2008年6月26日 星期四

postfix + dovecot + openwebmail 建立Virtual User的mail server

網路上找到有關建立virtual user的mail server文章幾乎都是用vm-pop3,不過好幾年沒有新版本,可能已經停止開發了,而且不支援SSL,也不支援SASL認證,導致要用Pop-before-smtp來防止被relay,所以這邊改用dovecot....他支援SSL,SASL.

關於postfix和openwebmail的設定參考這邊,在postfix+vm-pop3+openwbemail的架構下把vm-pop3換成dovecot,這樣就還是可以用openwebmail來開帳號,比較方便.

修改/etc/dovecot.conf下面幾行:

protocols = pop3 pop3s
listen = *
log_path = /var/log/dovecot.log
info_log_path = /var/log/dovecot.log
log_timestamp = "%b %d %H:%M:%S "
syslog_facility = mail
mail_privileged_group = mail
first_valid_uid = 8

下面是設定virtual user的信箱位置,帳號,和密碼檔
mail_location = mbox:/var/spool/virtual/%d:INBOX=/var/spool/virtual/%d/%n:INDEX=MEMORY
mechanisms = plain login digest-md5 cram-md5
passdb passwd-file {
args = /etc/virtual/%d/passwd
}
userdb static {
args = uid=8 gid=12
}

下面是增加tls的設定
ssl_cert_file = /etc/pki/dovecot/certs/dovecot.pem
ssl_key_file = /etc/pki/dovecot/private/dovecot.pem
ssl_disable = no
socket listen {
client {
path = /var/spool/postfix/private/auth
mode = 0660
user = postfix
group = postfix
}
}
}

dovecot.pem的產生,先到 /etc/pki/tls/certs 目錄內,用裡面的 Makefile 檔案協助建立就可以.
make dovecot.pem

postfix使用doecot sasl認證,參考這邊:
smtpd_sasl_type = dovecot
# Can be an absolute path, or relative to $queue_directory
smtpd_sasl_path = private/auth
# and the common settings to enable SASL:
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_sasl_security_options = noanonymous

沒有留言: