debian\ubuntu下安装配置exim4和doveovt及maraidb

系统环境debian12/ubuntu22.04lts,可用于外网收发邮件
mariadb:root 密码123258
数据库及数据库用户名:pdmail 密码123258
数据库连接主机:127.0.0.1
安装支持组件,及dovecot,exim4,mariadb
一：源安装mariadb、dovecot、exim4支持组件

apt-get update -y;apt-get upgrade -y;apt-get install perl net-tools make curl wget bzip2 openssl libonig-dev libreadline-dev libzip-dev -y;
apt-get install libxml2 libxml2-dev patch build-essential pkg-config libssl-dev libsqlite3-dev zlib1g-dev libbz2-dev libwebp-dev -y;apt-get install sqlite -y;
apt-get install libcurl4-openssl-dev libjpeg-dev libpng-dev libxpm-dev libpq-dev libicu-dev libfreetype6-dev libldap2-dev libxslt-dev unzip zip -y;apt-get libmysqlclient-dev -y;
apt-get install mariadb-server -y;systemctl enable mysql;systemctl start mysql;
apt-get install exim4-daemon-heavy -y;systemctl restart exim4;systemctl enable exim4;
apt-get install dovecot-core dovecot-pop3d dovecot-imapd dovecot-lmtpd dovecot-mysql -y;systemctl enable dovecot;
apt-get install autoconf automake libtool pkg-config m4 -y;apt-get install libpcre3-dev -y;
apt-get install dovecot-sieve dovecot-managesieved -y;apt-get install libpcre3 libpcre3-dev -y;

二、生成ssl文件

mkdir -p /etc/mailssl;
openssl req -new -newkey rsa:2048 -days 3650 -nodes -x509 -subj "/C=US/ST=Denial/L=Springfield/O=Dis/CN=loshub" -keyout /etc/mailssl/certkey.pem -out /etc/mailssl/cert.pem;
openssl dhparam 1024 > /etc/mailssl/exim4dh.pem;
openssl dhparam 2048 > /etc/mailssl/dovecotdh.pem;
chmod a+r /etc/mailssl/certkey.pem;
chmod a+r /etc/mailssl/cert.pem;
chmod a+r /etc/mailssl/exim4dh.pem;
chmod a+r /etc/mailssl/dovecotdh.pem;

三、设置mysql root密码及创建pdmail及创建数据库和表

mysqladmin -u root password 123258

创建pdmail和密码

mysql -uroot -p123258 <<EOF
create database pdmail;
CREATE USER 'pdmail'@'127.0.0.1' IDENTIFIED BY '123258';
GRANT ALL PRIVILEGES ON pdmail.* TO 'pdmail'@'127.0.0.1';
FLUSH PRIVILEGES;
USE pdmail;
quit
EOF

进入pdmail
mysql -updmail -p123258 -h127.0.0.1
创建数据库

CREATE TABLE IF NOT EXISTS `mod_exim4_alias` (
 `id` int(11) NOT NULL AUTO_INCREMENT,
 `alias` varchar(255) NOT NULL DEFAULT '',
 `destination` varchar(255) NOT NULL DEFAULT '',
 PRIMARY KEY (`id`)
 );

CREATE TABLE IF NOT EXISTS `mod_exim4_relays` (
 `id` int(11) NOT NULL AUTO_INCREMENT,
 `domain` varchar(200) ,
 PRIMARY KEY (`id`),
 UNIQUE KEY `domain` (`domain`)
);

CREATE TABLE IF NOT EXISTS mod_exim4_mailboxes (
 `id` int(11) NOT NULL AUTO_INCREMENT,
 `email` varchar(128) NOT NULL DEFAULT '',
 `password` varchar(128) NOT NULL DEFAULT '',
 `maildir` varchar(128) NOT NULL DEFAULT '',
  PRIMARY KEY (`id`),
  UNIQUE KEY `email` (`email`)
);

CREATE TABLE IF NOT EXISTS `mod_exim4_domains` (
  `id` int(11) NOT NULL AUTO_INCREMENT,
  `domain` varchar(50) DEFAULT NULL,
  PRIMARY KEY (`id`)
);

退出mariadb
四、创建vmail用户和配置exim4

groupadd -g 5000 vmail
useradd -u 5000 -g vmail -s /usr/bin/nologin -d /home/vmail -m vmail

修改/etc/exim4/update-exim4.conf.conf文件以下面的为准

dc_eximconfig_configtype='internet'
dc_other_hostnames='mail.域名'
dc_local_interfaces='0.0.0.0.25 : 0.0.0.0.587 : 0.0.0.0.465'
dc_readhost=''
dc_relay_domains=''
dc_minimaldns='false'
dc_relay_nets=''
dc_smarthost=''
CFILEMODE='644'
dc_use_split_config='true'
dc_hide_mailname=''
dc_mailname_in_oh='true'
dc_localdelivery='mail_home'

