1.按附录方法安装和配置DNS服务器。
2.安装过程开始:
# apt-get install postfix cyrus21-admin cyrus21-clients cyrus21-common cyrus21-doc cyrus21-imapd cyrus21-pop3d squirrelmail squirrelmail-locales libsasl2-modules libsasl2 sasl2-bin
The following extra packages will be installed:
apache2 apache2-common apache2-mpm-prefork apache2-utils gawk
libapache2-mod-php4 libapr0 libcyrus-imap-perl21 libhesiod0 libsnmp4.2
libzephyr3 libzzip-0-12 openssl php4-common ssl-cert
┌─────────────┤ Configuring libhesiod0 ├────────────┐
│ Hesiod looks up keys using the standard Domain Name System. Enter the │
│ right-hand side of the domain name to do searches in. This name should │
│ begin with a ".". │
│ │
│ Hesiod domain for searches │
│ │
│ .athena.mit.edu__________________________________________________________ │
│ │
│ <Ok> │
│ │
└────────────────────────────────────────┘
将“.athena.mit.edu”改为“.yx.edu.cn”。
┌─────────────┤ Postfix Configuration ├─────────────┐
│ │
│ You have several choices for general configuration at this point. If #
│ you have your debconf priority set to 'low' or 'medium', you will be ▒
│ asked more questions later. You can always run "dpkg-reconfigure ▒
│ --priority=low postfix" at a later point if you want to see these ▒
│ questions again. ▒
│ ▒
│ No configuration - IF YOU WANT THE INSTALL TO LEAVE YOUR CONFIG ALONE, ▒
│ CHOOSE THIS OPTION. No configuration changes will be done now: If you ▒
│ have not already configured Postfix, your mail system will be broken and ▒
│ should not be used. You must then do the configuration yourself by ▒
│ editing /usr/share/postfix/main.cf.dist and saving your changes as ▒
│ /etc/postfix/main.cf, or by running dpkg-reconfigure Postfix. main.cf ▒
│ will not be modified by the Postfix install process. ▒
│ ▒
│
│ <Ok>
│ │
└────────────────────────────────────────┘
┌─┤ Postfix Configuration ├───┐
│ General type of configuration? │
│ │
│ No configuration │
│ Internet Site │
│ Internet with smarthost │
│ Satellite system │
│ Local only │
│ │
│ │
│ <Ok> <Cancel> │
│ │
└──────────────────┘
默认“Internet Site”。
┌─────────────┤ Postfix Configuration ├─────────────┐
│ The user root (and any other users with a uid of 0) must have mail │
│ redirected via an alias, or their mail may be delivered to │
│ /var/mail/nobody. This is by design: mail is not delivered to external │
│ delivery agents as root. │
│ │
│ If you already have a /etc/aliases file, then you possibly need to add │
│ this entry. (I will only add it if I am creating a new /etc/aliases.) │
│ │
│ What address should I add to /etc/aliases, if I create the file? (Enter │
│ NONE to not add one.) │
│ │
│ Where should mail for root go │
│ │
│ NONE_____________________________________________________________________ │
│ │
│ <Ok> <Cancel> │
│ │
└────────────────────────────────────────┘
这里将设置root用户的邮件由哪个普通用户来接收,把“NONE”改为这个普通用户名即可(本测试机是“uu”),网络实验室安装时这个普通用户是 “stu”。注:默认情况下大多数默认系统帐号的别名都被设置成root,并且在安装Debian(默认已安装Exim4)时已把root的别名设成了第一个普通用户帐号,所以在“/etc/aliases”文件中已保存了相关的别名。直接回车就可以了。
┌─────────────┤ Postfix Configuration ├────────────┐
│ Your `mail name' is the hostname portion of the address to be shown on │
│ outgoing news and mail messages (following the username and @ sign). │
│ │
│ This name will be used by other programs besides Postfix; it should be │
│ the single, full domain name (FQDN) from which mail will appear to │
│ originate. │
│ │
│ Mail name? │
│ │
│ localhost.localdomain___________________________________________________ │
│ │
│ <Ok> <Cancel> │
│ │
└───────────────────────────────────────┘
设置外发邮件名的后缀。将“localhost.localdomain”改为“yx.edu.cn”。
┌────────────┤ Postfix Configuration ├──────────────┐
│ Specify a domain, host, hostort, [address] or [address]ort. Use the │
│ form [destination] to turn off MX lookups. Leave this blank for no │
│ relay host. │
│ │
│ The relayhost parameter specifies the default host to send mail to when │
│ no entry is matched in the optional transport(5) table. When no │
│ relayhost is given, mail is routed directly to the destination. │
│ │
│ SMTP relay host? (blank for none) │
│ │
│ smtp.localdomain_________________________________________________________ │
│ │
│ <Ok> <Cancel> │
│ │
└────────────────────────────────────────┘
设置SMTP中继主机。将“smtp.localdomain”改为“mail.yx.edu.cn”。
┌──────────┤ Postfix Configuration ├────────────────┐
│ Give a comma-separated list of domains that this machine should consider │
│ itself the final destination for. If this is a mail domain gateway, you │
│ probably want to include the top-level domain. │
│ │
│ Other destinations to accept mail for? (blank for none) │
│ │
│ yx.edu.cn, localhost.localdomain, localhost.localdomain, localhost_______ │
│ │
│ <Ok> <Cancel> │
│ │
└────────────────────────────────────────┘
直接回车。
┌─────────────┤ Postfix Configuration ├─────────────┐
│ │
│ If synchronous updates are forced, then mail is processed more slowly. │
│ If not forced, then there is a remote chance of losing some mail if the │
│ system crashes at an inopportune time, and you are not using a journaled │
│ filesystem (such as ext3). │
│ │
│ The default is "off". │
│ │
│ Force synchronous updates on mail queue? │
│ │
│ <Yes> <No> │
│ │
└────────────────────────────────────────┘
直接回车。
Postfix is now set up with a default configuration. If you need to make
changes, edit
/etc/postfix/main.cf (and others) as needed. To view Postfix configuration
values, see postconf(1).
