postfix邮件系统
本文的配置主要参考了如下两篇文章,中间过程中出现的一些问题,经google解决
http://sery.blog.51cto.com/10037/45500
http://coolerfeng.blog.51cto.com/133059/46073
在这里要感谢下文章原作者,感谢下google
开始安装和配置
系统环境centos5.4,所需tar包如下:
httpd-2.2.14.tar.gz
mysql-5.1.44.tar.gz
php-5.2.10.tar.bz2
需要去除的rpm包
yum �Cy remove sendmail httpd mysql php
rpm -qa|grep cyrus-sasl查到后逐个去除
perl我没有去除,用的是系统自带的
创建邮件系统运行时所需的用户和组
useradd mysql
useradd postfix
useradd amavis
useradd clamav
useradd vmail �Cu 1001
groupadd postdrop
安装AMP
tar zxvf httpd-2.2.14.tar.gz
cd httpd-2.2.14
./configure --prefix=/usr/local/apache �Cenable-so
make;make install
/usr/local/apache/bin/apachectl start
可参照我另 一篇文章将apache加为系统服务
配为开机启动
tar zxvf mysql-5.1.44.tar.gz
cd mysql-5.1.44
./configure --prefix=/usr/local/mysql
make;make install
cp support-files/my-medium.cnf /etc/my.cnf
/usr/local/mysql/bin/mysql_install_db --user=mysql
/usr/local/mysql/bin/mysqld_safe --user=mysql &
/usr/local/mysql/bin/mysqladmin �Cu root �Cp password redhat
把mysql加入系统服务
cp /usr/local/mysql/share/mysql/mysql.server /etc/rc.d/init.d/mysqld
chkconfig --add mysqld
chkconfig --level 3 mysqld on
echo “/usr/local/mysql/lib/mysql”>>/etc/ld.so.conf
ldconfig
echo “PATH=$PATH:/usr/local/mysql/bin/”>>/etc/profile
source /etc/profile
红色字体这几行命令如果不在此处执行的话,以后在安装courier-authlib将出现不少麻烦,切记!!设置mysql路径的目的是将来需要使用mysql-config文件.
tar zxvf php-5.2.10.tar.bz2
cd php-5.2.10
./configure --prefix=/usr/local/php �Cwith-apxs2=/usr/local/apache/bin/apxs �Cwith-mysql=/usr/local/mysql
make;make install
cp php.ini-dist /usr/local/php/lib/php.ini
vi /usr/local/apache/conf/httpd.conf
添加AddType application/x-httpd-php .php
DirectoryIndex index.php index.html
创建测试文件在目录/usr/local/apache/htdocs内
vi index.php
<?php
phpinfo();
?>
修改了apache的配置文件后记得重启apache
若出现了php相关信息的页面则配置成功
安装courier-authlib
tar jxvf courier-authlib-0.63.0.tar.bz2
cd courier-authlib-0.63.0
./configure --prefix=/usr/local/authlib --with-redhat --with-authmysql=yes --with-mailuser=vmail --with-mailgroup=vmail --with-mysql-libs=/usr/local/mysql/lib/mysql --with-mysql-includes=/usr/local/mysql/include/mysql --without-stdheaderdir
make;make install
make install-configure
编辑文件vi /usr/local/authlib/etc/authlib/authdaemonrc确保
authdaemonvar=/usr/local/authlib/var/spool/authdaemon authmodulelist=”authmysql”
authmodulelistorig=”authmysql” //表示采用mysql认证模块
DEBUG_LOGIN=2
编辑文件vi /usr/local/authlib/etc/authlib/authmysqlrc
MYSQL_SERVER localhost
MYSQL_USERNAME postfix
MYSQL_PASSWORD postfix
MYSQL_USERNAME postfix
MYSQL_PASSWORD postfix
MYSQL_DATABASE postfix
MYSQL_SOCKET /tmp/mysql.sock
MYSQL_USER_TABLE mailbox
#MYSQL_CRYPT_PWFIELD password
MYSQL_CLEAR_PWFIELD password
MYSQL_USER_TABLE mailbox
#MYSQL_CRYPT_PWFIELD password
MYSQL_CLEAR_PWFIELD password
DEFAULT_DOMAIN sery.com
MYSQL_UID_FIELD '1001'
MYSQL_GID_FIELD '1001'
MYSQL_UID_FIELD '1001'
MYSQL_GID_FIELD '1001'
MYSQL_LOGIN_FIELD username
MYSQL_HOME_FIELD '/var/mailbox/'
MYSQL_HOME_FIELD '/var/mailbox/'
MYSQL_NAME_FIELD name
MYSQL_MAILDIR_FIELD maildir
MYSQL_QUOTA_FIELD concat(quota,’S’)
MYSQL_WHERE_CLAUSE active='1'
MYSQL_MAILDIR_FIELD maildir
MYSQL_QUOTA_FIELD concat(quota,’S’)
MYSQL_WHERE_CLAUSE active='1'
将此服务加入系统服务
cp courier-authlib.sysvinit /etc/rc.d/init.d/courier-authlib
chmod +x /etc/rc.d/init.d/courier-authlib
/etc/rc.d/init.d/courier-authlib start
echo “/etc/rc.d/init.d/courier-authlib start”>>/etc/rc.local
安装和配置sasl
tar zxvf cyrus-sasl-2.1.22.tar.gz
cd cyrus-sasl-2.1.22
./configure --disable-anon --enable-plain --enable-login --enable-sql --with-mysql=/usr/local/mysql --with-mysql-includes=/usr/local/include/mysql --with-mysql-libs=/usr/local/mysql/lib/mysql --with-authdaemond
make;make install
ln -s /usr/local/lib/sasl2/ /usr/lib/sasl2 //sasl的安装目录是/usr/local/lib/sasl2
echo "/usr/local/lib">>/etc/ld.so.conf
ldconfig
创建配置文件
vi /usr/local/lib/sasl2/smtpd.conf
pwcheck_method:authdaemond
mech_list:PLAIN LOGIN
log_level:3
authdaemond_path:/usr/local/authlib/var/spool/authdaemon/socket
mech_list:PLAIN LOGIN
log_level:3
authdaemond_path:/usr/local/authlib/var/spool/authdaemon/socket
最后一行authdaemond_paeth的设置来自anthlib 的配置文件authlibdaemonrc
Sasl2需要使用文件/usr/local/authlib/var/spool/authdaemon/socket,但默认情况下,其属性是744,需要把它加上执行权限,以便文件属组(主)而外的其它用户可以执行。运行命令chmod +x /usr/local/authlib/var/spool/authdaemon即可,如果不这样处理,smtp验证无一例外会失败的
安装和配置postfixadmin
Postfixadmin是postfix邮件系统的web管理工具,用于管理和维护用户帐号
tar zxvf postfixadmin-2.1.0.tar.gz
mkdir /var/www
mv postfixadmin-2.1.0 /var/www/postfixadmin
chown �CR vmail:vmail /var/www/postfixadmin
修改配置文件
cd /var/www/postfixadmin
cp config.inc.php.sample config.inc.php
vi config.inc.php
// Language config
// Language files are located in './languages'.
$CONF['default_language'] = 'cn';
// Language files are located in './languages'.
$CONF['default_language'] = 'cn';
// Default Domain Values
// Specify your default values below. Quota in MB.
$CONF['aliases'] = '1000';
$CONF['mailboxes'] = '1000';
$CONF['maxquota'] = '1000';
// Specify your default values below. Quota in MB.
