注:本文來源於《extmail搭建》
一、背景介紹
ExtMail Solution 是一個基於優秀開源軟件的電子郵件系統解決方案,核心部件包括了Postfix、Amavisd-new、ClamAV、ExtMail、ExtMan、Courier系列軟件。是一個功能相對比較齊全的免費電子郵件系統。本次環境中使用的是CentOS。
二、實戰演練
2.1 操作系統安裝
采用系統光盤進行安裝,然后按照日常安裝步驟依次進行是否校驗介質、安裝界面語言等選項……注意必須安裝MYSQL數據庫。
設置靜態ip
#查看ip信息 [root@localhost ~]# ifconfig ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 192.168.1.100 netmask 255.255.255.0 broadcast 192.168.1.255 inet6 fe80::bb54:1d80:c29:8994 prefixlen 64 scopeid 0x20<link> ether 00:0c:29:b4:d7:9a txqueuelen 1000 (Ethernet) RX packets 565964 bytes 840298037 (801.3 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 88788 bytes 5501690 (5.2 MiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10<host> loop txqueuelen 1 (Local Loopback) RX packets 40 bytes 4556 (4.4 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 40 bytes 4556 (4.4 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 virbr0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500 inet 192.168.122.1 netmask 255.255.255.0 broadcast 192.168.122.255 ether 52:54:00:f5:70:0a txqueuelen 1000 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 #顯示電腦以及操作系統的相關信息 [root@localhost ~]# uname -a Linux localhost.localdomain 3.10.0-693.el7.x86_64 #1 SMP Tue Aug 22 21:09:27 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux #顯示電腦以及操作系統的相關信息 [root@localhost ~]# cat /proc/version Linux version 3.10.0-693.el7.x86_64 (builder@kbuilder.dev.centos.org) (gcc version 4.8.5 20150623 (Red Hat 4.8.5-16) (GCC) ) #1 SMP Tue Aug 22 21:09:27 UTC 2017 #顯示的是發行版本信息 [root@localhost ~]# cat /etc/issue \S Kernel \r on an \m
[root@localhost network-scripts]# clear [root@localhost network-scripts]# ls ifcfg-ens33 ifdown-eth ifdown-isdn ifdown-sit ifup ifup-ib ifup-plip ifup-routes ifup-tunnel network-functions-ipv6 ifcfg-lo ifdown-ib ifdown-post ifdown-Team ifup-aliases ifup-ippp ifup-plusb ifup-sit ifup-wireless ifdown ifdown-ippp ifdown-ppp ifdown-TeamPort ifup-bnep ifup-ipv6 ifup-post ifup-Team init.ipv6-global ifdown-bnep ifdown-ipv6 ifdown-routes ifdown-tunnel ifup-eth ifup-isdn ifup-ppp ifup-TeamPort network-functions [root@localhost network-scripts]# vi ifcfg-ens33 TYPE="Ethernet" PROXY_METHOD="none" BROWSER_ONLY="no" BOOTPROTO="static" DEFROUTE="yes" IPV4_FAILURE_FATAL="no" IPV6INIT="yes" IPV6_AUTOCONF="yes" IPV6_DEFROUTE="yes" IPV6_FAILURE_FATAL="no" IPV6_ADDR_GEN_MODE="stable-privacy" NAME="ens33" UUID="4377cd68-ba42-4378-9d8b-072301cac6f0" DEVICE="ens33" ONBOOT="yes" IPADDR="192.168.1.110" GATEWAY="192.168.1.1" NETWORK=192.168.1.1 ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ "ifcfg-ens33" 18L, 377C written [root@localhost network-scripts]# service network restart Restarting network (via systemctl):Last login: Thu Oct 4 11:24:38 2018 from 192.168.1.107 [root@localhost ~]# ifconfig ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 192.168.1.110 netmask 255.255.255.0 broadcast 192.168.1.255 inet6 fe80::bb54:1d80:c29:8994 prefixlen 64 scopeid 0x20<link> ether 00:0c:29:b4:d7:9a txqueuelen 1000 (Ethernet) RX packets 2452 bytes 174855 (170.7 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 507 bytes 96479 (94.2 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10<host> loop txqueuelen 1 (Local Loopback) RX packets 48 bytes 5244 (5.1 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 48 bytes 5244 (5.1 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 virbr0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500 inet 192.168.122.1 netmask 255.255.255.0 broadcast 192.168.122.255 ether 52:54:00:f5:70:0a txqueuelen 1000 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 [root@localhost ~]# cd /etc/sysconfig/network-scripts/ [root@localhost network-scripts]# ls ifcfg-ens33 ifdown-eth ifdown-isdn ifdown-sit ifup ifup-ib ifup-plip ifup-routes ifup-tunnel network-functions-ipv6 ifcfg-lo ifdown-ib ifdown-post ifdown-Team ifup-aliases ifup-ippp ifup-plusb ifup-sit ifup-wireless ifdown