jump to navigation

postfix邮件系统完整版 六月 7, 2005

Posted by wansion in 技术.
trackback

 redhat9+postfix+cyrus-sasl+mysql+postfixadmin+courier-imap+courier-maildrop+squirrelmail(courier-sqwebmail openwebmail)+clamav+spamassassin+amavisd-new

2005年5月5日加入Cyrus SASL with MySQL Encrypted Passwords
2005年5月3日更新防病毒及防垃圾
2005年4月12日加入mysql日志管理
2005年4月10日至13日加入openwebmail
2005年4月8日加入apache自启动脚本
2004年10左右成稿

1.mysql

2.apache

3.php

4.cyrus-sasl

5.postfix

6.postfixadmin

7.courier-authlib

8.courier-imap

9.courier-maildrop

10.webmail
   10.1.sqwebmai
   10.2.squirrelmail
   10.3.openwebmail

11.clamav

12.spamassassin

13.amavisd-new

14.后记加一点说明

15.附:启动脚本

本文用到的软件

MySQL 4.1.11
网站:http://www.mysql.com
下载
APACHE 2.0.54
网站:http://www.apache.org
下载
PHP 4.3.11
网站:http://www.php.net
下载
Cyrus-SASL 2.1.20
网站:http://asg.web.cmu.edu/sasl
下载
Postfix 2.2.3
网站:http://www.postfix.org
下载
PostfixAdmin 2.1.0
网站:http://www.postfixadmin.com
下载
Courier-authlib 0.55
网站:http://www.courier-mta.org/authlib
下载
Courier-IMAP 4.0.2
网站:http://www.courier-mta.org/imap
下载
Courier-maildrop 1.8.0
网站:http://www.courier-mta.org/maildrop
下载
Courier-sqwebmail 5.0.1
网站:http://www.courier-mta.org/sqwebmail
下载
SquirrelMail 1.4.4
网站:http://www.squirrelmail.org
下载
Openwebmail 2.51
网站:http://openwebmail.org
下载
clamav 0.84
网站:http://www.clamav.net
下载
Spamassassin 3.0.3
网站:http://spamassassin.apache.org
下载
amavisd-new 2.3.0
网站:http://www.ijs.si/software/amavisd
下载
1.安装mysql 4.1.11
# groupadd mysql
# useradd -g mysql mysql
# wget http://dev.mysql.com/get/Downloads/MySQL-4.1/mysql-4.1.11.tar.gz/from/http://mysql.new21.com/
# tar -zxvf mysql-4.1.11.tar.gz
# cd mysql-4.1.11
# ./configure –prefix=/usr/local/mysql –with-charset=gbk
# make
# make install
# cp support-files/my-medium.cnf /etc/my.cnf

设置自启动
# cp support-files/mysql.server /etc/rc.d/init.d/mysqld
# chmod 700 /etc/rc.d/init.d/mysqld
# chkconfig –add mysqld

安装完以后要初始化数据库,要是升级安装的请跳过
# cd /usr/local/mysql
# /usr/local/mysql/bin/mysql_install_db –user=mysql
# chown -R root .
# chown -R mysql var
# chgrp -R mysql .
# /usr/local/mysql/bin/mysqld_safe –user=mysql &

好了,至此mysql安装完毕,你可以这样起动你的mysql服务
# /etc/rc.d/init.d/mysqld start

# ln -s /usr/local/mysql/bin/mysql /sbin/mysql
# ln -s /usr/local/mysql/bin/mysqladmin /sbin/mysqladmin

为了能让系统找到mysql,请运行如下命令
# PATH=$PATH:/usr/local/mysql/bin
# export PATH
# echo "/usr/local/mysql/lib/mysql" >> /etc/ld.so.conf
# ldconfig

日志管理
开启错误日志 (在[safe_mysqld]项下添加)
# vi /etc/my.cnf
[safe_mysqld]
err-log=/var/log/mysqld/err.log

开启常规日志和更新日志 (在[mysqld]项下添加)
# vi /etc/my.cnf
[mysqld]
log=/var/log/mysqld/log.log
log-update=/var/log/mysqld/update.log

创建日志文件并设置权限
# mkdir /var/log/mysqld
# touch /var/log/mysqld/err.log /var/log/mysqld/log.log /var/log/mysqld/update.log
# chown -R mysql.mysql /var/log/mysqld

# service mysqld restart

说明:
错误日志包含了服务器写入标准错误输出设备的所有消息,同时还包括了mysql服务的启动和关闭事件
常规日志用来记录有关mysql服务器运行的常规信息,包括用户的连接、查询及其他各种时间
更新日志用来记录修改数据库的查询信息,包括所有涉及数据库修改的SQl语句的查询记录
建议调试结束后关闭日志

Go to top.

2.安装apache 2.0.54
# wget http://apache.freelamp.com/httpd/httpd-2.0.54.tar.bz2
# tar jxvf httpd-2.0.54.tar.bz2
# cd httpd-2.0.54
# ./configure –prefix=/usr/local/apache
# make
# make install

设置自启动
# cp support/apachectl /etc/init.d/httpd

修改/etc/init.d/httpd
# vi /etc/init.d/httpd(在第两行之后添加如下内容)
#!/bin/sh
#
# Startup script for the Apache Web Server
# chkconfig: – 85 15
# description: Apache is a World Wide Web server. It is used to serve \
# HTML files and CGI.
# processname: httpd
# pidfile: /usr/local/apache/log/httpd.pid
# config: /usr/local/apache/conf/httpd.conf

# chkconfig –add httpd
# chmod 755 /etc/init.d/httpd
# chkconfig httpd on

创建网页根目录
# mkdir /var/www

# vi /usr/local/apache/conf/httpd.conf
//存放网页的目录,原来为DocumentRoot "",改成:
DocumentRoot "/var/www"
//这句应该和DocumentRoot 的目录保持一致,原来为<Directory "">,改成:
<Directory "/var/www">
//Indexes:当在目录中找不到DirectoryIndex列表中指定的文件就生成当前目录的文件列表
//FollowSymlinks:允许符号链接跟随,访问不在本目录下的文件
Options Indexes FollowSymLinks
//禁止读取.htaccess配置文件的内容
AllowOverride None
//指定先执行Allow(允许)访问规则,再执行Deny(拒绝)访问规则
Order allow,deny
//设置Allow(允许)访问规则,允许所有连接
Allow from all
</Directory>

启动服务:
# /usr/local/apache/bin/apachectl start

# service httpd start

Go to top.

3.安装php 4.3.11
# wget http://cn2.php.net/get/php-4.3.11.tar.bz2/from/cn.php.net/mirror
# tar -jxvf php-4.3.11.tar.bz2
# cd php-4.3.11
# ./configure \
–prefix=/usr/local/php \
–with-mysql=/usr/local/mysql \
–with-apxs2=/usr/local/apache/bin/apxs
# make
# make install
# cp php.ini-dist /usr/local/php/lib/php.ini

# vi /usr/local/php/lib/php.ini
;default_charset = "iso-8859-1"
在这行下面加一行
default_charset = "gbk"

# vi /usr/local/apache/conf/httpd.conf
找到#AddType application/x-tar .tgz 这行,在下面加两行。
AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps
找到下面一行在后面加上index.php,这表示网站的默认页也能够为index.php
DirectoryIndex index.html index.html.var index.php
注意:改变了http.conf后,要重启apache服务器,否则不会生效!

php常用配置
max_execution_time = 30 ; // 改为600 (增加处理脚本的时间限制)
max_input_time = 600 ; //最大输出时间600秒
memory_limit = 8M ; //改为40M (这样才能发10M的附件)
register_global =On
post_max_size = 2M ; //php可接受的 post 方法大小 2M
file_uploads = On ; //允许上载文件
upload_max_filesize = 2M ; //最大上载文件2M
session.auto_start = 1 ; //session自动启动

Go to top.

4.安装cyrus-sasl 2.1.20
如果系统安装已经,先卸载它,或使用下面方法关闭它
# mv /usr/lib/sasl /usr/lib/sasl.OFF
# mv /usr/lib/sasl2 /usr/lib/sasl2.OFF

编译安装cyrus-sasl2.1.20
# wget ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/cyrus-sasl-2.1.20.tar.gz
# tar zxvf cyrus-sasl-2.1.20.tar.gz
# cd cyrus-sasl-2.1.20
# ./configure \
–disable-anon -enable-plain –enable-login \
–enable-sql –with-mysql=/usr/local/mysql \
–with-mysql-includes=/usr/local/mysql/include/mysql \
–with-mysql-libs=/usr/local/mysql/lib/mysql
# make
# make install

为了让postfix能找到sasl,请运行如下命令:
# echo "/usr/local/lib" >> /etc/ld.so.conf
# ldconfig

# ln -s /usr/local/lib/sasl2 /usr/lib/sasl2

cyrus-sasl的密码是不加密的,可以下载加密认证补丁
# http://www.viperstrike.com/~lopaka/sysadmin/cyrus-sasl-mysql-encrypt/software-sources/patch-linux
# patch lib/checkpw.c patch-linux
重新编译安装
# LDFLAGS="-lcrypt" ./configure –disable-anon -enable-plain –enable-login –enable-sql –with-mysql=/usr/local/mysql –with-mysql-includes=/usr/local/mysql/include/mysql –with-mysql-libs=/usr/local/mysql/lib/mysql
# make
# make install

Go to top.

5.安装postfix 2.2.3
如果你的系统上原来有sendmail,先将其停止并将其文件改名:
# /etc/init.d/sendmail stop
# chkconfig –level 0123456 sendmail off
# mv /usr/bin/newaliases /usr/bin/newaliases.orig
# mv /usr/bin/mailq /usr/bin/mailq.orig
# mv /usr/sbin/sendmail /usr/sbin/sendmail.orig

开始安装
# groupadd -g 12345 postfix
# useradd -u 12345 -g 12345 -c postfix -d/dev/null -s/bin/false postfix
# groupadd -g 54321 postdrop
# wget ftp://postfix.cn99.com/postfix/official/postfix-2.2.3.tar.gz
# tar -zxvf postfix-2.2.3.tar.gz
# cd postfix-2.2.3
(Building Postfix with SASL authentication and mysql support)
# make -f Makefile.init makefiles \
‘CCARGS=-DHAS_MYSQL -I/usr/local/mysql/include/mysql -DUSE_SASL_AUTH -I/usr/local/include/sasl’ \
‘AUXLIBS=-L/usr/local/mysql/lib/mysql -lmysqlclient -lz -lm -L/usr/local/lib -lsasl2’
# make install
如果/etc/aliases文件不存在,请用如下命令创建:
# echo postfix: root >> /etc/aliases
# /usr/bin/newaliases

注意:
   本例中Mysql安装在/usr/lcoal/mysql,sasl2安装在/usr/lib/sasl2。如果安装路径不同,请自行修改编译时CCARGS和AUXLIBS选项。
   在执行make install的时候可能会得到如下的提示(如果没有就不用管了):
/usr/libexec/ld-elf.so.1: Shared object "libmysqlclient.so.12" not found
   这是因为mysql不是安装在默认目录中的,所以需要告诉postfix应该到哪里去找libmysqlclient.so.12,使用ldconfig就可以达到这个目的:
# echo /usr/local/mysql/lib/mysql >> /etc/ld.so.conf
# ldconfig

Go to top.

6.安装postfixadmin 2.1.0
建立apache和maildrop的用户和组
# groupadd vmail -g 1001
# useradd vmail -u 1001 -g 1001 -s/bin/false -d/dev/null

# vi /usr/local/apache/conf/httpd.conf

User nobody
Group #-1
改为
User vmail
Group vmail

# wget http://high5.net/postfixadmin/download.php?file=postfixadmin-2.1.0.tgz
# tar -zxvf postfixadmin-2.1.0.tgz
# mv postfixadmin-2.1.0 /var/www/postfixadmin
更改权限,假定运行apache的用户和组为vmail
# chown -R vmail:vmail /var/www/postfixadmin
# cd /var/www/postfixadmin
# chmod 640 *.php *.css
# cd /var/www/postfixadmin/admin/
# chmod 640 *.php .ht*
# cd /var/www/postfixadmin/images/
# chmod 640 *.gif *.png
# cd /var/www/postfixadmin/languages/
# chmod 640 *.lang
# cd /var/www/postfixadmin/templates/
# chmod 640 *.tpl
# cd /var/www/postfixadmin/users/
# chmod 640 *.php

建立mysql表
# cd /var/www/postfixadmin
# mysql -u root [-p] < DATABASE_MYSQL.TXT
# cp config.inc.php.sample config.inc.php
# vi config.inc.php
本例中的配置如下:
// Language config
// Language files are located in ‘./languages’.
$CONF[‘default_language’] = ‘cn’;
// Database Config
// ‘database_type’ is for future reference.
$CONF[‘database_type’] = ‘mysql’;
$CONF[‘database_host’] = ‘localhost’;
$CONF[‘database_user’] = ‘postfixadmin’;
$CONF[‘database_password’] = ‘postfixadmin’;
$CONF[‘database_name’] = ‘postfix’;
//$CONF[‘encrypt’] = ‘md5crypt’;
$CONF[‘encrypt’] = ‘cleartext’;
// Mailboxes
// If you want to store the mailboxes per domain set this to ‘YES’.
// Example: /usr/local/virtual/domain.tld/username@domain.tld
$CONF[‘domain_path’] = ‘YES’;
// If you don’t want to have the domain in your mailbox set this to ‘NO’.
// Example: /usr/local/virtual/domain.tld/username
$CONF[‘domain_in_mailbox’] = ‘NO’;
// Quota
// When you want to enforce quota for your mailbox users set this to ‘YES’.
$CONF[‘quota’] = ‘YES’;
// You can either use ‘1024000’ or ‘1048576’
$CONF[‘quota_multiplier’] = ‘1024000’;

我们在这里使用明文口令方式,如果想使用密文,请把$CONF[‘encrypt’]=’cleartext’;改成$CONF[‘encrypt’]=’md5crypt’;
邮箱的存储格式使用domain.ltd/username的形式,所以设置:
$CONF[‘domain_path’] = ‘YES’;
$CONF[‘domain_in_mailbox’] = ‘NO’;

然后打开浏览器,进入postfixadmin的欢迎界面,点击网页上的setup,看看检查是否通过,记得要删除setup.php文件。然后进入http://www.yourdomain.com/postfixadmin/admin/index.php,就可以新建域名、管理员以及邮箱了。

Go to top.

# vi /etc/postfix/main.cf
#=====================BASE=========================
#主机名称(用 FQDN 的方式来写)
myhostname = www.test.com
#domain 名称
mydomain = test.com
#邮件标头上面的 mail from 的那个地址
myorigin = $mydomain
#可用来收件的主机名称(这里没有使用$mydomain是因为我们将使用virtualhost)
mydestination = $myhostname localhost localhost.$mydomain
#允许不使用smtp发信认证的网段
mynetworks = 127.0.0.0/8
inet_interfaces = all
#使用的邮箱格式
#home_mailbox = Maildir/
#mailbox_transport = maildrop

#=====================Vritual Mailbox settings=========================
# 指定用户邮箱所在的根目录
virtual_mailbox_base = /var/mailbox/
#指定postfix如何去检索邮件用户,这里是采用mysql (用户邮箱的目录)
virtual_mailbox_maps = mysql:/etc/postfix/mysql/mysql_virtual_mailbox_maps.cf
virtual_mailbox_domains = mysql:/etc/postfix/mysql/mysql_virtual_domains_maps.cf
virtual_alias_domains =
virtual_alias_maps = mysql:/etc/postfix/mysql/mysql_virtual_alias_maps.cf
#邮件账号的uid, 使用apache的运行用户
virtual_uid_maps = static:1001
virtual_gid_maps = static:1001
#virtual_uid_maps = mysql:/etc/postfix/mysql/mysql-virtual_uid_maps.cf
#virtual_gid_maps = mysql:/etc/postfix/mysql/mysql-virtual_gid_maps.cf
# use this for virtual delivery(如果没有安装maildrop,则此处为virtual)
#virtual_transport = virtual
#use this for maildrop-delivery (如果有maildrop,则此处为maildrop)
virtual_transport = maildrop
#Maildrop-Options for usage with maildrop
maildrop_destination_recipient_limit = 1
maildrop_destination_concurrency_limit = 1

#/var/mailbox/最后的"/"字符不能省略
#所有的MySQL查询配置文件统一存放在/etc/postfix/mysql中

#====================QUOTA========================
#每封信的最大大小(10M),postfix的默认值是10M, 但这指的是邮件正文和编码后附件的总和, 经过#base64编码,附件的大小会增加35%左右, 因此这里设定可接受邮件的大小为14M
message_size_limit = 14336000
#邮箱的默认大小(10M)
virtual_mailbox_limit = 20971520
virtual_create_maildirsize = yes
virtual_mailbox_extended = yes
#指定postfix如何获得用户的quota信息(每个用户的邮箱大小)
virtual_mailbox_limit_maps = mysql:/etc/postfix/mysql_virtual_mailbox_limit_maps.cf
# 是否允许覆盖默认邮箱的大小
virtual_mailbox_limit_override = yes
virtual_maildir_limit_message = Sorry, the user’s maildir has overdrawn his diskspace quota, please try again later.
virtual_overquota_bounce = yes

#====================SASL========================
broken_sasl_auth_clients = yes
#In order to allow mail relaying by authenticated clients
smtpd_recipient_restrictions =
 permit_mynetworks,
 permit_sasl_authenticated,
 reject_invalid_hostname,
 reject_non_fqdn_hostname,
 reject_unknown_sender_domain,
 reject_non_fqdn_sender,
 reject_non_fqdn_recipient,
 reject_unknown_recipient_domain,
 reject_unauth_pipelining,
 reject_unauth_destination,
 permit
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_security_options = noanonymous
smtpd_sasl_application_name = smtpd
smtpd_banner=$myhostname ESMTP "Version not Available"

Go to top.

建立/var/mailbox并设置权限
# mkdir /var/mailbox
# chown -R vmail:vmail /var/mailbox
# chmod -R ug+rwx,o-rwx /var/mailbox

建立/etc/postfix/mysql文件夹和MySQL查询配置文件
# mkdir /etc/postfix/mysql
1、vi /etc/postfix/mysql/mysql_virtual_alias_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
table = alias
select_field = goto
where_field = address

2、vi /etc/postfix/mysql/mysql_virtual_domains_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
table = domain
select_field = description
where_field = domain
#additional_conditions = and backupmx = ‘0’ and active = ‘1’

3、vi /etc/postfix/mysql/mysql_virtual_mailbox_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
table = mailbox
select_field = maildir
where_field = username
#additional_conditions = and active = ‘1’

4、vi /etc/postfix/mysql/mysql_virtual_mailbox_limit_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
table = mailbox
select_field = quota
where_field = username
#additional_conditions = and active = ‘1’

Go to top.

配置 /usr/local/lib/sasl2/smtpd.conf
# vi /usr/local/lib/sasl2/smtpd.conf
pwcheck_method: auxprop
auxprop_plugin: sql
mech_list: plain login
sql_engine: mysql
sql_hostnames: localhost
sql_user: postfix
sql_passwd: postfix
sql_database: postfix
sql_select: SELECT password FROM mailbox WHERE username=’%u@%r’ and domain=’%r’ and active=’1′

启动postfix
# postfix start

测试smtp
# telnet localhost 25
Trying 127.0.0.1…
Connected to localhost.
Escape character is ‘^]’.
220 www.test.com ESMTP "Version not Available"
ehlo www.test.com
250-www.test.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250 8BITMIME

Go to top.

7.安装Courier-authlib 0.55
新版本的imap不再包含authentication library,必须先安装 Courier authentication library
# wget http://www.courier-mta.org/beta/courier-authlib/courier-authlib-0.55.20050407.tar.bz2
# tar -jxvf courier-authlib-0.55.20050407.tar.bz2
# cd courier-authlib-0.55.20050407
# ./configure \
–with-redhat \
–with-authmysql=yes \
–with-mailuser=vmail –with-mailgroup=vmail \
–with-mysql-libs=/usr/local/mysql/lib/mysql –with-mysql-includes=/usr/local/mysql/include/mysql/
# make
# make install
# make install-configure

# vi /usr/local/etc/authlib/authdaemonrc (确保只使用mysql认证模块)
authmodulelist="authmysql"
authmodulelistorig="authmysql"

# vi /usr/local/etc/authlib/authmysqlrc
MYSQL_SERVER localhost
MYSQL_SOCKET /tmp/mysql.sock
MYSQL_DATABASE postfix
MYSQL_USERNAME postfix
MYSQL_PASSWORD postfix
MYSQL_USER_TABLE mailbox
MYSQL_LOGIN_FIELD username
#MYSQL_CRYPT_PWFIELD password
MYSQL_CLEAR_PWFIELD password
MYSQL_UID_FIELD ‘1001’
MYSQL_GID_FIELD ‘1001’
MYSQL_HOME_FIELD ‘/var/mailbox/’
MYSQL_MAILDIR_FIELD maildir
MYSQL_NAME_FIELD name
MYSQL_QUOTA_FIELD quota
MYSQL_WHERE_CLAUSE active=’1′
DEFAULT_DOMAIN test.com
注意:确认在这个文件中不能用空格键,只能用tab键。
确认只使用单引号,比如:’/var/mailbox/’,’UID’,’GID’(本文为’1001’)
localhost不能用单引号
确认你的/etc/hosts文件中有localhost
编译时如果支持Ipv6可能导致错误
MYSQL_GID_FIELD 和MYSQL_UID_FIELD是maildrop的UID和GID,而不是MySQL的。
如果想使用md5密码,把MYSQL_CLEAR_PWFIELD password改成MYSQL_CRYPT_PWFIELD password

启动服务
要是想让imap开机就启动服务:
# cp courier-authlib.sysvinit /etc/rc.d/init.d/courier-authlib
# chmod 755 /etc/rc.d/init.d/courier-authlib
# chkconfig –level 0123456 courier-authlib on
手动启动服务:
# authdaemond start

测试courier-authlib
检查进程:
# pstree |grep authdaemond
|-authdaemond.mys—5*[authdaemond.mys]

Go to top.

8.安装Courier-imap 4.0.2
# wget http://www.courier-mta.org/beta/imap/courier-imap-4.0.2.20050403.tar.bz2
# tar -jxvf courier-imap-4.0.2.20050403.tar.bz2
# cd courier-imap-4.0.2.20050403
# ./configure \
–prefix=/usr/local/imap \
–with-redhat \
–disable-root-check \
–enable-unicode=utf-8,iso-8859-1,gb2312,gbk,gb18030 \
–with-trashquota \
–with-dirsync
# make
# make install-strip (先install-strip,如果失败,再make install)
# make install-configure

# vi /usr/local/imap/etc/pop3d
将POP3DSTART=NO改为POP3DSTART=YES

# vi /usr/local/imap/etc/imapd
将IMAPDSTART=NO改为IMAPDSTART=YES

让imap自启动:
# cp courier-imap.sysvinit /etc/rc.d/init.d/courier-imap
# chmod 755 /etc/rc.d/init.d/courier-imap
# chkconfig –level 0123456 courier-imap on
手动启动服务:
# /usr/local/imap/libexec/pop3d.rc start
# /usr/local/imap/libexec/imapd.rc start

测试courier-imap
检查进程:
# pstree |grep courier
|-2*[courierlogger]
|-2*[couriertcpd]

检查端口,应该有如下端口打开:
# netstat -an |grep LISTEN
tcp  0  0 0.0.0.0:110  0.0.0.0:*  LISTEN
tcp  0  0 0.0.0.0:143  0.0.0.0:*  LISTEN

检测POP3和IMAP服务:
# telnet localhost 110
+OK Hello there
USER test@test.com
+OK Password required.
PASS test
+OK Logged in.
QUIT
+OK bye-bye

Go to top.

9.安装Courier-maildrop 1.8.0
# groupadd vmail -g 1001
# useradd vmail -u 1001 -g 1001 -s/bin/false -d/dev/null
# wget http://jaist.dl.sourceforge.net/sourceforge/courier/maildrop-1.8.0.tar.bz2
# tar jxvf maildrop-1.8.0.tar.bz2
# cd maildrop-1.8.0
# ./configure \
–prefix=/usr/local/maildrop \
–enable-sendmail=/usr/sbin/sendmail \
–enable-trusted-users=’root vmail’ \
–enable-syslog=1 \
–enable-maildirquota \
–enable-maildrop-uid=1001 \
–enable-maildrop-gid=1001 \
–with-trashquota \
–with-dirsync
# make
# make install
# cp /usr/local/maildrop/bin/maildrop /usr/bin
# chmod a+rx /usr/bin/maildrop

运行maildrop -v应该有如下提示信息:
maildrop 1.8.0 Copyright 1998-2004 Double Precision, Inc.
GDBM extensions enabled.
Courier Authentication Library extension enabled.
Maildir quota extension enabled.
This program is distributed under the terms of the GNU General Public
License. See COPYING for additional information.

新建/etc/maildroprc文件
# vi /etc/maildroprc
logfile "/var/mailbox/maildrop.log"
to "$HOME$DEFAULT"

# chmod a+r /etc/maildroprc

配置Postfix
# vi /etc/postfix/main.cf
virtual_transport = maildrop
maildrop_destination_recipient_limit = 1

# vi /etc/postfix/master.cf
maildrop unix – n n – – pipe
flags=DRhu user=vmail:vmail argv=/usr/local/maildrop/bin/maildrop -w 90 -d ${recipient}

由于maildrop没有建立maildir的功能,因此由一小断脚本实现
# vi /etc/sudoers
vmail ALL = NOPASSWD: /usr/sbin/maildirmake.sh

新建/usr/sbin/maildirmake.sh文件
# vi /usr/sbin/maildirmake.sh
#!/bin/bash
set -e
if [ ! -f /var/mailbox/$1 ]
then
mkdir /var/mailbox/$1
fi
chown -R vmail:vmail /var/mailbox/$1
cd "/var/mailbox/$1"
/usr/local/imap/bin/maildirmake $2
chown -R 1001:12345 /var/mailbox/$1/$2
chmod -R g=s /var/mailbox/$1/$2

# chmod 755 /usr/sbin/maildirmake.sh

更改postfixadmin/admin目录下的create-mailbox.php文件
在此文件的200行后加一行:
# vi /var/www/postfixadmin/admin/create-mailbox.php
system("sudo /usr/sbin/maildirmake.sh $fDomain ".$_POST[‘fUsername’]);

说明:
建立的邮箱格式:/var/vmail/domain.tld/username
uid 1001 是vmail的用户id,也是目录/var/vmail的owner
gid 12345 是postfix的组id

在postfixadmin中建立一测试帐户test@test.com
测试maildrop
# maildrop -V 9 -d test@test.com
maildrop: authlib: groupid=1001
maildrop: authlib: userid=1001
maildrop: authlib: logname=test@test.com, home=/var/mailbox/, mail=test.com/test/
maildrop: Changing to /var/mailbox/
ctrl+c退出

下一步,查看日志(/var/log/maillog)看看postfix是不是和maildrop一起工作:
# cat /var/log/maillog | grep maildrop -A 2
Feb 28 11:50:41 malochia postfix/qmgr[7345]: 2875B7823E62: from=<remote@user.nl>, size=3308, nrcpt=1 (queue active)
Feb 28 17:18:05 malochia postfix/pipe[11615]: 04DD57822697: to=<user@domain.tld>, relay=maildrop, delay=0, status=sent (domain.tld)

如果没有,看看是不是由于配置不正确,而使邮件在队列中
# Mailq

配置quotas
新建文件/usr/local/maildrop/etc/quotawarnmsg
# vi /usr/local/maildrop/etc/quotawarnmsg
From: 管理员 test.com <postmaster@test.com>
Reply-To: postmaster@test.com
To: Valued Customer:;
Subject: 警告!您的邮箱空间即将用完!
Mime-Version: 1.0
Content-Type: text/plain; charset=gb2312
Content-Transfer-Encoding: 8bit

亲爱的用户,您的邮箱空间已用了90%。如果还想继续收到邮件的话,请删除一些邮件。

设置quotas
Postfixadmin的数据库的maildrop表的quota字段是int类型的,在maildrop下不能工作,不过我们可以修改 /usr/local/etc/authlib/authmysqlrc文件,把其中的MYSQL_QUOTA_FIELD quota一行改为MYSQL_QUOTA_FIELD concat(quota,’S’) ,如果你想限制邮件的数量,也可以改成MYSQL_QUOTA_FIELD concat(quota,’C’)。
如果我们把一个用户的邮箱设为10M,我们可以把quota的值改为“10000000S”。也可以用“C”,“1000C”的意思是只能存放1000条邮件。

给test@test.com发一封信,但是不用包含附件。然后:
# cd /var/mailbox/test.com/test
# cat maildirsize
1000000S
1622 1

maildirsize这个文件存储了邮箱配额的信息,而且courier-imap也用这个文件。
举个例子说明一下该文件,我的一个maildirsize文件的内容如下:
# cat maildirsize
5000000S
42898 9
3403 1
1622 1
2371 1

说明这个邮箱的容量是5M(如果你把quota字段的值删除,maildrop会自动给它一个值,但是不要把它的值设置成null),现在邮箱里有四封信。
假设该用户用掉了5M中的3M,只剩2M了,如果来了一封大于2M的邮件,将会被退回,如果是1.7M的邮件,maildrop会收下该邮件,更新maildirsize文件,重新计算quota,得知该用户使用了90%(/etc/postfix/master.cf中的-w 90)以上的配额,maildrop会拷贝/usr/local/maildrop/etc/quotawarnmsg文件到该用户的邮箱中警告该用户。

Go to top.

10.webmail

10.1.安装sqwebmail 5.0.1
# wget http://optusnet.dl.sourceforge.net/sourceforge/courier/sqwebmail-5.0.1.tar.bz2
# tar jxvf sqwebmail-5.0.1.tar.bz2
# cd sqwebmail-5.0.1
# ./configure \
–prefix=/usr/local/sqwebmail \
–enable-unicode=utf-8,iso-8859-1,gb2312,gbk,gb18030 \
–with-trashquota
# make configure-check
# make
# make install-strip
# make install-configure

启动服务
# /usr/local/sqwebmail/libexec/sqwebmaild.rc start

测试sqwebmail
http://192.168.0.5/cgi-bin/sqwebmail
使用用户test@test.com,密码test,登陆进出以后就可以测试收发邮件了。但是图片不能显示,只要
# mv /usr/local/apache/htdocs/webmail /var/www

修改Apache
# cd /var/www
# vi index.html //输入一下内容:
<html>
<head>
<title>MAIL SYSTEM</title>
<meta http-equiv="Content-Type" content="test/html;charset=gb2312">
<meta http-equiv="refresh" content="0;url=http://mail.test.com/cgi-bin/sqwebmail">
</head>
<body bgcolor="#FFFFFF" test="#000000">
</html>

经过以上修改以后,你就可以通过:http://mail.test.com 直接来访问sqwebmail了,这样就方便多了。可惜是英文的,不知道哪位达人能汉化一下,并把界面改的漂亮一点就好了。

Go to top.

10.2.安装squirrelmail 1.4.4
下载squirrelmail及中文包
# wget http://jaist.dl.sourceforge.net/sourceforge/squirrelmail/squirrelmail-1.4.4.tar.bz2
# wget http://jaist.dl.sourceforge.net/sourceforge/squirrelmail/zh_CN-1.4.4-20050122.tar.bz2
把squirreelmail解压到/var/www目录下。
# tar -jxvf squirrelmail-1.4.4.tar.bz2 -C /var/www/
# mv /var/www/squirrelmail-1.4.4 /var/www/squirrelmail
解压中文包
# tar -jxvf zh_CN-1.4.4-20050122.tar.bz2 -C /var/www/squirrelmail/

在配置squirrelmail之前先下载三个插件:
Quota Usage Version 1.3
# wget http://www.squirrelmail.org/countdl.php?fileurl=http%3A%2F%2Fwww.squirrelmail.org%2Fplugins%2Fquota_usage-1.3-1.2.7.tar.gz
Compatibility Version 1.3
# wget http://www.squirrelmail.org/countdl.php?fileurl=http%3A%2F%2Fwww.squirrelmail.org%2Fplugins%2Fcompatibility-1.3.tar.gz
Change MySQL Password Version 3.2
# wget http://www.squirrelmail.org/countdl.php?fileurl=http%3A%2F%2Fwww.squirrelmail.org%2Fplugins%2Fchange_mysqlpass-3.2-1.2.8.tar.gz

把这三个插件解压到squirrelmail的plugin目录下并设置权限。
# tar -zxvf quota_usage-1.3-1.2.7.tar.gz -C /var/www/squirrelmail/plugins/
# tar -zxvf compatibility-1.3.tar.gz -C /var/www/squirrelmail/plugins/
# tar -zxvf change_mysqlpass-3.2-1.2.8.tar.gz -C /var/www/squirrelmail/plugins/
第一个插件是用来显示邮箱的使用情况的;第二个和第三个插件是用来修改密码的。
如果不想装这些插件,请跳过。

配置Quota Usage
# cd /var/www/squirrelmail/plugins/quota_usage
# cp config.php.sample config.php

配置Change MySQL Password
# cd /var/www/squirrelmail/plugins/change_mysqlpass
# cp config.php.sample config.php
# vi config.php
更改如下几个变量:
$mysql_database = ‘postfix’;
$mysql_table = ‘mailbox’;
$mysql_userid_field = ‘username’;
$mysql_password_field =’password’;
$mysql_manager_id = ‘postfix’;
$mysql_manager_pw = ‘postfix’;
$mysql_unixcrypt = 0;
//$mysql_MD5crypt = 1;
$mysql_MD5crypt = 0;
$use_ssl_for_password_change = 0;

如果你的密码是MD5加密的,就把$mysql_MD5crypt = 0;改成$mysql_MD5crypt = 1;

配置squirrelmail
# cd /var/www/squirrelmail
# ./configure
进入10. Languages
把1. Default Language : 的en_US改成zh_CN。
进入8. Plugins,添加这三个插件

打开浏览器输入http://192.168.0.5/squirrelmail/,用test@test.com登陆,你将会在屏幕的左上角看到邮箱的使用情况,你还会看到一条警告信息:
Warning: mysql_result(): supplied argument is not a valid MySQL result resource in /var/www/squirrelmail/plugins/change_mysqlpass/functions.php on line 129
这是由于数据库结构不一致造成的,你只要把functions.php中的129行注释调即可(在行首加//)。
现在你还可以用选项中的change passwd修改你的密码了,不过这个模块是英文的,如果你想改成中文的,可以自己修改,squirrelmail网站上有介绍。或者请参考:
http://datastrategy.org/number5/archives/000241.html
1、把change_mysqlpass.po与locale/zh_CN/LC_MESSAGES/squirrelmail.po合并
最简单的方法就是:
# cat change_mysqlpass.po >> /var/www/squirrelmail/locale/zh_CN/LC_MESSAGES/squirrelmail.po
2、执行:
# cd /var/www/squirrelmail/locale/zh_CN/LC_MESSAGES/
# msgfmt -o squirrelmail.mo squirrelmail.po

由于安全原因,建议把data目录移出web tree,比如移到/usr目录下,设置权限
# cp -R /var/www/squirrelmail/data/ /var/data
# chown -R vmail.vmail /var/data
# chmod 730 -R /var/data

Go to top.

10.3.openwebmail 2.51
安装DBI.pm
# wget http://search.cpan.org/CPAN/authors/id/T/TI/TIMB/DBI-1.48.tar.gz
# tar zxvf DBI-1.48.tar.gz
# cd DBI-1.48
# perl Makefile.PL
# make
# make test
# make install

安装DBD-mysql
# wget http://search.cpan.org/CPAN/authors/id/R/RU/RUDY/DBD-mysql-2.9006.tar.gz
# tar zxvf DBD-mysql-2.9006.tar.gz
# cd DBD-mysql-2.9006
# export LANG=’C’
# ln -s /usr/local/mysql/bin/mysql_config /usr/bin/mysql_config
# perl Makefile.PL \
–libs="-L/usr/local/mysql/lib/mysql -lmysqlclient -lz" \
–cflags=-I/usr/local/mysql/include/mysql \
–testhost=127.0.0.1
# make
# make test # Some minor error messages can be ignored here
# make install

安装CGI.pm
# wget http://search.cpan.org/CPAN/authors/id/L/LD/LDS/CGI.pm-3.07.tar.gz
# tar zxvf CGI.pm-3.07.tar.gz
# cd CGI.pm-3.07
# perl Makefile.PL
# make
# make test
# make install

安装Text-Iconv
# wget http://search.cpan.org/CPAN/authors/id/M/MP/MPIOTR/Text-Iconv-1.4.tar.gz
# wget http://openwebmail.org/openwebmail/download/packages/Text-Iconv-1.2.tar.gz
# tar zxvf Text-Iconv-1.2.tar.gz
# cd Text-Iconv-1.2
# perl Makefile.PL
# make
# make test
# make install

安装MIME-Base64
# wget http://openwebmail.org/openwebmail/download/packages/MIME-Base64-3.01.tar.gz
# tar zxvf MIME-Base64-3.01.tar.gz
# cd MIME-Base64-3.01
# perl Makefile.PL
# make
# make test
# make install

安装suidperl(9.0安装盘的第二张盘中有)
# wget http://turtle.ee.ncku.edu.tw/openwebmail/download/redhat/rpm/packages/rh9/perl-suidperl-5.8.0-88.i386.rpm
# rpm -ivh perl-suidperl-5.8.0-88.i386.rpm

如果采用 rpm 安装,安装系统会自动对应到正确路径。若使用手动安装,将openwebmail目录及data目录移至如下/var/www/cgi-bin/openwebmail及/var/www/data,我是用tarball安装的
# wget http://openwebmail.org/openwebmail/download/release/openwebmail-2.51.tar.gz
# tar zxvf openwebmail-2.51.tar.gz -C /var/www

加入openwebmail的权限,编辑httpd.con,加入如下内容,假设/var/www/cgi-bin是apache的cgi-bin目录
# vi /usr/local/apache/conf/httpd.conf
ScriptAlias /openwebmail "/var/www/cgi-bin/openwebmail/openwebmail.pl"

存盘后重新启动apache
# service httpd restart

编辑mysql认证文件
# vi /var/www/cgi-bin/openwebmail/auth/auth_mysql.pl
my $SQLHost = ‘localhost’;
my $sqlusr = ‘postfix’;
my $sqlpwd = ‘postfix’;
my $auth_db = ‘postfix’;
my $auth_table = ‘mailbox’;
my $field_username = ‘username’;
my $field_password = ‘password’;
my $field_realname = ‘name’;
my $field_uid = ‘1001’;
my $field_gid = ‘1001’;
my $field_home = ‘maildir’;
my $pass_type = ‘cleartxt’;

编辑openwebmail主配置文件
# vi /var/www/cgi-bin/openwebmail/etc/openwebmail.conf
domainnames auto
auth_module auth_mysql.pl
auth_withdomain yes
mailspooldir /var/mailbox
create_syshomedir new
use_syshomedir new
ow_cgidir /var/www/cgi-bin/openwebmail
ow_usersdir /var/mailbox
ow_cgiurl /cgi-bin/openwebmail
ow_htmldir /var/www/data/openwebmail
ow_htmlurl /data/openwebmail
logfile /var/log/openwebmail.log

quota_module quota_du.pl #磁盘限额模块
quota_limit 30000 #用户主目录磁盘上限30M
spool_limit 10000 #收件箱上限10M /var/mail

enable_webdisk no
enable_sshterm no

接下来执行初始化
# /var/www/cgi-bin/openwebmail/openwebmail-tool.pl –init

将dbm.conf中的设定改为执行初始化后系统所要求的
# cp /var/www/cgi-bin/openwebmail/etc/defaults/dbm.conf /var/www/cgi-bin/openwebmail/etc/
# vi /var/www/cgi-bin/openwebmail/etc/dbm.conf
dbm_ext .db
dbmopen_ext .db
dbmopen_haslock no

再执行一次初始化
# /var/www/cgi-bin/openwebmail/openwebmail-tool.pl –init

这时便会出现一些讯息,最后出现一行
Send the site report?(Y/n)
按 Enter 即可,这样便完成 openwebmail 的设定

创建日志文件并设置logrotate
# touch /var/log/openwebmail.log
# vi /etc/logrotate.d/syslog (加入下面几行)
/var/log/openwebmail.log {
postrotate
/usr/bin/killall -HUP syslogd
endscript
}

测试
http://192.168.1.5/openwebmail

openwebmail不支持Maildir,所以照这篇文章的设置,将不能收邮件,可以打个补丁(非官方提供),也可以把postfix改成Mailbox格式的,但是我更期待支持Maildir的官方版,应该快了吧!

Go to top.

11.安装clamav 0.84
# wget http://jaist.dl.sourceforge.net/sourceforge/clamav/clamav-0.84.tar.gz
# tar zxvf clamav-0.84.tar.gz
# cd clamav-0.84
# groupadd clamav
# useradd -g clamav -s/bin/false -d/dev/null clamav
# ./configure –prefix=/usr/local/clamav –with-dbdir=/usr/local/share/clamav
# make
# make check
# make install

编辑/usr/local/clamav/etc/clamd.conf
# vi /usr/local/clamav/etc/clamd.conf
#Verbose logging with syslog
LogSyslog
LogVerbose
LogFacility LOG_MAIL
LogFile /var/log/clamav/clamd.log
#Change pid file location
PidFile /var/run/clamav/clamd.pid
DatabaseDirectory /usr/local/share/clamav
#Set the clamav socket
LocalSocket /var/run/clamav/clamd
#Close the connection when this limit is exceeded
StreamMaxLength 10M
#Don’t run clamd as root
User amavis
#Newer versions require you to uncomment this
ScanMail
ScanArchive

编辑/usr/local/clamav/etc/freshclam.conf
# vi /usr/local/clamav/etc/freshclam.conf
DatabaseDirectory /usr/local/share/clamav
UpdateLogFile /var/log/clamav/freshclam.log
LogSyslog
LogVerbose
DatabaseOwner amavis
#Check for updates every two hours. That is the official recommendation
Checks 12
DatabaseMirror db.CN.clamav.net
DatabaseMirror database.clamav.net
NotifyClamd

注意:一定要注释掉上面两个文件中Example那行

添加amavis用户和组
# groupadd amavis
# useradd -g amavis -s /bin/false -c "Amavis User" -d /dev/null amavis

创建日志文件夹并设置权限
# mkdir /var/log/clamav
# chmod -R 744 /var/log/clamav
# chown -R amavis:amavis /var/log/clamav

# chown -R amavis.amavis /usr/local/share/clamav
# mkdir /var/run/clamav
# chmod 700 /var/run/clamav
# chown amavis.amavis /var/run/clamav

手动更新病毒库
# /usr/local/clamav/bin/freshclam

设置自动更新病毒库
# vi /etc/crontab
0 4 * * * root /usr/local/clamav/bin/freshclam –quiet -l /var/log/clamd.log

启动
# /usr/local/clamav/sbin/clamd

Go to top.

13.安装amavisd-new 2.3.0

# wget http://www.ijs.si/software/amavisd/amavisd-new-2.3.0.tar.gz
# tar zxvf amavisd-new-2.3.0.tar.gz
# cd amavisd-new-2.3.0
# groupadd amavis
# useradd -g amavis -s /bin/false -c "Amavis User" -d /dev/null amavis

# mkdir -p /var/amavis /var/amavis/tmp /var/amavis/var /var/amavis/db
# chown -R amavis:amavis /var/amavis
# chmod -R 750 /var/amavis

# cp amavisd /usr/local/sbin/
# chown root /usr/local/sbin/amavisd
# chmod 755 /usr/local/sbin/amavisd

# cp amavisd.conf /etc/
# chown root /etc/amavisd.conf
# chmod 644 /etc/amavisd.conf

病毒邮件存放目录
# mkdir /var/virusmails
# chown amavis:amavis /var/virusmails
# chmod 750 /var/virusmails

Go to top.

编辑/etc/amavisd.conf,修改下面这几行
# vi /etc/amavisd.conf
$max_servers=8;
$daemon_user = ‘amavis’;
$daemon_group = ‘amavis’;
$mydomain = ‘test.com’;
$db_home = "$MYHOME/db";
$inet_socket_port = 10024;
$sa_tag_level_deflt = -100;
$sa_tag2_level_deflt = 6.3;
$sa_kill_level_deflt = $sa_tag2_level_deflt;
$virus_admin = "virusalert\@$mydomain";
$sa_spam_subject_tag = ‘***SPAM*** ‘;
$notify_method = $forward_method;
$forward_method = ‘smtp:127.0.0.1:10025’;
$final_virus_destiny = D_DISCARD;
$final_banned_destiny = D_DISCARD;
$final_spam_destiny = D_DISCARD;
[‘ClamAV-clamd’,
 \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd"],
 qr/\bOK$/, qr/\bFOUND$/,
 qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],

测试amavis
# /usr/local/sbin/amavisd debug
ERROR: MISSING REQUIRED BASIC MODULES:
Time::HiRes
IO::Wrap
Unix::Syslog
Mail::Field
MIME::Words
Net::Server
BEGIN failed–compilation aborted at /usr/local/sbin/amavisd line 141.
根据出错提示,缺什么装什么
# perl -MCPAN -e shell
cpan> install Time::HiRes
cpan> install IO::Wrap
cpan> install Unix::Syslog
cpan> install Mail::Field
cpan> install MIME::Words
cpan> install Net::Server
cpan> install BerkeleyDB
cpan> install Convert::TNEF
cpan> install Convert::UUlib
cpan> install Archive::Tar
cpan> install Archive::Zip (# export LANG=C)
cpan> install HTML::Parser
cpan> install DB_File
cpan> install Net::DNS (when prompted to enable tests, choose no)
cpan> install Digest::SHA1
cpan> install Mail::SpamAssassin (# export LANG=en_US)

启动
# /usr/local/sbin/amavisd start

Go to top.

设置postfix
修改/etc/postfix/main.cf
# vi /etc/postfix/main.cf (加入一行)
content_filter = amavis:127.0.0.1:10024
修改/etc/postfix/master.cf
# vi /etc/postfix/master.cf (在最后加上)
# amavisd-new
amavis unix – – n – 2 smtp
 -o smtp_data_done_timeout=1200
 -o smtp_send_xforward_command=yes
 -o disable_dns_lookups=yes

localhost:10025 inet n – n – – smtpd
 -o content_filter=
 -o local_recipient_maps=
 -o relay_recipient_maps=
 -o mynetworks=127.0.0.0/8
 -o smtpd_helo_restrictions=
 -o smtpd_client_restrictions=
 -o smtpd_sender_restrictions=
 -o smtpd_recipient_restrictions=permit_mynetworks,reject
 -o strict_rfc821_envelopes=yes
 -o smtpd_error_sleep_time=0
 -o smtpd_soft_error_limit=1001
 -o smtpd_hard_error_limit=1000

重新启动postfix
# postfix stop
# postfix start
# postfix check

# netstat -an | grep LISTEN (应该可以看到这两个端口在监听)
127.0.0.1.10024 *.* 0 0 49152 0 LISTEN
127.0.0.1.10025 *.* 0 0 49152 0 LISTEN

Go to top.

12.安装Spamassassin 3.0.3
前面装amavis的时候已经装好了,如果没装,请按如下方式安装
# perl -MCPAN -e shell
cpan> install HTML::Parser
cpan> install DB_File
cpan> install Net::DNS (when prompted to enable tests, choose no)
cpan> install Digest::SHA1
cpan> install Mail::SpamAssassin

# vi /etc/mail/spamassassin/local.cf (修改后不用重新启动 SpamAssassin,立即生效)
report_safe 0
use_bayes 1
bayes_path /var/amavisd/.spamassassin/bayes
bayes_auto_learn 1
skip_rbl_checks 0
use_razor2 1
use_dcc 1
use_pyzor 1
# 是否能够进行 DNS 查询。直接设定为 yes 将有效加快 amavis 的启动速度
dns_available yes
# 检查是否为由内部网络所寄出的信件。
# 若是,则永远不判断为垃圾邮件。(评分减 50 分)
# 其中的 example.net 请替换成您的 Domain Name..
header LOCAL_RCVD Received =~ /.*\(\S+\.domain\.com\s+\[.*\]\)/
describe LOCAL_RCVD Received from local machine
score LOCAL_RCVD -50
# 垃圾邮件计分规则
score DCC_CHECK 4.000
score SPF_FAIL 10.000
score SPF_HELO_FAIL 10.000
score RAZOR2_CHECK 2.500
score BAYES_99 4.300
score BAYES_90 3.500
score BAYES_80 3.000

新建文件/var/amavisd/.spamassassin/user_prefs
# touch /var/amavis/.spamassassin/user_prefs

检查local.cf语法
# spamassassin –lint

bayes(计划中)

启动spamd
# /usr/bin/spamd –daemonize –pidfile /var/run/spamd.pid

下载中文垃圾垃圾邮件过滤规则Chinese_rules.cf
# wget -N -P /usr/share/spamassassin www.ccert.edu.cn/spam/sa/Chinese_rules.cf

每次更新Chinese_rules.cf需要重启spamd方法如下
# kill -HUP `cat /var/run/spamd.pid`

自动更新中文垃圾垃圾邮件过滤规则
# vi /etc/crontab (加一行)
0 0 1 * * root wget -N -P /usr/share/spamassassin www.ccert.edu.cn/spam/sa/Chinese_rules.cf;kill -HUP `cat /var/run/spamd.pid`

测试病毒扫描
使用其他邮件系统用户给该系统的用户发送邮件,包含以下内容:
X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
如果这个用户能够收到有病度提示的邮件说明病毒过滤已经成功!
邮件病毒扫描日志将被记录在/var/log/clamav/clamav.log中!

测试垃圾邮件扫描
使用其他邮件系统用户给该系统的用户发送邮件,包含以下内容:
XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X
然后查看邮件日志看看,发出的邮件是否被BOUNCE或DISCARD了

建立maildrop过滤脚本(如果你使用amavisd-new来对spamassassin进行操作的话,跳过该项)
# vi /etc/maildroprc
if ( $SIZE < 26144 )
{
exception {
xfilter "/usr/bin/spamassassin"
}
}

if (/^X-Spam-Flag: *YES/)
{
exception {
to "$HOME$DEFAULT/.Spam/"
}
}
else
{
exception {
to "$HOME$DEFAULT"
}
}

Go to top.

14.后记
大功告成,终于结束了。这篇文章花了本人无数心血,参考了无数篇文章,多少个日日夜夜啊,好几次烦得差点吐血,但是我坚持下来了。希望各位能够成功。

Go to top.

15.启动脚本
postfix的启动脚本:
# cat /etc/rc.d/init.d/postfix
#!/bin/bash
#
# mailsys This shell script takes care of starting and stopping Postfix
# author : xingyu.wang <wxy@cngnu.org> 2004/1/28
#
# chkconfig: 2345 80 30
# description: Postfix is a Mail Transport Agent, which is the program
# that moves mail from one machine to another.
#
# processname: mailsys
# pidfile: /var/run/postfix.pid
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
. /etc/sysconfig/network

# Check that networking is up.
[ ${NETWORKING} = "no" ] && exit 0
[ -f /usr/sbin/postfix ] || exit 0
RETVAL=0
prog="Postfix"

start() {
# Start daemons.
echo -n $"Starting $prog: "
/usr/sbin/postfix start > /dev/null 2>&1 &

RETVAL=$?

if [ $RETVAL -eq 0 ]; then
touch /var/lock/subsys/postfix
success $"$prog start"
else
failure $"$prog start failure"
fi

echo
return $RETVAL
}

stop() {
# Stop daemons.
echo -n $"Shutting down $prog: "
/usr/sbin/postfix stop > /dev/null 2>&1 &
RETVAL=$?

if [ $RETVAL -eq 0 ]; then
rm -f /var/lock/subsys/postfix
success $"$prog stop"
else
failure $"$prog stop failure"
fi

echo
return $RETVAL
}

# See how we were called.
case "$1" in
start)
start
;;
stop)
stop
;;
restart|reload)
stop
start
RETVAL=$?
;;
*)
echo $"Usage: $0 {start|stop|restart}"
exit 1
esac
exit $RETVA

# chmod 755 /etc/rc.d/init.d/postfix
# chkconfig –level 0123456 postfix on

clamav的启动脚本(有问题)
# cat /etc/rc.d/init.d/clamd
#!/bin/bash
#
# clamav: This script controls the clamd
#

# chkconfig: 2345 79 31
# description: clamav
# processname: clamav
# pidfile: /var/run/clam.pid

# Source function library.
. /etc/rc.d/init.d/functions

prog="/usr/local/sbin/clamd"
prog_base="ClamD"
prog_config_file="/etc/clamav.conf"

## Check that networking is up.

RETVAL=0

# See how we were called.
case "$1" in
start)
echo -n "Starting $prog_base:"
$prog -c $prog_config_file >> /var/log/clamd.log &
RETVAL=$?
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/${prog_base}
success
echo
;;
stop)
echo -n "Shutting down $prog_base:"
#Force the kill…
kill `ps -A | grep clamd | cut -c1-6` &> /dev/null
RETVAL=$?
#Sleep for a second or two.
/bin/sleep 3s
#Kill the stale socket.
rm -f /tmp/clamd > /dev/null
if [ $RETVAL -eq 0 ] ; then
success
#echo "${prog_base} stopped"
rm -f /var/lock/subsys/${prog_base}
echo
else
echo
fi
;;
status)
status ${prog_base}
RETVAL=$?
;;
restart)
$0 stop
$0 start
RETVAL=$?
;;
reload)
#action $"Reloading ${prog_base}:" ${prog} -c ${prog_config_file} reload
$0 restart
RETVAL=$?
;;
*)
echo "Usage: $0 {start|stop|status|restart|reload}"
exit 1
esac

exit $RETVAL

# chmod 755 /etc/rc.d/init.d/clamd
# chkconfig –level 0123456 postfix on

Advertisements

评论»

No comments yet — be the first.

发表评论

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / 更改 )

Twitter picture

You are commenting using your Twitter account. Log Out / 更改 )

Facebook photo

You are commenting using your Facebook account. Log Out / 更改 )

Google+ photo

You are commenting using your Google+ account. Log Out / 更改 )

Connecting to %s

%d 博主赞过: