查看“Postfix 基本设置指南”的源代码

== Postfix 基本设置指南 ==

原文出处：

原文作者：

授权许可：
* [http://creativecommons.org/licenses/by-sa/2.0/ 创作共用协议Attribution-ShareAlike 2.0]
* [http://www.gnu.org/copyleft/fdl.html GNU自由文档许可证]

翻译人员：tt7646

校正人员：zhan

贡献人员：

适用版本：
文章状态：[[等待翻译]]
----




=== 介绍 ===

这份指南将帮助你建立一个基本的企业级Postfix邮件服务器。主要目的是教会你如何安装和配置一个包含IMAP和POP3服务的基本Postfix邮件服务器。在此我不打算告诉你诸如病毒检测或垃圾过滤等高级应用。

这份指南较偏向于理论，适合postfix初学者。我的高级postfix指南是[[Postfix 虚拟邮箱和病毒过滤指南]]和[[Postfix 完整虚拟邮件系统指南]]。如果你是初学者，可以在看完这份基本指南后，查阅他们。

=== 安装概述 ===

安装配置过程中，postfix通过Internet发送和接收emial，并存储在用户邮箱里。同时客户也可以通过IMAP或者POP3恢复他们的邮件。其中的客户认证是通过Courier Authdaemon模块的。下图表示出了这个过程。
attachment:SetupOverview.jpg

=== Postfix的结构 ===

==== 组件 ====

下图表示Postfix系统的主要组件以及他们间的主要信息。

attachment:PostfixComponents.gif

* 黄色椭圆表示邮件程序。
* 黄色方框表示邮件队列或文件。
* 蓝色方框表示查找的表。
* 大方框中的程序在Postfix主模块的控制下运行。
* 大方框中的数据记录Postfix系统的属性。

==== 接收邮件 ====

当一个新的消息进入Postfix系统，第一个内部停止是在新进入队列（incoming queue）。下图表示了包含一个新邮件的主要组件。

attachment:PosfixRecieving.gif

* 邮件在本地发送。 Postfix的[http://www.postfix.org/sendmail.1.html sendmail]程序调用拥有特权的[http://www.postfix.org/postdrop.1.html postdrop]程序 which deposits the message into the '''maildrop''' directory, where the message is picked up by the [http://www.postfix.org/pickup.8.html pickup] daemon. This daemon does some sanity checks, in order to protect the rest of the Postfix system.
该程序将消息存放到 '''maildrop''' 目录，在那里消息被 [http://www.postfix.org/pickup.8.html pickup] 守护进程取走。pickup 守护进程为了保护其他的 Postfix 系统会执行一些完整性检测。
* Mail comes in via the network. The Postfix [http://www.postfix.org/smtpd.8.html SMTP server] receives the message and does some sanity checks, in order to protect the rest of the Postfix system. 
* 邮件从网络到来. Postfix 的[http://www.postfix.org/smtpd.8.html SMTP server]收到消息然后为了保护其他的 Postfix 系统作些完整性检测。 

* Mail is generated internally by the Postfix system itself, in order to return undeliverable mail to the sender. The [http://www.postfix.org/bounce.8.html bounce or defer] daemon brings the bad news.
*
* Mail is forwarded by the [http://www.postfix.org/local.8.html local] delivery agent, either via an entry in the system-wide [http://www.postfix.org/aliases.5.html alias] database, or via an entry in a per-user [http://www.postfix.org/aliases.5.html .forward] file. This is indicated with the unlabeled arrow.

* Mail is generated internally by the Postfix system itself, in order to [http://www.postfix.org/basic.html#notify notify] the postmaster of a problem (this path is also indicated with the unlabeled arrow).The Postfix system can be configured to notify the postmaster of SMTP protocol problems, [http://en.wikipedia.org/wiki/E-mail_spam UCE] policy violations, and so on.

* The [http://www.postfix.org/cleanup.8.html cleanup] daemon implements the final processing stage for new mail. It adds missing '''From:''' and other message headers, arranges for address rewriting to the standard user@fully.qualified.domain form, and optionally extracts recipient addresses from message headers. The '''cleanup''' daemon inserts the result as a single queue file into the '''incoming''' queue, and notifies the [http://www.postfix.org/qmgr.8.html queue manager] of the arrival of new mail. The '''cleanup''' daemon can be configured to transform addresses on the basis of [http://www.postfix.org/rewrite.html#canonical canonical] and [http://www.postfix.org/rewrite.html#virtual virtua] table lookups.

* On request by the cleanup daemon, the [http://www.postfix.org/trivial-rewrite.8.html trivial-rewrite] daemon rewrites addresses to the standard user@fully.qualified.domain form.


=== 安装Postfix ===

In this setup I assume that your domain is <code><nowiki>yourdomain.com</nowiki></code> and it has a valid MX record call <code><nowiki>mail.yourdomain.com</nowiki></code>. Remember to replace <code><nowiki>yourdomain.com</nowiki></code> with your actual domain in the example codes in this howto. Also I assume that you know what an MX record is. To find out MX your type in a terminal:

<pre><nowiki>
dig mx yourdomain.com
</nowiki></pre> 

'''安装postfix'''

<pre><nowiki>   
sudo apt-get install postfix
</nowiki></pre>

安装mailx软件包
mailx软件包是一个命令行的邮件属性程序，mail命令包含在mailx软件包里面


<pre><nowiki>
sudo apt-get install mailx
</nowiki></pre>

=== 测试你的默认设置 ===

首先添加一个用户. (这里以fmaster为例)

<pre><nowiki>
sudo useradd -m -s /bin/bash fmaster
sudo passwd fmaster
</nowiki></pre>

用下面的命令测试,其实就是测试25端口是否打开
<pre><nowiki>
telnet localhost 25
</nowiki></pre>

Postfix will prompt like following in the terminal so that you can use to type SMTP commands.

<pre><nowiki>
Trying 127.0.0.1...
Connected to mail.fossedu.org.
Escape character is '^]'.
220 localhost.localdomain ESMTP Postfix (Ubuntu)
</nowiki></pre>


用下面的命令测试postfix
<pre><nowiki>
ehlo localhost
mail from: root@localhost
rcpt to: fmaster@localhost
data
Subjet: My first mail on Postfix
Hi,
Are you there?
regards,
Admin
. (Type the .[dot] in a new Line and press Enter )
quit 
</nowiki></pre>

检查刚才创建的<code><nowiki>fmaster</nowiki></code>用户的收件箱

<pre><nowiki>
su - fmaster
mail
</nowiki></pre>

When your type <code><nowiki>mail</nowiki></code> command an output like follows display in your terminal.

<pre><nowiki>
Mail version 8.1.2 01/15/2001.  Type ? for help.
"/var/mail/fmaster": 2 messages 2 new
>N  1 root@localhost     Mon Mar  6 12:49   13/479   Just a test
N  2 root@localhost     Mon Mar  6 12:51   15/487   My first mail
&
</nowiki></pre>
You will observe that mails are indexed by numbers and you can type the number of which the mail that you want to read. For example type no <code><nowiki>"2"</nowiki></code> to read the 2nd mail. The type <code><nowiki>"q"</nowiki></code> to quit. The mail will be written to a file called <code><nowiki>mbox</nowiki></code> in user's home directory. According to our example it will be <code><nowiki>/home/fmaster/mbox</nowiki></code>. 

All messages in an mbox type of mailbox are concatenated and stored in a single file. The beginning of each message is indicated by a line whose first five characters are "From " and a blank line is appended to the end of each message

=== Setting Postfix Support for Maildir-style Mailboxes ===

Maildir is a format for an e-mail spool that does not require file locking to maintain message integrity because the messages are kept in separate files with unique names. A Maildir is a directory (often named Maildir) with three subdirectories named tmp, new, and cur. The subdirectories should all reside on the same filesystem.

Another reason to use Maildir format is that Courier IMAP/POP3 servers only work with  Maildir format of mailboxes.

