1.安装mysql并创建用户库结构
导入postfixadmin中自带的用户库结构
tar zxf postfix/postfixadmin-2.1.0.gz
cd postfixadmin-2.1.0/
/usr/local/mysql/bin/mysql -u root < DATABASE_MYSQL.TXT
2.安装Cyrus-sasl2
tar zxf postfix/cyrus-sasl-2.1.22.tar.gz
cd cyrus-sasl-2.1.22/
./configure --enable-plain --enable-cram --enable-digest --enable-login --enable-sql --disable-anon --disable-ntlm --disable-gssapi --disable-krb4 --disable-otp --disable-srp --disable-srp-setpass --with-authdaemond=/usr/local/var/spool/authdaemon/socket --with-mysql=/usr/local/mysql --with-mysql-includes=/usr/local/mysql/include/mysql --with-mysql-libs=/usr/local/mysql/lib/mysql
make
make install
ln -s /usr/local/lib/sasl2 /usr/lib/sasl2
创建/usr/local/lib/sasl2/smtpd.conf文件,内容如下
pwcheck_method: authdaemond
log_level: 3
mech_list: PLAIN LOGIN
authdaemond_path:/usr/local/var/spool/authdaemon/socket
3.安装Postfix
groupadd -g 10000 postfix
useradd -u 10000 -d /nonexistent -s /bin/false -g postfix postfix
groupadd -g 10001 postdrop
因postfix-2.4版需要epoll支持,所以只能安装postfix-2.3.12
tar zxf postfix/postfix-2.3.12.tar.gz
cd postfix-2.3.12/
make tidy
make makefiles CCARGS='-DHAS_MYSQL -DUSE_SASL_AUTH -DUSE_CYRUS_SASL \
-I/usr/local/mysql/include/mysql -I/usr/local/include/sasl' AUXLIBS='-L/usr/local/mysql/lib/mysql -L/usr/local/lib \
-lmysqlclient -lm -lz -lsasl2'
make
ldconfig
make install
编辑/etc/postfix/main.cf文件,修改和添加如下内容(部分内容在make install时的交互脚本中完成设置)
queue_directory = /data/postfix_queues
myhostname = mail2.xxx.com
mydomain = xxx.com
myorigin = $mydomain
mydestination = $myhostname, localhost.$mydomain, localhost
alias_maps = hash:/etc/postfix/aliases
home_mailbox = Maildir/
# virtual mailbox setup
virtual_mailbox_domains = mysql:/etc/postfix/mysql/mysql_mailbox_domains.cf
virtual_mailbox_base = /data/postfix_mailbox/
virtual_mailbox_maps = mysql:/etc/postfix/mysql/mysql_mailbox_maps.cf
virtual_minimum_uid = 10000
virtual_uid_maps = static:10000
virtual_gid_maps = static:10000
virtual_alias_maps = mysql:/etc/postfix/mysql/mysql_alias_maps.cf
# SASL setup
smtpd_sasl_auth_enable = yes
smtpd_sasl_application_name = smtpd
broken_sasl_auth_clients = yes
smtpd_sasl_local_domain = $mydomain
smtpd_recipient_restrictions = permit_mynetworks,
permit_sasl_authenticated,reject_unauth_destination
# amavisd-new setup
content_filter = smtp-amavis:[127.0.0.1]:10024
同时根据/etc/postfix/main.cf文件中的虚拟邮箱设置,创建如下目录、文件和对应内容,具体的用户名和密码取决于mysql中的设置
mkdir /etc/postfix/mysql
cat /etc/postfix/mysql/mysql_alias_maps.cf
user = postfix
password = postfix
dbname = postfix
hosts = localhost
table = alias
select_field = goto
where_field = address
additional_conditions = and active='1'
cat /etc/postfix/mysql/mysql_mailbox_maps.cf
user = postfix
password = postfix
dbname = postfix
hosts = localhost
table = mailbox
select_field = maildir
where_field = username
additional_conditions = and active='1'
cat /etc/postfix/mysql/mysql_mailbox_domains.cf
user = postfix
password = postfix
dbname = postfix
hosts = localhost
table = domain
select_field = domain
where_field = domain
additional_conditions = and active='1'
4.安装courier-authlib
tar jxf postfix/courier-authlib-0.59.3.tar.bz2
cd courier-authlib-0.59.3/
./configure --without-authpam --without-authldap --without-authpwd --without-authshadow --without-authvchkpw --without-authpgsql --without-authcustom --without-authpipe --without-authuserdb --with-authmysql --with-mysql-libs=/usr/local/mysql/lib/mysql --with-mysql-includes=/usr/local/mysql/include/mysql --with-mailuser=postfix --with-mailgroup=postfix
make
make install
echo "/usr/local/lib/courier-authlib" >> /etc/ld.so.conf
