http://www.chinaunix.net Author: zhangluoer Posted: 2003-09-05 21:14:07
OpenLDAP PostFix Courier-IMAP FreeBSD implementation mail service (V1.1)
Note: This article refers to the online
Http://annapolislinux.org/docs/plc/postfix-courier-howto.txt This article is implemented on the FreeBSD system, which is free to post / modify, but please indicate the source when publishing, thank you for your cooperation.
Name: ZHANGluoer
QQ: 36752833
E-mail: zhangluoer@eyou.com
##########
# Install OpenLDAP
##########
A "OpenLDAP INSTALL
#CD / USR / PORTS / NET / OPENLDAP21-Server
#make install
#make clean
After the above action, FreeBSD has installed OpenLDAP on the system. It's easy to install more software than in Linux.
B "configure OpenLDAP
1> edit /usr/local/etc/openldap/ldap.conf
# used by (Server) LDAP Client Programs
#to connection to the ldap server
Base DC = MyColl, DC = EDU
Host Localhost
PAM_CRYPT LOCAL
2> edit /usr/local/etc/openldap/slapd.conf
This profile should not see the same group and others, the retention property is 0700
INCLUDE / Etc/usr/local/openldap/shcema/core.schema
INCLUDE / Etc/usr/local/openldap/shcema/cosine.schema
Include /etc/usr/local/openldap/shcema/nis.schema
INCLUDE / Etc/usr/local/openldap/shcema/inetorgperson.schema
# Courier IMAP
Include /etc/usr/local/openldap/shcema/AUTHLDAP.SCHEMA
# Postfix qmail
Include /etc/usr/local/openldap/shcema/qmail.schema
Note: Authldap.shcema and qmail.schema system come belt without these two files, so you can download these two files online, but you should pay attention to the format of the file after downloading if it is incorrect (a small format problem ) Will not pass during configuration. Especially after downloading from Windows, it is used in FreeBSD.
Pidfile /var/run/openldap/slapd.pid
Argsfile /var/run/openldap/slapd.Args
ModuleLoad Back_LDap.la
#prevents User Froom Looking At Passwords
Access to attr = Userpassword, Clearpassword
By Anonymous Authby Self Write
BY DN = "CN = admin, DC = 365, DC = NET" WRITE
By DN = "CN = Courier, DC = 365, DC = Net" Read
BY * NONE
#files need access to this
Access to attr = AccountStatus
BY DN = "CN = admin, DC = 365, DC = Net" Read
By DN = "CN = Courier, DC = 365, DC = Net" Read
Access to *
BY DN = "CN = admin, DC = 365, DC = NET" WRITE
By Users Read
By Self Write
BY * NONE
Note: The above format is equally important, and all "by ..." must have a Tab playing bit before, I didn't add this thing, let me find a half-day problem.
Database bdb
Suffix "DC = 365, DC = NET"
Rootdn "CN = admin, DC = 365, DC = Net"
Rootpw secret
Directory / USR / DB / OPENLDAP-DATA
Replogfile /usr/db/replication.log
Loglevel 0
INDEX CN, SN, MAIL, UID EQ
INDEX ObjectClass EQ
3> Run OpenLDAP
# CD / usr / local / libexec
# ./slapd
4> Add your OpenLDAP Data
Data in. L Have to define the top limited Organization first Before moving on. (This is a skill, just when you add content, don't add it at the end of the file, it is best to add the beginning of the file. Such benefits do not touch the problem that already exists. It will be understood when you do it.)
# vi 365.net.ldif
DN: DC = 365, DC = NET
ObjectClass: DCOBJECTCLASS
ObjectClassRganization
DC = 365
o: 365
Description: Top Level of Directory
DN: CN = admin, DC = 365, DC = Net
JECTCLASRGANIZATIONALROLE
CN: admin
Scriptionirectory Manager
Scription: Top Level of the Directory
DNU = people, DC = 365, DC = NET
ObjectClass: TOP
ObjectClassRganizationUnit
OU: People
Descritpion: People within 365.NET (People Information)
DNU = Mailaccounts, DC = 365, DC = NET
ObjectClass: TOP
ObjectClassRganizationalUnit
OU: MaiCcounts
Description: People with Mallaccounts at 365.net
DN: CN = Courier, DC = 365, DC = NetObjectClass: Person
CN: Courier
SN: Courier
Userpassword: yoursecret
Description: Courier daemons
DN: CN = Postfix, DC = 365, DC = NET
ObjectClass: Person
CN: Postfix
: Postfix
ERPassword: yoursecret
Scription: Postfix Daemons
Note: The above is the basic structure in OpenLDAP, the root directory is 365.NET. There are three users in the directory: Admin, Postfix, Courier; two containers: people, Mailaccounts (where PEOPLE is stored in Personal information, mailbox in Mailaccount information.)
