拓扑图

 

dns server

192.168.101.95

配置正向和反向dns

mail  server

192.168.101.85

APACHE

yum -y install *gcc* openssl-devel

rpm -e httpd –nodeps

rpm -e mysql --nodeps

rpm -e php --nodeps

tar –zxvf   httpd-2.2.19.tar.gz   -C   /usr/local/src
#cd /usr/local/src/httpd-2.2.19
#./configure  --prefix=/usr/local/apache2  --enable-so --enable-rewrite
#make
#make install

cd /usr/local/apache2/bin

vim apachectl

# chkconfig: 35 85 15

# description: Apache is a World Wide Web Server

cp apachectl /etc/init.d/apache

chkconfig --add apache

chkconfig apache on

service apache start

vim /usr/local/apache2/conf/httpd.conf

ServerName mail.bj.cn

service apache stop

service apache start

mysql

useradd –M –s /sbin/nologin mysql

tar -zxvf mysql-5.0.40.tar.gz -C /usr/local/src

cd /usr/local/src/mysql-5.0.40


./configure --prefix=/usr/local/mysql  --with-mysqld-user=mysql

make

make install

cd /usr/local/src/mysql-5.0.40

cp  support-files/my-medium.cnf  /etc/my.cnf

/usr/local/mysql/bin/mysql_install_db --user=mysql

chown -R root:mysql /usr/local/mysql

chown -R mysql /usr/local/mysql/var

echo “/usr/local/mysql/lib/mysql” >>/etc/ld.so.conf 添加库文件路径

ldconfig 刷新库文件搜索路径

/usr/local/mysql/bin/mysqld_safe --user=mysql &

cp support-files/mysql.server /etc/init.d/mysqld

chmod o+x /etc/init.d/mysqld

chkconfig --add mysqld

chkconfig mysqld on

echo “PATH=$PATH:/usr/local/mysql/bin”>>/etc/profile

service mysqld start

mysqladmin -u root password 123456

mysql -u root -p

Enter password: (输入密码123456

php

tar -jxvf php-5.3.0.tar.bz2 -C /usr/local/src

cd /usr/local/src/php-5.3.0

./configure --prefix=/usr/local/php5 --enable-mbstring

--with-apxs2=/usr/local/apache2/bin/apxs --with-mysql=/usr/local/mysql
--with-config-file-path=/usr/local/php5

make

make test

make install

cd /usr/local/src/php-5.3.0

cp php.ini-dist /usr/local/php5/php.ini

vim /usr/local/apache2/conf/httpd.conf

修改apache服务的主配置文件使其支持php
LoadModule php5_module modules/libphp5.so 确认这行的存在,如果没有就重新编译php
AddType application/x-httpd-php .php 添加这行记录
DirectoryIndex index.php index.html
在这行添加关于php格式的首页
然后保存退出

测试php是否与apache整合成功
#vim /usr/local/apache2/htdocs/test.php
phpinfo();
?>

service apache stop

service apache start


在浏览器中输入http://192.168.101.95/test.php看到下图表示跟apache服务整合成功

Mysql测试
#vim /usr/local/apache2htdocs/testdb.php
$link=mysql_connect(‘localhost’,‘test’,‘’);
If (!$link) echo “Fail!!!”;
else echo “Success!!!”;
mysql_close();
?>

postfix

service sendmail stop

 chkconfig sendmail off

 groupadd -g 1200 postdrop

groupadd -g 1000 postfix

useradd -M -u 1000 -g postfix -G postdrop -s /sbin/nologin postfix

cd

tar -zxvf postfix-2.6.5.tar.gz -C /usr/local/src/

cp postfix-2.6.5-vda-ng.patch.gz /usr/local/src/

cd /usr/local/src/

 gunzip postfix-2.6.2-vda-ng.patch.gz

 cd postfix-2.6.2

patch -p1 < ../postfix-2.6.2-vda-ng.patch

 yum -y install db*-devel cyrus-sasl-devel

 make makefiles

make

make install

vim /etc/postfix/main.cf
Inet_interfaces = all 默认设置
myhostname = mail.bj.cn 主机名
mydomain = bj.cn邮件域名
myorigin = $mydomain 外发邮件时发件人地址中的邮件域名
mydestination = $mydomain,$myhostname 可接收的邮件地址中的域名
home_mailbox = Maildir/ 邮件存储位置格式
#postfix check 检查配置
#postfix start

echo "/usr/sbin/postfix start" >> /etc/rc.local

groupadd mailusers

useradd -g mailusers -s /sbin/nologin tom

 useradd -g mailusers -s /sbin/nologin jerry

 passwd tom

passwd jerry

telnet localhost 25

Trying 127.0.0.1...

Connected to localhost.localdomain (127.0.0.1).

Escape character is '^]'.

220 mail.crazylinux.cn ESMTP Postfix

helo localhost

250 mail.bj.cn

mail from:[email protected]

250 2.1.0 Ok

rcpt to:[email protected]

250 2.1.5 Ok

data

111111

.

250 2.0.0 Ok: queued as AA4BD157939

quit

221 2.0.0 Bye

Connection closed by foreign host.

Dovecot

useradd -M -s /sbin/nologin dovecot
tar zxf dovecot-1.1.4.tar.gz -C /usr/local/src
cd /usr/local/src/dovecot-1.1.4

yum -y install pam-devel


./configure --sysconfdir=/etc --with-mysql
make
make install

cp /etc/dovecot-example.conf /etc/dovecot.conf

vim /etc/dovecot.conf
ssl_disable = yes 禁用SSL机制
protocols = pop3 imap 指定邮局协议
disable_plaintext_auth = no 允许明文密码认证
mail_location = maildir:~/Maildir 设置邮件存储格式和位置
#vim /etc/pam.d/dovecot 创建pam认证文件
auth required pam_nologin.so
auth include system-auth
account include system-auth
session include system-auth
#/usr/local/sbin/dovecot -c /etc/dovecot.conf 启动
把这句话写入开机脚本

cat /etc/pam.d/dovecot

telnet localhost 110

Trying127.0.0.1...
Connectedtolocalhost.localdomain(127.0.0.1).
Escapecharacteris'^]'.
+OKDovecotready.
useruser2
+OK
pass123
+OKLoggedin.
list
+OK1messages:
1460
.
retr1
+OK460octets
Return-Path:
X-Original-To:[email protected]
Delivered-To:[email protected]
Received:fromlocalhost(localhost.localdomain[127.0.0.1])
bypostfixmail.nxq.com(Postfix)withSMTPid5560C249BA4
for;Fri, 4Nov201105:36:24+0800(CST)
Subject:test
Message-Id:<[email protected]>
Date:Fri, 4Nov201105:36:24+0800(CST)
From:[email protected]
To:undisclosed-recipients:;

tar -jxvf squirrelmail-1.4.13.tar.bz2 -C /usr/local/apache2/htdocs
#cd /usr/lcaol/apache2/htdocs/
#mv squirrelmail-1.4.13 webmail
#tar -jxvf zh_CH-1.4.13.tar.gz -C /usr/local/apache2/htdocs/webmail 解压汉化软件

配置webmail
#cd /usr/local/apache2/htdocs/webmail
#mkdir -p attach data
#chown -R daemon:daemon attach/ data/
#chmod 730 attache/
#cp config/config_default.php config/config.php 创建配置文件
#vim config/config.php
$squirrelmail_default_language = ‘zh_CN’;
$default_charset = ‘zh_CN.UTF-8’;
$domain = ‘wisefund.com’;
$smtpServerAddress = ‘localhost’; 设置发信服务器地址
$smtpPort = 25; 设置发信服务器端口
$imap_server_type = 'dovecot'; 设置收信服务器软件
$imapPort = 143;设置收信服务器端口
$data_dir = '/usr/local/apache2/htdocs/webmail/data/';
$attachment_dir = '/usr/local/apache2/htdocs/webmail/attach/';
#/usr/localapache2/bin/apachectl restart 重启apache服务

客户端IE地址栏中输入http://mail.bj.cn/webmail(前提mail.bj.cn可以被解析,否则
用ip)

extman

service mysqld restart
#tar zxf extman-0.2.5.tar.gz -C /usr/local/src
#cd /usr/local/src/extman-0.2.5/docs
#mysql -u root -p

