海运的博客

Postfix和Dovecot配置Mysql虚拟用户

发布时间:March 26, 2014 // 分类:Mail // No Comments

安装:

yum install dovecot-mysql

新建数据库:

CREATE DATABASE mailserver;
GRANT SELECT ON mailserver.* TO 'mailuser'@'127.0.0.1' IDENTIFIED BY 'mailuserpass';
FLUSH PRIVILEGES;
USE mailserver;

#虚拟域表
CREATE TABLE `virtual_domains` (
  `id` int(11) NOT NULL auto_increment,
  `name` varchar(50) NOT NULL,
  PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;

#虚拟用户表
CREATE TABLE `virtual_users` (
  `id` int(11) NOT NULL auto_increment,
  `domain_id` int(11) NOT NULL,
  `password` varchar(106) NOT NULL,
  `email` varchar(100) NOT NULL,
  PRIMARY KEY (`id`),
  UNIQUE KEY `email` (`email`),
  FOREIGN KEY (domain_id) REFERENCES virtual_domains(id) ON DELETE CASCADE
) ENGINE=InnoDB DEFAULT CHARSET=utf8;

#虚拟用户别名
CREATE TABLE `virtual_aliases` (
  `id` int(11) NOT NULL auto_increment,
  `domain_id` int(11) NOT NULL,
  `source` varchar(100) NOT NULL,
  `destination` varchar(100) NOT NULL,
  PRIMARY KEY (`id`),
  FOREIGN KEY (domain_id) REFERENCES virtual_domains(id) ON DELETE CASCADE
) ENGINE=InnoDB DEFAULT CHARSET=utf8;

添加测试数据:
INSERT INTO `mailserver`.`virtual_domains`
  (`name`)
VALUES
  ('haiyun.me');
INSERT INTO `mailserver`.`virtual_users`
  (`domain_id`, `password` , `email`)
VALUES
  ('1', ENCRYPT('password', CONCAT('$6$', SUBSTRING(SHA(RAND()), -16))), 'user@haiyun.me');
INSERT INTO `mailserver`.`virtual_aliases`
  (`domain_id`, `source`, `destination`)
VALUES
  ('1', 'alias@haiyun.me', 'user@haiyun.me');

Postfix添加以下配置:

virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf
virtual_alias_maps = mysql:/etc/postfix/mysql-virtual-alias-maps.cf
#使用dovecot lmtp交付虚拟域邮件,省却postfix配置用户邮件目录及权限问题
virtual_transport = lmtp:unix:private/dovecot-lmtp 
#使用dovecot验证,后面dovecot配置
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes

smtpd_recipient_restrictions =
        permit_sasl_authenticated,
        permit_mynetworks,
        reject_unauth_destination

配置Postfix支持Mysql查询表:

#虚拟域
/etc/postfix/mysql-virtual-mailbox-domains.cf
user = mailuser
password = mailuserpass
hosts = 127.0.0.1
dbname = mailserver
query = SELECT 1 FROM virtual_domains WHERE name='%s'
#虚拟用户
/etc/postfix/mysql-virtual-mailbox-maps.cf 
user = mailuser
password = mailuserpass
hosts = 127.0.0.1
dbname = mailserver
query = SELECT 1 FROM virtual_users WHERE email='%s'
#虚拟别名
/etc/postfix/mysql-virtual-alias-maps.cf 
user = mailuser
password = mailuserpass
hosts = 127.0.0.1
dbname = mailserver
query = SELECT destination FROM virtual_aliases WHERE source='%s'

测试查询:

postmap -q haiyun.me mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf
postmap -q user@haiyun.me mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf
postmap -q alias@haiyun.me mysql:/etc/postfix/mysql-virtual-alias-maps.cf

Dovecot配置:

/etc/dovecot/conf.d/10-mail.conf 
mail_location = maildir:/var/mail/vhosts/%d/%n

/etc/dovecot/conf.d/10-auth.conf
auth_verbose = yes  # 认证详细日志  
auth_debug = yes    # 认证debug
disable_plaintext_auth = no #开启明文验证
auth_mechanisms = plain login #支持验证方法
#!include auth-system.conf.ext #取消默认系统验证
!include auth-sql.conf.ext #使用mysql验证

/etc/dovecot/conf.d/auth-sql.conf.ext
#用户验证
passdb {
  driver = sql
  args = /etc/dovecot/dovecot-sql.conf.ext
}
#用户邮箱目录 %d为domain,%n为user
userdb {
  driver = static
  args = uid=vmail gid=vmail home=/var/mail/vhosts/%d/%n
}

/etc/dovecot/dovecot-sql.conf.ext
driver = mysql
connect = host=127.0.0.1 dbname=mailserver user=mailuser password=mailuserpass
default_pass_scheme = SHA512-CRYPT
password_query = SELECT email as user, password FROM virtual_users WHERE email='%u';

/etc/dovecot/conf.d/10-master.conf
#lmtp服务,postfix通过lmtp交付邮件
service lmtp {
 unix_listener /var/spool/postfix/private/dovecot-lmtp {
   mode = 0600
   user = postfix
   group = postfix
  }
}
#验证服务,postfix也通过此验证用户
service auth {
  unix_listener /var/spool/postfix/private/auth {
    mode = 0666
    user = postfix
    group = postfix
  }
  unix_listener auth-userdb {
    mode = 0600
    user = vmail
    #group =
  }
  user = dovecot
}
service auth-worker {
  user = vmail
}

新建用户用以访问邮件目录数据:

useradd -M -u 5000 vmail -d /var/mail -s /sbin/nologin 
chown -R vmail:vmail /var/mail/

参考:https://library.linode.com/email/postfix/postfix2.9.6-dovecot2.0.19-mysql

此内容被密码保护

发布时间:November 22, 2013 // 分类:Mail // No Comments

请输入密码访问

此内容被密码保护

发布时间:November 21, 2013 // 分类:Mail // No Comments

请输入密码访问

此内容被密码保护

发布时间:November 20, 2013 // 分类:Mail // No Comments

请输入密码访问

此内容被密码保护

发布时间:November 16, 2013 // 分类:Mail // No Comments

请输入密码访问

分类
最新文章
最近回复
  • bubble: 现在linux 4.9以上的内核有个bbr的参数,用这个bbr比用锐速效果更好,可参考我的博文...
  • wang: openwrt 只有 tmp/etc/miniupnpd.conf 修改后又重置了,其他路径找...
  • wbq: 可以了 只是https透明代理如何做呢?
  • wbq: 你的这个配置需要浏览器设置代理ip+port, 现在假设不设置,只配置客户端网关为Nginx那...
  • wbq: 您好,想用Nginx做个透明代理,客户端机器配置下网关(即Nginx那台机器),客户端dns配...
  • ccc: 可以提供易调用openssl常用函数吗?
  • 夜未央: 在centos7 下面 貌似转换不了。有人遇到过么????
  • brian: 博主你好,请教一个问题。我使用fprobe进行将交换机流量转换成netflow时是没有问题的,...
  • 吴昊: 学习了,感谢博主分享
  • dabral: Are there any other security restrictions in pl...