365.Net Admin, Postfix, Courier
|
| ___ people zhxh, ......... There are more user information (such as: telephone, zip code, etc.)
|
| ___ mailaccounts zhxh, ......... More other user mailbox information
#LDapadd -w -d "CN = admin, DC = 365, DC = Net" -f 365.Net.ldif -x
#vi first.ldif
DN: uid = zhxh, ou = mailaccounts, dc = 365, DC = NET
Uid: zhxh
CN: zhxh
Sn: zhxh
Mail: zhxh@365.net
UidNumber: 1001
GidNumber: 1001
Mailhost: mail.365.net
Homedirectory: / home / zhxh /
MailMessagestore: / Home / ZHX / MAILDIR /
Mailquota: 200000000S, 20000C
Mailbox: ZHXH / MAILDIR /
ObjectClass: qmailuser
ObjectClass: CourierMailAccount
ObjectClass: Person
#LDapadd -w -d "CN = admin, DC = 365, DC = Net"
###########
#Install postfix
###########
A "postfix install
# cd / usr / ports / mail / postfix-current
# make install
# make clean
B "configure postfix
# vi /usr/local/etc/postfix/main.cf
BIFF = NO
SMTP_BANNER = $ MyHostName ESMTP NO NCE
Debug_peer_level = 2
DELAY_WARNING_TIME = 4
Command_directory = / usr / local / sbin
Config_directory = / usr / local / etc / postfix
Daemon_directory = / usr / local / libexec / postfix
Mail_owner = postfix
MyHostName = ldap.365.netmydomain = 365.net
Myorigin = $ mydomain
MyDestion = $ MyHostName, $ MyDomain, Localhost. $ MyDomain
Myneetworks = 127.0.0.0 / 8
Masquerade_domain = $ mydomain
Masquerade_exceptions = root, mailer_daemon, postmaster
Local_Transport = Virtual
LOCAL_RECIPIENT_MAPS = $ Virtual_mailbox_maps
Virtual_mailbox_maps = ldap: ldapsource
Recipient_limit = 1
Message_size_limit = 10280000
Mailbox_size_limit = 20480000
Virtual_UID_MAPS = LDAP: LDAPUID
Virtual_gid_maps = static: 1001
Virtual_recipient_size_limit = 200000000s, 2000C
Virtual_Minimum_UID = 500
Virtual_mailbox_base = / home /
Virtual_Result_Attribute = mailbox
Virtual_mailbox_maps = ldap: ldapsource
Virtual_mAildir_extended = YES
LDAPUID_TIMEOUT = 10
LDAPUID_SERVER_HOST = ldap.365.net
LDAPUID_SERVER_PORT = 389
LDAPUID_Search_Base = OU = Mailaccounts, DC = 365, DC = NET
LDAPUID_DOMAIN = 365.net
LDAPUID_QUERY_FILTER = (& (Mail =% s) (AccountStatus = Active))
LDAPUID_RESULT_ATTRIBUTE = UidNumber
LDAPUID_BIND = YES
LDAPUID_BIND_DN = CN = Postfix, DC = 365, DC = Net
LDAPUID_BIND_PW = YOURSECRET
LDAPSOURCE_TIMEOUT = 10
LDAPUID_SERVER_HOST = ldap.365.net
LDAPUID_SERVER_PORT = 389
LDAPUID_Search_Base = OU = Mailaccounts, DC = 365, DC = NET
LDAPUID_DOMAIN = 365.net
LDAPUID_QUERY_FILTER = (& (Mail =% s) (AccountStatus = Active))
LDAPUID_RESULT_ATTRIBUTE = Mailbox
LDAPUID_BIND = YES
LDAPUID_BIND_DN = CN = Postfix, DC = 365, DC = Net
LDAPUID_BIND_PW = YOURSECRET
#SOME Basic Restrictions for SMTP DOUCMENTED in The Postfix Document
SMTPD_DIENT_RESTRICTIONS =
SMTPD_HELO_RESTRICTIONS =
SMTP_SENDER_RESTRICTIONS =
