#author(“2017-11-29T06:42:27+00:00”,“default:kazuma”,“kazuma”) Postfix
環境 [#s0a41415]
CentOS6
事前インストール [#g7d23c94]
# yum install postfix dovecot mysql-server dovecot-mysql php httpd cyrus-sasl-sql.x86_64 cyrus-sasl-devel.x86_64 cyrus-sasl-plain php-mbstring php-imap php-mysql
Postfixadmin 構築手順 [#g168f9d5]
# cp -p /etc/postfix/main.cf /etc/postfix/main.cf.`date +%Y%m%d`
# vi /etc/postfix/main.cf
myhostname = mail01.example.jp
mydomain = example.jp
myorigin = $mydomain
inet_interfaces = all
mynetworks = 127.0.0.0/8, [::1]/128
home_mailbox = Maildir/
smtpd_banner = ESMTP unknown
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $mydomain
smtpd_recipient_restrictions =
reject_unauth_destination,
permit_mynetworks, <-- localhostからも認証必須にする場合は削除する
permit_sasl_authenticated
broken_sasl_auth_clients=yes
smtpd_client_restrictions =
permit_mynetworks,
reject_rbl_client all.rbl.jp,
# reject_rbl_client list.dsbl.org,
reject_rbl_client bl.spamcop.net,
reject_rbl_client relays.ordb.org,
reject_rbl_client sbl-xbl.spamhaus.org
### clamav
#smtpd_milters = unix:/var/run/clamav/clamav-milter.sock
#non_smtpd_milters = unix:/var/run/clamav/clamav-milter.sock
#milter_default_action = accept
### Postfix admin settings
local_transport = local
virtual_transport = virtual
virtual_mailbox_base = /home/mailuser
virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_alias_domains = $virtual_alias_maps
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_minimum_uid = 5000
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
# vi /etc/postfix/mysql_virtual_alias_maps.cf
[新規作成]
user = postfixuser
password = EX@mpLEP@ss2013
hosts = localhost
dbname = postfix
query = SELECT goto FROM alias WHERE address='%s' AND active = '1'
# vi /etc/postfix/mysql_virtual_domains_maps.cf
[新規作成]
user = postfixuser
password = EX@mpLEP@ss2013
hosts = localhost
dbname = postfix
query = SELECT domain FROM domain WHERE domain='%u'
# vi /etc/postfix/mysql_virtual_mailbox_maps.cf
[新規作成]
user = postfixuser
password = EX@mpLEP@ss2013
hosts = localhost
dbname = postfix
query = SELECT maildir FROM mailbox WHERE username = '%s' AND active = '1'
# cp -p /etc/postfix/master.cf /etc/postfix/master.cf.20130319
# vi /etc/postfix/master.cf
[変更]
submission inet n - n - - smtpd
# -o smtpd_tls_security_level=encrypt
# -o smtpd_enforce_tls=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
バーチャルドメイン用のユーザとグループを作成 [#x06dd755]
# groupadd -g 5000 mailuser
# useradd -u 5000 -g 5000 -d /home/mailuser -s /sbin/nologin mailuser
postfixのsmtp-auth mysql設定 [#d980648e]
# cp -p /etc/sasl2/smtpd.conf /etc/sasl2/smtpd.conf.`date +%Y%m%d`
# vi /etc/sasl2/smtpd.conf
# smtpd.conf
pwcheck_method: auxprop
auxprop_plugin: sql
allowplaintext: yes
mech_list: plain login
sql_engine: mysql
sql_hostnames: localhost
sql_user: postfixuser
sql_passwd: EX@mpLEP@ss2013
sql_database: postfix
sql_select: SELECT password FROM mailbox WHERE username = '%u@%r' AND active = '1'
Postfixadminのインストールと設定 [#w31cb3ae]
ユーザ情報登録用のデータベースを作成 [#x30b8338]
# mysql -u root -p
mysql> CREATE DATABASE postfix
mysql> GRANT ALL PRIVILEGES ON postfix.* TO postfixuser@localhost IDENTIFIED BY 'EX@mpLEP@ss2013';
Postixadminの取得と設置 [#t99c3976]
※postfixadminは最新版を取得すること
# wget "http://downloads.sourceforge.net/project/postfixadmin/postfixadmin/postfixadmin-2.3.5/postfixadmin-2.3.5.tar.gz?r=http%3A%2F%2Fsourceforge.net%2Fprojects%2Fpostfixadmin%2F&ts=1343955693&use_mirror=jaist"
# tar xzvf postfixadmin-2.3.5.tar.gz
# mv postfixadmin-2.3.5 /var/www/vhosts/mailmaster
Postixadmin初期設定 [#u9e21e76]
# cp -p /var/www/vhosts/mailmaster/config.inc.php /var/www/vhosts/mailmaster/config.inc.php.`date +%Y%m%d`
# vi /var/www/vhosts/mailmaster/config.inc.php
[変更箇所]
$CONF['configured'] = true;
$CONF['setup_password'] = 'changeme'; ←今は未記入のままでOK
$CONF['default_language'] = 'ja';
$CONF['postfix_admin_url'] = 'http://www.example.jp/mailmaster';
//Database Config
$CONF['database_user'] = 'postfixuser';
$CONF['database_password'] = 'EX@mpLEP@ss2013';
$CONF['database_name'] = 'postfix';
$CONF['admin_email'] = 'postmaster@example.jp';
$CONF['encrypt'] = 'cleartext';
$CONF['page_size'] = '100'
$CONF['domain_path'] = 'YES';
