• 基于FreeBSD和Postfix的邮件系统与邮件列表的web mail安装


    作者: 杨廷勇(scyzxp at toping.net)
    来自: LinuxSir.Org
    版权:杨廷勇 Copyright © 2004、2005、2006
    摘要: 本文介绍使用FreeBSD + Postfix + Cyrus-sasl + Courier-imap + tmail3.5 + spamassassin + Clamav + mailscanner + mailscanner-mrtg + mailman ,来架构一个具有多域名,有邮件列表、webmail、防病毒、防垃圾邮件、web管理界面的邮件系统。

    本文介绍使用 FreeBSD + Postfix + Cyrus-sasl + Courier-imap + tmail3.5 + spamassassin + Clamav + mailscanner + mailscanner-mrtg + mailman 来架构一个具有多域名,有邮件列表、webmail、防病毒、防垃圾邮件、web管理界面的邮件系统。

    Jacky, $Revision: 4.51 bate $Date: 2006-05-03

    系统主要采用MailScanner+clamav+Spamd+APF来对病毒过滤和垃圾邮件过滤。

    本文在4.10、5.3、5.4、6.0上安装测试通过,病毒过滤放弃采用amavisd。主要采用执行效率更高的MailSanner来对邮件过滤和垃圾邮件过滤,配置更容易,并且降低了系统开消。让系统更加稳定,经过严格病毒邮件测试成功率达到了100%。垃圾邮件过滤基本上达到了95%的成功率。

    更新日志;

    新增“邮件列表”mailman的安装和设置
    新增“邮件流量监控”mailscanner-mrtg的安装和设置
    新增php对zend的支持安装
    新增使用mailscanner来对进出邮件进行监管。new
    修正上一个版本的一些理解性和文件性错误。
    主要增强了原来的userinfo数据表。请使用Tmail3.5的用户及时更新。
    主要“加强”了病毒过滤和垃圾邮件过滤,更加节约系统资源,使系统配置更简单化。
    本文首次使用APF来加强对垃圾邮件的过滤。
    垃圾邮件过滤基本上达到了95%的成功率
    本文首次使用MailScanner+Clamav配合对邮件病毒进行过滤。
    经过严格病毒邮件测试成功率达到了100%。
    翻译了病毒邮件提示为中文提示,让系统更加的人性化。
    在文档安装过程中加入更详细的说明
    在文档软件安装过程中配备了图像,让安装更加的容易。
    修正了很多文字性的错误.....

    目录


    +++++++++++++++++++++++++++++++++++++++++++
    正文
    +++++++++++++++++++++++++++++++++++++++++++


    0、演示地址;

    http://mail.toping.net
    用户名:demo@toping.net
    密 码:demo


    1、系统安装

    安装之前:因用户数据都保存在/var目录下,因此安装FreeBSD时/var的空间应尽量大。FreeBSD的版本为5.3,按最小化安装,软件包只安装cvsup,安装结束后用cvsup更新ports树。在文档中假设服务器的ip地址为192.168.0.2,域名为toping.net,主机名为mail.toping.net。

    请兄弟们仔细一些,注意空格和TAB。

    祝兄弟们好运。本人水平有限。如果发现文章中有什么错误和不当的地方请发邮件:scyz@toping.net。我会在第一时间给予答复。


    1.1 安装MySQL

    mail# cd /usr/ports/databases/mysql40-server
    mail# make install clean

    编辑/etc/rc.conf,加入

    mysql_enable="YES"


    1.2 安装Apache

    mail# cd /usr/ports/www/apache2
    mail# make install clean

    编辑/etc/rc.conf,加入

    Apache2_enable="YES"


    1.3 安装PHP

    mail# cd /usr/ports/www/mod_php4
    mail# make install clean

    我的选择:(注意别选DEBUG,否则会和ZEND有冲突)

    [X] APACHE2   Use apache 2.x instead of apache 1.3.x

    安装需要的PHP扩展模块

    mail# cd /usr/ports/lang/php4-extensions
    mail# make install clean

    我选择了下面的模块:

    [X] BCMATH     bc style precision math functions
    [X] BZ2       bzip2 library support
    [X] CALENDAR   calendar conversion support
    [X] CRACK     crack support
    [X] CTYPE     ctype functions
    [X] CURL       CURL support
    [X] FTP       FTP support
    [X] GD       GD library support
    [X] GETTEXT     gettext library support
    [X] FILEINFO   fileinfo support
    [X] IMAP       IMAP support
    [X] MBSTRING   multibyte string support
    [X] MCAL       Modular Calendar Access Library support
    [X] MCRYPT     Encryption support
    [X] MCVE       MCVE support
    [X] MHASH     Crypto-hashing support
    [X] MYSQL     MySQL database support
    [X] PCRE       Perl Compatible Regular Expression support
    [X] POSIX     POSIX-like functions
    [X] SESSION     session support
    [X] TOKENIZER   tokenizer support
    [X] XML       XML support
    [X] ZLIB       ZLIB support

    最后在编辑/usr/local/etc/apache2/httpd.conf最后加入:

    DirectoryIndex index.html index.html.var index.php

    注:在DirectoryIndex这里加入index.php,是为了让apache支持首页为index.php的首页文件

    AddType application/x-httpd-php .php
    AddType application/x-httpd-php-source .phps

    Group www、User www修改为: Group postfix、User postfix

    注:以上这一步要在postfix安装后再操作


    1.4.安装zend

    mail# cd /usr/ports/devel/ZendOptimizer
    mail# make install clean

    因为版权的问题,他不会自动下载。这里你需要到他的官方网站去下载ZendOptimizer-2.5.10a-freebsd4.3-i386.tar.gz到/usr/ports/distfiles目录下面后再安装。

    下载地址:ZendOptimizer-2.5.10a-freebsd4.3-i386.tar.gz

    完成后在/usr/local/etc/php.ini中加入:

    [Zend]
    zend_optimizer.optimization_level=15
    zend_extension_manager.optimizer="/usr/local/lib/php/20020429/Optimizer"
    zend_extension_manager.optimizer_ts="/usr/local/lib/php/20020429/Optimizer_TS"
    zend_extension="/usr/local/lib/php/20020429/ZendExtensionManager.so"
    zend_extension_ts="/usr/local/lib/php/20020429/ZendExtensionManager_TS.so"

    重启apache安装完成。


    1.5 安装openssl

    mail# cd /usr/ports/security/openssl
    mail# make install clean


    1.6 安装phpMyAdmin

    mail# cd /usr/ports/databases/phpmyadmin
    mail# make fetch

    注:(在这里建议直接下载后复制安装)

    mail# cd /usr/ports/distfiles
    mail# tar –zxvf PhpMyadmin-x.tar.gz
    mail# mv /usr/local/www/phpMyAdmin-x /usr/local/www/data/dbadmin

    修改/usr/local/www/data/dbadmin/config.inc.php

    $cfg['PmaAbsoluteUri'] = 'http://192.168.0.2/dbadmin/';
    $cfg['Servers'][$i]['auth_type']   = 'http';   // Authentication method (config, http or cookie based)?

    注:指定phpmyadmin的认证方式为http方式。

    在浏览器输入 http://192.168. 0.2/dbadmin/ ,首次进行登入的用户名为root密码为空,登入后可以修改你的密码。


    1.7 通过phpMyadmin设置数据库

    建立postfix数据库(注意:数据库名称为postfix):

    mail# mysql –u root –p
    mysql# CREATE DATABASE `postfix` ;
    mysql# use postfix;

    下面为sql语句:

    CREATE TABLE domaininfo (
    domain_id int(5) NOT NULL auto_increment,
    domain varchar(25) NOT NULL default '',
    alias varchar(30) default NULL,
    passwd varchar(35) NOT NULL default '',
    usernum int(5) NOT NULL default '0',
    quota int(11) NOT NULL default '0',
    des varchar(30) default NULL,
    expire date NOT NULL default '0000-00-00',
    active tinyint(1) NOT NULL default '1',
    create_time datetime default NULL,
    PRIMARY KEY (domain_id),
    UNIQUE KEY domain (domain),
    KEY domain_id (domain_id)
    ) TYPE=MyISAM COMMENT='domain information';

    INSERT INTO domaininfo VALUES (1,'admin',NULL,'$1$.j3.t12.$I7MGf7ZD2HrWwUWQF88Mg1',0,0,'Super Admin','0000-00-00',1,'0000-00-00 00:00:00');

    CREATE TABLE userinfo (
    id int(11) NOT NULL auto_increment,
    userid varchar(20) NOT NULL default '',
    domain_id int(5) NOT NULL default '0',
    address varchar(50) NOT NULL default '',
    alias varchar(60) default NULL,
    passwd varchar(35) NOT NULL default '',
    realname varchar(20) default NULL,
    quota int(11) NOT NULL default '0',
    active tinyint(1) NOT NULL default '0',
    homedir varchar(60) NOT NULL default '',
    maildir varchar(60) NOT NULL default '',
    create_time datetime NOT NULL default '0000-00-00 00:00:00',
    `fax` varchar(20) NOT NULL default '',
    `telephone` varchar(15) NOT NULL default '',
    `sex` int(1) NOT NULL default '0',
    `year` int(4) NOT NULL default '0',
    `MONTH` int(2) NOT NULL default '0',
    `DAY` int(2) NOT NULL default '0',
    `education` varchar(4) NOT NULL default '',
    `marital` int(1) NOT NULL default '0',
    `occupation` varchar(15) NOT NULL default '',
    `companyname` varchar(30) NOT NULL default '',
    `province` varchar(6) NOT NULL default '',
    PRIMARY KEY (id),
    UNIQUE KEY address (address)
    ) TYPE=InnoDB COMMENT='User Information';

    注:对于初学者,建议以上操作都在phpmyadmin中操作更加的简便,如果后面要使用igenus请导入原来igenus的sql。

    建立数据库用户并授以相应的权限

    mail# mysql –u root –p
    mysql# use mysql;
    mysql# INSERT INTO user (host,user,password) VALUES('localhost','postfix','');
    mysql# update user set password=password('postfix') where User='postfix';
    mysql# GRANT ALL ON postfix.* TO postfix@localhost IDENTIFIED BY "postfix";

    注:这里加用户名和密码都为:postfix。并授权对postfix数据库进行操作


    1.8 安装Courier-imap

    mail# cd /usr/ports/mail/courier-imap
    mail# make install clean

    我的选择:

    [X] OPENSSL     Build with OpenSSL support
    [X] AUTH_MYSQL   MySQL support

    在/etc/rc.conf中加入:

    courier_authdaemond_enable="YES"
    courier_imap_pop3d_enable="YES"
    courier_imap_imapd_enable="YES"
    mail# cd /usr/local/etc/courier-imap
    mail# cp imapd.cnf.dist imapd.cnf
    mail# cp pop3d.cnf.dist pop3d.cnf
    mail# /usr/local/etc/rc.d/courier-authdaemond.sh start

    注:此时会在/var/run/authdaemond/下产生socket,如果没有下面这一步下面的认证无法通过。

    mail# chmod +x /var/run/authdaemond


    1.9 安装 postfix 和 cyrus-sasl

    mail# cd /usr/ports/security/cyrus-sasl2
    mail# make install WITH_AUTHDAEMON=yes
    mail# make clean

    创建/usr/local/lib/sasl2/smtpd.conf

    pwcheck_method: authdaemond
    log_level: 3
    mech_list: PLAIN LOGIN
    authdaemond_path:/var/run/authdaemond/socket

    更详细的参数设置请看:

    http://www.toping.net/bbs/htm_data/7/0508/330.html

    至此,认证部分基本完成。

    安装 postfix

    mail# cd /usr/ports/mail/postfix
    mail# make install clean

    我的选择:

    [X] VDA       VDA (Virtual Delivery Agent)
    [X] MySQL     MySQL map lookups (choose version with WITH_MYSQL_VER)
    [X] TLS       SSL and TLS
    [X] SASL2     Cyrus SASLv2 (Simple Authentication and Security Layer)

    回答下面的两问题:

    You need user "postfix" added to group "mail".[是否将postfix用户加到mail用户组]
    Would you like me to add it [y]? y
    Would you like to activate Postfix in /etc/mail/mailer.conf [n]? n

    在/etc/rc.conf中加入postfix启动所需的启动选项
    在/etc/rc.conf中加入:

    sendmail_enable="YES"
    sendmail_flags="-bd"
    sendmail_pidfile="/var/spool/postfix/pid/master.pid"
    sendmail_procname="/usr/local/libexec/postfix/master"
    sendmail_outbound_enable="NO"
    sendmail_submit_enable="NO"
    sendmail_msp_queue_enable="NO"

    设置postfix启动所需

    mail# ln -s /usr/local/sbin/sendmail /usr/sbin/sendmail

    注:如果/usr/sbin/sendmail存在就删了再做上链接,如果升级内核和升级系统后要重新做这一步。

    mail# echo ‘postfix: root’ >> /etc/aliases
    mail# /usr/local/bin/newaliases
    mail# chown postfix:postfix /etc/opiekeys


    1.10 安装expect

    用于Web客户端建立邮件用户

    mail# cd /usr/ports/lang/expect
    mail# make install clean


    2、 配置邮件服务器

    本节主要讲述各种服务的参数配置。


    2.1 配置rc.conf,编辑/etc/rc.conf

    下面是前面所装软件都加入了启动选项的rc.conf配置:

    mysql_enable="YES"
    apache2_enable="YES"
    courier_authdaemond_enable="YES"
    courier_imap_pop3d_enable="YES"
    courier_imap_imapd_enable="YES"
    sendmail_enable="YES"
    sendmail_flags="-bd"
    sendmail_pidfile="/var/spool/postfix/pid/master.pid"
    sendmail_procname="/usr/local/libexec/postfix/master"
    sendmail_outbound_enable="NO"
    sendmail_submit_enable="NO"
    sendmail_msp_queue_enable="NO"


    2.2 配置postfix 和 cyrus-sasl

    (1)修改/usr/local/etc/postfix/main.cf,在文件最后加入以下内容

    mail# ee /usr/local/etc/postfix/main.cf
    smtpd_helo_required = yes
    strict_rfc821_envelopes = yes
    smtpd_etrn_restrictions = permit_mynetworks, reject
    #=====================BASE=====================
    myhostname = mail.toping.net
    mydomain = toping.net
    mydestination = $myhostname
    local_recipient_maps =
    command_directory = /usr/local/sbin
    local_transport = virtual
    #=====================MySQL=====================
    virtual_alias_maps = mysql:/usr/local/etc/postfix/mysql_virtual_alias_maps.cf
    virtual_gid_maps = static:125
    virtual_mailbox_base = /
    virtual_mailbox_domains = mysql:/usr/local/etc/postfix/mysql_virtual_domains_maps.cf
    virtual_mailbox_limit = 51200000
    virtual_mailbox_maps = mysql:/usr/local/etc/postfix/mysql_virtual_mailbox_maps.cf
    virtual_minimum_uid = 125
    virtual_transport = virtual
    virtual_uid_maps = static:125
    #=====================Quota=====================
    virtual_create_maildirsize = yes
    virtual_mailbox_extended = yes
    virtual_mailbox_limit_maps = mysql:/usr/local/etc/postfix/mysql_virtual_mailbox_limit_maps.cf
    virtual_mailbox_limit_override = yes
    virtual_maildir_limit_message = Sorry, the user's maildir has overdrawn his diskspace quota, please try again later.
    virtual_overquota_bounce = yes
    #====================SASL=====================
    smtpd_sasl_auth_enable = yes
    smtpd_sasl_security_options = noanonymous
    broken_sasl_auth_clients = yes
    smtpd_delay_reject=yes
    smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,permit_auth_destination,reject
    smtpd_client_restrictions = permit_sasl_authenticated

    更详细的参数设置请看论坛:

    http://www.toping.net/bbs/htm_data/7/0601/871.html

    (4)编辑/usr/local/etc/postfix/mysql_virtual_alias_maps.cf

    mail# ee /usr/local/etc/postfix/mysql_virtual_alias_maps.cf
    user = postfix
    password = postfix
    hosts = localhost
    dbname = postfix
    query = SELECT alias FROM userinfo WHERE address='%s' AND active = 1

    (5)编辑/usr/local/etc/postfix/mysql_virtual_domains_maps.cf

    mail# ee /usr/local/etc/postfix/mysql_virtual_domains_maps.cf
    user = postfix
    password = postfix
    hosts = localhost
    dbname = postfix
    query = SELECT domain FROM domaininfo WHERE domain='%s'

    (6)编辑/usr/local/etc/postfix/mysql_virtual_mailbox_maps.cf

    mail# ee /usr/local/etc/postfix/mysql_virtual_mailbox_maps.cf
    user = postfix
    password = postfix
    hosts = localhost
    dbname = postfix
    query = SELECT maildir FROM userinfo WHERE address='%s' AND active = 1

    (7)编辑/usr/local/etc/postfix/mysql_virtual_mailbox_limit_maps.cf

    mail# ee /usr/local/etc/postfix/mysql_virtual_mailbox_limit_maps.cf
    user = postfix
    password = postfix
    hosts = localhost
    dbname = postfix
    query = SELECT quota FROM userinfo WHERE address='%s'


    2.3 配置Courier-imap

    (1)修改Courier相关设置,/usr/local/etc/courier-imap/imapd:

    IMAP_CAPABILITY="IMAP4rev1 CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA"

    (2)修改/usr/local/etc/courier-imap/pop3d

    POP3AUTH="LOGIN CRAM-MD5 CRAM-SHA1"

    (3)编辑修改/usr/local/etc/authlib/authmysqlrc

    mail# mv /usr/local/etc/authlib/authmysqlrc /usr/local/etc/authlib/authmysqlrc_bak
    mail# ee /usr/local/etc/authlib/authmysqlrc
    MYSQL_SERVER     localhost                         //数据库主机地址
    MYSQL_USERNAME       postfix                       //数据库用户名
    MYSQL_PASSWORD       postfix                       //数据库密码
    MYSQL_PORT       0
    MYSQL_OPT   0
    MYSQL_DATABASE       postfix                       //数据库名称
    MYSQL_USER_TABLE   userinfo
    MYSQL_CRYPT_PWFIELD   passwd
    MYSQL_UID_FIELD     '125'
    MYSQL_GID_FIELD     '125'
    MYSQL_LOGIN_FIELD address
    MYSQL_HOME_FIELD   homedir
    MYSQL_NAME_FIELD   realname
    MYSQL_MAILDIR_FIELD   maildir
    MYSQL_QUOTA_FIELD quota

    注:这里得用tab键来跳格

    (4)编辑/usr/local/etc/authlib/authdaemonrc

    mail# mv /usr/local/etc/authlib/authdaemonrc /usr/local/etc/authlib/authdaemonrc_bak
    mail# ee /usr/local/etc/authlib/authdaemonrc
    authmodulelist="authmysql"
    authmodulelistorig="authmysql"
    version="authdaemond.mysql"
    daemons=5
    authdaemonvar=/var/run/authdaemond
    subsystem=mail
    DEBUG_LOGIN=0
    DEFAULTOPTIONS="wbnodsn=1"

    重启服务器

    3、手动设置第一个用户并测试

    本章介绍如何开通用户,并且测试系统是否正常。

    注:增加用户时请到这里生成加密后的密码后直接插入到数据库中就可以了。

    http://www.toping.net/soft

    mail# mysql
    mysql> use postfix;
    mysql> show tables;
    +-------------------+
    | Tables_in_postfix |
    +-------------------+
    | address       |
    | admin         |
    | card         |
    | domaininfo     |
    | lastauth       |
    | logs         |
    | message       |
    | personal       |
    | scheduler       |
    | stow         |
    | userinfo       |
    | vpopmail       |
    +-------------------+
    12 rows in set (0.00 sec)

    增加域名和管理员

    mysql> desc domaininfo;
    +-------------+-------------+------+-----+------------+----------------+
    | Field     | Type     | Null | Key | Default   | Extra       |
    +-------------+-------------+------+-----+------------+----------------+
    | domain_id   | int(5)     |     | PRI | NULL     | auto_increment |
    | domain     | varchar(25) |     | UNI |         |           |
    | alias     | varchar(30) | YES |   | NULL     |           |
    | passwd     | varchar(35) |     |   |         |           |
    | usernum   | int(5)     |     |   | 0       |           |
    | quota     | int(11)   |     |   | 0       |           |
    | des       | varchar(30) | YES |   | NULL     |           |
    | expire     | date     |     |   | 0000-00-00 |           |
    | active     | tinyint(1) |     |   | 1       |           |
    | create_time | datetime   | YES |   | NULL     |           |
    +-------------+-------------+------+-----+------------+----------------+
    10 rows in set (0.00 sec)

    mysql> INSERT INTO `domaininfo` VALUES (7, 'toping.net', NULL, '$1$jNXThQXq$KPjm.WE2f2yX5rceY48vX. ', 50, 500, NULL, '0000-00-00', 1, '2005-04-19 23:19:11');
    Query OK, 1 row affected (0.00 sec)

    注:这里的toping.net的管理密码为:admin123

    mysql> desc userinfo;
    +-------------+-------------+------+-----+---------------------+----------------+
    | Field     | Type     | Null | Key | Default         | Extra       |
    +-------------+-------------+------+-----+---------------------+----------------+
    | id       | int(11)   |     | PRI | NULL           | auto_increment |
    | userid     | varchar(20) |     |   |               |           |
    | domain_id   | int(5)     |     |   | 0             |           |
    | address   | varchar(50) |     | UNI |               |           |
    | alias     | varchar(60) | YES |   | NULL           |           |
    | passwd     | varchar(35) |     |   |               |           |
    | realname   | varchar(20) | YES |   | NULL           |           |
    | quota     | int(11)   |     |   | 0             |           |
    | active     | tinyint(1) |     |   | 0             |           |
    | homedir   | varchar(60) |     |   |               |           |
    | maildir   | varchar(60) |     |   |               |           |
    | create_time | datetime   |     |   | 0000-00-00 00:00:00 |           |
    | fax       | varchar(20) |     |   |               |           |
    | telephone   | varchar(15) |     |   |               |           |
    | sex       | int(1)     |     |   | 0             |           |
    | year     | int(4)     |     |   | 0             |           |
    | MONTH     | int(2)     |     |   | 0             |           |
    | DAY       | int(2)     |     |   | 0             |           |
    | education   | varchar(4) |     |   |               |           |
    | marital   | int(1)     |     |   | 0             |           |
    | occupation | varchar(15) |     |   |               |           |
    | companyname | varchar(30) |     |   |               |           |
    | province   | varchar(6) |     |   |               |           |
    +-------------+-------------+------+-----+---------------------+----------------+
    23 rows in set (0.00 sec)

    mysql> INSERT INTO `userinfo` VALUES (8, 'webmaster', 7, 'webmaster@toping.net', NULL,'$1$4DLQeNkz$QKCAQqg244XwvLl2SD11f0', 'webmaster', 209715200, 1, '/var/mail/toping.net/webmaster/', '/var/mail/toping.net/webmaster/Maildir/', '2005-04-20 23:45:17', '', '', 0, 0, 0, 0, '', 0, '', '', '');

    注:这里的webmaster用户的邮箱密码为:000000

    mysql>quit

    设置用户的目录与权限:

    Mail# mkdir -p /var/mail/toping.net/webmaster
    Mail# /usr/local/bin/maildirmake /var/mail/toping.net/webmaster/Maildir
    Mail# chmod -R 777 /var/mail/toping.net/
    Mail# chown -R postfix:postfix /var/mail/toping.net

    至此用户设置完毕,这里只使用一个域名,同理可以设置多个域名。


    4、安装postfix管理工具

    本节主要介绍如何安装和使用postfix管理工具。


    4.1 安装postfix管理工具来设置第一个域名和用户

    上传管理工具到网站目录

    后修改include/config.inc.php中的

    define(DOMAINSDIR,"/home/vmail");  为  define(DOMAINSDIR,"/var/mail");
    define(MYSQL_HOST, 'localhost');   为  您的MySQL服务器的主机名
    define(MYSQL_USER, 'root');     为  您的MySQL的用户名
    define(MYSQL_PASS, 'mypasswd');   为  您的MySQL的密码
    define(MYSQL_DATA, 'postfix');    为  您的邮件服务器的数据库

    修改完成后运行: http://mail.toping.net/webadmin/index.php

    完装完成!!


    4.2 用户登录测试

    用户登录测试

    安装p5-MIME-Base64

    mail# cd /usr/ports/converters/p5-MIME-Base64/
    mail# make install clean

    通过p5-MIME-Base64来取得用户名和密码的base64编码

    mail# perl -MMIME::Base64 -e 'print encode_base64("webmaster\@toping.net");'
    d2VibWFzdGVyQHRvcGluZy5uZXQ=
    mail# perl -MMIME::Base64 -e 'print encode_base64("000000");'
    MDAwMDAw

    测试发送邮件(端口:25):

    mail# telnet 127.0.0.1 25
    Trying 127.0.0.1...
    Connected to 0.
    Escape character is '^]'.
    220 mail.toping.net ESMTP Postfix
    ehlo mail
    250-mail.toping.net
    250-PIPELINING
    250-SIZE 4194304
    250-VRFY
    250-ETRN
    250-AUTH NTLM LOGIN PLAIN OTP
    250-AUTH=NTLM LOGIN PLAIN OTP
    250 8BITMIME
    auth login
    334 VXNlcm5hbWU6
    d2VibWFzdGVyQHRvcGluZy5uZXQ=   //此为用户名id:webmaster@toping.net
    334 UGFzc3dvcmQ6
    MDAwMDAw //此为用户密码password:000000
    235 Authentication successful
    MAIL FROM:<webmaster@toping.net> //告诉服务器发件人的Email地址
    250 Ok
    RCPT TO:<webmaster@toping.net>   //告诉服务器收件人的地址
    250 OK
    DATA     //告诉服务器开始写信
    354 End data with <CR><LF>.<CR><LF>
    SUBJECT:test     //subject后面填写的是邮件的主题
    test
    .       //换行后输入.后按回车,表示信件内容书写完毕
    250 Ok: queued as 58DC71D5
    quit     //发送信件,结束对话,退出SMTP服务器
    221 Bye
    Connection closed by foreign host

    测试收取邮件(端口:110):

    mail# telnet 127.0.0.1 110
    Trying 127.0.0.1...
    Connected to 0
    Escape character is '^]'
    +OK Hello there
    user webmaster@toping.net
    +OK Password required
    pass 000000
    +OK logged in
    list
    +OK POP3 clients that break here, they violate STD53
    1 2217
    retr 1   //返回第一封信的全部内容
    +OK 2217 octets follow.
    Return-Path: <webmaster@toping.net>
    X-Original-To: webmaster@toping.net
    Delivered-To: webmaster@toping.net
    Received: from mail (localhost.toping.net [127.0.0.1])
        by mail.toping.net (Postfix) with ESMTP id 58DC71D5
        for <webmaster@toping.net>; Mon, 9 Aug 2004 21:11:20 +0800 (CST)
    SUBJECT:test
    Message-Id: <20040809131120.58DC71D5@mail.toping.net>
    Date: Mon, 9 Aug 2004 21:11:20 +0800 (CST)
    From: webmaster@toping.net
    To: undisclosed-recipients:;
    test
    .
    dele 1   //删除
    +OK Deleted
    quit
    +OK Bye-bye
    Connection closed by foreign host

    也可以使用任何其它的邮件客户端程序来测试,如foxmail、Outlook Express等等。


    5、防病毒与防垃圾邮件

    本章介绍病毒与垃圾邮件的防范。


    5.1 安装Clamav

    mail# cd /usr/ports/security/clamav
    mail# make install clean

    我的选择:

    [X] MILTER   Compile the milter interface
    [X] CURL     Support URL downloading
    [X] LIBUNRAR Support for external Unrar library

    要想clamav能自动的启动请在/etc/rc.conf中加入:

    clamav_clamd_enable="YES"
    clamav_freshclam_enable="YES"

    重启服务器

    测试杀毒

    mail# clamscan -r -i /usr/local/www/data

    ----------- SCAN SUMMARY -----------
    Known viruses: 41293
    Engine version: 0.87.1
    Scanned directories: 53
    Scanned files: 602
    Infected files: 0
    Data scanned: 41.51 MB
    Time: 18.294 sec (0 m 18 s)

    升级病毒库

    mail# freshclam
    ClamAV update process started at Sun Dec 4 01:10:02 2005
    main.cvd is up to date (version: 34, sigs: 39625, f-level: 5, builder: tkojm)
    daily.cvd is up to date (version: 1200, sigs: 1669, f-level: 6, builder: tomek)


    5.2 安装MailScanner

    mail# cd /usr/ports/mail/mailscanner
    mail# make install

    第一次执行安装因此需执行make initial-config以建立基本配置文件

    mail# make initial-config
    mail# make clean


    5.3 安装SpamAssassin

    mail# cd /usr/ports/mail/p5-Mail-SpamAssassin
    mail# make install clean

    我的选择:

    [X] AS_ROOT     Run spamd as root (recommended)
    [X] DOMAINKEYS   DomainKeys support
    [X] SSL         Build with SSL support for spamd/spamc
    [X] MYSQL       Add MySQL support
    [X] RAZOR       Add Vipul's Razor support
    [X] SPF_QUERY     Add SPF query support
    [X] RELAY_COUNTRY Relay country support
    [X] TOOLS       Install SpamAssassin tools


    5.4 修改Postfix设定档main.cf

    mail# ee /usr/local/etc/postfix/main.cf
    #header_checks = regexp:/usr/local/etc/postfix/header_checks     //默认值
    header_checks = regexp:/usr/local/etc/postfix/header_checks     //把注释去掉

    编辑/usr/local/etc/postfix/header_checks

    mail# ee /usr/local/etc/postfix/header_checks
    /^Received:/ HOLD                                 //新加入



    5.5 修改mailscanner.conf

    mail# ee /usr/local/etc/MailScanner/MailScanner.conf
    #Run As User =           //默认值
    Run As User = postfix       //修改后
    #Run As Group =           //默认值
    Run As Group = postfix     //修改后
    #Incoming Queue Dir = /var/spool/mqueue.in     //默认值
    Incoming Queue Dir = /var/spool/postfix/hold     //修改后
    #Outgoing Queue Dir = /var/spool/mqueue       //默认值
    Outgoing Queue Dir = /var/spool/postfix/incoming //修改后
    #MTA = sendmail           //默认值
    MTA = postfix           //修改后
    #Virus Scanners = none     //默认值
    Virus Scanners = clamav     //修改后
    #Use SpamAssassin = no     //默认值
    Use SpamAssassin = yes     //修改后


    5.6 新增MailScanner所要用到的资料夹

    mail# mkdir /var/spool/MailScanner
    mail# mkdir /var/spool/MailScanner/incoming
    mail# mkdir /var/spool/MailScanner/quarantine
    mail# chown postfix:postfix /var/spool/MailScanner/incoming
    mail# chown postfix:postfix /var/spool/MailScanner/quarantine
    mail# touch /usr/local/etc/MailScanner/rules/bounce.rules //新建一个空白文件,要不然会出错。
    mail# chmod –R 777 /var/spool/postfix
    mail#cp /usr/local/etc/MailScanner/mcp/10_example.cf.sample /usr/local/etc/MailScanner/mcp/10_example.cf
    mail#cp /usr/local/etc/MailScanner/mcp/mcp.spam.assassin.prefs.conf.sample /usr/local/etc/MailScanner/mcp/mcp.spam.assassin.prefs.conf

    注:这里的倒数一、二行实际操作中为一行

    重新启动服务器

    测试病毒过滤:

    mail# telnet localhost 25
    Trying ::1...
    telnet: connect to address ::1: Connection refused
    Trying 127.0.0.1...
    Connected to localhost.
    Escape character is '^]'.
    220 mail.toping.net ESMTP Postfix
    mail from:webmaster@toping.net
    250 Ok
    rcpt to:webmaster@toping.net
    250 Ok
    data
    354 End data with <CR><LF>.<CR><LF>
    Subject:Virus test

    X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*

    .
    250 Ok: queued as F0C221CC20     //出现F0C221CC20这行表示mailscanner运行成功了
    quit
    221 Bye
    Connection closed by foreign host.


    5.7把病毒提示信息改为中文

    预设系统提示信息为英文,可以下载我修改的中文包。

    http://mail.toping.net/mailscanner/cn.rar

    注:把下载下来的文件解压后放到/usr/local/share/MailScanner/reports/cn下面去

    mail# ee /usr/local/etc/MailScanner/MailScanner.conf
    #%report-dir% = /usr/local/share/MailScanner/reports/en //默认值(加载英文)
    %report-dir% = /usr/local/share/MailScanner/reports/cn //修改后为读取中文


    5.8 用MailScanner来监管进出邮件

    mail# ee MailScanner.conf
    Archive Mail = %rules-dir%/archive.rules
    mail# ee archive.rules

    方法一:互相备份, 以上这样并不会造成 loop

    FromOrTo: a@toping.net yes forward b@toping.net
    FromOrTo: b@toping.net yes forward a@toping.net

    方法二:可以 forward 到复数信箱

    FromOrTo: a@toping.net yes forward b@toping.net c@toping.net d@toping.net

    方法三:同时备份到一个或多个档案及一个或多个信箱

    FromOrTo: a@toping.net yes forward /var/spool/MailScanner/archive/a_user_backup.mbx /var/spool/MailScanner/archive/a_user_backup.mbx b@toping.net scyz2@163.com

    注:以上为一行,该档案要先建立且确定该档案拥有者与 MailScanner.conf 的 Run As User = XXXXXXX 相同

    方法四:备份到数据夹及多个信箱或档案

    FromOrTo: a@toping.net yes forward /var/spool/MailScanner/archive/ b@toping.net scyz2@163.com /var/spool/MailScanner/archive/a_user_backup.mbx

    注:以上为一行,权限同SAMPLE3;注意事项, 他会依日期再分数据夹, 日期数据夹内的文件名称 mail queue ID, 格式为 postfix mail queue 格式

    更详细的mailscanner.cf的参数请看论坛:

    http://www.toping.net/bbs/htm_data/7/0509/533.html


    5.9.安装MailScanner-mrtg

    mail# cd /usr/ports/mail/ mailscanner-mrtg
    mail# make install clean

    mailscanner-mrtg相关设置

    mail# cd /usr/local/etc/mailscanner-mrtg   //切换至mailscanner-mrtg 目录
    mail# cp mailscanner-mrtg.conf.sample mailscanner-mrtg.conf
    mail# cp mailscanner-mrtg.cfg.sample mailscanner-mrtg.cfg
    mail# chmod 644 mailscanner-mrtg.conf     //更改权限为可修改
    mail# chmod 644 mailscanner-mrtg.cfg       //更改权限为可修改
    mail# ee mailscanner-mrtg.conf           //修改mailscanner-mrtg.conf内容如下
    #MTA = sendmail       //默认值
    MTA = postfix       //修改后
    #Where the MTA puts mail before MailScanner gets it  
    #Incoming Queue Dir = /var/spool/postfix.in/deferred/ # Postfix
    #Incoming Queue Dir = /var/spool/exim.in/input/ # Exim
    Incoming Queue Dir = /var/spool/mqueue.in/ # Sendmail   //默认值
    Incoming Queue Dir = /var/spool/postfix/hold # Postfix   //修改后
    #Where MailScanner puts your mail after it is scanned    
    #Outgoing Queue Dir = /var/spool/postfix/incoming/ # Postfix
    #Outgoing Queue Dir = /var/spool/exim/input # Exim (?)
    Outgoing Queue Dir = /var/spool/mqueue/ # Sendmail       //默认值
    Outgoing Queue Dir = /var/spool/postfix/incoming/ # Postfix //修改后(把#拿掉)
    #Which interfaces to monitor (comma separated list)      
    Interfaces to Monitor = fxp0       //默认值
    Interfaces to Monitor = vr0         //修改后(改成您的网卡吧)
    mail# ee /usr/local/etc/apache/httpd.conf   //修改apache配置以便读取mailscanner-mrtg数据

    内容如下:

    #MailScanner Setting
    Alias /mailscanner-mrtg/ "/usr/local/www/mailscanner-mrtg/"

    Step5 产生MailScanner-Mrtg流量图

    mail# /usr/local/bin/mrtg /usr/local/etc/mailscanner-mrtg/mailscanner-mrtg.cfg    
    mail# crontab -e
    */10 * * * * /usr/local/bin/mrtg /usr/local/etc/mailscanner-mrtg/mailscanner-mrtg.cfg


    5.10 安装APF防垃圾邮件

    http://apf.org.cn

    下载地址:

    http://mail.toping.net/apf/apf.rar

    下载最新的APF包解压到/usr/local/etc/postfix目录。

    这时/usr/local/etc/postfix目录里边有一个apf-posftix.pl的文件
    修改/usr/local/etc/postfix/master.cf

    mail# ee /usr/local/etc/postfix/master.cf

    加入:

    apf unix -     n     n     -     -     spawn
      user=nobody argv=/usr/bin/perl /usr/local/etc/postfix/apf-postfix.pl

    增加黑白名单:


    1)IP黑名单:

    ip_black_list.txt


    2)IP白名单

    ip_white_list.txt


    3)域名黑名单

    dn_black_list.txt


    4)域名白名单

    dn_white_list.txt


    6 安装webmail

    如何使用本人修改的tmail3.5,webmail使用tmail,版本是tmail3.5

    建议下载本人修改的tmail3.5

    安装方法参考论坛:

    http://www.toping.net/bbs/htm_data/7/0507/174.html

    mail# cd /usr/local/www/data
    mail# chown -R postfix:postfix phpMyAdmin
    mail# cd /usr/local/etc
    mail# cp php.ini-dist php.ini

    修改/usr/local/etc/php.ini

    webmail上传附件设置:

    register_globals = On
    max_execution_time = 30     //改为60 (增加处理脚本的时间限制)
    memory_limit = 8M         //改为40M (这样才能发10M的附件)
    post_max_size = 8M         //改为10M
    upload_max_filesize = 2M     //改为10M

    重启apache

    mail# /usr/local/etc/rc.d/apache2.sh restart


    7、安装邮件列表(MAILMAN)安装

    本节主要讲述邮件列表mailman的安装和配置

    设置/etc/make.conf

    mail# ee /etc/make.conf
    # mail/mailman
    MAIL_GID="mailman"

    安装mailman

    mail# portinstall -m BATCH=yes mail/mailman

    配置apache(新加入)

    mail# ee /usr/local/etc/apache2/httpd.conf
    ScriptAlias /mailman "/usr/local/mailman/cgi-bin"


    <Directory "/usr/local/mailman/cgi-bin">
    AllowOverride None
    Options none
    Order allow,deny
    Allow from all
    </Directory>
    Alias /pipermail "/usr/local/mailman/archives/public"

    <Directory "/usr/local/mailman/archives/">
    AllowOverride None
    Options +FollowSymlinks
    Order allow,deny
    Allow from all
    </Directory>

    用check_perms

    mail# /usr/local/mailman/bin/check_perms -f

    注:加上-f参数可以修复。

    修改/usr/local/mailman/Mailman/mm_cfg.py,加上:

    DEFAULT_EMAIL_HOST = 'lists.toping.net'
    MTA = 'Postfix'
    POSTFIX_STYLE_VIRTUAL_DOMAINS = ['lists.toping.net', 'toping.net']

    添加一个邮件列表:

    mail# /usr/local/mailman/bin/newlist mailman

    把用户添加到邮件列表里测试,建一个文本文件,比如maillists.txt,一行一个邮件地址,然后执行如下命令:

    mail# /usr/local/mailman/bin/add_members -n maillists.txt mailman
    mail# ee postfix/main.cf
    owner_request_special = no
    recipient_delimiter = +

    virtual_alias_maps = hash:/usr/local/mailman/data/virtual-mailman,
    mysql:/usr/local/etc/postfix/mysql/mysql_virtual_alias_maps.cf
    alias_maps = hash:/usr/local/mailman/data/aliases,hash:/usr/local/etc/postfix/aliases
    mail# ee Default.py
    DEFAULT_EMAIL_HOST = 'lists.toping.net'
    DEFAULT_URL_HOST = 'lists.toping.net'
    DEFAULT_URL_PATTERN = 'http://%s/mailman/'

    DEFAULT_SERVER_LANGUAGE = 'zh_CN'

    设置virtual-mailman

    mail# ee /usr/local/mailman/data/virtual-mailman
    lists.meilai.com <http://lists.meilai.com> anything

    邮件列表的配置

    Default.py和mm_cfg.py的配置是针对全局的,对全局配置文件的修改不会影响到已经存在的邮件列表。mailman提供了config_list这个命令来对单个邮件列表进行配置,先导出该邮件列表的配置:

    mail# /usr/local/mailman/bin/config_list -o /tmp/config mailman

    然后修改/tmp/config文件,里面有很多选项,可以根据自己的要求修改,比如加上回复到邮件列表的邮件头、去掉mailman自动加的边脚等等,最后把这个配置文件导回给邮件列表就可以了:

    mail# /usr/local/mailman/bin/config_list -i /tmp/config mailman

    下面你可以通过web去管理你的邮件列表:

    http://lists.toping.net/mailman/admin/mailman

    查看邮件列表信息:

    http://lists.toping.net/mailman/listinfo/mailman/

    功能太强大了,这里不一一的讲解,自己去发现吧


    8、查看系统状态

    本节主要讲述phpSysInfo工具的安装和配置,安装phpSysInfo(2.2)

    mail# cd /usr/ports/www/phpSysInfo
    mail# make install clean
    mail# cd /usr/local/www/data-dist/phpSysInfo
    mail# cp config.php.new config.php


    9、关于本文;


    10、更新日志;

    新增“邮件列表”mailman的安装和设置
    新增“邮件流量监控”mailscanner-mrtg的安装和设置
    新增php对zend的支持安装
    新增使用mailscanner来对进出邮件进行监管。new
    修正上一个版本的一些理解性和文件性错误。
    主要增强了原来的userinfo数据表。请使用Tmail3.5的用户及时更新。
    主要“加强”了病毒过滤和垃圾邮件过滤,更加节约系统资源,使系统配置更简单化。
    本文首次使用APF来加强对垃圾邮件的过滤。
    垃圾邮件过滤基本上达到了95%的成功率
    本文首次使用MailScanner+Clamav配合对邮件病毒进行过滤。
    经过严格病毒邮件测试成功率达到了100%。
    翻译了病毒邮件提示为中文提示,让系统更加的人性化。
    在文档安装过程中加入更详细的说明
    在文档软件安装过程中配备了图像,让安装更加的容易。
    修正了很多文字性的错误.....
    


    11、参考文档;


    12、相关文档;

    《基于Linux和Postfix的邮件系统的web mail安装手册》

    http://www.linuxsir.org/main/node/203

  • 相关阅读:
    docker 操作命令
    cenos 下docker安装gitlab
    jenkins实现git钩子
    这大概是晚上最简单的翻牌效果了吧
    centos配置nginx
    putty操作指南
    阿里云centos配置jenkins
    阿里云centos配置tomcat
    利用canvas生成二维码
    生成二维码
  • 原文地址:https://www.cnblogs.com/wangbin/p/1436050.html
Copyright © 2020-2023  润新知