很久之前就计划写一个Postfix在Linux平台上面的安装文档,把自己安装Postfix的过程总结一下,但由于工作的关系直到现在才动手。和个人的习惯有关,在安装过程中我使用了很多源代码,这对一个新手可能有些难度,但是我认为在Linux下面如何从源代码安装软件应当是每个系统管理都必须掌握的知识。我准备使用CHOST="i686-pc-linux-gnu" CFLAGS="-march=pentium4 -O2 -pipe -fomit-frame-pointer" CXXFLAGS="-march=pentium4 -O2 -pipe -fomit-frame-pointer"作为Gcc 3.4.4在i686 CPU上面的优化参数,你可以根据自己的实际情况进行修改。这个版本修正了上个版本中出现的一些错误,在此对hzqbbc对我的帮助致以最诚挚的谢意。
*************************************************************************************
1、安装操作系统
首先请准备好CentOS 4.2安装光盘的第一张和第二张,在“Installation Type"中选择“Custom”。在“Disk Partitioning Setup”时选择“Manually partition with Disk Druid”,因为我们要将邮件保存在“/home/mail”目录中,所以请为其保留足够的硬盘空间。在“Firewall Configuration”中选择“No firewall”,这样便于调试,你可以在邮件系统工作正常之后根据实际情况设置Firewall策略。在“Package Group Selection”中选择“Text-based Internet”和“Development Tools”两项。关于语言的选项你可以选择默认值,这样总的安装文件大小为1GB左右。安装完成后可以设置Crontab,让邮件服务器每天1点和时间服务器同步时间:
crontab -e
0 1 * * * /usr/bin/rdate -s time-b.timefreq.bldrdoc.gov
更新系统自带openssl和zlib
从下面的URL下载zlib 1.2.3的源代码:http://www.zlib.net/
安装zlib,zlib将被安装在“/usr/local”目录下:
tar jvxf zlib-1.2.3.tar.bz2
cd zlib-1.2.3
CHOST="i686-pc-linux-gnu" CFLAGS="-march=pentium4 -O2 -pipe -fomit-frame-pointer" CXXFLAGS="-march=pentium4 -O2 -pipe -fomit-frame-pointer" \
./configure --prefix=/usr/local --shared
make
make test
make install
从下面的URL下载openssl 0.9.7i的源代码:http://www.openssl.org
卸载系统自带的openssl 0.9.7a:
rpm -e --nodeps openssl-devel
rpm -e --nodeps openssl
安装openssl,openssl将被安装在“/usr”目录下:
tar zvxf openssl-0.9.7i.tar.gz
cd openssl-0.9.7i
./config --prefix=/usr --openssldir=/usr/share/ssl -fPIC threads shared
make
make test
make install
为了使系统自带的openssh等依赖于openssl的程序能够正常工作,建立libcrypto.so.0.9.7和libssl.so.0.9.7到/lib目录的链接:
ln -s /usr/lib/libcrypto.so.0.9.7 /lib/libcrypto.so.4
ln -s /usr/lib/libssl.so.0.9.7 /lib/libssl.so.4
2、安装MySQL服务器
你可以根据服务器的CPU类型,下载适合你所用CPU的MySQL发行包,如果你使用了icc 8.1编译的MySQL,请首先按照下面的方法安装MySQL运行所需的icc8.1的库文件,否则请直接到安装MySQL的部分。
下载并安装icc8.1的RPM包:
从下面的URL下载intel-icc8-libs-8.1-0.i386.rpm:http://dev.mysql.com/downloads/os-linux.html
从下面的URL下载compat-libstdc++-33-3.2.3-47.3.i386.rpm:http://mirror.centos.org/centos/4/os/i386/CentOS/RPMS/
使用rpm安装intel-icc8-libs-8.1-0.i386.rpm和compat-libstdc++-33-3.2.3-47.3.i386.rpm:
rpm -ivh compat-libstdc++-33-3.2.3-47.3.i386.rpm
rpm -ivh intel-icc8-libs-8.1-0.i386.rpm
安装MySQL 5.0.16:
从下面的URL下载MySQL 5.0.16以tar.gz形式发布二进制发行包:http://www.mysql.com
增加MySQL运行所需要的用户和组:
groupadd mysql
useradd mysql -g mysql -c "MySQL user" -d /nonexistent -s /sbin/nologin
安装MySQL软件,MySQL将被安装到“/usr/local/mysql”目录下:
tar zvxf mysql-max-5.0.16-linux-i686-glibc23.tar.gz
mv mysql-max-5.0.16-linux-i686-glibc23 /usr/local/mysql
cd /usr/local/mysql
scripts/mysql_install_db --user=mysql --log-bin=test-bin
chown -R root .
chown -R mysql data
chgrp -R mysql .
cp support-files/my-medium.cnf /etc/my.cnf
修改“/etc/my.cnf”文件,取消“skip-networking”前面的注释,这样的话MySQL将不监听TCP/IP端口,可以避免一些安全问题。
注:以tar.gz形式发布的MySQL默认的socket位置在“/tmp/mysql.sock”,而以rpm形式发布的MySQL默认的socket位置在“/var/lib/mysql/mysql.sock”。
修改“/etc/profile”文件,将“/usr/local/mysql/bin”加到PATH变量中。
配置MySQL服务开机自动运行:
cp support-files/mysql.server /etc/rc.d/init.d/mysql
chmod +x /etc/rc.d/init.d/mysql
chkconfig --add mysql
设置MySQL的默认字符集为GB2312,修改/etc/rc.d/init.d/mysql文件,将第199行
从“$bindir/mysqld_safe --datadir=$datadir --pid-file=$pid_file /dev/null 2%26amp;1 %26amp;”
修改为“$bindir/mysqld_safe --datadir=$datadir --default-character-set=gb2312 --pid-file=$pid_file /dev/null 2%26amp;1 %26amp;”
注:为了安全请立即修改MySQL管理员的密码。
3、安装Web服务器
从下面的URL下载Apache 2.0.55的源代码:http://www.apache.org/dist/httpd/
增加Apache运行所需的用户和组:
groupadd httpd
useradd httpd -g httpd -c "Apache user" -d /nonexistent -s /sbin/nologin
安装Apache软件,Apache将被安装在“/usr/local/httpd”目录下:
tar jvxf httpd-2.0.55.tar.bz2
cd httpd-2.0.55
./configure --prefix=/usr/local/httpd --enable-so --enable-ssl --with-mpm=worker --enable-rewrite --enable-suexec --with-suexec-caller=httpd \
CHOST="i686-pc-linux-gnu" CFLAGS="-march=pentium4 -O2 -pipe -fomit-frame-pointer" CXXFLAGS="-march=pentium4 -O2 -pipe -fomit-frame-pointer"
make
make install
修改apache的配置文件(/usr/local/httpd/conf/httpd.conf),配置apache的默认语言、运行用户等参数:
DefaultLanguage zh_CN
User httpd
Group httpd
StartServers 10
MaxClients 1024
MinSpareThreads 100
MaxSpareThreads 800
ThreadsPerChild 64
MaxRequestsPerChild 0
在“/etc/rc.local”文件中增加“/usr/local/httpd/bin/apachectl start”,设置Apache开机自动运行。
4、安装PHP
从下面的URL下载PHP 5.1.1的源代码:http://www.php.net/downloads.php
安装PHP,PHP将被安装在“/usr/local/php”目录下,PHP的配置文件(php.ini)放在“/usr/local/php/etc”目录中:
tar jvxf php-5.1.1.tar.bz2
cd php-5.1.1
CHOST="i686-pc-linux-gnu" CFLAGS="-march=pentium4 -O2 -pipe -fomit-frame-pointer" CXXFLAGS="-march=pentium4 -O2 -pipe -fomit-frame-pointer" \
./configure --prefix=/usr/local/php --with-apxs2=/usr/local/httpd/bin/apxs --enable-track-vars --with-config-file-path=/usr/local/php/etc \
--with-mysql=/usr/local/mysql --enable-force-cgi-redirect --enable-ftp --with-openssl --with-gettext --with-zlib
make
make install
cp php.ini-dist /usr/local/php/etc/php.ini
修改Apache的配置,增加对PHP的支持:
增加“AddType application/x-httpd-php .php .phtml”
修改“DirectoryIndex index.html index.html.var”为“DirectoryIndex index.html index.htm index.php index.cgi”
验证PHP是否安装成功:
echo '' /usr/local/httpd/htdocs/info.php
重新启动Apache,在浏览器的地址栏中输入“http://服务器IP地址/info.php”,你应当可以看到关于PHP的详细信息,确认在MySQL章节中的“Client API version”版本是5.0.16。
注:如果你准备在这个服务器上面跑PHP的网站、论坛、blog等负载比较大的程序,你可以安装ZendOptimize、eaccelerator等PHP加速程序。
5、安装Postfix
从下面的URL下载Postfix 2.2.6的源代码:http://www.postfix.org
从下面的URL下载Postfix 2.2.6的VDA补丁程序:http://web.onda.com.br/nadal/
增加Postfix运行所需要的用户和组,并建立“/home/mail”目录作为存储邮件的地方:
groupadd postfix
groupadd postdrop
useradd postfix -g postfix -c "Postfix user" -d /nonexistent -s /sbin/nologin
mkdir /home/mail
chown postfix:postfix /home/mail
安装Postfix:
gzip -d postfix-2.2.6-vda.patch.gz
tar zvxf postfix-2.2.6.tar.gz
cd postfix-2.2.6
patch -p1
make -f Makefile.init makefiles \ OPT='-march=pentium4 -O2 -pipe -fomit-frame-pointer' \
'CCARGS=-DHAS_MYSQL -I/usr/local/mysql/include -DUSE_SASL_AUTH -I/usr/include/sasl -DUSE_TLS' \
'AUXLIBS=-L/usr/local/mysql/lib -lmysqlclient -lz -lm -L/usr/local/lib -lsasl2 -lssl -lcrypto'
make
make install
注:“make install”命令后的所有问题都直接敲回车键即可。
mv /etc/aliases /etc/aliases.old
ln -s /etc/postfix/aliases /etc/aliases
echo 'root: admin@example.com'/etc/postfix/aliases
/usr/bin/newaliases
注:因为Postfix不允许直接发邮件给root用户,所以你需要为root用户建立一个别名。
建立smtpd用户认证的配置文件:
vi /usr/lib/sasl2/smtpd.conf
pwcheck_method: authdaemond
log_level: 3
mech_list: plain login
authdaemond_path:/var/spool/authdaemon/socket
使用postconf -n简化main.cf,这样的好处是main.cf比较短小,不容易造成同一个配置出现2次的问题:
cd /etc/postfix
postconf -n main2.cf
mv main.cf main.cf.old
mv main2.cf main.cf
修改Postfix的配置文件,#号之后是说明文字:
vi /etc/postfix/main.cf
myhostname = mail.example.com # Line 68 mail.example.com是安装Postfix软件的主机名
mydomain = example.com # Line 76 example.com是安装Postfix软件的主机名中的域名部分
myorigin = $mydomain # Line 92
mydestination = # Line 153
alias_maps = hash:/etc/aliases # Line 375
home_mailbox = Maildir/ # Line 408 使用Maildir作为邮件的存储格式
mailbox_transport = /usr/bin/procmail # Line 455
fallback_transport = /usr/bin/procmail # Line 473
# Add following line in file's finality
virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_mailbox_base = /home/mail
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_limit = 102400000
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_minimum_uid = 502
virtual_uid_maps = static:502
virtual_gid_maps = static:502
virtual_transport = virtual
# Additional for quota support
virtual_create_maildirsize = yes
virtual_mailbox_extended = yes
virtual_mailbox_limit_maps = mysql:/etc/postfix/mysql_virtual_mailbox_limit_maps.cf
virtual_mailbox_limit_override = yes
virtual_maildir_limit_message = Sorry, the user's maildir has overdrawn his diskspace quota, please try again later.
virtual_overquota_bounce = yes
virtual_trash_count=yes
virtual_trash_name=.Trash
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_non_fqdn_hostname,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unauth_destination,
reject_unauth_pipelining,
reject_invalid_hostname,
reject_rbl_client opm.blitzed.org,
reject_rbl_client list.dsbl.org,
reject_rbl_client bl.spamcop.net,
reject_rbl_client sbl-xbl.spamhaus.org
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_security_options = noanonymous
注:①“virtual_gid_maps”和“virtual_uid_maps”是postfix用户的gid和uid,“virtual_minimum_uid”应当≤“virtual_uid_maps”,“virtual_mailbox_limit”是每个邮箱的大小。
②opm.blitzed.org、list.dsbl.org、bl.spamcop.net、sbl-xbl.spamhaus.org是经常使用的几个反垃圾邮件列表,如果你使用上面的设置可能无法收到sina、sohu、163等几个国内主要ISP的邮件。你也可以使用中国反垃圾邮件联盟的反垃圾邮件列表,这样你就能收到国你几个主要ISP的邮件,同时一些垃圾邮件也可能光临你的邮件服务器^_^。
建立Postfix使用MySQL存储用户信息的配置文件:
vi /etc/postfix/mysql_virtual_alias_maps.cf
user = postfix
password = PosSDtf5$iTYx
hosts = localhost
dbname = postfix
query = SELECT goto FROM alias WHERE address='%s'
vi /etc/postfix/mysql_virtual_domains_maps.cf
user = postfix
password = PosSDtf5$iTYx
hosts = localhost
dbname = postfix
query = SELECT description FROM domain WHERE domain='%s'
vi /etc/postfix/mysql_virtual_mailbox_maps.cf
user = postfix
password = PosSDtf5$iTYx
hosts = localhost
dbname = postfix
query = SELECT maildir FROM mailbox WHERE username='%s'
vi /etc/postfix/mysql_virtual_mailbox_limit_maps.cf
user = postfix
password = PosSDtf5$iTYx
hosts = localhost
dbname = postfix
query = SELECT quota FROM mailbox WHERE username='%s'
注:配置文件中的“user”和“password”是Postfix访问MySQL的用户名和密码,我们将在安装PostfixAdmin的时候添加这个用户。
设置Postfix开机自动运行,在/etc/rc.local中增加“/usr/sbin/postfix start%26amp;”。
注:系统已经打开了Postfix的TLS支持,如果你需要这项功能可以参考Postfix发行包中的TLS_README文档进行配置。
你可以使用一个叫pflogsumm.pl的perl脚本对postfix的日志进行分析,详细的情况见:http://jimsun.linxnet.com/postfix_contrib.html。
6、安装Courier authentication library
从下面的URL下载Courier authlib 0.57的源代码:http://www.courier-mta.org/?download.php
安装Courier authentication library,Courier authentication library将被安装在“/usr/local/courier-authlib”目录:
tar jvxf courier-authlib-0.57.20051116.tar.bz2
cd courier-authlib-0.57.20051116
./configure --prefix=/usr/local/courier-authlib --without-authpam --without-authldap \
--without-authpwd --without-authshadow --without-authvchkpw --without-authpgsql --with-authdaemonvar=/var/spool/authdaemon \
--with-authmysql --with-mysql-libs=/usr/local/mysql/lib --with-mysql-includes=/usr/local/mysql/include --with-redhat \
--with-authmysqlrc=/usr/local/courier-authlib/etc/authmysqlrc --with-authdaemonrc=/usr/local/courier-authlib/etc/authdaemonrc \
CHOST="i686-pc-linux-gnu" CFLAGS="-march=pentium4 -O2 -pipe -fomit-frame-pointer" CXXFLAGS="-march=pentium4 -O2 -pipe -fomit-frame-pointer"
make
make install
chmod 755 /var/spool/authdaemon
配置Courier authentication library:
cp /usr/local/courier-authlib/etc/authdaemonrc.dist /usr/local/courier-authlib/etc/authdaemonrc
vi /usr/local/courier-authlib/etc/authdaemonrc
authmodulelist="authmysql"
authmodulelistorig="authmysql"
daemons=10
vi /usr/local/courier-authlib/etc/authmysqlrc
MYSQL_SERVER localhost
MYSQL_USERNAME postfix
MYSQL_PASSWORD PosSDtf5$iTYx
MYSQL_SOCKET /tmp/mysql.sock
MYSQL_DATABASE postfix
MYSQL_USER_TABLE mailbox
MYSQL_CRYPT_PWFIELD password
MYSQL_UID_FIELD '502'
MYSQL_GID_FIELD '502'
MYSQL_LOGIN_FIELD username
MYSQL_HOME_FIELD concat('/home/mail/',maildir)
MYSQL_MAILDIR_FIELD concat('/home/mail/',maildir)
MYSQL_NAME_FIELD name
注:①配置文件中的“MYSQL_USERNAME”和“MYSQL_PASSWORD”是Courier authentication library访问MySQL的用户名和密码,你可以使用与Postfix访问MySQL相同的用户。 ②“MYSQL_UID_FIELD”和“MYSQL_GID_FIELD”是postfix用户的gid和uid。
设置Courier authentication library开机自动运行,在/etc/rc.local中增加“/usr/local/courier-authlib/sbin/authdaemond start”。
7、安装Courier-IMAP
从下面的URL下载Courier-IMAP 4.0.6的源代码:http://www.courier-mta.org/?download.php
增加Courier-IMAP运行所需的用户和组:
groupadd vmail
useradd vmail -g vmail -c "Courier imap user" -d /nonexistent -s /sbin/nologin
安装Courier-IMAP,Courier-IMAP将被安装在“/usr/local/courier-imap”目录:
tar jvxf courier-imap-4.0.6.20051004.tar.bz2
cd courier-imap-4.0.6.20051004
./configure --prefix=/usr/local/courier-imap --with-trashquota --without-ipv6 --with-redhat \
--enable-unicode=utf-8,iso-8859-1,gb2312,big5 --disable-root-check \
CPPFLAGS='-I/usr/include/openssl -I/usr/local/courier-authlib/include' \
LDFLAGS='-L/usr/local/courier-authlib/lib -L/usr/lib' \
COURIERAUTHCONFIG='/usr/local/courier-authlib/bin/courierauthconfig' \
CHOST="i686-pc-linux-gnu" CFLAGS="-march=pentium4 -O2 -pipe -fomit-frame-pointer" CXXFLAGS="-march=pentium4 -O2 -pipe -fomit-frame-pointer"
make
make install
make install-configure
配置Courier-IMAP,为用户提供pop3服务:
vi /usr/local/courier-imap/etc/pop3d
POP3DSTART=yes
设置Courier-IMAP开机自动运行:
cp courier-imap.sysvinit /etc/rc.d/init.d/imap
chmod +x /etc/rc.d/init.d/imap
chkconfig --add imap
9、安装Clam AntiVirus
从下面的URL下载clamav-0.87.1的源代码:http://www.clamav.net/stable.php
增加Clam AntiVirus运行所需的用户和组:
groupadd clamav
useradd clamav -g clamav -c "Clam AntiVirus" -d /dev/null
安装Clam AntiVirus:
tar zvxf clamav-0.87.1.tar.gz
cd clamav-0.87.1
./configure --prefix=/usr/local/clamav \
CHOST="i686-pc-linux-gnu" CFLAGS="-march=pentium4 -O2 -pipe -fomit-frame-pointer" CXXFLAGS="-march=pentium4 -O2 -pipe -fomit-frame-pointer"
make
make check
make install
配置Clam AntiVirus:
vi /usr/local/clamav/etc/clamd.conf
# Example
LogFile /var/log/clamd.log
DatabaseDirectory /usr/local/clamav/share/clamav
LocalSocket /var/run/clamav/clamd
vi /usr/local/clamav/etc/freshclam.conf
# Example
DatabaseDirectory /usr/local/clamav/share/clamav
UpdateLogFile /var/log/freshclam.log
注:你需要注释clamd.conf和freshclam.conf文件开头部分的“Example”。
建立clamd和freshclam的log文件,并让它们属于clamav用户:
touch /var/log/clamd.log /var/log/freshclam.log
chown clamav:root /var/log/clamd.log
chown clamav:root /var/log/freshclam.log
mkdir -p /var/run/clamav
配置crontab,让Clam AntiVirus每天7点自动升级病毒库:
crontab -e
0 7 * * * /usr/local/clamav/bin/freshclam
设置Clam AntiVirus开机自动运行,在/etc/rc.local中增加“/usr/local/clamav/sbin/clamd%26amp;”
10、安装amavisd-new
在安装amavisd-new之前要安装amavisd-new运行所需的perl模块,你可以使用cpan命令安装所需要的模块,但是那样需要你的服务器在安装软件时可以连接到Internet,所以我选择一个比较笨的方法,先使用wget命令下载所需的模块,然后再手动安装:
wget http://search.cpan.org/CPAN/authors/id/T/TO/TOMHUGHES/IO-Zlib-1.04.tar.gz
wget http://search.cpan.org/CPAN/authors/id/K/KA/KANE/Archive-Tar-1.26.tar.gz
wget http://search.cpan.org/CPAN/authors/id/S/SM/SMPETERS/Archive-Zip-1.16.tar.gz
wget http://search.cpan.org/CPAN/authors/id/P/PM/PMQS/Compress-Zlib-1.41.tar.gz
wget http://search.cpan.org/CPAN/authors/id/D/DO/DOUGW/Convert-TNEF-0.17.tar.gz
wget http://search.cpan.org/CPAN/authors/id/M/ML/MLEHMANN/Convert-UUlib-1.051.tar.gz
wget http://search.cpan.org/CPAN/authors/id/G/GA/GAAS/MIME-Base64-3.05.tar.gz
wget http://search.cpan.org/CPAN/authors/id/D/DS/DSKOLL/MIME-tools-5.418.tar.gz
wget http://search.cpan.org/CPAN/authors/id/M/MA/MARKOV/MailTools-1.67.tar.gz
wget http://search.cpan.org/CPAN/authors/id/R/RH/RHANDOM/Net-Server-0.88.tar.gz
wget http://search.cpan.org/CPAN/authors/id/G/GB/GBARR/libnet-1.19.tar.gz
wget http://search.cpan.org/CPAN/authors/id/G/GA/GAAS/Digest-MD5-2.33.tar.gz
wget http://search.cpan.org/CPAN/authors/id/D/DS/DSKOLL/IO-stringy-2.110.tar.gz
wget http://search.cpan.org/CPAN/authors/id/J/JH/JHI/Time-HiRes-1.76.tar.gz
wget http://search.cpan.org/CPAN/authors/id/M/MH/MHARNISCH/Unix-Syslog-0.100.tar.gz
wget http://search.cpan.org/CPAN/authors/id/P/PM/PMQS/BerkeleyDB-0.26.tar.gz
wget http://search.cpan.org/CPAN/authors/id/G/GA/GAAS/IO-String-1.07.tar.gz
首先使用“tar zvxf”命令解开压缩文件,然后使用下面的命令安装perl模块:
perl Makefile.PL
make
make install
安装RAR for linux:
wget http://www.rarsoft.com/rar/rarlinux-3.5.1.tar.gz
tar zvxf rarlinux-3.5.1.tar.gz
cd rar
make install
从下面的URL下载amavisd-new-2.3.3的源代码:http://www.ijs.si/software/amavisd/
增加amavisd-new运行所需要的用户:
useradd amavis -g clamav -c "Amavisd" -d /var/amavis
安装amavisd-new:
tar zvxf amavisd-new-2.3.3.tar.gz
cd amavisd-new-2.3.3
mkdir /var/amavis
mkdir /var/amavis/tmp /var/amavis/var /var/amavis/db
chown -R amavis:clamav /var/amavis
chmod -R 750 /var/amavis
cp amavisd /usr/local/sbin/
chown root /usr/local/sbin/amavisd
chmod 755 /usr/local/sbin/amavisd
cp amavisd.conf /etc/
chown root /etc/amavisd.conf
chmod 644 /etc/amavisd.conf
mkdir /var/virusmails
chown amavis:clamav /var/virusmails
chmod 750 /var/virusmails
配置amavisd-new,使用Clam AntiVirus作为病毒过滤程序,bypass垃圾邮件过滤,你需要去掉第14、288、289、290、291前面的注释,#号之后是注释文本:
vi /etc/amavisd.conf
@bypass_spam_checks_maps = (1); #14
$max_servers = 10 #16
$daemon_user = 'amavis' #17
$daemon_group = 'clamav'; #18
['Clam Antivirus-clamd', #288
\%26amp;ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd"],
qr/\bOK$/, qr/\bFOUND$/,
qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
# Notify virus sender?
$warnvirussender = 1; # (defaults to false (undef))
修改Postfix的配置,让它使用amavisd-new作内容过滤:
在master.cf的最后增加下面的内容:
vi /etc/postfix/master.cf
smtp-amavis unix - - n - 2 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
-o disable_dns_lookups=yes
-o max_use=20
127.0.0.1:10025 inet n - n - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_delay_reject=no
-o smtpd_client_restrictions=permit_mynetworks,reject
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks_style=host
-o mynetworks=127.0.0.0/8
-o strict_rfc821_envelopes=yes
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
-o smtpd_client_connection_count_limit=0
-o smtpd_client_connection_rate_limit=0
-o receive_override_options=no_header_body_checks,no_unknown_recipient_checks
在main.cf文件的最后增加下面的内容:
vi /etc/postfix/main.cf
content_filter=smtp-amavis:[127.0.0.1]:10024
设置amavisd-new开机自动运行,在/etc/rc.local中增加“/usr/local/sbin/amavisd%26amp;”。
注:你可以自定义amavisd通知邮件的模板,具体参考amavis发行包中的amavisd.conf-sample文件。
11、安装Postfix Admin
从下面的URL下载postfixadmin-2.1.0:http://high5.net/postfixadmin/
安装Postfix Admin:
tar zvxf postfixadmin-2.1.0.tgz -C /usr/local/httpd/htdocs/
mv /usr/local/httpd/htdocs/postfixadmin-2.1.0 /usr/local/httpd/htdocs/postfixadmin
cd /usr/local/httpd/htdocs/postfixadmin
mv setup.php setup.php.old
chown -R httpd:root *
chmod 640 *.php *.css
cd /usr/local/httpd/htdocs/postfixadmin/admin/
chmod 640 *.php .ht*
cd /usr/local/httpd/htdocs/postfixadmin/images/
chmod 640 *.gif *.png
cd /usr/local/httpd/htdocs/postfixadmin/languages/
chmod 640 *.lang
cd /usr/local/httpd/htdocs/postfixadmin/templates/
chmod 640 *.tpl
cd /usr/local/httpd/htdocs/postfixadmin/users/
chmod 640 *.php
建立Postfix Admin所需的MySQL数据库,在建立数据库之前需要修改DATABASE_MYSQL.TXT文件,其中第27行的“Postfix user %26amp; password”应当与你安装Postfix时的MySQL用户名和密码相同,为了安全你也应当修改postfixadmin用户的密码:
mysql -u root -p
配置Postfix Admin:
cp config.inc.php.sample config.inc.php
vi config.inc.php
$CONF['domain_path'] = 'YES';
$CONF['show_footer_text'] = 'NO';
$CONF['domain_in_mailbox'] = 'NO';
$CONF['database_type'] = 'mysqli';
注:你需要修改配置文件中postfixadmin用户的口令和DATABASE_MYSQL.TXT文件中的保持一致。
修改Apache的设置,增加对“/usr/local/httpd/htdocs/postfixadmin/admin”目录的访问控制:
vi /usr/local/httpd/conf/httpd.conf
AuthType Basic
AuthName "Welcome to Postfix Admin"
AuthUserFile /usr/local/httpd/conf/postfix
Require valid-user
/usr/local/httpd/bin/htpasswd -c /usr/local/httpd/conf/postfix admin
12、安装Extmail
从下面的URL下载extmail-0.21的安装文件:http://www.extmail.org/cgi-bin/download.cgi
安装Extmail所需要的perl模块,安装的方法同上面的一样:
wget http://search.cpan.org/CPAN/authors/id/T/TI/TIMB/DBI-1.49.tar.gz
wget http://search.cpan.org/CPAN/authors/id/C/CA/CAPTTOFU/DBD-mysql-3.0002.tar.gz
wget http://search.cpan.org/CPAN/authors/id/K/KA/KASPER/HTML-KTemplate-1.33.tar.gz
安装Extmail:
tar zxvf extmail-0.21.tar.gz
mv extmail-0.21 /usr/local/httpd/htdocs/extmail
cd /usr/local/httpd/htdocs/extmail
chown -R postfix.postfix cgi
配置Extmail,因为Extmail的Config.pm模块还不是很完善,在参数的后边一定不要有多余的空格:
cp webmail.cf.default webmail.cf
vi webmail.cf
SYS_CONFIG = /usr/local/httpd/htdocs/extmail/
SYS_LANGDIR = /usr/local/httpd/htdocs/extmail/lang
SYS_TEMPLDIR = /usr/local/httpd/htdocs/extmail/html
SYS_USER_LANG = zh_CN
SYS_USER_CHARSET = gb2312
SYS_MAILDIR_BASE = /home/mail
SYS_CRYPT_TYPE = md5
SYS_MYSQL_USER = postfixadmin
SYS_MYSQL_PASS = mysql_password
SYS_MYSQL_DB = postfix
SYS_MYSQL_HOST = localhost
# table name
SYS_MYSQL_TABLE = mailbox
SYS_MYSQL_ATTR_USERNAME = username
SYS_MYSQL_ATTR_PASSWD = password
SYS_MYSQL_ATTR_QUOTA = quota
SYS_MYSQL_ATTR_HOME = maildir
SYS_MYSQL_ATTR_MAILDIR = maildir
配置Apache:
vi /usr/local/httpd/conf/httpd.conf
AddHandler cgi-script .cgi
NameVirtualHost *:80
Options +ExecCGI
ServerAdmin webmaster@example.com
DocumentRoot /usr/local/httpd/htdocs/extmail/html
Alias /extmail/cgi/ /usr/local/httpd/htdocs/extmail/cgi/
Alias /extmail/ /usr/local/httpd/htdocs/extmail/html/
Alias /admin/ /usr/local/httpd/htdocs/postfixadmin/
ScriptAlias /extmail/cgi/ /usr/local/httpd/cgi-bin/extmail/cgi/
SuexecUserGroup postfix postfix
ServerName mail.example.com
ErrorLog logs/mail.example.com-error_log
CustomLog logs/mail.example.com-access_log common
Options +ExecCGI
注:①“mail.example.com”是你的域名。
②你可以从http://www.extmail.org上面看到Extmail的演示。
重新启动服务器,检查是不是所有的服务都正常启动!如果有什么问题请首先查看系统的日志,因为80%以上的问题都可以从日志中找到错误原因。