Postfix com suporte a IMAP e backend MySQL: mudanças entre as edições

Configuração de ambiente para operar como repositório de email local, com suporte a IMAP, MySQL e interface web de administração postfixadmin

# lsb_release -a
Distributor ID: CentOS
Description:    CentOS release 6.4 (Final)
Release:        6.4
Codename:       Final

# uname -a
Linux ipbharq.internacionalpecas.com.br 2.6.32-358.18.1.el6.x86_64 #1 SMP Wed Aug 28 17:19:38 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux

• Banco de dados e ferramentas de depuração e segurança

yum -y install gcc tcpdump dovecot iptraf nmap openssl* mysql mysql-server httpd
yum -y install dovecot-mysql
# yum install php* -y (Não foi isntalado)
yum -y install php-imap
yum -y install php-mysql
yum -y install php-mbstring

• Postfix com suporte ao MySQL

Em [updates] adicione a linha:

exclude=postfix

Em [centosplus] adicione a linha

includepkgs=postfix-* 

Após salvar instalar o postfix

# yum install postfix

Confirmando a instalação do postfix com suporte a mysql

# postconf -m
btree
cidr
environ
hash
ldap
mysql
nis
pcre
proxy
regexp
static
unix

# service mysqld start
# chkconfig mysqld on
# /usr/bin/mysqladmin -u root password 'cancella'
mysql> CREATE DATABASE mail;
Query OK, 1 row affected (0.00 sec)

mysql> GRANT ALL PRIVILEGES ON mail.* TO 'mail'@'localhost' IDENTIFIED BY 'mail';
Query OK, 0 rows affected (0.00 sec)

mysql> quit
Bye

# cat /etc/httpd/conf.d/postfixadmin.conf
### POSTFIX ADMIN ###

Alias /postfixadmin /usr/share/postfixadmin/

<Directory /usr/share/postfixadmin/>
   Options Indexes
   AllowOverride none
   DirectoryIndex index.php
   Order allow,deny
   allow from all
</Directory>

# service httpd restart

Das várias opções de configuração do arquivo main.cf, faça as alterações das opções abaixo:

postconf -e 'myhostname = ipbharq.internacionalpecas.com.br'
postconf -e 'mydomain     = internacionalpecas.com.br'
postconf -e 'mynetworks   = 127.0.0.0/8, 192.168.1.0/24'
postconf -e 'smtpd_banner = $myhostname ESMTP $mail_name'
postconf -e 'inet_interfaces = all'

postconf -e 'virtual_minimum_uid = 150' postconf -e 'virtual_uid_maps = static:150' postconf -e 'virtual_gid_maps = static:150' postconf -e 'mailbox_command = /usr/libexec/dovecot/dovecot-lda' postconf -e 'virtual_transport = dovecot' postconf -e 'dovecot_destination_recipient_limit = 1' postconf -e 'recipient_delimiter = +'

Criação da conta vmail

groupadd -g 150 vmail
useradd vmail -r -u 150 -g vmail -d /home/vmail -s /sbin/nologin
mkdir /home/vmail
chown -R vmail:vmail /home/vmail
chmod 770 /home/vmail

Arquivos de configuração do MySQL para operação com o postfix

• /etc/postfix/mysql_virtual_alias_maps.cf

user = mail
password = mail
hosts = localhost
dbname = mail
table = alias
select_field = goto
where_field = address
additional_conditions = and active = '1'
#query = SELECT goto FROM alias WHERE address='%s' AND active = '1'

• /etc/postfix/mysql_virtual_domains_maps.cf

user = mail
password = mail
hosts = localhost
dbname = mail
table = domain
select_field = domain
where_field = domain
additional_conditions = and backupmx = '0' and active = '1'
#query = SELECT domain FROM domain WHERE domain='%s' AND backupmx = '0' AND active = '1'

• /etc/postfix/mysql_virtual_mailbox_limit_maps.cf

user = mail
password = mail
hosts = localhost
dbname = mail
table = mailbox
select_field = quota
where_field = username
additional_conditions = and active = '1'
#query = SELECT quota FROM mailbox WHERE username='%s' AND active = '1'

• /etc/postfix/mysql_virtual_mailbox_maps.cf

user = mail
password = mail
hosts = localhost
dbname = mail
table = mailbox
select_field = CONCAT(domain,'/',maildir)
where_field = username
additional_conditions = and active = '1'
#query = SELECT CONCAT(domain,'/',maildir) FROM mailbox WHERE username='%s' AND active = '1'

Ajuste da configuração do main.cf do postfix

# postconf -e 'virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf'
# postconf -e 'virtual_mailbox_base = /home/vmail'
# postconf -e 'virtual_mailbox_domains_maps = mysql:/etc/postfix/mysql_virtual_domains_maps.cf'
# postconf -e 'virtual_mailbox_limit_maps = mysql:/etc/postfix/mysql_virtual_mailbox_limit_maps.cf'
# postconf -e 'virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf'
# postconf -e 'virtual_transport = virtual'

Editar o arquivo /etc/postfix/master.cf

...
# ======================================================================================
dovecot    unix  -      n       n       -       -       pipe
  flags=DRhu user=vmail:vmail argv=/usr/libexec/dovecot/deliver -d $(recipient)
# ======================================================================================
...

