在FreeBSD上组建ISP级的邮件系统(Ver:0.3)


FreeBSD(基本系统) + Postfix(MTA 邮件传输代理) + MySQL(后台数据库,

用户保存用户信息) + Cyrus -SASL2(发信认证) + Courier -IMAP(提供POP3/IMAP服务) + MailDrop(MDA 邮件投递代理) + amavisd-new(内容过滤) + Spamassassin(反垃圾邮件) + Clamav(杀毒) + Extman (后台用户管理) + ExtMail( 一个高效率的webmail)

作者:冯勇 fengyongchuang # yahoo.com.cn (≠%26amp;键盘人生$:71633908)

日期:2006-03-09

技术支持网站:www.extmail.org


QQ群:

网管之家: 5929685
网管之家-UNIX:3791457
Extmail 群/postfix 1: 6769767
Extmail 群/postfix 2: 18051473

版权所有,复制或转载时请保留作者信息。尊重他人的劳动成果就等于尊重自己。

如有问题请到下面网址提问:
http://www.extmail.org/forum/archive/2/0603/1216.html

前言
1、感谢HZQBBC 多年来的帮助,让我对LINUX /UNIX 有所了解。

2、本人文笔不好,欢迎拍砖。

3、本文通过一步一个软件,一个软件一次性设置的方式让你了解如何组建一个邮件系统。

4、建议:良好的电脑基础会使你事半功倍,至少你要明白互联网上的一些常用服务的原理,如:web/ftp/dns/mail(mta/mua/mda)及了解什么是TCP/IP协议。

5、对了BSD 操作不熟的兄弟建议看Freebsd 的Handbook。

http://cnsnap.cn.freebsd.org/doc/zh_CN.GB2312/books/handbook/index.html

6、对于英文不太好的兄弟建议使用IBM 智能词典。

http://www.google.com/search?hl=zh-CN%26amp;q=IBM%E6%99%BA%E8%83%BD%E8%AF%8D%E5%85%B8%26amp;lr=

7、要多想多做多动脑(大脑生来就是为了思考的,不用会生锈),要懂得如何去使用google/baidu 寻找你需要的东西,可能你遇到的问题人家已经遇过并解决了。

8、认真观察安装过程、日志文件是寻找错误的关键。

9、古语云:冰冻三尺非一日之寒,当你第N 次安装失败时,千万别恢心,成功往往就与你擦肩而过。回头认真看文档,回想自己的操作,整理好思路。相信自己一定会成功。

10、FreeBSD 通过ports 安装总是花上不少时间在下载文件及编译, 建议你多喝水或为自己准备一杯咖啡,编译的时候走走运动一下也是个不错的主意。

最后献上我用了六年的座右铭:靠山山倒,靠人人倒,靠自己最好!


更新:
1、接上编<Freebsd 6.0 +Postfix + MySQL+Cyrus-SASL2 +Courier-IMAP + Clamav+Mailscanner+Extman+Extmail>对内容进行了修改。

2、把mailscanner 换成amavisd-new。

3、增加了maildrop 作为邮件的投递代理。

4、更详细的安装过程。

5、以HTML 方式发布,方便兄弟们复制命令。

6、去掉了zend/ftp/openssl 的安装 。

7、加入了atni-spam.org.cn 的cdl服务 从而更有效拒绝垃圾邮件。


快速索引
一、设置你的DNS

二、安装Freebsd

三、安装mysql

四、安装apahce

五、安装邮件系统

六、测试系统

七、安装反垃圾邮件

八、安装extmail/extman

一、设置你的DNS
很多人经常问为什么我的邮件服务器向163.com /sina.com/yahoo.com.cn...都能收到,为什么回复的邮件却收不到,原因很简单,因为这些服务器不能找到你的域名的A记录或MX 记录。很多人在安装时使用的域都是不合法的域名,即未经注册的DNS FQDN(完全限定名)。如果你没有申请合法的域名,可以到 comexe.cn 3322.org 申请一个动态域名来收发邮件。

本例中以 extmail.org 这个域为例 ,主机名为mail ,邮件服务器建立在DDNS 之上。
打开windows 的CMD 使用nslookup 查询extmail.org 的MX记录,如果你自己拥有固定IP可以创建自己的DNS,如果你使用的是新网或其它域名供应商,进入后台添加一个记录即可,供体参考DNS 相关的内容。

 C:\>nslookup -type=mx extmail.org 221.4.66.66Server:  ns2.cnc-gd.netAddress:  221.4.66.66DNS request timed out.    timeout was 2 seconds.Non-authoritative answer:extmail.org     MX preference = 20, mail exchanger = mx.extmail.orgextmail.org     nameserver = ns2.xinnetdns.comextmail.org     nameserver = ns.xinnet.cnextmail.org     nameserver = ns.xinnetdns.comextmail.org     nameserver = ns2.xinnet.cnmx.extmail.org  internet address = 210.21.119.139ns.xinnet.cn    internet address = 210.51.171.209ns.xinnetdns.com        internet address = 210.51.170.66ns2.xinnet.cn   internet address = 210.51.170.67ns2.xinnetdns.com       internet address = 210.51.170.67作为windows 高手的你,这点小事难不到你吧 。


