Centos使用Postfix+Dovecot配合Windows Active Directory实现邮件服务器

Postfix:实现邮件smtp功能。

Dovecot:实现为Postfix的认证与提供Pop3/imap的功能。

groupadd vmail

useradd vmail -g vmail

postfix源码下载:

http://mirror.postfix.jp/postfix-release/official/postfix-3.7.2.tar.gz 新版

http://mirror.postfix.jp/postfix-release/official/postfix-2.6.19.tar.gz 老版

安装dovecot:

create /etc/yum.repos.d/dovecot.repo

[dovecot-2.3-latest]
name=Dovecot 2.3 CentOS $releasever - $basearch
baseurl=http://repo.dovecot.org/ce-2.3.17/centos/$releasever/RPMS/$basearch
gpgkey=https://repo.dovecot.org/DOVECOT-REPO-GPG
gpgcheck=1
enabled=1
yum install postgresql-libs
yum install dovecot-mysql
yum install openldap-devel openldap-clients
yum install db4-devel
ln -s /usr/include/libdb4/db.h /usr/include/db.h

make makefiles CCARGS='-DUSE_SASL_AUTH \
-DDEF_SERVER_SASL_TYPE=\"dovecot\" -I/usr/include -DHAS_LDAP' \
AUXLIBS="-L/usr/lib -lldap -L/usr/lib -llber"

make makefiles CCARGS="-DUSE_SASL_AUTH -DUSE_CYRUS_SASL \ -I/usr/local/include/sasl" AUXLIBS="-L/usr/local/lib -lsasl2"

如果报usr/bin/ld: cannot find -lxxx 错误,需要查找相应的库文件,找到对应目录将.so 文件链接到安装目录。

设置postfix参数:

yum install pam-devel

postconf -e myhostname=mail.test.com

postconf -e mydomain=test.com

postconf -e myorigin='$mydomain'

postconf -e mydestination='$myhostname,localhost.$mydomain,localhost'

postconf -e mynetworks=0.0.0.0/0

postconf -e home_mailbox='Maildir/'

#####注释:配置Dovect SASL认证

postconf -e smtpd_sasl_type=dovecot

postconf -e smtpd_sasl_path='/var/run/dovecot/auth-client' (这个地方要注意dovecot.conf中auth client部份的路径,需要保持一至)

######注释:启用SASL认证。

postconf -e smtpd_sasl_auth_enable=yes

postconf -e smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination

postconf -e broken_sasl_auth_clients=yes

######注释:查找LDAP服务器的用户

postconf -e virtual_mailbox_base='/data/vmail' (根据你的用户存放的路径来决定)

postconf -e virtual_mailbox_domains='$mydomain'

postconf -e virtual_mailbox_maps='ldap:/etc/postfix/ldap-users.cf'

//以上这个文件是查询LDAP目录的配置文件。

postconf -e virtual_transport=virtual

postconf -e virtual_uid_maps=static:501 /vmail用户的ID号,可以通过vipw来确认。

postconf -e virtual_gid_maps=static:502 /vmail组的ID号,可以通过less /etc/group来确认。

postconf -e "mailbox_size_limit = 5120000000"   /邮箱总大小
postconf -e "message_size_limit = 2048000000"   /附件消息大小

配置 /etc/postfix/ldap-users.cf

server_host = 10.0.3.3 //AD服务器的IP地址

search_base = dc=test,dc=com //域名

version =3

query_filter = (&(objectclass=person)(|(mail=%s)(othermailbox=%s))(!(userAccountControl=66050)))

bind=yes

bind_dn = vmail@test.com

bind_pw = 123

result_attribute= sAMAccountName

result_format = %s/Maildir/

postmap -q test@test.com ldap:/etc/postfix/ldap-users.cf

注释掉/etc/postfix/main.cf 文件 inet_interfaces = localhost 

配置dovecot.conf

login_trusted_networks = 0.0.0.0/0

listen = *
log_path = /var/log/dovecot.log
mail_location = maildir:/data/vmail/%u/Maildir
protocols = imap pop3
protocol imap {
}

protocol pop3 {
pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
}

protocol managesieve {
}

protocol lda {
auth_socket_path = /var/run/dovecot/auth-master
postmaster_address =  postmaster@test.com
hostname = mail.test.com
}

auth default {
mechanisms = plain login
username_format = %Lu
passdb ldap {
args = /etc/dovecot-ldap.conf
}

userdb static {
args = uid=501 gid=502 home=/data/vmail/%u     /根据vmail用户、组id
}

user = root

socket listen {
master {
path = /var/run/dovecot/auth-master
mode = 0600
}

client {
path = /var/run/dovecot/auth-client
mode = 0660
user = postfix
group = postfix
}
}
}

增加/etc/dovecot-ldap.conf

hosts = 192.168.253.100
dn = vmail@test.com
auth_bind = yes
dnpass = 123
auth_bind_userdn = test\%u
ldap_version = 3
base = dc=test,dc=com
scope = subtree
deref = never
user_filter = (&(objectClass=person)(sAMAccountName=%u))
pass_attrs = (&sAMAccountName=%u)(userPassword=password))
pass_filter = (&objectClass=person)(SAMAccount=%u))
default_pass_scheme = CRYPT


最后,创建/data目录作为邮件目录,修改权限chown -R vmail:root /data。启动两个服务。

Tips:Windows AD域需要为每个用户设置对应的邮件地址才能进行收发服务。

版权声明:本文采用知识共享 署名4.0国际许可协议 [BY-NC-SA] 进行授权
文章名称:《Centos使用Postfix+Dovecot配合Windows Active Directory实现邮件服务器》
文章链接:https://wrlog.cn/2022/12/1309/
本站资源仅供个人学习交流,请于下载后24小时内删除,不允许用于商业用途,否则法律问题自行承担。