邮件服务器与ldap的结合

rhel5 postfix+ldap+extmail+dovecot+apache
环境rhel5.4
-----------------------------------------------------------------------------
postfix:
yum install postfix openldap-servers -y
vim /etc/openldap/sldap.conf
include /etc/openldap/schema/extmail.schema
suffix "dc="
rootdn "cn=Manager,dc="
rootpw westos
vim /etc/postfix/main.cf
virtual_alias_maps = ldap:/etc/postfix/ldap_virtual_alias_maps.cf
virtual_gid_maps = static:501
virtual_mailbox_base = /home/mymail/
virtual_mailbox_domains = ldap:/etc/postfix/ldap_virtual_domains_maps.cf
virtual_mailbox_maps = ldap:/etc/postfix/ldap_virtual_mailbox_maps.cf
virtual_uid_maps = static:501
cd /var/www/extsuite/extman/docs/
cp extmail.schema /etc/openldap/schema/
ldapadd -x -D "cn=manager,dc=" -W -f init.ldif
/etc/init.d/ldap restart
/etc/init.d/postfix restart
-----------------------------------------------------------------------------
使用:phpldapadmin < over >
yum install php php-ldap -y
tar zxf phpldapadmin-0.9.8.4.tar.gz -C /var/www/html/
cd /var/www/html/ldap/config
cp config.php.example config.php
service httpd start
-----------------------------------------------------------------------------
dovecot:
cp /usr/share/doc/dovecot-1.0.7/examples/dovecot-ldap-example.conf /etc/dovecot-ldap.conf
编辑 /etc/dovecot.conf
first_valid_uid = 501
mail_location = maildir:/home/mymail/%d/%n/Maildir
passdb ldap {
# Path for LDAP configuration file, see doc/dovecot-ldap-example.conf
args = /etc/dovecot-ldap.conf
}
userdb ldap {
# Path for LDAP configuration file, see doc/dovecot-ldap-example.conf
args = /etc/dovecot-ldap.conf
}
编辑 /etc/dovecot-ldap.conf
hosts = localhost
base = o=extmailAccount, dc=
user_attrs = homeDirectory=home,mail
user_filter = (&(objectClass=extmailUser)(mail=%u))
pass_attrs = mail=user,userPassword=password
pass_filter = (&(objectClass=extmailUser)(mail=%u))
default_pass_scheme = PLAI
user_global_uid = 501
user_global_gid = 501
重启dovecot
成功的话：
[root@desktop60 Maildir]# telnet localhost 110
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
+OK Dovecot ready.
user postmaster@
+OK
pass extmail
+OK Logged in.
------------------------------------------------------------------------------------------
新建用户:
编辑cp /var/www/extsuite/extman/docs/init.ldif user.ldif
内容如下:
dn: mail=chishubiao@, virtualDomain=, o=extmailAccount, dc=
cn: Test user
uid: test
mail: chishubiao@
virtualDomain:
mailMessageStore: /chishubiao/Maildir/
homeDirectory: /chishubiao
userName: chishubao@
mailQuota: 104857600S
netdiskQuota: 52428800S
uidNumber: 1000
gidNumber: 1000
userPassword: {CRYPT}$1$phz1mRrj$3ok6BjeaoJYWDBsEPZb5C0
active: 1
disablesmtpd: 0
disablesmtp: 0
disablewebmail: 0
disablenetdisk: 0
disableimap: 0
disablepop3: 0
expireDa

te: 2010-10-01
createDate: 2007-02-14 17:56:33
objectClass: top
objectClass: uidObject
objectClass: extmailUser
ldapadd -x -D "cn=manager,dc=" -W -f user.ldif
成功的话:
[root@desktop60 docs]# telnet localhost 110
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
+OK Dovecot ready.
user chishubiao@
+OK
pass extmail
+OK Logged in.
quit
+OK Logging out.
Connection closed by foreign host.
且发给chishubiao@时会自动创建目录/home/mymail//chishubiao/Maildir/
-------------------------------------------------------------------------------------------------------------------------------------------
extmail:
yum intstall perl-ldap -y
apache虚拟主机:

DocumentRoot /var/www/html/
ServerName


ServerName
DocumentRoot /var/www/extsuite/extman
ScriptAlias /extman/cgi /var/www/extsuite/extman/cgi
Alias /extman /var/www/extsuite/extman/html
ScriptAlias /extmail/cgi /var/www/extsuite/extmail/cgi
Alias /extmail /var/www/extsuite/extmail/html
SuexecUserGroup mymail mymail

