我的POSTFIX安装笔记
出处:www.thismail.org 作者:pc51ceo 时间:2006-10-25 17:27:00
本文参照http://mail.toping.net/doc/freebsd_postfix_405.htm这个修改一小部分而来的
首先先得安装APACHE MYSQL 等内容,这些请参照原版安装说明!
1.6 通过phpMyadmin设置数据库
建立postfix数据库(注意:数据库名称为postfix):
进入PHPMYADMIN
建立 postfix 数据库
在左边点postfix,进入postfix数据库,在右边sql里输入下面的代码:
CREATE TABLE domaininfo (
domain_id int(5) NOT NULL auto_increment,
domain varchar(25) NOT NULL default '',
alias varchar(30) default NULL,
passwd varchar(35) NOT NULL default '',
usernum int(5) NOT NULL default '0',
quota int(11) NOT NULL default '0',
des varchar(30) default NULL,
expire date NOT NULL default '0000-00-00',
active tinyint(1) NOT NULL default '1',
create_time datetime default NULL,
PRIMARY KEY (domain_id),
UNIQUE KEY domain (domain),
KEY domain_id (domain_id)
) TYPE=MyISAM COMMENT='domain information';
INSERT INTO domaininfo VALUES (1,'admin',NULL,'$1$.j3.t12.$I7MGf7ZD2HrWwUWQF88Mg1',0,0,'Super Admin','0000-00-00',1,'0000-00-00 00:00:00');
CREATE TABLE userinfo (
id int(11) NOT NULL auto_increment,
userid varchar(20) NOT NULL default '',
domain_id int(5) NOT NULL default '0',
address varchar(50) NOT NULL default '',
alias varchar(60) default NULL,
passwd varchar(35) NOT NULL default '',
realname varchar(20) default NULL,
quota int(11) NOT NULL default '0',
active tinyint(1) NOT NULL default '0',
homedir varchar(60) NOT NULL default '',
maildir varchar(60) NOT NULL default '',
create_time datetime NOT NULL default '0000-00-00 00:00:00',
`fax` varchar(20) NOT NULL default '',
`telephone` varchar(15) NOT NULL default '',
`sex` int(1) NOT NULL default '0',
`year` int(4) NOT NULL default '0',
`MONTH` int(2) NOT NULL default '0',
`DAY` int(2) NOT NULL default '0',
`education` varchar(4) NOT NULL default '',
`marital` int(1) NOT NULL default '0',
`occupation` varchar(15) NOT NULL default '',
`companyname` varchar(30) NOT NULL default '',
`province` varchar(6) NOT NULL default '',
PRIMARY KEY (id),
UNIQUE KEY address (address)
) TYPE=InnoDB COMMENT='User Information';
在左边点mysql,进放mysql数据库,在右边sql里输入(在输入前先把下面代码里"密码"的密码换你自己的密码并记住,后面有用)
INSERT INTO user (host,user,password) VALUES('localhost','postfix','');
update user set password=password('密码') where User='postfix';
GRANT ALL ON postfix.* TO postfix@localhost IDENTIFIED BY "postfix";
至此,postfix数据库设置完成
以前装过webmail或qmail之类的朋友请先执行下面这一步,否则imap可能安装出错。没有安装过的,请跳过此步直接进入courier-imap安装
cd /usr/ports/security/courier-authlib
make deinstall
1.7 安装Courier-imap
mail# cd /usr/ports/mail/courier-imap
mail# make WITHOUT_OPENSSL=yes WITH_MYSQL=yes install clean
我的选择:
在/etc/rc.conf中加入:
courier_authdaemond_enable="YES"
courier_imap_pop3d_enable="YES"
courier_imap_imapd_enable="YES"
mail# /usr/local/etc/rc.d/courier-authdaemond.sh start
此时会在/var/run/authdaemond/下产生socket
mail# cd /usr/local/etc/courier-imap
mail# cp imapd.cnf.dist imapd.cnf
mail# cp pop3d.cnf.dist pop3d.cnf
1.8 安装 postfix 和 cyrus-sasl
mail# cd /usr/ports/security/cyrus-sasl2
mail# make WITH_AUTHDAEMON=yes install clean
创建/usr/local/lib/sasl2/smtpd.conf
内容如下:
pwcheck_method: authdaemond
log_level: 3
mech_list: PLAIN LOGIN
authdaemond_path:/var/run/authdaemond/socket
至此,认证部分基本完成。
mail# cd /usr/ports/mail/postfix
mail# make install clean
我的选择:
回答下面的两问题:
You need user "postfix" added to group "mail".
