Linux服务器部署邮件服务器详细操作文档
2024-05-30 18:05:27
1. 配置ip地址192.168.1.2 setup配置ip
更改主机名
Vim /etc/sysconfig/network
mail.han.com
更改参数vim /etc/selinux/config
SELINUX=disabled
重启系统 reboot 使其参数生效
(history | grep configure查看编译安装文件)
2. 编译安装mysql
卸载已安装的mysql的RPM包
[root@server01 /]# rpm -qa | grep mysql 首先查看系统中是否已安装mysql服务器软件
执行卸载
[root@server01 /]# rpm -e mysql-server
[root@server01 /]# rpm -e mysql-connector-odbc
[root@server01 /]# rpm -e libdbi-dbd-mysql
[root@server01 /]# rpm -e mysql --nodeps
删除RPM包创建的mysql账号
[root@server01 /]# userdel -r mysql
释放MySQL软件包
[root@server01] cd /tool/
[root@server01 tool]# tar -zxvf mysql-5.0.56.tar.gz
添加MySQL用户和组,用于运行和维护mysql服务
[root@server01 tool]# useradd -M -s /sbin/nologin mysql
-M 选项表示不建立用户宿主目录、-s 选项表示指定用户的shell
编译前的预配置
[root@server01] # cd mysql-5.0.56
[root@server01 mysql-5.0.56]# ./configure --prefix=/usr/local/mysql
编译并安装
[root@server01 mysql-5.0.56]# make && make install
建立mysql配置文件
[root@server01 mysql-5.0.56]# cp support-files/my-medium.cnf /etc/my.cnf
初始化mysql数据库
以mysql用户的身份执行mysql_install_db脚本,对MySQL数据库进行初始化
[root@server01 mysql-5.0.56]# cd /usr/local/mysql/bin/
[root@server01 bin]# ./mysql_install_db --user=mysql
调整mysql目录权限
修改相关目录的所有权,以便mysql用户可以读写数据库
调整/usr/loca/mysql目录的权限:
[root@server01 local]# ls -ld /usr/local/mysql/
[root@server01 local]# chown -R root.mysql /usr/local/mysql
[root@server01 local]# ls -ld /usr/local/mysql/
调整/usr/local/mysql/var目录的权限:
[root@server01 local]# chown -R mysql /usr/local/mysql/var/
[root@server01 local]# ls -ld /usr/local/mysql/var
调整lib库路径
[root@server01 local]# vi /etc/ld.so.conf
添加路径:
/usr/local/mysql/lib/mysql
[root@server01 local]# ldconfig
Mysql的启动控制
(1) 使用mysqld_safe脚本安全启动服务
[root@mail /]# /usr/local/mysql/bin/mysqld_safe --user=mysql &
(2) 设置MySQL程序的执行路径,主要是为了在执行mysql管理工具时方便
方法一:修改配置文件/etc/profile,使配置永久生效
[root@server01 local]# vi /etc/profile
添加:
PATH=$PATH:/usr/local/mysql/bin
[root@server01 local]# source /etc/profile
方法二:执行export命令,使配置仅当前生效
[root@server01 local]#export PATH=$PATH:/usr/local/mysql/bin
(3) 将Mysql添加为系统服务,主要是为了mysql服务启动的方便
[root@server01 local]# cd /tool/mysql-5.0.56
[root@server01 mysql-5.0.56]# cp support-files/mysql.server /etc/init.d/mysqld
[root@server01 mysql-5.0.56]# chmod +x /etc/init.d/mysqld
[root@server01 mysql-5.0.56]# chkconfig --add mysqld
[root@server01 mysql-5.0.56]# chkconfig mysqld on
测试一下mysql
登陆及退出mysql数据库环境
[root@server01 /]# mysql -u root
以管理员root第一次登陆默认是没有密码的,直接执行上面的命令即可;
退出mysql环境的话:可以使用exit或ctrl+c
为mysql数据库的默认管理员root设置密码
[root@server01 /]# mysqladmin -u root password "123456"
[root@server01 /]# mysql -u root -p
3.安装DNS rpm包方式安装
挂载光盘 mount /dev/cdrom /media/
需要安装的DNS相关rpm包
bind-utils-9.3.6-4.P1.el5 提供DNS服务器的测试工具程序(nslookup、dig等)
bind-chroot-9.3.6-4.P1.el5 实现bind根目录的监牢机制,增强安全性
bind-libs-9.3.6-4.P1.el5 bind软件程序所需要的lib库文件
bind-9.3.6-4.P1.el5 提供了域名服务的主要程序和相关文件
rpm -ivh /media/Server/caching-nameserver-9.3.6-4.P1.el5.i386.rpm
[root@mail /]# cd /var/named/chroot/etc/
[root@mail etc]# cp -p named.caching-nameserver.conf named.conf
[root@mail etc]# vim named.conf
options {
listen-on port 53 { 192.168.1.2; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; };
allow-query-cache { any; };
};
zone "han.com" IN {
type master;
file "han.zx";
};
zone "1.168.192.in-addr.arpa" IN {
type master;
file "han.fx";
};
[root@mail etc]# cd /var/named/chroot/var/named/
[root@mail named]# cp -p localhost.zone han.zx
[root@mail named]# vim han.zx (DNS正向区域设置)
$TTL 86400
@ IN SOA han.com. root.han.com. (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
更改主机名
Vim /etc/sysconfig/network
mail.han.com
更改参数vim /etc/selinux/config
SELINUX=disabled
重启系统 reboot 使其参数生效
(history | grep configure查看编译安装文件)
2. 编译安装mysql
卸载已安装的mysql的RPM包
[root@server01 /]# rpm -qa | grep mysql 首先查看系统中是否已安装mysql服务器软件
执行卸载
[root@server01 /]# rpm -e mysql-server
[root@server01 /]# rpm -e mysql-connector-odbc
[root@server01 /]# rpm -e libdbi-dbd-mysql
[root@server01 /]# rpm -e mysql --nodeps
删除RPM包创建的mysql账号
[root@server01 /]# userdel -r mysql
释放MySQL软件包
[root@server01] cd /tool/
[root@server01 tool]# tar -zxvf mysql-5.0.56.tar.gz
添加MySQL用户和组,用于运行和维护mysql服务
[root@server01 tool]# useradd -M -s /sbin/nologin mysql
-M 选项表示不建立用户宿主目录、-s 选项表示指定用户的shell
编译前的预配置
[root@server01] # cd mysql-5.0.56
[root@server01 mysql-5.0.56]# ./configure --prefix=/usr/local/mysql
编译并安装
[root@server01 mysql-5.0.56]# make && make install
建立mysql配置文件
[root@server01 mysql-5.0.56]# cp support-files/my-medium.cnf /etc/my.cnf
初始化mysql数据库
以mysql用户的身份执行mysql_install_db脚本,对MySQL数据库进行初始化
[root@server01 mysql-5.0.56]# cd /usr/local/mysql/bin/
[root@server01 bin]# ./mysql_install_db --user=mysql
调整mysql目录权限
修改相关目录的所有权,以便mysql用户可以读写数据库
调整/usr/loca/mysql目录的权限:
[root@server01 local]# ls -ld /usr/local/mysql/
[root@server01 local]# chown -R root.mysql /usr/local/mysql
[root@server01 local]# ls -ld /usr/local/mysql/
调整/usr/local/mysql/var目录的权限:
[root@server01 local]# chown -R mysql /usr/local/mysql/var/
[root@server01 local]# ls -ld /usr/local/mysql/var
调整lib库路径
[root@server01 local]# vi /etc/ld.so.conf
添加路径:
/usr/local/mysql/lib/mysql
[root@server01 local]# ldconfig
Mysql的启动控制
(1) 使用mysqld_safe脚本安全启动服务
[root@mail /]# /usr/local/mysql/bin/mysqld_safe --user=mysql &
(2) 设置MySQL程序的执行路径,主要是为了在执行mysql管理工具时方便
方法一:修改配置文件/etc/profile,使配置永久生效
[root@server01 local]# vi /etc/profile
添加:
PATH=$PATH:/usr/local/mysql/bin
[root@server01 local]# source /etc/profile
方法二:执行export命令,使配置仅当前生效
[root@server01 local]#export PATH=$PATH:/usr/local/mysql/bin
(3) 将Mysql添加为系统服务,主要是为了mysql服务启动的方便
