Rotten mud: virtual user configuration of Postfix mail server, postfix Mail Server
This document consistsIlanniwebProviding friendship sponsorship, first launchedThe world
For more articles, follow my ilanniweb
In the previous article "mud: software installation and configuration for building a Postfix Mail Server", we introduced the software required for building a psotfix mail server and the basic configuration of each software.
Currently, users can log on to the postfix email server through the system. However, for ease of management and system security, we generally use the postfix virtual user to manage mail users.
The principle of Postfix is to first create a user in the system. the user cannot log on to the system, and then map all the mail users to the Home Directory of the system users.
For OS, all operations are performed by this user, but for postfix mail users, they are independent. This is similar to the vsftpd virtual user principle, and then all mail users are managed through postfixadmin.
For postfix virtual users, we need to make different configurations according to different software. Only the cooperation of each software can achieve the goal of sending and receiving mails freely. Next we will introduce them separately.
1. Configure virtual users with postfix
To support virtual users, there are many configuration files to be modified for postfix.
1.1
Modify the main. cf file
First, modify the main configuration file main. cf of the postfix as follows:
Vim/etc/postfix/main. cf
Queue_directory =/var/spool/postfix
Command_directory =/usr/sbin
Daemon_directory =/usr/libexec/postfix
Data_directory =/var/lib/postfix
Mail_owner = postfix
Myhostname = mail.ilanni.com
Mydomain = ilanni.com
Myorigin = $ mydomain
Inet_interfaces = all
Mydestination = $ myhostname, localhost. $ mydomain, localhost
Local_recipient_maps =
Unknown_local_recipient_reject_code = 550
Alias_maps = hash:/etc/aliases
Alias_database = hash:/etc/aliases
Debug_peer_level = 2
Debugger_command =
PATH =/bin:/usr/local/bin:/usr/X11R6/bin
Ddd $ daemon_directory/$ process_name $ process_id & sleep 5
Sendmail_path =/usr/sbin/sendmail. postfix
Newaliases_path =/usr/bin/newaliases. postfix
Mailq_path =/usr/bin/mailq. postfix
Setgid_group = postdrop
Html_directory = no
Manpage_directory =/usr/share/man
Sample_directory =/usr/share/doc/postfixed-2.6.6/samples
Readme_directory =/usr/share/doc/postfix-2.6.6/README_FILES
# Enable SMTP authentication
Smtpd_sasl_type = dovecot
Smtpd_sasl_path =/var/spool/postfix/private/auth
Smtpd_sasl_application_name = smtpd
Smtpd_sasl_auth_enable = yes
Smtpd_sasl_local_domain = $ myhostname
Broken_sasl_auth_clients = yes
Smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_unknown_sender_domain
Smtpd_sasl_security_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
Smtpd_client_restrictions = permit_sasl_authenticated
Smtpd_sasl_security_options = noanonymous
Proxy_read_maps = $ region $ mydestination $ virtual_alias_maps $ region $ virtual_mailbox_maps $ region $ relay_domains $ canonical_maps $ region $ relocated_maps $ transport_maps $ mynetworks $ Region
# Enable virtual users
Virtual_mailbox_base =/Home/vmail/
Virtual_mailbox_domains = proxy: mysql:/etc/postfix/SQL/mysql_virtual_domains_maps.cf
Virtual_alias_maps =
Proxy: mysql:/etc/postfix/SQL/mysql_virtual_alias_maps.cf,
Proxy: mysql:/etc/postfix/SQL/mysql_virtual_alias_domain_maps.cf,
Proxy: mysql:/etc/postfix/SQL/mysql_virtual_alias_domain_catchall_maps.cf
Virtual_mailbox_maps =
Proxy: mysql:/etc/postfix/SQL/mysql_virtual_mailbox_maps.cf,
Proxy: mysql:/etc/postfix/SQL/mysql_virtual_alias_domain_mailbox_maps.cf
Virtual_uid_maps = static: 5000
Virtual_gid_maps = static: 5000
Virtual_transport = dovecot
Dovecot_destination_recipient_limit = 1
Note: In the postfix main configuration file, note that I have already marked it. Note that the virtual user we have enabled here is "mud: the vmail user created in the preparations for setting up the Postfix mail server. The id of this user is 5000. Therefore, the home directory/home/vmail/of vmail is displayed in the main postfix configuration file /, and vmail id 5000.
In all the following operations, if there is vmail-related information, it is associated with this user.