$CONF['aliases'] = '1000';
$CONF['mailboxes'] = '1000';
$CONF['maxquota'] = '1000';
vi create-mailbox.php
$tQuota = $CONF['maxquota'];
system("sudo /usr/sbin/maildirmake.sh $fDomain ".$_POST['fUsername']);
if ($fMail == "on")
system("sudo /usr/sbin/maildirmake.sh $fDomain ".$_POST['fUsername']);
if ($fMail == "on")
红色字体的行大约在210行左右,这行的作用就是在php脚本中执行系统的shell脚本
vi delete.php
$result = db_query ("SELECT * FROM mailbox WHERE username='$fDelete' AND domain='$fDomain'");
$userarray=explode("@",$fDelete);
$user=$userarray[0];
$domain=$userarray[1];
system("sudo /usr/sbin/maildirdel.sh $domain $user");
$user=$userarray[0];
$domain=$userarray[1];
system("sudo /usr/sbin/maildirdel.sh $domain $user");
if ($result['rows'] == 1)
修改完成之后进入目录admin,用同样的方法修改此目录内的create-mailbox.php和delete.php,修改不同目录的相同文件是因为权限不同
在mysql数据库中创建postfix所需的数据库
cd /var/www/postfixadmin
mysql �Cu root �Cp < DATABASE_MYSQL.TXT
mysql �Cu root �Cp < DATABASE_MYSQL.TXT
测试postfixadmin,在apache的配置文件尾部加入如下内容:
Alias /postfixadmin /var/www/postfixadmin
<Directory /var/www/postfixadmin>
Options Indexes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>
<Directory "/var/www/postfixadmin/admin">
AuthType Basic
Options None
AllowOverride None
Order allow,deny
Allow from all
AuthName "Postfix Access"
AuthUserFile /usr/local/apache/conf/passfile
Require valid-user
</Directory>
<Directory /var/www/postfixadmin>
Options Indexes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>
<Directory "/var/www/postfixadmin/admin">
AuthType Basic
Options None
AllowOverride None
Order allow,deny
Allow from all
AuthName "Postfix Access"
AuthUserFile /usr/local/apache/conf/passfile
Require valid-user
</Directory>
建立passfile文件touch /usr/local/apache/conf/passfile
cd /usr/local/apache/conf/
/usr/local/apache/bin/htpasswd �Cc passfile dgf
/usr/local/apache/bin/htpasswd �Cc passfile dgf
New password:
Re-type new password:
然后在浏览器内输入:http://yourip/postfixadmin/admin/index.php输入刚才的用户名和密码
postfix的安装和配置,实现邮件的smtp功能,端口为25
tar zxvf postfix-2.2.10.tar.gz
cd postfix-2.2.10
make -f Makefile.init makefiles 'CCARGS=-DHAS_MYSQL -I/usr/local/mysql/include/mysql -DUSE_SASL_AUTH -I/usr/local/include/sasl' 'AUXLIBS=-L/usr/local/mysql/lib/mysql -lmysqlclient -lz -lm -L/usr/local/lib �Clsasl2' //注意:AUXLIBS前面的单引号之前有个空格
cd postfix-2.2.10
make -f Makefile.init makefiles 'CCARGS=-DHAS_MYSQL -I/usr/local/mysql/include/mysql -DUSE_SASL_AUTH -I/usr/local/include/sasl' 'AUXLIBS=-L/usr/local/mysql/lib/mysql -lmysqlclient -lz -lm -L/usr/local/lib �Clsasl2' //注意:AUXLIBS前面的单引号之前有个空格
make install
检测下hostname,将其设置为完整域名的形式如postfix.dgfpeak.com
进入交互模式后可一路回车来完成配置过程。
配置postfix
vi /etc/postfix/main.cf
myhostname = postfix.dgfpeak.com
mydomain = mail.dgfpeak.com
myorigin = $mydomain
inet_interfaces = all
mydestination = $myhostname, localhost.$mydomain, localhost
mynetworks = 127.0.0.0/8 192.168.0.0/24
myhostname = postfix.dgfpeak.com
mydomain = mail.dgfpeak.com
myorigin = $mydomain
inet_interfaces = all
mydestination = $myhostname, localhost.$mydomain, localhost
mynetworks = 127.0.0.0/8 192.168.0.0/24
################Vritual Mailbox settings####################
virtual_mailbox_base = /var/mailbox
virtual_mailbox_maps = mysql:/etc/postfix/mysql/mysql_virtual_mailbox_maps.cf
virtual_mailbox_domains = mysql:/etc/postfix/mysql/mysql_virtual_domains_maps.cf
virtual_alias_maps = mysql:/etc/postfix/mysql/mysql_virtual_alias_maps.cf
virtual_uid_maps = static:1001
virtual_gid_maps = static:1001
virtual_transport = maildrop
maildrop_destination_recipient_limit = 1
maildrop_destination_concurrency_limit = 1
virtual_mailbox_base = /var/mailbox
virtual_mailbox_maps = mysql:/etc/postfix/mysql/mysql_virtual_mailbox_maps.cf
virtual_mailbox_domains = mysql:/etc/postfix/mysql/mysql_virtual_domains_maps.cf
virtual_alias_maps = mysql:/etc/postfix/mysql/mysql_virtual_alias_maps.cf
virtual_uid_maps = static:1001
virtual_gid_maps = static:1001
virtual_transport = maildrop
maildrop_destination_recipient_limit = 1
maildrop_destination_concurrency_limit = 1
###############QUOTA###################
message_size_limit = 14336000
virtual_mailbox_limit = 20971520
virtual_create_maildirsize = yes
virtual_mailbox_extended = yes
virtual_mailbox_limit_maps = mysql:/etc/postfix/mysql/mysql_virtual_mailbox_limit_maps.cf
virtual_mailbox_limit_override = yes
virtual_maildir_limit_message = Sorry, the user's maildir has overdrawn his diskspace quota, please try again later.