[root@server01 local]# cd /tool/mysql-5.0.56
[root@server01 mysql-5.0.56]# cp support-files/mysql.server /etc/init.d/mysqld
[root@server01 mysql-5.0.56]# chmod +x /etc/init.d/mysqld
[root@server01 mysql-5.0.56]# chkconfig --add mysqld
[root@server01 mysql-5.0.56]# chkconfig mysqld on
测试一下mysql
登陆及退出mysql数据库环境
[root@server01 /]# mysql -u root
以管理员root第一次登陆默认是没有密码的,直接执行上面的命令即可;
退出mysql环境的话:可以使用exit或ctrl+c
为mysql数据库的默认管理员root设置密码
[root@server01 /]# mysqladmin -u root password "123456"
[root@server01 /]# mysql -u root -p
3.安装DNS rpm包方式安装
挂载光盘 mount /dev/cdrom /media/
需要安装的DNS相关rpm包
bind-utils-9.3.6-4.P1.el5 提供DNS服务器的测试工具程序(nslookup、dig等)
bind-chroot-9.3.6-4.P1.el5 实现bind根目录的监牢机制,增强安全性
bind-libs-9.3.6-4.P1.el5 bind软件程序所需要的lib库文件
bind-9.3.6-4.P1.el5 提供了域名服务的主要程序和相关文件
rpm -ivh /media/Server/caching-nameserver-9.3.6-4.P1.el5.i386.rpm
[root@mail /]# cd /var/named/chroot/etc/
[root@mail etc]# cp -p named.caching-nameserver.conf named.conf
[root@mail etc]# vim named.conf
options {
listen-on port 53 { 192.168.1.2; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; };
allow-query-cache { any; };
};
zone "han.com" IN {
type master;
file "han.zx";
};
zone "1.168.192.in-addr.arpa" IN {
type master;
file "han.fx";
};
[root@mail etc]# cd /var/named/chroot/var/named/
[root@mail named]# cp -p localhost.zone han.zx
[root@mail named]# vim han.zx (DNS正向区域设置)
$TTL 86400
@ IN SOA han.com. root.han.com. (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
@ IN NS mail.han.com
mail IN A 192.168.1.2
@ IN MX 10 mail.han.com
[root@mail named]# cp -p han.zx han.fx
[root@mail named]# vim han.fx (DNS反向区域设置)
$TTL 86400
@ IN SOA han.com. root.han.com. (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
mail IN A 192.168.1.2
@ IN MX 10 mail.han.com
[root@mail named]# cp -p han.zx han.fx
[root@mail named]# vim han.fx (DNS反向区域设置)
$TTL 86400
@ IN SOA han.com. root.han.com. (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
@ IN NS mail.han.com
2 IN PTR mail.han.com
启动DNS服务
[root@mail named]# service named restart
4.创建运行邮件系统的用户账号postfix及用户组postfix和postdrop
[root@server01 /]# groupadd -g 1200 postdrop
[root@server01 /]# groupadd -g 1000 postfix
[root@server01 /]# useradd -M -u 1000 -g postfix -G postdrop -s /sbin/nologin postfix
5.编译安装postfix
[root@server01 tool]# tar zxvf postfix-2.4.6.tar.gz
[root@server01 tool]# gunzip postfix-2.4.6-vda-ng.patch.gz
[root@server01 tool]# cd postfix-2.4.6
[root@server01 postfix-2.4.6]# patch -p1 < ../postfix-2.4.6-vda-ng.patch
产生postfix编译前的makefiles配置文件
[root@server01 postfix-2.4.6]# make makefiles 'CCARGS=-DHAS_MYSQL -I/usr/local/mysql/include/mysql -DUSE_SASL_AUTH -DUSE_CYRUS_SASL -I/usr/include/sasl' 'AUXLIBS=-L/usr/local/mysql/lib/mysql -lmysqlclient -lz -lm -L/usr/lib/sasl2 -lsasl2'
编译和编译安装
[root@server01 postfix-2.4.6]# make && make install
使用postconf工具简化postfix配置文件main.cf,只保留与默认配置不同的参数,提高易读性和可编辑性
[root@server01 /]# cd /etc/postfix/
[root@server01 postfix]# postconf -n > main2.cf
[root@server01 postfix]# mv main.cf main.cf.bak
[root@server01 postfix]# mv main2.cf main.cf
[root@mail postfix]# vim main.cf 添加相关参数
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
debug_peer_level = 2
html_directory = no
mail_owner = postfix
mailq_path = /usr/bin/mailq
manpage_directory = /usr/local/man
newaliases_path = /usr/bin/newaliases
queue_directory = /var/spool/postfix
readme_directory = no
sample_directory = /etc/postfix
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
unknown_local_recipient_reject_code = 550
inet_interfaces=192.168.1.2,127.0.0.1
myhostname=mail.han.com
mydomain=han.com
myorigin=$mydomain
mydestination=$mydomain,$myhostname
home_mailbox=Maildir/
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination
[root@mail postfix]# postfix start 启动postfix服务
查看服务启动后打开的端口
[root@mail postfix]# netstat -antp | grep 25
执行命令产生别名数据库文件aliases.db
[root@server01 ~]# newaliases
[root@server01 ~]# ls /etc/aliases.db
重新加载配置
[root@server01 postfix]# postfix reload
建立邮件用户,通过telnet方法发送电子邮件测试
[root@server01 postfix]# useradd -s /sbin/nologin mail01
[root@server01 postfix]# passwd mail01
[root@server01 postfix]# useradd -s /sbin/nologin mail02
[root@server01 postfix]# passwd mail02
[root@server01 /]# telnet 127.0.0.1 25
SMTP常用命令字:
HELO localhost 宣告客户端主机地址
MAIL FROM: 发件人地址
RCPT TO: 收件人地址
DATA 邮件数据
QUIT 退出
6.编译安装http
卸载已安装的apache的RPM包
[root@server01 tool]# rpm -e system-config-httpd
[root@server01 tool]# rpm -e httpd-manual
[root@server01 tool]# rpm -e httpd –nodeps
[root@mail tool]# tar -zxvf httpd-2.2.9.tar.gz
编译前的预配置
[root@mail tool]# cd httpd-2.2.9
[root@mail httpd-2.2.9]# ./configure --prefix=/usr/local/apache --enable-so --enable-rewrite --enable-cgi --enable-suexec --with-suexec-caller=daemon --with-suexec-docroot=/usr/local/apache/htdocs
[root@mail httpd-2.2.9]# make && make install
[root@mail httpd-2.2.9]# vim /usr/local/apache/conf/httpd.conf 修改
ServerName mail.han.com:80
启动apache服务
[root@mail /]# /usr/local/apache/bin/apachectl start
7.编译安装php
[root@mail tool]# tar -jxvf php-5.2.6.tar.bz2
[root@mail tool]# cd php-5.2.6
[root@mail php-5.2.6]# ./configure --prefix=/usr/local/php5 --with-apxs2=/usr/local/apache/bin/apxs --with-mysql=/usr/local/mysql/ --enable-sockets --enable-mbstring
编译并安装
[root@mail php-5.2.6]# make && make install
复制php.ini配置文件
[root@mail php-5.2.6]# cp php.ini-dist /usr/local/php5/php.ini
添加并设置
[root@mail php-5.2.6]# vim /usr/local/apache/conf/httpd.conf
LoadModule php5_module modules/libphp5.so
AddType application/x-httpd-php .php
DirectoryIndex index.html index.php
重启apache服务器