二、安装Freebsd
A、系统分区
很多人在使用自己的作业系统时,不知道如何对系统分区,对于分区方案没有最好的,只是跟据自己的情况去分。
下面是我的分区方案。

硬盘为120G ,/(根)1G 左右就差不多了,但考滤到/root 工作目录也在这里,所以分大一点。

/home/data 主要是用来存放Email /ftp用户的数据

/tmp 1G 也是考虑到临时文件多,所以给大也点。

/usr/ 10G 因为要安装软件,还有下载的软件,我没有装GUI 所以只分了10G我认为足够了。

/var 3G这个目录存放的东西比较多,如日志、邮件的临时目录,如果空间不够amavisd-new 无法解开邮件进行杀毒。

 %df -h  Filesystem   Size    Used    Avail   Capacity   Mounted on  /dev/ad0s1a   1.9G   481M   1.3G    26%       /  devfs         1.0K    1.0K    0B      100%   /dev  /dev/ad0s1g    92G    353M    84G    0%      /home/data  /dev/ad0s1e    989M    224K    910M    0%    /tmp  /dev/ad0s1f    9.7G    1.8G    7.1G    20%    /usr  /dev/ad0s1d     2.9G   105M    2.6G     4%    /var  以上方案不是最好的,咸鱼白菜各有所好。

B、安装基本系统
对于系统的安装,我选择了minimal(最小系统)和ports ,因为有些没必要的包就不装,减少系统体积,另外作为一台服务器,我从来不装GUI 。

下载BSD时,只需要下载DISK 1 就行了,缺少的软件包可以通过网络安装。

 

点击查看大图

C、配置系统
如果你在安装后期没有配置系统,在系统启动完成后以root的身份登陆系统,运行sysinstall 进行设置,或通过ee编辑器编辑/etc/rc.conf文件,在这里提醒各位,一会大多数服务都需要在/etc/rc.conf加入启动内容才能正常启动。

设置好固定IP,或通过DHCP 自动分配置机器IP。使用SSH 客户端进行管理服务器将会为你的工作提供方便。

使用SSH 要注意:

a、不能用root直接登陆,需要添加一个新用户,指定到wheel 组,用此用户登陆后用使用 su - 提升到管理员。

b、 以我的SecureCRT 为例,Session options ->Authentication ->Primary 选择keyboard Interactive

c、如果你要使用像LINUX 一样的彩色显示,需要把 Emulation -> Terminal ->Xterm 选中ANSI Color 并在/etc/csh.cshrc加入


setenv LSCOLORS ExGxFxdxCxegedabagExEx setenv CLICOLOR yesset autolist然后执行


sed -i.bak -E s/set\ prompt/#set\ prompt/g /root/.cshrc退出重新登陆即可看到彩色目录了。


D、更新软件包
采用Freebsd 最好的地方就是安装软件方便,还可以装到最新的软件包,这就是强大的posts 系统。如果你的系统在安装时没有选择posts ,具休如何操作看BSD 的handbook.

CVSUP 的站点很多,你可以选择离你最快的站点去更新posts ,具体查看 freebsd.org /freebsdchina.org.cn

在使用cvsup之前你必须连接到互联网,并需要安装cvsup 这个软件

假如你的服务器在内网里,并通过DMZ 进行IP映射,可以参考下面设置:


sshd_enable="YES"fsck_y_enable="YES"hostname="mail.extmail.org"ifconfig_rl0="inet 192.168.1.1 netmask 255.255.255.0"  defaultrouter="192.168.1.1"如果你使用的是ADSL 拔号

a、修改/etc/ppp/ppp.conf

default:set log Phase tun command # you can add more detailed logging if you wishset ifaddr 10.0.0.1/0 10.0.0.2/0 adsl:  set device PPPoE:vr0 # 将vr0 改为你拔号的网卡  set authname 你的ADSL 帐号   set authkey 你的ADSL密码  set dial  set login  add default HISADDR b、/etc/rc.conf 内容

inetd_enable="YES"sshd_enable="YES"fsck_y_enable="YES"hostname="mail.extmail.org"ifconfig_rl0="inet 192.168.1.1 netmask 255.255.255.0" ppp_enable="YES" #YES or NOppp_mode="ddial" #"auto", "ddial", "direct" or "dedicated".ppp_nat="YES" # if you want to enable nat for your local network, otherwise NOppp_profile="adsl" #/etc/ppp/ppp.conf c、安装cvsup-without-gui


 %cd /usr/ports/net/cvsup-without-gui/ %make install clean d、更新ports
安装完cvsup软件后,对ports 进行更新


%/usr/local/bin/cvsup -gL 2 -h cvsup4.freebsdchina.org /usr/share/examples/cvsup/ports-supfile其实FreeBSD 一点也不难,我没有说错吧 !


三、安装数据库 MySQL
MySQL 版本很多,大家可以据自己需要自行安装。

%cd /usr/ports/databases/mysql41-server/%make install clean在/etc/rc.conf 加入

mysql_enable="YES"复制配置文件(非必需)

cp /usr/local/share/mysql/my-small.cnf /usr/local/etc/my.cnf在此说明:

1、如果不在/etc/rc.conf 加入以上内容,手工是无法启动MySQL的。
2、如果你想知道这个软件应该在/etc/rc.conf加入什么内容,打开/usr/local/etc/rc.d 目录,找到此软件的启动脚本。然后打开文件,如果有详细的说明。

%/usr/local/etc/rc.d/mysql-server.sh start Starting mysql.如何去检查一个服务是否正常启动:1、通过ps查看进程,2、检查所打开的端口。

%ps aux|grep mysqlmysql 94899  0.2  0.5  1644  1240  p0  S     3:52PM   0:00.07 /bin/sh /usr/local/bin/mysqld_safe --mysql 94919  0.0 10.8 55564 27428  p0  S     3:52PM   0:01.54 /usr/local/libexec/mysqld --defaults-%%netstat -an|grep 3306tcp4       0      0  *.3306                 *.*                    LISTENMySQL安装时,服务器的密码为空,建议你装好系统后,第一时间去更改密码。

%/usr/local/bin/mysqladmin -u root -p password 你的新密码 Enter password: 如果你服务器只供本站内部使用建议在 my.cnf 里加入下面内容,以增加服务器的安全性。