创建/etc/exim4/conf.d/main/00_exim4-config_custom文件，并录入以下代码

primary_hostname = mail.域名
MAIN_TLS_ENABLE = yes
tls_on_connect_ports = 465
MAIN_TLS_CERTIFICATE = /etc/mailssl/cert.pem
MAIN_TLS_PRIVATEKEY = /etc/mailssl/certkey.pem
hide mysql_servers = 127.0.0.1/pdmail/pdmail/123258
MYSQL_V_MAILDIR = SELECT maildir FROM mod_exim4_mailboxes WHERE email='${quote_mysql:$local_part@$domain}'
MYSQL_V_AUTH_PLAIN = SELECT email FROM mod_exim4_mailboxes WHERE  email='${quote_mysql:$2}' and password=encrypt('${quote_mysql:$3}',password)
MYSQL_V_AUTH_LOGIN = SELECT email FROM mod_exim4_mailboxes WHERE email='${quote_mysql:$1}' and password=encrypt('${quote_mysql:$2}',password)
MYSQL_V_ALIAS = SELECT destination FROM mod_exim4_alias WHERE  alias='${quote_mysql:$local_part@$domain}'
MYSQL_V_LOCAL_USER = SELECT email FROM mod_exim4_mailboxes where email='${quote_mysql:$local_part@$domain}'
MYSQL_V_DOMAINS = SELECT domain FROM mod_exim4_domains WHERE domain='${quote_mysql:$domain}'
MYSQL_V_RELAY = SELECT domain FROM mod_exim4_relays WHERE domain='${quote_mysql:$domain}'
MAIN_LOCAL_DOMAINS = mysql;MYSQL_V_DOMAINS
MAIN_RELAY_TO_DOMAINS = mysql;MYSQL_V_RELAY
#SPF
CHECK_RCPT_SPF = true
SUPPORT_SPF = yes
#spamassassin
spamd_address = 127.0.0.1 783
CHECK_RCPT_IP_DNSBLS = cbl.abuseat.org : bl.spamcop.net : dnsbl.sorbs.net : dnsbl.njabl.org

创建/etc/exim4/conf.d/router/270_exim4-config_virtual_aliases_mypanel文件并录入以下代码

virtual_aliases:
  debug_print = "R: virtual_aliases for $local_part@$domain"
  driver = redirect
  domains = +local_domains
  allow_fail
  allow_defer
  data = ${lookup mysql{MYSQL_V_ALIAS}}
  file_transport = address_file
  directory_transport = address_directory

创建/etc/exim4/conf.d/router/275_exim4-config_virtual_local_user_mypanel并录入代码

virtual_local_user:
  debug_print = "R: virtual_user for $local_part@$domain"
  driver = accept
  domains = +local_domains
  condition = ${lookup mysql{MYSQL_V_LOCAL_USER}}
  transport = virtual_local

创建/etc/exim4/conf.d/transport/30_exim4-config_virtual_mypanel并录入以下代码

virtual_local:
  debug_print = "T: virtual_local for $local_part@$domain"
  driver = appendfile
  directory= /home/vmail/${lookup mysql {MYSQL_V_MAILDIR}{$value}}/\
              ${if eq {$h_X-Spam-Flag:}{YES} {.Junk/}}
  delivery_date_add
  envelope_to_add
  return_path_add
  maildir_format
  mode = 0660
  mode_fail_narrower = false
  user=vmail
  group=vmail

禁示/etc/exim4/conf.d/auth/30_exim4-config_examples文件

mv /etc/exim4/conf.d/auth/30_exim4-config_examples /etc/exim4/conf.d/auth/30_exim4-config_examples.disabled

创建/etc/exim4/conf.d/auth/20_exim4-config_mysql_mypanel并录入以下代码

plain:
   driver = plaintext
   public_name = PLAIN
   server_condition =  ${lookup mysql{MYSQL_V_AUTH_PLAIN}{1}fail}
   server_set_id = $2
   server_prompts = :

login_server:
   driver = plaintext
   public_name = LOGIN
   server_prompts = "Username:: : Password::"
   server_condition = ${lookup mysql{MYSQL_V_AUTH_LOGIN}{1}fail}
   server_set_id = $1

删除/etc/exim4/conf.d/acl/40_exim4-config_check_data文件并录入以下代码

acl_check_data:
  .ifndef IGNORE_SMTP_LINE_LENGTH_LIMIT
  deny
    condition  = ${if > {$max_received_linelength}{998}}
    message    = maximum allowed line length is 998 octets, \
                       got $max_received_linelength
  .endif
  .ifndef NO_CHECK_DATA_VERIFY_HEADER_SYNTAX
  deny
    !acl = acl_local_deny_exceptions
    !verify = header_syntax
    message = header syntax
    log_message = header syntax ($acl_verify_message)
  .endif
  .ifdef CHECK_DATA_VERIFY_HEADER_SENDER
  deny
    !acl = acl_local_deny_exceptions
    !verify = header_sender
    message = No verifiable sender address in message headers
  .endif
# Remove internal headers
warn
  remove_header = X-Spam_score: X-Spam_score_int : X-Spam_bar : \
                  X-Spam_report

