Chinaunix

标题: postfix完整版 [打印本页]

作者: yxinjian 时间: 2007-02-13 16:26
标题: postfix完整版
redhat9+postfix+cyrus-sasl+mysql+postfixadmin+courier-imap+courier-maildrop+squirrelmail(courier-sqwebmail openwebmail)+clamav+spamassassin+amavisd-new
2005年5月5日加入Cyrus SASL with MySQL Encrypted Passwords
2005年5月3日更新防病毒及防垃圾
2005年4月12日加入mysql日志管理
2005年4月10日至13日加入openwebmail
2005年4月8日加入apache自启动脚本
2004年10左右成稿
1.mysql
2.apache
3.php
4.cyrus-sasl
5.postfix
6.postfixadmin
7.courier-authlib
8.courier-imap
9.courier-maildrop
10.webmail
10.1.sqwebmai
10.2.squirrelmail
10.3.openwebmail
11.clamav
12.spamassassin
13.amavisd-new
14.后记加一点说明
15.附：启动脚本
本文用到的软件
MySQL 4.1.11
网站：http://www.mysql.com
下载
APACHE 2.0.54
网站：http://www.apache.org
下载
PHP 4.3.11
网站：http://www.php.net
下载
Cyrus-SASL 2.1.20
网站：http://asg.web.cmu.edu/sasl
下载
Postfix 2.2.3
网站：http://www.postfix.org
下载
PostfixAdmin 2.1.0
网站：http://www.postfixadmin.com
下载
Courier-authlib 0.55
网站：http://www.courier-mta.org/authlib
下载
Courier-IMAP 4.0.2
网站：http://www.courier-mta.org/imap
下载
Courier-maildrop 1.8.0
网站：http://www.courier-mta.org/maildrop
下载
Courier-sqwebmail 5.0.1
网站：http://www.courier-mta.org/sqwebmail
下载
SquirrelMail 1.4.4
网站：http://www.squirrelmail.org
下载
Openwebmail 2.51
网站：http://openwebmail.org
下载
clamav 0.84
网站：http://www.clamav.net
下载
Spamassassin 3.0.3
网站：http://spamassassin.apache.org
下载
amavisd-new 2.3.0
网站：http://www.ijs.si/software/amavisd
下载
1.安装mysql 4.1.11
# groupadd mysql
# useradd -g mysql mysql
# wget http://dev.mysql.com/get/Downloads/MySQL-4.1/mysql-4.1.11.tar.gz/from/http://mysql.new21.com/
# tar -zxvf mysql-4.1.11.tar.gz
# cd mysql-4.1.11
# ./configure --prefix=/usr/local/mysql --with-charset=gbk
# make
# make install
# cp support-files/my-medium.cnf /etc/my.cnf
设置自启动
# cp support-files/mysql.server /etc/rc.d/init.d/mysqld
# chmod 700 /etc/rc.d/init.d/mysqld
# chkconfig --add mysqld
安装完以后要初始化数据库，要是升级安装的请跳过
# cd /usr/local/mysql
# /usr/local/mysql/bin/mysql_install_db --user=mysql
# chown -R root .
# chown -R mysql var
# chgrp -R mysql .
# /usr/local/mysql/bin/mysqld_safe --user=mysql &
好了，至此mysql安装完毕，你可以这样起动你的mysql服务
# /etc/rc.d/init.d/mysqld start
# ln -s /usr/local/mysql/bin/mysql /sbin/mysql
# ln -s /usr/local/mysql/bin/mysqladmin /sbin/mysqladmin
为了能让系统找到mysql，请运行如下命令
# PATH=$PATH:/usr/local/mysql/bin
# export PATH
# echo "/usr/local/mysql/lib/mysql" >;>; /etc/ld.so.conf
# ldconfig
日志管理
开启错误日志（在[safe_mysqld]项下添加）
# vi /etc/my.cnf
[safe_mysqld]
err-log=/var/log/mysqld/err.log
开启常规日志和更新日志 (在[mysqld]项下添加）
# vi /etc/my.cnf
[mysqld]
log=/var/log/mysqld/log.log
log-update=/var/log/mysqld/update.log
创建日志文件并设置权限
# mkdir /var/log/mysqld
# touch /var/log/mysqld/err.log /var/log/mysqld/log.log /var/log/mysqld/update.log
# chown -R mysql.mysql /var/log/mysqld
# service mysqld restart
说明：
错误日志包含了服务器写入标准错误输出设备的所有消息，同时还包括了mysql服务的启动和关闭事件
常规日志用来记录有关mysql服务器运行的常规信息，包括用户的连接、查询及其他各种时间
更新日志用来记录修改数据库的查询信息，包括所有涉及数据库修改的SQl语句的查询记录
建议调试结束后关闭日志
Go to top.
2.安装apache 2.0.54
# wget http://apache.freelamp.com/httpd/httpd-2.0.54.tar.bz2
# tar jxvf httpd-2.0.54.tar.bz2
# cd httpd-2.0.54
# ./configure --prefix=/usr/local/apache
# make
# make install
设置自启动
# cp support/apachectl /etc/init.d/httpd
修改/etc/init.d/httpd
# vi /etc/init.d/httpd(在第两行之后添加如下内容)
#!/bin/sh
#
# Startup script for the Apache Web Server
# chkconfig: - 85 15
# description: Apache is a World Wide Web server. It is used to serve \
# HTML files and CGI.
# processname: httpd
# pidfile: /usr/local/apache/log/httpd.pid
# config: /usr/local/apache/conf/httpd.conf
# chkconfig --add httpd
# chmod 755 /etc/init.d/httpd
# chkconfig httpd on
创建网页根目录
# mkdir /var/www
# vi /usr/local/apache/conf/httpd.conf
//存放网页的目录,原来为DocumentRoot ""，改成：
DocumentRoot "/var/www"
//这句应该和DocumentRoot 的目录保持一致，原来为;，改成：
;
//Indexes：当在目录中找不到DirectoryIndex列表中指定的文件就生成当前目录的文件列表
//FollowSymlinks：允许符号链接跟随，访问不在本目录下的文件
Options Indexes FollowSymLinks
//禁止读取.htaccess配置文件的内容
AllowOverride None
//指定先执行Allow（允许）访问规则，再执行Deny（拒绝）访问规则
Order allow,deny
//设置Allow（允许）访问规则，允许所有连接
Allow from all
;
启动服务：
# /usr/local/apache/bin/apachectl start
或
# service httpd start
Go to top.
3.安装php 4.3.11
# wget http://cn2.php.net/get/php-4.3.11.tar.bz2/from/cn.php.net/mirror
# tar -jxvf php-4.3.11.tar.bz2
# cd php-4.3.11
# ./configure \
--prefix=/usr/local/php \
--with-mysql=/usr/local/mysql \
--with-apxs2=/usr/local/apache/bin/apxs
# make
# make install
# cp php.ini-dist /usr/local/php/lib/php.ini
# vi /usr/local/php/lib/php.ini
;default_charset = "iso-8859-1"
在这行下面加一行
default_charset = "gbk"
# vi /usr/local/apache/conf/httpd.conf
找到#AddType application/x-tar .tgz 这行，在下面加两行。
AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps
找到下面一行在后面加上index.php，这表示网站的默认页也能够为index.php
DirectoryIndex index.html index.html.var index.php
注意：改变了http.conf后，要重启apache服务器，否则不会生效！
php常用配置
max_execution_time = 30 ; // 改为600 (增加处理脚本的时间限制)
max_input_time = 600 ; //最大输出时间600秒
memory_limit = 8M ; //改为40M (这样才能发10M的附件)
register_global =On
post_max_size = 2M ; //php可接受的 post 方法大小 2M
file_uploads = On ; //允许上载文件
upload_max_filesize = 2M ; //最大上载文件2M
session.auto_start = 1 ; //session自动启动
Go to top.
4.安装cyrus-sasl 2.1.20
如果系统安装已经，先卸载它，或使用下面方法关闭它
# mv /usr/lib/sasl /usr/lib/sasl.OFF
# mv /usr/lib/sasl2 /usr/lib/sasl2.OFF
编译安装cyrus-sasl2.1.20
# wget ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/cyrus-sasl-2.1.20.tar.gz
# tar zxvf cyrus-sasl-2.1.20.tar.gz
# cd cyrus-sasl-2.1.20
# ./configure \
--disable-anon -enable-plain --enable-login \
--enable-sql --with-mysql=/usr/local/mysql \
--with-mysql-includes=/usr/local/mysql/include/mysql \
--with-mysql-libs=/usr/local/mysql/lib/mysql
# make
# make install
为了让postfix能找到sasl，请运行如下命令：
# echo "/usr/local/lib" >;>; /etc/ld.so.conf
# ldconfig
# ln -s /usr/local/lib/sasl2 /usr/lib/sasl2
cyrus-sasl的密码是不加密的，可以下载加密认证补丁
# http://www.viperstrike.com/~lopaka/sysadmin/cyrus-sasl-mysql-encrypt/software-sources/patch-linux
# patch lib/checkpw.c patch-linux
重新编译安装
# LDFLAGS="-lcrypt" ./configure --disable-anon -enable-plain --enable-login --enable-sql --with-mysql=/usr/local/mysql --with-mysql-includes=/usr/local/mysql/include/mysql --with-mysql-libs=/usr/local/mysql/lib/mysql
# make
# make install
Go to top.
5.安装postfix 2.2.3
如果你的系统上原来有sendmail，先将其停止并将其文件改名：
# /etc/init.d/sendmail stop
# chkconfig --level 0123456 sendmail off
# mv /usr/bin/newaliases /usr/bin/newaliases.orig
# mv /usr/bin/mailq /usr/bin/mailq.orig
# mv /usr/sbin/sendmail /usr/sbin/sendmail.orig
开始安装
# groupadd -g 12345 postfix
# useradd -u 12345 -g 12345 -c postfix -d/dev/null -s/bin/false postfix
# groupadd -g 54321 postdrop
# wget ftp://postfix.cn99.com/postfix/official/postfix-2.2.3.tar.gz
# tar -zxvf postfix-2.2.3.tar.gz
# cd postfix-2.2.3
(Building Postfix with SASL authentication and mysql support)
# make -f Makefile.init makefiles \
'CCARGS=-DHAS_MYSQL -I/usr/local/mysql/include/mysql -DUSE_SASL_AUTH -I/usr/local/include/sasl' \
'AUXLIBS=-L/usr/local/mysql/lib/mysql -lmysqlclient -lz -lm -L/usr/local/lib -lsasl2'
# make install
如果/etc/aliases文件不存在，请用如下命令创建：
# echo postfix: root >;>; /etc/aliases
# /usr/bin/newaliases
注意：
本例中Mysql安装在/usr/lcoal/mysql，sasl2安装在/usr/lib/sasl2。如果安装路径不同，请自行修改编译时CCARGS和AUXLIBS选项。
在执行make install的时候可能会得到如下的提示(如果没有就不用管了)：
/usr/libexec/ld-elf.so.1: Shared object "libmysqlclient.so.12" not found
这是因为mysql不是安装在默认目录中的，所以需要告诉postfix应该到哪里去找libmysqlclient.so.12，使用ldconfig就可以达到这个目的：
# echo /usr/local/mysql/lib/mysql >;>; /etc/ld.so.conf
# ldconfig
Go to top.
6.安装postfixadmin 2.1.0
建立apache和maildrop的用户和组
# groupadd vmail -g 1001
# useradd vmail -u 1001 -g 1001 -s/bin/false -d/dev/null
# vi /usr/local/apache/conf/httpd.conf
把
User nobody
Group #-1
改为
User vmail
Group vmail
# wget http://high5.net/postfixadmin/download.php?file=postfixadmin-2.1.0.tgz
# tar -zxvf postfixadmin-2.1.0.tgz
# mv postfixadmin-2.1.0 /var/www/postfixadmin
更改权限，假定运行apache的用户和组为vmail
# chown -R vmail:vmail /var/www/postfixadmin
# cd /var/www/postfixadmin
# chmod 640 *.php *.css
# cd /var/www/postfixadmin/admin/
# chmod 640 *.php .ht*
# cd /var/www/postfixadmin/images/
# chmod 640 *.gif *.png
# cd /var/www/postfixadmin/languages/
# chmod 640 *.lang
# cd /var/www/postfixadmin/templates/
# chmod 640 *.tpl
# cd /var/www/postfixadmin/users/
# chmod 640 *.php
建立mysql表
# cd /var/www/postfixadmin
# mysql -u root [-p] ;, size=3308, nrcpt=1 (queue active)
Feb 28 17:18:05 malochia postfix/pipe[11615]: 04DD57822697: to=;, relay=maildrop, delay=0, status=sent (domain.tld)
如果没有，看看是不是由于配置不正确，而使邮件在队列中
# Mailq
配置quotas
新建文件/usr/local/maildrop/etc/quotawarnmsg
# vi /usr/local/maildrop/etc/quotawarnmsg
From: 管理员 test.com ;
Reply-To: postmaster@test.com
To: Valued Customer:;
Subject: 警告！您的邮箱空间即将用完！
Mime-Version: 1.0
Content-Type: text/plain; charset=gb2312
Content-Transfer-Encoding: 8bit
亲爱的用户，您的邮箱空间已用了90％。如果还想继续收到邮件的话，请删除一些邮件。
设置quotas
Postfixadmin的数据库的maildrop表的quota字段是int类型的，在maildrop下不能工作，不过我们可以修改 /usr/local/etc/authlib/authmysqlrc文件，把其中的MYSQL_QUOTA_FIELD quota一行改为MYSQL_QUOTA_FIELD concat(quota,'S') ，如果你想限制邮件的数量，也可以改成MYSQL_QUOTA_FIELD concat(quota,'C')。
如果我们把一个用户的邮箱设为10M，我们可以把quota的值改为“10000000S”。也可以用“C”，“1000C”的意思是只能存放1000条邮件。
给test@test.com发一封信，但是不用包含附件。然后：
# cd /var/mailbox/test.com/test
# cat maildirsize
1000000S
1622 1
maildirsize这个文件存储了邮箱配额的信息，而且courier-imap也用这个文件。
举个例子说明一下该文件，我的一个maildirsize文件的内容如下：
# cat maildirsize
5000000S
42898 9
3403 1
1622 1
2371 1
说明这个邮箱的容量是5M（如果你把quota字段的值删除，maildrop会自动给它一个值，但是不要把它的值设置成null），现在邮箱里有四封信。
假设该用户用掉了5M中的3M，只剩2M了，如果来了一封大于2M的邮件，将会被退回，如果是1.7M的邮件，maildrop会收下该邮件，更新maildirsize文件，重新计算quota，得知该用户使用了90％（/etc/postfix/master.cf中的-w 90）以上的配额，maildrop会拷贝/usr/local/maildrop/etc/quotawarnmsg文件到该用户的邮箱中警告该用户。
Go to top.
10.webmail
10.1.安装sqwebmail 5.0.1
# wget http://optusnet.dl.sourceforge.net/sourceforge/courier/sqwebmail-5.0.1.tar.bz2
# tar jxvf sqwebmail-5.0.1.tar.bz2
# cd sqwebmail-5.0.1
# ./configure \
--prefix=/usr/local/sqwebmail \
--enable-unicode=utf-8,iso-8859-1,gb2312,gbk,gb18030 \
--with-trashquota
# make configure-check
# make
# make install-strip
# make install-configure
启动服务
# /usr/local/sqwebmail/libexec/sqwebmaild.rc start
测试sqwebmail
http://192.168.0.5/cgi-bin/sqwebmail
使用用户test@test.com,密码test，登陆进出以后就可以测试收发邮件了。但是图片不能显示，只要
# mv /usr/local/apache/htdocs/webmail /var/www
修改Apache
# cd /var/www
# vi index.html //输入一下内容：
;
;
;MAIL SYSTEM;
;
;
;
;
;
经过以上修改以后，你就可以通过：http://mail.test.com 直接来访问sqwebmail了，这样就方便多了。可惜是英文的，不知道哪位达人能汉化一下，并把界面改的漂亮一点就好了。
Go to top.
10.2.安装squirrelmail 1.4.4
下载squirrelmail及中文包
# wget http://jaist.dl.sourceforge.net/sourceforge/squirrelmail/squirrelmail-1.4.4.tar.bz2
# wget http://jaist.dl.sourceforge.net/sourceforge/squirrelmail/zh_CN-1.4.4-20050122.tar.bz2
把squirreelmail解压到/var/www目录下。
# tar -jxvf squirrelmail-1.4.4.tar.bz2 -C /var/www/
# mv /var/www/squirrelmail-1.4.4 /var/www/squirrelmail
解压中文包
# tar -jxvf zh_CN-1.4.4-20050122.tar.bz2 -C /var/www/squirrelmail/
在配置squirrelmail之前先下载三个插件：
Quota Usage Version 1.3
# wget http://www.squirrelmail.org/countdl.php?fileurl=http%3A%2F%2Fwww.squirrelmail.org%2Fplugins%2Fquota_usage-1.3-1.2.7.tar.gz
Compatibility Version 1.3
# wget http://www.squirrelmail.org/countdl.php?fileurl=http%3A%2F%2Fwww.squirrelmail.org%2Fplugins%2Fcompatibility-1.3.tar.gz
Change MySQL Password Version 3.2
# wget http://www.squirrelmail.org/countdl.php?fileurl=http%3A%2F%2Fwww.squirrelmail.org%2Fplugins%2Fchange_mysqlpass-3.2-1.2.8.tar.gz
把这三个插件解压到squirrelmail的plugin目录下并设置权限。
# tar -zxvf quota_usage-1.3-1.2.7.tar.gz -C /var/www/squirrelmail/plugins/
# tar -zxvf compatibility-1.3.tar.gz -C /var/www/squirrelmail/plugins/
# tar -zxvf change_mysqlpass-3.2-1.2.8.tar.gz -C /var/www/squirrelmail/plugins/
第一个插件是用来显示邮箱的使用情况的；第二个和第三个插件是用来修改密码的。
如果不想装这些插件，请跳过。
配置Quota Usage
# cd /var/www/squirrelmail/plugins/quota_usage
# cp config.php.sample config.php
配置Change MySQL Password
# cd /var/www/squirrelmail/plugins/change_mysqlpass
# cp config.php.sample config.php
# vi config.php
更改如下几个变量：
$mysql_database = 'postfix';
$mysql_table = 'mailbox';
$mysql_userid_field = 'username';
$mysql_password_field ='password';
$mysql_manager_id = 'postfix';
$mysql_manager_pw = 'postfix';
$mysql_unixcrypt = 0;
//$mysql_MD5crypt = 1;
$mysql_MD5crypt = 0;
$use_ssl_for_password_change = 0;
如果你的密码是MD5加密的，就把$mysql_MD5crypt = 0;改成$mysql_MD5crypt = 1;
配置squirrelmail
# cd /var/www/squirrelmail
# ./configure
进入10. Languages
把1. Default Language : 的en_US改成zh_CN。
进入8. Plugins，添加这三个插件
打开浏览器输入http://192.168.0.5/squirrelmail/，用test@test.com登陆，你将会在屏幕的左上角看到邮箱的使用情况，你还会看到一条警告信息：
Warning: mysql_result(): supplied argument is not a valid MySQL result resource in /var/www/squirrelmail/plugins/change_mysqlpass/functions.php on line 129
这是由于数据库结构不一致造成的，你只要把functions.php中的129行注释调即可（在行首加//）。
现在你还可以用选项中的change passwd修改你的密码了，不过这个模块是英文的，如果你想改成中文的，可以自己修改，squirrelmail网站上有介绍。或者请参考：
http://datastrategy.org/number5/archives/000241.html
1、把change_mysqlpass.po与locale/zh_CN/LC_MESSAGES/squirrelmail.po合并
最简单的方法就是:
# cat change_mysqlpass.po >;>; /var/www/squirrelmail/locale/zh_CN/LC_MESSAGES/squirrelmail.po
2、执行：
# cd /var/www/squirrelmail/locale/zh_CN/LC_MESSAGES/
# msgfmt -o squirrelmail.mo squirrelmail.po
由于安全原因，建议把data目录移出web tree，比如移到/usr目录下，设置权限
# cp -R /var/www/squirrelmail/data/ /var/data
# chown -R vmail.vmail /var/data
# chmod 730 -R /var/data
Go to top.
10.3.openwebmail 2.51
安装DBI.pm
# wget http://search.cpan.org/CPAN/authors/id/T/TI/TIMB/DBI-1.48.tar.gz
# tar zxvf DBI-1.48.tar.gz
# cd DBI-1.48
# perl Makefile.PL
# make
# make test
# make install
安装DBD-mysql
# wget http://search.cpan.org/CPAN/authors/id/R/RU/RUDY/DBD-mysql-2.9006.tar.gz
# tar zxvf DBD-mysql-2.9006.tar.gz
# cd DBD-mysql-2.9006
# export LANG='C'
# ln -s /usr/local/mysql/bin/mysql_config /usr/bin/mysql_config
# perl Makefile.PL \
--libs="-L/usr/local/mysql/lib/mysql -lmysqlclient -lz" \
--cflags=-I/usr/local/mysql/include/mysql \
--testhost=127.0.0.1
# make
# make test # Some minor error messages can be ignored here
# make install
安装CGI.pm
# wget http://search.cpan.org/CPAN/authors/id/L/LD/LDS/CGI.pm-3.07.tar.gz
# tar zxvf CGI.pm-3.07.tar.gz
# cd CGI.pm-3.07
# perl Makefile.PL
# make
# make test
# make install
安装Text-Iconv
# wget http://search.cpan.org/CPAN/authors/id/M/MP/MPIOTR/Text-Iconv-1.4.tar.gz
# wget http://openwebmail.org/openwebmail/download/packages/Text-Iconv-1.2.tar.gz
# tar zxvf Text-Iconv-1.2.tar.gz
# cd Text-Iconv-1.2
# perl Makefile.PL
# make
# make test
# make install
安装MIME-Base64
# wget http://openwebmail.org/openwebmail/download/packages/MIME-Base64-3.01.tar.gz
# tar zxvf MIME-Base64-3.01.tar.gz
# cd MIME-Base64-3.01
# perl Makefile.PL
# make
# make test
# make install
安装suidperl（9.0安装盘的第二张盘中有）
# wget http://turtle.ee.ncku.edu.tw/openwebmail/download/redhat/rpm/packages/rh9/perl-suidperl-5.8.0-88.i386.rpm
# rpm -ivh perl-suidperl-5.8.0-88.i386.rpm
如果采用 rpm 安装，安装系统会自动对应到正确路径。若使用手动安装，将openwebmail目录及data目录移至如下/var/www/cgi-bin/openwebmail及/var/www/data，我是用tarball安装的
# wget http://openwebmail.org/openwebmail/download/release/openwebmail-2.51.tar.gz
# tar zxvf openwebmail-2.51.tar.gz -C /var/www
加入openwebmail的权限，编辑httpd.con，加入如下内容，假设/var/www/cgi-bin是apache的cgi-bin目录
# vi /usr/local/apache/conf/httpd.conf
ScriptAlias /openwebmail "/var/www/cgi-bin/openwebmail/openwebmail.pl"
存盘后重新启动apache
# service httpd restart
编辑mysql认证文件
# vi /var/www/cgi-bin/openwebmail/auth/auth_mysql.pl
my $SQLHost = 'localhost';
my $sqlusr = 'postfix';
my $sqlpwd = 'postfix';
my $auth_db = 'postfix';
my $auth_table = 'mailbox';
my $field_username = 'username';
my $field_password = 'password';
my $field_realname = 'name';
my $field_uid = '1001';
my $field_gid = '1001';
my $field_home = 'maildir';
my $pass_type = 'cleartxt';
编辑openwebmail主配置文件
# vi /var/www/cgi-bin/openwebmail/etc/openwebmail.conf
domainnames auto
auth_module auth_mysql.pl
auth_withdomain yes
mailspooldir /var/mailbox
create_syshomedir new
use_syshomedir new
ow_cgidir /var/www/cgi-bin/openwebmail
ow_usersdir /var/mailbox
ow_cgiurl /cgi-bin/openwebmail
ow_htmldir /var/www/data/openwebmail
ow_htmlurl /data/openwebmail
logfile /var/log/openwebmail.log
quota_module quota_du.pl #磁盘限额模块
quota_limit 30000 #用户主目录磁盘上限30M
spool_limit 10000 #收件箱上限10M /var/mail
enable_webdisk no
enable_sshterm no
接下来执行初始化
# /var/www/cgi-bin/openwebmail/openwebmail-tool.pl --init
将dbm.conf中的设定改为执行初始化后系统所要求的
# cp /var/www/cgi-bin/openwebmail/etc/defaults/dbm.conf /var/www/cgi-bin/openwebmail/etc/
# vi /var/www/cgi-bin/openwebmail/etc/dbm.conf
dbm_ext .db
dbmopen_ext .db
dbmopen_haslock no
再执行一次初始化
# /var/www/cgi-bin/openwebmail/openwebmail-tool.pl --init
这时便会出现一些讯息，最后出现一行
Send the site report?(Y/n)
按 Enter 即可，这样便完成 openwebmail 的设定
创建日志文件并设置logrotate
# touch /var/log/openwebmail.log
# vi /etc/logrotate.d/syslog （加入下面几行）
/var/log/openwebmail.log {
postrotate
/usr/bin/killall -HUP syslogd
endscript
}
测试
http://192.168.1.5/openwebmail
openwebmail不支持Maildir，所以照这篇文章的设置，将不能收邮件，可以打个补丁（非官方提供），也可以把postfix改成Mailbox格式的，但是我更期待支持Maildir的官方版，应该快了吧！
Go to top.
11.安装clamav 0.84
# wget http://jaist.dl.sourceforge.net/sourceforge/clamav/clamav-0.84.tar.gz
# tar zxvf clamav-0.84.tar.gz
# cd clamav-0.84
# groupadd clamav
# useradd -g clamav -s/bin/false -d/dev/null clamav
# ./configure --prefix=/usr/local/clamav --with-dbdir=/usr/local/share/clamav
# make
# make check
# make install
编辑/usr/local/clamav/etc/clamd.conf
# vi /usr/local/clamav/etc/clamd.conf
#Verbose logging with syslog
LogSyslog
LogVerbose
LogFacility LOG_MAIL
LogFile /var/log/clamav/clamd.log
#Change pid file location
PidFile /var/run/clamav/clamd.pid
DatabaseDirectory /usr/local/share/clamav
#Set the clamav socket
LocalSocket /var/run/clamav/clamd
#Close the connection when this limit is exceeded
StreamMaxLength 10M
#Don't run clamd as root
User amavis
#Newer versions require you to uncomment this
ScanMail
ScanArchive
编辑/usr/local/clamav/etc/freshclam.conf
# vi /usr/local/clamav/etc/freshclam.conf
DatabaseDirectory /usr/local/share/clamav
UpdateLogFile /var/log/clamav/freshclam.log
LogSyslog
LogVerbose
DatabaseOwner amavis
#Check for updates every two hours. That is the official recommendation
Checks 12
DatabaseMirror db.CN.clamav.net
DatabaseMirror database.clamav.net
NotifyClamd
注意：一定要注释掉上面两个文件中Example那行
添加amavis用户和组
# groupadd amavis
# useradd -g amavis -s /bin/false -c "Amavis User" -d /dev/null amavis
创建日志文件夹并设置权限
# mkdir /var/log/clamav
# chmod -R 744 /var/log/clamav
# chown -R amavis:amavis /var/log/clamav
# chown -R amavis.amavis /usr/local/share/clamav
# mkdir /var/run/clamav
# chmod 700 /var/run/clamav
# chown amavis.amavis /var/run/clamav
手动更新病毒库
# /usr/local/clamav/bin/freshclam
设置自动更新病毒库
# vi /etc/crontab
0 4 * * * root /usr/local/clamav/bin/freshclam --quiet -l /var/log/clamd.log
启动
# /usr/local/clamav/sbin/clamd
Go to top.
13.安装amavisd-new 2.3.0
# wget http://www.ijs.si/software/amavisd/amavisd-new-2.3.0.tar.gz
# tar zxvf amavisd-new-2.3.0.tar.gz
# cd amavisd-new-2.3.0
# groupadd amavis
# useradd -g amavis -s /bin/false -c "Amavis User" -d /dev/null amavis
# mkdir -p /var/amavis /var/amavis/tmp /var/amavis/var /var/amavis/db
# chown -R amavis:amavis /var/amavis
# chmod -R 750 /var/amavis
# cp amavisd /usr/local/sbin/
# chown root /usr/local/sbin/amavisd
# chmod 755 /usr/local/sbin/amavisd
# cp amavisd.conf /etc/
# chown root /etc/amavisd.conf
# chmod 644 /etc/amavisd.conf
病毒邮件存放目录
# mkdir /var/virusmails
# chown amavis:amavis /var/virusmails
# chmod 750 /var/virusmails
Go to top.
编辑/etc/amavisd.conf，修改下面这几行
# vi /etc/amavisd.conf
$max_servers=8;
$daemon_user = 'amavis';
$daemon_group = 'amavis';
$mydomain = 'test.com';
$db_home = "$MYHOME/db";
$inet_socket_port = 10024;
$sa_tag_level_deflt = -100;
$sa_tag2_level_deflt = 6.3;
$sa_kill_level_deflt = $sa_tag2_level_deflt;
$virus_admin = "virusalert\@$mydomain";
$sa_spam_subject_tag = '***SPAM*** ';
$notify_method = $forward_method;
$forward_method = 'smtp:127.0.0.1:10025';
$final_virus_destiny = D_DISCARD;
$final_banned_destiny = D_DISCARD;
$final_spam_destiny = D_DISCARD;
['ClamAV-clamd',
  \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd"],
  qr/\bOK$/, qr/\bFOUND$/,
  qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
测试amavis
# /usr/local/sbin/amavisd debug
ERROR: MISSING REQUIRED BASIC MODULES:
Time::HiRes
IO::Wrap
Unix::Syslog
Mail::Field
MIME::Words
Net::Server
BEGIN failed--compilation aborted at /usr/local/sbin/amavisd line 141.
根据出错提示，缺什么装什么
# perl -MCPAN -e shell
cpan>; install Time::HiRes
cpan>; install IO::Wrap
cpan>; install Unix::Syslog
cpan>; install Mail::Field
cpan>; install MIME::Words
cpan>; install Net::Server
cpan>; install BerkeleyDB
cpan>; install Convert::TNEF
cpan>; install Convert::UUlib
cpan>; install Archive::Tar
cpan>; install Archive::Zip (# export LANG=C)
cpan>; install HTML:

arser
cpan>; install DB_File
cpan>; install Net:

NS (when prompted to enable tests, choose no)
cpan>; install Digest::SHA1
cpan>; install Mail::SpamAssassin (# export LANG=en_US)
启动
# /usr/local/sbin/amavisd start
Go to top.
设置postfix
修改/etc/postfix/main.cf
# vi /etc/postfix/main.cf (加入一行)
content_filter = amavis:127.0.0.1:10024
修改/etc/postfix/master.cf
# vi /etc/postfix/master.cf (在最后加上)
# amavisd-new
amavis unix - - n - 2 smtp
  -o smtp_data_done_timeout=1200
  -o smtp_send_xforward_command=yes
  -o disable_dns_lookups=yes
localhost:10025 inet n - n - - smtpd
  -o content_filter=
  -o local_recipient_maps=
  -o relay_recipient_maps=
  -o mynetworks=127.0.0.0/8
  -o smtpd_helo_restrictions=
  -o smtpd_client_restrictions=
  -o smtpd_sender_restrictions=
  -o smtpd_recipient_restrictions=permit_mynetworks,reject
  -o strict_rfc821_envelopes=yes
  -o smtpd_error_sleep_time=0
  -o smtpd_soft_error_limit=1001
  -o smtpd_hard_error_limit=1000
重新启动postfix
# postfix stop
# postfix start
# postfix check
# netstat -an | grep LISTEN (应该可以看到这两个端口在监听)
127.0.0.1.10024 *.* 0 0 49152 0 LISTEN
127.0.0.1.10025 *.* 0 0 49152 0 LISTEN
Go to top.
12.安装Spamassassin 3.0.3
前面装amavis的时候已经装好了，如果没装，请按如下方式安装
# perl -MCPAN -e shell
cpan>; install HTML:

arser
cpan>; install DB_File
cpan>; install Net:

NS (when prompted to enable tests, choose no)
cpan>; install Digest::SHA1
cpan>; install Mail::SpamAssassin
# vi /etc/mail/spamassassin/local.cf （修改后不用重新启动 SpamAssassin，立即生效）
report_safe 0
use_bayes 1
bayes_path /var/amavisd/.spamassassin/bayes
bayes_auto_learn 1
skip_rbl_checks 0
use_razor2 1
use_dcc 1
use_pyzor 1
# 是否能够进行 DNS 查询。直接设定为 yes 将有效加快 amavis 的启动速度
dns_available yes
# 检查是否为由内部网络所寄出的信件。
# 若是，则永远不判断为垃圾邮件。（评分减 50 分）
# 其中的 example.net 请替换成您的 Domain Name..
header LOCAL_RCVD Received =~ /.*$\S+\.domain\.com\s+\[.*\]$/
describe LOCAL_RCVD Received from local machine
score LOCAL_RCVD -50
# 垃圾邮件计分规则
score DCC_CHECK 4.000
score SPF_FAIL 10.000
score SPF_HELO_FAIL 10.000
score RAZOR2_CHECK 2.500
score BAYES_99 4.300
score BAYES_90 3.500
score BAYES_80 3.000
新建文件/var/amavisd/.spamassassin/user_prefs
# touch /var/amavis/.spamassassin/user_prefs
检查local.cf语法
# spamassassin --lint
bayes（计划中）
启动spamd
# /usr/bin/spamd --daemonize --pidfile /var/run/spamd.pid
下载中文垃圾垃圾邮件过滤规则Chinese_rules.cf
# wget -N -P /usr/share/spamassassin www.ccert.edu.cn/spam/sa/Chinese_rules.cf
每次更新Chinese_rules.cf需要重启spamd方法如下
# kill -HUP `cat /var/run/spamd.pid`
自动更新中文垃圾垃圾邮件过滤规则
# vi /etc/crontab (加一行)
0 0 1 * * root wget -N -P /usr/share/spamassassin www.ccert.edu.cn/spam/sa/Chinese_rules.cf;kill -HUP `cat /var/run/spamd.pid`
测试病毒扫描
使用其他邮件系统用户给该系统的用户发送邮件,包含以下内容:
X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
如果这个用户能够收到有病度提示的邮件说明病毒过滤已经成功!
邮件病毒扫描日志将被记录在/var/log/clamav/clamav.log中!
测试垃圾邮件扫描
使用其他邮件系统用户给该系统的用户发送邮件,包含以下内容:
XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X
然后查看邮件日志看看，发出的邮件是否被BOUNCE或DISCARD了
建立maildrop过滤脚本(如果你使用amavisd-new来对spamassassin进行操作的话,跳过该项)
# vi /etc/maildroprc
if ( $SIZE ; 2004/1/28
#
# chkconfig: 2345 80 30
# description: Postfix is a Mail Transport Agent, which is the program
# that moves mail from one machine to another.
#
# processname: mailsys
# pidfile: /var/run/postfix.pid
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
. /etc/sysconfig/network
# Check that networking is up.
[ ${NETWORKING} = "no" ] && exit 0
[ -f /usr/sbin/postfix ] || exit 0
RETVAL=0
prog="

ostfix"
start() {
# Start daemons.
echo -n $"Starting $prog: "
/usr/sbin/postfix start >; /dev/null 2>;&1 &
RETVAL=$?
if [ $RETVAL -eq 0 ]; then
touch /var/lock/subsys/postfix
success $"$prog start"
else
failure $"$prog start failure"
fi
echo
return $RETVAL
}
stop() {
# Stop daemons.
echo -n $"Shutting down $prog: "
/usr/sbin/postfix stop >; /dev/null 2>;&1 &
RETVAL=$?
if [ $RETVAL -eq 0 ]; then
rm -f /var/lock/subsys/postfix
success $"$prog stop"
else
failure $"$prog stop failure"
fi
echo
return $RETVAL
}
# See how we were called.
case "$1" in
start)
start
;;
stop)
stop
;;
restart|reload)
stop
start
RETVAL=$?
;;
*)
echo $"Usage: $0 {start|stop|restart}"
exit 1
esac
exit $RETVA
# chmod 755 /etc/rc.d/init.d/postfix
# chkconfig --level 0123456 postfix on
clamav的启动脚本（有问题）
# cat /etc/rc.d/init.d/clamd
#!/bin/bash
#
# clamav: This script controls the clamd
#
# chkconfig: 2345 79 31
# description: clamav
# processname: clamav
# pidfile: /var/run/clam.pid
# Source function library.
. /etc/rc.d/init.d/functions
prog="/usr/local/sbin/clamd"
prog_base="ClamD"
prog_config_file="/etc/clamav.conf"
## Check that networking is up.
RETVAL=0
# See how we were called.
case "$1" in
start)
echo -n "Starting $prog_base:"
$prog -c $prog_config_file >;>; /var/log/clamd.log &
RETVAL=$?
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/${prog_base}
success
echo
;;
stop)
echo -n "Shutting down $prog_base:"
#Force the kill...
kill `ps -A | grep clamd | cut -c1-6` &>; /dev/null
RETVAL=$?
#Sleep for a second or two.
/bin/sleep 3s
#Kill the stale socket.
rm -f /tmp/clamd >; /dev/null
if [ $RETVAL -eq 0 ] ; then
success
#echo "${prog_base} stopped"
rm -f /var/lock/subsys/${prog_base}
echo
else
echo
fi
;;
status)
status ${prog_base}
RETVAL=$?
;;
restart)
$0 stop
$0 start
RETVAL=$?
;;
reload)
#action $"Reloading ${prog_base}:" ${prog} -c ${prog_config_file} reload
$0 restart
RETVAL=$?
;;
*)
echo "Usage: $0 {start|stop|status|restart|reload}"
exit 1
esac
exit $RETVAL
# chmod 755 /etc/rc.d/init.d/clamd
# chkconfig --level 0123456 postfix on

本文来自ChinaUnix博客，如果查看原文请点：http://blog.chinaunix.net/u/25948/showart_246923.html

欢迎光临 Chinaunix (http://bbs.chinaunix.net/)