全功能電子郵件服務器 (反垃圾、反病毒)
2012年6月23日 比較official,可以參考一下。
http://wiki.extmail.org/extmail_solution_for_linux
你可能需要這些軟件包
DBD-mysql-4.020.tar.gz DBI-1.616.tar.gz courier-authlib-0.62.4.tar.bz2 MailScanner-4.84.5-2.rpm.tar.gz extmail-1.0.5.tar.gz extman-0.2.5.tar.gz File-Tail-0.99.3.tar.gz GD-2.46.tar.gz Unix-Syslog-1.1.tar.gz fp-Linux-i686-ms.tar.gz 注意是mailserver版本 httpd-2.2.19.tar.bz2 php-5.4.0.tar.gz mysql-5.0.95.tar.gz postfix-2.6.2-vda-ng.patch.gz postfix-2.6.2.tar.gz rrdtool-1.2.23-3.el5.i386.rpm rrdtool-perl-1.2.23-3.el5.i386.rpm spamassassin-3.2.5-1.el5.i386.rpm
http://search.cpan.org 部分軟件包可以去這裏找
http://www.mailscanner.info/downloads.html
http://wiki.extmail.org/doku.php
##########################################################################
各項服務的啓動
service mysqld named restart
/usr/local/dovecot/sbin/dovecot -c /etc/dovecot/dovecot.conf
service courier-authlib restart
postfix start
/usr/local/apache2/bin/apachectl restart
service MailScanner restart
service spamassassin start
service crond start
service courier-authlib restart
mailgraph-init start
qmonitor-init start
service fpscand restart /opt/f-prot/rc-scripts/fpscand.rc-redhat
service scan-mail start /opt/f-prot/rc-scripts/scan-mail.rc-redhat
可以參照如下方法創建腳本,當然軟件安裝路徑可能需要修改
rpm2cpio postfix-2.3.3 |cpio -id
cd etc/rc.d/init.d
cp postfix /etc/init.d
######################################################################
apache:
tar –zxf httpd-2.2.9.tar.gz -C /usr/local/src cd /usr/local/src/httpd-2.2.9 ./configure --prefix=/usr/local/apache2 --enable-so --enable-rewrite make make install
######################################################################
mysql
useradd –M –s /sbin/nologin mysql tar zxf mysql-5.0.56.tar.gz -C /usr/local/src cd /usr/local/src/mysql-5.0.56 ./configure --prefix=/usr/local/mysql make make install
配置mysql
cd /usr/local/src/mysql-5.0.56 cp support-files/my-medium.cnf /etc/my.cnf #/usr/local/mysql/bin/mysql_install_db --user=mysql #chown -R root:mysql /usr/local/mysql chown -R mysql /usr/local/mysql/var echo "/usr/local/mysql/lib/mysql" >> /etc/ld.so.conf 添加庫文件路徑 ldconfig /usr/local/mysql/bin/mysqld_safe --user=mysql & 後臺安全動 cd /usr/local/src/mysql-5.0.56 cp support-files/mysql.server /etc/init.d/mysqld 啓動腳本 chmod +x /etc/init.d/mysqld 腳本執行權限 chkconfig --add mysqld 自動啓動服務 chkconfig mysqld on 默認啓動mysql chkconfig --list mysqld 查看mysql啓動級別 echo "PATH=$PATH:/usr/local/mysql/bin" >> /etc/profile 全局的環境變量 . /etc/profile
#######################################################################
php
tar jxf php-5.2.6.tar.bz2 -C /usr/local/src cd /usr/local/src/php-5.2.6 ./configure --prefix=/usr/local/php5 --enable-mbstring --with-apxs2=/usr/local/apache2/bin/apxs --with-mysql=/usr/local/mysql --with-config-file-path=/usr/local/php5 make make test make install cd /usr/local/src/php-5.2.6 cp php.ini-dist /usr/local/php5/php.ini 複製配置文件
vim /usr/local/apache2/conf/httpd.conf
LoadModule php5_module modules/libphp5.so 編譯成功會有此項 AddType application/x-httpd-php .php 添加這行記錄 DirectoryIndex index.php index.html
