[原创]Freebsd postfix with SASL2 mysql courier-imap完全ports安装

chaohu

Freebsd postfix with SASL2 mysql courier-imap完全ports安装<br>
作者：柯贵中 QQ：93606088 E-mail：chaohu@tom.com<br>
<br>
版权所有：华柯天下（www.chinake.com）。如有转载，请注明来源，本文形成于2005年4月30日。<br>
本文硬件环境为：CII800+256M+intel815E+40G+intel 10/100 pro+ADSL上网。<br>
软件环境为：Windows xp sp2+Vmware 5.0+secureCRT4.1+leapftp+freebsd 4.10<br>
2005年5月6日，本系统在freebsd 5.3下测试通过。<br>
本系统最大的优点是简单，而且支持加密认证和安全连接。认证部分使用courier认证，是同一个进程，效率更高。配置文件更少。<br>
————————————————————————————————————————<br>
1、基本系统准备<br>
1.1准备网络环境，使虚拟机也能上网<br>
首先安装下载4.10-RELEASE-i386-disc1.iso，然后安装Vmware5.0，安装好后会产生两个网络连结，我们禁用它（用不上），在ADSL连结上右击——属性——共享——共享到本地连结——确定。在本地连结上右击——internet 协议（tcp/ip）——使用下面的DNS服务器地址，将ADSL拨号所获取的DNS地址（如：202.102.192.68）填入——确定。<br>
1.2创建freebsd虚拟机<br>
启动Vmware——new virtual machine——下一步——typical——下一步——other——freebsd——下一步——（修改保存虚拟机的路径，要求空间不得少于4G）下一步（use bridged networking）——下一步disk size（分配最大空间）为10G——完成。<br>
单击edit virtual machine setting 调节虚拟机内存为128M，调整CD-ROM——USE ISO image，浏览到我们下载的4.10-RELEASE-i386-disc1.iso后OK。注意虚拟机和windows xp间的切换键为 Ctrl+Alt。<br>
1.3安装freebsd系统<br>
启动虚拟机进入freebsd安装界面。<br>
1.3.1 Skip kernel configuration and continue with installation<br>
1.3.2 standard，进入硬盘管理，直接按a、q。<br>
1.3.3 引导程序选standard，进入分区管理，直接按a、q。<br>
1.3.4 选择安装包，我选择Minimal，也可以选择All，使用上下键+空格选择，左右键在OK和cancel之间选择，然后回车，大约5分钟。<br>
注意：没有说明的直接回车确定。如果是实际机器安装，请自行确定好网络环境。<br>
由于ports安装下载程序为单线程，太慢，所以准备在win下将所需要的软件用google找到下载回来，通过ftp上传到freebsd，并且使用sshd管理freebsd，所以需要增加一个wheel组用户帐号。<br>
1.3.5 User confirmation requested <br>
Would you like to configure any Ethernet or slip/ppp network devices?(yes)<br>
选择lnc lance/pcnet (isolan/novell ne2100/ne32-vl)Ethernet，<br>
do you want to try ipv6 configuration of the interface ?(no)<br>
do you want to try dhcp configuration of the interface?(no)<br>
1.3.6主机和网络配置，能不能上网关键在这里<br>
host: mail<br>
domain:chinake.com<br>
ipv4 gateway:192.168.0.1<br>
name server:202.102.192.68<br>
ipv4 address:192.168.0.66<br>
netmask:255.255.255.0.<br>
would you like to bring the lnc0 interface up right now?(yes)<br>
do you want this machine to function as a network gateway?(no)<br>
1.3.7开启ftp服务，便于以后上传文件，如果你的网络快，也可不开启。<br>
do you want to configure inetd and the network services that it provides?(yes)<br>
将ftp前的#号给删了，然后敲Esc一次，回车两次。<br>
Do you want to have anonymous ftp access to this machine?(no)<br>
Do you want to configure this machine as an NFS server?(no)<br>
Do you want to configure this machine as an NFS client?(no)<br>
Do you want to select a default security profile for this host?(no)<br>
Would you like to customize your system console setting?(no)<br>
