基于Linux平台企业邮件方案

三里屯摇滚

基于Linux平台企业邮件方案


一，.安装准备
我的服务器：mail.ourlab.org
host -t mx ourlab.org

rpm -e --nodpes sendmail postfix

安装qmail邮件服务器之前，当然你得配置好dns了，至于dns得mx怎么配置，不是我们今天要讲的重点。
首先为了安装顺利进行，大家先确认系统是否安装了以下程序，我们用一个简单的命令来查询：
rpm -qa |grep g++ gcc-g++ gdbm gdbm-devel openssl openssl-devel stunnel krb5-devel bzip2 bzip2-devel
然后删除系统自带的邮件系统，以免安装受影响
rpm -e --nodeps sendmail postfix



二.下载所需软件包

-----------------------------
附加要建立的目录:
mkdir -p /var/src/tar
mkdir -p /package
mkdir /var/qmail

-----------------------------
umask 0022
mkdir -p /var/src/tar  (将tar.tar.gz解压后的文件存放在/var/src/tar下)
tar -xzf tar/netqmail-1.05.tar.gz
cd netqmail-1.05
./collate.sh



三，Qmail的安装软件
1.daemontools
mkdir -p /package
chmod 1755 /package
cd /package
tar -xpzf /var/src/tar/daemontools-0.76.tar.gz
cd admin/daemontools-0.76
patch -p1 < /var/src/netqmail-1.05/other-patches/daemontools-0.76.errno.patch
package/install

# 验证daemontools已经正常运行：

sleep 5

ps ax | grep svscan



# add the "clear" service

cd ../
mkdir clear
touch clear/down

cat > clear/run <<EOF
#!/bin/sh
yes '' | head -4000 | tr '\n' .

# When you want to clear the service errors, just run this:
# svc -o /service/clear
EOF

chmod +x clear/run
chmod a-w clear/down

ln -s /package/admin/clear /service/clear


2.ucspi-tcp
cd /var/src/
tar -xzf tar/ucspi-tcp-0.88.tar.gz
cd ucspi-tcp-0.88
patch -p1 < /var/src/netqmail-1.05/other-patches/ucspi-tcp-0.88.errno.patch
# NOTE: If you are on the x86_64 platform, you need to remove the
# "-02" argument to gcc in conf-cc. See this for details

make
make setup check



3.qmail的安装

mkdir /var/qmail
groupadd nofiles
useradd -g nofiles -d /var/qmail/alias alias
useradd -g nofiles -d /var/qmail qmaild
useradd -g nofiles -d /var/qmail qmaill
useradd -g nofiles -d /var/qmail qmailp
groupadd qmail
useradd -g qmail -d /var/qmail qmailq
useradd -g qmail -d /var/qmail qmailr
useradd -g qmail -d /var/qmail qmails
cd /var/src
tar zxvf tar/toaster-scripts-0.8.1.tar.gz

-------------------------------------------------
cd netqmail-1.05/netqmail-1.05/

# 搜索函数straynewline中的451改为553

vi qmail-smtpd.c
# 当你的服务器收到无效格式的邮件时，会发送:"I am not going to accept that message at the moment,you can try again later",对方服务器收到后，几秒钟后又会发送同样的邮件给你，造成多次的重复。

# 改为553后，你的服务器将直接发送："I am not going to accept that message,don't try sending it again.",告诉对方的服务器不要再发这封无效的信件。



# RedHat/Fedora用户可能需要为TLS补丁链接一个include文件

# 输入如下命令：

ln -s /usr/kerberos/include/com_err.h /usr/kerberos/include/krb5.h /usr/kerberos/include/profile.h /usr/include/

# 删除sendmail的链接

rm -rf /usr/sbin/sendmail
rm -rf /usr/lib/sendmail

make
make setup check

注意qmail的补丁将在vpopmail安装以后打

./config-fast mail.ourlab.org   你可以填写你实际邮件服务器的域名

设置管理员的邮箱地址。
cd /var/qmail/alias
echo "admin@ourlab.org" > .qmail-postmaster
echo "admin@ourlab.org" > .qmail-mailer-daemon
echo "admin@ourlab.org" > .qmail-root
chmod 644 ~alias/.qmail*

开启SPF设置
echo 3 > /var/qmail/control/spfbehavior


#添加qmail的帮助手册

echo MANPATH /var/qmail/man >> /etc/man.config


#为qmail服务建立监控目录和日志文件:
cd /var/src
cp toaster-scripts-0.8.1/rc /var/qmail/rc
chmod 755 /var/qmail/rc
mkdir /var/log/qmail
echo ./Maildir/ >/var/qmail/control/defaultdelivery
cp toaster-scripts-0.8.1/qmailctl /var/qmail/bin/
chmod 755 /var/qmail/bin/qmailctl
ln -s /var/qmail/bin/qmailctl /usr/bin
ln -s /var/qmail/bin/sendmail /usr/sbin/sendmail
ln -s /var/qmail/bin/sendmail /usr/lib/sendmail
#Now create the supervise directories/scripts for the qmail services:
mkdir -p /var/qmail/supervise/qmail-send/log
mkdir -p /var/qmail/supervise/qmail-smtpd/log
mkdir -p /var/qmail/supervise/qmail-pop3d/log
mkdir -p /var/qmail/supervise/qmail-pop3ds/log
cp /var/src/toaster-scripts-0.8.1/send.run /var/qmail/supervise/qmail-send/run
cp /var/src/toaster-scripts-0.8.1/send.log.run /var/qmail/supervise/qmail-send/log/run
cp /var/src/toaster-scripts-0.8.1/smtpd.run /var/qmail/supervise/qmail-smtpd/run
cp /var/src/toaster-scripts-0.8.1/smtpd.log.run /var/qmail/supervise/qmail-smtpd/log/run
cp /var/src/toaster-scripts-0.8.1/pop3d.run /var/qmail/supervise/qmail-pop3d/run
cp /var/src/toaster-scripts-0.8.1/pop3d.log.run /var/qmail/supervise/qmail-pop3d/log/run
# cp /var/src/toaster-scripts-0.8.1/stunnel.conf /var/qmail/supervise/qmail-pop3ds/
cp /var/src/toaster-scripts-0.8.1/pop3ds.run /var/qmail/supervise/qmail-pop3ds/run
cp /var/src/toaster-scripts-0.8.1/pop3ds.log.run /var/qmail/supervise/qmail-pop3ds/log/run
echo 20 > /var/qmail/control/concurrencyincoming
chmod 644 /var/qmail/control/concurrencyincoming
chmod 755 /var/qmail/supervise/qmail-send/run
chmod 755 /var/qmail/supervise/qmail-send/log/run
chmod 755 /var/qmail/supervise/qmail-smtpd/run
chmod 755 /var/qmail/supervise/qmail-smtpd/log/run
chmod 755 /var/qmail/supervise/qmail-pop3d/run
chmod 755 /var/qmail/supervise/qmail-pop3d/log/run
chmod 755 /var/qmail/supervise/qmail-pop3ds/run
chmod 755 /var/qmail/supervise/qmail-pop3ds/log/run
mkdir -p /var/log/qmail/smtpd
mkdir -p /var/log/qmail/pop3d
mkdir -p /var/log/qmail/pop3ds
chown -R qmaill /var/log/qmail

允许daemontools来启动qmail
ln -s /var/qmail/supervise/qmail-send /var/qmail/supervise/qmail-smtpd /service

检测qmail是否安装成功
sleep 5
qmailctl stat



四,Vpopmail的安装
vpopmail是一个以qmail为基础的虚拟域管理包；其允许在一个IP地址添加多个虚拟域；并且可以不需要使用系统帐号做邮件帐号。

参考：http://vpopmail.sf.net/

groupadd -g 89 vchkpw
useradd -u 89 -g vchkpw vpopmail

mkdir -p /home/vpopmail/etc

echo "ourlab.org" > /home/vpopmail/etc/defaultdomain
echo "localhost|0|vpopmail|52netseek|vpopmail" > ~vpopmail/etc/vpopmail.mysql
chown vpopmail:vchkpw ~vpopmail/etc/vpopmail.mysql
chmod 640 ~vpopmail/etc/vpopmail.mysql
chown -R vpopmail:vchkpw ~vpopmail/etc
mysql -u root -p
>CREATE DATABASE vpopmail;
>GRANT select,insert,update,delete,create,drop ON vpopmail.* TO vpopmail@localhost IDENTIFIED BY '52netseek';
>flush privileges;
>quit


cd /var/src
tar -xzf tar/vpopmail-5.4.13.tar.gz
cd vpopmail-5.4.13
patch -p0 < ../tar/vpopmail-5.4.13-cumulative-1.patch

./configure --enable-incdir=/usr/include/mysql --enable-libdir=/usr/lib/mysql --disable-roaming-users --enable-logging=p --disable-passwd --enable-clear-passwd --disable-domain-quotas --enable-auth-module=mysql --enable-auth-logging --enable-sql-logging --disable-valias --disable-mysql-limits --enable-learn-passwords
(在这要注意你的MYSQL安装的目录，和共享库目录)
make && make install-strip

#管理:

echo 'export PATH=$PATH:/home/vpopmail/bin' >> /etc/profile

source /etc/profile

echo '127.0.0.1:allow,RELAYCLIENT=""' > /home/vpopmail/etc/tcp.smtp

cd ~vpopmail/etc
tcprules tcp.smtp.cdb tcp.smtp.tmp < tcp.smtp

cd /home/vpopmail/bin
chmod 4755 vchkpw           \\设置 smtp-auth
chown root.root vchkpw      \\设置 smtp-auth
如果使用带验证的smtp，smtp进程要调用密码验证程序，则必须要使用 setuid 和setgid。提高vchkpw的权限，才能完成setgid操作。
# cd /home/vpopmail/bin
---------------------------------------------------------------------------------------------------------------
# 添加域，前面是域名，后面是管理员(postmaster)密码
# vadddomain ourlab.org 52netseek //应先生成一个其它的虚拟域名，不然会有问题，无法自动生成vpopmail数据库

# vadduser netseek@ourlab.org 52netseek

# 添加用户

vadduser -q 10m okman@ourlab.org 52netseek

vmoduser -c okman okman@ourlab.org

-----------------------------------------------------------------------------------------------------------------------

# 设置邮箱容量达到90%的警告信息

vi /home/vpopmail/domains/.quotawarn.msg



From: 邮箱管理员

Reply-To: postmaster@ourlab.org

To: 邮箱用户

Subject: 邮箱空间警告

Mime-Version: 1.0

Content-Type: text/html; charset=gb2312

Content-Transfer-Encoding: base64



您的邮箱空间已经达到90%.如果想继续使用，请删除一些信件.

如果需要帮助,请联系邮箱管理员:

Email : postmaster@ourlab.org





# 设置邮箱已满的警告信息

echo "邮件被拒绝,用户的邮箱空间已满." > /home/vpopmail/domains/.over-quota.msg


-------------------------------------------------------------------------------------------------------------

cd /var/src
cp toaster-scripts-0.8.1/vpopmailctl /var/qmail/bin/vpopmailctl
chmod 755 /var/qmail/bin/vpopmailctl
ln -s /var/qmail/bin/vpopmailctl /usr/bin
cd /var/src/netqmail-1.05/netqmail-1.05
bunzip2 -c ../../tar/qmail-toaster-0.8.3.patch.bz2 | patch -p0
make clean
make
qmailctl stop
make setup check
chown -R vpopmail:vchkpw /var/qmail/spam
make cert
make tmprsadh
-------------------scripts----------------------------------------------------------------------------------

#crontab -e //每天晚上更新temp keys
01 01 * * * /var/qmail/bin/update_tmprsadh > /dev/null 2>&1

# start qmail back up
qmailctl start

#allow daemontools to start vpopmail
ln -s /var/qmail/supervise/qmail-pop3d /var/qmail/supervise/qmail-pop3ds /service

#verify that it's running with vpopmailctl
sleep 5
vpopmailctl stat


# 检查服务

netstat -an | grep 110

ps -ef | grep qmail

ps -efl | grep "service errors" | grep -v grep

--------------------------Webmail的安装----------------------------
1.Apache的设置:
#vi /etc/httpd/conf/httpd.conf
Group Apache
User Apache
修改为：
User vpopmail
Group vchkpw


2.vi /etc/php.ini
max_execution_time=60
memory_limit=20M
post_max_size =10M
file_uploads=on
upload_max_filesize=10M
register_globals=On
session.bug_compat_42=0
session.bug_compat_warn=0
sendmail_path = /var/qmail/bin/qmail-inject
chmod 777 /var/lib/php/session/ -R

3.安装iGenus
tar zxvf igenus_2.0.2_20040901_release.tgz -C /var/www/
cd /var/www/
rm -rf html/
mv igenus html

#建temp文件夹
mkdir /tmp/temp
chmod -R 0755 /tmp/temp
chown -R vpopmail:vchkpw /tmp/temp

mkdir /home/netdisk
chmod -R 0755 /home/netdisk
chown -R vpopmail:vchkpw /home/netdisk

chmod -R 0755 /var/www/html/
chown -R vpopmail:vchkpw /var/www/html/

#cd /var/www/html/config
vi config_inc.php
$CFG_BASEPATH = "/var/www/html/"; \\改成你安装的目录
$CFG_MYSQL_HOST = 'localhost';
$CFG_MYSQL_USER = 'vpopmail'; \\vpopmail访问mysql的帐号
$CFG_MYSQL_PASS = '52netseek'; \\vpopmail访问mysql的密码
$CFG_MYSQL_DB = 'vpopmail'; \\数据库
$CFG_TEMP = "/tmp/temp"; \\删除$CFG_BASEPATH，并修改路径

vdeldomain ourlab.org //删除之前创建的域名

#mysql -uroot -p
use vpopmail;
drop table lastauth;
drop table vpopmail; // 这个表中没有.................
quit;

# vi /var/www/html/docs/iGENUS.sql
use vpopmail; //加入这一行
`pw_shell` varchar(20) default NULL, 在最后一个表的这个后面加上.

`pw_clear_passwd` varchar(16) default NULL, \\加入这一行

mysql -uroot -p < iGENUS.sql


------------装IGENUSWEB管理界面------------------------
Igenus管理页面工具（可选，我测试此处还有点问题,----基实用后面的qmailamdin+vqadmin管理起来也非常方便！）
tar -xzvf igenus_admin_0.1.tgz -C /var/www/html/
vi /var/www/html/admin/includes/config_inc.php

$CFG_VPOPMAIL_USER = "vpopmail";　\\改为你的帐号

$CFG_VPOPMAIL_PASS = "52netseek"; \\改为你的密码

$CFG_VPOPMAIL_PATH = "/home/vpopmail"; \\改为你的vpopmail安装目录

三里屯摇滚

回复 1# 三里屯摇滚


   
#修改config_inc.php文件
vi /usr/local/apps/www/igenus/config/config_inc.php
－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－
$CFG_BASEPATH = "/usr/local/apps/www/igenus/"; \\改成你安装的目录

$CFG_MYSQL_HOST = 'localhost';  

$CFG_MYSQL_USER = 'root'; \\vpopmail访问mysql的帐号

$CFG_MYSQL_PASS = '12345'; \\vpopmail访问mysql的密码

$CFG_MYSQL_DB = 'vpopmail'; \\数据库

$CFG_TEMP = "/tmp/temp"; \\删除$CFG_BASEPATH，并修改路径
－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－
#保存退出


touch /etc/syspasswd.dat

chown -R vpopmail.vchkpw /var/www/html

chmod -R 755 /var/www/html

#登录设置页面

http://mail.ourlab.org/admin/sys/

用户:Admin密码Admin来登录.注意A要大写..这个管理帐号密码登录后可以改的



登录后,首先点"更新数据库"你就会看见你的域名.然后点"编辑"把"登录权限 该域管理员（Postmaster）有权登录进行用户管理"这一项打勾,确认后,就可以用

http://mail.ourlab.org/admin/

来登录管理了。





-----------------------基本邮件安装完成----------------


安装：Courier IMAP & IMAP SSL
安装:courier-authlib
cd /var/src
tar -xjf tar/courier-authlib-0.58.tar.bz2
cd courier-authlib-0.58
./configure --prefix=/usr/local --exec-prefix=/usr/local --with-authvchkpw --without-authldap --without-authmysql --disable-root-check --with-ssl --with-authchange pwdir=/usr/local/libexec/authlib --with-redhat
gmake
gmake install-strip
gmake install-configure

cp courier-authlib.sysvinit /etc/init.d/courier-authlib
chmod 755 /etc/init.d/courier-authlib
ln -s ../init.d/courier-authlib /etc/rc0.d/K30courier-authlib
ln -s ../init.d/courier-authlib /etc/rc1.d/K30courier-authlib
ln -s ../init.d/courier-authlib /etc/rc2.d/S80courier-authlib
ln -s ../init.d/courier-authlib /etc/rc3.d/S80courier-authlib
ln -s ../init.d/courier-authlib /etc/rc4.d/S80courier-authlib
ln -s ../init.d/courier-authlib /etc/rc5.d/S80courier-authlib
ln -s ../init.d/courier-authlib /etc/rc6.d/K30courier-authlib


#vi /usr/local/etc/authlib/authdaemonrc
Change authmodulelist="..." to authmodulelist="authvchkpw"
/etc/init.d/courier-authlib start

安装 Courier-IMAP:
cd /var/src
tar -xjf tar/courier-imap-4.1.0.tar.bz2
cd courier-imap-4.1.0
chown -R vpopmail:vchkpw ../courier-imap-4.1.0
su vpopmail
./configure --prefix=/usr/local --exec-prefix=/usr/local --with-authvchkpw --without-authldap --without-authmysql --disable-root-check --with-ssl --with-authchangepwdir=/usr/local/libexec/authlib --with-redhat
gmake
exit
gmake install-strip
gmake install-configure
/usr/local/sbin/mkimapdcert

cp courier-imap.sysvinit /etc/init.d/courier-imap
chmod 755 /etc/init.d/courier-imap
ln -s ../init.d/courier-imap /etc/rc0.d/K30courier-imap
ln -s ../init.d/courier-imap /etc/rc1.d/K30courier-imap
ln -s ../init.d/courier-imap /etc/rc2.d/S80courier-imap
ln -s ../init.d/courier-imap /etc/rc3.d/S80courier-imap
ln -s ../init.d/courier-imap /etc/rc4.d/S80courier-imap
ln -s ../init.d/courier-imap /etc/rc5.d/S80courier-imap
ln -s ../init.d/courier-imap /etc/rc6.d/K30courier-imap

#vi /usr/local/etc/imapd.cnf  
vi /usr/local/etc/imapd (whereis imapd)
'IMAPDSTART=YES'
#vi /usr/local/etc/imapd-ssl
IMAPDSSLSTART=YES
TLS_CERTFILE=/usr/local/share/imapd.pem

#/etc/init.d/courier-imap start

--------------------------------------------------安装完成-------------------------

---------------安装管理工具---------------------------------------------
ezmlm ? 一个快速，强大的邮件列表程序，可以通过qmailadmin对其进行配置
autorespond ? 自动回复程序,可以很好的与qmailadmin配合使用
qmailadmin ? 通过WEB管理vpopmail域的极好工具
vqadmin ? 通过WEB添加域
---------------------------------------------------------
1.安装autorespond  //autorespond-2.0.5.tar.gz可以测试一下新版本
cd /var/src
tar zxvf tar/autorespond-2.0.4.tar.gz
cd autorespond-2.0.4
patch -p1 < ../tar/autorespond-2.0.4-2.0.5.patch
make && make install

2.ezmlm-idx
cd /var/src
tar -xzf tar/ezmlm-0.53.tar.gz
tar -xzf tar/ezmlm-idx-0.443.tar.gz
cp -rf  ezmlm-idx-0.443/* ezmlm-0.53/
cd ezmlm-0.53
patch -p0 < idx.patch
make && make man
#汉字GB2312支持
make ch_GB && make setup


==========================WEB界面管理工具的安装================================================================

安装mailadmin
cd /var/src
tar -xzf tar/qmailadmin-1.2.10.tar.gz
cd qmailadmin-1.2.10/
./configure --enable-help --enable-cgibindir=/var/www/cgi-bin --enable-htmldir=/var/www/html --enable-modify-quota --enable-domain-autofill=yes
make && make install-strip
cd ../
tar -xzf tar/qmailadmin-help-1.0.8.tar.tar
cd qmailadmin-help-1.0.8
mkdir /var/www/html/images/qmailadmin/help
cp -rp * /var/www/html/images/qmailadmin/help

http://mail.ourlab.org/cgi-bin/qmailadmin



安装:Vqadmin
#cd /var/src
#tar -zxf tar/vqadmin-2.3.6.tar.gz
#cd vqadmin-2.3.6
#vi db_owner.c
static const char *host="localhost";
static const char *user="vpopmail";
static const char *passwd="52netseek";  /* NULL for no password */
static const char *db="vpopmail";

#./configure --enable-cgibindir=/var/www/cgi-bin --enable-htmldir=/var/www/html  --enable-mysql=y --includedir=/usr/include/mysql --libdir=/usr/lib/mysql
(下面编译出错，指定MSYQL安装相关的目录，出错，我直接用啦./configure)
#make && make install-strip

#vi /etc/httpd/conf/httpd.conf
<Directory "/var/www/cgi-bin/vqadmin">
deny from all
Options ExecCGI
AllowOverride AuthConfig
Order deny,allow
</Directory>

#cd /var/www/cgi-bin/vqadmin
创建.htaccess:
vi .htaccess

AuthType Basic
AuthUserFile /etc/httpd/conf/.vqapwd
AuthName vQadmin
require valid-user
satisfy any

#chown vpopmail .htaccess
#chmod 644 .htaccess
#htpasswd -bc /etc/httpd/conf/.vqapwd admin 52netseek
#chmod 644 /etc/httpd/conf/.vqapwd
重新启动apache
从浏览器访问：http://mail.ourlab.org/cgi-bin/vqadmin/vqadmin.cgi



-----------------------mysql要安装其开发相关的包，否则出现编译不过去----全部安装成功----------邮件包括管理全部安装完啦----------------


-------------------------------------------------病毒防护相关--------------------------------------------------------------------------

安装SpamAssassin  http://www.spamassassin.org  
#rpm -qa |grep spamassassin
spamassassin-3.0.4-1.el4 //我安装系统是已经安装好啦.

1.直接安装
cd /root
perl -MCPAN -e shell  (这个是直接安装，要在有外网连接的状态才能在功安装)
o conf prerequisites_policy ask
install Mail::SpamAssassin
quit

2.下载源码安装
安装 SpamAssassin
# 安装Time-HiRes perl模块
cd /var/src
# 注意: 如果你是第一次运行CPAN,你将会被问一系列的问题.
# 大部分问题默认就行了.
perl -MCPAN -e'shell'
cpan> install Time::HiRes
cpan> exit
# 安装SpamAssassin
cd /var/src
tar -xzf tar/Mail-SpamAssassin-3.1.4.tar.gz
cd Mail-SpamAssassin-3.1.4
perl Makefile.PL
make
make install

#配置spamasssassin
#修改起动脚本使spamassassin支持vpopmail
#修改如下一行：
vi /etc/init.d/spamassassin
SPAMDOPTIONS="-d -c -m5 -H -x -u spamd -v"
vi /etc/sysconfig/spamassassin
SPAMDOPTIONS="-d -c -m5 -H -x -u spamd -v"

#spamassassin的过滤模板在/etc/mail/spamassassin/local.cf,修改为：
vi /etc/mail/spamassassin/local.cf
－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－
required_score          5.0

rewrite_header Subject ********SPAM********

report_safe            1

use_bayes              1

skip_rbl_checks         0

ok_languages            zh en

ok_locales              en ko

score HEAD_ILLEGAL_CHARS 0

score SUBJ_ILLEGAL_CHARS 0

score DATE_IN_PAST_03_06 0

score UPPERCASE_25_50 0

score UPPERCASE_50_75 0

score UPPERCASE_75_100 0

score X_MSMAIL_PRIORITY_HIGH 0

score X_PRIORITY_HIGH 0

score TO_TXT 100

score RATWARE_HASH_2 100

score RATWARE_HASH_2_V2 100

score BAYES_99 0.1

score BAYES_80 0.1

score BAYES_60 0.1

score FROM_ILLEGAL_CHARS 0.1

score MIME_BASE64_TEXT 0.1

score NO_RDNS_DOTCOM_HELO 0.1

score CHINA_HEADER 0.1

score NO_REAL_NAME 0.2

score HTML_MESSAGE 0.2

score MIME_HTML_ONLY 0.2

score MIME_HTML_ONLY_MULTI 0.2

score FORGED_MUA_OUTLOOK 0.2

score FORGED_HOTMAIL_RCVD 0.2

score FORGED_OUTLOOK_TAGS 0.2

score MAILTO_TO_SPAM_ADDR 0.2



#黑白名单

whitelist_from *@domain.com



# ---------------------------------------------------------------------------

# 使用中国反垃圾邮件联盟的CBL/CDL

# URL: http://www.anti-spam.org.cn/

header RCVD_IN_CBL eval:check_rbl('cbl', 'cbl.anti-spam.org.cn.')

describe RCVD_IN_CBL Received via a relay in cbl.anti-spam.org.cn

tflags RCVD_IN_CBL net



header RCVD_IN_CDL eval:check_rbl('cdl-notfirsthop', 'cdl.anti-spam.org.cn.')

describe RCVD_IN_CDL CDL: dialup sender did non-local SMTP

tflags RCVD_IN_CDL net



#SCORE

score RCVD_IN_CBL 4.0

score RCVD_IN_CDL 3.0
－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－

#运行ntsysv,将spamassassin设定的为开机运行

#使用CCERT 中文垃圾邮件过滤规则集Chinese_rules.cf
wget -N -P /usr/share/spamassassin www.ccert.edu.cn/spam/sa/Chinese_rules.cf

#添加SpamAssasin服务启动必须的用户
useradd spamd
#启动SpamAssassin
service  spamassassin start

#定期自动更新中文反垃圾邮件规则
crontab ?e
#加入
0 0 1 * * wget -N -P /usr/share/spamassassin www.ccert.edu.cn/spam/sa/Chinese_rules.cf;/etc/init.d/spamassassin restart;/etc/init.d/spamassassin restart;

#建立SpamAssassin的学习系统
sa-learn --sync -D -p user_prefs

#查看自学习的数据信息
sa-learn --dump all

#查看调试信息
spamassassin --lint ?D

#进行一个spam和non-spam的测试
spamassassin -t < sample-spam.txt > spamtest.txt
less spamtest.txt
spamassassin -t < sample-nonspam.txt > nospamtest.txt
less nospamtest.txt
#spamtest.txt文件在主题一段中将包含"*****SPAM*****" 这一行, 而nospamtest.txt文件中则没有.

OK了，到次qmail的主要模块都装上了，要实测正常收发，请注意将你正式域名的MX记录指向过来。

---------------------------------------------------------------------------------------------------------------------

# 在 daemontools下运行spamd
mkdir -p /var/qmail/supervise/spamd/log
mkdir -p /var/log/spamd
chown qmaill /var/log/spamd
cp /var/src/toaster-scripts-0.8/spamd.run /var/qmail/supervise/spamd/run
cp /var/src/toaster-scripts-0.8/spamd.log.run /var/qmail/supervise/spamd/log/run
chmod 755 /var/qmail/supervise/spamd/run
chmod 755 /var/qmail/supervise/spamd/log/run
cp /var/src/toaster-scripts-0.8/local.cf /etc/mail/spamassassin/local.cf
mkdir /etc/mail/spamassassin/.spamassassin/
chown vpopmail /etc/mail/spamassassin/.spamassassin/
ln -s /var/qmail/supervise/spamd /service



2.安装:ClamAV  http://clamav.sf.net
#rpm -qa|grep gmp-devel  先查看是否安装此包

cd /var/src
groupadd clamav
useradd -g clamav clamav

升级zlib到1.2.2否则编译出错:
cd  /var/src
tar -xzf tar/zlib-1.2.3.tar.gz
./configure
make
make install

tar -xzf tar/clamav-0.88.4.tar.gz
cd clamav-0.88.4
patch -p0 < ../tar/clamav-0.88.4-stderr.patch
patch -p0 < ../tar/clamav-0.88.4-conf.patch
patch -p0 < ../tar/clamav-0.88.4-freshclamconf.patch
./configure
make
make install
# setup freshclam
touch /var/log/freshclam.log
chmod 600 /var/log/freshclam.log
chown clamav /var/log/freshclam.log
cp /var/src/toaster-scripts-0.8.1/freshclam /etc/init.d/freshclam
chmod 755 /etc/init.d/freshclam
ln -s ../init.d/freshclam /etc/rc0.d/K30freshclam
ln -s ../init.d/freshclam /etc/rc1.d/K30freshclam
ln -s ../init.d/freshclam /etc/rc2.d/S80freshclam
ln -s ../init.d/freshclam /etc/rc3.d/S80freshclam
ln -s ../init.d/freshclam /etc/rc4.d/S80freshclam
ln -s ../init.d/freshclam /etc/rc5.d/S80freshclam
ln -s ../init.d/freshclam /etc/rc6.d/K30freshclam

# add freshclam.log to logrotate
cp /var/src/toaster-scripts-0.8.1/freshclam.logrotate /etc/logrotate.d/freshclam

# run clamd under daemontools
mkdir -p /var/qmail/supervise/clamd/log
mkdir -p /var/log/clamd
chown clamav /var/log/clamd
cp ../toaster-scripts-0.8.1/clamd.run /var/qmail/supervise/clamd/run
cp ../toaster-scripts-0.8.1/clamd.log.run /var/qmail/supervise/clamd/log/run
chmod 755 /var/qmail/supervise/clamd/run
chmod 755 /var/qmail/supervise/clamd/log/run

# Start clamd and freshclam
ln -s /var/qmail/supervise/clamd /service
/etc/init.d/freshclam start


3.安装 ripmime
ripmime is a tool for extracting MIME attachments from email, and is used by qscanq. See http://www.pldaniels.com/ripmime/ for more details

Install:

cd /var/src/
tar -xzf tar/ripmime-1.4.0.6.tar.gz
cd ripmime-1.4.0.6
make
make install

4.simscan

simscan
要求qmail已经安装啦 qmail-queue 补丁, a new tool for using virus/spam scanners with qmail. The nice thing is that it prevents viruses (and optionally spam) from even getting into your queue. This is different from qmail-scanner, which will quarantine infected messages instead of stopping them at the SMTP level. Go to http://inter7.com/?page=simscan for more information.

cd /var/src/
tar -xzf tar/simscan-1.2.tar.gz
cd simscan-1.2
patch -p0 < ../tar/ripmime.txt
./configure --enable-user=clamav \
--enable-clamav=y \
--enable-spam=y \
--enable-spam-passthru=y \
--enable-per-domain=y \
--enable-ripmime \
--enable-attach=y \
--enable-received=y

make
make install-strip

# add default rules for simscan
echo ":clam=yes,spam=yes,spam_passthru=yes,attach=.vbs:.lnk:.scr:.wsh:.hta:.pif" > /var/qmail/control/simcontrol
# update /var/qmail/control/simcontrol.cdb
/var/qmail/bin/simscanmk
# put versions for received header in /var/qmail/control/simversions.cdb
/var/qmail/bin/simscanmk -g

# turn on scanning
echo ':allow,QMAILQUEUE="/var/qmail/bin/simscan"' >> ~vpopmail/etc/tcp.smtp
qmailctl cdb


5.

------------------监控------------------------------------------

1.先安装GD库：
  我已经安装好啦相关的gd,zlib....

2.安装MRTG
tar -xzf tar/mrtg-2.14.5.tar.gz
cd mrtg-2.14.5/
./configure --prefix=/usr/local
make && make install



3.安装Qmailmrtg7 - MRTG Graphs
tar -xzf tar/qmailmrtg7-4.2.tar.gz
cd qmailmrtg7-4.2
patch -p0 < ../tar/qmailmrtg7-4.2-cfg.patch
make
make install

cp qmail.mrtg.cfg /etc/
indexmaker --section=title /etc/qmail.mrtg.cfg > /var/www/html/qmailmrtg/index.html
# now run mrtg 3 times to get rid of initial cron errors
env LANG=C mrtg /etc/qmail.mrtg.cfg
env LANG=C mrtg /etc/qmail.mrtg.cfg
env LANG=C mrtg /etc/qmail.mrtg.cfg

# Add the following line to your crontab
0-55/5 * * * * env LANG=C /usr/bin/mrtg /etc/qmail.mrtg.cfg > /dev/null


http://192.168.0.86/qmailmrtg/index.html

gig2600

还用qmail？？