基于Linux和Postfix的邮件系统的web mail安装手册

1.、安装系统

安装之前：因用户数据都保存在/var目录下，因此安装系统时/var的空间应尽量大。系统的版本为最小化安装，软件包只安装只装开发包 (development)。在文档中假设服务器的ip地址为192.168.0.2，域名为test.com，主机名为mail.test.com。所需的软件包我都打包好了。

下载地址： http://www.toping.net/soft/src.tar.gz

请兄弟们仔细一些，注意空格和TAB。

祝兄弟们好运。本人水平有限。如果发现文章中有什么错误和不当的地方请发邮件：scyz at toping.net。我会在第一时间给予答复。

2.关闭selinux

[root@mail]# vi /etc/selinux/config

SELINUX=disable

[root@mail]# reboot

3、设置YUM

[root@mail yum.repos.d] vi CentOS-Base.repo

[base]

name=CentOS-4.2 - Base

baseurl=http://mirror.be10.com/centos/4.2/os/ $basearch/

gpgcheck=1

gpgkey=http://mirror.be10.com/centos/RPM-GPG-KEY-centos4

#released updates

[update]

name=CentOS-4.2 - Updates

baseurl=http://mirror.be10.com/centos/4.2/updates/ $basearch/

gpgcheck=1

gpgkey=http://mirror.be10.com/centos/RPM-GPG-KEY-centos4

#packages used/produced in the build but not released

[addons]

name=CentOS-4.2 - Addons

baseurl=http://mirror.be10.com/centos/4.2/addons/ $basearch/

gpgcheck=1

gpgkey=http://mirror.be10.com/centos/RPM-GPG-KEY-centos4

#additional packages that may be useful

[extras]

name=CentOS-4.2 - Extras

baseurl=http://mirror.be10.com/centos/4.2/extras/ $basearch/

gpgcheck=1

gpgkey=http://mirror.be10.com/centos/RPM-GPG-KEY-centos4

#additional packages that extend functionality of existing packages

[centosplus]

name=CentOS-4.2 - Plus

baseurl=http://mirror.be10.com/centos/4.2/centosplus/ $basearch/

gpgcheck=1

enabled=0

gpgkey=http://mirror.be10.com/centos/RPM-GPG-KEY-centos4

#contrib - packages by Centos Users

[contrib]

name=CentOS-4.2 - Contrib

baseurl=http://mirror.be10.com/centos/4.2/contrib/ $basearch/

gpgcheck=1

enabled=0

gpgkey=http://mirror.be10.com/centos/RPM-GPG-KEY-centos4

#packages in testing

[testing]

name=CentOS-4.2 - Testing

baseurl=http://mirror.be10.com/centos/4.2/testing/ $basearch/

gpgcheck=1

enabled=0

gpgkey=http://mirror.be10.com/centos/RPM-GPG-KEY-centos4

[root@mail yum.repos.d]# vi dag.repo

[dag]

name=Dag RPM Repository for Red Hat Enterprise Linux

baseurl=http://apt.sw.be/redhat/el $releasever/en/ $basearch/dag

gpgcheck=1

enabled=1

[root@mail yum.repos.d]# yum update

4、安装mysql

[root@mail build]#yum install mysql-server

[root@mail build]#yum install mysql-devel

5、安装apache

[root@mail build]#yum install httpd

6.安装php

[root@mail build]#yum install php

[root@mail build]#yum install php-mysql

[root@mail build]#yum install php-gd

[root@mail build]#yum install php-imap

[root@mail build]#yum install vsftpd

[root@mail build]#yum install clamav

[root@mail build]#yum install spamassassin

[root@mail build]#/usr/bin/freshclam

设置apache

默认：

User apache

改为

User postfix

默认

Group apache

改为

Group postfix

默认

AddDefaultCharset UTF-8

改为

AddDefaultCharset gb2312

新加入：

AddType application/x-httpd-php .php

AddType application/x-httpd-php-source .phps

7、安装phpMyAdmin

[root@mail build]#tar –zxf ../src/phpMyAdmin-2.8.0.1.tar.gz

[root@mail build]#mv phpMyAdmin-2.8.0.1 /var/www/html/dbadmin/

[root@mail build]#cp /var/www/html/dbadmin/libraries/config.default.php /var/www/html/dbadmin/dbadmin/libraries/config.inc.php (line 1.)

8、设置数据库

[root@mail build]#mysql

Mysql create datases postfix;

Mysql use mysql;

Mysql INSERT INTO user (host,user,password) VALUES('localhost','postfix','');

Mysql update user set password=password('postfix') where User='postfix';

Mysql GRANT ALL ON postfix.* TO postfix@localhost IDENTIFIED BY "postfix";

Mysql exit

[root@mail build] tar –zxf ../src/webmail.tar.gz

[root@mail build] mysql –u root –p postfix /etc/postfix/aliases

[root@mail build] /usr/bin/newaliases

[root@mail build] mv /var/mail /var/mail.bak

[root@mail build] mkdir /var/mail

[root@mail build] chown -R postfix:postfix /var/mail

[root@mail build] mv /etc/postfix/main.cf /etc/postfix/main.cf.bak

[root@mail build] vi /etc/postfix/main.cf

command_directory = /usr/sbin

config_directory = /etc/postfix

daemon_directory = /usr/libexec/postfix

debug_peer_level = 2

html_directory = no

mail_owner = postfix

mailq_path = /usr/bin/mailq

manpage_directory = /usr/local/man

newaliases_path = /usr/bin/newaliases

queue_directory = /var/spool/postfix

readme_directory = no

sample_directory = /etc/postfix

sendmail_path = /usr/sbin/sendmail

setgid_group = postdrop

unknown_local_recipient_reject_code = 550

header_checks = regexp:/etc/postfix/header_checks

#############NEW ADD#####################

#=====================BASE=====================

myhostname = mail.test.com

mydomain = test.com

mydestination =  $myhostname

local_recipient_maps =

local_transport = virtual

#=====================MySQL=====================

virtual_alias_maps = mysql:/etc/postfix/mysql/mysql_virtual_alias_maps.cf

virtual_gid_maps = static:54321

virtual_mailbox_base = /

virtual_mailbox_domains = mysql:/etc/postfix/mysql/mysql_virtual_domains_maps.cf

virtual_mailbox_limit = 51200000

virtual_mailbox_maps = mysql:/etc/postfix/mysql/mysql_virtual_mailbox_maps.cf

virtual_minimum_uid = 125

virtual_transport = virtual

virtual_uid_maps = static:12345

#=====================Quota=====================

virtual_create_maildirsize = yes

virtual_mailbox_extended = yes

virtual_mailbox_limit_maps = mysql:/etc/postfix/mysql/mysql_virtual_mailbox_limit_maps.cf

virtual_mailbox_limit_override = yes

virtual_maildir_limit_message = Sorry, the user's maildir has overdrawn his diskspace quota, please try again later.

virtual_overquota_bounce = yes

#====================SASL=====================

smtpd_sasl_auth_enable = yes

smtpd_sasl_security_options = noanonymous

broken_sasl_auth_clients = yes

smtpd_delay_reject=yes

smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,permit_auth_destination,reject

smtpd_client_restrictions = permit_sasl_authenticated

[root@mail build] vi mysql_virtual_alias_maps.cf

user = postfix

password = postfix

hosts = localhost

dbname = postfix

query = SELECT alias FROM userinfo WHERE address='%s' AND active = 1

[root@mail build] vi mysql_virtual_domains_maps.cf

user = postfix

password = postfix

hosts = localhost

dbname = postfix

query = SELECT domain FROM domaininfo WHERE domain='%s'

[root@mail build] vi mysql_virtual_mailbox_limit_maps.cf

user = postfix

password = postfix

hosts = localhost

dbname = postfix

query = SELECT quota FROM userinfo WHERE address='%s'

[root@mail build] vi mysql_virtual_mailbox_maps.cf

user = postfix

password = postfix

hosts = localhost

dbname = postfix

query = SELECT maildir FROM userinfo WHERE address='%s' AND active = 1

15、配置sasl认证

[root@mail build] vi /usr/lib/sasl2/smtpd.conf

pwcheck_method: authdaemond

log_level: 3

mech_list: plain login

authdaemond_path:/usr/lib/authlib/var/socket

16、配置courier-imap

[root@mail build] mv /usr/lib/authlib/etc/authlib/authmysqlrc /usr/lib/authlib/etc/authlib/authmysqlrc.bak

[root@mail build] vi /usr/lib/authlib/etc/authlib/authmysqlrc

MYSQL_SERVER localhost

MYSQL_USERNAME postfix

MYSQL_PASSWORD postfix

MYSQL_PORT 0

MYSQL_OPT 0

MYSQL_DATABASE postfix

MYSQL_USER_TABLE userinfo

MYSQL_CRYPT_PWFIELD passwd

MYSQL_UID_FIELD '12345'

MYSQL_GID_FIELD '54321'

MYSQL_LOGIN_FIELD address

MYSQL_HOME_FIELD homedir

MYSQL_NAME_FIELD realname

MYSQL_MAILDIR_FIELD maildir

MYSQL_QUOTA_FIELD quota

[root@mail build] mv /usr/lib/authlib/etc/authlib/authdaemonrc /usr/lib/authlib/etc/authlib/authdaemonrc.bak

[root@mail build] vi /usr/lib/authlib/etc/authlib/authdaemonrc

authmodulelist="authmysql"

authmodulelistorig="authmysql"

version="authdaemond.mysql"

daemons=5

subsystem=mail

DEBUG_LOGIN=0

DEFAULTOPTIONS="wbnodsn=1"

[root@mail build] vi /usr/lib/imapd/etc/pop3d

默认

POP3DSTART=NO

改为

POP3DSTART=YES

[root@mail build] vi /usr/lib/imapd/etc/imapd

默认

IMAPDSTART=NO

改为

IMAPDSTART=YES

[root@mail build] chmod +x /usr/lib/authlib/var/

17、安装WebMail

[root@mail build] mv Tmail /var/www/html/webmail

[root@mail build] vi /var/www/html/webmail/config/config_inc.php

 $CFG_BASEPATH = "/var/www/html/webmail/temp"; //临时目录

// Mysql

define(MYSQL_HOST, 'localhost'); //数据库主机名

define(MYSQL_USER, 'postfix'); //数据库用户名

define(MYSQL_PASS, 'postfix'); //数据库密码

define(MYSQL_DATA, 'postfix'); //数据库名称

 $CFG_NETDISK_PATH = "/var/mail/netdisk"; //文件管理存储目录

[root@mail build] vi /var/www/html/webmail/webadmin/include/config.inc.php

// Mysql

define(MYSQL_HOST, 'localhost'); //数据库主机名

define(MYSQL_USER, 'postfix'); //数据库用户名

define(MYSQL_PASS, 'postfix'); //数据库密码

define(MYSQL_DATA, 'postfix'); //数据库名称

[root@mail build] mkdir /var/mail/netdisk

[root@mail build] chown –R postfix:postfix /var/mail/netdisk

[root@mail build] mkdir /var/www/html/webmail/temp

[root@mail build] chown –R postfix:postfix /var/www/html/webmail/temp

[root@mail build] cp courier-authlib-0.58/courier-authlib.sysvinit /etc/rc.d/init.d/courier-authlib

[root@mail build] chmod 755 /etc/rc.d/init.d/courier-authlib

[root@mail build] chkconfig –-add courier-authlib

[root@mail build] cp courier-imap-4.0.6/courier-imap.sysvinit /etc/rc.d/init.d/courier-imap

[root@mail build] chmod 755 /etc/rc.d/init.d/courier-imap

[root@mail build] chkconfig –-add courier-imap

18、启动服务测试

[root@mail build] chkconfig httpd on

[root@mail build] chkconfig mysqld on

[root@mail build] service httpd start

[root@mail build] service mysqld start

[root@mail build] service courier-authlib start

[root@mail build] service courier-imap start

[root@mail build] postfix start

通过后台加入域名和用户名（本文档中的域名为: test.com 、 用户名： test@test.com ）

[root@mail build] perl -MMIME::Base64 -e 'print encode_base64("test\@test.com");'

dGVzdEB0ZXN0LmNvbQ==

[root@mail build] perl -MMIME::Base64 -e 'print encode_base64("000000");'

MDAwMDAw

[root@mail build] telnet localhost 25

Trying 127.0.0.1...

Connected to localhost.localdomain (127.0.0.1).

Escape character is '^]'.

220 mail.test.com ESMTP Postfix

ehlo mail

250-mail.test.com

250-PIPELINING

250-SIZE 10240000

250-VRFY

250-ETRN

250-AUTH PLAIN LOGIN

250-AUTH=PLAIN LOGIN

250 8BITMIME

auth login

334 VXNlcm5hbWU6

dGVzdEB0ZXN0LmNvbQ== //用户名（test@test.com）

334 UGFzc3dvcmQ6

MDAwMDAw // 密码（000000）

235 Authentication successful //表示成功验证通过

19、安装Clamav

[root@mail build] rpm --import http://dag.wieers.com/packages/RPM-GPG-KEY.dag.txt

[root@mail build] rpm --import RPM-GPG-KEY.dag.txt

[root@mail build] rpm -q gpg-pubkey --qf "%{summary} - %{version}-%{release}\n"

gpg(CentOS-4 key ) - 443e1821-421f218f

gpg(Dag Wieers (Dag Apt Repository v1.0) ) - 6b8d79e6-3f49313d

[root@mail build] vi /etc/yum.repos.d/dag.repo

[dag]

name=Dag RPM Repository for Red Hat Enterprise Linux

baseurl=http://apt.sw.be/redhat/el $releasever/en/ $basearch/dag

gpgcheck=1

enabled=1

[root@mail build] yum update

[root@mail build] yum install clamav

20、升级病毒库

[root@mail build] /usr/bin/freshclam

ClamAV update process started at Thu Mar 9 17:23:21 2006

main.cvd is up to date (version: 36, sigs: 44686, f-level: 7, builder: tkojm)

daily.cvd is up to date (version: 1319, sigs: 1376, f-level: 7, builder: ccordes)

21、安装Spamassassin

[root@mail build] yum install spamassassin

[root@mail build] service spamassassin start

22、安装MailScanner

[root@mail build] tar –zxf ../src/MailScanner-4.51.5-1.rpm.tar.gz

[root@mail build] MailScanner-4.51.5-1/install.sh

23、设置MailScanner

[root@mail build] chkconfig sendmail off

[root@mail build] chkconfig --level 2345 MailScanner on

[root@mail build] vi /etc/MailScanner/MailScanner.conf

%org-name% = toping.net

%org-long-name% = wooxian

%web-site% = www.toping.net

%report-dir% = /etc/MailScanner/reports/cn

Run As User = postfix

Run As Group = postfix

Incoming Queue Dir = /var/spool/postfix/hold

Outgoing Queue Dir = /var/spool/postfix/incoming

MTA = postfix

Virus Scanners = clamav

Always Include SpamAssassin Report = yes

Use SpamAssassin = yes

Required SpamAssassin Score = 6

SpamAssassin User State Dir = /var/spool/MailScanner/spamassassin

SpamAssassin Install Prefix = /usr/bin

SpamAssassin Local Rules Dir = /etc/MailScanner

[root@mail build] yum install unrar

[root@mail build] unrar x ../src/cn.rar

[root@mail build] mv cn /etc/MailScanner/reports/

[root@mail build] mv /etc/postfix/header_check /etc/postfix/header_check.bak

[root@mail build] vi /etc/postfix/header_check

/^Received:/ HOLD

[root@mail build] chown –R postfix:postfix /var/spool/MailScanner/*

[root@mail build] postfix stop

[root@mail build] service MailScanner start

24、测试病毒邮件

[root@mail build] telnet localhost 25

Trying 127.0.0.1...

Connected to localhost.localdomain (127.0.0.1).

Escape character is '^]'.

220 mail.test.com ESMTP Postfix

ehlo mail

250-mail.test.com

250-PIPELINING

250-SIZE 10240000

250-VRFY

250-ETRN

250-AUTH PLAIN LOGIN

250-AUTH=PLAIN LOGIN

250 8BITMIME

auth login

334 VXNlcm5hbWU6

dGVzdEB0ZXN0LmNvbQ== //用户名（test@test.com）

334 UGFzc3dvcmQ6

MDAwMDAw // 密码（000000）

235 Authentication successful //表示成功验证通过

MAIL FROM:

250 Ok

RCPT TO:

250 Ok

DATA

354 End data with .

Subject:Virus test

X5O!P%@AP[4\PZX54(P^)7CC)7} $EICAR-STANDARD-ANTIVIRUS-TEST-FILE! $H+H*

.

250 Ok: queued as F0C221CC20 //出现F0C221CC20这行表示mailscanner运行成功了

quit

221 Bye

Connection closed by foreign host.

收到邮件后会在主题会变成：{Virus?} Virus test

邮件内容会是以下内容：

警告: 此邮件有一个或多个附加档案被移除

警告: 附加档案名称: (详细讯息).

警告: 请参考此信件附加档案 "toping.net-Attachment-Warning.txt" 取得更详细的资料

此讯息由 MailScanner 电子邮件防护系统发出

-----------------------------------------

原有邮件附加档案为 "详细讯息" 被列入拒绝处理的名单.

且被替换为此讯息.

若您仍希望收到*被感染的*附加档案,,请联络系统管理者.包含以下内容:

Thu Mar 9 15:57:25 2006 病毒侦测报告:

ClamAV: msg-3682-1.txt contains Eicar-Test-Signature

求助问题: 检查 the toping.net () MailScanner 机器的 /var/spool/MailScanner/quarantine/20060309 (编号 639F13F97B.BBC3F).

--

系统管理者

以上内容出现表示mailscanner的病毒过滤生效。并成功运行！！

到此一台具有反垃圾和反病毒的邮件服务器建成了，希望我的文档对邮件服务器爱好者能有所帮助～！ 如果文档中有任何问题可以发邮件给我指出来我会马上改正。谢谢大家！祝大家好运！！scyz at toping.net

25、关于本文；

祝兄弟们好运。本人水平有限。如果发现文章中有什么错误和不当的地方请发邮件：scyz@toping.net。我会在第一时间给予答复。

26、更新日志；

新增使用mailscanner来对进出邮件进行监管。new

修正上一个版本的一些理解性和文件性错误。

主要“加强”了病毒过滤和垃圾邮件过滤，更加节约系统资源，使系统配置更简单化。

垃圾邮件过滤基本上达到了95%的成功率

本文首次使用MailScanner+Clamav配合对邮件病毒进行过滤。

经过严格病毒邮件测试成功率达到了100%。

翻译了病毒邮件提示为中文提示，让系统更加的人性化。

• ·万斯同评传(精)/中国思想家评传丛书(中国思想
• ·魏源评传(精)/中国思想家评传丛书(中国思想家
• ·不息集--回忆张岱年先生|报价￥41.20|图
• ·如何用rsync修复不完整的Linux光盘映像
• ·乔姆斯基(语言政治与美国对外政策研究)/国际问
• ·老子传|报价￥22.20|图书,传记,哲学家、
• ·鉴真评传(精)/中国思想家评传丛书(中国思想家
• ·在Fedora Core 5上体验 Aiglx
• ·梁启超评传(精)/中国思想家评传丛书(中国思想
• ·Linux渐成黑客攻击目标 将带来巨大商机