RHEL5下构建LAMP+Postfix+Dovecot+SquirrelMail+Extmail+Extman+DRBD

  1. 云栖社区>
  2. 博客>
  3. 正文

RHEL5下构建LAMP+Postfix+Dovecot+SquirrelMail+Extmail+Extman+DRBD

技术小甜 2017-11-08 16:51:00 浏览2032
展开阅读全文

----------------------------

LAMP下部署

Postfix+Dovecot+SquirrelMail+Extmail+Extman+SpamAssassin防垃圾邮件

spacer.gif

实验软件包:(都存放到/usr/src下)

实验环境:RHEL5.4

Mail.Dns server192.168.1.126/24  dns.crazylinux.com

Clinet  192.168.1.105/24


实验要求:

一、搭建DNS服务器能够解析dns.crazylinux.com 192.168.1.126

二、在mail服务器上源码安装apachemysqlphp

三、在mail服务器中搭建Postfix邮件服务器

四、构建Dovecot服务器

五、配置SquirrelMail

六、设置SMTP认证,用户别名与群组,限制用户可发送邮件大小和使用邮箱空间大小

七、配置Postfix支持Mysql虚拟用户

八、部署Extmail

九、部署Extman

十、DRBD主从



实验步骤:(红色的地方表示修改的)

一、搭建DNS服务器能够解析nds.crazylinux.com 192.168.1.126

1、前体条件(设置ip与主机名)

[root@dns ~]# ifconfig eth0 | grep "inet addr"

inet addr:192.168.1.126  Bcast:192.168.0.255  Mask:255.255.255.0

[root@dns ~]# grep HOSTNAME /etc/sysconfig/network

HOSTNAME=dns.crazylinux.com

2、配置本地yum仓库(把RHEL5.4挂载到/media下)

[root@dns ~]# cd /etc/yum.repos.d/

[root@dns yum.repos.d]# vim rhel-debuginfo.repo

[rhel-debuginfo]

name=Red Hat Enterprise Linux $releasever - $basearch - Debug

baseurl=file:///media/Server     (确定/media下有Server目录)

enabled=1

gpgcheck=1

gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release

3、安装DNS软件包

[root@dns ~]# yum -y install bind bind-chroot caching-nameserver

4、配置DNS主配置文件

[root@dns ~]# cd /var/named/chroot/etc/

[root@dns etc]# cp -p named.caching-nameserver.conf named.conf

14 options {

15     listen-on port 53 { any; };

16     listen-on-v6 port 53 { ::1; };

17     directory    "/var/named";

18     dump-file    "/var/named/data/cache_dump.db";

19     statistics-file "/var/named/data/named_stats.txt";

20     memstatistics-file "/var/named/data/named_mem_stats.txt";

27     allow-query   { any; };

28     allow-query-cache { any; };

29 };

30 logging {

31     channel default_debug {

32         file "data/named.run";

33         severity dynamic;

34     };

35 };

36 view localhost_resolver {

37     match-clients   { any; };

38     match-destinations { any; };

39     recursion yes;

40     include "/etc/named.rfc1912.zones";

41 };

[root@dns etc]# vim named.rfc1912.zones  在文件最后添加如下内容

zone "crazylinux.com" IN {

type master;

file "cl.zheng";

};


zone "0.168.192.in-addr.arpa" IN {

type master;

file "cl.fan";

};

5、配置DNS区域文件

[root@dns etc]# cd /var/named/chroot/var/named/

[root@dns named]# cp -p named.zero cl.zheng

[root@dns named]# cat cl.zheng

$TTL   86400

@        IN SOA crazylinux.com.   root.crazylinux.com. (

 2010090701   ; serial (d. adams)

3H       ; refresh

15M       ; retry

1W       ; expiry

1D )      ; minimum

   IN   NS    dns.crazylinux.com.

   IN   MX  5  dns.crazylinux.com.

dns   IN   A    192.168.1.126

mail  IN   A    192.168.1.126

[root@dns named]# cp -p cl.zheng cl.fan

[root@dns named]# cat cl.fan

$TTL   86400

@        IN SOA crazylinux.com.    root.crazylinux.com. (

2010090701   ; serial (d. adams)

3H       ; refresh

15M       ; retry

1W       ; expiry

1D )      ; minimum

   IN   NS    dns.crazylinux.com.

   IN   MX  5  mail.crazylinux.com.

126   IN   PTR   dns.crazylinux.com.

126   IN   PTR   mail.crazylinux.com.

6、启动DNS服务

[root@dns named]# service named start

[root@dns named]# chkconfig named on

二、mail服务器上源码安装apachemysqlphp(先卸载http mysqlphprpm包)

1、前体条件(设置ip与主机名,把实验中所需要的源码包拷贝到/home目录)

[root@ ~]# ifconfig eth0 | grep "inet addr"

inet addr:192.168.1.126  Bcast:192.168.0.255  Mask:255.255.255.0

[root@dns ~]# grep HOSTNAME /etc/sysconfig/network

HOSTNAME=dns.crazylinux.com

2、配置本地yum仓库(把RHEL5.4挂载到/media下)

