AWS Ubuntu 16.04搭建邮件服务器(Postfix+
最近想给我们的iplaystudio搭建一个邮件服务器,选择的方案是经典的Postfix+Dovecot+Mysql,在此记录一下本次实践的过程,以供以后参考。在实践过程中,我主要参考了简书YusenMeng的从零开始邮件服务器搭建和CSDN上的Ubuntu之邮件服务器(Postfix, Dovecot, MySql)这两篇博文,名词解释很详细,过程也很细致,在此感谢大神们的无私分享,给了我们后来人很大的帮助。
一开始我在阿里云服务器上进行搭建后,发现可以在自己的域内收发邮件以及接收外域的邮件,但是无法向外域发送邮件,捣鼓了半天才知道阿里封锁了对外25端口,最终我不得不转移AWS上进行操作,建议如果有向外域发送邮件的需求的话,最好选择AWS作为邮件服务器。
下面进入正题
开放端口
设置AWS的安全组,开放邮件服务的相关端口
如下图
SMTP——25
SMTPS——465、587
POP3——110
POPS——995
IMAP——143
IMAPS——993
设置域名解析
创建A记录,将我的域名(iplaystudio.top)解析到我的ip地址
创建MX记录,指向我的域名
分别创建mail、imap、pop、smtp的CNAME记录,指向我的域名,相当于是域名的一个别名。
完成以上工作之后,就可以连接服务器,在服务器上进行相关工作了。
设置HOSTNAME
通过以下命令设置机器的hostname,hostname与我的域名保持一致
hostnamectl set-hostname iplaystudio.top
安装MySql
$ sudo apt-get install mysql-client mysql-server
安装完以后会提示输入密码,下文就以root作为数据库用户,password作为数据库密码
之后我们需要创建mail数据库,并将mail数据库的相应权限赋给root用户
$ mysql -u root -p
Enter password: input your password
mysql> CREATE DATABASE mail;
mysql> USE mail;
mysql> GRANT SELECT, INSERT, UPDATE, DELETE ON mail.* TO 'root'@'localhost' IDENTIFIED BY 'password';
mysql> GRANT SELECT, INSERT, UPDATE, DELETE ON mail.* TO 'root'@'127.0.0.1' IDENTIFIED BY 'password';
mysql> FLUSH PRIVILEGES;
创建domains、users、forwardings和transport四张表
mysql> CREATE TABLE domains (domain varchar(50) NOT NULL, PRIMARY KEY (domain) );
mysql> CREATE TABLE forwardings (source varchar(80) NOT NULL, destination TEXT NOT NULL, PRIMARY KEY (source) );
mysql> CREATE TABLE users (email varchar(80) NOT NULL, password varchar(20) NOT NULL, PRIMARY KEY (email) );
mysql> CREATE TABLE transport ( domain varchar(128) NOT NULL default '', transport varchar(128) NOT NULL default '', UNIQUE KEY domain (domain) );
至此MySql数据库就设置好了。
安装并配置Postfix
$ sudo apt-get install postfix postfix-mysql postfix-doc mailutils
安装的过程中会弹出界面
General type of mail configuration 我们选择 Internet Site
System Mail Name 填写自己的域名 iplaystudio.top
安装完成后,修改配置文件main.cf
postconf -e 'myhostname = iplaystudio.top'
postconf -e 'mydestination = iplaystudio.top, localhost, localhost.localdomain'
postconf -e 'mynetworks = 127.0.0.0/8, 18.219.29.10'
postconf -e 'message_size_limit = 30720000'
postconf -e 'virtual_alias_domains ='
postconf -e 'virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, mysql:/etc/postfix/mysql-virtual_email2email.cf'
postconf -e 'virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf'
postconf -e 'virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf'
postconf -e 'virtual_mailbox_base = /home/vmail'
postconf -e 'virtual_uid_maps = static:5000'
postconf -e 'virtual_gid_maps = static:5000'
postconf -e 'smtpd_sasl_type = dovecot'
postconf -e 'smtpd_sasl_path = private/auth'
postconf -e 'smtpd_sasl_auth_enable = yes'
postconf -e 'broken_sasl_auth_clients = yes'
postconf -e 'smtpd_sasl_authenticated_header = yes'
postconf -e 'smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination'
postconf -e 'smtpd_use_tls = yes'
postconf -e 'smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem'
postconf -e 'smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key'
postconf -e 'proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps'
postconf -e 'virtual_transport = dovecot'
postconf -e 'local_transport = dovecot'
修改master.cf文件
取消注释smtps和submission部分,并在末尾加入
dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/usr/libexec/dovecot/deliver -f ${sender} -d ${recipient}
编写相关的虚拟文件
虚拟domain文件
$ sudo vim /etc/postfix/mysql-virtual_domains.cf
由于virtual是mysql的保留关键字,所以这里的列别名要加上双引号——"virtual"
user = root
password = password
dbname = mail
query = SELECT domain AS "virtual" FROM domains WHERE domain='%s'
hosts = 127.0.0.1
虚拟forwarding文件
$ sudo vim /etc/postfix/mysql-virtual_forwardings.cf
user = root
password = password
dbname = mail
query = SELECT destination FROM forwardings WHERE source='%s'
hosts = 127.0.0.1
虚拟mailbox文件
$ sudo vim /etc/postfix/mysql-virtual_mailboxes.cf
user = root
password = password
dbname = mail
query = SELECT CONCAT(SUBSTRING_INDEX(email,'@',-1),'/',SUBSTRING_INDEX(email,'@',1),'/') FROM users WHERE email='%s'
hosts = 127.0.0.1
虚拟email2email文件
$ sudo vim /etc/postfix/mysql-virtual_email2email.cf
user = root
password = password
dbname = mail
query = SELECT email FROM users WHERE email='%s'
hosts = 127.0.0.1
设置权限
$ sudo chmod o= /etc/postfix/mysql-virtual_*.cf
$ sudo chgrp postfix /etc/postfix/mysql-virtual_*.cf
建立用户
$ sudo groupadd -g 5000 vmail
$ sudo useradd -c 'VMail' -g vmail -u 5000 vmail -d /home/vmail -m
到这就完成了Postfix的安装和配置
安装并配置Dovecot
$ sudo apt-get install dovecot-common dovecot-imapd dovecot-pop3d dovecot-mysql
修改/etc/dovecot/dovecot.conf文件
log_timestamp = "%Y-%m-%d %H:%M:%S "
mail_location = maildir:/home/vmail/%d/%n/Maildir
namespace {
inbox = yes
location =
prefix = INBOX.
separator = .
type = private
}
passdb {
args = /etc/dovecot/dovecot-sql.conf
driver = sql
}
protocols = imap pop3
disable_plaintext_auth = no
auth_mechanisms = plain login
service auth {
unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0660
user = postfix
}
unix_listener auth-master {
mode = 0600
user = vmail
}
user = root
}
ssl = required
ssl_cert = </etc/ssl/certs/dovecot.pem
ssl_key = <//etc/ssl/private/dovecot.key
userdb {
args = uid=5000 gid=5000 home=/home/vmail/%d/%n allow_all_users=yes
driver = static
}
protocol lda {
auth_socket_path = /var/run/dovecot/auth-master
log_path = /home/vmail/dovecot-deliver.log
postmaster_address = postmaster@zjc.com
}
protocol pop3 {
pop3_uidl_format = %08Xu%08Xv
}
创建dovecot-sql.conf文件
$ sudo vim /etc/dovecot/dovecot-sql.conf
driver = mysql
connect = host=127.0.0.1 dbname=mail user=root password=password
default_pass_scheme = CRYPT
password_query = SELECT email as user, password FROM users WHERE email='%u';
修改dovecot-sql.conf文件权限
$ sudo chgrp vmail /etc/dovecot/dovecot.conf
$ sudo chmod g+r /etc/dovecot/dovecot.conf
至此配置就完成了。
重启服务
$ sudo service postfix restart
$ sudo service dovecot restart
添加测试账号
最后就是添加测试账号进行测试了
mysql> USE mail;
mysql> INSERT INTO domains (domain) VALUES ('vzjc.com');
mysql> INSERT INTO users (email, password) VALUES ('user@iplaystudio.top', ENCRYPT('password'));
mysql> quit
后续就可以通过user@iplaystudio.top和password来登录邮件服务器了
在测试之前需要重启一下机器
然后使用telnet分别测试25、587、imap、pop,看到以下结果就代表服务启动成功了
接下来就可以通过outlook、Foxmail来登录邮件服务器,验证收发邮件功能了
至此,邮件服务器的搭建就完成了,接下来可以参考这篇博文邮件服务器添加SPF、DKIM、DMARC、PTR提高送达率来设置SPF、DKIM和DMARC以提高邮件送达率。
