環境†CentOS6 事前インストール†# yum install postfix dovecot mysql-server dovecot-mysql php httpd cyrus-sasl-sql.x86_64 cyrus-sasl-devel.x86_64 cyrus-sasl-plain php-mbstring php-imap php-mysql Postfixadmin 構築手順†# cp -p /etc/postfix/main.cf /etc/postfix/main.cf.`date +%Y%m%d` # vi /etc/postfix/main.cf myhostname = mail01.example.jp mydomain = example.jp myorigin = $mydomain inet_interfaces = all mynetworks = 127.0.0.0/8, [::1]/128 home_mailbox = Maildir/ smtpd_banner = ESMTP unknown smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = $mydomain smtpd_recipient_restrictions = reject_unauth_destination, permit_mynetworks, <-- localhostからも認証必須にする場合は削除する permit_sasl_authenticated broken_sasl_auth_clients=yes smtpd_client_restrictions = permit_mynetworks, reject_rbl_client all.rbl.jp, # reject_rbl_client list.dsbl.org, reject_rbl_client bl.spamcop.net, reject_rbl_client relays.ordb.org, reject_rbl_client sbl-xbl.spamhaus.org ### clamav #smtpd_milters = unix:/var/run/clamav/clamav-milter.sock #non_smtpd_milters = unix:/var/run/clamav/clamav-milter.sock #milter_default_action = accept ### Postfix admin settings local_transport = local virtual_transport = virtual virtual_mailbox_base = /home/mailuser virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf virtual_alias_domains = $virtual_alias_maps virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf virtual_minimum_uid = 5000 virtual_uid_maps = static:5000 virtual_gid_maps = static:5000 # vi /etc/postfix/mysql_virtual_alias_maps.cf [新規作成] user = postfixuser password = EX@mpLEP@ss2013 hosts = localhost dbname = postfix query = SELECT goto FROM alias WHERE address='%s' AND active = '1' # vi /etc/postfix/mysql_virtual_domains_maps.cf [新規作成] user = postfixuser password = EX@mpLEP@ss2013 hosts = localhost dbname = postfix query = SELECT domain FROM domain WHERE domain='%u' # vi /etc/postfix/mysql_virtual_mailbox_maps.cf [新規作成] user = postfixuser password = EX@mpLEP@ss2013 hosts = localhost dbname = postfix query = SELECT maildir FROM mailbox WHERE username = '%s' AND active = '1' # cp -p /etc/postfix/master.cf /etc/postfix/master.cf.20130319 # vi /etc/postfix/master.cf [変更] submission inet n - n - - smtpd # -o smtpd_tls_security_level=encrypt # -o smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject バーチャルドメイン用のユーザとグループを作成†# groupadd -g 5000 mailuser # useradd -u 5000 -g 5000 -d /home/mailuser -s /sbin/nologin mailuser postfixのsmtp-auth mysql設定†# cp -p /etc/sasl2/smtpd.conf /etc/sasl2/smtpd.conf.`date +%Y%m%d` # vi /etc/sasl2/smtpd.conf # smtpd.conf pwcheck_method: auxprop auxprop_plugin: sql allowplaintext: yes mech_list: plain login sql_engine: mysql sql_hostnames: localhost sql_user: postfixuser sql_passwd: EX@mpLEP@ss2013 sql_database: postfix sql_select: SELECT password FROM mailbox WHERE username = '%u@%r' AND active = '1' Postfixadminのインストールと設定†ユーザ情報登録用のデータベースを作成†# mysql -u root -p mysql> CREATE DATABASE postfix mysql> GRANT ALL PRIVILEGES ON postfix.* TO postfixuser@localhost IDENTIFIED BY 'EX@mpLEP@ss2013'; Postixadminの取得と設置†※postfixadminは最新版を取得すること # wget "http://downloads.sourceforge.net/project/postfixadmin/postfixadmin/postfixadmin-2.3.5/postfixadmin-2.3.5.tar.gz?r=http%3A%2F%2Fsourceforge.net%2Fprojects%2Fpostfixadmin%2F&ts=1343955693&use_mirror=jaist" # tar xzvf postfixadmin-2.3.5.tar.gz # mv postfixadmin-2.3.5 /var/www/vhosts/mailmaster Postixadmin初期設定†# cp -p /var/www/vhosts/mailmaster/config.inc.php /var/www/vhosts/mailmaster/config.inc.php.`date +%Y%m%d` # vi /var/www/vhosts/mailmaster/config.inc.php [変更箇所] $CONF['configured'] = true; $CONF['setup_password'] = 'changeme'; ←今は未記入のままでOK $CONF['default_language'] = 'ja'; $CONF['postfix_admin_url'] = 'http://www.example.jp/mailmaster'; //Database Config $CONF['database_user'] = 'postfixuser'; $CONF['database_password'] = 'EX@mpLEP@ss2013'; $CONF['database_name'] = 'postfix'; $CONF['admin_email'] = 'postmaster@example.jp'; $CONF['encrypt'] = 'cleartext'; $CONF['page_size'] = '100' $CONF['domain_path'] = 'YES'; $CONF['aliases'] = '300'; $CONF['mailboxes'] = '500'; $CONF['maxquota'] = '500'; ブラウザでhttp://xxx/mailmaster/setup.phpにアクセスする。 