Ubuntu使用Postfix-Dovecot-MySQL搭建邮件服务器

设置hostname

echo "mail.example.com" > /etc/hostname
hostname -f

MySQL安装及配置

# 安装mysql
apt-get install mysql-server
  
# root 登录
mysql -u root -p  
 
# 创建邮件数据库
create database mailserver character set utf8;
  
create user mailserver@'localhost' identified by 'mailserverpassworld';
  
grant all on mailserver.* to mailserver@'localhost' identified by 'mailserverpassworld';
  
exit;

# 创建表并插入数据
use mailserver;
  
CREATE TABLE `virtual_domains` (  
`id` int(11) NOT NULL auto_increment,  
`name` varchar(50) NOT NULL,  
PRIMARY KEY (`id`))  
ENGINE=InnoDB DEFAULT CHARSET=utf8;

CREATE TABLE `virtual_users` (  
`id` int(11) NOT NULL auto_increment,  
`domain_id` int(11) NOT NULL,  
`password` varchar(106) NOT NULL,  
`email` varchar(100) NOT NULL,  
PRIMARY KEY (`id`),  
UNIQUE KEY `email` (`email`),  
FOREIGN KEY (domain_id) REFERENCES virtual_domains(id) ON DELETE CASCADE)  
ENGINE=InnoDB DEFAULT CHARSET=utf8;

CREATE TABLE `virtual_aliases` (  
`id` int(11) NOT NULL auto_increment,  
`domain_id` int(11) NOT NULL,  
`source` varchar(100) NOT NULL,  
`destination` varchar(100) NOT NULL,  
PRIMARY KEY (`id`),  
FOREIGN KEY (domain_id) REFERENCES virtual_domains(id) ON DELETE CASCADE)  
ENGINE=InnoDB DEFAULT CHARSET=utf8;            

insert into virtual_domains(id,name) values(1,'mail.example.com');        
insert into virtual_domains(id,name) values(2,'example.com');

insert into virtual_users(id,domain_id,password,email)  
values (1,2,md5('password'),'zhangsan@example.com');

insert into virtual_users(id,domain_id,password,email)  
values (2,2,md5('password'),'lisi@example.com');

insert into virtual_aliases(id,domain_id,source,destination)  
values (1,2,'all@example.com','zhangsan@example.com');

insert into virtual_aliases(id,domain_id,source,destination)  
values (2,2,'all@example.com','lisi@example.com');

# 查询是否成功
select * from virtual_domains;  
select * from virtual_users;  
select * from virtual_aliases;

postfix安装

# 安装过程中需要选择Postfix的类型，请选择Internet Site：
apt-get install postfix postfix-mysql

修改postfix配置文件

# 生成postfix配置
rm -rf /etc/postfix/main.cf

echo "# See /usr/share/postfix/main.cf.dist for a commented, more complete version" >> /etc/postfix/main.cf

echo "# Debian specific:  Specifying a file name will cause the first" >> /etc/postfix/main.cf
echo "# line of that file to be used as the name.  The Debian default" >> /etc/postfix/main.cf
echo "# is /etc/mailname." >> /etc/postfix/main.cf
echo "#myorigin = /etc/mailname" >> /etc/postfix/main.cf

echo "smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)" >> /etc/postfix/main.cf
echo "biff = no" >> /etc/postfix/main.cf

echo "# appending .domain is the MUA's job." >> /etc/postfix/main.cf
echo "append_dot_mydomain = no" >> /etc/postfix/main.cf

echo "# Uncomment the next line to generate \"delayed mail\" warnings" >> /etc/postfix/main.cf
echo "#delay_warning_time = 4h" >> /etc/postfix/main.cf

echo "readme_directory = no" >> /etc/postfix/main.cf

echo "# TLS parameters" >> /etc/postfix/main.cf
echo "#smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem" >> /etc/postfix/main.cf
echo "#smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key" >> /etc/postfix/main.cf
echo "#smtpd_use_tls=yes" >> /etc/postfix/main.cf
echo "#smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache" >> /etc/postfix/main.cf
echo "#smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache" >> /etc/postfix/main.cf
echo "smtpd_tls_cert_file=/etc/dovecot/dovecot.pem" >> /etc/postfix/main.cf
echo "smtpd_tls_key_file=/etc/dovecot/private/dovecot.pem" >> /etc/postfix/main.cf
echo "smtpd_use_tls=yes" >> /etc/postfix/main.cf
echo "smtpd_tls_auth_only = yes" >> /etc/postfix/main.cf

