chchang
/
hugo_backup
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '9d5c08fae4'
${ noResults }
hugo_backup/themes/public/article/e7-ad-86-e8-a8-98-centos-la.../index.html

1036 lines
35 KiB
Raw Blame History Escape

This file contains ambiguous Unicode characters!

This file contains ambiguous Unicode characters that may be confused with others in your current locale. If your use case is intentional and legitimate, you can safely ignore this warning. Use the Escape button to highlight these characters.

<!doctype html>
<html class="no-js" lang="en">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="author" content="Lednerb">
<meta name="description" content="Bilberry Premium Theme for Hugo.">
<meta name="keywords" content="blog,personal,responsive,search,font awesome,pages,posts,multilingual,highlight.js,syntax highlighting,premium,shortcuts">
<meta name="generator" content="Hugo 0.50" />
<title> [筆記] CentOS LAMP Postfix Postfixadmin Virtual Mail Multi Domain SASL TLS SSL Dovecot MySQL | My cool new Blog</title>
<meta name="description" content="[筆記] CentOS LAMP Postfix Postfixadmin Virtual Mail Multi Domain SASL TLS SSL Dovecot MySQL - Bilberry Premium Theme for Hugo.">
<meta itemprop="name" content="[筆記] CentOS LAMP Postfix Postfixadmin Virtual Mail Multi Domain SASL TLS SSL Dovecot MySQL">
<meta itemprop="description" content="[筆記] CentOS LAMP Postfix Postfixadmin Virtual Mail Multi Domain SASL TLS SSL Dovecot MySQL - Bilberry Premium Theme for Hugo.">
<meta property="og:title" content="[筆記] CentOS LAMP Postfix Postfixadmin Virtual Mail Multi Domain SASL TLS SSL Dovecot MySQL">
<meta property="og:description" content="[筆記] CentOS LAMP Postfix Postfixadmin Virtual Mail Multi Domain SASL TLS SSL Dovecot MySQL - Bilberry Premium Theme for Hugo.">
<meta property="og:image" content="https://www.gravatar.com/avatar/88188b6cc451928eba90e8400bc68086?size=200">
<meta property="og:url" content="https://h.cowbay.org/article/e7-ad-86-e8-a8-98-centos-lamp-postfix-postfixadmin-virtual-mail-multi-domain-sasl-tls-ssl-dovecot-mysql/">
<meta property="og:site_name" content="My cool new Blog">
<meta property="og:type" content="article">
<link rel="icon" type="image/png" href="https://h.cowbay.org/favicon-32x32.png" sizes="32x32">
<link rel="icon" type="image/png" href="https://h.cowbay.org/favicon-16x16.png" sizes="16x16">
<link rel="stylesheet" href="https://h.cowbay.org/sass/combined.min.717098cb5503581e75f12e486a847ca410bf8367d4d8713f4c37affc868c5a1d.css">
</head>
<body class="bilberry-hugo-theme">
<nav>
<div class="container">
<ul class="topnav">
<li><a href="/page/about-bilberry/">About Bilberry</a></li>
<li><a href="https://github.com/Lednerb/bilberry-hugo-theme" target="_blank">Github</a></li>
</ul>
<div id="search-box" class="search">
<i class="fa fa-search"></i>
<input id="search" type="text" placeholder="Search ...">
</div>
</div>
</nav>
<header>
<div class="container">
<div class="logo">
<a href="/" class="logo">
<img src="https://www.gravatar.com/avatar/88188b6cc451928eba90e8400bc68086?d=mm&size=200" alt="">
<span class="overlay"><i class="fa fa-home"></i></span>
</a>
</div>
<div class="titles">
<h3 class="title"><a href="/">My cool new Blog</a></h3>
<span class="subtitle">Hello World! This is the most epic subtitle ever.</span>
</div>
<div class="languages">
<a href="/en" class="active">en</a>
<a href="/de">de</a>
</div>
<div class="toggler">
<i class="fa fa-bars" aria-hidden="true"></i>
</div>
</div>
</header>
<div class="main container">
<div class="article-wrapper u-cf single">
<a class="bubble" href="/article/e7-ad-86-e8-a8-98-centos-lamp-postfix-postfixadmin-virtual-mail-multi-domain-sasl-tls-ssl-dovecot-mysql/">
<i class="fa fa-fw fa-pencil"></i>
</a>
<article class="default article">
<div class="content">
<h3><a href="/article/e7-ad-86-e8-a8-98-centos-lamp-postfix-postfixadmin-virtual-mail-multi-domain-sasl-tls-ssl-dovecot-mysql/">[筆記] CentOS LAMP Postfix Postfixadmin Virtual Mail Multi Domain SASL TLS SSL Dovecot MySQL</a></h3>
<div class="meta">
<span class="date moment">2016-01-18</span>
<span class="categories">
<a href="/categories/%E6%9C%AA%E5%88%86%E9%A1%9E">未分類</a>
</span>
</div>
<h3 id="centos-lamp-postfix-postfixadmin-virtual-mail-multi-domain-sasl-tls-ssl-dovecot-mysql-安裝步驟整理">CentOS LAMP Postfix Postfixadmin Virtual Mail Multi Domain SASL TLS SSL Dovecot MySQL 安裝步驟整理</h3>
<h3 id="系統基礎">系統基礎</h3>
<hr />
<p><p>檢查 hostname 是否有設定正確hostname -f 如果跑不出正確結果,編輯 /etc/hosts 內容</p>
<p><strong>#####安裝會用到的小工具</strong></p>
<p>yum install epel-release ; yum list &gt; yum.txt
yum install ftp traceroute telnet vim joe lynx bind-utils wget openssl ntpdate mail</p>
<p><strong>#####修改時區</strong>
cp /usr/share/zoneinfo/Asia/Taipei /etc/localtime
ntpdate time.stdtime.gov.tw</p>
<p>加入 crontab</p>
<p>*/10 * * * * * ntpdate time.stdtime.gov.tw &gt; /dev/null 2&gt;&amp;1</p>
<p>或者是直接安裝 ntp 服務</p>
<p>yum install -y ntp</p>
<p>vim /etc/ntp.conf</p>
<p>加入</p>
<p>restrict 192.168.10.0 mask 255.255.255.0</p>
<p>server&nbsp; time.stdtime.gov.tw&nbsp;&nbsp;&nbsp;&nbsp; iburst
server&nbsp; 192.168.10.243&nbsp; iburst</p>
<p>service ntpd restart</p>
<p>&nbsp;</p>
<p><strong>#####關閉 SELINUX</strong></p>
<p>vim /etc/sysconfig/selinux</p>
<p>SELINUX = disabled</p>
<p><strong>##### 關閉防火牆服務,有需要再打開 #####</strong></p>
<p>service iptables stop</p>
<p>chkconfig &ndash;level 235 iptables off</p>
<p><strong>####系統重開機 套用關閉SELINUX</strong></p>
<p>reboot</p>
<hr />
<h3 id="span-style-font-size-x-large-lamp-span"><span style="font-size: x-large">LAMP</span></h3>
<p><p><strong><span style="font-size: large">## MYSQL 5 ##</span></strong>
yum install mysql mysql-server
chkconfig &ndash;levels 235 mysqld on
/etc/init.d/mysqld start
/usr/bin/mysql_secure_installation</p>
<p><strong><span style="font-size: large">## APACHE 2 ##</span></strong>
yum install httpd
chkconfig &ndash;levels 235 httpd on</p>
<p>##修改 httpd.conf 裡面的 ServerName 參數 ##
vim /etc/httpd/conf/httpd.conf
ServerName localhost:80
service httpd start
check <a href="http://ip_address">http://ip_address</a></p>
<p><span style="font-size: large"><strong>## PHP ##</strong></span>
yum install php php-gd php-mbstring php-mysql mod_ssl php-imap -y</p>
<p>##add a php file in /var/www/html check if php works</p>
<p>##新增一個 PHP 檔案 看看 php 是否可以正常運作
vim /var/www/html/1.php
&lt;?php
phpinfo();
?&gt;
lynx localhost/1.php</p>
<p>&nbsp;</p>
<p><strong><span style="font-size: large">########## Enable HTTPS ######</span></strong></p>
<p>yum install y openssl mod_ssl</p>
<p>service httpd restart</p>
<p><strike>apache 預設就幫我們做好了兩個憑證,位置在/etc/pki/tls/certs&nbsp; &amp; /etc/pki/tls/private 底下</strike></p>
<p><strike>檔名分別叫做 localhost.crt / localhost.key</strike></p>
<p><strike>所以修改apache設定去抓這兩個檔案</strike></p>
<p><strike></strike>&nbsp;</p>
<p>修正</p>
<p>沒有預設做好憑證這回事,所以還是要自己做憑證出來</p>
<p>openssl genrsa -out ms.abc.com.key 1024
openssl req -new -key ms.abc.com.key -out ms.abc.com.csr
x509 -req -days 3650 -in ms.abc.com.csr -signkey ms.abc.com.key -out ms.abc.com.crt</p>
<p>mv ms.abc.com.crt /etc/pki/tls/certs/</p>
<p>mv ms.abc.com.key /etc/pki/tls/private/</p>
<p>vim /etc/httpd/conf.d/ssl.conf</p>
<p>找到 SSLCertificateFile 、 SSLCertificateKeyFile 這兩個參數</p>
<p>加入預設憑證的路徑</p>
<p>SSLCertificateFile /etc/pki/tls/certs/ms.abc.com.crt</p>
<p>SSLCertificateKeyFile /etc/pki/tls/private/ms.abc.com.key</p>
<p>重啟 apache</p>
<p>service httpd restart</p>
<p>開啟 https 頁面測試看看</p>
<p><a href="https://ip_address">https://ip_address</a></p>
<p>一開始應該會出現錯誤憑證的畫面,這是因為我們的憑證是自己簽的,而不是透過第三方機構發的。不過無所謂,可以用就好~</p>
<p>不然還要花錢去申請..</p>
<hr />
<p><p><span style="color: #000000"><strong>##date.timezone</strong></span>
vim /etc/php.ini
date.timezone = Asia/Taipei
service httpd restart</p>
<p><strong>## LAMP DONE</strong></p>
<hr />
