前些时间了解了下OpenLDAP( [url]http://waringid.blog.51cto.com/65148/79517[/url] ),加上近段时间公司对Exchange邮件服务器作了一些规范要求,需要统一各地区(香港,无锡,江西,清远)的邮件显示名.(各地区有不同的邮件服务器,通过Microsoft的MIIS实现所有的联系人同步),初步估算了下要修改的用户差不多有800人,如果使用手工处理的话,那将是一个噩梦.还好通过微软自带的工具搞定了这个事情,也让我重新认识了LDAP的威力.所以想起以前做过的Mysql的Postfix邮件系统(   [url]http://waringid.blog.51cto.com/65148/58412[/url] ),为了更好的了解LDAP相关的东东,于是就有了这篇文章.其实这篇文章的其它部份和以前的那篇文章是多不多的,只不过将数据库由Mysql改成了LDAP而已.如果你也对这个感兴趣,那么,一起来吧.

    当然,开始之前都免不了要介绍一番,不然,看了半天也不知其所然.所以这里交待一下相关的系统及所需的软件及构建邮件后所拥有的功能.系统用的是RedHat AS 4,系统安装时所安装的组件和( [url]http://waringid.blog.51cto.com/65148/79517[/url] )文中所说的一致,只安装了"开发工具".而本文所用到的软件及下载地址可以参考(   [url]http://waringid.blog.51cto.com/65148/58144[/url] ),如果你想通过YUM的方式来安装相应的软件(这样是最方便的做法),你可以参考(   [url]http://waringid.blog.51cto.com/65148/51947[/url] ).最后完成的组件是:OpenLDAP+Sasl+Authlib+imap+maildrop+Apache+php+clamav+amavisd+extmail.相关的配置文件我会打包放在本文中,如果在配置中有什么问题可以参考一下.也欢迎大家一起讨论学习.

增加系统相关用户

    这其中的作用就不用我多说了吧,相信看过前面的文章或是了解过Postfix的人都应该很明白的.如果实在不清楚的话就去问Google吧,那里有最好的答案.
groupadd -g 1001 vmail
groupadd postfix
groupadd postdrop
groupadd amavis
groupadd clamav
useradd vmail -g vmail -u 1001
useradd postfix -g postfix
useradd amavis -g amavis
useradd clamav -g clamav
增加LDAP服务器记录:

    这两台记录其实是LDAP客户端查询LDAP服务器的记录,在客户端的设置文件中(ldap.conf)会用到这些记录,当然,你可以更改成其它任何的名称,如果所有的软件都是安装在同一台服务器上的话,IP地址可以设成127.0.0.1,我这里设置的是实际的地址.
echo "192.168.44.64 ldap.test.com" >> /etc/hosts
echo "192.168.44.64 ldap-master.test.com" >> /etc/hosts
安装OpneLDAP:

    你可以通过两种方式来安装,第一种是在安装系统是自已就安装了,你如果认为它的版本太低了,可以通过YUM的方式升级一下,也可以通过源代码的方式安装( [url]http://waringid.blog.51cto.com/65148/79517[/url] ),我这里是通过YUM的方式升级了一下,如果通过源代码安装的话,那后面的一些组件的安装时就需要注意一下路径了.
yum update openldap
配置OpenLDAP:

    配置LDAP需要用到extman中的schema文件,所以要先复制extman中的对于LDAP支持的schema文件到相应的地方.具体的操作如下:
tar zxvf extman-0.2.4.tar.gz
cd extman-0.2.4
cd docs
cp ./extmail.schema /etc/openldap/schema/     #复制相应的schema文件以支持Extmail
vi /etc/openldap/slapd.conf
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/nis.schema
include /etc/openldap/schema/extmail.schema # 这里需要用到它
pidfile /var/run/openldap/slapd.pid
argsfile /var/run/openldap/slapd.args
database ldbm # 数据库的存储方式可以是bdb及ldbm
suffix "dc=test.com"
rootdn "cn=Manager,dc=test.com"
rootpw {crypt}$1$s/DotdqM$B99BEOpyYJtD.CgJ34s721 #加密后的密码,
可以有多种方式,也可以使用明码
directory /var/lib/ldap
index objectClass eq
index mail,active,virtualDomain,mailLocalAddress eq,pres
配置LDAP客户端文件:

    这个文件的目的是为了客户端在执行查询或其它相关操作时能找到相应的服务器,如果没这个设置,可能会出现找不到LDAP这样的错误.
vi /etc/openldap/ldap.conf
HOST 127.0.0.1
BASE dc=test.com
URI ldap://ldap.test.comldap://ldap-master.test.com:389
SIZELIMIT 12
TIMELIMIT 15
DEREF nerver
启动LDAP:

    当然,如果你是使用源码编译LDAP的话,可能这样启动不了,但是如果能以源码的方式成功安装OpenLDAP,相信启动它也不会很困难的.
service ldap start
修改并导入初始化文件:

  vi /tmp/extman-0.2.4/docs/init.ldif    # extman的初始化文件         
:1,$ s/extmail.org/test.com/g     #          将原有的extmail.org替换为test.com
  ldapadd -x -D "cn=Manager,dc=test.com" -w password \         
  -f /tmp/extman-0.2.4/docs/init.ldif # 导入初始化文件
安装BerkeleyDB:

tar zxvf db-4.5.20.tar.gz
cd db-4.5.20/build_unix
../dist/configure --prefix=/usr/local/BerkeleyDB
make
make install
mv /usr/include/db4 /usr/include/db4.off
rm /usr/include/db_cxx.h
rm /usr/include/db.h
rm /usr/include/db_185.h
ln -sv /usr/local/BerkeleyDB/include /usr/include/db4
ln -sv /usr/local/BerkeleyDB/include/db.h /usr/include/db.h
ln -sv /usr/local/BerkeleyDB/include/db_cxx.h /usr/include/db_cxx.h
echo "/usr/local/BerkeleyDB/lib" >> /etc/ld.so.conf
ldconfig -v
安装Apache:

tar xvf httpd-2.2.4.tar.gz
cd httpd-2.2.4
./configure --prefix=/usr/local/httpd --sysconfdir=/etc --enable-so \
--enable-ssl --enable-track-vars --enable-rewrite --with-zlib \
--enable-mods-shared=most --enable-suexec --with-suexec-caller=daemon \
--with-suexec-docroot=/var/www/
make
make install
echo "/usr/local/httpd/bin/apachectl start" >> /etc/rc.local
安装PNG支持:

tar zxvf libpng-1.2.16.tar.gz
cd libpng-1.2.16
./configure --prefix=/usr/local/png
make
make install
echo "/usr/local/png/lib" >>/etc/ld.so.conf
ldconfig -v
ln -sv /usr/local/png/lib/* /usr/lib/
ln -sv /usr/local/png/lib/* /usr/local/lib/
安装JPEG支持:

