首页 | 邮件资讯 | 技术教程 | 解决方案 | 产品评测 | 邮件人才 | 邮件博客 | 邮件系统论坛 | 软件下载 | 邮件周刊 | 热点专题 | 工具
网络技术 | 操作系统 | 邮件系统 | 客户端 | 电子邮箱 | 反垃圾邮件 | 邮件安全 | 邮件营销 | 移动电邮 | 邮件软件下载 | 电子书下载

邮件服务器

技术前沿 | Qmail | IMail | MDaemon | Exchange | Domino | 其它 | Foxmail | James | Kerio | JavaMail | WinMail | Sendmail | Postfix | Winwebmail | Merak | CMailServer | 邮件与开发 | 金笛 |
首页 > 邮件服务器 > Postfix > debian 3.0(sarge)下postfix邮件系统解决方案--deb包安装法 > 正文

debian 3.0(sarge)下postfix邮件系统解决方案--deb包安装法

出处:blog.chinaunix.net 作者:漠北色狼 时间:2007-3-14 19:21:10
1、概述
1.1、系统目标
  Maildir邮件存储格式
  smtp认证
  邮件地址和系统帐号分开
  多域支持
  web管理帐号、别名、域等资料
  pop3/imap支持
webmail支持
  集成mysql数据库
  集成垃圾邮件过滤
  集成防病毒
1.2、TODO

1.3、系统架构
  +---------------------------------------------------+
  | |
  | 25/25 25/25 110/993 143/995 80/443 |
  | Incoming Outgoing POP3 IMAP WEB-MAIL |
  | /\ /\ /\ /\ /\ |
  | || || || || || |
  | \/ \/ \/ \/ \/ |
  +-------------------+---------------+---------------+
  | Postfix | | Squirrelmail |
  | | +---------------+
  | | Courier-imap |
  | |-------------------------------+
  | | Courier-authlib |
  |-------------------+-------------------------------|
  | Cyrus-SASL |
  |---------------------------------------------------+
  | MySQL |
  +---------------------------------------------------+

2、软件包的安装
sarge:#apt-get install postfix postfix-tls postfix-mysql libsasl2 libsasl2-modules libsasl2-modules-sql courier-base courier-pop courier-imap courier-authdaemon courier-authmysql mysql-server-4.1 mysql-client-4.1 apache php4 php4-mysql squirrelmail squirrelmail-locales php4-pear imapproxy

3、配置
3.1、apache
修改/etc/apache/httpd.conf加入PHP4支持

# And for PHP 4.x, use:
#
AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps
sarge:#/etc/init.d/apache restart #重启apache
sarge:#l# netstat -ln|grep 80
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN
3.2、mysql
sarge:#wget http://high5.net/page7_files/postfixadmin-2.1.0.tgz
sarge:#tar zxvf postfixadmin-2.1.0.tgz -C /var/www/
sarge:#ln -s /var/www/postfixadmin-2.1.0 /var/www/postfix
sarge:#mysql < /var/www/postfix/DATABASE_MYSQL.TXT  
sarge:#cp /var/www/postfix/config.inc.php.sample /var/www/postfix/config.inc.php
可以修改config.inc.php中的相关参数以符合你的需求,这里在mysql里存放密码用明方式,$CONF['encrypt'] = 'cleartext';
用浏览器打开http://sargeIP/postfix/ 点setup,一般情况下不会有什么问题。按照提示,删除setup.php文件
sarge:#rm /var/www/postfix/setup.php
sarge:#/etc/init.d/mysql restart
sarge:# netstat -ln|grep 3306
tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN
sarge# mysql
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 245 to server version: 4.1.11-Debian_4sarge7-log

Type 'help;' or '\h' for help. Type '\c' to clear the buffer.

mysql> grant select,insert,update,delete,create,drop on postfix.* to 'postfix'@'127.0.0.1' IDENTIFIED BY 'postfix';
Query OK, 0 rows affected (0.00 sec)

mysql>
添加postfix帐户,密码为postfix,实际应用时更改成一个合理的密码,该用户只能从127.0.0.1连接mysql服务器。 
3.3、postfix
修改/etc/postfix/main.cf,添加下面的内容

