postfixadmin +procmailな環境でメールディレクトリの自動作成・削除
- 2009.10.15
- CentOS5.x postfix postfixadmin メールサーバ
- postfix, postfixadmin, procmail

メールサーバ構築のまとめ(複数のバーチャルドメイン+Postfix+MySQL+Dovecot+procmail+Clam AntiVirus+spamassassin+postfixadmin) も参考になるかも知れません
- CentOS5.3
- Postfix +MySQL
- Dovecot
- postfixadmin
- procmail (spamassassin、Clam AntiVirus でスパムメールとウィルス対策)
postfixadminは /var/www/postfixadmin に設置してあるとし、
メールは /mail 以下に保存される設定で。
各ユーザーのメールボックスは /mail/ な感じ。
メールディレクトリ作成・削除スクリプトは/usr/local/bin/postfixadmin へ保存する。
保存用ディレクトリを作成し、postfixadmin/ADDITIONS 内にある、
を/usr/local/bin/postfixadmin 以下にコピーする。
# mkdir /usr/local/bin/postfixadmin # cp /var/www/postfixadmin/ADDITIONS/ /usr/local/bin/postfixadmin # cp /var/www/postfixadmin/ADDITIONS/ /usr/local/bin/postfixadmin # cp /var/www/postfixadmin/ADDITIONS/ /usr/local/bin/postfixadmin
削除したメールボックスは/mail/.deleted-maildirs 以下に保存されるようにする。
# mkdir /mail/.deleted-maildirs # chmod 0700 /mail/.deleted-maildirs # chown vuser:vuser /mail/.deleted-maildirs
# vi /usr/local/bin/postfixadmin/ #!/bin/sh # Example script for adding a Maildir to a Courier-IMAP virtual mail # hierarchy. # The script only looks at argument 3, assuming that it # indicates the relative name of a maildir, such as # "". # This script should be run as the user which owns the maildirs. If # the script is actually run by the apache user (e.g. through PHP), # then you could use "sudo" to grant apache the rights to run # this script as the relevant user. # Assume this script has been saved as # /usr/local/bin/ and has been # made executable. Now, an example /etc/sudoers line: # apache ALL=(courier) NOPASSWD: /usr/local/bin/ # The line states that the apache user may run the script as the # user "courier" without providing a password. # Change this to where you keep your virtual mail users' maildirs. #basedir=/var/spool/maildirs ←コメントアウト basedir=/mail ←追記 if [ ! -e "$basedir" ]; then echo "$0: basedir '$basedir' does not exist; bailing out." exit 1 fi if [ `echo $3 | fgrep '..'` ]; then echo "$0: An argument contained a double-dot sequence; bailing out." exit 1 fi maildir="${basedir}/$3" parent=`dirname "$maildir"` if [ ! -d "$parent" ]; then if [ -e "$parent" ]; then echo "$0: strange - directory '$parent' exists, but is not a directory; bailing out." exit 1 else mkdir -p "${parent}" if [ $? -ne 0 ]; then echo "$0: mkdir -p '$parent' returned non-zero; bailing out." exit 1 fi fi fi if [ -e "$maildir" ]; then echo "$0: Directory '$maildir' already exists! bailing out" exit 1 fi #maildirmake "$maildir" ←コメントアウト #if [ ! -d "$maildir" ]; then # echo "$0: maildirmake didn't produce a directory; bailing out." # exit 1 #fi # 以下を追記(maildirmakeの代わり) ---> mkdir "$maildir" if [ ! -d "$maildir" ]; then echo "$0: mkdir didn't produce a directory; bailing out." exit 1 fi mkdir "${maildir}cur" if [ ! -d "${maildir}cur" ]; then echo "$0: mkdir didn't produce a directory; bailing out." exit 1 fi mkdir "${maildir}new" if [ ! -d "${maildir}new" ]; then echo "$0: mkdir didn't produce a directory; bailing out." exit 1 fi mkdir "${maildir}tmp" if [ ! -d "${maildir}tmp" ]; then echo "$0: mkdir didn't produce a directory; bailing out." exit 1 fi mkdir "${maildir}.Spam" if [ ! -d "${maildir}tmp" ]; then echo "$0: mkdir didn't produce a directory; bailing out." exit 1 fi chown -R vuser:vuser "$maildir" chmod -R 700 "$maildir" #<--- exit 0
ユーザーメールボックスは、/mail/ の形式としています。
# vi /usr/local/bin/postfixadmin/ #!/bin/sh # Example script for removing a Maildir from a Courier-IMAP virtual mail # hierarchy. # The script looks at arguments 1 and 2, assuming that they # indicate username and domain, respectively. # The script will not actually delete the maildir. I moves it # to a special directory which may once in a while be cleaned up # by the system administrator. # This script should be run as the user which owns the maildirs. If # the script is actually run by the apache user (e.g. through PHP), # then you could use "sudo" to grant apache the rights to run # this script as the relevant user. # Assume this script has been saved as # /usr/local/bin/ and has been # made executable. Now, an example /etc/sudoers line: # apache ALL=(courier) NOPASSWD: /usr/local/bin/ # The line states that the apache user may run the script as the # user "courier" without providing a password. # Change this to where you keep your virtual mail users' maildirs. #basedir=/var/spool/maildirs ←コメントアウト basedir=/mail ←追記 # Change this to where you would like deleted maildirs to reside. #trashbase=/var/spool/deleted-maildirs ←コメントアウト trashbase=/mail/.deleted-maildirs ← 追記 if [ ! -e "$trashbase" ]; then echo "trashbase '$trashbase' does not exist; bailing out." exit 1 fi if [ `echo $1 | fgrep '..'` ]; then echo "First argument contained a double-dot sequence; bailing out." exit 1 fi if [ `echo $2 | fgrep '..'` ]; then echo "First argument contained a double-dot sequence; bailing out." exit 1 fi #subdir=`echo "$1" | sed 's/@.*//'` ←コメントアウト subdir=$1 ← 追記 maildir="${basedir}/$2/${subdir}" trashdir="${trashbase}/$2/`date +%F_%T`_${subdir}" parent=`dirname "$trashdir"` if [ ! -d "$parent" ]; then if [ -e "$parent" ]; then echo "Strainge - directory '$parent' exists, but is not a directory." echo "Bailing out." exit 1 else mkdir -p "$parent" if [ $? -ne 0 ]; then echo "mkdir -p '$parent' returned non-zero; bailing out." exit 1 fi fi fi if [ ! -e "$maildir" ]; then echo "maildir '$maildir' does not exist; nothing to do." exit 1 fi if [ -e "$trashdir" ]; then echo "trashdir '$trashdir' already exists; bailing out." exit 1 fi mv $maildir $trashdir exit $?
# vi /usr/local/bin/postfixadmin/ #!/bin/sh # Example script for removing a Maildir domain top-level folder # from a Courier-IMAP virtual mail hierarchy. # The script only looks at argument 1, assuming that it # indicates the relative name of a domain, such as # "". If $basedir/ exists, it will # be removed. # The script will not actually delete the directory. I moves it # to a special directory which may once in a while be cleaned up # by the system administrator. # This script should be run as the user which owns the maildirs. If # the script is actually run by the apache user (e.g. through PHP), # then you could use "sudo" to grant apache the rights to run # this script as the relevant user. # Assume this script has been saved as # /usr/local/bin/ and has been # made executable. Now, an example /etc/sudoers line: # apache ALL=(courier) NOPASSWD: /usr/local/bin/ # The line states that the apache user may run the script as the # user "courier" without providing a password. # Change this to where you keep your virtual mail users' maildirs. #basedir=/var/spool/maildirs ←コメントアウト basedir=/mail ←追記 # Change this to where you would like deleted maildirs to reside. #trashbase=/var/spool/deleted-maildirs ←コメントアウト trashbase=/mail/.deleted-maildirs ←追記 if [ `echo $1 | fgrep '..'` ]; then echo "First argument contained a double-dot sequence; bailing out." exit 1 fi if [ ! -e "$trashbase" ]; then echo "trashbase '$trashbase' does not exist; bailing out." exit 1 fi trashdir="${trashbase}/`date +%F_%T`_$1" domaindir="${basedir}/$1" if [ ! -e "$domaindir" ]; then echo "Directory '$domaindir' does not exits; nothing to do." exit 0; fi if [ ! -d "$domaindir" ]; then echo "'$domaindir' is not a directory; bailing out." exit 1 fi if [ -e "$trashdir" ]; then echo "Directory '$trashdir' already exits; bailing out." exit 1; fi mv $domaindir $trashdir exit $?
# chmod 0700 /usr/local/bin/postfixadmin/postfixadmin*
# vi /var/www/postfixadmin/ // Optional: // Script to run after creation of mailboxes. // Note that this may fail if PHP is run in "safe mode", or if // operating system features (such as SELinux) or limitations // prevent the web-server from executing external scripts. // $CONF['mailbox_postcreation_script']='sudo -u courier /usr/local/bin/'; $CONF['mailbox_postcreation_script']='sudo /usr/local/bin/postfixadmin/'; ←追記 // Optional: // Script to run after deletion of mailboxes. // Note that this may fail if PHP is run in "safe mode", or if // operating system features (such as SELinux) or limitations // prevent the web-server from executing external scripts. // $CONF['mailbox_postdeletion_script']='sudo -u courier /usr/local/bin/'; $CONF['mailbox_postdeletion_script']='sudo /usr/local/bin/postfixadmin/'; ←追記 // Optional: // Script to run after deletion of domains. // Note that this may fail if PHP is run in "safe mode", or if // operating system features (such as SELinux) or limitations // prevent the web-server from executing external scripts. // $CONF['domain_postdeletion_script']='sudo -u courier /usr/local/bin/'; $CONF['domain_postdeletion_script']='sudo /usr/local/bin/postfixadmin/'; ←追記
5)sudo を使用するので/etc/sudoers を編集する。
/etc/httpd/logs/error_log や /var/log/httpd/ssl_error_log 等のapacheのログ
参考:sudoが「sudo: sorry, you must have a tty to run sudo」と文句を言うときは
User apache
Group apache
# visudo # # Disable "ssh hostname sudo ", because it will show the password in clear. # You have to run "ssh -t hostname sudo ". # #Defaults requiretty ←コメントアウト Defaults env_reset Defaults env_keep = "COLORS DISPLAY HOSTNAME HISTSIZE INPUTRC KDEDIR \ LS_COLORS MAIL PS1 PS2 QTDIR USERNAME \ LANG LC_ADDRESS LC_CTYPE LC_COLLATE LC_IDENTIFICATION \ LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC \ LC_PAPER LC_TELEPHONE LC_TIME LC_ALL LANGUAGE LINGUAS \ _XKB_CHARSET XAUTHORITY" ## Next comes the main part: which users can run what software on ## which machines (the sudoers file can be shared between multiple ## systems). ## Syntax: ## ## user MACHINE=COMMANDS ## ## The COMMANDS section may have other options added to it. ## ## Allow root to run any commands anywhere root ALL=(ALL) ALL # 以下を追記 ----- apache ALL=(ALL) NOPASSWD: /usr/local/bin/postfixadmin/ apache ALL=(ALL) NOPASSWD: /usr/local/bin/postfixadmin/ apache ALL=(ALL) NOPASSWD: /usr/local/bin/postfixadmin/ -----
visudo でコメントアウトした
#Defaults requiretty ←コメントアウト
apacheユーザーなど 非シェルログインユーザーがsudoを実行できるようにするのに必要らしい。
メールサーバ構築(Postfix +MySQL +Dovecot +postfixadmin) 2009.10.14
OpenPNEで全然ログイン出来ない 2009.10.16
#Defaults requiretty とコメントアウトしていますが、