Please find out more about Maildir [http://en.wikipedia.org/wiki/Maildir here] 


<pre><nowiki>
sudo  vi /etc/postfix/main.cf
</nowiki></pre>

Add the following code segment:

<pre><nowiki>
home_mailbox = Maildir/
</nowiki></pre>

Comment the Line <code><nowiki> mailbox_command = procmail -a "$EXTENSION"</nowiki></code> adding a "#" at the beginning 

'''Restart Postfix''' to make changes effect.

<pre><nowiki>
sudo  /etc/init.d/postfix restart
</nowiki></pre>

Test your setup again 

=== Installing courier IMAP and POP3 ===

<pre><nowiki>
sudo apt-get install courier-pop
sudo apt-get install courier-imap
</nowiki></pre>

=== Adding local domains to postfix ===

<pre><nowiki>
sudo   vi /etc/postfix/main.cf
</nowiki></pre>

'''Add your domain to:'''

<pre><nowiki>
sudo vi /etc/postfix/main.cf
</nowiki></pre>

Add your domain to <code><nowiki>mydestination</nowiki></code>. Once added it should be like the following code segment.

<pre><nowiki>
...
mydestination = mail.fossedu.org, localhost.localdomain, localhost, yourdoamin.com
...
</nowiki></pre>

'''Add your local network to:'''

<pre><nowiki>
sudo vi /etc/postfix/main.cf
</nowiki></pre>

I assume that your local network is 192.168.1.0/24 and add your local network  to <code><nowiki>mynetworks</nowiki></code>. Once added it should be like the following code segment. 

<pre><nowiki>
mynetworks = 127.0.0.0/8, 192.168.1.0/24
</nowiki></pre>

'''Make Postfix to receive mail from the Internet'''

Set <code><nowiki>inet_interfaces = all</nowiki></code>  in <code><nowiki>/etc/postfix/main.cf</nowiki></code> using:

<pre><nowiki>
sudo vi /etc/postfix/main.cf
</nowiki></pre>

Finally Restart Postfix;

<pre><nowiki>
sudo  /etc/init.d/postfix restart
</nowiki></pre>

Test your setup again using following code:

<pre><nowiki>
telnet mail.yourdomain.com 25
ehlo yourdmain.com
mail from: root@yourdomain.com
rcpt to: fmaster@yourdomain.com
data
Subject: My first mail for my domain
Hi,
Are you there?
regards,
Admin
. (and Enter In a new Line)
quit 
</nowiki></pre>

Check the mailbox of <code><nowiki>fmaster</nowiki></code>

<pre><nowiki>
su - fmaster
cd Maildir/new
ls
</nowiki></pre>

Now you will see mail has a separate file

=== Testing Courier POP3 ===

Type in a terminal:

<pre><nowiki>
telnet mail.yourdomain.com 110
</nowiki></pre>

Use the following example code segment for your test. Be intelligent to tweak the changes appropriately to your environment. An output like follows will display in your terminal.

<pre><nowiki>
Connected to mail.yourdomain.com (69.60.109.217).
Escape character is '^]'.
+OK Hello there.
</nowiki></pre>

Type the following code segment in the prompt provided by the Courier POP3 server. I assume that you inetligent enough not to type the lines which starts from <code><nowiki>+OK</nowiki></code> 

<pre><nowiki>
user fmaster
+OK Password required.
pass password
+OK logged in.
quit
</nowiki></pre>

=== Testing Courier IMAP ===

Type in a terminal:

<pre><nowiki>
telnet mail.yourdomain.com 143
</nowiki></pre>

Use the following example code segment for your test. Be intelligent to tweak the changes appropriately to your environment. An output like follows will display in your terminal.

<pre><nowiki>
* OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE ACL ACL2=UNION STARTTLS XCOURIEROUTBOX=INBOX.Outbox] Courier-IMAP ready. Copyright 1998-2005 Double Precision, Inc.  See COPYING for distribution information.
</nowiki></pre>

Type the following code segment in the prompt provided by the Courier IMAP server.