<h3 id="font-style-font-weight-bold-postfix-font"><font style="font-weight: bold">POSTFIX</font></h3>
<p><p>## POSTFIX / DOVECOT ##</p>
<h1 id="cyrus">Cyrus</h1>
<p>yum -y install cyrus-sasl cyrus-sasl-devel cyrus-sasl-gssapi cyrus-sasl-md5 cyrus-sasl-plain</p>
<p><span style="color: #000000">**#######################################################</p>
<h5 id="generate-ssl-sign-key-nbsp-nbsp-nbsp-nbsp-nbsp-nbsp-nbsp-nbsp-nbsp-nbsp-nbsp-nbsp-nbsp-nbsp-nbsp-nbsp-nbsp-nbsp">Generate SSL Sign Key&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</h5>
<p>#######################################################**</span></p>
<p>openssl genrsa -des3 -out ms.abc.com.key 2048
chmod 600 ms.abc.com.key
openssl req -new -key ms.abc.com..key -out ms.abc.com..csr
openssl x509 -req -days 3650 -in ms.abc.com..csr -signkey ms.abc.com.key -out ms.abc.com..crt
openssl rsa -in ms.abc.com..key -out ms.abc.com..key.nopass
mv -f ms.abc.com..key.nopass ms.abc.com..key
openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -days 3650
chmod 600 ms.abc.com.key
chmod 600 cakey.pem
mkdir /etc/ssl/private
mv ms.abc.com.key /etc/ssl/private/
mv ms.abc.com.crt /etc/ssl/certs/
mv cakey.pem /etc/ssl/private/
mv cacert.pem /etc/ssl/certs/</p>
<p>**#######################################################</p>
<h6 id="add-tls-settings-to-etc-postfix-main-cf">Add TLS Settings to /etc/postfix/main.cf</h6>
<p>#######################################################**</p>
<p>postconf -e &lsquo;smtpd_tls_auth_only = no&rsquo;
postconf -e &lsquo;smtp_use_tls = yes&rsquo;
postconf -e &lsquo;smtpd_use_tls = yes&rsquo;
postconf -e &lsquo;smtp_tls_note_starttls_offer = yes&rsquo;
postconf -e &lsquo;smtpd_tls_key_file = /etc/ssl/private/ms.abc.com.key&rsquo;
postconf -e &lsquo;smtpd_tls_cert_file = /etc/ssl/certs/ms.abc.com.crt&rsquo;
postconf -e &lsquo;smtpd_tls_CAfile = /etc/ssl/certs/cacert.pem&rsquo;
postconf -e &lsquo;smtpd_tls_loglevel = 1&rsquo;
postconf -e &lsquo;smtpd_tls_received_header = yes&rsquo;
postconf -e &lsquo;smtpd_tls_session_cache_timeout = 3600s&rsquo;
postconf -e &lsquo;tls_random_source = dev:/dev/urandom&rsquo;
postconf -e &lsquo;myhostname = ms.abc.com&rsquo;
postconf -e &lsquo;mydomain = abc.com &lsquo;</p>
<p>**#######################################################</p>
<h6 id="etc-postfix-main-cf-should-be-like-this">/etc/postfix/main.cf should be like this</h6>
<p>#######################################################**</p>
<p>alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
home_mailbox = Maildir/
html_directory = no
inet_interfaces = all
inet_protocols = all
mail_owner = postfix
mailbox_command =
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
mydestination = $myhostname, localhost.$mydomain, localhost
mydomain = abc.com
myhostname = ms.abc.com
mynetworks = 127.0.0.0/8
newaliases_path = /usr/bin/newaliases.postfix
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.6.6/README_FILES
sample_directory = /usr/share/doc/postfix-2.6.6/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtp_tls_note_starttls_offer = yes
smtp_use_tls = yes
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination</p>
<hr />
<p><p><strong>##### POSTFIX CONFIG #####</strong>
postconf -e &lsquo;inet_interfaces = all&rsquo;
postconf -e &lsquo;mynetworks = 127.0.0.0/8&rsquo;
postconf -e &lsquo;smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination&rsquo;
postconf -e &lsquo;mailbox_command =&rsquo;</p>
<p><strong>#########SASL##############</strong>
postconf -e &lsquo;broken_sasl_auth_clients = yes&rsquo;
postconf -e &lsquo;smtpd_sasl_auth_enable = yes&rsquo;
postconf -e &lsquo;smtpd_sasl_local_domain = &lsquo;
postconf -e &lsquo;smtpd_sasl_path = private/auth&rsquo;
postconf -e &lsquo;smtpd_sasl_security_options = noanonymous&rsquo;
postconf -e &lsquo;smtpd_sasl_type = dovecot&rsquo;</p>
<p><strong>##### TLS , check the cert file location #####</strong></p>
