很多人經(jīng)常問為什么我的郵件服務(wù)器向163.com /sina.com/yahoo.com.cn...都能收到,,為什么回復(fù)的郵件卻收不到,,原因很簡單,,因?yàn)檫@些服務(wù)器不能找到你的域名的A記錄或MX 記錄,。很多人在安裝時使用的域都是不合法的域名,,即未經(jīng)注冊的DNS FQDN(完全限定名),。如果你沒有申請合法的域名,,可以到 comexe.cn 3322.org 申請一個動態(tài)域名來收發(fā)郵件,。
本例中以 extmail.org 這個域?yàn)槔?,,主機(jī)名為mail ,郵件服務(wù)器建立在DDNS 之上。
打開windows 的CMD 使用nslookup 查詢extmail.org 的MX記錄,,如果你自己擁有固定IP可以創(chuàng)建自己的DNS,,如果你使用的是新網(wǎng)或其它域名供應(yīng)商,進(jìn)入后臺添加一個記錄即可,,供體參考DNS 相關(guān)的內(nèi)容,。
C:\>nslookup -type=mx extmail.org 221.4.66.66
Server: ns2.cnc-gd.net
Address: 221.4.66.66
DNS request timed out.
timeout was 2 seconds.
Non-authoritative answer:
extmail.org MX preference = 20, mail exchanger = mx.extmail.org
extmail.org nameserver = ns2.xinnetdns.com
extmail.org nameserver = ns.xinnet.cn
extmail.org nameserver = ns.xinnetdns.com
extmail.org nameserver = ns2.xinnet.cn
mx.extmail.org internet address = 210.21.119.139
ns.xinnet.cn internet address = 210.51.171.209
ns.xinnetdns.com internet address = 210.51.170.66
ns2.xinnet.cn internet address = 210.51.170.67
ns2.xinnetdns.com internet address = 210.51.170.67
作為windows 高手的你,這點(diǎn)小事難不到你吧,。
二,、安裝Freebsd A、系統(tǒng)分區(qū)
很多人在使用自己的作業(yè)系統(tǒng)時,,不知道如何對系統(tǒng)分區(qū),,對于分區(qū)方案沒有最好的,只是跟據(jù)自己的情況去分,。
下面是我的分區(qū)方案,。
硬盤為120G ,/(根)1G 左右就差不多了,,但考濾到/root 工作目錄也在這里,,所以分大一點(diǎn)。
/home/data 主要是用來存放Email /ftp用戶的數(shù)據(jù)
/tmp 1G 也是考慮到臨時文件多,,所以給大也點(diǎn),。
/usr/ 10G 因?yàn)橐惭b軟件,還有下載的軟件,,我沒有裝GUI 所以只分了10G我認(rèn)為足夠了,。
/var 3G這個目錄存放的東西比較多,,如日志、郵件的臨時目錄,,如果空間不夠amavisd-new 無法解開郵件進(jìn)行殺毒,。
%df -h
Filesystem Size Used Avail Capacity Mounted on
/dev/ad0s1a 1.9G 481M 1.3G 26% /
devfs 1.0K 1.0K 0B 100% /dev
/dev/ad0s1g 92G 353M 84G 0% /home/data
/dev/ad0s1e 989M 224K 910M 0% /tmp
/dev/ad0s1f 9.7G 1.8G 7.1G 20% /usr
/dev/ad0s1d 2.9G 105M 2.6G 4% /var
用戶可以跟據(jù)自己的需要進(jìn)行分區(qū)。
B,、安裝基本系統(tǒng)
對于系統(tǒng)的安裝,,我選擇了minimal(最小系統(tǒng))和ports ,因?yàn)橛行]必要的包就不裝,減少系統(tǒng)體積,,另外作為一臺服務(wù)器,,我從來不裝GUI 。
下載BSD時,,只需要下載DISK 1 就行了,,缺少的軟件包可以通過網(wǎng)絡(luò)安裝。
C,、配置系統(tǒng)
如果你在安裝后期沒有配置系統(tǒng),,在系統(tǒng)啟動完成后以root的身份登陸系統(tǒng),運(yùn)行sysinstall 進(jìn)行設(shè)置,,或通過ee編輯器編輯/etc/rc.conf文件,,在這里提醒各位,一會大多數(shù)服務(wù)都需要在/etc/rc.conf加入啟動內(nèi)容才能正常啟動,。
設(shè)置好固定IP,,或通過DHCP 自動分配置機(jī)器IP。使用SSH 客戶端進(jìn)行管理服務(wù)器將會為你的工作提供方便,。
使用SSH 要注意:
a,、不能用root直接登陸,需要添加一個新用戶,,指定到wheel 組,用此用戶登陸后用使用 su - 提升到管理員,。
b、 以我的SecureCRT 為例,Session options ->Authentication ->Primary 選擇keyboard Interactive
c,、如果你要使用像LINUX 一樣的彩色顯示,,需要把 Emulation -> Terminal ->Xterm 選中ANSI Color 并在/etc/csh.cshrc加入
setenv LSCOLORS ExGxFxdxCxegedabagExEx
setenv CLICOLOR yes
set autolist
然后執(zhí)行
sed -i.bak -E s/set\ prompt/#set\ prompt/g /root/.cshrc
退出重新登陸即可看到彩色目錄了。
D,、更新軟件包
采用Freebsd 最好的地方就是安裝軟件方便,還可以裝到最新的軟件包,,這就是強(qiáng)大的posts 系統(tǒng),。如果你的系統(tǒng)在安裝時沒有選擇posts ,具休如何操作看BSD 的handbook.
CVSUP 的站點(diǎn)很多,你可以選擇離你最快的站點(diǎn)去更新posts ,,具體查看 freebsd.org /freebsdchina.org.cn
在使用cvsup之前你必須連接到互聯(lián)網(wǎng),,并需要安裝cvsup 這個軟件
假如你的服務(wù)器在內(nèi)網(wǎng)里,,并通過DMZ 進(jìn)行IP映射,可以參考下面設(shè)置:
sshd_enable="YES"
fsck_y_enable="YES"
hostname="mail.extmail.org"
ifconfig_rl0="inet 192.168.1.1 netmask 255.255.255.0"
defaultrouter="192.168.1.1"
如果你使用的是ADSL 拔號
a,、修改/etc/ppp/ppp.conf
default:
set log Phase tun command # you can add more detailed logging if you wish
set ifaddr 10.0.0.1/0 10.0.0.2/0
adsl:
set device PPPoE:vr0 # 將vr0 改為你拔號的網(wǎng)卡
set authname 你的ADSL 賬號
set authkey 你的ADSL密碼
set dial
set login
add default HISADDR
b,、/etc/rc.conf 內(nèi)容
inetd_enable="YES"
sshd_enable="YES"
fsck_y_enable="YES"
hostname="mail.extmail.org"
ifconfig_rl0="inet 192.168.1.1 netmask 255.255.255.0"
ppp_enable="YES" #YES or NO
ppp_mode="ddial" #"auto", "ddial", "direct" or "dedicated".
ppp_nat="YES" # if you want to enable nat for your local network, otherwise NO
ppp_profile="adsl" #/etc/ppp/ppp.conf
c、安裝cvsup-without-gui
%cd /usr/ports/net/cvsup-without-gui/
%make install clean
d,、更新ports
安裝完cvsup軟件后,,對ports 進(jìn)行更新
%/usr/local/bin/cvsup -gL 2 -h cvsup4.freebsdchina.org /usr/share/examples/cvsup/ports-supfile
三、安裝數(shù)據(jù)庫 MySQL
MySQL 版本很多,,大家可以據(jù)自己需要自行選擇喜歡的版本安裝,。
%cd /usr/ports/databases/mysql41-server/
%make install clean
在/etc/rc.conf 加入
mysql_enable="YES"
復(fù)制配置文件(非必需)
cp /usr/local/share/mysql/my-small.cnf /usr/local/etc/my.cnf
在此說明:
1、如果不在/etc/rc.conf 加入以上內(nèi)容,,手工是無法啟動MySQL的,。
2、如果你想知道這個軟件應(yīng)該在/etc/rc.conf加入什么內(nèi)容,,打開/usr/local/etc/rc.d 目錄,,找到此軟件的啟動腳本。然后打開文件,,如果有詳細(xì)的說明,。
%/usr/local/etc/rc.d/mysql-server.sh start
Starting mysql.
如何去檢查一個服務(wù)是否正常啟動:1、通過ps查看進(jìn)程,,2,、檢查所打開的端口。
%ps aux|grep mysql
mysql 94899 0.2 0.5 1644 1240 p0 S 3:52PM 0:00.07 /bin/sh /usr/local/bin/mysqld_safe --
mysql 94919 0.0 10.8 55564 27428 p0 S 3:52PM 0:01.54 /usr/local/libexec/mysqld --defaults-
%
%netstat -an|grep 3306
tcp4 0 0 *.3306 *.* LISTEN
MySQL安裝時,,服務(wù)器的密碼為空,,建議你裝好系統(tǒng)后,第一時間去更改密碼,。
%/usr/local/bin/mysqladmin -u root -p password 你的新密碼
Enter password:
如果你服務(wù)器只供本站內(nèi)部使用建議在 my.cnf 里加入下面內(nèi)容,以增加服務(wù)器的安全性,。
[mysqld]
bind_address=127.0.0.1
四、安裝Apache
1,、安裝apache server
作為網(wǎng)絡(luò)的今天apache web服務(wù)器已經(jīng)是街知港聞了,。
%cd /usr/ports/www/apache22/
%make install clean
在/etc/rc.conf 中加入:
apache22_enable="YES"
如果啟動時出現(xiàn)httpd: Could not reliably determine the server's fully qualified domain name, using mail.sharesky.cn for ServerName 的錯誤,在/usr/local/etc/apache22/httpd.conf 約第144行的位置加入下面的內(nèi)容,。
ServerName mail.extmail.org
啟動apahce
%/usr/local/etc/rc.d/apache22.sh start
Performing sanity check on apache22 configuration:
Syntax OK
Starting apache22.2,、安裝PHP%cd /usr/ports/lang/php4/
%make install cleanOptions for mod_php4 4.4.2_1,1 x
x lqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqk x
x x [ ] DEBUG Enable debug x x
x x [X] MULTIBYTE Enable zend multibyte support x x
x x [ ] IPV6 Enable ipv6 support x x
x x [X] OPENSSL Build static OpenSSL extension
在/usr/local/etc/apache22/httpd.conf 里加入
AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps
加入目錄索引 index.php,約在httpd.conf 的212行
DirectoryIndex index.html index.php
restart或reload Apache 使之生效
%/usr/local/etc/rc.d/apache22.sh reload
Performing sanity check on apache22 configuration:
Syntax OK
Performing a graceful restart3,、安裝PHP 擴(kuò)展%cd /usr/ports/lang/php4-extensions/
%make install clean在這里建議大家,,如果沒有必要盡量不要安裝GD庫免得浪費(fèi)時間,大家可據(jù)自己需要選擇安裝模塊
lqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqk
x Options for php4-extensions 1.0 x
x lqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqk x
x x [ ] BCMATH bc style precision math functions x x
x x [X] BZ2 bzip2 library support x x
x x [ ] CALENDAR calendar conversion support x x
x x [ ] CRACK crack support x x
x x [X] CTYPE ctype functions x x
x x [X] CURL CURL support x x
x x [ ] DBA dba support x x
x x [ ] DBASE dBase library support x x
x x [ ] DBX dbx support x x
x x [ ] DIO Direct I/O support x x
x x [ ] DOMXML DOM support x x
x x [ ] EXIF EXIF support x x
x x [ ] FILEINFO fileinfo support x x
x x [ ] FILEPRO filePro support x x
x x [ ] FRIBIDI FriBidi support
x x [X] FTP FTP support x x
x x [ ] GD GD library support x x
x x [X] GETTEXT gettext library support x x
x x [ ] GMP GNU MP support x x
x x [X] ICONV iconv support x x
x x [ ] IMAGICK ImageMagick support x x
x x [X] IMAP IMAP support x x
x x [ ] INTERBASE Interbase 6 database support (Firebird) x x
x x [ ] LDAP OpenLDAP support x x
x x [X] MBSTRING multibyte string support x x
x x [ ] MCAL Modular Calendar Access Library support x x
x x [X] MCRYPT Encryption support x x
x x [ ] MCVE MCVE support x x
x x [ ] MHASH Crypto-hashing support x x
x x [ ] MING ming shockwave flash support x x
x x [ ] MNOGOSEARCH mnoGoSearch support x x
x x [ ] MSSQL MS-SQL database support x x
x x [X] MYSQL MySQL database support x x
x x [ ] NCURSES ncurses support (CLI only) x x
x x [ ] ODBC unixODBC support x x
x x [X] OPENSSL OpenSSL support x x
x x [ ] ORACLE Oracle support x x
x x [X] OVERLOAD user-space object overloading support x x
x x [ ] PANDA panda support x x
x x [ ] PCNTL pcntl support (CLI only) x x
x x [X] PCRE Perl Compatible Regular Expression support x x
x x [ ] PDF PDFlib support (implies GD) x x
x x [ ] PFPRO PayFlow Pro support x x
x x [ ] PGSQL PostgreSQL database support x x
x x [X] POSIX POSIX-like functions x x
x x [ ] PSPELL pspell support x x
x x [ ] READLINE readline support (CLI only) x x
x x [ ] RECODE recode support x x
x x [X] SESSION session support x x
x x [ ] SHMOP shmop support x x
x x [ ] SNMP SNMP support x x
x x [ ] SOCKETS sockets support x x
x x [ ] SYBASE_CT Sybase database support x x
x x [ ] SYSVMSG System V message support x x
x x [ ] SYSVSEM System V semaphore support x x
x x [ ] SYSVSHM System V shared memory support x x
x x [X] TOKENIZER tokenizer support x x
x x [ ] WDDX WDDX support (implies XML) x x
x x [X] XML XML support x x
x x [ ] XMLRPC XMLRPC-EPI support x x
x x [ ] XSLT XSLT Sablotron support x x
x x [ ] YAZ YAZ support (ANSI/NISO Z39.50) x x
x x [ ] YP YP/NIS support x x
x x [ ] ZIP ZIP support x x
x x [X] ZLIB ZLIB support x x
4、安裝phpmyadmin 管理數(shù)據(jù)庫
為了去除無聊的安裝過程,,這里選擇手工安裝,,先下載軟件包,然后解壓,,再復(fù)制到/usr/local/www/apache22/data 下面
%cd /usr/ports/databases/phpmyadmin/
%make fetch
%cd /usr/ports/distfile
%tar jxvf phpMyAdmin-2.7.0-pl2.tar.bz2
%cp -r /usr/ports/distfiles/phpMyAdmin-2.7.0-pl2 /usr/local/www/apache22/data/phpmyadmin
大家注意,,可能你下載的版本與我下載的不一樣,不能照搬,。
設(shè)置phpmyadmin%cd /usr/local/www/apache22/data/phpmyadmin/
%ee config.default.php
將$cfg['Servers'][$i]['auth_type'] = 'config'; 改為
$cfg['Servers'][$i]['auth_type'] = 'http';
打開http://ip/phpmyadmin 就可以管理你的mysql 數(shù)據(jù)庫了
5,、安裝extman
extman 是extmail用戶后臺管理系統(tǒng),官方網(wǎng)站為www.extmail.org 下載解壓
%tar zxvf extman-13-20060102.tar.gz
%cd extman-0.13-20060102/docs
%mysql -u root -p
Enter password:
%mysql -u root -p
Enter password:
extmail.sql添加了兩個MySQL用戶
1、只讀用戶:extmail 密碼:extmail
2,、讀/寫用戶:webman 密碼:webman
init.sql 里,,對extmail數(shù)據(jù)庫添加了下面的記錄
a、添加了一個別名記錄 [email protected] ->[email protected]
b,、增加了 extmail.org 域
c,、增加了[email protected]的郵箱密碼為test。
d,、增加了extman 的管理員[email protected] 密碼為extmail
五,、安裝郵件系統(tǒng)
安裝下面三個軟件要注意先后順序
1、安裝 Courier-IMAP%cd /usr/ports/mail/courier-imap/
%make install clean
選擇openssl,、MySQL
在/etc/rc.conf 加入
courier_authdaemond_enable="YES"
courier_imap_pop3d_enable="YES"
courier_imap_imapd_enable="YES"
修改authdaemond的權(quán)限
%/usr/local/etc/rc.d/courier-authdaemond.sh start
%chmod -R +x /var/run/authdaemond/
authdaemond 啟動完成后,,檢查/var/run/authdaemond 下面是否產(chǎn)生socket 文件,因?yàn)檎J(rèn)證時是通過這個文件讀取密碼的,。
設(shè)置/usr/local/etc/authlib/authdaemonrc
%mv authdaemonrc authdaemonrc.bak
ee authdaemonrc
在authdaemonrc 加入下面的內(nèi)容
authmodulelist="authmysql"
authmodulelistorig="authmysql"
version="authdaemond.mysql"
daemons=5
authdaemover=/var/run/authdaemond
subsystem=mail
DEBUG_LOGIN=2
DEFAULTOPTIONS="wbnodsn=1"
上面DEBUG_LOGIN=2 是為了調(diào)試方便,,等系統(tǒng)完全測試完成,可改為 0,,即不顯示調(diào)試信息,。
設(shè)置/usr/local/etc/authlib/authmysqlrc
%mv authmysqlrc authmysqlrc.bak
ee authmysqlrc
加入下面的內(nèi)容
MYSQL_SERVER localhost
MYSQL_USERNAME extmail
MYSQL_PASSWORD extmail
MYSQL_PORT 0
MYSQL_OPT 0
MYSQL_DATABASE extmail
MYSQL_SELECT_CLAUSE select username,password,"",uidnumber,gidnumber,\
CONCAT('/home/data/domains/',homedir), \
CONCAT('/home/data/domains/',maildir), \
quota, \
name \
FROM mailbox \
WHERE username = '$(local_part)@$(domain)'
大家要注意,我的郵件保存的目錄是/home/data/domains ,,你可以跟據(jù)你的需要改為自己的目錄,。
用戶名和密碼是extmail 這個具體需要看extman 軟件包中的docs 目錄中的extmail.sql,很多人無法通上發(fā)信認(rèn)證,,很可能以上面兩個文件配置有關(guān),。
創(chuàng)建pop3/imap 的配置文件
%cp pop3d.cnf.dist pop3d.cnf
%cp imapd.cnf.dist imapd.cnf
修改/usr/local/etc/courier-imap/pop3d (不修改也行)
POP3AUTH="LOGIN CRAM-MD5 CRAM-SHA1"
修改/usr/local/etc/courier-imap/imapd(不修改也行)
IMAP_CAPABILITY="IMAP4rev1 CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA"
2、安裝 Cyrus-SASL2
%cd /usr/ports/security/cyrus-sasl2
%make install WITH_AUTHDAEMON=yes
創(chuàng)建 /usr/local/lib/sasl2/smtpd.conf 加入下面的內(nèi)容 pwcheck_method:authdaemond
log_level:3
mech_list:PLAIN LOGIN
authdaemond_path:/var/run/authdaemond/socket
3,、安裝Postfix%cd /usr/ports/mail/postfix
%make install clean
選擇SASL2 ,、TLS、MySQL,、VDA ,,安裝過程中有兩個提問,直接按回車,,使用系統(tǒng)默認(rèn)的回答,。
%echo postfix: root >>/etc/aliases
%/usr/local/bin/newaliases
%ln -s /usr/local/sbin/sendmail /usr/sbin/sendmail
如果出現(xiàn)ln: /usr/sbin/sendmail: File exists 提示,把/usr/sbin/sendmail改名再鏈接,。
設(shè)置postfix 隨系統(tǒng)啟動
postfix_enable="YES"
sendmail_enable="NO"
sendmail_submit_enable="NO"
sendmail_outbound_enable="NO"
sendmail_msp_queue_enable="NO"
創(chuàng)建/etc/periodic.conf 加入下面的內(nèi)容
daily_clean_hoststat_enable="NO"
daily_status_mail_rejects_enable="NO"
daily_status_include_submit_mailq="NO"
daily_submit_queuerun="NO"
配置/usr/local/etc/postfix/main.cf ,在你安裝時,,只需要修改####BASE#### 部分即可
%mv main.cf main.cf.bak
這個配置文件已經(jīng)加入了maildrop的支持
###################BASE##################
myhostname=mail.extmail.org #機(jī)器的名字
mydomain = extmail.org #你的域名
mydestination = $myhostname
local_recipient_maps =
command_directory = /usr/local/sbin
#local_transport = virtual
smtpd_banner = extmail.org ESMTP Mail System
message_size_limit = 14680064 #郵件大小
#mailbox_size_limit = 512000000
#################MySQL################
virtual_alias_maps =mysql:/usr/local/etc/postfix/mysql_virtual_alias_maps.cf
#virtual_gid_maps = static:125
#virtual_gid_maps = static:1000
virtual_mailbox_base = /home/data/domains #郵件保存的目錄
virtual_mailbox_domains = mysql:/usr/local/etc/postfix/mysql_virtual_domains_maps.cf
#virtual_mailbox_limit = 512000000
virtual_mailbox_maps = mysql:/usr/local/etc/postfix/mysql_virtual_mailbox_maps.cf
#virtual_minimum_uid = 125
#virtual_minimum_uid = 1000
#virtual_transport = virtual
virtual_transport = maildrop:
maildrop_destination_recipient_limit = 1
#virtual_uid_maps = static:125
#virtual_uid_maps = static:1000
################Quota################
virtual_create_maildirsize = yes
virtual_mailbox_extended = yes
virtual_mailbox_limit_maps = mysql:/usr/local/etc/postfix/mysql_virtual_mailbox_limit_maps.cf
virtual_mailbox_limit_override = yes
virtual_maildir_limit_message = Sorry,the user's Maildir has overdrawn his diskspace quota ,please tray again later.
virtual_overquota_bounce = yes
##############SASL####################
smtpd_sasl_auth_enable = yes
smtpd_sasl2_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
reject_unauth_pipelining,
reject_invalid_hostname,
reject_rbl_client cbl.anti-spam.org.cn #CBL 服務(wù)器 具體請看anti-spam.org.cn
#注意上面幾行前面是有空格的。
readme_directory = no
sample_directory = /usr/local/etc/postfix
sendmail_path = /usr/local/sbin/sendmail
html_directory = no
setgid_group = maildrop
manpage_directory = /usr/local/man
daemon_directory = /usr/local/libexec/postfix
newaliases_path = /usr/local/bin/newaliases
mailq_path = /usr/local/bin/mailq
queue_directory = /var/spool/postfix
mail_owner = postfix
以下四個文件在extman 軟件包Docs 目錄里,,使用時,,直接復(fù)制到/usr/local/etc/postfix 目錄即可。
mysql_virtual_alias_maps.cf
user = extmail
password = extmail
hosts = localhost
dbname = extmail
table = alias
select_field = goto
where_field = address
additional_conditions = AND active = '1'
mysql_virtual_domains_maps.cf
user = extmail
password = extmail
hosts = localhost
dbname = extmail
table = domain
select_field = description
where_field = domain
additional_conditions = AND active = '1'
mysql_virtual_mailbox_maps.cf
user = extmail
password = extmail
hosts = localhost
dbname = extmail
table = mailbox
select_field = maildir
where_field = username
additional_conditions = AND active = '1'
mysql_virtual_mailbox_limit_maps.cf
user = extmail
password = extmail
hosts = localhost
dbname = extmail
table = mailbox
select_field = quota
where_field = username
additional_conditions = AND active = '1'
至此postfix 基本設(shè)置完成,,但還不能收發(fā)郵件,。
4、安裝maildrop
我們在設(shè)置郵件服務(wù)器時MTA 部分還是使用posfix 本身的帳戶進(jìn)行處理郵件,,由于maildrop 不能和postfix 與同一用戶身份處理郵件,,所以我們新開一個用戶用戶maildrop 處理。
添加vgroup
pw groupadd vgroup -g 1000
添加vuser
%pw useradd vuser -g 1000 -u 1000 -s /sbin/nologin -d /sbin/nologin -c "virtual mail user"
安裝maildrop,記得要把WITH_AUTHLIB=yes 加上
%cd /usr/ports/mail/maildrop
%make install WITH_AUTHLIB=yes
選擇AUTH_MYSQL
lqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqk
x Options for maildrop 2.0.1 x
x lqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqk x
x x [ ] AUTH_LDAP LDAP support x x
x x [X] AUTH_MYSQL MySQL support x x
x x [ ] AUTH_PGSQL PostgreSQL support x x
x x [ ] AUTH_USERDB Userdb support x x
x x [ ] AUTH_VCHKPW Vpopmail/vchkpw support x x
修改/usr/local/etc/postfix/master.cf ,把maildrop 原先已有的記錄注譯(即刪除舊記錄),,加上下面的內(nèi)容
maildrop unix - n n - - pipe
flags=DRhu user=vuser argv=/usr/local/bin/maildrop -d ${user}@${nexthop} ${recipient} ${user} ${extension} ${nexthop}
設(shè)置郵件存儲目錄
%mkdir -p /home/data/domains/extmail.org/test
%/usr/local/bin/maildirmake /home/data/domains/extmail.org/test/Maildir
%chown -R 1000:1000 /home/data/domains/
至此,,我們的郵件系統(tǒng)基礎(chǔ)部分已經(jīng)安裝完成了。重啟系統(tǒng),,開始進(jìn)行測試,。
六、測試系統(tǒng)1,、測試maildrop 是否正常
建議進(jìn)入系統(tǒng)后去檢查/etc/rc.conf 中的服務(wù)是否正常,。
注意郵件系統(tǒng)用戶名格式是:[email protected] ,是支持多域的,,和平時用的有點(diǎn)不一樣,。
用SecureCRT 新開 二個窗口,其中一個用于輸入命令,,一個查看maillog
%tail -f /var/log/maillog
觀察下面的操作,證明maildrop 已投遞正常
%echo "test" | maildrop -V 10 -d [email protected]
maildrop: authlib: groupid=1000
maildrop: authlib: userid=1000
maildrop: authlib: [email protected], home=/home/data/domains/extmail.org/test, mail=/home/data/domains/extmail.org/test/Maildir/
maildrop: Changing to /home/data/domains/extmail.org/test
Message start at 0 bytes, envelope [email protected]
maildrop: Attempting .mailfilter
WARN: quota string '5242880' not parseable
maildrop: Delivery complete.
maillog 將會有如下顯示
Mar 10 14:39:58 mail authdaemond: Authenticated: sysusername=, sysuserid=1000, sysgroupid=1000,
homedir=/home/data/domains/extmail.org/test, [email protected], fullname=Test user,
maildir=/home/data/domains/extmail.org/test/Maildir/, quota=5242880, options=
Mar 10 14:39:58 mail authdaemond: Authenticated: clearpasswd=, passwd={crypt}uywiuN.XggXXc
2,、測試postfix
由于在發(fā)信認(rèn)證時使用的是BASE64 編碼,所以要把用戶名和密碼轉(zhuǎn)BASE64 格式,,在此前需要安裝 p5-MIME-BASE64
%cd /usr/ports/converters/p5-MIME-Base64/
%make install
測試用戶[email protected] 密碼 test
%perl -MMIME::Base64 -e 'print encode_base64("test\@extmail.org");'
dGVzdEBleHRtYWlsLm9yZw==
%perl -MMIME::Base64 -e 'print encode_base64("test");'
dGVzdA==
看下面的測試過程
%telnet localhost 25
Trying ::1...
telnet: connect to address ::1: Connection refused
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 sharesky.cn ESMTP Mail System
ehlo test.com
250-mail.extmail.org
250-PIPELINING
250-SIZE 14680064
250-VRFY
250-ETRN
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250 8BITMIME
auth login
334 VXNlcm5hbWU6
dGVzdEBleHRtYWlsLm9yZw==
334 UGFzc3dvcmQ6
dGVzdA==
235 Authentication successful
mail from:
250 Ok
rcpt to:
250 Ok
data
354 End data with .
this is a test.
.
250 Ok: queued as 23CEE5C38
quit
221 Bye
Connection closed by foreign host.
下面是系統(tǒng)所產(chǎn)生的maillog
Mar 10 14:47:45 mail postfix/smtpd[1090]: connect from localhost[127.0.0.1]
Mar 10 14:47:57 mail authdaemond: Authenticated: sysusername=
[email protected], fullname=Test user, maildir=/home/data/domains/extmail.org/test/Maildir/, quota=5242880, options=
Mar 10 14:47:57 mail authdaemond: Authenticated: clearpasswd=test, passwd={crypt}uywiuN.XggXXc
Mar 10 14:48:13 mail postfix/smtpd[1090]: 23CEE5C38: client=localhost[127.0.0.1], sasl_method=login, [email protected]
Mar 10 14:48:18 mail postfix/cleanup[1135]: 23CEE5C38: message-id=<[email protected]>
Mar 10 14:48:18 mail postfix/qmgr[669]: 23CEE5C38: from=, size=341, nrcpt=1 (queue active)
Mar 10 14:48:19 mail authdaemond: Authenticated: sysusername=, sysuserid=1000, sysgroupid=1000, homedir=/home/data/domains/extmail.org/test,
[email protected], fullname=Test user, maildir=/home/data/domains/extmail.org/test/Maildir/, quota=5242880, options=
Mar 10 14:48:19 mail authdaemond: Authenticated: clearpasswd=, passwd={crypt}uywiuN.XggXXc
Mar 10 14:48:19 mail postfix/pipe[1136]: 23CEE5C38: to=, relay=maildrop, delay=14, status=sent (extmail.org)
Mar 10 14:48:19 mail postfix/qmgr[669]: 23CEE5C38: removed
Mar 10 14:48:20 mail postfix/smtpd[1090]: disconnect from localhost[127.0.0.1]
測試pop3收郵件
%telnet localhost 110
Trying ::1...
telnet: connect to address ::1: Connection refused
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
+OK Hello there.
user [email protected]
+OK Password required.
pass test
+OK logged in.
list
+OK POP3 clients that break here, they violate STD53.
1 6
2 403
.
retr 1
+OK 6 octets follow.
test
.
retr 2
+OK 403 octets follow.
Return-Path:
Delivered-To: [email protected]
Received: from test.com (localhost [127.0.0.1])
by mail.extmail.org (Postfix) with ESMTP id 23CEE5C38
for ; Fri, 10 Mar 2006 14:48:05 +0000 (UTC)
Message-Id: <[email protected]>
Date: Fri, 10 Mar 2006 14:48:05 +0000 (UTC)
From: [email protected]
To: undisclosed-recipients:;
this is a test.
.
quit
+OK Bye-bye.
Connection closed by foreign host.
所產(chǎn)生的maillog
Mar 10 16:17:56 mail authdaemond: Authenticated: sysusername=, sysuserid=1000, sysgroupid=1000, homedir=/home/data/domains/extmail.org/test, [email protected], fullname=Test user, maildir=/home/data/domains/extmail.org/test/Maildir/, quota=5242880, options=
Mar 10 16:17:56 mail authdaemond: Authenticated: clearpasswd=test, passwd={crypt}uywiuN.XggXXc
Mar 10 16:17:57 mail pop3d: LOGIN, [email protected], ip=[127.0.0.1]
Mar 10 16:18:15 mail pop3d: LOGOUT, [email protected], ip=[127.0.0.1], top=0, retr=397, time=18
至此,,我們已經(jīng)成功安裝了一個郵件系統(tǒng),下面我們再去增加內(nèi)容過濾和反垃圾郵件部分,。
七,、安裝反垃圾郵件1、安裝amavisd-new
內(nèi)容過濾我們采用了amavisd-new ,,主要考濾到amavsid-new 配置方便,,當(dāng)然你也可以使用mailscanner。
%cd /usr/ports/security/amavisd-new/
%make install clean
只選擇MYSQL
在安裝Amavisd-new 時,系統(tǒng)會自動把Spamassassin 裝上去
lqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqk
x Options for p5-Mail-SpamAssassin 3.1.0_6 x
x lqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqk x
x x [X] AS_ROOT Run spamd as root (recommended) x x
x x [ ] DOMAINKEYS DomainKeys support x x
x x [X] SSL Build with SSL support for spamd/spamc x x
x x [X] MYSQL Add MySQL support x x
x x [ ] PGSQL Add PostreSQL support x x
x x [ ] RAZOR Add Vipul's Razor support x x
x x [ ] SPF_QUERY Add SPF query support x x
x x [ ] RELAY_COUNTRY Relay country support x x
x x [X] TOOLS Install SpamAssassin tools x x
在/etc/rc.conf 加入下面的內(nèi)容
amavisd_enable="YES"
spamd_enable="YES"
修改 /usr/local/etc/amavisd.conf
$mydomain = 'extmail.org';
垃圾郵件病毒通知
$virus_admin = "postmaster\@$mydomain"; # notifications recip.
$mailfrom_notify_admin = "postmaster\@$mydomain"; # notifications sender
$mailfrom_notify_recip = "postmaster\@$mydomain"; # notifications sender
$mailfrom_notify_spamadmin = "postmaster\@$mydomain"; # notifications sender
$mailfrom_to_quarantine = ''; # null return path; uses original sender if undef
去除對附件的轉(zhuǎn)換
$banned_filename_re = new_RE(
#把中間的內(nèi)容全部加上#
);
加入對Clamav 的支持
# ### http://www./
['ClamAV-clamd',
\&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd"],
qr/\bOK$/, qr/\bFOUND$/,
qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
在/usr/local/etc/postfix/main.cf 加入
content_filter = smtp-amavis:[127.0.0.1]:10024
在/usr/local/etc/postfix/master.cf 加入
smtp-amavis unix - - n - 2 smtp
-o smtp_data_done_timeout=1200
-o disable_dns_lookups=yes
127.0.0.1:10025 inet n - n - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
重啟postfix
%/usr/local/etc/rc.d/postfix.sh restart
postfix/postfix-script: stopping the Postfix mail system
postfix/postfix-script: starting the Postfix mail system
對于Spamassassin 配置文件/usr/local/etc/mail/spamassassin/local.cf 請參考
配置工具
調(diào)試amavisd-new
%su vscan
$ /etc/sbin/amavisd debug
如果沒有出現(xiàn)任何錯誤,,證明你的amavisd-new 正常,。
2、安裝Clamav
clamav 用于郵件殺毒
%cd /usr/ports/security/clamav
%make install clean
可以什么都不選,,直接回車
clamav_clamd_enable="YES"
clamav_freshclam_enable="YES"
修改/usr/local/etc/clamd.conf 讓其以vscan 身份運(yùn)行(約145行)
#User clamav
User vscan
修改/usr/local/etc/freshclam.conf
#DatabaseOwner clamav
DatabaseOwner vscan
修目錄權(quán)限
%chown -R vscan:vscan /var/log/clamav
%chown -R vscan:vscan /var/run/clamav
%chown -R vscan:vscan /var/db/clamav
啟動clamav 與 自動更新
%/usr/local/etc/rc.d/clamav-clamd.sh start
%/usr/local/etc/rc.d/clamav-freshclam.sh start3,、測試%telnet localhost 25
Trying ::1...
telnet: connect to address ::1: Connection refused
Trying 127.0.0.1...
Connected to localhost.mold.com.cn.
Escape character is '^]'.
220 extmail.org ESMTP Mail System
ehlo test.com
250-mail.mold.com.cn
250-PIPELINING
250-SIZE 14680064
250-VRFY
250-ETRN
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250 8BITMIME
mail from:
250 Ok
rcpt to:
250 Ok
data
354 End data with .
X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
.
250 Ok: queued as F19692E084
quit
221 Bye
Connection closed by foreign host.
所產(chǎn)生的maillog
Mar 10 18:19:25 mail postfix/smtpd[797]: connect from localhost[127.0.0.1]
Mar 10 18:19:25 mail postfix/smtpd[797]: CD31B5C25: client=localhost[127.0.0.1]
Mar 10 18:19:25 mail postfix/cleanup[793]: CD31B5C25: message-id=
Mar 10 18:19:25 mail postfix/qmgr[789]: CD31B5C25: from=, size=1670, nrcpt=1 (queue active)
Mar 10 18:19:26 mail postfix/smtpd[797]: disconnect from localhost[127.0.0.1]
Mar 10 18:19:26 mail amavis[458]: (00458-01) Blocked INFECTED (Eicar-Test-Signature), [127.0.0.1] -> , quarantine: virus-Q0WNU5+REDjW,
Message-ID: <[email protected]>, mail_id: Q0WNU5+REDjW, Hits: -, 1567 ms
Mar 10 18:19:26 mail postfix/smtp[794]: 954D75C24: to=, relay=127.0.0.1[127.0.0.1], delay=14, status=sent (250 2.7.1 Ok, discarded, id=00458-01 - VIRUS: Eicar-Test-Signature)
Mar 10 18:19:26 mail postfix/qmgr[789]: 954D75C24: removed
Mar 10 18:19:26 mail postfix/smtpd[791]: disconnect from localhost[127.0.0.1]
觀看紅色的地方,病毒已經(jīng)找到,,并隔離了,。隨之這封郵件被系統(tǒng)刪除。
八,、安裝extmail /extman1,、設(shè)置apache 的運(yùn)行身份
修改/usr/local/etc/apache22/httpd.conf
#User www
#Group www
User vuser
Group vgroup
在httpd.conf 加入下面的內(nèi)容
Alias /extman/cgi/ /usr/local/www/apache22/cgi-bin/extman/cgi/
Alias /extman /usr/local/www/apache22/cgi-bin/extman/html/
SetHandler cgi-script
Options +ExecCGI
AllowOverride All
# config for ExtMail
Alias /extmail/cgi/ /usr/local/www/apache22/cgi-bin/extmail/cgi/
Alias /extmail /usr/local/www/apache22/cgi-bin/extmail/html/
SetHandler cgi-script
Options +ExecCGI
AllowOverride All
重啟apahce
%/usr/local/etc/rc.d/apache22.sh restart
Performing sanity check on apache22 configuration:
Syntax OK
Stopping apache22.
Waiting for PIDS: 461.
Performing sanity check on apache22 configuration:
Syntax OK
Starting apache22.
2、安裝extmail
從extmail官方網(wǎng)站:www.extmail.org 下載最新版式
tar zxvf extmail-23-20060219.tar.gz
%cp -r extmail-0.23-20060219/ /usr/local/www/apache22/cgi-bin/extmail
創(chuàng)建配置文件
%cd /usr/local/www/apache22/cgi-bin/extmail/
%cp webmail.cf.default webmail.cf
修改配置文件,我只把需要修改的地方貼出來
# sys_config, the config file and webmail programe root
SYS_CONFIG = /usr/local/www/apache22/cgi-bin/extmail/
# sys_langdir, the i18n dir
SYS_LANGDIR = /usr/local/www/apache22/cgi-bin/extmail/lang
# sys_templdir, the template dir
SYS_TEMPLDIR = /usr/local/www/apache22/cgi-bin/extmail/html
# sys_netdisk_on, default is off
SYS_NETDISK_ON = 1
# maildir_base, the base dir of user maildir, use absolute path
# if not set.
SYS_MAILDIR_BASE = /home/data/domains
# if mysql, all relate paramters should prefix as SYS_MYSQL
SYS_MYSQL_USER = extmail
SYS_MYSQL_PASS = extmail
SYS_MYSQL_DB = extmail
SYS_MYSQL_HOST = localhost
SYS_MYSQL_SOCKET = /tmp/mysql.sock
打開你的瀏覽器,,輸入http://ip/extmail 即可看到登陸窗口
用戶名:test
密碼:test
域名:extmail.org
3,、安裝extman
從extmail 官方網(wǎng)站下載軟件包,解壓復(fù)制到/usr/local/www/apache22/cgi-bin目錄,。
%cd /usr/local/www/apache22/cgi-bin/extman/
編輯 webman.cf
# sys_config, the config file and webman programe root
SYS_CONFIG = /usr/local/www/apache22/cgi-bin/extman/
# sys_langdir, the i18n dir
SYS_LANGDIR = /usr/local/www/apache22/cgi-bin/extman/lang
# sys_templdir, the template dir
SYS_TEMPLDIR = /usr/local/www/apache22/cgi-bin/extman/html
# maildir_base, the base dir of user maildir, use absolute path
# if not set.
SYS_MAILDIR_BASE = /home/data/domains
# if mysql, all relate paramters should prefix as SYS_MYSQL
SYS_MYSQL_USER = webman
SYS_MYSQL_PASS = webman
SYS_MYSQL_DB = extmail
SYS_MYSQL_HOST = localhost
SYS_MYSQL_SOCKET = /tmp/mysql.sock