#=============sasl2====================#
smtpd_sasl_auth_enable = yes
smtpd_sasl_application_name = smtpd
broken_sasl_auth_clients = yes
smtpd_sasl_local_domain = test.com
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, check_relay_domains, reject_unauth_destination
smtpd_sasl_security_options = noanonymous
smtpd_client_restrictions = permit_sasl_authenticated,
reject_invalid_hostname,
# reject_non_fqdn_hostname,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unknown_sender_domain,
reject_unknown_recipient_domain,
permit_mynetworks,
reject_unauth_destination,
reject_rbl_client relays.ordb.org,
reject_rbl_client list.dsbl.org,
reject_rbl_client sbl.spamhaus.org,
reject_rbl_client cbl.abuseat.org,
reject_rbl_client dul.dnsbl.sorbs.net,
permit

smtpd_data_restrictions =
reject_unauth_pipelining,
permit

#=================mysql================#
virtual_transport = virtual
virtual_mailbox_domains = mysql:/etc/postfix/mysql/mysql_mailbox_domains.cf
virtual_mailbox_base = /var/mailbox/
virtual_mailbox_maps = mysql:/etc/postfix/mysql/mysql_mailbox_maps.cf
virtual_minimum_uid = 33
virtual_uid_maps = static:33
virtual_gid_maps = static:33
virtual_alias_maps = mysql:/etc/postfix/mysql/mysql_alias_maps.cf
mydestination = $myhostname, localhost.$mydomain, localhost
relayhost =
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
recipient_delimiter = +

sarge:#mkdir /etc/postfix/mysql
sarge:#vi /etc/postfix/mysql/mysql_mailbox_domains.cf

hosts = 127.0.0.1
user = postfix
password = postfix
dbname = postfix

table = domain
select_field = domain
where_field = domain
additional_conditions = and active='1'

sarge:#vi /etc/postfix/mysql/mysql_mailbox_maps.cf

hosts = 127.0.0.1
user = postfix
password = postfix
dbname = postfix

table = mailbox
select_field = maildir
where_field = username
additional_conditions = and active='1'

sarge:#vi /etc/postfix/mysql/mysql_alias_maps.cf

hosts = 127.0.0.1
user = postfix
password = postfix
dbname = postfix

table = alias
select_field = goto
where_field = address
additional_conditions = and active='1'

sarge:#vi /etc/postfix/sasl/smtpd.conf

pwcheck_method: auxprop
mech_list: plain login digest-md5 cram-md5
auxprop_plugin: sql
sql_engine: mysql
sql_hostnames: 127.0.0.1
sql_user: postfix
sql_passwd: postfix
sql_database: postfix
sql_select: SELECT password FROM mailbox WHERE username='%u@%r' and domain='%r'and active='1'

关于smtpd.conf 更多的参数可参见http://www.clusting.com/cyrus/SASL/doc/options.html
sarge:#/etc/init.d/postfix restart
sarge:# netstat -ln|grep 25
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN
tcp6 0 0 :::25 :::* LISTEN
unix 2 [ ACC ] STREAM LISTENING 14125 private/relay

打开http://sarge_ip/postfix,对postfixadmin做一番初始化后
添加一个域:test.com #实际应用添加你实际的域名
添加一个帐户:admin@test.com #密码是admin,实际应用时,密码不要和用户名重复。
sarge:#mkdir /var/mailbox #邮件帐户存放邮件的地方
sarge:#chown -R 33:33 /var/mailbox #apache的运行帐户,这里要和main.cf和apache 设定一致。

sarge:#telnet 127.0.0.1 25
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
220 sarge ESMTP Postfix (Debian/GNU)
ehlo sarge
250-sarge
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH LOGIN PLAIN DIGEST-MD5 CRAM-MD5
250-AUTH=LOGIN PLAIN DIGEST-MD5 CRAM-MD5
250 8BITMIME
mail from:"This is a test mail!"<admin@test.com>
250 Ok
rcpt to:<admin@test.com>
250 Ok
data
354 End data with <CR><LF>.<CR><LF>
This is a test mail.
.
250 Ok: queued as 39578C143
quit
221 Bye
Connection closed by foreign host.

现在就应该有/var/mailbox/admin@test.com/这个目录了
sarge:#more /var/mailbox/admin@test.com/new/1170923510.V802I40b7.sarge
Return-Path: <admin@test.com>
X-Original-To: admin@test.com
Delivered-To: admin@test.com
Received: from sarge (localhost.localdomain [127.0.0.1])
by sarge (Postfix) with ESMTP id 39578C143
for <admin@test.com>; Thu, 8 Feb 2007 16:27:16 +0800 (CST)
Message-Id: <20070208082716.39578C143@sarge>
Date: Thu, 8 Feb 2007 16:27:16 +0800 (CST)
From: admin@test.com
To: undisclosed-recipients:;

This is a test mail.
3.4、courier
sarge:#vi /etc/courier/authdaemonrc
最主要是下面这个参数
authmodulelist="authmysql"
sarge:#vi /etc/courier/authmysqlrc
内容为
MYSQL_SERVER 127.0.0.1
MYSQL_SOCKET /var/run/mysqld/mysqld.sock
MYSQL_USERNAME postfix
MYSQL_PASSWORD postfix
MYSQL_DATABASE postfix

MYSQL_USER_TABLE mailbox

MYSQL_LOGIN_FIELD username
MYSQL_CLEAR_PWFIELD password
#MYSQL_CRYPT_PWFIELD password
MYSQL_UID_FIELD '33'
MYSQL_GID_FIELD '33'
MYSQL_HOME_FIELD '/var/mailbox/'
MYSQL_MAILDIR_FIELD maildir
#MYSQL_MAILDIR_FIELD CONCAT(SUBSTRING_INDEX(username,'@',-1),'/',SUBSTRING_INDEX
(username,'@',1),'/')
MYSQL_NAME_FIELD name
MYSQL_QUOTA_FIELD quota
MYSQL_WHERE_CLAUSE active='1'

sarge:#/etc/init.d/courier-authdaemon restart
sarge:#/etc/init.d/courier-imap restart
sarge:#/etc/init.d/courier-pop restart

注意MYSQL_CLEAR_PWFIELD password 用明文方式去抓mysql中的用户密码,和postfixadmin的config.inc.php中的设置一致。

重点注意:如果想在mysql中存放的用户为md5crypt方式,而不是明文,那么postfixadmin的config.inc.php 中的参数要改回$CONF['encrypt'] = 'md5crypt';authmysqlrc配置文件中的MYSQL_CLEAR_PWFIELD password要换成MYSQL_CRYPT_PWFIELD password,先前建立好的帐户必须更新密码。smtpd.conf中添加password_format: crypt 。尽管这样,imap和pop3认证可以通过,smtp发信时,smtp服务器不能通过,需要给cyrus-sasl打个patch。相关资料请参考http://blog.matroid.org/display/26
smtp服务,除了上文使用的认证方式之外,常用的还有saslauthd and PAM。
3.5、mailscanner
sarge:#wget http://www.mailscanner.info/files/4/tar/MailScanner-install-4.54.6-1.tar.gz
sarge:#wget http://www.mailscanner.info/files/4/install-Clam-SA.tar.gz #ClamAV 0.88.2 and SpamAssassin 3.1.3 easy installation package
sarge:#tar zxvf MailScanner-install-4.54.6-1.tar.gz -C /tmp
sarge:#cd /tmp/MailScanner-install-4.54.6-1/
sarge:#./install.sh
sarge:#export EDITOR=vi #默认编辑器使用vi,也可以直接写入/etc/profile or $HOME/.profile,然后source /etc/profile or source $HOME/.profile

sarge:#crontab -e
37 5 * * * /opt/MailScanner/bin/update_phishing_sites
58 23 * * * /opt/MailScanner/bin/clean.quarantine
42 * * * * /opt/MailScanner/bin/update_virus_scanners
3,23,43 * * * * /opt/MailScanner/bin/check_mailscanner

sarge:#tar zxvf install-Clam-SA.tar.gz -C /tmp
sarge:#cd /tmp/install-Clam-SA
sarge:#./install.sh #安装clamav and SpamAssassin

修改/opt/MailScanner/etc/MailScanner.conf:
Run As User = postfix
Run As Group = postfix
Incoming Queue Dir = /var/spool/postfix/hold
Outgoing Queue Dir = /var/spool/postfix/incoming
MTA = postfix
Virus Scanners = clamav
Use SpamAssassin = yes

sarge:#chown postfix:postfix /var/spool/MailScanner/incoming
sarge:#chown postfix:postfix /var/spool/MailScanner/quarantine

修改/etc/postfix/main.cf:
#=============mailscanner===============#
header_checks = regexp:/etc/postfix/header_checks

新建/etc/postfix/header_checks:
/^Received:/ HOLD

sarge:#vi /etc/init.d/MailScanner
case $1 in
start)
/opt/MailScanner/bin/check_mailscanner
[ $? -eq 0 ] && echo "mailscanner start successful"
;;
stop)
;;
esac
sarge:#ln -s /etc/init.d/MailScanner /etc/rc2.d/S19MailScanner
sarge:#ln -s /etc/init.d/MailScanner /etc/rc3.d/S19MailScanner
sarge:#ln -s /etc/init.d/MailScanner /etc/rc4.d/S19MailScanner
sarge:#ln -s /etc/init.d/MailScanner /etc/rc5.d/S19MailScanner
sarge:#ln -s /etc/init.d/MailScanner /etc/rc0.d/K81MailScanner
sarge:#ln -s /etc/init.d/MailScanner /etc/rc1.d/K81MailScanner
sarge:#ln -s /etc/init.d/MailScanner /etc/rc6.d/K81MailScanner

sarge:#/etc/init.d/postfix restart
sarge:#/etc/init.d/MailScanner start
3.6、webmail
sarge:#/usr/sbin/squirrelmail-configure #根据你的具体情况配置一下
sarge:#ln -s /usr/share/squirrelmail /var/www/webmail
相关文章 热门文章
  • postfix+dovecot+postfixadmin+mysql架设邮件服务器
  • FreeBSD上建立一个功能完整的邮件服务器(POSTFIX)
  • CentOS5.1上安装基于postfix的全功能邮件服务器(二)
  • CentOS5.1上安装基于postfix的全功能邮件服务器
  • CentOS安装配置Postfix邮件服务器
  • 在CentOS下用Postfix配置邮件服务器
  • 3分钟安装配置Postfix邮件服务器
  • 基于Postfix的大型邮件系统
  • 19.4.3 让Postfix可监听Internet来收发信件
  • 19.4.1 Postfix的产生
  • 关于postfix的loops back to myself错误
  • 成功将qmail用户迁移到postfix(extmail+extman)下
  • Install and configure Postfix with Cyrus-SASL+Cyr...
  • 在FreeBSD上建立一个功能完整的邮件服务器
  • postfix 邮件病毒过滤
  • 在Fedora上建立自己的邮件服务器
  • Postfix + SpamAssassin 安裝手冊
  • Postfix + Courier-IMAP + Cyrus-SASL + MySQL + IMP...
  • Postfix + Cyrus-SASL + Cyrus-IMAPD + PgSQL HOWTO
  • 在FreeBSD5.1簡單安裝Postfix+Qpopper+Openwebmail
  • 在RHEL 4 上配置全功能的Postfix 服务器
  • Postfix + Cyrus-IMAP + Cyrus-SASL + MySQL + IMP 完..
  • 我的POSTFIX安装笔记
  • Postfix电子邮局的配置步骤
  • 自由广告区
     
    最新软件下载
  • SharePoint Server 2010 部署文档
  • Exchange 2010 RTM升级至SP1 教程
  • Exchange 2010 OWA下RBAC实现的组功能...
  • Lync Server 2010 Standard Edition 标..
  • Lync Server 2010 Enterprise Edition...
  • Forefront Endpoint Protection 2010 ...
  • Lync Server 2010 Edge 服务器部署文档
  • 《Exchange 2003专家指南》
  • Mastering Hyper-V Deployment
  • Windows Server 2008 R2 Hyper-V
  • Microsoft Lync Server 2010 Unleashed
  • Windows Server 2008 R2 Unleashed
  • 今日邮件技术文章
  • 腾讯,在创新中演绎互联网“进化论”
  • 华科人 张小龙 (中国第二代程序员 QQ...
  • 微软推出新功能 提高Hotmail密码安全性
  • 快压技巧分享:秒传邮件超大附件
  • 不容忽视的邮件营销数据分析过程中的算..
  • 国内手机邮箱的现状与未来发展——访尚..
  • 易观数据:2011Q2中国手机邮箱市场收入..
  • 穿越时空的爱恋 QQ邮箱音视频及贺卡邮件
  • Hotmail新功能:“我的朋友可能被黑了”
  • 入侵邻居网络发骚扰邮件 美国男子被重..
  • 网易邮箱莫子睿:《非你莫属》招聘多过..
  • 中国电信推广189邮箱绿色账单
  • 最新专题
  • 鸟哥的Linux私房菜之Mail服务器
  • Exchange Server 2010技术专题
  • Windows 7 技术专题
  • Sendmail 邮件系统配置
  • 组建Exchange 2003邮件系统
  • Windows Server 2008 专题
  • ORF 反垃圾邮件系统
  • Exchange Server 2007 专题
  • ISA Server 2006 教程专题
  • Windows Vista 技术专题
  • “黑莓”(BlackBerry)专题
  • Apache James 专题
  • 分类导航
    邮件新闻资讯:
    IT业界 | 邮件服务器 | 邮件趣闻 | 移动电邮
    电子邮箱 | 反垃圾邮件|邮件客户端|网络安全
    行业数据 | 邮件人物 | 网站公告 | 行业法规
    网络技术:
    邮件原理 | 网络协议 | 网络管理 | 传输介质
    线路接入 | 路由接口 | 邮件存储 | 华为3Com
    CISCO技术 | 网络与服务器硬件
    操作系统:
    Windows 9X | Linux&Uinx | Windows NT
    Windows Vista | FreeBSD | 其它操作系统
    邮件服务器:
    程序与开发 | Exchange | Qmail | Postfix
    Sendmail | MDaemon | Domino | Foxmail
    KerioMail | JavaMail | Winwebmail |James
    Merak&VisNetic | CMailServer | WinMail
    金笛邮件系统 | 其它 |
    反垃圾邮件:
    综述| 客户端反垃圾邮件|服务器端反垃圾邮件
    邮件客户端软件:
    Outlook | Foxmail | DreamMail| KooMail
    The bat | 雷鸟 | Eudora |Becky! |Pegasus
    IncrediMail |其它
    电子邮箱: 个人邮箱 | 企业邮箱 |Gmail
    移动电子邮件:服务器 | 客户端 | 技术前沿
    邮件网络安全:
    软件漏洞 | 安全知识 | 病毒公告 |防火墙
    攻防技术 | 病毒查杀| ISA | 数字签名
    邮件营销:
    Email营销 | 网络营销 | 营销技巧 |营销案例
    邮件人才:招聘 | 职场 | 培训 | 指南 | 职场
    解决方案:
    邮件系统|反垃圾邮件 |安全 |移动电邮 |招标
    产品评测:
    邮件系统 |反垃圾邮件 |邮箱 |安全 |客户端
    广告联系 | 合作联系 | 关于我们 | 联系我们 | 繁體中文
    版权所有:邮件技术资讯网©2003-2010 www.5dmail.net, All Rights Reserved
    www.5Dmail.net Web Team   粤ICP备05009143号