<p>smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_auth_only = no
smtpd_tls_cert_file = /etc/ssl/certs/ms.abc.com.crt
smtpd_tls_key_file = /etc/ssl/private/ms.abc.com.key
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom</p>
<p><strong>### Virtual Mail ###</strong></p>
<p>**#######################################################################################</p>
<h3 id="create-cf-files">Create cf files</h3>
<p>#######################################################################################
**vim /etc/postfix/sql/mysql_virtual_alias_domain_catchall_maps.cf</p>
<p>user = postfixadmin
password = postfixadmin
hosts = localhost
dbname = mail
query&nbsp; = SELECT goto FROM alias,alias_domain WHERE alias_domain.alias_domain = &lsquo;%d&rsquo; and alias.address = CONCAT(&lsquo;@&rsquo;, alias_domain.target_domain) AND alias.active = 1 AND alias_domain.active=&lsquo;1&rsquo;</p>
<hr />
<p><p>vim /etc/postfix/sql/mysql_virtual_alias_domain_maps.cf</p>
<p>user = postfixadmin
password = postfixadmin
hosts = localhost
dbname = mail
query = SELECT goto FROM alias,alias_domain WHERE alias_domain.alias_domain = &lsquo;%d&rsquo; and alias.address = CONCAT(&lsquo;%u&rsquo;, &lsquo;@&rsquo;, alias_domain.target_domain) AND alias.active = 1 AND alias_domain.active=&lsquo;1&rsquo;</p>
<hr />
<p><p>vim /etc/postfix/sql/mysql_virtual_domains_maps.cf</p>
<p>user = postfixadmin
password = postfixadmin
hosts = localhost
dbname = mail
query&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; = SELECT domain FROM domain WHERE domain=&lsquo;%s&rsquo; AND active = &lsquo;1&rsquo;</p>
<hr />
<p><p>vim /etc/postfix/sql/mysql_virtual_mailbox_maps.cf</p>
<p>user = postfixadmin
password = postfixadmin
hosts = localhost
dbname = mail
query&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; = SELECT maildir FROM mailbox WHERE username=&lsquo;%s&rsquo; AND active = &lsquo;1&rsquo;</p>
<hr />
<p><p>vim /etc/postfix/sql/mysql_virtual_alias_domain_mailbox_maps.cf</p>
<p>user = postfixadmin
password = postfixadmin
hosts = localhost
dbname = mail
query = SELECT maildir FROM mailbox,alias_domain WHERE alias_domain.alias_domain = &lsquo;%d&rsquo; and mailbox.username = CONCAT(&lsquo;%u&rsquo;, &lsquo;@&rsquo;, alias_domain.target_domain) AND mailbox.active = 1 AND alias_domain.active=&lsquo;1&rsquo;</p>
<hr />
<p><p>vim /etc/postfix/sql/mysql_virtual_alias_maps.cf</p>
<p>user = postfixadmin
password = postfixadmin
hosts = localhost
dbname = mail
query = SELECT goto FROM alias WHERE address=&lsquo;%s&rsquo; AND active = &lsquo;1&rsquo;
#expansion_limit = 100</p>
<hr />
<p><p>vim /etc/postfix/sql/mysql_virtual_mailbox_limit_maps.cf</p>
<p>user = postfixadmin
password = postfixadmin
hosts = localhost
dbname = mail
query = SELECT quota FROM mailbox WHERE username=&lsquo;%s&rsquo; AND active = &lsquo;1&rsquo;</p>
<hr />
<p><p>postconf -e &lsquo;virtual_alias_maps = proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_maps.cf,&nbsp;&nbsp; proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_maps.cf,&nbsp;&nbsp; proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_catchall_maps.cf&rsquo;
postconf -e &lsquo;virtual_gid_maps = static:5000&rsquo;
postconf -e &lsquo;virtual_mailbox_base = /home/vmail&rsquo;
postconf -e &lsquo;virtual_mailbox_domains = proxy:mysql:/etc/postfix/sql/mysql_virtual_domains_maps.cf&rsquo;
postconf -e &lsquo;virtual_mailbox_maps = proxy:mysql:/etc/postfix/sql/mysql_virtual_mailbox_maps.cf,&nbsp;&nbsp; proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_mailbox_maps.cf&rsquo;
postconf -e &lsquo;virtual_transport = virtual&rsquo;
postconf -e &lsquo;virtual_uid_maps = static:5000&rsquo;</p>
<h3 id="others">Others</h3>
<p>postconf -e &lsquo;unknown_local_recipient_reject_code = 550&rsquo;</p>
<hr />
<p><p>**#######################################################################################</p>