測試
#vim /usr/local/apache2/htdocs/test.php <?php phpinfo(); ?>
在瀏覽器中輸入http://192.168.0.202/test.php
Mysql測試
#vim /usr/local/apache2htdocs/testdb.php
<?php $link=mysql_connect(‘localhost’ , ‘test’, ‘’); If (!$link) echo “Fail!!!”; else echo “Success!!!”; mysql_close(); ?>
在IE瀏覽器中輸入網址http://192.168.0.202/testdb.php
######################################################################
postfix
安裝postfix之前請先卸載sendmail
service sendmail stop chkconfig --level 35 sendmail off
編譯安裝
groupadd -g 1200 postdrop groupadd -g 1000 postfix
useradd -M -u 1000 -g postfix -G postdrop -s /sbin/nologin postfix
tar zxf postfix-2.4.6.tar.gz -C /usr/local/src cp postfix-2.4.6-vda-ng.path.gz /usr/local/src cd /usr/local/src gunzip postfix-2.4.6-vda-ng.path.gz cd postfix-2.4.6
patch -p1 <../postfix-2.4.6-vda-ng.path (補丁文件,-p1是數字1,實驗過程中打補丁後編譯失敗,高版本的應該不需要補丁) make makefiles 'CCARGS=-DHAS_MYSQL -I/usr/local/mysql/include/mysql -DUSE_SASL_AUTH -DUSE_CYRUS_SASL -I/usr/include/sasl' 'AUXLIBS=-L/usr/local/mysql/lib/mysql -lmysqlclient -lz -lm -L/usr/lib/sasl2 -lsasl2 -lssl -lcrypto' make make install
安裝選擇默認設置即可。
配置postfix
postfix主配文件修改
vim /etc/postfix/main.cf
Inet_interfaces = all 默認設置 77 myhostname = mail.wisefund.com 主機名 mydomain = a.com 郵件域名 myorigin = $mydomain 外發郵件時發件人地址中的郵件域名 mydestination = $mydomain, $myhostname 可接收的郵件地址中的域名 ,建議禁用此行 home_mailbox = Maildir/ 郵件存儲位置
postfix check 檢查配置 postfix start 啓動
####################################################################
郵件本地賬戶
groupadd test useradd -g test -s /sbin/nologin test1 useradd -g test -s /sbin/nologin test2 passwd test1 passewd test2
SMTP發送郵件測試
#telnet localhost 25
Tring 127.0.0.1..
Connected to localhost.localdomain (127.0.0.1).
Escape character is ‘^]’.
220 mail.wisefund.com ESMTP Postfix
EHLO 127.0.0.1
250 mail.wisefund.com
MAIL FROM:[email protected]
250 2.1.0 ok
RCPT TO: [email protected]
250 2.1.5 ok
DATA
354 End data with <CR><LF>.<CR><LF>
Subject: test
11111111111111111111111111111
.
250 2.0.0. ok:queued as 2F9AD787DA
quit
221 2.0.0 Bye
Connection closed by foreign host.
查看郵件 ,tab鍵
#cat /home/test/Maildir/new/
########################################################################
Dovecot
useradd -M -s /sbin/nologin dovecot tar zxf dovecot-1.1.4.tar.gz -C /usr/local/src cd /usr/local/src/dovecot-1.1.4 ./configure --sysconfdir=/etc --with-mysql make make install cp /etc/dovecot-example.conf /etc/dovecot.conf vim /etc/dovecot.conf ssl_disable = yes 禁用SSL機制 protocols = pop3 imap 指定郵局協議 disable_plaintext_auth = no 允許明文密碼認證 mail_location = maildir:~/Maildir 設置郵件存儲格式和位置 vim /etc/pam.d/dovecot 創建pam認證文件 auth required pam_nologin.so auth include system-auth account include system-auth session include system-auth /usr/local/sbin/dovecot -c /etc/dovecot.conf 啓動
########################################################################
POP3郵件接收測試
#telnet localhost 110
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
+OK Dovecot ready.
user test
+OK
pass 123
+OK Logged in.
list
+OK 1 messages;
1 480
.