virtual_overquota_bounce = yes
message_size_limit = 14336000
virtual_mailbox_limit = 20971520
virtual_create_maildirsize = yes
virtual_mailbox_extended = yes
virtual_mailbox_limit_maps = mysql:/etc/postfix/mysql/mysql_virtual_mailbox_limit_maps.cf
virtual_mailbox_limit_override = yes
virtual_maildir_limit_message = Sorry, the user's maildir has overdrawn his diskspace quota, please try again later.
virtual_overquota_bounce = yes
#######################SASL#############################
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_invalid_hostname,reject_non_fqdn_hostname,reject_unknown_sender_domain,reject_non_fqdn_sender,reject_non_fqdn_recipient,reject_unknown_recipient_domain,reject_unauth_pipelining,reject_unauth_destination,permit //这些配置在一行
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
smtpd_sasl_application_name = smtpd
smtpd_banner=$myhostname ESMTP "Version not Available"
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_invalid_hostname,reject_non_fqdn_hostname,reject_unknown_sender_domain,reject_non_fqdn_sender,reject_non_fqdn_recipient,reject_unknown_recipient_domain,reject_unauth_pipelining,reject_unauth_destination,permit //这些配置在一行
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
smtpd_sasl_application_name = smtpd
smtpd_banner=$myhostname ESMTP "Version not Available"
alias_maps = hash:/etc/aliases
unknown_local_recipient_reject_code = 450
unknown_local_recipient_reject_code = 450
编辑另一配置文件
vi /etc/postfix/master.cf
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
maildrop unix - n n - - pipe
flags=DRhu user=vmail:vmail argv=/usr/local/maildrop/bin/maildrop -d ${recipient}
#
# The Cyrus deliver program has changed incompatibly, multiple times.
vi /etc/postfix/master.cf
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
maildrop unix - n n - - pipe
flags=DRhu user=vmail:vmail argv=/usr/local/maildrop/bin/maildrop -d ${recipient}
#
# The Cyrus deliver program has changed incompatibly, multiple times.
同时在尾部添加如下信息
#############################################
# antispam #
#############################################
smtp-amavis unix - - n - 2 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
-o disable_dns_lookups=yes
localhost:10025 inet n - n - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o mynetworks=127.0.0.0/8
-o smtpd_helo_restrictions=
-o smtpd_client_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o strict_rfc821_envelopes=yes
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
将红色字体文字改成现在的形式
#############################################
# antispam #
#############################################
smtp-amavis unix - - n - 2 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
-o disable_dns_lookups=yes
localhost:10025 inet n - n - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o mynetworks=127.0.0.0/8
-o smtpd_helo_restrictions=
-o smtpd_client_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o strict_rfc821_envelopes=yes
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
将红色字体文字改成现在的形式
新建mysql目录
mkdir /etc/postfix/mysql
在此目录下新建4个文件,分别为mysql_virtual_alias_maps.cf, mysql_virtual_domains_maps.cf,mysql_virtual_mailbox_limit_maps.cf, mysql_virtual_mailbox_maps.cf
