Build the most popular mail system in CentOS-extmail

Source: Internet
Author: User
Tags dovecot nameserver

Currently, the mail server wants to own its own mail server. Using senmail alone, postfix can no longer meet users' needs. More and more enterprises are using extmail to build enterprise-level mail servers.

What are the requirements for the email server we use?

1. Supports page registration and sending credit. // Meet users' basic needs

2. Free registration is supported. // Easy to use

3. Network disks are supported. // Save resources

4. Use a virtual account. // High Security

Its architecture diagram:

In this architecture:

1. postfix implements the mail sending server role.

2. dovecot is the role of the email receiving server.

3. extmail uses the web interface to send and receive letters.

4. register the same extman page as an extman user

5. mysql database, which stores user account information

6. cyrus-sasl courier-authlib for User Authentication

Configuration process:

1. Preparations for installing extmail

1.1 install the rpm package of the required basic service

Yum install httpd mysql-server mysql-devel openssl-devel dovecot perl-DBD-MySQL tcl-devel libart_lgpl libart_lgpl-devel libtool-ltdl-devel plain CT

1.2 Disable sendmail and disable its auto-start function with the system:

# Service sendmail stop

# Chkconfig sendmail off

1.3 install the rpm package used by the following development:

Development Libraries

Development Tools

Legacy Software Development

X Software Development

1.4 start the mysql database and set the password for the root user of mysql:

# Service mysqld start

# Chkconfig mysqld on

# Mysqladmin-u root password '123'


--------------------------------- Authorize a local user

Set password for root @ 'localhost' = PASSWORD ('redhat ');

Set password for root @ '2014. 0.0.1 '= PASSWORD ('redhat ');

Flush privileges;

------------------------------- Authorize a remote user

Grant all privileges on *. * TO root @ '%' identified by 'redhat ';

Flush privileges;

1.5 start the saslauthd service and add it to the Automatic startup queue:

# Service saslauthd start

# Chkconfig saslauthd on

1.6 Start the httpd service and add it to the auto start queue

2. Configure the local DNS Server

2.1 install software packages related to the dns server

Yuminstall bind-chroot caching-nameserver

2.2 edit the master configuration file


Cp-p named. caching-nameserver.confnamed.conf

2.3 declare DNS Region


Cp-p localhost. zone zone

Vim zone

2.4 edit the hostname of the system server

2.5 edit DNS pointing

2.6 start the service and test the resolution result

[Root @ extmailnamed] # service named start

Startingnamed: [OK]

3. Install the postfix service [Source Code]

Data packets and versions:

The Unix-Syslog-0.100.tar.gz syslog mechanism is responsible for sending and recording information generated by the system kernel and tools.

Courier-authlib-0.63.0.tar.bz2 combines Mail and verification (courier-authlib) to implement mysql database Verification

The extmail-1.2.tar.gz provides webpage messaging capabilities.

Extman-1.1.tar.gz provides user registration.

The primary program for postfix-2.8.2.tar.gz postfix mail.

3.1 Postfix

3.1.1 create a postfix account and user group

# Groupadd-g 2525 postfix

# Useradd-g postfix-u 2525-s/sbin/nologin-M postfix

//-M does not create the user's home directory

# Groupadd-g 2526 postdrop

# Useradd-g postdrop-u 2526-s/bin/false-M postdrop

// Postdrop is used for queue management and mail delivery.

3.1.2 disassembling postfix data packets

# Tar-zxvf postfix-2.6.5.tar.gz

3.1.3 configuration and installation

# Makemakefiles

'Ccargs =-DHAS_MYSQL-I/usr/include/mysql // specifies to be combined with mysql

-DUSE_SASL_AUTH-DUSE_CYRUS_SASL-I/usr/include/sasl // Well-known sasl

-DUSE_TLS ''AUXLIBS =-L/usr/lib/mysql-l mysqlclient // specify mysql files


Note: If you use an rpm package for installation, you do not need to specify mysql-related information.

# Make install. During the make install process, postfix allows you to select some paths.

Install_root: [/] // specifies the directory of the installed file. By default, different files are stored in different directories. For example, common user commands are stored in the/usr/bin directory.

