1.组件

操作系统centos5.4

postfix:MTA

clamd:反病毒引擎

spamassassin:反垃圾邮件

amavisd-new:是邮件代理服务器(MTA)和防毒软件之间的中间件

fail2ban:防止邮箱暴力破解

2.工作原理

postfix邮件网关代理outlook_第1张图片

第一步:postfix 接收邮件(MTA)

postfix,通过25端口,接受所有的邮件

第二步:邮件交给amavisd-new

amavisd-new负责调用clamd对邮件进行病毒扫描,负责调用SpamAssassin对邮件内容进行过滤;amavisd-new通过10025端口还给postfix

第三步:邮件返还给postfx

第四步:postfix在传递给exchange

3.安装过程

停止sendmail服务,防止25端口占用

(1)设定cdrom源 和EPEL源,这步省略

(2)yum安postfix、fail2ban

# yum –y install fail2ban

# servic fail2ban start

# yum –y install postfix

(3)yum安装安装病毒过滤组件clamd

#groupadd clamav

#useradd -g clamav -s /sbin/nologin -M clamav 

#groupadd amavis

#useradd -g amavis -s /sbin/nologin -M amavis

#yum install clamd

#vim /etc/clamd.conf

修改

User amavis

#chown -R amavis.amavis /var/log/clamav

#chown -R amavis.amavis /var/run/clamav

#service clamd start

# vim /etc/freshclam.conf

修改

DatabaseOwneramavis

#chown -R  amavis.amavis /var/lib/clamav

#freshclam

(4)yum安装反垃圾邮件spamassassin

#yum install spamassassin

#vim /etc/mail/spamassassin/local.cf

########new###################

required_score5.0

rewrite_headerSubject ****SPAM****

report_safe    1

use_bayes      1

bayes_auto_learn    1

skip_rbl_checks     1

use_razor2     0

use_pyzor      0

ok_locales     all

#service spamassassin start

(5)yum安装amavisd-new

#yum install amavisd-new

#gpasswd -a clamav amavis

#usermod -G amavis clamav

#chown amavis.amavis /var/spool/amavisd

#chown amavis.amavis /var/spool/amavisd/tmp

#chmod 750 /var/spool/amavisd/tmp

#vim /etc/amavisd/amavisd.conf

修改

$daemon_user  = 'amavis';   

$daemon_group= 'amavis';    #yum安装时会自动创建组和账户

$mydomain= 'example.com';   # Exchange或者其它邮件系统的邮件域

$myhostname='mail.example.com';# Exchange

$virus_admin               ="postmaster\@$mydomain";

$mailfrom_notify_admin     = "postmaster\@$mydomain";

$mailfrom_notify_recip     = "postmaster\@$mydomain";

$mailfrom_notify_spamadmin= "postmaster\@$mydomain";

virus_admin_maps=> ["postmaster\@$mydomain"],(指定报告病毒和垃圾邮件时发送系统邮件的用户身份)

spam_admin_maps  => ["postmaster\@$mydomain"],

########NEW##########

 ['ClamAV-clamd',

    \&ask_daemon, ["CONTSCAN {}\n","/var/run/clamav/clamd.sock"],

    qr/\bOK$/m, qr/\bFOUND$/m,

     qr/^.*?: (?!Infected Archive)(.*) FOUND$/m],

#service amavisd start

(6)postfix关联clam、spamassassin和amavisd-new

# vim /etc/postfix/master.cf

###########add#############

amavisfeed unix -      -      n       -       2      smtp

        -osmtp_data-done_timeout=1200

        -odisable_dns_lookup=yes

 

127.0.0.1:10025 inet n  -      n       -       -      smtpd

        -ocontent_filter=

        -olocal_recipient_maps=

        -orelay_recipient_maps=

        -osmtpd_restriction_classes=

        -osmtpd_client_restrictions=

        -osmtpd_helo_restrictions=

        -osmtpd_sender_restrictions=

        -osmtpd_recipient_restrictions=permit_mynetworks,reject

        -omynetworks=127.0.0.0/8

        -ostrict_rfc821_envelopes=yes

# vim/etc/postfix/main.cf

smtpd_client_restrictions =

    reject_rbl_client rbl.anti-spam.cn

content_filter = amavisfeed:[127.0.0.1]:10024

receive_override_options= no_address_mappings

# service postfix start

# netstat -nltp

ActiveInternet connections (only servers)

ProtoRecv-Q Send-Q Local Address              Foreign Address            State       PID/Program name         

tcp        0     0 127.0.0.1:25               0.0.0.0:*                   LISTEN      20719/master           

tcp        0     0 127.0.0.1:10024            0.0.0.0:*                  LISTEN      20540/amavisd (mast

tcp        0     0 127.0.0.1:10025            0.0.0.0:*                   LISTEN      20719/master       

tcp        0     0 127.0.0.1:3310             0.0.0.0:*                   LISTEN      6243/clamd         

tcp        0     0 127.0.0.1:783              0.0.0.0:*                   LISTEN      19863/spamd.pid  

# chkconfig clamd on

# chkconfig spamassassin on

# chkconfig amavisd on

# chkconfig postfix on

# chkconfig fail2ban on

4.邮件网关设置

# vim /etc/postfix/main.cf

relay_domains = test.com   

# vim /etc/postfix/transport

test.com   relay:[192.168.0.1]

# postmap /etc/postfix/transport

# service postfix reload

5.exchange不需做任何修改,包括DNS MX记录,因为是只过略入网请求。

5.防火墙发布,省略

总结:此文借鉴了很多网上的东西才得以完成,非常感谢。测试效果还算不错,仅供大家参考。