Would you like me to add it [y]? y
Would you like to activate Postfix in /etc/mail/mailer.conf [n]? n
在/etc/rc.conf中加入:
sendmail_enable="YES"
sendmail_flags="-bd"
sendmail_pidfile="/var/spool/postfix/pid/master.pid"
sendmail_procname="/usr/local/libexec/postfix/master"
sendmail_outbound_enable="NO"
sendmail_submit_enable="NO"
sendmail_msp_queue_enable="NO"
mail# cd /usr/local/etc/rc.d
mail# ln -s /usr/local/sbin/postfix postfix.sh
mail# ln -s /usr/local/sbin/sendmail /usr/sbin/sendmail #如果/usr/sbin/sendmail存在就删了再做上链接
mail# echo 'postfix: root' >> /etc/aliases 中间的空格用"tab"实现
mail# /usr/local/bin/newaliases
mail# chown postfix:postfix /etc/opiekeys
1.9 安装expect
用于Web客户端建立邮件用户
mail# cd /usr/ports/lang/expect
mail# make install clean
Chapter 2. 配置邮件服务器
本节主要讲述各种服务的参数配置。
2.1 配置rc.conf,编辑/etc/rc.conf,
检查一下是否有以下内容:
mysql_enable="YES"
apache2_enable="YES"
courier_authdaemond_enable="YES"
courier_imap_pop3d_enable="YES"
courier_imap_imapd_enable="YES"
sendmail_enable="YES"
sendmail_flags="-bd"
sendmail_pidfile="/var/spool/postfix/pid/master.pid"
sendmail_procname="/usr/local/libexec/postfix/master"
sendmail_outbound_enable="NO"
sendmail_submit_enable="NO"
sendmail_msp_queue_enable="NO"
2.2 配置postfix 和 cyrus-sasl
(1)创建/etc/periodic.conf
ee /etc/periodic.conf
daily_clean_hoststat_enable="NO"
daily_status_mail_rejects_enable="NO"
daily_status_include_submit_mailq="NO"
daily_submit_queuerun="NO"
(2)修改/usr/local/etc/postfix/main.cf,在文件最后加入以下内容
mail# ee /usr/local/etc/postfix/main.cf
smtpd_helo_required = yes
strict_rfc821_envelopes = yes
smtpd_etrn_restrictions = permit_mynetworks, reject
#=====================BASE=====================
myhostname = mail.pc51.net //换成你自己的域名
mydomain = pc51.net //换成你自己的域名
mydestination = $myhostname
local_recipient_maps =
command_directory = /usr/local/sbin
local_transport = virtual
#=====================MySQL=====================
virtual_alias_maps = mysql:/usr/local/etc/postfix/mysql_virtual_alias_maps.cf
virtual_gid_maps = static:125
virtual_mailbox_base = /
virtual_mailbox_domains = mysql:/usr/local/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_limit = 51200000
virtual_mailbox_maps = mysql:/usr/local/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_minimum_uid = 125
virtual_transport = virtual
virtual_uid_maps = static:125
#=====================Quota=====================
virtual_create_maildirsize = yes
virtual_mailbox_extended = yes
virtual_mailbox_limit_maps = mysql:/usr/local/etc/postfix/mysql_virtual_mailbox_limit_maps.cf
virtual_mailbox_limit_override = yes
virtual_maildir_limit_message = Sorry, the user's maildir has overdrawn his diskspace quota, please try again later.
