- 論壇徽章:
- 0
|
redhat9+postfix+cyrus-sasl+mysql+postfixadmin+courier-imap+courier-maildrop+squirrelmail(courier-sqwebmail openwebmail)+clamav+spamassassin+amavisd-new
2005年5月5日加入Cyrus SASL with MySQL Encrypted Passwords
2005年5月3日更新防病毒及防垃圾
2005年4月12日加入mysql日志管理
2005年4月10日至13日加入openwebmail
2005年4月8日加入apache自啟動腳本
2004年10左右成稿
1.mysql
2.apache
3.php
4.cyrus-sasl
5.postfix
6.postfixadmin
7.courier-authlib
8.courier-imap
9.courier-maildrop
10.webmail
10.1.sqwebmai
10.2.squirrelmail
10.3.openwebmail
11.clamav
12.spamassassin
13.amavisd-new
14.后記加一點說明
15.附:啟動腳本
本文用到的軟件
MySQL 4.1.11
網(wǎng)站:http://www.mysql.com
下載
APACHE 2.0.54
網(wǎng)站:http://www.apache.org
下載
PHP 4.3.11
網(wǎng)站:http://www.php.net
下載
Cyrus-SASL 2.1.20
網(wǎng)站:http://asg.web.cmu.edu/sasl
下載
Postfix 2.2.3
網(wǎng)站:http://www.postfix.org
下載
PostfixAdmin 2.1.0
網(wǎng)站:http://www.postfixadmin.com
下載
Courier-authlib 0.55
網(wǎng)站:http://www.courier-mta.org/authlib
下載
Courier-IMAP 4.0.2
網(wǎng)站:http://www.courier-mta.org/imap
下載
Courier-maildrop 1.8.0
網(wǎng)站:http://www.courier-mta.org/maildrop
下載
Courier-sqwebmail 5.0.1
網(wǎng)站:http://www.courier-mta.org/sqwebmail
下載
SquirrelMail 1.4.4
網(wǎng)站:http://www.squirrelmail.org
下載
Openwebmail 2.51
網(wǎng)站:http://openwebmail.org
下載
clamav 0.84
網(wǎng)站:http://www.clamav.net
下載
Spamassassin 3.0.3
網(wǎng)站:http://spamassassin.apache.org
下載
amavisd-new 2.3.0
網(wǎng)站:http://www.ijs.si/software/amavisd
下載
1.安裝mysql 4.1.11
# groupadd mysql
# useradd -g mysql mysql
# wget http://dev.mysql.com/get/Downloads/MySQL-4.1/mysql-4.1.11.tar.gz/from/http://mysql.new21.com/
# tar -zxvf mysql-4.1.11.tar.gz
# cd mysql-4.1.11
# ./configure --prefix=/usr/local/mysql --with-charset=gbk
# make
# make install
# cp support-files/my-medium.cnf /etc/my.cnf
設(shè)置自啟動
# cp support-files/mysql.server /etc/rc.d/init.d/mysqld
# chmod 700 /etc/rc.d/init.d/mysqld
# chkconfig --add mysqld
安裝完以后要初始化數(shù)據(jù)庫��,要是升級安裝的請?zhí)^
# cd /usr/local/mysql
# /usr/local/mysql/bin/mysql_install_db --user=mysql
# chown -R root .
# chown -R mysql var
# chgrp -R mysql .
# /usr/local/mysql/bin/mysqld_safe --user=mysql &
好了����,至此mysql安裝完畢,你可以這樣起動你的mysql服務(wù)
# /etc/rc.d/init.d/mysqld start
# ln -s /usr/local/mysql/bin/mysql /sbin/mysql
# ln -s /usr/local/mysql/bin/mysqladmin /sbin/mysqladmin
為了能讓系統(tǒng)找到mysql����,請運行如下命令
# PATH=$PATH:/usr/local/mysql/bin
# export PATH
# echo "/usr/local/mysql/lib/mysql" >;>; /etc/ld.so.conf
# ldconfig
日志管理
開啟錯誤日志 (在[safe_mysqld]項下添加)
# vi /etc/my.cnf
[safe_mysqld]
err-log=/var/log/mysqld/err.log
開啟常規(guī)日志和更新日志 (在[mysqld]項下添加)
# vi /etc/my.cnf
[mysqld]
log=/var/log/mysqld/log.log
log-update=/var/log/mysqld/update.log
創(chuàng)建日志文件并設(shè)置權(quán)限
# mkdir /var/log/mysqld
# touch /var/log/mysqld/err.log /var/log/mysqld/log.log /var/log/mysqld/update.log
# chown -R mysql.mysql /var/log/mysqld
# service mysqld restart
說明:
錯誤日志包含了服務(wù)器寫入標(biāo)準(zhǔn)錯誤輸出設(shè)備的所有消息,同時還包括了mysql服務(wù)的啟動和關(guān)閉事件
常規(guī)日志用來記錄有關(guān)mysql服務(wù)器運行的常規(guī)信息��,包括用戶的連接、查詢及其他各種時間
更新日志用來記錄修改數(shù)據(jù)庫的查詢信息����,包括所有涉及數(shù)據(jù)庫修改的SQl語句的查詢記錄
建議調(diào)試結(jié)束后關(guān)閉日志
Go to top.
2.安裝apache 2.0.54
# wget http://apache.freelamp.com/httpd/httpd-2.0.54.tar.bz2
# tar jxvf httpd-2.0.54.tar.bz2
# cd httpd-2.0.54
# ./configure --prefix=/usr/local/apache
# make
# make install
設(shè)置自啟動
# cp support/apachectl /etc/init.d/httpd
修改/etc/init.d/httpd
# vi /etc/init.d/httpd(在第兩行之后添加如下內(nèi)容)
#!/bin/sh
#
# Startup script for the Apache Web Server
# chkconfig: - 85 15
# description: Apache is a World Wide Web server. It is used to serve \
# HTML files and CGI.
# processname: httpd
# pidfile: /usr/local/apache/log/httpd.pid
# config: /usr/local/apache/conf/httpd.conf
# chkconfig --add httpd
# chmod 755 /etc/init.d/httpd
# chkconfig httpd on
創(chuàng)建網(wǎng)頁根目錄
# mkdir /var/www
# vi /usr/local/apache/conf/httpd.conf
//存放網(wǎng)頁的目錄,原來為DocumentRoot ""���,改成:
DocumentRoot "/var/www"
//這句應(yīng)該和DocumentRoot 的目錄保持一致����,原來為<Directory "">;�����,改成:
<Directory "/var/www">;
//Indexes:當(dāng)在目錄中找不到DirectoryIndex列表中指定的文件就生成當(dāng)前目錄的文件列表
//FollowSymlinks:允許符號鏈接跟隨���,訪問不在本目錄下的文件
Options Indexes FollowSymLinks
//禁止讀取.htaccess配置文件的內(nèi)容
AllowOverride None
//指定先執(zhí)行Allow(允許)訪問規(guī)則��,再執(zhí)行Deny(拒絕)訪問規(guī)則
Order allow,deny
//設(shè)置Allow(允許)訪問規(guī)則�����,允許所有連接
Allow from all
</Directory>;
啟動服務(wù):
# /usr/local/apache/bin/apachectl start
或
# service httpd start
Go to top.
