Linux下Mail 實驗彙總
作者:edwin
系統:rhel5.4
所需軟件包:extmail-1[1][1].2.tar.gz extman-1[1][1].1.tar.gz File-Tail-0.99.3.tar.gz fp-Linux-i686-ws.tar.gz MailScanner-4.69.9-3.rpm.tar.gz phpMyAdmin-2.11.3-all-languages.tar.bz2 postfix-2.7-20090828.tar.gz
rrdtool-1.2.30.tar.tar slockd-0.10.tar.gz Time-HiRes-1.9715.tar.gz Unix-Syslog-1.1.tar.gz
簡要說明:爲了提高搭建速度,我們這裏直接用本地yum安裝
本地yum的配置方法如下
a.Mount /dev/cdrom /media
b.Vi /etc/yum.repos.d/rhel-debuginfo.repo
[Server]
name=Red Hat Enterprise Linux $releasever - $basearch - Server
baseurl=file:///media/Server #這裏是你的cdrom路徑
enabled=1 #
gpgcheck=1 #
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
注:centos下原理一樣,標#的地方照這個改 然後 yum clean all 清空yum 緩存庫 這樣本地yum就能用了.
一、 Sendmail的基本配置:
1. cd /etc/xinetd.d
2. ls查看有沒有ipop3和imap協議
3. 編輯vi /etc/xinetd.d/ipop3 把裏面的disable=yes改爲disable=no
4. 編輯vi /etc/xined.d/imap 把裏面的disable=yes改爲diable=no
5. 測試一下pop3和imap telnet localhost 110(pop3郵局協議的端口) telnet localhost 143(imap端口)
6. 退出的時候都用ctl+]然後回車在輸入quit即可(測試後要記得重啓xinetd服務)
7. 編輯vi /etc/mail/Sendmail.mc把裏面的 dnl TRUST_AUTH_MECH(.........)和dnl define(`confAUTH_MECHANISMS`,.........)前面的dnl去了
8. 在添加兩條DAEMON_OPTIONS(`port=25,name=MTA`)dnl和DAEMON_OPTIONS(`port=587,name=MSA,m=Ea`)dnl
9. 在DAEMON_OPTIONS(`port=smtp,Addr=127.0.0.1,name=smTA`)dnl和DAEMON_OPTIONS(`accept_Unres,Olvale_domains`)dnl前面加上dnl
10. 測試一下MTA telnet localhost 25回車輸入ehlo test回車看見AUTH=..250說明成功退出和上面的一樣
11. 做輸入重定向m4 /etc/mail/Sendmail.mc>/etc/mail/Sendmail.cf
12. 重啓Sendmail服務service Sendmail restart
13. 編輯 vi/etc/mail/access把允許轉發的用戶的IP或域名添加上去比如允許192.168.10.10的計算機通過
編輯vi /etc/mail/access在裏面加上192.168.10.10 RELAY 或是OK(允許轉發與通過)
14. 編輯vi /etc/mail/local-host-names把郵件服務器使用的域名給添加上去
15.在做DNS的時候要在正向解析上添加一個 IN MX 5(參數是設優先級的)
16.重起一下Sendmail服務
二、企業郵件設計:
rhel5.4+postfix+mysql+dovecot+extmail system
1. installing mysql
a. yum install mysql mysql-server mysql-devel php php-mysql -y
b. service mysqld start
2. postfix upgrade (系統自帶的postfix不支持mysql 因此需要重新編譯加載mysql的支持 這
裏我用的是最新的穩定源碼直接升級系統已有的postfix)
a. yum install postfix -y
b. alternatives set mta /usr/sbin/sendmail.postfix ; service sendmail stop
c. tar zxvf postfix-2.7-20090828.tar.gz –C /mnt
d. cd /mnt/postfix-2.7-20090828/;vi README_FILES/MYSQL_README
找到make -f Makefile.init makefiles /
'CCARGS=-DHAS_MYSQL -I/usr/local/mysql/include' / #改成/usr/include/mysql
'AUXLIBS=-L/usr/local/mysql/lib -lmysqlclient -lz -lm' #改成/usr/lib/mysql
黏貼等待編譯,完成後輸入make upgrade 或者make install
編譯成功後輸入postconf –m 看到mysql證明編譯成功 否則重新編譯
6. modify /etc/postfix/main.cf looks like:
a. myhostname = mail.edwin.com
b. mydomain = edwin.com
c. myorigin = $mydomain
d. inet_interfaces = all
e. mydestination = $myhostname, $mydomain
f. service postfix start
3. support for mysql looks like:
Mkdir /var/www/extsuite 只能建這個文件夾 這樣比較方便配置
Tar zxvf extman-1[1][1].1.tar.gz –C /var/www/extsuite
Tar zxvf extmail-1[1][1].2.tar.gz
Mv extman-1[1][1].1 extman; mv extmail-1[1][1].2 extmail
a. cd /var/www/extsuite/extman/docs
b. cp mysql_virtual_alias_maps.cf mysql_virtual_domains_maps.cf
mysql_virtual_mailbox_maps.cf /etc/postfix (這三個文件是postfix從mysql中查詢數據
用的 在extman中的docs目錄中)
c. vi init.sql
輸入%s/extmail.org/edwin.com 這個命令式用你自己的域名替換掉默認的域名 然後找到extmail 和extman 對應的密碼的md5值替換成明文的123 這樣是爲了方便以後都用明文.
d.給mysql設置密碼
mysqladmin –uroot password “edwin” #mysql 的初始密碼是空的 所以可以不加 –p 參數
service mysqld restart
mysql –uroot –pedwin <extmail.sql
mysql –uroot –pedwin <init.sql
useradd -g 600 virtual
e. modify /etc/postfix/main.cf looks like
以下參數可以通過命令postconf –d 看出來
postconf –e virtual_mailbox_base=/home/virtual #postconf –e 可直接修改main.cf文件 也可手工加
postconf –e virtual_uid_maps=static:600
postconf –e virtual_gid_maps=static:600
postconf –e virtual_alias_maps=mysql:/etc/postfix/mysql_virtual_alias_maps.cf
postconf –e virtual_mailbox_domains=mysql:/etc/postfix/mysql_virtual_domains_maps.cf
postconf –e virtual_mailbox_maps=mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
4. support for sasl looks like:
a. postconf –e smtpd_sasl_auth_enable=yes
b. postconf –e smtpd_sasl_security_options=noanonymous
c. postconf –e smtpd_sasl_type=dovecot
d. postconf –e smtpd_sasl_path=private/auth
e. postconf –e “smtpd_recipient_restrictions=permit_sasl_authenticated, permit_tls_clientcerts,permit_mynetworks, reject_unauth_destination”
5. support for tls looks like:
a. cd /etc/pki/tls/certs; ./makedummycert mail.pem
b. postconf –e smtpd_tls_CApath=/etc/pki/tls/certs
c. postconf –e smtpd_tls_cert_file=/etc/pki/tls/certs/mail.pem
d. postconf –e smtpd_tls_key_file=/etc/pki/tls/certs/mail.pem
e. postconf –e smtpd_tls_loglevel=0
f. postconf –e smtpd_tls_received_header=yes
g. postconf –e smtpd_tls_security_level=may
h. postconf –e smtpd_tls_session_cache_database=btree:/var/lib/postfix/smtpd_tls_session_cache.db
i. postconf –e tls_random_source=dev:/dev/urandom
6. configure the dovecot looks like: (對MUA收信的支持)
a. cd /etc/pki/tls/certs; make dovecot.pem; cp dovecot.pem ../../dovecot/certs/; cp dovecot.pem
../../dovecot/private/
b. modify the /etc/dovecot.conf:
protocols = imap imaps pop3 pop3s
ssl_cert_file = /etc/pki/dovecot/certs/dovecot.pem
ssl_key_file = /etc/pki/dovecot/private/dovecot.pem
mail_location = maildir:/home/virtual/%d/%n/Maildir
first_valid_uid = 600
auth default {
mechanisms = plain login digestmd5
crammd5
ntlm rpa gssapi
passdb sql {
args = /etc/dovecotsql.
conf
}
userdb sql {
args = /etc/dovecotsql.
conf
}
user = nobody
socket listen {
client {
path = /var/spool/postfix/private/auth
mode = 0660
user = postfix
group = postfix
}
}
}
c. modify the /etc/dovecotsql.
conf: (收信是要對用戶進行驗證 下面的配置是讓dovecot 從
mysql中查詢相應的數據)
cp /usr/share/doc/dovecot1.0/examples/dovecotsql.conf /etc;vi /etc/ dovecotsql.conf
driver = mysql
connect = host=localhost dbname=extmail user=extmail password=extmail
default_pass_scheme = PLAIN
password_query = SELECT username as user, password FROM mailbox WHERE username
= '%u'
user_query = SELECT maildir, 500 AS uid, 500 AS gid FROM mailbox WHERE username =
'%u'
7. installing extmail and extman (http://www.extmail.org/cgibin/download.cgi)
a. cd extmail; cp webmail.cf.default webmail.cf
b. modify webmail.cf looks like:
SYS_MAILDIR_BASE = /home/virtual
SYS_CRYPT_TYPE = plain
SYS_MYSQL_USER = extmail
SYS_MYSQL_PASS = extmail
c.cd ../extman ; modify webman.cf looks like:
SYS_MAILDIR_BASE = /home/virtual
SYS_CAPTCHA_LEN = 4
SYS_CRYPT_TYPE = plain
8. mkdir /tmp/extman; chown virtual /tmp/extman
9. configure httpd add following lines:
a. NameVirtualHost *:80
b. <VirtualHost *:80>
ServerName extmail.example.com
DocumentRoot /var/www/extsuite/extmail/html/
ScriptAlias /extmail/cgi /var/www/extsuite/extmail/cgi
ScriptAlias /extman/cgi /var/www/extsuite/extman/cgi
Alias /extman /var/www/extsuite/extman/html
Alias /extmail /var/www/extsuite/extmail/html
SuexecUserGroup virtual virtual
</VirtualHost>
10. rpm -ivh perlGD2.351. el5.rf.i386.rpm #如果不知道裝那個包就 yum install perl* 就行了
11. tar zxf TimeHiRes1.9715.tar.gz
a. cd TimeHiRes1.9715
b. perl Makefile.PL && make && make test && make install #perl 編譯
12. tar zxf FileTail0.99.3.tar.gz
a. cd FileTail0.99.3
b. perl Makefile.PL && make && make test && make install
13. yum install libart_lgpl libart_lgpl-devel freetype freetype-devel tcl tcl-devel libpng libpng-devel python python-devel ruby ruby-devel -y
14. tar zxf rrdtool1.2.26.tar.gz
a. cd rrdtool1.2.26
b. ./configure –prefix=/usr/local/rrdtool
c. make && make install
d. ln -s /usr/local/rrdtool/lib/perl/5.8.8/RRDp.pm /usr/lib/perl5/5.8.8/
e. ln -s /usr/local/rrdtool/lib/perl/5.8.8/i386linuxthreadmulti/RRDs.pm /usr/lib/perl5/5.8.8/
f. ln -s /usr/local/rrdtool/lib/perl/5.8.8/i386linuxthreadmulti/auto/RRDs/RRDs.so/usr/lib/perl5/5.8.8/i386linuxthreadmulti/
15. cd /var/www/extsuite/extman/addon
16. cp rmailgraph_ext/ /usr/local/
17. /usr/local/mailgraph_ext/mailgraphinit start
18. /usr/local/mailgraph_ext/qmonitorinit start
9. ok! you can test via firefox!
Installing antivirus antispam for postfix
1. Install Spamassassin
a) yum install spamassassin -y
b) wget –N –P /usr/share/spamassassin www.ccert.edu.cn/spam/sa/Chinese_rules.cf
c) Service spamassassin start
2. Install Fprot
a) Wget http://files.f-prot.com/files/linuxx86/fplinuws.rpm
b) rpm –ivh fplinuxws.rpm
c) /usr/local/f-prot/tools/checkupdates.pl ( edit crontab if you want it to auto update)
3. Install MailScanner
a) Download from http://www.mailscanner.info/downloads.html
b) tar zxvf MailScanner4.69.93.rpm.tar.gz
c) cd MailScanner
d) ./install.sh
e) mkdir /var/spool/MailScanner/spamassassin; chown postfix.postfix /var/spool/MailScanner/*
f) vi /etc/MailScanner/MailScanner.conf (change follow lines, like so)
Run As User = postfix
Run As Group = postfix
Incoming Queue Dir = /var/spool/postfix/hold
Outgoing Queue Dir = /var/spool/postfix/incoming
MTA = postfix
Virus Scanners = f-prot
Always Include Spamassassin report = yes
Use Spamassassin = yes
SpamAssassin User State Dir = /var/spool/MailScanner/spamassassin
g) echo /^Received:/ HOLD >>/etc/postfix/header_checks
postmap /etc/postfix/header_checks (make sure uncomment header_checks in /etc/postfix/main.cf)
h) postfix stop; chkconfig postfix off
i) service MailScanner start
j) chkconfig MailScanner on
4. Virus test
a) Download “eicar.com” from http://www.eicar.org/anti_virus_test_file.htm
b) mail test include “eicar.com”.# 這裏就可以過濾掉病毒eicar.com
Mail 服務擴展
ADDITIONAL SECTION:
1. 加強貝式分析廣告信件需要安裝密碼學演算和特徵比對的 Razor Pyzor Dcc
1. Install Razor and Razoragent
Download razor from: http://razor.sourceforge.net/
tar jxvf razoragentssdk2.07.tar.bz2
cd razoragentssdk2.07
perl Makefile.PL && make && make install
tar jxvf razoragents2.84.tar.bz2
cd razoragents2.84
perl Makefile.PL && make && make install
razoradmin
register
user=
[email protected] pass=
test
2. Install Pyzor
wget http://jaist.dl.sourceforge.net/sourceforge/pyzor/pyzor0.4.0.tar.bz2
tar jxvf pyzor0.4.0.tar.bz2
cd pyzor0.4.0
python setup.py build && python setup.py install
chmod -R a+rX /usr/share/doc/pyzor /usr/lib/python2.4/sitepackages/pyzor /usr/bin/pyzor /usr/bin/pyzord
3. Install DCC
wget http://www.rhyolite.com/antispam/dcc/source/dcc.tar.Z
tar zxvf dcc.tar.Z
cd dcc1.3.90
./configure && make && make install
好了,一個完整的企業郵件系統就結束了,你在客戶端可以通過http://mail.edwin.com來看到效果
對了phpmyadmin可以這樣使用
Tar jxvf phpMyAdmin-2.11.3-all-languages.tar.bz2 –C /var/www/extsuite/extmail/html/
Cd /var/www/extsuite/extmail/html/ ;mv phpMyAdmin-2.11.3-all-languages phpadmin
然後你輸入
http://mail.edwin.com/phpadmin就可以用網頁直接管理您的mysql了,當然這只是在公網的情況下,自己配置的話要用dns的,這裏就不做詳解,下來再寫吧。
Edwin
2010.10.28