基於Linux和Postfix的郵件系統的web mail安裝手冊

←手機掃碼閱讀火星人 @ 2014-03-04 , reply:0

基於Linux和Postfix的郵件系統的web mail安裝手冊

http://www.toping.net/bbs/htm_data/7/0603/1199.html
基於Linux和Postfix的郵件系統的web mail安裝手冊

基於Linux和Postfix的郵件系統的web mail安裝手冊
------------------------------------------------------------------------------------------------------
新增使用mailscanner來對進出郵件進行監管。new
修正上一個版本的一些理解性和文件性錯誤。
主要「加強」了病毒過濾和垃圾郵件過濾，更加節約系統資源，使系統配置更簡單化。
垃圾郵件過濾基本上達到了95%的成功率
本文首次使用MailScanner+Clamav配合對郵件病毒進行過濾。
經過嚴格病毒郵件測試成功率達到了100%。
翻譯了病毒郵件提示為中文提示，讓系統更加的人性化。

演示：
http://mail.toping.net
用戶名：demo@toping.net
密　碼：demo
------------------------------------------------------------------------------------------------------
Linux+Postfix+Cyrus-sasl+Courier-imap+Tmail3.0+spamassassin+Clamav+mailscanner

楊廷勇

Copyright © 2004、2005、2006

本文介紹使用Linux+Postfix+Cyrus-sasl+Courier-imap+Tmail3.0+spamassassin+Clamav+mailscanner
來架構一個具有多域名，有郵件列表、webmail、防病毒、防垃圾郵件、web管理界面的郵件系統。
Jacky, $Revision: 4.51 bate $Date: 2006-3-9
系統主要採用MailScanner+clamav+Spamassassin來對病毒過濾和垃圾郵件過濾。

本文在CentOS、REDHATas上安裝測試通過，病毒過濾放棄採用amavisd。主要採用執行效率更高的MailSanner來對郵件過濾和垃圾郵件過濾，配置更容易，並且降低了系統開消。讓系統更加穩定，經過嚴格病毒郵件測試成功率達到了100%。垃圾郵件過濾基本上達到了95%的成功率。

文檔目錄

1.安裝系統
2.關閉selinux
3.設置YUM
4.安裝mysql
5.安裝apache
6.安裝php
7.安裝phpMyAdmin
8.設置資料庫：
9.增加postfix的用戶和組
10.安裝postfix
11.安裝Courier-authlib
12.設置authlib的環境變數
13.安裝Courier-imap
14.配置系統
15.配置sasl認證
16.配置courier-imap
17.安裝WebMail
18.啟動服務測試
19.安裝Clamav
20.升級病毒庫
21.安裝Spamassassin
22.安裝MailScanner
23.設置MailScanner
24.測試病毒郵件

結束！

1.安裝系統

安裝之前：因用戶數據都保存在/var目錄下，因此安裝系統時/var的空間應盡量大。系統的版本為最小化安裝，軟體包只安裝只裝開發包(development)。在文檔中假設伺服器的ip地址為192.168.0.2，域名為test.com，主機名為mail.test.com。所需的軟體包我都打包好了。下載地址：http://www.toping.net/soft/src.tar.gz

請兄弟們仔細一些，注意空格和TAB。

祝兄弟們好運。本人水平有限。如果發現文章中有什麼錯誤和不當的地方請發郵件：scyz@toping.net。我會在第一時間給予答覆。

2.關閉selinux
# vi /etc/selinux/config
SELINUX=disable
# reboot

3.設置YUM
vi CentOS-Base.repo

name=CentOS-4.2 - Base
baseurl=http://mirror.be10.com/centos/4.2/os/$basearch/
gpgcheck=1
gpgkey=http://mirror.be10.com/centos/RPM-GPG-KEY-centos4

#released updates

name=CentOS-4.2 - Updates
baseurl=http://mirror.be10.com/centos/4.2/updates/$basearch/
gpgcheck=1
gpgkey=http://mirror.be10.com/centos/RPM-GPG-KEY-centos4

#packages used/produced in the build but not released

name=CentOS-4.2 - Addons
baseurl=http://mirror.be10.com/centos/4.2/addons/$basearch/
gpgcheck=1
gpgkey=http://mirror.be10.com/centos/RPM-GPG-KEY-centos4

#additional packages that may be useful

name=CentOS-4.2 - Extras
baseurl=http://mirror.be10.com/centos/4.2/extras/$basearch/
gpgcheck=1
gpgkey=http://mirror.be10.com/centos/RPM-GPG-KEY-centos4

#additional packages that extend functionality of existing packages

name=CentOS-4.2 - Plus
baseurl=http://mirror.be10.com/centos/4.2/centosplus/$basearch/
gpgcheck=1
enabled=0
gpgkey=http://mirror.be10.com/centos/RPM-GPG-KEY-centos4

#contrib - packages by Centos Users

name=CentOS-4.2 - Contrib
baseurl=http://mirror.be10.com/centos/4.2/contrib/$basearch/
gpgcheck=1
enabled=0
gpgkey=http://mirror.be10.com/centos/RPM-GPG-KEY-centos4

#packages in testing

name=CentOS-4.2 - Testing
baseurl=http://mirror.be10.com/centos/4.2/testing/$basearch/
gpgcheck=1
enabled=0
gpgkey=http://mirror.be10.com/centos/RPM-GPG-KEY-centos4

# vi dag.repo

name=Dag RPM Repository for Red Hat Enterprise Linux
baseurl=http://apt.sw.be/redhat/el$releasever/en/$basearch/dag
gpgcheck=1
enabled=1

# yum update

4.安裝mysql
#yum install mysql-server
#yum install mysql-devel

5.安裝apache
#yum install httpd

6.安裝php
#yum install php
#yum install php-mysql
#yum install php-gd
#yum install php-imap

yum install vsftpd
yum install clamav
yum install spamassassin
/usr/bin/freshclam
設置apache
默認：
User apache
改為
User postfix

默認
Group apache
改為
Group postfix

默認
AddDefaultCharset UTF-8
改為
AddDefaultCharset gb2312

新加入：
AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps

7.安裝phpMyAdmin
#tar –zxf ../src/phpMyAdmin-2.8.0.1.tar.gz
#mv phpMyAdmin-2.8.0.1 /var/www/html/dbadmin/
#cp /var/www/html/dbadmin/libraries/config.default.php /var/www/html/dbadmin/dbadmin/libraries/config.inc.php (line 1.)

8.設置資料庫
#mysql
Mysql> create datases postfix;
Mysql> use mysql;
Mysql> INSERT INTO user (host,user,password) VALUES('localhost','postfix','');
Mysql> update user set password=password('postfix') where User='postfix';
Mysql> GRANT ALL ON postfix.* TO postfix@localhost IDENTIFIED BY "postfix";
Mysql> exit
tar –zxf ../src/webmail.tar.gz
mysql –u root –p postfix < Tmail.sql

9.增加postfix的用戶和組
groupadd -g 12345 postfix
useradd -u 12345 -g 12345 -c postfix -d/dev/null -s/sbin/nologin postfix
groupadd -g 54321 postdrop

10.安裝postfix
tar –zxf ../src/postfix-2.2.8.tar.gz
cd postfix-2.2.8
patch -p1 < ../../src/postfix-2.2.8-vda.patch
make -f Makefile.init makefiles \
'CCARGS=-DUSE_SASL_AUTH -DHAS_MYSQL -I/usr/include/mysql -I/usr/include/sasl' \
'AUXLIBS=-L/usr/lib/mysql -L/usr/lib/sasl2 -lmysqlclient -lsasl2 -lz -lm'
make
make install
執行make install這裡會出現很多問題，但postfix已經為我們設置好了默認的答案，直接使用這些答案就可以使postfix正常工作了，所以我們只要直接按回車就可以了

11.安裝Courier-authlib
tar –jxf ../src/courier-authlib-0.58.tar.gz
cd courier-authlib-0.58
./configure --prefix=/usr/lib/authlib --without-authpam \
--without-authcustom --without-authpgsql --without-authldap \
--without-authuserdb --without-authpwd --without-authshadow \
--without-authvchkpw --with-authmysql \
--with-authdaemonvar=/usr/lib/authlib/var \
--mandir=/usr/lib/man --without-stdheaderdir \
--sysconfdir=/usr/lib/authlib/etc \
--with-redhat
make
make install
make install-migrate
make install-configure
12.設置authlib的環境變數
COURIERAUTHCONFIG=/usr/lib/authlib/bin/courierauthconfig
export COURIERAUTHCONFIG

13.安裝Courier-imap
tar –jxf ../src/courier-imap-4.0.6.tar.gz
cd courier-imap-4.0.6
./configure –prefix=/usr/lib/imapd \
--silent --without-authpgsql --without-ipv6 \
--with-redhat --with-authmysql \
--mandir=/usr/lib/man --disable-root-check
make
make install
make install-configure

14.配置系統
mv /etc/aliases /etc/aliases.bak
ln -s /etc/postfix/aliases /etc/aliases
echo 'root: postfix'>>/etc/postfix/aliases
/usr/bin/newaliases
mv /var/mail /var/mail.bak
mkdir /var/mail
chown -R postfix:postfix /var/mail
mv /etc/postfix/main.cf /etc/postfix/main.cf.bak
vi /etc/postfix/main.cf
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
debug_peer_level = 2
html_directory = no
mail_owner = postfix
mailq_path = /usr/bin/mailq
manpage_directory = /usr/local/man
newaliases_path = /usr/bin/newaliases
queue_directory = /var/spool/postfix
readme_directory = no
sample_directory = /etc/postfix
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
unknown_local_recipient_reject_code = 550
header_checks = regexp:/etc/postfix/header_checks
#############NEW ADD#####################
#=====================BASE=====================
myhostname = mail.test.com
mydomain = test.com
mydestination = $myhostname
local_recipient_maps =
local_transport = virtual
#=====================MySQL=====================
virtual_alias_maps = mysql:/etc/postfix/mysql/mysql_virtual_alias_maps.cf
virtual_gid_maps = static:54321
virtual_mailbox_base = /
virtual_mailbox_domains = mysql:/etc/postfix/mysql/mysql_virtual_domains_maps.cf
virtual_mailbox_limit = 51200000
virtual_mailbox_maps = mysql:/etc/postfix/mysql/mysql_virtual_mailbox_maps.cf
virtual_minimum_uid = 125
virtual_transport = virtual
virtual_uid_maps = static:12345
#=====================Quota=====================
virtual_create_maildirsize = yes
virtual_mailbox_extended = yes
virtual_mailbox_limit_maps = mysql:/etc/postfix/mysql/mysql_virtual_mailbox_limit_maps.cf
virtual_mailbox_limit_override = yes
virtual_maildir_limit_message = Sorry, the user's maildir has overdrawn his diskspace quota, please try again later.
virtual_overquota_bounce = yes
#====================SASL=====================
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_delay_reject=yes
smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,permit_auth_destination,reject
smtpd_client_restrictions = permit_sasl_authenticated

vi mysql_virtual_alias_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
query = SELECT alias FROM userinfo WHERE address='%s' AND active = 1

vi mysql_virtual_domains_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
query = SELECT domain FROM domaininfo WHERE domain='%s'

vi mysql_virtual_mailbox_limit_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
query = SELECT quota FROM userinfo WHERE address='%s'

vi mysql_virtual_mailbox_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
query = SELECT maildir FROM userinfo WHERE address='%s' AND active = 1

15.配置sasl認證
vi /usr/lib/sasl2/smtpd.conf
pwcheck_method: authdaemond
log_level: 3
mech_list: plain login
authdaemond_path:/usr/lib/authlib/var/socket

16.配置courier-imap
mv /usr/lib/authlib/etc/authlib/authmysqlrc /usr/lib/authlib/etc/authlib/authmysqlrc.bak
vi /usr/lib/authlib/etc/authlib/authmysqlrc
MYSQL_SERVER localhost
MYSQL_USERNAME postfix
MYSQL_PASSWORD postfix
MYSQL_PORT    0
MYSQL_OPT    0
MYSQL_DATABASE postfix
MYSQL_USER_TABLE    userinfo
MYSQL_CRYPT_PWFIELD passwd
MYSQL_UID_FIELD '12345'
MYSQL_GID_FIELD '54321'
MYSQL_LOGIN_FIELD    address
MYSQL_HOME_FIELD    homedir
MYSQL_NAME_FIELD    realname
MYSQL_MAILDIR_FIELD maildir
MYSQL_QUOTA_FIELD    quota

mv /usr/lib/authlib/etc/authlib/authdaemonrc /usr/lib/authlib/etc/authlib/authdaemonrc.bak
vi /usr/lib/authlib/etc/authlib/authdaemonrc
authmodulelist="authmysql"
authmodulelistorig="authmysql"
version="authdaemond.mysql"
daemons=5
subsystem=mail
DEBUG_LOGIN=0
DEFAULTOPTIONS="wbnodsn=1"

vi /usr/lib/imapd/etc/pop3d
默認
POP3DSTART=NO
改為
POP3DSTART=YES
vi /usr/lib/imapd/etc/imapd
默認
IMAPDSTART=NO
改為
IMAPDSTART=YES
chmod +x /usr/lib/authlib/var/

17.安裝WebMail
mv Tmail /var/www/html/webmail
vi /var/www/html/webmail/config/config_inc.php
$CFG_BASEPATH = "/var/www/html/webmail/temp"; //臨時目錄
// Mysql
define(MYSQL_HOST, 'localhost'); //資料庫主機名
define(MYSQL_USER, 'postfix'); //資料庫用戶名
define(MYSQL_PASS, 'postfix'); //資料庫密碼
define(MYSQL_DATA, 'postfix'); //資料庫名稱
$CFG_NETDISK_PATH = "/var/mail/netdisk"; //文件管理存儲目錄

vi /var/www/html/webmail/webadmin/include/config.inc.php
// Mysql
define(MYSQL_HOST, 'localhost'); //資料庫主機名
define(MYSQL_USER, 'postfix'); //資料庫用戶名
define(MYSQL_PASS, 'postfix'); //資料庫密碼
define(MYSQL_DATA, 'postfix'); //資料庫名稱

mkdir /var/mail/netdisk
chown –R postfix:postfix /var/mail/netdisk
mkdir /var/www/html/webmail/temp
chown –R postfix:postfix /var/www/html/webmail/temp

cp courier-authlib-0.58/courier-authlib.sysvinit /etc/rc.d/init.d/courier-authlib
chmod 755 /etc/rc.d/init.d/courier-authlib
chkconfig –-add courier-authlib
cp courier-imap-4.0.6/courier-imap.sysvinit /etc/rc.d/init.d/courier-imap
chmod 755 /etc/rc.d/init.d/courier-imap
chkconfig –-add courier-imap

18.啟動服務測試
chkconfig httpd on
chkconfig mysqld on
service httpd start
service mysqld start

service courier-authlib start
service courier-imap start
postfix start
通過後台加入域名和用戶名（本文檔中的域名為:test.com、用戶名：test@test.com）
perl -MMIME::Base64 -e 'print encode_base64("test\@test.com");'
dGVzdEB0ZXN0LmNvbQ==
perl -MMIME::Base64 -e 'print encode_base64("000000");'
MDAwMDAw
telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 mail.test.com ESMTP Postfix
ehlo mail
250-mail.test.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250 8BITMIME
auth login
334 VXNlcm5hbWU6
dGVzdEB0ZXN0LmNvbQ== //用戶名（test@test.com）
334 UGFzc3dvcmQ6
MDAwMDAw          // 密碼（000000）
235 Authentication successful //表示成功驗證通過

19.安裝Clamav

rpm --import http://dag.wieers.com/packages/RPM-GPG-KEY.dag.txt
rpm --import RPM-GPG-KEY.dag.txt
rpm -q gpg-pubkey --qf "%{summary} -> %{version}-%{release}\n"
gpg(CentOS-4 key <centos-4key@centos.org>) -> 443e1821-421f218f
gpg(Dag Wieers (Dag Apt Repository v1.0) <dag@wieers.com>) -> 6b8d79e6-3f49313d

vi /etc/yum.repos.d/dag.repo

name=Dag RPM Repository for Red Hat Enterprise Linux
baseurl=http://apt.sw.be/redhat/el$releasever/en/$basearch/dag
gpgcheck=1
enabled=1

yum update
yum install clamav
20.升級病毒庫
/usr/bin/freshclam
ClamAV update process started at Thu Mar 9 17:23:21 2006
main.cvd is up to date (version: 36, sigs: 44686, f-level: 7, builder: tkojm)
daily.cvd is up to date (version: 1319, sigs: 1376, f-level: 7, builder: ccordes)

21.安裝Spamassassin
yum install spamassassin
service spamassassin start

22.安裝MailScanner
tar –zxf ../src/MailScanner-4.51.5-1.rpm.tar.gz
MailScanner-4.51.5-1/install.sh

23.設置MailScanner
chkconfig sendmail off
chkconfig --level 2345 MailScanner on
vi /etc/MailScanner/MailScanner.conf
%org-name% = toping.net
%org-long-name% = wooxian
%web-site% = www.toping.net
%report-dir% = /etc/MailScanner/reports/cn
Run As User = postfix
Run As Group = postfix
Incoming Queue Dir = /var/spool/postfix/hold
Outgoing Queue Dir = /var/spool/postfix/incoming
MTA = postfix
Virus Scanners = clamav
Always Include SpamAssassin Report = yes
Use SpamAssassin = yes
Required SpamAssassin Score = 6
SpamAssassin User State Dir = /var/spool/MailScanner/spamassassin
SpamAssassin Install Prefix = /usr/bin
SpamAssassin Local Rules Dir = /etc/MailScanner

yum install unrar
unrar x ../src/cn.rar
mv cn /etc/MailScanner/reports/
mv /etc/postfix/header_check /etc/postfix/header_check.bak
vi /etc/postfix/header_check
/^Received:/ HOLD
chown –R postfix:postfix /var/spool/MailScanner/*
postfix stop
service MailScanner start

24.測試病毒郵件
telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 mail.test.com ESMTP Postfix
ehlo mail
250-mail.test.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250 8BITMIME
auth login
334 VXNlcm5hbWU6
dGVzdEB0ZXN0LmNvbQ== //用戶名（test@test.com）
334 UGFzc3dvcmQ6
MDAwMDAw          // 密碼（000000）
235 Authentication successful //表示成功驗證通過
MAIL FROM:<test@test.com>
250 Ok
RCPT TO:<test@test.com>
250 Ok
DATA
354 End data with <CR><LF>.<CR><LF>
Subject:Virus test

X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*

.
250 Ok: queued as F0C221CC20 //出現F0C221CC20這行表示mailscanner運行成功了
quit
221 Bye
Connection closed by foreign host.

收到郵件後會在主題會變成：{Virus?} Virus test
郵件內容會是以下內容：
警告: 此郵件有一個或多個附加檔案被移除
警告: 附加檔案名稱: (詳細訊息).
警告: 請參考此信件附加檔案 "toping.net-Attachment-Warning.txt" 取得更詳細的資料

此訊息由 MailScanner 電子郵件防護系統發出
--------------------------------------------------------------------
原有郵件附加檔案為 "詳細訊息" 被列入拒絕處理的名單.
且被替換為此訊息.

若您仍希望收到*被感染的*附加檔案,,請聯絡系統管理者.包含以下內容:

Thu Mar 9 15:57:25 2006 病毒偵測報告:
ClamAV: msg-3682-1.txt contains Eicar-Test-Signature

求助問題: 檢查 the toping.net () MailScanner 機器的 /var/spool/MailScanner/quarantine/20060309 (編號 639F13F97B.BBC3F).
--
系統管理者

以上內容出現表示mailscanner的病毒過濾生效。並成功運行！！

到此一台具有反垃圾和反病毒的郵件伺服器建成了，希望我的文檔對郵件伺服器愛好者能有所幫助～！如果文檔中有任何問題可以發郵件給我指出來我會馬上改正。謝謝大家！祝大家好運！！scyz at toping.net

《解決方案》

答應朋友幫他發一下,差點忘了,呵呵

《解決方案》

很好，謝謝

《解決方案》

回復 1樓 bdwy 的帖子

請問如果使用centos自帶的postfix，那麼對postfix如何配置？

《解決方案》

建議不要按部就般,搞清楚postfix的基本的東西再做.

《解決方案》

頂了.不錯.收藏!

《解決方案》

謝謝~~~~

《解決方案》

Tags:

[火星人 ] 基於Linux和Postfix的郵件系統的web mail安裝手冊已經有678次圍觀

本文地址：http://coctec.com/docs/service/show-post-25106.html

基於Linux和Postfix的郵件系統的web mail安裝手冊

基於Linux和Postfix的郵件系統的web mail安裝手冊

回復 1樓 bdwy 的帖子

熱門文章

最新文章