redhat9+postfix+cyrus-sasl+mysql+postfixadmin+courier-imap+courier-maildrop+squirrelmail(courier-sqwebmail openwebmail)+clamav+spamassassin+amavisd-new
2005年5月5日加入Cyrus SASL with MySQL Encrypted Passwords
2005年5月3日更新防病毒及防垃圾
2005年4月12日加入mysql日志管理
2005年4月10日至13日加入openwebmail
2005年4月8日加入apache自启动脚本
2004年10左右成稿
10.webmail 10.1.sqwebmai 10.2.squirrelmail 10.3.openwebmail
MySQL 4.1.11 网站: 下载 APACHE 2.0.54 网站: 下载 PHP 4.3.11 网站: 下载 Cyrus-SASL 2.1.20 网站: 下载 Postfix 2.2.3 网站: 下载 PostfixAdmin 2.1.0 网站: 下载 Courier-authlib 0.55 网站: 下载 Courier-IMAP 4.0.2 网站: 下载 Courier-maildrop 1.8.0 网站: 下载 Courier-sqwebmail 5.0.1 网站: 下载 SquirrelMail 1.4.4 网站: 下载 Openwebmail 2.51 网站: 下载 clamav 0.84 网站: 下载 Spamassassin 3.0.3 网站: 下载 amavisd-new 2.3.0 网站: 下载 1.安装mysql 4.1.11 # groupadd mysql # useradd -g mysql mysql # wget # tar -zxvf mysql-4.1.11.tar.gz # cd mysql-4.1.11 # ./configure --prefix=/usr/local/mysql --with-charset=gbk # make # make install # cp support-files/my-medium.cnf /etc/my.cnf
设置自启动 # cp support-files/mysql.server /etc/rc.d/init.d/mysqld # chmod 700 /etc/rc.d/init.d/mysqld # chkconfig --add mysqld
安装完以后要初始化数据库,要是升级安装的请跳过 # cd /usr/local/mysql # /usr/local/mysql/bin/mysql_install_db --user=mysql # chown -R root . # chown -R mysql var # chgrp -R mysql . # /usr/local/mysql/bin/mysqld_safe --user=mysql &
好了,至此mysql安装完毕,你可以这样起动你的mysql服务 # /etc/rc.d/init.d/mysqld start
# ln -s /usr/local/mysql/bin/mysql /sbin/mysql # ln -s /usr/local/mysql/bin/mysqladmin /sbin/mysqladmin
为了能让系统找到mysql,请运行如下命令 # PATH=$PATH:/usr/local/mysql/bin # export PATH # echo "/usr/local/mysql/lib/mysql" >;>; /etc/ # ldconfig
日志管理 开启错误日志 (在[safe_mysqld]项下添加) # vi /etc/my.cnf [safe_mysqld] err-log=/var/log/mysqld/err.log
开启常规日志和更新日志 (在[mysqld]项下添加) # vi /etc/my.cnf [mysqld] log=/var/log/mysqld/log.log log-update=/var/log/mysqld/update.log
创建日志文件并设置权限 # mkdir /var/log/mysqld # touch /var/log/mysqld/err.log /var/log/mysqld/log.log /var/log/mysqld/update.log # chown -R mysql.mysql /var/log/mysqld
# service mysqld restart
说明: 错误日志包含了服务器写入标准错误输出设备的所有消息,同时还包括了mysql服务的启动和关闭事件 常规日志用来记录有关mysql服务器运行的常规信息,包括用户的连接、查询及其他各种时间 更新日志用来记录修改数据库的查询信息,包括所有涉及数据库修改的SQl语句的查询记录 建议调试结束后关闭日志
2.安装apache 2.0.54 # wget # tar jxvf httpd-2.0.54.tar.bz2 # cd httpd-2.0.54 # ./configure --prefix=/usr/local/apache # make # make install
设置自启动 # cp support/apachectl /etc/init.d/httpd
修改/etc/init.d/httpd # vi /etc/init.d/httpd(在第两行之后添加如下内容) #!/bin/sh # # Startup script for the Apache Web Server # chkconfig: - 85 15 # description: Apache is a World Wide Web server. It is used to serve / # HTML files and CGI. # processname: httpd # pidfile: /usr/local/apache/log/ # config: /usr/local/apache/conf/httpd.conf
# chkconfig --add httpd # chmod 755 /etc/init.d/httpd # chkconfig httpd on
创建网页根目录 # mkdir /var/www
# vi /usr/local/apache/conf/httpd.conf //存放网页的目录,原来为DocumentRoot "",改成: DocumentRoot "/var/www" //这句应该和DocumentRoot 的目录保持一致,原来为;,改成: ; //Indexes:当在目录中找不到DirectoryIndex列表中指定的文件就生成当前目录的文件列表 //FollowSymlinks:允许符号链接跟随,访问不在本目录下的文件 Options Indexes FollowSymLinks //禁止读取.htaccess配置文件的内容 AllowOverride None //指定先执行Allow(允许)访问规则,再执行Deny(拒绝)访问规则 Order allow,deny //设置Allow(允许)访问规则,允许所有连接 Allow from all ;
启动服务: # /usr/local/apache/bin/apachectl start 或 # service httpd start
3.安装php 4.3.11 # wget # tar -jxvf php-4.3.11.tar.bz2 # cd php-4.3.11 # ./configure / --prefix=/usr/local/php / --with-mysql=/usr/local/mysql / --with-apxs2=/usr/local/apache/bin/apxs # make # make install # cp php.ini-dist /usr/local/php/lib/php.ini
# vi /usr/local/php/lib/php.ini ;default_charset = "iso-8859-1" 在这行下面加一行 default_charset = "gbk"
# vi /usr/local/apache/conf/httpd.conf 找到#AddType application/x-tar .tgz 这行,在下面加两行。 AddType application/x-httpd-php .php AddType application/x-httpd-php-source .phps 找到下面一行在后面加上index.php,这表示网站的默认页也能够为index.php DirectoryIndex index.html index.html.var index.php 注意:改变了http.conf后,要重启apache服务器,否则不会生效!