mkdir /etc/postfix/mysql
在此目录下新建4个文件,分别为mysql_virtual_alias_maps.cf, mysql_virtual_domains_maps.cf,mysql_virtual_mailbox_limit_maps.cf, mysql_virtual_mailbox_maps.cf
vi mysql_virtual_alias_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
table = alias
select_field = goto
where_field = address
user = postfix
password = postfix
hosts = localhost
dbname = postfix
table = alias
select_field = goto
where_field = address
vi mysql_virtual_domains_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
table = domain
select_field = description
where_field = domain
user = postfix
password = postfix
hosts = localhost
dbname = postfix
table = domain
select_field = description
where_field = domain
vi mysql_virtual_mailbox_limit_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
table = mailbox
select_field = quota
where_field = username
user = postfix
password = postfix
hosts = localhost
dbname = postfix
table = mailbox
select_field = quota
where_field = username
vi mysql_virtual_mailbox_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
table = mailbox
select_field = maildir
where_field = username
user = postfix
password = postfix
hosts = localhost
dbname = postfix
table = mailbox
select_field = maildir
where_field = username
启动服务postfix start
echo "postfix start">>/etc/rc.local
echo "postfix start">>/etc/rc.local
若在日志里面出现如下问题
fatal: open database /etc/aliases.db: No such file or directory
则需要关闭postfix后运行newaliases来生成aliases.db文件,然后在开启postfix服务。
courier-imap的安装和配置,来实现邮件的pop3或imap功能,端口为110或143
tar jxvf courier-imap-4.1.3.tar.bz2
cd courier-imap-4.1.3
./configure --prefix=/usr/local/imap --with-redhat --disable-root-check --enable-unicode=utf-8,iso-8859-1,gb2312,gbk,gb18030 --with-trashquota --with-dirsync --with-mysql-libs=/usr/local/mysql/lib/mysql/ --with-mysql-includes=/usr/local/mysql/include/mysql/ --with-authmysql --with-authmysql=yes
编译过程中如报错:configure:error:courierauthconfig not fount
解决办法:设置变量COURIERAUTHCONFIG
export COURIERAUTHCONFIG=/usr/local/authlib/bin/courierauthconfig 然后在编译即可通过
make;make install
make install-configure
修改配置文件/usr/local/imap/etc/pop3d 把POP3DSTART=NO得值改成YES 如需要使用imap服务,需修改/usr/local/imap/etc/imapd将其中IMAPDSTART=NO的值改为YES
将courier-imap.sysvinit拷贝到/etc/rc.d/init.d/下 cp courier-imap.sysvinit /etc/rc.d/init.d/imapd
chmod +x /etc/rc.d/init.d/imapd
启动服务 /etc/rc.d/init.d/imapd start
chkconfig --add imapd
chkconfig --level 3 imapd on
tar jxvf courier-imap-4.1.3.tar.bz2
cd courier-imap-4.1.3
./configure --prefix=/usr/local/imap --with-redhat --disable-root-check --enable-unicode=utf-8,iso-8859-1,gb2312,gbk,gb18030 --with-trashquota --with-dirsync --with-mysql-libs=/usr/local/mysql/lib/mysql/ --with-mysql-includes=/usr/local/mysql/include/mysql/ --with-authmysql --with-authmysql=yes
编译过程中如报错:configure:error:courierauthconfig not fount
解决办法:设置变量COURIERAUTHCONFIG
export COURIERAUTHCONFIG=/usr/local/authlib/bin/courierauthconfig 然后在编译即可通过
make;make install
make install-configure
修改配置文件/usr/local/imap/etc/pop3d 把POP3DSTART=NO得值改成YES 如需要使用imap服务,需修改/usr/local/imap/etc/imapd将其中IMAPDSTART=NO的值改为YES
将courier-imap.sysvinit拷贝到/etc/rc.d/init.d/下 cp courier-imap.sysvinit /etc/rc.d/init.d/imapd
chmod +x /etc/rc.d/init.d/imapd
启动服务 /etc/rc.d/init.d/imapd start
chkconfig --add imapd
chkconfig --level 3 imapd on
安装maildrop,其作用是本地投递,即把收到的邮件移动到相应的目录。
pcre这个包,我们采用系统自带的
tar jxvf maildrop-2.0.4.tar.bz2
cd maildrop-2.0.4
./configure --prefix=/usr/local/maildrop --enable-sendmail=/usr/sbin/sendmail --enable-trusted-users='root vmail' --enable-syslog=1 --enable-maildirquota --enable-maildrop-uid=1001 --enable-maildrop-gid=1001 --with-trashquota --with-dirsync
若在编译的过程中报如下错误:configure: error: pcre.h not found,则需要安装pcre-devel包
make;make install
cp /usr/local/maildrop/bin/maildrop /usr/bin
简单验证maildrop -v
输出内容一定要有"Courier Authentication Library extension enabled",这表明maildrop已经和前面我们安装配置的SASL和courier-authlib紧密结合在一起了。
创建maildrop的日志记录vi /etc/maildroprc内容如下:
logfile "/var/mailbox/maildrop.log"
to "$HOME/$DEFAULT"
增加两个shell脚本使maildrop有创建和删除邮件用户目录的能力
pcre这个包,我们采用系统自带的
tar jxvf maildrop-2.0.4.tar.bz2
cd maildrop-2.0.4
./configure --prefix=/usr/local/maildrop --enable-sendmail=/usr/sbin/sendmail --enable-trusted-users='root vmail' --enable-syslog=1 --enable-maildirquota --enable-maildrop-uid=1001 --enable-maildrop-gid=1001 --with-trashquota --with-dirsync
若在编译的过程中报如下错误:configure: error: pcre.h not found,则需要安装pcre-devel包
make;make install
cp /usr/local/maildrop/bin/maildrop /usr/bin
简单验证maildrop -v
输出内容一定要有"Courier Authentication Library extension enabled",这表明maildrop已经和前面我们安装配置的SASL和courier-authlib紧密结合在一起了。
创建maildrop的日志记录vi /etc/maildroprc内容如下:
logfile "/var/mailbox/maildrop.log"
to "$HOME/$DEFAULT"
增加两个shell脚本使maildrop有创建和删除邮件用户目录的能力
vi /usr/sbin/maildirmake.sh
#!/bin/bash
set -e
if [ ! -d /var/mailbox/$1 ]
then
mkdir /var/mailbox/$1
fi
chown -R vmail:vmail /var/mailbox/$1
cd "/var/mailbox/$1"
/usr/local/imap/bin/maildirmake $2
mkdir /var/mailbox/$1/$2/Maildir
chown -R vmail:vmail /var/mailbox/$1/$2
#!/bin/bash
set -e
if [ ! -d /var/mailbox/$1 ]
then
mkdir /var/mailbox/$1
fi
chown -R vmail:vmail /var/mailbox/$1
cd "/var/mailbox/$1"
/usr/local/imap/bin/maildirmake $2
mkdir /var/mailbox/$1/$2/Maildir
chown -R vmail:vmail /var/mailbox/$1/$2
vi /usr/sbin/maildirdel.sh
#!/bin/bash
rm -rf /var/mailbox/$1/$2
#!/bin/bash
rm -rf /var/mailbox/$1/$2
这两个脚本由web调用,而apache的执行用户为vmail,因为vmail的权限有限,所以为了保证脚本能正确执行我们调用了sudo这个工具,需要相应的修改些东西。
vi /etc/sudoers //若没有此配置文件,需要安装sudo
把内容“vmail ALL = NOPASSWD: /usr/sbin/maildirmake.sh , /usr/sbin/maildirdel.sh”追加到文件末尾即可。
同时需要注释掉这行 “Defaults requiretty” 防止创建邮件用户目录失败。
vi /etc/sudoers //若没有此配置文件,需要安装sudo
把内容“vmail ALL = NOPASSWD: /usr/sbin/maildirmake.sh , /usr/sbin/maildirdel.sh”追加到文件末尾即可。
同时需要注释掉这行 “Defaults requiretty” 防止创建邮件用户目录失败。
邮件病毒检查和垃圾邮件过滤
防病毒软件使用最新版的clamav,垃圾邮件过滤使用SpamAssassin的perl模块。通过amavisd-new这个容器,把clamav和SpamAssassin整合起来。
tar zxvf clamav-0.95.2.tar.gz
cd clamav-0.95.2
./configure --prefix=/usr/local/clamav --with-dbdir=/usr/local/share/clamav
make;make install
修改配置文件
vi /usr/local/clamav/etc/freshclam.conf
#example 这个版本的要注释掉这行才能正常运行
DatabaseDirectory /usr/local/share/clamav
UpdateLogFile /var/log/clamav/freshclam.log
LogVerbose yes
LogSyslog yes
LogFacility LOG_MAIL
DatabaseOwner amavis
DatabaseMirror db.CN.clamav.net
DatabaseMirror database.clamav.net
vi /usr/local/clamav/etc/clamd.conf
#example
LogFile /var/log/clamav/clamd.log
LogSyslog yes
LogVerbose yes
PidFile /var/run/clamav/clamd.pid
DatabaseDirectory /usr/local/share/clamav
LocalSocket /var/run/clamav/clamd.socket
StreamMaxLength 20M
User amavis
ScanMail yes
ScanArchive yes
防病毒软件使用最新版的clamav,垃圾邮件过滤使用SpamAssassin的perl模块。通过amavisd-new这个容器,把clamav和SpamAssassin整合起来。
tar zxvf clamav-0.95.2.tar.gz
cd clamav-0.95.2
./configure --prefix=/usr/local/clamav --with-dbdir=/usr/local/share/clamav
make;make install
修改配置文件
vi /usr/local/clamav/etc/freshclam.conf
#example 这个版本的要注释掉这行才能正常运行
DatabaseDirectory /usr/local/share/clamav
UpdateLogFile /var/log/clamav/freshclam.log
LogVerbose yes
LogSyslog yes
LogFacility LOG_MAIL
DatabaseOwner amavis
DatabaseMirror db.CN.clamav.net
DatabaseMirror database.clamav.net
vi /usr/local/clamav/etc/clamd.conf
#example
LogFile /var/log/clamav/clamd.log
LogSyslog yes
LogVerbose yes
PidFile /var/run/clamav/clamd.pid
DatabaseDirectory /usr/local/share/clamav
LocalSocket /var/run/clamav/clamd.socket
StreamMaxLength 20M
User amavis
ScanMail yes
ScanArchive yes
创建相关的目录
mkdir /var/log/clamav
chmod -R 744 /var/log/clamav
chown -R amavis:amavis /var/log/clamav
chown -R amavis.amavis /usr/local/share/clamav
mkdir /var/run/clamav
chmod 700 /var/run/clamav
chown amavis.amavis /var/run/clamav
mkdir /var/log/clamav
chmod -R 744 /var/log/clamav
chown -R amavis:amavis /var/log/clamav
chown -R amavis.amavis /usr/local/share/clamav
mkdir /var/run/clamav
chmod 700 /var/run/clamav
chown amavis.amavis /var/run/clamav
启动服务/usr/local/clamav/sbin/clamd
echo "/usr/local/clamav/sbin/clamd">>/etc/rc.local
更新数据库病毒/usr/local/clamav/bin/freshclam
更新数据库病毒/usr/local/clamav/bin/freshclam
安装和配置avamvis-new
tar zxvf amavisd-new-2.6.2.tar.gz
cd amavisd-new-2.6.2
mkdir -p /var/amavis /var/amavis/tmp /var/amavis/var /var/amavis/db
chown -R amavis:amavis /var/amavis
chmod -R 750 /var/amavis
cp amavisd /usr/local/sbin/
chown root /usr/local/sbin/amavisd
chmod 755 /usr/local/sbin/amavisd
cp amavisd.conf /etc/
chown root /etc/amavisd.conf
chmod 644 /etc/amavisd.conf
mkdir /var/virusmails
chown amavis:amavis /var/virusmails
chmod 750 /var/virusmails
tar zxvf amavisd-new-2.6.2.tar.gz
cd amavisd-new-2.6.2
mkdir -p /var/amavis /var/amavis/tmp /var/amavis/var /var/amavis/db
chown -R amavis:amavis /var/amavis
chmod -R 750 /var/amavis
cp amavisd /usr/local/sbin/
chown root /usr/local/sbin/amavisd
chmod 755 /usr/local/sbin/amavisd
cp amavisd.conf /etc/
chown root /etc/amavisd.conf
chmod 644 /etc/amavisd.conf
mkdir /var/virusmails
chown amavis:amavis /var/virusmails
chmod 750 /var/virusmails
修改配置文件vi /etc/amavisd.conf
$max_servers=8;
$daemon_user = 'amavis';
$daemon_group = 'amavis';
$mydomain = 'sery.com';
$db_home = "$MYHOME/db";
$inet_socket_port = 10024;
$sa_tag_level_deflt = -100;
$sa_tag2_level_deflt = 6.3;
$sa_kill_level_deflt = $sa_tag2_level_deflt;
$virus_admin = "virusalert@$mydomain";
$sa_spam_subject_tag = '***SPAM*** ';
$notify_method = $forward_method;
$forward_method = 'smtp:127.0.0.1:10025';
$final_virus_destiny = D_DISCARD;
$final_banned_destiny = D_DISCARD;
$final_spam_destiny = D_PASS;
['ClamAV-clamd',
&ask_daemon, ["CONTSCAN {}n", "/var/run/clamav/clamd.socket"],
qr/bOK$/, qr/bFOUND$/,
qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
$max_servers=8;
$daemon_user = 'amavis';
$daemon_group = 'amavis';
$mydomain = 'sery.com';
$db_home = "$MYHOME/db";
$inet_socket_port = 10024;
$sa_tag_level_deflt = -100;
$sa_tag2_level_deflt = 6.3;
$sa_kill_level_deflt = $sa_tag2_level_deflt;
$virus_admin = "virusalert@$mydomain";
$sa_spam_subject_tag = '***SPAM*** ';
$notify_method = $forward_method;
$forward_method = 'smtp:127.0.0.1:10025';
$final_virus_destiny = D_DISCARD;
$final_banned_destiny = D_DISCARD;
$final_spam_destiny = D_PASS;
['ClamAV-clamd',
&ask_daemon, ["CONTSCAN {}n", "/var/run/clamav/clamd.socket"],
qr/bOK$/, qr/bFOUND$/,
qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
测试amavis /usr/local/sbin/amavisd debug
一般初次测试都不能成功,需要安装相应的perl模块,可以通过如下方法实现:
cpan Crypt::OpenSSL::RSA 这样安装直到debug测试通过为止。
先通过cpan来安装 IO::Stringy;Unix::Syslog;Compress::Zlib;Net::Server;Net::Server::PreFork
一般初次测试都不能成功,需要安装相应的perl模块,可以通过如下方法实现:
cpan Crypt::OpenSSL::RSA 这样安装直到debug测试通过为止。
先通过cpan来安装 IO::Stringy;Unix::Syslog;Compress::Zlib;Net::Server;Net::Server::PreFork
下面这些模块
MIME::Words; MIME::Head; MIME::Body; MIME::Entity; MIME::Parser; MIME::Decoder; MIME::Decoder::Base64; MIME::Decoder::Binary; MIME::Decoder::QuotedPrint; MIME::Decoder::NBit; MIME::Decoder::UU; MIME::Decoder::Gzip64;
这些包可以通过到网站http://search.cpan.org来下载包MIME-tools-5.427.tar.gz
tar zxvf MIME-tools-5.427.tar.gz
cd MIME-tools-5.427
perl Makefile.PL
make;make install
MIME::Words; MIME::Head; MIME::Body; MIME::Entity; MIME::Parser; MIME::Decoder; MIME::Decoder::Base64; MIME::Decoder::Binary; MIME::Decoder::QuotedPrint; MIME::Decoder::NBit; MIME::Decoder::UU; MIME::Decoder::Gzip64;
这些包可以通过到网站http://search.cpan.org来下载包MIME-tools-5.427.tar.gz
tar zxvf MIME-tools-5.427.tar.gz
cd MIME-tools-5.427
perl Makefile.PL
make;make install
BerkeleyDB-0.41.tar.gz
cd BerkeleyDB-0.41
perl Makefile.PL
make;make install
cd BerkeleyDB-0.41
perl Makefile.PL
make;make install
cpan Crypt::OpenSSL::RSA
cpan Mail::DKIM::Verifier
cpan HTML::Parser
cpan NetAddr::IP
cpan Archive::Tar
cpan IO::Zlib
tar zxvf Mail-SpamAssassin-3.3.0.tar.gz
cd Mail-SpamAssassin-3.3.0
perl Makefile.PL ; make ; make install
cpan Convert::TNEF
tar zxvf Mail-SpamAssassin-3.3.0.tar.gz
cd Mail-SpamAssassin-3.3.0
perl Makefile.PL ; make ; make install
cpan Convert::TNEF
cpan Convert::UUlib
cpan Archive::Zip
启动服务/usr/local/sbin/amavisd
echo "/usr/local/sbin/amavisd">>/etc/rc.local
测试启动spamassassin
vi /etc/mail/spammassassin/local.cf
required_hits 10.0
rewrite_subject 1
required_score 5.0
rewrite_header Subject *****SPAM*****
report_safe 1
use_bayes 1
bayes_auto_learn 1
skip_rbl_checks 1
use_razor2 0
use_pyzor 0
ok_locales all
启动服务/usr/bin/spamd -d
rewrite_subject 1
required_score 5.0
rewrite_header Subject *****SPAM*****
report_safe 1
use_bayes 1
bayes_auto_learn 1
skip_rbl_checks 1
use_razor2 0
use_pyzor 0
ok_locales all
启动服务/usr/bin/spamd -d
echo "/usr/bin/spamd -d">>/etc/rc.local
加入反垃圾邮件规则文件
wget -N -P /usr/share/spamassassin www.ccert.edu.cn/spam/sa/Chinese_rules.cf