[mysqld]bind_address=127.0.0.1
四、安装Apache
1、安装apache server
作为网络的今天apache web服务器已经是街知港闻了。
%cd /usr/ports/www/apache22/%make install clean在/etc/rc.conf 中加入:

apache22_enable="YES"如果启动时出现httpd: Could not reliably determine the server's fully qualified domain name, using mail.sharesky.cn for ServerName 的错误,在/usr/local/etc/apache22/httpd.conf 约第144行的位置加入下面的内容。

ServerName mail.extmail.org启动apahce

%/usr/local/etc/rc.d/apache22.sh startPerforming sanity check on apache22 configuration:Syntax OKStarting apache22.2、安装PHP
%cd /usr/ports/www/mod_php4/%make install clean                  Options for mod_php4 4.4.2_1,1                    x                 x lqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqk x                 x x         [ ] DEBUG      Enable debug                            x x                 x x         [X] MULTIBYTE  Enable zend multibyte support           x x                 x x         [ ] IPV6       Enable ipv6 support                     x x                 x x         [X] OPENSSL    Build static OpenSSL extension       在/usr/local/etc/apache22/httpd.conf 里加入

AddType application/x-httpd-php .phpAddType application/x-httpd-php-source .phps加入目录索引 index.php,约在httpd.conf 的212行

 DirectoryIndex index.html index.phprestart或reload Apache 使之生效

%/usr/local/etc/rc.d/apache22.sh reloadPerforming sanity check on apache22 configuration:Syntax OKPerforming a graceful restart3、安装PHP 扩展
%cd /usr/ports/lang/php4-extensions/%make install clean在这里建议大家,如果没有必要尽量不要安装GD库免得浪费时间,大家可据自己需要选择安装模块

               lqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqk               x                 Options for php4-extensions 1.0                    x                 x lqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqk x                 x x  [ ] BCMATH       bc style precision math functions            x x                 x x  [X] BZ2          bzip2 library support                        x x                 x x  [ ] CALENDAR     calendar conversion support                  x x                 x x  [ ] CRACK        crack support                                x x                 x x  [X] CTYPE        ctype functions                              x x                 x x  [X] CURL         CURL support                                 x x                 x x  [ ] DBA          dba support                                  x x                 x x  [ ] DBASE        dBase library support                        x x                 x x  [ ] DBX          dbx support                                  x x                 x x  [ ] DIO          Direct I/O support                           x x                 x x  [ ] DOMXML       DOM support                                  x x                 x x  [ ] EXIF         EXIF support                                 x x                 x x  [ ] FILEINFO     fileinfo support                             x x                 x x  [ ] FILEPRO      filePro support                              x x                 x x  [ ] FRIBIDI      FriBidi support             x x  [X] FTP          FTP support                                  x x                 x x  [ ] GD           GD library support                           x x                 x x  [X] GETTEXT      gettext library support                      x x                 x x  [ ] GMP          GNU MP support                               x x                 x x  [X] ICONV        iconv support                                x x                 x x  [ ] IMAGICK      ImageMagick support                          x x                 x x  [X] IMAP         IMAP support                                 x x                 x x  [ ] INTERBASE    Interbase 6 database support (Firebird)      x x                 x x  [ ] LDAP         OpenLDAP support                             x x                 x x  [X] MBSTRING     multibyte string support                     x x                 x x  [ ] MCAL         Modular Calendar Access Library support      x x                 x x  [X] MCRYPT       Encryption support                           x x                 x x  [ ] MCVE         MCVE support                                 x x                 x x  [ ] MHASH        Crypto-hashing support                       x x          x x  [ ] MING         ming shockwave flash support                 x x                 x x  [ ] MNOGOSEARCH  mnoGoSearch support                          x x                 x x  [ ] MSSQL        MS-SQL database support                      x x                 x x  [X] MYSQL        MySQL database support                       x x                 x x  [ ] NCURSES      ncurses support (CLI only)                   x x                 x x  [ ] ODBC         unixODBC support                             x x                 x x  [X] OPENSSL      OpenSSL support                              x x                 x x  [ ] ORACLE       Oracle support                               x x                 x x  [X] OVERLOAD     user-space object overloading support        x x                 x x  [ ] PANDA        panda support                                x x                 x x  [ ] PCNTL        pcntl support (CLI only)                     x x                 x x  [X] PCRE         Perl Compatible Regular Expression support   x x                 x x  [ ] PDF          PDFlib support (implies GD)                  x x                 x x  [ ] PFPRO        PayFlow Pro support                          x x          x x  [ ] PGSQL        PostgreSQL database support                  x x                 x x  [X] POSIX        POSIX-like functions                         x x                 x x  [ ] PSPELL       pspell support                               x x                 x x  [ ] READLINE     readline support (CLI only)                  x x                 x x  [ ] RECODE       recode support                               x x                 x x  [X] SESSION      session support                              x x                 x x  [ ] SHMOP        shmop support                                x x                 x x  [ ] SNMP         SNMP support                                 x x                 x x  [ ] SOCKETS      sockets support                              x x                 x x  [ ] SYBASE_CT    Sybase database support                      x x                 x x  [ ] SYSVMSG      System V message support                     x x                 x x  [ ] SYSVSEM      System V semaphore support                   x x                 x x  [ ] SYSVSHM      System V shared memory support               x x                 x x  [X] TOKENIZER    tokenizer support                            x x          x x  [ ] WDDX         WDDX support (implies XML)                   x x                 x x  [X] XML          XML support                                  x x                 x x  [ ] XMLRPC       XMLRPC-EPI support                           x x                 x x  [ ] XSLT         XSLT Sablotron support                       x x                 x x  [ ] YAZ          YAZ support (ANSI/NISO Z39.50)               x x                 x x  [ ] YP           YP/NIS support                               x x                 x x  [ ] ZIP          ZIP support                                  x x                 x x  [X] ZLIB         ZLIB support                                 x x    4、安装phpmyadmin 管理数据库
为了去除无聊的安装过程,这里选择手工安装,先下载软件包,然后解压,再复制到/usr/local/www/apache22/data 下面