php常用配置 max_execution_time = 30 ; // 改为600 (增加处理脚本的时间限制) max_input_time = 600 ; //最大输出时间600秒 memory_limit = 8M ; //改为40M (这样才能发10M的附件) register_global =On post_max_size = 2M ; //php可接受的 post 方法大小 2M file_uploads = On ; //允许上载文件 upload_max_filesize = 2M ; //最大上载文件2M session.auto_start = 1 ; //session自动启动
4.安装cyrus-sasl 2.1.20 如果系统安装已经,先卸载它,或使用下面方法关闭它 # mv /usr/lib/sasl /usr/lib/sasl.OFF # mv /usr/lib/sasl2 /usr/lib/sasl2.OFF
编译安装cyrus-sasl2.1.20 # wget # tar zxvf cyrus-sasl-2.1.20.tar.gz # cd cyrus-sasl-2.1.20 # ./configure / --disable-anon -enable-plain --enable-login / --enable-sql --with-mysql=/usr/local/mysql / --with-mysql-includes=/usr/local/mysql/include/mysql / --with-mysql-libs=/usr/local/mysql/lib/mysql # make # make install
为了让postfix能找到sasl,请运行如下命令: # echo "/usr/local/lib" >;>; /etc/ # ldconfig
# ln -s /usr/local/lib/sasl2 /usr/lib/sasl2
cyrus-sasl的密码是不加密的,可以下载加密认证补丁 # # patch lib/checkpw.c patch-linux 重新编译安装 # LDFLAGS="-lcrypt" ./configure --disable-anon -enable-plain --enable-login --enable-sql --with-mysql=/usr/local/mysql --with-mysql-includes=/usr/local/mysql/include/mysql --with-mysql-libs=/usr/local/mysql/lib/mysql # make # make install
5.安装postfix 2.2.3 如果你的系统上原来有sendmail,先将其停止并将其文件改名: # /etc/init.d/sendmail stop # chkconfig --level 0123456 sendmail off # mv /usr/bin/newaliases /usr/bin/newaliases.orig # mv /usr/bin/mailq /usr/bin/mailq.orig # mv /usr/sbin/sendmail /usr/sbin/sendmail.orig
开始安装 # groupadd -g 12345 postfix # useradd -u 12345 -g 12345 -c postfix -d/dev/null -s/bin/false postfix # groupadd -g 54321 postdrop # wget # tar -zxvf postfix-2.2.3.tar.gz # cd postfix-2.2.3 (Building Postfix with SASL authentication and mysql support) # make -f Makefile.init makefiles / 'CCARGS=-DHAS_MYSQL -I/usr/local/mysql/include/mysql -DUSE_SASL_AUTH -I/usr/local/include/sasl' / 'AUXLIBS=-L/usr/local/mysql/lib/mysql -lmysqlclient -lz -lm -L/usr/local/lib -lsasl2' # make install 如果/etc/aliases文件不存在,请用如下命令创建: # echo postfix: root >;>; /etc/aliases # /usr/bin/newaliases
注意: 本例中Mysql安装在/usr/lcoal/mysql,sasl2安装在/usr/lib/sasl2。如果安装路径不同,请自行修改编译时CCARGS和AUXLIBS选项。 在执行make install的时候可能会得到如下的提示(如果没有就不用管了): /usr/libexec/ Shared object "" not found 这是因为mysql不是安装在默认目录中的,所以需要告诉postfix应该到哪里去找,使用ldconfig就可以达到这个目的: # echo /usr/local/mysql/lib/mysql >;>; /etc/ # ldconfig
6.安装postfixadmin 2.1.0 建立apache和maildrop的用户和组 # groupadd vmail -g 1001 # useradd vmail -u 1001 -g 1001 -s/bin/false -d/dev/null
# vi /usr/local/apache/conf/httpd.conf 把 User nobody Group #-1 改为 User vmail Group vmail
# wget # tar -zxvf postfixadmin-2.1.0.tgz # mv postfixadmin-2.1.0 /var/www/postfixadmin 更改权限,假定运行apache的用户和组为vmail # chown -R vmail:vmail /var/www/postfixadmin # cd /var/www/postfixadmin # chmod 640 *.php *.css # cd /var/www/postfixadmin/admin/ # chmod 640 *.php .ht* # cd /var/www/postfixadmin/images/ # chmod 640 *.gif *.png # cd /var/www/postfixadmin/languages/ # chmod 640 *.lang # cd /var/www/postfixadmin/templates/ # chmod 640 *.tpl # cd /var/www/postfixadmin/users/ # chmod 640 *.php
建立mysql表 # cd /var/www/postfixadmin # mysql -u root [-p] < DATABASE_MYSQL.TXT # cp # vi 本例中的配置如下: // Language config // Language files are located in './languages'. $CONF['default_language'] = 'cn'; // Database Config // 'database_type' is for future reference. $CONF['database_type'] = 'mysql'; $CONF['database_host'] = 'localhost'; $CONF['database_user'] = 'postfixadmin'; $CONF['database_password'] = 'postfixadmin'; $CONF['database_name'] = 'postfix'; //$CONF['encrypt'] = 'md5crypt'; $CONF['encrypt'] = 'cleartext'; // Mailboxes // If you want to store the mailboxes per domain set this to 'YES'. // Example: /usr/local/virtual/domain.tld/[email protected] $CONF['domain_path'] = 'YES'; // If you don't want to have the domain in your mailbox set this to 'NO'. // Example: /usr/local/virtual/domain.tld/username $CONF['domain_in_mailbox'] = 'NO'; // Quota // When you want to enforce quota for your mailbox users set this to 'YES'. $CONF['quota'] = 'YES'; // You can either use '1024000' or '1048576' $CONF['quota_multiplier'] = '1024000';
