Postfix 基本设置指南

Introduction（简介）

This howto will help you to have a basic Postfix mail server setup for your corporate environment. The main intention of this howto is to teach how you can install and configure a basic Postfix mail server setup with IMAP and POP3 services. I do not intend to tell you how you can integrate advanced stuffs like virus checking and spam filtering with this guide.

这份说明的目标是告诉你如何在企业环境下为Postfix邮件服务器作基本的设置。这份说明的主要目的是教会你进行Postfix邮件服务器的基本配置以使其拥有IMAP与POP3功能。但是，你无法在这份说明中学到在Postfix邮件服务器中集成像病毒过滤及垃圾邮件过滤等高级的功能的方法。

This how to is going to be a kind of more academic howto for staters with Postfix. My advanced postfix guides are PostfixVirtualMailBoxClamSmtpHowto and PostfixCompleteVirtualMailSystemHowto. If you are a newbie to Postfix enjoy them once you have finished this basic howto.

这份说明是针对刚开始使用Postfix的用户提供一个基础的认识。其它的高级指南是[:PostfixVirtualMailBoxClamSmtpHowto:Postfix － Postfix 虚拟邮箱和病毒过滤指南]以及[:PostfixCompleteVirtualMailSystemHowto:Postfix － Postfix 完整虚拟邮件系统指南]。如果你是一个 Postfix 的新手，但希望使用那些高级功能的话，你应当事先了解本说明。

Setup Overview（安装提示）

In our setup, Postfix sends & recieves mail from Internet and stores in the user mail boxes while clients in the Internet can retrieve their mails either from Courier IMAP or POP3. The user authentication is done by Courier Authdaemon. The following diagram shows this process.

本指南提供的安装方法，Postfix通过网络来发送及接收邮件并将它们存入用户邮箱中，用户可以通过Courier IMAP 或者 POP3 服务器来回复他们的邮件。用户验证是由 Courier Authdaemon 这个守护进程来完成的。下面的图片表现了这个过程。

attachment:SetupOverview.jpg

Anatomy of Postfix（Postfix的结构）

Components（构件）

The Following figure shows the main Postfix system components, and the main information flows between them.

下面的图片表现了主要的Postfix系统组件，以及它们之间的关键信息流。

attachment:PostfixComponents.gif

* Yellow ellipsoids are mail programs.黄色椭圆是邮件程序。
* Yellow boxes are mail queues or files.黄色方框是邮件队列或文件。
* Blue boxes are lookup tables.蓝色方框是查找表。
* Programs in the large box run under control by the Postfix resident master daemon.在大方框中运行的程序是由Postfix主驻留守护进程控制的。
* Data in the large box is property of the Postfix mail system. 大方框中的数字是Postfix邮件系统的属性。

Receiving Mail（接收邮件）

When a message enters the Postfix mail system, the first stop on the inside is the incoming queue. The figure below shows the main components that are involved with new mail.

当Postfix邮件服务器收到一封新消息的时候，它将首先被放入接收队列中。下面的图表展示了新邮件处理的主要组件。

attachment:PosfixRecieving.gif

* Mail is posted locally. The Postfix sendmail program invokes the privileged postdrop program which deposits the message into the maildrop directory, where the message is picked up by the sendmail daemon. This daemon does some sanity checks, in order to protect the rest of the Postfix system.

* 邮件是在本地发送的。Postfix邮件发送程序将首先调用邮件丢弃程序将邮件丢弃到“回收站”目录下，在那里，邮件又将被 邮件发送 进程所处理。这个进程执行一些完整性检查，以保护Postfix邮件服务器的工作。

* Mail comes in via the network. The Postfix SMTP server receives the message and does some sanity checks, in order to protect the rest of the Postfix system. 

* 邮件是来自网络的。PostfixSMTP 服务器将接收这些邮件并进行完整性检查，以保护Postfix邮件服务器的工作。

* Mail is generated internally by the Postfix system itself, in order to return undeliverable mail to the sender. The [bounce or defer] daemon brings the bad news.

* 邮件是由Postfix系统自己生成来返回无法传送的返回邮件给发送者。[|bounce or defer]进程处理该消息。

* Mail is forwarded by the local delivery agent, either via an entry in the system-wide alias database, or via an entry in a per-user [.forward] file. This is indicated with the unlabeled arrow.

* 邮件被[本地传输代理]转发时，或是通过一个在系统级的别名数据库中的条目，或者通过一个每个用户自己的[.forward]文件中的条目。这被一个没有标签的箭头指明。

* Mail is generated internally by the Postfix system itself, in order to [|notify] the postmaster of a problem (this path is also indicated with the unlabeled arrow).The Postfix system can be configured to notify the postmaster of SMTP protocol problems, [|UCE] policy violations, and so on.

* 邮件由Postfix服务器自己在内部生成，为了向邮件管理员[|通知]这个问题(这条路径也被一个没有标签的箭头指明)。Postfix服务器能够配置来向邮件管理员通知SMTP协议的问题，[|UCE] 策略的问题，等等。

* The [|cleanup] daemon implements the final processing stage for new mail. It adds missing From: and other message headers, arranges for address rewriting to the standard [email protected] form, and optionally extracts recipient addresses from message headers. The cleanup daemon inserts the result as a single queue file into the incoming queue, and notifies the [|queue manager] of the arrival of new mail. The cleanup daemon can be configured to transform addresses on the basis of [|canonical] and [|virtua] table lookups.

* [|cleanup] 守护进程完成对于新邮件处理的最后阶段。它添加了缺失的From:和其他的邮件头信息，将地址重写成标准的  [email protected] 格式，并且从邮件头有选择性的展开收到邮件的地址。cleanup守护进程将处理作为一个简单的队列插入到incoming队列，并且通知[|队列管理员]新邮件到达。cleanup守护进程能够配置来在查询[|canonical]和 [|virtual]表的基础上转换地址。

* On request by the cleanup daemon, the [|trivial-rewrite] daemon rewrites addresses to the standard [email protected] form.

* 在cleanup守护进程的请求到来时，[|trivial-rewrite]守护进程将地址重写成标准的 [email protected] 形式。

Install Postfix(安装 Postfix)

In this setup I assume that your domain is {{{yourdomain.com}}} and it has a valid MX record call {{{mail.yourdomain.com}}}. Remember to replace {{{yourdomain.com}}} with your actual domain in the example codes in this howto. Also I assume that you know what an MX record is. To find out MX your type in a terminal:

在安装中假定你的域名是 'yourdomain.com'，并且它有一个有效的 MX 记录叫做'mail.yourdomain.com'。请一定记得将这份指南中的'yourdomain.com'替换成你的真实的域名。并且我还假定你知道"MX记录"是什么。要找出MX你需要在终端中输入

dig mx yourdomain.com

To install postfix(安装 postfix')

   
sudo apt-get install postfix

Intall mailx package for use as command mail utility program. Mail command is installed with this package.

安装mailx软件包来用做mail命令邮件工具的程序。安装这个包来安装mail命令。

sudo apt-get install mailx

Test your default setup(测试默认的安装)

Add a user before you start this.

这样添加一个用户。

sudo useradd -m -s /bin/bash fmaster
sudo passwd fmaster

Test your default installation using the following code segment.

用下面的命令来测试默认的安装。

telnet localhost 25

Postfix will prompt like following in the terminal so that you can use to type SMTP commands.

Postfix将出现下面这样的终端提示，这样你就可以输入一些SMTP命令。

Trying 127.0.0.1...
Connected to mail.fossedu.org.
Escape character is '^]'.
220 localhost.localdomain ESMTP Postfix (Ubuntu)

Type the following code segment in Postfix's prompt.

在Postfix的提示符下面输入这些代码段。

ehlo localhost
mail from: root@localhost
rcpt to: fmaster@localhost
data
Subjet: My first mail on Postfix
Hi,
Are you there?
regards,
Admin
. (Type the .[dot] in a new Line and press Enter )
quit 

Check the mailbox of 'fmaster'

检查'fmaster'的邮箱。

su - fmaster
mail

When your type mail command an output like follows display in your terminal.

当你输入mail}命令的时候，终端的输出应该像下面这样。

Mail version 8.1.2 01/15/2001.  Type ? for help.
"/var/mail/fmaster": 2 messages 2 new
>N  1 root@localhost     Mon Mar  6 12:49   13/479   Just a test
 N  2 root@localhost     Mon Mar  6 12:51   15/487   My first mail
&

You will observe that mails are indexed by numbers and you can type the number of which the mail that you want to read. For example type no "2" to read the 2nd mail. The type "q" to quit. The mail will be written to a file called 'mbox' in user's home directory. According to our example it will be '/home/fmaster/mbox'.

你会观察到邮件被按照数字编号索引了，因此你可以输入你想看的邮件的编号。例如输入'2'来阅读第二封信。阅读完毕使用"q"命令退出。邮件会被写到用户主目录下面的一个叫做'mbox'的文件中。在我们的例子中是'/home/fmaster/mbox'。

All messages in an mbox type of mailbox are concatenated and stored in a single file. The beginning of each message is indicated by a line whose first five characters are "From " and a blank line is appended to the end of each message

mbox型的邮箱中的所有消息被连接并且储存成一个单一的文件。每一个消息的开始被头5个字母是"From"的那一行标示出来，并且每一封消息的末尾有一个空行。

Setting Postfix Support for Maildir-style Mailboxes(设置Postfix支持Maildir型的邮箱)

Maildir is a format for an e-mail spool that does not require file locking to maintain message integrity because the messages are kept in separate files with unique names. A Maildir is a directory (often named Maildir) with three subdirectories named tmp, new, and cur. The subdirectories should all reside on the same filesystem.

Maildir 是一个邮件池的格式，这种邮件格式不需要文件锁定来保证消息的完整性，因为邮件以一个特有的名字被保存在一个个单独的文件中。一个Maildir是一个包含3个叫做tmp, new和curd的子目录的目录(常常以Maildir命名)。这些子目录应该在同一个文件系统中。

Another reason to use Maildir format is that Courier IMAP/POP3 servers only work with Maildir format of mailboxes.

另一个使用Maildir格式的邮箱的理由是Courier IMAP/POP3服务器只支持Maildir格式的邮箱。

Please find out more about Maildir [|here]

在[这里]能够得到更多关于Maildir的信息。

 sudo  vi /etc/postfix/main.cf

Add the following code segment:

加入下面的代码：

home_mailbox = Maildir/

Comment the Line ' mailbox_command = procmail -a "$EXTENSION" ' adding a "#" at the beginning

在' mailbox_command = procmail -a "$EXTENSION" '那一行前面加上一个"#"将其注释掉。

Restart Postfix to make changes effect.

重启 Postfix 使改变生效。

sudo  /etc/init.d/postfix restart

Test your setup again

再一次测试你的安装。

Installing courier IMAP and POP3 (安装 courier IMAP 和 POP3)

sudo apt-get install courier-pop
sudo apt-get install courier-imap

Adding local domains to postfix

为postfix增加本地域

sudo   vi /etc/postfix/main.cf

Add your domain to 'mydestination'. Once added it should be like the following code segment.

将你的域名增加到 'mydestination'。增加完成后它看起来应该象这样：

...
mydestination = mail.fossedu.org, localhost.localdomain, localhost, yourdoamin.com
...

Add your local network to:

将你的本地网络增加到:

sudo vi /etc/postfix/main.cf

I assume that your local network is 192.168.1.0/24 and add your local network to 'mynetworks'. Once added it should be like the following code segment.

我假定你的本地网络是 192.168.1.0/24 并且将你的本地网络加入到{{{mynetworks}}}。完成后它看起来应该像这样：

mynetworks = 127.0.0.0/8, 192.168.1.0/24

Make Postfix to receive mail from the Internet

使Postfix从因特网上接收邮件

Set 'inet_interfaces = all' in '/etc/postfix/main.cf' using:

使用下面的命令在'/etc/postfix/main.cf'增加'inet_interfaces = all'

sudo vi /etc/postfix/main.cf

Finally Restart Postfix;

最后重启Postfix;

sudo  /etc/init.d/postfix restart

Test your setup again using following code:

使用下面的代码再一次测试你的安装是否成功:

telnet mail.yourdomain.com 25
ehlo yourdmain.com
mail from: [email protected]
rcpt to: [email protected]
data
Subject: My first mail for my domain
Hi,
Are you there?
regards,
Admin
. (and Enter In a new Line)
quit 

Check the mailbox of 'fmaster'

检查'fmaster'的邮箱

su - fmaster
cd Maildir/new
ls

Now you will see mail has a separate file

现在你将看到邮件在一个个单独的文件中了。

Testing Courier POP3(测试 Courier POP3)

Type in a terminal:

在终端中输入:

telnet mail.yourdomain.com 110

Use the following example code segment for your test. Be intelligent to tweak the changes appropriately to your environment. An output like follows will display in your terminal.

使用下面示例代码来测试。注意在你自己的环境中做适当的变通。输出应该像下面这样:

Connected to mail.yourdomain.com (69.60.109.217).
Escape character is '^]'.
+OK Hello there.

Type the following code segment in the prompt provided by the Courier POP3 server. I assume that you inetligent enough not to type the lines which starts from '+OK'

在Courier POP3服务器的提示符下面输入下面的代码段。我假定你能够看情况输入'+OK'后的行。

user fmaster
+OK Password required.
pass password
+OK logged in.
quit

Testing Courier IMAP(测试 Courier IMAP)

Type in a terminal:

在终端输入这些:

telnet mail.yourdomain.com 143

Use the following example code segment for your test. Be intelligent to tweak the changes appropriately to your environment. An output like follows will display in your terminal.

使用下面的示例代码来测试。注意在你自己的环境中做适当的变通。输出应该像下面这样:

* OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE ACL ACL2=UNION STARTTLS XCOURIEROUTBOX=INBOX.Outbox] Courier-IMAP ready. Copyright 1998-2005 Double Precision, Inc.  See COPYING for distribution information.

Type the following code segment in the prompt provided by the Courier IMAP server.

在Courier POP3服务器的提示符下面输入下面的代码段

a login fmaster password
a OK LOGIN Ok.
a logout

Local Alias database(本地的别名数据库)

When mail is to be delivered locally, the local delivery agent runs each local recipient name through the aliases database. The mapping does not affect addresses in message headers. Local aliases are typically used to implement distribution lists, or to direct mail for standard aliases such as postmaster to real people. The table can also be used to map Firstname.Lastname addresses to login names.

当邮件要被本地传送时，本地传送代理通过别名数据库来接受每一个名字。这个映射不对邮件头中的地址生效。本地的别名主要是用来实现收发列表，或者直接的将标准的别名例如 postmaster映射成真实的地址。这个表也可用来映射Firstname.Lastname的地址到登录名。

Alias lookups are enabled by default and you will see following code segment in main.cf file.

Postfix默认开启别名查询，你可以在main.cf文件中看到这些代码: <pre。 ... alias_maps = hash:/etc/aliases ... </pre>

Creating an alias for an account(为一个账号创建别名)

The following codes illustrate how you can setup an alias. This step is optional since we are going to configure virtual mail domains later in this howto. I have added this step to make understand how you can do this in case of a requirement.

下面的代码讲述了怎样设置一个别名。这个步骤是可选的，因为我们稍后会配置虚拟邮件域名的。加入这个步骤的目的是保证你在需要的时候明白如何配置。

Create a user

建立一个用户

sudo useradd -m -s /bin/bash sysadmin
sudo passwd sysadmin

Edit the alias table

编辑别名表

Open the alias file with:

使用下面的命令打开别名表:

sudo vi /etc/aliases

Add the following code:

加入下面的代码:

fmaster: sysadmin

To make your changes effect type:

使用下面的代码让你的改动生效:

sudo newaliases

To test your changes send a mail to 'fmaster' and check the mail in '/home/sysadmin/Maildir/new' folder.

发送一封邮件到'fmaster'并检查'/home/sysadmin/Maildir/new'文件夹中的邮件来测试你的改变是否生效。

Per User .forward Files(各个用户的 .forward 文件)

Users can control their own mail delivery by specifying destinations in a file called .forward in their home directories. The syntax of these files is the same as with system aliases, except that the lookup key and colon are not present.

用户可以在他们主目录下的.forward文件中控制他们自己的邮件传输。这个文件的语法和系统的别名是基本一样的，除了查询键和colon没有出现。

I will illustrate an example here:

在这里我举一个例子:

Assume that you need to for all the mails which comes sysadmin account to an another account do like this

假定你需要将到达用户sysadmin的所有邮件传输到另一个用户，就象这样做：

su - sysadmin
touch .forward

Then open the .forward file

然后打开.forward文件。

vi .forward

Add the following code:

加入下面的代码

[email protected]

Remember to use email address which exists in this exercise.

记得在这个练习中使用真实的email地址。

Now send a mail to 'sysadmin' and mail should come to [email protected]

现在发送一封邮件到'sysadmin'就会被转发到[email protected]。

Postfix virtual Aliases for separate domains and Linux system accounts (Postfix单独域名和Linux系统用户的虚拟别名)

With this approach, every hosted domain can have its own info etc. email address. However, it still uses LINUX system accounts for local mailbox deliveries.

用这个方法，每一个主机域可以有它自己的信息，比如邮件地址。但是，这种方法仍然使用Linux系统账户来进行本地的邮件传送。

With virtual alias domains, each hosted address is aliased to a local UNIX system account or to a remote address. The example below shows how to use this mechanism for the fossedu.org and linuxelabs.com domains.

使用虚拟别名域名，每个别名被映射到一个本地的unix系统账户或一个远程的邮件地址上。下面的例子显示了如何对fossedu.org和linuxelabs.com域使用这个机制。

Open the main.cf file:

打开main.cf文件:

sudo vi /etc/postfix/main.cf

Add the following code segment:

添加下面的代码段:

virtual_alias_domains = fossedu.org linuxelabs.com
virtual_alias_maps = hash:/etc/postfix/virtual

Edit the '/etc/postfix/virtual file:

编辑文件'/etc/postfix/virtual':

Add two Linux system accounts 加入Linux系统账户:

sudo useradd -m -s /bin/bash sigiri
sudo useradd -m -s /bin/bash kala

Set Password for the above users.

为上面的用户设定密码。

sudo passwd sigiri
sudo passwd kala

sudo vi /etc/postfix/virtual

Add the following code segment:

增加下面的代码段:

[email protected]       sigiri
[email protected]    kala

To create a Map Database type :

建立一个数据库映射:

sudo postmap /etc/postfix/virtual

The postmap is utility program that will convert '/etc/postfix/virtual' to '/etc/postfix/virtual.db' Berkley DB format, so that Postfix can access the data faster.

postmap是一个将'/etc/postfix/virtual'转换成'/etc/postfix/virtual.db'即伯克利DB格式的工具，以便Postfix能够更快的访问这个文件。

Restart Postfix to make changes effect:

重启Postfix使修改生效:

sudo /etc/init.d/postfix restart

Send mails to both [email protected] and [email protected] and those mails should come to mailboxes of sigiri and kala respectively.

发送邮件到 [email protected] 和 [email protected] 这些邮件都会进入相应的sigiri和kala的邮箱。