%cd /usr/ports/databases/phpmyadmin/%make fetch%cd /usr/ports/distfile%tar jxvf phpMyAdmin-2.7.0-pl2.tar.bz2%cp -r /usr/ports/distfiles/phpMyAdmin-2.7.0-pl2 /usr/local/www/apache22/data/phpmyadmin大家注意,可能你下载的版本与我下载的不一样,不能照搬。

设置phpmyadmin
%cd /usr/local/www/apache22/data/phpmyadmin/%ee config.default.php 将$cfg['Servers'][$i]['auth_type'] = 'config'; 改为

$cfg['Servers'][$i]['auth_type']     = 'http'; 打开http://ip/phpmyadmin 就可以管理你的mysql 数据库了

5、安装extman
extman 是extmail用户后台管理系统,官方网站为www.extmail.org 下载解压

%tar zxvf extman-13-20060102.tar.gz%cd extman-0.13-20060102/docs%mysql -u root -p extmail.sql添加了两个MySQL用户1、只读用户:extmail 密码:extmail2、读/写用户:webman 密码:webman init.sql 里,对extmail数据库添加了下面的记录a、添加了一个别名记录 support@extmail.org ->test@extmail.orgb、增加了 extmail.org 域 c、增加了test@extmail.org的邮箱密码为test。d、增加了extman 的管理员root@extmail.org 密码为extmail   五、安装邮件系统安装下面三个软件要注意先后顺序1、安装 Courier-IMAP%cd /usr/ports/mail/courier-imap/%make install clean选择openssl、MySQL在/etc/rc.conf 加入courier_authdaemond_enable="YES"courier_imap_pop3d_enable="YES"courier_imap_imapd_enable="YES"修改authdaemond的权限%/usr/local/etc/rc.d/courier-authdaemond.sh start%chmod -R  +x /var/run/authdaemond/ authdaemond 启动完成后,检查/var/run/authdaemond 下面是否产生socket 文件,因为认证时是通过这个文件读取密码的。设置/usr/local/etc/authlib/authdaemonrc%mv authdaemonrc authdaemonrc.bakee authdaemonrc在authdaemonrc 加入下面的内容authmodulelist="authmysql"authmodulelistorig="authmysql"version="authdaemond.mysql"daemons=5                             authdaemover=/var/run/authdaemond     subsystem=mail                        DEBUG_LOGIN=2                         DEFAULTOPTIONS="wbnodsn=1" 上面DEBUG_LOGIN=2 是为了调试方便,等系统完全测试完成,可改为 0,即不显示调试信息。 设置/usr/local/etc/authlib/authmysqlrc%mv authmysqlrc authmysqlrc.bakee authmysqlrc加入下面的内容MYSQL_SERVER    localhostMYSQL_USERNAME  extmailMYSQL_PASSWORD  extmailMYSQL_PORT      0MYSQL_OPT       0MYSQL_DATABASE  extmailMYSQL_SELECT_CLAUSE     SELECT username,password,"",uidnumber,gidnumber,\                        CONCAT('/home/data/domains/',homedir),               \                        CONCAT('/home/data/domains/',maildir),               \                        quota,                                          \                        name                                            \                        FROM mailbox                                    \                        WHERE username = '$(local_part)@$(domain)' 大家要注意,我的邮件保存的目录是/home/data/domains ,你可以跟据你的需要改为自己的目录。用户名和密码是extmail 这个具体需要看extman 软件包中的docs 目录中的extmail.sql,很多人无法通上发信认证,很可能以上面两个文件配置有关。创建pop3/imap 的配置文件%cp pop3d.cnf.dist pop3d.cnf%cp imapd.cnf.dist imapd.cnf修改/usr/local/etc/courier-imap/pop3d (不修改也行) POP3AUTH="LOGIN CRAM-MD5 CRAM-SHA1"修改/usr/local/etc/courier-imap/imapd(不修改也行) IMAP_CAPABILITY="IMAP4rev1 CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA"2、安装 Cyrus-SASL2 %cd /usr/ports/security/cyrus-sasl2%make install WITH_AUTHDAEMON=yes创建 /usr/local/lib/sasl2/smtpd.conf 加入下面的内容 pwcheck_method:authdaemondlog_level:3mech_list:PLAIN LOGINauthdaemond_path:/var/run/authdaemond/socket3、安装Postfix%cd /usr/ports/mail/postfix%make install clean选择SASL2 、TLS、MySQL、VDA ,安装过程中有两个提问,直接按回车,使用系统默认的回答。 %echo postfix: root >> /etc/aliases%/usr/local/bin/newaliases%ln -s /usr/local/sbin/sendmail /usr/sbin/sendmail如果出现ln: /usr/sbin/sendmail: File exists 提示,把/usr/sbin/sendmail改名再链接。设置postfix 随系统启动postfix_enable="YES"                  sendmail_enable="NO"                  sendmail_submit_enable="NO"           sendmail_outbound_enable="NO"sendmail_msp_queue_enable="NO"创建/etc/periodic.conf 加入下面的内容daily_clean_hoststat_enable="NO"daily_status_mail_rejects_enable="NO"daily_status_include_submit_mailq="NO"daily_submit_queuerun="NO"配置/usr/local/etc/postfix/main.cf ,在你安装时,只需要修改####BASE#### 部分即可 %mv main.cf main.cf.bak这个配置文件已经加入了maildrop的支持###################BASE##################myhostname=mail.extmail.org   #机器的名字mydomain = extmail.org  #你的域名mydestination = $myhostnamelocal_recipient_maps = command_directory = /usr/local/sbin#local_transport = virtualsmtpd_banner = extmail.org ESMTP Mail Systemmessage_size_limit = 14680064  #邮件大小#mailbox_size_limit = 512000000#################MySQL################virtual_alias_maps =mysql:/usr/local/etc/postfix/mysql_virtual_alias_maps.cf#virtual_gid_maps = static:125#virtual_gid_maps = static:1000virtual_mailbox_base = /home/data/domains  #邮件保存的目录virtual_mailbox_domains = mysql:/usr/local/etc/postfix/mysql_virtual_domains_maps.cf#virtual_mailbox_limit = 512000000virtual_mailbox_maps = mysql:/usr/local/etc/postfix/mysql_virtual_mailbox_maps.cf#virtual_minimum_uid = 125#virtual_minimum_uid = 1000#virtual_transport = virtualvirtual_transport = maildrop:maildrop_destination_recipient_limit = 1 #virtual_uid_maps = static:125#virtual_uid_maps = static:1000################Quota################virtual_create_maildirsize = yesvirtual_mailbox_extended = yesvirtual_mailbox_limit_maps = mysql:/usr/local/etc/postfix/mysql_virtual_mailbox_limit_maps.cfvirtual_mailbox_limit_override = yesvirtual_maildir_limit_message = Sorry,the user's Maildir has overdrawn his diskspace quota ,please tray again later.virtual_overquota_bounce = yes##############SASL####################smtpd_sasl_auth_enable = yessmtpd_sasl2_auth_enable = yessmtpd_sasl_security_options = noanonymousbroken_sasl_auth_clients = yessmtpd_recipient_restrictions =  permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_unauth_pipelining, reject_invalid_hostname, reject_rbl_client cbl.anti-spam.org.cn   #CBL 服务器 具体请看anti-spam.org.cn#注意上面几行前面是有空格的。readme_directory = nosample_directory = /usr/local/etc/postfixsendmail_path = /usr/local/sbin/sendmailhtml_directory = nosetgid_group = maildropmanpage_directory = /usr/local/mandaemon_directory = /usr/local/libexec/postfixnewaliases_path = /usr/local/bin/newaliasesmailq_path = /usr/local/bin/mailqqueue_directory = /var/spool/postfixmail_owner = postfix以下四个文件在extman 软件包Docs 目录里,使用时,直接复制到/usr/local/etc/postfix 目录即可。mysql_virtual_alias_maps.cfuser = extmailpassword = extmailhosts = localhostdbname = extmailtable = aliasselect_field = gotowhere_field = addressadditional_conditions = AND active = '1'mysql_virtual_domains_maps.cfuser = extmailpassword = extmailhosts = localhostdbname = extmailtable = domainselect_field = descriptionwhere_field = domainadditional_conditions = AND active = '1'mysql_virtual_mailbox_maps.cfuser = extmailpassword = extmailhosts = localhostdbname = extmailtable = mailboxselect_field = maildirwhere_field = usernameadditional_conditions = AND active = '1'mysql_virtual_mailbox_limit_maps.cfuser = extmailpassword = extmailhosts = localhostdbname = extmailtable = mailboxselect_field = quotawhere_field = usernameadditional_conditions = AND active = '1'至此postfix 基本设置完成,但还不能收发邮件。4、安装maildrop我们在设置邮件服务器时MTA 部分还是使用posfix 本身的帐户进行处理邮件,由于maildrop 不能和postfix 与同一用户身份处理邮件,所以我们新开一个用户用户maildrop 处理。 添加vgroup pw groupadd vgroup -g 1000添加vuser%pw useradd vuser -g 1000 -u 1000 -s /sbin/nologin -d /sbin/nologin -c "virtual mail user"安装maildrop,记得要把WITH_AUTHLIB=yes 加上 %cd /usr/ports/mail/maildrop%make install WITH_AUTHLIB=yes选择AUTH_MYSQL        lqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqk               x                    Options for maildrop 2.0.1                      x                 x lqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqk x                 x x            [ ] AUTH_LDAP    LDAP support                       x x                 x x            [X] AUTH_MYSQL   MySQL support                      x x                 x x            [ ] AUTH_PGSQL   PostgreSQL support                 x x                 x x            [ ] AUTH_USERDB  Userdb support                     x x                 x x            [ ] AUTH_VCHKPW  Vpopmail/vchkpw support            x x  修改/usr/local/etc/postfix/master.cf ,把maildrop 原先已有的记录注译(即删除旧记录),加上下面的内容maildrop unix -     n     n     -     -     pipe  flags=DRhu user=vuser argv=/usr/local/bin/maildrop -d ${user}@${nexthop} ${recipient} ${user} ${extension} ${nexthop}设置邮件存储目录%mkdir -p /home/data/domains/extmail.org/test%/usr/local/bin/maildirmake /home/data/domains/extmail.org/test/Maildir%chown -R 1000:1000 domains/ 至此,我们的邮件系统基础部分已经安装完成了。重启系统,开始进行测试。 六、测试系统1、测试maildrop 是否正常建议进入系统后去检查/etc/rc.conf 中的服务是否正常。 注意邮件系统用户名格式是:user@domain.ltd ,是支持多域的,和平时用的有点不一样。用SecureCRT 新开 二个窗口,其中一个用于输入命令,一个查看maillog%tail -f /var/log/maillog观察下面的操作,证明maildrop 已投递正常 %echo "test" | maildrop -V 10 -d test@extmail.orgmaildrop: authlib: groupid=1000maildrop: authlib: userid=1000maildrop: authlib: logname=test@extmail.org, home=/home/data/domains/extmail.org/test, mail=/home/data/domains/extmail.org/test/Maildir/maildrop: Changing to /home/data/domains/extmail.org/testMessage start at 0 bytes, envelope sender=test@extmail.orgmaildrop: Attempting .mailfilterWARN: quota string '5242880' not parseablemaildrop: Delivery complete.maillog 将会有如下显示Mar 10 14:39:58 mail authdaemond: Authenticated: sysusername=, sysuserid=1000, sysgroupid=1000, homedir=/home/data/domains/extmail.org/test, address=test@extmail.org, fullname=Test user, maildir=/home/data/domains/extmail.org/test/Maildir/, quota=5242880, options=Mar 10 14:39:58 mail authdaemond: Authenticated: clearpasswd=, passwd={crypt}uywiuN.XggXXc2、测试postfix 由于在发信认证时使用的是BASE64 编码,所以要把用户名和密码转BASE64 格式,在此前需要安装 p5-MIME-BASE64%cd /usr/ports/converters/p5-MIME-Base64/%make install测试用户test@extmail.org 密码 test%perl -MMIME::Base64 -e 'print