Shulou(Shulou.com)06/01 Report--

Www.extmail.net

The contents of this chapter:

1. Introduction of electronic post office (composition and working principle of members)

2. Review and analyze the first stage post office system: postfix (MTA smtp) + dovecot (pop3/imap) + squirrelmail (webmail) + apache+php+DNS.

3. Analyze the virtual user post office system: postfix (MTA+maildrop+ (MDA) couier-imap (MUA) + courier-authlib+apache (extmail/exman) + mysql

4. DNS preparation (MX) before post office deployment

5. Deploy the virtual user post office system

Mail role

MTA Mail transfer Agent Post Office sendmail postfix qmail notes (IBM) exchange (MS)

MDA Mail Distribution Agent Mechanism

MUA mail user agent client mail mutt webmail foxmail outlook

Mail protocol

Smtp simple Mail transfer Protocol is used to send mail TCP 25 465

Pop3 3rd Edition Post Office Protocol for receiving mail TCP 110995 offline mode (1-100)

Imap Internet Mail access Protocol is used to receive mail in TCP 443993 online mode (lock number)

working principle

-DNS MX-

MUA-smtpd:25--- MTA-smtpd--- MDA-smtpd--- MTA-pop3/imap--- MUA

Review

Postfix (MTA smtp) + dovecot (pop3/imap) + squirrelmail (webmail) + apache+php+DNS + pam-> / etc/passwd | / etc/shadow

Virtual user post office system

Postfix (MTA) + maildrop (MDA) + couier-imap (MUA) + courier-authlib+apache (extmail/exman) + mysql

+ deploy virtual user mail system +

1 configure MX records for DNS

[root@i ~] # vim / var/named/uplooking.com.zone

$TTL 1D

@ IN SOA dns.uplooking.com. Root.uplooking.com. (

0; serial

1D; refresh

1H; retry

1W; expire

3H); minimum

@ NS dns.uplooking.com. -- DNS server

Dns A 192.168.0.254

@ MX 5 mail.uplooking.com. -- Mail server

Mail A 192.168.0.1

[root@node1 ~] # echo "nameserver 192.168.0.254" > / etc/resolv.conf

[root@node1 ~] # host mail.uplooking.com

Mail.uplooking.com has address 192.168.0.1

2 configure local ISO source and EMOS source

[root@node1 ~] # rm-fr / etc/yum.repos.d/*

[root@node1 ~] # vim / etc/yum.repos.d/emos.repo

[local]

Baseurl= ftp://192.168.0.254/pub/rhel6/dvd

Gpgcheck=0

[emos]

Baseurl= ftp://192.168.0.254/EMOS

Gpgcheck=0

3 install MTA postfix-upgrade (qmail)

-- upgrade postfix

[root@node1 ~] # yum-y install postfix

Whether or not postfix loads the mysql module

[root@node1 ~] # postconf-m | grep mysql

Mysql

Configure postfix (Command Review)

# postconf-- queries all configurations that have already taken effect

# postconf-nMel-query custom configuration

# postconf-dmurt-query default configuration

# postconf-MMI-query the list of modules supported by postfix

# postconf-eMel-modified through non-interactive mode configuration files for scripting configuration of postfix

Generate configuration file

[root@node1 ~] # postconf-n > > / etc/postfix/main.cf.new

[root@node1 ~] # mv / etc/postfix/main.cf / etc/postfix/main.cf.old

[root@node1 ~] # cp / etc/postfix/main.cf.new / etc/postfix/main.cf

[root@node1 ~] # vim / etc/postfix/main.cf

Alias_database = hash:/etc/postfix/aliases

Alias_maps = hash:/etc/postfix/aliases

Command_directory = / usr/sbin

Config_directory = / etc/postfix

Daemon_directory = / usr/libexec/postfix

Data_directory = / var/lib/postfix

Debug_peer_level = 2

Html_directory = / usr/share/doc/postfix-2.7.3-documentation/html

Mail_owner = postfix

Mailq_path = / usr/bin/mailq.postfix

Manpage_directory = / usr/share/man

Newaliases_path = / usr/bin/newaliases.postfix

Queue_directory = / var/spool/postfix

Readme_directory = / usr/share/doc/postfix-2.7.3-documentation/readme

Sample_directory = / etc/postfix

Sendmail_path = / usr/sbin/sendmail.postfix

Setgid_group = postdrop

Unknown_local_recipient_reject_code = 5505

# hostname-email host information

Mynetworks = 127.0.0.1

Myhostname = mail.uplooking.com

Mydomain = uplooking.com

Mydestination = $mynetworks $myhostname $mydomain

# banner-Welcome message

Mail_name = Postfix-by uplooking.com

Smtpd_banner = $myhostname ESMTP $mail_name

# response immediately-error report will be returned immediately

Smtpd_error_sleep_time = 0s

# Message and return code control-restrictions on individual messages per byte and mail home directories

Message_size_limit = 50000000

Mailbox_size_limit = 1024000000

Show_user_unknown_table_name = no

# Queue lifetime control-Lifecycle

Bounce_queue_lifetime = 1d

Maximal_queue_lifetime = 1d

4 install MDA (maildrop)