3.安裝php 4.3.11
# wget http://cn2.php.net/get/php-4.3.11.tar.bz2/from/cn.php.net/mirror
# tar -jxvf php-4.3.11.tar.bz2
# cd php-4.3.11
# ./configure \
--prefix=/usr/local/php \
--with-mysql=/usr/local/mysql \
--with-apxs2=/usr/local/apache/bin/apxs
# make
# make install
# cp php.ini-dist /usr/local/php/lib/php.ini
# vi /usr/local/php/lib/php.ini
;default_charset = "iso-8859-1"
在這行下面加一行
default_charset = "gbk"
# vi /usr/local/apache/conf/httpd.conf
找到#AddType application/x-tar .tgz 這行���,在下面加兩行���。
AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps
找到下面一行在后面加上index.php,這表示網(wǎng)站的默認(rèn)頁也能夠為index.php
DirectoryIndex index.html index.html.var index.php
注意:改變了http.conf后��,要重啟apache服務(wù)器���,否則不會生效�����!
php常用配置
max_execution_time = 30 ; // 改為600 (增加處理腳本的時間限制)
max_input_time = 600 ; //最大輸出時間600秒
memory_limit = 8M ; //改為40M (這樣才能發(fā)10M的附件)
register_global =On
post_max_size = 2M ; //php可接受的 post 方法大小 2M
file_uploads = On ; //允許上載文件
upload_max_filesize = 2M ; //最大上載文件2M
session.auto_start = 1 ; //session自動啟動
Go to top.
4.安裝cyrus-sasl 2.1.20
如果系統(tǒng)安裝已經(jīng)�,先卸載它��,或使用下面方法關(guān)閉它
# mv /usr/lib/sasl /usr/lib/sasl.OFF
# mv /usr/lib/sasl2 /usr/lib/sasl2.OFF
編譯安裝cyrus-sasl2.1.20
# wget ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/cyrus-sasl-2.1.20.tar.gz
# tar zxvf cyrus-sasl-2.1.20.tar.gz
# cd cyrus-sasl-2.1.20
# ./configure \
--disable-anon -enable-plain --enable-login \
--enable-sql --with-mysql=/usr/local/mysql \
--with-mysql-includes=/usr/local/mysql/include/mysql \
--with-mysql-libs=/usr/local/mysql/lib/mysql
# make
# make install
為了讓postfix能找到sasl�����,請運行如下命令:
# echo "/usr/local/lib" >;>; /etc/ld.so.conf
# ldconfig
# ln -s /usr/local/lib/sasl2 /usr/lib/sasl2
cyrus-sasl的密碼是不加密的��,可以下載加密認(rèn)證補丁
# http://www.viperstrike.com/~lopaka/sysadmin/cyrus-sasl-mysql-encrypt/software-sources/patch-linux
# patch lib/checkpw.c patch-linux
重新編譯安裝
# LDFLAGS="-lcrypt" ./configure --disable-anon -enable-plain --enable-login --enable-sql --with-mysql=/usr/local/mysql --with-mysql-includes=/usr/local/mysql/include/mysql --with-mysql-libs=/usr/local/mysql/lib/mysql
# make
# make install
Go to top.
5.安裝postfix 2.2.3
如果你的系統(tǒng)上原來有sendmail�,先將其停止并將其文件改名:
# /etc/init.d/sendmail stop
# chkconfig --level 0123456 sendmail off
# mv /usr/bin/newaliases /usr/bin/newaliases.orig
# mv /usr/bin/mailq /usr/bin/mailq.orig
# mv /usr/sbin/sendmail /usr/sbin/sendmail.orig
開始安裝
# groupadd -g 12345 postfix
# useradd -u 12345 -g 12345 -c postfix -d/dev/null -s/bin/false postfix
# groupadd -g 54321 postdrop
# wget ftp://postfix.cn99.com/postfix/official/postfix-2.2.3.tar.gz
# tar -zxvf postfix-2.2.3.tar.gz
# cd postfix-2.2.3
(Building Postfix with SASL authentication and mysql support)
# make -f Makefile.init makefiles \
'CCARGS=-DHAS_MYSQL -I/usr/local/mysql/include/mysql -DUSE_SASL_AUTH -I/usr/local/include/sasl' \
'AUXLIBS=-L/usr/local/mysql/lib/mysql -lmysqlclient -lz -lm -L/usr/local/lib -lsasl2'
# make install
如果/etc/aliases文件不存在,請用如下命令創(chuàng)建:
# echo postfix: root >;>; /etc/aliases
# /usr/bin/newaliases
注意:
本例中Mysql安裝在/usr/lcoal/mysql����,sasl2安裝在/usr/lib/sasl2��。如果安裝路徑不同��,請自行修改編譯時CCARGS和AUXLIBS選項��。
在執(zhí)行make install的時候可能會得到如下的提示(如果沒有就不用管了):
/usr/libexec/ld-elf.so.1: Shared object "libmysqlclient.so.12" not found
這是因為mysql不是安裝在默認(rèn)目錄中的,所以需要告訴postfix應(yīng)該到哪里去找libmysqlclient.so.12��,使用ldconfig就可以達(dá)到這個目的:
# echo /usr/local/mysql/lib/mysql >;>; /etc/ld.so.conf
# ldconfig
Go to top.
6.安裝postfixadmin 2.1.0
建立apache和maildrop的用戶和組
# groupadd vmail -g 1001
# useradd vmail -u 1001 -g 1001 -s/bin/false -d/dev/null
# vi /usr/local/apache/conf/httpd.conf
把
User nobody
Group #-1
改為
User vmail
Group vmail
# wget http://high5.net/postfixadmin/download.php?file=postfixadmin-2.1.0.tgz
# tar -zxvf postfixadmin-2.1.0.tgz
# mv postfixadmin-2.1.0 /var/www/postfixadmin
更改權(quán)限��,假定運行apache的用戶和組為vmail
# chown -R vmail:vmail /var/www/postfixadmin
# cd /var/www/postfixadmin
# chmod 640 *.php *.css
# cd /var/www/postfixadmin/admin/
# chmod 640 *.php .ht*
# cd /var/www/postfixadmin/images/
# chmod 640 *.gif *.png
# cd /var/www/postfixadmin/languages/
# chmod 640 *.lang
# cd /var/www/postfixadmin/templates/
# chmod 640 *.tpl
# cd /var/www/postfixadmin/users/
# chmod 640 *.php
建立mysql表
# cd /var/www/postfixadmin
# mysql -u root [-p] < DATABASE_MYSQL.TXT
# cp config.inc.php.sample config.inc.php
# vi config.inc.php
本例中的配置如下:
// Language config
// Language files are located in './languages'.
$CONF['default_language'] = 'cn';
// Database Config
// 'database_type' is for future reference.
$CONF['database_type'] = 'mysql';
$CONF['database_host'] = 'localhost';
$CONF['database_user'] = 'postfixadmin';
$CONF['database_password'] = 'postfixadmin';
$CONF['database_name'] = 'postfix';
//$CONF['encrypt'] = 'md5crypt';
$CONF['encrypt'] = 'cleartext';
// Mailboxes
// If you want to store the mailboxes per domain set this to 'YES'.