<h3 id="add-vmail-user-group-for-virtual-mail-nbsp-nbsp-nbsp-nbsp">add vmail user/group for virtual mail&nbsp;&nbsp;&nbsp;&nbsp;</h3>
<h3 id="uid-should-be-the-same-with-main-cf-nbsp-nbsp-nbsp-nbsp-nbsp-nbsp">uid should be the same with main.cf&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</h3>
<p>#######################################################################################**</p>
<p>groupadd -g 5000 vmail
useradd -g vmail -u 5000 vmail -d /home/vmail
chown vmail:vmail /home/vmail</p>
<hr />
<p><p><strong>############### MYSQL ###############</strong></p>
<p>mysql -u root -p
create database mail;
create user &lsquo;postfixadmin&rsquo;@&lsquo;localhost&rsquo; identified by &lsquo;postfixadmin&rsquo;;
grant all privileges on mail.* to &lsquo;postfixadmin&rsquo;@&lsquo;localhost&rsquo;;
flush privileges;
quit</p>
<hr />
<p><p>**#########Postfixadmin ###################
**</p>
<p>wget <a href="http://nchc.dl.sourceforge.net/project/postfixadmin/postfixadmin/postfixadmin-2.93/postfixadmin-2.93.tar.gz">http://nchc.dl.sourceforge.net/project/postfixadmin/postfixadmin/postfixadmin-2.93/postfixadmin-2.93.tar.gz</a>
tar zxvf postfixadmin-2.93.tar.gz
mv postfixadmin-2.93 postfixadmin
mv postfixadmin /var/www/html/
cd /var/www/html/postfixadmin
vim config.inc.php
$CONF[&lsquo;configured&rsquo;] = false;&nbsp; &ndash;&gt; $CONF[&lsquo;configured&rsquo;] = true;
$CONF[&lsquo;database_type&rsquo;] = &lsquo;mysqli&rsquo;;
$CONF[&lsquo;database_host&rsquo;] = &lsquo;localhost&rsquo;;
$CONF[&lsquo;database_user&rsquo;] = &lsquo;postfix&rsquo;;&nbsp; &ndash;&gt; $CONF[&lsquo;database_user&rsquo;] = &lsquo;postfixadmin&rsquo;;
$CONF[&lsquo;database_password&rsquo;] = &lsquo;postfixadmin&rsquo;;
$CONF[&lsquo;database_name&rsquo;] = &lsquo;postfix&rsquo;; &ndash;&gt; $CONF[&lsquo;database_name&rsquo;] = &lsquo;mail&rsquo;;</p>
<p>open <a href="http://ip_address/postfixadmin/setup.php">http://ip_address/postfixadmin/setup.php</a>
Error: Smarty template compile directory templates_c is not writable.
Please make it writable.
If you are using SELinux or AppArmor, you might need to adjust their setup to allow write access.</p>
<p>chmod a+rw -R /var/www/html/postfixadmin/templates_c
open <a href="http://ip_address/postfixadmin/setup.php">http://ip_address/postfixadmin/setup.php</a></p>
<p>change setup password (two digit , two letters , will fix later) and new password will be generated</p>
<p>vim /var/www/html/postfixadmin/config.ini.php
Replace
$CONF[&lsquo;setup_password&rsquo;] = &lsquo;changeme&rsquo;;
to
$CONF[&lsquo;setup_password&rsquo;] = &lsquo;0287c360cbc407f4e18e520651a1c1b8:3a8a82f252f00a8593c0bfc9fa006a98deee2b32&rsquo;;</p>
<p>create a new mail master</p>
<p>go <a href="http://ip_address/postfixadmin/login.php">http://ip_address/postfixadmin/login.php</a> using the account last step</p>
<h2 id="change-the-password-limitation">change the password limitation</h2>
<p>vim /var/www/html/postfixadmin/config.inc.php</p>
<p>$CONF[&lsquo;password_validation&rsquo;] = array(
#&nbsp;&nbsp;&nbsp; &lsquo;/regular expression/&rsquo; =&gt; &lsquo;$PALANG key (optional: + parameter)&lsquo;,
&lsquo;/.{5}/&rsquo;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =&gt; &lsquo;password_too_short 5&rsquo;,&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; # minimum length 5 characters
#&lsquo;/([a-zA-Z].<em>){3}/&rsquo;&nbsp;&nbsp;&nbsp;&nbsp; =&gt; &lsquo;password_no_characters 3&rsquo;,&nbsp; # must contain at least 3 characters &ndash;&gt;
&lsquo;/([a-zA-Z].</em>){0}/&rsquo;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =&gt; &lsquo;password_no_characters 3&rsquo;,&nbsp; # must contain at least 0 characters &ndash;&gt;
#&lsquo;/([0-9].<em>){2}/&rsquo;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =&gt; &lsquo;password_no_digits 2&rsquo;,&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; # must contain at least 2 digits&nbsp; &ndash;&gt;
&lsquo;/([0-9].</em>){0}/&rsquo;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =&gt; &lsquo;password_no_digits 2&rsquo;,&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; # must contain at least 0 digits&nbsp; &ndash;&gt;
);</p>
<hr />
<p><p>**######################################################</p>
<h3 id="create-a-new-virtual-domain-and-virtual-user">create a new virtual domain and virtual user</h3>
<h3 id="check-if-the-records-exists">check if the records exists</h3>
<p>######################################################**
mysql -u root -p
use mail;
show tables;
select * from domain;
select * from alias;
exit</p>
<h2 id="in-var-log-maillog-there-should-be-a-welcome-messages-from-postmaster-to-the-acouunt-you-just-created">in /var/log/maillog , there should be a welcome messages from postmaster to the acouunt you just created</h2>
<p>Jan 13 13:37:25 mssop postfix/qmgr[2396]: 632D740A18: from=&lt;postmaster@abc.com.tw&gt;, size=489, nrcpt=1 (queue active)
Jan 13 13:37:25 mssop postfix/smtpd[2965]: disconnect from localhost[::1]
Jan 13 13:37:25 mssop postfix/virtual[2975]: 632D740A18: to=&lt;mc@abc-taf.com&gt;, relay=virtual, delay=0.16, delays=0.06/0.1/0/0.01, dsn=2.0.0, status=sent (delivered to maildir)
Jan 13 13:37:25 mssop postfix/qmgr[2396]: 632D740A18: removed</p>
<hr />
<p><p><strong>#######################################################
######&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Dovecot Config&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ########
#######################################################</strong></p>
<h2 id="vim-etc-dovecot-conf-d-10-ssl-conf">vim /etc/dovecot/conf.d/10-ssl.conf</h2>
<p>ssl_cert = &lt;/etc/pki/dovecot/certs/dovecot.pem
ssl_key = &lt;/etc/pki/dovecot/private/dovecot.pem</p>
<h2 id="vim-etc-dovecot-conf-d-10-auth-conf">vim /etc/dovecot/conf.d/10-auth.conf</h2>
<p>disable_plaintext_auth = no
auth_mechanisms = plain login
!include auth-sql.conf.ext</p>
<h2 id="vim-etc-dovecot-conf-d-10-mail-conf">vim /etc/dovecot/conf.d/10-mail.conf</h2>
<p>mail_location = maildir:/home/vmail/%d/%n
mail_privileged_group = mail
mbox_write_locks = fcntl</p>
<h2 id="vim-etc-dovecot-conf-d-10-master-conf">vim /etc/dovecot/conf.d/10-master.conf</h2>
<p>service imap-login {
inet_listener imap {
}
inet_listener imaps {
}
}</p>
<p>service pop3-login {
inet_listener pop3 {
}
inet_listener pop3s {
}
}</p>
<p>service lmtp {
unix_listener lmtp {
}</p>
<p>}</p>
<p>service imap {</p>
<p>}</p>
<p>service pop3 {
}</p>
<p>service auth {
unix_listener auth-userdb {
}</p>
<p>unix_listener /var/spool/postfix/private/auth {
mode = 0666
user = postfix
group = postfix
}
}</p>
<p>service auth-worker {
}</p>
<p>service dict {
unix_listener dict {
}
}</p>
<h2 id="vim-nbsp-etc-dovecot-conf-d-auth-sql-conf-ext">vim&nbsp; /etc/dovecot/conf.d/auth-sql.conf.ext</h2>
<p>passdb {
driver = sql
args = /etc/dovecot/dovecot-sql.conf.ext
}</p>
<p>userdb {
driver = static
args = uid=vmail gid=vmail home=/home/vmail/%u
}</p>
<p>**###########################################################################</p>
<h5 id="create-the-dovecot-sql-conf-ext-file-for-support-dovecot-mysql">Create the dovecot-sql.conf.ext file for support dovecot-mysql</h5>
<p>###########################################################################**</p>
<h2 id="vim-nbsp-etc-dovecot-dovecot-sql-conf-ext">vim&nbsp; /etc/dovecot/dovecot-sql.conf.ext</h2>
<p>driver = mysql
connect = host=127.0.0.1 dbname=mail user=postfixadmin password=postfixadmin
default_pass_scheme = MD5-CRYPT
password_query = SELECT username AS user,password FROM mailbox WHERE username = &lsquo;%u&rsquo; AND active=&lsquo;1&rsquo;
user_query = SELECT maildir, 5000 AS uid, 5000 AS gid FROM mailbox WHERE username = &lsquo;%u&rsquo; AND active=&lsquo;1&rsquo;
user_query = SELECT CONCAT(&lsquo;/home/vmail/&rsquo;, maildir) AS home, 5000 AS uid, 5000 AS gid, CONCAT(&rsquo;*:bytes=&lsquo;, quota) AS quota_rule FROM mailbox WHERE username = &lsquo;%u&rsquo; AND active=&lsquo;1&rsquo;
