基於postfix郵件網關搭建

操作系統：Centos 5.X

準備以下系列軟件
mysql-5.1.59.tar.gz  
postfix-2.8.2.tar.gz
clamav-0.97.2-1.el5.rf.x86_64.rpm       
clamav-db-0.97.2-1.el5.rf.x86_64.rpm    
clamav-devel-0.97.2-1.el5.rf.x86_64.rpm 
clamd-0.97.2-1.el5.rf.x86_64.rpm
MailScanner-4.84.3-1.rpm.tar.gz

準備條件
刪除相關的軟件包

rpm -e --nodeps mysql
rpm -e --nodeps cyrus-sasl-*
rpm -e --nodeps httpd
rpm -e --nodeps sendmail

安裝rpm依賴包(已安裝的就不需要安裝啦)

rpm -ivh vim-common-6.3.046-0.40E.7.i386.rpm vim-enhanced-6.3.046-0.40E.7.i386.rpm
rpm -ivh pcre-devel-4.5-3.2.RHEL4.i386.rpm
yum -y install gcc ncurses-devel autoconf automake libtool g++ db4-devel

新建用戶

groupadd -g 789 postfix
useradd -u 789 -g 789 -d/dev/null -s/sbin/nologin postfix
groupadd -g 13579 postdrop

開始安裝
安裝mysql

autoreconf --force --install
./configure \
         "--prefix=/usr/local/mysql" \
         "--localstatedir=/usr/local/mysql/data" \
         "--with-comment=Source" \
         "--with-server-suffix=-Slevin" \
         "--with-mysqld-user=mysql" \
         "--without-debug" \
         "--with-big-tables" \
         "--with-charset=utf8" \
         "--with-collation=utf8_general_ci" \
         "--with-extra-charsets=all" \
         "--with-pthread" \
         "--enable-assembler"
make&&make install

echo "/usr/local/mysql/lib/mysql/"  >> /etc/ld.so.conf
ldconfig

安裝postfix

make makefiles \
     'CCARGS=-DHAS_MYSQL -I/usr/local/mysql/include/mysql ' \
     'AUXLIBS=-L/usr/local/mysql/lib/mysql -lmysqlclient -lz -lm '
make install
/usr/bin/newaliases

這裏貼出我自己的配置文件
cat /etc/postfix/main.cf

command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
html_directory = no
mail_owner = postfix
mailq_path = /usr/bin/mailq
manpage_directory = /usr/local/man
newaliases_path = /usr/bin/newaliases
queue_directory = /var/spool/postfix
readme_directory = no
sample_directory = /etc/postfix
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
unknown_local_recipient_reject_code = 550

alias_maps = hash:/etc/aliases
# hostname
mynetworks = 127.0.0.1
myhostname = mail.xxx.com
mydomains = mail.xxx.com
mydestination = $mynetworks $myhostname

inet_interfaces = all
# banner
mail_name = Postfix - by make a slevin
smtpd_banner = $myhostname ESMTP $mail_name

# response immediately
smtpd_error_sleep_time = 0s

# Message and return code control
message_size_limit = 104857600
mailbox_size_limit = 524288000
show_user_unknown_table_name = no

# Queue lifetime control
bounce_queue_lifetime = 1d
maximal_queue_lifetime = 1d

debug_peer_list=1
relay_domains=xxx.cn   設置過濾的域名
transport_maps=hash:/etc/postfix/transport   郵件路由配置文件
relay_recipient_maps=mysql:/etc/postfix/mysql_list_user.cf  收件人限制配置

#smtpd_recipient_restrictions =permit_mynetworks,reject_non_fqdn_hostname,reject_non_fqdn_sender,reject_non_fqdn_recipient,reject_unauth_destination,reject_unauth_pipelining,reject_invalid_hostname,reject_unknown_recipient_domain,reject_rbl_client cblless.anti-spam.org.cn

header_checks = regexp:/etc/postfix/header_checks  MailScanner靠這個參數來對郵件進行過濾

下面貼出上面所用到的配置文件
cat /etc/postfix/transport

  xxx.com        smtp:[192.168.0.25]:25

cat /etc/postfix/mysql_list_user.cf

user = test
password = 000000
hosts = 192.168.0.25
dbname = email
query= SELECT email FROM user WHERE email='%s'

cat  /etc/postfix/header_checks

/^Received:/    HOLD    中間空格必須是table鍵

運行命令

postmap /etc/postfix/transport

暫時把header_checks參數註釋然後啓動postfix來測試簡單的路由轉發是否成功

啓動命令：postfix  start

假設上面測試成功，那接着配置下一步的過濾

安裝殺毒過濾

rpm -ivh clamav-0.97.2-1.el5.rf.x86_64.rpm   \
         clamav-db-0.97.2-1.el5.rf.x86_64.rpm     \
         clamav-devel-0.97.2-1.el5.rf.x86_64.rpm   \
         clamd-0.97.2-1.el5.rf.x86_64.rpm

配置殺毒

ln -s /usr/bin/freshclam /usr/local/bin/freshclam

/usr/local/bin/freshclam

安裝spamassassin

yum -y  install  spamassassin

配置spamassassin

wget -N -P /usr/share/spamassassin www.ccert.edu.cn/spam/sa/Chinese_rules.cf
crontab -e
0 0 1 * * wget -N -P /usr/share/spamassassin www.ccert.edu.cn/spam/sa/Chinese_rules.cf;/etc/init.d/MailScanner restart

安裝MailScanner

tar xvf MailScanner-4.84.3-1.rpm.tar.gz
cd MailScanner-4.84.3-1
./install.sh  (這個過程要很久) 

安裝完之後 修改配置文件，裏面選項很多，我只把幾個關鍵的寫出來
vi /etc/MailScanner/MailScanner.conf

%org-name% = yoursite  自己定義
%org-long-name% = Your Organisation Name Here  自己定義
%web-site% = http://www.your-organisation.com/  自己定義
Run As User = postfix
Run As Group = postfix
Incoming Queue Dir = /var/spool/postfix/hold
Outgoing Queue Dir = /var/spool/postfix/incoming
MTA = postfix
Incoming Work User = postfix
Incoming Work Group = clamav
Incoming Work Permissions = 0640
Clamd Socket = /var/run/clamav/clamd.sock
Is Definitely Spam = %rules-dir%/spam.blacklist.rules  默認沒這個文件，必須要新建這個文件

給上面配置選項的目錄賦予權限

cd /var/spool/MailScanner/
mkdir spamassassin
mkdir .spamassassin
chown -R postfix:clamav /var/spool/MailScanner/incoming
chown -R postfix:postfix /var/spool/MailScanner/quarantine
chown -R postfix:postfix /var/spool/MailScanner/spamassassin

接着取消postfix的main.cf文件的header_checks註釋

啓動所有程序

chkconfig spamassassin on
chkconfig MailScanner on
/etc/init.d/clamd start
/etc/init.d/spamassassin start
/etc/init.d/MailScanner start

查看/var/log/maillog,自己測試發送郵件，如果日誌沒報錯並且能夠成功過濾 就說明發送成功了