linux下构建LAMP+Postfix+Dovecot+SquirrelMail+Extmail+Extman+SpamAssassin防垃圾
Linux下mail服务器架构之源码实现postfix全功能电子邮件
第一、安装前的准备工作:
[[email protected] ~]# uname –r #查看Linux的环境
2.6.25.19
准备:关闭firewall和SELinux(略)
1.准备:下载以下软件(这里我将包放在/root/mail/和/root/lamp/下了)
软件包免费下载地址:http://down.51cto.com/data/371439
httpd-2.2.9.tar.gz
mysql-5.0.95.tar.gz
php-5.4.0.tar.bz2
DBD-mysql-4.020.tar.gz
DBI-1.616.tar.gz
File-Tail-0.99.3.tar.gz
GD-2.46.tar.gz
MailScanner-4.84.3-1.rpm.tar.gz
Unix-Syslog-1.1.tar.gz
courier-authlib-0.62.4.tar.bz2
dovecot-1.1.4.tar.gz
extmail-1.2.tar.gz
extman-1.1.tar.gz
fp-Linux-i686-ws.tar.gz
postfix-2.8.2.tar.gz
rrdtool-1.2.23-3.el5.i386.rpm
rrdtool-perl-1.2.23-3.el5.i386.rpm
squirrelmail-webmail-1.4.22.tar.gz
squirrelmail-webmail-1.4.22.tar.gz
软件包免费下载地址:http://down.51cto.com/data/371439
2.#修改ip地址为192.168.101.210,修改dns指向为192.168.101.210
[[email protected] ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0
NETMASK=255.255.255.0
IPADDR=192.168.101.210
[[email protected] ~]# service network restart
[[email protected] ~]# vim /etc/resolv.conf
nameserver 192.168.101.210
3、安装以下开发所用到的rpm包组:
Development Libraries
Development Tools
Legacy Software Development
X Software Development
#安装方法: yum groupinstall "packge_group_name"
4.构建本地yum服务器(略)
5.安装配置dns服务器:
[[email protected] ~]# yum install -y bind bind-chroot caching-nameserver
[[email protected] ~]# cd /var/named/chroot/etc/
[[email protected] etc]# cp –p named.caching-nameserver.conf named.conf
[[email protected] etc]# vim named.conf
15 listen-on port 53 { any; };
27 allow-query { any; };
28 allow-query-cache { any; };
37 match-clients { any; };
38 match-destinations { any; };
[[email protected] etc]# vim named.rfc1912.zones
20 zone "junjie.com" IN {
21 type master;
22 file "junjie.com.db";
23 allow-update { none; };
24 };
37 zone "101.168.192.in-addr.arpa" IN {
38 type master;
39 file "192.168.101.db";
40 allow-update { none; };
41 };
[[email protected] etc]# cd ../var/named/
[[email protected] named]# cp -p localhost.zone junjie.com.db
[[email protected] named]# vim junjie.com.db
2 @ IN SOA ns.junjie.com. root (
9 @ IN NS ns.junjie.com.
10 ns IN A 192.168.101.210
11 mail IN A 192.168.101.210
12 pop3 IN CNAME mail
13 smtp IN CNAME mail
14 @ IN MX 10 mail
[[email protected] named]# cp -p named.local 192.168.101.db
[[email protected] named]# vim 192.168.101.db
210 IN PTR mail.junjie.com.
[[email protected] named]# chkconfig named on
[[email protected] named]# service named start
[[email protected] named]# rndc reload
server reload successful
#查看dns解析是否正常
[[email protected] named]# nslookup pop3.junjie.com
[[email protected] named]# nslookup mail.junjie.com
[[email protected] named]# dig -t mx junjie.com
[[email protected] named]# nslookup 192.168.101.210
6.修改主机名称,并重新启动系统,重启后挂载光盘
[[email protected] named]# vim /etc/sysconfig/network
HOSTNAME=mail.junjie.com
[[email protected] named]# init 6
[[email protected] ~]# mount /dev/cdrom /mnt/cdrom/
第二 LAMP平台结构,源码构建LAMP环境
[[email protected] ~]# cd lamp/
[[email protected] lamp]# ls
httpd-2.2.9.tar.gz
mysql-5.0.95.tar.gz
php-5.4.0.tar.bz2
2.1安装apache软件:
[[email protected] lamp]# tar -zxvf httpd-2.2.9.tar.gz -C /usr/local/src/
[[email protected] lamp]#cd /usr/local/src/httpd-2.2.9/
[[email protected] httpd-2.2.9]# ./configure
--prefix=/usr/local/apache2 --enable-so --enable-rewrite
[[email protected] httpd-2.2.9]# make && make install
#这里我们并没有将Suexec编译进apache中去,提到这个的原因
#是因为后面我们装postfix时候的后台管理extman是通过CGI的
#方式来调用程序的,如果不启用Suexec的话那么就会限制其他
#用户调用CGI程序,但考虑到启用Suexec的风险我们在此
#就不启用它了。
#(启用方式:--enable-suexec –with-suexec-caller=daemon
#–with-suexec-docroot=/usr/local/apache2/htdocs)
#进行相关配置,使apache正常工作
[[email protected] httpd-2.2.9]# cd /usr/local/apache/
[[email protected] apache]# ./bin/apachectl start
[[email protected] apache]# netstat -tupln |grep http
[[email protected] apache]# vim /etc/profile
55 PATH=$PATH:/usr/local/apache/bin/
[[email protected] apache]# . /etc/profile
[[email protected] apache]# echo $PATH
/usr/lib/qt-3.3/bin:/usr/kerberos/sbin:/usr/kerberos/bin:
/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:
/root/bin:/usr/local/apache/bin/
#此时可以再任何位置:apachectl start|restart |stop
#配置apache的库文件
[[email protected] include]# cat /etc/ld.so.conf
[[email protected] include]# cd /etc/ld.so.conf.d/
[[email protected] ld.so.conf.d]# vim apache.conf
/usr/local/apache/lib
[[email protected] ld.so.conf.d]# ldconfig -v |grep apache
/usr/local/apache/lib:
[[email protected] ld.so.conf.d]#
#查看httpd信息.
[[email protected] ld.so.conf.d]# netstat -tupln |grep httpd
tcp 0 0 :::80 :::* LISTEN 21263/httpd
2.2安装mysql软件:
[[email protected] ld.so.conf.d]# cd /root/lamp/
[[email protected] lamp]#useradd -M -s /sbin/nologin mysql
#添加mysql用户,如果安装系统时候已经装过mysql会提示用户已存在,
#建议在安装前先卸载掉系统自带的mysql,卸载完成后必须重启,
#否则新装的mysql会无法启动,提示错误信息3306端口被占有
[[email protected] lamp]# tar -zxvf mysql-5.0.95.tar.gz -C /usr/local/src/
[[email protected] lamp]# cd /usr/local/src/
[[email protected] src]# ll
[[email protected] src]# ln -s mysql-5.0.95/ mysql
[[email protected] src]# ll
[[email protected] src]# cd mysql
[[email protected] mysql]# ./configure --prefix=/usr/local/mysql
[[email protected] mysql]#make
[[email protected] mysql]# make install
#安装完成。
#配置mysql,复制主配置文件
[[email protected] mysql-5.0.95]# cp support-files/my-medium.cnf /etc/my.cnf
#初始化
[[email protected] mysql-5.0.95]# /usr/local/mysql/bin/mysql_install_db --user=mysql
[[email protected] mysql-5.0.95]# chown -R root:mysql /usr/local/mysql
[[email protected] mysql-5.0.95]# chown -R mysql /usr/local/mysql/var
#添加库文件路径
[[email protected] mysql-5.0.95]# vim /etc/ld.so.conf.d/mysql.conf
/usr/local/mysql/lib/mysql/
[[email protected] mysql-5.0.95]# ldconfig -v |grep mysql
/usr/local/mysql/lib/mysql:
libmysqlclient.so.15 -> libmysqlclient.so.15.0.0
#后台安全启动 (如果显示启动并且卡住不动按回车)
[[email protected] mysql-5.0.95]# /usr/local/mysql/bin/mysqld_safe --user=mysql &
#复制启动脚本
[[email protected] mysql-5.0.95]# cp support-files/mysql.server /etc/init.d/mysqld
#赋予脚本执行权限
[[email protected] mysql-5.0.95]# chmod +x /etc/init.d/mysqld
[[email protected] mysql-5.0.95]# chkconfig --add mysqld
[[email protected] mysql-5.0.95]# chkconfig mysqld on
[[email protected] mysql-5.0.95]# service mysqld start
#设置系统全局的环境变量PATH值,方便使用mysql数据库命令
[[email protected] mysql-5.0.95]# echo "PATH=$PATH:/usr/local/mysql/bin" >>/etc/profile
2.3安装php软件
[[email protected] mysql-5.0.95]# cd /root/lamp/
[[email protected] lamp]# ll
total 39640
-rw-r--r-- 1 root root 6396996 Apr 1 10:07 httpd-2.2.9.tar.gz
-rw-r--r-- 1 root root 22693585 Apr 1 10:08 mysql-5.0.95.tar.gz
-rw-r--r-- 1 root root 11439508 Apr 1 10:07 php-5.4.0.tar.bz2
[[email protected] lamp]# tar -jxvf php-5.4.0.tar.bz2 -C /usr/local/src/
[[email protected] lamp]# cd /usr/local/src/php-5.4.0/
[[email protected] php-5.4.0]# ./configure --prefix=/usr/local/php5
--enable-mbstring --with-apxs2=/usr/local/apache2/bin/apxs
--with-mysql=/usr/local/mysql --with-config-file-path=/usr/local/php5
#复制配置文件
[[email protected] php-5.4.0]# cp php.ini-production /usr/local/php5/php.ini
#修改apache服务的主配置文件使其支持php
[[email protected] php-5.4.0]# vim /usr/local/apache2/conf/httpd.conf
53 LoadModule php5_module modules/libphp5.so
#确认53行的存在,如果没有就重新编译php
#添加这行记录,在这行添加关于php格式的首页
167 DirectoryIndex index.php index.html
310 AddType application/x-httpd-php .php
#启动apache,在/usr/local/apache目录下执行指令:bin/apachectl start
[[email protected] php-5.4.0]# cd /usr/local/apache2/
[[email protected] apache2]# ./bin/apachectl start
[[email protected] apache2]# netstat -tupln |grep 80
tcp 0 0 :::80 :::* LISTEN 31981/httpd
2.4测试php是否与apache整合成功
[[email protected] apache2]# cd /usr/local/apache2/htdocs/
[[email protected] htdocs]# ls
[[email protected] htdocs]# mv index.html index.php
[[email protected] htdocs]# vim index.php
--xjzhujunjie
--2012/04/10
<?php
phpinfo();
?>
#在浏览器中输入http://192.168.101.210/index.php
#看到下图表示跟apache服务整合成功
[[email protected] htdocs]# vim index.php
--xjzhujunjie
--2012/04/10
<?php
$link=mysql_connect('127.0.0.1','root','');
if($link)
echo "scuess";
else
echo "fail";
?>
#在IE浏览器中输入网址http://192.168.101.210/index.php
#看到下图表示跟mysql服务整合成功
[[email protected] htdocs]# service mysqld stop
Shutting down MySQL..STOPPING server from pid file /usr/local/mysql/var/mail.junjie.com.pid
120401 11:36:07 mysqld ended [ OK ]
第三 安装postfix软件
3.1、卸载sendmail,sendmail将占用tcp 25端口,和postfix冲突:
[[email protected] ~]# rpm -e sendmail --nodeps
3.2编译安装postfix软件
[[email protected] ~]# groupadd -g 1200 postdrop
[[email protected] ~]# groupadd -g 1000 postfix
[[email protected] ~]# useradd -M -u 1000 -g postfix -G postdrop
-s /sbin/nologin postfix
[[email protected] ~]# cd /root/mail/
[[email protected] mail]# tar -zxvf postfix-2.8.2.tar.gz -C /usr/local/src/
[[email protected] mail]# cd /usr/local/src/postfix-2.8.2/
#安装,安装过程中会出现互动提问,直接选择默认设置即可.若配置中时出现问
#题,检查路径是否正确,或查看日志,和postfix用户是否存在
[[email protected] postfix-2.8.2]# make -f Makefile.init makefiles
'CCARGS=-DHAS_MYSQL
-I/usr/local/mysql/include/mysql
-DUSE_SASL_AUTH -I/usr/local/include/sasl'
'AUXLIBS=-L/usr/local/mysql/lib -lmysqlclient
-lz -lm -L/usr/local/lib -lsasl2'
[[email protected] postfix-2.8.2]# make
[[email protected] postfix-2.8.2]# make install
#生成别名二进制文件,这个步骤如果忽略,会造成postfix效率极低:
[[email protected] postfix-2.8.2]# newaliases
#查看postfix支持的模块是否有mysql;
#若不存在mysql,就不要往下做了,必须重做,知道出现mysql为止
[[email protected] postfix-2.8.2]# postconf –m
mysql
第四 配置postfix
#进行一些基本配置,测试启动postfix并进行发信
[[email protected] postfix-2.8.2]# cp /etc/postfix/main.cf /etc/postfix/main.cf.bak
[[email protected] postfix-2.8.2]# vim /etc/postfix/main.cf
76 myhostname = mail.junjie.com
83 mydomain = junjie.com
99 myorigin = $mydomain
113 inet_interfaces = all
162 mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain,
163 mail.$mydomain, www.$mydomain, ftp.$mydomain
260 mynetworks = 192.168.101.0/24, 127.0.0.0/8
说明:myorigin参数用来指明发件人所在的域名;mydestination参数指定postfix接收邮件时收件人的域名,即您的postfix系统要接收到哪个域名的邮件;myhostname 参数指定运行postfix邮件系统的主机的主机名,默认情况下,其值被设定为本地机器名;mydomain参数指定您的域名,默认情况下,postfix将myhostname的第一部分删除而作为mydomain的值;mynetworks 参数指定你所在的网络的网络地址,postfix系统根据其值来区别用户是远程的还是本地的,如果是本地网络用户则允许其访问;inet_interfaces 参数指定postfix系统监听的网络接口.注意:1、在postfix的配置文件中,参数行和注释行是不能处在同一行中的;2、任何一个参数的值都不需要加引号,否则,引号将会被当作参数值的一部分来使用;3、每修改参数及其值后执行 postfix reload 即可令其生效; 但若修改了inet_interfaces,则需重新启动postfix;4、如果一个参数的值有多个,可以将它们放在不同的行中, 只需要在其后的每个行前多置一个空格即可; postfix会把第一个字符为空格或tab的文本行视为上一行的延续;
#检查配置,启动postfix
[[email protected] postfix-2.8.2]# postfix start
postfix/postfix-script: starting the Postfix mail system
[[email protected] postfix-2.8.2]# postfix check
[[email protected] postfix-2.8.2]# service postfix restart
postfix: unrecognized service
#无法启动,此时要制作制作postfix启动控制文件
#【没有启动文件的启动postfix方法:
#/usr/local/postfix/sbin/postfix start】
[[email protected] postfix-2.8.2]# mkdir /tmp/abc
[[email protected] postfix-2.8.2]# cd /tmp/abc
[[email protected] abc]# cp /mnt/cdrom/Server/postfix-2.3.3-2.1.el5_2.i386.rpm ./
[[email protected] abc]# rpm2cpio postfix-2.3.3-2.1.el5_2.i386.rpm |cpio -id
16333 blocks
[[email protected] abc]# ll
[[email protected] abc]# ll etc/rc.d/init.d/postfix
-rwxr-xr-x 1 root root 2404 Apr 1 13:01 etc/rc.d/init.d/postfix
[[email protected] abc]# cp etc/rc.d/init.d/postfix /etc/rc.d/init.d/
[[email protected] abc]# service postfix restart
Shutting down postfix: [ OK ]
Starting postfix: [ OK ]
[[email protected] abc]# chkconfig --add postfix
[[email protected] abc]# chkconfig postfix on
[[email protected] abc]# chkconfig --list postfix
postfix 0:off 1:off 2:on 3:on 4:on 5:on 6:off
#连接postfix,验正服务启动状况,测试是否可以发信:
[[email protected] ~]# useradd user1
[[email protected] ~]# useradd user2
[[email protected] ~]# echo "123" |passwd --stdin user1
[[email protected] ~]# echo "123" |passwd --stdin user2
[[email protected] ~]# telnet mail.junjie.com 25
Trying 192.168.101.210...
Connected to mail.junjie.com (192.168.101.210).
Escape character is '^]'.
220 mail.junjie.com ESMTP Postfix
ehlo mail.junjie.com
250-mail.junjie.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
mail from:[email protected]
250 2.1.0 Ok
rcpt to:[email protected]
250 2.1.5 Ok
data
354 End data with <CR><LF>.<CR><LF>
user1--to--user2
.
250 2.0.0 Ok: queued as 4961D16DE6E
quit
221 2.0.0 Bye
Connection closed by foreign host.
[[email protected] ~]# su - user2
[[email protected] ~]$ mail
Mail version 8.1 6/6/93. Type ? for help.
"/var/spool/mail/user2": 1 message 1 new
>N 1 [email protected] Tue Apr 10 16:37 13/472
& 1
Message 1:
From [email protected] Tue Apr 10 16:37:23 2012
X-Original-To: [email protected]
Delivered-To: [email protected]
Date: Tue, 10 Apr 2012 16:36:42 +0800 (CST)
From: [email protected]
user1--to--user2
& quit
Saved 1 message in mbox
[[email protected] ~]$
#cat /home/test/Maildir/new/ 按tab键可以看见刚才发的那封邮件,说明SMPT没有问题。
第五 Dovecot 邮局软件安装(提供pop3/imap4协议)
5.1安装Dovecot
[[email protected] ~]# cd /root/mail/
[[email protected] mail]# tar -zxvf dovecot-1.1.4.tar.gz -C /usr/local/src/
[[email protected] mail]# cd /usr/local/src/dovecot-1.1.4/
[[email protected] dovecot-1.1.4]# groupadd dovecot
[[email protected] dovecot-1.1.4]# useradd -M -s /sbin/nologin dovecot
[[email protected] dovecot-1.1.4]# ./configure --sysconfdir=/etc --with-mysql && make && make install
5.2安装完成,配置
[[email protected] dovecot-1.1.4]# cp /etc/dovecot-example.conf /etc/dovecot.conf
[[email protected] dovecot-1.1.4]# vim /etc/dovecot.conf
23 protocols = pop3 imap
47 disable_plaintext_auth = no
87 ssl_disable = yes
208 mail_location = maildir:~/Maildir
[[email protected] ~]# vim /etc/postfix/main.cf
415 home_mailbox = Maildir/
[[email protected] dovecot-1.1.4]# vim /etc/pam.d/dovecot
auth required pam_nologin.so
auth include system-auth
account include system-auth
session include system-auth
#/usr/local/sbin/dovecot -c /etc/dovecot.conf 启动把这句话写入开机脚本
# pkill -1 dovecot #重新读取dovecot
[[email protected] dovecot-1.1.4]# /usr/local/sbin/dovecot -c /etc/dovecot.conf
测试接受服务器dovecot
[[email protected] dovecot-1.1.4]# telnet mail.junjie.com 110
Trying 192.168.101.210...
Connected to mail.junjie.com (192.168.101.210).
Escape character is '^]'.
+OK Dovecot ready.
user user2
+OK
pass 123
+OK Logged in.
list
+OK 1 messages:
1 432
.
retr 1
+OK 432 octets
Return-Path: <[email protected]>
X-Original-To: [email protected]
Delivered-To: [email protected]
Received: from mail.junjie.com (mail.junjie.com [192.168.101.210])
by mail.junjie.com (Postfix) with ESMTP id 6FA1116DEF5
for <[email protected]>; Tue, 10 Apr 2012 17:46:37 +0800 (CST)
Message-Id: <[email protected]>
Date: Tue, 10 Apr 2012 17:46:37 +0800 (CST)
From: [email protected]
11111111111111
.
quit
+OK Logging out.
Connection closed by foreign host.
第六 安装Webmail软件
6.1 squirrelmail安装
[[email protected] ~]# cd mail/
[[email protected] mail]# tar -zxvf squirrelmail-webmail-1.4.22.tar.gz -C /usr/local/apache2/htdocs/
[[email protected] mail]# cd /usr/local/apache2/htdocs/
[[email protected] htdocs]# mv squirrelmail-webmail-1.4.22/ webmail
6.2 配置webmail
[[email protected] htdocs]# cd /usr/local/apache2/htdocs/webmail/
[[email protected] webmail]# mkdir -p attach data/
[[email protected] webmail]# chown -R daemon:daemon attach/ data/
[[email protected] webmail]# chmod 730 attach/
[[email protected] webmail]# cp config/config_default.php config/config.php
[[email protected] webmail]# vim config/config.php
118 $domain = 'junjie.com';
146 $smtpServerAddress = 'localhost';
151 $smtpPort = 25;
210 $imapPort = 143;
231 $imap_server_type = 'dovecot';
499 $data_dir = '/usr/local/apache2/htdocs/webmail/data/';
517 $attachment_dir = '/usr/local/apache2/htdocs/webmail/attach/';
6.3重启 apache 服务
[[email protected] webmail]# /usr/local/apache2/bin/apachectl restart
6.4测试:客户端IE地址栏中输入 http://mail.junjie.com/webmail (前提mail.junjie.com可以被解析,否则用ip)即可看见下图:
到此我们的postfix+webmail已经安装完成,但是为了使我们更好的管理维护邮件服务器的前端与后台接下来我们来安装extmail和extman以便实现我们的需求。
6.5 初始化 extman 软件
6.5.1 数据库脚本
[[email protected] ~]# service mysqld restart
Shutting down MySQL.. [ OK ]
Starting MySQL. [ OK ]
[[email protected] ~]# cd mail/
[[email protected] mail]# tar -zxvf extman-1.1.tar.gz -C /usr/local/src/
[[email protected] mail]# cd /usr/local/src/extman-1.1/docs/
6.5.2脚本导入数据库的时候会询问密码,默认情况下root用户密码为空
[[email protected] docs]# mysql -u root -p < extmail.sql
Enter password:
[[email protected] docs]# mysql -u root -p <init.sql
Enter password:
#注意这里在5.3版本中汇出错
ERROR 1064 (42000) at line 50: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'TYPE=MyISAM COMMENT='Ext/Webman - Admin Accounts'' at line 15
原因:编写数据库的版本比当前安装的版本不相同。
解决:1、用文本编辑器打开extmail.sql;
2、查找/替换,将数据库文件内的所有TYPE=MyISAM修改为ENGINE=MyISAM,保存退出;
3、重新导入extmail.sql即可。
第七重天 配置 Postfix
#查看模块,#postconf -m |grep mysql 返回值有mysql,说明可以支持mysql 数据库的查询表
[[email protected] docs]# cd
[[email protected] ~]# postconf -m |grep mysql
mysql
7.1 修改配置文件
[[email protected] ~]# vim /etc/postfix/main.cf
162-163行需要注释掉
162 #mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain,
163 # mail.$mydomain, www.$mydomain, ftp.$mydomain
652 virtual_mailbox_base = /mailbox
653 virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
654 virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
655 virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf
656 virtual_uid_maps = static:1000
657 virtual_gid_maps = static:1000
658 virtual_transport = virtual
[[email protected] ~]# cd /usr/local/src/extman-1.1/docs/
[[email protected] docs]# cp mysql_virtual_* /etc/postfix/
第八重天 虚拟用户设置SMTP发信认证
8.1 软件安装
注意:确认系统中的rpm格式的mysql 软件被卸载
[[email protected] ~]# cd mail/
[[email protected] mail]# tar -jxvf courier-authlib-0.62.4.tar.bz2 -C /usr/local/src/
[[email protected] mail]# cd /usr/local/src/courier-authlib-0.62.4/
[[email protected] courier-authlib-0.62.4]# ./configure --prefix=/usr/local/courier-authlib --without-stdheaderdir --with-authmysql --with-redhat --with-mysql-libs=/usr/local/mysql/lib/mysql --with-mysql-includes=/usr/local/mysql/include/mysql
install-configure #生成默认配置文件authmysqlrc 和 authdaemonrc
[[email protected] courier-authlib-0.62.4]# make && make install && make install-configure
8.2 添加courier-authlib的库文件路径
[[email protected] courier-authlib-0.62.4]# vim /etc/ld.so.conf.d/courier-authlib.conf
/usr/local/courier-authlib/lib/courier-authlib
[[email protected] courier-authlib-0.62.4]# ldconfig -v |grep courier-authlib
/usr/local/courier-authlib/lib/courier-authlib:
8.3 修改authdaemonrc主配置文件
[[email protected] courier-authlib-0.62.4]# cd /usr/local/courier-authlib/etc/authlib
[[email protected] authlib]# cp authdaemonrc authdaemonrc.bak
[[email protected] authlib]# vim authdaemonrc
27 authmodulelist="authmysql"
34 authmodulelistorig="authmysql"
[[email protected] authlib]# chmod -R 755 /usr/local/courier-authlib/var/spool/authdaemon/
8.4 修改authmysqlrc 文件
[[email protected] authlib]# cd /usr/local/courier-authlib/etc/authlib
[[email protected] authlib]# cp authmysqlrc authmysqlrc.bak
[[email protected] authlib]# vim authmysqlrc
26 MYSQL_SERVER localhost
27 MYSQL_USERNAME extmail
28 MYSQL_PASSWORD extmail
49 MYSQL_SOCKET /tmp/mysql.sock
56 MYSQL_PORT 3306
68 MYSQL_DATABASE extmail
83 MYSQL_USER_TABLE mailbox
92 MYSQL_CRYPT_PWFIELD password
113 MYSQL_UID_FIELD uidnumber
119 MYSQL_GID_FIELD gidnumber
128 MYSQL_LOGIN_FIELD username
133 MYSQL_HOME_FIELD concat('/mailbox/',homedir)
139 MYSQL_NAME_FIELD name
150 MYSQL_MAILDIR_FIELD concat('/mailbox/',maildir
8.5. 复制courier-authlib脚本,并启动courier-authlib服务。
[[email protected] authlib]# cd /usr/local/src/courier-authlib-0.62.4/
[[email protected] courier-authlib-0.62.4]# cp courier-authlib.sysvinit /etc/init.d/courier-authlib
[[email protected] courier-authlib-0.62.4]# cd
[[email protected] ~]# chmod 755 /etc/init.d/courier-authlib
[[email protected] ~]# chkconfig --add courier-authlib
[[email protected] ~]# chkconfig --level 2345 courier-authlib on
[[email protected] ~]# chkconfig --list courier-authlib
courier-authlib 0:off 1:off 2:on 3:on 4:on 5:on 6:off
[[email protected] ~]# service courier-authlib start
Starting Courier authentication services: authdaemond
[[email protected] ~]# ps -aux |grep courier-authlib
第九重天 修改Cyrus sasl 设置
#添加如下文件
[[email protected] ~]# vim /usr/lib/sasl2/smtpd.conf
pwcheck_method: authdaemond
mech_list:PLAIN LOGIN
authdaemond_path:/usr/local/courier-authlib/var/spool/authdaemon/socke
第十 修改Dovecot配置
10.1修改Dovecot
[[email protected] ~]# vim /etc/dovecot.conf
208 mail_location = maildir:/mailbox/%d/%n/Maildir
790 auth default {
795 mechanisms = plain
828 # passdb pam {
857 # }
899 passdb sql {
901 args = /etc/dovecot-mysql.conf
902 }
962 userdb sql {
964 args = /etc/dovecot-mysql.conf
965 }
#打开一行,postfix的配置文件也要该(可能已经改过)
[[email protected] ~]# vim /etc/postfix/main.cf
415 home_mailbox = Maildir/
10.2 建立数据查询配置文件,手动产生/etc/dovecot-mysql.conf文件:
[[email protected] ~]# vim /etc/dovecot-mysql.conf
1 ver = mysql
2 connect = host=localhost dbname=extmail user=extmail password=extmail
3 default_pass_scheme = CRYPT
4 password_query = SELECT username AS user,password AS password FROM m ailbox WHERE username = ‘%u’
5 user_query = SELECT maildir, uidnumber AS uid, gidnumber AS gid FRO M mailbox WHERE username = ‘%u’
第十一 建立虚拟用户
11.1 建立邮箱目录并调整权限
[[email protected] ~]# mkdir -p /mailbox/extmail.org/postmaster/Maildir
[[email protected] ~]# cd /mailbox/extmail.org/postmaster/Maildir/
[[email protected] Maildir]# chown -R postfix:postfix /mailbox/
#启动服务
[[email protected] Maildir]# dovecot
Fatal: Dovecot is already running with PID 29275 (read from /usr/local/var/run/dovecot/master.pid)
[[email protected] Maildir]# /usr/local/sbin/dovecot -c /etc/dovecot.conf
Fatal: Dovecot is already running with PID 29275 (read from /usr/local/var/run/dovecot/master.pid)
11.2 虚拟用户测试
确认authlib服务
[[email protected] Maildir]# /usr/local/courier-authlib/sbin/authtest -s login [email protected] extmail
Authentication succeeded.
Authenticated: [email protected] (uid 1000, gid 1000)
Home Directory: /mailbox/extmail.org/postmaster
Maildir: /mailbox/extmail.org/postmaster/Maildir/
Quota: (none)
Encrypted Password: $1$phz1mRrj$3ok6BjeaoJYWDBsEPZb5C0
Cleartext Password: extmail
Options: (none)
(其实这时候如果验证不通过,后面的虚拟用户也可以建立) 成功提示信息
第十二 ExtMail平台
基于Perl 语言开发的中文Webmail管理平台
套件:ExtMail --Web 界面的邮件操作
Extman –Web 界面的邮件系统管理
12.1平台安装
3个倚赖包
[[email protected] Maildir]# cd /root/mail/
[[email protected] mail]# ll
[[email protected] mail]# tar -zxf Unix-Syslog-1.1.tar.gz -C /usr/local/src/
[[email protected] mail]# cd /usr/local/src/Unix-Syslog-1.1/
[[email protected] Unix-Syslog-1.1]# perl Makefile.PL && make && make install
[[email protected] Unix-Syslog-1.1]# cd /root/mail/
[[email protected] mail]# ll
[[email protected] mail]# tar -zxf DBI-1.616.tar.gz -C /usr/local/src/
[[email protected] mail]# cd /usr/local/src/DBI-1.616/
[[email protected] DBI-1.616]# perl Makefile.PL && make && make install
[[email protected] DBI-1.616]# cd /root/mail/
[[email protected] mail]# ll
[[email protected] mail]# tar -zxf DBD-mysql-4.020.tar.gz -C /usr/local/src/
[[email protected] mail]# cd /usr/local/src/DBD-mysql-4.020/
[[email protected] DBD-mysql-4.020]# perl Makefile.PL && make && make install
#注意以上三个包在编译安装过程可能会提示 警告信息 隐式函数 计算出的变量值未被使用等,只要没有error信息就一切ok
安装ExtMail
[[email protected] DBD-mysql-4.020]# cd /root/mail/
[[email protected] mail]# ll
[[email protected] mail]# tar -zxf extmail-1.2.tar.gz -C /usr/local/apache2/htdocs/
[[email protected] mail]# cd /usr/local/apache2/htdocs/
[[email protected] htdocs]# ll
[[email protected] htdocs]# mv extmail-1.2 extmail
[[email protected] htdocs]# cd extmail/
[[email protected] extmail]# chown -R postfix:postfix cgi/
[[email protected] extmail]# ll
[[email protected] extmail]# cp webmail.cf.default webmail.cf
[[email protected] extmail]# ll
12.2 修改配置文件
[[email protected] extmail]# vim webmail.cf
2 SYS_CONFIG = /usr/local/apache2/htdocs/extmail/
5 SYS_LANGDIR = /usr/local/apache2/htdocs/extmail/lang
8 SYS_TEMPLDIR = /usr/local/apache2/htdocs/extmail/html
127 SYS_MAILDIR_BASE = /mailbox
139 SYS_MYSQL_USER = extmail
140 SYS_MYSQL_PASS = extmail
141 SYS_MYSQL_DB = extmail
142 SYS_MYSQL_HOST = localhost
143 SYS_MYSQL_SOCKET = /tmp/mysql.sock
12.3 修改apache服务,添加虚拟主机
[[email protected] extmail]# vim /usr/local/apache2/conf/httpd.conf
66 User postfix
67 Group postfix
412 NameVirtualHost *:80
413 <VirtualHost *:80>
414 ServerName mail.junjie.com
415 DocumentRoot /usr/local/apache2/htdocs/extmail/html/
416 ScriptAlias /extmail/cgi/ "/usr/local/apache2/htdocs/extmail/cgi/"
417 Alias /extmail "/usr/local/apache2/htdocs/extmail/html/"
418 </VirtualHost>
#这里由于前面我们并没有启用Suexec 所以我们没有在虚拟主机中添加 SuexecUerGroup postfix postfix
#重启apache
[[email protected] extmail]# /usr/local/apache2/bin/apachectl restart
12.4 Extmail无法访问问题原因
到这一步很多网上的文档都会说这时候只要在客户端访问 http://mail.junjie.com 就可以看到ExtMail的登录界面,但是经过我很多次实践改动配置得到的结果都是访问页面不存在404的错误提示页面,一度我曾认为可能是我之前编译的那三个倚赖包有问题,或者是我的PHP有问题,以及cgi权限问题都想到但是结果依然是404页面不存在,但是我可以很正常的看到访问http://mail.junjie.com时候页面确实是跳转到了http://mail.junjie.com/extmail/cgi/index.cgi这个目录,而且我这个目录中文件确实存在,没有任何问题,经过我多次尝试终于找到原因如果要成功的访问到这个页面就必须把Extman装上,并且在apache配置文件中写入extman的路径这样我终于如愿以偿的看到了期望已久的ExtMail的登录界面。
下面我们开始安装Extman
第十三 Extman平台
13.1 安装包
4个倚赖包
[[email protected] extmail]# cd /root/mail/
[[email protected] mail]# tar -zxf GD-2.46.tar.gz -C /usr/local/src/
[[email protected] mail]# cd /usr/local/src/GD-2.46/
[[email protected] GD-2.46]# perl Makefile.PL && make && make install
[[email protected] GD-2.46]# cd /root/mail/
[[email protected] mail]# tar -zxf File-Tail-0.99.3.tar.gz -C /usr/local/src/
[[email protected] mail]# cd /usr/local/src/File-Tail-0.99.3/
[[email protected] File-Tail-0.99.3]# perl Makefile.PL && make && make install
[[email protected] File-Tail-0.99.3]# cd /root/mail/
[[email protected] mail]# rpm -ivh rrdtool-1.2.23-3.el5.i386.rpm
[[email protected] mail]# rpm -ivh rrdtool-perl-1.2.23-3.el5.i386.rpm
Extman 套件
[[email protected] mail]# tar -zxf extman-1.1.tar.gz -C /usr/local/apache2/htdocs/
[[email protected] mail]# cd /usr/local/apache2/htdocs/
[[email protected] htdocs]# ll
[[email protected] htdocs]# mv extman-1.1 extman
[[email protected] htdocs]# ll
[[email protected] htdocs]# cd extman/
[[email protected] extman]# chown -R postfix:postfix cgi/
[[email protected] extman]# mkdir /tmp/extman
[[email protected] extman]# chown -R postfix:postfix /tmp/extman/
13.2 修改配置文件
[[email protected] extman]# cp webman.cf.default webman.cf
[[email protected] extman]# ll
[[email protected] extman]# vim webman.cf
2 SYS_CONFIG = /usr/local/apache2/htdocs/extman/
5 SYS_LANGDIR = /usr/local/apache2/htdocs/extman/lang
8 SYS_TEMPLDIR = /usr/local/apache2/htdocs/extman/html
12 SYS_MAILDIR_BASE = /mailbox
127 SYS_MYSQL_USER = webman
128 SYS_MYSQL_PASS = webman
129 SYS_MYSQL_DB = extmail
130 SYS_MYSQL_HOST = localhost
131 SYS_MYSQL_SOCKET = /tmp/mysql.sock
13.3 调整apache主配文件。添加extman相关目录别名
[[email protected] extman]# vim /usr/local/apache2/conf/httpd.conf
412 NameVirtualHost *:80
413 <VirtualHost *:80>
414 ServerName mail.junjie.com
415 DocumentRoot /usr/local/apache2/htdocs/extmail/html/
416 ScriptAlias /extmail/cgi/ "/usr/local/apache2/htdocs/extmail/cgi/"
417 Alias /extmail "/usr/local/apache2/htdocs/extmail/html/"
418 ScriptAlias /extman/cgi "/usr/local/apache2/htdocs/extman/cgi/"
419 Alias /extman "/usr/local/apache2/htdocs/extman/html/"
420 </VirtualHost>
[[email protected] extman]# /usr/local/apache2/bin/apachectl restart
13.4 现在在客户端访问
http://mail.junjie.com 就可以看见ExtMail的登录界面了。在客户端访问
http://mail.junjie.com/extman 就可以看见Extman后台管理登录界面了
默认管理员账户:[email protected]
默认密码:extmail*123*
#如无法登录禁用校验码,将1改为0
#[[email protected] ~]# vim /usr/local/apache2/htdocs/extman/webman.cf
#21 SYS_CAPTCHA_ON = 1
第十四重天设置邮件系统的图形化日志信息
[[email protected] ~]# ln -sf /usr/local/apache2/htdocs/extman/addon/mailgraph_ext/mailgraph-init /usr/sbin/
[[email protected] ~]# ln -sf /usr/local/apache2/htdocs/extman/addon/mailgraph_ext/qmonitor.pl /usr/sbin/
[[email protected] ~]# cp -a /usr/local/apache2/htdocs/extman/addon/mailgraph_ext/ /usr/local/
[[email protected] ~]# mailgraph-init start
Starting mail statistics grapher: mailgraph_ext
Starting queue statistics grapher: qmonitor
[[email protected] ~]# qmonitor.pl start &
[1] 6837
[[email protected] ~]# echo "/usr/sbin/qmoonitor.pl start" >> /etc/rc.d/rc.local
[[email protected] ~]# echo "/usr/sbin/mailgraph-init start" >> /etc/rc.d/rc.local
第十五登录测试
15.1 Extmail 登录页面,下面附上我成功访问之后的登录界面如下图:
15.2 Extman登录页面,输入http://mail.junjie.com/extman
登录ExtMail
这里需要注意一点就是要登录extmail必须解析域名,使用IP访问时候无法登录,会提示IP域名无效。下面我们看一下登录进去的界面。
第十六 Extman后台管理设置
16.1 首页概况,登录进去首页显示系统管理员列表
域列表中的qq.com,junjie.com是我们刚才创建的
16.2 添加域
基础设置设置域名、域名描述、最大用户、最大别名、最大限额、最大网络磁盘限额、传输方式、还有是否允许自由注册(如果勾上这个选项的话,在ExtMail登录页面下面有一个免费注册邮箱就可以注册,如果不勾的话注册免费邮箱时候就会提示域名不提供注册服务!)是否**域名、最后是域名过期日期。
16.2.1 模版设置
设置域名新账户默认限额、网络磁盘限额、新账户默认生命周期以及新账户默认开启的服务
16.3 添加用户
基础设置设置用户名,后面可选用户所在的域。
用户的磁盘限额、网络磁盘限额以及过期日期是否**等(默认磁盘、网络磁盘限额为5M)设置完基本信息保存修改会提示密码错误,所有要设置密码之后才可以保存修改。
16.3.1 密码设置
设置密码、密码找回问题以及是否禁止用户修改密码
16.3.2 功能设置
这里一般保持默认即可
16.4 添加别名
可以添加别名、别名所在的域,设置多个目标地址提示目标地址每行只能写一个并**
16.5 添加管理员
管理员名称、通用名、过期日期是否**等。同普通用户一样需要设置密码才能保存修改。
16.5.1 密码相关设置
同普通用户一样也是设置密码、找回密码问题与答案是否禁止用户修改密码等
16.5.2 管理域名
可以设置管理员管理的域名增加、删除域名等
16.6 群发邮件
按照提示说明可以设置邮件的群发,可用于通知类型的邮件
16.7 图像日志
在这里可以查看各类日志分析邮件服务器是否正常
第十七 Extmail登录
17.1 邮件用户注册界面首页,点击免费注册邮箱
17.2 邮件用户登录界面首页
17.3 偏好设置
这里可以设置个人的信息包括姓名、密码及密码问题等
17.4 发信测试
[email protected]给[email protected]发信测试
17.5 收信测试(成功)
[email protected]登录收信测试
发现成功接收2封邮件,一封是[email protected]发的,
#其他选项卡同其他的邮件服务器一样。
#注意:一直登陆不上extman,提示校验码不对,是因为系统时间和客户端时间不对
第十八 垃圾邮件过滤
18.1 根据客户端的主机名/地址过滤邮件,添加
[[email protected] ~]# vim /etc/postfix/main.cf
659 smtpd_client_restrictions = check_client_access hash:/etc/postfix/access
[[email protected] ~]# vim /etc/postfix/access
447 192.168.100 REJECT
448 192.168.100.210 OK
449 bbc.com REJECT
[[email protected] ~]# postmap /etc/postfix/access
18.2 根据客户机HELO 信息中的主机名地址过滤邮件
[[email protected] ~]# vim /etc/postfix/main.cf
660 smtpd_helo_required = yes
661 smtpd_helo_restrictions = reject_invalid_hostname
[[email protected] ~]# postfix reload
postfix/postfix-script: refreshing the Postfix mail system
[[email protected] ~]# service postfix restart
Shutting down postfix: [ OK ]
Starting postfix: [ OK ]
18.3 根据发件人的地址过滤邮件
[[email protected] ~]# vim /etc/postfix/main.cf
662 smtpd_sender_login_maps = mysql:/etc/postfix/mysql_virtual_sender_maps.cf,mysql:/etc/postfix/mysql_virtual_alias_maps.cf
663 smtpd_sender_restrictions = permit_mynetworks,reject_sender_login-mismatch,reject_non_fqdn_sender,reject_unknown_sender_domain,che ck_sender_access hash:/etc/postfix/sender_access
[[email protected] ~]# vim /etc/postfix/sender_access
[email protected] REJECT
[email protected] REJECT
fake.aptech.com REJECT
[[email protected] ~]# postmap /etc/postfix/sender_access
18.4 根据收件人的地址过滤邮件
[[email protected] ~]# vim /etc/postfix/main.cf
664 smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination,reject_non_fqdn_ recipient,re ject_unknown_recipient_domain
[[email protected] ~]# service postfix restart
Shutting down postfix: [ OK ]
Starting postfix: [ OK ]
18.5 基于邮件内容的过滤
18.5.1安装并配置MailScanner 扫描调度工具
1) 安装MailScanner 扫描调度工具,(安装时间非常长)
[[email protected] ~]# cd mail/
[[email protected] mail]# ll
[[email protected] mail]# tar -zxf MailScanner-4.84.3-1.rpm.tar.gz -C /usr/local/src/
[[email protected] mail]# cd /usr/local/src/MailScanner-4.84.3-1/
[[email protected] MailScanner-4.84.3-1]# ls
[[email protected] MailScanner-4.84.3-1]# ./install.sh
2) 修改配置文件MailScanner
[[email protected] MailScanner-4.84.3-1]# cd
[[email protected] ~]# vim /etc/MailScanner/MailScanner.conf
131 Run As User = postfix
136 Run As Group = postfix
165 Incoming Queue Dir = /var/spool/postfix/hold
169 Outgoing Queue Dir = /var/spool/postfix/incoming
196 MTA = postfix
2231 Required SpamAssassin Score = 7
2237 High SpamAssassin Score = 10
2437 Spam Actions = deliver header "X-Spam-Status: Yes"
2499 High Scoring Spam Actions = delete forward [email protected]
3) 配置Postfix 支持调用MailScanner
[[email protected] ~]# vim /etc/postfix/main.cf
520 header_checks = regexp:/etc/postfix/header_checks
#最后添加
[[email protected] ~]# vim /etc/postfix/header_checks
497 /^Received:/HOLD
4) 调整邮件过滤队列的目录属主、属组,并启动MailScanner 服务程序
[[email protected] ~]# chown -R postfix:postfix /var/spool/MailScanner/incoming/
[[email protected] ~]# chown -R postfix:postfix /var/spool/MailScanner/quarantine/
[[email protected] ~]# service MailScanner start
Starting MailScanner daemons:
incoming postfix: [ OK ]
outgoing postfix: [ OK ]
MailScanner: [ OK ]
[[email protected] ~]# chkconfig --level 35 MailScanner on
[[email protected] ~]# chkconfig --list MailScanner
MailScanner 0:off 1:off 2:on 3:on 4:on 5:on 6:off
18.5.2 安装并配置SpamAssassin 垃圾邮件过滤器
1) 安装并配置SpamAssassin 垃圾邮件过滤器
[[email protected] ~]# yum install spamassassin -y
2) 修改配置文件local.cf
(位于“/etc/mail/spamassassin/local.cf”,一般不需要进行任何修改,保
持默认设置即可)
3) 启动SpamAssassin 服务
[[email protected] ~]# chkconfig --level 2345 spamassassin on
[[email protected] ~]# chkconfig --list spamassassin
spamassassin 0:off 1:off 2:on 3:on 4:on 5:on 6:off
[[email protected] ~]# service spamassassin start
Starting spamd: [ OK ]
18.5.3 安装并配置F-Port 病毒查杀软件
1) 安装F-Port 软件包安装过程中出现提示是按回车键接受默认设置
[[email protected] ~]# cd mail/
[[email protected] mail]# ll
[[email protected] mail]# tar -zxvf fp-Linux-i686-ws.tar.gz -C /opt/
[[email protected] mail]# cd /opt/f-prot/
[[email protected] f-prot]# ls
[[email protected] f-prot]# ./install-f-prot.pl
2) 升级F-Port 病毒库(服务器要能够访问Internet 互联网)
[[email protected] f-prot]# /opt/f-prot/fpupdate
[[email protected] f-prot]# crontab –e (计划任务)
00 8 * * * /opt/f-prot/fpupdate
[[email protected] f-prot]# chkconfig --level 2345 crond on
[[email protected] f-prot]# service crond restart
Stopping crond: [ OK ]
Starting crond: [ OK ]
18.6测试一下你的邮件服务器防病毒能力如何
病毒测试数据:X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
垃圾邮件测试数据:
XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X
测试防垃圾,防病毒邮件过滤能力失败
转载于:https://blog.51cto.com/jinjianping/996925