Centos Postfix Dovecot ve Roundcube Kurulumu

Centos Postfix Dovecot ve Roundcube Kurulumu

Postfix kurulumu için öncelikle bir kullanıcı oluşturmamız gerekiyor.

$ groupadd vmail -g 2222
$ useradd vmail -r -g 2222 -u 2222 -d /var/vmail -m -c “admin”

Postfix ve ilgili bileşenleri kuralım.

$yum install postfix cronie -y

Main.cf üzerinde değişiklikler yapacağız. Bu yüzden yedekleyelim öncelikle.
$ cp /etc/postfix/main.cf /etc/postfix/main.cf.BACKUP

Kurumları bitirdikten sonra konfigürasyon işlemlerine başlamamız gerekiyor.
# nano /etc/postfix/main.cf
myhostname = mail.alanadiniz.com
mydomain = alanadiniz.com
inet_interfaces = all
mydestination = $myhostname, localhost.$mydomain, localhost
mynetworks = SUNUCU_IP_ADRESINIZ, 127.0.0.1/8
relay_domains = *
alias_maps = hash:/etc/postfix/aliases
alias_database = $alias_maps
debug_peer_level = 2
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
ddd $daemon_directory/$process_name $process_id & sleep 5
virtual_alias_maps=hash:/etc/postfix/vmail_aliases
virtual_mailbox_domains=hash:/etc/postfix/vmail_domains
virtual_mailbox_maps=hash:/etc/postfix/vmail_mailbox

virtual_mailbox_base = /var/vmail
virtual_minimum_uid = 2222
virtual_transport = virtual
virtual_uid_maps = static:2222
virtual_gid_maps = static:2222

smtpd_sasl_auth_enable = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = /var/run/dovecot/auth-client
smtpd_sasl_security_options = noanonymous
smtpd_sasl_tls_security_options = $smtpd_sasl_security_options
smtpd_sasl_local_domain = $mydomain
broken_sasl_auth_clients = yes

smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination

Mail göndermek için bir alan adı tanımlamanız gerekmektedir. Bunun için,
$ nano /etc/postfix/vmail_domains

alanadiniz.com     OK
alanadiniz.net     OK

Mail adresi oluşturmak ve bu adresinize gelen mail’lerin nerede depolayacağınızı tanımlamak için,

$ nano /etc/postfix/vmail_mailbox
——————————————————————————————
info@alanadi.com          alanadi.com/info/
——————————————————————————————

Mail adresinize bir mail aliases eklemek isterseniz,
$ nano /etc/postfix/vmail_aliases
——————————————————————————————
info@alanadi.com     info2@alanadi.com
——————————————————————————————

#Alan Adı, Mailbox, Yönlendirme kayıtlarını değiştirdikten sonra postmap ile bunları set etmeniz gerekiyor.
# postmap /etc/postfix/vmail_domains
# postmap /etc/postfix/vmail_mailbox
# postmap /etc/postfix/vmail_aliases
# touch /etc/postfix/aliases
# nano +/submission /etc/postfix/master.cf
——————————————————————————————
submission inet n       –       n       –       –       smtpd
——————————————————————————————
Dovecot kurulumu için,

$ yum install dovecot -y

Config’de değişiklik yapacağız. Bu yüzden yedekleyelim.

$ cp /etc/dovecot/dovecot.conf /etc/dovecot/dovecot.conf.BACKUP

IMAP ayaları ve dovecot ayarları için,
$ nano /etc/dovecot/dovecot.conf
——————————————————————————————
listen = *
ssl = no
protocols = imap pop3 lmtp
disable_plaintext_auth = no
auth_mechanisms = plain login
mail_access_groups = vmail
default_login_user = vmail
first_valid_uid = 2222
first_valid_gid = 2222
#mail_location = maildir:~/Maildir
mail_location = maildir:/var/vmail/%d/%n

passdb {
driver = passwd-file
args = scheme=SHA1 /etc/dovecot/passwd
}
userdb {
driver = static
args = uid=2222 gid=2222 home=/var/vmail/%d/%n allow_all_users=yes
}
service auth {
unix_listener auth-client {
group = postfix
mode = 0660
user = postfix
}
user = root
}
service imap-login {
process_min_avail = 1
user = vmail
}
——————————————————————————————

Mail adresine şifre belirlemek için,
$ touch /etc/dovecot/passwd
$ doveadm pw -s sha1 | cut -d ‘}’ -f2
$ nano /etc/dovecot/passwd
——————————————————————————————
info@alanadi.com:DOzcsKI8HY0bg8LAuz0DPKwS3WA=
——————————————————————————————