[root@dns ~]# cd /etc/yum.repos.d/

[root@dns yum.repos.d]# vim rhel-debuginfo.repo

[rhel-debuginfo]

name=Red Hat Enterprise Linux $releasever - $basearch - Debug

baseurl=file:///media/Server  (确定/media下有Server目录)

enabled=1

gpgcheck=1

gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release

3、安装Apache

[root@dns ~]# yum -y install *gcc* openssl-devel

[root@dns ~]# rpm -e httpd –nodeps

[root@dns ~]# rpm -e mysql --nodeps

[root@dns ~]# rpm -e php --nodeps

[root@dns ~]# cd /home/

[root@dns home]# tar -zxvf httpd-2.2.15.tar.gz -C /usr/src/

[root@dns home]# cd /usr/src/httpd-2.2.15/

[root@dns httpd-2.2.15]# ./configure --prefix=/usr/local/apache2

--enable-rewrite

--enable-so

--enable-auth-digest

                --enable-cgi

--with-ssl=/usr/lib

--enable-ssl

--enable-suexec

--with-suexec-caller=daemon

--with-suexec-docroot=/usr/local/apache2/htdocs

[root@dns httpd-2.2.15]# make

[root@dns httpd-2.2.15]# make install

[root@dns httpd-2.2.15]# cd /usr/local/apache2/bin/

[root@dns bin]# vim apachectl  添加以下2句话

#!/bin/sh

# chkconfig: 35 85 15

# description: Apache is a World Wide Web Server

[root@dns bin]# cp apachectl /etc/init.d/apache

[root@dns bin]# chkconfig --add apache

[root@dns bin]# chkconfig apache on

[root@dns bin]# service apache start

httpd: apr_sockaddr_info_get() failed for mail.crazylinux.com

httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName

解决办法:

[root@dns bin]# vim /usr/local/apache2/conf/httpd.conf

ServerName mail.crazylinux.com

[root@dns bin]# service apache stop

[root@dns bin]# service apache start

4Mysql服务器的搭建

[root@dns bin]# cd /home/

[root@dns home]# tar -zxvf mysql-5.1.44.tar.gz -C /usr/src/

[root@dns home]# cd /usr/src/mysql-5.1.44/

[root@dns mysql-5.1.44]# useradd -M -s /sbin/nologin mysql

[root@dns mysql-5.1.44]# yum -y install libtermcap-devel

[root@dns mysql-5.1.44]# ./configure --prefix=/usr/local/mysql --with-mysqld-user=mysql

[root@dns mysql-5.1.44]# make

[root@dns mysql-5.1.44]# make install

[root@dns mysql-5.1.44]# cp support-files/my-medium.cnf /etc/my.cnf

[root@dns mysql-5.1.44]# /usr/local/mysql/bin/mysql_install_db --user=mysql

[root@dns mysql-5.1.44]# chown -R root:mysql /usr/local/mysql/

[root@dns mysql-5.1.44]# chown -R mysql /usr/local/mysql/var/

[root@dns mysql-5.1.44]# echo "/usr/local/mysql/lib/mysql" >> /etc/ld.so.conf

[root@dns mysql-5.1.44]# ldconfig

[root@dns mysql-5.1.44]# cp support-files/mysql.server /etc/init.d/mysqld

[root@dns mysql-5.1.44]# chmod o+x /etc/init.d/mysqld

[root@dns mysql-5.1.44]# chkconfig --add mysqld

[root@dns mysql-5.1.44]# chkconfig mysqld on

[root@dns mysql-5.1.44]# service mysqld start

[root@dns mysql-5.1.44]# ps -e | grep mysqld

2880 pts/0  00:00:00 mysqld_safe

2988 pts/0  00:00:00 mysqld

[root@dns mysql-5.1.44]# netstat -nutlp | grep mysqld

tcp   0   0 0.0.0.0:33060.0.0.0:*     LISTEN   2988/mysqld

[root@dns mysql-5.1.44]# export PATH=$PATH:/usr/local/mysql/bin

[root@dns mysql-5.1.44]# echo "PATH=$PATH:/usr/local/mysql/bin" >> /etc/profile

[root@dns mysql-5.1.44]# mysqladmin -u root password 123456

[root@dns mysql-5.1.44]# mysql -u root -p

Enter password:  (输入密码123456

Welcome to the MySQL monitor. Commands end with ; or \g.

Your MySQL connection id is 2

Server version: 5.1.44-log Source distribution


Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.


mysql>quit

5PHP环境的搭建

[root@dns mysql-5.1.44]# cd /home/

[root@dns home]# tar -zxvf php-5.2.13.tar.gz -C /usr/src/

[root@dns home]# cd /usr/src/php-5.2.13/

[root@dns php-5.2.13]# yum -y install *libxml2*

[root@dns php-5.2.13]# ./configure --prefix=/usr/local/php5

--enable-mbstring

--with-apxs2=/usr/local/apache2/bin/apxs

--with-mysql=/usr/local/mysql

--with-config-file-path=/usr/local/php5

[root@dns php-5.2.13]#make

[root@dns php-5.2.13]#make test

[root@dns php-5.2.13]#make install

[root@dns php-5.2.13]# cp php.ini-dist /usr/local/php5/php.ini

[root@dns php-5.2.13]# vim /usr/local/apache2/conf/httpd.conf

53 LoadModule php5_module     modules/libphp5.so

54 AddType application/x-httpd-php .php

167 <IfModule dir_module>

168   DirectoryIndex index.php index.html

169 </IfModule>

[root@dns php-5.2.13]# cat /usr/local/apache2/htdocs/index.php

<?php

   phpinfo();

