Sendmail+dovecot+saslauth+rainloop

lkoih

环境：CentOS 6.4（最小化安装）

关闭防火墙和selinux

Sendmail的配置文件
/etc/mail/sendmail.cf :Sendmail的主配置文件；
/etc/mail/access :中继访问控制；
/etc/mail/domaintable ;域名映射；
/etc/mail/local-host-names ;本地主机别名；
/etc/mail/mailertable :为特定的域指定特殊的路由规则；
/etc/mail/virtusertable :虚拟域配置
Sendmail为发送服务器

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15

[iyunv@localhost ~]# yum -y install sendmail sendmail-cf openssl-devel dovecot cyrus* [iyunv@localhost ~]# nslookup > mail.com Server: 192.168.100.243 Address:192.168.100.243#53 Name:mail.com Address: 192.168.100.243 > 192.168.100.243 Server: 192.168.100.243 Address:192.168.100.243#53 243.100.168.192.in-addr.arpaname = com. 243.100.168.192.in-addr.arpaname = mail.com. 243.100.168.192.in-addr.arpaname = aa.com. > exit [iyunv@localhost ~]#

或者

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15

[iyunv@localhost ~]# tail -1 /etc/hosts 192.168.100.243 mail.com mail mail.com.com localhost localhost.localdomain [iyunv@localhost ~]# [iyunv@localhost ~]# sed -i '/^\:OUTPUT ACCEPT/a\-A INPUT \-m state \-\-state NEW \-m tcp \-p tcp \-\-dport 25 \-j ACCEPT' /etc/sysconfig/iptables [iyunv@localhost ~]# sed -i '/^\:OUTPUT ACCEPT/a\-A INPUT \-m state \-\-state NEW \-m tcp \-p tcp \-\-dport 110 \-j ACCEPT' /etc/sysconfig/iptables [iyunv@localhost ~]# /etc/init.d/iptables restart iptables: Flushing firewall rules:                         [  OK  ] iptables: Setting chains to policy ACCEPT: filter          [  OK  ] iptables: Unloading modules:                               [  OK  ] iptables: Applying firewall rules:                         [  OK  ] [iyunv@localhost ~]# chkconfig iptables on [iyunv@localhost ~]# setenforce 0 [iyunv@localhost ~]# /etc/init.d/postfix stop Shutting down postfix:                                     [  OK  ] [iyunv@localhost ~]# chkconfig postfix off

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18

[iyunv@localhost ~]# echo 'mail.com RELAY' >>/etc/mail/access [iyunv@localhost ~]# echo '192.168.100. RELAY' >>/etc/mail/access [iyunv@localhost ~]# sed -i "/confCACERT_PATH/s/^dnl//g" /etc/mail/sendmail.mc [iyunv@localhost ~]# sed -i "/confCACERT_PATH/s/^[ \t]//g" /etc/mail/sendmail.mc [iyunv@localhost ~]# sed -i "/ca-bundle.crt/s/^dnl//g" /etc/mail/sendmail.mc [iyunv@localhost ~]# sed -i "/ca-bundle.crt/s/^[ \t]//g" /etc/mail/sendmail.mc [iyunv@localhost ~]# sed -i "/confSERVER_CERT/s/^dnl//g" /etc/mail/sendmail.mc [iyunv@localhost ~]# sed -i "/confSERVER_CERT/s/^[ \t]//g" /etc/mail/sendmail.mc [iyunv@localhost ~]# sed -i "/confSERVER_KEY/s/^dnl//g" /etc/mail/sendmail.mc [iyunv@localhost ~]# sed -i "/confSERVER_KEY/s/^[ \t]//g" /etc/mail/sendmail.mc [iyunv@localhost ~]# sed -i "/TRUST_AUTH_MECH/s/^dnl//g" /etc/mail/sendmail.mc [iyunv@localhost ~]# sed -i "/TRUST_AUTH_MECH/s/^[ \t]//g" /etc/mail/sendmail.mc [iyunv@localhost ~]# sed -i "/confAUTH_MECHANISMS/s/^dnl//g" /etc/mail/sendmail.mc [iyunv@localhost ~]# sed -i "/confAUTH_MECHANISMS/s/^[ \t]//g" /etc/mail/sendmail.mc [iyunv@localhost ~]# sed -i '/^DAEMON_OPTIONS/s/127\.0\.0\.1/0\.0\.0\.0/g' /etc/mail/sendmail.mc [iyunv@localhost ~]# sed -i '/UUCP_MAILER_MAX/s/2/4/g' /etc/mail/sendmail.mc      //限制附件的大小 [iyunv@localhost ~]# cd /etc/mail/ [iyunv@localhost mail]# m4 sendmail.mc > sendmail.cf

限制邮件的大小：

1 2	[iyunv@localhost ~]# sed -i '/MaxMessageSize/s/^#//g' /etc/mail/sendmail.cf [iyunv@localhost ~]# sed -i '/MaxMessageSize/s/0/4000000/g' /etc/mail/sendmail.cf

配置DOVECOT：

1	[iyunv@localhost ~]# sed -i '/protocols/s/^#//g' /etc/dovecot/dovecot.conf

如果不做下面的操作，会报：-ERR Plaintext authentication disallowed on non-secure (SSL/TLS) connections错误

1 2 3 4 5 6 7 8 9 10 11 12

[iyunv@localhost ~]# sed -i '/login_trusted_networks/s/^#//g' /etc/dovecot/dovecot.conf [iyunv@localhost ~]# sed -i '/login_trusted_networks/s/\=/\= 0\.0\.0\.0\/0/g' /etc/dovecot/dovecot.conf [iyunv@localhost ~]# sed -i '/INBOX\=/s/^#//g' /etc/dovecot/conf.d/10-mail.conf [iyunv@localhost ~]# sed -i '/INBOX\=/s/^[ \t]*//g' /etc/dovecot/conf.d/10-mail.conf [iyunv@localhost ~]# echo 'mail.com' >> /etc/mail/local-host-names [iyunv@localhost ~]# sed -i '/MECH\=/s/pam/shadow/' /etc/sysconfig/saslauthd [iyunv@localhost ~]# chkconfig sendmail on [iyunv@localhost ~]# chkconfig dovecot on [iyunv@localhost ~]# chkconfig saslauthd on [iyunv@localhost ~]# /etc/init.d/sendmail restart [iyunv@localhost ~]# /etc/init.d/dovecot restart [iyunv@localhost ~]# /etc/init.d/saslauthd restart

如果报-ERR [IN-USE] Couldn't open INBOX: Internal error occurred. Refer to server log for more information. 错误则

1	[yfshare@aa ~]$ mkdir -p /home/yfshare/mail/.imap/INBOX即可

在这里添加上即可（执行上面脚本也可）：

1 2 3 4 5

[iyunv@localhost ~]# tail -n 5 /etc/skel/.bashrc |head -n 3 if [ ! -d ~/mail/.imap/INBOX ];then mkdir -p ~/mail/.imap/INBOX fi [iyunv@localhost ~]#

1 2 3 4 5 6

[iyunv@localhost ~]# useradd yfshare [iyunv@localhost ~]# useradd bob [iyunv@localhost ~]# useradd jerry [iyunv@localhost ~]# passwd yfshare [iyunv@localhost ~]# passwd bob [iyunv@localhost ~]# passwd jerry

1 2 3 4 5 6 7 8 9

[iyunv@localhost ~]# echo -e "group1:\tyfshare,bob" >>/etc/aliases [iyunv@localhost ~]# newaliases /etc/aliases: 77 aliases, longest 11 bytes, 782 bytes total [iyunv@localhost ~]# /etc/init.d/sendmail restart Shutting down sm-client:                                   [  OK  ] Shutting down sendmail:                                    [  OK  ] Starting sendmail:                                         [  OK  ] Starting sm-client:                                        [  OK  ] [iyunv@localhost ~]#