[root@node1 ~] # yum-y install maildrop

Define maildrop programs

[root@node1 ~] # id vuser

Uid=1000 (vuser) gid=1000 (vgroup) group = 1000 (vgroup)

[root@node1 ~] # vim / etc/postfix/master.cf

Maildrop unix-n n-- pipe

Flags=DRhu user=vuser argv=maildrop-w 90-d ${user} @ ${nexthop} ${recipient} ${user} ${extension} {nexthop}

5 install and configure Courier-Authlib verification middleware:

[root@node1 ~] # rpm-qa | grep authlib

Courier-authlib-0.62.4-1.el6.FT.x86_64

[root@node1 docs] # yum-y install courier-authlib courier-authlib-mysql

[root@node1 ~] # rpm-ql courier-authlib | grep mysql

/ etc/authlib/authmysqlrc.dist

/ usr/share/doc/courier-authlib-0.62.4/README.authmysql.html

/ usr/share/doc/courier-authlib-0.62.4/README.authmysql.myownquery

Empty the configuration file and redefine how the middleware program connects to the database

[root@node1] #: > / etc/authlib/authmysqlrc

[root@node1 ~] # vim / etc/authlib/authmysqlrc

MYSQL_SERVER localhost

MYSQL_USERNAME extmail

MYSQL_PASSWORD extmail

MYSQL_SOCKET / var/lib/mysql/mysql.sock

MYSQL_PORT 3306

MYSQL_OPT 0

MYSQL_DATABASE extmail

MYSQL_USER_TABLE mailbox

MYSQL_CRYPT_PWFIELD password

MYSQL_UID_FIELD uidnumber

MYSQL_GID_FIELD gidnumber

MYSQL_LOGIN_FIELD username

MYSQL_HOME_FIELD homedir

MYSQL_NAME_FIELD name

MYSQL_MAILDIR_FIELD maildir

MYSQL_QUOTA_FIELD quota

MYSQL_SELECT_CLAUSE SELECT username,password, "", uidnumber,gidnumber,\

CONCAT ('/ home/domains/',homedir),\

CONCAT ('/ home/domains/',maildir),\

Quota,\

Name\

FROM mailbox\

WHERE username ='$(local_part) @ $(domain)'

[root@node1 ~] # vim / etc/authlib/authdaemonrc

Authmodulelist= "authmysql"

Authmodulelistorig= "authmysql"

Start the service

[root@node1 ~] # / etc/rc.d/init.d/courier-authlib start

[root@node1 ~] # chkconfig courier-authlib on

Modify the permissions of the authdaemon socket directory. If the permissions of the directory are not modified correctly, maildrop and postfix will not be able to obtain the user's information and password authentication correctly:

Train of thought MTA--postfix--maildrop-/ var/spool/authdaemon/socket- authdaemonrc---/etc/authlib/authmysqlrc

[root@node1 ~] # chmod 755 / var/spool/authdaemon/

6 Virtual Host Settings

[root@node1 ~] # yum-y install httpd

[root@node1 ~] # vim / etc/httpd/conf.d/vhost_mail.uplooking.conf

NameVirtualHost *: 80

ServerName mail.uplooking.com

DocumentRoot / var/www/extsuite/extmail/html/

ScriptAlias / extmail/cgi/ / var/www/extsuite/extmail/cgi/

Alias / extmail/ var/www/extsuite/extmail/html/

ScriptAlias / extman/cgi/ / var/www/extsuite/extman/cgi/

Alias / extman/ var/www/extsuite/extman/html/

# Suexec config

SuexecUserGroup vuser vgroup

7 installation and configuration page

Install page background webman-- extsuite-webman

[root@node1 ~] # yum-y install extsuite-webman

Install extmail at the front end of the page-- extsuite-webmail

[root@node1 ~] # yum-y install extsuite-webmail

Configuration page

[root@node1 ~] # cp / var/www/extsuite/extmail/webmail.cf.default / var/www/extsuite/extmail/webmail.cf

[root@node1 ~] # vim / var/www/extsuite/extmail/webmail.cf

SYS_MYSQL_USER = extmail

SYS_MYSQL_PASS = extmail

SYS_MYSQL_DB = extmail

SYS_MYSQL_HOST = localhost

SYS_MYSQL_SOCKET = / var/lib/mysql/mysql.sock

Modify permissions

[root@node1] # chown vuser.vgroup / var/www/extsuite/extmail/cgi/-R

[root@node1] # chown vuser.vgroup / var/www/extsuite/extman/cgi/-R

[root@node1 ~] # mkdir / tmp/extman

[root@node1 ~] # chmod 777 / tmp/extman/

8 install the database

[root@node1 ~] # yum-y install mysql-server mysql

[root@node1 ~] # service mysqld start

Import mysql database structure and initialization data. The root password is empty by default.

[root@node1 ~] # mysql

< /var/www/extsuite/extman/docs/extmail.sql [root@node1 ~]# mysql < /var/www/extsuite/extman/docs/init.sql 测试帐号 [root@node1 ~]# mysql -uextmail -pextmail extmail --SELECT，UPDATE [root@node1 ~]# mysql -uwebman -pwebman extmail --SELECT, INSERT, UPDATE, DELETE 启动httpd [root@node1 ~]# service httpd start [root@node1 ~]# chkconfig httpd on 9 设置虚拟域和虚拟用户的配置文件 [root@node1 ~]# cd /var/www/extsuite/extman/docs/ [root@node1 docs]# cp mysql_virtual_* /etc/postfix/ [root@node1 docs]# vim /etc/postfix/main.cf #mydestination = $mynetworks $myhostname $mydomain # extmail config here virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf virtual_transport = maildrop: [root@node1 docs]# service postfix restart 登录后台注册域名 uplooking.com 在注册邮件用户 http://mail.uplooking.com/extman/cgi/index.cgi ExtMan的默认超级管理员帐户：root@extmail.org，初始密码：extmail*123*，登陆成功后，建议将密码修改，以确保安全。 -----------测试 手连接数据库 [root@node1 ~]# mysql -uextmail -pextmail extmail mysql>

SELECT username,password, "", uidnumber,gidnumber,CONCAT ('/ home/domains/',homedir), CONCAT ('/ home/domains/',maildir), quota,name from mailbox where username='u01@uplooking.com'\ G

* * 1. Row *

Username: u01@uplooking.com

Password: $1 $DxNPON8B$yzxRpp7lQu5.WWi4ljINF/

:

Uidnumber: 1000

Gidnumber: 1000

CONCAT ('/ home/domains/',homedir): / home/domains/uplooking.com/u01

CONCAT ('/ home/domains/',maildir): / home/domains/uplooking.com/u01/Maildir/

Quota: 5242880S

Name: user01

1 row in set (0.00 sec)

Use commands to automatically connect database queries

[root@node1 docs] # authtest-s / var/spool/authdaemon/socket u01@uplooking.com 123

Authentication succeeded.

Authenticated: u01@uplooking.com (uid 1000, gid 1000)

Home Directory: / home/domains/uplooking.com/u01

Maildir: / home/domains/uplooking.com/u01/Maildir/

Quota: 5242880S

Encrypted Password: $1 $DxNPON8B$yzxRpp7lQu5.WWi4ljINF/

Cleartext Password: 123

Options: (none)

[root@node1 docs] # authtest-s / var/spool/authdaemon/socket u02@uplooking.com 456

Authentication succeeded.

Authenticated: u02@uplooking.com (uid 1000, gid 1000)

Home Directory: / home/domains/uplooking.com/u02

Maildir: / home/domains/uplooking.com/u02/Maildir/

Quota: 5242880S

Encrypted Password: $1 $kIEJyc6F$MsDVCUtmS/mOw2vCpOOdg0

Cleartext Password: 456

Options: (none)

Configure graphical log: [hot]

[root@node1 docs] # / usr/local/mailgraph_ext/mailgraph-init start

Start cmdserver (display system information in the background)