After modifying main.cf, be sure to run '/etc/init.d/postfix reload'.
Running newaliases
Starting mail transport agent: Postfix.
Setting up cyrus21-common (2.1.18-1) ...
Creating/updating cyrus user account...
Adding user `cyrus' to group `sasl'...
Done.
Creating cyrus control directories in /var/lib/cyrus...
Creating partition spool /var/spool/cyrus/mail...
Creating partition spool /var/spool/cyrus/news...
Trying to optimize Cyrus partitions, edit /etc/default/cyrus21 to disable...
Setting attributes to -S -j for /var/lib/cyrus...
Setting attributes to -S -j for /var/spool/cyrus/mail...
Setting attributes to -S -j for /var/spool/cyrus/news...
Starting Cyrus IMAPd: cyrmaster.
Setting up cyrus21-doc (2.1.18-1) ...
Setting up cyrus21-imapd (2.1.18-1) ...
Setting up cyrus21-pop3d (2.1.18-1) ...
Setting up squirrelmail-locales (1.4.4-20050308-1) ...
Setting up squirrelmail (1.4.4-6sarge1) ...
Installing default squirrelmail config.
Run /usr/sbin/squirrelmail-configure as root to configure/upgrade config.
安装过程结束。
------------------------------------------------------------------
------------------------------------------------------------------
3.配置过程开始:
To setup Cyrus so that you can administer it (i.e. create users),
and get email inside it for those users:
1. Make sure libsasl2-modules, libsasl2 and sasl2-bin are installed
# apt-get install libsasl2-modules libsasl2 sasl2-bin # 注:前面已经安装,这里略去。
2. Make sure /etc/sasldb2 is readable by group sasl. Pay attention
to overrides (dpkg-statoverride)!
# ls -l /etc/sasldb2
-rw-rw---- 1 root sasl 12288 2005-11-14 01:04 /etc/sasldb2
3. Make sure user cyrus belongs to group sasl (cyrus21-common's install
tries to do this automatically for you).
查看/etc/group文件可知,cyrus已经属于sasl组了。
4. Edit /etc/cyrus.conf, and make sure the services you need are
enabled. These are most probably "imap", "pop3", "lmtpunix".
5. Edit /etc/imapd.conf, and make sure you have some admin users
listed in the entry "admins:". I suggest using "cyrus" as your
admin.
I also suggest enabling plain text logins, and setting
sasl_minimum_layer: 0
去掉“#admins:cyrus”和“#sasl_minimum_layer: 0”前的#号。
6. Restart Cyrus (/etc/init.d/cyrus21 restart)
7. Use saslpasswd2 -c to create an account for your admin:
# saslpasswd2 -c cyrus
8. Use sasldblistusers2 to make sure step 7 worked fine.
# sasldblistusers2
这一步可以在第9步后一起做。
9. Add other users to SASL likewise (saslpasswd2 -c).
请确保已经有“uu”和“stu”这两个系统用户,没有则新建,或者已有其他用户的话则本实例中的这两个用户名相对应换之。
# saslpasswd2 -c uu
# saslpasswd2 -c stu
# sasldblistusers2
10. Log in cyrus as the administrator, and create the mailboxes:
# cyradm --user cyrus localhost
cyradm --user cyrus localhost> cm user.uu
cyradm --user cyrus localhost> cm user.stu
cyradm --user cyrus localhost> cm user.root
按组合键“^D”退出。
(notice that there is an "user." in front of the mailbox name!)
You must use "user/bob", "user/anna" instead if you have the
unixhierarchysep option enabled in imapd.conf.
For this to work, you obviously need the cyrus21-admin package
installed.
11. Try to login as a normal user, using imtest or a IMAP/POP3 client.
If you have trouble with mutt and CRAM-MD5 or DIGEST-MD5, edit
/etc/imapd.conf, and look for sasl_mech_list. Set it to:
sasl_mech_list: plain cram-md5
(this will disable digest-md5, which causes trouble with mutt).
把这行前面的#号删除并添加cram-md5。
12. Setup your MTA to deliver email inside Cyrus. Basically that can
be done (easily) by:
a) running /usr/sbin/cyrdeliver (SLOW)
You need the lmtpunix service enabled in /etc/cyrus.conf for this
to work.
“/etc/cyrus.conf”文件中“lmtpunix service”默认已经“enabled”了。
但运行“/usr/sbin/cyrdeliver”命令后显示:
421-4.3.0 usage: deliver [-C <alt_config> ] [-m mailbox] [-a auth] [-r return_path] [-l] [-D]
421 4.3.0 v2.1.18-IPv6-Debian-2.1.18-1
提示中有这么多参数,不知道怎么用,请指点一下。
b) delivering using LMTP to /var/run/cyrus/socket/lmtp
You need the lmtpunix service enabled in /etc/cyrus.conf for this
to work.
“/etc/cyrus.conf”文件中“lmtpunix service”默认已经“enabled”了。
但运行“/var/run/cyrus/socket/lmtp”命令后显示:
bash: /var/run/cyrus/socket/lmtp: 权限不够
我用“root”身份运行的这条命令,怎么还权限不够?请指点!
Just make sure (and use dpkg-statoverride to do that) that your
MTA can get to /var/run/cyrus/socket/lmtp. It works just like any
file in a Unix system.
Cyrus REQUIRES a valid RFC2822 message, and will refuse messages with
bad headers (such as that From foobar header, notice the missing ':',
embedded NULLs or any other crap.
That's it. See /usr/share/doc/cyrus21-common/README.{postfix,exim,sendmail}
for help on how to setup your MTA to correctly deliver to Cyrus.
可能就是在这里没通过,所以squireelmail中无法收到邮件,因为cyrus根本就没有取得邮件。
注:这12条是cyrus的readme文件中的。
------------------------------------------------------------------
Web邮件管理器SquirrelMail的配置:
(1)SquirrelMail runs on top of almost any IMAP server
用“/etc/squirrelmail/conf.pl”命令修改第10项为:
Language preferences
1. Default Language : zh_CN
2. Default Charset : utf-8
3. Enable lossy encoding : false
用“/etc/squirrelmail/conf.pl”命令修改“D. Set pre-defined settings for specific IMAP servers”:
Please select your IMAP server:
cyrus = Cyrus IMAP server
uw = University of Washington's IMAP server
exchange = Microsoft Exchange IMAP server
courier = Courier IMAP server
macosx = Mac OS X Mailserver
hmailserver = hMailServer
quit = Do not change anything
输入“cyrus”后回车。
用“s”命令保存修改结果。
或者也可以直接用文本编辑器修改“/etc/squirrelmail/config.php”文件的以下内容为:
$motd = "Welcome to Our Webmail !";
$squirrelmail_default_language = 'zh_CN';
$default_charset = 'utf-8';
$domain = 'yx.edu.cn';
$smtpServerAddress = 'mail.yx.edu.cn';
$imapServerAddress = 'localhost';
$imap_server_type = 'cyrus';
$optional_delimiter = 'detect';
$default_folder_prefix = '';
$auto_create_special = true;
$data_dir = '/var/lib/squirrelmail/data/';
$attachment_dir = '/var/spool/squirrelmail/attach/';
$theme_css = '';
(2)Configuring Apache with SquirrelMail
$ ln -s /etc/squirrelmail/apache.conf /etc/apache2/conf.d/squirrelmail.conf
(3)Virtual Hosts
There are some example Apache directives in /etc/squirrelmail/apache.conf
这里跟Apache里建虚拟主机方法一样,略。
(4)Adding a symlink in your webroot may be all you need. (建立一个快捷方式,可以用“http://域名或IP/squirrelmail”来访问)
# ln -s /usr/share/squirrelmail/ /var/www/squirrelmail
------------------------------------------------------------------
4.测试过程:
------------------------------------------------------------------
(1)检查smtp、pop3和imap是否已正常工作:
运行“postfix reload”重启Postfix。
运行telnet localhost 25,输入EHLO anywhere.org,应该可以看到一行:250-STARTTLS。干杯!TLS运行起来了!。
# telnet mail.yx.edu.cn 25
Trying 192.168.3.9...
Connected to dsjh.yx.edu.cn.
Escape character is '^]'.
220 localhost.localdomain ESMTP Postfix (Debian/GNU)
250-localhost.localdomain
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250 8BITMIME
^]
telnet> quit
Connection closed.
运行“/etc/init.d/cyrus21 restart”命令重启cyrus。
# telnet mail.yx.edu.cn 110
Trying 192.168.3.9...
Connected to dsjh.yx.edu.cn.
Escape character is '^]'.
+OK dsjh Cyrus POP3 v2.1.18-IPv6-Debian-2.1.18-1 server ready <85847085.1131896962@dsjh>
^]
telnet> quit
Connection closed.
# telnet mail.yx.edu.cn 143
Trying 192.168.3.9...
Connected to dsjh.yx.edu.cn.
Escape character is '^]'.
* OK dsjh Cyrus IMAP4 v2.1.18-IPv6-Debian-2.1.18-1 server ready
^]
telnet> quit
Connection closed.
------------------------------------------------------------------
------------------------------------------------------------------
(2)在浏览器中用“http://mail.yx.edu.cn/squirrelmail”可以访问了。
注意:这时可以用web方式发邮件到外网邮件服务器,但不能收外网发到本地的邮件,因为这个域名没有注册。
------------------------------------------------------------------
(3)使用fetchmail接收外网邮件服务器上的pop3邮件:
# apt-get install fetchmail
用“fetchmail -p pop3 -u lokay -c pop3.sohu.com”命令查看,
去掉“-c”就会接收邮件到本地。
------------------------------------------------------------------
(4)用mutt来发邮件和阅读邮件。
测试本地用户间的邮件互发和阅读,本地用户发邮件到外网用户,然后到外网去查看是否成功。
------------------------------------------------------------------
(5)另外一种像Windows中Outlook Express一样的图形界面邮件客户端软件:
# apt-get install mozilla-thunderbird
------------------------------------------------------------------
------------------------------------------------------------------
------------------------------------------------------------------
------------------------------------------------------------------
四、思考题:
1.Debian推荐的邮件服务器是什么?我们的实例中为何不用这个推荐软件?
2.实例中是直接使用系统用户做为邮件用户,如果设置稍有差错,就会对系统安全造成很大的威胁。解决这一矛盾的最佳方法是什么?
------------------------------------------------------------------
------------------------------------------------------------------
------------------------------------------------------------------
附录:不使用Webmin配置DNS服务器
(1)用“# apt-get install bind9”命令安装DNS服务软件包。
(2)由于“/etc/bind/named.conf”文件中已经包含了“/etc/bind/named.conf.local”文件,所以只需要修改后者即可。用文本编辑器打开“/etc/bind/named.conf.local”文件,添加以下内容(其中包括一个正向主区域 “yx.edu.cn”和一个反向主区域“192.168.3”,注意要把网络号改为你所在网络的网络号):
zone "yx.edu.cn" {
type master;
file "/etc/bind/yx.edu.cn.hosts";
};
zone "3.168.192.in-addr.arpa" {
type master;
file "/etc/bind/192.168.3.rev";
};
(3)再用文本编辑器编新建“/etc/bind/yx.edu.cn.hosts”正向主区域文件,内容为:
$ttl 38400
yx.edu.cn. IN SOA dsjh.yx.edu.cn. postmaster.yx.edu.cn. (
1131210215
10800
3600
604800
38400 )
yx.edu.cn. IN NS dsjh.yx.edu.cn.
dsjh.yx.edu.cn. IN A 192.168.3.9
mail.yx.edu.cn. IN CNAME dsjh
yx.edu.cn. IN MX 10 dsjh.yx.edu.cn.
(4)再用文本编辑器编新建“/etc/bind/192.168.3.rev”逆向主区域文件,内容(注意要把网络号改为你所在网络的网络号)为:
$ttl 38400
3.168.192.in-addr.arpa. IN SOA dsjh.yx.edu.cn. postmaster.yx.edu.cn. (
1131210438
10800
3600
604800
38400 )
3.168.192.in-addr.arpa. IN NS dsjh.yx.edu.cn.
9.3.168.192.in-addr.arpa. IN PTR dsjh.yx.edu.cn.
(5)用“/etc/init.d/bind9 restart”命令重启服务。
(6)编辑客户机的“/etc/resolv.conf”文件,在第一行前加入下一行内容:
nameserver 192.168.3.9
(7) 在客户机上用“nslookup”命令测试DNS是否已正常。
------------------------------------------------------------------
|
|