// Example: /usr/local/virtual/domain.tld/username@domain.tld
$CONF['domain_path'] = 'YES';
// If you don't want to have the domain in your mailbox set this to 'NO'.
// Example: /usr/local/virtual/domain.tld/username
$CONF['domain_in_mailbox'] = 'NO';
// Quota
// When you want to enforce quota for your mailbox users set this to 'YES'.
$CONF['quota'] = 'YES';
// You can either use '1024000' or '1048576'
$CONF['quota_multiplier'] = '1024000';
我們在這里使用明文口令方式���,如果想使用密文���,請把$CONF['encrypt']='cleartext';改成$CONF['encrypt']='md5crypt';
郵箱的存儲格式使用domain.ltd/username的形式,所以設(shè)置:
$CONF['domain_path'] = 'YES';
$CONF['domain_in_mailbox'] = 'NO';
然后打開瀏覽器��,進(jìn)入postfixadmin的歡迎界面�����,點擊網(wǎng)頁上的setup�����,看看檢查是否通過,記得要刪除setup.php文件�����。然后進(jìn)入http://www.yourdomain.com/postfixadmin/admin/index.php����,就可以新建域名、管理員以及郵箱了����。
Go to top.
# vi /etc/postfix/main.cf
#=====================BASE=========================
#主機(jī)名稱(用 FQDN 的方式來寫)
myhostname = www.test.com
#domain 名稱
mydomain = test.com
#郵件標(biāo)頭上面的 mail from 的那個地址
myorigin = $mydomain
#可用來收件的主機(jī)名稱(這里沒有使用$mydomain是因為我們將使用virtualhost)
mydestination = $myhostname localhost localhost.$mydomain
#允許不使用smtp發(fā)信認(rèn)證的網(wǎng)段
mynetworks = 127.0.0.0/8
inet_interfaces = all
#使用的郵箱格式
#home_mailbox = Maildir/
#mailbox_transport = maildrop
#=====================Vritual Mailbox settings=========================
# 指定用戶郵箱所在的根目錄
virtual_mailbox_base = /var/mailbox/
#指定postfix如何去檢索郵件用戶,這里是采用mysql (用戶郵箱的目錄)
virtual_mailbox_maps = mysql:/etc/postfix/mysql/mysql_virtual_mailbox_maps.cf
virtual_mailbox_domains = mysql:/etc/postfix/mysql/mysql_virtual_domains_maps.cf
virtual_alias_domains =
virtual_alias_maps = mysql:/etc/postfix/mysql/mysql_virtual_alias_maps.cf
#郵件賬號的uid, 使用apache的運行用戶
virtual_uid_maps = static:1001
virtual_gid_maps = static:1001
#virtual_uid_maps = mysql:/etc/postfix/mysql/mysql-virtual_uid_maps.cf
#virtual_gid_maps = mysql:/etc/postfix/mysql/mysql-virtual_gid_maps.cf
# use this for virtual delivery(如果沒有安裝maildrop,則此處為virtual)
#virtual_transport = virtual
#use this for maildrop-delivery (如果有maildrop�,則此處為maildrop)
virtual_transport = maildrop
#Maildrop-Options for usage with maildrop
maildrop_destination_recipient_limit = 1
maildrop_destination_concurrency_limit = 1
#/var/mailbox/最后的"/"字符不能省略
#所有的MySQL查詢配置文件統(tǒng)一存放在/etc/postfix/mysql中
#====================QUOTA========================
#每封信的最大大小(10M),postfix的默認(rèn)值是10M, 但這指的是郵件正文和編碼后附件的總和, 經(jīng)過#base64編碼,附件的大小會增加35%左右, 因此這里設(shè)定可接受郵件的大小為14M
message_size_limit = 14336000
#郵箱的默認(rèn)大小(10M)
virtual_mailbox_limit = 20971520
virtual_create_maildirsize = yes
virtual_mailbox_extended = yes
#指定postfix如何獲得用戶的quota信息(每個用戶的郵箱大小)
virtual_mailbox_limit_maps = mysql:/etc/postfix/mysql_virtual_mailbox_limit_maps.cf
# 是否允許覆蓋默認(rèn)郵箱的大小
virtual_mailbox_limit_override = yes
virtual_maildir_limit_message = Sorry, the user's maildir has overdrawn his diskspace quota, please try again later.
virtual_overquota_bounce = yes
#====================SASL========================
broken_sasl_auth_clients = yes
#In order to allow mail relaying by authenticated clients
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_invalid_hostname,
reject_non_fqdn_hostname,
reject_unknown_sender_domain,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unknown_recipient_domain,
reject_unauth_pipelining,
reject_unauth_destination,
permit
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_security_options = noanonymous
smtpd_sasl_application_name = smtpd
smtpd_banner=$myhostname ESMTP "Version not Available"
Go to top.
建立/var/mailbox并設(shè)置權(quán)限
# mkdir /var/mailbox
# chown -R vmail:vmail /var/mailbox
# chmod -R ug+rwx,o-rwx /var/mailbox
建立/etc/postfix/mysql文件夾和MySQL查詢配置文件
# mkdir /etc/postfix/mysql
1����、vi /etc/postfix/mysql/mysql_virtual_alias_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
table = alias
select_field = goto
where_field = address
2、vi /etc/postfix/mysql/mysql_virtual_domains_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
table = domain
select_field = description
where_field = domain
#additional_conditions = and backupmx = '0' and active = '1'
3���、vi /etc/postfix/mysql/mysql_virtual_mailbox_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
table = mailbox
select_field = maildir
where_field = username
#additional_conditions = and active = '1'
4、vi /etc/postfix/mysql/mysql_virtual_mailbox_limit_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
table = mailbox
select_field = quota
where_field = username
#additional_conditions = and active = '1'
Go to top.
配置 /usr/local/lib/sasl2/smtpd.conf
# vi /usr/local/lib/sasl2/smtpd.conf
pwcheck_method: auxprop
auxprop_plugin: sql
mech_list: plain login
sql_engine: mysql
sql_hostnames: localhost
sql_user: postfix
sql_passwd: postfix
sql_database: postfix
sql_select: SELECT password FROM mailbox WHERE username='%u@%r' and domain='%r' and active='1'
啟動postfix
# postfix start
測試smtp
# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 www.test.com ESMTP "Version not Available"
ehlo www.test.com
250-www.test.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250 8BITMIME
Go to top.