「Setup password」を入力してsubmitすると、 $CONF['setup_password'] = ‘aa45fgasfgkldhfahsldhf2asjdqweroajsdfasdfasd’; のようなパラメータが赤字で表示されるので、config.inc.phpに反映させる。 # vi /var/www/vhosts/mailmaster/config.inc.php [再修正] $CONF['setup_password'] = 'changeme'; 再度ブラウザでhttp://xxx/mailmaster/setup.phpにアクセスする。 再度setup.phpにアクセスして管理者(特権管理者となる)を登録する。 index.phpにアクセスするとログイン画面が表示されるので、 登録した管理者でログインする。 引き続きドメインの設定、ユーザの設定を行うとユーザ情報用のデータベースに以下のようなレコードが登録されている。 mysql> show tables; +-----------------------+ | Tables_in_postfix | +-----------------------+ | admin | | alias | | alias_domain | | config | | domain | | domain_admins | | fetchmail | | log | | mailbox | | quota | | quota2 | | vacation | | vacation_notification | +-----------------------+ 13 rows in set (0.00 sec) mysql> select * from domain; +-------------------------+-------------+---------+-----------+----------+-------+-----------+----------+---------------------+---------------------+--------+ | domain | description | aliases | mailboxes | maxquota | quota | transport | backupmx | created | modified | active | +-------------------------+-------------+---------+-----------+----------+-------+-----------+----------+---------------------+---------------------+--------+ | ALL | | 0 | 0 | 0 | 0 | | 0 | 0000-00-00 00:00:00 | 0000-00-00 00:00:00 | 1 | | example.jp | | 10 | 10 | 50 | 0 | virtual | 0 | 2012-08-03 10:14:35 | 2012-08-03 10:14:35 | 1 | +-------------------------+-------------+---------+-----------+----------+-------+-----------+----------+---------------------+---------------------+--------+ 2 rows in set (0.00 sec) mysql> select * from mailbox; +----------------------------------+------------------------------------+------+----------------------+----------+------------+-------------+---------------------+---------------------+--------+ | username | password | name | maildir | quota | local_part | domain | created | modified | active | +----------------------------------+------------------------------------+------+----------------------+----------+------------+-------------+---------------------+---------------------+--------+ | user001@example.jp | $1$s20dlgklksdfkworkgkj13k5lkdfg/ | | example.jp/user001/ | 51200000 | user001 | example.jp | 2012-08-03 11:22:16 | 2012-08-03 11:22:16 | 1 | +----------------------------------+------------------------------------+------+----------------------+----------+------------+-------------+---------------------+---------------------+--------+ 1 row in set (0.00 sec) Dovecot設定†# cp -p /etc/dovecot/dovecot.conf /etc/dovecot/dovecot.conf.`date +%Y%m%d` # vi /etc/dovecot/dovecot.conf [編集] protocols = pop3 imap disable_plaintext_auth = no mail_location = maildir:/home/mailuser/%d/%n/ ※%uだとドメイン名無しで認証する # cp -p /etc/dovecot/conf.d/10-auth.conf /etc/dovecot/conf.d/10-auth.conf.`date +%Y%m%d` # vi /etc/dovecot/conf.d/10-auth.conf [編集] disable_plaintext_auth = no auth_mechanisms = plain login #!include auth-system.conf.ext !include auth-sql.conf.ext # cp -p /etc/dovecot/conf.d/10-mail.conf /etc/dovecot/conf.d/10-mail.conf.`date +%Y%m%d` # vi /etc/dovecot/10-mail.conf [編集] mail_location = maildir:~/Maildir # cp -p /etc/dovecot/conf.d/10-master.conf /etc/dovecot/conf.d/10-master.conf.`date +%Y%m%d` # vi /etc/dovecot/conf.d/10-master.conf [編集] port = 143 port = 110 # cp -p /etc/dovecot/conf.d/auth-sql.conf.ext /etc/dovecot/conf.d/auth-sql.conf.ext.`date +%Y%m%d` # vi /etc/dovecot/conf.d/auth-sql.conf.ext [編集] passdb内↓ args = /etc/dovecot/conf.d/dovecot-sql.conf.ext userdb内↓ args = /etc/dovecot/conf.d/dovecot-sql.conf.ext # vi /etc/dovecot/conf.d/dovecot-sql.conf.ext [作成] driver = mysql default_pass_scheme = PLAIN connect = host=localhost dbname=postfix user=postfixuser password=EX@mpLEP@ss2013 password_query = SELECT password FROM mailbox WHERE username = '%u' AND active = '1' user_query = SELECT concat('/home/mailuser/', maildir) as home, 5000 as uid, 5000 as gid FROM mailbox WHERE username = '%u' AND active = '1' # chkconfig dovecot on 備考†必要であればclamとspam設定を実施する |