CentOS 7 安装邮件服务器 (Postfix + Dovecot + MariaDB)

Postfix是一种高性能的开源邮件服务器系统。本文将帮助你在CentOS 7上安装Postfix服务器,并使用IMAP/POP3协议,将在 MariaDB(MySQL)数据库中存储虚拟域和用户信息。

在安装Postfix服务器的CentOS平台上必须设置好您的主机名,同时确保iptables防火墙不会阻止任何标准的邮件端口(25,465,587,110,995,143,993),如果使用不同形式的防火墙,确认它不会阻塞任何需要的端口。

安装需要的软件包

1.升级已安装的软件包:

1
$ yum update

2.修改CentOS的YUM源文件:

修改/etc/yum.repos.d/CentOS-Base.repo文件

1
2
3
4
5
6
7
8
[base]
name=CentOS-$releasever - Base
exclude=postfix
#released updates
[updates]
name=CentOS-$releasever - Updates
exclude=postfix

3.安装要使用的软件包:Postfix邮件服务器,MariaDB数据库服务器,Dovecot的IMAP和POP后台服务器

1
2
yum --enablerepo=centosplus install postfix
yum install dovecot mariadb-server dovecot-mysql

下一步,建立MariaDB数据库来存放虚拟域和用户。

在MariaDB中设置虚拟域和用户

1.设置MariaDB服务器能在CentOS启动时一起启动,并现在启动MariaDB服务器

1
2
yum --enablerepo=centosplus install postfix
yum install dovecot mariadb-server dovecot-mysql

2.运行mysql_secure_installation ,对MariaDB数据库进行初始化.

1
mysql_secure_installation

3.登入MariaDB 数据库:

1
mysql -u root -p

4.创建一个 mail 数据库并进入mail数据库:

1
2
CREATE DATABASE mail;
USE mail;

5.创建一个mail数据库的管理用户mail_admin,本为用户code>mail_admin设置密码:

1
2
3
GRANT SELECT, INSERT, UPDATE, DELETE ON mail.* TO 'mail_admin'@'localhost' IDENTIFIED BY 'both-win';
GRANT SELECT, INSERT, UPDATE, DELETE ON mail.* TO 'mail_admin'@'localhost.localdomain' IDENTIFIED BY 'both-win';
FLUSH PRIVILEGES;

6.创建虚拟域名表:

1
CREATE TABLE domains (domain varchar(50) NOT NULL, PRIMARY KEY (domain) );

7.创建一个邮件转发表:

1
CREATE TABLE forwardings (source varchar(80) NOT NULL, destination TEXT NOT NULL, PRIMARY KEY (source) );

8.创建用户表:

1
CREATE TABLE users (email varchar(80) NOT NULL, password varchar(20) NOT NULL, PRIMARY KEY (email) );

9.创建一个传输表:

1
CREATE TABLE transport ( domain varchar(128) NOT NULL default '', transport varchar(128) NOT NULL default '', UNIQUE KEY domain (domain) );

10.退出 MariaDB

1
quit

11.在/etc/my.cnf配置中,将 localhost设置为127.0.0.1

1
bind-address=127.0.0.1

12.重启MariaDB 服务器:

1
systemctl restart mariadb.service

配置Postfix 与MariaDB通信的参数

提醒:

这里假设mail_admin用户密码为both-win,你可以根据实际需要修改密码

1.创建虚拟域配置文件/etc/postfix/mysql-virtual_domains.cf

1
2
3
4
5
user = mail_admin
password = both-win
dbname = mail
query = SELECT domain AS virtual FROM domains WHERE domain='%s'
hosts = 127.0.0.1

2.创建虚拟转发配置文件/etc/postfix/mysql-virtual_forwardings.cf

1
2
3
4
5
user = mail_admin
password = both-win
dbname = mail
query = SELECT destination FROM forwardings WHERE source='%s'
hosts = 127.0.0.1

3.创建虚拟邮箱配置文件/etc/postfix/mysql-virtual_mailboxes.cf

1
2
3
4
5
user = mail_admin
password = both-win
dbname = mail
query = SELECT CONCAT(SUBSTRING_INDEX(email,'@',-1),'/',SUBSTRING_INDEX(email,'@',1),'/') FROM users WHERE email='%s'
hosts = 127.0.0.1

4.创建虚拟邮件映射配置文件/etc/postfix/mysql-virtual_email2email.cf

1
2
3
4
5
user = mail_admin
password = both-win
dbname = mail
query = SELECT email FROM users WHERE email='%s'
hosts = 127.0.0.1

5.设置这些配置文件的权限和所有权:

1
2
chmod o= /etc/postfix/mysql-virtual_*.cf
chgrp postfix /etc/postfix/mysql-virtual_*.cf

6.创建邮件处理的用户和组。所有的虚拟邮箱将存储该用户的home目录下:

1
2
groupadd -g 5000 vmail
useradd -g vmail -u 5000 vmail -d /home/vmail -m

7.剩下的就是配置Postfix。下面我们假设mail服务器域名为 server.example.com。如果你有SSL证书,请将证书放置/etc/pki/dovecot/private/dovecot.pem文件目录下:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
postconf -e 'myhostname = mail.ipbgp.com'
postconf -e 'mydestination = localhost, localhost.localdomain'
postconf -e 'mynetworks = 127.0.0.0/8'
postconf -e 'inet_interfaces = all'
postconf -e 'message_size_limit = 30720000'
postconf -e 'virtual_alias_domains ='
postconf -e 'virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, mysql:/etc/postfix/mysql-virtual_email2email.cf'
postconf -e 'virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf'
postconf -e 'virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf'
postconf -e 'virtual_mailbox_base = /home/vmail'
postconf -e 'virtual_uid_maps = static:5000'
postconf -e 'virtual_gid_maps = static:5000'
postconf -e 'smtpd_sasl_type = dovecot'
postconf -e 'smtpd_sasl_path = private/auth'
postconf -e 'smtpd_sasl_auth_enable = yes'
postconf -e 'broken_sasl_auth_clients = yes'
postconf -e 'smtpd_sasl_authenticated_header = yes'
postconf -e 'smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination'
postconf -e 'smtpd_use_tls = yes'
postconf -e 'smtpd_tls_cert_file = /etc/pki/dovecot/certs/dovecot.pem'
postconf -e 'smtpd_tls_key_file = /etc/pki/dovecot/private/dovecot.pem'
postconf -e 'virtual_create_maildirsize = yes'
postconf -e 'virtual_maildir_extended = yes'
postconf -e 'proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps'
postconf -e 'virtual_transport = dovecot'
postconf -e 'dovecot_destination_recipient_limit = 1'

8.编辑/etc/postfix/master.cf配置文件,在文件中增加Dovecot服务器的配置:

1
2
dovecot unix - n n - - pipe
flags=DRhu user=vmail:vmail argv=/usr/libexec/dovecot/deliver -f ${sender} -d ${recipient}

9.在/etc/postfix/master.cf配置文件中,打开submission和smtps二个设置:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
#
# Postfix master process configuration file. For details on the format
# of the file, see the master(5) manual page (command: "man 5 master").
#
# Do not forget to execute "postfix reload" after editing this file.
#
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ==========================================================================
smtp inet n - - - - smtpd
#smtp inet n - - - 1 postscreen
#smtpd pass - - - - - smtpd
#dnsblog unix - - - - 0 dnsblog
#tlsproxy unix - - - - 0 tlsproxy
submission inet n - - - - smtpd
-o syslog_name=postfix/submission
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING
smtps inet n - - - - smtpd
-o syslog_name=postfix/smtps
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING

10.重启 Postfix 服务器:

1
2
systemctl enable postfix.service
systemctl start postfix.service

到处为止,Postfix 服务器已经配置完成.

Dovecot 配置

1.备份/etc/dovecot/dovecot.conf文件

1
mv /etc/dovecot/dovecot.conf /etc/dovecot/dovecot.conf-backup

2.现在将下面的代码复制到/etc/dovecot/dovecot.conf文件中.其中在37行的example.com为邮件服务器的域名,你的ssl证书配置文件请放在第5和6行:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
protocols = imap pop3
log_timestamp = "%Y-%m-%d %H:%M:%S "
mail_location = maildir:/home/vmail/%d/%n/Maildir
ssl_cert = </etc/pki/dovecot/certs/dovecot.pem
ssl_key = </etc/pki/dovecot/private/dovecot.pem
namespace {
type = private
separator = .
prefix = INBOX.
inbox = yes
}
service auth {
unix_listener auth-master {
mode = 0600
user = vmail
}
unix_listener /var/spool/postfix/private/auth {
mode = 0666
user = postfix
group = postfix
}
user = root
}
service auth-worker {
user = root
}
protocol lda {
log_path = /home/vmail/dovecot-deliver.log
auth_socket_path = /var/run/dovecot/auth-master
postmaster_address = postmaster@ipbgp.com
}
protocol pop3 {
pop3_uidl_format = %08Xu%08Xv
}
passdb {
driver = sql
args = /etc/dovecot/dovecot-sql.conf.ext
}
userdb {
driver = static
args = uid=5000 gid=5000 home=/home/vmail/%d/%n allow_all_users=yes
}

3.在/etc/dovecot/dovecot-sql.conf.ext配置文件中,配置 MariaDB 数据库的格式.

1
2
3
4
5
6
7
8
9
10
driver = mysql
connect = host=127.0.0.1 dbname=mail user=mail_admin password=both-win
default_pass_scheme = CRYPT
password_query = SELECT email as user, password FROM users WHERE email='%u';
```
### 4.配置dovecot的配置文件的权限和用户组:
``` bash
chgrp dovecot /etc/dovecot/dovecot-sql.conf.ext
chmod o= /etc/dovecot/dovecot-sql.conf.ext

5.重启Dovecot服务器,并设置Dovecot在CentOS系统启动时启动:

1
2
systemctl enable dovecot.service
systemctl start dovecot.service

6.现在查看/var/log/maillog日志文件,如果在日志文件中有类似以下记录,证明你的Dovecot配置正确。

1
2
3
Mar 18 17:10:26 localhost postfix/postfix-script[3274]: starting the Postfix mail system
Mar 18 17:10:26 localhost postfix/master[3276]: daemon started -- version 2.10.1, configuration /etc/postfix
Mar 18 17:12:28 localhost dovecot: master: Dovecot v2.2.10 starting up for imap, pop3 (core dumps disabled)

7.安装 Telnet 并测试POP3:

1
2
yum install telnet
telnet localhost pop3

8.终端应输出如下结果:

1
2
3
4
Trying 127.0.0.1...
Connected to localhost.localdomain.
Escape character is '^]'.
+OK Dovecot ready.

9.输入quit命令退出终端,这就完成了相关的配置。接下来,你要确保别名配置是否正确。

1
quit

配置邮件的别名

1.编辑/etc/aliases配置文件,确保postmaster和root的别名:

1
2
postmaster: root
root: postmaster@ipbgp.com

2.更新别名并重新启动Postfix服务器:

1
2
newaliases
systemctl restart postfix.service

到处为止我们已经完成别名的配置。接下来,我们将测试Postfix以确保它的正常运行。

测试Postfix

1.测试Postfix 服务器的 SMTP 端口:

1
telnet localhost 25

2.在终端中,输入以下命令:

1
ehlo localhost

3.你应该在终端中看到下面的输出:

1
2
3
4
5
6
7
8
9
10
11
250-hostname.example.com
250-PIPELINING
250-SIZE 30720000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH PLAIN
250-AUTH=PLAIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN

4.在终端中输入quit命令退出Postfix .

下一步,我们将在MariaDB数据库中增加邮件域名和用户.

增加和测试邮件域名和用户

在下面的例子中,我们将在MariaDB数据库中添加邮件域“example.com”,同时增加一个名为sales电子邮件帐户。

1.登入MariaDB 服务器:

1
mysql -u root -p

2.切入到”mail”数据库,增加一个邮件域example.com和一个sales@example.com邮件帐户和其的password :

1
2
3
4
USE mail;
INSERT INTO domains (domain) VALUES ('ipbgp.com');
INSERT INTO users (email, password) VALUES ('johnny@ipbgp.com', ENCRYPT('1042362940'));
quit

3.在访问任何新创建的电子邮件帐户之前,需要发送一个测试信息来创建该用户邮箱:

1
2
yum install mailx
mailx sales@example.com

在终端中按Ctrl + D来结束测试邮件。这就完成了一个新的域和电子邮件用户的配置。

检查日志

测试邮件发送后,请检查邮件日志以确保邮件已被发送。

1.查看/var/log/maillog maillog日志文件,你应该看见类似以下记录:

1
2
3
4
Mar 18 17:18:47 localhost postfix/cleanup[3427]: B624062FA: message-id=<20150318171847.B624062FA@example.com>
Mar 18 17:18:47 localhost postfix/qmgr[3410]: B624062FA: from=<root@example.com>, size=515, nrcpt=1 (queue active)
Mar 18 17:18:47 localhost postfix/pipe[3435]: B624062FA: to=<sales@example.com>, relay=dovecot, delay=0.14, delays=0.04/0.01/0/0.09, dsn=2.0.0, $
Mar 18 17:18:47 localhost postfix/qmgr[3410]: B624062FA: removed

2.查看/home/vmail/dovecot-deliver.log Dovecot日志文件,你应该看见类似以下记录:

1
deliver(<sales@example.com>): 2011-01-21 20:03:19 Info: msgid=<<20110121200319.E1D148908@hostname.example.com>>: saved mail to INBOX

现在你可以测试看看你的电子邮件服务器的用户会看到他们的电子邮件客户端。

测试Mailbox

1.进入/home/vmail/example.com/sales/Maildir目录中,测试 sales@example.comMailbox,在终端输入find命令:

1
find

2.将在终端中看见以下输出:

1
2
3
4
5
6
7
8
.
./dovecot-uidlist
./cur
./new
./new/1285609582.P6115Q0M368794.li172-137
./dovecot.index
./dovecot.index.log
./tmp

3.通过使用邮件客户端测试maillbox。推荐mutt软件来测试。如果没有安装muutt软件,请用yum install mutt安装

1
mutt -f .

可能会提示您创建根邮箱。这不是必需的。