7.安裝Courier-authlib 0.55
新版本的imap不再包含authentication library��,必須先安裝 Courier authentication library
# wget http://www.courier-mta.org/beta/courier-authlib/courier-authlib-0.55.20050407.tar.bz2
# tar -jxvf courier-authlib-0.55.20050407.tar.bz2
# cd courier-authlib-0.55.20050407
# ./configure \
--with-redhat \
--with-authmysql=yes \
--with-mailuser=vmail --with-mailgroup=vmail \
--with-mysql-libs=/usr/local/mysql/lib/mysql --with-mysql-includes=/usr/local/mysql/include/mysql/
# make
# make install
# make install-configure
# vi /usr/local/etc/authlib/authdaemonrc (確保只使用mysql認(rèn)證模塊)
authmodulelist="authmysql"
authmodulelistorig="authmysql"
# vi /usr/local/etc/authlib/authmysqlrc
MYSQL_SERVER localhost
MYSQL_SOCKET /tmp/mysql.sock
MYSQL_DATABASE postfix
MYSQL_USERNAME postfix
MYSQL_PASSWORD postfix
MYSQL_USER_TABLE mailbox
MYSQL_LOGIN_FIELD username
#MYSQL_CRYPT_PWFIELD password
MYSQL_CLEAR_PWFIELD password
MYSQL_UID_FIELD '1001'
MYSQL_GID_FIELD '1001'
MYSQL_HOME_FIELD '/var/mailbox/'
MYSQL_MAILDIR_FIELD maildir
MYSQL_NAME_FIELD name
MYSQL_QUOTA_FIELD quota
MYSQL_WHERE_CLAUSE active='1'
DEFAULT_DOMAIN test.com
注意:確認(rèn)在這個文件中不能用空格鍵����,只能用tab鍵。
確認(rèn)只使用單引號��,比如:'/var/mailbox/','UID','GID'(本文為'1001')
localhost不能用單引號
確認(rèn)你的/etc/hosts文件中有l(wèi)ocalhost
編譯時如果支持Ipv6可能導(dǎo)致錯誤
MYSQL_GID_FIELD 和MYSQL_UID_FIELD是maildrop的UID和GID�����,而不是MySQL的��。
如果想使用md5密碼,把MYSQL_CLEAR_PWFIELD password改成MYSQL_CRYPT_PWFIELD password
啟動服務(wù)
要是想讓imap開機(jī)就啟動服務(wù):
# cp courier-authlib.sysvinit /etc/rc.d/init.d/courier-authlib
# chmod 755 /etc/rc.d/init.d/courier-authlib
# chkconfig --level 0123456 courier-authlib on
手動啟動服務(wù):
# authdaemond start
測試courier-authlib
檢查進(jìn)程:
# pstree |grep authdaemond
|-authdaemond.mys---5*[authdaemond.mys]
Go to top.
8.安裝Courier-imap 4.0.2
# wget http://www.courier-mta.org/beta/imap/courier-imap-4.0.2.20050403.tar.bz2
# tar -jxvf courier-imap-4.0.2.20050403.tar.bz2
# cd courier-imap-4.0.2.20050403
# ./configure \
--prefix=/usr/local/imap \
--with-redhat \
--disable-root-check \
--enable-unicode=utf-8,iso-8859-1,gb2312,gbk,gb18030 \
--with-trashquota \
--with-dirsync
# make
# make install-strip (先install-strip��,如果失敗�,再make install)
# make install-configure
# vi /usr/local/imap/etc/pop3d
將POP3DSTART=NO改為POP3DSTART=YES
# vi /usr/local/imap/etc/imapd
將IMAPDSTART=NO改為IMAPDSTART=YES
讓imap自啟動:
# cp courier-imap.sysvinit /etc/rc.d/init.d/courier-imap
# chmod 755 /etc/rc.d/init.d/courier-imap
# chkconfig --level 0123456 courier-imap on
手動啟動服務(wù):
# /usr/local/imap/libexec/pop3d.rc start
# /usr/local/imap/libexec/imapd.rc start
測試courier-imap
檢查進(jìn)程:
# pstree |grep courier
|-2*[courierlogger]
|-2*[couriertcpd]
檢查端口,應(yīng)該有如下端口打開:
# netstat -an |grep LISTEN
tcp??0??0 0.0.0.0:110??0.0.0.0:*??LISTEN
tcp??0??0 0.0.0.0:143??0.0.0.0:*??LISTEN
檢測POP3和IMAP服務(wù):
# telnet localhost 110
+OK Hello there
USER test@test.com
+OK Password required.
PASS test
+OK Logged in.
QUIT
+OK bye-bye
Go to top.
9.安裝Courier-maildrop 1.8.0
# groupadd vmail -g 1001
# useradd vmail -u 1001 -g 1001 -s/bin/false -d/dev/null
# wget http://jaist.dl.sourceforge.net/sourceforge/courier/maildrop-1.8.0.tar.bz2
# tar jxvf maildrop-1.8.0.tar.bz2
# cd maildrop-1.8.0
# ./configure \
--prefix=/usr/local/maildrop \
--enable-sendmail=/usr/sbin/sendmail \
--enable-trusted-users='root vmail' \
--enable-syslog=1 \
--enable-maildirquota \
--enable-maildrop-uid=1001 \
--enable-maildrop-gid=1001 \
--with-trashquota \
--with-dirsync
# make
# make install
# cp /usr/local/maildrop/bin/maildrop /usr/bin
# chmod a+rx /usr/bin/maildrop
運行maildrop -v應(yīng)該有如下提示信息:
maildrop 1.8.0 Copyright 1998-2004 Double Precision, Inc.
GDBM extensions enabled.
Courier Authentication Library extension enabled.
Maildir quota extension enabled.
This program is distributed under the terms of the GNU General Public
License. See COPYING for additional information.
新建/etc/maildroprc文件
# vi /etc/maildroprc
logfile "/var/mailbox/maildrop.log"
to "$HOME$DEFAULT"
# chmod a+r /etc/maildroprc
配置Postfix
# vi /etc/postfix/main.cf
virtual_transport = maildrop
maildrop_destination_recipient_limit = 1
# vi /etc/postfix/master.cf
maildrop unix - n n - - pipe
flags=DRhu user=vmail:vmail argv=/usr/local/maildrop/bin/maildrop -w 90 -d ${recipient}
由于maildrop沒有建立maildir的功能���,因此由一小斷腳本實現(xiàn)
# vi /etc/sudoers
vmail ALL = NOPASSWD: /usr/sbin/maildirmake.sh
新建/usr/sbin/maildirmake.sh文件
# vi /usr/sbin/maildirmake.sh
#!/bin/bash
set -e
if [ ! -f /var/mailbox/$1 ]
then
mkdir /var/mailbox/$1
fi
chown -R vmail:vmail /var/mailbox/$1
cd "/var/mailbox/$1"
/usr/local/imap/bin/maildirmake $2
chown -R 1001:12345 /var/mailbox/$1/$2
chmod -R g=s /var/mailbox/$1/$2
# chmod 755 /usr/sbin/maildirmake.sh
更改postfixadmin/admin目錄下的create-mailbox.php文件
在此文件的200行后加一行:
# vi /var/www/postfixadmin/admin/create-mailbox.php
system("sudo /usr/sbin/maildirmake.sh $fDomain ".$_POST['fUsername']);
說明:
建立的郵箱格式:/var/vmail/domain.tld/username
uid 1001 是vmail的用戶id���,也是目錄/var/vmail的owner
gid 12345 是postfix的組id
在postfixadmin中建立一測試帳戶test@test.com
測試maildrop
# maildrop -V 9 -d test@test.com
maildrop: authlib: groupid=1001
maildrop: authlib: userid=1001
maildrop: authlib: logname=test@test.com, home=/var/mailbox/, mail=test.com/test/
maildrop: Changing to /var/mailbox/
ctrl+c退出
下一步,查看日志(/var/log/maillog)看看postfix是不是和maildrop一起工作:
# cat /var/log/maillog | grep maildrop -A 2
Feb 28 11:50:41 malochia postfix/qmgr[7345]: 2875B7823E62: from=<remote@user.nl>;, size=3308, nrcpt=1 (queue active)
Feb 28 17:18:05 malochia postfix/pipe[11615]: 04DD57822697: to=<user@domain.tld>;, relay=maildrop, delay=0, status=sent (domain.tld)
如果沒有����,看看是不是由于配置不正確,而使郵件在隊列中
# Mailq
配置quotas
新建文件/usr/local/maildrop/etc/quotawarnmsg
# vi /usr/local/maildrop/etc/quotawarnmsg
From: 管理員 test.com <postmaster@test.com>;
Reply-To: postmaster@test.com
To: Valued Customer:;
Subject: 警告��!您的郵箱空間即將用完����!
