Freastalaí ríomhphoist ar CentOS 7. Suiteáil Dovecot + Exim + Roundcube

Is féidir freastalaí ríomhphoist a shuiteáil ar CentOS 7 ar roinnt bealaí, ach ceann de na cinn is coitianta ná meascán de Postfix agus Dovecot a úsáid.

Is clár seolta é Postfix agus tá sé ar cheann de na freastalaithe ríomhphoist is mó tóir ar domhan. Is freastalaí ríomhphoist é Dovecot, ar an láimh eile, a úsáidtear chun ríomhphoist a fháil ag baint úsáide as an bprótacal IMAP nó POP.

Cad é Exim?

Is gníomhaire aistrithe ríomhphoist (MTA) é Exim a úsáidtear go coitianta i gcórais oibriúcháin cosúil le Unix. Is bogearraí saor in aisce é Exim a scaoiltear faoi théarmaí an GNU (Ceadúnas Poiblí Ginearálta) agus is uirlis ríomhphoist ildánach agus solúbtha é le gnéithe fairsinge chun ríomhphost isteach a sheiceáil.

Cad é Dovecot?

Is freastalaí ríomhphoist foinse oscailte IMAP agus POP3 é Dovecot do chórais cosúil le Linux/UNIX. Tá an tslándáil ina cloch choirnéil i bhfócas an táirge seo ar sholúbthacht agus luas.

Cad é Roundcube?

Is comhéadan ríomhphoist gréasánbhunaithe é Roundcube a ligeann duit oibriú le do bhoscaí poist ag baint úsáide as IMAP agus SMTP. Tá feidhmiúlacht chumhachtach ag an bhfeidhmchlár agus tá sé inchomparáide ó thaobh cumais de le cliaint ríomhphoist deisce ar nós Outlook Express nó Mozilla Thunderbird.

Ag suiteáil Pacáiste Apache + MySQL + PHP

Logálaimid isteach inár bhfreastalaí fíorúil trí SSH.

Ansin ní mór duit an córas a nuashonrú, cuir isteach an t-ordú:

 # sudo yum update -y

Tar éis an córas a nuashonrú, feicfear an teachtaireacht seo a leanas.

Ag suiteáil Apache

Chun Apache a shuiteáil ar fhreastalaí fíorúil, cuir isteach an t-ordú:

 # sudo yum install httpd -y

Tar éis a shuiteáil, seoladh Apache:

 # sudo systemctl start httpd.service

Ina dhiaidh sin, téigh chuig an seoladh - http://ServerIP/ agus seiceáil oibriú Apache.

Má oibríonn gach rud i gceart, cuir isteach an t-ordú chun Apache a thosú go huathoibríoch ar an bhfreastalaí fíorúil:

 # sudo systemctl enable httpd.service

Ag suiteáil MySQL (MariaDB)

Chun íoslódáil, bain úsáid as an ordú:

 # sudo yum install mariadb-server mariadb -y

Nuair a bheidh an íoslódáil agus an suiteáil críochnaithe, ní mór duit MariaDB a thosú:

 # sudo systemctl start mariadb

Rith an script suiteála slán, rud a bhainfidh na socruithe neamhshábháilte:

 # sudo mysql_secure_installation

Cuir isteach an focal faire fréimhe, ós rud é gur chruthaigh tú an bunachar sonraí díreach, tá sé folamh de réir réamhshocraithe. Ansin aontaigh leis na socruithe, cuir isteach “ Y ” i ngach áit. Cuir isteach focal faire nua, deimhnigh é agus aontaigh arís leis na hathruithe “ Y ”.

Tá MariaDB suiteáilte.

Ag suiteáil PHP

Chun PHP a shuiteáil, cuir isteach an t-ordú:

 # sudo yum install php php-mysql -y

Ansin, atosú Apache ionas gur féidir leis oibriú le PHP:

 # sudo systemctl restart httpd.service

Chun PHP a thástáil, ní mór duit comhad a chruthú, mar shampla index.php, ag baint úsáide as an ordú seo:

 # echo "<?php phpinfo(); ?>" > /var/www/html/index.php

Anois oscail an nasc i do bhrabhsálaí - http://ServerIP/index.php Ba chóir duit leathanach le paraiméadair PHP a fheiceáil.

Ansin, ní mór duit an pacáiste a shuiteáil chun tacú le MariaDB i PHP:

 # sudo yum -y install php-mysql php-gd php-ldap php-odbc php-pear php-xml php-xmlrpc php-mbstring php-snmp php-soap curl curl-devel

Tar éis seo, atosú Apache:

 # sudo systemctl restart httpd.service

Déanta. Tá Apache, MySQL agus PHP suiteáilte agat ar do fhreastalaí fíorúil.

Ag ceangal stórtha breise

Chun na comhpháirteanna go léir a shuiteáil, beidh ort stór breise a nascadh.

 # sudo yum install epel-release

Ag cruthú bunachar sonraí vexim

Chun nasc a chruthú idir gach comhpháirt den slabhra, is gá bunachar sonraí amháin a úsáid. Déanaimis ceangal leis an bhfreastalaí MySQL:

 # mysql -u root -p

Cruthaigh bunachar sonraí, ní mór duit do phasfhocal féin a shonrú:

 CREATE DATABASE vexim; GRANT ALL ON vexim.* to vexim@localhost identified by 'password'; quit

Ag suiteáil Postfixadmin

Mura bhfuil gach modúl PHP suiteáilte, tá suiteáil bhreise ag teastáil.

 # yum -y install php-imap php-mbstring php-pdo php-mysql php-cli

Íoslódáil Postfixadmin agus suiteáil é sa bhfillteán /var/www/html/postfixadmin

# wget http://sourceforge.net/projects/postfixadmin/files/postfixadmin/postfixadmin-3.0/postfixadmin-3.0.tar.gz # tar xpf postfixadmin-3.0.tar.gz # mv postfixadmin-3.0 /var/www/html/postfixadmin # chown -R apache:apache /var/www/html/postfixadmin # rm postfixadmin-3.0.tar.gz # cd /var/www/html/postfixadmin > # vi config.inc.php

Cuir an comhad cumraíochta config.inc.php in eagar:

Suiteáil Dovecot

 # yum -y install dovecot dovecot-mysql

Athraímis an chumraíocht chaighdeánach ionas gur féidir linn filleadh uirthi más gá:

 # mv /etc/dovecot/dovecot.conf /etc/dovecot/dovecot.conf-orig # vi /etc/dovecot/dovecot.conf

Sábhálaimid na hiontrálacha seo a leanas sa dovecot.conf:

## Dovecot configuration file base_dir = /var/run/dovecot/ auth_default_realm = site.com auth_mechanisms = plain login cram-md5 protocols = imap pop3 listen = * disable_plaintext_auth = no dotlock_use_excl = yes first_valid_gid = 5 first_valid_uid = 25 mail_location = maildir:/var/vmail/%d/%u mail_privileged_group = mail passdb { args = /etc/dovecot/dovecot-mysql.conf driver = sql } service auth { unix_listener auth-client { group = exim mode = 0660 user = exim } unix_listener auth-master { group = exim mode = 0600 user = exim } user = root } ssl = no userdb { args = /etc/dovecot/dovecot-mysql.conf driver = sql } verbose_proctitle = yes protocol imap { imap_client_workarounds = delay-newmail tb-extra-mailbox-sep } protocol pop3 { pop3_client_workarounds = outlook-no-nuls oe-ns-eoh pop3_uidl_format = %08Xu%08Xv } protocol lda { auth_socket_path = /var/run/dovecot/auth-master postmaster_address = info@site.com }

Is féidir leat a fháil amach as do shaol, déan teagmháil le dovecot-mysql.conf

# vi /etc/dovecot/dovecot-mysql.conf

agus прописываем в него следующие настройки:

 ## Dovecot database configuration driver = mysql connect = host=localhost dbname=vexim user=vexim password=password default_pass_scheme = CRAM-MD5 password_query = SELECT `username` as `user`, `password` FROM `mailbox` WHERE `username` = '%n@%d' AND `active`='1' user_query = SELECT 93 AS `uid`, 93 AS `gid` FROM `mailbox` WHERE `username` = '%n@%d' AND `active`='1'

Ustanovka Exim

# yum -y install exim exim-mysql cyrus-sasl # mv /etc/exim/exim.conf /etc/exim/exim.conf-orig # vi /etc/exim/exim.conf

Athraímid an chumraíocht chaighdeánach, agus cóip chúltaca á sábháil againn.

###################################################################### # MAIN CONFIGURATION SETTINGS # ###################################################################### primary_hostname = mail.site.com hide mysql_servers = localhost/vexim/vexim/password domainlist local_domains = ${lookup mysql{SELECT `domain`  FROM `domain` WHERE  `domain`='${quote_mysql:$domain}' AND  `active`='1'}} domainlist relay_to_domains = ${lookup mysql{SELECT `domain`  FROM `domain` WHERE  `domain`='${quote_mysql:$domain}' AND  `active`='1'}} hostlist relay_from_hosts = localhost:127.0.0.0/8:192.168.1.0/24 auth_advertise_hosts = * acl_not_smtp = acl_not_smtp acl_smtp_rcpt = acl_check_rcpt acl_smtp_data = acl_check_data qualify_domain = site.com qualify_recipient = site.com allow_domain_literals = true exim_user = exim exim_group = exim never_users = root rfc1413_query_timeout = 0s sender_unqualified_hosts = +relay_from_hosts recipient_unqualified_hosts = +relay_from_hosts ignore_bounce_errors_after = 45m timeout_frozen_after = 15d helo_accept_junk_hosts = 192.168.1.0/24 auto_thaw = 1h smtp_banner = "$primary_hostname, ESMTP EXIM $version_number" smtp_accept_max = 50 smtp_accept_max_per_connection = 25 smtp_connect_backlog = 30 smtp_accept_max_per_host = 20 split_spool_directory = true remote_max_parallel = 15 return_size_limit = 70k message_size_limit = 64M helo_allow_chars = _ smtp_enforce_sync = true log_selector =  +all_parents  +connection_reject  +incoming_interface  +lost_incoming_connection  +received_sender  +received_recipients  +smtp_confirmation  +smtp_syntax_error  +smtp_protocol_error  -queue_run syslog_timestamp = no ###################################################################### # ACL CONFIGURATION # # Specifies access control lists for incoming SMTP mail # ###################################################################### begin acl acl_not_smtp: deny message = Sender rate overlimit - $sender_rate / $sender_rate_period ratelimit = 50 / 1h / strict accept acl_check_rcpt: deny message = "Lookup failed" condition = ${if eq{$host_lookup_failed}{1}} accept hosts = : deny message = "incorrect symbol in address" domains = +local_domains local_parts = ^[.] : ^.*[@%!/|] deny message = "incorrect symbol in address" domains = !+local_domains local_parts = ^[./|] : ^.*[@%!] : ^.*/\.\./ accept local_parts = postmaster domains = +local_domains deny message = "HELO/EHLO required by SMTP RFC" condition = ${if eq{$sender_helo_name}{}{yes}{no}} accept authenticated = * deny condition = ${if eq{$sender_helo_name} {$interface_address}{yes}{no}} hosts = !127.0.0.1 : !localhost : * message = "My IP in your HELO! Access denied!" deny condition = ${if match{$sender_helo_name} {N^d+$N}{yes}{no}} hosts = !127.0.0.1 : !localhost : * message = "Incorrect HELO string" warn set acl_m0 = 30s warn hosts = +relay_from_hosts:4.3.2.1/32:192.168.1.0/24 #disable waits for 'friendly' hosts set acl_m0 = 0s warn logwrite = Delay $acl_m0 for $sender_host_name  [$sender_host_address] with HELO=$sender_helo_name. Mail  from $sender_address to $local_part@$domain. delay = $acl_m0 accept domains = +local_domains endpass message = "No such user" verify = recipient accept domains = +relay_to_domains endpass message = "i don't know how to relay to this address" verify = recipient deny message = "you in blacklist - $dnslist_domain n $dnslist_text" dnslists = opm.blitzed.org :  cbl.abuseat.org :  bl.csma.biz accept hosts = +relay_from_hosts deny message = "Homo hominus lupus est" acl_check_dаta: deny malware = */defer_ok message = "Your message contains viruses: $malware_name" accept ###################################################################### # ROUTERS CONFIGURATION # # Specifies how addresses are handled # ###################################################################### # THE ORDER IN WHICH THE ROUTERS ARE DEFINED IS IMPORTANT! # # An address is passed to each router in turn until it is accepted. # ###################################################################### begin routers dnslookup: driver = dnslookup domains = ! +local_domains transport = remote_smtp ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 no_more system_aliases: driver = redirect allow_fail allow_defer data = ${lookup mysql{SELECT `goto` FROM `alias` WHERE  `address`='${quote_mysql:$local_part@$domain}' OR  `address`='${quote_mysql:@$domain}'}} dovecot_user: driver = accept condition = ${lookup mysql{SELECT `goto` FROM  `alias` WHERE  `address`='${quote_mysql:$local_part@$domain}' OR  `address`='${quote_mysql:@$domain}'}{yes}{no}} transport = dovecot_delivery ###################################################################### # TRANSPORTS CONFIGURATION # ###################################################################### # ORDER DOES NOT MATTER # # Only one appropriate transport is called for each delivery. # ###################################################################### begin transports remote_smtp: driver = smtp dovecot_delivery: driver = pipe command = /usr/libexec/dovecot/deliver -d $local_part@$domain message_prefix = message_suffix = delivery_date_add envelope_to_add return_path_add log_output user = exim address_pipe: driver = pipe return_output address_reply: driver = autoreply ###################################################################### # RETRY CONFIGURATION # ###################################################################### begin retry * * F,2h,15m; G,16h,1h,1.5; F,4d,6h ###################################################################### # REWRITE CONFIGURATION # ###################################################################### begin rewrite ###################################################################### # AUTHENTICATION CONFIGURATION # ###################################################################### begin authenticators auth_plain: driver = dovecot public_name = PLAIN server_socket = /var/run/dovecot/auth-client server_set_id = $auth1 auth_login: driver = dovecot public_name = LOGIN server_socket = /var/run/dovecot/auth-client server_set_id = $auth1 auth_cram_md5: driver = dovecot public_name = CRAM-MD5 server_socket = /var/run/dovecot/auth-client server_set_id = $auth1

Ag baint an iar-cheartúcháin

 # alternatives --config mta # systemctl disable postfix # systemctl stop postfix # yum -y remove postfix

Socrú Postfixadmin

Lean an nasc http://server_ip/postfixadmin/setup.php agus lean na treoracha suiteála. Tar éis an sár-riarthóir a chruthú, tabharfaidh an suiteálaí cód haise pasfhocail duit:

Caithfear é a athsholáthar sa chomhad config.inc.php (i bhfréamh an eolaire postfixadmin) in ionad na líne seo:

Ansin, ní mór duit logáil isteach sa chóras ag baint úsáide as na sonraí cruthaithe, na fearainn agus na boscaí poist riachtanacha a chur leis.

Ag Suiteáil Roundcube

 # yum -y install roundcubemail

Tar éis an tsuiteála, ní mór duit an chumraíocht a chur leis an bhfreastalaí gréasáin ionas go n-osclófar an script ag http://server_ip/roundcubemail/

# vi /etc/httpd/conf.d/roundcubemail.conf

Sábhálaimid na sonraí seo a leanas:

# # Round Cube Webmail is a browser-based multilingual IMAP client # Alias /roundcubemail /usr/share/roundcubemail Alias /webmail /usr/share/roundcubemail <Directory /usr/share/roundcubemail/> Options none AllowOverride Limit Require all granted </Directory> <Directory /usr/share/roundcubemail/installer> Options none AllowOverride Limit Require all granted </Directory> # Those directories should not be viewed by Web clients. <Directory /usr/share/roundcubemail/bin/> Order Allow,Deny Deny from all </Directory> <Directory /usr/share/roundcubemail/plugins/enigma/home/> Order Allow,Deny Deny from all </Directory>

Tar éis taifeadadh, ní mór duit Apache a atosú:

 # systemctl restart httpd.service

Chun tuilleadh suiteála, cruthaímid bunachar sonraí, agus chuige seo ceanglaímid le MySQL:

 # mysql -u root -p

agus cuirimid i bhfeidhm iarratais (soláthraímid ár sonraí féin):

 CREATE DATABASE roundcubedb; CREATE USER roundcubeuser@localhost IDENTIFIED BY 'password'; GRANT ALL PRIVILEGES on roundcubedb.* to roundcubeuser@localhost ; FLUSH PRIVILEGES; quit

Ansin, ní mór duit an suiteálaí http://server_ip/roundcubemail/installer a oscailt agus é a chumrú.

Críochnaíonn sé seo an socrú, téigh go Roundcube http://server_ip/roundcubemail/ , logáil isteach sa chóras ag baint úsáide as an mbosca poist a cruthaíodh roimhe seo (i Postfixadmin), déan na socruithe agus bain úsáid as.