Tempdir: [/usr/local/src/postfix-2.6.5]/tmp // specifies the directory where some temporary files are stored.

Config_directory: [/etc/postfix]/etc/postfix // specifies the directory where the configuration file is located

Daemon_directory: [/usr/libexec/postfix]

Command_directory: [/usr/sbin] // specifies the command used by the Administrator.

Queue_directory: [/var/spool/postfix] // specify the mail queue directory

Sendmail_path: [/usr/sbin/sendmail] // specify the sendmail command directory

Newaliases_path: [/usr/bin/newaliases] // directory where the command to create a user alias is located

Mailq_path: [/usr/bin/mailq]

Mail_owner: [postfix]

Setgid_group: [postdrop] // message queue and Management directory

Html_directory: [no]/var/www/postfix_html

Manpages: [/usr/local/man]

Readme_directory: [no]

3.1.4 postfix control script

1. You can write your own startup script.

#! /Bin/bash

# Postfix PostfixMail Transfer Agent

# Description: Postfix is a Mail Transport Agent, which is theprogram \

# That movesmail from one machine to another.

# Processname: master

# Pidfile:/var/spool/postfix/pid/master. pid

# Config:/etc/postfix/main. cf

# Config:/etc/postfix/master. cf

# Based on startup script from Simon J Mudd <>

#25/02/99: Mostly s/sendmail/postfix/g by John A. Martin <>

#23/11/00: Changes & suggestions by Ajay Ramaswamy <>

#20/01/01: Changes to fall in line with RedHat 7.0 style

#23/02/01: Fix a few untidy problems with help from DanielRoesen.

# Source function library.

./Etc/rc. d/init. d/functions

# Source networking configuration.


[$ {NETWORKING} = "no"] & exit 0 // first determine whether the network is connected. If no email cannot be sent, the service will not start.

[-X/usr/sbin/postfix] | exit 0

[-D/etc/postfix] | exit 0

[-D/var/spool/postfix] | exit 0

Start (){

# Start daemons.

Echo-n $ "Starting postfix :"


[$ RETVAL-eq 0] & touch/var/lock/subsys/postfix


Stop (){

# Stop daemons.

Echo-n $ "Shutting down postfix :"

/Usr/sbin/postfixstop 2>/dev/null 1> & 2 & success | failure $ "$ progstop"


[$ RETVAL-eq 0] & rm-f/var/lock/subsys/postfix


Return $ RETVAL


Reload (){

Echo-n $ "Reloading postfix :"



Return $ RETVAL


Abort (){

Return $?


Flush (){

Return $?


Check (){

Return $?


Restart (){


# See how we were called.

Case "$1" in
























Status master



[-F/var/lock/subsys/postfix] & restart |:



Echo $ "Usage: $0 {start | stop | restart | reload | abort | flush | check | status | condrestart }"

Exit 1


Exit $?

2. Copy the postfix STARTUP script in the rpm package of the CD to use



Rpm2cpiopostfix-2.3.3-2.1.el5_2.i386.rpm | cpio-id // disassemble rpm

Cd/tmp/abc/etc/rc. d/init. d

Cp-p postfix/etc/init. d/postfix

3.1.5 perform simple postfix configuration and edit the/etc/postfix/main. cf file.

75 myhostname =

83 mydomain =

98 myorigin =

113 inet_interfaces = all
161 mydestination = $ myhostname, localhost. $ mydomain, localhost, $ mydomain

260 mynetworks =,127.0 .0.0/8


The myorigin parameter is used to specify the domain name of the sender;

The mydestination parameter specifies the Domain Name of the recipient when the postfix receives the mail, that is, the mail of the domain name to be received by your postfix system;

The myhostname parameter specifies the Host Name of the host running the postfix mail system. By default, the value is set to the local machine name;

The mydomain parameter specifies your domain name. By default, postfix deletes the first part of myhostname as the value of mydomain;

The mynetworks parameter specifies the network address of your network. The postfix system determines whether the user is remote or local based on the value. If the user is a local network, the user is allowed to access the network;

The inet_interfaces parameter specifies the network interface that the postfix system listens;


