- 論壇徽章:
- 0
|
RedHat AS 4.1 + Postfix + Dovecot + Cyrus-sasl 安裝筆記
作者:fandy
電子郵箱:cbbc@163.com
QQ:332018422
建立日期:2005年10月25日��,最后修改日期:2005年10月30日
版權(quán)說明:本文章的內(nèi)容歸作者版權(quán)所有����,同時(shí)也接受大家的轉(zhuǎn)貼,但一定要保存作者信息和出處����,多謝�����!
在寫以下的文章前,首先我要多謝我的好老婆�����,因?yàn)橛兴闹С��、關(guān)心����、體諒才能令我堅(jiān)持下來完這篇文章,真的要好好的多謝我老婆��,真的想大呼“老婆我愛您����!”;
Red Hat Enterprise Linux Server 4.1 + Postfix-2.2.5-3 + Cyrus-sasl-2.1.19-5來做SMTP認(rèn)證的文章�,在網(wǎng)站的介紹好像不是多!有的都是一些舊到什么時(shí)候的文章或者說是使用一些低版本的軟件來實(shí)現(xiàn)的����!真的不知道大家是什么樣想����?�?�?在這我也想多謝“Postfix在中國”網(wǎng)站的版主“hzqbbc”大大的幫助!(注在配置以下的信息前��,以下的操作請(qǐng)使用root用戶來操作)
Step0�����、實(shí)驗(yàn)環(huán)境:
網(wǎng)絡(luò)域名:easy.com
DNS主機(jī)名稱:pdc.easy.com
DNS主機(jī)IP地址:192.168.1.254
郵件主機(jī)名稱:mail.easy.com
郵件主機(jī)IP地址:192.168.1.253
操作系統(tǒng):RedHat Enterprise Server 4.1中文版
Step1�、SASL所提供的密碼認(rèn)證方式共分為四種:
PAM :使用系統(tǒng)的 pam 模塊做為認(rèn)證,在Redhat上可使用此方式 ;
shadow :利用系統(tǒng)的 /etc/shadow 文件做為其身份認(rèn)證的方式��。但也因此則需要修改 /etc/shadow 檔的存取權(quán)限�����,需改為 644,安全性有較大問題��;
pwcheck :方式同 shadow 認(rèn)證����,但不須修改 /etc/shadow 檔的存取權(quán)限��,而須在每次開機(jī)時(shí)執(zhí)行 pwcheck �。您也可在 /etc/rc.d/rc.local 檔中加入執(zhí)行敘述,適用于FreeBSD��;
sasldb :SASL本身自帶的認(rèn)證方法����,是使用 sasl 數(shù)據(jù)庫來存放使用者的賬號(hào)與密碼,使用指令 saslpasswd 來新增或修改使用者賬號(hào)與密碼���;
saslpasswd -c -u 11way.com dandy //新增sasl用戶
sasldblistusers //list sasl用戶
Step2��、安裝所需要的軟件清單:
postfix-2.2.5-3.rhel4.rpm
cyrus-sasl-2.1.19-5.rhel4.i386.rpm
dovecot-0.99.11-2.rhel4.1.rpm
--------------------------------------------------------------------------------------------------
說明:本文中的postfix-2.2.5-3.rhel4.rpm是我自己從postfix-2.2.5-3.rhel4.src.r
pm編輯過postfix.spec文件重新編譯產(chǎn)生的二制安裝文件�����,postfix-2.2.5-3.rhel4
.src.rpm重新編譯產(chǎn)生的過程請(qǐng)繼續(xù)閱讀本文章�!
--------------------------------------------------------------------------------------------------
Step3����、重新編譯postfix-2.2.5-3.rhel4.src.rpm的過程:
# rpm –Uvh postfix-2.2.5-3.rhel4.src.rpm
1:postfix warning: user sjmudd does not exist - using root
warning: group sjmudd does not exist - using root
warning: user sjmudd does not exist - using root
warning: group sjmudd does not exist - using root
warning: user sjmudd does not exist - using root
warning: group sjmudd does not exist - using root
warning: user sjmudd does not exist - using root%)
warning: group sjmudd does not exist - using root
warning: user sjmudd does not exist - using root
warning: group sjmudd does not exist - using root
warning: user sjmudd does not exist - using root
warning: group sjmudd does not exist - using root
warning: user sjmudd does not exist - using root
warning: group sjmudd does not exist - using root
warning: user sjmudd does not exist - using root%)
warning: group sjmudd does not exist - using root
warning: user sjmudd does not exist - using root
warning: group sjmudd does not exist - using root
warning: user sjmudd does not exist - using root
warning: group sjmudd does not exist - using root
warning: user sjmudd does not exist - using root
warning: group sjmudd does not exist - using root
warning: user sjmudd does not exist - using root
warning: group sjmudd does not exist - using root
warning: user sjmudd does not exist - using root
warning: group sjmudd does not exist - using root
warning: user sjmudd does not exist - using root
warning: group sjmudd does not exist - using root
warning: user sjmudd does not exist - using root%)
warning: group sjmudd does not exist - using root
warning: user sjmudd does not exist - using root
warning: group sjmudd does not exist - using root
warning: user sjmudd does not exist - using root
warning: group sjmudd does not exist - using root
warning: user sjmudd does not exist - using root
warning: group sjmudd does not exist - using root
warning: user sjmudd does not exist - using root
warning: group sjmudd does not exist - using root
warning: user sjmudd does not exist - using root
warning: group sjmudd does not exist - using root
warning: user sjmudd does not exist - using root%)
warning: group sjmudd does not exist - using root
########################################### [100%]
# cd /usr/src/redhat/SPECS/
使用文本編輯器修改/usr/src/redhat/SPECS/postfix.spec文件內(nèi)容:
%define with_sasl 0
更改為:
%define with_sasl 1
# rpmbuild –bb postfix.spec
Wrote: /usr/src/redhat/RPMS/i386/postfix-2.2.5-3.rhel4.i386.rpm
Wrote: /usr/src/redhat/RPMS/i386/postfix-debuginfo-2.2.5-3.rhel4.i386.rpm
Executing(%clean): /bin/sh -e /var/tmp/rpm-tmp.68924
+ umask 022
+ cd /usr/src/redhat/BUILD
+ cd postfix-2.2.5
+ umask 022
+ '[' -n /var/tmp/postfix-2.2.5-buildroot -a /var/tmp/postfix-2.2.5-buildroot '!=' / ']'
+ rm -rf /var/tmp/postfix-2.2.5-buildroot
+ exit 0
# cd /usr/src/redhat/RPMS/i386
# rpm –ivh postfix-2.2.5-3.rhel4.rpm
Preparing... ################################# [100%]
1:postfix ################################# [100%]
鏈接 /usr/share/man/man8/sendmail.8.gz 到從 mta-sendmailman (/usr/share
/man /man1/sendmail.1.gz mta-sendmailman)不正確
Step4�����、啟動(dòng)postfix + dovecot服務(wù)過程:
# service postfix start
Starting postfix: [ 確定 ]
# service dovecot start
啟動(dòng) Dovecot Imap: [ 確定 ]
Step5、修改/etc/dovecot.conf文件:
#protocols = imap imap3
更改為:
protocols = imap imap3 pop3 pop3s (啟動(dòng)imap imap3 pop3 pop3s功能)
auth_passdb = pam
更改為:
auth_passdb = shadow
# service dovecot restart(重新啟動(dòng)dovecot服務(wù))
停止 Dovecot Imap: [ 確定 ]
啟動(dòng) Dovecot Imap: [ 確定 ]
Step6���、修改/etc/postfix/main.cf文件:
#myhostname = host.domain.tld
更改為:
myhostname = mail.easy.com (指定運(yùn)行Postfix郵件系統(tǒng)的主機(jī)名稱)
#mydomain = domain.tld
更改為:
mydomain = easy.com (指定Postfix郵件系統(tǒng)使用的域名比例:easy.com)
#myorigin = $mydomain
更改為:
myorigin = easy.com (指定發(fā)件人所在的域名比例:easy.com)
#inet_interfaces = all
更改為:
Inet_interfaces =all (指定Postfix郵件系統(tǒng)監(jiān)視的網(wǎng)絡(luò)接口)
#mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain, mail.$mydomain, www.$mydomain, ftp.$mydomain
更改為:
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain, mail.$mydomain, www.$mydomain,
ftp.$mydomain (指定Postfix接收郵件時(shí)收件人的域名)
#mynetworks = host
更改為:
mynetworks = host (指定您所在的網(wǎng)絡(luò)地址)
# service postfix restart (重新啟動(dòng)postfix服務(wù))
Shutting down postfix: [ 確定 ]
Starting postfix: [ 確定 ]
Step7�、端口測試:
# telnet mail.easy.com 25 (測試25端口)
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 mail.easy.com ESMTP Postfix
quit
221 Bye
Connection closed by foreign host.
# telnet mail.easy.com 110 (測試110端口)
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
+OK dovecot ready.
quit
+OK Logging out
Connection closed by foreign host.
Step8�、為Postfix系統(tǒng)的STMP增加認(rèn)證功能:
在/etc/postfix/main.cf文件中增加以下內(nèi)容:
#SMTP sasl Auth
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions =
permit_sasl_authenticated,
permit_auth_destination,
permit_mynetworks,
check_relay_domain reject
smtpd_client_restrictions = permit_sasl_authenticated
smtpd_sasl_security_options = noanonymous
修改/etc/postfix/master.cf文件中的以下內(nèi)容:
smtp inet n - n - - smtpd
更改為:
smtp inet n n n - - smtpd
修改/usr/lib/sasl2/smtpd.conf文件中的以下內(nèi)容:
pwcheck_method: saslauthd
更改為:
pwcheck_method: PAM
# cp /usr/lib/sasl2/smtpd.conf /usr/lib/sasl/smtpd.conf
# service dovecot restart(重新啟動(dòng)dovecot服務(wù))
停止 Dovecot Imap: [ 確定 ]
啟動(dòng) Dovecot Imap: [ 確定 ]
# service postfix restart (重新啟動(dòng)postfix服務(wù))
停止 down postfix: [ 確定 ]
啟動(dòng) postfix: [ 確定 ]
# service saslauthd restart (重新啟動(dòng)saslauthd服務(wù))
停止 down postfix: [ 確定 ]
啟動(dòng) postfix: [ 確定 ]
簡單測試saslauthd認(rèn)證:
# telnet mail.easy.com 25
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 mail.easy.com ESMTP Postfix
ehlo mail.easy.com
250-mail.easy.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH GSSAPI LOGIN PLAIN
250-AUTH=GSSAPI LOGIN PLAIN
250 8BITMIME
--------------------------------------------------------------------------------------------------
說明:在進(jìn)行簡單測試saslauthd認(rèn)證過程中出現(xiàn)以下的信息:
250-AUTH GSSAPI LOGIN PLAIN
250-AUTH=GSSAPI LOGIN PLAIN
就代表以cyrus-sasl成功啟動(dòng)了!
用戶通過認(rèn)證發(fā)送電子郵件的日志記錄:
Oct 30 18:15:33 mail postfix/smtpd[13382]: connect from unknown[192.168.1.2]
Oct 30 18:15:33 mail postfix/smtpd[13382]: AED93B480E: client=unknown[192.168.1.2], sasl_method=LOGIN, sasl_username=fandy
Oct 30 18:15:33 mail postfix/cleanup[13385]: AED93B480E: message-id=
Oct 30 18:15:33 mail postfix/qmgr[13334]: AED93B480E: from=, size=1401, nrcpt=1 (queue active)
Oct 30 18:15:33 mail postfix/smtpd[13382]: disconnect from unknown[192.168.1.2]
Oct 30 18:15:33 mail postfix/local[13386]: AED93B480E: to=, relay=local, delay=0, status=sent (delivered to mailbox)
Oct 30 18:15:33 mail postfix/qmgr[13334]: AED93B480E: removed
--------------------------------------------------------------------------------------------------
Add1�、本人的其它作品:
1�、 RedHat Enterprise Server 4.1 安裝Jabberd-2.0s9安裝筆記
連接地址:http://www.gd-linux.com/bbs/showthread.php?t=2845
2、 RedHat Enterprise Server 4.1 下配置jdk-1.5.0.04安裝筆記
連接地址:http://www.gd-linux.com/bbs/showthread.php?t=2813
3�����、Red Hat Enterprise Linux 4.1下配置BIND -9.2.4-2安裝筆記
連接地址:http://www.gd-linux.com/bbs/showthread.php?t=2866
4�、RedHat AS 4.1 + Postfix + dovecot + Apache + OpenWebMail 安裝筆記
連接地址:http://www.gd-linux.com/bbs/showthread.php?t=2864
5、Red Hat Enterprise Linux 4.1 + F-Prot Antivirus + MailScanner 安裝筆記
連接地址:http://www.gd-linux.com/bbs/showthread.php?t=2953
6����、Red Hat Enterprise Linux 4.1 + antivir-mailgate安裝筆記
連接地址:http://www.gd-linux.com/bbs/showthread.php?t=2956
7、Red Hat Enterprise Linux 4.1 + antivir-server-prof-2.1.4-11安裝筆記
連接地址:http://www.gd-linux.org/bbs/showthread.php?t=3082
8���、RedHat AS 4.1 + Postfix + Dovecot + Cyrus-sasl 安裝筆記
連接地址:http://extmail.org/forum/read.php?tid=564
本文來自ChinaUnix博客���,如果查看原文請(qǐng)點(diǎn):http://blog.chinaunix.net/u/16907/showart_250062.html |
|
免費(fèi)注冊(cè)
發(fā)表于 2007-02-26 15:56