| 導購 | 订阅 | 在线投稿
分享
 
 
 

基于Linux和Postfix的郵件系統的web mail安裝手冊

來源:互聯網網民  2008-05-31 00:02:58  評論

------------------------------------------------------------------------------------------------------

新增使用mailscanner來對進出郵件進行監管。new

修正上一個版本的一些理解性和文件性錯誤。

主要「加強」了病毒過濾和垃圾郵件過濾,更加節約系統資源,使系統配置更簡單化。

垃圾郵件過濾基本上達到了95%的成功率

本文首次使用MailScanner+Clamav配合對郵件病毒進行過濾。

經過嚴格病毒郵件測試成功率達到了100%。

翻譯了病毒郵件提示爲中文提示,讓系統更加的人性化。

演示:

http://mail.toping.net

用戶名:demo@toping.net

密碼:demo

------------------------------------------------------------------------------------------------------

Linux+Postfix+Cyrus-sasl+Courier-imap+Tmail3.0+spamassassin+Clamav+mailscanner

楊廷勇

Copyright %26copy; 2004、2005、2006

本文介紹使用Linux+Postfix+Cyrus-sasl+Courier-imap+Tmail3.0+spamassassin+Clamav+mailscanner

來架構一個具有多域名,有郵件列表、webmail、防病毒、防垃圾郵件、web管理界面的郵件系統。

Jacky, $Revision: 4.51 bate $Date: 2006-3-9

系統主要采用MailScanner+clamav+Spamassassin來對病毒過濾和垃圾郵件過濾。

本文在CentOS、REDHATas上安裝測試通過,病毒過濾放棄采用amavisd。主要采用執行效率更高的MailSanner來對郵件過濾和垃圾郵件過濾,配置更容易,並且降低了系統開消。讓系統更加穩定,經過嚴格病毒郵件測試成功率達到了100%。垃圾郵件過濾基本上達到了95%的成功率。

文檔目錄

1.安裝系統

2.關閉selinux

3.設置YUM

4.安裝mysql

5.安裝apache

6.安裝php

7.安裝phpMyAdmin

8.設置數據庫:

9.增加postfix的用戶和組

10.安裝postfix

11.安裝Courier-authlib

12.設置authlib的環境變量

13.安裝Courier-imap

14.配置系統

15.配置sasl認證

16.配置courier-imap

17.安裝WebMail

18.啓動服務測試

19.安裝Clamav

20.升級病毒庫

21.安裝Spamassassin

22.安裝MailScanner

23.設置MailScanner

24.測試病毒郵件

結束!

1.安裝系統

安裝之前:因用戶數據都保存在/var目錄下,因此安裝系統時/var的空間應盡量大。系統的版本爲最小化安裝,軟件包只安裝只裝開發包(development)。在文檔中假設服務器的ip地址爲192.168.0.2,域名爲test.com,主機名爲mail.test.com。所需的軟件包我都打包好了。下載地址:http://www.toping.net/soft/src.tar.gz

請兄弟們仔細一些,注意空格和TAB。

祝兄弟們好運。本人水平有限。如果發現文章中有什麽錯誤和不當的地方請發郵件:scyz@toping.net。我會在第一時間給予答複。

2.關閉selinux

[root@mail]# vi /etc/selinux/config

SELINUX=disable

[root@mail]# reboot

3.設置YUM

[root@mail yum.repos.d] vi CentOS-Base.repo

[base]

name=CentOS-4.2 - Base

baseurl=http://mirror.be10.com/centos/4.2/os/$basearch/

gpgcheck=1

gpgkey=http://mirror.be10.com/centos/RPM-GPG-KEY-centos4

#released updates

[update]

name=CentOS-4.2 - Updates

baseurl=http://mirror.be10.com/centos/4.2/updates/$basearch/

gpgcheck=1

gpgkey=http://mirror.be10.com/centos/RPM-GPG-KEY-centos4

#packages used/produced in the build but not released

[addons]

name=CentOS-4.2 - Addons

baseurl=http://mirror.be10.com/centos/4.2/addons/$basearch/

gpgcheck=1

gpgkey=http://mirror.be10.com/centos/RPM-GPG-KEY-centos4

#additional packages that may be useful

[extras]

name=CentOS-4.2 - Extras

baseurl=http://mirror.be10.com/centos/4.2/extras/$basearch/

gpgcheck=1

gpgkey=http://mirror.be10.com/centos/RPM-GPG-KEY-centos4

#additional packages that extend functionality of existing packages

[centosplus]

name=CentOS-4.2 - Plus

baseurl=http://mirror.be10.com/centos/4.2/centosplus/$basearch/

gpgcheck=1

enabled=0

gpgkey=http://mirror.be10.com/centos/RPM-GPG-KEY-centos4

#contrib - packages by Centos Users

[contrib]

name=CentOS-4.2 - Contrib

baseurl=http://mirror.be10.com/centos/4.2/contrib/$basearch/

gpgcheck=1

enabled=0

gpgkey=http://mirror.be10.com/centos/RPM-GPG-KEY-centos4

#packages in testing

[testing]

name=CentOS-4.2 - Testing

baseurl=http://mirror.be10.com/centos/4.2/testing/$basearch/

gpgcheck=1

enabled=0

gpgkey=http://mirror.be10.com/centos/RPM-GPG-KEY-centos4

[root@mail yum.repos.d]# vi dag.repo

[dag]

name=Dag RPM Repository for Red Hat Enterprise Linux

baseurl=http://apt.sw.be/redhat/el$releasever/en/$basearch/dag

gpgcheck=1

enabled=1

[root@mail yum.repos.d]# yum update

4.安裝mysql

[root@mail build]#yum install mysql-server

[root@mail build]#yum install mysql-devel

5.安裝apache

[root@mail build]#yum install httpd

6.安裝php

[root@mail build]#yum install php

[root@mail build]#yum install php-mysql

[root@mail build]#yum install php-gd

[root@mail build]#yum install php-imap

yum install vsftpd

yum install clamav

yum install spamassassin

/usr/bin/freshclam

設置apache

默認:

User apache

改爲

User postfix

默認

Group apache

改爲

Group postfix

默認

AddDefaultCharset UTF-8

改爲

AddDefaultCharset gb2312

新加入:

AddType application/x-httpd-php .php

AddType application/x-httpd-php-source .phps

7.安裝phpMyAdmin

[root@mail build]#tar –zxf ../src/phpMyAdmin-2.8.0.1.tar.gz

[root@mail build]#mv phpMyAdmin-2.8.0.1 /var/www/html/dbadmin/

[root@mail build]#cp /var/www/html/dbadmin/libraries/config.default.php /var/www/html/dbadmin/dbadmin/libraries/config.inc.php (line 1.)

8.設置數據庫

[root@mail build]#mysql

Mysql create datases postfix;

Mysql use mysql;

Mysql INSERT INTO user (host,user,password) VALUES('localhost','postfix','');

Mysql update user set password=password('postfix') where User='postfix';

Mysql GRANT ALL ON postfix.* TO postfix@localhost IDENTIFIED BY "postfix";

Mysql exit

[root@mail build] tar –zxf ../src/webmail.tar.gz

[root@mail build] mysql –u root –p postfix

9.增加postfix的用戶和組

[root@mail build] groupadd -g 12345 postfix

[root@mail build] useradd -u 12345 -g 12345 -c postfix -d/dev/null -s/sbin/nologin postfix

[root@mail build] groupadd -g 54321 postdrop

10.安裝postfix

[root@mail build] tar –zxf ../src/postfix-2.2.8.tar.gz

[root@mail build] cd postfix-2.2.8

[root@mail build] patch -p1

[root@mail build] make -f Makefile.init makefiles \n'CCARGS=-DUSE_SASL_AUTH -DHAS_MYSQL -I/usr/include/mysql -I/usr/include/sasl' \n'AUXLIBS=-L/usr/lib/mysql -L/usr/lib/sasl2 -lmysqlclient -lsasl2 -lz -lm'

[root@mail build] make

[root@mail build] make install

執行make install這裏會出現很多問題,但postfix已經爲我們設置好了默認的答案,直接使用這些答案就可以使postfix正常工作了,所以我們只要直接按回車就可以了

11.安裝Courier-authlib

[root@mail build] tar –jxf ../src/courier-authlib-0.58.tar.gz

[root@mail build] cd courier-authlib-0.58

[root@mail build] ./configure --prefix=/usr/lib/authlib --without-authpam \n--without-authcustom --without-authpgsql --without-authldap \n--without-authuserdb --without-authpwd --without-authshadow \n--without-authvchkpw --with-authmysql \n--with-authdaemonvar=/usr/lib/authlib/var \n--mandir=/usr/lib/man --without-stdheaderdir \n--sysconfdir=/usr/lib/authlib/etc \n--with-redhat

[root@mail build] make

[root@mail build] make install

[root@mail build] make install-migrate

[root@mail build] make install-configure

12.設置authlib的環境變量

[root@mail build] COURIERAUTHCONFIG=/usr/lib/authlib/bin/courierauthconfig

[root@mail build] export COURIERAUTHCONFIG

13.安裝Courier-imap

[root@mail build] tar –jxf ../src/courier-imap-4.0.6.tar.gz

[root@mail build] cd courier-imap-4.0.6

[root@mail build] ./configure –prefix=/usr/lib/imapd \n--silent --without-authpgsql --without-ipv6 \n--with-redhat --with-authmysql \n--mandir=/usr/lib/man --disable-root-check

[root@mail build] make

[root@mail build] make install

[root@mail build] make install-configure

14.配置系統

[root@mail build] mv /etc/aliases /etc/aliases.bak

[root@mail build] ln -s /etc/postfix/aliases /etc/aliases

[root@mail build] echo 'root: postfix'/etc/postfix/aliases

[root@mail build] /usr/bin/newaliases

[root@mail build] mv /var/mail /var/mail.bak

[root@mail build] mkdir /var/mail

[root@mail build] chown -R postfix:postfix /var/mail

[root@mail build] mv /etc/postfix/main.cf /etc/postfix/main.cf.bak

[root@mail build] vi /etc/postfix/main.cf

command_directory = /usr/sbin

config_directory = /etc/postfix

daemon_directory = /usr/libexec/postfix

debug_peer_level = 2

html_directory = no

mail_owner = postfix

mailq_path = /usr/bin/mailq

manpage_directory = /usr/local/man

newaliases_path = /usr/bin/newaliases

queue_directory = /var/spool/postfix

readme_directory = no

sample_directory = /etc/postfix

sendmail_path = /usr/sbin/sendmail

setgid_group = postdrop

unknown_local_recipient_reject_code = 550

header_checks = regexp:/etc/postfix/header_checks

#############NEW ADD#####################

#=====================BASE=====================

myhostname = mail.test.com

mydomain = test.com

mydestination = $myhostname

local_recipient_maps =

local_transport = virtual

#=====================MySQL=====================

virtual_alias_maps = mysql:/etc/postfix/mysql/mysql_virtual_alias_maps.cf

virtual_gid_maps = static:54321

virtual_mailbox_base = /

virtual_mailbox_domains = mysql:/etc/postfix/mysql/mysql_virtual_domains_maps.cf

virtual_mailbox_limit = 51200000

virtual_mailbox_maps = mysql:/etc/postfix/mysql/mysql_virtual_mailbox_maps.cf

virtual_minimum_uid = 125

virtual_transport = virtual

virtual_uid_maps = static:12345

#=====================Quota=====================

virtual_create_maildirsize = yes

virtual_mailbox_extended = yes

virtual_mailbox_limit_maps = mysql:/etc/postfix/mysql/mysql_virtual_mailbox_limit_maps.cf

virtual_mailbox_limit_override = yes

virtual_maildir_limit_message = Sorry, the user's maildir has overdrawn his diskspace quota, please try again later.

virtual_overquota_bounce = yes

#====================SASL=====================

smtpd_sasl_auth_enable = yes

smtpd_sasl_security_options = noanonymous

broken_sasl_auth_clients = yes

smtpd_delay_reject=yes

smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,permit_auth_destination,reject

smtpd_client_restrictions = permit_sasl_authenticated

[root@mail build] vi mysql_virtual_alias_maps.cf

user = postfix

password = postfix

hosts = localhost

dbname = postfix

query = SELECT alias FROM userinfo WHERE address='%s' AND active = 1

[root@mail build] vi mysql_virtual_domains_maps.cf

user = postfix

password = postfix

hosts = localhost

dbname = postfix

query = SELECT domain FROM domaininfo WHERE domain='%s'

[root@mail build] vi mysql_virtual_mailbox_limit_maps.cf

user = postfix

password = postfix

hosts = localhost

dbname = postfix

query = SELECT quota FROM userinfo WHERE address='%s'

[root@mail build] vi mysql_virtual_mailbox_maps.cf

user = postfix

password = postfix

hosts = localhost

dbname = postfix

query = SELECT maildir FROM userinfo WHERE address='%s' AND active = 1

15.配置sasl認證

[root@mail build] vi /usr/lib/sasl2/smtpd.conf

pwcheck_method: authdaemond

log_level: 3

mech_list: plain login

authdaemond_path:/usr/lib/authlib/var/socket

16.配置courier-imap

[root@mail build] mv /usr/lib/authlib/etc/authlib/authmysqlrc /usr/lib/authlib/etc/authlib/authmysqlrc.bak

[root@mail build] vi /usr/lib/authlib/etc/authlib/authmysqlrc

MYSQL_SERVER localhost

MYSQL_USERNAME postfix

MYSQL_PASSWORD postfix

MYSQL_PORT 0

MYSQL_OPT 0

MYSQL_DATABASE postfix

MYSQL_USER_TABLE userinfo

MYSQL_CRYPT_PWFIELD passwd

MYSQL_UID_FIELD '12345'

MYSQL_GID_FIELD '54321'

MYSQL_LOGIN_FIELD address

MYSQL_HOME_FIELD homedir

MYSQL_NAME_FIELD realname

MYSQL_MAILDIR_FIELD maildir

MYSQL_QUOTA_FIELD quota

[root@mail build] mv /usr/lib/authlib/etc/authlib/authdaemonrc /usr/lib/authlib/etc/authlib/authdaemonrc.bak

[root@mail build] vi /usr/lib/authlib/etc/authlib/authdaemonrc

authmodulelist="authmysql"

authmodulelistorig="authmysql"

version="authdaemond.mysql"

daemons=5

subsystem=mail

DEBUG_LOGIN=0

DEFAULTOPTIONS="wbnodsn=1"

[root@mail build] vi /usr/lib/imapd/etc/pop3d

默認

POP3DSTART=NO

改爲

POP3DSTART=YES

[root@mail build] vi /usr/lib/imapd/etc/imapd

默認

IMAPDSTART=NO

改爲

IMAPDSTART=YES

[root@mail build] chmod +x /usr/lib/authlib/var/

17.安裝WebMail

[root@mail build] mv Tmail /var/www/html/webmail

[root@mail build] vi /var/www/html/webmail/config/config_inc.php

$CFG_BASEPATH = "/var/www/html/webmail/temp"; //臨時目錄

// Mysql

define(MYSQL_HOST, 'localhost'); //數據庫主機名

define(MYSQL_USER, 'postfix'); //數據庫用戶名

define(MYSQL_PASS, 'postfix'); //數據庫密碼

define(MYSQL_DATA, 'postfix'); //數據庫名稱

$CFG_NETDISK_PATH = "/var/mail/netdisk"; //文件管理存儲目錄

[root@mail build] vi /var/www/html/webmail/webadmin/include/config.inc.php

// Mysql

define(MYSQL_HOST, 'localhost'); //數據庫主機名

define(MYSQL_USER, 'postfix'); //數據庫用戶名

define(MYSQL_PASS, 'postfix'); //數據庫密碼

define(MYSQL_DATA, 'postfix'); //數據庫名稱

[root@mail build] mkdir /var/mail/netdisk

[root@mail build] chown –R postfix:postfix /var/mail/netdisk

[root@mail build] mkdir /var/www/html/webmail/temp

[root@mail build] chown –R postfix:postfix /var/www/html/webmail/temp

[root@mail build] cp courier-authlib-0.58/courier-authlib.sysvinit /etc/rc.d/init.d/courier-authlib

[root@mail build] chmod 755 /etc/rc.d/init.d/courier-authlib

[root@mail build] chkconfig –-add courier-authlib

[root@mail build] cp courier-imap-4.0.6/courier-imap.sysvinit /etc/rc.d/init.d/courier-imap

[root@mail build] chmod 755 /etc/rc.d/init.d/courier-imap

[root@mail build] chkconfig –-add courier-imap

18.啓動服務測試

[root@mail build] chkconfig httpd on

[root@mail build] chkconfig mysqld on

[root@mail build] service httpd start

[root@mail build] service mysqld start

[root@mail build] service courier-authlib start

[root@mail build] service courier-imap start

[root@mail build] postfix start

通過後台加入域名和用戶名(本文檔中的域名爲:test.com、用戶名:test@test.com)

[root@mail build] perl -MMIME::Base64 -e 'print encode_base64("test@test.com");'

dGVzdEB0ZXN0LmNvbQ==

[root@mail build] perl -MMIME::Base64 -e 'print encode_base64("000000");'

MDAwMDAw

[root@mail build] telnet localhost 25

Trying 127.0.0.1...

Connected to localhost.localdomain (127.0.0.1).

Escape character is '^]'.

220 mail.test.com ESMTP Postfix

ehlo mail

250-mail.test.com

250-PIPELINING

250-SIZE 10240000

250-VRFY

250-ETRN

250-AUTH PLAIN LOGIN

250-AUTH=PLAIN LOGIN

250 8BITMIME

auth login

334 VXNlcm5hbWU6

dGVzdEB0ZXN0LmNvbQ== //用戶名(test@test.com)

334 UGFzc3dvcmQ6

MDAwMDAw // 密碼(000000)

235 Authentication successful //表示成功驗證通過

19.安裝Clamav

[root@mail build] rpm --import http://dag.wieers.com/packages/RPM-GPG-KEY.dag.txt

[root@mail build] rpm --import RPM-GPG-KEY.dag.txt

[root@mail build] rpm -q gpg-pubkey --qf "%{summary} - %{version}-%{release}

"

gpg(CentOS-4 key centos-4key@centos.org) - 443e1821-421f218f

gpg(Dag Wieers (Dag Apt Repository v1.0) dag@wieers.com) - 6b8d79e6-3f49313d

[root@mail build] vi /etc/yum.repos.d/dag.repo

[dag]

name=Dag RPM Repository for Red Hat Enterprise Linux

baseurl=http://apt.sw.be/redhat/el$releasever/en/$basearch/dag

gpgcheck=1

enabled=1

[root@mail build] yum update

[root@mail build] yum install clamav

20.升級病毒庫

[root@mail build] /usr/bin/freshclam

ClamAV update process started at Thu Mar 9 17:23:21 2006

main.cvd is up to date (version: 36, sigs: 44686, f-level: 7, builder: tkojm)

daily.cvd is up to date (version: 1319, sigs: 1376, f-level: 7, builder: ccordes)

21.安裝Spamassassin

[root@mail build] yum install spamassassin

[root@mail build] service spamassassin start

22.安裝MailScanner

[root@mail build] tar –zxf ../src/MailScanner-4.51.5-1.rpm.tar.gz

[root@mail build] MailScanner-4.51.5-1/install.sh

23.設置MailScanner

[root@mail build] chkconfig sendmail off

[root@mail build] chkconfig --level 2345 MailScanner on

[root@mail build] vi /etc/MailScanner/MailScanner.conf

%org-name% = toping.net

%org-long-name% = wooxian

%web-site% = www.toping.net

%report-dir% = /etc/MailScanner/reports/cn

Run As User = postfix

Run As Group = postfix

Incoming Queue Dir = /var/spool/postfix/hold

Outgoing Queue Dir = /var/spool/postfix/incoming

MTA = postfix

Virus Scanners = clamav

Always Include SpamAssassin Report = yes

Use SpamAssassin = yes

Required SpamAssassin Score = 6

SpamAssassin User State Dir = /var/spool/MailScanner/spamassassin

SpamAssassin Install Prefix = /usr/bin

SpamAssassin Local Rules Dir = /etc/MailScanner

[root@mail build] yum install unrar

[root@mail build] unrar x ../src/cn.rar

[root@mail build] mv cn /etc/MailScanner/reports/

[root@mail build] mv /etc/postfix/header_check /etc/postfix/header_check.bak

[root@mail build] vi /etc/postfix/header_check

/^Received:/ HOLD

[root@mail build] chown –R postfix:postfix /var/spool/MailScanner/*

[root@mail build] postfix stop

[root@mail build] service MailScanner start

24.測試病毒郵件

[root@mail build] telnet localhost 25

Trying 127.0.0.1...

Connected to localhost.localdomain (127.0.0.1).

Escape character is '^]'.

220 mail.test.com ESMTP Postfix

ehlo mail

250-mail.test.com

250-PIPELINING

250-SIZE 10240000

250-VRFY

250-ETRN

250-AUTH PLAIN LOGIN

250-AUTH=PLAIN LOGIN

250 8BITMIME

auth login

334 VXNlcm5hbWU6

dGVzdEB0ZXN0LmNvbQ== //用戶名(test@test.com)

334 UGFzc3dvcmQ6

MDAwMDAw // 密碼(000000)

235 Authentication successful //表示成功驗證通過

MAIL FROM:test@test.com

250 Ok

RCPT TO:test@test.com

250 Ok

DATA

354 End data with .

Subject:Virus test

X5O!P%@AP[4PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*

.

250 Ok: queued as F0C221CC20 //出現F0C221CC20這行表示mailscanner運行成功了

quit

221 Bye

Connection closed by foreign host.

收到郵件後會在主題會變成:{Virus?} Virus test

郵件內容會是以下內容:

警告: 此郵件有一個或多個附加檔案被移除

警告: 附加檔案名稱: (詳細訊息).

警告: 請參考此信件附加檔案 "toping.net-Attachment-Warning.txt" 取得更詳細的資料

此訊息由 MailScanner 電子郵件防護系統發出

--------------------------------------------------------------------

原有郵件附加檔案爲 "詳細訊息" 被列入拒絕處理的名單.

且被替換爲此訊息.

若您仍希望收到*被感染的*附加檔案,,請聯絡系統管理者.包含以下內容:

Thu Mar 9 15:57:25 2006 病毒偵測報告:

ClamAV: msg-3682-1.txt contains Eicar-Test-Signature

求助問題: 檢查 the toping.net () MailScanner 機器的 /var/spool/MailScanner/quarantine/20060309 (編號 639F13F97B.BBC3F).

--

系統管理者

以上內容出現表示mailscanner的病毒過濾生效。並成功運行!!

到此一台具有反垃圾和反病毒的郵件服務器建成了,希望我的文檔對郵件服務器愛好者能有所幫助~! 如果文檔中有任何問題可以發郵件給我指出來我會馬上改正。謝謝大家!祝大家好運!!scyz at toping.net

 
特别声明:以上内容(如有图片或视频亦包括在内)为网络用户发布,本站仅提供信息存储服务。
 
------------------------------------------------------------------------------------------------------ 新增使用mailscanner來對進出郵件進行監管。new 修正上一個版本的一些理解性和文件性錯誤。 主要「加強」了病毒過濾和垃圾郵件過濾,更加節約系統資源,使系統配置更簡單化。 垃圾郵件過濾基本上達到了95%的成功率 本文首次使用MailScanner+Clamav配合對郵件病毒進行過濾。 經過嚴格病毒郵件測試成功率達到了100%。 翻譯了病毒郵件提示爲中文提示,讓系統更加的人性化。 演示: http://mail.toping.net 用戶名:demo@toping.net 密 碼:demo ------------------------------------------------------------------------------------------------------ Linux+Postfix+Cyrus-sasl+Courier-imap+Tmail3.0+spamassassin+Clamav+mailscanner 楊廷勇 Copyright %26copy; 2004、2005、2006 本文介紹使用Linux+Postfix+Cyrus-sasl+Courier-imap+Tmail3.0+spamassassin+Clamav+mailscanner 來架構一個具有多域名,有郵件列表、webmail、防病毒、防垃圾郵件、web管理界面的郵件系統。 Jacky, $Revision: 4.51 bate $Date: 2006-3-9 系統主要采用MailScanner+clamav+Spamassassin來對病毒過濾和垃圾郵件過濾。 本文在CentOS、REDHATas上安裝測試通過,病毒過濾放棄采用amavisd。主要采用執行效率更高的MailSanner來對郵件過濾和垃圾郵件過濾,配置更容易,並且降低了系統開消。讓系統更加穩定,經過嚴格病毒郵件測試成功率達到了100%。垃圾郵件過濾基本上達到了95%的成功率。 文檔目錄 1.安裝系統 2.關閉selinux 3.設置YUM 4.安裝mysql 5.安裝apache 6.安裝php 7.安裝phpMyAdmin 8.設置數據庫: 9.增加postfix的用戶和組 10.安裝postfix 11.安裝Courier-authlib 12.設置authlib的環境變量 13.安裝Courier-imap 14.配置系統 15.配置sasl認證 16.配置courier-imap 17.安裝WebMail 18.啓動服務測試 19.安裝Clamav 20.升級病毒庫 21.安裝Spamassassin 22.安裝MailScanner 23.設置MailScanner 24.測試病毒郵件 結束! 1.安裝系統 安裝之前:因用戶數據都保存在/var目錄下,因此安裝系統時/var的空間應盡量大。系統的版本爲最小化安裝,軟件包只安裝只裝開發包(development)。在文檔中假設服務器的ip地址爲192.168.0.2,域名爲test.com,主機名爲mail.test.com。所需的軟件包我都打包好了。下載地址:http://www.toping.net/soft/src.tar.gz 請兄弟們仔細一些,注意空格和TAB。 祝兄弟們好運。本人水平有限。如果發現文章中有什麽錯誤和不當的地方請發郵件:scyz@toping.net。我會在第一時間給予答複。 2.關閉selinux [root@mail]# vi /etc/selinux/config SELINUX=disable [root@mail]# reboot 3.設置YUM [root@mail yum.repos.d] vi CentOS-Base.repo [base] name=CentOS-4.2 - Base baseurl=http://mirror.be10.com/centos/4.2/os/$basearch/ gpgcheck=1 gpgkey=http://mirror.be10.com/centos/RPM-GPG-KEY-centos4 #released updates [update] name=CentOS-4.2 - Updates baseurl=http://mirror.be10.com/centos/4.2/updates/$basearch/ gpgcheck=1 gpgkey=http://mirror.be10.com/centos/RPM-GPG-KEY-centos4 #packages used/produced in the build but not released [addons] name=CentOS-4.2 - Addons baseurl=http://mirror.be10.com/centos/4.2/addons/$basearch/ gpgcheck=1 gpgkey=http://mirror.be10.com/centos/RPM-GPG-KEY-centos4 #additional packages that may be useful [extras] name=CentOS-4.2 - Extras baseurl=http://mirror.be10.com/centos/4.2/extras/$basearch/ gpgcheck=1 gpgkey=http://mirror.be10.com/centos/RPM-GPG-KEY-centos4 #additional packages that extend functionality of existing packages [centosplus] name=CentOS-4.2 - Plus baseurl=http://mirror.be10.com/centos/4.2/centosplus/$basearch/ gpgcheck=1 enabled=0 gpgkey=http://mirror.be10.com/centos/RPM-GPG-KEY-centos4 #contrib - packages by Centos Users [contrib] name=CentOS-4.2 - Contrib baseurl=http://mirror.be10.com/centos/4.2/contrib/$basearch/ gpgcheck=1 enabled=0 gpgkey=http://mirror.be10.com/centos/RPM-GPG-KEY-centos4 #packages in testing [testing] name=CentOS-4.2 - Testing baseurl=http://mirror.be10.com/centos/4.2/testing/$basearch/ gpgcheck=1 enabled=0 gpgkey=http://mirror.be10.com/centos/RPM-GPG-KEY-centos4 [root@mail yum.repos.d]# vi dag.repo [dag] name=Dag RPM Repository for Red Hat Enterprise Linux baseurl=http://apt.sw.be/redhat/el$releasever/en/$basearch/dag gpgcheck=1 enabled=1 [root@mail yum.repos.d]# yum update 4.安裝mysql [root@mail build]#yum install mysql-server [root@mail build]#yum install mysql-devel 5.安裝apache [root@mail build]#yum install httpd 6.安裝php [root@mail build]#yum install php [root@mail build]#yum install php-mysql [root@mail build]#yum install php-gd [root@mail build]#yum install php-imap yum install vsftpd yum install clamav yum install spamassassin /usr/bin/freshclam 設置apache 默認: User apache 改爲 User postfix 默認 Group apache 改爲 Group postfix 默認 AddDefaultCharset UTF-8 改爲 AddDefaultCharset gb2312 新加入: AddType application/x-httpd-php .php AddType application/x-httpd-php-source .phps 7.安裝phpMyAdmin [root@mail build]#tar –zxf ../src/phpMyAdmin-2.8.0.1.tar.gz [root@mail build]#mv phpMyAdmin-2.8.0.1 /var/www/html/dbadmin/ [root@mail build]#cp /var/www/html/dbadmin/libraries/config.default.php /var/www/html/dbadmin/dbadmin/libraries/config.inc.php (line 1.) 8.設置數據庫 [root@mail build]#mysql Mysql create datases postfix; Mysql use mysql; Mysql INSERT INTO user (host,user,password) VALUES('localhost','postfix',''); Mysql update user set password=password('postfix') where User='postfix'; Mysql GRANT ALL ON postfix.* TO postfix@localhost IDENTIFIED BY "postfix"; Mysql exit [root@mail build] tar –zxf ../src/webmail.tar.gz [root@mail build] mysql –u root –p postfix 9.增加postfix的用戶和組 [root@mail build] groupadd -g 12345 postfix [root@mail build] useradd -u 12345 -g 12345 -c postfix -d/dev/null -s/sbin/nologin postfix [root@mail build] groupadd -g 54321 postdrop 10.安裝postfix [root@mail build] tar –zxf ../src/postfix-2.2.8.tar.gz [root@mail build] cd postfix-2.2.8 [root@mail build] patch -p1 [root@mail build] make -f Makefile.init makefiles \n'CCARGS=-DUSE_SASL_AUTH -DHAS_MYSQL -I/usr/include/mysql -I/usr/include/sasl' \n'AUXLIBS=-L/usr/lib/mysql -L/usr/lib/sasl2 -lmysqlclient -lsasl2 -lz -lm' [root@mail build] make [root@mail build] make install 執行make install這裏會出現很多問題,但postfix已經爲我們設置好了默認的答案,直接使用這些答案就可以使postfix正常工作了,所以我們只要直接按回車就可以了 11.安裝Courier-authlib [root@mail build] tar –jxf ../src/courier-authlib-0.58.tar.gz [root@mail build] cd courier-authlib-0.58 [root@mail build] ./configure --prefix=/usr/lib/authlib --without-authpam \n--without-authcustom --without-authpgsql --without-authldap \n--without-authuserdb --without-authpwd --without-authshadow \n--without-authvchkpw --with-authmysql \n--with-authdaemonvar=/usr/lib/authlib/var \n--mandir=/usr/lib/man --without-stdheaderdir \n--sysconfdir=/usr/lib/authlib/etc \n--with-redhat [root@mail build] make [root@mail build] make install [root@mail build] make install-migrate [root@mail build] make install-configure 12.設置authlib的環境變量 [root@mail build] COURIERAUTHCONFIG=/usr/lib/authlib/bin/courierauthconfig [root@mail build] export COURIERAUTHCONFIG 13.安裝Courier-imap [root@mail build] tar –jxf ../src/courier-imap-4.0.6.tar.gz [root@mail build] cd courier-imap-4.0.6 [root@mail build] ./configure –prefix=/usr/lib/imapd \n--silent --without-authpgsql --without-ipv6 \n--with-redhat --with-authmysql \n--mandir=/usr/lib/man --disable-root-check [root@mail build] make [root@mail build] make install [root@mail build] make install-configure 14.配置系統 [root@mail build] mv /etc/aliases /etc/aliases.bak [root@mail build] ln -s /etc/postfix/aliases /etc/aliases [root@mail build] echo 'root: postfix'/etc/postfix/aliases [root@mail build] /usr/bin/newaliases [root@mail build] mv /var/mail /var/mail.bak [root@mail build] mkdir /var/mail [root@mail build] chown -R postfix:postfix /var/mail [root@mail build] mv /etc/postfix/main.cf /etc/postfix/main.cf.bak [root@mail build] vi /etc/postfix/main.cf command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix debug_peer_level = 2 html_directory = no mail_owner = postfix mailq_path = /usr/bin/mailq manpage_directory = /usr/local/man newaliases_path = /usr/bin/newaliases queue_directory = /var/spool/postfix readme_directory = no sample_directory = /etc/postfix sendmail_path = /usr/sbin/sendmail setgid_group = postdrop unknown_local_recipient_reject_code = 550 header_checks = regexp:/etc/postfix/header_checks #############NEW ADD##################### #=====================BASE===================== myhostname = mail.test.com mydomain = test.com mydestination = $myhostname local_recipient_maps = local_transport = virtual #=====================MySQL===================== virtual_alias_maps = mysql:/etc/postfix/mysql/mysql_virtual_alias_maps.cf virtual_gid_maps = static:54321 virtual_mailbox_base = / virtual_mailbox_domains = mysql:/etc/postfix/mysql/mysql_virtual_domains_maps.cf virtual_mailbox_limit = 51200000 virtual_mailbox_maps = mysql:/etc/postfix/mysql/mysql_virtual_mailbox_maps.cf virtual_minimum_uid = 125 virtual_transport = virtual virtual_uid_maps = static:12345 #=====================Quota===================== virtual_create_maildirsize = yes virtual_mailbox_extended = yes virtual_mailbox_limit_maps = mysql:/etc/postfix/mysql/mysql_virtual_mailbox_limit_maps.cf virtual_mailbox_limit_override = yes virtual_maildir_limit_message = Sorry, the user's maildir has overdrawn his diskspace quota, please try again later. virtual_overquota_bounce = yes #====================SASL===================== smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous broken_sasl_auth_clients = yes smtpd_delay_reject=yes smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,permit_auth_destination,reject smtpd_client_restrictions = permit_sasl_authenticated [root@mail build] vi mysql_virtual_alias_maps.cf user = postfix password = postfix hosts = localhost dbname = postfix query = SELECT alias FROM userinfo WHERE address='%s' AND active = 1 [root@mail build] vi mysql_virtual_domains_maps.cf user = postfix password = postfix hosts = localhost dbname = postfix query = SELECT domain FROM domaininfo WHERE domain='%s' [root@mail build] vi mysql_virtual_mailbox_limit_maps.cf user = postfix password = postfix hosts = localhost dbname = postfix query = SELECT quota FROM userinfo WHERE address='%s' [root@mail build] vi mysql_virtual_mailbox_maps.cf user = postfix password = postfix hosts = localhost dbname = postfix query = SELECT maildir FROM userinfo WHERE address='%s' AND active = 1 15.配置sasl認證 [root@mail build] vi /usr/lib/sasl2/smtpd.conf pwcheck_method: authdaemond log_level: 3 mech_list: plain login authdaemond_path:/usr/lib/authlib/var/socket 16.配置courier-imap [root@mail build] mv /usr/lib/authlib/etc/authlib/authmysqlrc /usr/lib/authlib/etc/authlib/authmysqlrc.bak [root@mail build] vi /usr/lib/authlib/etc/authlib/authmysqlrc MYSQL_SERVER localhost MYSQL_USERNAME postfix MYSQL_PASSWORD postfix MYSQL_PORT 0 MYSQL_OPT 0 MYSQL_DATABASE postfix MYSQL_USER_TABLE userinfo MYSQL_CRYPT_PWFIELD passwd MYSQL_UID_FIELD '12345' MYSQL_GID_FIELD '54321' MYSQL_LOGIN_FIELD address MYSQL_HOME_FIELD homedir MYSQL_NAME_FIELD realname MYSQL_MAILDIR_FIELD maildir MYSQL_QUOTA_FIELD quota [root@mail build] mv /usr/lib/authlib/etc/authlib/authdaemonrc /usr/lib/authlib/etc/authlib/authdaemonrc.bak [root@mail build] vi /usr/lib/authlib/etc/authlib/authdaemonrc authmodulelist="authmysql" authmodulelistorig="authmysql" version="authdaemond.mysql" daemons=5 subsystem=mail DEBUG_LOGIN=0 DEFAULTOPTIONS="wbnodsn=1" [root@mail build] vi /usr/lib/imapd/etc/pop3d 默認 POP3DSTART=NO 改爲 POP3DSTART=YES [root@mail build] vi /usr/lib/imapd/etc/imapd 默認 IMAPDSTART=NO 改爲 IMAPDSTART=YES [root@mail build] chmod +x /usr/lib/authlib/var/ 17.安裝WebMail [root@mail build] mv Tmail /var/www/html/webmail [root@mail build] vi /var/www/html/webmail/config/config_inc.php $CFG_BASEPATH = "/var/www/html/webmail/temp"; //臨時目錄 // Mysql define(MYSQL_HOST, 'localhost'); //數據庫主機名 define(MYSQL_USER, 'postfix'); //數據庫用戶名 define(MYSQL_PASS, 'postfix'); //數據庫密碼 define(MYSQL_DATA, 'postfix'); //數據庫名稱 $CFG_NETDISK_PATH = "/var/mail/netdisk"; //文件管理存儲目錄 [root@mail build] vi /var/www/html/webmail/webadmin/include/config.inc.php // Mysql define(MYSQL_HOST, 'localhost'); //數據庫主機名 define(MYSQL_USER, 'postfix'); //數據庫用戶名 define(MYSQL_PASS, 'postfix'); //數據庫密碼 define(MYSQL_DATA, 'postfix'); //數據庫名稱 [root@mail build] mkdir /var/mail/netdisk [root@mail build] chown –R postfix:postfix /var/mail/netdisk [root@mail build] mkdir /var/www/html/webmail/temp [root@mail build] chown –R postfix:postfix /var/www/html/webmail/temp [root@mail build] cp courier-authlib-0.58/courier-authlib.sysvinit /etc/rc.d/init.d/courier-authlib [root@mail build] chmod 755 /etc/rc.d/init.d/courier-authlib [root@mail build] chkconfig –-add courier-authlib [root@mail build] cp courier-imap-4.0.6/courier-imap.sysvinit /etc/rc.d/init.d/courier-imap [root@mail build] chmod 755 /etc/rc.d/init.d/courier-imap [root@mail build] chkconfig –-add courier-imap 18.啓動服務測試 [root@mail build] chkconfig httpd on [root@mail build] chkconfig mysqld on [root@mail build] service httpd start [root@mail build] service mysqld start [root@mail build] service courier-authlib start [root@mail build] service courier-imap start [root@mail build] postfix start 通過後台加入域名和用戶名(本文檔中的域名爲:test.com、用戶名:test@test.com) [root@mail build] perl -MMIME::Base64 -e 'print encode_base64("test@test.com");' dGVzdEB0ZXN0LmNvbQ== [root@mail build] perl -MMIME::Base64 -e 'print encode_base64("000000");' MDAwMDAw [root@mail build] telnet localhost 25 Trying 127.0.0.1... Connected to localhost.localdomain (127.0.0.1). Escape character is '^]'. 220 mail.test.com ESMTP Postfix ehlo mail 250-mail.test.com 250-PIPELINING 250-SIZE 10240000 250-VRFY 250-ETRN 250-AUTH PLAIN LOGIN 250-AUTH=PLAIN LOGIN 250 8BITMIME auth login 334 VXNlcm5hbWU6 dGVzdEB0ZXN0LmNvbQ== //用戶名(test@test.com) 334 UGFzc3dvcmQ6 MDAwMDAw // 密碼(000000) 235 Authentication successful //表示成功驗證通過 19.安裝Clamav [root@mail build] rpm --import http://dag.wieers.com/packages/RPM-GPG-KEY.dag.txt [root@mail build] rpm --import RPM-GPG-KEY.dag.txt [root@mail build] rpm -q gpg-pubkey --qf "%{summary} - %{version}-%{release} " gpg(CentOS-4 key centos-4key@centos.org) - 443e1821-421f218f gpg(Dag Wieers (Dag Apt Repository v1.0) dag@wieers.com) - 6b8d79e6-3f49313d [root@mail build] vi /etc/yum.repos.d/dag.repo [dag] name=Dag RPM Repository for Red Hat Enterprise Linux baseurl=http://apt.sw.be/redhat/el$releasever/en/$basearch/dag gpgcheck=1 enabled=1 [root@mail build] yum update [root@mail build] yum install clamav 20.升級病毒庫 [root@mail build] /usr/bin/freshclam ClamAV update process started at Thu Mar 9 17:23:21 2006 main.cvd is up to date (version: 36, sigs: 44686, f-level: 7, builder: tkojm) daily.cvd is up to date (version: 1319, sigs: 1376, f-level: 7, builder: ccordes) 21.安裝Spamassassin [root@mail build] yum install spamassassin [root@mail build] service spamassassin start 22.安裝MailScanner [root@mail build] tar –zxf ../src/MailScanner-4.51.5-1.rpm.tar.gz [root@mail build] MailScanner-4.51.5-1/install.sh 23.設置MailScanner [root@mail build] chkconfig sendmail off [root@mail build] chkconfig --level 2345 MailScanner on [root@mail build] vi /etc/MailScanner/MailScanner.conf %org-name% = toping.net %org-long-name% = wooxian %web-site% = www.toping.net %report-dir% = /etc/MailScanner/reports/cn Run As User = postfix Run As Group = postfix Incoming Queue Dir = /var/spool/postfix/hold Outgoing Queue Dir = /var/spool/postfix/incoming MTA = postfix Virus Scanners = clamav Always Include SpamAssassin Report = yes Use SpamAssassin = yes Required SpamAssassin Score = 6 SpamAssassin User State Dir = /var/spool/MailScanner/spamassassin SpamAssassin Install Prefix = /usr/bin SpamAssassin Local Rules Dir = /etc/MailScanner [root@mail build] yum install unrar [root@mail build] unrar x ../src/cn.rar [root@mail build] mv cn /etc/MailScanner/reports/ [root@mail build] mv /etc/postfix/header_check /etc/postfix/header_check.bak [root@mail build] vi /etc/postfix/header_check /^Received:/ HOLD [root@mail build] chown –R postfix:postfix /var/spool/MailScanner/* [root@mail build] postfix stop [root@mail build] service MailScanner start 24.測試病毒郵件 [root@mail build] telnet localhost 25 Trying 127.0.0.1... Connected to localhost.localdomain (127.0.0.1). Escape character is '^]'. 220 mail.test.com ESMTP Postfix ehlo mail 250-mail.test.com 250-PIPELINING 250-SIZE 10240000 250-VRFY 250-ETRN 250-AUTH PLAIN LOGIN 250-AUTH=PLAIN LOGIN 250 8BITMIME auth login 334 VXNlcm5hbWU6 dGVzdEB0ZXN0LmNvbQ== //用戶名(test@test.com) 334 UGFzc3dvcmQ6 MDAwMDAw // 密碼(000000) 235 Authentication successful //表示成功驗證通過 MAIL FROM:test@test.com 250 Ok RCPT TO:test@test.com 250 Ok DATA 354 End data with . Subject:Virus test X5O!P%@AP[4PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H* . 250 Ok: queued as F0C221CC20 //出現F0C221CC20這行表示mailscanner運行成功了 quit 221 Bye Connection closed by foreign host. 收到郵件後會在主題會變成:{Virus?} Virus test 郵件內容會是以下內容: 警告: 此郵件有一個或多個附加檔案被移除 警告: 附加檔案名稱: (詳細訊息). 警告: 請參考此信件附加檔案 "toping.net-Attachment-Warning.txt" 取得更詳細的資料 此訊息由 MailScanner 電子郵件防護系統發出 -------------------------------------------------------------------- 原有郵件附加檔案爲 "詳細訊息" 被列入拒絕處理的名單. 且被替換爲此訊息. 若您仍希望收到*被感染的*附加檔案,,請聯絡系統管理者.包含以下內容: Thu Mar 9 15:57:25 2006 病毒偵測報告: ClamAV: msg-3682-1.txt contains Eicar-Test-Signature 求助問題: 檢查 the toping.net () MailScanner 機器的 /var/spool/MailScanner/quarantine/20060309 (編號 639F13F97B.BBC3F). -- 系統管理者 以上內容出現表示mailscanner的病毒過濾生效。並成功運行!! 到此一台具有反垃圾和反病毒的郵件服務器建成了,希望我的文檔對郵件服務器愛好者能有所幫助~! 如果文檔中有任何問題可以發郵件給我指出來我會馬上改正。謝謝大家!祝大家好運!!scyz at toping.net
󰈣󰈤
王朝萬家燈火計劃
期待原創作者加盟
 
 
 
>>返回首頁<<
 
 
 
 
 
 熱帖排行
 
 
 
靜靜地坐在廢墟上,四周的荒凉一望無際,忽然覺得,淒涼也很美
© 2005- 王朝網路 版權所有