1. In the postfix configuration file, the parameter line and comment line cannot be in the same line;

2. No quotation marks are required for the value of any parameter. Otherwise, quotation marks are used as part of the parameter value;

3. Execute postfix reload after each parameter and its value to make it take effect. However, if inet_interfaces is modified, You need to restart postfix;

4. If a parameter has multiple values, you can place them in different rows. You only need to set a space before each row; postfix regards the text line with the first character as a space or a tab as a continuation of the previous line;

3.1.6 mail sending and receiving Test

Create user1 and use telnet to connect to port 25

3.2 postfix and sasl authentication

3.2.1 install sasl-related software packages





3.2.2 generate the smtp. conf file that combines postfix and sasl

Cp-p/usr/lib/sasl2/Sendmail. conf/usr/lib/sasl2/smtpd. conf

3.2.3 restart the saslauthd service

Chkconfig saslauthd on

3.2.4 configure main. cf for postfix and add the sasl authentication function

############################ CYRUS-SASL ########### #################

Broken_sasl_auth_clients = yes

Smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, rejec

T_invalid_hostname, reject_non_fqdn_hostname, reject_unknown_sender_domain, reject_non_fqdn_sender, identifier, identifier, reject_unauth_pipelining, reject_unauth_destination

Smtpd_sasl_auth_enable = yes // start Authentication

Smtpd_sasl_local_domain = $ myhostname // set the sasl startup domain

Smtpd_sasl_security_options = noanonymous // Anonymous is not allowed

Smtpd_banner = Welcome to our $ myhostname ESMTP, Warning: Version not

Available! // Display the ehlo information in the telnet command

3.2.5 Verification

Restart the postfix saslauthd service

Set saslauthd to start chkconfig saslauthd on

3.3 Use courier-authlib to implement integration with mysql

3.3.1 unpacking

# Tar -jxvfcourier-authlib-

3.3.2 configure, compile and install

# Cd/usr/local/src/courier-authlib-

#./Configure \

-- Prefix =/usr/local/courier-authlib \ // specify the installation path

-- Sysconfdir =/etc \ // specifies the location of the configuration file

-- With-authmysql \ // indicates that mysql is used for verification.

-- With-mysql-libs =/usr/lib/mysql \ // specifies the mysql Library File

-- With-mysql-connector des =/usr/include/mysql \ // header file of mysql

-- With-redhat \ // redhat System Optimization

-- With-authmysqlrc =/etc/authmysqlrc \

// Database used for authmysqlrc record verification

-- With-authdaemonrc =/etc/authdaemonrc \

// Authdaemonrc indicates which modules are called during verification

-- With-ltdl-lib =/usr/lib \ // if no value is added, an error is returned.

-- With-ltdl-include =/usr/include // No or error

# Make & make install

3.3.3 process installed header files and library files

Header file

# Vim/etc/ld. so. conf. d/courier-authlib.conf


# Ldconfig

# Ldconfig-pv | grep courier-authlib

Library files

# Mkdir/usr/include/courier-authlib

# Ln-s/usr/local/courier-authlib/include/*/usr/include/courier-authlib/

3.3.4 access method

A service similar to mysql uses port access to access the mysql service through a direct port.

However, courier-authlib does not have a port. It is accessed by the sock file. Accessing a file is equivalent to accessing the service.

# Chmod 755/usr/local/courier-authlib/var/spool/authdaemon

// After courier-authlib is run, the sock file is in the authdaemon directory.

# Cp/etc/authdaemonrc. dist/etc/authdaemonrc

# Cp/etc/authmysqlrc. dist/etc/authmysqlrc


27 authmodulelist = "authmysql"

// Multiple modules are installed by default. Only authmysql is left after deletion.

34 authmodulelistorig = "authmysql"

53 daemons = 5 // Number of threads supported during work

60 authdaemonvar =/usr/local/courier-authlib/var/spool/authdaemon

// Position of the sock file after the service is started

# Vim/etc/authmysqlrc

26 MYSQL_SERVER localhost



49 MYSQL_SOCKET/var/lib/mysql. sock

// When the mysql file version is earlier than 3.22, specify the file sock location

56. MYSQL_PORT 3306




// Encrypt the password field



// The default value is 'uid'. the user logs on to the mail server using the account and uses a virtual account. The virtual account must correspond to the local account, the local account is the original postfix account, whose uid is 2525.