user_query = SELECT maildir, 5000 AS uid, 5000 AS gid, CONCAT(&lsquo;dict:storage=&lsquo;,floor(quota/1000),&rsquo; proxy::quota&rsquo;) as quota FROM mailbox WHERE username = &lsquo;%u&rsquo; AND active=&lsquo;1&rsquo;</p>
<hr />
<p><p><strong>############################################################################
########## install roundcubemail&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; #################################
############################################################################</strong></p>
<p>yum install roundcubemail
vim /etc/httpd/conf.d/roundcubemail.conf</p>
<h3 id="comment-first-two-directory-settings-for-install">Comment First two Directory Settings for install</h3>
<p>Alias /roundcubemail /usr/share/roundcubemail
change to
Alias /mail&nbsp;&nbsp;&nbsp; /usr/share/roundcubemail</p>
<p>&lt;Directory /usr/share/roundcubemail/&gt;
&lt;IfModule mod_authz_core.c&gt;</p>
<h1 id="apache-2-4">Apache 2.4</h1>
<p>#Require local
&lt;/IfModule&gt;
&lt;IfModule !mod_authz_core.c&gt;</p>
<h1 id="apache-2-2">Apache 2.2</h1>
<p>#Order Deny,Allow
#Deny from all
#Allow from 127.0.0.1
#Allow from ::1
&lt;/IfModule&gt;
&lt;/Directory&gt;</p>
<h1 id="define-who-can-access-the-installer">Define who can access the installer</h1>
<h1 id="keep-this-secured-once-configured">keep this secured once configured</h1>
<p>&lt;Directory /usr/share/roundcubemail/installer/&gt;
&lt;IfModule mod_authz_core.c&gt;</p>
<h1 id="apache-2-4-1">Apache 2.4</h1>
<p>#Require local
&lt;/IfModule&gt;
&lt;IfModule !mod_authz_core.c&gt;</p>
<h1 id="apache-2-2-1">Apache 2.2</h1>
<p>#Order Deny,Allow
#Deny from all
#Allow from 127.0.0.1
#Allow from ::1
&lt;/IfModule&gt;
&lt;/Directory&gt;</p>
<h5 id="create-a-database-for-roundcubemail">create a database for roundcubemail</h5>
<p>mysql -u root -p
create database rcmail;
create user &lsquo;rcmail&rsquo;@&lsquo;localhost&rsquo; identified by &lsquo;rcmailpassword&rsquo;;
grant all privileges on rcmail.* to &lsquo;rcmail&rsquo;@&lsquo;localhost&rsquo;;
flush privileges;</p>
<p>service httpd reload</p>
<p>open <a href="http://ip_address/mail/installer/">http://ip_address/mail/installer/</a>
check if any errors , if not , next , if so , fix it !
After Next , modify the database setting with last step you create
modify the SMTP Server with localhost , check &ldquo;Use the current IMAP username and password for SMTP authentication&rdquo;
language : zh_TW ( not sure if this works or not )
press create config file
copy the file to /etc/roundcubemail/config.inc.php
press continue
check if any errors
initialize database
test SMTP
with the first account/password you create in the postfixadmin section</p>
<p>test IMAP</p>
<p>mv /usr/share/roundcubemail/installer /usr/share/roundcubemail/installer.bak</p>
<p>login to roundcubemail
open <a href="https://ip_address/mail/">https://ip_address/mail/</a>
login with the account/password you create in the postfixadmin section
like username@domain.name
and there`s one mail waiting for you ~</p>
<p>Cong ! Everything works fine now ! ( it should be &hellip;..)</p>
</div>
<div class="footer no-tags">
</div>
</article>
</div>
<div id="disqus_thread"></div>
<script type="application/javascript">
var disqus_config = function () {
};
(function() {
if (["localhost", "127.0.0.1"].indexOf(window.location.hostname) != -1) {
document.getElementById('disqus_thread').innerHTML = 'Disqus comments not available by default when the website is previewed locally.';
return;
}
var d = document, s = d.createElement('script'); s.async = true;
s.src = '//' + "bilberry-hugo-theme" + '.disqus.com/embed.js';
s.setAttribute('data-timestamp', +new Date());
(d.head || d.body).appendChild(s);
})();
</script>
<noscript>Please enable JavaScript to view the <a href="https://disqus.com/?ref_noscript">comments powered by Disqus.</a></noscript>