ldconfig
make install-configure
修改/usr/local/etc/authlib/authmysqlrc文件为如下内容
MYSQL_SERVER localhost
MYSQL_USERNAME postfix
MYSQL_PASSWORD postfix
MYSQL_SOCKET /tmp/mysql.sock
MYSQL_PORT 3306
MYSQL_OPT 0
MYSQL_DATABASE postfix
MYSQL_USER_TABLE mailbox
MYSQL_CRYPT_PWFIELD password
DEFAULT_DOMAIN xxx.com
MYSQL_UID_FIELD 10000
MYSQL_GID_FIELD 10000
MYSQL_LOGIN_FIELD username
MYSQL_HOME_FIELD '/data/postfix_mailbox/'
MYSQL_NAME_FIELD name
MYSQL_MAILDIR_FIELD maildir
MYSQL_QUOTA_FIELD quota
MYSQL_WHERE_CLAUSE active='1'
5.安装Courier-imap
以普通用户执行下列命令
tar jxf postfix/courier-imap-4.1.3.tar.bz2
cd courier-imap-4.1.3/
./configure --enable-unicode --with-trashquota --without-ipv6
make
su
make install
make install-configure
6.安装postfixadmin
tar zxf postfix/postfixadmin-2.1.0.gz
cd postfixadmin-2.1.0/
cp config.inc.php.sample config.inc.php
cd /data/htdocs/postfixadmin
chmod 640 *.php *.css
cd /data/htdocs/postfixadmin/admin/
chmod 640 *.php .ht*
cd /data/htdocs/postfixadmin/images/
chmod 640 *.gif *.png
cd /data/htdocs/postfixadmin/languages/
chmod 640 *.lang
cd /data/htdocs/postfixadmin/templates/
chmod 640 *.tpl
cd /data/htdocs/postfixadmin/users/
chmod 640 *.php
7.安装apache和php
tar zxf postfix/httpd-2.2.4.tar.gz
cd httpd-2.2.4
./configure --enable-so --enable-rewrite --prefix=/usr/local/apache-2.2.4 --enable-mods-shared=all
make
make install
cd /usr/local/
ln -s apache-2.2.4/ apache
tar zxf postfix/c-client.tar.Z
cd imap-2006j/
make slx SSLTYPE=none
tar zxf postfix/php-4.4.7.tar.gz
cd php-4.4.7/
./configure --prefix=/usr/local/php --with-mysql=/usr/local/mysql \
--with-apxs2=/usr/local/apache2/bin/apxs --with-config-file-path=/usr/local/php/etc --enable-versioning --enable-ftp \
--with-imap=/usr/src/imap-2007/ --enable-sockets
make
make install
cp php.ini-recommended /usr/local/php/etc/php.ini
8.postfix启动步骤
/usr/local/mysql/bin/mysqld_safe --user=mysql &
postfix start
/usr/local/sbin/authdaemond start
/usr/lib/courier-imap/libexec/imapd.rc start
/usr/lib/courier-imap/libexec/pop3d.rc start
测试SMTP服务
由于在发信认证时使用的是BASE64 编码,所以要把用户名和密码转BASE64 格式
root@xxx:/home/admin# printf ' test@xxx.com\ 0test@xxx.com\0test' |mmencode
dGVzdEBwYWlwYWkuY29tAHRlc3RAcGFpcGFpLmNvbQB0ZXN0
root@xxx:/home/admin# printf ' test@xxx.com' |mmencode
dGVzdEBwYWlwYWkuY29t
root@xxx:/home/admin# perl -MMIME::Base64 -e 'print encode_base64("test\@xxx.com");'
dGVzdEBwYWlwYWkuY29t
root@xxx:/home/admin# perl -MMIME::Base64 -e 'print encode_base64("test");'
dGVzdA==
admin@xxx:~$ telnet 192.*.*.* 25
Trying 192.*.*.*...
Connected to 192.*.*.*.
Escape character is '^]'.
220 mail_new.xxx.com ESMTP Postfix
EHLO xxx.com
250-mail_new.xxx.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
AUTH PLAIN dGVzdEBwYWlwYWkuY29tAHRlc3RAcGFpcGFpLmNvbQB0ZXN0
235 2.0.0 Authentication successful
MAIL FROM:test@xxx.com
250 2.1.0 Ok
RCPT TO:test@xxx.com
250 2.1.5 Ok
DATA
354 End data with .
test mail 1
.
250 2.0.0 Ok: queued as 5447BA4803F
QUIT
221 2.0.0 Bye
admin@xxx:~$ telnet 192.*.*.* 25
Trying 192.*.*.*...
Connected to 192.*.*.*.
Escape character is '^]'.
220 mail_new.xxx.com ESMTP Postfix
EHLO xxx.com
250-mail_new.xxx.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
AUTH LOGIN
334 VXNlcm5hbWU6
dGVzdEBwYWlwYWkuY29t
334 UGFzc3dvcmQ6
dGVzdA==
235 2.0.0 Authentication successful
MAIL FROM:xyz@163.com
250 2.1.0 Ok
RCPT TO:test@xxx.com
250 2.1.5 Ok
DATA
354 End data with .
to:any@any.com
from: anyone@any.com
subject:Telnet test
test mail 2
.
250 2.0.0 Ok: queued as C117FA4803F
QUIT
221 2.0.0 Bye
测试POP3服务
admin@xxx:~$ telnet 192.*.*.* 110
Trying 192.*.*.*...
Connected to 192.*.*.*.
Escape character is '^]'.
+OK Hello there.
USER test@xxx.com
+OK Password required.
PASS test
+OK logged in.
LIST
+OK POP3 clients that break here, they violate STD53.
1 447
2 459
.
STAT
+OK 2 906
RETR 2
+OK 459 octets follow.
Return-Path: < xyz@163.com>
X-Original-To: test@xxx.com
Delivered-To: test@xxx.com
Received: from xxx.com (unknown [192.*.*.*])
by mail_new.xxx.com (Postfix) with ESMTP id C117FA4803F
for < test@xxx.com>; Tue, 7 Aug 2007 11:52:39 +0800 (CST)
Message-Id: < 20070807035256.C117FA4803F@mail_new.xxx.com>
Date: Tue, 7 Aug 2007 11:52:39 +0800 (CST)
From: xyz@163.com
To: undisclosed-recipients:;
test mail 2
.
QUIT
+OK Bye-bye.
测试IMAP服务
admin@monitor:~$ telnet 192.*.*.* 143
Trying 192.*.*.*...
Connected to 192.*.*.*.
Escape character is '^]'.
* OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE ACL ACL2=UNION STARTTLS] Courier-IMAP ready. Copyright 1998-2005 Double Precision, Inc. See COPYING for distribution information.
. LOGIN test@xxx.com test
. OK LOGIN Ok.
. list "" "*"
* LIST (\Unmarked \HasNoChildren) "." "INBOX"
. OK LIST completed
. select INBOX
* FLAGS (\Draft \Answered \Flagged \Deleted \Seen \Recent)
* OK [PERMANENTFLAGS (\* \Draft \Answered \Flagged \Deleted \Seen)] Limited
* 2 EXISTS
* 2 RECENT
* OK [UIDVALIDITY 1186461175] Ok
* OK [MYRIGHTS "acdilrsw"] ACL
. OK [READ-WRITE] Ok
. create INBOX.test3
. OK "INBOX.test3" created.
. status INBOX.test3 (messages)
* STATUS "INBOX.test3" (MESSAGES 0)
. OK STATUS Completed.
. copy 1 INBOX.test3
. OK [COPYUID 1186461785 1 1] COPY completed.
. status INBOX.test3 (messages)
* STATUS "INBOX.test3" (MESSAGES 1)
. OK STATUS Completed.
. list "" "*"
* LIST (\HasNoChildren) "." "INBOX.test3"
* LIST (\Unmarked \HasChildren) "." "INBOX"
. OK LIST completed
. delete INBOX.test3
. OK Folder deleted.
. list "" "*"
* LIST (\Unmarked \HasNoChildren) "." "INBOX"
. OK LIST completed
. status INBOX (messages)
* STATUS "INBOX" (MESSAGES 2)
. OK STATUS Completed.
. fetch 1 flags
* 1 FETCH (FLAGS (\Seen \Recent))
. OK FETCH completed.
. fetch 1 rfc822.header
* 1 FETCH (RFC822.HEADER {434}
Return-Path: < test@xxx.com>
X-Original-To: test@xxx.com
Delivered-To: test@xxx.com
Received: from xxx.com (unknown [172.16.130.36])
by mail_new.xxx.com (Postfix) with ESMTP id 5447BA4803F
for < test@xxx.com>; Tue, 7 Aug 2007 11:09:18 +0800 (CST)
Message-Id: < 20070807030923.5447BA4803F@mail_new.xxx.com>
Date: Tue, 7 Aug 2007 11:09:18 +0800 (CST)
From: test@xxx.com
To: undisclosed-recipients:;
)
. OK FETCH completed.
. fetch 1 rfc822.text
* 1 FETCH (RFC822.TEXT {13}
test mail 1
)
. OK FETCH completed.
. capability
* CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE ACL ACL2=UNION
. OK CAPABILITY completed
. getquotaroot inbox
* QUOTAROOT "inbox" "ROOT"
* QUOTA "ROOT"
. OK GETQUOTAROOT Ok.
. getacl inbox
* ACL "inbox" "owner" "acdilrsw" "administrators" "acdilrsw"
. OK GETACL completed.
. logout
* BYE Courier-IMAP server shutting down
. OK LOGOUT completed
9.安装amavisd-new+clamav+SpamAssassin
groupadd clamav
useradd -g clamav -s/bin/false -d /nonexistent clamav
tar zxf postfix/clamav-0.91.1.tar.gz
cd clamav-0.91.1/
./configure
make
make install
ldconfig
mkdir /var/run/clamav
chmod 700 /var/run/clamav
chown clamav.clamav /var/run/clamav
mkdir /var/log/clamav
chmod 744 /var/log/clamav
chown clamav.clamav /var/log/clamav
配置文件位于
/usr/local/etc/freshclam.conf
/usr/local/etc/clamd.conf
修改/usr/local/etc/clamd.conf文件如下内容
LogFile /var/log/clamav/clamd.log
LogFileMaxSize 10M
LogTime yes
LogClean yes
LogFacility LOG_MAIL
PidFile /var/run/clamav/clamd.pid
LocalSocket /var/run/clamav/clamd
User clamav
修改/usr/local/etc/freshclam.conf文件如下内容
UpdateLogFile /var/log/clamav/freshclam.log
LogFacility LOG_MAIL
PidFile /var/run/clamav/freshclam.pid
DatabaseMirror db.cn.clamav.net
DatabaseMirror database.clamav.net
NotifyClamd /usr/local/etc/clamd.conf
启动clamd
/usr/local/sbin/clamd
通过crontab每天升级clamav病毒库
30 6 * * * /usr/local/bin/freshclam >/dev/null 2>&1
安装file的新版本
tar xzf postfix/file-4.21.tar.gz
cd file-4.21/
./configure
make
make install
ldconfig
tar zxf postfix/amavisd-new-2.5.2.tar.gz
cd amavisd-new-2.5.2/
mkdir /data/amavis
mkdir /data/amavis/tmp
mkdir /data/amavis/var
mkdir /data/amavis/db
mkdir /data/amavis/home
chown -R clamav.clamav /data/amavis
chmod -R 750 /data/amavis
amavisd.conf文件配置选项的详细描述位于amavisd.conf-sample文件中
cp amavisd.conf /etc/
chown root:clamav /etc/amavisd.conf
chmod 640 /etc/amavisd.conf
mkdir /data/amavis/virusmails
chown clamav.clamav /data/amavis/virusmails
chmod 750 /data/amavis/virusmails
根据amavisd-new文档安装必须的perl模块
perl -MCPAN -e shell
修改/etc/amavisd.conf文件如下内容
$daemon_user = 'clamav'; # (no default; customary: vscan or amavis), -u
$daemon_group = 'clamav'; # (no default; customary: vscan or amavis), -g
$mydomain = 'xxx.com'; # a convenient default for other settings
$MYHOME = '/data/amavis'; # a convenient default for other settings, -H
$TEMPBASE = "$MYHOME/tmp"; # working directory, needs to exist, -T
$inet_socket_port = 10024; # listen on this local TCP port(s)
$virus_admin = undef; # notifications recip.
$spam_admin = undef;
$final_virus_destiny = D_DISCARD;
$final_banned_destiny = D_DISCARD;
$final_spam_destiny = D_DISCARD;
['ClamAV-clamd',
\&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd"],
qr/\bOK$/, qr/\bFOUND$/,
qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
使用下面的命令调试
/usr/local/sbin/amavisd debug
/usr/local/sbin/amavisd debug-sa
使用下面的命令启动、停止、重新加载配置文件
/usr/local/sbin/amavisd start | stop | reload
wget http://apache.mirror.phpchina.com/spamassassin/source/Mail-SpamAssassin-3.2.3.tar.gz
根据SpamAssassin文档安装必须的perl模块
perl -MCPAN -e shell
由于新版本的Mail-SpamAssassin存在bug,通过cpan方式安装时无法通过make test,因此必须以普通用户make、make test,再以root身份make install
tar zxf postfix/Mail-SpamAssassin-3.2.3.tar.gz
cd Mail-SpamAssassin-3.2.3/
su admin
perl Makefile.PL
make
make test
exit
make install
修改/etc/mail/spamassassin/local.cf文件如下内容
# Enable Bayes auto-learning. 开启贝叶斯自动学习功能
auto_learn 1
# Enable or Disable network checks. 略过 RBLs 检查、使用 Razor version 2、使用 DCC (Distributed Checksum Clearinghouse)、使用 Pyzor
skip_rbl_checks 0
#use_razor2 1
use_dcc 1
use_pyzor 1
# Blacklist. 黑名单,判定減 + 100 分
#blacklist_from *@sohu.com *@mailfb.com
# Whitelist . 白名单,判定加 — 100 分
whitelist_from system@xxx.com service@xxx.com
# Mail using languages used in these country codes will not be marked
# as being possibly spam in a foreign language.
# - chinese
ok_languages zh en
# Mail using locales used in these country codes will not be marked
# as being possibly spam in a foreign language.
ok_locales zh en
# Disabled scores. 防止中文主旨和中文收件者误判,建议再加上下列几行
score HEADER_8BITS 0
score HTML_COMMENT_8BITS 0
score SUBJ_FULL_OF_8BITS 0
score UPPERCASE_25_50 0
score UPPERCASE_50_75 0
score UPPERCASE_75_100 0
score NO_REAL_NAME 4.000
score SPF_FAIL 10.000
score SPF_HELO_FAIL 10.000
score BAYES_99 4.300
score BAYES_90 3.500
score BAYES_80 3.000
10.postfix+amavisd-new+clamav+SpamAssassin启动步骤(逆序执行即为停止步骤)
/usr/local/mysql/bin/mysqld_safe --user=mysql &
/usr/local/sbin/clamd
/usr/local/sbin/amavisd start
postfix start
/usr/local/sbin/authdaemond start
/usr/lib/courier-imap/libexec/imapd.rc start
/usr/lib/courier-imap/libexec/pop3d.rc start
导入postfixadmin中自带的用户库结构
tar zxf postfix/postfixadmin-2.1.0.gz
cd postfixadmin-2.1.0/
/usr/local/mysql/bin/mysql -u root < DATABASE_MYSQL.TXT
2.安装Cyrus-sasl2
tar zxf postfix/cyrus-sasl-2.1.22.tar.gz
cd cyrus-sasl-2.1.22/
./configure --enable-plain --enable-cram --enable-digest --enable-login --enable-sql --disable-anon --disable-ntlm --disable-gssapi --disable-krb4 --disable-otp --disable-srp --disable-srp-setpass --with-authdaemond=/usr/local/var/spool/authdaemon/socket --with-mysql=/usr/local/mysql --with-mysql-includes=/usr/local/mysql/include/mysql --with-mysql-libs=/usr/local/mysql/lib/mysql
make
make install
ln -s /usr/local/lib/sasl2 /usr/lib/sasl2
创建/usr/local/lib/sasl2/smtpd.conf文件,内容如下
pwcheck_method: authdaemond
log_level: 3
mech_list: PLAIN LOGIN
authdaemond_path:/usr/local/var/spool/authdaemon/socket
3.安装Postfix
groupadd -g 10000 postfix
useradd -u 10000 -d /nonexistent -s /bin/false -g postfix postfix
groupadd -g 10001 postdrop
因postfix-2.4版需要epoll支持,所以只能安装postfix-2.3.12
tar zxf postfix/postfix-2.3.12.tar.gz
cd postfix-2.3.12/
make tidy
make makefiles CCARGS='-DHAS_MYSQL -DUSE_SASL_AUTH -DUSE_CYRUS_SASL \
-I/usr/local/mysql/include/mysql -I/usr/local/include/sasl' AUXLIBS='-L/usr/local/mysql/lib/mysql -L/usr/local/lib \
-lmysqlclient -lm -lz -lsasl2'
make
ldconfig
make install
编辑/etc/postfix/main.cf文件,修改和添加如下内容(部分内容在make install时的交互脚本中完成设置)
queue_directory = /data/postfix_queues
myhostname = mail2.xxx.com
mydomain = xxx.com
myorigin = $mydomain
mydestination = $myhostname, localhost.$mydomain, localhost
alias_maps = hash:/etc/postfix/aliases
home_mailbox = Maildir/
# virtual mailbox setup
virtual_mailbox_domains = mysql:/etc/postfix/mysql/mysql_mailbox_domains.cf
virtual_mailbox_base = /data/postfix_mailbox/
virtual_mailbox_maps = mysql:/etc/postfix/mysql/mysql_mailbox_maps.cf
virtual_minimum_uid = 10000
virtual_uid_maps = static:10000
virtual_gid_maps = static:10000
virtual_alias_maps = mysql:/etc/postfix/mysql/mysql_alias_maps.cf
# SASL setup
smtpd_sasl_auth_enable = yes
smtpd_sasl_application_name = smtpd
broken_sasl_auth_clients = yes
smtpd_sasl_local_domain = $mydomain
smtpd_recipient_restrictions = permit_mynetworks,
permit_sasl_authenticated,reject_unauth_destination
# amavisd-new setup
content_filter = smtp-amavis:[127.0.0.1]:10024
同时根据/etc/postfix/main.cf文件中的虚拟邮箱设置,创建如下目录、文件和对应内容,具体的用户名和密码取决于mysql中的设置
mkdir /etc/postfix/mysql
cat /etc/postfix/mysql/mysql_alias_maps.cf
user = postfix
password = postfix
dbname = postfix
hosts = localhost
table = alias
select_field = goto
where_field = address
additional_conditions = and active='1'
cat /etc/postfix/mysql/mysql_mailbox_maps.cf
user = postfix
password = postfix
dbname = postfix
hosts = localhost
table = mailbox
select_field = maildir
where_field = username
additional_conditions = and active='1'
cat /etc/postfix/mysql/mysql_mailbox_domains.cf
user = postfix
password = postfix
dbname = postfix
hosts = localhost
table = domain
select_field = domain
where_field = domain
additional_conditions = and active='1'
4.安装courier-authlib
tar jxf postfix/courier-authlib-0.59.3.tar.bz2
cd courier-authlib-0.59.3/
./configure --without-authpam --without-authldap --without-authpwd --without-authshadow --without-authvchkpw --without-authpgsql --without-authcustom --without-authpipe --without-authuserdb --with-authmysql --with-mysql-libs=/usr/local/mysql/lib/mysql --with-mysql-includes=/usr/local/mysql/include/mysql --with-mailuser=postfix --with-mailgroup=postfix
make
make install
echo "/usr/local/lib/courier-authlib" >> /etc/ld.so.conf
ldconfig
make install-configure
修改/usr/local/etc/authlib/authmysqlrc文件为如下内容
MYSQL_SERVER localhost
MYSQL_USERNAME postfix
MYSQL_PASSWORD postfix
MYSQL_SOCKET /tmp/mysql.sock
MYSQL_PORT 3306
MYSQL_OPT 0
MYSQL_DATABASE postfix
MYSQL_USER_TABLE mailbox
MYSQL_CRYPT_PWFIELD password
DEFAULT_DOMAIN xxx.com
MYSQL_UID_FIELD 10000
MYSQL_GID_FIELD 10000
MYSQL_LOGIN_FIELD username
MYSQL_HOME_FIELD '/data/postfix_mailbox/'
MYSQL_NAME_FIELD name
MYSQL_MAILDIR_FIELD maildir
MYSQL_QUOTA_FIELD quota
MYSQL_WHERE_CLAUSE active='1'
5.安装Courier-imap
以普通用户执行下列命令
tar jxf postfix/courier-imap-4.1.3.tar.bz2
cd courier-imap-4.1.3/
./configure --enable-unicode --with-trashquota --without-ipv6
make
su
make install
make install-configure
6.安装postfixadmin
tar zxf postfix/postfixadmin-2.1.0.gz
cd postfixadmin-2.1.0/
cp config.inc.php.sample config.inc.php
cd /data/htdocs/postfixadmin
chmod 640 *.php *.css
cd /data/htdocs/postfixadmin/admin/
chmod 640 *.php .ht*
cd /data/htdocs/postfixadmin/images/
chmod 640 *.gif *.png
cd /data/htdocs/postfixadmin/languages/
chmod 640 *.lang
cd /data/htdocs/postfixadmin/templates/
chmod 640 *.tpl
cd /data/htdocs/postfixadmin/users/
chmod 640 *.php
7.安装apache和php
tar zxf postfix/httpd-2.2.4.tar.gz
cd httpd-2.2.4
./configure --enable-so --enable-rewrite --prefix=/usr/local/apache-2.2.4 --enable-mods-shared=all
make
make install
cd /usr/local/
ln -s apache-2.2.4/ apache
tar zxf postfix/c-client.tar.Z
cd imap-2006j/
make slx SSLTYPE=none
tar zxf postfix/php-4.4.7.tar.gz
cd php-4.4.7/
./configure --prefix=/usr/local/php --with-mysql=/usr/local/mysql \
--with-apxs2=/usr/local/apache2/bin/apxs --with-config-file-path=/usr/local/php/etc --enable-versioning --enable-ftp \
--with-imap=/usr/src/imap-2007/ --enable-sockets
make
make install
cp php.ini-recommended /usr/local/php/etc/php.ini
8.postfix启动步骤
/usr/local/mysql/bin/mysqld_safe --user=mysql &
postfix start
/usr/local/sbin/authdaemond start
/usr/lib/courier-imap/libexec/imapd.rc start
/usr/lib/courier-imap/libexec/pop3d.rc start
测试SMTP服务
由于在发信认证时使用的是BASE64 编码,所以要把用户名和密码转BASE64 格式
root@xxx:/home/admin# printf ' test@xxx.com\ 0test@xxx.com\0test' |mmencode
dGVzdEBwYWlwYWkuY29tAHRlc3RAcGFpcGFpLmNvbQB0ZXN0
root@xxx:/home/admin# printf ' test@xxx.com' |mmencode
dGVzdEBwYWlwYWkuY29t
root@xxx:/home/admin# perl -MMIME::Base64 -e 'print encode_base64("test\@xxx.com");'
dGVzdEBwYWlwYWkuY29t
root@xxx:/home/admin# perl -MMIME::Base64 -e 'print encode_base64("test");'
dGVzdA==
admin@xxx:~$ telnet 192.*.*.* 25
Trying 192.*.*.*...
Connected to 192.*.*.*.
Escape character is '^]'.
220 mail_new.xxx.com ESMTP Postfix
EHLO xxx.com
250-mail_new.xxx.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
AUTH PLAIN dGVzdEBwYWlwYWkuY29tAHRlc3RAcGFpcGFpLmNvbQB0ZXN0
235 2.0.0 Authentication successful
MAIL FROM:test@xxx.com
250 2.1.0 Ok
RCPT TO:test@xxx.com
250 2.1.5 Ok
DATA
354 End data with .
test mail 1
.
250 2.0.0 Ok: queued as 5447BA4803F
QUIT
221 2.0.0 Bye
admin@xxx:~$ telnet 192.*.*.* 25
Trying 192.*.*.*...
Connected to 192.*.*.*.
Escape character is '^]'.
220 mail_new.xxx.com ESMTP Postfix
EHLO xxx.com
250-mail_new.xxx.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
AUTH LOGIN
334 VXNlcm5hbWU6
dGVzdEBwYWlwYWkuY29t
334 UGFzc3dvcmQ6
dGVzdA==
235 2.0.0 Authentication successful
MAIL FROM:xyz@163.com
250 2.1.0 Ok
RCPT TO:test@xxx.com
250 2.1.5 Ok
DATA
354 End data with .
to:any@any.com
from: anyone@any.com
subject:Telnet test
test mail 2
.
250 2.0.0 Ok: queued as C117FA4803F
QUIT
221 2.0.0 Bye
测试POP3服务
admin@xxx:~$ telnet 192.*.*.* 110
Trying 192.*.*.*...
Connected to 192.*.*.*.
Escape character is '^]'.
+OK Hello there.
USER test@xxx.com
+OK Password required.
PASS test
+OK logged in.
LIST
+OK POP3 clients that break here, they violate STD53.
1 447
2 459
.
STAT
+OK 2 906
RETR 2
+OK 459 octets follow.
Return-Path: < xyz@163.com>
X-Original-To: test@xxx.com
Delivered-To: test@xxx.com
Received: from xxx.com (unknown [192.*.*.*])
by mail_new.xxx.com (Postfix) with ESMTP id C117FA4803F
for < test@xxx.com>; Tue, 7 Aug 2007 11:52:39 +0800 (CST)
Message-Id: < 20070807035256.C117FA4803F@mail_new.xxx.com>
Date: Tue, 7 Aug 2007 11:52:39 +0800 (CST)
From: xyz@163.com
To: undisclosed-recipients:;
test mail 2
.
QUIT
+OK Bye-bye.
测试IMAP服务
admin@monitor:~$ telnet 192.*.*.* 143
Trying 192.*.*.*...
Connected to 192.*.*.*.
Escape character is '^]'.
* OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE ACL ACL2=UNION STARTTLS] Courier-IMAP ready. Copyright 1998-2005 Double Precision, Inc. See COPYING for distribution information.
. LOGIN test@xxx.com test
. OK LOGIN Ok.
. list "" "*"
* LIST (\Unmarked \HasNoChildren) "." "INBOX"
. OK LIST completed
. select INBOX
* FLAGS (\Draft \Answered \Flagged \Deleted \Seen \Recent)
* OK [PERMANENTFLAGS (\* \Draft \Answered \Flagged \Deleted \Seen)] Limited
* 2 EXISTS
* 2 RECENT
* OK [UIDVALIDITY 1186461175] Ok
* OK [MYRIGHTS "acdilrsw"] ACL
. OK [READ-WRITE] Ok
. create INBOX.test3
. OK "INBOX.test3" created.
. status INBOX.test3 (messages)
* STATUS "INBOX.test3" (MESSAGES 0)
. OK STATUS Completed.
. copy 1 INBOX.test3
. OK [COPYUID 1186461785 1 1] COPY completed.
. status INBOX.test3 (messages)
* STATUS "INBOX.test3" (MESSAGES 1)
. OK STATUS Completed.
. list "" "*"
* LIST (\HasNoChildren) "." "INBOX.test3"
* LIST (\Unmarked \HasChildren) "." "INBOX"
. OK LIST completed
. delete INBOX.test3
. OK Folder deleted.
. list "" "*"
* LIST (\Unmarked \HasNoChildren) "." "INBOX"
. OK LIST completed
. status INBOX (messages)
* STATUS "INBOX" (MESSAGES 2)
. OK STATUS Completed.
. fetch 1 flags
* 1 FETCH (FLAGS (\Seen \Recent))
. OK FETCH completed.
. fetch 1 rfc822.header
* 1 FETCH (RFC822.HEADER {434}
Return-Path: < test@xxx.com>
X-Original-To: test@xxx.com
Delivered-To: test@xxx.com
Received: from xxx.com (unknown [172.16.130.36])
by mail_new.xxx.com (Postfix) with ESMTP id 5447BA4803F
for < test@xxx.com>; Tue, 7 Aug 2007 11:09:18 +0800 (CST)
Message-Id: < 20070807030923.5447BA4803F@mail_new.xxx.com>
Date: Tue, 7 Aug 2007 11:09:18 +0800 (CST)
From: test@xxx.com
To: undisclosed-recipients:;
)
. OK FETCH completed.
. fetch 1 rfc822.text
* 1 FETCH (RFC822.TEXT {13}
test mail 1
)
. OK FETCH completed.
. capability
* CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE ACL ACL2=UNION
. OK CAPABILITY completed
. getquotaroot inbox
* QUOTAROOT "inbox" "ROOT"
* QUOTA "ROOT"
. OK GETQUOTAROOT Ok.
. getacl inbox
* ACL "inbox" "owner" "acdilrsw" "administrators" "acdilrsw"
. OK GETACL completed.
. logout
* BYE Courier-IMAP server shutting down
. OK LOGOUT completed
9.安装amavisd-new+clamav+SpamAssassin
groupadd clamav
useradd -g clamav -s/bin/false -d /nonexistent clamav
tar zxf postfix/clamav-0.91.1.tar.gz
cd clamav-0.91.1/
./configure
make
make install
ldconfig
mkdir /var/run/clamav
chmod 700 /var/run/clamav
chown clamav.clamav /var/run/clamav
mkdir /var/log/clamav
chmod 744 /var/log/clamav
chown clamav.clamav /var/log/clamav
配置文件位于
/usr/local/etc/freshclam.conf
/usr/local/etc/clamd.conf
修改/usr/local/etc/clamd.conf文件如下内容
LogFile /var/log/clamav/clamd.log
LogFileMaxSize 10M
LogTime yes
LogClean yes
LogFacility LOG_MAIL
PidFile /var/run/clamav/clamd.pid
LocalSocket /var/run/clamav/clamd
User clamav
修改/usr/local/etc/freshclam.conf文件如下内容
UpdateLogFile /var/log/clamav/freshclam.log
LogFacility LOG_MAIL
PidFile /var/run/clamav/freshclam.pid
DatabaseMirror db.cn.clamav.net
DatabaseMirror database.clamav.net
NotifyClamd /usr/local/etc/clamd.conf
启动clamd
/usr/local/sbin/clamd
通过crontab每天升级clamav病毒库
30 6 * * * /usr/local/bin/freshclam >/dev/null 2>&1
安装file的新版本
tar xzf postfix/file-4.21.tar.gz
cd file-4.21/
./configure
make
make install
ldconfig
tar zxf postfix/amavisd-new-2.5.2.tar.gz
cd amavisd-new-2.5.2/
mkdir /data/amavis
mkdir /data/amavis/tmp
mkdir /data/amavis/var
mkdir /data/amavis/db
mkdir /data/amavis/home
chown -R clamav.clamav /data/amavis
chmod -R 750 /data/amavis
amavisd.conf文件配置选项的详细描述位于amavisd.conf-sample文件中
cp amavisd.conf /etc/
chown root:clamav /etc/amavisd.conf
chmod 640 /etc/amavisd.conf
mkdir /data/amavis/virusmails
chown clamav.clamav /data/amavis/virusmails
chmod 750 /data/amavis/virusmails
根据amavisd-new文档安装必须的perl模块
perl -MCPAN -e shell
修改/etc/amavisd.conf文件如下内容
$daemon_user = 'clamav'; # (no default; customary: vscan or amavis), -u
$daemon_group = 'clamav'; # (no default; customary: vscan or amavis), -g
$mydomain = 'xxx.com'; # a convenient default for other settings
$MYHOME = '/data/amavis'; # a convenient default for other settings, -H
$TEMPBASE = "$MYHOME/tmp"; # working directory, needs to exist, -T
$inet_socket_port = 10024; # listen on this local TCP port(s)
$virus_admin = undef; # notifications recip.
$spam_admin = undef;
$final_virus_destiny = D_DISCARD;
$final_banned_destiny = D_DISCARD;
$final_spam_destiny = D_DISCARD;
['ClamAV-clamd',
\&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd"],
qr/\bOK$/, qr/\bFOUND$/,
qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
使用下面的命令调试
/usr/local/sbin/amavisd debug
/usr/local/sbin/amavisd debug-sa
使用下面的命令启动、停止、重新加载配置文件
/usr/local/sbin/amavisd start | stop | reload
wget http://apache.mirror.phpchina.com/spamassassin/source/Mail-SpamAssassin-3.2.3.tar.gz
根据SpamAssassin文档安装必须的perl模块
perl -MCPAN -e shell
由于新版本的Mail-SpamAssassin存在bug,通过cpan方式安装时无法通过make test,因此必须以普通用户make、make test,再以root身份make install
tar zxf postfix/Mail-SpamAssassin-3.2.3.tar.gz
cd Mail-SpamAssassin-3.2.3/
su admin
perl Makefile.PL
make
make test
exit
make install
修改/etc/mail/spamassassin/local.cf文件如下内容
# Enable Bayes auto-learning. 开启贝叶斯自动学习功能
auto_learn 1
# Enable or Disable network checks. 略过 RBLs 检查、使用 Razor version 2、使用 DCC (Distributed Checksum Clearinghouse)、使用 Pyzor
skip_rbl_checks 0
#use_razor2 1
use_dcc 1
use_pyzor 1
# Blacklist. 黑名单,判定減 + 100 分
#blacklist_from *@sohu.com *@mailfb.com
# Whitelist . 白名单,判定加 — 100 分
whitelist_from system@xxx.com service@xxx.com
# Mail using languages used in these country codes will not be marked
# as being possibly spam in a foreign language.
# - chinese
ok_languages zh en
# Mail using locales used in these country codes will not be marked
# as being possibly spam in a foreign language.
ok_locales zh en
# Disabled scores. 防止中文主旨和中文收件者误判,建议再加上下列几行
score HEADER_8BITS 0
score HTML_COMMENT_8BITS 0
score SUBJ_FULL_OF_8BITS 0
score UPPERCASE_25_50 0
score UPPERCASE_50_75 0
score UPPERCASE_75_100 0
score NO_REAL_NAME 4.000
score SPF_FAIL 10.000
score SPF_HELO_FAIL 10.000
score BAYES_99 4.300
score BAYES_90 3.500
score BAYES_80 3.000
10.postfix+amavisd-new+clamav+SpamAssassin启动步骤(逆序执行即为停止步骤)
/usr/local/mysql/bin/mysqld_safe --user=mysql &
/usr/local/sbin/clamd
/usr/local/sbin/amavisd start
postfix start
/usr/local/sbin/authdaemond start
/usr/lib/courier-imap/libexec/imapd.rc start
/usr/lib/courier-imap/libexec/pop3d.rc start
来自 “ ITPUB博客 ” ,链接:http://blog.itpub.net/94384/viewspace-600323/,如需转载,请注明出处,否则将追究法律责任。
转载于:http://blog.itpub.net/94384/viewspace-600323/
1935
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