encode_base64("test\@extmail.org");'                   dGVzdEBleHRtYWlsLm9yZw==%perl -MMIME::Base64 -e 'print encode_base64("test");'      dGVzdA==看下面的测试过程%telnet localhost 25Trying ::1...telnet: connect to address ::1: Connection refusedTrying 127.0.0.1...Connected to localhost.Escape character is '^]'.220 sharesky.cn ESMTP Mail Systemehlo test.com250-mail.extmail.org250-PIPELINING250-SIZE 14680064250-VRFY250-ETRN250-AUTH LOGIN PLAIN250-AUTH=LOGIN PLAIN250 8BITMIMEauth login334 VXNlcm5hbWU6dGVzdEBleHRtYWlsLm9yZw==334 UGFzc3dvcmQ6dGVzdA==235 Authentication successfulmail from:250 Okrcpt to:250 Okdata354 End data with .this is a test..250 Ok: queued as 23CEE5C38quit221 ByeConnection closed by foreign host.下面是系统所产生的maillogMar 10 14:47:45 mail postfix/smtpd[1090]: connect from localhost[127.0.0.1]Mar 10 14:47:57 mail authdaemond: Authenticated: sysusername=, sysuserid=1000, sysgroupid=1000, homedir=/home/data/domains/extmail.org/test, address=test@extmail.org, fullname=Test user, maildir=/home/data/domains/extmail.org/test/Maildir/, quota=5242880, options=Mar 10 14:47:57 mail authdaemond: Authenticated: clearpasswd=test, passwd={crypt}uywiuN.XggXXcMar 10 14:48:13 mail postfix/smtpd[1090]: 23CEE5C38: client=localhost[127.0.0.1], sasl_method=login, sasl_username=test@extmail.orgMar 10 14:48:18 mail postfix/cleanup[1135]: 23CEE5C38: message-id=<20060310144813.23CEE5C38@mail.extmail.org>Mar 10 14:48:18 mail postfix/qmgr[669]: 23CEE5C38: from=, size=341, nrcpt=1 (queue active)Mar 10 14:48:19 mail authdaemond: Authenticated: sysusername=, sysuserid=1000, sysgroupid=1000, homedir=/home/data/domains/extmail.org/test, address=test@extmail.org, fullname=Test user, maildir=/home/data/domains/extmail.org/test/Maildir/, quota=5242880, options=Mar 10 14:48:19 mail authdaemond: Authenticated: clearpasswd=, passwd={crypt}uywiuN.XggXXcMar 10 14:48:19 mail postfix/pipe[1136]: 23CEE5C38: to=, relay=maildrop, delay=14, status=sent (extmail.org)Mar 10 14:48:19 mail postfix/qmgr[669]: 23CEE5C38: removedMar 10 14:48:20 mail postfix/smtpd[1090]: disconnect from localhost[127.0.0.1]测试pop3收邮件%telnet localhost 110Trying ::1...telnet: connect to address ::1: Connection refusedTrying 127.0.0.1...Connected to localhost.Escape character is '^]'.+OK Hello there.user test@extmail.org+OK Password required.pass test+OK logged in.list+OK POP3 clients that break here, they violate STD53.1 62 403.retr 1+OK 6 octets follow.test.retr 2+OK 403 octets follow.Return-Path: Delivered-To: test@extmail.orgReceived: from test.com (localhost [127.0.0.1])        by mail.extmail.org (Postfix) with ESMTP id 23CEE5C38        for ; Fri, 10 Mar 2006 14:48:05 +0000 (UTC)Message-Id: <20060310144813.23CEE5C38@mail.extmail.org>Date: Fri, 10 Mar 2006 14:48:05 +0000 (UTC)From: test@test.comTo: undisclosed-recipients:;this is a test..quit+OK Bye-bye.Connection closed by foreign host.所产生的maillogMar 10 16:17:56 mail authdaemond: Authenticated: sysusername=, sysuserid=1000, sysgroupid=1000, homedir=/home/data/domains/extmail.org/test, address=test@extmail.org, fullname=Test user, maildir=/home/data/domains/extmail.org/test/Maildir/, quota=5242880, options=Mar 10 16:17:56 mail authdaemond: Authenticated: clearpasswd=test, passwd={crypt}uywiuN.XggXXcMar 10 16:17:57 mail pop3d: LOGIN, user=test@extmail.org, ip=[127.0.0.1]Mar 10 16:18:15 mail pop3d: LOGOUT, user=test@extmail.org, ip=[127.0.0.1], top=0, retr=397, time=18至此,我们已经成功安装了一个邮件系统,下面我们再去增加内容过滤和反垃圾邮件部分还成web部分,成功已经离我们不远了,鼓起干劲,冲啊~~!~!~!~~~RUSH... 七、安装反垃圾邮件1、安装amavisd-new内容过滤我们采用了amavisd-new ,主要考滤到amavsid-new 配置方便,当然你也可以使用mailscanner,还是那一句,咸鱼白菜,各有所好。%cd /usr/ports/security/amavisd-new/%make install clean只选择MYSQL在安装Amavisd-new 时,系统会自动把Spamassassin 装上去               lqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqk               x             Options for p5-Mail-SpamAssassin 3.1.0_6               x                 x lqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqk x                 x x   [X] AS_ROOT        Run spamd as root (recommended)           x x                 x x   [ ] DOMAINKEYS     DomainKeys support                        x x                 x x   [X] SSL            Build with SSL support for spamd/spamc    x x                 x x   [X] MYSQL          Add MySQL support                         x x                 x x   [ ] PGSQL          Add PostreSQL support                     x x                 x x   [ ] RAZOR          Add Vipul's Razor support                 x x                 x x   [ ] SPF_QUERY      Add SPF query support                     x x                 x x   [ ] RELAY_COUNTRY  Relay country support                     x x                 x x   [X] TOOLS          Install SpamAssassin tools                x x  在/etc/rc.conf 加入下面的内容 amavisd_enable="YES"spamd_enable="YES"修改 /usr/local/etc/amavisd.conf$mydomain = 'extmail.org'; 垃圾邮件病毒通知$virus_admin               = "postmaster\@$mydomain";  # notifications recip.