<a href="https://disqus.com" class="dsq-brlink">comments powered by <span class="logo-disqus">Disqus</span></a>
</div>
<footer>
<div class="container">
<div class="recent-posts">
<strong>Latest posts</strong>
<ul>
<li>
<a href="/article/google-550-5-7-1-sloution/">寄信給google被退信 錯誤 550-5.7.1的解法</a>
</li>
<li>
<a href="/article/netdata-linux-system-performance-monitor-dashboard/">Netdata Linux System Performance Monitor Dashboard</a>
</li>
<li>
<a href="/article/linux-performance-monitor-dashboard-netdata-md/">Linux 底下極其詳細的System performace Monitor Dashboard - Netdata</a>
</li>
<li>
<a href="/article/syntax-test/">Syntax Test</a>
</li>
<li>
<a href="/article/psql-create-role-and-assign-priviledges/">psql create role and assign priviledges</a>
</li>
<li>
<a href="/article/study-url/">Study URL</a>
</li>
<li>
<a href="/article/rsync-time-backup/">[筆記] Linux 底下好用的備份工具 rsync-time-backup</a>
</li>
</ul>
</div>
<div class="categories">
<a href="/categories/"><strong>Categories</strong></a>
<ul>
<li>
<a href="/categories/%E6%9C%AA%E5%88%86%E9%A1%9E">未分類 (86)</a>
</li>
<li>
<a href="/categories/%E5%B7%A5%E4%BD%9C%E7%AD%86%E8%A8%98">工作筆記 (68)</a>
</li>
<li>
<a href="/categories/%E5%85%B6%E4%BB%96">其他 (46)</a>
</li>
<li>
<a href="/categories/%E7%AD%86%E8%A8%98">筆記 (30)</a>
</li>
<li>
<a href="/categories/%E5%89%AA%E5%A0%B1">剪報 (18)</a>
</li>
<li>
<a href="/categories/starting">Starting (5)</a>
</li>
<li>
<a href="/categories/blog">Blog (4)</a>
</li>
</ul>
</div>
<div class="right">
<div class="external-profiles">
<strong>Social media</strong>
<a href="https://twitter.com/TheRealLednerb" target="_blank"><i class="fa fa-twitter-adblock-proof"></i></a>
<a href="https://github.com/Lednerb" target="_blank"><i class="fa fa-github"></i></a>
</div>
<div class="languages">
<strong>Other languages</strong>
<a href="/en" class="active">en</a>
<a href="/de">de</a>
</div>
</div>
</div>
</footer>
<div class="credits">
<div class="container">
<div class="copyright">
<a href="https://github.com/Lednerb" target="_blank">
&copy;
2017
by Lednerb
</a>
</div>
<div class="author">
<a href="https://github.com/Lednerb/bilberry-hugo-theme" target="_blank">Bilberry Hugo Theme</a>
</div>
</div>
</div>
<script type="text/javascript" src="https://h.cowbay.org/js/externalDependencies.39c47e10e241eae2947b3fe21809c572.js" integrity="md5-OcR&#43;EOJB6uKUez/iGAnFcg=="></script>
<script type="text/javascript" src="https://h.cowbay.org/js/theme.ff50ae6dc1bfc220b23bf69dbb41b54e.js" integrity="md5-/1CubcG/wiCyO/adu0G1Tg=="></script>
<script>
$(".moment").each(function() {
$(this).text(
moment( $(this).text() )
.locale( "en" )
.format('LL')
);
});
$(".footnote-return sup").html("");
</script>
<script>
var client = algoliasearch("Y2C4RWMPXW", "50ea7f8c41c0ad233926e0be2b769ed1");
var index = client.initIndex("default-content");
$('#search').autocomplete({ hint: false, autoselect: true, debug: false },
[
{
source: $.fn.autocomplete.sources.hits(index, { hitsPerPage: 5, filters: 'language: en' }),
displayKey: function(suggestion) {
return suggestion.title || suggestion.author
},
templates: {
suggestion: function(suggestion) {
return "<span class='entry " + suggestion.type + "'>"
+ "<span class='title'>" + suggestion.title + "</span>"
+ "<span class='fa fa-fw " + suggestion.iconClass + "'></span>"
+ "</span>"
;
},
empty: function() {
return "<span class='empty'>Nothing found.</span>"
},
footer: function() {
return '<div class="branding">Powered by <img src="https:\/\/h.cowbay.org\/dist\/algolia-logo-light.svg" /></div>'
}
},
}
])
.on('autocomplete:selected', function(event, suggestion, dataset) {
window.location = (suggestion.url);
})
.keypress(function (event, suggestion) {
if (event.which == 13) {
window.location = (suggestion.url);
}
});
</script>
</body>
</html>
Reference in new issue View Git Blame Copy Permalink