echo "#Enabling SMTP for authenticated users, and handing off authentication to Dovecot " >> /etc/postfix/main.cf 
echo "smtpd_sasl_type = dovecot" >> /etc/postfix/main.cf
echo "smtpd_sasl_path = private/auth" >> /etc/postfix/main.cf
echo "smtpd_sasl_auth_enable = yes" >> /etc/postfix/main.cf
echo "smtpd_recipient_restrictions =  permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination" >> /etc/postfix/main.cf

echo "# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for" >> /etc/postfix/main.cf
echo "# information on enabling SSL in the smtp client." >> /etc/postfix/main.cf

echo "smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination" >> /etc/postfix/main.cf
echo "myhostname = mail.example.com" >> /etc/postfix/main.cf
echo "alias_maps = hash:/etc/aliases" >> /etc/postfix/main.cf
echo "alias_database = hash:/etc/aliases" >> /etc/postfix/main.cf
echo "mydestination = localhost" >> /etc/postfix/main.cf
echo "relayhost =" >> /etc/postfix/main.cf
echo "mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128" >> /etc/postfix/main.cf
echo "mailbox_command = procmail -a \"$EXTENSION\"" >> /etc/postfix/main.cf
echo "mailbox_size_limit = 0" >> /etc/postfix/main.cf
echo "recipient_delimiter = +" >> /etc/postfix/main.cf
echo "inet_interfaces = all" >> /etc/postfix/main.cf
echo "myorigin = /etc/mailname" >> /etc/postfix/main.cf

echo "# Handing off local delivery to Dovecot's LMTP, and telling it where to store mail    " >> /etc/postfix/main.cf  
echo "virtual_transport = lmtp:unix:private/dovecot-lmtp" >> /etc/postfix/main.cf

echo "#Virtual domains, users, and aliases  " >> /etc/postfix/main.cf
echo "virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf" >> /etc/postfix/main.cf
echo "virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf" >> /etc/postfix/main.cf
echo "virtual_alias_maps = mysql:/etc/postfix/mysql-virtual-alias-maps.cf" >> /etc/postfix/main.cf

# 生成虚拟邮箱mysql配置
rm -rf /etc/postfix/mysql-virtual-mailbox-domains.cf
rm -rf /etc/postfix/mysql-virtual-mailbox-maps.cf
rm -rf /etc/postfix/mysql-virtual-alias-maps.cf


echo "user = mailserver" >> /etc/postfix/mysql-virtual-mailbox-domains.cf
echo "password = mailserverpassword" >> /etc/postfix/mysql-virtual-mailbox-domains.cf
echo "hosts = 127.0.0.1" >> /etc/postfix/mysql-virtual-mailbox-domains.cf  
echo "dbname = mailserver" >> /etc/postfix/mysql-virtual-mailbox-domains.cf  
echo "query = SELECT 1 FROM virtual_domains WHERE name='%s'" >> /etc/postfix/mysql-virtual-mailbox-domains.cf

echo "user = mailserver" >> /etc/postfix/mysql-virtual-mailbox-maps.cf   
echo "password = mailserverpassword" >> /etc/postfix/mysql-virtual-mailbox-maps.cf  
echo "hosts = 127.0.0.1" >> /etc/postfix/mysql-virtual-mailbox-maps.cf  
echo "dbname = mailserver" >> /etc/postfix/mysql-virtual-mailbox-maps.cf  
echo "query = SELECT 1 FROM virtual_users WHERE email='%s'" >> /etc/postfix/mysql-virtual-mailbox-maps.cf

echo "user = mailserver" >> /etc/postfix/mysql-virtual-alias-maps.cf
echo "password = mailserverpassword" >> /etc/postfix/mysql-virtual-alias-maps.cf  
echo "hosts = 127.0.0.1" >> /etc/postfix/mysql-virtual-alias-maps.cf  
echo "dbname = mailserver" >> /etc/postfix/mysql-virtual-alias-maps.cf  
echo "query = SELECT destination FROM virtual_aliases WHERE source='%s'" >> /etc/postfix/mysql-virtual-alias-maps.cf

service postfix restart

postmap -q example.com mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf
postmap -q lisi@example.com mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf
postmap -q all@example.com mysql:/etc/postfix/mysql-virtual-alias-maps.cf

Dovecot安装及配置

Dovecot安装

# 安装
apt-get install dovecot-core dovecot-imapd dovecot-pop3d dovecot-lmtpd dovecot-mysql

Dovecot的配置

需要修改的配置文件有：

• /etc/dovecot/dovecot.conf Dovecot的主配置文件
• /etc/dovecot/conf.d/10-mail.conf Dovecot将要操作的磁盘路径相关配置信息
• /etc/dovecot/conf.d/10-auth.conf 用户验证相关配置信息
• /etc/dovecot/conf.d/auth-sql.conf.ext SQL-Type验证相关配置信息
• /etc/dovecot/dovecot-sql.conf.ext Dovecot与数据库连接相关配置信息
• /etc/dovecot/conf.d/10-master.conf Dovecot本地socket相关配置信息
• /etc/dovecot/conf.d/10-ssl.conf 关于SSL的相关配置信息