1.2
Modify the master. cf file
Add the following code to the master. cf file:
Vim/etc/postfix/master. cf
Dovecot unix-n-pipe
Flags = DRhu user = vmail: vmail argv =/usr/libexec/dovecot-lda-f $ {sender}-d $ {recipient}
1.3
Database Connection Files
There are 7 database-related files. Before creating the configuration file, we need to create an SQL directory in the/etc/postfix/directory to store these configurations as follows:
Mkdir/etc/postfix/SQL/
Now let's create these configuration files. Note that in these configuration files, the database is the username, password, and database in "Preparations for building the Postfix Mail Server. As follows:
Vim/etc/postfix/SQL/mysql_virtual_alias_maps.cf
User = postfix
Password = postfix
Hosts = localhost
Dbname = postfix
Query = SELECT goto FROM alias WHERE address = '% s' AND active = '1'
Vim/etc/postfix/SQL/mysql_virtual_alias_domain_maps.cf
User = postfix
Password = postfix
Hosts = localhost
Dbname = postfix
Query = SELECT goto FROM alias, alias_domain WHERE alias_domain.alias_domain = '% d' and alias. address = CONCAT ('% U',' @ ', alias_domain.target_domain) AND alias. active = 1 AND alias_domain.active = '1'
Vim/etc/postfix/SQL/mysql_virtual_alias_domain_catchall_maps.cf
User = postfix
Password = postfix
Hosts = localhost
Dbname = postfix
Query = SELECT goto FROM alias, alias_domain WHERE region = '% d' and alias. address = CONCAT (' @ ', alias_domain.target_domain) AND alias. active = 1 AND alias_domain.active = '1'
Vim/etc/postfix/SQL/mysql_virtual_domains_maps.cf
User = postfix
Password = postfix
Hosts = localhost
Dbname = postfix
Query = SELECT domain FROM domain WHERE domain = '% s' AND active = '1'
Vim/etc/postfix/SQL/mysql_virtual_mailbox_maps.cf
User = postfix
Password = postfix
Hosts = localhost
Dbname = postfix
Query = SELECT maildir FROM mailbox WHERE username = '% s' AND active = '1'
Vim/etc/postfix/SQL/mysql_virtual_alias_domain_mailbox_maps.cf
User = postfix
Password = postfix
Hosts = localhost
Dbname = postfix
Query = SELECT maildir FROM mailbox, alias_domain WHERE alias_domain.alias_domain = '% d' and mailbox. username = login get_domain) AND mailbox. active = 1 AND alias_domain.active = '1'
Vim/etc/postfix/SQL/mysql_virtual_mailbox_limit_maps.cf
User = postfix
Password = postfix
Hosts = localhost
Dbname = postfix
Query = SELECT quota FROM mailbox WHERE username = '% s' AND active = '1'
1.4
Integrate sasl with postfix
After the preceding configuration is complete, run the following command to test whether the postfix is correctly integrated with cyrus-sasl:
Telnet mail.ilanni.com 25
Ehlo ilanni.com
Note: The ehlo ilanni.com command in the figure must be manually entered. If 250-AUTH plain login and 250-AUTH = plain login are displayed, it indicates that postfix has enabled smtp authentication correctly.
II,
Dovecot
Virtual User Configuration
There are many dovecot configuration files. We will introduce them one by one.
2.1
Modify the dovecot. conf file
Vim/etc/dovecot. conf
Protocols = imap pop3
Listen = *
! Include conf. d/*. conf
Passdb {
Driver = SQL
Args =/etc/dovecot/dovecot-sql.conf.ext
}
Userdb {
Driver = static
Args = uid = 5000 gid = 5000 home =/home/vmail/% d/% n
}
# Debug logs
Auth_debug_passwords = yes
Mail_debug = yes
Auth_verbose = yes
Auth_verbose_passwords = plain
2.2
Modify the 10-auth.conf File
Vim/etc/dovecot/conf. d/10-auth.conf
Disable_plaintext_auth = no
Auth_mechanic ISMs = plain login cram-md5
! Include auth-system.conf.ext
2.3
Modify the 10-ssl.conf File
The 10-ssl.conf file is mainly about the ssl authentication configuration of postfix. Here we disable ssl first. As follows:
Vim/etc/dovecot/conf. d/10-ssl.conf
Ssl = no
2.4
Modify the 10-mail.conf File
The 10-mail.conf file mainly defines the location where the Mail User stores the relevant information. As follows:
Vim/etc/dovecot/conf. d/10-mail.conf
Mail_location = maildir:/home/vmail/% d/% n/Maildir
Mbox_write_locks = fcntl
2.5
Modify the 10-logging.conf File
The 10-logging.conf file is the configuration file that defines dovecot logs. We can also disable this configuration file. However, this configuration file option is enabled for debugging.
