执行make install这里会出现很多问题,但postfix已经为我们设置好了默认的答案,直接使用这些答案就可以使postfix正常工作了,所以我们只要直接按回车就可以了
make install-configure
5. 配置系统
- mv /etc/aliases /etc/aliases.bak
- ln -s /etc/postfix/aliases /etc/aliases
- echo "root: postfix">>/etc/postfix/aliases
- /usr/bin/newaliases
- mv /var/mail /var/mail.bak
- mkdir /var/mail
- chown -R postfix:postfix /var/mail
- mv /etc/postfix/main.cf /etc/postfix/main.cf.bak
- vi /etc/postfix/main.cf
复制内容到剪贴板
代码:
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
debug_peer_level = 2
html_directory = no
mail_owner = postfix
mailq_path = /usr/bin/mailq
manpage_directory = /usr/local/man
newaliases_path = /usr/bin/newaliases
queue_directory = /var/spool/postfix
readme_directory = no
sample_directory = /etc/postfix
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
unknown_local_recipient_reject_code = 550
header_checks = regexp:/etc/postfix/header_checks
#############NEW ADD#####################
#=====================BASE=====================
myhostname = mail.oklrc.com
mydomain = oklrc.com
mydestination = $myhostname
local_recipient_maps =
local_transport = virtual
#=====================MySQL=====================
virtual_alias_maps = mysql:/etc/postfix/mysql/mysql_virtual_alias_maps.cf
virtual_gid_maps = static:54321
virtual_mailbox_base = /
virtual_mailbox_domains = mysql:/etc/postfix/mysql/mysql_virtual_domains_maps.cf
virtual_mailbox_limit = 51200000
virtual_mailbox_maps = mysql:/etc/postfix/mysql/mysql_virtual_mailbox_maps.cf
virtual_minimum_uid = 125
virtual_transport = virtual
virtual_uid_maps = static:12345
#=====================Quota=====================
virtual_create_maildirsize = yes
virtual_mailbox_extended = yes
virtual_mailbox_limit_maps = mysql:/etc/postfix/mysql/mysql_virtual_mailbox_limit_maps.cf
virtual_mailbox_limit_override = yes
virtual_maildir_limit_message = Sorry, the user's maildir has overdrawn his diskspace quota, please try again later.
virtual_overquota_bounce = yes
#====================SASL=====================
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_delay_reject=yes
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
reject_unauth_pipelining,
reject_invalid_hostname,
reject_rbl_client cbl.anti-spam.org.cn
smtpd_client_restrictions = permit_sasl_authenticated
smtpd_sasl_application_name = smtpd
smtpd_sasl_local_domain = $myhostnamepermit_mynetworks,那几行前面要多加一个空格.引用:
vi /etc/postfix/mysql/mysql_virtual_alias_maps.cf
复制内容到剪贴板
代码:
user = postfix
password = mailadmin
hosts = localhost
dbname = postfix
query = SELECT alias FROM userinfo WHERE address='%s' AND active = 1引用:
vi /etc/postfix/mysql/mysql_virtual_domains_maps.cf
复制内容到剪贴板
代码:
user = postfix
password = mailadmin
hosts = localhost
dbname = postfix
query = SELECT domain FROM domaininfo WHERE domain='%s'引用:
vi /etc/postfix/mysql/mysql_virtual_mailbox_limit_maps.cf
复制内容到剪贴板
代码:
user = postfix
password = mailadmin
hosts = localhost
dbname = postfix
query = SELECT quota FROM userinfo WHERE address='%s'引用:
vi /etc/postfix/mysql/mysql_virtual_mailbox_maps.cf
复制内容到剪贴板
代码:
user = postfix
password = mailadmin
hosts = localhost
dbname = postfix
query = SELECT maildir FROM userinfo WHERE address='%s' AND active = 16. 配置sasl认证引用:
vi /usr/lib/sasl2/smtpd.conf
复制内容到剪贴板
代码:
pwcheck_method:authdaemond
log_level:3
mech_list:plain login
authdaemond_path:/usr/lib/authlib/var/socket7. 配置courier-imap引用:
mv /usr/lib/authlib/etc/authlib/authmysqlrc /usr/lib/authlib/etc/authlib/authmysqlrc.bak
引用:
vi /usr/lib/authlib/etc/authlib/authmysqlrc
复制内容到剪贴板
代码:
MYSQL_SERVER localhost
MYSQL_USERNAME postfix
MYSQL_PASSWORD mailadmin
MYSQL_PORT 0
MYSQL_OPT 0
MYSQL_DATABASE postfix
MYSQL_USER_TABLE userinfo
MYSQL_CRYPT_PWFIELD passwd
#MYSQL_CLEAR_PWFIELD passwd
MYSQL_UID_FIELD '12345'
MYSQL_GID_FIELD '54321'
MYSQL_LOGIN_FIELD address
MYSQL_HOME_FIELD homedir
MYSQL_NAME_FIELD realname
MYSQL_MAILDIR_FIELD maildir
MYSQL_QUOTA_FIELD quota注意:确认在这个文件中不能用空格键,只能用tab键引用:
mv /usr/lib/authlib/etc/authlib/authdaemonrc /usr/lib/authlib/etc/authlib/authdaemonrc.bak
引用:
vi /usr/lib/authlib/etc/authlib/authdaemonrc
复制内容到剪贴板
代码:
authmodulelist="authmysql"
authmodulelistorig="authmysql"
version="authdaemond.mysql"
daemons=5
subsystem=mail
DEBUG_LOGIN=2
DEFAULTOPTIONS="wbnodsn=1"引用:
cp /usr/lib/imapd/etc/pop3d.dist /usr/lib/imapd/etc/pop3d
引用:
cp /usr/lib/imapd/etc/pop3d-ssl.dist /usr/lib/imapd/etc/pop3d-ssl
引用:
vi /usr/lib/imapd/etc/pop3d
POP3DSTART=NO
改为
POP3DSTART=YES引用:
cp /usr/lib/imapd/etc/imapd.dist /usr/lib/imapd/etc/imapd
引用:
cp /usr/lib/imapd/etc/imapd-ssl.dist /usr/lib/imapd/etc/imapd-ssl
引用:
vi /usr/lib/imapd/etc/imapd
IMAPDSTART=NO
改为
IMAPDSTART=YES引用:
chmod +x /usr/lib/authlib/var/
先建立数据库及数据库用户复制内容到剪贴板
代码:
/usr/local/mysql/bin/mysql -uroot -p
- CREATE DATABASE `postfix`;
- GRANT ALL ON postfix.* TO postfix@localhost IDENTIFIED BY "mailadmin";
- UPDATE mysql.user SET PASSWORD=old_password('mailadmin') WHERE `User`='postfix';
- FLUSH PRIVILEGES;
- exit
- mysql -u root -p postfix < /usr/local/apache2/htdocs/tmail/SQL/Tmail.sql
- vi /usr/local/apache2/htdocs/tmail/config/config_inc.php
复制内容到剪贴板
代码:
$CFG_BASEPATH = "/usr/local/apache2/htdocs/tmail/temp"; //临时目录
// Mysql
define(MYSQL_HOST, 'localhost'); //数据库主机名
define(MYSQL_USER, 'postfix'); //数据库用户名
define(MYSQL_PASS, 'mailadmin'); //数据库密码
define(MYSQL_DATA, 'postfix'); //数据库名称
$CFG_NETDISK_PATH = "/var/mail/netdisk"; //文件管理存储目录引用:
vi /usr/local/apache2/htdocs/tmail/include/config.inc.php
复制内容到剪贴板
代码:
// Mysql
define(MYSQL_HOST, 'localhost'); //数据库主机名
define(MYSQL_USER, 'postfix'); //数据库用户名
define(MYSQL_PASS, 'mailadmin'); //数据库密码
define(MYSQL_DATA, 'postfix'); //数据库名称
- mkdir /var/mail/netdisk
- chown -R postfix:postfix /var/mail/netdisk
- mkdir /usr/local/apache2/htdocs/tmail/temp
- chown -R postfix:postfix /usr/local/apache2/htdocs/tmail/temp
- cp courier-authlib-0.59.2源码安装目录/courier-authlib.sysvinit /etc/rc.d/init.d/courier-authlib
- chmod 755 /etc/rc.d/init.d/courier-authlib
- chkconfig --add courier-authlib
- cp courier-imap-4.1.2源码安装目录/courier-imap.sysvinit /etc/rc.d/init.d/courier-imap
- chmod 755 /etc/rc.d/init.d/courier-imap
- chkconfig --add courier-imap
9. 启动服务测试
- /usr/local/apache2/bin/apachectl start
- service mysql start
- service courier-authlib start
- service courier-imap start
- postfix start
10. 通过后台加入域名和用户名http://mail.oklrc.com/tmail/webadmin(本文档中的域名为: test.com 、 用户名: test@test.com )引用:
perl -MMIME::Base64 -e 'print encode_base64("test\@test.com");'
复制内容到剪贴板
代码:
perl -MMIME::Base64 -e 'print encode_base64("000000");'MDAwMDAw复制内容到剪贴板
代码:
telnet localhost 25引用:
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 mail.test.com ESMTP Postfix
ehlo mail
250-mail.test.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250 8BITMIME
auth login
334 VXNlcm5hbWU6
dGVzdEB0ZXN0LmNvbQ== //用户名(test@test.com)
334 UGFzc3dvcmQ6
MDAwMDAw // 密码(000000)
235 Authentication successful //表示成功验证通过
#添加所需的组和用户复制内容到剪贴板
代码:
groupadd -g 46 clamav
useradd -g clamav -s /bin/false -d /dev/null clamav安装软件复制内容到剪贴板
代码:
tar zxvf clamav-0.90.2.tar.gz
cd clamav-0.90.2
./configure
make && make install#根据clamd.conf的设置建立LOG目录复制内容到剪贴板
代码:
mkdir /var/log/clamav
chown clamav:clamav /var/log/clamav
chgrp -c clamav /var/log/clamav设定clamd.conf
# vi /usr/local/etc/clamd.conf复制内容到剪贴板
代码:
#Example 注释掉Example行
LogFile /var/log/clamav/clamd.log
LogVerbose
LogTime
LocalSocket /tmp/clamav.socket
PidFile /var/run/clamd.pid
DatabaseDirectory /usr/local/share/clamav
MaxDirectoryRecursion 15
ScanMail
ScanArchive#设定freshclam.conf
# vi /usr/local/etc/freshclam.conf复制内容到剪贴板
代码:
#Example 注释掉Example行
DatabaseDirectory /usr/local/share/clamav
UpdateLogFile /var/log/clamav/freshclam.log
LogSyslog
LogVerbose
DatabaseMirror db.CN.clamav.net
DatabaseMirror database.clamav.net# 执行 Clamavs病毒库升级复制内容到剪贴板
代码:
/usr/local/bin/freshclam建立clamd的启动脚本:
vi /etc/init.d/clamd复制内容到剪贴板
代码:
#! /bin/bash
#
# crond Start/Stop the clam antivirus daemon.
#
# chkconfig: 2345 90 60
# description: clamdis a standard UNIX program that scans for Viruses.
# processname: clamd
# config: /usr/local/etc/clamd.conf
# pidfile: /var/run/clamav/clamd.pid
# Source function library.
. /etc/init.d/functions
RETVAL=0
# See how we were called.
prog="clamd"
progdir="/usr/local/sbin"
# Source configuration
if [-f /etc/sysconfig/$prog]; then
. /etc/sysconfig/$prog
fi
start() {
echo -n $"Starting $prog: "
daemon $progdir/$prog
RETVAL=$?
echo [$RETVAL -eq 0] && touch /var/run/clamav/clamd.pid
return $RETVAL
}
stop() {
echo -n $"Stopping $prog: "
killproc $prog
RETVAL=$?
echo [$RETVAL -eq 0] && rm -f /var/run/clamav/clamd.pid
return $RETVAL
}
status() {
status clamd
}
restart() {
stop
start
}
reload() {
echo -n $"Reloading clam daemon configuration: "
killproc clamd -HUP
retval=$?
echo
return $RETVAL
}
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
restart
;;
reload)
reload
;;
status)
rhstatus
;;
restart)
[ -f /var/lock/subsys/clamd ] && restart || :
;;
*)
echo $"Usage: $0 {start|stop|status|reload|restart|condrestart}"
exit 1
esac
exit 0#设置 clamav 为自启动项
- chmod 755 /etc/init.d/clamd
- chkconfig --add clamd
- chkconfig clamd on
- clamscan -r test
对 test 文件夹进行病毒扫描
设置自动更新病毒库
vi /etc/crontab复制内容到剪贴板
代码:
0 4 * * * root /usr/local/bin/freshclam --quiet -l /var/log/clamav/clamd_autoupdate.log#启动 clamd 程序复制内容到剪贴板
代码:
/usr/local/sbin/clamd11. Mailscanner Version 4.58.9-1
http://www.mailscanner.info/downloads.html
安装 mailscanner
- tar -zxvf MailScanner-4.58.9-1.tar.gz
- cd MailScanner-4.58.9-1
- ./install.sh
设定 mailscanner,垃圾邮件直接删除掉
vi /etc/MailScanner/MailScanner.conf复制内容到剪贴板
代码:
Run As User = postfix
Run As Group = postfix
Incoming Queue Dir = /var/spool/postfix/hold
Outgoing Queue Dir = /var/spool/postfix/incoming
MTA = postfix
Virus Scanners = clamav
High Scoring Spam Actions = delete设定 postfix
vi /etc/postfix/main.cf复制内容到剪贴板
代码:
header_checks = regexp:/etc/postfix/header_checksvi /etc/postfix/header_checks
在最后一行加上复制内容到剪贴板
代码:
/^Received:/ HOLD变更目录权限复制内容到剪贴板
代码:
chown postfix:postfix /var/spool/MailScanner/incoming
chown postfix:postfix /var/spool/MailScanner/quarantine重新启动postfix和mailscanner
postfix stop
postfix start
vi /etc/rc.local
加入开机自动启动postfix和mailscanner的脚本命令复制内容到剪贴板
代码:
postfix start
/opt/MailScanner/bin/MailScanner邮件测试通过,不过会在邮件的最后多出一句话:引用:
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
vi /opt/MailScanner-4.58.9/etc/MailScanner.conf文件复制内容到剪贴板
代码:
Sign Clean Messages = no白名单和黑名单的设置查看/opt/MailScanner-4.58.9-1/etc/rules下面的文件
12. 安装-配置SpamAssassin
1、Spam是一个让人讨厌的字眼. 大部分的人都不喜欢它. 如果你想保护自己免受spam, 你就需要安装SpamAssassin.因我在安装系统的时候已经选择好了SpamAssassin。现在我们将其升级到最新版:
手动安装
- cd Mail-SpamAssassin-2.xx
- export LC_ALL=C
- perl Makefile.PL
- make
- make test
- make install
#spamassassin的过滤模板在/etc/mail/spamassassin/local.cf,修改为:复制内容到剪贴板
代码:
vi /etc/mail/spamassassin/local.cf引用:
required_score 5.0
rewrite_header Subject ********SPAM********
report_safe 1
use_bayes 1
skip_rbl_checks 0
ok_languages zh en
ok_locales en ko
score HEAD_ILLEGAL_CHARS 0
score SUBJ_ILLEGAL_CHARS 0
score DATE_IN_PAST_03_06 0
score UPPERCASE_25_50 0
score UPPERCASE_50_75 0
score UPPERCASE_75_100 0
score X_MSMAIL_PRIORITY_HIGH 0
score X_PRIORITY_HIGH 0
score TO_TXT 100
score RATWARE_HASH_2 100
score RATWARE_HASH_2_V2 100
score BAYES_99 0.1
score BAYES_80 0.1
score BAYES_60 0.1
score FROM_ILLEGAL_CHARS 0.1
score MIME_BASE64_TEXT 0.1
score NO_RDNS_DOTCOM_HELO 0.1
score CHINA_HEADER 0.1
score NO_REAL_NAME 0.2
score HTML_MESSAGE 0.2
score MIME_HTML_ONLY 0.2
score MIME_HTML_ONLY_MULTI 0.2
score FORGED_MUA_OUTLOOK 0.2
score FORGED_HOTMAIL_RCVD 0.2
score FORGED_OUTLOOK_TAGS 0.2
score MAILTO_TO_SPAM_ADDR 0.2
#黑白名单
whitelist_from *@oklrc.com
# ---------------------------------------------------------------------------
# 使用中国反垃圾邮件联盟的CBL/CDL
# URL: http://www.anti-spam.org.cn/
header RCVD_IN_CBL eval:check_rbl('cbl', 'cbl.anti-spam.org.cn.')
describe RCVD_IN_CBL Received via a relay in cbl.anti-spam.org.cn
tflags RCVD_IN_CBL net
header RCVD_IN_CDL eval:check_rbl('cdl-notfirsthop', 'cdl.anti-spam.org.cn.')
describe RCVD_IN_CDL CDL: dialup sender did non-local SMTP
tflags RCVD_IN_CDL net
#SCORE
score RCVD_IN_CBL 4.0
score RCVD_IN_CDL 3.0
复制内容到剪贴板
代码:
wget -N -P /usr/share/spamassassin www.ccert.edu.cn/spam/sa/Chinese_rules.cf#建立SpamAssassin的学习系统复制内容到剪贴板
代码:
sa-learn --sync -D -p user_prefs#查看自学习的数据信息复制内容到剪贴板
代码:
sa-learn --dump all#查看调试信息复制内容到剪贴板
代码:
spamassassin --lint -D注:spamassassin要配合其它的邮件代理或服务器使用!
13. postfix对某个帐户进行监控
main.cf中设置相关参数:引用:
寄件备份sender_bcc_maps
收件备份recipient_bcc_maps
寄件及收件备份always_bcc
复制内容到剪贴板
代码:
sender_bcc_maps = hash:/etc/postfix/maps/etc/postfix/maps 这个名可随便起
然后vi /etc/postfix/maps写转发和接收的邮箱,比如将abc@abc.com发出的信转给cde@abc.com引用:
abc@abc.com cde@abc.com
复制内容到剪贴板
代码:
postmap hash:/etc/postfix/maps14. 在Mailscanner中监控某个用户收发的邮件功能
首先在Mailscanner.conf的作如下更改复制内容到剪贴板
代码:
#Archive Mail = %rules-dir%/archive.rules然后进入rules目录,看有没有archive.rules文件,如果没有就建立!复制内容到剪贴板
代码:
FromOrTo: abc@abc.com yes forward cde@abc.comFrom表示将abc@abc.com发出的邮件转发一份给cde@abc.com
To 表示将发给abc@abc.com的邮件转发一份给cde@abc.com
比如单独要将abc@abc.com发出的邮件转给cde@abc.com作如下更改复制内容到剪贴板
代码:
From: abc@abc.com yes forward cde@abc.com改完后要重启动MailScanner! 另外可以监控整个域的邮件用用*@abc.com
也可以监控所有邮件用*代替.
15. POSTFIX附件大小设置
postfix里有两个需要设置的:复制内容到剪贴板
代码:
mailbox_size_limit
message_size_limit