我们在这里使用明文口令方式,如果想使用密文,请把$CONF['encrypt']='cleartext';改成$CONF['encrypt']='md5crypt'; 邮箱的存储格式使用的形式,所以设置: $CONF['domain_path'] = 'YES'; $CONF['domain_in_mailbox'] = 'NO';
# vi /etc/postfix/ #=====================BASE========================= #主机名称(用 FQDN 的方式来写) myhostname = #domain 名称 mydomain = #邮件标头上面的 mail from 的那个地址 myorigin = $mydomain #可用来收件的主机名称(这里没有使用$mydomain是因为我们将使用virtualhost) mydestination = $myhostname localhost localhost.$mydomain #允许不使用smtp发信认证的网段 mynetworks = inet_interfaces = all #使用的邮箱格式 #home_mailbox = Maildir/ #mailbox_transport = maildrop
#=====================Vritual Mailbox settings========================= # 指定用户邮箱所在的根目录 virtual_mailbox_base = /var/mailbox/ #指定postfix如何去检索邮件用户,这里是采用mysql (用户邮箱的目录) virtual_mailbox_maps = mysql:/etc/postfix/mysql/ virtual_mailbox_domains = mysql:/etc/postfix/mysql/ virtual_alias_domains = virtual_alias_maps = mysql:/etc/postfix/mysql/ #邮件账号的uid, 使用apache的运行用户 virtual_uid_maps = static:1001 virtual_gid_maps = static:1001 #virtual_uid_maps = mysql:/etc/postfix/mysql/ #virtual_gid_maps = mysql:/etc/postfix/mysql/ # use this for virtual delivery(如果没有安装maildrop,则此处为virtual) #virtual_transport = virtual #use this for maildrop-delivery (如果有maildrop,则此处为maildrop) virtual_transport = maildrop #Maildrop-Options for usage with maildrop maildrop_destination_recipient_limit = 1 maildrop_destination_concurrency_limit = 1
#/var/mailbox/最后的"/"字符不能省略 #所有的MySQL查询配置文件统一存放在/etc/postfix/mysql中
#====================QUOTA======================== #每封信的最大大小(10M),postfix的默认值是10M, 但这指的是邮件正文和编码后附件的总和, 经过#base64编码,附件的大小会增加35%左右, 因此这里设定可接受邮件的大小为14M message_size_limit = 14336000 #邮箱的默认大小(10M) virtual_mailbox_limit = 20971520 virtual_create_maildirsize = yes virtual_mailbox_extended = yes #指定postfix如何获得用户的quota信息(每个用户的邮箱大小) virtual_mailbox_limit_maps = mysql:/etc/postfix/ # 是否允许覆盖默认邮箱的大小 virtual_mailbox_limit_override = yes virtual_maildir_limit_message = Sorry, the user's maildir has overdrawn his diskspace quota, please try again later. virtual_overquota_bounce = yes
#====================SASL======================== broken_sasl_auth_clients = yes #In order to allow mail relaying by authenticated clients smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_invalid_hostname, reject_non_fqdn_hostname, reject_unknown_sender_domain, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_unauth_pipelining, reject_unauth_destination, permit smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = $myhostname smtpd_sasl_security_options = noanonymous smtpd_sasl_application_name = smtpd smtpd_banner=$myhostname ESMTP "Version not Available"
建立/var/mailbox并设置权限 # mkdir /var/mailbox # chown -R vmail:vmail /var/mailbox # chmod -R ug+rwx,o-rwx /var/mailbox
建立/etc/postfix/mysql文件夹和MySQL查询配置文件 # mkdir /etc/postfix/mysql 1、vi /etc/postfix/mysql/ user = postfix password = postfix hosts = localhost dbname = postfix table = alias select_field = goto where_field = address
2、vi /etc/postfix/mysql/ user = postfix password = postfix hosts = localhost dbname = postfix table = domain select_field = description where_field = domain #additional_conditions = and backupmx = '0' and active = '1'
3、vi /etc/postfix/mysql/ user = postfix password = postfix hosts = localhost dbname = postfix table = mailbox select_field = maildir where_field = username #additional_conditions = and active = '1'
4、vi /etc/postfix/mysql/ user = postfix password = postfix hosts = localhost dbname = postfix table = mailbox select_field = quota where_field = username #additional_conditions = and active = '1'
配置 /usr/local/lib/sasl2/smtpd.conf # vi /usr/local/lib/sasl2/smtpd.conf pwcheck_method: auxprop auxprop_plugin: sql mech_list: plain login sql_engine: mysql sql_hostnames: localhost sql_user: postfix sql_passwd: postfix sql_database: postfix sql_select: SELECT password FROM mailbox WHERE username='%u@%r' and domain='%r' and active='1'
启动postfix # postfix start
测试smtp # telnet localhost 25 Trying Connected to localhost. Escape character is '^]'. 220 ESMTP "Version not Available" ehlo 250-PIPELINING 250-SIZE 10240000 250-VRFY 250-ETRN 250-AUTH LOGIN PLAIN 250-AUTH=LOGIN PLAIN 250 8BITMIME
7.安装Courier-authlib 0.55 新版本的imap不再包含authentication library,必须先安装 Courier authentication library # wget # tar -jxvf courier-authlib-0.55.20050407.tar.bz2 # cd courier-authlib-0.55.20050407 # ./configure / --with-redhat / --with-authmysql=yes / --with-mailuser=vmail --with-mailgroup=vmail / --with-mysql-libs=/usr/local/mysql/lib/mysql --with-mysql-includes=/usr/local/mysql/include/mysql/ # make # make install # make install-configure
# vi /usr/local/etc/authlib/authdaemonrc (确保只使用mysql认证模块) authmodulelist="authmysql" authmodulelistorig="authmysql"
# vi /usr/local/etc/authlib/authmysqlrc MYSQL_SERVER localhost MYSQL_SOCKET /tmp/mysql.sock MYSQL_DATABASE postfix MYSQL_USERNAME postfix MYSQL_PASSWORD postfix MYSQL_USER_TABLE mailbox MYSQL_LOGIN_FIELD username #MYSQL_CRYPT_PWFIELD password MYSQL_CLEAR_PWFIELD password MYSQL_UID_FIELD '1001' MYSQL_GID_FIELD '1001' MYSQL_HOME_FIELD '/var/mailbox/' MYSQL_MAILDIR_FIELD maildir MYSQL_NAME_FIELD name MYSQL_QUOTA_FIELD quota MYSQL_WHERE_CLAUSE active='1' DEFAULT_DOMAIN 注意:确认在这个文件中不能用空格键,只能用tab键。 确认只使用单引号,比如:'/var/mailbox/','UID','GID'(本文为'1001') localhost不能用单引号 确认你的/etc/hosts文件中有localhost 编译时如果支持Ipv6可能导致错误 MYSQL_GID_FIELD 和MYSQL_UID_FIELD是maildrop的UID和GID,而不是MySQL的。 如果想使用md5密码,把MYSQL_CLEAR_PWFIELD password改成MYSQL_CRYPT_PWFIELD password
启动服务 要是想让imap开机就启动服务: # cp courier-authlib.sysvinit /etc/rc.d/init.d/courier-authlib # chmod 755 /etc/rc.d/init.d/courier-authlib # chkconfig --level 0123456 courier-authlib on 手动启动服务: # authdaemond start
测试courier-authlib 检查进程: # pstree |grep authdaemond |-authdaemond.mys---5*[authdaemond.mys]
8.安装Courier-imap 4.0.2 # wget # tar -jxvf courier-imap- # cd courier-imap- # ./configure / --prefix=/usr/local/imap / --with-redhat / --disable-root-check / --enable-unicode=utf-8,iso-8859-1,gb2312,gbk,gb18030 / --with-trashquota / --with-dirsync # make # make install-strip (先install-strip,如果失败,再make install) # make install-configure
# vi /usr/local/imap/etc/pop3d 将POP3DSTART=NO改为POP3DSTART=YES
# vi /usr/local/imap/etc/imapd 将IMAPDSTART=NO改为IMAPDSTART=YES
让imap自启动: # cp courier-imap.sysvinit /etc/rc.d/init.d/courier-imap # chmod 755 /etc/rc.d/init.d/courier-imap # chkconfig --level 0123456 courier-imap on 手动启动服务: # /usr/local/imap/libexec/pop3d.rc start # /usr/local/imap/libexec/imapd.rc start
测试courier-imap 检查进程: # pstree |grep courier |-2*[courierlogger] |-2*[couriertcpd]
检查端口,应该有如下端口打开: # netstat -an |grep LISTEN tcp 0 0* LISTEN tcp 0 0* LISTEN
检测POP3和IMAP服务: # telnet localhost 110 +OK Hello there USER [email protected] +OK Password required. PASS test +OK Logged in. QUIT +OK bye-bye
9.安装Courier-maildrop 1.8.0 # groupadd vmail -g 1001 # useradd vmail -u 1001 -g 1001 -s/bin/false -d/dev/null # wget # tar jxvf maildrop-1.8.0.tar.bz2 # cd maildrop-1.8.0 # ./configure / --prefix=/usr/local/maildrop / --enable-sendmail=/usr/sbin/sendmail / --enable-trusted-users='root vmail' / --enable-syslog=1 / --enable-maildirquota / --enable-maildrop-uid=1001 / --enable-maildrop-gid=1001 / --with-trashquota / --with-dirsync # make # make install # cp /usr/local/maildrop/bin/maildrop /usr/bin # chmod a+rx /usr/bin/maildrop
运行maildrop -v应该有如下提示信息: maildrop 1.8.0 Copyright 1998-2004 Double Precision, Inc. GDBM extensions enabled. Courier Authentication Library extension enabled. Maildir quota extension enabled. This program is distributed under the terms of the GNU General Public License. See COPYING for additional information.
新建/etc/maildroprc文件 # vi /etc/maildroprc logfile "/var/mailbox/maildrop.log" to "$HOME$DEFAULT"
# chmod a+r /etc/maildroprc
配置Postfix # vi /etc/postfix/ virtual_transport = maildrop maildrop_destination_recipient_limit = 1
# vi /etc/postfix/ maildrop unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/usr/local/maildrop/bin/maildrop -w 90 -d ${recipient}
由于maildrop没有建立maildir的功能,因此由一小断脚本实现 # vi /etc/sudoers vmail ALL = NOPASSWD: /usr/sbin/
新建/usr/sbin/maildirmake.sh文件 # vi /usr/sbin/ #!/bin/bash set -e if [ ! -f /var/mailbox/$1 ] then mkdir /var/mailbox/$1 fi chown -R vmail:vmail /var/mailbox/$1 cd "/var/mailbox/$1" /usr/local/imap/bin/maildirmake $2 chown -R 1001:12345 /var/mailbox/$1/$2 chmod -R g=s /var/mailbox/$1/$2
# chmod 755 /usr/sbin/
更改postfixadmin/admin目录下的create-mailbox.php文件 在此文件的200行后加一行: # vi /var/www/postfixadmin/admin/create-mailbox.php system("sudo /usr/sbin/ $fDomain ".$_POST['fUsername']);
说明: 建立的邮箱格式:/var/vmail/domain.tld/username uid 1001 是vmail的用户id,也是目录/var/vmail的owner gid 12345 是postfix的组id
在postfixadmin中建立一测试帐户[email protected] 测试maildrop # maildrop -V 9 -d [email protected] maildrop: authlib: groupid=1001 maildrop: authlib: userid=1001 maildrop: authlib: [email protected], home=/var/mailbox/, maildrop: Changing to /var/mailbox/ ctrl+c退出
下一步,查看日志(/var/log/maillog)看看postfix是不是和maildrop一起工作: # cat /var/log/maillog | grep maildrop -A 2 Feb 28 11:50:41 malochia postfix/qmgr[7345]: 2875B7823E62: from=;, size=3308, nrcpt=1 (queue active) Feb 28 17:18:05 malochia postfix/pipe[11615]: 04DD57822697: to=;, relay=maildrop, delay=0, status=sent (domain.tld)
如果没有,看看是不是由于配置不正确,而使邮件在队列中 # Mailq
配置quotas 新建文件/usr/local/maildrop/etc/quotawarnmsg # vi /usr/local/maildrop/etc/quotawarnmsg From: 管理员 ; Reply-To: [email protected] To: Valued Customer:; Subject: 警告!您的邮箱空间即将用完! Mime-Version: 1.0 Content-Type: text/plain; charset=gb2312 Content-Transfer-Encoding: 8bit
设置quotas Postfixadmin的数据库的maildrop表的quota字段是int类型的,在maildrop下不能工作,不过我们可以修改 /usr/local/etc/authlib/authmysqlrc文件,把其中的MYSQL_QUOTA_FIELD quota一行改为MYSQL_QUOTA_FIELD concat(quota,'S') ,如果你想限制邮件的数量,也可以改成MYSQL_QUOTA_FIELD concat(quota,'C')。 如果我们把一个用户的邮箱设为10M,我们可以把quota的值改为“10000000S”。也可以用“C”,“1000C”的意思是只能存放1000条邮件。
给[email protected]发一封信,但是不用包含附件。然后: # cd /var/mailbox/ # cat maildirsize 1000000S 1622 1
maildirsize这个文件存储了邮箱配额的信息,而且courier-imap也用这个文件。 举个例子说明一下该文件,我的一个maildirsize文件的内容如下: # cat maildirsize 5000000S 42898 9 3403 1 1622 1 2371 1
说明这个邮箱的容量是5M(如果你把quota字段的值删除,maildrop会自动给它一个值,但是不要把它的值设置成null),现在邮箱里有四封信。 假设该用户用掉了5M中的3M,只剩2M了,如果来了一封大于2M的邮件,将会被退回,如果是1.7M的邮件,maildrop会收下该邮件,更新maildirsize文件,重新计算quota,得知该用户使用了90%(/etc/postfix/master.cf中的-w 90)以上的配额,maildrop会拷贝/usr/local/maildrop/etc/quotawarnmsg文件到该用户的邮箱中警告该用户。
10.1.安装sqwebmail 5.0.1 # wget # tar jxvf sqwebmail-5.0.1.tar.bz2 # cd sqwebmail-5.0.1 # ./configure / --prefix=/usr/local/sqwebmail / --enable-unicode=utf-8,iso-8859-1,gb2312,gbk,gb18030 / --with-trashquota # make configure-check # make # make install-strip # make install-configure
启动服务 # /usr/local/sqwebmail/libexec/sqwebmaild.rc start
测试sqwebmail 使用用户[email protected],密码test,登陆进出以后就可以测试收发邮件了。但是图片不能显示,只要 # mv /usr/local/apache/htdocs/webmail /var/www
修改Apache # cd /var/www # vi index.html //输入一下内容: ; ; ;MAIL SYSTEM; ; ; ; ; ;
经过以上修改以后,你就可以通过: 直接来访问sqwebmail了,这样就方便多了。可惜是英文的,不知道哪位达人能汉化一下,并把界面改的漂亮一点就好了。
10.2.安装squirrelmail 1.4.4 下载squirrelmail及中文包 # wget # wget 把squirreelmail解压到/var/www目录下。 # tar -jxvf squirrelmail-1.4.4.tar.bz2 -C /var/www/ # mv /var/www/squirrelmail-1.4.4 /var/www/squirrelmail 解压中文包 # tar -jxvf zh_CN-1.4.4-20050122.tar.bz2 -C /var/www/squirrelmail/
在配置squirrelmail之前先下载三个插件: Quota Usage Version 1.3 # wget Compatibility Version 1.3 # wget Change MySQL Password Version 3.2 # wget
把这三个插件解压到squirrelmail的plugin目录下并设置权限。 # tar -zxvf quota_usage-1.3-1.2.7.tar.gz -C /var/www/squirrelmail/plugins/ # tar -zxvf compatibility-1.3.tar.gz -C /var/www/squirrelmail/plugins/ # tar -zxvf change_mysqlpass-3.2-1.2.8.tar.gz -C /var/www/squirrelmail/plugins/ 第一个插件是用来显示邮箱的使用情况的;第二个和第三个插件是用来修改密码的。 如果不想装这些插件,请跳过。
配置Quota Usage # cd /var/www/squirrelmail/plugins/quota_usage # cp config.php.sample config.php
配置Change MySQL Password # cd /var/www/squirrelmail/plugins/change_mysqlpass # cp config.php.sample config.php # vi config.php 更改如下几个变量: $mysql_database = 'postfix'; $mysql_table = 'mailbox'; $mysql_userid_field = 'username'; $mysql_password_field ='password'; $mysql_manager_id = 'postfix'; $mysql_manager_pw = 'postfix'; $mysql_unixcrypt = 0; //$mysql_MD5crypt = 1; $mysql_MD5crypt = 0; $use_ssl_for_password_change = 0;
如果你的密码是MD5加密的,就把$mysql_MD5crypt = 0;改成$mysql_MD5crypt = 1;
配置squirrelmail # cd /var/www/squirrelmail # ./configure 进入10. Languages 把1. Default Language : 的en_US改成zh_CN。 进入8. Plugins,添加这三个插件
打开浏览器输入http://,用[email protected]登陆,你将会在屏幕的左上角看到邮箱的使用情况,你还会看到一条警告信息: Warning: mysql_result(): supplied argument is not a valid MySQL result resource in /var/www/squirrelmail/plugins/change_mysqlpass/functions.php on line 129 这是由于数据库结构不一致造成的,你只要把functions.php中的129行注释调即可(在行首加//)。 现在你还可以用选项中的change passwd修改你的密码了,不过这个模块是英文的,如果你想改成中文的,可以自己修改,squirrelmail网站上有介绍。或者请参考: 1、把change_mysqlpass.po与locale/zh_CN/LC_MESSAGES/squirrelmail.po合并 最简单的方法就是: # cat change_mysqlpass.po >;>; /var/www/squirrelmail/locale/zh_CN/LC_MESSAGES/squirrelmail.po 2、执行: # cd /var/www/squirrelmail/locale/zh_CN/LC_MESSAGES/ # msgfmt -o squirrelmail.po
由于安全原因,建议把data目录移出web tree,比如移到/usr目录下,设置权限 # cp -R /var/www/squirrelmail/data/ /var/data # chown -R vmail.vmail /var/data # chmod 730 -R /var/data
10.3.openwebmail 2.51 安装 # wget # tar zxvf DBI-1.48.tar.gz # cd DBI-1.48 # perl Makefile.PL # make # make test # make install
安装DBD-mysql # wget # tar zxvf DBD-mysql-2.9006.tar.gz # cd DBD-mysql-2.9006 # export LANG='C' # ln -s /usr/local/mysql/bin/mysql_config /usr/bin/mysql_config # perl Makefile.PL / --libs="-L/usr/local/mysql/lib/mysql -lmysqlclient -lz" / --cflags=-I/usr/local/mysql/include/mysql / --testhost= # make # make test # Some minor error messages can be ignored here # make install
安装 # wget # tar zxvf # cd # perl Makefile.PL # make # make test # make install
安装Text-Iconv # wget # wget # tar zxvf Text-Iconv-1.2.tar.gz # cd Text-Iconv-1.2 # perl Makefile.PL # make # make test # make install
安装MIME-Base64 # wget # tar zxvf MIME-Base64-3.01.tar.gz # cd MIME-Base64-3.01 # perl Makefile.PL # make # make test # make install
安装suidperl(9.0安装盘的第二张盘中有) # wget # rpm -ivh perl-suidperl-5.8.0-88.i386.rpm
如果采用 rpm 安装,安装系统会自动对应到正确路径。若使用手动安装,将openwebmail目录及data目录移至如下/var/www/cgi-bin/openwebmail及/var/www/data,我是用tarball安装的 # wget # tar zxvf openwebmail-2.51.tar.gz -C /var/www
加入openwebmail的权限,编辑httpd.con,加入如下内容,假设/var/www/cgi-bin是apache的cgi-bin目录 # vi /usr/local/apache/conf/httpd.conf ScriptAlias /openwebmail "/var/www/cgi-bin/openwebmail/"
存盘后重新启动apache # service httpd restart
编辑mysql认证文件 # vi /var/www/cgi-bin/openwebmail/auth/ my $SQLHost = 'localhost'; my $sqlusr = 'postfix'; my $sqlpwd = 'postfix'; my $auth_db = 'postfix'; my $auth_table = 'mailbox'; my $field_username = 'username'; my $field_password = 'password'; my $field_realname = 'name'; my $field_uid = '1001'; my $field_gid = '1001'; my $field_home = 'maildir'; my $pass_type = 'cleartxt';
编辑openwebmail主配置文件 # vi /var/www/cgi-bin/openwebmail/etc/openwebmail.conf domainnames auto auth_module auth_withdomain yes mailspooldir /var/mailbox create_syshomedir new use_syshomedir new ow_cgidir /var/www/cgi-bin/openwebmail ow_usersdir /var/mailbox ow_cgiurl /cgi-bin/openwebmail ow_htmldir /var/www/data/openwebmail ow_htmlurl /data/openwebmail logfile /var/log/openwebmail.log
quota_module #磁盘限额模块 quota_limit 30000 #用户主目录磁盘上限30M spool_limit 10000 #收件箱上限10M /var/mail
enable_webdisk no enable_sshterm no
接下来执行初始化 # /var/www/cgi-bin/openwebmail/ --init
将dbm.conf中的设定改为执行初始化后系统所要求的 # cp /var/www/cgi-bin/openwebmail/etc/defaults/dbm.conf /var/www/cgi-bin/openwebmail/etc/ # vi /var/www/cgi-bin/openwebmail/etc/dbm.conf dbm_ext .db dbmopen_ext .db dbmopen_haslock no
再执行一次初始化 # /var/www/cgi-bin/openwebmail/ --init
这时便会出现一些讯息,最后出现一行 Send the site report?(Y/n) 按 Enter 即可,这样便完成 openwebmail 的设定
创建日志文件并设置logrotate # touch /var/log/openwebmail.log # vi /etc/logrotate.d/syslog (加入下面几行) /var/log/openwebmail.log { postrotate /usr/bin/killall -HUP syslogd endscript }
11.安装clamav 0.84 # wget # tar zxvf clamav-0.84.tar.gz # cd clamav-0.84 # groupadd clamav # useradd -g clamav -s/bin/false -d/dev/null clamav # ./configure --prefix=/usr/local/clamav --with-dbdir=/usr/local/share/clamav # make # make check # make install
