在FreeBSD上組建ISP級的郵件系統(Ver:0.3)

FreeBSD(基本系統) + Postfix(MTA 郵件傳輸代理) + MySQL(後台數據庫,用戶保存用戶信息) + Cyrus -SASL2(發信認證) + Courier -IMAP(提供POP3/IMAP服務) + MailDrop(MDA 郵件投遞代理) + amavisd-new(內容過濾) + Spamassassin(反垃圾郵件) + Clamav(殺毒) + Extman (後台用戶管理) + ExtMail( 一個高效率的webmail)

作者:馮勇 fengyongchuang # yahoo.com.cn (≠%26amp;鍵盤人生$:71633908)

日期:2006-03-09

技術支持網站:www.extmail.org

QQ群:

網管之家: 5929685

網管之家-UNIX:3791457

Extmail 群/postfix 1: 6769767

Extmail 群/postfix 2: 18051473

版權所有,複制或轉載時請保留作者信息。尊重他人的勞動成果就等于尊重自己。

如有問題請到下面網址提問: http://www.extmail.org/forum/archive/2/0603/1216.html

前言1、感謝HZQBBC 多年來的幫助,讓我對linux /UNIX 有所了解。

2、本人文筆不好,歡迎拍磚。

3、本文通過一步一個軟件,一個軟件一次性設置的方式讓你了解如何組建一個郵件系統。

4、建議:良好的電腦基礎會使你事半功倍,至少你要明白互聯網上的一些常用服務的原理,如:web/ftp/dns/mail(mta/mua/mda)及了解什麽是TCP/ip協議。

5、對了BSD 操作不熟的兄弟建議看Freebsd 的Handbook。

http://cnsnap.cn.freebsd.org/doc/zh_CN.GB2312/books/handbook/index.html

6、對于英文不太好的兄弟建議使用IBM 智能詞典。

http://www.google.com/search?hl=zh-CN%26amp;q=IBM%E6%99%BA%E8%83%BD%E8%AF%8D%E5%85%B8%26amp;lr=

7、要多想多做多動腦(大腦生來就是爲了思考的,不用會生鏽),要懂得如何去使用google/baidu 尋找你需要的東西,可能你遇到的問題人家已經遇過並解決了。

8、認真觀察安裝過程、日志文件是尋找錯誤的關鍵。

9、古語雲:冰凍三尺非一日之寒,當你第N 次安裝失敗時,千萬別恢心,成功往往就與你擦肩而過。回頭認真看文檔,回想自己的操作,整理好思路。相信自己一定會成功。

10、FreeBSD 通過ports 安裝總是花上不少時間在下載文件及編譯, 建議你多喝水或爲自己准備一杯咖啡,編譯的時候走走運動一下也是個不錯的主意。

最後獻上我用了六年的座右銘:靠山山倒,靠人人倒,靠自己最好!

更新:1、接上編Freebsd 6.0 +Postfix + MySQL+Cyrus-SASL2 +Courier-IMAP + Clamav+Mailscanner+Extman+Extmail對內容進行了修改。

2、把mailscanner 換成amavisd-new。

3、增加了maildrop 作爲郵件的投遞代理。

4、更詳細的安裝過程。

5、以HTML 方式發布,方便兄弟們複制命令。

6、去掉了zend/ftp/openssl 的安裝 。

7、加入了atni-spam.org.cn 的cdl服務 從而更有效拒絕垃圾郵件。

快速索引一、設置你的DNS

二、安裝Freebsd

三、安裝mysql

四、安裝apahce

五、安裝郵件系統

六、測試系統

七、安裝反垃圾郵件

八、安裝extmail/extman

一、設置你的DNS很多人經常問爲什麽我的郵件服務器向163.com /sina.com/yahoo.com.cn...都能收到,爲什麽回複的郵件卻收不到,原因很簡單,因爲這些服務器不能找到你的域名的A記錄或MX 記錄。很多人在安裝時使用的域都是不合法的域名,即未經注冊的DNS FQDN(完全限定名)。如果你沒有申請合法的域名,可以到 comexe.cn 3322.org 申請一個動態域名來收發郵件。

本例中以 extmail.org 這個域爲例 ,主機名爲mail ,郵件服務器建立在DDNS 之上。

打開windows 的CMD 使用nslookup 查詢extmail.org 的MX記錄,如果你自己擁有固定IP可以創建自己的DNS,如果你使用的是新網或其它域名供應商,進入後台添加一個記錄即可,供體參考DNS 相關的內容。

C:\nslookup -type=mx extmail.org 221.4.66.66Server: ns2.cnc-gd.netAddress: 221.4.66.66DNS request timed out. timeout was 2 seconds.Non-authoritative answer:extmail.org MX PReference = 20, mail exchanger = mx.extmail.orgextmail.org nameserver = ns2.xinnetdns.comextmail.org nameserver = ns.xinnet.cnextmail.org nameserver = ns.xinnetdns.comextmail.org nameserver = ns2.xinnet.cnmx.extmail.org internet address = 210.21.119.139ns.xinnet.cn internet address = 210.51.171.209ns.xinnetdns.com internet address = 210.51.170.66ns2.xinnet.cn internet address = 210.51.170.67ns2.xinnetdns.com internet address = 210.51.170.67

作爲windows 高手的你,這點小事難不到你吧 。

二、安裝Freebsd A、系統分區很多人在使用自己的作業系統時,不知道如何對系統分區,對于分區方案沒有最好的,只是跟據自己的情況去分。

下面是我的分區方案。

硬盤爲120G ,/(根)1G 左右就差不多了,但考濾到/root 工作目錄也在這裏,所以分大一點。

/home/data 主要是用來存放Email /ftp用戶的數據

/tmp 1G 也是考慮到臨時文件多,所以給大也點。

/usr/ 10G 因爲要安裝軟件,還有下載的軟件,我沒有裝GUI 所以只分了10G我認爲足夠了。

/var 3G這個目錄存放的東西比較多,如日志、郵件的臨時目錄,如果空間不夠amavisd-new 無法解開郵件進行殺毒。

%df -h Filesystem Size Used Avail Capacity Mounted on /dev/ad0s1a 1.9G 481M 1.3G 26% /

devfs 1.0K 1.0K 0B 100% /dev

/dev/ad0s1g 92G 353M 84G 0% /home/data

/dev/ad0s1e 989M 224K 910M 0% /tmp

/dev/ad0s1f 9.7G 1.8G 7.1G 20% /usr

/dev/ad0s1d 2.9G 105M 2.6G 4% /var

以上方案不是最好的,鹹魚白菜各有所好。

B、安裝基本系統對于系統的安裝,我選擇了minimal(最小系統)和ports ,因爲有些沒必要的包就不裝,減少系統體積,另外作爲一台服務器,我從來不裝GUI 。

下載BSD時,只需要下載DISK 1 就行了,缺少的軟件包可以通過網絡安裝。

在FreeBSD上組建ISP級的郵件系統(Ver:0.3)

C、配置系統如果你在安裝後期沒有配置系統,在系統啓動完成後以root的身份登陸系統,運行sysinstall 進行設置,或通過ee編輯器編輯/etc/rc.conf文件,在這裏提醒各位,一會大多數服務都需要在/etc/rc.conf加入啓動內容才能正常啓動。

設置好固定IP,或通過DHCP 自動分配置機器IP。使用SSH 客戶端進行管理服務器將會爲你的工作提供方便。

使用SSH 要注意:

a、不能用root直接登陸,需要添加一個新用戶,指定到wheel 組,用此用戶登陸後用使用 su - 提升到管理員。

b、 以我的SecureCRT 爲例,Session options -Authentication -Primary 選擇keyboard Interactive

c、如果你要使用像LINUX 一樣的彩色顯示,需要把 Emulation - Terminal -Xterm 選中ANSI Color 並在/etc/csh.cshrc加入

setenv LSCOLORS ExGxFxdxCxegedabagExEx setenv CLICOLOR yes

set autolist

然後執行

sed -i.bak -E s/set\ prompt/#set\ prompt/g /root/.cshrc

退出重新登陸即可看到彩色目錄了。

D、更新軟件包采用Freebsd 最好的地方就是安裝軟件方便,還可以裝到最新的軟件包,這就是強大的posts 系統。如果你的系統在安裝時沒有選擇posts ,具休如何操作看BSD 的handbook.

CVSUP 的站點很多,你可以選擇離你最快的站點去更新posts ,具體查看 freebsd.org /freebsdchina.org.cn

在使用cvsup之前你必須連接到互聯網,並需要安裝cvsup 這個軟件

假如你的服務器在內網裏,並通過DMZ 進行IP映射,可以參考下面設置:

sshd_enable="YES"fsck_y_enable="YES"hostname="mail.extmail.org"ifconfig_rl0="inet 192.168.1.1 netmask 255.255.255.0" defaultrouter="192.168.1.1"

如果你使用的是ADSL 拔號

a、修改/etc/ppp/ppp.conf

default:set log Phase tun command # you can add more detailed logging if you wishset ifaddr 10.0.0.1/0 10.0.0.2/0 adsl: set device PPPoE:vr0 # 將vr0 改爲你拔號的網卡 set authname 你的ADSL 帳號 set authkey 你的ADSL密碼 set dial set login add default HISADDR

b、/etc/rc.conf 內容

inetd_enable="YES"sshd_enable="YES"fsck_y_enable="YES"hostname="mail.extmail.org"ifconfig_rl0="inet 192.168.1.1 netmask 255.255.255.0" ppp_enable="YES" #YES or NOppp_mode="ddial" #"auto", "ddial", "direct" or "dedicated".ppp_nat="YES" # if you want to enable nat for your local network, otherwise NOppp_profile="adsl" #/etc/ppp/ppp.conf

c、安裝cvsup-without-gui

%cd /usr/ports/net/cvsup-without-gui/ %make install clean

d、更新ports

安裝完cvsup軟件後,對ports 進行更新

%/usr/local/bin/cvsup -gL 2 -h cvsup4.freebsdchina.org /usr/share/examples/cvsup/ports-supfile

其實FreeBSD 一點也不難,我沒有說錯吧 !

三、安裝數據庫 MySQL

MySQL 版本很多,大家可以據自己需要自行安裝。

%cd /usr/ports/databases/mysql41-server/%make install clean

在/etc/rc.conf 加入

mysql_enable="YES"

複制配置文件(非必需)

cp /usr/local/share/mysql/my-small.cnf /usr/local/etc/my.cnf

在此說明:

1、如果不在/etc/rc.conf 加入以上內容,手工是無法啓動MySQL的。

2、如果你想知道這個軟件應該在/etc/rc.conf加入什麽內容,打開/usr/local/etc/rc.d 目錄,找到此軟件的啓動腳本。然後打開文件,如果有詳細的說明。

%/usr/local/etc/rc.d/mysql-server.sh start Starting mysql.

如何去檢查一個服務是否正常啓動:1、通過ps查看進程,2、檢查所打開的端口。

%ps aux|grep mysqlmysql 94899 0.2 0.5 1644 1240 p0 S 3:52PM 0:00.07 /bin/sh /usr/local/bin/mysqld_safe --mysql 94919 0.0 10.8 55564 27428 p0 S 3:52PM 0:01.54 /usr/local/libexec/mysqld --defaults-%%netstat -an|grep 3306tcp4 0 0 *.3306 *.* LISTEN

MySQL安裝時,服務器的密碼爲空,建議你裝好系統後,第一時間去更改密碼。

%/usr/local/bin/mysqladmin -u root -p passWord 你的新密碼 Enter password:

如果你服務器只供本站內部使用建議在 my.cnf 裏加入下面內容,以增加服務器的安全性。

[mysqld]bind_address=127.0.0.1

四、安裝Apache1、安裝apache server 作爲網絡的今天apache web服務器已經是街知港聞了。 %cd /usr/ports/www/apache22/%make install clean

在/etc/rc.conf 中加入:

apache22_enable="YES"

如果啓動時出現httpd: Could not reliably determine the server's fully qualified domain name, using mail.sharesky.cn for ServerName 的錯誤,在/usr/local/etc/apache22/httpd.conf 約第144行的位置加入下面的內容。

ServerName mail.extmail.org

啓動apahce

%/usr/local/etc/rc.d/apache22.sh startPerforming sanity check on apache22 configuration:Syntax OKStarting apache22.

2、安裝php%cd /usr/ports/www/mod_php4/%make install clean

Options for mod_php4 4.4.2_1,1 x x lqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqk x x x [ ] DEBUG Enable debug x x x x [X] MULTIBYTE Enable zend multibyte support x x x x [ ] IPV6 Enable ipv6 support x x x x [X] OPENSSL Build static OpenSSL extension

在/usr/local/etc/apache22/httpd.conf 裏加入

AddType application/x-httpd-php .phpAddType application/x-httpd-php-source .phps

加入目錄索引 index.php,約在httpd.conf 的212行

DirectoryIndex index.html index.php

restart或reload Apache 使之生效

%/usr/local/etc/rc.d/apache22.sh reloadPerforming sanity check on apache22 configuration:Syntax OKPerforming a graceful restart

3、安裝PHP 擴展 %cd /usr/ports/lang/php4-extensions/%make install clean

在這裏建議大家,如果沒有必要盡量不要安裝GD庫免得浪費時間,大家可據自己需要選擇安裝模塊

lqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqk x Options for php4-extensions 1.0 x x lqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqk x x x [ ] BCMATH bc style precision math functions x x x x [X] BZ2 bzip2 library support x x x x [ ] CALENDAR calendar conversion support x x x x [ ] CRACK crack support x x x x [X] CTYPE ctype functions x x x x [X] CURL CURL support x x x x [ ] DBA dba support x x x x [ ] DBASE dBase library support x x x x [ ] DBX dbx support x x x x [ ] DIO Direct I/O support x x x x [ ] DOMxml DOM support x x x x [ ] EXIF EXIF support x x x x [ ] FILEINFO fileinfo support x x x x [ ] FILEPRO filePro support x x x x [ ] FRIBIDI FriBidi support x x [X] FTP FTP support x x x x [ ] GD GD library support x x x x [X] GETTEXT gettext library support x x x x [ ] GMP GNU MP support x x x x [X] ICONV iconv support x x x x [ ] IMAGICK ImageMagick support x x x x [X] IMAP IMAP support x x x x [ ] INTERBASE Interbase 6 database support (Firebird) x x x x [ ] LDAP OpenLDAP support x x x x [X] MBSTRING multibyte string support x x x x [ ] MCAL Modular Calendar access Library support x x x x [X] MCRYPT Encryption support x x x x [ ] MCVE MCVE support x x x x [ ] MHASH Crypto-hashing support x x x x [ ] MING ming shockwave Flash support x x x x [ ] MNOGOSEARCH mnoGoSearch support x x x x [ ] MSSQL MS-SQL database support x x x x [X] MYSQL MySQL database support x x x x [ ] NCURSES ncurses support (CLI only) x x x x [ ] ODBC unixODBC support x x x x [X] OPENSSL OpenSSL support x x x x [ ] Oracle Oracle support x x x x [X] OVERLOAD user-space object overloading support x x x x [ ] PANDA panda support x x x x [ ] PCNTL pcntl support (CLI only) x x x x [X] PCRE Perl Compatible Regular Expression support x x x x [ ] PDF PDFlib support (implies GD) x x x x [ ] PFPRO PayFlow Pro support x x x x [ ] PGSQL PostgreSQL database support x x x x [X] POSIX POSIX-like functions x x x x [ ] PSPELL pspell support x x x x [ ] READLINE readline support (CLI only) x x x x [ ] RECODE recode support x x x x [X] session session support x x x x [ ] SHMOP shmop support x x x x [ ] SNMP SNMP support x x x x [ ] SOCKETS sockets support x x x x [ ] SYBASE_CT Sybase database support x x x x [ ] SYSVMSG System V message support x x x x [ ] SYSVSEM System V semaphore support x x x x [ ] SYSVSHM System V shared memory support x x x x [X] TOKENIZER tokenizer support x x x x [ ] WDDX WDDX support (implies XML) x x x x [X] XML XML support x x x x [ ] XMLRPC XMLRPC-EPI support x x x x [ ] XSLT XSLT Sablotron support x x x x [ ] YAZ YAZ support (ANSI/NISO Z39.50) x x x x [ ] YP YP/NIS support x x x x [ ] ZIP ZIP support x x x x [X] ZLIB ZLIB support x x

4、安裝phpmyadmin 管理數據庫爲了去除無聊的安裝過程,這裏選擇手工安裝,先下載軟件包,然後解壓,再複制到/usr/local/www/apache22/data 下面

%cd /usr/ports/databases/phpmyadmin/%make fetch%cd /usr/ports/distfile%tar jxvf phpMyAdmin-2.7.0-pl2.tar.bz2%cp -r /usr/ports/distfiles/phpMyAdmin-2.7.0-pl2 /usr/local/www/apache22/data/phpmyadmin

大家注意,可能你下載的版本與我下載的不一樣,不能照搬。

設置phpmyadmin %cd /usr/local/www/apache22/data/phpmyadmin/%ee config.default.php

將$cfg['Servers'][$i]['auth_type'] = 'config'; 改爲

$cfg['Servers'][$i]['auth_type'] = 'http';

打開http://ip/phpmyadmin 就可以管理你的mysql 數據庫了

5、安裝extman extman 是extmail用戶後台管理系統,官方網站爲www.extmail.org 下載解壓

%tar zxvf extman-13-20060102.tar.gz%cd extman-0.13-20060102/docs%mysql -u root -p

extmail.sql添加了兩個MySQL用戶

1、只讀用戶:extmail 密碼:extmail

2、讀/寫用戶:webman 密碼:webman

init.sql 裏,對extmail數據庫添加了下面的記錄

a、添加了一個別名記錄 support@extmail.org -test@extmail.org

b、增加了 extmail.org 域

c、增加了test@extmail.org的郵箱密碼爲test。

d、增加了extman 的管理員root@extmail.org 密碼爲extmail

五、安裝郵件系統安裝下面三個軟件要注意先後順序

1、安裝 Courier-IMAP%cd /usr/ports/mail/courier-imap/%make install clean

選擇openssl、MySQL

在/etc/rc.conf 加入

courier_authdaemond_enable="YES"courier_imap_pop3d_enable="YES"courier_imap_imapd_enable="YES"

修改authdaemond的權限

%/usr/local/etc/rc.d/courier-authdaemond.sh start%chmod -R +x /var/run/authdaemond/

authdaemond 啓動完成後,檢查/var/run/authdaemond 下面是否産生socket 文件,因爲認證時是通過這個文件讀取密碼的。

設置/usr/local/etc/authlib/authdaemonrc

%mv authdaemonrc authdaemonrc.bakee authdaemonrc

在authdaemonrc 加入下面的內容

authmodulelist="authmysql"authmodulelistorig="authmysql"version="authdaemond.mysql"daemons=5 authdaemover=/var/run/authdaemond subsystem=mail DEBUG_LOGIN=2 DEFAULTOPTIONS="wbnodsn=1"

上面DEBUG_LOGIN=2 是爲了調試方便,等系統完全測試完成,可改爲 0,即不顯示調試信息。

設置/usr/local/etc/authlib/authmysqlrc

%mv authmysqlrc authmysqlrc.bakee authmysqlrc

加入下面的內容

MYSQL_SERVER localhostMYSQL_USERNAME extmailMYSQL_PASSWORD extmailMYSQL_PORT 0MYSQL_OPT 0MYSQL_DATABASE extmailMYSQL_SELECT_CLAUSE SELECT username,password,"",uidnumber,gidnumber,\ CONCAT('/home/data/domains/',homedir), \ CONCAT('/home/data/domains/',maildir), \ quota, \ name \ FROM mailbox \ WHERE username = '$(local_part)@$(domain)'

大家要注意,我的郵件保存的目錄是/home/data/domains ,你可以跟據你的需要改爲自己的目錄。

用戶名和密碼是extmail 這個具體需要看extman 軟件包中的docs 目錄中的extmail.sql,很多人無法通上發信認證,很可能以上面兩個文件配置有關。

創建pop3/imap 的配置文件

%cp pop3d.cnf.dist pop3d.cnf%cp imapd.cnf.dist imapd.cnf

修改/usr/local/etc/courier-imap/pop3d (不修改也行)

POP3AUTH="LOGIN CRAM-md5 CRAM-SHA1"

修改/usr/local/etc/courier-imap/imapd(不修改也行)

IMAP_CAPABILITY="IMAP4rev1 CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA"

2、安裝 Cyrus-SASL2

%cd /usr/ports/security/cyrus-sasl2%make install WITH_AUTHDAEMON=yes

創建 /usr/local/lib/sasl2/smtpd.conf 加入下面的內容 pwcheck_method:authdaemondlog_level:3mech_list:PLAIN LOGINauthdaemond_path:/var/run/authdaemond/socket

3、安裝Postfix%cd /usr/ports/mail/postfix%make install clean

選擇SASL2 、TLS、MySQL、VDA ,安裝過程中有兩個提問,直接按回車,使用系統默認的回答。

%echo postfix: root /etc/aliases%/usr/local/bin/newaliases%ln -s /usr/local/sbin/sendmail /usr/sbin/sendmail

如果出現ln: /usr/sbin/sendmail: File exists 提示,把/usr/sbin/sendmail改名再鏈接。

設置postfix 隨系統啓動

postfix_enable="YES" sendmail_enable="NO" sendmail_submit_enable="NO" sendmail_outbound_enable="NO"sendmail_msp_queue_enable="NO"

創建/etc/periodic.conf 加入下面的內容

daily_clean_hoststat_enable="NO"daily_status_mail_rejects_enable="NO"daily_status_include_submit_mailq="NO"daily_submit_queuerun="NO"

配置/usr/local/etc/postfix/main.cf ,在你安裝時,只需要修改####BASE#### 部分即可

%mv main.cf main.cf.bak

這個配置文件已經加入了maildrop的支持

###################BASE##################myhostname=mail.extmail.org #機器的名字mydomain = extmail.org#你的域名mydestination = $myhostnamelocal_recipient_maps = command_directory = /usr/local/sbin#local_transport = virtualsmtpd_banner = extmail.org ESMTP Mail Systemmessage_size_limit = 14680064#郵件大小#mailbox_size_limit = 512000000#################MySQL################virtual_alias_maps =mysql:/usr/local/etc/postfix/mysql_virtual_alias_maps.cf#virtual_gid_maps = static:125#virtual_gid_maps = static:1000virtual_mailbox_base = /home/data/domains #郵件保存的目錄virtual_mailbox_domains = mysql:/usr/local/etc/postfix/mysql_virtual_domains_maps.cf#virtual_mailbox_limit = 512000000virtual_mailbox_maps = mysql:/usr/local/etc/postfix/mysql_virtual_mailbox_maps.cf#virtual_minimum_uid = 125#virtual_minimum_uid = 1000#virtual_transport = virtualvirtual_transport = maildrop:maildrop_destination_recipient_limit = 1 #virtual_uid_maps = static:125#virtual_uid_maps = static:1000################Quota################virtual_create_maildirsize = yesvirtual_mailbox_extended = yesvirtual_mailbox_limit_maps = mysql:/usr/local/etc/postfix/mysql_virtual_mailbox_limit_maps.cfvirtual_mailbox_limit_override = yesvirtual_maildir_limit_message = Sorry,the user's Maildir has overdrawn his diskspace quota ,please tray again later.virtual_overquota_bounce = yes##############SASL####################smtpd_sasl_auth_enable = yessmtpd_sasl2_auth_enable = yessmtpd_sasl_security_options = noanonymousbroken_sasl_auth_clients = yessmtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_unauth_pipelining, reject_invalid_hostname, reject_rbl_client cbl.anti-spam.org.cn#CBL 服務器 具體請看anti-spam.org.cn#注意上面幾行前面是有空格的。readme_directory = nosample_directory = /usr/local/etc/postfixsendmail_path = /usr/local/sbin/sendmailhtml_directory = nosetgid_group = maildropmanpage_directory = /usr/local/mandaemon_directory = /usr/local/libexec/postfixnewaliases_path = /usr/local/bin/newaliasesmailq_path = /usr/local/bin/mailqqueue_directory = /var/spool/postfixmail_owner = postfix

以下四個文件在extman 軟件包Docs 目錄裏,使用時,直接複制到/usr/local/etc/postfix 目錄即可。

mysql_virtual_alias_maps.cf

user = extmailpassword = extmailhosts = localhostdbname = extmailtable = aliasselect_field = gotowhere_field = addressadditional_conditions = AND active = '1'

mysql_virtual_domains_maps.cf

user = extmailpassword = extmailhosts = localhostdbname = extmailtable = domainselect_field = descriptionwhere_field = domainadditional_conditions = AND active = '1'

mysql_virtual_mailbox_maps.cf

user = extmailpassword = extmailhosts = localhostdbname = extmailtable = mailboxselect_field = maildirwhere_field = usernameadditional_conditions = AND active = '1'

mysql_virtual_mailbox_limit_maps.cf

user = extmailpassword = extmailhosts = localhostdbname = extmailtable = mailboxselect_field = quotawhere_field = usernameadditional_conditions = AND active = '1'

至此postfix 基本設置完成,但還不能收發郵件。

4、安裝maildrop我們在設置郵件服務器時MTA 部分還是使用posfix 本身的帳戶進行處理郵件,由于maildrop 不能和postfix 與同一用戶身份處理郵件,所以我們新開一個用戶用戶maildrop 處理。

添加vgroup

pw groupadd vgroup -g 1000

添加vuser

%pw useradd vuser -g 1000 -u 1000 -s /sbin/nologin -d /sbin/nologin -c "virtual mail user"

安裝maildrop,記得要把WITH_AUTHLIB=yes 加上

%cd /usr/ports/mail/maildrop%make install WITH_AUTHLIB=yes

選擇AUTH_MYSQL

lqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqk x Options for maildrop 2.0.1 x x lqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqk x x x [ ] AUTH_LDAP LDAP support x x x x [X] AUTH_MYSQL MySQL support x x x x [ ] AUTH_PGSQL PostgreSQL support x x x x [ ] AUTH_USERDB Userdb support x x x x [ ] AUTH_VCHKPW Vpopmail/vchkpw support x x

修改/usr/local/etc/postfix/master.cf ,把maildrop 原先已有的記錄注譯(即刪除舊記錄),加上下面的內容

maildrop unix - n n - - pipe flags=DRhu user=vuser argv=/usr/local/bin/maildrop -d ${user}@${nexthop} ${recipient} ${user} ${extension} ${nexthop}

設置郵件存儲目錄

%mkdir -p /home/data/domains/extmail.org/test%/usr/local/bin/maildirmake /home/data/domains/extmail.org/test/Maildir%chown -R 1000:1000 domains/

至此,我們的郵件系統基礎部分已經安裝完成了。重啓系統,開始進行測試。

六、測試系統1、測試maildrop 是否正常建議進入系統後去檢查/etc/rc.conf 中的服務是否正常。

注意郵件系統用戶名格式是:user@domain.ltd ,是支持多域的,和平時用的有點不一樣。

用SecureCRT 新開 二個窗口,其中一個用于輸入命令,一個查看maillog

%tail -f /var/log/maillog

觀察下面的操作,證明maildrop 已投遞正常

%echo "test" | maildrop -V 10 -d test@extmail.orGmaildrop: authlib: groupid=1000maildrop: authlib: userid=1000maildrop: authlib: logname=test@extmail.org, home=/home/data/domains/extmail.org/test, mail=/home/data/domains/extmail.org/test/Maildir/maildrop: Changing to /home/data/domains/extmail.org/testMessage start at 0 bytes, envelope sender=test@extmail.orgmaildrop: Attempting .mailfilterWARN: quota string '5242880' not parseablemaildrop: Delivery complete.

maillog 將會有如下顯示

Mar 10 14:39:58 mail authdaemond: Authenticated: sysusername=, sysuserid=1000, sysgroupid=1000, homedir=/home/data/domains/extmail.org/test, address=test@extmail.org, fullname=Test user, maildir=/home/data/domains/extmail.org/test/Maildir/, quota=5242880, options=Mar 10 14:39:58 mail authdaemond: Authenticated: clearpasswd=, passwd={crypt}uywiuN.XggXXc

2、測試postfix 由于在發信認證時使用的是BASE64 編碼,所以要把用戶名和密碼轉BASE64 格式,在此前需要安裝 p5-MIME-BASE64

%cd /usr/ports/converters/p5-MIME-Base64/%make install

測試用戶test@extmail.org 密碼 test

%perl -MMIME::Base64 -e 'print encode_base64("test\@extmail.org");' dGVzdEBleHRtYWlsLm9yZw==%perl -MMIME::Base64 -e 'print encode_base64("test");' dGVzdA==

看下面的測試過程

%telnet localhost 25Trying ::1...telnet: connect to address ::1: Connection refusedTrying 127.0.0.1...Connected to localhost.Escape character is '^]'.220 sharesky.cn ESMTP Mail Systemehlo test.com250-mail.extmail.org250-PIPELINING250-SIZE 14680064250-VRFY250-ETRN250-AUTH LOGIN PLAIN250-AUTH=LOGIN PLAIN250 8BITMIMEauth login334 VXNlcm5hbWU6dGVzdEBleHRtYWlsLm9yZw==334 UGFzc3dvcmQ6dGVzdA==235 Authentication successfulmail from:250 Okrcpt to:250 Okdata354 End data with .this is a test..250 Ok: queued as 23CEE5C38quit221 ByeConnection closed by foreign host.

下面是系統所産生的maillog

Mar 10 14:47:45 mail postfix/smtpd[1090]: connect from localhost[127.0.0.1]Mar 10 14:47:57 mail authdaemond: Authenticated: sysusername=, sysuserid=1000, sysgroupid=1000, homedir=/home/data/domains/extmail.org/test, address=test@extmail.org, fullname=Test user, maildir=/home/data/domains/extmail.org/test/Maildir/, quota=5242880, options=Mar 10 14:47:57 mail authdaemond: Authenticated: clearpasswd=test, passwd={crypt}uywiuN.XggXXcMar 10 14:48:13 mail postfix/smtpd[1090]: 23CEE5C38: client=localhost[127.0.0.1], sasl_method=login, sasl_username=test@extmail.orgMar 10 14:48:18 mail postfix/cleanup[1135]: 23CEE5C38: message-id=Mar 10 14:48:18 mail postfix/qmgr[669]: 23CEE5C38: from=, size=341, nrcpt=1 (queue active)Mar 10 14:48:19 mail authdaemond: Authenticated: sysusername=, sysuserid=1000, sysgroupid=1000, homedir=/home/data/domains/extmail.org/test, address=test@extmail.org, fullname=Test user, maildir=/home/data/domains/extmail.org/test/Maildir/, quota=5242880, options=Mar 10 14:48:19 mail authdaemond: Authenticated: clearpasswd=, passwd={crypt}uywiuN.XggXXcMar 10 14:48:19 mail postfix/pipe[1136]: 23CEE5C38: to=, relay=maildrop, delay=14, status=sent (extmail.org)Mar 10 14:48:19 mail postfix/qmgr[669]: 23CEE5C38: removedMar 10 14:48:20 mail postfix/smtpd[1090]: disconnect from localhost[127.0.0.1]

測試pop3收郵件

%telnet localhost 110Trying ::1...telnet: connect to address ::1: Connection refusedTrying 127.0.0.1...Connected to localhost.Escape character is '^]'.+OK Hello there.user test@extmail.org+OK Password required.pass test+OK logged in.list+OK POP3 clients that break here, they violate STD53.1 62 403.retr 1+OK 6 octets follow.test.retr 2+OK 403 octets follow.Return-Path: Delivered-To: test@extmail.orgReceived: from test.com (localhost [127.0.0.1]) by mail.extmail.org (Postfix) with ESMTP id 23CEE5C38 for ; Fri, 10 Mar 2006 14:48:05 +0000 (UTC)Message-Id: Date: Fri, 10 Mar 2006 14:48:05 +0000 (UTC)From: test@test.comTo: undisclosed-recipients:;this is a test..quit+OK Bye-bye.Connection closed by foreign host.

所産生的maillog

Mar 10 16:17:56 mail authdaemond: Authenticated: sysusername=, sysuserid=1000, sysgroupid=1000, homedir=/home/data/domains/extmail.org/test, address=test@extmail.org, fullname=Test user, maildir=/home/data/domains/extmail.org/test/Maildir/, quota=5242880, options=Mar 10 16:17:56 mail authdaemond: Authenticated: clearpasswd=test, passwd={crypt}uywiuN.XggXXcMar 10 16:17:57 mail pop3d: LOGIN, user=test@extmail.org, ip=[127.0.0.1]Mar 10 16:18:15 mail pop3d: LOGOUT, user=test@extmail.org, ip=[127.0.0.1], top=0, retr=397, time=18

至此,我們已經成功安裝了一個郵件系統,下面我們再去增加內容過濾和反垃圾郵件部分還成web部分,成功已經離我們不遠了,鼓起幹勁,沖啊~~!~!~!~~~RUSH...

七、安裝反垃圾郵件1、安裝amavisd-new內容過濾我們采用了amavisd-new ,主要考濾到amavsid-new 配置方便,當然你也可以使用mailscanner,還是那一句,鹹魚白菜,各有所好。

%cd /usr/ports/security/amavisd-new/%make install clean

只選擇MYSQL

在安裝Amavisd-new 時,系統會自動把Spamassassin 裝上去

lqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqk x Options for p5-Mail-SpamAssassin 3.1.0_6 x x lqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqk x x x [X] AS_ROOT Run spamd as root (recommended) x x x x [ ] DOMAINKEYS DomainKeys support x x x x [X] SSL Build with SSL support for spamd/spamc x x x x [X] MYSQL Add MySQL support x x x x [ ] PGSQL Add PostreSQL support x x x x [ ] RAZOR Add Vipul's Razor support x x x x [ ] SPF_QUERY Add SPF query support x x x x [ ] RELAY_COUNTRY Relay country support x x x x [X] TOOLS Install SpamAssassin tools x x

在/etc/rc.conf 加入下面的內容

amavisd_enable="YES"spamd_enable="YES"

修改 /usr/local/etc/amavisd.conf

$mydomain = 'extmail.org';

垃圾郵件病毒通知

$virus_admin = "postmaster\@$mydomain"; # notifications recip.$mailfrom_notify_admin = "postmaster\@$mydomain"; # notifications sender$mailfrom_notify_recip = "postmaster\@$mydomain"; # notifications sender$mailfrom_notify_spamadmin = "postmaster\@$mydomain"; # notifications sender$mailfrom_to_quarantine = ''; # null return path; uses original sender if undef

去除對附件的轉換

$banned_filename_re = new_RE(#把中間的內容全部加上#);

加入對Clamav 的支持

# ### http://www.clamav.net/ ['ClamAV-clamd', \%26amp;ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd"], qr/\bOK$/, qr/\bFOUND$/, qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],

在/usr/local/etc/postfix/main.cf 加入

content_filter = smtp-amavis:[127.0.0.1]:10024

在/usr/local/etc/postfix/master.cf 加入

smtp-amavis unix - - n - 2 smtp -o smtp_data_done_timeout=1200 -o disable_dns_lookups=yes 127.0.0.1:10025 inet n - n - - smtpd -o content_filter= -o local_recipient_maps= -o relay_recipient_maps= -o smtpd_restriction_classes= -o smtpd_client_restrictions= -o smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o mynetworks=127.0.0.0/8

重啓postfix

%/usr/local/etc/rc.d/postfix.sh restartpostfix/postfix-script: stopping the Postfix mail systempostfix/postfix-script: starting the Postfix mail system

對于Spamassassin 配置文件/usr/local/etc/mail/spamassassin/local.cf 請參考

http://spamassassin.apache.org/

配置工具

http://www.yrex.com/spam/spamconfig.php

調試amavisd-new

%su vscan$ /etc/sbin/amavisd debug

如果沒有出現任何錯誤,證明你的amavisd-new 正常。

2、安裝Clamavclamav 用于郵件殺毒

%cd /usr/ports/security/clamav%make install clean

可以什麽都不選,直接回車

clamav_clamd_enable="YES"clamav_freshclam_enable="YES"

修改/usr/local/etc/clamd.conf 讓其以vscan 身份運行(約145行)

#User clamavUser vscan

修改/usr/local/etc/freshclam.conf

#DatabaSEOwner clamavDatabaseOwner vscan

修目錄權限

%chown -R vscan:vscan /var/log/clamav%chown -R vscan:vscan /var/run/clamav%chown -R vscan:vscan /var/db/clamav

啓動clamav 與 自動更新

%/usr/local/etc/rc.d/clamav-clamd.sh start%/usr/local/etc/rc.d/clamav-freshclam.sh start

3、測試%telnet localhost 25Trying ::1...telnet: connect to address ::1: Connection refusedTrying 127.0.0.1...Connected to localhost.mold.com.cn.Escape character is '^]'.220 extmail.org ESMTP Mail Systemehlo test.com250-mail.mold.com.cn250-PIPELINING250-SIZE 14680064250-VRFY250-ETRN250-AUTH LOGIN PLAIN250-AUTH=LOGIN PLAIN250 8BITMIMEmail from:250 Okrcpt to:250 Okdata354 End data with .X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*.250 Ok: queued as F19692E084quit221 ByeConnection closed by foreign host.

所産生的maillog

Mar 10 18:19:25 mail postfix/smtpd[797]: connect from localhost[127.0.0.1]Mar 10 18:19:25 mail postfix/smtpd[797]: CD31B5C25: client=localhost[127.0.0.1]Mar 10 18:19:25 mail postfix/cleanup[793]: CD31B5C25: message-id=Mar 10 18:19:25 mail postfix/qmgr[789]: CD31B5C25: from=, size=1670, nrcpt=1 (queue active)Mar 10 18:19:26 mail postfix/smtpd[797]: disconnect from localhost[127.0.0.1]Mar 10 18:19:26 mail amavis[458]: (00458-01) Blocked INFECTED (Eicar-Test-Signature), [127.0.0.1] - , quarantine: virus-Q0WNU5+REDjW, Message-ID: , mail_id: Q0WNU5+REDjW, Hits: -, 1567 msMar 10 18:19:26 mail postfix/smtp[794]: 954D75C24: to=, relay=127.0.0.1[127.0.0.1], delay=14, status=sent (250 2.7.1 Ok, discarded, id=00458-01 - VIRUS: Eicar-Test-Signature)Mar 10 18:19:26 mail postfix/qmgr[789]: 954D75C24: removedMar 10 18:19:26 mail postfix/smtpd[791]: disconnect from localhost[127.0.0.1]

觀看紅色的地方,病毒已經找到,並隔離了。隨之這封郵件被系統刪除。

至此空容過濾殺毒部分已經完,這個時候應該休息一下,喝杯水,接下來完成最後的工作。

八、安裝extmail /extman 1、設置apache 的運行身份修改/usr/local/etc/apache22/httpd.conf

#User www#Group wwwUser vuserGroup vgroup

在httpd.conf 加入下面的內容

Alias /extman/cgi/ /usr/local/www/apache22/cgi-bin/extman/cgi/Alias /extman /usr/local/www/apache22/cgi-bin/extman/html/SetHandler cgi-scriptOptions +ExecCGIAllowOverride All# config for ExtMail Alias /extmail/cgi/ /usr/local/www/apache22/cgi-bin/extmail/cgi/Alias /extmail /usr/local/www/apache22/cgi-bin/extmail/html/SetHandler cgi-scriptOptions +ExecCGIAllowOverride All

重啓apahce

%/usr/local/etc/rc.d/apache22.sh restartPerforming sanity check on apache22 configuration:Syntax OKStopping apache22.Waiting for PIDS: 461.Performing sanity check on apache22 configuration:Syntax OKStarting apache22.

2、安裝extmail從extmail官方網站:www.extmail.org 下載最新版式

tar zxvf extmail-23-20060219.tar.gz %cp -r extmail-0.23-20060219/ /usr/local/www/apache22/cgi-bin/extmail

創建配置文件

%cd /usr/local/www/apache22/cgi-bin/extmail/%cp webmail.cf.default webmail.cf

修改配置文件,我只把需要修改的地方貼出來

# sys_config, the config file and webmail programe rootSYS_CONFIG = /usr/local/www/apache22/cgi-bin/extmail/# sys_langdir, the i18n dirSYS_LANGDIR = /usr/local/www/apache22/cgi-bin/extmail/lang# sys_templdir, the template dirSYS_TEMPLDIR = /usr/local/www/apache22/cgi-bin/extmail/html# sys_netdisk_on, default is offSYS_NETDISK_ON = 1 # maildir_base, the base dir of user maildir, use absolute path# if not set.SYS_MAILDIR_BASE = /home/data/domains# if mysql, all relate paramters should prefix as SYS_MYSQLSYS_MYSQL_USER = extmail SYS_MYSQL_PASS = extmail SYS_MYSQL_DB = extmail SYS_MYSQL_HOST = localhostSYS_MYSQL_SOCKET = /tmp/mysql.sock

打開你的浏覽器,輸入http://ip/extmail 即可看到登陸窗口

用戶名:test

密碼:test

域名:extmail.org

在FreeBSD上組建ISP級的郵件系統(Ver:0.3)

在FreeBSD上組建ISP級的郵件系統(Ver:0.3)

3、安裝extman從extmail 官方網站下載軟件包,解壓複制到/usr/local/www/apache22/cgi-bin目錄。

%cd /usr/local/www/apache22/cgi-bin/extman/

編輯 webman.cf

# sys_config, the config file and webman programe rootSYS_CONFIG = /usr/local/www/apache22/cgi-bin/extman/# sys_langdir, the i18n dirSYS_LANGDIR = /usr/local/www/apache22/cgi-bin/extman/lang# sys_templdir, the template dirSYS_TEMPLDIR = /usr/local/www/apache22/cgi-bin/extman/html# maildir_base, the base dir of user maildir, use absolute path# if not set. SYS_MAILDIR_BASE = /home/data/domains# if mysql, all relate paramters should prefix as SYS_MYSQLSYS_MYSQL_USER = webmanSYS_MYSQL_PASS = webmanSYS_MYSQL_DB = extmailSYS_MYSQL_HOST = localhostSYS_MYSQL_SOCKET = /tmp/mysql.sock

創建/tmp/extman

%mkdir /tmp/extman%chmod 777 /tmp/extman/

創建軟件包的鏈接

%cd extman/libs/Ext/%./buildlink.sh build /usr/local/www/apache22/cgi-bin/extmail/libs/Ext/

打開浏覽器輸入http://ip/extman

用戶名:root@extmail.org 密碼:extmail

在FreeBSD上組建ISP級的郵件系統(Ver:0.3)

系統配置文件下載

rc.conf 內容

mysql_enable="YES"apache22_enable="YES"postfix_enable="YES"sendmail_enable="NO"sendmail_submit_enable="NO"sendmail_outbound_enable="NO"sendmail_msp_queue_enable="NO"courier_authdaemond_enable="YES"courier_imap_pop3d_enable="YES"courier_imap_imapd_enable="YES"amavisd_enable="YES"spamd_enable="YES"clamav_clamd_enable="YES"clamav_freshclam_enable="YES"

由于水平有限,時間急促,文檔中難免有錯漏,如果你發現錯誤,或有更好的建議請告訴我,本人一定盡力做到最好。

感謝你的閱讀!

fengyong 2006-03-10 19:19

在FreeBSD上使用minimalist組建郵件列表
1、Postfix的安裝這裏我們使用手動編譯的方式安裝postfix,當然,你也可以使用ports來進行安裝,首先是建立postfix用戶,postfix和postdrop用戶組,同時將postfix用戶加到postdrop組中:# pw groupadd postfix# pw g...查看完整版>>在FreeBSD上使用minimalist組建郵件列表
 
qmail郵件系統安裝(freebsd 3.4)
本系統包括qmail基本系統、vpopmail、webmail。 1。軟件准備 軟件名稱 說明 相關網站 qmail 1.03 qmail 基本系統,須以下三個包 www.qmail.org ucspi-tcp 0.84 tcpserver daemontools 0.61 守護進程 ...查看完整版>>qmail郵件系統安裝(freebsd 3.4)
 
FreeBSD系統登錄與退出
     系統執行完rc啓動腳本之後,FreeBSD將讀取/etc/ttys文件,按照配置啓動多個虛擬控制台,在控制台上啓動登錄進程login,以接受用戶登錄。使用者可以使用Alt-F1、Alt-F2和Alt-F3等功能鍵在不同的控制台之間進...查看完整版>>FreeBSD系統登錄與退出
 
FreeBSD安裝文件系統
     FreeBSD將文件保存在磁盤等存儲設備上,由操作系統來具體處理訪問硬件設備的問題,用戶只需要面對操作系統,就能進行具體的文件操作。操作系統首先將用于存儲的設備進行格式化之後,該設備才能用于存儲文件...查看完整版>>FreeBSD安裝文件系統
 
FreeBSD建立文件系統
     當系統負載逐步增加,僅僅依靠原有文件系統的空間是不夠的,更有效的方式是增加新的硬盤設備。這首先需要改動硬盤及其控制器的硬件設置,以及FreeBSD內核配置,以便硬盤能安裝到計算機上並能被FreeBSD內核正...查看完整版>>FreeBSD建立文件系統
 
FreeBSD網絡文件系統(NFS)
     NFS是一種Unix之間通過網絡共享文件的標准方式。使用NFS,就能夠透明的安裝和訪問網絡上遠程主機上的文件系統,將其安裝到本機的文件系統中。 NFS客戶支持   安裝NFS服務器上的文件系統的方式與安裝本機磁...查看完整版>>FreeBSD網絡文件系統(NFS)
 
打造FreeBSD桌面系統(1)
     FreeBSD從發布之日起就作爲一個優秀的網絡操作系統而受到關注,但過于專業的操作以及缺少面向桌面的應用軟件支持使它將很多用戶拒之門外。但是隨著Linux平台下桌面軟件的逐漸豐富,以及gcc出衆的移植能力,...查看完整版>>打造FreeBSD桌面系統(1)
 
打造FreeBSD桌面系統(2)
     (3)下載fonts.dir文件,並將其保存到/usr/system/fonts下,再將fonts.dir複制一份改名爲fonts.scale。  (4)下載fonts.conf文件,並將其保存到/usr/X11R6/etc/fonts/下覆蓋原文件。  (5)編輯/etc/X11/XF...查看完整版>>打造FreeBSD桌面系統(2)
 
打造FreeBSD桌面系統(3)
     第二部分 FreeBSD下的實用軟件  一、辦公軟件工具  近幾年來,基于X環境下的辦公軟件得到迅猛發展,性能、種類直逼Windows平台上的辦公軟件,以前只有在Windows上才能辦成的事,現在FreeBSD也能完成了。...查看完整版>>打造FreeBSD桌面系統(3)
 
 
回到王朝網路首頁