warn
  spam = Debian-exim:true
  add_header = X-Spam_score: $spam_score\n\
            X-Spam_score_int: $spam_score_int\n\
            X-Spam_bar: $spam_bar\n\
            X-Spam_report: $spam_report\n

warn
   spam       = spam/defer_ok
   logwrite   = :main: SPAM detected (score $spam_score)
   add_header = X-Spam-Flag: YES
  .ifdef CHECK_DATA_LOCAL_ACL_FILE
  .include CHECK_DATA_LOCAL_ACL_FILE
  .endif

  accept

五、配置dovecot

mkdir -p /home/vmail/$domain
chown -R vmail:vmail /home/vmail/
chmod -R o-rwx /etc/dovecot
chown -R vmail:vmail /home/vmail/
chown -R vmail:dovecot /etc/dovecot

删除/etc/dovecot/dovecot.conf文件重新创建并录入以下代码

mailbox_list_index = yes
mail_uid = vmail
mail_gid = vmail
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes
log_path = /var/log/dovecot.log
auth_verbose = yes
auth_debug_passwords = no
mail_max_userip_connections = 300
auth_verbose_passwords = no
ssl = required
ssl_min_protocol = TLSv1.2
ssl_cert = </etc/mailssl/cert.pem
ssl_key = </etc/mailssl/certkey.pem
ssl_dh = </etc/mailssl/dovecotdh.pem
ssl_cipher_list = ALL:!kRSA:!SRP:!kDHd:!DSS:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK:!RC4:!ADH:!LOW@STRENGTH
ssl_prefer_server_ciphers = yes
mail_plugins = quota
protocols = imap pop3 lmtp
listen = *, ::
mail_max_userip_connections = 50
service dict {
  unix_listener dict {
    mode = 0666
    user = vmail
    group = vmail
  }
}
mail_home = /home/vmail/%d/%u
mail_location = maildir:~
mail_privileged_group = mail
disable_plaintext_auth = yes
auth_mechanisms = plain login
passdb {
  driver = sql
  args = /etc/dovecot/dovecot-sql.conf.ext
}

userdb {
  driver = sql
  args = /etc/dovecot/dovecot-sql.conf.ext
}

service imap-login {
  inet_listener imaps {
    port = 993
    ssl = yes
  }
}
service auth {
    unix_listener auth-userdb {
        mode = 0600
        user = vmail
  }
  user = dovecot
}
service auth-worker {
  user = vmail
}
protocol lmtp {
   mail_plugins = quota sieve
}
protocol imap {
   mail_plugins = quota imap_quota
   imap_client_workarounds = tb-extra-mailbox-sep
}
protocol pop3 {
  mail_plugins = quota
  pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
  pop3_uidl_format = %08Xu%08Xv
}

protocol lda {
  mail_plugins = $mail_plugins sieve
}

service lmtp {
  unix_listener lmtp {
    #mode = 0666
  }
}
default_process_limit = 500
default_client_limit = 5000
default_vsz_limit = 512M

service pop3-login {
  inet_listener pop3 {
    port = 110
  }
  inet_listener pop3s {
    port = 995
    ssl = yes
  }
}

service submission-login {
  inet_listener submission {
    port = 587
  }
}


plugin {
    autocreate = Trash
    autocreate2 = Sent
    autosubscribe = Trash
    autosubscribe2 = Sent
    quota = dict:User quota::proxy::quotadict
    quota_rule2 = Trash:storage=+10%%
    quota_warning = storage=100%% quota-warning +100 %u
    quota_warning2 = storage=95%% quota-warning +95 %u
    quota_warning3 = storage=80%% quota-warning +80 %u
    quota_warning4 = -storage=100%% quota-warning -100 %u
}
namespace inbox {
  inbox = yes
  mailbox Drafts {
    auto = create
    special_use = \Drafts
  }
  mailbox Junk {
    auto = create
    special_use = \Junk
  }
  mailbox Archive {
    auto = subscribe
    special_use = \Archive
  }
  mailbox Trash {
    auto = create
    special_use = \Trash
  }
 
  mailbox Sent {
    auto = create
    special_use = \Sent
  }
  mailbox "Sent Messages" {
    auto = create
    special_use = \Sent
  }
  mailbox Spam {
    auto = subscribe
    special_use = \Junk
  }
}

删除dovecot连接数据库文件并重新创建一个/etc/dovecot/dovecot-sql.conf.ext文件

driver = mysql
connect = host=127.0.0.1 dbname=pdmail user=pdmail password=123258
default_pass_scheme = CRYPT
password_query = SELECT email AS user, password FROM mod_exim4_mailboxes WHERE email = '%u'
user_query = SELECT email FROM mod_exim4_mailboxes WHERE email = '%u'

六插入数据
mysql -uroot -p123258
use pdmail;

INSERT INTO mod_exim4_domains(`id` ,`domain`)VALUES('1', '你的域名');
INSERT INTO mod_exim4_mailboxes(`id`, `email`, `password`, `maildir` )VALUES('1', '[email protected]', ENCRYPT('Ww123258'), '/域名/邮件地址');

完成