mkdir /usr/local/jpeg
mkdir /usr/local/jpeg/bin
mkdir /usr/local/jpeg/lib
mkdir /usr/local/jpeg/include
mkdir /usr/local/jpeg/man
mkdir /usr/local/jpeg/man/man1
tar zxvf jpegsrc.v6b.tar.gz
cd jpeg-6b/
./configure --prefix=/usr/local/jpeg --enable-shared --enable-static
make
make install
echo "/usr/local/jpeg/lib/" >> /etc/ld.so.conf
ldconfig -v
ln -sv /usr/local/jpeg/lib/* /usr/lib/
ln -sv /usr/local/jpeg/lib/* /usr/local/lib/
安装Freetype支持:

tar zxvf freetype-2.3.2.tar.gz
cd freetype-2.3.2
./configure --prefix=/usr/local/freetype
make
make install
echo "/usr/local/freetype/lib/" >> /etc/ld.so.conf
ldconfig -v
ln -sv /usr/local/freetype/lib/* /usr/lib/
ln -sv /usr/local/freetype/lib/* /usr/local/lib/
安装Fontconfig支持:

tar zxvf fontconfig-2.4.0.tar.gz
cd fontconfig-2.4.0
./configure --prefix=/usr/local/fontconfig \
--with-freetype-config=/usr/local/freetype/bin/freetype-config
make
make install
echo "/usr/local/fontconfig/lib/" >> /etc/ld.so.conf
ldconfig -v
ln -sv /usr/local/fontconfig/lib/* /usr/lib/
ln -sv /usr/local/fontconfig/lib/* /usr/local/lib/
安装相关支持:

rpm -ivh freetype-devel-2.1.9-1.i386.rpm
rpm -ivh fontconfig-devel-2.2.3-7.i386.rpm
rpm -ivh xorg-x11-devel-6.8.1-23.EL.i386.rpm
安装XPM支持:

tar zxvf xpm-3.4k.tar.gz
cd xpm-3.4k
xmkmf -a
make
make install
安装GD支持:
tar zxvf gd-2.0.34.tar.gz
cd gd-2.0.34
./configure --prefix=/usr/local/gd --with-png=/usr/local/png/ \
--with-jpeg=/usr/local/jpeg/ --with-freetyp=/usr/local/freetype/ \
--with-fontconfig =/usr/local/fontconfig/--with-xpm
cp /usr/local/png/include/png.h ./
cp /usr/local/png/include/pngconf.h ./
make
make install
ln -sv /usr/local/gd/lib/* /usr/lib/
ln -sv /usr/local/gd/lib/* /usr/local/lib/
安装courier-authlib:

tar jxvf courier-authlib-0.59.3.tar.bz2
cd courier-authlib-0.59.3
./configure --with-redhat \
--with-mailuser=vmail --with-mailgroup=vmail \
--with-authldaprc=/etc/authlib/authldaprc --sysconfdir=/etc \
--prefix=/usr/local/authlib --without-stdheaderdir
make
make install
make install-configure
echo "/usr/local/authlib/lib/courier-authlib" >> /etc/ld.so.conf
ldconfig -v
cp courier-authlib.sysvinit /etc/init.d/courier-authlib
chmod 755 /etc/init.d/courier-authlib
chkconfig --add courier-authlib
chkconfig --level 2345 courier-authlib on
service courier-authlib start
chmod +x /usr/local/authlib/var/spool/authdaemon
设置配置文件authdaemonrc:
vi /etc/authlib/authdaemonrc
authmodulelist="authldap"
authmodulelistorig="authldap"
DEBUG_LOGIN=2
配置authldaprc:

LDAP_URI ldap://ldap.test.com
LDAP_PORT 389
LDAP_PROTOCOL_VERSION 3
LDAP_TIMEOUT 5
LDAP_MAIL mail
LDAP_FILTER (active=1)
LDAP_GLOB_UID vmail
LDAP_GLOB_GID vmail
LDAP_HOMEDIR homeDirectory
LDAP_MAILROOT /var/domains
LDAP_MAILDIRQUOTA mailQuota
LDAP_CRYPTPW userPassword
LDAP_DEREF never
LDAP_TLS 0
安装Sasl:

tar zxvf cyrus-sasl-2.1.21.tar.gz
cd cyrus-sasl-2.1.21
./configure --prefix=/usr/local/sasl2 \
--disable-anon -enable-plain --enable-login --enable-ldapdb \
--with-ldap=/usr/ \
--with-authdaemond=/usr/local/authlib/var/spool/authdaemon/socket
make
make install
mv /usr/lib/sasl2 /usr/lib/sasl2.OFF
ln -sv /usr/local/sasl2/lib/* /usr/lib
ln -sv /usr/local/sasl2/lib/* /usr/local/lib
ln -sv /usr/local/sasl2/include/sasl/* /usr/local/include
mkdir -pv /var/state/saslauthd
echo "/usr/local/sasl2/lib" >> /etc/ld.so.conf
echo "/usr/local/sasl2/lib/sasl2" >> /etc/ld.so.conf
echo "/usr/local/sasl2/sbin/saslauthd -a shadow ldao">>/etc/rc.local
/usr/local/sasl2/sbin/saslauthd -a shadow ldap
设置Sasl配置文件:

vi /usr/local/lib/sasl2/smtpd.conf
pwcheck_method:authdaemond
mech_list:PLAIN LOGIN
log_level:3
authdaemond_path:/usr/local/authlib/var/spool/authdaemon/socket
安装并配置PHP:

tar zxvf php-5.2.3.tar.gz
cd php-5.2.3
./configure --prefix=/usr/local/php \
--with-ldap=/usr --with-ldap-sasl=/usr/local/sasl2 \
--with-apxs2=/usr/local/httpd/bin/apxs --sysconfdir=/etc \
--with-libxml-dir=/usr/include/libxml2/libxml --with-gd=/usr/local/gd \
--with-png=/usr/local/png/ --with-jpeg=/usr/local/jpeg/ \
--with-xpm --with-zlib --enable-debug --enable-magic-quotes \
--enable-libgcc --enable-ftp --enable-mbstring=all \
--enable-sockets --with-gnu-ld --with-gettext
make
make install
cp php.ini-recommended /etc/php.ini
停用系统默认的Sendmail:

/etc/init.d/sendmail stop
chkconfig --level 0123456 sendmail off
mv /usr/bin/newaliases /usr/bin/newaliases.orig
mv /usr/bin/mailq /usr/bin/mailq.orig
mv /usr/sbin/sendmail /usr/sbin/sendmail.orig
rpm -e --nodeps sendmail
安装Postfix:

    在这里就需要注意一下,因为YUM安装方式及源码安装方式下,OpenLDAP的存放路径是不一样的,所以如果是使用源码安装的话,一定要注意这里引用LDAP时的路径.
tar zxvf postfix-2.5-20071006.tar.gz
cd postfix-2.5-20071006
make -f Makefile.init makefiles \
'CCARGS=-DHAS_LDAP -I/usr/local/include -DUSE_SASL_AUTH -DUSE_CYRUS_SASL \
-I/usr/local/sasl2/include/sasl -I/usr/local/BerkeleyDB/include -DUSE_TLS -I-DUSE_TLS \
-I/usr/include/openssl' \
'AUXLIBS=-L/usr/local/lib -lldap -llber -L/usr/local/sasl2/lib -lsasl2 \
-L/usr/local/BerkeleyDB/lib -L/usr/lib -lssl -lcrypto'
make
make install
newaliases   #安装时会有交互的信息,我这里没有贴出来,可以参考以前的文章
建立邮件存储文件夹:

mkdir -pv /var/mailbox
chown -R vmail:vmail /var/mailbox/
chmod -R 700 /var/mailbox/
设置Postfix配置文件:

mv /etc/postfix/main.cf /etc/postfix/main.cf.bak
mv /etc/postfix/master.cf /etc/postfix/master.cf.bak
touch /etc/postfix/main.cf
touch /etc/postfix/master.cf
postalias /etc/aliases
设置main.cf文件:

queue_directory = /var/spool/postfix         
command_directory = /usr/sbin         
daemon_directory = /usr/libexec/postfix         
mail_owner = postfix         
myhostname = mail.test.com         
mydomain = test.com         
myorigin = $mydomain         
inet_interfaces = all         
mydestination =         
unknown_local_recipient_reject_code = 550         
mynetworks = 192.168.44.0/24, 127.0.0.0/8
############################CYRUS-SASL############################         
broken_sasl_auth_clients = yes         
smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,         
reject_invalid_hostname,         
reject_non_fqdn_hostname,reject_unknown_sender_domain,reject_non_fqdn_sender,         
reject_non_fqdn_recipient,reject_unknown_recipient_domain,         
reject_unauth_pipelining,reject_unauth_destination         
smtpd_sasl_auth_enable = yes         
smtpd_sasl_local_domain = $mydomain         
smtpd_sasl_security_options = noanonymous         
smtpd_sasl_application_name = smtpd         
smtpd_banner = Welcome to our $myhostname ESMTP,Warning: Version not Available!         
#############################SASL-END##################################         
#############################Virtual Mailbox Settings####################         
virtual_mailbox_base=/var/mailbox         
virtual_mailbox_maps=ldap:/etc/postfix/ldap_virtual_mailbox_maps.cf         
virtual_mailbox_domains=ldap:/etc/postfix/ldap_virtual_domains_maps.cf         
virtual_alias_domains=         
virtual_alias_maps=ldap:/etc/postfix/ldap_virtual_alias_maps.cf         
virtual_uid_maps=static:1001         
virtual_gid_maps=static:1001         
virtual_transport=maildrop         
maildrop_destination_recipient_limit=1         
maildrop_destination_concurrency_limit=1         
#################################Mailbox END###############################         
#################################Quota Settings############################         
message_size_limit=1433600         
virtual_mailbox_limit=20791520         
virtual_create_maildirsize=yes         
virtual_mailbox_extended=yes         
virtual_mailbox_limit_maps=ldap:/etc/postfix/ldap_virtual_limit_maps.cf         
virtual_mailbox_limit_override=yes         
virtual_maildir_limit_message= Sorry,The User's maildir has overdrawn his diskspace quota,         
Please try again later.         
virtual_overquota_bounce=yes         
################################Quota END#################################         
################################Amavis Start##############################         
content_filter=amavisfeed:[127.0.0.1]:10024         
max_use=10         
################################Amavis END################################         
debug_peer_level = 2         
debugger_command =         
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin         
xxgdb $daemon_directory/$process_name $process_id & sleep 5         
sendmail_path = /usr/sbin/sendmail         
mailq_path = /usr/bin/mailq         
setgid_group = postdrop         
html_directory = /var/www/postfix_html         
manpage_directory = /usr/local/man         
sample_directory = /etc/postfix         
readme_directory = no
复制main.cf中设置的支持文件:

    这里复制过去后要做一些小小的修改,因为extman默认的管理域名都是extmail.org,而我则希望变成自定义的test.com,所以这些文件中的所有有关extmail.org的记录要全部改成test.com.
cp /tmp/extmain-0.2.4/docs/ldap* /etc/postfix/
设置master.cf文件:

vi /etc/postfix/master.cf
smtp inet n - n - - smtpd
pickup fifo n - n 60 1 pickup
cleanup unix n - n - 0 cleanup
qmgr fifo n - n 300 1 qmgr
tlsmgr unix - - n 1000? 1 tlsmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
trace unix - - n - 0 bounce
verify unix - - n - 1 verify
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
smtp unix - - n - - smtp
relay unix - - n - - smtp
-o fallback_relay=
showq unix n - n - - showq
error unix - - n - - error
retry unix - - n - - error
discard unix - - n - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil
scache unix - - n - 1 scache
maildrop unix - n n - - pipe
flags=DRhu user=vmail:vmail argv=/usr/bin/maildrop -w 90 -d ${recipient}
old-cyrus unix - n n - - pipe
flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
cyrus unix - n n - - pipe
user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=bsmtp argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
#################################AntiSpamm Start #######################
############################
amavisfeed unix - - n - 2 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
-o disable_dns_lookups=yes
-o max_use=20
#
127.0.0.1:10025 inet n - n - - smtpd
-o content_filter=
-o smtpd_delay_reject=no
-o smtpd_client_restrictions=permit_mynetworks,reject
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o smtpd_data_restrictions=reject_unauth_pipelining
-o smtpd_end_of_data_restrictions=
-o smtpd_restriction_classes=
-o mynetworks=127.0.0.0/8
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
-o smtpd_client_connection_count_limit=0
-o smtpd_client_connection_rate_limit=0
-o receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_milters
-o local_header_rewrite_clients=
#################################AntiSpamm End #############################
######################
配置Apache:

mkdir -pv /var/www/extsuite
vi /etc/httpd.conf

ServerName mail.test.com
DocumentRoot /var/www/extsuite/extmail/html/
ScriptAlias /extmail/cgi /var/www/extsuite/extmail/cgi
Alias /extmail /var/www/extsuite/extmail/html
ScriptAlias /extman/cgi /var/www/extsuite/extman/cgi
Alias /extman /var/www/extsuite/extman/html
SuexecUserGroup vmail vmail
Alias /phpadmin /var/www/phpadmin
增加Apache的虚拟主机支持:

cp /etc/extra/httpd-vhosts.conf /etc/extra/httpd-vhosts.conf.bak
# 这个文件中的内容和上面是一样的,这里就不贴出来了
安装PCRE及Zlib:

    这个主要是为了支持后面的一些组件.
tar jxvf pcre-7.2.tar.bz2         
cd pcre-7.2         
./confugure         
make         
make install
tar zxvf zlib-1.2.3.tar.gz         
cd zlib-1.2.3         
./configure --prefix=/usr --shared         
make         
make install
安装courier-imap组件:

export COURIERAUTHCONFIG=/usr/local/authlib/bin/courierauthconfig
tar jxvf courier-imap-4.1.3.tar.bz2
cd courier-imap-4.1.3
./configure --prefix=/usr/local/imap -with-redhat --disable-root-check \
--sysconfdir=/etc --enable-unicode=utf-8,iso-8859-1,gb2312,gbk,gb18030 \
--with-trashquota --with-dirsync --disable-root-check
make
make install
make install-configure
cp courier-imap.sysvinit /usr/local/imap/sbin/imapd
chmod +x /usr/local/imap/sbin/imapd
/usr/local/imap/sbin/imapd start
cp courier-imap.sysvinit /etc/rc.d/init.d/courier-imapd
chmod 755 /etc/rc.d/init.d/courier-imapd
chkconfig --add courier-imapd
chkconfig --level 2345 courier-imapd on
安装maildrop组件:

tar jxvf maildrop-2.0.4.tar.bz2
cd maildrop-2.0.4
ln -sv /usr/local/authlib/bin/courierauthconfig /usr/bin
ln -sv /usr/local/authlib/include/* /usr/include
./configure --prefix=/usr/local/maildrop --enable-sendmail=/usr/sbin/sendmail \
--enable-trusted-users='root vmail' --enable-syslog=1 --enable-maildirquota \
--enable-maildrop-uid=1001 --enable-maildrop-gid=1001 --with-trashquota --with-dirsync
make
make install
cp /usr/local/maildrop/bin/maildrop /usr/bin
maildrop -v  ##这里一定要测试一下是否安装成功,要有authlib的提示才行

设置maildroprc文件:

vi /etc/maildroprc
logfile "/var/log/maildrop.log"
TEST="/bin/test -f"
#
# Check for custom user .mailfilter file
#
CUSTOM_FILTER="$HOME/.mailfilter"
`$TEST $CUSTOM_FILTER && exit 1 || exit 0`
if ( $RETURNCODE == 0 )
{
to "$HOME/Maildir"
}
安装clamav:

tar zxvf clamav-0.91.2.tar.gz         
cd clamav-0.91.2         
./configure --prefix=/usr/local/clamav \         
--with-dbdir=/usr/local/share/clamav --disable-zlib-vcheck \         
--sysconfdir=/etc/clamav         
make         
make install
mkdir /var/log/clamav         
chmod -R 744 /var/log/clamav         
chown -R amavis:amavis /var/log/clamav         
chown -R amavis.amavis /usr/local/share/clamav         
mkdir /var/run/clamav         
chmod 700 /var/run/clamav         
chown amavis.amavis /var/run/clamav
设置clamav的freshclam.cf:

mv /etc/clamav/freshclam.conf /etc/clamav/freshclam.conf.old
vi /etc/clamav/freshclam.conf
DatabaseDirectory /usr/local/share/clamav
UpdateLogFile /var/log/clamav/freshclam.log
LogVerbose yes
LogSyslog yes
LogFacility LOG_MAIL
PidFile /var/run/freshclam.pid
DatabaseOwner amavis
DatabaseMirror db.CN.clamav.net
DatabaseMirror database.clamav.net
设置clamav的clamd.conf文件:

mv /etc/clamav/clamd.conf /etc/clamav/clamd.conf.old
vi /etc/clamav/clamd.conf
LogFile /var/log/clamav/clamd.log
LogFacility LOG_MAIL
LogVerbose yes
PidFile /var/run/clamav/clamd.pid
DatabaseDirectory /usr/local/share/clamav
LocalSocket /var/run/clamav/clamd.socket
StreamMaxLength 20M
User amavis
ScanPDF yes
ScanMail yes
PhishingSignatures yes
ScanArchive yes
设定防病毒软件clamav的升级及启动时间:

cp contrib/init/RedHat/clamd /etc/rc.d/init.d/clamd         
cp contrib/init/RedHat/clamav-milter /etc/rc.d/init.d/clamav-milter         
chkconfig --add clamd         
chkconfig --add clamav-milter         
chkconfig --level 2345 clamd on         
chkconfig --level 2345 clamav-milter on         
echo "/usr/local/clamav/lib" >> /etc/ld.so.conf         
ldconfig -v
vi /etc/rc.d/init.d/clamd         
progdir="/usr/local/clamav/sbin"
service clamd start
crontab -e         
37 * * * * /usr/local/clamav/bin/freshclam
/usr/local/clamav/bin/freshclam
安装amavisd:

tar zxvf amavisd-new-2.5.2.tar.gz
cd amavisd-new-2.5.2
mkdir -p /var/amavis /var/amavis/tmp /var/amavis/var /var/amavis/db
chown -R amavis:amavis /var/amavis
chmod -R 750 /var/amavis
cp amavisd /usr/local/sbin/
chown root /usr/local/sbin/amavisd
chmod 755 /usr/local/sbin/amavisd
cp amavisd.conf /etc/
chown root /etc/amavisd.conf
chmod 644 /etc/amavisd.conf
mkdir /var/virusmails
chown amavis:amavis /var/virusmails
chmod 750 /var/virusmails
配置amavisd:

  vi /etc/amavisd.conf         
  use strict;         
  $max_servers = 8; # num of pre-forked children (2..15 is common), -m         
  $daemon_user = 'amavis'; # (no default; customary: vscan or amavis), -u         
  $daemon_group = 'amavis'; # (no default; customary: vscan or amavis), -g         
  $mydomain = 'test.com'; # a convenient default for other settings         
  $MYHOME = '/var/amavis'; # a convenient default for other settings, -H         
  $TEMPBASE = "$MYHOME/tmp"; # working directory, needs to exist, -T         
  $ENV{TMPDIR} = $TEMPBASE; # environment variable TMPDIR, used by SA, etc.         
  $QUARANTINEDIR = '/var/virusmails'; # -Q         
  $log_level = 0; # verbosity 0..5, -d         
  $log_recip_templ = undef; # disable by-recipient level-0 log entries         
  $DO_SYSLOG = 1; # log via syslogd (preferred)         
  $syslog_facility = 'mail'; # Syslog facility as a string         
  $syslog_priority = 'debug'; # Syslog base (minimal) priority as a string,         
  $enable_db = 1; # enable use of BerkeleyDB/libdb (SNMP and nanny)         
  $enable_global_cache = 1; # enable use of libdb-based cache if $enable_db=1         
  $nanny_details_level = 2; # nanny verbosity: 1: traditional, 2: detailed         
  @local_domains_maps = ( [".$mydomain"] ); # list of all local domains         
  @mynetworks = qw( 127.0.0.0/8 [::1] [FE80::]/10 [FEC0::]/10         
  10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 );         
  $unix_socketname = "$MYHOME/amavisd.sock"; # amavisd-release or amavis-milter         
  $inet_socket_port = 10024; # listen on this local TCP port(s)         
  $policy_bank{'MYNETS'} = { # mail originating from @mynetworks         
  originating => 1, # is true in MYNETS by default, but let's make it explicit         
  os_fingerprint_method => undef, # don't query p0f for internal clients         
  };         
  $policy_bank{'ORIGINATING'} = { # mail supposedly originating from our users         
  originating => 1, # declare that mail was submitted by our smtp client         
  allow_disclaimers => 1, # enables disclaimer insertion if available         
  virus_admin_maps => ["postmaster\@$mydomain"],         
  spam_admin_maps => ["postmaster\@$mydomain"],         
  warnbadhsender => 1,         
  forward_method => 'smtp:[127.0.0.1]:10025',         
  smtpd_discard_ehlo_keywords => ['8BITMIME'],         
  bypass_banned_checks_maps => [1], # allow sending any file names and types         
  terminate_dsn_on_notify_success => 0, # don't remove NOTIFY=SUCCESS option         
  };         
  $interface_policy{'SOCK'} = 'AM.PDP-SOCK'; # only applies with $unix_socketname         
  $policy_bank{'AM.PDP-SOCK'} = {         
  protocol => 'AM.PDP',         
  auth_required_release => 0, # do not require secret_id for amavisd-release         
  };         
  $sa_tag_level_deflt = 100; # add spam info headers if at, or above that level         
  $sa_tag2_level_deflt = 6.3; # add 'spam detected' headers at that level         
  $sa_kill_level_deflt = $sa_tag2_level_deflt; # triggers spam evasive actions (e.g. blocks mail)         
  $sa_dsn_cutoff_level = 10; # spam level beyond which a DSN is not sent         
  $penpals_bonus_score = 8; # (no effect without a @storage_sql_dsn database)         
  $penpals_threshold_high = $sa_kill_level_deflt; # don't waste time on hi spam         
  $sa_mail_body_size_limit = 400*1024; # don't waste time on SA if mail is larger         
  $sa_local_tests_only = 0; # only tests which do not require internet access?         
  $virus_admin = "postmaster\@$mydomain"; # notifications recip.         
  $mailfrom_notify_admin = "postmaster\@$mydomain"; # notifications sender         
  $mailfrom_notify_recip = "postmaster\@$mydomain"; # notifications sender         
  $mailfrom_notify_spamadmin = "postmaster\@$mydomain"; # notifications sender         
  $mailfrom_to_quarantine = ''; # null return path; uses original sender if undef         
  @addr_extension_virus_maps = ('virus');         
  @addr_extension_banned_maps = ('banned');         
  @addr_extension_spam_maps = ('spam');         
  @addr_extension_bad_header_maps = ('badh');         
  $path = '/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin';         
  $MAXLEVELS = 14;         
  $MAXFILES = 1500;         
  $MIN_EXPANSION_QUOTA = 100*1024; # bytes (default undef, not enforced)         
  $MAX_EXPANSION_QUOTA = 300*1024*1024; # bytes (default undef, not enforced)         
  $sa_spam_subject_tag = '***SPAM*** ';         
  $defang_virus = 1; # MIME-wrap passed infected mail         
  $defang_banned = 1; # MIME-wrap passed mail containing banned name         
  $defang_by_ccat{+CC_BADH.",3"} =1;         
  $defang_by_ccat{+CC_BADH.",5"} = 1; # header line longer than 998 characters         
  $defang_by_ccat{+CC_BADH.",6"} = 1; # header field syntax error         
  $notify_method = 'smtp:[127.0.0.1]:10025';         
  $forward_method = 'smtp:[127.0.0.1]:10025'; # set to undef with milter!         
  $final_virus_destiny = D_DISCARD;         
  $final_banned_destiny = D_DISCARD;         
  $final_spam_destiny = D_PASS;         
  @keep_decoded_original_maps = (new_RE(         
  qr'^MAIL-UNDECIPHERABLE$', # recheck full mail if it contains undecipherables         
  qr'^(ASCII(?! cpio)|text|uuencoded|xxencoded|binhex)'i,         
  ));         
  $banned_filename_re = new_RE(         
  qr'^\.(exe-ms|dll)$', # banned file(1) types, rudimentary         
  [ qr'^\.(rpm|cpio|tar)$' => 0 ], # allow any in Unix-type archives         
  qr'.\.(pif|scr)$'i, # banned extensions - rudimentary         
  qr'^application/x-msdownload$'i, # block these MIME types         
  qr'^application/x-msdos-program$'i,         
  qr'^application/hta$'i,         
  qr'\.[^./]*[A-Za-z][^./]*\.\s*(exe|vbs|pif|scr|bat|cmd|com|cpl|dll)[.\s]*$'i,         
  qr'.\.(exe|vbs|pif|scr|cpl)$'i, # banned extension - basic         
  );         
  @score_sender_maps = ({ # a by-recipient hash lookup table,         
  '.' => [ # the _first_ matching sender determines the score boost         
  new_RE( # regexp-type lookup table, just happens to be all soft-blacklist         
  [qr'^(bulkmail|offers|cheapbenefits|earnmoney|foryou)@'i => 5.0],         
  [qr'^(greatcasino|investments|lose_weight_today|market\.alert)@'i=> 5.0],         
  [qr'^(money2you|MyGreenCard|new\.tld\.registry|opt-out|opt-in)@'i=> 5.0],         
  [qr'^(optin|saveonlsmoking2002k|specialoffer|specialoffers)@'i => 5.0],         
  [qr'^(stockalert|stopsnoring|wantsome|workathome|yesitsfree)@'i => 5.0],         
  [qr'^(your_friend|greatoffers)@'i => 5.0],         
  [qr'^(inkjetplanet|marketopt|MakeMoney)\d*@'i => 5.0],         
  ),         
  { # a hash-type lookup table (associative array)         
'[email][email protected][/email]' => -3.0,         
'[email][email protected][/email]' => -3.0,         
'[email][email protected][/email]' => -3.0,         
'[email][email protected][/email]' => -3.0,         
  'securityfocus.com' => -3.0,         
'[email][email protected][/email]'  => -3.0,         
'[email][email protected][/email]'  => -3.0,         
'[email][email protected][/email]'  => -3.0,         
'[email][email protected][/email]'=>          -3.0,         
'[email][email protected][/email]'  => -3.0,         
  'spamassassin.apache.org' => -3.0,         
'[email][email protected][/email]'  => -3.0,         
'[email][email protected][/email]'  => -3.0,         
'[email][email protected][/email]' =>          -3.0,         
'[email][email protected][/email]'  => -3.0,         
'[email][email protected][/email]'  => -3.0,         
'[email][email protected][/email]' => -3.0,         
'ca+[email][email protected][/email]' => -3.0,         
'[email][email protected][/email]' => -3.0,         
'[email][email protected][/email]' =>          -3.0,         
'[email][email protected][/email]' =>          -3.0,         
'[email][email protected][/email]'  => -3.0,         
'[email][email protected][/email]' =>          -3.0,         
'[email][email protected][/email]' => -3.0,         
'[email][email protected][/email]' => -3.0,         
'[email][email protected][/email]' => -5.0,         
'[email][email protected][/email]' =>          -3.0,         
  'returns.groups.yahoo.com' => -3.0,         
'[email][email protected][/email]' =>          -3.0,         
  lc('[email][email protected][/email]')          => -3.0,         
  lc('[email][email protected][/email]')          => -5.0,
  # soft-blacklisting (positive score)         
'[email][email protected][/email]' => 3.0,         
  '.example.net' => 1.0,
  },         
  ], # end of site-wide tables         
  });         
  @decoders = (         
  ['mail', \&do_mime_decode],         
  ['asc', \&do_ascii],         
  ['uue', \&do_ascii],         
  ['hqx', \&do_ascii],         
  ['ync', \&do_ascii],         
  ['F', \&do_uncompress, ['unfreeze','freeze -d','melt','fcat'] ],         
  ['Z', \&do_uncompress, ['uncompress','gzip -d','zcat'] ],         
  ['gz', \&do_uncompress, 'gzip -d'],         
  ['gz', \&do_gunzip],         
  ['bz2', \&do_uncompress, 'bzip2 -d'],         
  ['lzo', \&do_uncompress, 'lzop -d'],         
  ['rpm', \&do_uncompress, ['rpm2cpio.pl','rpm2cpio'] ],         
  ['cpio', \&do_pax_cpio, ['pax','gcpio','cpio'] ],         
  ['tar', \&do_pax_cpio, ['pax','gcpio','cpio'] ],         
  ['deb', \&do_ar, 'ar'],         
  ['zip', \&do_unzip],         
  ['7z', \&do_7zip, ['7zr','7za','7z'] ],         
  ['rar', \&do_unrar, ['rar','unrar'] ],         
  ['arj', \&do_unarj, ['arj','unarj'] ],         
  ['arc', \&do_arc, ['nomarch','arc'] ],         
  ['zoo', \&do_zoo, ['zoo','unzoo'] ],         
  ['lha', \&do_lha, 'lha'],         
  ['doc', \&do_ole, 'ripole'],         
  ['cab', \&do_cabextract, 'cabextract'],         
  ['tnef', \&do_tnef_ext, 'tnef'],         
  ['tnef', \&do_tnef],         
  ['exe', \&do_executable, ['rar','unrar'], 'lha',          ['arj','unarj'] ],         
  );         
  @av_scanners = (         
  ['ClamAV-clamd',         
  \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd.socket"],         
  qr/\bOK$/, qr/\bFOUND$/,         
  qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],         
  );         
  @av_scanners_backup = (         
  ['ClamAV-clamscan', 'clamscan',         
  "--stdout --no-summary -r --tempdir=$TEMPBASE {}",         
  [0], qr/:.*\sFOUND$/, qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],         
  );         
  1; # insure a defined return
测试amavisd:

    一般来讲,第一次启用的时候会提示有很多的Perl支持包没有安装,这里可以通过自动或手动的方式来进行安装,不过自动的方式最后还是有一部份安装不上,手工安装的方法可以参考我以前的那篇文章.
/usr/local/sbin/amavisd debug
cpan                                                             ##设置CPAN自动安装
perl MCPAN -e shell
install Time::HiRes IO::Wrap IO::Stringy Unix::Syslog Compress::Zlib MIME::Words \
MIME::Head MIME::Body MIME::Entity MIME::Parser MIME::Decoder MIME::Decoder::Base64 \
MIME::Decoder::Binary MIME::Decoder::QuotedPrint MIME::Decoder::NBit \
MIME::Decoder::UU MIME::Decoder::Gzip64 Net::Server Net::Server::PreFork
  安装完了后再测试,如果自动安装不了就改为手动,直到测试成功.这里可能是最考验耐心的时候.  

 测试spamassassin并启动amavisd及postfix:
vi /etc/mail/spamassassin/local.cf         
required_score 5.0         
report_safe 1         
lock_method flock         
required_score 5.0         
use_bayes 1         
use_pyzor 0         
use_razor2 0         
bayes_auto_learn 0         
ok_locales all         
spamassassin -d --lint         
/usr/bin/spamd -d         
echo "/usr/bin/spamd -d" >> /etc/rc.local
/usr/local/sbin/amavisd          
postfix start
测试Postfix:



安装并设置extmail

tar zxvf extmail-1.0.4.tar.gz
mv extmail-1.0.4 /var/www/extsuite/extmail
tar zxvf extman-0.2.4.tar.gz
mv extman-0.2.4 /var/www/extsuite/extman
cd /var/www/extsuite/extmail/
cp webmail.cf.default webmail.cf
vi webmail.cf
vi ../extman/webman.cf
更改和建立相关文件:

mkdir /tmp/extman          
chown -R vmail:vmail /tmp/extman          
chown -R vmail:vmail /var/www/extsuite/extmail          
chown -R vmail:vmail /var/www/extsuite/extman
touch /var/log/maildrop.log          
chown vmail.vmail /var/log/maildrop.log
设置webmail.cf:

# sys_config, the config file and webmail programe root         
SYS_CONFIG = /var/www/extsuite/extmail/
# sys_langdir, the i18n dir         
SYS_LANGDIR = /var/www/extsuite/extmail/lang
# sys_templdir, the template dir         
SYS_TEMPLDIR = /var/www/extsuite/extmail/html
# sys_warn, show system warning or not, default to yes         
SYS_SHOW_WARN = 0
# sys_permit_noquota, permit an account without qouta?         
SYS_PERMIT_NOQUOTA = 1
# sys_sess_dir, the session dir         
SYS_SESS_DIR = /tmp/
# sys_log_on = 1 | 0 - enable logging or not         
SYS_LOG_ON = 1
# sys_log_type = file|syslog|nsyslog, syslog will save login         
# or error info into mail.*, nsyslog is a replacement to syslog         
# that will send log message to network syslogd         
SYS_LOG_TYPE = syslog
# sys_log_file - path to log file, if sys_log_type = file         
SYS_LOG_FILE = /var/log/extmail.log
# sys_sess_timeout, session timeout, default 3 hours (3h) format:         
# number+(s|m|h|d|M|y); or only number, the 0 means that the         
# session will last for 0 seconds, but if you specify the         
# sys_sess_cookie_only = 1 then it means the session will expire         
# after you close your browser :)         
SYS_SESS_TIMEOUT = 0
# sys_sess_cookie_only = 0|1 use cookie only or include cgi "sid"         
# parameter ? if set to true(1), the session will be expired after         
# sys_sess_timeout if there is no any active request from browser         
SYS_SESS_COOKIE_ONLY = 1
# sys_user_psize, user default page_size         
SYS_USER_PSIZE = 10
# sys_user_tsize, user mail subject truncate size, valid type:         
# auto    => full text         
# screen1 => 800x600         
# screen2 => 1024x768         
# screen3 => 1280x1024         
SYS_USER_SCREEN = auto
# sys_user_lang, user default language         
SYS_USER_LANG = zh_CN
# sys_app_type, the app type: WebMail or ExtMan? It must be the same         
# as prefix part of language package name, eg: WebMail::en_US         
SYS_APP_TYPE = WebMail
# sys_user_template, user default template         
SYS_USER_TEMPLATE = default
# sys_user_charset, user default charset         
SYS_USER_CHARSET = utf-8
# sys_user_trylocal, user default outgoing encoding mechanism         
SYS_USER_TRYLOCAL = 1
# sys_user_timezone, user default timezone         
SYS_USER_TIMEZONE = +0800
# sys_user_* default parameters         
SYS_USER_CCSENT = 1         
SYS_USER_SHOW_HTML = 1         
SYS_USER_COMPOSE_HTML = 1         
SYS_USER_CONV_LINK =1         
SYS_USER_ADDR2ABOOK = 1
# sys_message_size_limit, default message size limit per user         
# count as byte(s), eg: 5242880 means 5MB         
SYS_MESSAGE_SIZE_LIMIT = 5242880
# sys_min_pass_len, minimal password length, default 2         
SYS_MIN_PASS_LEN = 2
# sys_mfilter_on, default is off         
SYS_MFILTER_ON = 1
# sys_netdisk_on, default is off         
SYS_NETDISK_ON = 1
# sys_show_signup, default is on, this feature need extman         
# 0.2.2 or higher version, built with signup serivce         
SYS_SHOW_SIGNUP = 1
# sys_debug_on, default is off         
SYS_DEBUG_ON = 1
# sys auth type, mysql/ldap/authlib         
SYS_AUTH_TYPE = ldap
# maildir_base, the base dir of user maildir, use absolute path         
# if not set.         
SYS_MAILDIR_BASE = /var/mailbox
# sys_auth_schema, vpopmail1/vpopmail2/virtual         
# vpopmail1 => all user accounts in one table         
# vpopmail2 => accounts in per domain table         
SYS_AUTH_SCHEMA = virtual
# crypt_type, the default encrypt type of password, possible type         
# currently is crypt|cleartext|plain|md5|md5crypt|plain-md5|ldap-md5|sha|sha1         
SYS_CRYPT_TYPE = md5crypt
# if mysql, all relate parameters should prefix as SYS_MYSQL         
# SYS_MYSQL_USER = extmail         
# SYS_MYSQL_PASS = db_pass         
# SYS_MYSQL_DB = extmail         
# SYS_MYSQL_HOST = localhost         
# SYS_MYSQL_SOCKET = /var/lib/mysql/mysql.sock         
# table name         
# SYS_MYSQL_TABLE = mailbox         
# SYS_MYSQL_ATTR_USERNAME = username         
# SYS_MYSQL_ATTR_DOMAIN = domain         
# SYS_MYSQL_ATTR_PASSWD = password         
# sys_mysql_attr_clearpw - attribute to save clear password, useful for         
# postmaster withdraw the original passwd if the end user forgot, but         
# we highly recommend that you don't enable it for security reason         
# SYS_MYSQL_ATTR_CLEARPW = clearpwd         
# SYS_MYSQL_ATTR_QUOTA = quota         
# SYS_MYSQL_ATTR_NDQUOTA = netdiskquota         
# SYS_MYSQL_ATTR_HOME = homedir         
# SYS_MYSQL_ATTR_MAILDIR = maildir         
# service enable/disable attributes         
# comment them out if you don't want their function         
# SYS_MYSQL_ATTR_DISABLEWEBMAIL = disablewebmail         
# SYS_MYSQL_ATTR_DISABLENETDISK = disablenetdisk         
# SYS_MYSQL_ATTR_DISABLEPWDCHANGE = disablepwdchange         
# SYS_MYSQL_ATTR_ACTIVE = active
# if ldap, all relate parameters should prefix as SYS_LDAP         
SYS_LDAP_BASE = o=extmailAccount,dc=test.com         
SYS_LDAP_RDN = cn=Manager,dc=test.com         
SYS_LDAP_PASS = password         
SYS_LDAP_HOST = ldap.test.com         
# ldif attributes         
SYS_LDAP_ATTR_USERNAME = mail         
SYS_LDAP_ATTR_DOMAIN = virtualDomain         
SYS_LDAP_ATTR_PASSWD = userPassword         
# sys_ldap_attr_clearpw - attribute to save clear password, useful for         
# postmaster withdraw the original passwd if the end user forgot, but         
# we highly recommend that you don't enable it for security reason         
# SYS_LDAP_ATTR_CLEARPW = clearPassword         
SYS_LDAP_ATTR_QUOTA = mailQuota         
SYS_LDAP_ATTR_NDQUOTA = netdiskQuota         
SYS_LDAP_ATTR_HOME = homeDirectory         
SYS_LDAP_ATTR_MAILDIR = mailMessageStore         
# service enable/disable attributes         
# comment them out if you don't want their function         
# SYS_LDAP_ATTR_DISABLEWEBMAIL = disablewebmail         
# SYS_LDAP_ATTR_DISABLENETDISK = disablenetdisk         
# SYS_LDAP_ATTR_DISABLEPWDCHANGE = disablePasswdChange         
SYS_LDAP_ATTR_ACTIVE = active
# if authlib, all relate parameters should prefix as AUTHLIB         
SYS_AUTHLIB_SOCKET = /var/spool/authdaemon/socket
# Global Abook support         
# sys_g_abook_type, global abook type, valid is ldap|file, currently         
# only support ldap, file module is under development :-)         
SYS_G_ABOOK_TYPE = file
# if ldap, all relate parameters should prefix as SYS_G_ABOOK_LDAP         
SYS_G_ABOOK_LDAP_HOST = localhost         
SYS_G_ABOOK_LDAP_BASE = ou=AddressBook,dc=example.com         
SYS_G_ABOOK_LDAP_ROOTDN = cn=Manager,dc=example.com         
SYS_G_ABOOK_LDAP_ROOTPW = secret         
SYS_G_ABOOK_LDAP_FILTER = objectClass=OfficePerson
# if file, all relate parameters should prefix as SYS_G_ABOOK_FILE         
SYS_G_ABOOK_FILE_PATH = /var/www/extsuite/extmail/globabook.cf         
SYS_G_ABOOK_FILE_LOCK = 1         
SYS_G_ABOOK_FILE_CONVERT = 0         
SYS_G_ABOOK_FILE_CHARSET = utf-8
设置webman.cf:

# sys_config, the config file and webman programe root         
SYS_CONFIG = /var/www/extsuite/extman/
# sys_langdir, the i18n dir         
SYS_LANGDIR = /var/www/extsuite/extman/lang
# sys_templdir, the template dir         
SYS_TEMPLDIR = /var/www/extsuite/extman/html
# maildir_base, the base dir of user maildir, use absolute path         
# if not set.         
SYS_MAILDIR_BASE = /var/mailbox
# sys_warn, show system warning or not, default to yes         
SYS_SHOW_WARN = 0
# sys_sess_dir, the session dir         
SYS_SESS_DIR = /tmp/extman/
# sys_captcha_on 1|0 - to enable captcha feature or not         
SYS_CAPTCHA_ON = 0
# sys_captcha_key         
SYS_CAPTCHA_KEY = r3s9b6a7
# sys_captcha_len         
SYS_CAPTCHA_LEN = 6
# sys_purge_data - to completely destroy user's mailbox or not?         
SYS_PURGE_DATA = 0
# sys_sess_timeout, session timeout in seccond, default 6 hours         
# SYS_SESS_TIMEOUT = 21600
# sys_user_psize, user default page_size         
SYS_PSIZE = 50
# sys_user_lang, user default language         
SYS_LANG = zh_CN
# sys_app_type, the app type: WebMail or ExtMan? It must be the same         
# as prefix part of language package name, eg: WebMail::en_US         
SYS_APP_TYPE = ExtMan
# sys_template_name, the template name         
SYS_TEMPLATE_NAME = default
# web management related restritions         
# sys_default_expire, valid value: ?y ?m ?d         
SYS_DEFAULT_EXPIRE = 1y
# sys_groupmail_sender - sender for groupmail, this account must         
# exist or postfix or other mta will complain error         
SYS_GROUPMAIL_SENDER = [email][email protected][/email]
# sys_default_services, valid value: smtpd, smtp, webmail, netdisk,         
# imap and pop3, concatenate with "," as multiple values, eg: webmail,smtpauth         
SYS_DEFAULT_SERVICES = webmail,smtpd,smtp,pop3,netdisk
# sys_isp_mode, yes|no - if yes, use our HashDir to spread         
# storage to multiple directories         
SYS_ISP_MODE = no
# sys_domain_hashdir = yes|no, if yes we will enable domain hashdir         
# depend on sys_isp_mode = yes         
SYS_DOMAIN_HASHDIR = yes
# sys_domain_hashdir_depth, the hash length and depth, format:         
# length x depth, eg: 2x1 => length =2, depth =1         
# depend on sys_isp_mode = yes         
SYS_DOMAIN_HASHDIR_DEPTH = 2x2
# sys_user_hashdir = yes|no, if yes we will enable user hashdir         
# depend on sys_isp_mode = yes         
SYS_USER_HASHDIR = yes
# sys_user_hashdir_depth, similar to sys_hashdir_domain_depth         
SYS_USER_HASHDIR_DEPTH = 2x2         
# XXX FIXME         
# experimental feature, per domain tranport/routing capability         
# same config style as SYS_USER_ROUTING_LIST         
# SYS_DOMAIN_ROUTING_LIST = lmtp:mx1.extmail.org,lmtp:mx2.extmail.org
# XXX FIXME         
# experimental feature, per user routing capability         
# please specify routing info, concatenate with "," as multiple list         
# members, eg: smtp:mx1.abc.com,smtp:mx2.abc.com         
# SYS_USER_ROUTING_LIST = smtp:[192.168.2.130],smtp:[192.168.2.128]
# sys_min_uid, the minimal uid         
SYS_MIN_UID = 500
# sys_min_gid, the minimal gid         
SYS_MIN_GID = 100
# sys_default_uid, if not set, webman will ignore it         
SYS_DEFAULT_UID = 1001
# sys_default_gid, if not set, webman will ignore it         
SYS_DEFAULT_GID = 1001
# sys_quota_multiplier, in bytes, default to 1 MB         
SYS_QUOTA_MULTIPLIER = 1048576
# sys_quota_type, valid type: vda|courier         
SYS_QUOTA_TYPE = courier
# maxquota, alias, users and netdisk quota for domain         
SYS_DEFAULT_MAXQUOTA = 10000         
SYS_DEFAULT_MAXALIAS = 10000         
SYS_DEFAULT_MAXUSERS = 1000         
SYS_DEFAULT_MAXNDQUOTA = 500
# per user default quota, netdisk quota and expire         
SYS_USER_DEFAULT_QUOTA = 5         
SYS_USER_DEFAULT_NDQUOTA = 5         
SYS_USER_DEFAULT_EXPIRE = 1y
# sys_backend_type mysql|ldap         
SYS_BACKEND_TYPE = ldap
# sys_crypt_type: crypt|cleartext|plain|md5|md5crypt|plain-md5|ldap-md5|sha|sha1         
SYS_CRYPT_TYPE = md5crypt
# if mysql, all relate paramters should prefix as SYS_MYSQL         
SYS_MYSQL_USER = webman         
SYS_MYSQL_PASS = webman         
SYS_MYSQL_DB = extmail         
SYS_MYSQL_HOST = localhost         
SYS_MYSQL_SOCKET = /var/lib/mysql/mysql.sock         
# table name         
SYS_MYSQL_TABLE = manager         
SYS_MYSQL_ATTR_USERNAME = username         
SYS_MYSQL_ATTR_PASSWD = password         
# comment it if you only want to save crypted password         
# we highly recommend that you disable the following line :)         
# SYS_MYSQL_ATTR_CLEARPW = clearpwd
# if ldap, all relate paramters should prefix as SYS_LDAP         
SYS_LDAP_BASE = dc=test.com         
SYS_LDAP_RDN = cn=Manager,dc=test.com         
SYS_LDAP_PASS = password         
SYS_LDAP_HOST = localhost         
# ldif attributes         
SYS_LDAP_ATTR_USERNAME = mail         
SYS_LDAP_ATTR_PASSWD = userPassword         
# comment it if you only want to save crypted password         
# we highly recommend that you disable the following line :)         
# SYS_LDAP_ATTR_CLEARPW = clearPassword
# sys_rrd_datadir, the full path of rrd data         
SYS_RRD_DATADIR = /var/lib
# sys_rrd_tmpdir, the temp dir for graph         
SYS_RRD_TMPDIR = /tmp/viewlog
# sys_rrd_queue_on, yes|no, show queue or not         
SYS_RRD_QUEUE_ON = yes
安装phpldapadmin:

   这个我的前一篇文章有介绍,这里就不啰嗦了,给两张图吧,它的安装和设置都不麻烦.而且配置文件的修改也只是很少的方面.  


多域名测试:
邮件发送及日志测试: