我正在创建一个开源免费docker邮件服务器 https://github.com/kristijorgji/docker-mailserver
我已经使用 postfix + dovecot + mysql 为虚拟用户和域进行了一些设置,但问题是我不知道如何测试设置...WIP
然后我从 dovecot 收到一些错误/var/log/error
。在这里了解如何将其更改为 /var/error/log/dovecot.error,以便我知道是他们发的
==> /var/log/error <==
Jul 22 15:11:31 ae8be021402f dovecot[1321]: auth: Fatal: sql: Unknown database driver 'mysql'
Jul 22 15:11:31 ae8be021402f dovecot[1318]: master: Error: service(auth): command startup failed, throttling for 60.000 secs
Jul 22 15:11:31 ae8be021402f dovecot[1321]: lmtp([email protected])<1642><3S3iFgO+2mJqBgAAAfX72A>: Error: auth-master: userdb lookup([email protected]): Disconnected unexpectedly
Jul 22 15:11:31 ae8be021402f dovecot[1321]: lmtp(1642): Error: lmtp-server: conn unix:pid=1639,uid=101 [1]: rcpt [email protected]: Failed to lookup user [email protected]: Internal error occurred. Refer to server log for more information.
Jul 22 15:11:31 ae8be021402f dovecot[1321]: lmtp([email protected])<1638><4FHMHxy+2mJmBgAAAfX72A>: Error: auth-master: userdb lookup([email protected]): Disconnected unexpectedly
Jul 22 15:11:31 ae8be021402f dovecot[1321]: lmtp(1638): Error: lmtp-server: conn unix:pid=1637,uid=101 [2]: rcpt [email protected]: Failed to lookup user [email protected]: Internal error occurred. Refer to server log for more information.
doveconf-n
# 2.3.16 (7e2e900c1a): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.5.16 (09c29328)
# OS: Linux 5.10.76-linuxkit aarch64 Ubuntu 22.04 LTS fuse.grpcfuse
# Hostname: 6222782bccb4
auth_mechanisms = plain login
log_path = /var/log/dovecot.log
mail_location = maildir:/var/mail/vhosts/%d/%n/
mail_privileged_group = mail
namespace {
inbox = yes
location =
mailbox {
special_use = \Drafts
name = Drafts
}
mailbox {
special_use = \Junk
name = Junk
}
mailbox {
special_use = \Sent
name = Sent
}
mailbox {
special_use = \Sent
name = Sent Messages
}
mailbox {
special_use = \Trash
name = Trash
}
prefix =
name = inbox
}
passdb {
driver = pam
}
passdb {
args = /etc/dovecot/dovecot-sql.conf.ext
driver = sql
}
protocols = imap pop3 lmtp
service replication-notify-fifo {
name = aggregator
}
service anvil-auth-penalty {
name = anvil
}
service auth-worker {
user = vmail
name = auth-worker
}
service {
unix_listener {
group = postfix
mode = 0666
user = postfix
path = /var/spool/postfix/private/auth
}
unix_listener {
mode = 0666
user = vmail
path = auth-userdb
}
user = dovecot
name = auth
}
service config {
name = config
}
service dict-async {
name = dict-async
}
service dict {
name = dict
}
service login/proxy-notify {
name = director
}
service dns-client {
name = dns-client
}
service doveadm-server {
name = doveadm
}
service imap-hibernate {
name = imap-hibernate
}
service {
inet_listener {
port = 143
name = imap
}
inet_listener {
port = 993
ssl = yes
name = imaps
}
name = imap-login
}
service imap-urlauth {
name = imap-urlauth-login
}
service imap-urlauth-worker {
name = imap-urlauth-worker
}
service token-login/imap-urlauth {
name = imap-urlauth
}
service imap-master {
name = imap
}
service indexer-worker {
name = indexer-worker
}
service indexer {
name = indexer
}
service ipc {
name = ipc
}
service {
unix_listener {
group = postfix
mode = 0600
user = postfix
path = /var/spool/postfix/private/dovecot-lmtp
}
name = lmtp
}
service log-errors {
name = log
}
service old-stats-mail {
name = old-stats
}
service {
inet_listener {
port = 0
name = pop3
}
inet_listener {
port = 995
ssl = yes
name = pop3s
}
name = pop3-login
}
service login/pop3 {
name = pop3
}
service replicator-doveadm {
name = replicator
}
service stats-reader {
name = stats
}
service submission {
name = submission-login
}
service login/submission {
name = submission
}
ssl = required
ssl_cert = </etc/letsencrypt/live/mail.kristijorgji.com/cert.pem
ssl_key = # hidden, use -P to show it
userdb {
driver = passwd
}
userdb {
args = uid=vmail gid=vmail home=/var/mail/vhosts/%d/%n
driver = static
}
protocol lmtp {
service replication-notify-fifo {