编辑/usr/local/clamav/etc/clamd.conf # vi /usr/local/clamav/etc/clamd.conf #Verbose logging with syslog LogSyslog LogVerbose LogFacility LOG_MAIL LogFile /var/log/clamav/clamd.log #Change pid file location PidFile /var/run/clamav/ DatabaseDirectory /usr/local/share/clamav #Set the clamav socket LocalSocket /var/run/clamav/clamd #Close the connection when this limit is exceeded StreamMaxLength 10M #Don't run clamd as root User amavis #Newer versions require you to uncomment this ScanMail ScanArchive
编辑/usr/local/clamav/etc/freshclam.conf # vi /usr/local/clamav/etc/freshclam.conf DatabaseDirectory /usr/local/share/clamav UpdateLogFile /var/log/clamav/freshclam.log LogSyslog LogVerbose DatabaseOwner amavis #Check for updates every two hours. That is the official recommendation Checks 12 DatabaseMirror DatabaseMirror NotifyClamd
添加amavis用户和组 # groupadd amavis # useradd -g amavis -s /bin/false -c "Amavis User" -d /dev/null amavis
创建日志文件夹并设置权限 # mkdir /var/log/clamav # chmod -R 744 /var/log/clamav # chown -R amavis:amavis /var/log/clamav
# chown -R amavis.amavis /usr/local/share/clamav # mkdir /var/run/clamav # chmod 700 /var/run/clamav # chown amavis.amavis /var/run/clamav
手动更新病毒库 # /usr/local/clamav/bin/freshclam
设置自动更新病毒库 # vi /etc/crontab 0 4 * * * root /usr/local/clamav/bin/freshclam --quiet -l /var/log/clamd.log
启动 # /usr/local/clamav/sbin/clamd
13.安装amavisd-new 2.3.0
# wget # tar zxvf amavisd-new-2.3.0.tar.gz # cd amavisd-new-2.3.0 # groupadd amavis # useradd -g amavis -s /bin/false -c "Amavis User" -d /dev/null amavis
# mkdir -p /var/amavis /var/amavis/tmp /var/amavis/var /var/amavis/db # chown -R amavis:amavis /var/amavis # chmod -R 750 /var/amavis
# cp amavisd /usr/local/sbin/ # chown root /usr/local/sbin/amavisd # chmod 755 /usr/local/sbin/amavisd
# cp amavisd.conf /etc/ # chown root /etc/amavisd.conf # chmod 644 /etc/amavisd.conf
病毒邮件存放目录 # mkdir /var/virusmails # chown amavis:amavis /var/virusmails # chmod 750 /var/virusmails
编辑/etc/amavisd.conf,修改下面这几行 # vi /etc/amavisd.conf $max_servers=8; $daemon_user = 'amavis'; $daemon_group = 'amavis'; $mydomain = ''; $db_home = "$MYHOME/db"; $inet_socket_port = 10024; $sa_tag_level_deflt = -100; $sa_tag2_level_deflt = 6.3; $sa_kill_level_deflt = $sa_tag2_level_deflt; $virus_admin = "virusalert/@$mydomain"; $sa_spam_subject_tag = '***SPAM*** '; $notify_method = $forward_method; $forward_method = 'smtp:'; $final_virus_destiny = D_DISCARD; $final_banned_destiny = D_DISCARD; $final_spam_destiny = D_DISCARD; ['ClamAV-clamd', /&ask_daemon, ["CONTSCAN {}/n", "/var/run/clamav/clamd"], qr//bOK$/, qr//bFOUND$/, qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
测试amavis # /usr/local/sbin/amavisd debug ERROR: MISSING REQUIRED BASIC MODULES: Time::HiRes IO::Wrap Unix::Syslog Mail::Field MIME::Words Net::Server BEGIN failed--compilation aborted at /usr/local/sbin/amavisd line 141. 根据出错提示,缺什么装什么 # perl -MCPAN -e shell cpan>; install Time::HiRes cpan>; install IO::Wrap cpan>; install Unix::Syslog cpan>; install Mail::Field cpan>; install MIME::Words cpan>; install Net::Server cpan>; install BerkeleyDB cpan>; install Convert::TNEF cpan>; install Convert::UUlib cpan>; install Archive::Tar cpan>; install Archive::Zip (# export LANG=C) cpan>; install HTML::Parser cpan>; install DB_File cpan>; install Net::DNS (when prompted to enable tests, choose no) cpan>; install Digest::SHA1 cpan>; install Mail::SpamAssassin (# export LANG=en_US)
启动 # /usr/local/sbin/amavisd start
设置postfix 修改/etc/postfix/ # vi /etc/postfix/ (加入一行) content_filter = amavis: 修改/etc/postfix/ # vi /etc/postfix/ (在最后加上) # amavisd-new amavis unix - - n - 2 smtp -o smtp_data_done_timeout=1200 -o smtp_send_xforward_command=yes -o disable_dns_lookups=yes
localhost:10025 inet n - n - - smtpd -o content_filter= -o local_recipient_maps= -o relay_recipient_maps= -o mynetworks= -o smtpd_helo_restrictions= -o smtpd_client_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o strict_rfc821_envelopes=yes -o smtpd_error_sleep_time=0 -o smtpd_soft_error_limit=1001 -o smtpd_hard_error_limit=1000
重新启动postfix # postfix stop # postfix start # postfix check
# netstat -an | grep LISTEN (应该可以看到这两个端口在监听) *.* 0 0 49152 0 LISTEN *.* 0 0 49152 0 LISTEN
12.安装Spamassassin 3.0.3 前面装amavis的时候已经装好了,如果没装,请按如下方式安装 # perl -MCPAN -e shell cpan>; install HTML::Parser cpan>; install DB_File cpan>; install Net::DNS (when prompted to enable tests, choose no) cpan>; install Digest::SHA1 cpan>; install Mail::SpamAssassin
