Ubuntu上的Qmail OpenLdap
本指南将帮助您轻松地设置电子邮件服务器在Ubuntu上使用Qmail作为MTA,OpenLDAP作为用户认证数据库的后端,以及用于IMAP服务器的Courier IMAP。
介绍
Qmail是一个安全,可靠,高效,简单的邮件传输代理。 它是为典型的互联网连接的UNIX主机设计的。 截至2001年10月,qmail是互联网上第二大最常见的SMTP服务器,目前是任何SMTP服务器增长最快的。
安装
本指南将帮助您轻松地将使用Qmail的电子邮件服务器设置为MTA,OpenLDAP作为用户的后端,以及用于IMAP服务器的Courier IMAP。 按照这些简单的步骤。
Qmail
在此设置中,我认为您的域名为yourdomain.com,并且它具有有效的MX记录设置为mail.yourdomain.com。 请记住将yourdomain.com替换为您的实际域,在此howto的示例代码中。 我也假设你知道什么是MX记录。 要在终端中查找MX您的类型:
注意:我将从这里使用root登录。
dig mx yourdomain.com
Qmail的先决条件:
apt-get install libldap2-dev libssl-dev openssl sharutils unzip maildrop perl-suid
mkdir /downloads
cd /downloads
wget http://www.qmailrocks.org/downloads/qmail-1.03.tar.gz
wget http://www.qmailrocks.org/downloads/ucspi-tcp-0.88.tar.gz
wget http://www.qmailrocks.org/downloads/daemontools-0.76.tar.gz
wget http://www.qmailrocks.org/downloads/patches/daemontools-0.76.errno.patch
wget http://www.qmailrocks.org/downloads/patches/ucspi-tcp-0.88.errno.patch
wget http://www.qmailrocks.org/downloads/scripts/finalize/qmailctl
wget http://www.nrg4u.com/qmail/qmail-ldap-1.03-20060201.patch.gz
gunzip /downloads/qmail-ldap-1.03-20060201.patch.gz
点击此处查看 qmailrocks包的替代链接。
创建用户和组。
mkdir -p /var/qmail
groupadd nofiles
useradd -g nofiles -d /var/qmail/alias -s /sbin/nologin -p'*' alias
useradd -g nofiles -d /var/qmail -s /sbin/nologin -p'*' qmaild
useradd -g nofiles -d /var/qmail -s /sbin/nologin -p'*' qmaill
useradd -g nofiles -d /var/qmail -s /sbin/nologin -p'*' qmailp
groupadd qmail
useradd -g qmail -d /var/qmail -s /sbin/nologin -p'*' qmailq
useradd -g qmail -d /var/qmail -s /sbin/nologin -p'*' qmailr
useradd -g qmail -d /var/qmail -s /sbin/nologin -p'*' qmails
groupadd vmail
useradd -g vmail -s /bin/true vmail
mkdir /home/vmail
chown vmail.vmail /home/vmail
chmod 700 /home/vmail
Qmail抱怨:
mkdir -p /var/qmail
mkdir /usr/src/qmail
cd /usr/src/qmail
tar zxvf /downloads/qmail-1.03.tar.gz
cd qmail-1.03
patch -p1 < /downloads/qmail-ldap-1.03-20060201.patch
vi MakefileLDAPFLAGS = -DQLDAP_CLUSTER -DEXTERNAL_TODO -DDASH_EXT -DDATA_COMPRESS -DQMQP_COMPRESS -DSMTPEXECCHECK -DALTQUEUE
#需要使用ZLIB -DDATA_COMPRESS和-DQMQP_COMPRESS
ZLIB = -lz
#启用自动邮件传送功能
MDIRMAKE = -DAUTOMAILDIRMAKE
#启用自动homedir-make功能
HDIRMAKE = -DAUTOHOMEDIRMAKE
#在大多数系统上,我们需要这个来做auth_pop和auth_imap
SHADOWLIBS = -lcrypt
#启用记录和调试imap和pop的可能性
DEBUG = -DDEBUG
make setup check
Qmail配置和ldap控制文件:
cd /var/qmail/control
echo 100 > concurrencyincoming
echo 255 > concurrencyremote
echo ./Maildir/ > defaultdelivery
echo yourdomain.com > defaultdomain
echo 10000 > defaultquotacount
echo 10000000 > defaultquotasize
echo /var/qmail/bin/dirmaker > dirmaker
echo yourdomain.com > defaultdomain
echo dc=yourdomain,dc=com > ldapbasedn
echo 0 > ldapcluster
id -g vmail > ldapgid
echo cn=manager,dc=yourdomain,dc=com > ldaplogin
echo /home/vmail > ldapmessagestore
echo qmailUser > ldapobjectclass
echo secret > ldappassword
echo 127.0.0.1 > ldapserver
id -u vmail > ldapuid
echo mail.yourdomain.com > me
echo 80000000 > qmail-smtpd-softlimit
echo 80000000 > qmail-pop3d-softlimit
echo 3 > qmail-pop3d-loglevel
echo 3 > qmail-start-loglevel
echo yourdomain.com > rcpthosts
ln -s rcpthosts locals
UCSPI-TCP / Daemontools安装:
cd /usr/src/qmail
tar zxvf /downloads/ucspi-tcp-0.88.tar.gz
cd ucspi-tcp-0.88
patch < /downloads/ucspi-tcp-0.88.errno.patch
make && make setup check
mkdir -p /package
chmod 1755 /package
cd /package
tar zxvf /downloads/daemontools-0.76.tar.gz
cd /package/admin/daemontools-0.76/src
