网络域名:zygao.org
DNS主机名称:[url]www.zygao.org[/url]
DNS主机IP地址:192.168.1.9
邮件主机名称:[url]www.zygao.org[/url]
邮件主机IP地址:192.168.1.9
操作系统:RedHat Enterprise Server 4U2
操作系统安装过程注意事项截图:
无防火墙和不启动SELinux服务:
连接软件包组时,全选“开发工具”项目内的所有内容;
Step2、安装所需要的软件清单:
postfix-2.2.5-3.rhel4.rpm
postfix-pflogsumm-2.1.5-4.2.rhel4.rpm
cyrus-sasl-2.1.19-5.rhel4.i386.rpm
dovecot-0.99.11-2.rhel4.1.rpm
httpd-2.0.52-12.ent.rpm
perl-Text-Iconv-1.4-1.2.el4.rf.i386.rpm
perl-suidperl-5.8.5-12.1.1.i386.rpm
perl-Compress-Zlib-1.34-1.2.el4.rf.i386.rpm
perl-CGI-SpeedyCGI-2.22-1.2.el4.rf.i386.rpm
perl-5.8.5-12.1.i386.rpm
openwebmail-2.51-1.i386.rpm
---------------------------------------------------------------------
说明:
安装openwebmail 2.51系统所需要的软件可以到下列地址下载:
[url]http://openwebmail.org/openwebmail/download/redhat/rpm/release[/url]
Step3、停止、删除sendmail:
#killall sendmail (停止所有的Sendmaail进程)
rpm –e sendmail –nodeps (删除sendmail程序)
Step4、修改/etc/dovecot.conf文件:
将:#protocols = imap imap3
更改为:
protocols = imap imap3 pop3 pop3s (启动imap imap3 pop3 pop3s功能)
将:auth_passdb = pam
更改为:
auth_passdb = shadow
# service dovecot restart(重新启动dovecot服务)
Step6、修改/etc/postfix/main.cf文件:
将:#myhostname = host.domain.tld
更改为:
myhostname = [url]www.zygao.org[/url] (指定运行Postfix邮件系统的主机名称)
将:#mydomain = domain.tld
更改为:
mydomain = zygao.org (指定Postfix邮件系统使用的域名比例:zygao.org)
将:#myorigin = $mydomain
更改为:
myorigin = zygao.org (指定发件人所在的域名比例:easy.com)
将以下的红色进行更改
#inet_interfaces = all
#inet_interfaces = $myhostname
#inet_interfaces = $myhostname, localhost
inet_interfaces = localhost
更改为:
inet_interfaces = all
#inet_interfaces = $myhostname
#inet_interfaces = $myhostname, localhost
inet_interfaces = 192.168.1.9(指定Postfix邮件系统监视的网络接口)
将:#mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain, mail.$mydomain, [url]www.$mydomain[/url], ftp.$mydomain
更改为:
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain, mail.$mydomain, [url]www.$mydomain[/url],
ftp.$mydomain (指定Postfix接收邮件时收件人的域名,即去掉前面的#号)
将:#mynetworks = 192.168.100.0/28 127.0.0.1/8
更改为:
mynetworks = 192.168.1.0/24, 127.0.0.0/8(指定您所在的网络地址)
# service postfix restart (重新启动postfix服务)
Step7、端口测试:
# telnet mail.easy.com 25 (测试25端口)
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 mail.easy.com ESMTP Postfix
quit
221 Bye
Connection closed by foreign host.
# telnet mail.easy.com 110 (测试110端口)
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
+OK dovecot ready.
quit
+OK Logging out
Connection closed by foreign host.
或用命令: netstat –tnl 查看端口情况
Step8、安装openwebmail 2.51软件:
# rpm -ivh perl-5.8.5-12.1.i386.rpm
# rpm -ivh perl-CGI-SpeedyCGI-2.22-1.2.el4.rf.i386.rpm
# rpm -ivh perl-Compress-Zlib-1.34-1.2.el4.rf.i386.rpm
# rpm -ivh perl-suidperl-5.8.5-12.1.1.i386.rpm
# rpm -ivh perl-Text-Iconv-1.4-1.2.el4.rf.i386.rpm
# rpm -ivh openwebmail-2.51-1.i386.rpm
opwebmail RPM包安装完成后,先进行如下配置
进入openwebmail下面的etc目录进行相关配置,需要修改以下
1./var/www/cgi-bin/openwebmail /etc/openwebmail.conf
2./var/www/cgi-bin/openwebmail/etc/defaults/openwebmail.conf
3./var/www/cgi-bin/openwebmail/etc/defaults/dbm.conf
1./var/www/cgi-bin/openwebmail/etc/openwebmail.conf [只需修改3处]
releasedate 20041126
domainnames gao.org //默认是auto
auth_module auth_unix.pl
mailspooldir /var/spool/mail
ow_cgidir /var/www/cgi-bin/openwebmail
ow_cgiurl /cgi-bin/openwebmail
ow_htmldir /var/www/data/openwebmail
ow_htmlurl /data/openwebmail
logfile /var/log/openwebmail.log
修改语言为中文 将:
default_language auto
改为:
default_language zh_CN.GB2312
图标还是英文将其改为中文
将
default_iconset Default
改成:
default_iconset Cool3D.Chinese.Simplified
2./var/www/cgi-bin/openwebmail/etc/defaults/openwebmail.conf [只需修改2处,把smtpserver和authpop3_server改为相应的IP]
domainnames auto
smtpserver 192.168.1..198
smtpport 25
smtpauth no
enable_pop3 yes
pop3_disallowed_servers your_server, your_server.domain
pop3_delmail_by_default yes
pop3_delmail_hidden no
pop3_usessl_by_default no
authpop3_server 192.168.1.198
authpop3_port 110
3./var/www/cgi-bin/openwebmail/etc/defaults/dbm.conf[只需修改3处],完整的内容如下:
dbm_ext .db
dbmopen_ext .db
dbmopen_haslock yes
smtpserver 192.168.1.198 //添加SMTP服务器的IP地址
上面的文件修改完后,再运行./openwebmail-tool.pl –init执行初始化脚本
[root@AS3 openwebmail]#./openwebmail-tool.pl --init
进行初始化后,无需在Apach里发布openwebmail.
[url]http://192.168.1.9/cgi-bin/openwebmail/openwebmail.pl[/url] 就可访问邮件系统
用Apache发布opwebmail
初始只能用
http://服务器IP/cgi-bin/openwebmail/openwebmail.pl进行访问。
用Apache在80端口发布它,使访问时只需要输入
http://服务器IP 或
[url]http://www.zygao.org[/url] (此例的域名)来进行访问。
写一个 html文件来进行跳转,内容如下
"window.open('http://your_server/cgi-bin/openwebmail/openwebmail.pl','_top')">
或者用:
content="0;URL=http://your_server/cgi-bin/openwebmail/openwebmail.pl">
如果希望使用
http://服务器IP/mail 或
http://域名/mail 的方式,则修改如下:
修改 /etc/http/conf/httpd.conf (最后只采用一种方式)
Redirect /mail
http://域名/cgi-bin/openwebmail/openwebmail.pl
Redirect /mail
[url]http://192.168.1.9/cgi-bin/openwebmail/openwebmail.pl[/url]
修改 /etc/httpd/conf/httpd.conf
主页发现图标找不到,想到图标目录还没有做映射再加一句,每当对Apach进行修改后,都要重新配置此项.
Alias /data "/var/www/data" //自己添加
找到此例发布的80端口,进行修改
DocumentRoot /var/www/cgi-bin /发布时填写的原始路径,可作为查找对名象
ServerName _default_:80
DirectoryIndex index.html index.htm openwebmail.html index.shtml
AllowOverride None
改为:
DocumentRoot /var/www/cgi-bin
ServerName _default_:80
DirectoryIndex index.html index.htm openwebmail.html index.shtml
AllowOverride All
Options ExecCGI
Order allow,deny
Allow from all
优化 Apach
MaxClients 150 同一时间最大连接数,
ServerAdmin
[email][email protected][/email] 改为网管的邮箱吧
Timeout 300 300秒没有反应就断开
Step13、增加限制用户发送电子邮的权限:
用户权限说明:
例子如下:
Fandy 用户不受发送限制(可以无限制的发送和接收Interanl、internet的电子邮件);
Yer、Biao 用户受到发送限制(只可以发送和接收Internal内的电子邮件);
# useradd fandy(增加本地用户:fandy)
# useradd yer(增加本地用户:yer)
# useradd biao(增加本地用户:biao)
# passwd yer(设置本地yer用户的密码)
Changing password for user yer.
New UNIX password:
Retype new UNIX password:
passwd: all authentication tokens updated successfully.
# passwd fandy(设置本地fandy用户的密码)
Changing password for user fandy.
New UNIX password:
Retype new UNIX password:
passwd: all authentication tokens updated successfully.
# passwd biao(设置本地biao用户的密码)
Changing password for user biao.
New UNIX password:
Retype new UNIX password:
passwd: all authentication tokens updated successfully.
在main.cf文件中增加以下的代码:
# restrictions
smtpd_restriction_classes = local_only
local_only = check_recipient_access hash:/etc/postfix/local_domains, reject
smtpd_recipient_restrictions =
check_sender_access hash:/etc/postfix/local_senders
permit_mynetworks,
permit_sasl_authenticated,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unauth_destination,
reject_unauth_pipelining,
reject_invalid_hostname
在/etc/postfix/目录下建立local_senders文件,内容如下:
[email][email protected][/email] local_only
[email][email protected][/email] local_only
在/etc/postfix/目录下建立local_domains文件,内容如下:
easy.com OK
mail.easy.com OK
为local_senders、local_domains两个文件建立hash:
# postmap hash:/etc/postfix/local_senders
# postmap hash:/etc/postfix/local_domains
当[email][email protected][/email]和[email][email protected][/email]两个用户向其它域发送邮件时会出现以下的
错误信息:
554 5.7.1 <[email][email protected][/email]>: Sender address rejected: Access denied
554 5.7.1 <[email][email protected][/email]>: Sender address rejected: Access denied
二 防病毒及邮件病毒扫描功能
F-prot
从[url]http://www.f-prot.com[/url] 下载,Linux workstation 版个人使用是免费的
提供杀毒功能,据闻速度和病毒库比开源的Clamav好。
SpamAssassin
系统自带,提供过滤垃圾邮件功能。
MailScanner
从[url]http://www.sng.ecs.soton.ac.uk/mailscanner/[/url] 下载
Postfix 是使用MailScanner 调用f-prot 与SpamAssassin,或者其它调用方法效率更好,但MailScanner配置比较直观
如果你打算将杀毒、过滤SPAM功能安排在各个客户端,以下是不必要操作的。
安装f-prot
从[url]http://files.f-prot.com/files/linux-x86/fp-linux-ws.rpm[/url] 下载
# rpm -ivh fp-linux-ws.rpm
启动SpamAssassin
# service spamassassin start
# chkconfig --level 35 spamassassin on
安装、配置MailScanner
# tar xzf MailScanner-4.48.4-2.rpm.tar.gz
# cd MailScanner-4.48.4-2
# ./install.sh
修改 /etc/MailScanner/MailScanner.conf
Run As User = postfix
Run As Group = postfix
Incoming Queue Dir = /var/spool/postfix/hold
Outgoing Queue Dir = /var/spool/postfix/incoming
MTA = postfix
Virus Scanners = f-prot
Always Include SpamAssassin Report = yes
Use SpamAssassin = yes
Required SpamAssassin Score = 4
SpamAssassin User State Dir = /var/spool/MailScanner/spamassassin
SpamAssassin Install Prefix = /usr/bin
SpamAssassin Local Rules Dir = /etc/MailScanner
让Postfix 调用MailScanner,在/etc/postfix/main.cf 加入以下一行
header_checks = regexp:/etc/postfix/header_checks
编辑/etc/postfix/header_checks 为以下内容
/^Received:/ HOLD
修正权限
# chown postfix.postfix /var/spool/MailScanner/incoming
# chown postfix.postfix /var/spool/MailScanner/quarantine
启用
# postfix stop
# service MailScanner start
# chkconfig --level 35 MailScanner on
注:MailScanner 会自动启动Postfix。
测试SpamAssassin
发一封邮件带如下内容,接收后,标题应该带有标记:
XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X
测试f-prot
升级病毒库:
# /usr/local/f-prot/tools/check-updates.pl
访问[url]http://www.webmail.us/testvirus[/url],申请寄一封带virus 的邮件寄到自己的邮箱