make -f Makefile.in MAKELEVEL= Makefiles
(echo "# Do not edit -- this file documents how Postfix was built for your machine."; /bin/sh makedefs) >makedefs.tmp
makedefs:行726: gcc: 未找到命令
make: *** [Makefiles] 错误 1
make: *** [makefiles] 错误 2
未安装gcc
编译出现的错误2:
1
2
3
4
5
6
make -f Makefile.in MAKELEVEL= Makefiles
(echo "# Do not edit -- this file documents how Postfix was built for your machine."; /bin/sh makedefs) >makedefs.tmp
No <db.h> include file found.
Install the appropriate db*-devel package first.
make: *** [Makefiles] 错误 1
make: *** [makefiles] 错误 2
# postfix start
postfix/postfix-script: warning: not owned by postfix: /var/lib/postfix/.
postfix/postfix-script: warning: not owned by postfix: /var/lib/postfix/./master.lock
postfix/postfix-script: warning: not owned by postfix: /var/spool/postfix/private
postfix/postfix-script: warning: not owned by postfix: /var/spool/postfix/public
postfix/postfix-script: warning: not owned by group postdrop: /var/spool/postfix/public
postfix/postfix-script: starting the Postfix mail system
postfix/postfix-script: fatal: mail system startup failed
# postfix start
postfix/postfix-script: warning: not owned by postfix: /var/lib/postfix/.
postfix/postfix-script: starting the Postfix mail system
postfix/postfix-script: fatal: mail system startup failed
# yum install bind bind-utils
# vi /etc/named.conf
# listen-on port 53 { 127.0.0.1; };
# listen-on-v6 port 53 { ::1; }; ##注释或删除以上两行
# vi /etc/named.rfc1912.zones ##配置区域文件
zone "zhi.com" IN { ##定义正向区域
type master; ##定义为主域名服务器
file "zhi.com.zone"; ##指定区域资源文件位置
allow-update { none; }; ##禁止更新
allow-transfer { none;}; ##禁止区域传送
};
zone "10.168.192.in-addr.arpa" IN { ##定义反向区域
type master;
file "192.168.10.zone";
allow-update { none; };
allow-transfer { none;};
};
# named-checkconf /etc/named.conf ##检测配置
# cd /var/named/
# vi zhi.com.zone ##新建区域资源文件位置
$TTL 600
@ IN SOA ns.zhi.com admin.zhi.com. (
2015091111
2H
10M
3D
1D)
IN NS ns
IN MX 10 mail
www IN A 192.168.10.128
ns IN A 192.168.10.128
mail IN A 192.168.10.128
# cp zhi.com.zone 192.168.10.zone
# vi 192.168.10.zone
$TTL 600
@ IN SOA ns.zhi.com admin.zhi.com. (
2015091111
2H
10M
3D
1D)
IN NS ns.zhi.com.
1 IN PTR ns.zhi.com
1 IN PTR mail.zhi.com
1 IN PTR www.zhi.com
# named-checkzone "zhi.com" zhi.com.zone
zone zhi.com/IN: loaded serial 2015091111
OK
# named-checkzone "10.168.192.in-addr.arpa" 192.168.10.zone
zone 10.168.192.in-addr.arpa/IN: loaded serial 2015091111
OK
出现的错误:
1
2
3
# named-checkzone "10.168.192.in-addr.arpa" 192.168.10.zone
zone 10.168.192.in-addr.arpa/IN: NS 'ns.zhi.com.10.168.192.in-addr.arpa' has no address records (A or AAAA)
zone 10.168.192.in-addr.arpa/IN: not loaded due to errors.
