Ubuntu 16.04.5 Apache2 MySQL Postfix 带 MySQL Dovecot SASL2 UFW
我正在尝试在这台机器上安装一个可以正常工作的邮件服务器和客户端。我遵循本教程允许通过 MySQL 进行身份验证。我已正确设置所有数据库条目,并在 PostfixAdmin 中设置了域/邮箱。一切进展顺利,直到 RoundCube 安装中的测试登录。用户无法通过端口 993 连接进行登录。
Connecting to localhost...
IMAP connect: NOT OK(Login failed for [email protected] from /ip address/. Could not connect to localhost:993: Connection refused)
Connection refused我也尝试过使用 Telnet 远程登录到 {IP 地址} 993 。
服务器运行在静态 IP 地址上。RoundCube 位于../html/webmail/目录中,运行良好,但 PHPMyAdmin 等程序位于,http://{ipaddress}/phpmyadmin因为有多个用于 Web 服务的虚拟主机。
UFW 允许所有必要的 IMAP/POP3 端口。
To Action From
-- ------ ----
Apache Full ALLOW Anywhere
20/tcp ALLOW Anywhere
21/tcp ALLOW Anywhere
990/tcp ALLOW Anywhere
40000:50000/tcp ALLOW Anywhere
22 ALLOW Anywhere
80 ALLOW Anywhere
443 ALLOW Anywhere
8080 ALLOW Anywhere
Postfix ALLOW Anywhere
993 ALLOW Anywhere
143 ALLOW Anywhere
110 ALLOW Anywhere
995 ALLOW Anywhere
25 ALLOW Anywhere
25/tcp ALLOW Anywhere
Apache Full (v6) ALLOW Anywhere (v6)
20/tcp (v6) ALLOW Anywhere (v6)
21/tcp (v6) ALLOW Anywhere (v6)
990/tcp (v6) ALLOW Anywhere (v6)
40000:50000/tcp (v6) ALLOW Anywhere (v6)
22 (v6) ALLOW Anywhere (v6)
80 (v6) ALLOW Anywhere (v6)
443 (v6) ALLOW Anywhere (v6)
8080 (v6) ALLOW Anywhere (v6)
Postfix (v6) ALLOW Anywhere (v6)
993 (v6) ALLOW Anywhere (v6)
143 (v6) ALLOW Anywhere (v6)
110 (v6) ALLOW Anywhere (v6)
995 (v6) ALLOW Anywhere (v6)
25 (v6) ALLOW Anywhere (v6)
25/tcp (v6) ALLOW Anywhere (v6)
Dovecot 正在运行
# 2.2.22 (fe789d2): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.13 (7b14904)
# OS: Linux 4.4.0-141-generic x86_64 Ubuntu 16.04.5 LTS ext4
auth_debug = yes
auth_debug_passwords = yes
auth_mechanisms = plain login
auth_verbose = yes
auth_verbose_passwords = plain
mail_debug = yes
mail_location = maildir:/var/mail/vmail/%d/%n/Maildir
mail_privileged_group = mail
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext
namespace inbox {
inbox = yes
location =
mailbox Drafts {
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox Sent {
special_use = \Sent
}
mailbox "Sent Messages" {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}
prefix =
}
passdb {
args = /etc/dovecot/dovecot-sql.conf.ext
driver = sql
}
plugin {
sieve = file:~/sieve;active=~/.dovecot.sieve
}
protocols = " imap sieve"
service auth {
unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0600
user = postfix
}
unix_listener auth-userdb {
mode = 0600
user = vmail
}
user = dovecot
}
ssl = no
userdb {
args = uid=vmail gid=vmail home=/var/mail/vmail/%d/%n
driver = static
}
verbose_ssl = yes
protocol lda {
mail_plugins = " sieve"
}
Postfix 配置
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
inet_interfaces = all
inet_protocols = all
mailbox_size_limit = 0
mydestination = $myhostname, example.com, {rootusername}, localhost.localdomain, localhost, example2.com, example3.com
myhostname = {rootusername}
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
myorigin = /etc/mailname
readme_directory = no
recipient_delimiter = +
relayhost =
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_tls_auth_only = no
smtpd_tls_cert_file = /etc/letsencrypt/live/example.com/fullchain.pem
smtpd_tls_key_file = /etc/letsencrypt/live/example.com/privkey.pem
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
virtual_alias_maps = mysql:/etc/postfix/sql/mysql_virtual_alias_maps.cf
virtual_mailbox_domains = mysql:/etc/postfix/sql/mysql_virtual_domains_maps.cf
virtual_mailbox_maps = mysql:/etc/postfix/sql/mysql_virtual_mailbox_maps.cf
不需要证书/密钥文件,我尝试添加它们以查看是否有任何差异。SSL 证书适用于域和某些子域,没有 mail.example.com。
奇怪的是,没有任何程序在监听 993 端口,而 Dovecot 却在监听 4190 端口?
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State User Inode PID/Program name
tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN 111 14759 1084/mysqld
tcp 0 0 0.0.0.0:587 0.0.0.0:* LISTEN 0 34677 6207/master
tcp 0 0 0.0.0.0:143 0.0.0.0:* LISTEN 0 43563 7001/dovecot
tcp 0 0 0.0.0.0:465 0.0.0.0:* LISTEN 0 34683 6207/master
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 0 16213 1149/sshd
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 0 34671 6207/master
tcp 0 0 0.0.0.0:4190 0.0.0.0:* LISTEN 0 43523 7001/dovecot
tcp 0 212 xx.xxx.xx.xxx:22 xxx.xx.xxx.xxx:53808 ESTABLISHED 0 75664 12943/sshd: ********
tcp6 0 0 :::587 :::* LISTEN 0 34678 6207/master
tcp6 0 0 :::143 :::* LISTEN 0 43564 7001/dovecot
tcp6 0 0 :::80 :::* LISTEN 0 18106 1614/apache2
tcp6 0 0 :::465 :::* LISTEN 0 34684 6207/master
tcp6 0 0 :::21 :::* LISTEN 0 12274 1012/vsftpd
tcp6 0 0 :::22 :::* LISTEN 0 16215 1149/sshd
tcp6 0 0 :::25 :::* LISTEN 0 34672 6207/master
tcp6 0 0 :::443 :::* LISTEN 0 18110 1614/apache2
tcp6 0 0 :::4190 :::* LISTEN 0 43524 7001/dovecot
tcp6 0 0 xx.xxx.xx.xxx:80 xxx.xx.xxx.xxx:53832 TIME_WAIT 0 0 -
为什么 Dovecot 会在 4190 上监听?我已确保所有配置都正确,重新启动了所有需要的服务,甚至尝试重新启动系统。我是不是犯了一个明显的错误?
答案1
经过一些调试后我发现:
错误 1:假设993是正确的端口。Dovecot 正在 上运行143。Roundcube 中服务器的正确设置是tls://localhost。
错误 2: 在/etc/dovecot/dovecot-sql.conf.ext connect和password_query 必须位于单独的行上。可能是由于从教程中复制/粘贴。
正确的:
connect = host=localhost dbname=postfix user=postfix password=dontusep@ssw0rd
password_query = SELECT username,domain,password FROM mailbox WHERE username='%u';
错误的
connect = host=localhost dbname=postfix user=postfix password=dontusep@ssw0rd password_query = SELECT username,domain,password FROM mailbox WHERE username='%u';
推荐
nano /etc/dovecot/conf.d/10-logging.conf
设置log_path = /var/log/dovecot.log以区分错误和系统错误。Dovecot 将记录您弄乱的内容。
希望这对将来的某人有所帮助。