[root@mail php-5.2.6]# /usr/local/apache/bin/apachectl restart
8.编译安装dovecot
卸载当前系统已安装的dovecot的rpm包
[root@mail /]# rpm -e dovecot
[root@mail tool]# useradd -M -s /sbin/nologin dovecot
[root@mail tool]# tar -zxvf dovecot-1.1.4.tar.gz
[root@mail tool]# cd dovecot-1.1.4
[root@mail dovecot-1.1.4]# ./configure --sysconfdir=/etc --with-mysql
[root@mail dovecot-1.1.4]# make && make install
配置dovecot的运行参数
从dovecot的模板配置文件生成简单配置文件
[root@mail dovecot-1.1.4]# cp /etc/dovecot-example.conf /etc/dovecot.conf
[root@mail dovecot-1.1.4]# vi /etc/dovecot.conf
protocols = imap pop3
ssl_disable = yes
disable_plaintext_auth = no
mail_location = maildir:~/Maildir
创建dovecot的PAM认证文件
[root@mail dovecot-1.1.4]# vi /etc/pam.d/dovecot
auth required pam_nologin.so
auth include system-auth
account include system-auth
session include system-auth
启动dovecot服务
[root@mail dovecot-1.1.4]# dovecot -c /etc/dovecot.conf
查看dovecot服务开启的端口
[root@mail dovecot-1.1.4]# netstat -antp | grep dovecot
9.配置Postfix虚拟用户支持
[root@mail tool]# tar -zxvf extman-0.2.5.tar.gz
[root@mail tool]# cd extman-0.2.5
[root@mail extman-0.2.5]# cd docs/
[root@mail docs]# pwd
[root@mail docs]# mysql -u root -p < extmail.sql
[root@mail docs]# mysql -u root -p < init.sql
修改postfix配置文件main.cf,添加支持虚拟用户的参数
[root@mail docs]# vi /etc/postfix/main.cf
smtpd_sasl_application_name = smtpd
smtpd_sasl_local_domain = $myhostname
virtual_mailbox_base = /mailbox
virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_uid_maps = static:1000
virtual_gid_maps = static:1000
刷新
[root@mail docs]# postfix reload
把已存在的样例模板文件复制到/etc/postfix目录下
[root@mail docs]# cp mysql_virtual_* /etc/postfix/
为虚拟用户设置SMTP发信认证
编译安装 courier-authlib
[root@mail tool]# tar -jxvf courier-authlib-0.60.2.tar.bz2
[root@mail tool]# cd courier-authlib-0.60.2
[root@mail courier-authlib-0.60.2]# ./configure --prefix=/usr/local/courier-authlib --without-stdheaderdir --with-authmysql --with-redhat --with-mysql-libs=/usr/local/mysql/lib/mysql --with-mysql-include=/usr/local/mysql/include/mysql
[root@mail courier-authlib-0.60.2]# make && make install
[root@mail courier-authlib-0.60.2]# make install-configure
增加路径:
/usr/local/courier-authlib/lib/courier-authlib
[root@mail /]# ldconfig
[root@mail courier-authlib-0.60.2]# cd /usr/local/courier-authlib/etc/authlib/
[root@mail authlib]# cp authdaemonrc authdaemonrc.bak
[root@mail authlib]# vim authdaemonrc
authmodulelist="authmysql"
authmodulelistorig="authmysql"
[root@mail authlib]# chmod -R 755 /usr/local/courier-authlib/var/spool/authdaemon/
修改配置文件authmysqlrc,设置如何向mysql数据库查询信息
[root@mail authlib]# cp authmysqlrc authmysqlrc.bak
[root@mail authlib]# vim authmysqlrc
修改以下参数
MYSQL_SERVER localhost
MYSQL_USERNAME extmail
MYSQL_PASSWORD extmail
MYSQL_SOCKET /tmp/mysql.sock
MYSQL_DATABASE extmail
MYSQL_USER_TABLE mailbox
MYSQL_CRYPT_PWFIELD password
MYSQL_UID_FIELD uidnumber
MYSQL_GID_FIELD gidnumber
MYSQL_LOGIN_FIELD username
MYSQL_HOME_FIELD concat('/mailbox/',homedir)
MYSQL_NAME_FIELD name
MYSQL_MAILDIR_FIELD concat('/mailbox/',maildir)
[root@mail authlib]# chown daemon.daemon authmysqlrc
复制courier-authlib脚本,并启动courier-authlib服务
[root@mail authlib]# cd /tool/courier-authlib-0.60.2
[root@mail courier-authlib-0.60.2]# cp courier-authlib.sysvinit /etc/init.d/courier-authlib
[root@mail courier-authlib-0.60.2]# chmod 755 /etc/rc.d/init.d/courier-authlib
[root@mail courier-authlib-0.60.2]# chmod 755 /etc/init.d/courier-authlib
[root@mail courier-authlib-0.60.2]# chkconfig --add courier-authlib
[root@mail courier-authlib-0.60.2]# chkconfig --level 35 courier-authlib on
[root@mail courier-authlib-0.60.2]# service courier-authlib start
[root@mail courier-authlib-0.60.2]# vi /usr/lib/sasl2/smtpd.conf
pwcheck_method:authdaemond
authdaemond_path:/usr/local/courier-authlib/var/spool/authdaemon/socket
调整socked目录的权限
[root@mail /]# chmod -R 755 /usr/local/courier-authlib/var/spool/authdaemon/
重新启动courier-authlib服务
[root@mail /]# service courier-authlib restart
测试
[root@mail /]# /usr/local/courier-authlib/sbin/authtest -s login postmaster@extmail.org extmail
配置dovecot,调整邮件存储位置及其他参数
[root@mail /]# vim /etc/dovecot.conf
添加并修改参数如下
mail_location = maildir:/mailbox/%d/%n/Maildir
auth default { (删除注释到%87)
mechanisms = plain
passdb sql {
args = /etc/dovecot-mysql.conf
}
userdb sql {
args = /etc/dovecot-mysql.conf
}
}
设置配置文件/etc/dovecot-mysql.conf
[root@mail /]# cd /etc
[root@mail etc]# touch dovecot-mysql.conf
[root@mail etc]# vi dovecot-mysql.conf
driver = mysql
connect = host=localhost dbname=extmail user=extmail password=extmail
default_pass_scheme = CRYPT
password_query = SELECT username AS user,password AS password FROM mailbox WH
ERE username = '%u'
user_query = SELECT maildir,uidnumber AS uid,gidnumber AS gid FROM mailbox WH
ERE username = '%u
建立虚拟用户的邮箱目录
[root@mail etc]# mkdir -p /mailbox/extmail.org/postmaster/Maildir/
[root@mail etc]# chown -R postfix:postfix /mailbox/
[root@mail etc]# killall dovecot
[root@mail etc]# dovecot
测试对虚拟用户的SMTP发信认证
获得虚拟“用户postmaster@extmail.org密码extmail”的加密的字符串
有2种方法可以获取:
方法一:
[root@mail /]# cd /usr/local/courier-authlib/etc/authlib/
[root@mail authlib]# printf "postmaster@extmail.org" | openssl base64
[root@mail authlib]# printf "extmail" | openssl base64
方法二:
[root@mail authlib]# perl -e 'use MIME::Base64; print encode_base64("postmaster@extmail.org")'
[root@mail authlib]# perl -e 'use MIME::Base64; print encode_base64("extmail")'
测试:
[root@mail authlib]# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 mail.han.com ESMTP Postfix
auth login
334 VXNlcm5hbWU6
cG9zdG1hc3RlckBleHRtYWlsLm9yZw==