Would you like to set this machine’s time zone now?(no)<br>
Would you like to enable Linux binary compatibility?(yes)<br>
Does this system have a non-usb mouse attaché to it?(yes)<br>
选择2 enable test and run the mouse daemon,然后exit<br>
1.3.8 增加软件包，这里只需要增加更新ports树程序<br>
the freebsd package collection is a collection of thousands of ready-to-run applications, from text editors to games to web servers and more. would you browse the collection now?(yes). 如果想以后配置，可以运行/stand/sysinstall.<br>
选择All——用空格键选择cvsup-16.1h和portupgrade-20040325_1,ok——install.<br>
1.3.9增加系统用户，并使它具有wheel组权限。<br>
Would you like to add any initial user accounts to the system?(yes)<br>
User add a new user to the system<br>
Login id:chaohu<br>
Uid:1001<br>
Group: wheel<br>
Password:chaohu<br>
Ok——exit<br>
1.3.10 修改root用户密码<br>
Now you must set the system manager’s password<br>
This is the password you’ll use to log in as “root”.<br>
输入两次密码，注意输入时是看不见的。<br>
选择no——exit install——yes，重启电脑。FREEBSD 基本系统安装成功。<br>
————————————————————————————————————————<br>
2、WEB服务器系统软件安装<br>
2.1建立sshd连接<br>
安装secureCRT，启动后新建连结。<br>
Name :mail.chinake.com<br>
Hostname:192.168.0.66<br>
Username:chaohu<br>
Password:chaohu<br>
$su<br>
password:<br>
mail#<br>
注：#表示是root身份，$表示普通用户身份。<br>
以下如无特别说明，所有命令都是以root用户身份运行。<br>
2.2 更新ports树。<br>
cd /usr/share/examples/cvsup; cvsup -g -L 2 -h ftp.freebsdchina.org ports-supfile<br>
大约十几分钟，取决于网络的快慢。<br>
mkdir /usr/ports/distfiles<br>
chmod 777 /usr/ports/distfiles<br>
更改这个目录为所有用户可写，使用leapftp软件，<a target=_blank href=ftp://192.168.0.66>ftp://192.168.0.66</a>，用户名和密码：chaohu，登入，并切换到该目录，上传所需要软件，主要是比较大的软件包，如mysql等。<br>
2.3 安装openssl<br>
cd /usr/ports/security/openssl; make install clean<br>
2.4 安装mysql数据库，建议安装3.23或4.0版。<br>
cd /usr/ports/databases/mysql323-server/;<br>
make BUILD_OPTIMIZED=yes WITH_OPENSSL=yes install clean<br>
ee /etc/rc.conf;加入：mysql_enable="YES"<br>
2.5 安装apache<br>
cd /usr/ports/www/apache13-modssl;make install clean<br>
支持https连接，web服务路径为：/usr/local/www/data/。也可以选择apache2。<br>
ee /etc/rc.conf;加入：apache_enable="YES"<br>
2.6 安装php4<br>
cd /usr/ports/lang/php4;make install clean<br>
cp /usr/local/etc/php.ini.dist /usr/local/etc/php.ini<br>
ee /usr/local/etc/apache/httpd.conf<br>
在最后加入：<br>
AddType application/x-httpd-php .php<br>
AddType application/x-httpd-php-source .phps<br>
<br>
2.7 安装phpmyadmin<br>
由于phpmyadmin默认安装路径为：/usr/local/www/phpMyAdmin<br>
而我们的web服务路径是：/usr/local/www/data/<br>
所以我们要更改其默认的安装。<br>
cd /usr/ports/databases/phpmyadmin;<br>
ee Makefile<br>
将www/全部更改为www/data/。<br>
make install clean<br>
ee /usr/local/www/data/phpMyAdmin/config.inc.php;<br>
将第一个config，改为http<br>
