最近想给我们的iplaystudio搭建一个邮件服务器，选择的方案是经典的Postfix+Dovecot+Mysql，在此记录一下本次实践的过程，以供以后参考。在实践过程中，我主要参考了简书YusenMeng的从零开始邮件服务器搭建和CSDN上的Ubuntu之邮件服务器(Postfix, Dovecot, MySql)这两篇博文，名词解释很详细，过程也很细致，在此感谢大神们的无私分享，给了我们后来人很大的帮助。

        一开始我在阿里云服务器上进行搭建后，发现可以在自己的域内收发邮件以及接收外域的邮件，但是无法向外域发送邮件，捣鼓了半天才知道阿里封锁了对外25端口，最终我不得不转移AWS上进行操作，建议如果有向外域发送邮件的需求的话，最好选择AWS作为邮件服务器。

        下面进入正题

      开放端口

        设置AWS的安全组，开放邮件服务的相关端口

        如下图

        SMTP——25

        SMTPS——465、587

        POP3——110

        POPS——995

        IMAP——143

        IMAPS——993

       设置域名解析

        创建A记录，将我的域名（iplaystudio.top）解析到我的ip地址

        创建MX记录，指向我的域名

        分别创建mail、imap、pop、smtp的CNAME记录，指向我的域名，相当于是域名的一个别名。

        完成以上工作之后，就可以连接服务器，在服务器上进行相关工作了。

      设置HOSTNAME

        通过以下命令设置机器的hostname，hostname与我的域名保持一致

  hostnamectl set-hostname iplaystudio.top

       安装MySql

$ sudo apt-get install mysql-client mysql-server

        安装完以后会提示输入密码，下文就以root作为数据库用户，password作为数据库密码

        之后我们需要创建mail数据库，并将mail数据库的相应权限赋给root用户

$ mysql -u root -p 

Enter password: input your password 

mysql> CREATE DATABASE mail; 

mysql> USE mail; 

mysql> GRANT SELECT, INSERT, UPDATE, DELETE ON mail.* TO 'root'@'localhost' IDENTIFIED BY 'password'; 

mysql> GRANT SELECT, INSERT, UPDATE, DELETE ON mail.* TO 'root'@'127.0.0.1' IDENTIFIED BY 'password'; 

mysql> FLUSH PRIVILEGES; 

      创建domains、users、forwardings和transport四张表

mysql> CREATE TABLE domains (domain varchar(50) NOT NULL, PRIMARY KEY (domain) ); 

mysql> CREATE TABLE forwardings (source varchar(80) NOT NULL, destination TEXT NOT NULL, PRIMARY KEY (source) ); 

mysql> CREATE TABLE users (email varchar(80) NOT NULL, password varchar(20) NOT NULL, PRIMARY KEY (email) ); 

mysql> CREATE TABLE transport ( domain varchar(128) NOT NULL default '', transport varchar(128) NOT NULL default '', UNIQUE KEY domain (domain) ); 

      至此MySql数据库就设置好了。

    安装并配置Postfix

$ sudo apt-get install postfix postfix-mysql postfix-doc mailutils

      安装的过程中会弹出界面

      General type of mail configuration 我们选择 Internet Site 

      System Mail Name 填写自己的域名 iplaystudio.top

      安装完成后，修改配置文件main.cf

postconf -e 'myhostname = iplaystudio.top'

postconf -e 'mydestination = iplaystudio.top, localhost, localhost.localdomain'

postconf -e 'mynetworks = 127.0.0.0/8, 18.219.29.10'

postconf -e 'message_size_limit = 30720000'

postconf -e 'virtual_alias_domains ='

postconf -e 'virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, mysql:/etc/postfix/mysql-virtual_email2email.cf'

postconf -e 'virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf'

postconf -e 'virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf'

postconf -e 'virtual_mailbox_base = /home/vmail'

postconf -e 'virtual_uid_maps = static:5000'

postconf -e 'virtual_gid_maps = static:5000'

postconf -e 'smtpd_sasl_type = dovecot'

postconf -e 'smtpd_sasl_path = private/auth'

postconf -e 'smtpd_sasl_auth_enable = yes'

postconf -e 'broken_sasl_auth_clients = yes'

postconf -e 'smtpd_sasl_authenticated_header = yes'

postconf -e 'smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination'

postconf -e 'smtpd_use_tls = yes'

postconf -e 'smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem'

postconf -e 'smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key'

postconf -e 'proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps'

postconf -e 'virtual_transport = dovecot'

postconf -e 'local_transport = dovecot'

      修改master.cf文件

        取消注释smtps和submission部分，并在末尾加入

dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/usr/libexec/dovecot/deliver -f ${sender} -d ${recipient} 

      编写相关的虚拟文件

       虚拟domain文件

  $ sudo vim /etc/postfix/mysql-virtual_domains.cf

        由于virtual是mysql的保留关键字，所以这里的列别名要加上双引号——"virtual"

user = root

password = password

dbname = mail

query = SELECT domain AS "virtual" FROM domains WHERE domain='%s'

hosts = 127.0.0.1

        虚拟forwarding文件

$ sudo vim /etc/postfix/mysql-virtual_forwardings.cf

user = root

password = password

dbname = mail

query = SELECT destination FROM forwardings WHERE source='%s'

hosts = 127.0.0.1

        虚拟mailbox文件

$ sudo vim /etc/postfix/mysql-virtual_mailboxes.cf

user = root

password = password

dbname = mail

query = SELECT CONCAT(SUBSTRING_INDEX(email,'@',-1),'/',SUBSTRING_INDEX(email,'@',1),'/') FROM users WHERE email='%s'

hosts = 127.0.0.1

        虚拟email2email文件

$ sudo vim /etc/postfix/mysql-virtual_email2email.cf

user = root

password = password

dbname = mail

query = SELECT email FROM users WHERE email='%s'

hosts = 127.0.0.1

         设置权限

$ sudo chmod o= /etc/postfix/mysql-virtual_*.cf

$ sudo chgrp postfix /etc/postfix/mysql-virtual_*.cf

          建立用户

$ sudo groupadd -g 5000 vmail

$ sudo useradd -c 'VMail' -g vmail -u 5000 vmail -d /home/vmail -m    

        到这就完成了Postfix的安装和配置

       安装并配置Dovecot

$ sudo apt-get install dovecot-common dovecot-imapd dovecot-pop3d dovecot-mysql

        修改/etc/dovecot/dovecot.conf文件

log_timestamp = "%Y-%m-%d %H:%M:%S "

mail_location = maildir:/home/vmail/%d/%n/Maildir

namespace {

        inbox = yes

        location =

        prefix = INBOX.

        separator = .

        type = private

}

passdb {

        args = /etc/dovecot/dovecot-sql.conf

        driver = sql

}

protocols = imap pop3

disable_plaintext_auth = no

auth_mechanisms = plain login

service auth {

        unix_listener /var/spool/postfix/private/auth {

                group = postfix

                mode = 0660

                user = postfix

        }

        unix_listener auth-master {

                mode = 0600

                user = vmail

        }

        user = root

}

ssl = required

ssl_cert = </etc/ssl/certs/dovecot.pem

ssl_key = <//etc/ssl/private/dovecot.key

userdb {

        args = uid=5000 gid=5000 home=/home/vmail/%d/%n allow_all_users=yes

        driver = static

}

protocol lda {

        auth_socket_path = /var/run/dovecot/auth-master

        log_path = /home/vmail/dovecot-deliver.log

        postmaster_address = postmaster@zjc.com

}

protocol pop3 {

        pop3_uidl_format = %08Xu%08Xv

}

     创建dovecot-sql.conf文件

$ sudo vim /etc/dovecot/dovecot-sql.conf

driver = mysql

connect = host=127.0.0.1 dbname=mail user=root password=password

default_pass_scheme = CRYPT

password_query = SELECT email as user, password FROM users WHERE email='%u';

       修改dovecot-sql.conf文件权限

$ sudo chgrp vmail /etc/dovecot/dovecot.conf

$ sudo chmod g+r /etc/dovecot/dovecot.conf

        至此配置就完成了。

      重启服务

$ sudo service postfix restart

$ sudo service dovecot restart

      添加测试账号

        最后就是添加测试账号进行测试了

mysql> USE mail; 

mysql> INSERT INTO domains (domain) VALUES ('vzjc.com'); 

mysql> INSERT INTO users (email, password) VALUES ('user@iplaystudio.top', ENCRYPT('password'));

mysql> quit

      后续就可以通过user@iplaystudio.top和password来登录邮件服务器了

      在测试之前需要重启一下机器

      然后使用telnet分别测试25、587、imap、pop，看到以下结果就代表服务启动成功了

        接下来就可以通过outlook、Foxmail来登录邮件服务器，验证收发邮件功能了

        至此，邮件服务器的搭建就完成了，接下来可以参考这篇博文邮件服务器添加SPF、DKIM、DMARC、PTR提高送达率来设置SPF、DKIM和DMARC以提高邮件送达率。

      参考博文

从零开始邮件服务器搭建

Ubuntu之邮件服务器(Postfix, Dovecot, MySql)