#classic way to configure postfix to user pop-before-smtpsmtpd_reciplent_restrictions = permit_mynetworks,
REJECT_NON_FQDN_Recipient,
Check_client_access has: / var / lib / pop-before-smtp / hosts,
Check_relay_domain,
REJECT_UNAUTH_PIPELING,
REJECT_NON_FQDN_Recipient,
Permit_mynetworks,
REJECT_UNKNOW_SENDER_DOMAIN,
Reject_unknow_recipient_domain
REJECT_UNAUTH_DESTINATION,
REJECT_INVIALID_HOSTNAME,
REJECT_NON_FQDN_HOSTNAME,
permit
##########
#Install company-iMap
##########
A "Courier-Imap Install
#CD / USR / PORTS / MAIL / COUREER-IMAP
#make -dwith_ldap21
#make install
#make clean
B "Configure Courier-IMAP
#vi / usr / local / etc / courseier-iMap / iMapd
Address = 0
Port = 143
MaxDaemons = 1000
MAXPERIP = 8
Pidfile = / var / run / course - IMAP / IMAP.PID
TCPDOPTS = "- NodNSLookup -noidentlookup"
Authmodules = "Authdaemon"
Authmodules_orig = "Authdaemon"
IMAP_CAPABILITY = "Imaprevl Children Namespace Thread = OrderedSubject Thread = References Sort"
IMAP_CAPABILITY_ORIG = "ImapRevl Children Namespace Thread = OrderedSubject Thread = References Sort Auth = CRAM_MD5 Auth = CRAM-shal IDle"
IMAP_IDLE_TIMEOUT = 60
IMAP_CAPABILITY_TLS = "$ IMAP_CAPABILITY Auth = Plain"
IMAP_DISABLETHREADSORT = 0
IMAP_CHECK_ALL_FOLDERS = 0
IMAP_OBSOLETE_CLIENT = 0
IMAP_ULIMITD = 65536
IMAP_USELOCKS = 0
IMAP_EMPTYTRASH = TRASH: 1
IMAP_MOVE_EXPUNGE_TO_TRASH = 1
ImapdStart = YES
Note: The above text may be in place with the original file, but most of them can follow the default settings. Don't care too much about all other words.
#vi / usr / local / etc / courseier-imap / authdaemonrc
AuthmoduleList = "Authldap" AuthmoduleListorig = "Authcustom AuthcRam Authuserdb Authldap Authmysql
Authpam "
Daemons = 5
Version = ""
Authdaemonvar = / usr / local / var / courseier-iMap / Authdaemon
#vi / usr / local / etc / courseier-imap / authldaprc
LDAP_SERVER LDAP.365.NET
LDAP_PORT 389
LDAP_BASEDN OU = Mailaccounts, DC = 365, DC = Net
LDAP_BINDDN CN = Courier, DC = MyColl, DC =
LDAP_BINDPW yoursecret
LDAP_TIMEOUT 15
LDAP_MAIL MAIL
LDAP_DOMAIN MyColl.edu
LDAP_GLOB_GID VMAIL
LDAP_HOMEDIR HOMEDIRECTORY
LDAP_MAILDIR MAILDIR
LDAP_MAILDIRQUOTA MAILDIRQUOTA
LDAP_FULLNAME CN
LDAP_CRYPTPW Userpassword
LDAP_UID UidNumber
LDAP_DEREF NEVER
LDAP_TLS 0
This article is made in rush, there is no shortage of omissions in the wrong document, not right, please also enlighten me. You can send an email or message. I will modify it in the future, I hope everyone can implement this email system on FreeBSD.
The above content will also be modified regularly, and more advice.
The reason why this email system is selected, mainly the following reasons can be seen in this article.
http://chinaunix.net/forum/viewt ... Ighlight = zhangluoer