?>

[root@dns php-5.2.13]# service apache stop

[root@dns php-5.2.13]# service apache start

如果是php5.3版的需要修改几个参数:

(因为php5.3版,具体详情看http://crazylinux.blog.51cto.com/

[root@dns webmail]# vim /usr/local/php5/php.ini
514 error_reporting =
E_ALL & ~E_DEPRECATED
996 date.timezone = Asia/Shanghai
[root@dns webmail]# service apache stop
[root@dns webmail]# service apache start


6、客户端的测试

XP上设置ipDNS的参数,然后输入http://mail.crazylinux.com测试


三、mail服务器中搭建Postfix邮件服务器

[root@dns ~]# service sendmail stop

[root@dns ~]# chkconfig sendmail off

[root@dns ~]# groupadd -g 1200 postdrop

[root@dns ~]# groupadd -g 1000 postfix

[root@dns ~]# useradd -M -u 1000 -g postfix -G postdrop -s /sbin/nologin postfix

[root@dns ~]# cd /home/

[root@dns home]# tar -zxvf postfix-2.6.5.tar.gz -C /usr/src/

[root@dns home]# cp postfix-2.6.5-vda-ng.patch.gz /usr/src/

[root@dns home]# cd /usr/src/

[root@dns src]# gunzip postfix-2.6.5-vda-ng.patch.gz

[root@dns src]# cd postfix-2.6.5

[root@dns postfix-2.6.5]# patch -p1 < ../postfix-2.6.5-vda-ng.patch

[root@dns postfix-2.6.5]# yum -y install db*-devel cyrus-sasl-devel

[root@dns postfix-2.6.5]# make makefiles

'CCARGS=-DHAS_MYSQL -I/usr/local/mysql/include/mysql

-DUSE_SASL_AUTH -DUSE_CYRUS_SASL -I/usr/include/sasl'

'AUXLIBS=-L/usr/local/mysql/lib/mysql -lmysqlclient

-lz -lm -L/usr/lib/sasl2 -lsasl2'

注解:CCARGS主要是提供额外参数

    AUXLIBS指出位于标准位置之外的额外函数库

[root@dns postfix-2.6.5]# make

[root@dns postfix-2.6.5]# make install

[root@dns postfix-2.6.5]# cd /etc/postfix/

[root@dns postfix]# postconf -n > main2.cf

[root@dns postfix]# mv main.cf main.cf.bak

[root@dns postfix]# mv main2.cf main.cf

[root@dns postfix]# vim /etc/postfix/main.cf

17 inet_interfaces = 192.168.1.126, 127.0.0.1        //监听ip

18 myhostname = dns.crazylinux.com             //主机名

19 mydomain = crazylinux.com                     //使用邮件域

20 myorigin = $mydomain                         //外发邮件时发件人的邮件域名

21 mydestination = $mydomain, $myhostname      //可接受邮件地址域名

22 home_mailbox = Maildir/                    //邮件存储位置和格式

[root@dns postfix]# postfix start

[root@dns postfix]# echo "/usr/sbin/postfix start" >> /etc/rc.local

[root@dns postfix]# netstat -antlp | grep :25

tcp     0   0 192.168.1.126:25  0.0.0.0:*     LISTEN   27213/master

tcp     0   0 127.0.0.1:25    0.0.0.0:*     LISTEN   27213/master

[root@dns postfix]# groupadd mailusers

[root@dns postfix]# useradd -g mailusers -s /sbin/nologin tom

[root@dns postfix]# useradd -g mailusers -s /sbin/nologin jerry

[root@dns postfix]# passwd tom

[root@dns postfix]# passwd jerry

[root@dns postfix]# telnet localhost 25

Trying 127.0.0.1...

Connected to localhost.localdomain (127.0.0.1).

Escape character is '^]'.

220 mail.crazylinux.com ESMTP Postfix

helo localhost

250 mail.crazylinux.com

mail from:tom@crazylinux.com

250 2.1.0 Ok

rcpt to:jerry@crazylinux.com

250 2.1.5 Ok

data

354 End data with <CR><LF>.<CR><LF>

Subject:A test mail

Hello

This is a test mail

.

250 2.0.0 Ok: queued as AA4BD157939

quit

221 2.0.0 Bye

Connection closed by foreign host.

# cat /home/jerry/Maildir/new/1283859902.V802Id7956M227440.mail.crazylinux.com

Return-Path: <tom@crazylinux.com>

X-Original-To: jerry@crazylinux.com

Delivered-To: jerry@crazylinux.com

Received: from localhost (localhost.localdomain [127.0.0.1])

by mail.crazylinux.com (Postfix) with SMTP id AA4BD157939

for <jerry@crazylinux.com>; Tue,  7 Sep 2010 19:44:27 +0800 (CST)

Subject:A test mail

Message-Id: <20100907114438.AA4BD157939@mail.crazylinux.com>

Date: Tue, 7 Sep 2010 19:44:27 +0800 (CST)

From: tom@crazylinux.com

To: undisclosed-recipients:;