<pre><nowiki>
a login fmaster password
a OK LOGIN Ok.
a logout
</nowiki></pre>

=== Local Alias database ===

When mail is to be delivered locally, the local delivery agent runs each local recipient name through the  aliases database. The mapping does not affect addresses in message headers. Local aliases are typically used to implement distribution lists, or to direct mail for standard aliases such as '''postmaster''' to real people. The table can also be used to map Firstname.Lastname addresses to login names.

Alias lookups are enabled by default and you will see following code segment in '''main.cf''' file.

<pre><nowiki>
...
alias_maps = hash:/etc/aliases 
...
</nowiki></pre>

==== Creating an alias for an account ====

The following codes illustrate how you can setup an alias. This step is optional since we are going to configure virtual mail domains later in this howto. I have added this step to make understand how you can do this in case of a requirement.

'''Create a user'''

<pre><nowiki>
sudo useradd -m -s /bin/bash sysadmin
sudo passwd sysadmin
</nowiki></pre>

'''Edit the alias table'''

Open the alias file with:

<pre><nowiki>
sudo vi /etc/aliases
</nowiki></pre>

Add the following code:

<pre><nowiki>
fmaster: sysadmin
</nowiki></pre>

To make your changes effect type:

<pre><nowiki>
sudo newaliases
</nowiki></pre>

To test your changes send a mail to <code><nowiki>fmaster</nowiki></code> and check the mail in <code><nowiki>/home/sysadmin/Maildir/new</nowiki></code> folder.


=== Per User .forward Files ===

Users can control their own mail delivery by specifying destinations in a file called .forward in their home directories. The syntax of these files is the same as with system aliases, except that the lookup key and colon are not present.

I will illustrate an example here:

Assume that you need to for all the mails which comes sysadmin account to an another account do like this

<pre><nowiki>
su - sysadmin
touch .forward
</nowiki></pre>

Then open the .forward file

<pre><nowiki>
vi .forward
</nowiki></pre>

Add  the following code:

<pre><nowiki>
fossedu@gmail.com
</nowiki></pre>

Remember to use email address which exists in this exercise.

Now send a mail to <code><nowiki>sysadmin</nowiki></code> and mail should come to fossedu@gmail.com

=== Postfix virtual Aliases for separate domains and Linux system accounts ===

With this approach, every hosted domain can have its own info etc. email address. However, it still uses LINUX system accounts for local mailbox deliveries.

With virtual alias domains, each hosted address is aliased to a local UNIX system account or to a remote address. The example below shows how to use this mechanism for the fossedu.org and linuxelabs.com domains. 

Open the '''main.cf''' file:

<pre><nowiki>
sudo vi /etc/postfix/main.cf
</nowiki></pre>

Add the following code segment:

<pre><nowiki>
virtual_alias_domains = fossedu.org linuxelabs.com
virtual_alias_maps = hash:/etc/postfix/virtual
</nowiki></pre>

Edit the <code><nowiki>/etc/postfix/virtual</nowiki></code> file:


Add two Linux system accounts

<pre><nowiki>
sudo useradd -m -s /bin/bash sigiri
sudo useradd -m -s /bin/bash kala
</nowiki></pre>

Set Password for the above users.

<pre><nowiki>
sudo passwd sigiri
sudo passwd kala
</nowiki></pre>


<pre><nowiki>
sudo vi /etc/postfix/virtual
</nowiki></pre>

Add the following code segment:

<pre><nowiki>
info@fossedu.org       sigiri
info@linuxelabs.com    kala
</nowiki></pre>

To create a Map Database type :
<pre><nowiki>
sudo postmap /etc/postfix/virtual
</nowiki></pre>
The postmap is  utility program that will convert <code><nowiki>/etc/postfix/virtual</nowiki></code> to <code><nowiki>/etc/postfix/virtual.db</nowiki></code> Berkley DB format, so that Postfix can access the data faster.

Restart Postfix to make changes effect:

<pre><nowiki>
sudo /etc/init.d/postfix restart
</nowiki></pre>

Send mails to both info@fossedu.org and info@linuxelabs.com and those mails should come to mailboxes of  '''sigiri''' and '''kala''' respectively.


Yet another howto by: ChinthakaDeshapriya.