$mailfrom_notify_admin     = "postmaster\@$mydomain";  # notifications sender$mailfrom_notify_recip     = "postmaster\@$mydomain";  # notifications sender$mailfrom_notify_spamadmin = "postmaster\@$mydomain"; # notifications sender$mailfrom_to_quarantine = ''; # null return path; uses original sender if undef去除对附件的转换$banned_filename_re = new_RE(#把中间的内容全部加上#);加入对Clamav 的支持# ### http://www.clamav.net/ ['ClamAV-clamd',   \%26amp;ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd"],   qr/\bOK$/, qr/\bFOUND$/,   qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ], 在/usr/local/etc/postfix/main.cf 加入content_filter = smtp-amavis:[127.0.0.1]:10024在/usr/local/etc/postfix/master.cf 加入smtp-amavis unix -   -   n     -       2  smtp         -o smtp_data_done_timeout=1200         -o disable_dns_lookups=yes                                                                                  127.0.0.1:10025 inet n -       n       -       -  smtpd         -o content_filter=         -o local_recipient_maps=         -o relay_recipient_maps=         -o smtpd_restriction_classes=         -o smtpd_client_restrictions=         -o smtpd_helo_restrictions=         -o smtpd_sender_restrictions=         -o smtpd_recipient_restrictions=permit_mynetworks,reject        -o mynetworks=127.0.0.0/8 重启postfix%/usr/local/etc/rc.d/postfix.sh restartpostfix/postfix-script: stopping the Postfix mail systempostfix/postfix-script: starting the Postfix mail system对于Spamassassin 配置文件/usr/local/etc/mail/spamassassin/local.cf 请参考http://spamassassin.apache.org/配置工具http://www.yrex.com/spam/spamconfig.php 调试amavisd-new%su vscan$ /etc/sbin/amavisd debug如果没有出现任何错误,证明你的amavisd-new 正常。2、安装Clamavclamav 用于邮件杀毒%cd /usr/ports/security/clamav%make install clean可以什么都不选,直接回车clamav_clamd_enable="YES"clamav_freshclam_enable="YES"修改/usr/local/etc/clamd.conf 让其以vscan 身份运行(约145行)#User clamavUser vscan修改/usr/local/etc/freshclam.conf#DatabaseOwner clamavDatabaseOwner vscan修目录权限%chown -R vscan:vscan /var/log/clamav%chown -R vscan:vscan /var/run/clamav%chown -R vscan:vscan /var/db/clamav启动clamav 与 自动更新%/usr/local/etc/rc.d/clamav-clamd.sh start%/usr/local/etc/rc.d/clamav-freshclam.sh start3、测试%telnet localhost 25Trying ::1...telnet: connect to address ::1: Connection refusedTrying 127.0.0.1...Connected to localhost.mold.com.cn.Escape character is '^]'.220 extmail.org ESMTP Mail Systemehlo test.com250-mail.mold.com.cn250-PIPELINING250-SIZE 14680064250-VRFY250-ETRN250-AUTH LOGIN PLAIN250-AUTH=LOGIN PLAIN250 8BITMIMEmail from:250 Okrcpt to:250 Okdata354 End data with .X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*.250 Ok: queued as F19692E084quit221 ByeConnection closed by foreign host.所产生的maillogMar 10 18:19:25 mail postfix/smtpd[797]: connect from localhost[127.0.0.1]Mar 10 18:19:25 mail postfix/smtpd[797]: CD31B5C25: client=localhost[127.0.0.1]Mar 10 18:19:25 mail postfix/cleanup[793]: CD31B5C25: message-id=Mar 10 18:19:25 mail postfix/qmgr[789]: CD31B5C25: from=, size=1670, nrcpt=1 (queue active)Mar 10 18:19:26 mail postfix/smtpd[797]: disconnect from localhost[127.0.0.1]Mar 10 18:19:26 mail amavis[458]: (00458-01) Blocked INFECTED (Eicar-Test-Signature), [127.0.0.1]  -> , quarantine: virus-Q0WNU5+REDjW, Message-ID: <20060310181918.954D75C24@mail.extmail.org>, mail_id: Q0WNU5+REDjW, Hits: -, 1567 msMar 10 18:19:26 mail postfix/smtp[794]: 954D75C24: to=, relay=127.0.0.1[127.0.0.1], delay=14, status=sent (250 2.7.1 Ok, discarded, id=00458-01 - VIRUS: Eicar-Test-Signature)Mar 10 18:19:26 mail postfix/qmgr[789]: 954D75C24: removedMar 10 18:19:26 mail postfix/smtpd[791]: disconnect from localhost[127.0.0.1]观看红色的地方,病毒已经找到,并隔离了。随之这封邮件被系统删除。至此空容过滤杀毒部分已经完,这个时候应该休息一下,喝杯水,接下来完成最后的工作。 八、安装extmail /extman 1、设置apache 的运行身份修改/usr/local/etc/apache22/httpd.conf #User www#Group wwwUser vuserGroup vgroup在httpd.conf 加入下面的内容Alias /extman/cgi/ /usr/local/www/apache22/cgi-bin/extman/cgi/Alias /extman /usr/local/www/apache22/cgi-bin/extman/html/SetHandler cgi-scriptOptions +ExecCGIAllowOverride All# config for ExtMail               Alias /extmail/cgi/ /usr/local/www/apache22/cgi-bin/extmail/cgi/Alias /extmail /usr/local/www/apache22/cgi-bin/extmail/html/SetHandler cgi-scriptOptions +ExecCGIAllowOverride All重启apahce%/usr/local/etc/rc.d/apache22.sh restartPerforming sanity check on apache22 configuration:Syntax OKStopping apache22.Waiting for PIDS: 461.Performing sanity check on apache22 configuration:Syntax OKStarting apache22.2、安装extmail