128 MYSQL_LOGIN_FIELD username

// In the mailbox table, which field is used for user verification?

128 MYSQL_LOGIN_FIELD concat ('/var/mailbox/', homedir)

// Use the concat function to bind the user's home directory to/var/mailbox


// Name field in the database

150 MYSQL_MAILDIR_FIELD concat ('/var/mailbox/', maildir)

3.3.5 Automatic startup of control script upon startup

# Cd/usr/local/src/courier-authlib-

# Cp-p courier-authlib.sysvinit/etc/init. d/courier-authlib

# Chmod a + x/etc/init. d/courier-authlib

[Root@extmailcourier-authlib-] # service courier-authlib start

StartingCourier authentication services: authdaemond started successfully

# Cd/usr/local/courier-authlib/var/spool/authdaemon

Chkconfigcourier-authlib on // automatically starts upon startup

3.3.6 create the mailbox directory in the configuration file to store users.

# Mkdir-pv/var/mailbox

# Chown-R postfix/var/mailbox

3.3.7 combine courier-authlib with cyrus-sasl.

# Vim/usr/lib/sasl2/smtpd. conf

1 pwcheck_method: authdaemond

2 log_level: 3

3 mech_list: PLAIN LOGIN

4 authdaemond_path:/usr/local/courier-authlib/var/spool/authdaemon/socket

3.4 postfix supports virtual domains and virtual users

1. edit/etc/postfix/main. cf and add the following content:

######################## VirtualMailboxSettings ############### #####

Virtual_mailbox_base =/var/mailbox

Virtual_mailbox_maps = mysql:/etc/postfix/

Virtual_mailbox_domains = mysql:/etc/postfix/

Virtual_alias_domains =

Virtual_alias_maps = mysql:/etc/postfix/

Virtual_uid_maps = static: 2525

Virtual_gid_maps = static: 2525

Virtual_transport = virtual

Maildrop_destination_recipient_limit = 1

Maildrop_destination_concurrency_limit = 1

########################## Quotaset ############# ##########

Message _ size_limit = 14336000

Virtual_mailbox_limit = 20971520

Virtual_create_maildirsize = yes

Virtual_mailbox_extended = yes

Virtual_mailbox_limit_maps = mysql:/etc/postfix/

Virtual_mailbox_limit_override = yes

Virtual_maildir_limit_message = Sorry, the user's maildir has overdrawn his diskspace quota, please Tidy yourmailbox and try again later.

Virtual_overquota_bounce = yes

After enabling the virtual domain, you need to cancel the center domain, that is, comment out the myhostname, mydestination, mydomain, and myorigin commands. Of course, you can also change the value of mydestionation to what you need.

4. Extman --- configure virtual domains

4.1 Extman installation and configuration

4.1.1 unpacking

# Tar-zxvf extman-1.1.tar.gz-C/usr/local/src/

4.1.2 import relevant information to the database

# Cd/usr/local/src/extman-1.1/docs

The extmail. SQL file provides the table information that needs to be created in the database.

4.1.3 grant extmail database permissions to users

Mysql> grant all privileges on extmail. * to extmail @ localhost identified by 'extmail ';

QueryOK, 0 rows affected( 0.00 sec)

Mysql> flush privileges;

QueryOK, 0 rows affected( 0.00 sec)

4.1.4 enable postfix to support virtual domains

5. Dovecot

5.1 install dovecot-1.0.7-7.el5 services

5.2 edit the configuration file/etc/dovecot. conf

211mail_location = maildir:/var/mailbox/% d/% n/Maildir

// Maildir indicates the directory type,/var/mailbox indicates the location where the email is stored, % d indicates the domain, % n indicates the user name, And Maildir indicates the directory where the user stores the email.

5.3 edit dovecot Verification

Disable 795 # passdbpam {

828 #} // because we use the mysql database for verification, pam verification is not required.

869 passdb SQL {

870 # Path for SQL configuration file, see doc/dovecot-sql-example.conf

871 args =/etc/dovecot-mysql.conf


// Compares the user's password

930 userdbsql {

931 # Path for SQL configuration file, see doc/dovecot-sql-example.conf

932 args =/etc/dovecot-mysql.conf


// Used to compare user accounts


In this case, dovecot can be started, but the port is not enabled.

5.4 edit the dovecot-mysql.conf file to illustrate how dovecot connects to the database

# Vim/etc/dovecot-mysql.conf

Driver = mysql

Connect = host = localhost dbname = extmail user = extmailpassword = extmail

Default_pass_scheme = CRYPT

Password_query = SELECT username AS user, password ASpassword FROM mailbox WHERE username = '% U'

User_query = SELECT maildir, uidnumber AS uid, gidnumber AS gid FROM mailbox WHERE username = '% U'

5.5 test:

Restart the dovecot service and view logs.

5.6 specify the home directory for receiving emails in postfix

Modify/etc/postfix/main. cf

415 home_mailbox = Maildir // open the comment

6. Extmail

6.1 unpack the package and go to the relevant directory

# Tar -zxvfextmail-1.2.tar.gz-C/usr/local/src

# Cd/usr/local/src/extmail-1.2

6.2 mobile extmail directory

# Mkdir-pv/var/www/extsuite // create a directory

# Music extmail-1.2/var/www/extsuite/extmail

# Cd/var/www/extsuite/extmail-1.2/

6.3 modify the files in the cgi directory

6.4 modify the extmail configuration file

# Mv webmail. cf. default webmail. cf

# Vim webmail. cf

104 SYS_MESSAGE_SIZE_LIMIT = 5242880 // maximum email size that a user can send

77 SYS_USER_LANG = zh_CN // set the language to Chinese

127 SYS_MAILDIR_BASE =/var/mailbox // set the directory for storing user emails

139 SYS_MYSQL_USER = extmail

140 SYS_MYSQL_PASS = extmail // user and password used to connect to the database

142 SYS_MYSQL_HOST = localhost // specify the Host Name of the database server because

The user connects to the server to interact with the database, which is equivalent to local

145 SYS_MYSQL_TABLE = mailbox



148 SYS_MYSQL_ATTR_PASSWD = password

// Specify the table used for positive user logon and the name of the column corresponding to the username, domain name, and user password.

197: SYS_AUTHLIB_SOCKET =/usr/local/courier-authlib/var/spool/authdaemon/socket

// Specifies the location of the authdaemosocket file to enable postfix to pass Database Authentication

7. apache configuration

7.1 use a VM to log on to the master configuration file.

992 <VirtualHost *: 80>

993 ServerName

994 DocumentRoot/var/www/extsuite/extmail/html/

995 ScriptAlias/extmail/cgi/var/www/extsuite/extmail/cgi

996 Alias/extmail/var/www/extsuite/extmail/html

997 </VirtualHost>

7.2 # vi/etc/httpd. conf

231 User postfix

232 Group postfix

// Because extmail requires local mail delivery, you must change the identity of the user running apache server to the postfix of the mail delivery agent.

7.3 Test

We need a patch.

8. Unix-Syslog patch

# Tar-zxvf Unix-Syslog-1.1.tar.gz

# Cd Unix-Syslog-1.1


However, the user cannot register at this time, because extman is not configured yet.

9. Implement User Registration using extman

9.1 unpack and move

# Tar zxvf extman-1.1.tar.gz

# Music extman-1.1/var/www/extsuite/extman

[Root @ extmailexman] # mv webman. cf. default webman. cf

9.2 modify the configuration file

12 SYS_MAILDIR_BASE =/var/mailbox

// Set the user mail storage directory


9.3 modify the owner of the cgi directory:

# Chown-R postfix. postfix/var/www/extsuite/extman/cgi/

9.4 Add:

997 ScriptAlias/extman/cgi/var/www/extsuite/extman/cgi

998 Alias/extman/var/www/extsuite/extman/html

9.5 create a temporary directory required for running and modify its permissions:

# Mkdir-pv/tmp/extman

# Chownpostfix. postfix/tmp/extman

This article is from the "LN __@ linux" blog, please be sure to keep this

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.