![首頁 Logo Keith ]p !!](/themes/mytheme/logo.png){kind=logo}
最後更新: 2023-07-28
目錄
- Postfix virtual 收信
- 建立 virtual domains Tables
- 用 Dovecot 派信
- virtual user 的 Quota
Postfix virtual 收信
main.cf
# 此是 Default 來 virtual_transport = virtual virtual_uid_maps = static:2000 virtual_gid_maps = static:2000 virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf virtual_mailbox_base = /home/vmail
The mailbox pathname is constructed as follows:
$virtual_mailbox_base/$virtual_mailbox_maps
* $virtual_mailbox_maps 返回的尾有 "/" 就會使用 Maildir 格式
other setting
# 由於是要連 mysql, 所以用 proxy, 因為他可以 cache mysql 返回的 result !! proxy_read_maps = $virtual_mailbox_domains $virtual_mailbox_maps $smtpd_sender_login_maps ... message_size_limit = 15728640 smtpd_recipient_restrictions = reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unlisted_recipient, permit_mynetworks, check_client_access hash:/etc/postfix/client_access, check_sender_access hash:/etc/postfix/sender_access, reject_unauth_destination reject_rbl_client zen.spamhaus.org, reject_rbl_client bl.spamcop.net # 設定用什麼去派信 virtual_transport = dovecot mailbox_command = /usr/libexec/dovecot/deliver dovecot_destination_recipient_limit = 1 # sasl login smtpd_sasl_auth_enable = no smtpd_sasl_type = dovecot smtpd_sasl_path = ./dovecot-auth smtpd_sasl_security_options = noanonymous broken_sasl_auth_clients = no smtp_helo_name = ??? default_process_limit = 20 bounce_queue_lifetime = 1h maximal_queue_lifetime = 3d # 解決 postfix/proxymap[5731]: warning: to approve this table for read-only access, # list proxy:unix:passwd.byname in main.cf:proxy_read_maps local_recipient_maps =
一共要建立兩個 mysql 的 config file
- mysql-virtual_domains.cf
- mysql-virtual_mailboxes.cf
/etc/postfix/mysql/virtual_domains.cf
user = vmail password = ??????? dbname = vmail hosts = 127.0.0.1 query = SELECT domain FROM domain WHERE domain='%s' AND active=1
/etc/postfix/mysql/virtual_mailboxes.cf
user = vmail
password = ???????
dbname = vmail
hosts = 127.0.0.1
query = SELECT CONCAT('/var/vmail/', mailbox.domain, '/', mailbox.maildir, '/Maildir/') FROM mailbox,domain
WHERE mailbox.username='%s' AND
mailbox.active=1 AND
mailbox.enabledeliver=1 AND
domain.domain = mailbox.domain AND
domain.active=1
不用 DB 的 virtual
# Domain name & Mailbox location
virtual_mailbox_domains = /etc/postfix/virtual_domains
# virtual domains list a.com b.com
virtual_mailbox_base = /var/mail
virtual_mailbox_maps = hash:/etc/postfix/virtual_mailbox
# virtual mailbox physical path [email protected] a.com/test [email protected] b.com/test
# uid & gid
Settings
virtual_uid_maps = hash:/etc/postfix/virtual_uids virtual_gid_maps = hash:/etc/postfix/virtual_gids
virtual_uids
[email protected] 5001 [email protected] 6001
virtual_gids
[email protected] 5001 [email protected] 6001
# 建立 hash map
maps="virtual_domains virtual_mailbox virtual_uids virtual_gids"
for map in $maps; do postmap $map; done
建立 virtual domains Tables
# mysql-virtual_domains.cf 用的 table
CREATE TABLE `domain` ( `domain` varchar(255) NOT NULL, `description` varchar(255) NOT NULL, `active` tinyint(1) NOT NULL DEFAULT '1', PRIMARY KEY (`domain`), KEY `active` (`active`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8
