freebsd+postfix+mysql+authdaemon+sasl2+bind9

更新时间：2022-10-02 20:33:49

最小化安装freebsd选上ports

1.安装 apache2

shell $> cd /usr/ports/www/apache22

shell $> make install clean

shell $> ee /etc/rc.conf

accf_data_load="YES"
accf_http_load="YES"
apache22_enable="YES"
apache22_http_accept_enable="YES"

2.安装 php5

shell $> cd /usr/ports/lang/php5

shell $> make install clean

出现配置选项选上 MULTIBYTE 、OPENSSL 两项

然后修改 /usr/loca/etc/apache22/httpd.conf

shell $> ee /usr/local/etc/apache22/httpd.conf

<IfModule dir_module>
DirectoryIndex index.html
</IfModule>

修改为

<IfModule dir_module>
DirectoryIndex index.html index.php
</IfModule>

然后在

AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz

下添加

AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps

shell $> cd /usr/loca/etc

shell $> cp php.ini-dist php.ini

3.安装PHP扩展

shell $> /usr/ports/lang/php5-extensions

shell $> make install clean

出现配置选项，该选什么大家都应该知道。

我选了mysql gettext.......就不一一列出。

4.安装 mysql -server

shell $> cd /usr/ports/databases/mysql50-server

shell $> make install clean

shell $> ee /etc/rc.conf

添加

mysql_enable="YES"

shell $> cp /usr/local/share/mysql/my-medium.cnf /usr/local/etc/my.cnf

shell $> /usr/local/etc/rc.d/mysql-server start
shell $> mysql_install_db --user=mysql ###初始化数据库

5. 安装phpmyadmin

shell $> cd /usr/ports/databases/phpmyadmin

shell $> make install clean

shell $> cp -R /usr/local/www/phpMyAdmin /usr/local/www/apache22/data/

shell $> cd /usr/local/www/apache22/data/phpMyAdmin

shell $> cp libraries/config.default.php ./config.inc.php

shell $> ee config.inc.php

查找 $cfg['Servers'][$i]['auth_type'] = 'config';

改为 $cfg['Servers'][$i]['auth_type'] = 'http';

shell $> chown -R www:www /usr/local/www/apache22/data/phpMyAdmin

6.安装 courier-imap

shell $> cd /usr/ports/mail/courier-imap

shell $> make install clean ###配置单中选种 mysql openssl

shell $> ee /etc/rc.conf

添加如下：

courier_authdaemond_enable="YES"

courier_imap_pop3d_enable="YES"

courier_imap_imapd_enable="YES"

shell $> chmod -R +x /var/run/authdaemond

shell $> /usr/local/etc/rc.d/courier-authdaemond start

shell $> ls /var/run/authdaemond

pid pid.lock socket

####看到有 socket 就是正常，认证时需要用到

shell $> ee /usr/local/etc/authlib/authdaemonrc

authmodulelist="authmysql"

authmodulelistorig="authmysql"

###修改认证方式为 mysql

shell $> ee /usr/local/etc/authlib/authmysqlrc

MYSQL_SERVER            localhost
MYSQL_USERNAME          root
MYSQL_PASSWORD          123456

MYSQL_OPT 0
MYSQL_DATABASE postfix

MYSQL_USER_TABLE mailbox

MYSQL_CRYPT_PWFIELD password

MYSQL_UID_FIELD '80'

MYSQL_GID_FIELD '80' ###给apache 操作权限

MYSQL_LOGIN_FIELD username

MYSQL_HOME_FIELD '/var/mailbox/' ###mail 虚拟目录

MYSQL_NAME_FIELD name

MYSQL_MAILDIR_FIELD maildir

shell $> ee /usr/local/etc/courier-imap/pop3d

查找 POP3DSTART=NO

改为 POP3DSTART=YES

7.安装 Cyrus-sasl2

shell $> cd /usr/ports/security/cyrus-sasl2

shell $> make install clean #### 配置菜单要选 AUTHDAEMON

shell $> ee /usr/local/lib/sasl2/smtpd.conf

pwcheck_method:authdaemond
log_level:3
mech_list:PLAIN LOGIN
authdaemond_path:/var/run/authdaemond/socket

8. 安装 postfix

shell $> cd /usr/ports/mail/postfix

shell $> make install clean ##配置选项,选择 SASL2 ,TLS,MYSQL,VDA

shell $> echo postfix: root >> /etc/aliases

shell $> newaliases

shell $> chown postfix:postfix /etc/opiekeys

shell $> ee /etc/rc.conf

##添加如下:

postfix_enable="YES"

sendmail_enable="NO"
sendmail_submit_enable="NO"
sendmail_outbound_enable="NO"
sendmail_msp_queue_enable="NO"

shell $> cd /usr/local/etc/postfix

shell $> ee main.cf

################### BASE ##################`
command_directory = /usr/local/sbin
config_directory = /usr/local/etc/postfix
daemon_directory = /usr/local/libexec/postfix
debug_peer_level = 2
html_directory = no
mail_owner = postfix
mailq_path = /usr/local/bin/mailq
manpage_directory = /usr/local/man
mynetworks_style = host
newaliases_path = /usr/local/bin/newaliases
queue_directory = /var/spool/postfix
readme_directory = no
sample_directory = /usr/local/etc/postfix
sendmail_path = /usr/local/sbin/sendmail
setgid_group = maildrop
unknown_local_recipient_reject_code = 550

myhostname = mail.ludy.com
mydomain = ludy.com
home_mailbox = Maildir/
mydestination = $myhostname
local_recipient_maps =
message_size_limit = 14680064
#################MySQL################
virtual_alias_maps =mysql:/usr/local/etc/postfix/mysql/mysql_virtual_alias_maps.cf
virtual_uid_maps = static:80
virtual_gid_maps = static:80
virtual_mailbox_base = /var/mailbox/
virtual_mailbox_domains = mysql:/usr/local/etc/postfix/mysql/mysql_virtual_domains_maps.cf
virtual_mailbox_maps = mysql:/usr/local/etc/postfix/mysql/mysql_virtual_mailbox_maps.cf
virtual_minimum_uid = 80
virtual_transport = virtual
maildrop_destination_recipient_limit = 1
################Quota################
virtual_create_maildirsize = yes
virtual_mailbox_extended = yes
virtual_mailbox_limit_maps = mysql:/usr/local/etc/postfix/mysql/mysql_virtual_mailbox_limit_maps.cf
virtual_mailbox_limit_override = yes
virtual_maildir_limit_message = Sorry,the user's Maildir has overdrawn his diskspace quota ,please tray again later.
virtual_overquota_bounce = yes
##############SASL####################
smtpd_sasl_auth_enable = yes
smtpd_sasl2_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_mynetworks,
                                permit_sasl_authenticated,
                                reject_invalid_hostname,
                                reject_non_fqdn_hostname,
                                reject_unknown_sender_domain,
                                reject_non_fqdn_sender,
                                reject_non_fqdn_recipient,
                                reject_unknown_recipient_domain,
                                reject_unauth_pipelining,
                                reject_unauth_destination,
                                reject_rbl_client cblless.antispam.org.cn
smtpd_client_restrictions = permit_mynetworks,
                            permit_sasl_authenticated

shell $> mkdir /var/mailbox

shell $> chown -R www:www /var/mailbox

shell $> chmod -R 700 /var/mailbox

9.建立MYSQL 查询配置文件

shell $> cd /usr/local/etc/postfix

shell $> mkdir mysql

shell $> cd mysql

shell $> ee mysql_virtual_alias_maps.cf

user = root
password = 123456
hosts = localhost
dbname = postfix
table = alias
select_field = goto
where_field = address
shell $> ee mysql_virtual_domains_maps.cf

user = root
password = 123456

hosts = localhost
dbname = postfix
table = domain
select_field = description

where_field = domain

shell $> ee mysql_virtual_mailbox_limit_maps.cf

user = root
password = 123456

hosts = localhost
dbname = postfix
table = mailbox
select_field = quota
where_field = username
shell $> ee mysql_virtual_mailbox_maps.cf

user = root
password = 123456
hosts = localhost
dbname = postfix
table = mailbox
select_field = maildir
where_field = username

10. 安装 POSTFIXADMIN

shell $> cd /usr/ports/mail/postfixadmin

shell $> make install clean

shell $> cp -R /usr/local/www/postfixadmin /usr/local/www/apache22/data/

shell $> shown -R www:www /usr/local/www/apache22/data

shell $> cd /usr/local/www/postfixadmin

shell $> mysql -u root -p < DATABASE_MYSQL.TXT

shell $> ee config.inc.php

$CONF['default_language'] = 'cn';

$CONF['database_type'] = 'mysql';
$CONF['database_host'] = 'localhost';
$CONF['database_user'] = 'root';
$CONF['database_password'] = '123456';
$CONF['database_name'] = 'postfix';
$CONF['database_prefix'] = '';
$CONF['domain_in_mailbox'] = 'NO';

$CONF['quota'] = 'YES';

$CONF['show_footer_text'] = 'YES';
$CONF['footer_text'] = 'Return to Host';
$CONF['footer_link'] = 'http://192.168.6.44/postfixadmin';

11.安装 bind9

shell $>cd /usr/ports/dns/bind9

shell $> make install clean

shell $> cd /etc/namedb

shell $> rndc-confgen > rndc.conf ##生成rndc.conf

复制rndc.conf

# Use with the following in named.conf, adjusting the allow list as needed:
# key "rndc-key" {
#       algorithm hmac-md5;
#       secret "dOESmFjoj6ptokHGi4aJAg==";
# };
#
# controls {
#       inet 127.0.0.1 port 953
#               allow { 127.0.0.1; } keys { "rndc-key"; };
# };
去掉注释到 named.conf 文件

shell $> ee named.conf

options {
        // Relative to the chroot directory, if any
        directory       "/etc/namedb";
        pid-file        "/var/run/named/pid";
        dump-file       "/var/dump/named_dump.db";
        statistics-file "/var/stats/named.stats";
        listen-on       { 192.168.6.44; };

             forwarders {
                202.106.0.20;
        };

};
zone "ludy.com" {
type master;
file "dynamic/ludy.com";
};

key "rndc-key" {
      algorithm hmac-md5;
      secret "dOESmFjoj6ptokHGi4aJAg==";
};
controls {
      inet 127.0.0.1 port 953
              allow { 127.0.0.1; } keys { "rndc-key"; };
};

##添加 ludy.com 域名解析文件

shell $> cd /etc/namedb/dynamic/

shell $> ee ludy.com

$TTL    86400
$ORIGIN ludy.com.
@       IN      SOA     ludy.com. root.ludy.com. (
                        2009072901      ;
                        68400           ;
                        86400           ;
                        3600000;        ;
                        36000   )       ;
        IN      NS      ns.ludy.com.
        IN      MX      10 mail.ludy.com.
www     IN      A       192.168.6.44
mail    IN      A       192.168.6.44
ns      IN      A       192.168.6.44

shell $> ee /etc/rc.conf

添加如下：

named_enable="YES"
named_program="/usr/sbin/named"
named_flags="-c /etc/namedb/named.conf"

12.重新启动服务器，测试

a. 在你的XP 机器上把 DNS 地址改为 postfix 地址