[root@node1 docs] # / var/www/extsuite/extman/daemon/cmdserver-- daemon

10 install cyrus-sasl

[root@node1 docs] # yum-y install cyrus-sasl cyrus-sasl-lib cyrus-sasl-plain

[root@node1 docs] # vim / etc/postfix/main.cf

# smtpd related config-recipient definition rcpt to:

Smtpd_recipient_restrictions =

Permit_mynetworks

Permit_sasl_authenticated

Reject_non_fqdn_hostname

Reject_non_fqdn_sender

Reject_non_fqdn_recipient

Reject_unauth_destination

Reject_unauth_pipelining

Reject_invalid_hostname

# SMTP sender login matching config-Sender definition mail from:

Smtpd_sender_restrictions =

Permit_mynetworks

Reject_sender_login_mismatch

Reject_authenticated_sender_login_mismatch

Reject_unauthenticated_sender_login_mismatch

Smtpd_sender_login_maps =

Mysql:/etc/postfix/mysql_virtual_sender_maps.cf

Mysql:/etc/postfix/mysql_virtual_alias_maps.cf

# SMTP AUTH config here

Broken_sasl_auth_clients = yes

Smtpd_sasl_auth_enable = yes

Smtpd_sasl_local_domain = $myhostname

Smtpd_sasl_security_options = noanonymous

Define how the authentication module connects to the database

[root@node1 docs] # vim / usr/lib64/sasl2/smtpd.conf

Pwcheck_method: authdaemond

Log_level: 3

Mech_list: PLAIN LOGIN

Authdaemond_path:/var/spool/authdaemon/socket

[root@node1 docs] # service postfix restart

Test SMTP authentication

Obtain the BASE64 code of the user name and password of u01@uplooking.com with the following command:

# perl-e 'use MIME::Base64; print encode_base64 ("U01\ @ uplooking.com")'

DTAxQHVwbG9va2luZy5jb20=

# perl-e 'use MIME::Base64; print encode_base64 ("123")'

MTIz

[root@node1 docs] # telnet mail.uplooking.com 25

Trying 192.168.0.1...

Connected to mail.uplooking.com.

Escape character is'^]'.

220 mail.uplooking.com ESMTP Postfix-by uplooking.com

Ehlo localhost

250-mail.uplooking.com

250-PIPELINING

250-SIZE 50000000

250-VRFY

250-ETRN

250-AUTH LOGIN PLAIN

250-AUTH=LOGIN PLAIN

250-ENHANCEDSTATUSCODES

250-8BITMIME

250 DSN

Auth login

334 VXNlcm5hbWU6

DTAxQHVwbG9va2luZy5jb20=

334 UGFzc3dvcmQ6

MTIz

235 2.7.0 Authentication successful

Quit

221 2.0.0 Bye

Connection closed by foreign host.

11 install Courier-imap

[root@node1 docs] # yum-y install courier-imap

[root@node1 docs] # / etc/init.d/courier-imap start

[root@node1 docs] # chkconfig courier-imap on

test

[root@node1 docs] # telnet mail.uplooking.com 110

Trying 192.168.0.1...

Connected to mail.uplooking.com.

Escape character is'^]'.

+ OK Hello there.

User u01@uplooking.com

+ OK Password required.

Pass 123

+ OK logged in.

List

+ OK POP3 clients that break here, they violate STD53.

1 658

.

Retr 1

Enter the background and add a new domain qq.com

-- configure DNS (define the mx record of DNS)

[root@i ~] # vim / var/named/qq.com.zone

@ NS dns.qq.com.

Dns A 192.168.0.254

@ MX 5 mail.qq.com.

Mail A 192.168.0.1

-- Test whether the mx record is parsed

[root@node1 ~] # host mail.qq.com

Mail.qq.com has address 192.168.0.1

Domain list-domain name qq.com

User-q01@qq.com password 123

Enter the front-end registered email address q02@qq.com password 456

Http://mail.qq.com/extmail/cgi/index.cgi

Test account

[root@node1] # authtest-s / var/spool/authdaemon/socket q01@qq.com 123

Authentication succeeded.

Authenticated: q01@qq.com (uid 1000, gid 1000)

Home Directory: / home/domains/qq.com/q01

Maildir: / home/domains/qq.com/q01/Maildir/

Quota: 5242880S

Encrypted Password: $1 $x4TzQksX$V4CTLdRCYbdRVd8w8SPUK.

Cleartext Password: 123

Options: (none)

[root@node1] # authtest-s / var/spool/authdaemon/socket q02@qq.com 456

Authentication succeeded.

Test q01@qq.com-q02@qq.com

Q02@qq.com-u01@uplooking.com

-

Install the EMOS system

[root@i ~] # vim / var/named/google.com.zone

@ NS dns.google.com.

Dns A 192.168.0.254

@ MX 5 mail.google.com.

Mail A 192.168.0.10

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.