Step1、安装apache+mysql+php,配置dns
如果mysql为自定义安装,请做以下操作:
# PATH=$PATH:/usr/local/mysql/bin
# export PATH
# echo "/usr/local/mysql/lib/mysql" >> /etc/ld.so.conf
# ldconfig
Step2、PostfixAdmin软件源代码安装和配置
添加相关的用户及用户组:
# groupadd -g 1000 postfix
# groupadd postdrop
# useradd -u 1000 -g postfix -G postdrop -c "Postfix user" -d /dev/null -s /sbin/nologin -M postfix
# groupadd -g 1002 vmail
# useradd -g vmail -u 1002 -M -s /sbin/nologin vmail
# mkdir /home/mail
# chown postfix.postfix /home/mail
# chmod -R 771 /home/mail
编译安装:
# tar -zxvf postfixadmin-2.1.0.gz
# cp -r /usr/local/src/postfixadmin-2.1.0 /usr/local/apache/htdocs/postfixadmin
# chown -R postfix.postfix /usr/local/apache/htdocs/postfixadmin
# cd /usr/local/apache/htdocs/postfixadmin
# /usr/local/mysql/bin/mysql -u root -p < DATABASE_MYSQL.TXT
# cp config.inc.php.sample config.inc.php
# sed -i "s/\@change-this-to-your.domain.tld/\@lin.com/g" config.inc.php
# sed -i "s/change-this-to-your.domain.tld/mail.lin.com/g" config.inc.php
# vi config.inc.php 修改以下几项
$CONF['default_language'] = 'cn'; //将界面改为中文
$CONF['domain_path'] = 'YES';
$CONF['domain_in_mailbox'] = 'NO'; //邮箱的存储格式使用domain.ltd/username的形式
$CONF['aliases'] = '1000';
$CONF['mailboxes'] = '1000';
$CONF['maxquota'] = '1000'; //邮箱等默认值
# /usr/local/apache/bin/apachectl restart
删除以下文件,以增加安全性
# mv setup.php backup-setup.php
# mv motd.txt backup-motd.txt
# mv motd-admin.txt backup-motd-admin.txt
# mv motd-users.txt backup-motd-users.txt
修改httpd.conf文件
加入以下内容,加强安全性,用户必须经过认证才可以访问postfixadmin
<Directory "/usr/local/apache/htdocs/postfixadmin " >
Options FollowSymLinks
DirectoryIndex index.php
AllowOverride None
AuthType Basic
authname Private
authuserfile /var/phpaccess/llk726
require valid-user
Order allow,deny
Allow from all
</Directory>
更改apache的用户和组为以下:
User postfix
Group postfix
建立认证文件
# mkdir /var/phpaccess
# touch /var/phpaccess/llk726
# cd /var/phpaccess/
# /usr/local/apache/bin/htpasswd -c llk726 llk726
# /usr/local/apache/bin/apachectl restart
Step3、检查安装cyrus-sasl包
安装cyrus-sasl-2.1.22
删除以前的rpm包以及相关目录
# rpm -qa | grep cyrus-sasl
# rpm -e cyrus-sasl-devel-2.1.22-4 �Cnodeps
# rpm -e cyrus-sasl-2.1.22-4 --nodeps
# rpm -e cyrus-sasl-plain-2.1.22-4 --nodeps
# rpm -e cyrus-sasl-lib-2.1.22-4 �Cnodeps
# rm -rf /usr/lib/sasl
# rm -rf /usr/lib/sasl2
# tar -zxvf cyrus-sasl-2.1.22.tar.tar
# cd cyrus-sasl-2.1.22
# ./configure --enable-plain --enable-cram --disable-digest --enable-login --enable-sql --disable-anon --disable-ntlm --disable-gssapi --disable-krb4 --disable-otp --disable-srp --disable-srp-setpass --with-authdaemond=/usr/local/courier-authlib/var/spool/authdaemon/socket --with-mysql=/usr/local/mysql --with-mysql-includes=/usr/local/mysql/include --with-mysql-libs=/usr/local/mysql/lib
# make
# make install
ln -s /usr/local/lib/sasl2 /usr/lib/sasl2 (重要)
增加"/usr/local/lib"到你的"/etc/ld.so.conf",并执行ldconfig命令。
Setp4.编译postfix2.4.5
如果你的系统上原来有sendmail,先将其停止并将其文件改名
# /etc/init.d/sendmail stop
# chkconfig --level 2345 sendmail off
# mv /usr/bin/newaliases /usr/bin/newaliases.old
# mv /usr/bin/mailq /usr/bin/mailq.old
# mv /usr/sbin/sendmail /usr/sbin/sendmail.old
# rpm -e sendmail --nodeps
编译安装
# tar -zvxf postfix-2.4.5.tar.gz
# cd postfix-2.4.5
# make tidy
# make -f Makefile.init makefiles 'CCARGS=-DHAS_MYSQL -I/usr/local/mysql/include/mysql -DUSE_SASL_AUTH -DUSE_CYRUS_SASL -I/usr/local/include/sasl' 'AUXLIBS=-L/usr/local/mysql/lib/mysql -lmysqlclient -lz -lm -L/usr/local/lib -lsasl2'
# make
# make install
# mv /etc/aliases /etc/aliases.old
# ln -s /etc/postfix/aliases /etc/aliases
# /usr/bin/newaliases
# vi /etc/postfix/main.cf
#=====================BASE=========================
myhostname = mail.lin.com
mydomain = lin.com
myorigin = $mydomain
mydestination = $myhostname localhost localhost.$mydomain
mynetworks = 127.0.0.0/8
inet_interfaces = all
home_mailbox = Maildir/
增加以下内容:
#=====================Vritual Mailbox settings====================
virtual_mailbox_base = /home/mail/
virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_alias_domains =
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_uid_maps = static:1000
virtual_gid_maps = static:1000
virtual_transport = virtual
virtual_transport = maildrop
#Maildrop-Options for usage with maildrop
maildrop_destination_recipient_limit = 1
maildrop_destination_concurrency_limit = 1
#====================QUOTA========================
message_size_limit = 14336000
virtual_mailbox_limit = 102400000
virtual_create_maildirsize = yes
virtual_mailbox_extended = yes
virtual_mailbox_limit_maps = mysql:/etc/postfix/mysql_virtual_mailbox_limit_maps.cf
virtual_maildir_limit_message = Sorry, the user's maildir has overdrawn his diskspace quota, please Tidy your mailbox and try again later
message_size_limit = 14336000
virtual_mailbox_limit = 102400000
virtual_create_maildirsize = yes
virtual_mailbox_extended = yes
virtual_mailbox_limit_maps = mysql:/etc/postfix/mysql_virtual_mailbox_limit_maps.cf
virtual_mailbox_limit_override = yes
virtual_maildir_limit_message = Sorry, the user's maildir has overdrawn his diskspace quota, please Tidy your mailbox and try again later
virtual_overquota_bounce = yes
#====================SASL========================
broken_sasl_auth_clients = yes
#In order to allow mail relaying by authenticated clients
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_invalid_hostname,
reject_non_fqdn_hostname,
reject_unknown_sender_domain,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unknown_recipient_domain,
virtual_gid_maps = static:1000
virtual_transport = virtual
virtual_transport = maildrop
#Maildrop-Options for usage with maildrop
maildrop_destination_recipient_limit = 1
maildrop_destination_concurrency_limit = 1
#====================QUOTA========================
message_size_limit = 14336000
virtual_mailbox_limit = 102400000
virtual_create_maildirsize = yes
virtual_mailbox_extended = yes
virtual_mailbox_limit_maps = mysql:/etc/postfix/mysql_virtual_mailbox_limit_maps.cf
virtual_mailbox_limit_override = yes
virtual_maildir_limit_message = Sorry, the user's maildir has overdrawn his diskspace quota, please Tidy your mailbox and try again later
virtual_overquota_bounce = yes
#====================SASL========================
broken_sasl_auth_clients = yes
#In order to allow mail relaying by authenticated clients
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_invalid_hostname,
reject_non_fqdn_hostname,
reject_unknown_sender_domain,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unknown_recipient_domain,
reject_unauth_pipelining,
reject_unauth_destination,
permit
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_security_options = noanonymous
smtpd_sasl_application_name = smtpd
smtpd_banner=$myhostname ESMTP "Version not Available
编辑cf配置文件
# vi /etc/postfix/mysql_virtual_alias_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
table = alias
select_field = goto
where_field = address
=================================
# vi /etc/postfix/mysql_virtual_domains_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
table = domain
select_field = description
where_field = domain
=================================
# vi /etc/postfix/mysql_virtual_mailbox_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
table = mailbox
select_field = maildir
where_field = username
=================================
# vi /etc/postfix/mysql_virtual_mailbox_limit_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
table = mailbox
select_field = quota
where_field = username
# chmod 640 /etc/postfix/mysql_*
# chgrp postfix /etc/postfix/mysql_*
启动和停止postfix服务
# /usr/sbin/postfix start
# /usr/sbin/postfix stop
查看25号端口有无开启
# netstat -antp | grep 25
开机自动启动:
# vi /etc/rc.local 添加
/usr/sbin/postfix start
Step5、安装 courier-authlib
# tar jxvf courier-authlib-0.60.2.tar.bz2
# cd courier-authlib-0.60.2
# ./configure --prefix=/usr/local/courier-authlib --without-authuserdb --without-authpam --without-authldap --without-authpwd --without-authshadow --without-authvchkpw --without-authpgsql --without-stdheaderdir --without-authcustom --with-authmysql --with-mysql-libs=/usr/local/mysql/lib/mysql --with-mysql-includes=/usr/local/mysql/include/mysql --with-redhat --with-authmysqlrc=/usr/local/courier-authlib/etc/authmysqlrc --with-authdaemonrc=/usr/local/courier-authlib/etc/authdaemonrc
# make
# make install
# make install-migrate
# make install-configure
# chmod 755 /usr/local/courier-authlib/var/spool/authdaemon
# vi /usr/local/courier-authlib/etc/authdaemonrc 可以不修改
authmodulelist="authmysql"
authmodulelistorig="authmysql"
daemons=10
DEBUG_LOGIN=2
# vi /usr/local/courier-authlib/etc/authmysqlrc
MYSQL_SERVER localhost
MYSQL_USERNAME postfix
MYSQL_PASSWORD postfix
MYSQL_SOCKET /tmp/mysql.sock
MYSQL_PORT 3306
MYSQL_DATABASE postfix
MYSQL_USER_TABLE mailbox
MYSQL_CRYPT_PWFIELD password
MYSQL_UID_FIELD ‘1000’
MYSQL_GID_FIELD ‘1000’
MYSQL_LOGIN_FIELD username
MYSQL_HOME_FIELD concat('/home/mail/',maildir) #设置postfix存储邮件的目录
MYSQL_NAME_FIELD name
MYSQL_MAILDIR_FIELD concat('/home/mail/',maildir)
MYSQL_QUOTA_FIELD concat(quota,'s')
# cp courier-authlib.sysvinit /etc/init.d/courier-authlib
# chmod 755 /etc/init.d/courier-authlib
# chkconfig --add courier-authlib
# chkconfig --level 2345 courier-authlib on
增加"/usr/local/courier-authlib/lib/courier-authlib"到你的"/etc/ld.so.conf",并执行ldconfig命令。
echo "/usr/local/courier-authlib/lib/courier-authlib" >> /etc/ld.so.conf
ldconfig
# service courier-authlib start (启动服务)
配置SMTP 认证
编辑 /usr/lib/sasl2/smtpd.conf 为以下内容
# vi /usr/local/lib/sasl2/smtpd.conf
pwcheck_method: authdaemond
log_level: 3
mech_list: plain login
authdaemond_path: /usr/local/courier-authlib/var/spool/authdaemon/socket
测试:
# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 mail.lin.com ESMTP "Version not Available
ehlo lin.com
250-mail.lin.com
250-PIPELINING
250-SIZE 14336000
250-VRFY
250-ETRN
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
250 2.1.0 Ok
250 2.1.5 Ok
data
354 End data with <CR><LF>.<CR><LF>
2222222222222222222222222080829
.
250 2.0.0 Ok: queued as 5C4811C6AD9
quit
221 2.0.0 Bye
Connection closed by foreign host.
Step6、安装 courier-imap
# tar jxvf courier-imap-4.1.0.tar.bz2
# cd courier-imap-4.1.0
# ./configure --prefix=/usr/local/courier-imap --with-redhat --enable-unicode --disable-root-check --with-trashquota --without-ipv6 --with-authmysql CPPFLAGS='-I/usr/local/courier-authlib/include' COURIERAUTHCONFIG='/usr/local/courier-authlib/bin/courierauthconfig'
# make
# make install-strip (先install-strip,如果失败,再make install)
# make install-configure
配置Courier-IMAP,为用户提供pop3服务:
vi /usr/local/courier-imap/etc/pop3d
POP3DSTART=yes
# cp courier-imap.sysvinit /etc/rc.d/init.d/imapd
# chmod 755 /etc/rc.d/init.d/imapd
# chkconfig --add imapd
# /etc/rc.d/init.d/imapd start
# chkconfig --level 235 imapd on
测试:
# telnet localhost 110
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
+OK Hello there.
+OK Password required.
pass pwd@123
+OK logged in.
list
+OK POP3 clients that break here, they violate STD53.
.
quit
+OK Bye-bye.
Connection closed by foreign host.
Step7、安装maildrop-2.0.4
# ln -sv /usr/local/courier-authlib/bin/courierauthconfig /usr/bin
# ln -sv /usr/local/courier-authlib/include/* /usr/include
# tar jxvf pcre-7.6.tar.bz2
# cd pcre-7.6
# ./configure
# make
# make check
# make install
# tar -jxvf maildrop-2.0.4.tar.bz2
# cd maildrop-2.0.4
# ./configure --enable-sendmail=/usr/sbin/sendmail --enable-trusted-users='root vmail' --enable-syslog=1 --enable-maildirquota --enable-maildrop-uid=1002 --enable-maildrop-gid=1002 --with-trashquota --with-dirsync
# make
# make install
# maildrop �Cv
maildrop 2.0.4 Copyright 1998-2005 Double Precision, Inc.
GDBM extensions enabled.
Courier Authentication Library extension enabled.
Maildir quota extension enabled.
This program is distributed under the terms of the GNU General Public
License. See COPYING for additional information.
检查安装结果,请确保有"Courier Authentication Library extension enabled."一句出现
# vi /etc/maildroprc
添加:(文件内容如下,中间的空格用 TAB 键)
logfile "/var/log/maildrop.log"
# touch /var/log/maildrop.log
# chown vmail.vmail /var/log/maildrop.log
# vi /etc/postfix/master.cf
启用如下行
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
# vi /etc/postfix/main.cf
virtual_transport = virtual
修改为: virtual_transport = maildrop
将下面两项指定的UID和GID作相应的修改:
virtual_uid_maps = static:1000
virtual_gid_maps = static:1000
修改为:
virtual_uid_maps = static:1002
virtual_gid_maps = static:1002
编辑/etc/authmysqlrc
# vi /usr/local/courier-authlib/etc/authmysqlrc
MYSQL_UID_FIELD '1000'
MYSQL_GID_FIELD '1000'
更改为:
MYSQL_UID_FIELD '1002'
MYSQL_GID_FIELD '1002'
编辑/usr/local/apache/conf/httpd.conf,修改运行用户:
将前文中的如下项
User postfix
Group postfix
修改为:
User vmail
Group vmail
修改相应目录权限
# chown -R vmail.vmail /home/mail
# chgrp vmail /etc/postfix/mysql_*
# chown -R vmail.vmail /usr/local/apache/htcocs/postfixadmin
建立脚本,实现maildrop建立及删除maildir的功能
# vi /etc/sudoers
注释掉这行"Defaults requiretty"
增加以下内容:
vmail ALL=NOPASSWD: /usr/sbin/maildirmake.sh , /usr/sbin/maildirdel.sh , /usr/local/bin/maildrop
编辑相关文件
# vi /usr/sbin/maildirmake.sh
#!/bin/bash
set -e
if [ ! -d /home/mail/$1 ]
then
mkdir /home/mail/$1
fi
chown -R vmail:vmail /home/mail/$1
cd "/home/mail/$1"
/usr/local/courier-imap/bin/maildirmake $2
mkdir /home/mail/$1/$2/Maildir
chown -R vmail:vmail /home/mail/$1/$2
# vi /usr/sbin/maildirdel.sh
#!/bin/bash
rm -rf /home/mail/$1/$2
修改可执行属性
# chmod 755 /usr/sbin/maildirmake.sh
# chmod 755 /usr/sbin/maildirdel.sh
修改postfixadmin下的相关文件
# cd /usr/local/apache/htdocs/postfixadmin/
# vi create-mailbox.php
在第二个"$tQuota = $CONF['maxquota'];行后添加以下语句:
system("sudo /usr/sbin/maildirmake.sh $fDomain ".$_POST['fUsername']);
完成后是这个界面:
$tQuota = $CONF['maxquota'];
system("sudo /usr/sbin/maildirmake.sh $fDomain ".$_POST['fUsername']);
if ($fMail == "on")
# vi delete.php
在$result = db_query ("SELECT * FROM mailbox WHERE username='$fDelete' AND domain='$fDomain'")后面添加以下语句:
$userarray=explode("@",$fDelete);
$user=$userarray[0];
$domain=$userarray[1];
system("sudo /usr/sbin/maildirdel.sh $domain $user");
同时修改admin下的相关文件
# cd admin
# vi create-mailbox.php
在"$tQuota = $CONF['maxquota'];行后添加以下语句:
system("sudo /usr/sbin/maildirmake.sh $fDomain ".$_POST['fUsername']);
完成后是这个界面:
$tQuota = $CONF['maxquota'];
system("sudo /usr/sbin/maildirmake.sh $fDomain ".$_POST['fUsername']);
if ($fMail == "on")
# vi delete.php
在$result = db_query ("SELECT * FROM mailbox WHERE username='$fDelete' AND domain='$fDomain'")后面添加以下语句:
$userarray=explode("@",$fDelete);
$user=$userarray[0];
$domain=$userarray[1];
system("sudo /usr/sbin/maildirdel.sh $domain $user");
接下来重新启动postfix courier-authlib和apache.
# /usr/sbin/postfix reload
# /usr/local/apache/bin/apachectl stop
# /usr/local/apache/bin/apachectl start
# service courier-authlib restart
Step8、安装Extmail-1.0.3
安装
# tar zxvf extmail-1.0.3.tar.gz
# mkdir -p /usr/local/apache/htdocs/extsuite
# mv extmail-1.0.3 /usr/local/apache/htdocs/extsuite/extmail
# cp /usr/local/apahe/htdocs/extsuite/extmail/webmail.cf.default /usr/local/apache/htdocs/extsuite/extmail/webmail.cf
修改主配置文件
#vi /usr/local/apache/htdocs/extsuite/extmail/webmail.cf
部分修改选项的说明:
SYS_CONFIG = /usr/local/apache/htdocs/extsuite/extmail/
SYS_LANGDIR = /usr/local/apache/htdocs/extsuite/extmail/lang
SYS_TEMPLDIR = /usr/local/apache/htdocs/extsuite/extmail/html
SYS_MESSAGE_SIZE_LIMIT = 5242880 //用户可以发送的最大邮件
SYS_USER_LANG = zh_CN //语言选项
SYS_MAILDIR_BASE = /home/mail //此处即为您在前文所设置的用户邮件的存放目录
SYS_MYSQL_USER = postfix
SYS_MYSQL_PASS = postfix
SYS_MYSQL_DB = postfix //设置连接数据库服务器所使用用户名、密码和邮件服务器用到的数据库
SYS_MYSQL_HOST = localhost //指明数据库服务器主机名
SYS_MYSQL_SOCKET = /tmp/mysql.sock //连接数据库的sock文件位置
SYS_CRYPT_TYPE = cleartext(使用明文密码,配合/usr/local/courier-authlib/etc/authlib/authmysqlrc文件设置)
SYS_MYSQL_TABLE = mailbox
SYS_AUTHLIB_SOCKET = /usr/local/courier-authlib/var/spool/authdaemon/socket //用来指明authdaemo socket文件的位置
apache相关配置
# vi /usr/local/apache/conf/httpd.conf增加以下内容
ScriptAlias /extmail/cgi /usr/local/apache/htdocs/extsuite/extmail/cgi
<Directory "/usr/local/apache/htdocs/extsuite/extmail/cgi">
AllowOverride None
Options None
Order allow,deny
Allow from all
</Directory>
Alias /extmail /usr/local/apache/htdocs/extsuite/extmail/html
<Directory “/usr/local/apache/htdocs/extsuite/extmail/html”>
Options Indexes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>
修改 cgi执行文件属主为apache运行身份用户:
# chown -R vmail.vmail /usr/local/apache/htdocs/extsuite/extmail/cgi/
依赖关系的解决
extmail将会用到perl的DBD::Mysql和Unix::syslogd功能
# tar zxvf Unix-Syslog-0.100.tar.gz
# cd Unix-Syslog-0.100
# perl Makefile.PL
# make
# make install
安装DBD::Mysql前先要安装DBI包
tar -zxvf DBI-1.604.tar.gz
cd DBI-1.604
perl Makefile.PL
make
make install
# tar zxvf DBD-mysql-3.0002_4.tar.gz
# cd DBD-mysql-3.0002_4
# perl Makefile.PL (此步骤中如果出现类同Can't exec "mysql_config": No such file or directory at Makefile.PL line 76.的错误是因为您的mysql的bin目录没有输出至$PATH环境变量 export PATH=$PATH:/usr/local/mysql/bin)
# make
# make install
Step9、安装 clamav
添加ClamAV运行所需的组和用户:
# groupadd clamav
# useradd -g clamav -M clamav
添加配合amavisd-new使用的用户amavis
#groupadd amavis
#useradd -g amavis -s /sbin/nologin -M amavis
# tar -zxvf clamav-0.93.3.tar.gz
# cd clamav-0.93.3
# ./configure
# make
# make install
#设定clamd.conf
# vi /usr/local/etc/clamd.conf
#Example 注释掉Example行
编辑/usr/local/etc/freshclam.conf
# vi /usr/local/etc/freshclam.conf
#Example 注释掉Example行
# 执行 Clamavs病毒库升级
# /usr/local/bin/freshclam
运行时报错:
./freshclam: error while loading shared libraries: libclamav.so.4: cannot open shared object file: No such file or directory
可以运行ldconfig解决问题。
配置crontab,让Clam AntiVirus每小时检测一次新的病毒库:
# crontab -e
添加:
37 * * * * /usr/local/bin/freshclam
配置clamav开机自动启动
# cp contrib/init/RedHat/clamd /etc/rc.d/init.d/clamd
# cp contrib/init/RedHat/clamav-milter /etc/rc.d/init.d/clamav-milter
# chkconfig --add clamd
# chkconfig --add clamav-milter
# chkconfig --level 2345 clamd on
# chkconfig --level 2345 clamav-milter on
手动扫描
clamscan -r / 对 /目录进行病毒扫描
启动clamd
#service clamd start
Step10、编辑和安装spamassassin
自动安装
[root@linuxas3 src]# perl -MCPAN -e shell
cpan> install Mail::SpamAssassin
安装过程中会提示安装相关包。
编辑主配置文件/etc/mail/spamassassin/local.cf
required_hits 10.0
required_score 5.0
rewrite_header Subject *****SPAM*****
report_safe 1
use_bayes 1
bayes_auto_learn 1
skip_rbl_checks 1
use_razor2 0
use_pyzor 0
ok_locales all
#黑白名单
whitelist_from *@domain.com
# ---------------------------------------------------------------------------
# 使用中国反垃圾邮件联盟的CBL/CDL
# URL: [url]http://www.anti-spam.org.cn/[/url]
header RCVD_IN_CBL eval:check_rbl('cbl', 'cbl.anti-spam.org.cn.')
describe RCVD_IN_CBL Received via a relay in cbl.anti-spam.org.cn
tflags RCVD_IN_CBL net
header RCVD_IN_CDL eval:check_rbl('cdl-notfirsthop', 'cdl.anti-spam.org.cn.')
describe RCVD_IN_CDL CDL: dialup sender did non-local SMTP
tflags RCVD_IN_CDL net
#SCORE
score RCVD_IN_CBL 4.0
score RCVD_IN_CDL 3.0
5、检查配置文件
# spamassassin -d --lint
使用CCERT 中文垃圾邮件过滤规则集Chinese_rules.cf
wget -N -P /usr/share/spamassassin [url]www.ccert.edu.cn/spam/sa/Chinese_rules.cf[/url]
检查配置文件
# spamassassin -d --lint
启动:
启动进程,并将其加入到自动启动队列
#/usr/bin/spamd -d
#echo "/usr/bin/spamd -d" >> /etc/rc.local
定期自动更新中文反垃圾邮件规则
crontab �Ce加入
0 0 1 * * wget -N -P /usr/share/spamassassin [url]www.ccert.edu.cn/spam/sa/Chinese_rules.cf;[/url]
建立SpamAssassin的学习系统
# sa-learn --sync -D -p user_prefs
Step11、安装amavisd-new
安装以下文件,这些都是安装amavisd需要的
perl -MCPAN -e shell
cpan>install Archive::Tar
cpan>install Archive::Zip
cpan>install Compress::Zlib
cpan>install Convert::UUlib
cpan>install MIME::Base64
cpan>install Mail::Internet
cpan>install Net::Server
cpan>install Net::SMTP
cpan>install Digest::MD5
cpan>install IO::Stringy
cpan>install Time::HiRes
cpan>install Unix::Syslog
cpan>install BerkeleyDB
cpan>install Convert::TNEF
cpan>install MIME::Parser
cpan>install MIME::Tools
安装amavisd-new:
# tar -zxvf amavisd-new-2.5.2.tar.gz
# cd amavisd-new-2.5.2
# mkdir -p /var/amavis /var/amavis/tmp /var/amavis/var /var/amavis/db /var/amavis/home
# chown -R amavis:amavis /var/amavis
# chmod -R 750 /var/amavis
# cp amavisd /usr/local/sbin/
# chown root /usr/local/sbin/amavisd
# chmod 755 /usr/local/sbin/amavisd
# cp amavisd.conf /etc/
# chown root /etc/amavisd.conf
# chmod 644 /etc/amavisd.conf
# mkdir /var/virusmails
# chown amavis:amavis /var/virusmails
# chmod 750 /var/virusmails
配置amavisd-new,使用Clam AntiVirus作为病毒过滤程序
vi /etc/amavisd.conf
确保您的如下选项的值如下文所示:
$daemon_user = 'amavis';
$daemon_group = 'amavis';
$mydomain = 'lin.com'; (此处可更改为您集体的域)
$virus_admin = "postmaster\@$mydomain";
$mailfrom_notify_admin = "postmaster\@$mydomain";
$mailfrom_notify_recip = "postmaster\@$mydomain";
$mailfrom_notify_spamadmin = "postmaster\@$mydomain";
$mailfrom_to_quarantine = '';
virus_admin_maps => ["postmaster\@$mydomain"] (指定报告病毒和垃圾邮件时发送系统邮件的用户身份)
spam_admin_maps => ["postmaster\@$mydomain"]
$final_virus_destiny = D_DISCARD;
$final_banned_destiny = D_BOUNCE;
$final_spam_destiny = D_PASS;
$final_bad_header_destiny = D_PASS;
注意上述4个设置中,对spam(垃圾邮件)默认会直接反弹(BOUNCE),现在修改为继续投递(PASS)但在信头中增加相关X-Spam-Status信息等。这样可以很方便的在extmail中设置将被标记为垃圾邮件的mail投递到“垃圾邮件箱”中,便于用户翻查。
启用ClamAV,(大概在第355行)去掉如下行前的注释符:
#['ClamAV-clamd',
# \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd"],
# qr/\bOK$/, qr/\bFOUND$/,
# qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
# ['Mail::ClamAV', \&ask_clamav, "*", [0], [1], qr/^INFECTED: (.+)/],
并将如上行中的/var/run/clamav/clamd修改为:/tmp/clamd.socket
修改Postfix的配置,让它使用amavisd-new作内容过滤:
在master.cf的最后增加下面的内容:
vi /etc/postfix/master.cf
amavisfeed unix - - n - 2 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
-o disable_dns_lookups=yes
-o max_use=20
#
127.0.0.1:10025 inet n - n - - smtpd
-o content_filter=
-o smtpd_delay_reject=no
-o smtpd_client_restrictions=permit_mynetworks,reject
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o smtpd_data_restrictions=reject_unauth_pipelining
-o smtpd_end_of_data_restrictions=
-o smtpd_restriction_classes=
-o mynetworks=127.0.0.0/8
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
-o smtpd_client_connection_count_limit=0
-o smtpd_client_connection_rate_limit=0
-o receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_milters
-o local_header_rewrite_clients=
说明:注意每行“-o”前的空格
在main.cf文件的最后增加下面的内容:
vi /etc/postfix/main.cf
content_filter=amavisfeed:[127.0.0.1]:10024
# Content-Filter
content_filter = smtp:[127.0.0.1]:10024
receive_override_options = no_address_mappings
注意:receive_override_options 这里必须增加,禁止地址展开/影射,否则如果遇到别名的时候会引起冗余邮件的产生
设置amavisd-new开机自动运行,在/etc/rc.local中增加“/usr/local/sbin/amavisd -u amavis&”。
让postfix重新加载主配置文件,并查看启动情况
# /usr/sbin/postfix reload
# tail -f /var/log/maillog
查看amavisd是否在监听10024端口,并测试服务启动情况:
# telnet localhost 10024
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 [127.0.0.1] ESMTP amavisd-new service ready
EHLO localhost
250-[127.0.0.1]
250-VRFY
250-PIPELINING
250-SIZE
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250 XFORWARD NAME ADDR PROTO HELO
Quit
221 2.0.0 [127.0.0.1] amavisd-new closing transmission channel
Connection closed by foreign host.
postfix重新加载配置文件后将授权并激活"127.0.0.1:10025"端口
# telnet localhost 10025
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 mail.lin.com ESMTP "Version not Available
eho
502 5.5.2 Error: command not recognized
ehlo lin.com
250-mail.lin.com
250-PIPELINING
250-SIZE 14336000
250-VRFY
250-ETRN
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
250 2.1.0 Ok
250 2.1.5 Ok
data
354 End data with <CR><LF>.<CR><LF>
2222222222222
.
250 2.0.0 Ok: queued as 6D0DA1C6AEF
quit
221 2.0.0 Bye
Connection closed by foreign host.