Hello

This is a test mail

四、构建Dovecot服务器

[root@dns ~]# useradd -M -s /sbin/nologin dovecot

[root@dns ~]# cd /home/

[root@dns home]# tar -zxvf dovecot-1.2.11.tar.gz -C /usr/src/

[root@dns home]# cd /usr/src/dovecot-1.2.11/

[root@dns dovecot-1.2.11]# yum -y install pam-devel

[root@dns dovecot-1.2.11]# ./configure --sysconfdir=/etc --with-mysql

[root@dns dovecot-1.2.11]# make

[root@dns dovecot-1.2.11]# make install

[root@dns dovecot-1.2.11]# cp /etc/dovecot-example.conf /etc/dovecot.conf

[root@dns dovecot-1.2.11]# vim /etc/dovecot.conf

24 protocols = pop3 imap

48 disable_plaintext_auth = no

89 ssl = no

218 mail_location = maildir:~/Maildir

[root@dns dovecot-1.2.11]# cat /etc/pam.d/dovecot

auth required pam_nologin.so

auth include system-auth

account include system-auth

session include system-auth

[root@dns dovecot-1.2.11]# /usr/local/sbin/dovecot -c /etc/dovecot.conf

[root@dns dovecot-1.2.11]# echo "/usr/local/sbin/dovecot -c /etc/dovecot.conf" >> /etc/rc.local

[root@dns dovecot-1.2.11]# netstat -tulnp | grep dovecot

tcp    0   0 0.0.0.0:1100.0.0.0:*      LISTEN   18303/dovecot

tcp    0   0 0.0.0.0:1430.0.0.0:*      LISTEN   18303/dovecot

[root@dns dovecot-1.2.11]# telnet localhost 110

Trying 127.0.0.1...

Connected to localhost.localdomain (127.0.0.1).

Escape character is '^]'.

+OK Dovecot ready.

user jerry

+OK

pass 123

+OK Logged in.

list

+OK 1 messages:

1 505

.

retr 1

+OK 505 octets

Return-Path: <tom@crazylinux.com>

X-Original-To: jerry@crazylinux.com

Delivered-To: jerry@crazylinux.com

Received: from localhost (localhost.localdomain [127.0.0.1])

by mail.crazylinux.com (Postfix) with SMTP id AA4BD157939

for <jerry@crazylinux.com>; Tue,  7 Sep 2010 19:44:27 +0800 (CST)

Subject:A test mail

Message-Id: <20100907114438.AA4BD157939@mail.crazylinux.com>

Date: Tue, 7 Sep 2010 19:44:27 +0800 (CST)

From: tom@crazylinux.com

To: undisclosed-recipients:;


Hello

This is a test mail

.

quit

+OK Logging out.

Connection closed by foreign host.

五、配置SquirrelMail

[root@dns ~]# cd /home/

[root@dns home]# tar -zxvf squirrelmail-1.4.18.tar.gz -C /usr/local/apache2/htdocs/

[root@dns home]# cd /usr/local/apache2/htdocs/

[root@dns htdocs]# mv squirrelmail-1.4.18/ webmail

[root@dns htdocs]# cd webmail/

[root@dns webmail]# tar -zxvf /home/zh_CN-1.4.18-20090526.tar.gz

[root@dns webmail]# mkdir –p attach data

[root@dns webmail]# chown -R daemon:daemon attach/ data/

[root@dns webmail]# chmod 730 attach/

[root@dns webmail]# cp config/config_default.php config/config.php

[root@dns webmail]# vim config/config.php

118 $domain = 'crazylinux.com';

231 $imap_server_type = 'dovecot';

499 $data_dir = '/usr/local/apache2/htdocs/webmail/data/';

517 $attachment_dir = '/usr/local/apache2/htdocs/webmail/attach/';

1012 $squirrelmail_default_language = 'zh_CN';

1027 $default_charset = 'zh_CN.UTF-8';

[root@dns webmail]# vim /usr/local/apache2/conf/httpd.conf

99 ServerName mail.crazylinux.com:80

[root@dns webmail]# service apache stop

[root@dns webmail]# service apache start

测试:
spacer.gif

六、设置SMTP认证,用户别名与群组,限制用户可发送邮件大小和使用邮箱空间大小

[root@dns webmail]# rpm -qa | grep -i "sasl"

cyrus-sasl-plain-2.1.22-5.el5

cyrus-sasl-lib-2.1.22-5.el5

cyrus-sasl-2.1.22-5.el5

cyrus-sasl-devel-2.1.22-5.el5

[root@dns webmail]# cp /usr/lib/sasl2/Sendmail.conf /usr/lib/sasl2/smtpd.conf

[root@dns webmail]# cat /usr/lib/sasl2/smtpd.conf

pwcheck_method:saslauthd

[root@dns webmail]# service saslauthd restart

[root@dns webmail]# chkconfig saslauthd on

[root@dns webmail]# vim /etc/postfix/main.cf

23 mailbox_size_limit = 524288000        //限制用户邮箱大小500M

24 message_size_limit = 50889600         //限制可发送邮件大小50M

25 alias_maps = hash:/etc/aliases          //实现邮件别名群发

26 smtpd_sasl_auth_enable = yes

27 smtpd_sasl_security_options = noanonymous

28 mynetworks = 127.0.0.1

29 smtpd_recipient_restrictions =

30 permit_mynetworks,

31 permit_sasl_authenticated,

32 reject_unauth_destination

[root@dns webmail]# postfix reload

[root@dns webmail]# tail -n 1 /etc/aliases

mike:      jerry        //发送mike的邮件将自动发给jerry用户

[root@dns webmail]# newaliases

测试SMTP认证

[root@dns webmail]# printf "tom" | openssl base64

dG9t

[root@dns webmail]# printf "123" | openssl base64

MTIz

[root@dns webmail]# telnet mail.crazylinux.com 25

Trying 192.168.1.126...