retr 1
+OK 480 octets
#######################################################################
導入數據庫
#tar zxf extman-0.2.5.tar.gz -C /usr/local/src #cd /usr/local/src/extman-0.2.5/docs #mysql -u root -p < extmail.sql #mysql -u root -p <init.sql #service mysqld restart
Postfix
#postconf -m |grep mysql 返回值有mysql,說明可以支持mysql 數據庫的查詢表
#vim /etc/postfix/main.cf 配置文件
#mydestination = $mydomain, $myhostname 該行需要註釋掉 virtual_mailbox_base = /mailbox 指定虛擬郵箱存儲目錄的路徑起點 virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
指定虛擬郵件用戶對應的別名文件位置
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
指定記錄虛擬郵箱地址與存儲位置對應關係的映射文件位置
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf
設置postfix服務器可以接收的虛擬郵件域的域名
#cp extman-0.2.5/docs/mysql_virtual_* /etc/postfix/
virtual_uid_maps = static:1000 設置所有虛擬郵件用戶映射的本地用戶的UID號 virtual_gid_maps = static:1000 設置所有虛擬郵件用戶映射的本地組的GID 號
####################################################################
courier-authlib
注意:確認系統中的rpm格式的mysql 軟件被卸載
#tar jxf courier-authlib-0.60.2.tar.bz2 -C /usr/local/src
#cd /usr/local/src/courier-authlib
./configure --prefix=/usr/local/courier-authlib --without-stdheaderdir --with-authmysql --with-redhat --with-mysql-libs=/usr/local/mysql/lib/mysql --with-mysql-includes=/usr/local/mysql/include/mysql
make && make install && make install-configure 生成默認配置文件authmysqlrc 和 authdaemonrc
#vim /etc/ld.so.conf
/usr/local/courier-authlib/lib/courier-authlib 庫文件路徑
#ldconfig
修改authdaemonrc主配置文件
#cd /usr/local/courier-authlib/etc/authlib
#cp authdaemonrc authdaemonrc.bak
#vim authdaemonrc
authmodulelist="authmysql" authmodulelistorig="authmysql"
#chmod -R 755 /usr/local/courier-authlib/var/spool/authdaemon
修改authmysqlrc 文件
#cd /usr/local/courier-authlib/etc/authlib
#cp authmysqlrc authmysqlrc.bak
#vim authmysqlrc
MYSQL_SERVER localhost 數據庫服務器位置
MYSQL_USERNAME extmail 數據庫管理員賬戶
MYSQL_PASSWORD extmail 數據庫管理員賬戶密碼
MYSQL_SOCKET /tmp/mysql.sock #此文件最好定義在/var/tmp/mysql.sock
MYSQL_DATABASE extmail 虛擬用戶數據庫
MYSQL_USER_TABLE mailbox 從mailbox表獲得郵件賬戶信息
MYSQL_CRYPT_PWFIELD password 從password字段獲得賬戶密碼
MYSQL_UID_FIELD uidnumber 從uidnumber字段獲得映射的本地用戶UID
MYSQL_GID_FIELD gidnumber 從gidnumber字段獲得映射的本地組GID
MYSQL_LOGIN_FIELD username 從username字段獲得賬戶名稱,帶@後綴
MYSQL_HOME_FIELD concat('/mailbox/',homedir)合併出用戶的宿主目錄路徑
MYSQL_NAME_FIELD name 從name 字段獲得賬戶名稱,不帶@後綴
MYSQL_MAILDIR_FIELD concat('/mailbox/',maildir)合併出用戶的郵件存儲路徑複製腳本,啓動服務
#cd /usr/local/src/courier-authlib-0.60.2/ #cp courier-authlib.sysvinit /etc/init.d/courier-authlib #chmod 755 /etc/rc.d/init.d/courier-authlib #chkconfig --level 35 courier-authlib on #service courier-authlib start
#####################################################################
Cyrus sasl 設置
#vim /usr/lib/sasl2/smtpd.conf
pwcheck_method:authdaemond authdaemond_path:/usr/local/courier-authlib/var/spool/authdaemon/socket
Dovecot配置
#vim /etc/dovecot.conf
mail_location = maildir:/mailbox/%d/%n/Maildir
auth default {
mechanisms = plain
passdb sql {
args = /etc/dovecot-mysql.conf
}
userdb sql {
args = /etc/dovecot-mysql.conf