出现错误

原因:编写数据库的版本比当前安装的版本不相同。
解决:
1、用文本编辑器打开extmail.sql;
2、查找/替换,将数据库文件内的所有TYPE=MyISAM修改为ENGINE=MyISAM,保存退出;
3、重新导入extmail.sql即可。
#mysql -u root -p <init.sql 脚本导入数据库的时候会询问密码,默认情况下root用户密码为空

配置 postfix

postconf -m|grep mysql返回值有mysql,说明可以支持mysql数据库的查询表

#vim /etc/postfix/main.cf
              #mydestination = $mydomain,$myhostname 该行需要注释掉
virtual_mailbox_base = /mailbox指定虚拟邮箱存储目录的路径起点
virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf

                  指定虚拟邮件用户对应的别名文件位置

virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
指定记录虚拟邮箱地址与存储位置对应关系的映射文件位置
virtual_mailbox_domains=mysql:/etc/postfix/mysql_virtual_domains_maps.cf
设置postfix服务器可以接收的虚拟邮件域的域名
virtual_uid_maps=static:1000 设置所有虚拟邮件用户映射的本地用户的UID号
virtual_gid_maps=static:1000 设置所有虚拟邮件用户映射的本地组的GID号
#cd /usr/local/src/extman-0.2.5/docs
#cp mysql_virtual_* /etc/postfix/ 在上面的三行配置中指定了这三个文件

虚拟用户设置SMTP发信认证

tar -jxvf courier-authlib-0.60.2.tar.bz2 -C /usr/local/src
#cd /usr/local/src/courier-authlib
#./configure --prefix=/usr/local/courier-authlib --without-stdheaderdir --with-authmysql
--with-redhat --with-mysql-libs=/usr/local/mysql/lib/mysql
--with-mysql-includes=/usr/local/mysql/include/mysql
#make
#make install
#make install-configure 生成默认配置文件authmysqlrc和authdaemonrc

添加courier-authlib的库文件路径
#vim /etc/ld.so.conf
/usr/local/courier-authlib/lib/courier-authlib
#ldconfig

修改authdaemonrc主配置文件
#cd /usr/local/courier-authlib/etc/authlib
#cp authdaemonrc authdaemonrc.bak
#vim authdaemonrc
authmodulelist=”authmysql”
authmodulelistorig=”authmysql”
#chmod -R755 /usr/local/courier-authlib/var/spool/authdaemon

修改authmysqlrc文件
#cd /usr/local/courier-authlib/etc/authlib
#cp authmysqlrc authmysqlrc.bak
#vim authmysqlrc
MYSQL_SERVER localhost数据库服务器位置
MYSQL_USERNAME extmail数据库管理员账户
MYSQL_PASSWORD extmail数据库管理员账户密码
MYSQL_SOCKET /tmp/mysql.sock 文件位置
MYSQL_DATABASE extmail 虚拟用户数据库
MYSQL_USER_TABLE mailbox 从mailbox表获得邮件账户信息
MYSQL_CRYPT_PWFIELD password从password字段获得账户密码
MYSQL_UID_FIELD uidnumber从uidnumber字段获得映射的本地用户UID
MYSQL_GID_FIELD gidnumber从gidnumber字段获得映射的本地组GID

MYSQL_LOGIN_FIELD username从username字段获得账户名称,带@后缀
MYSQL_HOME_FIELD concat('/mailbox/',homedir)合并出用户的宿主目录路径
MYSQL_NAME_FIELD name从name字段获得账户名称,不带@后缀
MYSQL_MAILDIR_FIELD concat('/mailbox/',maildir)合并出用户的邮件存储路径

复制courier-authlib脚本,并启动courier-authlib服务

cp   courier-authlib.sysvinit    /etc/init.d/courier-authlib

chmod755    /etc/rc.d/init.d/courier-authlib

chkconfig   --level 35  courier-authlib   on

service   courier-authlib   start

修改Cyrussasl设置

vim /usr/lib/sasl2/smtpd.conf
pwcheck_method:authdaemond
authdaemond_path:/usr/local/courier-authlib/var/spool/authdaemon/socket

修改Dovecot配置

vim /etc/dovecot.conf (把875、908、913、916行注释)

218 mail_location = maildir:/mailbox/%d/%n/Maildir

837 auth default {

842 mechanisms = plain

950 passdb sql {

952 args = /etc/dovecot-mysql.conf

953 }

1028 userdb sql {

1030 args = /etc/dovecot-mysql.conf

1031 }

vim /etc/dovecot-mysql.conf

driver = mysql

connect = host=localhost dbname=extmail user=extmail password=extmail

default_pass_scheme = CRYPT

password_query = SELECT username AS user,password AS password FROM mailbox WHERE username = '%u'

user_query = SELECT maildir,uidnumber AS uid,gidnumber AS gid FROM mailbox WHERE username = '%u'

mkdir -p /mailbox/extmail.org/postmaster/Maildir/

cd /mailbox/extmail.org/postmaster/Maildir

chown -R postfix:postfix /mailbox/

pkill dovecot

 dovecot

确认authlib服务

/usr/local/courier-authlib/sbin/authtest -s login [email protected]      extmail Authentication succeeded.

Authenticated: [email protected] (uid 1000, gid 1000)

Home Directory: /mailbox/extmail.org/postmaster

Maildir: /mailbox/extmail.org/postmaster/Maildir/

Quota: (none)

Encrypted Password: $1$phz1mRrj$3ok6BjeaoJYWDBsEPZb5C0

[root@mail authlib]# perl -e 'use MIME::Base64;

print encode_base64("postmaster\@extmail.org")'

cG9zdG1hc3RlckBleHRtYWlsLm9yZw==

[root@mail authlib]# perl -e 'use MIME::Base64; print encode_base64("extmail")'

ZXh0bWFpbA==

[root@mail ~]# telnet localhost 25

Trying 127.0.0.1...

Connected to localhost.localdomain (127.0.0.1).

Escape character is '^]'.

220 mail.crazylinux.cn ESMTP Postfix

auth login

334 VXNlcm5hbWU6

cG9zdG1hc3RlckBleHRtYWlsLm9yZw==

334 UGFzc3dvcmQ6

ZXh0bWFpbA==

235 2.7.0 Authentication successful

quit

221 2.0.0 Bye

Connection closed by foreign host.

tar -zxf Unix-Syslog-1.1.tar.gz -C /usr/local/src
#cd /usr/local/src/Unix-Syslog-1.1
#perl Makefile.PL
#make
#make install
#tar -zxf DBI-1.607.tar.gz -C /uar/local/src
#cd /usr/local/src/DBI-1.607
#perl Makefile.PL
#make
#make install
#tar -zxf DBD-mysql-4.011.tar.gz -C /usr/local/src
#cd /usr/loca/src/DBD-4.011
#perl Makefile.PL
#make
#make install
注意以上三个包在编译安装过程可能会提示警告信息隐式函数计算出的变量值未被使用等,只要没有
error信息就一切ok
安装ExtMail
#tar -zxf extmail-1.0.5.tar.gz -C /usr/local/apache2/htdocs

#cd /usr/local/apache2/htdocs
#mv extmail-1.0.5 extmail
#cd extmail
#chown -R postfix:postfix cgi
#cp webmail.cf.default webmail.cf

cd /usr/local/apache2/htdocs/extmail
#vim webmail.cf
SYS_CONFIG = /usr/local/apache2/htdocs/extmail/ 程序根目录
SYS_LANGDIR = /usr/local/apache2/htdocs/extmail/lang 语言包文件目录
SYS_TEMPLDIR = /usr/local/apache2/htdocs/extmail/html 系统模版目录
SYS_MAILDIR_BASE = /mailbox 邮件存储目录
SYS_MYSQL_USER = extmail 访问mysql数据库的用户
SYS_MYSQL_PASS = extmail 访问mysql数据库的用户的密码
SYS_MYSQL_DB = extmail 使用数据库的名称
SYS_MYSQL_HOST = localhost 数据库服务器地址
SYS_MYSQL_SOCKET = /tmp/mysql.sock 数据库套接文件位置

修改apache服务,添加虚拟主机
#vim /usr/local/apache2/conf/httpd.conf
NameVirtualHost*:80
<VirtualHost*:80>
ServerNamemail.wisefund.com
DocumentRoot/usr/local/apache2/htdocs/extmail/html/
ScriptAlias/extmail/cgi/"/usr/local/apache2/htdocs/extmail/cgi/"
Alias/extmail"/usr/local/apache2/htdocs/extmail/html/"

User postfix 找到User该用户为postfix
Group postfix 找到Group该组为postfix
这里 由于前面 我们并没 有启用Suexec 所以 我们没有 在虚拟主 机中添 加SuexecUerGroup postfix  postfix
#/usr/local/apache2/bin/apachectl restart

测试:在浏览器中输入http://mail.bj.cn

账户:[email protected]

密码:extmail

extman

#tar -zxvf GD-2.41.tar.gz -C /usr/local/src
#cd /usr/local/src/GD-2.41
#perl Makefile.PL
#make
#make install
#tar -zxvf File-Tail-0.99.3.tar.gz -C /uar/local/src
#cd /usr/local/src/File-Tail-0.99.3
#perl Makefile.PL
#make
#make install
#rpm -ivh rrdtool-1.2.23-3.el5.i386.rpm
#rpm -ivh rrdtool-perl-1.2.23-3.el5.i386.rpm
Extman套件
#tar -zxf extman-0.2.5.tar.gz -C /usr/local/apache2/htdocs
#cd /usr/local/apache2/htdocs
#mv extman-0.2.5 extman
#cd extman
#chown -R postfix:postfix cgi
#mkdir /tmp/extman 临时回话保存目录
#chown -R postfix:postfix /tmp/extman

修改配置文件
#vim /usr/localapache2/htdocs/extman/webman.cf
SYS_CONFIG = /usr/local/apache2/htdocs/extman/ 程序根目录
SYS_LANGDIR = /usr/local/apache2/htdocs/extman/lang语言包文件目录
SYS_TEMPLDIR = /usr/local/apache2/htdocs/extman/html 系统模版目录
SYS_MAILDIR_BASE = /mailbox 邮件数据存放路径
SYS_MYSQL_USER = webman 访问mysql数据库的用户
SYS_MYSQL_PASS = webman 访问mysql数据库的用户的密码
SYS_MYSQL_DB = extmail 使用的数据库名称
SYS_MYSQL_HOST = localhost 数据库服务器地址
SYS_MYSQL_SOCKET = /tmp/mysql.sock 数据库套接文件位置

调整apache主配文件。添加extman相关目录别名
#vim /usr/local/apache2/conf/httpd.conf
NameVirtualHost*:80

ServerNamemail.wisefund.com
DocumentRoot/usr/local/apache2/htdocs/extmail/html/
ScriptAlias/extmail/cgi/"/usr/local/apache2/htdocs/extmail/cgi/"
Alias/extmail"/usr/local/apache2/htdocs/extmail/html/"
ScriptAlias/extman/cgi"/usr/local/apache2/htdocs/extman/cgi/"
Alias/extman"/usr/local/apache2/htdocs/extman/html/"

#/usr/local/apache2/bin/apachectl restart

测试:在浏览器中输入http://mail.bj.cn/extman

账户:[email protected]

密码:extmail*123*

设置邮件系统的图形化日志信息
[root@localhost~]#ln–sf
/usr/local/apache2/htdocs/extman/addon/mailgraph_ext/mailgraph-ini
/usr/sbin/
[root@localhost~]#ln–sf

/usr/local/apache2/htdocs/extman/addon/mailgraph_ext/qmonitor-init
/usr/sbin/
[root@localhost~]#cp–a
/usr/local/apache2/htdocs/extman/addon/mailgraph_ext/usr/local
[root@localhost~]#mailgraph-initstart
[root@localhost~]#qmonitorstart
[root@localhost~]#echo“/usr/sbin/mailgraph-initstart”>>
/etc/rc.d/rc/local
[root@localhost~]#echo“/usr/sbin/qmoonitor-initstart”>>
/etc/rc.d/rc/local

垃圾邮件过滤

根据客户端的主机名/地址过滤邮件
[root@localhost~]#vim  /etc/postfix/main.cf
smtpd_client_restrictions=check_client_accesshash:/etc/postfix/access
[root@localhost~]#vim   /etc/postfix/access
192.168.4REJECT
192.168.4.1OK
bbc.comREJECT
[root@localhost~]#postMAP  /etc/postfix/access

根据客户机HELO信息中的主机名地址过滤邮件
[root@localhost~]#vim/etc/postfix/main.cf
smtpd_helo_required=yes
smtpd_helo_restrictions=reject_invalid_hostname
[root@localhost~]#postfixreload

根据发件人的地址过滤邮件
[root@localhost~]#vim/etc/postfix/mail.cf
smtpd_sender_login_maps=
mysql:/etc/postfix/mysql_virtual_sender_maps.cf,
mysql:/etc/postfix/mysql_virtual_alias_maps.cf
smtpd_sender_restrictions=
permit_mynetworks,
reject_sender_login-mismatch,
reject_non_fqdn_sender,
reject_unknown_sender_domain,
check_sender_accesshash:/etc/postfix/sender_access
[root@localhost~]#vim/etc/postfix/sender_access

根据收件人的地址过滤邮件
[root@localhost~]#vim/etc/postfix/main.cf
smtpd_recipient_restrictions=
permit_mynetworks,

permit_sasl_authenticated,
reject_unauth_destination,
reject_non_fqdn_recipient,
reject_unknown_recipient_domain
[root@localhost~]#postfixrestart

安装并配置MailScanner扫描调度工具
1)安装MailScanner扫描调度工具
[root@localhost~]#tar  -zxvf  MailScanner-4.75.11-1.rpm.tar.gz
[root@localhost~]#cd MailScanner-4.75.11-1
[[email protected]]#./install.sh
2)修改配置文件MailScanner
[root@localhost~]#vim /etc/MailScanner/MailScanner.conf
RunAsUser=postfix
RunAsGroup=postfix
IncomingQueueDir=/var/spool/postfix/hold
OutgoingQueueDir=/var/spool/postfix/incoming
MTA=postfix
RequiredSpamAssassinScore=7
HighSpamAssassinScore=10
SpamActions=deliverheader“X-Spam-Status:Yes”
[email protected]
3)配置Postfix支持调用MailScanner
[root@localhost~]#vim  /etc/postfix/main.cf
header_checks=regexp:/etc/postfix/header_checks
[root@localhost~]#vim  /etc/postfix/header_checks
/^Received:/HOLD
4)调整邮件过滤队列的目录属主、属组,并启动MailScanner服务程序
[root@localhost~]#chown –R  postfix.postfix
/var/spool/MailScanner/incoming
[root@localhost~]#chown  –R   postfix.postfix
/var/spool/MailScanner/quarantine
[root@localhost~]#service  MailScannerstart
[root@localhost~]#chkconfig  –level  35  MailScanneron

安装并配置SpamAssassin垃圾邮件过滤器
1)安装并配置SpamAssassin垃圾邮件过滤器
[root@localhost~]#mount  /dev/cdrom   /mnt/cdrom
[root@localhost~]#cd  /mnt/cdrom/Server
[root@localhost Server]#rpm–ivhspamassassin-3.1.7-4.e15.i386.rpm
2)修改配置文件local.cf
(位于“/etc/mail/spamassassin/local.cf”,一般不需要进行任何修改,保
持默认设置即可)
3)启动SpamAssassin服务
[root@localhost~]#service  spamassassin start
[root@localhost~]#chkconfig  –level  35  spamassassinon

安装并配置F-Port病毒查杀软件
1)安装F-Port软件包安装过程中出现提示是按回车键接受默认设置
[root@localhost~]#tar  -zxvf   fp-Linux-i686-ws.tar.gz   –C   /opt/
[root@localhost~]#cd  /opt/f-prot/
[root@localhostf-prot]#./install-f-prot.pl
2)升级F-Port病毒库(服务器要能够访问Internet互联网)
[root@localhostf-prot]#/opt/f-prot/fpupdate
[root@localhostf-prot]#crontab  -e (计划任务)
008***/opt/f-prot/fpupdate
[root@localhostf-prot]#service  crond  start
[root@localhostf-prot]#chkconfig    -level 35  crondon