# 修改 /etc/dovecot/dovecot.conf
echo "protocols = imap pop3 lmtp" >> /etc/dovecot/dovecot.conf


# 修改 修改/etc/dovecot/conf.d/10-mail.conf文件
echo "mail_location = maildir:/var/mail/vhosts/%d/%n" >> /etc/dovecot/conf.d/10-mail.conf
echo "mail_privileged_group = mail" >> /etc/dovecot/conf.d/10-mail.conf


# 创建/var/mail/vhosts/文件夹给每个需要启用的域名：
mkdir -p /var/mail/vhosts/example.com


# 新建vmail用户组及用户并赋权限
groupadd -g 5000 vmail  
useradd -g vmail -u 5000 vmail -d /var/mail


# 修改/var/mail/目录的权限，使vmail能够访问：
chown -R vmail:vmail /var/mail


# 修改/etc/dovecot/conf.d/10-auth.conf文件
echo "disable_plaintext_auth = yes" >> /etc/dovecot/conf.d/10-auth.conf
echo "auth_mechanisms = plain login" >> /etc/dovecot/conf.d/10-auth.conf


# 禁用系统账户登录
vim /etc/dovecot/conf.d/10-auth.conf
# 修改
#!include auth-system.conf.ext
# 开启 mysql支持
!include auth-sql.conf.ext 


# 修改/etc/dovecot/conf.d/auth-sql.conf.ext文件
# 在文件中加入如下内容：
passdb {  
    driver = sql  
    args = /etc/dovecot/dovecot-sql.conf.ext  
}  

userdb {  
    driver = static  
    args = uid=vmail gid=vmail home=/var/mail/vhosts/%d/%n  
}

# 修改/etc/dovecot/dovecot-sql.conf.ext文件
# 取消文件中driver行的注释，并将其修改为如下：
echo "driver = mysql" >> /etc/dovecot/dovecot-sql.conf.ext

# 取消文件中connect行的注释，并将其修改为如下：
echo "connect = host=127.0.0.1 dbname=mailserver user=mailserver password=mailserverpassword" >> /etc/dovecot/dovecot-sql.conf.ext

# 取消文件中default_pass_scheme行的注释，并将其修改为如下：
echo "default_pass_scheme = MD5" >> /etc/dovecot/dovecot-sql.conf.ext

# 取消文件中password_query行的注释，并将起修改为如下：
echo "password_query = SELECT email as user, password FROM virtual_users WHERE email='%u';" >> /etc/dovecot/dovecot-sql.conf.ext

# 在命令行种输入如下内容以修改目录权限：

chown -R vmail:dovecot /etc/dovecot
chmod -R o-rwx /etc/dovecot

修改/etc/dovecot/conf.d/10-master.conf文件

找到文件中的service lmtp并将其修改如下：

service lmtp {  
      unix_listener /var/spool/postfix/private/dovecot-lmtp {  
      mode = 0600  
      user = postfix  
      group = postfix  
}  

# Create inet listener only if you can't use the above UNIX socket  
#inet_listener lmtp {  
      #Avoid making LMTP visible for the entire internet  
      #address =  
      #port =  
      #}  
}

找到文件中service auth并将其内容修改如下：

service auth {  
    # auth_socket_path points to this userdb socket by default. It's typically  
    # used by dovecot-lda, doveadm, possibly imap process, etc. Its default  
    # permissions make it readable only by root, but you may need to relax these  
    # permissions. Users that have access to this socket are able to get a list  
    # of all usernames and get results of everyone's userdb lookups.  

    unix_listener /var/spool/postfix/private/auth {  
            mode = 0666  
            user = postfix  
            group = postfix  
    }  

    unix_listener auth-userdb {  
            mode = 0600  
            user = vmail  
            #group =  
    }  

    # Postfix smtp-auth  
    #unix_listener /var/spool/postfix/private/auth {  
    #          mode = 0666  
    #}  

    # Auth process is run as this user.  
    user = dovecot  
}

找到文件中service auth-worker内容并修改如下：

service auth-worker {  
    # Auth worker process is run as root by default, so that it can access  
    # /etc/shadow. If this isn't necessary, the user should be changed to  
    # $default_internal_user.  
    user = vmail  
}

重新启动Dovecot服务：

service dovecot restart