$cfg['PmaAbsoluteUri'] = '<a target=_blank href=http://192.168.0.66/phpMyAdmin/'>http://192.168.0.66/phpMyAdmin/'</a>;<br>
$cfg['Servers'][$i]['auth_type'] = 'http'; // Authentication method (config, http or cookie based)?<br>
2.8 安装perl5.8<br>
cd /usr/ports/lang/perl5.8/;make install clean<br>
完成后根据提示执行：<br>
/usr/local/bin/use.perl port<br>
2.9 安装expect<br>
cd /usr/ports/lang/expect<br>
make install clean<br>
2.10 安装postfixadmin<br>
同phpmyadmin一样，其默认安装目录为：/usr/local/www/postfixadmin/，<br>
所以我也想把它安装到/usr/local/www/data/postfixadmin/下，修改makefile，将所有www/，都改为www/data/，注意有很多处。<br>
cd /usr/ports/mail/postfixadmin;ee Makefile;make install clean<br>
导入数据库：<br>
cd /usr/local/www/data/postfixadmin/<br>
mysql –u root < DATABASE_MYSQL.TXT<br>
修改config.ini.php文件，ee config.ini.php<br>
$CONF['default_language'] = 'cn';<br>
$CONF['domain_path'] = 'YES';<br>
$CONF['domain_in_mailbox'] = 'NO';<br>
这样产生的用户邮件目录形式如：/usr/local/virtual/chinake.com/chaohu<br>
建立邮件存储目录：<br>
mkdir /usr/local/virtual;<br>
chown www:www /usr/local/virtual;<br>
chmod 771 /usr/local/virtual<br>
<br>
3、邮件系统安装<br>
3.1 安装courier-imap<br>
cd /usr/ports/mail/courier-imap<br>
make install clean<br>
选择添加：[auth_mysql]，如果没有做，可以make config，进行重新选择。<br>
然后编辑：ee /etc/rc.conf;增加courier_authdaemond_enable="YES"自启动，并启动：<br>
/usr/local/etc/rc.d/courier_authdaemond.sh start。此时会在/var/run/authdaemond/下产生socket。<br>
chmod o+x /var/run/authdaemond;给sasl可执行权限。<br>
3.2 安装SASL2<br>
cd /usr/ports/security/cyrus-sasl2;make install WITH_AUTHDAEMON=yes clean;<br>
或者使用：make -DWITH_AUTHDAEMOND install clean<br>
ee /usr/local/lib/sasl2/smtpd.conf ;<br>
pwcheck_method: authdaemond<br>
log_level: 3<br>
mech_list: PLAIN LOGIN<br>
authdaemond_path:/var/run/authdaemond/socket<br>
至此，认证部分基本完成。<br>
3.3 安装POSTFIX<br>
3.3.1 cd /usr/ports/mail/postfix<br>
安装时选中[sasl2]+[tls]+[db42]+[mysql]+[vda]+[test]。<br>
make install clean<br>
在安装快结束时会提示两个问题，分别是加入用户组和修改mailer.conf。全部回答为y。<br>
echo ‘postfix: root’ >> /etc/aliases<br>
/usr/local/bin/newaliases<br>
chown postfix:postfix /etc/opiekeys<br>
3.3.2 替换并停止sendmail<br>
ee /etc/rc.conf;修改sendmail_enable=’NONE’<br>
建立启动链接：<br>
cd /usr/local/etc/rc.d/;ln –s /usr/local/sbin/postfix postfix.sh<br>
创建/etc/periodic.conf <br>
ee /etc/periodic.conf<br>
daily_clean_hoststat_enable="NO"<br>
daily_status_mail_rejects_enable="NO"<br>
daily_status_include_submit_mailq="NO"<br>
daily_submit_queuerun="NO"<br>
3.3.3配置postfix<br>
因为我想使用和apache一样的用户来读取邮件目录，因为apache用户为www，id:80，所以要注意/usr/local/etc/postfix/main.cf中的用户id。<br>
ee /usr/local/etc/postfix/main.cf<br>
在最后添加：<br>
#======= BASE ==============<br>
myhostname = mail.chinake.com<br>
mydomain = chinake.com<br>
home_mailbox = Maildir/<br>
mydestination = $myhostname<br>
local_recipient_maps = <br>
#======= MYSQL =============<br>
virtual_gid_maps = static:80<br>
virtual_mailbox_base = /usr/local/virtual<br>
virtual_uid_maps = static:80<br>
virtual_minimum_uid = 80<br>
virtual_alias_maps = mysql:/usr/local/etc/postfix/mysql_virtual_alias_maps.cf<br>
virtual_mailbox_domains = mysql:/usr/local/etc/postfix/mysql_virtual_domains_maps.cf<br>
virtual_mailbox_maps = mysql:/usr/local/etc/postfix/mysql_virtual_mailbox_maps.cf<br>
#======= Quota ============<br>
message_size_limit = 5242880<br>
virtual_mailbox_limit_inbox = no<br>
virtual_mailbox_limit_override = yes<br>
virtual_maildir_extended = yes<br>
virtual_create_maildirsize = yes<br>
virtual_mailbox_limit_maps = mysql:/usr/local/etc/postfix/mysql_virtual_mailbox_limit_maps.cf<br>
virtual_mailbox_limit = 52428800<br>
#======== SASL ================<br>
smtpd_sasl_auth_enable = yes<br>
smtpd_sasl_security_options = noanonymous<br>
broken_sasl_auth_clients = yes<br>
smtpd_recipient_restrictions = permit_sasl_authenticated permit_auth_destination reject<br>
#smtpd_sasl_local_domain = $mydomain<br>
smtpd_client_restrictions = permit_sasl_authenticated<br>
<br>
几个配置文件：<br>
cd /usr/local/etc/postfix/;<br>
1、ee mysql_virtual_alias_maps.cf <br>
user = postfix<br>
password = postfix<br>
hosts = localhost<br>
dbname = postfix<br>
table = alias<br>
select_field = goto<br>
where_field = address<br>
<br>
2、ee mysql_virtual_domains_maps.cf <br>
user = postfix<br>
password = postfix<br>
hosts = localhost<br>
dbname = postfix<br>
table = domain<br>
select_field = description<br>
where_field = domain<br>
#additional_conditions = and backupmx = '0' and active = '1'<br>
3、ee mysql_virtual_mailbox_maps.cf <br>
user = postfix<br>
password = postfix<br>
hosts = localhost<br>
dbname = postfix<br>
table = mailbox<br>
select_field = maildir<br>
where_field = username<br>
#additional_conditions = and active = '1'<br>
4、ee mysql_virtual_mailbox_limit_maps.cf <br>
user = postfix<br>
password = postfix<br>
hosts = localhost<br>
dbname = postfix<br>
table = mailbox<br>
select_field = quota<br>
where_field = username<br>
#additional_conditions = and active = '1'<br>
<br>
这里我使用80用户，即WWW（HTTP）并修改：<br>
<br>
3．4、配置courier-imap认证<br>
ee /usr/local/etc/authlib/authmysqlrc<br>
DEFAULT_DOMAIN chinake.com<br>
MYSQL_CRYPT_PWFIELD password<br>
MYSQL_DATABASE postfix<br>
MYSQL_GID_FIELD '80'<br>
MYSQL_HOME_FIELD '/usr/local/virtual'<br>
MYSQL_LOGIN_FIELD username<br>
MYSQL_MAILDIR_FIELD maildir<br>
MYSQL_NAME_FIELD name<br>
MYSQL_OPT 0<br>
MYSQL_PASSWORD postfix<br>