$ chown root: /etc/dovecot/passwd
$ chmod 600 /etc/dovecot/passwd

Postfix ve Dovecot’u sunucunuz başladığında otomatik olarak başlaması için,
$ chkconfig postfix on
$ chkconfig dovecot on
$ /etc/init.d/postfix restart
$ /etc/init.d/dovecot restart

Başarılı bir webmail arayüzü olan Roundcube kurulumu için öncelikle sunucunuzda MySQL server ve Apache kurulu olması gerekiyor. Bunu bir önceki makalemizde detaylı bir şekilde anlatmıştık.

Roundcube için bir Mysql DB oluşturalım ve kullanıcı oluşturarak gerekli yetkileri verelim.
$ mysql -u root -p
mysql> CREATE DATABASE IF NOT EXISTS `roundcube`;
mysql> GRANT ALL PRIVILEGES ON `roundcube` . * TO ’roundcube’@’localhost’ IDENTIFIED BY ‘SIFRE_BELIRLE’;
mysql> FLUSH PRIVILEGES;
mysql> quit

$ nano /etc/httpd/conf.d/90-roundcube.conf
——————————————————————————————
Alias /webmail /var/www/html/roundcube

<Directory /var/www/html/roundcube>
Options -Indexes
AllowOverride All
</Directory>

<Directory /var/www/html/roundcube/config>
Order Deny,Allow
Deny from All
</Directory>

<Directory /var/www/html/roundcube/temp>
Order Deny,Allow
Deny from All
</Directory>

<Directory /var/www/html/roundcube/logs>
Order Deny,Allow
Deny from All
</Directory>
——————————————————————————————

Roundcube yüklemek ve gerekli izinleri ayarlamak için,
$ curl -L “http://sourceforge.net/projects/roundcubemail/files/latest/download?source=files” > /tmp/roundcube-latest.tar.gz
$ tar -zxf /tmp/roundcube-latest.tar.gz -C /var/www/html
$ rm -f /tmp/roundcube-latest.tar.gz
$ cd /var/www/html
$ mv roundcubemail-* roundcube
$ chown root: -R roundcube/
$ chown apache: -R roundcube/temp/
$ chown apache: -R roundcube/logs/
$ mysql -u roundcube -p”SIFRE_GIRIN” roundcube < roundcube/SQL/mysql.initial.sql
$ cp roundcube/config/config.inc.php.sample roundcube/config/config.inc.php
$ nano roundcube/config/config.inc.php
——————————————————————————————
$ rcmail_config[‘default_host’] = ‘localhost’;
$ rcmail_config[‘smtp_server’] = ‘localhost’;
$ rcmail_config[‘smtp_user’] = ‘%u’;
$ rcmail_config[‘smtp_pass’] = ‘%p’;
$ config[‘db_dsnw’] = ‘mysql://roundcube:SIFRE_GIRIN@localhost/roundcube’;
——————————————————————————————

$ rm -rf roundcube/installer/
$ /etc/init.d/httpd restart
$ http://alanadi.com/webmail
——————————————————————————————

Eğer herhangi bir mail adresinin size mail atmasını istemezseniz, aşağıdaki ayarları gerçekleştirebilirsiniz.
$ nano /etc/postfix/sender_access
——————————————————————————————
info@alanadi.com     REJECT
——————————————————————————————

$ postmap /etc/postfix/sender_access
$ nano /etc/postfix/main.cf
——————————————————————————————
smtpd_recipient_restrictions = check_sender_access hash:/etc/postfix/sender_access
——————————————————————————————

$ /etc/init.d/postfix restart

(Gönderen Mail Adresine: Undelivered Mail Returned to Sender başlıklı 5.7.1 <info@alanadi.com>: Sender address rejected: Access denied (in reply to RCPT TO command) hata raporu ulaşacaktır.)

$ Roundcube Kimlik Güvenliği (Fake mail engellemek içindir.)
$ nano /var/www/html/roundcube/config/defaults.inc.php
——————————————————————————————
// Set xidentities access level:
// 0 – many identities with possibility to edit all params
// 1 – many identities with possibility to edit all params but not email address
// 2 – one identity with possibility to edit all params
// 3 – one identity with possibility to edit all params but not email address / mail adresi düzenleyemez
// 4 – one identity with possibility to edit only signature
$config[‘identities_level’] = 3;
——————————————————————————————
$ /etc/init.d/httpd restart

Bir cevap yazın