334 UGFzc3dvcmQ6
ZXh0bWFpbA==
235 2.0.0 Authentication successful
quit 退出
10.Extmail邮件使用及管理平台
安装Unix-Syslog-1.1.tar.gz
[root@mail tool]# tar -zxvf Unix-Syslog-1.1.tar.gz
[root@mail tool]# cd Unix-Syslog-1.1
[root@mail Unix-Syslog-1.1]# perl Makefile.PL
[root@mail Unix-Syslog-1.1]# make && make install
安装DBI-1.607.tar.gz
[root@mail tool]# tar -zxvf DBI-1.607.tar.gz
[root@mail tool]# cd DBI-1.607
[root@mail DBI-1.607]# perl Makefile.PL
[root@mail DBI-1.607]# make && make install
安装DBD-mysql-4.011.tar.gz
[root@mail tool]# tar -zxvf DBD-mysql-4.011.tar.gz
[root@mail tool]# cd DBD-mysql-4.011
[root@mail DBD-mysql-4.011]# perl Makefile.PL
[root@mail DBD-mysql-4.011]# make && make install
安装并配置extmail套件
[root@mail tool]# tar -zxvf extmail-1.0.5.tar.gz -C /usr/local/apache/htdocs/
[root@mail tool]# cd /usr/local/apache/htdocs/
[root@mail htdocs]# mv extmail-1.0.5/ extmail
[root@mail htdocs]# cd extmail/
[root@mail extmail]# chown -R postfix:postfix cgi/
[root@mail extmail]# cp webmail.cf.default webmail.cf
[root@mail extmail]# vim webmail.cf
修改以下参数的值
SYS_CONFIG = /usr/local/apache/htdocs/extmail/
SYS_LANGDIR = /usr/local/apache/htdocs/extmail/lang
SYS_TEMPLDIR = /usr/local/apache/htdocs/extmail/html
SYS_MAILDIR_BASE = /mailbox
SYS_MYSQL_USER = extmail
SYS_MYSQL_PASS = extmail
SYS_MYSQL_DB = extmail
SYS_MYSQL_HOST = localhost
SYS_MYSQL_SOCKET = /tmp/mysql.sock
[root@mail extmail]# vim /usr/local/apache/conf/httpd.conf
NameVirtualHost 192.168.1.2
<VirtualHost 192.168.1.2>
DocumentRoot /usr/local/apache/htdocs/extmail/html/
ServerName mail.han.com
scriptalias /extmail/cgi/ /usr/local/apache/htdocs/extmail/cgi/
alias /extmail /usr/local/apache/htdocs/extmail/html/
suexecusergroup postfix postfix
</VirtualHost>
重启apache服务
[root@mail extmail]# /usr/local/apache/bin/apachectl restart
访问测试
http://mail.han.com/extmail/cgi/
使用客户端登陆extmail邮件系统
用户名:postmaster
密码:extmail
域名:extmail.org
登陆收发电子邮件进行测试!!!!
11.部署extman web管理界面
安装perl支持软件包GD、file-tail及rrdtool绘图引擎工具
[root@mail tool]# tar -zxvf GD-2.41.tar.gz
安装GD包 安装File-Tail包
[root@mail tool]# tar zxvf GD-2.41.tar.gz
[root@mail tool]# tar zxvf File-Tail-0.99.3.tar.gz
[root@mail tool]# cd GD-2.41
[root@mail GD-2.41]# perl Makefile.PL
[root@mail GD-2.41]# make && make install
[root@mail tool]# cd ../File-Tail-0.99.3
[root@mail File-Tail-0.99.3]# perl Makefile.PL
[root@mail File-Tail-0.99.3]# make && make install
安装rrdtool绘图引擎工具rpm包安装方式
[root@mail tool]# rpm -ivh rrdtool-1.2.23-3.el5.i386.rpm
[root@mail tool]# rpm -ivh rrdtool-perl-1.2.23-3.el5.i386.rpm
12.安装并配置extman套件
[root@mail tool]# tar zxvf extman-0.2.5.tar.gz -C /usr/local/apache/htdocs/
[root@mail tool]# cd /usr/local/apache/htdocs
[root@mail htdocs]# mv extman-0.2.5 extman
[root@mail htdocs]# cd extman/
[root@mail extman]# chown -R postfix:postfix /usr/local/apache/htdocs/extman/cgi
[root@mail extman]# mkdir /tmp/extman
[root@mail extman]# chown -R postfix:postfix /tmp/extman
[root@mail extman]# vim /usr/local/apache/htdocs/extman/webman.cf
修改参数如下:
SYS_CONFIG = /usr/local/apache/htdocs/extman/
SYS_LANGDIR = /usr/local/apache/htdocs/extman/lang
SYS_TEMPLDIR = /usr/local/apache/htdocs/extman/html
SYS_MAILDIR_BASE = /mailbox
SYS_SESS_DIR = /tmp/extman/
SYS_MYSQL_USER = webman
SYS_MYSQL_PASS = webman
SYS_MYSQL_DB = extmail
SYS_MYSQL_HOST = localhost
SYS_MYSQL_SOCKET = /tmp/mysql.sock
修改httpd.conf配置文件,添加extman的相关设置:
[root@mail extman]# vim /usr/local/apache/conf/httpd.conf
NameVirtualHost 192.168.1.2
<VirtualHost 192.168.1.2>
DocumentRoot /usr/local/apache/htdocs/extmail/html/
ServerName mail.han.com
Scriptalias /extmail/cgi/ /usr/local/apache/htdocs/extmail/cgi/
Alias /extmail /usr/local/apache/htdocs/extmail/html/
Scriptalias /extman/cgi/ /usr/local/apache/htdocs/extman/cgi/
Alias /extman /usr/local/apache/htdocs/extman/html/
suexecusergroup postfix postfix
</VirtualHost>
重新启动
/usr/local/apache/bin/apachectl restart
测试使用客户端登陆extman管理界面
http://mail.han.com/extman/cgi/index.cgi
用户名:root@extmail.org
密码:extmail*123*
12.查看邮件系统的图形化日志信息
启用 mailgraph_ext 图形日志插件
[root@mail ~]# ln -sf /usr/local/apache/htdocs/extman/addon/mailgraph_ext/mailgraph-init /usr/sbin/
[root@mail ~]# ln -sf /usr/local/apache/htdocs/extman/addon/mailgraph_ext/qmonitor-init /usr/sbin/
[root@mail ~]# cd /usr/local/apache/htdocs/extman/addon/mailgraph_ext/
[root@mail mailgraph_ext]# mkdir /usr/local/mailgraph_ext
[root@mail mailgraph_ext]# cp mailgraph_ext.pl qmonitor.pl /usr/local/mailgraph_ext/
[root@mail mailgraph_ext]# mailgraph-init start
[root@mail mailgraph_ext]# qmonitor-init start
[root@mail mailgraph_ext]# echo "/usr/sbin/mailgraph-init start" >> /etc/rc.d/rc.local
[root@mail mailgraph_ext]# echo "/usr/sbin/qmonitor-init start" >> /etc/rc.d/rc.local
“注意了”linux下怎么开启25端口
如果出现如下错误(Connect to 127.0.0.1:25 fail, Net::SMTP: connect: Connection refused
)是25号端口没有开启
开启25号端口service sendmail start
13.基于邮件地址的过滤
通过配置postfix主配置文件/etc/main.cf可以实现邮件过滤的功能。
根据客户端的主机名/地址过滤 smtpd_client_restrictions
根据HELO主机名地址过滤 smtpd_helo_required
smtpd_helo_restrictions
根据发件人的地址过滤 smtpd_sender_login_maps
smtpd_sender_restrictions
根据收件人的地址过滤 smtpd_recipient_restrictions
根据主机名/地址过滤
[root@mail ~]# vi /etc/postfix/access
……
192.168.1 REJECT
192.168.1.2 OK
jkw.net REJECT
[root@localhost ~]# postmap /etc/postfix/access
[root@mail ~]# vi /etc/postfix/main.cf
smtpd_client_restrictions = check_client_access hash:/etc/postfix/access
示例测试需要的虚拟域、虚拟邮件用户、客户端需要自己创建,并测试过滤是否有效。
根据HELO宣告的地址过滤
[root@mail ~]# vi /etc/postfix/main.cf
……
smtpd_helo_required = yes
smtpd_helo_restrictions = reject_invalid_hostname