name = aggregator
}
service anvil-auth-penalty {
name = anvil
}
service auth-worker {
name = auth-worker
}
service auth-client {
name = auth
}
service config {
name = config
}
service dict-async {
name = dict-async
}
service dict {
name = dict
}
service login/proxy-notify {
name = director
}
service dns-client {
name = dns-client
}
service doveadm-server {
name = doveadm
}
service imap-hibernate {
name = imap-hibernate
}
service imap {
name = imap-login
}
service imap-urlauth {
name = imap-urlauth-login
}
service imap-urlauth-worker {
name = imap-urlauth-worker
}
service token-login/imap-urlauth {
name = imap-urlauth
}
service imap-master {
name = imap
}
service indexer-worker {
name = indexer-worker
}
service indexer {
name = indexer
}
service ipc {
name = ipc
}
service lmtp {
name = lmtp
}
service log-errors {
name = log
}
service old-stats-mail {
name = old-stats
}
service pop3 {
name = pop3-login
}
service login/pop3 {
name = pop3
}
service replicator-doveadm {
name = replicator
}
service stats-reader {
name = stats
}
service submission {
name = submission-login
}
service login/submission {
name = submission
}
}
protocol lda {
service replication-notify-fifo {
name = aggregator
}
service anvil-auth-penalty {
name = anvil
}
service auth-worker {
name = auth-worker
}
service auth-client {
name = auth
}
service config {
name = config
}
service dict-async {
name = dict-async
}
service dict {
name = dict
}
service login/proxy-notify {
name = director
}
service dns-client {
name = dns-client
}
service doveadm-server {
name = doveadm
}
service imap-hibernate {
name = imap-hibernate
}
service imap {
name = imap-login
}
service imap-urlauth {
name = imap-urlauth-login
}
service imap-urlauth-worker {
name = imap-urlauth-worker
}
service token-login/imap-urlauth {
name = imap-urlauth
}
service imap-master {
name = imap
}
service indexer-worker {
name = indexer-worker
}
service indexer {
name = indexer
}
service ipc {
name = ipc
}
service lmtp {
name = lmtp
}
service log-errors {
name = log
}
service old-stats-mail {
name = old-stats
}
service pop3 {
name = pop3-login
}
service login/pop3 {
name = pop3
}
service replicator-doveadm {
name = replicator
}
service stats-reader {
name = stats
}
service submission {
name = submission-login
}
service login/submission {
name = submission
}
}
protocol imap {
service replication-notify-fifo {
name = aggregator
}
service anvil-auth-penalty {
name = anvil
}
service auth-worker {
name = auth-worker
}
service auth-client {
name = auth
}
service config {
name = config
}
service dict-async {
name = dict-async
}
service dict {
name = dict
}
service login/proxy-notify {
name = director
}
service dns-client {
name = dns-client
}
service doveadm-server {
name = doveadm
}
service imap-hibernate {
name = imap-hibernate
}
service imap {
name = imap-login
}
service imap-urlauth {
name = imap-urlauth-login
}
service imap-urlauth-worker {
name = imap-urlauth-worker
}
service token-login/imap-urlauth {
name = imap-urlauth
}
service imap-master {
name = imap
}
service indexer-worker {
name = indexer-worker
}
service indexer {
name = indexer
}
service ipc {
name = ipc
}
service lmtp {
name = lmtp
}
service log-errors {
name = log
}
service old-stats-mail {
name = old-stats
}
service pop3 {
name = pop3-login
}
service login/pop3 {
name = pop3
}
service replicator-doveadm {
name = replicator
}
service stats-reader {
name = stats
}
service submission {
name = submission-login
}
service login/submission {
name = submission
}
}
protocol pop3 {
service replication-notify-fifo {
name = aggregator
}
service anvil-auth-penalty {
name = anvil
}
service auth-worker {
name = auth-worker
}
service auth-client {
name = auth
}
service config {
name = config
}
service dict-async {
name = dict-async
}
service dict {
name = dict
}
service login/proxy-notify {
name = director
}
service dns-client {
name = dns-client
}
service doveadm-server {
name = doveadm
}
service imap-hibernate {
name = imap-hibernate
}
service imap {
name = imap-login
}
service imap-urlauth {
name = imap-urlauth-login
}
service imap-urlauth-worker {
name = imap-urlauth-worker
}
service token-login/imap-urlauth {
name = imap-urlauth
}
service imap-master {
name = imap
}
service indexer-worker {
name = indexer-worker
}
service indexer {
name = indexer
}
service ipc {
name = ipc
}
service lmtp {
name = lmtp
}
service log-errors {
name = log
}
service old-stats-mail {
name = old-stats
}
service pop3 {
name = pop3-login
}
service login/pop3 {
name = pop3
}
service replicator-doveadm {
name = replicator
}
service stats-reader {
name = stats
}
service submission {
name = submission-login
}
service login/submission {
name = submission
}
}
后配置-n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
disable_vrfy_command = yes
inet_interfaces = all
inet_protocols = all
invalid_hostname_reject_code = 550
mailbox_size_limit = 0
maximal_backoff_time = 3h
minimal_backoff_time = 180s
mydestination = localhost
mydomain = kristijorgji.com
myhostname = mail.kristijorgji.com
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
myorigin = $mydomain
non_fqdn_reject_code = 550
readme_directory = no
recipient_delimiter = +
relayhost =
smtp_always_send_ehlo = yes
smtp_helo_timeout = 15s
smtp_rcpt_timeout = 15s
smtp_tls_security_level = may
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
smtpd_delay_reject = yes
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks, permit_sasl_authenticated,
smtpd_recipient_limit = 40
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_unlisted_recipient, reject_unauth_destination
smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, defer_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous, noplaintext
smtpd_sasl_tls_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_sender_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_sender, reject_unknown_sender_domain
smtpd_timeout = 30s
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/letsencrypt/live/mail.kristijorgji.com/cert.pem
smtpd_tls_key_file = /etc/letsencrypt/live/mail.kristijorgji.com/privkey.pem
smtpd_tls_security_level = may
smtpd_use_tls = yes
strict_rfc821_envelopes = yes
unknown_address_reject_code = 550
unknown_client_reject_code = 550
unknown_hostname_reject_code = 550
unverified_recipient_reject_code = 550
unverified_sender_reject_code = 550
virtual_alias_maps = mysql:/etc/postfix/mysql-virtual-alias-maps.cf, mysql:/etc/postfix/mysql-virtual-email2email.cf
virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf
virtual_transport = lmtp:unix:private/dovecot-lmtp
答案1
由于缺少 journalctl,我假设rsyslog存在。
Postfix 守护进程将信息记录到特定套接字,通常位于:
/var/spool/postfix/dev/log
检查此文件是否存在。
rsyslog从那里获取日志。应该有一个文件rsyslog配置告诉它连接到这个套接字。对于 Debian,它位于:
/etc/rsyslog.d/postfix.conf
然后,rsyslog将会把来自该套接字的信息记录到与前缀对应的文件中邮件在其配置文件中(/etc/rsyslog.d 中的某个位置)。如下所示:
*.*;mail,auth,authpriv.none -/var/log/syslog
如果以上所有事情都没问题,但您仍然有问题。 那是别的问题。
答案2
回答你的主要问题:doveadm
# test authentication
sudo doveadm auth test [email protected]
# show informations about the user (user attributes)
sudo doveadm user -u [email protected]
# show quota for a specific user
sudo doveadm quota get -u [email protected]
如果你打算使用mysql 驱动程序,确保您的配置文件具有适当的mysql用户查询和密码查询。我假设两者都是在名为/etc/dovecot/dovecot-sql.conf.ext但 dovecot split 配置样式通常使用/etc/dovecot/conf.d/auth-sql.conf.ext在您的例子中,请遵循从/etc/dovecot/conf.d/10-auth.conf找出答案。
根据dovecot的日志:
1/ 您应该安装dovecot-mysql包。只是“apt 安装“ 它。
您的 dovecot 安装中存在一些错误配置。请注意:用户身份验证配置为密码本{}部分,而用户属性(包括邮件目录)则配置为用户数据库{}部分。假设您打算使用mysql 驱动程序对彼此而言:
2/ 你的 passdb 没问题:
passdb {
args = /etc/dovecot/dovecot-sql.conf.ext
driver = sql
}
3/ 您的用户数据库使用了错误的驱动程序。
userdb {
driver = passwd
}
userdb {
args = uid=vmail gid=vmail home=/var/mail/vhosts/%d/%n
driver = static
}
使用 mysql 驱动程序的 userdb 示例如下:
userdb {
args = /etc/dovecot/dovecot-sql.conf.ext
driver = sql
}
PS:附带的配置文件/etc/dovecot/conf.d/auth-sql.conf.ext有足够多的信息来帮助您配置 dovecot,所以请参考它。