Mime-Version: 1.0
Content-Type: text/plain; charset=gb2312
Content-Transfer-Encoding: 8bit
親愛的用戶,您的郵箱空間已用了90%�����。如果還想繼續(xù)收到郵件的話��,請刪除一些郵件。
設(shè)置quotas
Postfixadmin的數(shù)據(jù)庫的maildrop表的quota字段是int類型的��,在maildrop下不能工作��,不過我們可以修改 /usr/local/etc/authlib/authmysqlrc文件����,把其中的MYSQL_QUOTA_FIELD quota一行改為MYSQL_QUOTA_FIELD concat(quota,'S') ,如果你想限制郵件的數(shù)量���,也可以改成MYSQL_QUOTA_FIELD concat(quota,'C')���。
如果我們把一個用戶的郵箱設(shè)為10M,我們可以把quota的值改為“10000000S”�。也可以用“C”�����,“1000C”的意思是只能存放1000條郵件����。
給test@test.com發(fā)一封信,但是不用包含附件���。然后:
# cd /var/mailbox/test.com/test
# cat maildirsize
1000000S
1622 1
maildirsize這個文件存儲了郵箱配額的信息���,而且courier-imap也用這個文件���。
舉個例子說明一下該文件,我的一個maildirsize文件的內(nèi)容如下:
# cat maildirsize
5000000S
42898 9
3403 1
1622 1
2371 1
說明這個郵箱的容量是5M(如果你把quota字段的值刪除����,maildrop會自動給它一個值,但是不要把它的值設(shè)置成null)���,現(xiàn)在郵箱里有四封信�����。
假設(shè)該用戶用掉了5M中的3M��,只剩2M了����,如果來了一封大于2M的郵件��,將會被退回���,如果是1.7M的郵件����,maildrop會收下該郵件,更新maildirsize文件���,重新計算quota��,得知該用戶使用了90%(/etc/postfix/master.cf中的-w 90)以上的配額�,maildrop會拷貝/usr/local/maildrop/etc/quotawarnmsg文件到該用戶的郵箱中警告該用戶���。
Go to top.
10.webmail
10.1.安裝sqwebmail 5.0.1
# wget http://optusnet.dl.sourceforge.net/sourceforge/courier/sqwebmail-5.0.1.tar.bz2
# tar jxvf sqwebmail-5.0.1.tar.bz2
# cd sqwebmail-5.0.1
# ./configure \
--prefix=/usr/local/sqwebmail \
--enable-unicode=utf-8,iso-8859-1,gb2312,gbk,gb18030 \
--with-trashquota
# make configure-check
# make
# make install-strip
# make install-configure
啟動服務(wù)
# /usr/local/sqwebmail/libexec/sqwebmaild.rc start
測試sqwebmail
http://192.168.0.5/cgi-bin/sqwebmail
使用用戶test@test.com,密碼test�,登陸進(jìn)出以后就可以測試收發(fā)郵件了���。但是圖片不能顯示�����,只要
# mv /usr/local/apache/htdocs/webmail /var/www
修改Apache
# cd /var/www
# vi index.html //輸入一下內(nèi)容:
<html>;
<head>;
<title>;MAIL SYSTEM</title>;
<meta http-equiv="Content-Type" content="test/html;charset=gb2312">;
<meta http-equiv="refresh" content="0;url=http://mail.test.com/cgi-bin/sqwebmail">;
</head>;
<body bgcolor="#FFFFFF" test="#000000">;
</html>;
經(jīng)過以上修改以后,你就可以通過:http://mail.test.com 直接來訪問sqwebmail了���,這樣就方便多了����。可惜是英文的�����,不知道哪位達(dá)人能漢化一下���,并把界面改的漂亮一點就好了��。
Go to top.
10.2.安裝squirrelmail 1.4.4
下載squirrelmail及中文包
# wget http://jaist.dl.sourceforge.net/sourceforge/squirrelmail/squirrelmail-1.4.4.tar.bz2
# wget http://jaist.dl.sourceforge.net/sourceforge/squirrelmail/zh_CN-1.4.4-20050122.tar.bz2
把squirreelmail解壓到/var/www目錄下���。
# tar -jxvf squirrelmail-1.4.4.tar.bz2 -C /var/www/
# mv /var/www/squirrelmail-1.4.4 /var/www/squirrelmail
解壓中文包
# tar -jxvf zh_CN-1.4.4-20050122.tar.bz2 -C /var/www/squirrelmail/
在配置squirrelmail之前先下載三個插件:
Quota Usage Version 1.3
# wget http://www.squirrelmail.org/countdl.php?fileurl=http%3A%2F%2Fwww.squirrelmail.org%2Fplugins%2Fquota_usage-1.3-1.2.7.tar.gz
Compatibility Version 1.3
# wget http://www.squirrelmail.org/countdl.php?fileurl=http%3A%2F%2Fwww.squirrelmail.org%2Fplugins%2Fcompatibility-1.3.tar.gz
Change MySQL Password Version 3.2
# wget http://www.squirrelmail.org/countdl.php?fileurl=http%3A%2F%2Fwww.squirrelmail.org%2Fplugins%2Fchange_mysqlpass-3.2-1.2.8.tar.gz
把這三個插件解壓到squirrelmail的plugin目錄下并設(shè)置權(quán)限。
# tar -zxvf quota_usage-1.3-1.2.7.tar.gz -C /var/www/squirrelmail/plugins/
# tar -zxvf compatibility-1.3.tar.gz -C /var/www/squirrelmail/plugins/
# tar -zxvf change_mysqlpass-3.2-1.2.8.tar.gz -C /var/www/squirrelmail/plugins/
第一個插件是用來顯示郵箱的使用情況的�;第二個和第三個插件是用來修改密碼的。
如果不想裝這些插件��,請?zhí)^�����。
配置Quota Usage
# cd /var/www/squirrelmail/plugins/quota_usage
# cp config.php.sample config.php
配置Change MySQL Password
# cd /var/www/squirrelmail/plugins/change_mysqlpass
# cp config.php.sample config.php
# vi config.php
更改如下幾個變量:
$mysql_database = 'postfix';
$mysql_table = 'mailbox';
$mysql_userid_field = 'username';
$mysql_password_field ='password';
$mysql_manager_id = 'postfix';
$mysql_manager_pw = 'postfix';
$mysql_unixcrypt = 0;
//$mysql_MD5crypt = 1;
$mysql_MD5crypt = 0;
$use_ssl_for_password_change = 0;
如果你的密碼是MD5加密的����,就把$mysql_MD5crypt = 0;改成$mysql_MD5crypt = 1;
配置squirrelmail
# cd /var/www/squirrelmail
# ./configure
進(jìn)入10. Languages
把1. Default Language : 的en_US改成zh_CN�。
進(jìn)入8. Plugins���,添加這三個插件
打開瀏覽器輸入http://192.168.0.5/squirrelmail/��,用test@test.com登陸�,你將會在屏幕的左上角看到郵箱的使用情況���,你還會看到一條警告信息:
Warning: mysql_result(): supplied argument is not a valid MySQL result resource in /var/www/squirrelmail/plugins/change_mysqlpass/functions.php on line 129
這是由于數(shù)據(jù)庫結(jié)構(gòu)不一致造成的����,你只要把functions.php中的129行注釋調(diào)即可(在行首加//)�。
現(xiàn)在你還可以用選項中的change passwd修改你的密碼了,不過這個模塊是英文的��,如果你想改成中文的����,可以自己修改,squirrelmail網(wǎng)站上有介紹��������;蛘哒垍⒖迹
http://datastrategy.org/number5/archives/000241.html
1���、把change_mysqlpass.po與locale/zh_CN/LC_MESSAGES/squirrelmail.po合并
最簡單的方法就是:
# cat change_mysqlpass.po >;>; /var/www/squirrelmail/locale/zh_CN/LC_MESSAGES/squirrelmail.po
2、執(zhí)行:
# cd /var/www/squirrelmail/locale/zh_CN/LC_MESSAGES/
# msgfmt -o squirrelmail.mo squirrelmail.po
由于安全原因����,建議把data目錄移出web tree,比如移到/usr目錄下�����,設(shè)置權(quán)限
# cp -R /var/www/squirrelmail/data/ /var/data
# chown -R vmail.vmail /var/data
# chmod 730 -R /var/data
Go to top.