NOTE: If no write permission is displayed in the subsequent logs, modify the permission.
Vim/etc/dovecot/conf. d/10-logging.conf
Info_log_path =/var/log/dovecot_info.log
Debug_log_path =/var/log/dovecot_debug.log
2.6
Modify the 10-master.conf File
The 10-master.conf file defines the pop3 and imap ports and other information of dovecot.
Vim/etc/dovecot/conf. d/10-master.conf
Service imap-login {
Inet_listener imap {
Port = 143
}
}
Services pop3-login {
Inet_listener pop3 {
Port = 110
}
}
Service auth {
Unix_listener auth-userdb {
Mode = 0600
User = vmail
Group = vmail
}
# Postfix smtp-auth
Unix_listener/var/spool/postfix/private/auth {
Mode = 0666
User = postfix
}
}
2.7
Modify the 15-lda.conf File
Modify the 15-lda.conf file to prevent dovecot errors:
We only need to add postmaster_address = postmaster@example.com to the 15-lda.conf file, as shown below:
Vim/etc/dovecot/conf. d/15-lda.conf
Postmaster_address = postmaster@example.com
2.8
Add dovecot-sql.conf.ext files
Vim/etc/dovecot/dovecot-sql.conf.ext
Driver = mysql
Connect = host = localhost dbname = postfix user = postfix password = postfix
Default_pass_scheme = MD5-CRYPT
Password_query = SELECT username AS user, password FROM mailbox WHERE username = '% U' AND active = '1'
User_query = SELECT maildir, 5000 AS uid, 5000 AS gid, CONCAT ('dict: storage = ', floor (quota/1000), 'proxy: quota ') as quota FROM mailbox WHERE username = '% U' AND active = '1'
3. postfixadmin Configuration
After dovecot is configured, configure postfixadmin. postfixadmin requires lamp support. For the installation of lamp, you can view "mud: Preparations for building the Postfix Mail Server".
3.1
Install postfixadmin
Postfixadmin cannot be installed using yum. We need to download the postfixadmin package, as shown below:
Wget http://nchc.dl.sourceforge.net/project/postfixadmin/postfixadmin/postfixadmin-2.93/postfixadmin-2.93.tar.gz
Tar-xf postfixadmin-2.93.tar.gz
Music postfixadmin-2.93/var/www/html/postfixadmin
Chown-R apache: apache/var/www/html/postfixadmin
Chmod-R 755/var/www/html/postfixadmin
3.2
Configure postfixadmin
After postfixadmin is installed, configure postfixadmin. The configuration file of postfixadmin is config. inc. php. You only need to modify this file. As follows:
Vim/var/www/html/postfixadmin/config. inc. php
$ CONF ['configured'] = true;
$ CONF ['default _ language'] = 'cn ';
$ CONF ['database _ type'] = 'mysql ';
$ CONF ['database _ host'] = 'localhost ';
$ CONF ['database _ user'] = 'postfix ';
$ CONF ['database _ password'] = 'postfix ';
$ CONF ['database _ name'] = 'postfix ';
$ CONF ['encrypt'] = 'dovecot: CRAM-MD5 ';
$ CONF ['dovecotpw'] = "/usr/bin/doveadm pw ";
$ CONF ['domain _ path'] = 'yes ';
$ CONF ['domain _ in_mailbox'] = 'no ';
$ CONF ['aliases'] = '201312 ';
$ CONF ['mailboxes'] = '20160301 ';
$ CONF ['maxquota '] = '000000 ';
$ CONF ['fetchmail'] = 'no ';
$ CONF ['quota '] = 'yes ';
$ CONF ['used _ quotas '] = 'yes ';
$ CONF ['new _ quota_table '] = 'yes ';
3.3Start postfixadmin
After postfixadmin is configured, start postfixadmin now.
Postfixadmin is not a separate program, it depends on apache, so we only need to start apache. As follows:
/Etc/init. d/httpd start
Chkconfig httpd on
Now we open the following connection in the browser:
Http://mail.ilanni.com/postfixadmin/setup.php
We can see that postfixadmin has been started properly, and the components on which it depends have been installed and configured properly.
3.4
Change the default background management password
One option in the postfixadmin configuration file is to fill in the administrator background management password, which is changeme by default. As follows:
Modify the default password as follows:
We can see that the default password has been successfully modified.
After modification, copy the password to the postfixadmin configuration file and replace the original changeme with the encrypted password. As follows:
Vim/var/www/html/postfixadmin/config. inc. php
3.5
Add Administrator Account
After the admin password is changed, we now add an administrator account admin@ilanni.com. As follows:
Through, we can clearly see that the Administrator admin@ilanni.com has been added successfully.
Now let's use this administrator login to see the background, the background login address is http://mail.ilanni.com/postfixadmin/login.php
As follows:
We can see that the newly added administrator can log on to the postfixadmin admin background.
The postfixadmin Administrator Logon address is:
Http://mail.haiyn.com/postfixadmin/login.php
The logon address of postfixadmin is:
Http://mail.ilanni.com/postfixadmin/users/login.php
4. Add a postfix virtual domain
Postfixadmin supports multi-domain name management. Here we first add a domain name ilanni.com. As follows:
We can see that the domain name ilanni.com has been successfully added.
5. Add email users
After the domain name ilanni.com is added, we will add a new email user to this domain name. As follows:
Through, we can clearly see that the ilannimail@ilanni.com, this mail user has been successfully created.
6. test using the mail client
After the ilannimail@ilanni.com Mail User is added, we now use the mail client to test whether messages can be sent and received normally.
6.1
Test the connection to the email server
First, test whether the user can connect to the email server normally, as shown below:
We can see that the email user ilannimail is connected to the postfix email server normally.
6.2
Test the mail sending Function
Now let's test the mail sending function as follows:
We can see that the ilaninmail user has successfully sent an email to an external domain mailbox.
6.3
Test the email receiving function.
Now let's test the email receiving function as follows:
Through this, we can clearly see that the ilaninmail user has successfully received emails from external domain mailboxes.
7. view the postfixadmin Database
Now let's check the data in postfixadmin database postfix as follows:
This is the table generated by postfixadmin.
The admin table stores administrator users.
The alias table stores all email users.
The domain table stores virtual domain names.
8. view the impact of postfix ON THE SYSTEM
In this article, we mainly operate on postfix virtual users. Now we have added the virtual domain name and created the Mail User.
Now let's take a look at the impact of these operations on the system.
8.1
View mail users' Home Directories
Switch to the Home Directory of the vmail user, as shown below:
Ll/home/vmail/
Through this, we can clearly see that the ilanni.com virtual domain name generates the ilanni.com directory under the Home Directory of the vmail user.
Now let's take a look at the files in the ilanni.com directory, as shown below:
Ll/home/vmail/ilanni.com/
We can see that the ilannimail and wxy directories are generated under the ilanni.com virtual directory, and the two directory names exactly correspond to the email users ilannimail and wxy we created earlier.
In this way, it seems to be exactly the same as the postfix virtual user principle we explained earlier.
8.2
View the number of mail users
Now we can view the files in the ilannimail directory as follows:
Ll/home/vmail/ilanni.com/ilannimail/Maildir/
We can see that there are not many files under this directory. Now we focus on the cur directory.The number of files in the directory shows the number of emails that ilannimail users have.The following two pieces can prove this statement. As follows:
Cd/home/vmail/ilanni.com/ilannimail/Maildir/cur
The cur directory contains three files.
Through the foxmail client, we can also see that the ilanimail user has only three emails, which proves that our previous Guesses are correct.You can know the number of files in the cur directory and how many emails the ilannimail user has.
8.3
View File emails
According to the number of files in the cur directory, we can see that ilannimail currently has three emails. Which of the three files correspond to the three emails respectively?
In fact, we can locate it based on the unix timestamp in the file name. Now we take the 1457768362. M305033P28093. iZ23r061d7kZ, S = 4526, W = 4615: 2, RS file as an example.
Through the file name, we can know that the unix timestamp of this file is 1457768362, then we can find the actual time corresponding to this unix timestamp, as shown below:
The email is sent at 15:39:22.
Of course, we can also view the content of this file as follows:
Cat 1457768362. M305033P28093. iZ23r061d7kZ, S = 4526, W = 4615: 2, RS