#MYSQL_PORT 0<br>
#MYSQL_QUOTA_FIELD quota<br>
MYSQL_SERVER localhost<br>
MYSQL_UID_FIELD '80'<br>
MYSQL_USERNAME postfix<br>
MYSQL_USER_TABLE mailbox<br>
<br>
这里用户也修改为80，注意中间不是空格，是TAB键，在Unix系统中，很多都是用TAB键的。也请特别注意其中的引号。<br>
ee /usr/local/etc/authlib/authdaemonrc<br>
authmodulelist="authmysql authpam authuserdb"<br>
authmodulelistorig="authmysql authpam authuserdb"<br>
version="authdaemond.mysql"<br>
4、安装webmail<br>
在默认的配置上添加[AUTH_MYSQL]<br>
cd /usr/ports/mail/sqwebmail/；make install clean<br>
ee /etc/rc.conf;添加：sqwebmaild_enable=”YES”<br>
ee /etc/crontab <br>
#minute hour mday month wday who command<br>
0 * * * * bin /usr/local/share/sqwebmail/ cleancache.pl<br>
好了，邮件服务器建设好了。<br>
5、虚拟域名、管理员、用户的管理。<br>
<a target=_blank href=http://192.168.0.66/postfixadmin/admin/>http://192.168.0.66/postfixadmin/admin/</a><br>
注意先建域，后管理员，然后添加用户，再到/usr/local/virtual下看看，用户目录有没有建立，如果没有，请查看 /var/log/下的maillog和messages。仔细检查配置文件。<br>
6、收发邮件<br>
可以使用outlook或<a target=_blank href=http://192.168.0.66/cgi-bin/sqwebmail/sqwebmail>http://192.168.0.66/cgi-bin/sqwebmail/sqwebmail</a><br>
注意虚拟域，使用邮件地址登入。<br>

chaohu

7、关于sqwebmail汉化<br>
查阅网上资料，大多是直接把html/en-us下的文件直接汉化，经过试验是可以的。<br>
8、小松鼠网页电子邮件系统(SquirrelMail)<br>
8.1 安装<br>
cd /usr/ports/mail/squirrelmail/;<br>
ee Makefile<br>
把默认的安装路径/usr/local/www/squirrelmail，<br>
改为/usr/local/www/data/squirrelmail，即修改里的www/为www/data/；<br>make WITH_MYSQL=yes install clean<br>
安装完成后到/usr/local/www/data/squirrelmail目录下进行配置。<br>
cd /usr/local/www/data/squirrelmail;<br>
./configure<br>
修改域名：选择2——1——输入域名——r(返回)；<br>
修改语言：选择10——1——输入zh_CN<br>选择2——输入gb2312<br>
返回后保存再退出。<br>
修改php.ini<br>
ee /usr/local/etc/php.ini;<br>
register_globals = On<br>
session.auto_start = 1<br>
重启apache：/usr/local/etc/rc.d/apache.sh restart;<br>
8.2 小松鼠邮件系统汉化<br>
小松鼠本身支持很多语言，可下载相应的语言包。可到其主页去下载<br>
<a target=_blank href=http://www.squirrelmail.org/download.php>http://www.squirrelmail.org/download.php</a><br>
Locale package (contains translations for SquirrelMail) downloads on SourceForge<br>
下载汉化包，这里给出现在的汉化包：<br>
fetch <a target=_blank href=http://switch.dl.sourceforge.net/sourceforge/squirrelmail/zh_CN-1.4.4-20050308.tar.gz>http://switch.dl.sourceforge.net/sourceforge/squirrelmail/zh_CN-1.4.4-20050308.tar.gz</a><br>
8.3 汉化包安装<br>
tar zxvf zh_CN-1.4.4-20050308.tar.gz<br>
./install<br>
会提示：Please enter path to your squirrelmail installation:<br>
我们输入squirrelmail的安装路径：<br>
/usr/local/www/data/squirrelmail<br>
<br>
8.4 测试小松鼠邮件系统：<br>
<a target=_blank href=http://192.168.0.66/squirrelmail/src/configtest.php>http://192.168.0.66/squirrelmail/src/configtest.php</a><br>
如果一切顺利的话，那么你成功了。如果提示错误，请仔给细检查配置文件。<br>