原因:区域资源文件编辑不完整,切记NS记录后域名的“.”。
④更改权限并启动Bind
1
2
3
4
5
6
# chgrp named zhi.com.zone 192.168.10.zone ##更改组名
# chmod 640 zhi.com.zone 192.168.10.zone ##更改权限
# named-checkzone "zhi.com" zhi.com.zone ##检查语法
# named-checkzone "10.168.192.in-addr.arpa" 192.168.10.zone
# systemctl start named.service
# chkconfig named on
⑤测试DNS
1
# dig -t MX zhi.com @192.168.10.128 ##查看MX记录
1
# dig -t A mail.zhi.com ##查询A记录
1
# dig -t A mail.zhi.com @192.168.10.128
1
# dig -x 192.168.10.128 @192.168.10.128 ##查看反向解析
问题及解决方法:
1
2
3
4
5
6
7
8
# dig -t MX zhi.com @192.168.10.128
; <<>> DiG 9.9.4-RedHat-9.9.4-18.el7_1.5 <<>> -t MX zhi.com @192.168.10.128
;; global options: +cmd
;; connection timed out; no servers could be reached
# vi /etc/named.conf
# listen-on port 53 { 127.0.0.1; };
# listen-on-v6 port 53 { ::1; }; ##监听IP出错,更改或将该两行注释、删除
# systemctl restart named.service
五、为postfix开启基于cyrus-sasl的认证功能
①验证postfix是否支持cyrus风格的sasl认证
1
2
3
# /usr/sbin/postconf -a
cyrus
dovecot
②配置postfix
1
2
3
4
5
6
7
8
9
10
# vi /etc/postfix/main.cf
############################CYRUS-SASL############################
broken_sasl_auth_clients = yes ##使用SSL验证客户端身份
smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject_invalid_hostname,reject_non_fqdn_hostname,reject_unknown_sender_domain,reject_non_fqdn_sender,reject_non_fqdn_recipient,reject_unknown_recipient_domain,reject_unauth_pipelining,reject_unauth_destination ###收件人限定
smtpd_sasl_auth_enable = yes ##启用SSL认证
smtpd_sasl_local_domain = $myhostname ##SSL认证的本地域
smtpd_sasl_security_options = noanonymous ##不支持匿名用户
smtpd_sasl_path = smtpd ##指定需使用SSL认证的程序
smtpd_banner = Welcome to our $myhostname ESMTP,Warning: Version not Available!
##欢迎信息
# vi /etc/dovecot/dovecot-mysql.conf
driver = mysql
connect = host=localhost dbname=extmail user=extmail password=extmail
default_pass_scheme = CRYPT
password_query = SELECT username AS user,password AS password FROM mailbox WHERE username = '%u'
user_query = SELECT maildir, uidnumber AS uid, gidnumber AS gid FROM mailbox WHERE username = '%u'
1
2
# systemctl start dovecot.service
# chkconfig dovecot on
# cp /var/www/extsuite/extman/docs/mysql_virtual_* /etc/postfix/
##拷贝支持虚拟域和虚拟用户所用到的配置文件
# cd /var/www/extsuite/extman/docs
# sed -i 's/TYPE=MyISAM/ENGINE=MyISAM/g' extmail.sql
# sed -i 's/TYPE=MyISAM/ENGINE=MyISAM/g' init.sql ##对以上两文件进行更改,不然会导入错误
# mysql -u root -p < extmail.sql
# mysql -u root -p < init.sql ##导入以上两文件至MySQL数据库
# mysql -u root ##这里我们是默认的,没有密码
mysql> grant all on extmail.* to extmail@'localhost' identified by 'extmail';
mysql> grant all on extmail.* to extmail@'127.0.0.1' identified by 'extmail';
mysql> flush privileges; ##授予extmail用户访问extmail数据库权限并刷新权限
# tail -f /var/log/httpd/error_log
Prototype mismatch: sub Encode::IMAPUTF7::decode ($$;$) vs none at /var/www/extsuite/extman/libs/Encode/IMAPUTF7.pm line 76
解决方法:
1
2
3
4
5
6
7
# wget https://cpan.metacpan.org/author ... MAPUTF7-1.05.tar.gz
# tar -zxvf Encode-IMAPUTF7-1.05.tar.gz
# cd Encode-IMAPUTF7-1.05/
# perl Makefile.PL
# cd lib/Encode/
# cp IMAPUTF7.pm /var/www/extsuite/extman/libs/Encode/
# systemctl restart httpd.service
问题2:
新建用户后登录提示:
1
Insecure dependency in sprintf while running with -T switch at /usr/lib64/perl5/vendor_perl/Unix/Syslog.pm line 59.
解决方法:
1
2
# vi /var/www/extsuite/extmail/cgi/index.cgi
#!/usr/bin/perl -wT ##将该行的T去掉即可
问题3:
登录后台管理系统无法显示系统信息,提示No such file or directory,安装网络上说的
# ps aux | grep cmdserver
# kill -9 xxxx
# /var/www/extsuite/extman/daemon/cmdserver -v -d
并未解决问题,不知道是不是版本久远的原因啊