10.3.openwebmail 2.51
安裝DBI.pm
# wget http://search.cpan.org/CPAN/authors/id/T/TI/TIMB/DBI-1.48.tar.gz
# tar zxvf DBI-1.48.tar.gz
# cd DBI-1.48
# perl Makefile.PL
# make
# make test
# make install
安裝DBD-mysql
# wget http://search.cpan.org/CPAN/authors/id/R/RU/RUDY/DBD-mysql-2.9006.tar.gz
# tar zxvf DBD-mysql-2.9006.tar.gz
# cd DBD-mysql-2.9006
# export LANG='C'
# ln -s /usr/local/mysql/bin/mysql_config /usr/bin/mysql_config
# perl Makefile.PL \
--libs="-L/usr/local/mysql/lib/mysql -lmysqlclient -lz" \
--cflags=-I/usr/local/mysql/include/mysql \
--testhost=127.0.0.1
# make
# make test # Some minor error messages can be ignored here
# make install
安裝CGI.pm
# wget http://search.cpan.org/CPAN/authors/id/L/LD/LDS/CGI.pm-3.07.tar.gz
# tar zxvf CGI.pm-3.07.tar.gz
# cd CGI.pm-3.07
# perl Makefile.PL
# make
# make test
# make install
安裝Text-Iconv
# wget http://search.cpan.org/CPAN/authors/id/M/MP/MPIOTR/Text-Iconv-1.4.tar.gz
# wget http://openwebmail.org/openwebmail/download/packages/Text-Iconv-1.2.tar.gz
# tar zxvf Text-Iconv-1.2.tar.gz
# cd Text-Iconv-1.2
# perl Makefile.PL
# make
# make test
# make install
安裝MIME-Base64
# wget http://openwebmail.org/openwebmail/download/packages/MIME-Base64-3.01.tar.gz
# tar zxvf MIME-Base64-3.01.tar.gz
# cd MIME-Base64-3.01
# perl Makefile.PL
# make
# make test
# make install
安裝suidperl(9.0安裝盤的第二張盤中有)
# wget http://turtle.ee.ncku.edu.tw/openwebmail/download/redhat/rpm/packages/rh9/perl-suidperl-5.8.0-88.i386.rpm
# rpm -ivh perl-suidperl-5.8.0-88.i386.rpm
如果采用 rpm 安裝�����,安裝系統(tǒng)會自動對應(yīng)到正確路徑�。若使用手動安裝,將openwebmail目錄及data目錄移至如下/var/www/cgi-bin/openwebmail及/var/www/data�,我是用tarball安裝的
# wget http://openwebmail.org/openwebmail/download/release/openwebmail-2.51.tar.gz
# tar zxvf openwebmail-2.51.tar.gz -C /var/www
加入openwebmail的權(quán)限,編輯httpd.con�����,加入如下內(nèi)容����,假設(shè)/var/www/cgi-bin是apache的cgi-bin目錄
# vi /usr/local/apache/conf/httpd.conf
ScriptAlias /openwebmail "/var/www/cgi-bin/openwebmail/openwebmail.pl"
存盤后重新啟動apache
# service httpd restart
編輯mysql認(rèn)證文件
# vi /var/www/cgi-bin/openwebmail/auth/auth_mysql.pl
my $SQLHost = 'localhost';
my $sqlusr = 'postfix';
my $sqlpwd = 'postfix';
my $auth_db = 'postfix';
my $auth_table = 'mailbox';
my $field_username = 'username';
my $field_password = 'password';
my $field_realname = 'name';
my $field_uid = '1001';
my $field_gid = '1001';
my $field_home = 'maildir';
my $pass_type = 'cleartxt';
編輯openwebmail主配置文件
# vi /var/www/cgi-bin/openwebmail/etc/openwebmail.conf
domainnames auto
auth_module auth_mysql.pl
auth_withdomain yes
mailspooldir /var/mailbox
create_syshomedir new
use_syshomedir new
ow_cgidir /var/www/cgi-bin/openwebmail
ow_usersdir /var/mailbox
ow_cgiurl /cgi-bin/openwebmail
ow_htmldir /var/www/data/openwebmail
ow_htmlurl /data/openwebmail
logfile /var/log/openwebmail.log
quota_module quota_du.pl #磁盤限額模塊
quota_limit 30000 #用戶主目錄磁盤上限30M
spool_limit 10000 #收件箱上限10M /var/mail
enable_webdisk no
enable_sshterm no
接下來執(zhí)行初始化
# /var/www/cgi-bin/openwebmail/openwebmail-tool.pl --init
將dbm.conf中的設(shè)定改為執(zhí)行初始化后系統(tǒng)所要求的
# cp /var/www/cgi-bin/openwebmail/etc/defaults/dbm.conf /var/www/cgi-bin/openwebmail/etc/
# vi /var/www/cgi-bin/openwebmail/etc/dbm.conf
dbm_ext .db
dbmopen_ext .db
dbmopen_haslock no
再執(zhí)行一次初始化
# /var/www/cgi-bin/openwebmail/openwebmail-tool.pl --init
這時便會出現(xiàn)一些訊息���,最后出現(xiàn)一行
Send the site report?(Y/n)
按 Enter 即可,這樣便完成 openwebmail 的設(shè)定
創(chuàng)建日志文件并設(shè)置logrotate
# touch /var/log/openwebmail.log
# vi /etc/logrotate.d/syslog (加入下面幾行)
/var/log/openwebmail.log {
postrotate
/usr/bin/killall -HUP syslogd
endscript
}
測試
http://192.168.1.5/openwebmail
openwebmail不支持Maildir�����,所以照這篇文章的設(shè)置����,將不能收郵件,可以打個補����。ǚ枪俜教峁部梢园裵ostfix改成Mailbox格式的�����,但是我更期待支持Maildir的官方版�����,應(yīng)該快了吧!
Go to top.
11.安裝clamav 0.84
# wget http://jaist.dl.sourceforge.net/sourceforge/clamav/clamav-0.84.tar.gz
# tar zxvf clamav-0.84.tar.gz
# cd clamav-0.84
# groupadd clamav
# useradd -g clamav -s/bin/false -d/dev/null clamav
# ./configure --prefix=/usr/local/clamav --with-dbdir=/usr/local/share/clamav
# make
# make check
# make install
編輯/usr/local/clamav/etc/clamd.conf
# vi /usr/local/clamav/etc/clamd.conf
#Verbose logging with syslog
LogSyslog
LogVerbose
LogFacility LOG_MAIL
LogFile /var/log/clamav/clamd.log
#Change pid file location
PidFile /var/run/clamav/clamd.pid
DatabaseDirectory /usr/local/share/clamav
#Set the clamav socket
LocalSocket /var/run/clamav/clamd
#Close the connection when this limit is exceeded
StreamMaxLength 10M
#Don't run clamd as root
User amavis
#Newer versions require you to uncomment this
ScanMail
ScanArchive
編輯/usr/local/clamav/etc/freshclam.conf
# vi /usr/local/clamav/etc/freshclam.conf
DatabaseDirectory /usr/local/share/clamav
UpdateLogFile /var/log/clamav/freshclam.log
LogSyslog
LogVerbose
DatabaseOwner amavis
#Check for updates every two hours. That is the official recommendation
Checks 12
DatabaseMirror db.CN.clamav.net
DatabaseMirror database.clamav.net
NotifyClamd
注意:一定要注釋掉上面兩個文件中Example那行
添加amavis用戶和組
# groupadd amavis
# useradd -g amavis -s /bin/false -c "Amavis User" -d /dev/null amavis
創(chuàng)建日志文件夾并設(shè)置權(quán)限
# mkdir /var/log/clamav
# chmod -R 744 /var/log/clamav
# chown -R amavis:amavis /var/log/clamav
# chown -R amavis.amavis /usr/local/share/clamav
# mkdir /var/run/clamav
# chmod 700 /var/run/clamav
# chown amavis.amavis /var/run/clamav
手動更新病毒庫
# /usr/local/clamav/bin/freshclam
設(shè)置自動更新病毒庫
# vi /etc/crontab
0 4 * * * root /usr/local/clamav/bin/freshclam --quiet -l /var/log/clamd.log
啟動
# /usr/local/clamav/sbin/clamd
Go to top.
13.安裝amavisd-new 2.3.0
# wget http://www.ijs.si/software/amavisd/amavisd-new-2.3.0.tar.gz
# tar zxvf amavisd-new-2.3.0.tar.gz
# cd amavisd-new-2.3.0
# groupadd amavis
# useradd -g amavis -s /bin/false -c "Amavis User" -d /dev/null amavis
# mkdir -p /var/amavis /var/amavis/tmp /var/amavis/var /var/amavis/db
# chown -R amavis:amavis /var/amavis
# chmod -R 750 /var/amavis
# cp amavisd /usr/local/sbin/
# chown root /usr/local/sbin/amavisd
# chmod 755 /usr/local/sbin/amavisd
# cp amavisd.conf /etc/
# chown root /etc/amavisd.conf
# chmod 644 /etc/amavisd.conf
病毒郵件存放目錄
# mkdir /var/virusmails
# chown amavis:amavis /var/virusmails
# chmod 750 /var/virusmails
Go to top.
編輯/etc/amavisd.conf���,修改下面這幾行
# vi /etc/amavisd.conf
$max_servers=8;
$daemon_user = 'amavis';
$daemon_group = 'amavis';
$mydomain = 'test.com';
$db_home = "$MYHOME/db";
$inet_socket_port = 10024;
$sa_tag_level_deflt = -100;
$sa_tag2_level_deflt = 6.3;
$sa_kill_level_deflt = $sa_tag2_level_deflt;
$virus_admin = "virusalert\@$mydomain";
$sa_spam_subject_tag = '***SPAM*** ';
$notify_method = $forward_method;
$forward_method = 'smtp:127.0.0.1:10025';
$final_virus_destiny = D_DISCARD;
$final_banned_destiny = D_DISCARD;
$final_spam_destiny = D_DISCARD;
['ClamAV-clamd',
\&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd"],
qr/\bOK$/, qr/\bFOUND$/,
qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
測試amavis
# /usr/local/sbin/amavisd debug
ERROR: MISSING REQUIRED BASIC MODULES:
Time::HiRes
IO::Wrap
Unix::Syslog
Mail::Field
MIME::Words
Net::Server
BEGIN failed--compilation aborted at /usr/local/sbin/amavisd line 141.
根據(jù)出錯提示,缺什么裝什么
# perl -MCPAN -e shell
cpan>; install Time::HiRes
cpan>; install IO::Wrap
cpan>; install Unix::Syslog
cpan>; install Mail::Field
cpan>; install MIME::Words
cpan>; install Net::Server
cpan>; install BerkeleyDB
cpan>; install Convert::TNEF
cpan>; install Convert::UUlib
cpan>; install Archive::Tar
cpan>; install Archive::Zip (# export LANG=C)
cpan>; install HTML: arser
cpan>; install DB_File
cpan>; install Net: NS (when prompted to enable tests, choose no)
cpan>; install Digest::SHA1
cpan>; install Mail::SpamAssassin (# export LANG=en_US)
啟動
# /usr/local/sbin/amavisd start
Go to top.
設(shè)置postfix
修改/etc/postfix/main.cf
# vi /etc/postfix/main.cf (加入一行)
content_filter = amavis:127.0.0.1:10024
修改/etc/postfix/master.cf
# vi /etc/postfix/master.cf (在最后加上)
# amavisd-new
amavis unix - - n - 2 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
-o disable_dns_lookups=yes
localhost:10025 inet n - n - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o mynetworks=127.0.0.0/8
-o smtpd_helo_restrictions=
-o smtpd_client_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o strict_rfc821_envelopes=yes
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
重新啟動postfix
# postfix stop
# postfix start
# postfix check
# netstat -an | grep LISTEN (應(yīng)該可以看到這兩個端口在監(jiān)聽)
127.0.0.1.10024 *.* 0 0 49152 0 LISTEN
127.0.0.1.10025 *.* 0 0 49152 0 LISTEN
Go to top.
12.安裝Spamassassin 3.0.3
前面裝amavis的時候已經(jīng)裝好了�����,如果沒裝��,請按如下方式安裝
# perl -MCPAN -e shell
cpan>; install HTML:arser
cpan>; install DB_File
cpan>; install Net:NS (when prompted to enable tests, choose no)
cpan>; install Digest::SHA1
cpan>; install Mail::SpamAssassin
# vi /etc/mail/spamassassin/local.cf (修改后不用重新啟動 SpamAssassin���,立即生效)
report_safe 0
use_bayes 1
bayes_path /var/amavisd/.spamassassin/bayes
bayes_auto_learn 1
skip_rbl_checks 0
use_razor2 1
use_dcc 1
use_pyzor 1
# 是否能夠進(jìn)行 DNS 查詢。直接設(shè)定為 yes 將有效加快 amavis 的啟動速度
dns_available yes
# 檢查是否為由內(nèi)部網(wǎng)絡(luò)所寄出的信件��。
# 若是�����,則永遠(yuǎn)不判斷為垃圾郵件�����。(評分減 50 分)
# 其中的 example.net 請?zhí)鎿Q成您的 Domain Name..
header LOCAL_RCVD Received =~ /.*\(\S+\.domain\.com\s+\[.*\]\)/
describe LOCAL_RCVD Received from local machine
score LOCAL_RCVD -50
# 垃圾郵件計分規(guī)則
score DCC_CHECK 4.000
score SPF_FAIL 10.000
score SPF_HELO_FAIL 10.000
score RAZOR2_CHECK 2.500
score BAYES_99 4.300
score BAYES_90 3.500
score BAYES_80 3.000
新建文件/var/amavisd/.spamassassin/user_prefs
# touch /var/amavis/.spamassassin/user_prefs
檢查local.cf語法
# spamassassin --lint
bayes(計劃中)
啟動spamd
# /usr/bin/spamd --daemonize --pidfile /var/run/spamd.pid
下載中文垃圾垃圾郵件過濾規(guī)則Chinese_rules.cf
# wget -N -P /usr/share/spamassassin www.ccert.edu.cn/spam/sa/Chinese_rules.cf
每次更新Chinese_rules.cf需要重啟spamd方法如下
# kill -HUP `cat /var/run/spamd.pid`
自動更新中文垃圾垃圾郵件過濾規(guī)則
# vi /etc/crontab (加一行)
0 0 1 * * root wget -N -P /usr/share/spamassassin www.ccert.edu.cn/spam/sa/Chinese_rules.cf;kill -HUP `cat /var/run/spamd.pid`
測試病毒掃描
使用其他郵件系統(tǒng)用戶給該系統(tǒng)的用戶發(fā)送郵件,包含以下內(nèi)容:
X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
如果這個用戶能夠收到有病度提示的郵件說明病毒過濾已經(jīng)成功!
郵件病毒掃描日志將被記錄在/var/log/clamav/clamav.log中!
測試?yán)]件掃描
使用其他郵件系統(tǒng)用戶給該系統(tǒng)的用戶發(fā)送郵件,包含以下內(nèi)容:
XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X
然后查看郵件日志看看��,發(fā)出的郵件是否被BOUNCE或DISCARD了
建立maildrop過濾腳本(如果你使用amavisd-new來對spamassassin進(jìn)行操作的話,跳過該項)
# vi /etc/maildroprc
if ( $SIZE < 26144 )
{
exception {
xfilter "/usr/bin/spamassassin"
}
}
if (/^X-Spam-Flag: *YES/)
{
exception {
to "$HOME$DEFAULT/.Spam/"
}
}
else
{
exception {
to "$HOME$DEFAULT"
}
}
Go to top.
14.后記
大功告成,終于結(jié)束了����。這篇文章花了本人無數(shù)心血,參考了無數(shù)篇文章���,多少個日日夜夜啊�,好幾次煩得差點吐血�����,但是我堅持下來了�����。希望各位能夠成功����。
Go to top.
15.啟動腳本
postfix的啟動腳本:
# cat /etc/rc.d/init.d/postfix
#!/bin/bash
#
# mailsys This shell script takes care of starting and stopping Postfix
# author : xingyu.wang <wxy@cngnu.org>; 2004/1/28
#
# chkconfig: 2345 80 30
# description: Postfix is a Mail Transport Agent, which is the program
# that moves mail from one machine to another.
#
# processname: mailsys
# pidfile: /var/run/postfix.pid
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
. /etc/sysconfig/network
# Check that networking is up.
[ ${NETWORKING} = "no" ] && exit 0
[ -f /usr/sbin/postfix ] || exit 0
RETVAL=0
prog=" ostfix"
start() {
# Start daemons.
echo -n $"Starting $prog: "
/usr/sbin/postfix start >; /dev/null 2>;&1 &
RETVAL=$?
if [ $RETVAL -eq 0 ]; then
touch /var/lock/subsys/postfix
success $"$prog start"
else
failure $"$prog start failure"
fi
echo
return $RETVAL
}
stop() {
# Stop daemons.
echo -n $"Shutting down $prog: "
/usr/sbin/postfix stop >; /dev/null 2>;&1 &
RETVAL=$?
if [ $RETVAL -eq 0 ]; then
rm -f /var/lock/subsys/postfix
success $"$prog stop"
else
failure $"$prog stop failure"
fi
echo
return $RETVAL
}
# See how we were called.
case "$1" in
start)
start
;;
stop)
stop
;;
restart|reload)
stop
start
RETVAL=$?
;;
*)
echo $"Usage: $0 {start|stop|restart}"
exit 1
esac
exit $RETVA
# chmod 755 /etc/rc.d/init.d/postfix
# chkconfig --level 0123456 postfix on
clamav的啟動腳本(有問題)
# cat /etc/rc.d/init.d/clamd
#!/bin/bash
#
# clamav: This script controls the clamd
#
# chkconfig: 2345 79 31
# description: clamav
# processname: clamav
# pidfile: /var/run/clam.pid
# Source function library.
. /etc/rc.d/init.d/functions
prog="/usr/local/sbin/clamd"
prog_base="ClamD"
prog_config_file="/etc/clamav.conf"
## Check that networking is up.
RETVAL=0
# See how we were called.
case "$1" in
start)
echo -n "Starting $prog_base:"
$prog -c $prog_config_file >;>; /var/log/clamd.log &
RETVAL=$?
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/${prog_base}
success
echo
;;
stop)
echo -n "Shutting down $prog_base:"
#Force the kill...
kill `ps -A | grep clamd | cut -c1-6` &>; /dev/null
RETVAL=$?
#Sleep for a second or two.
/bin/sleep 3s
#Kill the stale socket.
rm -f /tmp/clamd >; /dev/null
if [ $RETVAL -eq 0 ] ; then
success
#echo "${prog_base} stopped"
rm -f /var/lock/subsys/${prog_base}
echo
else
echo
fi
;;
status)
status ${prog_base}
RETVAL=$?
;;
restart)
$0 stop
$0 start
RETVAL=$?
;;
reload)
#action $"Reloading ${prog_base}:" ${prog} -c ${prog_config_file} reload
$0 restart
RETVAL=$?
;;
*)
echo "Usage: $0 {start|stop|status|restart|reload}"
exit 1
esac
exit $RETVAL
# chmod 755 /etc/rc.d/init.d/clamd
# chkconfig --level 0123456 postfix on |
|
免費注冊
發(fā)表于 2005-05-30 17:59
