1.安装DOVECOT IMAP 和 POP3 服务器
1.1安装 Dovecot
[root@iZoci4ddacn248Z ~]# dnf install dovecot
Last metadata expiration check: 2:29:35 ago on Sat 22 Feb 2025 10:06:04 AM CST.
Dependencies resolved.
=============================================================================================================
Package Architecture Version Repository Size
=============================================================================================================
Installing:
dovecot x86_64 1:2.3.16-14.el9 appstream 4.7 M
Installing dependencies:
clucene-core x86_64 2.3.3.4-42.20130812.e8e3d20git.el9 appstream 585 k
libexttextcat x86_64 3.4.5-11.el9 appstream 209 k
Transaction Summary
=============================================================================================================
Install 3 Packages
Total download size: 5.5 M
Installed size: 20 M
Is this ok [y/N]: y
Downloading Packages:
(1/3): libexttextcat-3.4.5-11.el9.x86_64.rpm 1.7 MB/s | 209 kB 00:00
(2/3): dovecot-2.3.16-14.el9.x86_64.rpm 15 MB/s | 4.7 MB 00:00
(3/3): clucene-core-2.3.3.4-42.20130812.e8e3d20git.el9.x86_64.rpm 1.3 MB/s | 585 kB 00:00
-------------------------------------------------------------------------------------------------------------
Total 13 MB/s | 5.5 MB 00:00
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Installing : libexttextcat-3.4.5-11.el9.x86_64 1/3
Installing : clucene-core-2.3.3.4-42.20130812.e8e3d20git.el9.x86_64 2/3
Running scriptlet: dovecot-1:2.3.16-14.el9.x86_64 3/3
useradd warning: dovecot's uid 97 outside of the SYS_UID_MIN 201 and SYS_UID_MAX 999 range.
Installing : dovecot-1:2.3.16-14.el9.x86_64 3/3
Running scriptlet: dovecot-1:2.3.16-14.el9.x86_64 3/3
Verifying : clucene-core-2.3.3.4-42.20130812.e8e3d20git.el9.x86_64 1/3
Verifying : dovecot-1:2.3.16-14.el9.x86_64 2/3
Verifying : libexttextcat-3.4.5-11.el9.x86_64 3/3
Installed:
clucene-core-2.3.3.4-42.20130812.e8e3d20git.el9.x86_64 dovecot-1:2.3.16-14.el9.x86_64
libexttextcat-3.4.5-11.el9.x86_64
Complete![!NOTE]
如果 Dovecot 已安装,并且需要清理配置文件,请重命名或删除 /etc/dovecot/ 目
录。之后,重新安装软件包。在不删除配置文件的情况下,dnf reinstall dovecot
命令不会重置 /etc/dovecot/ 中的配置文件。
1.2.在 Dovecot 服务器上配置 TLS 加密
- 服务器证书:/etc/pki/dovecot/certs/server.example.com.crt
- 私钥:/etc/pki/dovecot/private/server.example.com.key
- 证书颁发机构(CA)证书:/etc/pki/dovecot/certs/ca.crt
cp gqliu.cn.key /etc/pki/dovecot/private/
cp DigiCert+Global+Root+G2.cer /etc/pki/dovecot/certs/
cp gqliu.cn_public.crt /etc/pki/dovecot/certs/1.2.1 对私钥文件设置安全权限
chown root:root /etc/pki/dovecot/private/gqliu.cn.key
chmod 600 /etc/pki/dovecot/private/gqliu.cn.key 1.2.2 使用 Diffie-Hellman 参数生成文件
openssl dhparam -out /etc/dovecot/dh.pem 4096
Generating DH parameters, 4096 bit long safe prime
1.2.3 在 /etc/dovecot/conf.d/10-ssl.conf 文件中设置证书和私钥文件的路径
a. 更新 ssl_cert 和 ssl_key 参数,并将其设置为使用服务器的证书和私钥的路径:
ssl_cert = </etc/pki/dovecot/certs/gqliu.cn_public.crt
ssl_key = </etc/pki/dovecot/private/gqliu.cn.keyb. 取消 ssl_ca 参数的注释,并将其设置为使用 CA 证书的路径:
ssl_ca = </etc/pki/dovecot/certs/DigiCert+Global+Root+G2.cerc. 取消 ssl_dh 参数的注释,并将其设置为使用 Diffie-Hellman 参数文件的路径:
ssl_dh = </etc/dovecot/dh.pem[!IMPORTANT]
为确保 Dovecot 从文件中读取参数的值,该路径必须以 < 字符开头。
1.3.准备 Dovecot 以使用虚拟用户
1.3.1 创建 vmail 用户:
useradd --home-dir /var/mail/ --shell /usr/sbin/nologin vmail1.3.2 仅将 /var/mail/ 的写权限授予 vmail 用户
chown vmail:vmail /var/mail/
chmod 700 /var/mail/1.3.3 取消 /etc/dovecot/conf.d/10-mail.conf 文件中 mail_location 参数的注释,并将其设置为mailbox 格式和位置
echo "mail_location = sdbox:/var/mail/%n/" >> /etc/dovecot/conf.d/10-mail.conf1.4 使用 PAM 作为 Dovecot 身份验证后端
1.4.1 在 /etc/dovecot/conf.d/auth-system.conf.ext 文件中,将 override_fields 参数添加到 userdb部分
sed -i '/^userdb {/a\ override_fields = uid=vmail gid=vmail home=/var/mail/%n/' /etc/dovecot/conf.d/auth-system.conf.ext1.5 完成 Dovecot 配置
doveconf -n1.5.1 启用并启动 dovecot 服务
systemctl enable --now dovecot2.部署和配置 POSTFIX SMTP 服务器
禁用并删除 Sendmail 工具:
dnf remove sendmail安装 Postfix:
dnf install postfix