$CONF['aliases'] = '300';
$CONF['mailboxes'] = '500';
$CONF['maxquota'] = '500';
ブラウザでhttp://xxx/mailmaster/setup.phpにアクセスする。
「Setup password」を入力してsubmitすると、
$CONF['setup_password'] = ‘aa45fgasfgkldhfahsldhf2asjdqweroajsdfasdfasd’;
のようなパラメータが赤字で表示されるので、config.inc.phpに反映させる。
# vi /var/www/vhosts/mailmaster/config.inc.php
[再修正]
$CONF['setup_password'] = 'changeme';
再度ブラウザでhttp://xxx/mailmaster/setup.phpにアクセスする。
再度setup.phpにアクセスして管理者(特権管理者となる)を登録する。
index.phpにアクセスするとログイン画面が表示されるので、 登録した管理者でログインする。
引き続きドメインの設定、ユーザの設定を行うとユーザ情報用のデータベースに以下のようなレコードが登録されている。
mysql> show tables;
+-----------------------+
| Tables_in_postfix |
+-----------------------+
| admin |
| alias |
| alias_domain |
| config |
| domain |
| domain_admins |
| fetchmail |
| log |
| mailbox |
| quota |
| quota2 |
| vacation |
| vacation_notification |
+-----------------------+
13 rows in set (0.00 sec)
mysql> select * from domain;
+-------------------------+-------------+---------+-----------+----------+-------+-----------+----------+---------------------+---------------------+--------+
| domain | description | aliases | mailboxes | maxquota | quota | transport | backupmx | created | modified | active |
+-------------------------+-------------+---------+-----------+----------+-------+-----------+----------+---------------------+---------------------+--------+
| ALL | | 0 | 0 | 0 | 0 | | 0 | 0000-00-00 00:00:00 | 0000-00-00 00:00:00 | 1 |
| example.jp | | 10 | 10 | 50 | 0 | virtual | 0 | 2012-08-03 10:14:35 | 2012-08-03 10:14:35 | 1 |
+-------------------------+-------------+---------+-----------+----------+-------+-----------+----------+---------------------+---------------------+--------+
2 rows in set (0.00 sec)
mysql> select * from mailbox;
+----------------------------------+------------------------------------+------+----------------------+----------+------------+-------------+---------------------+---------------------+--------+
| username | password | name | maildir | quota | local_part | domain | created | modified | active |
+----------------------------------+------------------------------------+------+----------------------+----------+------------+-------------+---------------------+---------------------+--------+
| user001@example.jp | $1$s20dlgklksdfkworkgkj13k5lkdfg/ | | example.jp/user001/ | 51200000 | user001 | example.jp | 2012-08-03 11:22:16 | 2012-08-03 11:22:16 | 1 |
+----------------------------------+------------------------------------+------+----------------------+----------+------------+-------------+---------------------+---------------------+--------+
1 row in set (0.00 sec)
Dovecot設定 [#z4acfe99]
# cp -p /etc/dovecot/dovecot.conf /etc/dovecot/dovecot.conf.`date +%Y%m%d`
# vi /etc/dovecot/dovecot.conf
[編集]
protocols = pop3 imap
disable_plaintext_auth = no
mail_location = maildir:/home/mailuser/%d/%n/
※%uだとドメイン名無しで認証する
# cp -p /etc/dovecot/conf.d/10-auth.conf /etc/dovecot/conf.d/10-auth.conf.`date +%Y%m%d`
# vi /etc/dovecot/conf.d/10-auth.conf
[編集]
disable_plaintext_auth = no
auth_mechanisms = plain login
#!include auth-system.conf.ext
!include auth-sql.conf.ext
# cp -p /etc/dovecot/conf.d/10-mail.conf /etc/dovecot/conf.d/10-mail.conf.`date +%Y%m%d`
# vi /etc/dovecot/10-mail.conf
[編集]
mail_location = maildir:
/Maildir
# cp -p /etc/dovecot/conf.d/10-master.conf /etc/dovecot/conf.d/10-master.conf.`date +%Y%m%d`
# vi /etc/dovecot/conf.d/10-master.conf
[編集]
port = 143
port = 110
# cp -p /etc/dovecot/conf.d/auth-sql.conf.ext /etc/dovecot/conf.d/auth-sql.conf.ext.`date +%Y%m%d`
# vi /etc/dovecot/conf.d/auth-sql.conf.ext
[編集]
passdb内↓
args = /etc/dovecot/conf.d/dovecot-sql.conf.ext
userdb内↓
args = /etc/dovecot/conf.d/dovecot-sql.conf.ext
# vi /etc/dovecot/conf.d/dovecot-sql.conf.ext
[作成]
driver = mysql
default_pass_scheme = PLAIN
connect = host=localhost dbname=postfix user=postfixuser password=EX@mpLEP@ss2013
password_query = SELECT password FROM mailbox WHERE username = '%u' AND active = '1'
user_query = SELECT concat('/home/mailuser/', maildir) as home, 5000 as uid, 5000 as gid FROM mailbox WHERE username = '%u' AND active = '1'
# chkconfig dovecot on
備考 [#y216a1d4]
必要であればclamとspam設定を実施する