

4.2、配置dovecot

vim /etc/dovecot/dovecot.conf 
#第24行，取消注释
protocols = imap pop3 lmtp
#第30行，取消注释
listen = *, ::
#第33行，取消注释
base_dir = /var/run/dovecot/
vim /etc/dovecot/conf.d/10-mail.conf 
#第30行，取消注释，为dovecot指明邮箱位置
mail_location = maildir:/var/mailbox/%d/%n/Maildir
配置dovecot连接mysql

cp /etc/dovecot/conf.d/auth-sql.conf.ext /etc/dovecot/conf.d/auth-sql.conf
vim /etc/dovecot/conf.d/auth-sql.conf
passdb {
  driver = sql
  # Path for SQL configuration file, see example-config/dovecot-sql.conf.ext
  args = /etc/dovecot/dovecot-sql.conf
}
userdb {
  driver = sql
  args = /etc/dovecot/dovecot-sql.conf
}
 
vim /etc/dovecot/dovecot-sql.conf
driver = mysql
connect = host=localhost dbname=extmail user=extmail password=extmail
default_pass_scheme = CRYPT
password_query = SELECT username AS user,password AS password FROM mailbox WHERE username = '%u'
user_query = SELECT maildir, uidnumber AS uid, gidnumber AS gid FROM mailbox WHERE username = '%u'
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30

4.3、启动

systemctl start dovecot.service 
1

4.4、测试收件

echo "111111" | passwd --stdin jym
[root@mail ~]# telnet mail.zhongdianjizhi.com 110
Trying fe80::4c54:bb23:c6db:6473%ens33...
Connected to mail.zhongdianjizhi.com.
Escape character is '^]'.
+OK Dovecot ready.
user jym
+OK
pass 111111
+OK Logged in.
list
+OK 2 messages:
1 506
2 495
.
retr 1
+OK 506 octets
Return-Path: <root@zhongdianjizhi.com>
X-Original-To: jym@zhongdianjizhi.com
Delivered-To: jym@zhongdianjizhi.com
Received: from mail.zhongdianjizhi.com (mail.zhongdianjizhi.com [192.168.118.100])
    by mail.zhongdianjizhi.com (Postfix) with ESMTP id 13259132D75
    for <jym@zhongdianjizhi.com>; Mon,  1 Jul 2019 16:28:51 +0000 (GMT)
Message-Id: <20190701162941.13259132D75@mail.zhongdianjizhi.com>
Date: Mon,  1 Jul 2019 16:28:51 +0000 (GMT)
From: root@zhongdianjizhi.com
 
hello,this is test mail.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28

五、sasl配置
配置文件：/etc/sysconfig/saslauthd

5.1、启动

systemctl start saslauthd.service 
systemctl enable saslauthd.service 
1
2

5.2、测试

testsaslauthd -ujym -p111111
1

5.3、smtpd配置

vim /usr/lib64/sasl2/smtpd.conf 
创建smtpd.conf配置文件并写入
log_level: 3  #生产环境关闭，现用于测试
pwcheck_method: authdaemond
mech_list: PLAIN LOGIN
authdaemond_path:/usr/local/courier-authlib/var/spool/authdaemon/socket #authlib的socket路径
1
2
3
4
5
6

5.4、postfix关于smtp的配置

vim /etc/postfix/main.cf
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject_invalid_hostname,reject_non_fqd
n_hostname,reject_unknown_sender_domain,reject_non_fqdn_sender,reject_non_fqdn_recipient,reject_unknown_recipient_domain,reject_unauth_pipelining,reject_unauth_destinationsmtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_security_options = noanonymous
smtpd_sasl_path = smtpd
1
2
3
4
5
6
7

六、编译安装courier-authlib

postfix使用courier-authlib实现虚拟用户的认证
下载地址：http://www.courier-mta.org/download.html
1
2

6.1、编译安装courier-unicode

wget https://sourceforge.net/projects/courier/files/courier-unicode/2.1/courier-unicode-2.1.tar.bz2
tar xf courier-unicode-2.1.tar.bz2
cd courier-unicode-2.1/
./configure 
make && make install
1
2
3
4
5

6.2、编译安装courier-authlib

wget https://sourceforge.net/projects/courier/files/authlib/0.69.0/courier-authlib-0.69.0.tar.bz2
tar xf courier-authlib-0.69.0.tar.bz2
cd courier-authlib-0.69.0/
#在编译选项中指定mysql认证，指明mysql的库文件，头文件位置，指明安装目录以及配置文件目录
./configure --prefix=/usr/local/courier-authlib     --sysconfdir=/etc     --without-authpam     --without-authshadow     --without-authvchkpw     --without-authpgsql     --with-authmysql     --with-mysql-libs=/usr/lib64/mysql     --with-mysql-includes=/usr/include/mysql     --with-redhat     --with-authmysqlrc=/etc/authmysqlrc     --with-authdaemonrc=/etc/authdaemonrc     --with-mailuser=postfix --with-mailgroup=
                        

                        

                        
                          
                            
                            阅读：1722 次
 日期：2021-05-14

                              

                            
                          

                            
                              【 打印 】 【 关闭 】
                               【 字体：大 中
                              小 】  
                          
                        
                        
                          
                            上一篇： 外贸企业发开发信哪家邮箱好用？企业邮箱退信怎么办？                            
下一篇： 企业邮箱附件|大小限制？附件过期？看来你不了解邮箱噢

>> 相关文章

咨询在线客服