debian 3.0(sarge)下postfix邮件系统解决方案--deb包安装法

会员注册登陆网站地图 RSS

设为首页

加入收藏

总编信箱

当前位置：第一邮局>邮件系统>Postfix>文章内容

debian 3.0(sarge)下postfix邮件系统解决方案--deb包安装法

来源：Mail1.com.cn 编辑：Mail 发布时间：2007-04-30 [收藏] [推荐] [评论(0条)]

　　邮件地址和系统帐号分开
　　多域支持
　　web管理帐号、别名、域等资料
　　pop3/imap支持
webmail支持
　　集成mysql数据库
　　集成垃圾邮件过滤
　　集成防病毒
1.2、TODO

1.3、系统架构
　　 ---------------------------------------------------
　　| |
　　| 25/25 25/25 110/993 143/995 80/443 |
　　| Incoming Outgoing POP3 IMAP WEB-MAIL |
　　| /\ /\ /\ /\ /\ |
　　| || || || || || |
　　| \/ \/ \/ \/ \/ |
　　 ------------------- --------------- ---------------
　　| Postfix | | Squirrelmail |
　　| | ---------------
　　| | Courier-imap |
　　| |-------------------------------
　　| | Courier-authlib |
　　|------------------- -------------------------------|
　　| Cyrus-SASL |
　　|---------------------------------------------------
　　| MySQL |
　　 ---------------------------------------------------

2、软件包的安装
sarge:#apt-get install postfix postfix-tls postfix-mysql libsasl2 libsasl2-modules libsasl2-modules-sql courier-base courier-pop courier-imap courier-authdaemon courier-authmysql mysql-server-4.1 mysql-client-4.1 apache php4 php4-mysql squirrelmail squirrelmail-locales php4-pear imapproxy

3、配置
3.1、apache
修改/etc/apache/httpd.conf加入PHP4支持

# And for PHP 4.x, use:
#
AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps
sarge:#/etc/init.d/apache restart #重启apache
sarge:#l# netstat -ln|grep 80
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN
3.2、mysql
sarge:#wget http://high5.net/page7_files/postfixadmin-2.1.0.tgz
sarge:#tar zxvf postfixadmin-2.1.0.tgz -C /var/www/
sarge:#ln -s /var/www/postfixadmin-2.1.0 /var/www/postfix
sarge:#mysql < /var/www/postfix/DATABASE_MYSQL.TXT 　
sarge:#cp /var/www/postfix/config.inc.php.sample /var/www/postfix/config.inc.php
可以修改config.inc.php中的相关参数以符合你的需求,这里在mysql里存放密码用明方式，$CONF['encrypt'] = 'cleartext';
用浏览器打开http://sargeIP/postfix/ 点setup，一般情况下不会有什么问题。按照提示，删除setup.php文件
sarge:#rm /var/www/postfix/setup.php
sarge:#/etc/init.d/mysql restart
sarge:# netstat -ln|grep 3306
tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN
sarge# mysql
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 245 to server version: 4.1.11-Debian_4sarge7-log

Type 'help;' or '\h' for help. Type '\c' to clear the buffer.

mysql> grant select,insert,update,delete,create,drop on postfix.* to 'postfix'@'127.0.0.1' IDENTIFIED BY 'postfix';
Query OK, 0 rows affected (0.00 sec)

mysql>
添加postfix帐户，密码为postfix,实际应用时更改成一个合理的密码，该用户只能从127.0.0.1连接mysql服务器。　
3.3、postfix
修改/etc/postfix/main.cf,添加下面的内容

#=============sasl2====================#
smtpd_sasl_auth_enable = yes
smtpd_sasl_application_name = smtpd
broken_sasl_auth_clients = yes
smtpd_sasl_local_domain = test.com
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, check_relay_domains, reject_unauth_destination
smtpd_sasl_security_options = noanonymous
smtpd_client_restrictions = permit_sasl_authenticated,
reject_invalid_hostname,
# reject_non_fqdn_hostname,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unknown_sender_domain,
reject_unknown_recipient_domain,
permit_mynetworks,
reject_unauth_destination,
reject_rbl_client relays.ordb.org,
reject_rbl_client list.dsbl.org,
reject_rbl_client sbl.spamhaus.org,
reject_rbl_client cbl.abuseat.org,
reject_rbl_client dul.dnsbl.sorbs.net,
permit

smtpd_data_restrictions =
reject_unauth_pipelining,
permit

#=================mysql================#
virtual_transport = virtual
virtual_mailbox_domains = mysql:/etc/postfix/mysql/mysql_mailbox_domains.cf
virtual_mailbox_base = /var/mailbox/
virtual_mailbox_maps = mysql:/etc/postfix/mysql/mysql_mailbox_maps.cf
virtual_minimum_uid = 33
virtual_uid_maps = static:33
virtual_gid_maps = static:33
virtual_alias_maps = mysql:/etc/postfix/mysql/mysql_alias_maps.cf
mydestination = $myhostname, localhost.$mydomain, localhost
relayhost =
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
recipient_delimiter =

sarge:#mkdir /etc/postfix/mysql
sarge:#vi /etc/postfix/mysql/mysql_mailbox_domains.cf

hosts = 127.0.0.1
user = postfix
password = postfix
dbname = postfix

table = domain
select_field = domain
where_field = domain
additional_conditions = and active='1'

sarge:#vi /etc/postfix/mysql/mysql_mailbox_maps.cf

hosts = 127.0.0.1
user = postfix
password = postfix
dbname = postfix

table = mailbox
select_field = maildir
where_field = username
additional_conditions = and active='1'

sarge:#vi /etc/postfix/mysql/mysql_alias_maps.cf

hosts = 127.0.0.1
user = postfix
password = postfix
dbname = postfix

table = alias
select_field = goto
where_field = address
additional_conditions = and active='1'

sarge:#vi /etc/postfix/sasl/smtpd.conf

pwcheck_method: auxprop
mech_list: plain login digest-md5 cram-md5
auxprop_plugin: sql
sql_engine: mysql
sql_hostnames: 127.0.0.1
sql_user: postfix
sql_passwd: postfix
sql_database: postfix
sql_select: SELECT password FROM mailbox WHERE username='%u@%r' and domain='%r'and active='1'

关于smtpd.conf 更多的参数可参见http://www.clusting.com/cyrus/SASL/doc/options.html
sarge:#/etc/init.d/postfix restart
sarge:# netstat -ln|grep 25
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN
tcp6 0 0 :::25 :::* LISTEN
unix 2 [ ACC ] STREAM LISTENING 14125 private/relay

打开http://sarge_ip/postfix,对postfixadmin做一番初始化后
添加一个域：test.com #实际应用添加你实际的域名
添加一个帐户：admin@test.com #密码是admin,实际应用时，密码不要和用户名重复。
sarge:#mkdir /var/mailbox #邮件帐户存放邮件的地方
sarge:#chown -R 33:33 /var/mailbox #apache的运行帐户，这里要和main.cf和apache 设定一致。

sarge:#telnet 127.0.0.1 25
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
220 sarge ESMTP Postfix (Debian/GNU)
ehlo sarge
250-sarge
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH LOGIN PLAIN DIGEST-MD5 CRAM-MD5
250-AUTH=LOGIN PLAIN DIGEST-MD5 CRAM-MD5
250 8BITMIME
mail from:"This is a test mail!"
250 Ok
rcpt to:
250 Ok
data
354 End data with .
This is a test mail.
.
250 Ok: queued as 39578C143
quit
221 Bye
Connection closed by foreign host.

现在就应该有/var/mailbox/admin@test.com/这个目录了
sarge:#more /var/mailbox/admin@test.com/new/1170923510.V802I40b7.sarge
Return-Path:
X-Original-To: admin@test.com
Delivered-To: admin@test.com
Received: from sarge (localhost.localdomain [127.0.0.1])
by sarge (Postfix) with ESMTP id 39578C143
for ; Thu, 8 Feb 2007 16:27:16 0800 (CST)
Message-Id: <20070208082716.39578C143@sarge>
Date: Thu, 8 Feb 2007 16:27:16 0800 (CST)
From: admin@test.com
To: undisclosed-recipients:;

This is a test mail.
3.4、courier
sarge:#vi /etc/courier/authdaemonrc
最主要是下面这个参数
authmodulelist="authmysql"
sarge:#vi /etc/courier/authmysqlrc
内容为
MYSQL_SERVER 127.0.0.1
MYSQL_SOCKET /var/run/mysqld/mysqld.sock
MYSQL_USERNAME postfix
MYSQL_PASSWORD postfix
MYSQL_DATABASE postfix

MYSQL_USER_TABLE mailbox

MYSQL_LOGIN_FIELD username
MYSQL_CLEAR_PWFIELD password
#MYSQL_CRYPT_PWFIELD password
MYSQL_UID_FIELD '33'
MYSQL_GID_FIELD '33'
MYSQL_HOME_FIELD '/var/mailbox/'
MYSQL_MAILDIR_FIELD maildir
#MYSQL_MAILDIR_FIELD CONCAT(SUBSTRING_INDEX(username,'@',-1),'/',SUBSTRING_INDEX
(username,'@',1),'/')
MYSQL_NAME_FIELD name
MYSQL_QUOTA_FIELD quota
MYSQL_WHERE_CLAUSE active='1'

sarge:#/etc/init.d/courier-authdaemon restart
sarge:#/etc/init.d/courier-imap restart
sarge:#/etc/init.d/courier-pop restart

注意MYSQL_CLEAR_PWFIELD password 用明文方式去抓mysql中的用户密码，和postfixadmin的config.inc.php中的设置一致。

重点注意：如果想在mysql中存放的用户为md5crypt方式，而不是明文，那么postfixadmin的config.inc.php 中的参数要改回$CONF['encrypt'] = 'md5crypt';authmysqlrc配置文件中的MYSQL_CLEAR_PWFIELD password要换成MYSQL_CRYPT_PWFIELD password,先前建立好的帐户必须更新密码。smtpd.conf中添加password_format: crypt 。尽管这样，imap和pop3认证可以通过，smtp发信时，smtp服务器不能通过，需要给cyrus-sasl打个patch。相关资料请参考http://blog.matroid.org/display/26
smtp服务，除了上文使用的认证方式之外，常用的还有saslauthd and PAM。
3.5、mailscanner
sarge:#wget http://www.mailscanner.info/files/4/tar/MailScanner-install-4.54.6-1.tar.gz
sarge:#wget http://www.mailscanner.info/files/4/install-Clam-SA.tar.gz #ClamAV 0.88.2 and SpamAssassin 3.1.3 easy installation package
sarge:#tar zxvf MailScanner-install-4.54.6-1.tar.gz -C /tmp
sarge:#cd /tmp/MailScanner-install-4.54.6-1/
sarge:#./install.sh
sarge:#export EDITOR=vi #默认编辑器使用vi,也可以直接写入/etc/profile or $HOME/.profile,然后source /etc/profile or source $HOME/.profile

sarge:#crontab -e
37 5 * * * /opt/MailScanner/bin/update_phishing_sites
58 23 * * * /opt/MailScanner/bin/clean.quarantine
42 * * * * /opt/MailScanner/bin/update_virus_scanners
3,23,43 * * * * /opt/MailScanner/bin/check_mailscanner

sarge:#tar zxvf install-Clam-SA.tar.gz -C /tmp
sarge:#cd /tmp/install-Clam-SA
sarge:#./install.sh #安装clamav and SpamAssassin

修改/opt/MailScanner/etc/MailScanner.conf：
Run As User = postfix
Run As Group = postfix
Incoming Queue Dir = /var/spool/postfix/hold
Outgoing Queue Dir = /var/spool/postfix/incoming
MTA = postfix
Virus Scanners = clamav
Use SpamAssassin = yes

sarge:#chown postfix:postfix /var/spool/MailScanner/incoming
sarge:#chown postfix:postfix /var/spool/MailScanner/quarantine

修改/etc/postfix/main.cf:
#=============mailscanner===============#
header_checks = regexp:/etc/postfix/header_checks

新建/etc/postfix/header_checks:
/^Received:/ HOLD

sarge:#vi /etc/init.d/MailScanner
case $1 in
start)
/opt/MailScanner/bin/check_mailscanner
[ $? -eq 0 ]

上一篇：SPF在Postfix上的实现下一篇：postfix邮件系统解决方案(源代码安装)

[365Key收藏] [雅虎收藏+] [返回顶部] [打印本页] [关闭窗口]

相关文章

·SPF在Postfix上的实现	·postfix邮件系统解决方案(源代码
·Postfix的TLS安装与设定	·邮件帐号管理的shell script
·FreeBSD邮件服务器	·Postfix 日志脚本
·Filtering spam with Postfix	·基於FreeBSD6.1功能完善的mail s
·使用Postfix构建基于FreeBSD的邮	·postfix限制特定用户收发邮件的
·ExtMail Solution for FreeBSD	·postfix中如何获得一个邮件的信

免费邮箱	163邮箱 21CN邮箱 Gmail Hotmail QQ邮箱 SoGou邮箱新浪邮箱雅虎邮箱
邮箱评测	企业邮箱评测
企业邮局	企业邮箱企业邮箱资讯
移动邮件	技术前沿手机邮件
邮件系统	CMail Server WinMail SendMail Qmail Postfix MDaemon Server Lotus Notes IMail Server Foxmail Server Exchange Server Domino Winwebmail
邮件营销	网络营销营销案例营销技巧邮件营销
反垃圾邮件	Anti-Spam技术产品新闻资讯
邮件客户端	DreamMail Foxmail IncrediMail KooMail Outlook The Bat!
邮件安全

用户名：（新注册）密码：匿名评论

评论内容：(不能超过250字，需审核后才会公布，请自觉遵守互联网相关政策法规。

§最新评论：

热点文章

·Postfix SMTP身份验证完整方案解
·postfix邮件系统解决方案(源代码
·ExtMail Solution for FreeBSD
·Linux邮件服务器软件的分析评测
·SPF在Postfix上的实现
·postfix限制特定用户收发邮件的
·使用nfs使得mx邮件服务器跟mail
·ExtMail Solution HOWTO for Lin
·在DEBIAN 下安装POSTFIX 邮件系
·Postfix的TLS安装与设定
·Red Hat 企业版4.1 antivir-ma
·基于Linux和Postfix邮件系统web

网站首页　- 　网站地图　- 　域名注册　- 　虚拟主机　- 　企业邮箱　- 　网站投稿　- 　广告联系　- 　帮助中心　- 　