Connected to mail.crazylinux.com (192.168.1.126).

Escape character is '^]'.

220 mail.crazylinux.com ESMTP Postfix

ehlo localhost                                // 宣告客户端主机地址

250-mail.crazylinux.com

250-PIPELINING

250-SIZE 50889600

250-VRFY

250-ETRN

250-AUTH PLAIN LOGIN                          //支持认证

250-ENHANCEDSTATUSCODES

250-8BITMIME

250 DSN

mail from:tom@crazylinux.com

250 2.1.0 Ok

rcpt to:jerry@sohu.com

554 5.7.1 <jerry@sohu.com>: Relay access denied     //未使用smtp认证发信失败

AUTH LOGIN

334 VXNlcm5hbWU6

dG9t                                      //使用tom用户BASE64编码

334 UGFzc3dvcmQ6

MTIz                                   //密码123BASE64编码

235 2.7.0 Authentication successful                 //用户通过认证

rcpt to:jerry@sohu.com

250 2.1.5 Ok

data

354 End data with <CR><LF>.<CR><LF>

this is from tom@crazylinux.com

.

250 2.0.0 Ok: queued as 9BCE5EA876

quit

221 2.0.0 Bye

Connection closed by foreign host.



七、配置Postfix支持Mysql虚拟用户

1、建立虚拟用户数据库

[root@dns ~]# cd /home/

[root@dns home]# tar -zxvf extman-0.2.5.tar.gz -C /usr/src/

[root@dns home]# cd /usr/src/extman-0.2.5/docs/

[root@dns docs]# mysql -u root -p < extmail.sql

Enter password:

[root@dns docs]# mysql -u root -p < init.sql

Enter password:

[root@dns docs]# vim /etc/postfix/main.cf

21 #mydestination = $mydomain, $myhostname

33 virtual_mailbox_base = /mailbox

34 virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf

35 virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf

36 virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf

37 virtual_uid_maps = static:1000

38 virtual_gid_maps = static:1000

[root@dns docs]# cp mysql_virtual_* /etc/postfix/

2、为虚拟用户设置SMTP发信认证

[root@dns docs]# cd /home/

[root@dns home]# tar -jxvf courier-authlib-0.63.0.tar.bz2 -C /usr/src/

[root@dns home]# cd /usr/src/courier-authlib-0.63.0/

[root@dns courier-authlib-0.63.0]# ./configure --prefix=/usr/local/courier-authlib

--without-stdheaderdir

--with-authmysql

--with-redhat

--with-mysql-libs=/usr/local/mysql/lib/mysql

--with-mysql-includes=/usr/local/mysql/include/mysql

[root@dns courier-authlib-0.63.0]# make

[root@dns courier-authlib-0.63.0]# make install

[root@dns courier-authlib-0.63.0]# make install-configure

[root@dns courier-authlib-0.63.0]# echo "/usr/local/courier-authlib/lib/courier-authlib" >> /etc/ld.so.conf

[root@dns courier-authlib-0.63.0]# ldconfig

[root@dns courier-authlib-0.63.0]# cd /usr/local/courier-authlib/etc/authlib/

[root@dns authlib]# cp authdaemonrc authdaemonrc.bak

[root@dns authlib]# vim authdaemonrc

27 authmodulelist="authmysql"

34 authmodulelistorig="authmysql"

[root@dns authlib]# chmod -R 755 /usr/local/courier-authlib/var/spool/authdaemon/

[root@dns authlib]# cp authmysqlrc authmysqlrc.bak

[root@dns authlib]# vim authmysqlrc

26 MYSQL_SERVER      localhost //mysql数据库服务器位置

27 MYSQL_USERNAME    extmail  //管理员帐号

28 MYSQL_PASSWORD    extmail //密码

49 MYSQL_SOCKET      /tmp/mysql.sock

68 MYSQL_DATABASE     extmail  //虚拟用户数据库

83 MYSQL_USER_TABLE   mailbox   //mailbox表获取邮件账户信息

92 MYSQL_CRYPT_PWFIELD  password //password获取密码

113 MYSQL_UID_FIELD    uidnumber //uidnumber字段映射本地uid

119 MYSQL_GID_FIELD    gidnumber //gidnumber字段映射本地gid

128 MYSQL_LOGIN_FIELD   username  

133 MYSQL_HOME_FIELD   concat('/mailbox/',homedir)

139 MYSQL_NAME_FIELD   name

150 MYSQL_MAILDIR_FIELD  concat('/mailbox/',maildir)

[root@dns authlib]# cp /usr/src/courier-authlib-0.63.0/courier-authlib.sysvinit

/etc/init.d/courier-authlib

[root@dns authlib]# chmod 755 /etc/init.d/courier-authlib

[root@dns authlib]# chkconfig --level 35 courier-authlib on

[root@dns authlib]# service courier-authlib start

[root@dns authlib]# cat /usr/lib/sasl2/smtpd.conf

pwcheck_method:authdaemond

authdaemond_path: /usr/local/courier-authlib/var/spool/authdaemon/socket

3、修改Dovecot配置

[root@dns authlib]# vim /etc/dovecot.conf (875908913916行注释)

218 mail_location = maildir:/mailbox/%d/%n/Maildir

837 auth default {

842  mechanisms = plain

950  passdb sql {

952   args = /etc/dovecot-mysql.conf

953  }

1028  userdb sql {

1030   args = /etc/dovecot-mysql.conf

1031  }

[root@dns authlib]# cat /etc/dovecot-mysql.conf

driver = mysql

connect = host=localhost dbname=extmail user=extmail password=extmail

default_pass_scheme = CRYPT

password_query = SELECT username AS user,password AS password FROM mailbox WHERE username = '%u'

user_query = SELECT maildir,uidnumber AS uid,gidnumber AS gid FROM mailbox WHERE username = '%u'

[root@dns authlib]# mkdir -p /mailbox/extmail.org/postmaster/Maildir/

[root@dns authlib]# chown -R postfix:postfix /mailbox/

[root@dns authlib]# pkill dovecot

[root@dns authlib]# dovecot

# /usr/local/courier-authlib/sbin/authtest -s login postmaster@extmail.org extmail

Authentication succeeded.


Authenticated: postmaster@extmail.org  (uid 1000, gid 1000)

Home Directory: /mailbox/extmail.org/postmaster

Maildir: /mailbox/extmail.org/postmaster/Maildir/

Quota: (none)

Encrypted Password: $1$phz1mRrj$3ok6BjeaoJYWDBsEPZb5C0

Cleartext Password: extmail

Options: (none)

[root@dns authlib]# perl -e 'use MIME::Base64;

print encode_base64("postmaster\@extmail.org")'

cG9zdG1hc3RlckBleHRtYWlsLm9yZw==

[root@dns authlib]# perl -e 'use MIME::Base64; print encode_base64("extmail")'

ZXh0bWFpbA==

[root@dns ~]# telnet localhost 25

Trying 127.0.0.1...

Connected to localhost.localdomain (127.0.0.1).

Escape character is '^]'.

220 mail.crazylinux.com ESMTP Postfix

auth login

334 VXNlcm5hbWU6

cG9zdG1hc3RlckBleHRtYWlsLm9yZw==

334 UGFzc3dvcmQ6

ZXh0bWFpbA==

235 2.7.0 Authentication successful

quit

221 2.0.0 Bye

Connection closed by foreign host.

八、部署Extmail

[root@dns ~]# cd /home/

[root@dns home]# tar -zxvf Unix-Syslog-1.1.tar.gz -C /usr/src/

[root@dns home]# tar -zxvf DBI-1.610_90.tar.gz -C /usr/src/

[root@dns home]# tar -zxvf DBD-mysql-4.013.tar.gz -C /usr/src/

[root@dns home]# cd /usr/src/Unix-Syslog-1.1/

[root@dns Unix-Syslog-1.1]# perl Makefile.PL

[root@dns Unix-Syslog-1.1]# make

[root@dns Unix-Syslog-1.1]# make install

[root@dns Unix-Syslog-1.1]# cd ../DBI-1.610_90/

[root@dns DBI-1.610_90]# perl Makefile.PL

[root@dns DBI-1.610_90]# make

[root@dns DBI-1.610_90]# make install

[root@dns DBI-1.610_90]# cd ../DBD-mysql-4.013/

[root@dns DBD-mysql-4.013]# perl Makefile.PL

[root@dns DBD-mysql-4.013]# make

[root@dns DBD-mysql-4.013]# make install

[root@dns DBD-mysql-4.013]# tar -zxvf /home/extmail-1.2.tar.gz

-C /usr/local/apache2/htdocs/

[root@dns DBD-mysql-4.013]# cd /usr/local/apache2/htdocs

[root@dns htdocs]# mv extmail-1.2/ extmail

[root@dns htdocs]# cd extmail/

[root@dns extmail]# chown -R postfix:postfix cgi

[root@dns extmail]# cp webmail.cf.default webmail.cf

[root@dns extmail]# vim webmail.cf

2 SYS_CONFIG = /usr/local/apache2/htdocs/extmail/

5 SYS_LANGDIR = /usr/local/apache2/htdocs/extmail/lang

8 SYS_TEMPLDIR = /usr/local/apache2/htdocs/extmail/html

127 SYS_MAILDIR_BASE = /mailbox

139 SYS_MYSQL_USER = extmail

140 SYS_MYSQL_PASS = extmail

141 SYS_MYSQL_DB = extmail

142 SYS_MYSQL_HOST = localhost

143 SYS_MYSQL_SOCKET = /tmp/mysql.sock

[root@dns extmail]# vim /usr/local/apache2/conf/httpd.conf

390 Include conf/extra/httpd-vhosts.conf

[root@dns extmail]# cat /usr/local/apache2/conf/extra/httpd-vhosts.conf

NameVirtualHost 192.168.1.126

<VirtualHost 192.168.1.126>

 DocumentRoot "/usr/local/apache2/htdocs/extmail/html"

 ServerName mail.crazylinux.com

 ScriptAlias /extmail/cgi/ /usr/local/apache2/htdocs/extmail/cgi/

 Alias /extmail /usr/local/apache2/htdocs/extmail/html/

 SuexecUserGroup postfix postfix

</VirtualHost>

[root@dns extmail]# service apache stop

[root@dns extmail]# service apache start

测试:在浏览器中输入http://mail.crazylinux.com

账户:postmaster@extmail.org

密码:extmail

spacer.gif

九、部署Extman

[root@dns extmail]# cd /home/

[root@dns home]# tar -zxvf GD-2.44.tar.gz -C /usr/src/

[root@dns home]# tar -zxvf File-Tail-0.99.3.tar.gz -C /usr/src/

[root@dns home]# cd /usr/src/GD-2.44/

[root@dns ~]# yum -y install gd-devel

[root@dns GD-2.44]# perl Makefile.PL

[root@dns GD-2.44]# make

[root@dns GD-2.44]# make install

[root@dns GD-2.44]# cd ../File-Tail-0.99.3/

[root@dns File-Tail-0.99.3]# perl Makefile.PL

[root@dns File-Tail-0.99.3]# make

[root@dns File-Tail-0.99.3]# make install

[root@dns File-Tail-0.99.3]# cd /home/

[root@dns home]# rpm -ivh rrdtool-*

[root@dns home]# tar -zxvf extman-0.2.5.tar.gz -C /usr/local/apache2/htdocs/

[root@dns home]# cd /usr/local/apache2/htdocs/

[root@dns htdocs]# mv extman-0.2.5/ extman

[root@dns htdocs]# chown -R postfix:postfix /usr/local/apache2/htdocs/extman/cgi/

[root@dns htdocs]# mkdir /tmp/extman

[root@dns htdocs]# chown -R postfix:postfix /tmp/extman/

[root@dns htdocs]# vim extman/webman.cf

2 SYS_CONFIG = /usr/local/apache2/htdocs/extman/

5 SYS_LANGDIR = /usr/local/apache2/htdocs/extman/lang

8 SYS_TEMPLDIR = /usr/local/apache2/htdocs/extman/html

12 SYS_MAILDIR_BASE = /mailbox

127 SYS_MYSQL_USER = webman

128 SYS_MYSQL_PASS = webman

129 SYS_MYSQL_DB = extmail

130 SYS_MYSQL_HOST = localhost

131 SYS_MYSQL_SOCKET = /tmp/mysql.sock

[root@dns htdocs]# cat /usr/local/apache2/conf/extra/httpd-vhosts.conf

NameVirtualHost 192.168.1.126

<VirtualHost 192.168.1.126>

 DocumentRoot "/usr/local/apache2/htdocs/extmail/html"

 ServerName mail.crazylinux.com

 ScriptAlias /extmail/cgi/ /usr/local/apache2/htdocs/extmail/cgi/

 Alias /extmail /usr/local/apache2/htdocs/extmail/html/

 ScriptAlias /extman/cgi/ /usr/local/apache2/htdocs/extman/cgi/

 Alias /extman /usr/local/apache2/htdocs/extman/html/

 SuexecUserGroup postfix postfix

</VirtualHost>

[root@dns htdocs]# service apache stop

[root@dns htdocs]# service apache start

测试:在浏览器中输入http://mail.crazylinux.com/extman

账户:root@extmail.org

密码:extmail*123*

spacer.gif

[root@dns ~]# mkdir /usr/local/mailgraph_ext

[root@dns ~]# cd /usr/local/apache2/htdocs/extman/addon/mailgraph_ext/

[root@dns mailgraph_ext]# cp mailgraph_ext.pl qmonitor.pl /usr/local/mailgraph_ext/

[root@dns mailgraph_ext]# ln -sf

/usr/local/apache2/htdocs/extman/addon/mailgraph_ext/mailgraph-init /usr/sbin/

[root@dns mailgraph_ext]# ln -sf

/usr/local/apache2/htdocs/extman/addon/mailgraph_ext/qmonitor-init /usr/sbin/

[root@dns mailgraph_ext]# mailgraph-init start

[root@dns mailgraph_ext]# qmonitor-init start

[root@dns mailgraph_ext]# echo "/usr/sbin/mailgraph-init start" >> /etc/rc.local

[root@dns mailgraph_ext]# echo "/usr/sbin/qmonitor-init start" >> /etc/rc.local



spacer.gif

DRBD主从部署

[root@dns ~] # wget http://oss.linbit.com/drbd/8.2/drbd-8.2.5.tar.gz

[root@dns ~] # tar xvf drbd-8.2.5.tar.gz

[root@dns ~] # cd drbd-8.2.5

[root@dns ~] # make KDIR=/usr/src/kernels/2.6.18-164.el5-i686/

[root@dns ~] # make install KDIR=/usr/src/kernels/2.6.18-164.el5-i686/

[root@dns ~] # chkconfig drbd on

在主从服务器上新建磁盘

spacer.gif

spacer.gif


dns.carzylinux.com

[root@dns ~] #vim /etc/hosts

127.0.0.1    localhost.localdomain localhost

::1       localhost6.localdomain6 localhost6

192.168.1.12  dns.carzylinux.com

192.168.1.14  dns1.carzylinux.com

并保证

[root@dns ~] #vim /etc/sysconfig/network

NETWORKING=yes

NETWORKING_IPV6=no

HOSTNAME=dns.carzylinux.com  

dns1.carzylinux.com

[root@dns ~] #vim /etc/hosts

127.0.0.1    localhost.localdomain localhost

::1       localhost6.localdomain6 localhost6

192.168.1.126    dns.carzylinux.com

192.168.1.127    dns1.carzylinux.com

并保证

[root@dns ~] #vim /etc/sysconfig/network

NETWORKING=yes

NETWORKING_IPV6=no

HOSTNAME=dns.carzylinux.com  


[root@dns ~] # vim /etc/drbd.conf

是否参加DRBD使用者统计.默认是yes

   global {usage-count yes;}

   # 设置主备节点同步时的网络速率最大值,单位是字节.

   common {syncer { rate 10M; } }

   # 一个DRBD设备(:/dev/drbdX),叫做一个"资源".里面包含一个DRBD设备的主备节点的

   # 相关信息.

   #

   resource r0{

     # 使用协议C.表示收到远程主机的写入确认后,则认为写入完成.

     protocol C;

     #startup { wfc-timeout 0; degr-wfc-timeout 120; }

     disk {on-io-error detach; }

     syncer { rate 10M; }

     net {

        # 设置主备机之间通信使用的信息算法.

       cram-hmac-alg sha1;

       shared-secret "FooFunFactory";

     }

     # 每个主机的说明以"on"开头,后面是主机名.在后面的{}中为这个主机的配置.

     ondns.carzylinux.com{

        #/dev/drbd1使用的磁盘分区是/dev/sdb2

       device  /dev/drbd1;

       disk   /dev/sdb2;

        # 设置DRBD的监听端口,用于与另一台主机通信

       address  192.168.0.136:7898;

       #address  10.0.0.194:7898;

       #meta-disk /dev/xvdb5[0];      

       meta-disk  internal;

       #flexible-meta-disk internal;

     }

     ondns1.carzylinux.com {

       device  /dev/drbd1;

        disk   /dev/sdb2;

       address  192.168.0.137:7898;

       #address  10.0.0.195:7898;

       meta-disk  internal;

       #meta-disk /dev/xvdb5[0];

       #flexible-meta-disk internal;

     }

   }  

[root@dns ~] #dd if=/dev/zero of=/dev/sdb2 bs=1M count=128

[root@dns ~] #drbdadm create-md r0

分别在dns.carzylinux.comdns1.carzylinux.com上面执行

[root@dns ~] #/etc/init.d/drbd start

[root@dns ~] # cat /proc/drbd

dns.crazylinux.com主节点执行命令

[root@dns ~] # drbdsetup /dev/drbd1 primary –o

[root@dns ~] # cat /proc/drbd 查看同步的进度

spacer.gif

同步的时间有些长,500M内存同步5G硬盘同步了十分钟左右

spacer.gif

同步完成

[root@dns ~]# mkfs.ext3 /dev/drbd1

spacer.gif

然后将格式化好的磁盘挂在/system

[root@dns ~]# mount /dev/drbd1 /system

[root@dns ~]# vim /etc/fstab      

/dev/VolGroup00/LogVol00 /            ext3  defaults    1 1

LABEL=/boot       /boot          ext3  defaults    1 2

tmpfs          /dev/shm        tmpfs  defaults    0 0

devpts         /dev/pts        devpts gid=5,mode=620 0 0

sysfs          /sys          sysfs  defaults    0 0

proc          /proc          proc  defaults    0 0

/dev/VolGroup00/LogVol01 swap          swap  defaults    0 0

/dev/drbd1       /system/        ext3  defaults    0 0



测试过程


[root@dns ~]# ifdown eth0

spacer.gif

spacer.gif

对比一下可以看到st:Primary /Secondary 变成了 st:Primary/Unknow 找不到从节点了

spacer.gif


从节点也找不到主节点的状态了。现在启动主网卡启动网卡后还是未连接状态


在主节点执行如下命令

[root@dns ~]# drbdadm connect r0

spacer.gif

显示连接可以使用了

如果是从节点挂掉了,它恢复正常后,想要再次连接主节点的话,考虑到可能会有数据丢失,可以采用以下方式来连接:

[root@dns1~]# drbdadminvalidate r0

它告诉drbdsecondary节点上的数据可能是不正确的,要以主节点上的为准。这个命令只能在从节点上使用,毕竟数据是以主节点为准的,而非从节点。不过,如果是主节点挂掉了,这个时候就应该把原来的从节点提升为主的角色,等原来的主恢复之后,只能先降级成为从节点了,否则是无法再次正确连接另一个节点的。

同步结果测试

[root@dns1 ~]# cp /usr/src/GD-2.41.tar.gz /mailbox/

然后,我们把主降级成从,把从提升成主

注意:把主降级前,一定要先umount设备才行。

[root@dns ~]# umount /dev/drbd1

[root@dns ~]# drbdadm secondary r0

然后提升从

[root@dns1 system]# drbdadm invalidate r0

[root@dns1 system]# drbdadm primary r0

同步成功即正常



dns.crazylinux.com切换回主

dns1执行

[root@dns1 system]# umount /system/

[root@dns1 system]# drbdadm secondary r0

然后进入dns执行

[root@dns ~]# drbdadm secondary r0

[root@dns ~]# drbdadm primary r0

[root@dns ~]# mount /dev/drbd1 /system/

spacer.gif

挂载正常试验结束















本文转自谢无赖51CTO博客,原文链接:http://blog.51cto.com/xieping/1323210 ,如需转载请自行联系原作者




网友评论

登录后评论
0/500
评论