# vi /etc/mail/spamassassin/ (修改后不用重新启动 SpamAssassin,立即生效) report_safe 0 use_bayes 1 bayes_path /var/amavisd/.spamassassin/bayes bayes_auto_learn 1 skip_rbl_checks 0 use_razor2 1 use_dcc 1 use_pyzor 1 # 是否能够进行 DNS 查询。直接设定为 yes 将有效加快 amavis 的启动速度 dns_available yes # 检查是否为由内部网络所寄出的信件。 # 若是,则永远不判断为垃圾邮件。(评分减 50 分) # 其中的 请替换成您的 Domain Name.. header LOCAL_RCVD Received =~ /.*/(/S+/.domain/.com/s+/[.*/]/)/ describe LOCAL_RCVD Received from local machine score LOCAL_RCVD -50 # 垃圾邮件计分规则 score DCC_CHECK 4.000 score SPF_FAIL 10.000 score SPF_HELO_FAIL 10.000 score RAZOR2_CHECK 2.500 score BAYES_99 4.300 score BAYES_90 3.500 score BAYES_80 3.000
新建文件/var/amavisd/.spamassassin/user_prefs # touch /var/amavis/.spamassassin/user_prefs
检查local.cf语法 # spamassassin --lint
启动spamd # /usr/bin/spamd --daemonize --pidfile /var/run/
下载中文垃圾垃圾邮件过滤规则 # wget -N -P /usr/share/spamassassin
每次更新Chinese_rules.cf需要重启spamd方法如下 # kill -HUP `cat /var/run/`
自动更新中文垃圾垃圾邮件过滤规则 # vi /etc/crontab (加一行) 0 0 1 * * root wget -N -P /usr/share/spamassassin;kill -HUP `cat /var/run/`
测试病毒扫描 使用其他邮件系统用户给该系统的用户发送邮件,包含以下内容: X5O!P%@AP[4/PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H* 如果这个用户能够收到有病度提示的邮件说明病毒过滤已经成功! 邮件病毒扫描日志将被记录在/var/log/clamav/clamav.log中!
测试垃圾邮件扫描 使用其他邮件系统用户给该系统的用户发送邮件,包含以下内容: XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X 然后查看邮件日志看看,发出的邮件是否被BOUNCE或DISCARD了
建立maildrop过滤脚本(如果你使用amavisd-new来对spamassassin进行操作的话,跳过该项) # vi /etc/maildroprc if ( $SIZE < 26144 ) { exception { xfilter "/usr/bin/spamassassin" } }
if (/^X-Spam-Flag: *YES/) { exception { to "$HOME$DEFAULT/.Spam/" } } else { exception { to "$HOME$DEFAULT" } }
14.后记 大功告成,终于结束了。这篇文章花了本人无数心血,参考了无数篇文章,多少个日日夜夜啊,好几次烦得差点吐血,但是我坚持下来了。希望各位能够成功。
Go to top.
15.启动脚本 postfix的启动脚本: # cat /etc/rc.d/init.d/postfix #!/bin/bash # # mailsys This shell script takes care of starting and stopping Postfix # author : ; 2004/1/28 # # chkconfig: 2345 80 30 # description: Postfix is a Mail Transport Agent, which is the program # that moves mail from one machine to another. # # processname: mailsys # pidfile: /var/run/ # Source function library. . /etc/rc.d/init.d/functions # Source networking configuration. . /etc/sysconfig/network
# Check that networking is up. [ ${NETWORKING} = "no" ] && exit 0 [ -f /usr/sbin/postfix ] || exit 0 RETVAL=0 prog="Postfix"
start() { # Start daemons. echo -n $"Starting $prog: " /usr/sbin/postfix start >; /dev/null 2>;&1 &
if [ $RETVAL -eq 0 ]; then touch /var/lock/subsys/postfix success $"$prog start" else failure $"$prog start failure" fi
echo return $RETVAL }
stop() { # Stop daemons. echo -n $"Shutting down $prog: " /usr/sbin/postfix stop >; /dev/null 2>;&1 & RETVAL=$?
if [ $RETVAL -eq 0 ]; then rm -f /var/lock/subsys/postfix success $"$prog stop" else failure $"$prog stop failure" fi
echo return $RETVAL }
# See how we were called. case "$1" in start) start ;; stop) stop ;; restart|reload) stop start RETVAL=$? ;; *) echo $"Usage: $0 {start|stop|restart}" exit 1 esac exit $RETVA
# chmod 755 /etc/rc.d/init.d/postfix # chkconfig --level 0123456 postfix on
clamav的启动脚本(有问题) # cat /etc/rc.d/init.d/clamd #!/bin/bash # # clamav: This script controls the clamd #
# chkconfig: 2345 79 31 # description: clamav # processname: clamav # pidfile: /var/run/
# Source function library. . /etc/rc.d/init.d/functions
prog="/usr/local/sbin/clamd" prog_base="ClamD" prog_config_file="/etc/clamav.conf"
## Check that networking is up.
# See how we were called. case "$1" in start) echo -n "Starting $prog_base:" $prog -c $prog_config_file >;>; /var/log/clamd.log & RETVAL=$? [ $RETVAL -eq 0 ] && touch /var/lock/subsys/${prog_base} success echo ;; stop) echo -n "Shutting down $prog_base:" #Force the kill... kill `ps -A | grep clamd | cut -c1-6` &>; /dev/null RETVAL=$? #Sleep for a second or two. /bin/sleep 3s #Kill the stale socket. rm -f /tmp/clamd >; /dev/null if [ $RETVAL -eq 0 ] ; then success #echo "${prog_base} stopped" rm -f /var/lock/subsys/${prog_base} echo else echo fi ;; status) status ${prog_base} RETVAL=$? ;; restart) $0 stop $0 start RETVAL=$? ;; reload) #action $"Reloading ${prog_base}:" ${prog} -c ${prog_config_file} reload $0 restart RETVAL=$? ;; *) echo "Usage: $0 {start|stop|status|restart|reload}" exit 1 esac
exit $RETVAL
# chmod 755 /etc/rc.d/init.d/clamd # chkconfig --level 0123456 postfix on