patch < /downloads/daemontools-0.76.errno.patch
cd /package/admin/daemontools-0.76
package/install
/command/svscanboot &
chmod 755 /etc/rc.local
vi /etc/rc.local/ command / svscanboot&
退出0
Qmail运行脚本文件:
mkdir /var/qmail/supervise
cd /var/qmail/supervise
mkdir -p qmail-smtpd/log qmail-send/log qmail-pop3d/log
chmod +t qmail-smtpd qmail-send qmail-pop3d
vi qmail-smtpd/run
#!/bin/sh
QUID=`id -u qmaild`
QGID=`id -g qmaild`
MAXD=`head -1 /var/qmail/control/concurrencyincoming`
HOST=`head -1 /var/qmail/control/me`
SOFT=`head -1 /var/qmail/control/qmail-smtpd-softlimit`
CDBF="/etc/tcp.smtp.cdb"
if [ -z "$QUID" -o -z "$QGID" -o -z "$MAXD" -o -z "$HOST" ]; then
echo QUID, QGID, MAXD, or HOST is unset in
echo /var/qmail/supervise/qmail-smtpd/run
exit 1
fi
exec /usr/local/bin/softlimit -m $SOFT \
/usr/local/bin/tcpserver -v \
-H \
-R \
-l $HOST \
-x $CDBF \
-c $MAXD \
-u $QUID \
-g $QGID \
0 \
smtp \
/var/qmail/bin/qmail-smtpd \
/var/qmail/bin/auth_smtp /usr/bin/true 2>&1
vi qmail-smtpd/log/run#!/ bin / sh
export PATH = / var / qmail / bin:/ usr / local / bin:/ usr / bin:/ bin
exec / usr / local / bin / setuidgid qmaill / usr / local / bin / multilog t s10000000 n20 / var / log / qmail / qmail-smtpd 2>&1
vi /var/qmail/rc#!/ bin / sh
QLOG =“`cat / var / qmail / control / qmail-start-loglevel`”
DEFD =“`cat / var / qmail / control / defaultdelivery`”
exec env - PATH =“/ var / qmail / bin:$ PATH”LOGLEVEL =“$ QLOG”qmail-start“$ DEFD”
vi qmail-send/run#!/ bin / sh
exec / var / qmail / rc
vi qmail-send/log/run#!/ bin / sh
exec / usr / local / bin / setuidgid qmaill / usr / local / bin / multilog t s10000000 n20 / var / log / qmail / qmail-send 2>&1
vi qmail-pop3d/run
#!/bin/sh
IP=`head -1 /var/qmail/control/me`
LL=`head -1 /var/qmail/control/qmail-pop3d-loglevel`
SL=`head -1 /var/qmail/control/qmail-pop3d-softlimit`
exec \
env LOGLEVEL=$LL \
softlimit -m $SL \
/usr/local/bin/tcpserver -v -R -H -l 0 0 pop3 \
/var/qmail/bin/qmail-popup $IP \
/var/qmail/bin/tcp-env \
/var/qmail/bin/auth_pop \
/var/qmail/bin/qmail-pop3d Maildir 2>&1
vi qmail-pop3d/log/run#!/ bin / sh
exec / usr / local / bin / setuidgid qmaill / usr / local / bin / multilog t s10000000 n20 / var / log / qmail / qmail-pop3d 2>&1
vi /var/qmail/bin/dirmaker#!/ bin / sh
echo'----------------------------------------------'> > / tmp / dirmaker
日期>> / tmp / dirmaker
echo $ 1 >> / tmp / dirmaker
id >> / tmp / dirmaker
mkdir --parents -m 700 -p $ 1 / Maildir
mkdir --parents -m 700 -p $ 1 / Maildir / tmp
mkdir --parents -m 700 -p $ 1 / Maildir / cur
mkdir --parents -m 700 -p $ 1 / Maildir / new
chown -R vmail:vmail $ 1
chmod 755 qmail-pop3d/run qmail-smtpd/run qmail-send/run
chmod 755 qmail-pop3d/log/run qmail-smtpd/log/run qmail-send/log/run
chmod 755 /var/qmail/rc /var/qmail/bin/dirmaker
vi /etc/tcp.smtp
127.:allow,RELAYCLIENT="",MAXRCPTCOUNT="200"
192.168.:allow,BLOCKRELAYPROBE="",RCPTCHECK="",SENDERCHECK="",AUTHPREPEND="Authenticated user: ",SANITYCHECK="",SMTPAUTH="",LOGLEVEL="3",AUTHREQUIRED="",MAXRCPTCOUNT="100"
:allow,BLOCKRELAYPROBE="",RCPTCHECK="",SANITYCHECK="",RETURNMXCHECK="STRICT",RBL="",REJECTEXEC="",LOGLEVEL="3",TARPITCOUNT="10",TARPITDELAY="10",SMTPAUTH="",MAXRCPTCOUNT="25"
注意: 192.168。 是我的本地ip范围; 要了解更多关于选项的信息,请访问www.nrg4u.com 。
mkdir /var/log/qmail
cd /var/log/qmail
mkdir qmail-send qmail-smtpd qmail-pop3d
chown -R qmaill:root /var/log/qmail
chmod -R 750 /var/log/qmail
cd /var/qmail
cp -p /downloads/qmailctl /var/qmail/bin/.