ifdown-ippp ifdown-ppp ifdown-TeamPort ifup-bnep ifup-ipv6 ifup-post ifup-Team init.ipv6-global ifdown-bnep ifdown-ipv6 ifdown-routes ifdown-tunnel ifup-eth ifup-isdn ifup-ppp ifup-TeamPort network-functions [root@localhost network-scripts]# cat ifcfg-ens33 TYPE="Ethernet" PROXY_METHOD="none" BROWSER_ONLY="no" BOOTPROTO="static" DEFROUTE="yes" IPV4_FAILURE_FATAL="no" IPV6INIT="yes" IPV6_AUTOCONF="yes" IPV6_DEFROUTE="yes" IPV6_FAILURE_FATAL="no" IPV6_ADDR_GEN_MODE="stable-privacy" NAME="ens33" UUID="4377cd68-ba42-4378-9d8b-072301cac6f0" DEVICE="ens33" ONBOOT="yes" IPADDR="192.168.1.110" GATEWAY="192.168.1.1" NETWORK=192.168.1.1 [root@localhost network-scripts]#
2.2 制作YUM倉庫
使用EMOS光盤制作本地 yum倉庫,CentOS系統安裝完成之后在/etc/yum.repos.d/下會生成4個配置文件。其中CentOS-Media.repo是本地YUM源的配置文件,可以在該配置文件中把EMOS光盤的路徑進行添加完成本地YUM源的配置。
搭建本地yum
# 安裝 # 3.1本地YUM源 # 3.1.1 ISO源 # 准備rpm包 # 掛載CentOS-7-x86_64-Everything-1511.iso,把里面所有文件都拷貝到本地目錄/yum/yum-iso [root@linuxidc.com ~]# mkdir /mnt/yum-iso [root@linuxidc.com ~]# mount /dev/cdrom /mnt/yum-iso/ mount: /dev/sr0 is write-protected, mounting read-only [root@linuxidc.com ~]# mkdir /yum/ [root@linuxidc.com ~]# cp -a /mnt/yum-iso/ /yum/ [root@linuxidc.com ~]# ll /yum/ total 4 dr-xr-xr-x. 8 root root 4096 Dec 10 2015 yum-iso [root@linuxidc.com ~]# ll /yum/yum-iso/ total 640 -r--r--r--. 1 root root 14 Dec 10 2015 CentOS_BuildTag dr-xr-xr-x. 3 root root 33 Dec 10 2015 EFI -r--r--r--. 1 root root 215 Dec 10 2015 EULA -r--r--r--. 1 root root 18009 Dec 10 2015 GPL dr-xr-xr-x. 3 root root 69 Dec 10 2015 images dr-xr-xr-x. 2 root root 4096 Dec 10 2015 isolinux dr-xr-xr-x. 2 root root 41 Dec 10 2015 LiveOS dr-xr-xr-x. 2 root root 483328 Dec 10 2015 Packages dr-xr-xr-x. 2 root root 4096 Dec 10 2015 repodata -r--r--r--. 1 root root 1690 Dec 10 2015 RPM-GPG-KEY-CentOS-7 -r--r--r--. 1 root root 1690 Dec 10 2015 RPM-GPG-KEY-CentOS-Testing-7 -r--r--r--. 1 root root 2883 Dec 10 2015 TRANS.TBL [root@linuxidc.com ~]# # 備份、移除其他repo [root@linuxidc.com ~]# cd /etc/yum.repos.d/ [root@linuxidc.com yum.repos.d]# ll -rw-r--r--. 1 root root 1664 Dec 9 2015 CentOS-Base.repo -rw-r--r--. 1 root root 1309 Dec 9 2015 CentOS-CR.repo -rw-r--r--. 1 root root 649 Dec 9 2015 CentOS-Debuginfo.repo -rw-r--r--. 1 root root 290 Dec 9 2015 CentOS-fasttrack.repo -rw-r--r--. 1 root root 630 Dec 9 2015 CentOS-Media.repo -rw-r--r--. 1 root root 1331 Dec 9 2015 CentOS-Sources.repo -rw-r--r--. 1 root root 1952 Dec 9 2015 CentOS-Vault.repo [root@linuxidc.com yum.repos.d]# tar zcvf repo-bk.tar.gz CentOS-* CentOS-Base.repo CentOS-CR.repo CentOS-Debuginfo.repo CentOS-fasttrack.repo CentOS-Media.repo CentOS-Sources.repo CentOS-Vault.repo [root@linuxidc.com yum.repos.d]# rm -f CentOS-Base.repo CentOS-CR.repo CentOS-Debuginfo.repo CentOS-fasttrack.repo CentOS-Sources.repo CentOS-Vault.repo # 配置本地repo [root@linuxidc.com yum.repos.d]# vi CentOS-Media.repo # 填入如下內容 [c7-media] name=CentOS-$releasever - Media baseurl=file:///yum/yum-iso/ gpgcheck=0 enabled=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 # 注釋:配置repo路徑、關閉gbp校驗、啟用這個repo # 制作cache [root@linuxidc.com yum.repos.d]# yum clean all Loaded plugins: fastestmirror Cleaning repos: c7-media Cleaning up everything Cleaning up list of fastest mirrors [root@linuxidc.com yum.repos.d]# yum makecache Loaded plugins: fastestmirror c7-media | 3.6 kB 00:00:00 (1/4): c7-media/group_gz | 155 kB 00:00:00 (2/4): c7-media/primary_db | 5.3 MB 00:00:00 (3/4): c7-media/filelists_db | 6.2 MB 00:00:00 (4/4): c7-media/other_db | 2.3 MB 00:00:00 Determining fastest mirrors Metadata Cache Created [root@linuxidc.com yum.repos.d]# # 這樣就可以使用yum安裝軟件啦 [root@linuxidc.com yum.repos.d]# yum groupinstall "Development tools" Loaded plugins: fastestmirror There is no installed groups file. Maybe run: yum groups mark convert (see man yum) Loading mirror speeds from cached hostfile Resolving Dependencies --> Running transaction check ---> Package autoconf.noarch 0:2.69-11.el7 will be installed --> Processing Dependency: perl >= 5.006 for package: autoconf-2.69-11.el7.noarch --> Processing Dependency: m4 >= 1.4.14 for package: autoconf-2.69-11.el7.noarch --> Processing Dependency: perl(warnings) for package: autoconf-2.69-11.el7.noarch # 或者 [root@linuxidc.com yum.repos.d]# yum install tree Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile Resolving Dependencies --> Running transaction check ---> Package tree.x86_64 0:1.6.0-10.el7 will be installed --> Finished Dependency Resolution # 3.1.2 自定義YUM源 [root@linuxidc.com yum.repos.d]# yum -y install createrepo # 准備rpm包 # (需要自己確定依賴包)、目錄。這里使用tree做演示。 [root@linuxidc.com ~]# mkdir -p /yum/yum-custom/packages [root@linuxidc.com ~]# cp tree-1.6.0-10.el7.x86_64.rpm /yum/yum-custom/packages/ # 創建repo [root@linuxidc.com ~]# createrepo -u -d /yum/yum-custom/ Spawning worker 0 with 1 pkgs Spawning worker 1 with 0 pkgs Workers Finished Saving Primary metadata Saving file lists metadata Saving other metadata Generating sqlite DBs Sqlite DBs complete [root@linuxidc.com ~]# ll /yum/yum-custom/ total 4 drwxr-xr-x. 2 root root 41 Dec 20 07:03 packages drwxr-xr-x. 2 root root 4096 Dec 20 07:08 repodata [root@linuxidc.com ~]# # 配置自定義repo [root@linuxidc.com ~]# vi /etc/yum.repos.d/CentOS-Media.repo # 填入如下內容 [c7-media] name=CentOS-$releasever - Media baseurl=file:///yum/yum-custom/ gpgcheck=0 enabled=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 # 制作cache [root@linuxidc.com ~]# yum clean all Loaded plugins: fastestmirror Cleaning repos: c7-media Cleaning up everything Cleaning up list of fastest mirrors [root@linuxidc.com ~]# [root@linuxidc.com ~]# yum makecache Loaded plugins: fastestmirror c7-media | 3.0 kB 00:00:00 (1/3): c7-media/filelists_db | 880 B 00:00:00 (2/3): c7-media/primary_db | 1.8 kB 00:00:00 (3/3): c7-media/other_db | 1.3 kB 00:00:00 Determining fastest mirrors Metadata Cache Created [root@linuxidc.com ~]# # 使用自定義repo [root@linuxidc.com ~]# yum install tree Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile Resolving Dependencies --> Running transaction check ---> Package tree.x86_64 0:1.6.0-10.el7 will be installed --> Finished Dependency Resolution # 3.2 局域網YUM源 # 局域網YUM源可以配成:本地YUM源 + FTP服務器 # 這里使用自定義源yum-custom(見上面) + VSFTP演示。 # 下載vsftpd [root@linuxidc.com ~]# yum -y install vsftpd # 配置vsftpd # 編輯vsftp.conf [root@linuxidc.com ~]# vi /etc/vsftpd/vsftpd.conf # 並增加匿名用戶root目錄(默認已經啟用匿名訪問) anon_root=/yum/ # 注意目錄權限如下 [root@linuxidc.com ~]# ll -a /yum/ total 8 drwxr-xr-x. 4 root root 37 Dec 20 07:37 . dr-xr-xr-x. 18 root root 4096 Dec 20 06:32 .. drwxr-xr-x. 4 root root 36 Dec 20 07:08 yum-custom dr-xr-xr-x. 8 root root 4096 Dec 10 2015 yum-iso # 關閉selinux # 臨時 [root@linuxidc.com ~]# setenforce 0 # 或者,永久: # 編輯config [root@linuxidc.com ~]# vi /etc/selinux/config # 設置 SELINUX=disabled # 重啟 [root@linuxidc.com ~]# reboot # 啟用vsftp [root@linuxidc.com ~]# systemctl start vsftpd [root@linuxidc.com ~]# systemctl enable vsftpd Created symlink from /etc/systemd/system/multi-user.target.wants/vsftpd.service to /usr/lib/systemd/system/vsftpd.service. [root@linuxidc.com ~]# # 局域網使用 # 局域網另外一台機器min-client, # 配置repo # 編輯repo [root@min-client ~]# vim /etc/yum.repos.d/CentOS-Media.repo # 內容如下 [c7-media] name=CentOS-$releasever - Media baseurl=ftp://192.168.118.133/yum-custom gpgcheck=0 enabled=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 # 其中192.168.118.133為上面vsftp服務器地址 # 啟用這個局域網的repo [root@min-client ~]# yum clean all Loaded plugins: fastestmirror Cleaning repos: c7-media Cleaning up everything [root@min-client ~]# yum makecache Loaded plugins: fastestmirror c7-media | 3.0 kB 00:00 (1/3): c7-media/filelists_db | 880 B 00:00 (2/3): c7-media/other_db | 1.3 kB 00:00 (3/3): c7-media/primary_db | 1.8 kB 00:00 Determining fastest mirrors Metadata Cache Created [root@min-client ~]# # 使用 [root@linuxidc.com ~]# yum -y install tree Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile Resolving Dependencies --> Running transaction check ---> Package tree.x86_64 0:1.6.0-10.el7 will be installed --> Finished Dependency Resolution # # 目前差不多這些就夠用了。以后有時間把163的YUM源爬下來,當本地源用。 # 安裝 # 3.1本地YUM源 # 3.1.1 ISO源 # 准備rpm包 # 掛載CentOS-7-x86_64-Everything-1511.iso,把里面所有文件都拷貝到本地目錄/yum/yum-iso [root@linuxidc.com ~]# mkdir /mnt/yum-iso [root@linuxidc.com ~]# mount /dev/cdrom /mnt/yum-iso/ mount: /dev/sr0 is write-protected, mounting read-only [root@linuxidc.com ~]# mkdir /yum/ [root@linuxidc.com ~]# cp -a /mnt/yum-iso/ /yum/ [root@linuxidc.com ~]# ll /yum/ total 4 dr-xr-xr-x. 8 root root 4096 Dec 10 2015 yum-iso [root@linuxidc.com ~]# ll /yum/yum-iso/ total 640 -r--r--r--. 1 root root 14 Dec 10 2015 CentOS_BuildTag dr-xr-xr-x. 3 root root 33 Dec 10 2015 EFI -r--r--r--. 1 root root 215 Dec 10 2015 EULA -r--r--r--. 1 root root 18009 Dec 10 2015 GPL dr-xr-xr-x. 3 root root 69 Dec 10 2015 images dr-xr-xr-x. 2 root root 4096 Dec 10 2015 isolinux dr-xr-xr-x. 2 root root 41 Dec 10 2015 LiveOS dr-xr-xr-x. 2 root root 483328 Dec 10 2015 Packages dr-xr-xr-x. 2 root root 4096 Dec 10 2015 repodata -r--r--r--. 1 root root 1690 Dec 10 2015 RPM-GPG-KEY-CentOS-7 -r--r--r--. 1 root root 1690 Dec 10 2015 RPM-GPG-KEY-CentOS-Testing-7 -r--r--r--. 1 root root 2883 Dec 10 2015 TRANS.TBL [root@linuxidc.com ~]# # 備份、移除其他repo [root@linuxidc.com ~]# cd /etc/yum.repos.d/ [root@linuxidc.com yum.repos.d]# ll -rw-r--r--. 1 root root 1664 Dec 9 2015 CentOS-Base.repo -rw-r--r--. 1 root root 1309 Dec 9 2015 CentOS-CR.repo -rw-r--r--. 1 root root 649 Dec 9 2015 CentOS-Debuginfo.repo -rw-r--r--. 1 root root 290 Dec 9 2015 CentOS-fasttrack.repo -rw-r--r--. 1 root root 630 Dec 9 2015 CentOS-Media.repo -rw-r--r--. 1 root root 1331 Dec 9 2015 CentOS-Sources.repo -rw-r--r--. 1 root root 1952 Dec 9 2015 CentOS-Vault.repo [root@linuxidc.com yum.repos.d]# tar zcvf repo-bk.tar.gz CentOS-* CentOS-Base.repo CentOS-CR.repo CentOS-Debuginfo.repo CentOS-fasttrack.repo CentOS-Media.repo CentOS-Sources.repo CentOS-Vault.repo [root@linuxidc.com yum.repos.d]# rm -f CentOS-Base.repo CentOS-CR.repo CentOS-Debuginfo.repo CentOS-fasttrack.repo CentOS-Sources.repo CentOS-Vault.repo # 配置本地repo [root@linuxidc.com yum.repos.d]# vi CentOS-Media.repo # 填入如下內容 [c7-media] name=CentOS-$releasever - Media baseurl=file:///yum/yum-iso/ gpgcheck=0 enabled=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 # 注釋:配置repo路徑、關閉gbp校驗、啟用這個repo # 制作cache [root@linuxidc.com yum.repos.d]# yum clean all Loaded plugins: fastestmirror Cleaning repos: c7-media Cleaning up everything Cleaning up list of fastest mirrors [root@linuxidc.com yum.repos.d]# yum makecache Loaded plugins: fastestmirror c7-media | 3.6 kB 00:00:00 (1/4): c7-media/group_gz | 155 kB 00:00:00 (2/4): c7-media/primary_db | 5.3 MB 00:00:00 (3/4): c7-media/filelists_db | 6.2 MB 00:00:00 (4/4): c7-media/other_db | 2.3 MB 00:00:00 Determining fastest mirrors Metadata Cache Created [root@linuxidc.com yum.repos.d]# # 這樣就可以使用yum安裝軟件啦 [root@linuxidc.com yum.repos.d]# yum groupinstall "Development tools" Loaded plugins: fastestmirror There is no installed groups file. Maybe run: yum groups mark convert (see man yum) Loading mirror speeds from cached hostfile Resolving Dependencies --> Running transaction check ---> Package autoconf.noarch 0:2.69-11.el7 will be installed --> Processing Dependency: perl >= 5.006 for package: autoconf-2.69-11.el7.noarch --> Processing Dependency: m4 >= 1.4.14 for package: autoconf-2.69-11.el7.noarch --> Processing Dependency: perl(warnings) for package: autoconf-2.69-11.el7.noarch # 或者 [root@linuxidc.com yum.repos.d]# yum install tree Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile Resolving Dependencies --> Running transaction check ---> Package tree.x86_64 0:1.6.0-10.el7 will be installed --> Finished Dependency Resolution # 3.1.2 自定義YUM源 [root@linuxidc.com yum.repos.d]# yum -y install createrepo # 准備rpm包 # (需要自己確定依賴包)、目錄。這里使用tree做演示。 [root@linuxidc.com ~]# mkdir -p /yum/yum-custom/packages [root@linuxidc.com ~]# cp tree-1.6.0-10.el7.x86_64.rpm /yum/yum-custom/packages/ # 創建repo [root@linuxidc.com ~]# createrepo -u -d /yum/yum-custom/ Spawning worker 0 with 1 pkgs Spawning worker 1 with 0 pkgs Workers Finished Saving Primary metadata Saving file lists metadata Saving other metadata Generating sqlite DBs Sqlite DBs complete [root@linuxidc.com ~]# ll /yum/yum-custom/ total 4 drwxr-xr-x. 2 root root 41 Dec 20 07:03 packages drwxr-xr-x. 2 root root 4096 Dec 20 07:08 repodata [root@linuxidc.com ~]# # 配置自定義repo [root@linuxidc.com ~]# vi /etc/yum.repos.d/CentOS-Media.repo # 填入如下內容 [c7-media] name=CentOS-$releasever - Media baseurl=file:///yum/yum-custom/ gpgcheck=0 enabled=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 # 制作cache [root@linuxidc.com ~]# yum clean all Loaded plugins: fastestmirror Cleaning repos: c7-media Cleaning up everything Cleaning up list of fastest mirrors [root@linuxidc.com ~]# [root@linuxidc.com ~]# yum makecache Loaded plugins: fastestmirror c7-media | 3.0 kB 00:00:00 (1/3): c7-media/filelists_db | 880 B 00:00:00 (2/3): c7-media/primary_db | 1.8 kB 00:00:00 (3/3): c7-media/other_db | 1.3 kB 00:00:00 Determining fastest mirrors Metadata Cache Created [root@linuxidc.com ~]# # 使用自定義repo [root@linuxidc.com ~]# yum install tree Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile Resolving Dependencies --> Running transaction check ---> Package tree.x86_64 0:1.6.0-10.el7 will be installed --> Finished Dependency Resolution # 3.2 局域網YUM源 # 局域網YUM源可以配成:本地YUM源 + FTP服務器 # 這里使用自定義源yum-custom(見上面) + VSFTP演示。 # 下載vsftpd [root@linuxidc.com ~]# yum -y install vsftpd # 配置vsftpd # 編輯vsftp.conf [root@linuxidc.com ~]# vi /etc/vsftpd/vsftpd.conf # 並增加匿名用戶root目錄(默認已經啟用匿名訪問) anon_root=/yum/ # 注意目錄權限如下 [root@linuxidc.com ~]# ll -a /yum/ total 8 drwxr-xr-x. 4 root root 37 Dec 20 07:37 . dr-xr-xr-x. 18 root root 4096 Dec 20 06:32 .. drwxr-xr-x. 4 root root 36 Dec 20 07:08 yum-custom dr-xr-xr-x. 8 root root 4096 Dec 10 2015 yum-iso # 關閉selinux # 臨時 [root@linuxidc.com ~]# setenforce 0 # 或者,永久: # 編輯config [root@linuxidc.com ~]# vi /etc/selinux/config # 設置 SELINUX=disabled # 重啟 [root@linuxidc.com ~]# reboot # 啟用vsftp [root@linuxidc.com ~]# systemctl start vsftpd [root@linuxidc.com ~]# systemctl enable vsftpd Created symlink from /etc/systemd/system/multi-user.target.wants/vsftpd.service to /usr/lib/systemd/system/vsftpd.service. [root@linuxidc.com ~]# # 局域網使用 # 局域網另外一台機器min-client, # 配置repo # 編輯repo [root@min-client ~]# vim /etc/yum.repos.d/CentOS-Media.repo # 內容如下 [c7-media] name=CentOS-$releasever - Media baseurl=ftp://192.168.118.133/yum-custom gpgcheck=0 enabled=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 # 其中192.168.118.133為上面vsftp服務器地址 # 啟用這個局域網的repo [root@min-client ~]# yum clean all Loaded plugins: fastestmirror Cleaning repos: c7-media Cleaning up everything [root@min-client ~]# yum makecache Loaded plugins: fastestmirror c7-media | 3.0 kB 00:00 (1/3): c7-media/filelists_db | 880 B 00:00 (2/3): c7-media/other_db | 1.3 kB 00:00 (3/3): c7-media/primary_db | 1.8 kB 00:00 Determining fastest mirrors Metadata Cache Created [root@min-client ~]# # 使用 [root@linuxidc.com ~]# yum -y install tree Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile Resolving Dependencies --> Running transaction check ---> Package tree.x86_64 0:1.6.0-10.el7 will be installed --> Finished Dependency Resolution # # 目前差不多這些就夠用了。以后有時間把163的YUM源爬下來,當本地源用。
linux下yum命令出現Loaded plugins: fastestmirror
# yum install的時候提示:Loaded plugins: fastestmirrorfastestmirror是yum的一個加速插件,這里是插件提示信息是插件不能用了。不能用就先別用唄,禁用掉,先yum了再說。1.修改插件的配置文件# vi /etc/yum/pluginconf.d/fastestmirror.conf enabled = 1//由1改為0,禁用該插件 ............................... #2.修改yum的配置文件 # vi /etc/yum.conf ........................ .plugins=1//改為0,不使用插件 ........................
2.3 配置MTA-postfix
2.3.1安裝postfix
# yum install postfix
# rpm -e sendmail
2.3.2配置postfix
# postconf -n > /etc/postfix/main2.cf
# mv /etc/postfix/main.cf/etc/postfix/main.cf.old
# mv /etc/postfix/main2.cf/etc/postfix/main.cf
# vi /etc/postfix/main.cf(編輯main.cf文件,將文件中標紅的字體替換成自己的域名)
增加如下內容,最后保存退出:
# hostname
mynetworks = 127.0.0.1
myhostname = (mail.extmail.orgàmail.test.com)
mydestination = $mynetworks $myhostname
# banner
mail_name = Postfix - by (extmail.orgàtest.com)
smtpd_banner = $myhostname ESMTP $mail_name
# response immediately
smtpd_error_sleep_time = 0s
# Message and return code control
message_size_limit = 5242880
mailbox_size_limit = 5242880
show_user_unknown_table_name = no
# Queue lifetime control
bounce_queue_lifetime = 1d
maximal_queue_lifetime = 1d
設置postfix啟動及開機自啟:
#service postfix restart
#chkconfig postfix on
2.4 配置Courier-Authlib
2.4.1安裝Courier-Authlib
# yum install courier-authlib
# yum install courier-authlib-mysql
2.4.2配置Courier-Authlib
# vi /etc/authlib/authmysqlrc
並將其內容清空,然后增加如下內容,最后保存退出:
MYSQL_SERVER localhost
MYSQL_USERNAME extmail
MYSQL_PASSWORD extmail
MYSQL_SOCKET /var/lib/mysql/mysql.sock
MYSQL_PORT 3306
MYSQL_OPT 0
MYSQL_DATABASE extmail
MYSQL_USER_TABLE mailbox
MYSQL_CRYPT_PWFIELD password
MYSQL_UID_FIELD uidnumber
MYSQL_GID_FIELD gidnumber
MYSQL_LOGIN_FIELD username
MYSQL_HOME_FIELD homedir
MYSQL_NAME_FIELD name
MYSQL_MAILDIR_FIELD maildir
MYSQL_QUOTA_FIELD quota
MYSQL_SELECT_CLAUSE SELECTusername,password,"",uidnumber,gidnumber,\
CONCAT('/home/domains/',homedir), \
CONCAT('/home/domains/',maildir), \
quota, \ name \
FROM mailbox \
WHERE username ='$(local_part)@$(domain)'
# vi /etc/authlib/authdaemonrc
修改如下內容:
authmodulelist="authmysql"
authmodulelistorig="authmysql"
啟動courier-authlib:
# service courier-authlib start
如一切正常,命令行將返回如下信息:
Starting Courier authentication services:authdaemond
修改authdaemon socket目錄權限,如果該目錄權限不正確修改,maildrop及postfix等將無法正確獲取用戶的信息及密碼認證:
# chmod 755 /var/spool/authdaemon/
2.5 配置Maildrop
2.5.1安裝Maildrop
# yum install maildrop
2.5.2配置Maildrop
配置master.cf 為了使Postfix支持Maildrop,必須修改/etc/postfix/master.cf文件,注釋掉maildrop中和圖例1結構類似的配置內容,將該語句添加到maildrop配置文件中,注意:flags前面有“兩個空格”。
配置main.cf,由於maildrop不支持一次接收多個收件人,因此必須在main.cf里增加如下參數:
maildrop_destination_recipient_limit = 1
2.5.3測試maildrop對authlib支持
# maildrop –v
看是否出現以下內容:
maildrop 2.1.0 Copyright 1998-2005 DoublePrecision, Inc.
GDBM/DB extensions enabled.
Courier Authentication Library extensionenabled.
Maildir quota extension enabled.
This program is distributed under the termsof the GNU General Public
License. See COPYING for additionalinformation.
注意事項:
1、如需重新編譯Maildrop軟件包,必須先獲得其源碼rpm包,並且必須先行安裝courier-authlib及其devel軟件包,否則編譯后的maildrop將無法打開authlib支持。
2、maildrop RPM包安裝時,會自動創建vuser用戶及vgroup用戶組,專門用於郵件的存儲,vuser:vgroup的uid/gid都是1000,這與一般的郵件文檔中提及用postfix用戶存郵件不一樣。因為postfix用戶的uid一般都低於500,而Suexec模塊編譯時對UID/GID的要求是要大於500,因此使用postfix用戶不能滿足要求。其次,如果用Maildrop作為投遞代理(MDA),以postfix身份投遞的話,會導致postfix MTA錯誤。
2.6 配置Apache
# vi /etc/httpd/conf/httpd.conf
在最后一行加上:
NameVirtualHost *:80
Include conf/vhost_*.conf
# vi /etc/httpd/conf/vhost_extmail.conf
里面定義虛擬主機的相關內容(將文件中標紅的字體替換成自己的域名):
# VirtualHost for ExtMail Solution
<VirtualHost *:80>
ServerName (mail.extmail.orgàmail.test.com)
DocumentRoot/var/www/extsuite/extmail/html/
ScriptAlias /extmail/cgi//var/www/extsuite/extmail/cgi/
Alias /extmail/var/www/extsuite/extmail/html/
ScriptAlias /extman/cgi//var/www/extsuite/extman/cgi/
Alias /extman /var/www/extsuite/extman/html/
# Suexec config
SuexecUserGroup vuser vgroup
</VirtualHost>
設置apache重啟及開機自啟
#service httpd restart
# chkconfig httpd on
2.7 配置Webmail-ExtMail
2.7.1安裝ExtMail
# yum install extsuite-webmail
2.7.2編輯webmail.cf
# cd /var/www/extsuite/extmail
# cp webmail.cf.default webmail.cf
# vi webmail.cf
主要變動的內容見下:
SYS_MYSQL_USER = extmail
SYS_MYSQL_PASS = extmail
SYS_MYSQL_DB = extmail
更新cgi目錄權限由於SuEXEC的需要,必須將extmail的cgi目錄修改成vuser:vgroup權限:
# chown -R vuser:vgroup/var/www/extsuite/extmail/cgi/
2.8 配置管理后台-ExtMan
2.8.1yum安裝ExtMan
# yum install extsuite-webman
更新cgi目錄權限由於SuEXEC的需要,必須將extman的cgi目錄修改成vuser:vgroup權限:
# chown -R vuser:vgroup/var/www/extsuite/extman/cgi/
鏈接基本庫到Extmail
# mkdir /tmp/extman
# chown -R vuser:vgroup /tmp/extman
2.8.2數據庫初始化
啟動Mysql且開機自啟動
# service mysqld start
# chkconfig mysqld on
導入mysql數據庫結構及初始化數據,root密碼默認為空
# mysql -u root -p </var/www/extsuite/extman/docs/extmail.sql
# mysql -u root -p </var/www/extsuite/extman/docs/init.sql
備注1:上述導入初始化SQL時,默認的uidnumber/gidnumber都是1000,這和vuser:vgroup 的uid/gid一致,是因為maildrop投遞時會從數據庫里取uidnumber/gidnumber,而在master.cf里已經定義好了投遞時的運行身份(vuser:vgroup),所以這兩個字段的內容必須為1000,否則將出現投遞錯誤,例如報0x06等錯誤。
注意:由於公網上的文檔資料是以mail.extmail.org為域名,所以需要將數據庫中的所有extmail.org替換成自己本地的域名(test.com),可以用linux下的Vi編輯器打開數據庫文件,該文件的位置是/var/www/extsuite/extman/docs。然后依次打開init.sql和extmail.sql將所有的extmail.org替換成test.com。如圖例2所示已經替換完成。最后使用update命令將數據庫extmail中的所有表數據記錄均完成extmail.org到test.com的替換。
2.8.3設置虛擬域和虛擬用戶的配置文件
# cd /var/www/extsuite/extman/docs
# cp mysql_virtual_alias_maps.cf/etc/postfix/
# cp mysql_virtual_domains_maps.cf/etc/postfix/
# cp mysql_virtual_mailbox_maps.cf/etc/postfix/
# cp mysql_virtual_sender_maps.cf/etc/postfix/
# vi /etc/postfix/main.cf
增加以下內容:
# extmail config here
virtual_alias_maps =mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_mailbox_domains =mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_maps =mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_transport = maildrop:
# service postfix restart
2.8.4測試authlib
# cd /var/www/extsuite/extman/tools
# ./maildirmake.pl/home/domains/extmail.org/postmaster/Maildir
# chown -R vuser:vgroup/home/domains/extmail.org
# /usr/sbin/authtest -s login postmaster@(extmail.org-->test.com) extmail
結果如下:
Authentication succeeded.
Authenticated: postmaster@test.com (uid 1000, gid 1000)
Home Directory: /home/domains/test.com/postmaster
Maildir: /home/domains/test.com/postmaster/Maildir/
Quota: 104857600S
Encrypted Password:$1$phz1mRrj$3ok6BjeaoJYWDBsEPZb5C0
Cleartext Password: extmail
Options: (none)
這樣表明ExtMan的正確安裝,數據庫也正確導入,courier-authlib能正確連接到mysql數據庫
最后訪問http://mail.test.com/extmail/,如無意外,將看到webmail的登陸頁,不過此時還沒有加正式的用戶,所以不能登陸,包括postmaster@test.com也不行。必須要登陸到http://mail.test.com/extman/ 里增加一個新帳戶才能登陸。
ExtMan的默認超級管理員帳戶:root@test.com,初始密碼:extmail*123*,登陸成功后,建議將密碼修改,以確保安全。
2.8.5配置圖形化日志
啟動mailgraph_ext
# /usr/local/mailgraph_ext/mailgraph-initstart
啟動cmdserver(在后台顯示系統信息)
# /var/www/extsuite/extman/daemon/cmdserver–daemon
加入開機自啟動:
# echo"/usr/local/mailgraph_ext/mailgraph-init start" >>/etc/rc.d/rc.local
# echo"/var/www/extsuite/extman/daemon/cmdserver -v -d" >>/etc/rc.d/rc.local
用方法:等待大約15分鍾左右,如果郵件系統有一定的流量,即可登陸到extman里,點“圖形日志”即可看到圖形化的日志。具體每天,周,月,年的則點擊相應的圖片進入即可。
添加定時任務:
# crontab –e
2.9 配置Cyrus-SASL
2.9.1安裝cyrus-sasl
刪除系統的cyrus-sasl:
# rpm -e cyrus-sasl –nodeps
安裝新的支持authdaemon的軟件包
# yum install cyrus-sasl
2.9.2配置main.cf文件
Postfix的SMTP認證需要透過Cyrus-SASL,連接到authdaemon獲取認證信息。
# vi /etc/postfix/main.cf
增加如下內容:
# smtpd related config
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_non_fqdn_hostname,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unauth_destination,
reject_unauth_pipelining,
reject_invalid_hostname,
# SMTP sender login matching config
smtpd_sender_restrictions =
permit_mynetworks,
reject_sender_login_mismatch,
reject_authenticated_sender_login_mismatch,
reject_unauthenticated_sender_login_mismatch
smtpd_sender_login_maps =
mysql:/etc/postfix/mysql_virtual_sender_maps.cf,
mysql:/etc/postfix/mysql_virtual_alias_maps.cf
# SMTP AUTH config here
broken_sasl_auth_clients = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_security_options = noanonymous
2.9.3編輯smtpd.conf文件
# vi /usr/lib/sasl2/smtpd.conf
確保其內容為:
pwcheck_method: authdaemond
log_level: 3
mech_list: PLAIN LOGIN
authdaemond_path:/var/spool/authdaemon/socket
重新啟動postfix:
# service postfix start
2.9.4測試SMTP認證
通過以下命令獲得postmaster@test.com的用戶名及密碼的BASE64編碼:
# perl -e 'use MIME::Base64; print encode_base64("postmaster\@test.com")'
內容如下結構:
cG9zdG1hc3RlckBleHRtYWlsLm9yZw==
# perl -e 'use MIME::Base64; printencode_base64("extmail")'
內容如下結構:
ZXh0bWFpbA==
# telnet localhost 25(需要本機安裝telnet軟件包)
過程如下:
Trying 127.0.0.1...
Connected to localhost.localdomain(127.0.0.1).
Escape character is '^]'.
220 mail.test.com ESMTP Postfix - by test.com
ehlo demo.domain.tld << 輸入內容
250-mail.test.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
auth login << 輸入內容
334 VXNlcm5hbWU6
cG9zdG1hc3RlckBleHRtYWlsLm9yZw== << 輸入內容(通過per命令獲取的用戶名)
334 UGFzc3dvcmQ6
ZXh0bWFpbA== << 輸入內容(通過per命令獲取的用戶名密碼)
235 2.0.0 Authentication successful
quit << 輸入內容
221 2.0.0 Bye
最后出現235 Authentication Successful 表明認證成功了。
2.10 配置Courier-IMAP
2.10.1安裝Courier-imap
默認的courier-authlib及courier-imap都會增加系統自啟動設置,因此下一次服務器啟動將自動啟動相應的authlib及POP3服務
# yum install courier-imap
由於Courier-imap的IMAP目錄是按UTF-7編碼的,ExtMail目前還沒有正式支持IMAP目錄,因此需要屏蔽IMAP,只提供pop3服務。
# vi /usr/lib/courier-imap/etc/imapd
修改內容如下:
IMAPDSTART=NO
# vi /usr/lib/courier-imap/etc/imapd-ssl
修改內容如下:
IMAPDSSLSTART=NO
然后重新啟動courier-imap:
# service courier-imap start
2.10.2測試POP3工作是否正常
測試POP3 請按如下步驟輸入pop3命令測試其是否正常工作,注意藍色的信息是我們輸入到POP3服務器的(請首先登錄extman自行建立test@test.com用戶,密碼:123qaz!)
# telnet localhost 110
其過程如下:
Trying 127.0.0.1...
Connected to localhost.localdomain(127.0.0.1).
Escape character is '^]'.
+OK Hello there.
user test@test.com << 輸入內容
+OK Password required.
pass 123qaz! << 輸入內容
+OK logged in.
list << 輸入內容
+OK POP3 clients that break here, theyviolate STD53.
.
quit << 輸入內容
+OK Bye-bye.
Connection closed by foreign host.
出現以上內容說明配置正確。
三、注意事項
以上手冊內容的結構體系引自http://wiki.extmail.org/extmail_solution_for_centos-5,但由於官網編寫較粗略,其中個別細節問題需要注意。
-
在2.9.4測試SMTP認證時會出現錯誤,通過查看錯誤信息/var/log/messages,執行#cp -f /usr/lib/sasl2/smtpd.conf /usr/lib64/sasl2/ #/etc/init.d/saslauthd restart完成以上兩步操作之后就可以成功通過SMTP測試。
-
在2.10.2測試POP3工作是否正常之前需要提前在mail.test.com/extman后台管理端添加用戶,否則會出現錯誤。