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22

[iyunv@localhost ~]# saslauthd -v                //查看是否支持pam或shadow saslauthd 2.1.23 authentication mechanisms: getpwent kerberos5 pam rimap shadow ldap [iyunv@localhost ~]# testsaslauthd -u yfshare -p wang1024** 0: OK "Success." [iyunv@localhost ~]# testsaslauthd -u bob -p wang1024** 0: OK "Success." [iyunv@localhost ~]# testsaslauthd -u jerry -p wang1024** 0: OK "Success." [iyunv@localhost ~]# 如果显示0: OK “Success.”则表明saslauthd工作正常 [iyunv@localhost ~]# mailq             //查看sendmail队列 /var/spool/mqueue is empty   Total requests: 0 [iyunv@localhost ~]# [iyunv@localhost ~]# mailstats        //查看邮件系统的状态 Statistics from Wed Sep  9 17:41:02 2015 M   msgsfr  bytes_from   msgsto    bytes_to  msgsrej msgsdis msgsqur  Mailer ===================================================================== T        0          0K        0          0K        0       0       0 C        0                    0                    0 [iyunv@localhost ~]#

验证：

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18

[iyunv@localhost ~]# telnet mail.com 25 Trying 192.168.100.243... Connected to mail.com. Escape character is '^]'. 220 aa.com ESMTP Sendmail 8.14.4/8.14.4; Thu, 10 Sep 2015 14:03:34 +0800 mail from:yfshare@mail.com 250 2.1.0 yfshare@mail.com... Sender ok rcpt to:bob@mail.com 250 2.1.5 bob@mail.com... Recipient ok data 354 Enter mail, end with "." on a line by itself this is test mail~~~!! . 250 2.0.0 t8A63Yf6002353 Message accepted for delivery quit 221 2.0.0 aa.com closing connection Connection closed by foreign host. [iyunv@localhost ~]#

1 2 3 4 5

[bob@aa ~]$ mail Heirloom Mail version 12.4 7/29/08.  Type ? for help. "/var/spool/mail/bob": 1 message >   1 yfshare@mail.com      Thu Sep 10 14:05  13/471   &

注：如果用IMAP来接收邮件，在邮件帐号里面直接写用户名，不加@mail.com

上面搭建的邮件服务器是使用明文传输的，不安全。
下面给邮件服务器弄个SSL：（dovecot默认就支持pop3s和imaps）

pop3	110	pop3s	995
smtp	25	smtps	465
imap	143	imaps	993

生成sendmail.pem文件

1 2	[iyunv@localhost ~]# cd /etc/pki/tls/certs/ [iyunv@localhost certs]# make sendmail.pem

1 2 3 4 5 6

[iyunv@localhost ~]# head -n 63 /etc/mail/sendmail.mc |tail -n 4 define(`confCACERT_PATH', `/etc/pki/tls/certs')dnl define(`confCACERT', `/etc/pki/tls/certs/ca-bundle.crt')dnl define(`confSERVER_CERT', `/etc/pki/tls/certs/sendmail.pem')dnl define(`confSERVER_KEY', `/etc/pki/tls/certs/sendmail.pem')dnl [iyunv@localhost ~]#

开启SMTPS：

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24

[iyunv@localhost ~]# sed -i '/TLSMTA/s/^dnl//g' /etc/mail/sendmail.mc [iyunv@localhost ~]# sed -i '/TLSMTA/s/^[ \t]*//g' /etc/mail/sendmail.mc [iyunv@localhost ~]# cd /etc/mail/ [iyunv@localhost mail]# cp sendmail.cf sendmail.cf.bak [iyunv@localhost mail]# m4 sendmail.mc > sendmail.cf [iyunv@localhost ~]# yum -y install xinetd [iyunv@localhost ~]# /etc/init.d/xinetd restart [iyunv@localhost ~]# ll /etc/pki/tls/certs/sendmail.pem -rw------- 1 root root 2913 Sep 10 11:45 /etc/pki/tls/certs/sendmail.pem [iyunv@localhost ~]# [iyunv@localhost ~]# /etc/init.d/sendmail restart Shutting down sm-client:                                   [  OK  ] Shutting down sendmail:                                    [  OK  ] Starting sendmail:                                         [  OK  ] Starting sm-client:                                        [  OK  ] [iyunv@localhost ~]# [iyunv@localhost ~]# /etc/init.d/dovecot restart Stopping Dovecot Imap:                                     [  OK  ] Starting Dovecot Imap:                                     [  OK  ] [iyunv@localhost ~]# [iyunv@localhost ~]# /etc/init.d/saslauthd restart Stopping saslauthd:                                        [  OK  ] Starting saslauthd:                                        [  OK  ] [iyunv@localhost ~]#

1 2 3 4 5 6 7 8 9 10 11 12

[iyunv@localhost ~]# netstat -anp|grep dovecot|head -n 4 tcp        0      0 0.0.0.0:110                 0.0.0.0:*                   LISTEN      2642/dovecot         tcp        0      0 0.0.0.0:143                 0.0.0.0:*                   LISTEN      2642/dovecot         tcp        0      0 0.0.0.0:993                 0.0.0.0:*                   LISTEN      2642/dovecot         tcp        0      0 0.0.0.0:995                 0.0.0.0:*                   LISTEN      2642/dovecot         [iyunv@localhost ~]# [iyunv@localhost ~]# netstat -anp|grep sendmail tcp        0      0 0.0.0.0:465                 0.0.0.0:*                   LISTEN      2621/sendmail       tcp        0      0 0.0.0.0:25                  0.0.0.0:*                   LISTEN      2621/sendmail       unix  2      [ ]         DGRAM                    15538  2629/sendmail: Queu unix  2      [ ]         DGRAM                    15523  2621/sendmail       [iyunv@localhost ~]#

测试成功：a/b/c三个用户，group包含a/b用户，c给a发送邮件并抄送给group，这时a只会收到一封邮件，Sendmail会过滤掉相同mailID的邮件。而Postfix则会给a发送两封一模一样的邮件

1 2 3 4 5 6 7 8 9

[iyunv@localhost ~]# mailstats Statistics from Thu Sep 10 14:05:06 2015 M   msgsfr  bytes_from   msgsto    bytes_to  msgsrej msgsdis msgsqur  Mailer 4        4         12K        0          0K        0       0       0  esmtp 9       10         27K       16         40K        3       0       0  local ===================================================================== T       14         39K       16         40K        3       0       0 C       16                    0                    3 [iyunv@localhost ~]#

如果把这行注释掉，Sendmail就不支持smtp发送邮件了，只支持smtps发送邮件



安装rainloop：

1 2 3 4 5 6 7 8 9 10

[iyunv@localhost ~]# yum -y install php* [iyunv@localhost ~]# unzip rainloop-latest.zip  -d /var/www/html/ [iyunv@localhost ~]# chown apache:apache /var/www/html/* -R [iyunv@localhost ~]# sed -i '/^DirectoryIndex/s/html/html index.php/g' /etc/httpd/conf/httpd.conf [iyunv@localhost ~]# sed -i '/post_max_size/s/8/4/g' /etc/php.ini [iyunv@localhost ~]# sed -i '/upload_max_filesize/s/2/3/g' /etc/php.ini [iyunv@localhost ~]# /etc/init.d/httpd restart Stopping httpd:                                            [  OK  ] Starting httpd:                                            [  OK  ] [iyunv@localhost ~]# chkconfig httpd on

访问：http://192.168.100.243/?admin进入后台管理


不允许用户添加其他的账户

添加个性化标题：
访问：http://192.168.100.243进入web mail

如果出现无法载入邮件，把下面这个改成off，保存配置后再登录即可

1 2 3

[iyunv@localhost ~]# grep autocreate_system_folders /var/www/html/data/_data_/_default_/configs/application.ini autocreate_system_folders = On [iyunv@localhost ~]#

你应该知道的最好Webmail邮件客户端