}#vim /etc/dovecot-mysql.conf
driver = mysql connect = host=localhost dbname=extmail user=extmail password=extmail default_pass_scheme = CRYPT 數據庫中存儲的密碼串的加密算法
password_query = SELECT username AS user,password AS password FROM mailbox WHERE username = ‘%u’查詢用戶密碼的語句 user_query = SELECT maildir, uidnumber AS uid, gidnumber AS gid FROM mailbox WHERE username = ‘%u’ 查詢用戶身份語句
在這裏說下如果web正常,確無法用客戶端hotmail 、foxmail等發送接受的原因,
多半是因爲uid&gid的關係
如果你創建的postfix賬號id 爲2525
postfix/main.cf
virtual_uid_maps = static:2525
virtual_gid_maps = static:2525
extman/webman.cf
98 UID 2525
101 GID 2525
這樣新建的賬號就可以用客戶端了
舊賬號id更改辦法:
mysql -u roooy -p
SHOW DATABASES
USER Extmail;
SELECT * FROM mailbox \G
UPDATE mailbox SET uidnumber=2525 WHERE uidnumber=1000
UPDATE mailbox SET gidnumber=2525 WHERE gidnumber=1000
建立虛擬用戶
#mkdir -p /mailbox/extmail.org/postmaster/Maildir
#cd /mailbox/extmail.org/postmaster/Maildir
#chown -R postfix:postfix /mailbox
#dovecot 啓動服務
虛擬用戶測試
確認authlib服務
# /usr/local/courier-authlib/sbin/authtest -s login [email protected] extmail
Authentication succeeded. 成功提示信息
Authenticated: [email protected] (uid 1000, gid 1000)
Home Directory: /mailbox/extmail.org/postmaster
Maildir: /mailbox/extmail.org/postmaster/Maildir/
Quota: (none)
Encrypted Password: $1$phz1mRrj$3ok6BjeaoJYWDBsEPZb5C0
Cleartext Password: extmail
Options: (none)
########################################################################
ExtMail
基於Perl 語言開發的中文Webmail管理平臺
套件:ExtMail --Web 界面的郵件操作
Extman –Web 界面的郵件系統管理
依賴包
#tar -zxf Unix-Syslog-1.1.tar.gz -C /usr/local/src
#cd /usr/local/src/Unix-Syslog-1.1 #perl Makefile.PL #make #make install
#tar -zxf DBI-1.607.tar.gz -C /uar/local/src
#cd /usr/local/src/DBI-1.607 #perl Makefile.PL #make #make install
#tar -zxf DBD-mysql-4.011.tar.gz -C /usr/local/src
#cd /usr/loca/src/DBD-4.011 #perl Makefile.PL --mysql_config=/usr/local/mysql/bin/mysql_config --with-mysql=/usr/local/mysql #make #make install
注意以上三個包在編譯安裝過程可能會提示 警告信息,
#tar -zxf extmail-1.0.5.tar.gz -C /usr/local/apache2/htdocs
#cd /usr/local/apache2/htdocs #mv extmail-1.0.5 extmail #cd extmail #chown -R postfix:postfix cgi #cp webmail.cf.default webmail.cf
配置文件
#vim /usr/local/apache2/htdocs/extmail/webmail.cf
SYS_CONFIG = /usr/local/apache2/htdocs/extmail/ 程序根目錄 SYS_LANGDIR = /usr/local/apache2/htdocs/extmail/lang 語言包文件目錄 SYS_TEMPLDIR = /usr/local/apache2/htdocs/extmail/html 系統模版目錄 SYS_MAILDIR_BASE = /mailbox 郵件存儲目錄 SYS_MYSQL_USER = extmail 訪問mysql數據庫的用戶 SYS_MYSQL_PASS = extmail 訪問mysql數據庫的用戶的密碼 SYS_MYSQL_DB = extmail 使用數據庫的名稱 SYS_MYSQL_HOST = localhost 數據庫服務器地址 SYS_MYSQL_SOCKET = /tmp/mysql.sock 數據庫套接文件位置
##############################################################
#vim /usr/local/apache2/conf/httpd.conf
NameVirtualHost *:80 <VirtualHost *:80> ServerName mail.wisefund.com DocumentRoot /usr/local/apache2/htdocs/extmail/html/ ScriptAlias /extmail/cgi/ "/usr/local/apache2/htdocs/extmail/cgi/" Alias /extmail "/usr/local/apache2/htdocs/extmail/html/" </VirtualHost>
User postfix 找到 User 該用戶爲postfix
Group postfix 找到 Group 該組爲postfix
( SuexecUerGroup postfix postfix )
#/usr/local/apache2/bin/apachectl restart
到這時基本客戶端和網頁都可以訪問了,但是你可能需要做個dns或者修改hosts,http://mail.a.com
#####################################################################
Extman
#tar -zxf GD-2.41.tar.gz -C /usr/local/src
#cd /usr/local/src/GD-2.41 #perl Makefile.PL #make #make install
#tar -zxf File-Tail-0.99.3.tar.gz -C /uar/local/src
#cd /usr/local/src/File-Tail-0.99.3 #perl Makefile.PL #make #make install
#rpm -ivh rrdtool-1.2.23-3.el5.i386.rpm
#rpm -ivh rrdtool-perl-1.2.23-3.el5.i386.rpm
Extman
#tar -zxf extman-0.2.5.tar.gz -C /usr/local/apache2/htdocs
#cd /usr/local/apache2/htdocs #mv extman-0.2.5 extman #cd extman #chown -R postfix:postfix cgi #mkdir /tmp/extman 臨時會話保存目錄 #chown -R postfix:postfix /tmp/extman
修改配置文件
#vim /usr/localapache2/htdocs/extman/webman.cf
SYS_CONFIG = /usr/local/apache2/htdocs/extman/ 程序根目錄 SYS_LANGDIR = /usr/local/apache2/htdocs/extman/lang 語言包文件目錄 SYS_TEMPLDIR = /usr/local/apache2/htdocs/extman/html 系統模版目錄 SYS_MAILDIR_BASE = /mailbox 郵件數據存放路徑 SYS_MYSQL_USER = webman 訪問mysql數據庫的用戶 SYS_MYSQL_PASS = webman 訪問mysql數據庫的用戶的密碼 SYS_MYSQL_DB = extmail 使用的數據庫名稱 SYS_MYSQL_HOST = localhost 數據庫服務器地址 SYS_MYSQL_SOCKET = /tmp/mysql.sock 數據庫套接文件位置 13.3 調整apache主配文件。添加extman相關目錄別名
#vim /usr/local/apache2/conf/httpd.conf
NameVirtualHost *:80 <VirtualHost *:80> ServerName mail.wisefund.com DocumentRoot /usr/local/apache2/htdocs/extmail/html/ ScriptAlias /extmail/cgi/ "/usr/local/apache2/htdocs/extmail/cgi/" Alias /extmail "/usr/local/apache2/htdocs/extmail/html/" ScriptAlias /extman/cgi "/usr/local/apache2/htdocs/extman/cgi/" Alias /extman "/usr/local/apache2/htdocs/extman/html/" </VirtualHost>
#/usr/local/apache2/bin/apachectl restart
########################################################################
在客戶端訪問
http://mail.a.com/extman
默認管理員賬戶:[email protected]
默認密碼:extmail*123*
SYS_CAPTCHA_ON = 0 如果時間不對,可以去掉驗證碼
ln –sf /usr/local/apache2/htdocs/extman/addon/mailgraph_ext/mailgraph-ini /usr/sbin/ ln –sf /usr/local/apache2/htdocs/extman/addon/mailgraph_ext/qmonitor-init /usr/sbin/ cp –a /usr/local/apache2/htdocs/extman/addon/mailgraph_ext /usr/local
mailgraph-init start
qmonitor start
echo "/usr/sbin/mailgraph-init star" >>/etc/rc.d/rc/local echo "/usr/sbin/qmoonitor-init start" >> /etc/rc.d/rc/local
圖形化日誌信息
#######################################################################
main.cf 過濾
根據客戶端的主機名/地址過濾郵件
vim /etc/postfix/main.cf
smtpd_client_restrictions = check_client_access hash:/etc/postfix/access
vim /etc/postfix/access
192.168.4 REJECT
192.168.4.1 OK
bbc.com REJECT
# postmap /etc/postfix/access
# vim /etc/postfix/main.cf
smtpd_helo_required = yes smtpd_helo_restrictions = reject_invalid_hostname
# postfix reload
smtpd_sender_login_maps = mysql:/etc/postfix/mysql_virtual_sender_maps.cf,mysql:/etc/postfix/mysql_virtual_alias_maps.cf smtpd_sender_restrictions = permit_mynetworks, reject_sender_login_mismatch, reject_non_fqdn_sender, reject_unknown_sender_domain, check_sender_access hash:/etc/postfix/sender_access
# vim /etc/postfix/sender_access
[email protected] REJECT
a@ REJECT
www.a.com REJECT
# postmap /etc/postfix/sender_access 生成sender_access.db
# vim /etc/postfix/main.cf
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_non_fqdn_ recipient, reject_unknown_recipient_domain
# postfix restart
########################################################################
MailScanner
安裝MailScanner 掃描調度工具
# tar zxvf MailScanner-4.75.11-1.rpm.tar.gz
# cd MailScanner-4.75.11-1
# ./install.sh
修改配置文件
# vim /etc/MailScanner/MailScanner.conf
Run As User = postfix
Run As Group = postfix
Incoming Queue Dir = /var/spool/postfix/hold
Outgoing Queue Dir = /var/spool/postfix/incoming
MTA =postfix
SpamAssassin User State Dir = /var/spool/MailScanner/spamassassin
1749 Virus Subject Text = {Virus?} 標題提示文字
1855 Spam Subject Text = {Spam?} 標題提示文字
Virus Scanners = f-port-6 (根據軟件版本不同,這裏填寫的內容有所改變,可以選擇auto)
Required SpamAssassin Score =7
High SpamAssassin Score = 10
Spam Actions = deliver header “X-Spam-Status: Yes”
High Soring Spam Actions = delete forward [email protected] 如果score大於10,刪除郵件,並轉發到指定郵箱# vim /etc/postfix/main.cf
header_checks = regexp: /etc/postfix/header_checks
# vim /etc/postfix/header_checks
/^Received:/ HOLD
調整屬主、屬組
chown –R postfix.postfix /var/spool/MailScanner/incoming chown –R postfix.postfix /var/spool/MailScanner/quarantine
drwxr-xr-x 9 postfix postfix 4096 Apr 14 20:01 incoming
drwxr-xr-x 4 postfix postfix 4096 Apr 13 22:58 quarantine
drwxr-xr-x 2 postfix postfix 4096 Apr 13 20:50 rules
drwxr-xr-x 2 postfix postfix 4096 Apr 14 20:01 spamassassin
chkconfig –level 35 MailScanner on service MailScanner restart
###################################################################
SpamAssassin
mount /dev/cdrom /mnt/cdrom cd /mnt/cdrom rpm –ivh spamassassin-3.1.7-4.e15.i386.rpm
配置文件
/etc/mail/spamassassin/local.cf”保持默認即可
# service spamassassin start
# chkconfig –level 35 spamassassin on
#####################################################################
F-Port
# tar zxvf fp-Linux.x86.32-ms.tar.gz –C /opt/ 注意是mailserver版本,不是 workstation
# cd /opt/f-prot/
# ./install-f-prot.pl
(1) Enter an existing license key you have (e.g. from an e-mail)
(2) Apply for a 30 day trial key
1) Spawn service
比起第二種master.cf會多出:
localhost:10025 inet n n n - 10 spawn user=nobody argv=/opt/f-prot/mailtools/scan-mail.pl -postfix 127.0.0.1:10026
2) Standalone SMTP proxy
直接執行
scan-mail.pl -daemon -proxy -proxy_address 127.0.0.1:10025 -smtp_address 127.0.0.1:10026
安裝過程會出現的提示
升級F-Port 病毒庫(確保能訪問Internet)
# /opt/f-prot/fpupdate
ln -fs /opt/f-prot/fpscan /usr/local/bin/fpscan
ln -fs /opt/f-prot/doc/man/fpscan.1 /usr/local/man/man1/
ln -fs /opt/f-prot/doc/man/fprot-conf.5 /usr/local/man/man5/
ln -fs /opt/f-prot/doc/man/fpupdate.8 /usr/local/man/man8/
ln -fs /opt/f-prot/fpscand /usr/local/sbin/fpscand
ln -fs /opt/f-prot/fpmon /usr/local/sbin/fpmon
ln -fs /opt/f-prot/doc/man/fpscand.8 /usr/local/man/man8/
ln -fs /opt/f-prot/doc/man/fp-milter.8 /usr/local/man/man8/
ln -fs /opt/f-prot/doc/man/fp-qmail.8 /usr/local/man/man8/
ln -fs /opt/f-prot/doc/man/fpmon.8 /usr/local/man/man8/
ln -fs /opt/f-prot/doc/man/fp.so.8 /usr/local/man/man8/
cp /opt/f-prot/f-prot.conf.default /opt/f-prot/f-prot.conf ln -fs /opt/f-prot/etc/f-prot.conf /etc/f-prot.conf chmod a+x /opt/f-prot/fpscan chmod u+x /opt/f-prot/fpupdate ln -fs /opt/f-prot/man_pages/scan-mail.pl.8 /usr/share/man/man8/ chmod +x /opt/f-prot/mailtools/scan-mail.pl
# crontab –e (計劃任務)
00 9 * * * /opt/f-prot/fpupdate/tools/check-updates.pl -cron
# service crond start
#
Scan-mail.pl Standalone SMTP proxy
#vim posfix/main.cf
content_filter = smtp:[127.0.0.1]:10025 master.cf scan unix - - n - 10 smtp localhost:10026 inet n - n - 10 smtpd -o content_filter= -o local_recipient_maps= -o relay_recipient_maps= -o myhostname=localhost -o smtpd_helo_restrictions= -o smtpd_client_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o smtpd_use_tls=no -o mynetworks=127.0.0.0/8 vim /etc/f-prot.conf SCANMAIL_STARTUP="-daemon -proxy -proxy_address 127.0.0.1:10025 -smtp_address 127.0.0.1:10026"
service fpscand restart /opt/f-prot/rc-scripts/fpscand.rc-redhat
service scan-mail start /opt/f-prot/rc-scripts/scan-mail.rc-redhat
The first entry specifies that Postfix's master service shall run at most 10 processes simultaneously to pipe the mail from the SMTP daemon to external filter. The second entry makes the master service run at most 10 SMTP processes simultaneously on address localhost:10026 to receive the mail from the filter, and configures it so it does not loop the mail back to the external filter. And the third entry makes the master service run at most 10 instances simultaneously of the Mail Scanner to filter the mail on address localhost:10026 and advises the Mail Scanner that the SMTP daemon it is supposed to relay SMTP connections to is running on address 127.0.0.1:10026.
#######################################################################
測試
病毒測試數據:
X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H* EICAR-STANDARD-ANTIVIRUS-TEST-FILE
垃圾郵件測試數據:
XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X
可以新建一個接受病毒、垃圾的郵箱,當然你也可以設置規則直接刪掉它:
可以看到發往[email protected]的郵件被轉到了[email protected]
注意用戶名,及收、發信人
垃圾郵件
病毒郵件
測實結果,未提示檢測到病毒。
#################################################
2012年6月23日13:55:12
今天做項目,又把郵件做了一遍,改動如下。
vim /opt/f-prot/f-prot.conf
FPSCAND_LISTENADDRESS="127.0.0.1:10025"
#vim posfix/main.cf
content_filter = smtp:[127.0.0.1]:10025
master.cf Usage as a Postfix spawn service
localhost:10025inetnnn-10spawn user=anybodyargv=/opt/f-prot/mailtools/scan-mail.pl-postfix 127.0.0.1:10026
或者
vim /etc/f-prot.conf
SCANMAIL_STARTUP="-daemon -proxy -proxy_address 127.0.0.1:10025 -smtp_address 127.0.0.1:10026"
或者Postfix plugin run as a standalone proxy
/opt/f-prot/mailtools/scan-mail.pl -daemon -proxy -proxy_address 127.0.0.1:10025 -smtp_address 127.0.0.1:10026
紅色部分不能同時配置,發送郵件時extmail會出現如下錯誤
Connect to 127.0.0.1:25 fail, Net::SMTP: connect: Connection refused
telnet拒絕連接
telnet 127.0.0.1 25
Trying 127.0.0.1...
telnet: connect to address 127.0.0.1: Connection refused
######################################################################
########################################################################
實驗過程中出現的錯誤
注意路徑,拼寫
注意文件、目錄權限問題
Q :mysql PID file not found and Can't connect to MySQL through socket mysql.sock
A :cd /usr/local/mysql/lib/mysql/var/
rm -f $hosname.pid $hostname.err
echo `ps aux | grep mysql | grep "user=mysql" | grep -v "grep" | awk '{print $2}'`>> $hostname.pid
Q:
Apr 13 16:31:29 mail postfix/master[7998]: warning: process /usr/libexec/postfix/smtpd pid 8081 exit status 1
Apr 13 16:31:29 mail postfix/master[7998]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling
fatal: open database /etc/aliases.db: No such file or directory
it looks like you have files in main.cf that do not exist, check /etc/postfix/main.cf and create any needed files.
A: newalias | postmap /etc/aliases
Q:Apr 13 16:31:28 mail postfix/smtpd[8081]: fatal: open database /etc/postfix/access.db: No such file or directory
A: postmap /etc/postfix/access
Q extmail 無法發送郵件 Connect to 172.0.0.1:25 fail, Net::SMTP: connect: timeout
A fuser -k -n -tcp 25
vim /etc/postfix/main.cf
114 inet_interfaces = all
SYS_SMTP_HOST = 127.0.0.1
SYS_SMTP_PORT = 25
hostname locahost.localdoamin
Q:[root@web xinetd.d]# telnet 127.0.0.1 25
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
到這裏就沒有下文了
A:mynetworks = 64.146.69.0/8, 127.0.0.0/8 #
You are an open relay for the 64-class A network (64.0.0.0/8), so I suggest you FIX that. I suppose you mean for just your Class C network:
mynetworks = 127.0.0.0/8, 64.146.69.0/24
Does telnet localhost 25 work ?
vi /usr/local/lib/sasl2/smtpd.conf
pwcheck_method:authdaemond
#log_level: 3
#mech_list: PLAIN LOGIN
authdaemond_path:/usr/local/var/spool/authdaemon/socket
Q:User's home directory /var/spool/postfix is not writable
A:chown -R postfix /var/spool/postfix
Apr 13 18:28:51 mail MailScanner[11778]: User's home directory /home/postfix does not exist
Apr 13 18:28:51 mail MailScanner[11778]: User's home directory /home/postfix is not writable
Apr 13 18:28:52 mail MailScanner[11778]: Using SpamAssassin results cache
Apr 13 18:28:52 mail MailScanner[11778]: Connected to SpamAssassin cache database
Apr 13 18:28:52 mail MailScanner[11778]: Enabling SpamAssassin auto-whitelist functionality...
Apr 13 18:28:54 mail MailScanner[11684]: I have found f-prot-6 scanners installed, and will use them all by default.
Q : You need to set the "SpamAssassin User State Dir" to a directory that the "Run As User" can write to
A :SpamAssassin User State Dir = /var/spool/MailScanner/spamassassin
mkdir /var/spool/MailScanner/spamassassin
chgown postfix /var/spool/MailScanner/spamassassin
Q Shutting down scan-mail daemon/etc/init.d/scan-mail: line 64: kill: (18983) - No such process
A echo `ps aux | grep scan-mail | grep -v "grep" | awk '{print $2}'` >>/var/run/scan-mail.pid