# mysql-virtual_mailboxes.cf 用的 table
CREATE TABLE `mailbox` ( `username` varchar(255) NOT NULL, `password` varchar(255) NOT NULL, `maildir` varchar(255) NOT NULL, `domain` varchar(255) NOT NULL DEFAULT '?????????????', `enablesmtp` tinyint(1) NOT NULL DEFAULT '1', `enablesmtpsecured` tinyint(1) NOT NULL DEFAULT '1', `enablepop3` tinyint(1) NOT NULL DEFAULT '1', `enablepop3secured` tinyint(1) NOT NULL DEFAULT '1', `enableimap` tinyint(1) NOT NULL DEFAULT '1', `enableimapsecured` tinyint(1) NOT NULL DEFAULT '1', `enabledeliver` tinyint(1) NOT NULL DEFAULT '1', `enablelda` tinyint(1) NOT NULL DEFAULT '1', `enablemanagesieve` tinyint(1) NOT NULL DEFAULT '1', `enablemanagesievesecured` tinyint(1) NOT NULL DEFAULT '1', `enablesieve` tinyint(1) NOT NULL DEFAULT '1', `enablesievesecured` tinyint(1) NOT NULL DEFAULT '1', `enableinternal` tinyint(1) NOT NULL DEFAULT '1', `enabledoveadm` tinyint(1) NOT NULL DEFAULT '1', `enablelib-storage` tinyint(1) NOT NULL DEFAULT '1', `enabledsync` tinyint(1) unsigned NOT NULL DEFAULT '0' COMMENT 'dsync', `active` tinyint(1) NOT NULL DEFAULT '1', `passwordlastchange` date DEFAULT NULL, PRIMARY KEY (`username`), KEY `domain` (`domain`), KEY `enablesmtp` (`enablesmtp`), KEY `enablesmtpsecured` (`enablesmtpsecured`), KEY `enablepop3` (`enablepop3`), KEY `enablepop3secured` (`enablepop3secured`), KEY `enableimap` (`enableimap`), KEY `enableimapsecured` (`enableimapsecured`), KEY `enabledeliver` (`enabledeliver`), KEY `enablelda` (`enablelda`), KEY `enablemanagesieve` (`enablemanagesieve`), KEY `enablemanagesievesecured` (`enablemanagesievesecured`), KEY `enablesieve` (`enablesieve`), KEY `enablesievesecured` (`enablesievesecured`), KEY `enableinternal` (`enableinternal`), KEY `enabledoveadm` (`enabledoveadm`), KEY `enablelib-storage` (`enablelib-storage`), KEY `active` (`active`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8
用 Dovecot 派信
postfix 的 default virtual domain 的派信 agent 是 "virtual", 改用 dovecot 的好處是它可 index 信件.
main.cf 設定
mailbox_command = /usr/libexec/dovecot/deliver dovecot_destination_recipient_limit = 1 virtual_transport = dovecot
master.cf 設定
# Use dovecot deliver program as LDA. (對應 main.cf 的 virtual_transport)
dovecot unix - n n - - pipe
flags=DRhu user=vmail:vmail argv=/usr/local/libexec/dovecot/deliver -f ${sender} -d ${user}@${domain} -m ${extension}
問題:
問題1:
Command output: pipe: fatal: pipe_command: execvp /usr/local/libexec/dovecot/deliver: Permission denied
解決:
Disable selinux
Dovecot 設定
local.conf
auth_mechanisms = plain login
auth_verbose = yes
disable_plaintext_auth = no
ssl = no
# User/group who owns the message files:
mail_uid = 2000
mail_gid = 2000
# Assign uid to virtual users.
first_valid_uid = 2000
last_valid_uid = 2000
# Mail location and mailbox format.
mail_location = maildir:/%Lh/Maildir/:INDEX=/%Lh/Maildir/
# Virtual mail accounts.
userdb {
args = /etc/dovecot/dovecot-mysql.conf
driver = sql
}
passdb {
args = /etc/dovecot/dovecot-mysql.conf
driver = sql
}
service auth {
unix_listener /var/spool/postfix/dovecot-auth {
user = postfix
group = postfix
mode = 0666
}
unix_listener auth-userdb {
user = vmail
group = vmail
mode = 0660
}
}dovecot-mysql.conf
driver = mysql
default_pass_scheme = CRYPT
connect = host=127.0.0.1 dbname=vmail user=vmail password=??????????????
# Required by 'doveadm mailbox ...'.
iterate_query = SELECT username AS user FROM mailbox
password_query = SELECT password FROM mailbox WHERE username='%u' AND active='1'
user_query = SELECT \
'%u' AS master_user, \
CONCAT('/var/vmail/', mailbox.domain, '/', mailbox.maildir) AS home \
FROM mailbox,domain \
WHERE mailbox.username='%u' \
AND mailbox.domain='%d' \
AND mailbox.`enable%Ls%Lc`=1 \
AND mailbox.domain=domain.domain \
AND domain.active=1 \
AND mailbox.active=1
virtual user 的 Quota
Quota Setting
virtual_create_maildirsize = yes virtual_maildir_extended = yes virtual_mailbox_limit_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailbox_limit_maps.cf virtual_mailbox_limit_override = yes virtual_maildir_limit_message = "The user you are trying to reach is over quota." virtual_overquota_bounce = yes
P.S.
如果用了 dovecot 去派信, 以上 setting 係沒有效果的.
local 派信
只有 local 才支援 .forward 檔
Location: ~/.forward
Usage: echo "a@domain, b@domain, c@domain" > .forward