virtual_overquota_bounce = yes
#====================SASL=====================
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_sasl_authenticated permit_auth_destination reject
smtpd_client_restrictions = permit_sasl_authenticated
(3)确认/usr/local/etc/postfix/master.cf的配置有如下内容
virtual unix - n n - - virtual
(4)编辑/usr/local/etc/postfix/mysql_virtual_alias_maps.cf
mail# ee /usr/local/etc/postfix/mysql_virtual_alias_maps.cf
user = postfix
password = 换成上面数据库里的密码
hosts = localhost
dbname = postfix
query = SELECT alias FROM userinfo WHERE address='%s' AND active=1
(5)编辑/usr/local/etc/postfix/mysql_virtual_domains_maps.cf
mail# ee /usr/local/etc/postfix/mysql_virtual_domains_maps.cf
user = postfix
password = 换成上面数据库里的密码
hosts = localhost
dbname = postfix
query = SELECT domain FROM domaininfo WHERE domain='%s'
(6)编辑/usr/local/etc/postfix/mysql_virtual_mailbox_maps.cf
mail# ee /usr/local/etc/postfix/mysql_virtual_mailbox_maps.cf
user = postfix
password = 换成上面数据库里的密码
hosts = localhost
dbname = postfix
query = SELECT maildir FROM userinfo WHERE address='%s' AND active=1
(7)编辑/usr/local/etc/postfix/mysql_virtual_mailbox_limit_maps.cf
mail# ee /usr/local/etc/postfix/mysql_virtual_mailbox_limit_maps.cf
user = postfix
password = 换成上面数据库里的密码
hosts = localhost
dbname = postfix
query = SELECT quota FROM userinfo WHERE username='%s'
2.3 配置Courier-imap
(1)修改Courier相关设置,/usr/local/etc/courier-imap/imapd:
IMAP_CAPABILITY="IMAP4rev1 CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT AUTH=CRAM-MD5 AUTH=CRAM-SHA1 IDLE"
(2)修改/usr/local/etc/courier-imap/pop3d
POP3AUTH="LOGIN CRAM-MD5 CRAM-SHA1"
(3)编辑修改/usr/local/etc/authlib/authmysqlrc
mail# mv /usr/local/etc/authlib/authmysqlrc /usr/local/etc/auhtlib/authmysqlrc_bak
mail# ee /usr/local/etc/authlib/authmysqlrc
MYSQL_SERVER localhost
MYSQL_USERNAME postfix
MYSQL_PASSWORD 换成上面数据库里的密码
MYSQL_PORT 0
MYSQL_OPT 0
MYSQL_DATABASE postfix
MYSQL_USER_TABLE userinfo
MYSQL_CRYPT_PWFIELD passwd
MYSQL_UID_FIELD '125'
MYSQL_GID_FIELD '125'
MYSQL_LOGIN_FIELD address
MYSQL_HOME_FIELD homedir
MYSQL_NAME_FIELD realname
MYSQL_MAILDIR_FIELD maildir
MYSQL_QUOTA_FIELD quota
(4)编辑/usr/local/etc/authlib/authdaemonrc
mail# mv /usr/local/etc/authlib/authdaemonrc /usr/local/etc/authlib/authdaemonrc_bak
mail# ee /usr/local/etc/authlib/authdaemonrc
authmodulelist="authmysql"
authmodulelistorig="authmysql"
version=“authdaemond.mysql”
daemons=5
authdaemonvar=/var/run/authdaemond
subsystem=mail
DEBUG_LOGIN=0
DEFAULTOPTIONS="wbnodsn=1"
重启服务器
Chapter 3. 手动设置第一个用户并测试
本章介绍如何开通用户,并且测试系统是否正常。(可以在phpmyadmin里操作,具体方法参照上面的)
Mail# mysql
mysql> use postfix;
mysql> show tables;
+-------------------+
| Tables_in_postfix |
+-------------------+
| address |
| admin |
| card |
| domaininfo |
| lastauth |
| logs |
| message |
| personal |
| scheduler |
| stow |
| userinfo |
| vpopmail |
+-------------------+
12 rows in set (0.00 sec)
增加域名和管理员
mysql> desc domaininfo;
+-------------+-------------+------+-----+------------+----------------+
| Field | Type | Null | Key | Default | Extra |
+-------------+-------------+------+-----+------------+----------------+
| domain_id | int(5) | | PRI | NULL | auto_increment |
| domain | varchar(25) | | UNI | | |
| alias | varchar(30) | YES | | NULL | |
| passwd | varchar(35) | | | | |
| usernum | int(5) | | | 0 | |
| quota | int(11) | | | 0 | |
| des | varchar(30) | YES | | NULL | |
| expire | date | | | 0000-00-00 | |
| active | tinyint(1) | | | 1 | |
| create_time | datetime | YES | | NULL | |
+-------------+-------------+------+-----+------------+----------------+
10 rows in set (0.00 sec)
INSERT INTO `domaininfo` VALUES (7, \'pc51.net\', NULL, encrypt(\'whsong\'), 50, 500, NULL, \'0000-00-00\', 1, \'2005-04-19 23:19:11\');
Query OK, 1 row affected (0.00 sec)
INSERT INTO `userinfo` VALUES (8, \'webmaster\', 7, \'webmaster@pc51.net\', NULL,encrypt(\'000000\'), \'webmaster\', 209715200, 1, \'/var/mail/pc51.net/webmaster/\', \'/var/mail/pc51.net/webmaster/Maildir/\', \'2005-04-20 23:45:17\', \'\', \'\', 0, 0, 0, 0, \'\', 0, \'\', \'\', \'\');
mysql>quit
设置用户的目录与权限:
Mail# mkdir -p /var/mail/pc51.net/webmaster
Mail# /usr/local/bin/maildirmake /var/mail/pc51.net/webmaster/Maildir
Mail# chmod -R 777 /var/mail/pc51.net/
Mail# chown -R postfix:postfix /var/mail/pc51.net
至此用户设置完毕,这里只使用一个域名,同理可以设置多个域名
Chapter 4.安装postfix管理工具(省略)
4.2 用户登录测试
用户登录测试
安装p5-MIME-Base64
mail# cd /usr/ports/converters/p5-MIME-Base64/
mail# make install clean
通过p5-MIME-Base64来取得用户名和密码的base64编码
mail# perl -MMIME::Base64 -e \'print encode_base64(\"webmaster\\@pc51.net\");\'
d2VibWFzdGVyQHBjNTEubmV0
mail# perl -MMIME::Base64 -e \'print encode_base64(\"000000\");\'
MDAwMDAw
这步可用foxmail来测试
Chapter 5. 防病毒与防垃圾邮件
本章介绍病毒与垃圾邮件的防范。
5.1 安装Clamav
mail# cd /usr/ports/security/clamav
mail# make install clean
我的选择:
重启服务器
测试
mail# clamscan -r -i /usr/local/www/data
----------- SCAN SUMMARY -----------
Known viruses: 32358
Scanned directories: 47
Scanned files: 866
Infected files: 0
Data scanned: 10.32 MB
I/O buffer size: 131072 bytes
Time: 41.750 sec (0 m 41 s)
升级病毒库
mail# freshclam
ClamAV update process started at Fri May 6 00:12:24 2005
WARNING: Your ClamAV installation is OUTDATED - please update immediately!
WARNING: Local version: 0.83 Recommended version: 0.84
Downloading main.cvd
main.cvd updated (version: 31, sigs: 33079, f-level: 4, builder: tkojm)
Downloading daily.cvd
daily.cvd updated (version: 871, sigs: 1178, f-level: 4, builder: ccordes)
Database updated (34257 signatures) from database.clamav.net (IP: 61.8.0.16)
Clamd successfully notified about the update.
5.2 安装MailScanner
mail# cd /usr/ports/mail/mailscanner
mail# make install
第一次执行安装因此需执行make initial-config以建立基本配置文件
mail# make initial-config
mail# make clean
5.3 安装SpamAssassin
mail# cd /usr/ports/mail/p5-Mail-SpamAssassin
mail# make install clean
5.4修改Postfix设定档main.cf
mail# ee /usr/local/etc/postfix/main.cf
#header_checks = regexp:/usr/local/etc/postfix/header_checks //默认值
header_checks = regexp:/usr/local/etc/postfix/header_checks //把注释去掉
mail# ee /usr/local/etc/postfix/header_checks
/^Received:/ HOLD //新加入
5.5修改mailscanner.conf
mail# ee /usr/local/etc/MailScanner/MailScanner.conf
#Run As User = //默认值
Run As User = postfix //修改后
#Run As Group = //默认值
Run As Group = postfix //修改后
#Incoming Queue Dir = /var/spool/mqueue.in //默认值
Incoming Queue Dir = /var/spool/postfix/hold //修改后
#Outgoing Queue Dir = /var/spool/mqueue //默认值
Outgoing Queue Dir = /var/spool/postfix/incoming //修改后
#MTA = sendmail //默认值
MTA = postfix //修改后
#Virus Scanners = none //默认值
Virus Scanners = clamav //修改后
#Use SpamAssassin = no //默认值
Use SpamAssassin = yes //修改后
5.6新增MailScanner所要用到的资料夹
mkdir /var/spool/MailScanner
mkdir /var/spool/MailScanner/incoming
mkdir /var/spool/MailScanner/quarantine
chown postfix:postfix /var/spool/MailScanner/incoming
chown postfix:postfix /var/spool/MailScanner/quarantine
touch /usr/local/etc/MailScanner/rules/bounce.rules //新建一个空白文件,要不然会出错。
chmod -R 777 /var/spool/postfix
cp /usr/local/etc/MailScanner/mcp/10_example.cf.sample /usr/local/etc/MailScanner/mcp/10_example.cf
cp /usr/local/etc/MailScanner/mcp/mcp.spam.assassin.prefs.conf.sample /usr/local/etc/MailScanner/mcp/mcp.spam.assassin.prefs.conf
重起系统
测试病毒过滤:
mail# telnet localhost 25
Trying ::1...
telnet: connect to address ::1: Connection refused
Trying 127.0.0.1...
Connected to localhost.
Escape character is \'^]\'.
220 mail.toping.net ESMTP Postfix
mail from:webmaster@toping.net
250 Ok
rcpt to:webmaster@toping.net
250 Ok
data
354 End data with .
Subject:Virus test
X5O!P%@AP[4\\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
.
250 Ok: queued as F0C221CC20 //出现F0C221CC20这行表示mailscanner运行成功了
quit
221 Bye
Connection closed by foreign host.
5.7把病毒提示信息改为中文
预设系统提示信息为英文,可以下载我修改的中文包。
http://mail.toping.net/mailscanner/cn.rar
cd /usr/local/share/MailScanner/reports
fetch http://mail.toping.net/mailscanner/cn.rar
rar x cn.rar
rm cn.rar
然后编辑 MailScanner.conf
ee /usr/local/etc/MailScanner/MailScanner.conf
加入下面的内容
#%report-dir% = /usr/local/share/MailScanner/reports/en //默认值(加载英文)
%report-dir% = /usr/local/share/MailScanner/reports/cn //修改后为读取中文
5.8.安装APF防垃圾邮件
http://apf.org.cn
http://mail.toping.net/apf/apf.rar
下载最新的APF包解压到/usr/local/etc/postfix目录。 解包过程参照上面的
这时/usr/local/etc/postfix目录里边有一个apf-posftix.pl的文件
修改/usr/local/etc/postfix/master.cf
mail# ee /usr/local/etc/postfix/master.cf
加入:
apf unix - n n - - spawn
user=nobody argv=/usr/bin/perl /usr/local/etc/postfix/apf-postfix.pl
修改/usr/local/etc/postfix/main.cf
mail# ee /usr/local/etc/postfix/main.cf
把下面一行注释掉
#smtpd_recipient_restrictions = permit_sasl_authenticated permit_auth_destination reject
加入下面一行到上面注释掉那一行的下边
smtpd_recipient_restrictions = reject_non_fqdn_sender permit_sasl_authenticated permit_mynetworks reject_unauth_destination check_policy_service unix:private/apf reject_unknown_recipient_domain
增加黑白名单:
1、IP黑名单:
ip_black_list.txt
2、IP白名单
ip_white_list.txt
3、域名黑名单
dn_black_list.txt
4、域名白名单
dn_white_list.txt
Chapter 6. 安装webmail
如何使用本人修改的iGENUS for Postfix 2.01
[下载]
http://mail.toping.net/igenus/igenus_for_postfix_2.01.rar
webmail使用igenus,版本是iGENUS for Postfix 2.01
建议下载本人修改的iGENUS for Postfix 2.01
安装方法参考论坛:
http://www.toping.net/viewthread.php?tid=174&fpage=1
安装autorespond。
mail# cd /usr/ports/mail/autorespond
mail# make install clean
修改/usr/local/etc/apache/httpd.conf
Group www、User www修改为: Group postfix、User postfix
mail# cd /usr/local/www/data
mail# chown -R postfix:postfix phpMyAdmin
mail# cd /usr/local/etc
mail# cp php.ini-dist php.ini
修改/usr/local/etc/php.ini
register_globals = On
max_execution_time = 30 //改为60 (增加处理脚本的时间限制)
memory_limit = 8M //改为40M (这样才能发10M的附件)
post_max_size = 8M //改为10M
upload_max_filesize = 2M //改为10M
重启apache
mail# /usr/local/etc/rc.d/apache2.sh restart
至此安装完毕
输入网址http://mail.pc51.net就可以使用WEBMAIL了:)