配置extman: chown mymail.mymail -R cgi/
vim webman.cf
SYS_MAILDIR_BASE = /home/mymail
SYS_CAPTCHA_ON = 0
SYS_BACKEND_TYPE = ldap
SYS_CRYPT_TYPE = plain
SYS_LDAP_BASE = dc=
SYS_LDAP_RDN = cn=Manager,dc=
SYS_LDAP_PASS = westos
SYS_LDAP_HOST = localhost
# ldif attributes
SYS_LDAP_ATTR_USERNAME = mail
SYS_LDAP_ATTR_PASSWD = userPassword
配置extmail:chown mymail.mymail -R cgi/
vim webmail.cf
SYS_LOG_ON = 0
SYS_AUTH_TYPE = ldap
SYS_MAILDIR_BASE = /home/mymail
SYS_CRYPT_TYPE = plain
SYS_LDAP_BASE = o=extmailAccount,dc=
SYS_LDAP_RDN = cn=Manager,dc=
SYS_LDAP_PASS = westos
SYS_LDAP_HOST = localhost
# ldif attributes
SYS_LDAP_ATTR_USERNAME = mail
SYS_LDAP_ATTR_DOMAIN = virtualDomain
SYS_LDAP_ATTR_PASSWD = userPassword
-------------------------------------------------------------------------------------------------
dovecot加密: sasl
vim /etc/dovecot
mechanisms = plain login
socket listen {
#master {
# Master socket provides access to userdb information. It's typically
# used to give Dovecot's local delivery agent access to userdb so it
# can find mailbox locations.
#path = /var/run/dovecot/auth-master
#mode = 0600
# Default user/group is the one who started dovecot-auth (root)
#user =
#group =
#}
client {
# The client socket is generally safe to export to everyone. Typical use
# is to export it to your SMTP server so it can do SMTP AUTH lookups
# using it.
path = /var/spool/postfix/private/auth
mode = 0660
user = postfix
group = postfix
}
/etc/init.d/dovecot restart
vim /etc/postfix/main.cf
smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination, permit_sasl_authenticated
smtpd_sasl_auth_enable = yes
smtpd_sasl_

authenticated_header = yes
smtpd_sasl_path = private/auth
smtpd_sasl_type = dovecot
/etc/init.d/postfix restart
ll -d /var/spool/postfix/private/auth
srw-rw---- 1 postfix postfix 0 Sep 21 01:56 /var/spool/postfix/private/auth //套接字创建成功
less README_FILES/SASL_README //帮助信息
netstat -naultp|grep :25
[root@desktop60 postfix-2.8.5]# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 ESMTP Postfix
ehlo localhost

250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH PLAIN LOGIN //成功
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
quit
221 2.0.0 Bye
perl -MMIME::Base64 -e 'print encode_base64("\0postmaster\@\0extmail");'//注意转义\@
AHBvc3RtYXN0ZXJAZXh0bWFpbC5vcmcAZXh0bWFpbA==
成功则：
[root@desktop60 postfix-2.8.5]# telnet localhost 25Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 ESMTP Postfix
auth plain AHBvc3RtYXN0ZXJAZXh0bWFpbC5vcmcAZXh0bWFpbA==
235 2.0.0 Authentication successful
----------------------------------------------------------------------------
cyrus sasl:用户信息认证
vim /etc/sysconfig/saslauthd
MECH=ldap
vim /etc/saslauthd.conf
ldap_servers: ldap://127.0.0.1/
ldap_auth_method: bind
ldap_bind_dn: cn=Manager,dc=
ldap_bind_pw: westos
ldap_filter: (&(objectClass=extmailUser)(mail=%U@%d))
ldap_base: dc=
ldap_search_base: o=extmailAccount,dc=
vim /usr/lib64/sasl2/smtpd.conf
pwcheck_method: saslauthd
mech_list:plain login
saslauthd_path:/var/run/saslauthd/mux
/etc/init.d/saslauthd restart
成功则有:
testsaslauthd -u postmaster@ -p extmail
0: OK "Success."
[root@desktop60 postfix-2.8.5]# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 ESMTP Postfix
auth plain AHBvc3RtYXN0ZXJAZXh0bWFpbC5vcmcAZXh0bWFpbA==
235 2.0.0 Authentication successful