Configurando o arquivo dovecot.conf

mv /etc/dovecot/dovecot.conf-SALVO

• /etc/dovecot/dovecot.conf

# OS: Linux 2.6.32-358.18.1.el6.x86_64 x86_64 CentOS release 6.4 (Final) ext4
base_dir = /var/run/dovecot/
first_valid_uid = 150
last_valid_uid = 150
log_timestamp = "%Y-%m-%d %H:%M:%S "
mail_access_groups = vmail
mail_location = maildir:/home/vmail/%d/%u
passdb {
  driver = pam
}
passdb {
  args = /etc/dovecot/dovecot-sql.conf
  driver = sql
}
protocols = imap pop3
service auth {
  unix_listener auth-client {
    group = vmail
    mode = 0660
    user = vmail
  }
  unix_listener auth-master {
    group = vmail
    mode = 0600
    user = vmail
  }
}
service imap-login {
  inet_listener imaps {
    address = localhost
  }
}
service pop3-login {
  executable = /usr/libexec/dovecot/pop3-login
  inet_listener pop3s {
    address = localhost
  }
}
service pop3 {
  executable = /usr/libexec/dovecot/pop3
}
ssl_cert = </etc/postfix/mail-cert.pem
ssl_key = </etc/postfix/mail-key.pem
userdb {
  driver = passwd
}
userdb {
  args = /etc/dovecot/dovecot-sql.conf
  driver = sql
}
protocol pop3 {
  pop3_uidl_format = %08Xu%08Xv
}
protocol lda {
  auth_socket_path = /var/run/dovecot/auth-master
  sendmail_path = /usr/lib/sendmail
}

• /etc/dovecot/dovecot-sql.conf

driver = mysql
connect = host=localhost dbname=mail user=mail password=mail

# The new name for MD5 is MD5-CRYPT so you might need to change this depending on version
default_pass_scheme = MD5

# Get the mailbox
user_query = \
    SELECT '/home/vmail/%d/%n' as home, 'maildir:/home/vmail/%d/%n' as mail, \ 
       150 AS uid, 150 AS gid, concat('dirsize:storage=', quota) AS quota     \
       FROM mailbox WHERE username = '%u' AND active = '1'

# Get the password
password_query = \
    SELECT username as user, password, '/home/vmail/%d/%n' as userdb_home, \
    'maildir:/home/vmail/%d/%n' as userdb_mail, 150 as userdb_uid,         \
    150 as userdb_gid FROM mailbox WHERE username = '%u' AND active = '1'

# If using client certificates for authentication, comment the above

Ajuste de permissões do ambiente do dovecot

chmod 600 /etc/dovecot/dovecot.conf
chmod 600 /etc/dovecot/dovecot-sql.conf
chown vmail /etc/dovecot/dovecot.conf
chown vmail /etc/dovecot/dovecot-sql.conf

chgrp vmail /usr/libexec/dovecot/dovecot-lda chmod 04750 /usr/libexec/dovecot/dovecot-lda ls -l /usr/libexec/dovecot/dovecot-lda -rwsr-x--- 1 root vmail 18456 Nov 22 13:10 /usr/libexec/dovecot/dovecot-lda

Download e instalação do software postfixadmin no site http://sourceforge.net/projects/postfixadmin/files/

mkdir -p /opt/cit/work/postfixadmin
cd opt/cit/work/postfixadmin
wget .....

tar -zxvf postfixadmin-2.3.7.tar.gz 
mv postfixadmin-2.3.7 /usr/share/postfixadmin
cd /usr/share/postfixadmin

Edite o arquivo de configuração e promova as aterações abaixo

• /usr/share/postfixadmin/config.inc.php

$CONF['configured'] = true;
...
$CONF['database_type'] = 'mysql';
$CONF['database_host'] = 'localhost';
$CONF['database_user'] = 'mail';
$CONF['database_password'] = 'mail';
$CONF['database_name'] = 'mail';
...
$CONF['database_prefix'] = ;

Utilize o um navegador internet e termine a configuração: http://192.168.1.198/postfixadmin/setup.php

Geração dos certificados SSL

# cd /etc/postfix/
# openssl genrsa 1024 > mail-key.pem
# chmod 400 mail-key.pem
# openssl req -new -x509 -nodes -sha1 -days 365 -key mail-key.pem > mail-cert.pem

You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:BR
State or Province Name (full name) []:MinasGerais
Locality Name (eg, city) [Default City]:BeloHorizonte
Organization Name (eg, company) [Default Company Ltd]:InternacionalPecas
Organizational Unit Name (eg, section) []:Matriz
Common Name (eg, your name or your server's hostname) []:ipbharq.internacionalpecas.com.br
Email Address []:suporte@internacionalpecas.com.br

chkconfig httpd on
service httpd restart
 
chkconfig mysqld on
service mysqld start

Neste setup um processo de instalação de ambiente qmail com vpopmail foi iniciado, alguns problemas ocorreram ao iniciar os serviços, abaixo alguns workarounds para resolução

groupadd -g 89 postfix
useradd -g postfix -u 89 postfix
chown -R postfix /var/spool/postfix/
chown -R postfix /var/lib/postfix/

chkconfig postfix on
service postfix restart

service dovecot start

Houve falha no inicio do serviço com o arquivo original do setup, o exibido já tem as correções, o workaround aplicado foi

cd /etc/dovecot/
doveconf -n > dovecot-new.conf
mv dovecot.conf dovecot.conf-SETUP
mv dovecot-new.conf dovecot.conf

service dovecot restart

Utilize o um navegador internet e termine a configuração: http://192.168.1.198/postfixadmin/setup.php

Danton Cancella (31-8456-6829) (discussão)