Edited at

メールサーバー構築(PostfixAdminのセットアップ)

More than 3 years have passed since last update.


検証環境

Amazon EC2 上に2014年11月構築

centos version 6.5 64bit

postfix-2.6.6

PHP version 5.3.3

Apache/2.2.15 (CentOS)

mysql Ver 14.14 Distrib 5.1.73

Postfixadmin 2.92

Postfixはインストール済みです。


SELINUXの無効化

以下のコンフィグファイルを修正します。


/etc/selinux/config

# SELINUX=enforcing

SELINUX=disabled

再起動しSELINUXが無効化されているか確認します。


check

getenforce

> Disabled


Postfixadminのインストール


Postfixadminとは?

Postfixと連携し、Web画面からVirtual Domainの設定やメールアドレスの追加などが行えるツールです。


セットアップ

はじめに、Posfixadminを動かすためにapacheをインストールしサービスを起動する。PostfixadminはPHPを使うためインストールします。

yum install httpd php

service httpd start
chkconfig httpd on

Webにアクセスできるようiptablesを停止します。

chkconfig iptables off

service iptables stop
chkconfig ip6tables off
service ip6tables stop

localhostにアクセスして確認します。


check

curl http://localhost 


Postfixadminをダウンロードして設置します。

wget http://nchc.dl.sourceforge.net/sourceforge/postfixadmin/postfixadmin-2.92.tar.gz

tar zxvf postfixadmin-2.92.tar.gz
mv postfixadmin-2.92 /var/www/html/postfixadmin

vi /etc/httpd/conf/httpd.confします。/var/www/html以下でPHPが実行できるようにExecCGIを追加します。


/etc/httpd/conf/httpd.conf

<Directory "/var/www/html">

#
# Possible values for the Options directive are "None", "All",
# ( 略 )
# for more information.
#
# Options Indexes FollowSymLinks
Options Indexes FollowSymLinks ExecCGI


http://localhost/postfixadmin/setup.php にアクセスします。

以下のエラーメッセージにしたがい、コンフィグファイルを修正します。


Please edit config.inc.php - change $CONF['configured'] to true after setting your database settings


cd /var/www/html/postfixadmin

cp config.inc.php config.inc.php.org
vi config.inc.php

以下一部変更部分周辺のみ抜粋です。


/var/www/html/postfixadmin/config.inc.php

/*****************************************************************

* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
* You have to set $CONF['configured'] = true; before the
* application will run!
* Doing this implies you have changed this file as required.
* i.e. configuring database etc; specifying setup.php password etc.
*/
// $CONF['configured'] = false;
$CONF['configured'] = true;

// In order to setup Postfixadmin, you MUST specify a hashed password here.
// To create the hash, visit setup.php in a browser and type a password into the field,
// on submission it will be echoed out to you as a hashed value.
// $CONF['setup_password'] = 'changeme';
$CONF['setup_password'] = 'test!123';

// Language config
// Language files are located in './languages', change as required..
// $CONF['default_language'] = 'en';
$CONF['default_language'] = 'ja';

// Database Config
// mysql = MySQL 3.23 and 4.0, 4.1 or 5
// mysqli = MySQL 4.1+
// pgsql = PostgreSQL
$CONF['database_type'] = 'mysqli';
$CONF['database_host'] = 'localhost';
$CONF['database_user'] = 'postfix';
$CONF['database_password'] = 'test!123';
$CONF['database_name'] = 'postfix';

// Site Admin
// Define the Site Admin's email address below.
// ...
$CONF['admin_email'] = 'postmaster@example.com';

// Mailboxes
// If you want to store the mailboxes per domain set this to 'YES'.
// Examples:
// YES: /usr/local/virtual/domain.tld/username@domain.tld
// NO: /usr/local/virtual/username@domain.tld
$CONF['domain_path'] = 'YES';
// If you don't want to have the domain in your mailbox set this to 'NO'.
// Examples:
// YES: /usr/local/virtual/domain.tld/username@domain.tld
// NO: /usr/local/virtual/domain.tld/username
// Note: If $CONF['domain_path'] is set to NO, this setting will be forced to YES.
$CONF['domain_in_mailbox'] = 'NO';

// Default Domain Values
// Specify your default values below. Quota in MB.
$CONF['aliases'] = '100';
$CONF['mailboxes'] = '100';
$CONF['maxquota'] = '300';

// Quota
// When you want to enforce quota for your mailbox users set this to 'YES'.
$CONF['quota'] = 'YES';


デフォルトのquotaは10MBとPOPにしても少なすぎるため100MBに。

パスワード関係について補足です。デフォルトでDBには暗号化されて保存されます。またパスワードポリシーが設定されています。設定変更でパスワードの自動生成や管理画面から見えるようにもできます。


/var/www/html/postfixadmin/config.inc.php

// Encrypt

// In what way do you want the passwords to be crypted?
// md5crypt = internal postfix admin md5
// md5 = md5 sum of the password
// system = whatever you have set as your PHP system default
// cleartext = clear text passwords (ouch!)
// mysql_encrypt = useful for PAM integration
// authlib = support for courier-authlib style passwords
// dovecot:CRYPT-METHOD = use dovecotpw -s 'CRYPT-METHOD'. Example: dovecot:CRAM-MD5
// (WARNING: don't use dovecot:* methods that include the username in the hash - you won't be able to login to PostfixAdmin in this case)
$CONF['encrypt'] = 'md5crypt';

// In what flavor should courier-authlib style passwords be encrypted?
// md5 = {md5} + base64 encoded md5 hash
// md5raw = {md5raw} + plain encoded md5 hash
// SHA = {SHA} + base64-encoded sha1 hash
// crypt = {crypt} + Standard UNIX DES-encrypted with 2-character salt
$CONF['authlib_default_flavor'] = 'md5raw';

// Password validation
$CONF['password_validation'] = array(
# '/regular expression/' => '$PALANG key (optional: + parameter)',
'/.{5}/' => 'password_too_short 5', # minimum length 5 characters
'/([a-zA-Z].*){3}/' => 'password_no_characters 3', # must contain at least 3 characters
'/([0-9].*){2}/' => 'password_no_digits 2', # must contain at least 2 digits
);

// Generate Password
// Generate a random password for a mailbox or admin and display it.
// If you want to automagically generate passwords set this to 'YES'.
$CONF['generate_password'] = 'NO';

// Show Password
// Always show password after adding a mailbox or admin.
// If you want to always see what password was set set this to 'YES'.
$CONF['show_password'] = 'NO';


EXECCGIでCGIの実行を許可しましょう。

<Directory "/var/www/html">

#
# Possible values for the Options directive are "None", "All",
# or any combination of:
# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
#
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
#
# The Options directive is both complicated and important. Please see
# http://httpd.apache.org/docs/2.2/mod/core.html#options
# for more information.
#
# Options Indexes FollowSymLinks
Options Indexes FollowSymLinks ExecCGI

再びhttp://localhost/postfixadmin/setup.php にアクセスします。



エラーがいくつかでると思うので修正します。


Error Smarty template ...


テンプレートファイルの保存場所を書き込めるようにアクセス権変更します。

chmod 777 /var/www/html/postfixadmin/templates_c/


Error There is no database support ...


Mysqlをインストールし起動します。

yum -y install mysql-server php-mysql

service mysqld start
chkconfig mysqld on
service httpd restart


Error: Can't connect to database


mysqlにログインし、Postfixadmin用データベースとユーザーを作成します。ユーザーはpostfixデータベースに対してローカルホストからのみアクセス許可を与え、flush文でアクセス権の設定を反映させます。

mysql -u root

Welcome to the MySQL monitor. Commands end with ; or \g.
...
mysql>
mysql> create database postfix;
Query OK, 1 row affected (0.00 sec)

mysql> create user 'postfix'@'localhost' identified by 'test!123';
Query OK, 0 rows affected (0.00 sec)

mysql> grant all privileges on postfix.* to 'postfix' identified by 'test!123';
Query OK, 0 rows affected (0.00 sec)

mysql> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.00 sec)

mysql> exit
Bye


Error: Depends on: multibyte string - NOT FOUND

Warning: Depends on: IMAP functions - NOT FOUND


phpのモジュールを入れます。 

yum -y install php-mbstring php-imap

service httpd restart

再びアクセスするとデータベースおよびテーブルが作成されます。


Everything seems fine... attempting to create/update database structure

Updating database:

- old version: 0; target version: 1685


mysql -u postfix -p

Enter password: test!123
Welcome to the MySQL monitor. Commands end with ; or \g.

mysql> use postfix;
mysql> show tables;
+-----------------------+
| Tables_in_postfix |
+-----------------------+
| admin |
| alias |
| alias_domain |
| config |
| domain |
| domain_admins |
| fetchmail |
| log |
| mailbox |
| quota |
| quota2 |
| vacation |
| vacation_notification |
+-----------------------+
13 rows in set (0.00 sec)

Setup password はtest!123$CONF['setup_password']で設定したものです。管理者はpostmaster@example.comとしました。パスワードはここではpostfix!123としました。


Setup password not specified correctly

If you want to use the password you entered as setup password, edit config.inc.php or config.local.php and set

$CONF['setup_password'] = > '2c2bdf2f6bab1166db15bee22b2a3d63:b2ed1ede7e2a64eb6af69d1e89bd25201ad8bad0';


とでてくるので、$CONF['setup_password']を修正します。


/var/www/html/postfixadmin/config.inc.php

// In order to setup Postfixadmin, you MUST specify a hashed password here.

// To create the hash, visit setup.php in a browser and type a password into the field,
// on submission it will be echoed out to you as a hashed value.
// $CONF['setup_password'] = 'changeme';
//$CONF['setup_password'] = 'test!123';
$CONF['setup_password'] = '2c2bdf2f6bab1166db15bee22b2a3d63:b2ed1ede7e2a64eb6af69d1e89bd25201ad8bad0';


http://hogehoge/postfixadmin/

へアクセスしログインできれば成功です。