chmod 755 /var/qmail/bin/qmailctl
ln -s /var/qmail/bin/qmailctl /usr/bin/
qmailctl cdb
/etc/init.d/exim4 stop
dpkg -r exim4
dpkg -P exim4
cd /service/
ln -s /var/qmail/supervise/qmail-* .
OpenLDAP
LDAP表示轻型目录访问协议,简化版本的X500协议。 您将在维基百科上找到更详细的演示文稿。 LDAP是通过网络使某些类型的信息可用的一种方式。 在此设置中,信息是用户登录 - 其密码,用户ID和各种详细信息。
首先,在服务器上安装ldap服务器守护程序(slapd):安装以下软件包:slapd,ldap-utils和db4.8-util。
sudo apt-get install slapd ldap-utils db4.8-util
cp -p /usr/src/qmail/qmail-1.03/qmail.schema /etc/ldap/schema/
现在创建一个tmp配置文件:
vi slapd-tmp.conf
include /etc/ldap/schema/core.schema
include /etc/ldap/schema/cosine.schema
include /etc/ldap/schema/inetorgperson.schema
include /etc/ldap/schema/nis.schema
include /etc/ldap/schema/qmail.schema
pidfile /var/run/slapd/slapd.pid
argsfile /var/run/slapd/slapd.args
moduleload back_hdb
database hdb
suffix "dc=yourdomain,dc=com"
rootdn "cn=manager,dc=yourdomain,dc=com"
rootpw {SSHA}+xDld2OXYtm0NRlJYXL050VGym/sYUn+
index objectClass eq,pres
index ou,cn,mail,surname,givenname eq,pres,sub
index uidNumber,gidNumber,loginShell eq,pres
index uid,memberUid eq,pres,sub
index nisMapName,nisMapEntry eq,pres,sub
记住通过生成新的密码哈希来改变rootpw; 使用命令slappasswd
rm -rf /etc/ldap/slapd.d/*
slaptest -f slapd-tmp.conf -F /etc/ldap/slapd.d (ignore errors)
chown openldap.openldap -R /etc/ldap/slapd.d
chown openldap.openldap -R /var/lib/ldap
/etc/init.d/slapd restart
现在我们来填充一些数据库:
vi yourdomain.ldif
# base dn
dn: dc=yourdomain,dc=com
objectClass: dcObject
objectClass: organization
o: yourdomain
dc: yourdomain
# ou, yourdomain.com
dn: ou=yourdomain.com,dc=yourdomain,dc=com
objectClass: top
objectClass: organizationalUnit
ou: yourdomain.com
vi test.ldif
# test, yourdomain.com
dn: uid=test,ou=yourdomain.com,dc=yourdomain,dc=com
objectClass: top
objectClass: inetOrgPerson
objectClass: qmailUser
cn: Test User
sn:: User
mail: test@yourdomain.com
accountStatus: active
mailMessageStore: yourdomain.com/test
uid: test
mailHost: mail.yourdomain.com
deliveryMode: noforward
userPassword:: e0NSWVBUfUJuZGZpVzJHQkd0enc=
ldapadd -x -D "cn=manager,dc=yourdomain,dc=com" -W -f yourdomain.ldif
ldapadd -x -D "cn=manager,dc=yourdomain,dc=com" -W -f test.ldif
ExpressIMAP
apt-get install courier-authdaemon courier-authlib courier-authlib-userdb courier-base courier-imap expect courier-ldap courier-authlib-ldap
vi /etc/courier/authdaemonrcauthmodulelist =“authldap”
authmodulelistorig =“authldap”
vi /etc/courier/authldaprc
LDAP_URI ldap://mail.yourdomain.com
LDAP_BASEDN dc=yourdomain,dc=com
LDAP_BINDDN cn=manager,dc=yourdomain,dc=com
LDAP_BINDPW secret
LDAP_MAIL uid
LDAP_FILTER (&(objectClass=qmailUser)(accountStatus=active))
LDAP_GLOB_UID vmail
LDAP_GLOB_GID vmail
LDAP_HOMEDIR mailMessageStore
LDAP_MAILROOT /home/vmail
LDAP_DEFAULTDELIVERY defaultDelivery
vi /etc/courier/imapdIMAPDSTART = YES
/etc/init.d/courier-ldap start
/etc/init.d/courier-authdaemon start
/etc/init.d/courier-imap start