从extmail官方网站:www.extmail.org 下载最新版式

tar zxvf extmail-23-20060219.tar.gz %cp -r  extmail-0.23-20060219/ /usr/local/www/apache22/cgi-bin/extmail

创建配置文件

%cd /usr/local/www/apache22/cgi-bin/extmail/%cp webmail.cf.default webmail.cf

修改配置文件,我只把需要修改的地方贴出来

# sys_config, the config file and webmail programe rootSYS_CONFIG = /usr/local/www/apache22/cgi-bin/extmail/# sys_langdir, the i18n dirSYS_LANGDIR = /usr/local/www/apache22/cgi-bin/extmail/lang# sys_templdir, the template dirSYS_TEMPLDIR = /usr/local/www/apache22/cgi-bin/extmail/html# sys_netdisk_on, default is offSYS_NETDISK_ON = 1 # maildir_base, the base dir of user maildir, use absolute path# if not set.SYS_MAILDIR_BASE = /home/data/domains# if mysql, all relate paramters should prefix as SYS_MYSQLSYS_MYSQL_USER = extmail   SYS_MYSQL_PASS = extmail   SYS_MYSQL_DB = extmail     SYS_MYSQL_HOST = localhostSYS_MYSQL_SOCKET = /tmp/mysql.sock  

打开你的浏览器,输入http://ip/extmail 即可看到登陆窗口

用户名:test

密码:test

域名:extmail.org

点击查看大图

3、安装extman

从extmail 官方网站下载软件包,解压复制到/usr/local/www/apache22/cgi-bin目录。

%cd /usr/local/www/apache22/cgi-bin/extman/

编辑 webman.cf

# sys_config, the config file and webman programe rootSYS_CONFIG = /usr/local/www/apache22/cgi-bin/extman/# sys_langdir, the i18n dirSYS_LANGDIR = /usr/local/www/apache22/cgi-bin/extman/lang# sys_templdir, the template dirSYS_TEMPLDIR = /usr/local/www/apache22/cgi-bin/extman/html# maildir_base, the base dir of user maildir, use absolute path# if not set. SYS_MAILDIR_BASE = /home/data/domains# if mysql, all relate paramters should prefix as SYS_MYSQLSYS_MYSQL_USER = webmanSYS_MYSQL_PASS = webmanSYS_MYSQL_DB = extmailSYS_MYSQL_HOST = localhostSYS_MYSQL_SOCKET = /tmp/mysql.sock   

创建/tmp/extman

%mkdir /tmp/extman%chmod 777 /tmp/extman/

创建软件包的链接

%cd extman/libs/Ext/%./buildlink.sh build /usr/local/www/apache22/cgi-bin/extmail/libs/Ext/

打开浏览器输入http://ip/extman

用户名:root@extmail.org 密码:extmail

点击查看大图

系统配置文件下载

rc.conf 内容

mysql_enable="YES"apache22_enable="YES"postfix_enable="YES"sendmail_enable="NO"sendmail_submit_enable="NO"sendmail_outbound_enable="NO"sendmail_msp_queue_enable="NO"courier_authdaemond_enable="YES"courier_imap_pop3d_enable="YES"courier_imap_imapd_enable="YES"amavisd_enable="YES"spamd_enable="YES"clamav_clamd_enable="YES"clamav_freshclam_enable="YES"

由于水平有限,时间急促,文档中难免有错漏,如果你发现错误,或有更好的建议请告诉我,本人一定尽力做到最好。

感谢你的



相关阅读:
通过避免下列10个常见ASP.NET缺陷使网站平稳运行中
PHP菜鸟你是吗?
解决Linux服务器下误删除文件的操作
LINUX支持的文件系统
SQLSERVER的max degree of parallelism参数
用JS获得表格当前行数的代码
PHP初学者最感迷茫的问题小结
mysql备份恢复mysqldump.exe几个常用用例
c# .net 生成图片验证码的代码
如何有效地使用函数select()
JavaScript 中级笔记 第五章 面向对象的基础
oracle 计算时间的SQL语句介绍
在Fedora下安装PPStream网络电视
asp 由动态网页转变为静态网页的实现代码
快速导航

Copyright © 2016 phpStudy | 皖ICP备18014864号-4