2 IN PTR mail.han.com
启动DNS服务
[root@mail named]# service named restart
4.创建运行邮件系统的用户账号postfix及用户组postfix和postdrop
[root@server01 /]# groupadd -g 1200 postdrop
[root@server01 /]# groupadd -g 1000 postfix
[root@server01 /]# useradd -M -u 1000 -g postfix -G postdrop -s /sbin/nologin postfix
5.编译安装postfix
[root@server01 tool]# tar zxvf postfix-2.4.6.tar.gz
[root@server01 tool]# gunzip postfix-2.4.6-vda-ng.patch.gz
[root@server01 tool]# cd postfix-2.4.6
[root@server01 postfix-2.4.6]# patch -p1 < ../postfix-2.4.6-vda-ng.patch
产生postfix编译前的makefiles配置文件
[root@server01 postfix-2.4.6]# make makefiles 'CCARGS=-DHAS_MYSQL -I/usr/local/mysql/include/mysql -DUSE_SASL_AUTH -DUSE_CYRUS_SASL -I/usr/include/sasl' 'AUXLIBS=-L/usr/local/mysql/lib/mysql -lmysqlclient -lz -lm -L/usr/lib/sasl2 -lsasl2'
编译和编译安装
[root@server01 postfix-2.4.6]# make && make install
使用postconf工具简化postfix配置文件main.cf,只保留与默认配置不同的参数,提高易读性和可编辑性
[root@server01 /]# cd /etc/postfix/
[root@server01 postfix]# postconf -n > main2.cf
[root@server01 postfix]# mv main.cf main.cf.bak
[root@server01 postfix]# mv main2.cf main.cf
[root@mail postfix]# vim main.cf 添加相关参数
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
debug_peer_level = 2
html_directory = no
mail_owner = postfix
mailq_path = /usr/bin/mailq
manpage_directory = /usr/local/man
newaliases_path = /usr/bin/newaliases
queue_directory = /var/spool/postfix
readme_directory = no
sample_directory = /etc/postfix
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
unknown_local_recipient_reject_code = 550
inet_interfaces=192.168.1.2,127.0.0.1
myhostname=mail.han.com
mydomain=han.com
myorigin=$mydomain
mydestination=$mydomain,$myhostname
home_mailbox=Maildir/
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination
[root@mail postfix]# postfix start 启动postfix服务
查看服务启动后打开的端口
[root@mail postfix]# netstat -antp | grep 25
执行命令产生别名数据库文件aliases.db
[root@server01 ~]# newaliases
[root@server01 ~]# ls /etc/aliases.db
重新加载配置
[root@server01 postfix]# postfix reload
建立邮件用户,通过telnet方法发送电子邮件测试
[root@server01 postfix]# useradd -s /sbin/nologin mail01
[root@server01 postfix]# passwd mail01
[root@server01 postfix]# useradd -s /sbin/nologin mail02
[root@server01 postfix]# passwd mail02
[root@server01 /]# telnet 127.0.0.1 25
SMTP常用命令字:
HELO localhost 宣告客户端主机地址
MAIL FROM: 发件人地址
RCPT TO: 收件人地址
DATA 邮件数据
QUIT 退出
6.编译安装http
卸载已安装的apache的RPM包
[root@server01 tool]# rpm -e system-config-httpd
[root@server01 tool]# rpm -e httpd-manual
[root@server01 tool]# rpm -e httpd –nodeps
[root@mail tool]# tar -zxvf httpd-2.2.9.tar.gz
编译前的预配置
[root@mail tool]# cd httpd-2.2.9
[root@mail httpd-2.2.9]# ./configure --prefix=/usr/local/apache --enable-so --enable-rewrite --enable-cgi --enable-suexec --with-suexec-caller=daemon --with-suexec-docroot=/usr/local/apache/htdocs
[root@mail httpd-2.2.9]# make && make install
[root@mail httpd-2.2.9]# vim /usr/local/apache/conf/httpd.conf 修改
ServerName mail.han.com:80
启动apache服务
[root@mail /]# /usr/local/apache/bin/apachectl start
7.编译安装php
[root@mail tool]# tar -jxvf php-5.2.6.tar.bz2
[root@mail tool]# cd php-5.2.6
[root@mail php-5.2.6]# ./configure --prefix=/usr/local/php5 --with-apxs2=/usr/local/apache/bin/apxs --with-mysql=/usr/local/mysql/ --enable-sockets --enable-mbstring
编译并安装
[root@mail php-5.2.6]# make && make install
复制php.ini配置文件
[root@mail php-5.2.6]# cp php.ini-dist /usr/local/php5/php.ini
添加并设置
[root@mail php-5.2.6]# vim /usr/local/apache/conf/httpd.conf
LoadModule php5_module modules/libphp5.so
AddType application/x-httpd-php .php
DirectoryIndex index.html index.php
重启apache服务器
[root@mail php-5.2.6]# /usr/local/apache/bin/apachectl restart
8.编译安装dovecot
卸载当前系统已安装的dovecot的rpm包
[root@mail /]# rpm -e dovecot
[root@mail tool]# useradd -M -s /sbin/nologin dovecot
[root@mail tool]# tar -zxvf dovecot-1.1.4.tar.gz
[root@mail tool]# cd dovecot-1.1.4
[root@mail dovecot-1.1.4]# ./configure --sysconfdir=/etc --with-mysql
[root@mail dovecot-1.1.4]# make && make install
配置dovecot的运行参数
从dovecot的模板配置文件生成简单配置文件
[root@mail dovecot-1.1.4]# cp /etc/dovecot-example.conf /etc/dovecot.conf
[root@mail dovecot-1.1.4]# vi /etc/dovecot.conf
protocols = imap pop3
ssl_disable = yes
disable_plaintext_auth = no
mail_location = maildir:~/Maildir
创建dovecot的PAM认证文件
[root@mail dovecot-1.1.4]# vi /etc/pam.d/dovecot
auth required pam_nologin.so
auth include system-auth
account include system-auth
session include system-auth
启动dovecot服务
[root@mail dovecot-1.1.4]# dovecot -c /etc/dovecot.conf
查看dovecot服务开启的端口
[root@mail dovecot-1.1.4]# netstat -antp | grep dovecot
9.配置Postfix虚拟用户支持
[root@mail tool]# tar -zxvf extman-0.2.5.tar.gz
[root@mail tool]# cd extman-0.2.5
[root@mail extman-0.2.5]# cd docs/
[root@mail docs]# pwd
[root@mail docs]# mysql -u root -p < extmail.sql
[root@mail docs]# mysql -u root -p < init.sql
修改postfix配置文件main.cf,添加支持虚拟用户的参数
[root@mail docs]# vi /etc/postfix/main.cf
smtpd_sasl_application_name = smtpd
smtpd_sasl_local_domain = $myhostname
virtual_mailbox_base = /mailbox
virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_uid_maps = static:1000
virtual_gid_maps = static:1000
刷新
[root@mail docs]# postfix reload
把已存在的样例模板文件复制到/etc/postfix目录下
[root@mail docs]# cp mysql_virtual_* /etc/postfix/
为虚拟用户设置SMTP发信认证
编译安装 courier-authlib
[root@mail tool]# tar -jxvf courier-authlib-0.60.2.tar.bz2
[root@mail tool]# cd courier-authlib-0.60.2
[root@mail courier-authlib-0.60.2]# ./configure --prefix=/usr/local/courier-authlib --without-stdheaderdir --with-authmysql --with-redhat --with-mysql-libs=/usr/local/mysql/lib/mysql --with-mysql-include=/usr/local/mysql/include/mysql
[root@mail courier-authlib-0.60.2]# make && make install
[root@mail courier-authlib-0.60.2]# make install-configure
增加路径:
/usr/local/courier-authlib/lib/courier-authlib
[root@mail /]# ldconfig
[root@mail courier-authlib-0.60.2]# cd /usr/local/courier-authlib/etc/authlib/
[root@mail authlib]# cp authdaemonrc authdaemonrc.bak
[root@mail authlib]# vim authdaemonrc
authmodulelist="authmysql"
authmodulelistorig="authmysql"
[root@mail authlib]# chmod -R 755 /usr/local/courier-authlib/var/spool/authdaemon/
修改配置文件authmysqlrc,设置如何向mysql数据库查询信息
[root@mail authlib]# cp authmysqlrc authmysqlrc.bak
[root@mail authlib]# vim authmysqlrc
修改以下参数
MYSQL_SERVER localhost
MYSQL_USERNAME extmail
MYSQL_PASSWORD extmail
MYSQL_SOCKET /tmp/mysql.sock
MYSQL_DATABASE extmail
MYSQL_USER_TABLE mailbox
MYSQL_CRYPT_PWFIELD password
MYSQL_UID_FIELD uidnumber
MYSQL_GID_FIELD gidnumber
MYSQL_LOGIN_FIELD username
MYSQL_HOME_FIELD concat('/mailbox/',homedir)
MYSQL_NAME_FIELD name
MYSQL_MAILDIR_FIELD concat('/mailbox/',maildir)
[root@mail authlib]# chown daemon.daemon authmysqlrc
复制courier-authlib脚本,并启动courier-authlib服务
[root@mail authlib]# cd /tool/courier-authlib-0.60.2
[root@mail courier-authlib-0.60.2]# cp courier-authlib.sysvinit /etc/init.d/courier-authlib
[root@mail courier-authlib-0.60.2]# chmod 755 /etc/rc.d/init.d/courier-authlib
[root@mail courier-authlib-0.60.2]# chmod 755 /etc/init.d/courier-authlib
[root@mail courier-authlib-0.60.2]# chkconfig --add courier-authlib
[root@mail courier-authlib-0.60.2]# chkconfig --level 35 courier-authlib on
[root@mail courier-authlib-0.60.2]# service courier-authlib start
[root@mail courier-authlib-0.60.2]# vi /usr/lib/sasl2/smtpd.conf
pwcheck_method:authdaemond
authdaemond_path:/usr/local/courier-authlib/var/spool/authdaemon/socket
调整socked目录的权限
[root@mail /]# chmod -R 755 /usr/local/courier-authlib/var/spool/authdaemon/
重新启动courier-authlib服务
[root@mail /]# service courier-authlib restart
测试
[root@mail /]# /usr/local/courier-authlib/sbin/authtest -s login postmaster@extmail.org extmail
配置dovecot,调整邮件存储位置及其他参数
[root@mail /]# vim /etc/dovecot.conf
添加并修改参数如下
mail_location = maildir:/mailbox/%d/%n/Maildir
auth default { (删除注释到%87)
mechanisms = plain
passdb sql {
args = /etc/dovecot-mysql.conf
}
userdb sql {
args = /etc/dovecot-mysql.conf
}
}
设置配置文件/etc/dovecot-mysql.conf
[root@mail /]# cd /etc
[root@mail etc]# touch dovecot-mysql.conf
[root@mail etc]# vi dovecot-mysql.conf
driver = mysql
connect = host=localhost dbname=extmail user=extmail password=extmail
default_pass_scheme = CRYPT
password_query = SELECT username AS user,password AS password FROM mailbox WH
ERE username = '%u'
user_query = SELECT maildir,uidnumber AS uid,gidnumber AS gid FROM mailbox WH
ERE username = '%u
建立虚拟用户的邮箱目录
[root@mail etc]# mkdir -p /mailbox/extmail.org/postmaster/Maildir/
[root@mail etc]# chown -R postfix:postfix /mailbox/
[root@mail etc]# killall dovecot
[root@mail etc]# dovecot
测试对虚拟用户的SMTP发信认证
获得虚拟“用户postmaster@extmail.org密码extmail”的加密的字符串
有2种方法可以获取:
方法一:
[root@mail /]# cd /usr/local/courier-authlib/etc/authlib/
[root@mail authlib]# printf "postmaster@extmail.org" | openssl base64
[root@mail authlib]# printf "extmail" | openssl base64
方法二:
[root@mail authlib]# perl -e 'use MIME::Base64; print encode_base64("postmaster@extmail.org")'
[root@mail authlib]# perl -e 'use MIME::Base64; print encode_base64("extmail")'
测试:
[root@mail authlib]# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 mail.han.com ESMTP Postfix
auth login
334 VXNlcm5hbWU6
cG9zdG1hc3RlckBleHRtYWlsLm9yZw==
334 UGFzc3dvcmQ6
ZXh0bWFpbA==
235 2.0.0 Authentication successful
quit 退出
10.Extmail邮件使用及管理平台
安装Unix-Syslog-1.1.tar.gz
[root@mail tool]# tar -zxvf Unix-Syslog-1.1.tar.gz
[root@mail tool]# cd Unix-Syslog-1.1
[root@mail Unix-Syslog-1.1]# perl Makefile.PL
[root@mail Unix-Syslog-1.1]# make && make install
安装DBI-1.607.tar.gz
[root@mail tool]# tar -zxvf DBI-1.607.tar.gz
[root@mail tool]# cd DBI-1.607
[root@mail DBI-1.607]# perl Makefile.PL
[root@mail DBI-1.607]# make && make install
安装DBD-mysql-4.011.tar.gz
[root@mail tool]# tar -zxvf DBD-mysql-4.011.tar.gz
[root@mail tool]# cd DBD-mysql-4.011
[root@mail DBD-mysql-4.011]# perl Makefile.PL
[root@mail DBD-mysql-4.011]# make && make install
安装并配置extmail套件
[root@mail tool]# tar -zxvf extmail-1.0.5.tar.gz -C /usr/local/apache/htdocs/
[root@mail tool]# cd /usr/local/apache/htdocs/
[root@mail htdocs]# mv extmail-1.0.5/ extmail
[root@mail htdocs]# cd extmail/
[root@mail extmail]# chown -R postfix:postfix cgi/
[root@mail extmail]# cp webmail.cf.default webmail.cf
[root@mail extmail]# vim webmail.cf
修改以下参数的值
SYS_CONFIG = /usr/local/apache/htdocs/extmail/
SYS_LANGDIR = /usr/local/apache/htdocs/extmail/lang
SYS_TEMPLDIR = /usr/local/apache/htdocs/extmail/html
SYS_MAILDIR_BASE = /mailbox
SYS_MYSQL_USER = extmail
SYS_MYSQL_PASS = extmail
SYS_MYSQL_DB = extmail
SYS_MYSQL_HOST = localhost
SYS_MYSQL_SOCKET = /tmp/mysql.sock
[root@mail extmail]# vim /usr/local/apache/conf/httpd.conf
NameVirtualHost 192.168.1.2
<VirtualHost 192.168.1.2>
DocumentRoot /usr/local/apache/htdocs/extmail/html/
ServerName mail.han.com
scriptalias /extmail/cgi/ /usr/local/apache/htdocs/extmail/cgi/
alias /extmail /usr/local/apache/htdocs/extmail/html/
suexecusergroup postfix postfix
</VirtualHost>
重启apache服务
[root@mail extmail]# /usr/local/apache/bin/apachectl restart
访问测试
http://mail.han.com/extmail/cgi/
使用客户端登陆extmail邮件系统
用户名:postmaster
密码:extmail
域名:extmail.org
登陆收发电子邮件进行测试!!!!
11.部署extman web管理界面
安装perl支持软件包GD、file-tail及rrdtool绘图引擎工具
[root@mail tool]# tar -zxvf GD-2.41.tar.gz
安装GD包 安装File-Tail包
[root@mail tool]# tar zxvf GD-2.41.tar.gz
[root@mail tool]# tar zxvf File-Tail-0.99.3.tar.gz
[root@mail tool]# cd GD-2.41
[root@mail GD-2.41]# perl Makefile.PL
[root@mail GD-2.41]# make && make install
[root@mail tool]# cd ../File-Tail-0.99.3
[root@mail File-Tail-0.99.3]# perl Makefile.PL
[root@mail File-Tail-0.99.3]# make && make install
安装rrdtool绘图引擎工具rpm包安装方式
[root@mail tool]# rpm -ivh rrdtool-1.2.23-3.el5.i386.rpm
[root@mail tool]# rpm -ivh rrdtool-perl-1.2.23-3.el5.i386.rpm
12.安装并配置extman套件
[root@mail tool]# tar zxvf extman-0.2.5.tar.gz -C /usr/local/apache/htdocs/
[root@mail tool]# cd /usr/local/apache/htdocs
[root@mail htdocs]# mv extman-0.2.5 extman
[root@mail htdocs]# cd extman/
[root@mail extman]# chown -R postfix:postfix /usr/local/apache/htdocs/extman/cgi
[root@mail extman]# mkdir /tmp/extman
[root@mail extman]# chown -R postfix:postfix /tmp/extman
[root@mail extman]# vim /usr/local/apache/htdocs/extman/webman.cf
修改参数如下:
SYS_CONFIG = /usr/local/apache/htdocs/extman/
SYS_LANGDIR = /usr/local/apache/htdocs/extman/lang
SYS_TEMPLDIR = /usr/local/apache/htdocs/extman/html
SYS_MAILDIR_BASE = /mailbox
SYS_SESS_DIR = /tmp/extman/
SYS_MYSQL_USER = webman
SYS_MYSQL_PASS = webman
SYS_MYSQL_DB = extmail
SYS_MYSQL_HOST = localhost
SYS_MYSQL_SOCKET = /tmp/mysql.sock
修改httpd.conf配置文件,添加extman的相关设置:
[root@mail extman]# vim /usr/local/apache/conf/httpd.conf
NameVirtualHost 192.168.1.2
<VirtualHost 192.168.1.2>
DocumentRoot /usr/local/apache/htdocs/extmail/html/
ServerName mail.han.com
Scriptalias /extmail/cgi/ /usr/local/apache/htdocs/extmail/cgi/
Alias /extmail /usr/local/apache/htdocs/extmail/html/
Scriptalias /extman/cgi/ /usr/local/apache/htdocs/extman/cgi/
Alias /extman /usr/local/apache/htdocs/extman/html/
suexecusergroup postfix postfix
</VirtualHost>
重新启动
/usr/local/apache/bin/apachectl restart
测试使用客户端登陆extman管理界面
http://mail.han.com/extman/cgi/index.cgi
用户名:root@extmail.org
密码:extmail*123*
12.查看邮件系统的图形化日志信息
启用 mailgraph_ext 图形日志插件
[root@mail ~]# ln -sf /usr/local/apache/htdocs/extman/addon/mailgraph_ext/mailgraph-init /usr/sbin/
[root@mail ~]# ln -sf /usr/local/apache/htdocs/extman/addon/mailgraph_ext/qmonitor-init /usr/sbin/
[root@mail ~]# cd /usr/local/apache/htdocs/extman/addon/mailgraph_ext/
[root@mail mailgraph_ext]# mkdir /usr/local/mailgraph_ext
[root@mail mailgraph_ext]# cp mailgraph_ext.pl qmonitor.pl /usr/local/mailgraph_ext/
[root@mail mailgraph_ext]# mailgraph-init start
[root@mail mailgraph_ext]# qmonitor-init start
[root@mail mailgraph_ext]# echo "/usr/sbin/mailgraph-init start" >> /etc/rc.d/rc.local
[root@mail mailgraph_ext]# echo "/usr/sbin/qmonitor-init start" >> /etc/rc.d/rc.local
“注意了”linux下怎么开启25端口
如果出现如下错误(Connect to 127.0.0.1:25 fail, Net::SMTP: connect: Connection refused
)是25号端口没有开启
开启25号端口service sendmail start
13.基于邮件地址的过滤
通过配置postfix主配置文件/etc/main.cf可以实现邮件过滤的功能。
根据客户端的主机名/地址过滤 smtpd_client_restrictions
根据HELO主机名地址过滤 smtpd_helo_required
smtpd_helo_restrictions
根据发件人的地址过滤 smtpd_sender_login_maps
smtpd_sender_restrictions
根据收件人的地址过滤 smtpd_recipient_restrictions
根据主机名/地址过滤
[root@mail ~]# vi /etc/postfix/access
……
192.168.1 REJECT
192.168.1.2 OK
jkw.net REJECT
[root@localhost ~]# postmap /etc/postfix/access
[root@mail ~]# vi /etc/postfix/main.cf
smtpd_client_restrictions = check_client_access hash:/etc/postfix/access
示例测试需要的虚拟域、虚拟邮件用户、客户端需要自己创建,并测试过滤是否有效。
根据HELO宣告的地址过滤
[root@mail ~]# vi /etc/postfix/main.cf
……
smtpd_helo_required = yes
smtpd_helo_restrictions = reject_invalid_hostname
应用示例3:根据发件人地址过滤
[root@mail ~]# vi /etc/postfix/main.cf
smtpd_sender_login_maps =
mysql:/etc/postfix/mysql_virtual_sender_maps.cf,
mysql:/etc/postfix/mysql_virtual_alias_maps.cf
smtpd_sender_restrictions =permit_mynetworks,reject_sender_login_mismatch, reject_non_fqdn_sender, reject_unknown_sender_domain,
check_sender_access hash:/etc/postfix/sender_access
[root@mail ~]# vi /etc/postfix/main.cf
smtpd_sender_login_maps =
mysql:/etc/postfix/mysql_virtual_sender_maps.cf,
mysql:/etc/postfix/mysql_virtual_alias_maps.cf
smtpd_sender_restrictions =permit_mynetworks,reject_sender_login_mismatch, reject_non_fqdn_sender, reject_unknown_sender_domain,
check_sender_access hash:/etc/postfix/sender_access
[root@mail ~]# vi /etc/postfix/sender_access
……
ads@xxxx.com??????????REJECT
marketing@???????????REJECT
fake.jkw.net ??????? REJECT
[root@mail ~]# postmap /etc/postfix/sender_access
应用示例4:根据收件人地址过滤
[root@mail ~]# vi /etc/postfix/main.cf
smtpd_recipient_restrictions =
permit_mynetworks, //允许本邮件系统发出的邮件
permit_sasl_authenticated, //允许通过sasl认证的用户作为发件人
reject_unauth_destination, //收件人地址域不包括在Postfix授权网络内时拒绝
reject_non_fqdn_recipient, //收件人地址域不属于合法FQDN时拒绝
reject_unknown_recipient_domain //收件人地址域未知或不存在时拒绝
邮件内容过滤及防病毒
安装MailScanner调度工具
[root@www mail]# tar zxvf MailScanner-4.75.11-1.rpm.tar.gz
[root@www mail]# cd MailScanner-4.75.11-1
[root@www MailScanner-4.75.11-1]# ./install.sh
说明:
mailscanner的安装会提示需要安装多个perl软件包,可以挂载光盘查找安装即可!
需要大概25分钟时间,较长,需要耐心!
修改配置文件/etc/MailScanner/MailScanner.conf
[root@mail ~]# vi /etc/MailScanner/MailScanner.conf
Run As User = postfix
Run As Group = postfix
Incoming Queue Dir = /var/spool/postfix/hold
Outgoing Queue Dir = /var/spool/postfix/incoming
MTA = postfix
Required SpamAssassin Score = 7
High SpamAssassin Score = 10
Spam Actions = deliver header "X-Spam-Status: Yes"
High Scoring Spam Actions = delete forward spam@extmail.org
3、配置postfix支持调用MailScanner
[root@mail ~]# vi /etc/postfix/main.cf
header_checks = regexp:/etc/postfix/header_checks
4、调整过滤队列目录,启动MailScanner服务
[root@mail ~]# vi /etc/postfix/header_checks
/^Received:/ HOLD
[root@mail ~]# cd /var/spool/MailScanner/
[root@mail MailScanner]# chown -R postfix.postfix incoming
[root@mail MailScanner]# chown -R postfix.postfix quarantine
[root@mail MailScanner]# service MailScanner start
5、安装 SpamAssassin 过滤器
从RHEL5光盘中查找安装即可,包括存在依赖关系的相关perl软件包
启动 spamassassin 服务
service spamassassin start
6、安装 F-Prot 病毒扫描工具
[root@www mail]# tar zxvf fp-Linux-i686-ws.tar.gz
[root@www mail]# cd f-prot/
[root@www f-prot]# ./install-f-prot.pl
7、按照书上给出的测试方法进行邮件内容过滤和防病毒机制的测试!
……
ads@xxxx.com??????????REJECT
marketing@???????????REJECT
fake.jkw.net ??????? REJECT
[root@mail ~]# postmap /etc/postfix/sender_access
应用示例4:根据收件人地址过滤
[root@mail ~]# vi /etc/postfix/main.cf
smtpd_recipient_restrictions =
permit_mynetworks, //允许本邮件系统发出的邮件
permit_sasl_authenticated, //允许通过sasl认证的用户作为发件人
reject_unauth_destination, //收件人地址域不包括在Postfix授权网络内时拒绝
reject_non_fqdn_recipient, //收件人地址域不属于合法FQDN时拒绝
reject_unknown_recipient_domain //收件人地址域未知或不存在时拒绝
邮件内容过滤及防病毒
安装MailScanner调度工具
[root@www mail]# tar zxvf MailScanner-4.75.11-1.rpm.tar.gz
[root@www mail]# cd MailScanner-4.75.11-1
[root@www MailScanner-4.75.11-1]# ./install.sh
说明:
mailscanner的安装会提示需要安装多个perl软件包,可以挂载光盘查找安装即可!
需要大概25分钟时间,较长,需要耐心!
修改配置文件/etc/MailScanner/MailScanner.conf
[root@mail ~]# vi /etc/MailScanner/MailScanner.conf
Run As User = postfix
Run As Group = postfix
Incoming Queue Dir = /var/spool/postfix/hold
Outgoing Queue Dir = /var/spool/postfix/incoming
MTA = postfix
Required SpamAssassin Score = 7
High SpamAssassin Score = 10
Spam Actions = deliver header "X-Spam-Status: Yes"
High Scoring Spam Actions = delete forward spam@extmail.org
3、配置postfix支持调用MailScanner
[root@mail ~]# vi /etc/postfix/main.cf
header_checks = regexp:/etc/postfix/header_checks
4、调整过滤队列目录,启动MailScanner服务
[root@mail ~]# vi /etc/postfix/header_checks
/^Received:/ HOLD
[root@mail ~]# cd /var/spool/MailScanner/
[root@mail MailScanner]# chown -R postfix.postfix incoming
[root@mail MailScanner]# chown -R postfix.postfix quarantine
[root@mail MailScanner]# service MailScanner start
5、安装 SpamAssassin 过滤器
从RHEL5光盘中查找安装即可,包括存在依赖关系的相关perl软件包
启动 spamassassin 服务
service spamassassin start
6、安装 F-Prot 病毒扫描工具
[root@www mail]# tar zxvf fp-Linux-i686-ws.tar.gz
[root@www mail]# cd f-prot/
[root@www f-prot]# ./install-f-prot.pl
7、按照书上给出的测试方法进行邮件内容过滤和防病毒机制的测试!
转载于:https://blog.51cto.com/ashly/994646
Linux服务器部署邮件服务器详细操作文档相关推荐
- 如何修改DynEd的学生记录服务器,DynEd教师管理端操作文档..docx
DynEd教师管理端操作文档. DynEd教师管理端Records Manager操作文档DynEd教学理念语言是一种技能传统的英语教学太过注重读写,而疏于听说能力的发展.学生花费了大量的时间来背单词 ...
- 用u盘重装微软官方win10专业版--详细操作文档
用u盘启动器 - 重装官方镜像 - win10专业版-iso(附激活) (一) [傻瓜式教程.小白也能装.简单易操作.文章嘎嘎香.跟着流程走,省时又省力] [第一重要的事情,重装系统前往要把重要数据另 ...
- 在LINUX中部署NIS服务器
在LINUX中部署NIS服务器 一.部署前的准备工作: 1.准备两台虚拟机,一台作server,一台作clint. 2.配好网卡,使用相同的网卡. 3.配好ip,ip必须在同一网段. ...
- 怎样在linux上部署web服务器
linux上部署web服务器 1.从Apache官网下载源码. 2.卸载原来已经存在的httpd. 3.挂载光盘准备部署httpd. 4.源码编译安装httpd, 解包 , 配置(--prefix:指 ...
- Linux安装部署FTP服务器
Linux安装部署FTP服务器 本文章会将安装FTP服务器的步骤以及一些遇到的问题来记录下 因为项目中要与第三方对接数据,需要用到FTP服务器以提供他们每天上传数据,因为之前在本地的VMware虚拟机 ...
- Linux下架设邮件服务器全攻略(二)
Linux下架设邮件服务器全攻略(二) (三)sendmail.cf难以配置,Sendmail的开发人员为sendmail的管理者提供了更加容易理解和配置的sendmail.mc文件. 一般情况下,要 ...
- 服务器部署邮件功能_真正连续部署的功能标志
服务器部署邮件功能 Even the best software development teams I work with struggle to solve the problem of comp ...
- 在Linux下安装邮件服务器Qmail(一)
在Linux下安装邮件服务器Qmail(一) 我还未测试,收藏 在Linux下安装邮件服务器Qmail 功能列表 SMTP服务器:SMTP-AUTH认证(Plain,Login,CRAM-MD5)TL ...
- Linux Centos7搭建邮件服务器
Linux Centos7搭建邮件服务器 基于sendmail和Dovecot 一.关闭防火墙和selinux systemctl stop firewalld setenctoce 0 二.下载se ...
最新文章
- 使用群集保障SQL Server 2005的高可用性(2)
- “小米造车”终于尘埃落定,网络营销下“造车时代”终将到来
- 原 iOS面试题收集
- Linux vi格式化文件命令
- SAP 电商云 Spartacus UI 的 slot,position 和 Component
- 调用系统相机和相册,并且裁剪成圆形图片(解决6.0,7.0,8.0版本问题)
- dynamodb容器使用_使用DynamoDBMapper插入DynamoDB项目
- 深入理解Java:注解(Annotation)
- 【华为云技术分享】HDC.Cloud|华为云Stack大咖说:如何实现微服务架构下的分布式事务
- endnote,出现试图越过其尾端对一个未命名的文件进行读写 错误
- 测试绝地求生显卡使用率软件,《绝地求生:大逃杀》全系主流显卡大型评测之显卡需求测试...
- 机器学习入门:Kaggle -titanic(泰坦尼克)生存预测
- 怕扫描王泄露数据?5分钟自建一个文档扫描器。——基于opencv
- html用bmob做留言,Bmob 之 简单使用
- java面试题汇总 java面试题集合 - 网络收集
- 微信小程序创建项目后无法显示内容
- 2020-10-1 //严蔚敏《数据结构》 //赫夫曼树及其应用:创建顺序赫夫曼树创建及得到赫夫曼编码
- php制作公司五章,圆形印章和椭圆形印章,正方形印章,圆角正方形印章,圆角框
- ffmpeg获取音频信息
- 知识图谱用于推荐系统问题(MKR,KTUP,KGAT)