我的POSTFIX安装笔记

12/3/2006来源:Qmail人气:11043

本文参照http://mail.toping.net/doc/freebsd_postfix_405.htm这个修改一小部分而来的
首先先得安装APACHE MySQL 等内容,这些请参照原版安装说明!

1.6 通过phpMyadmin设置数据库

建立postfix数据库(注意:数据库名称为postfix):
进入PHPMYADMIN


建立 postfix 数据库

在左边点postfix,进入postfix数据库,在右边sql里输入下面的代码:

CREATE TABLE domaininfo (

domain_id int(5) NOT NULL auto_increment,

domain varchar(25) NOT NULL default '',

alias varchar(30) default NULL,

passwd varchar(35) NOT NULL default '',

usernum int(5) NOT NULL default '0',

quota int(11) NOT NULL default '0',

des varchar(30) default NULL,

expire date NOT NULL default '0000-00-00',

active tinyint(1) NOT NULL default '1',

create_time datetime default NULL,

PRIMARY KEY (domain_id),

UNIQUE KEY domain (domain),

KEY domain_id (domain_id)

) TYPE=MyISAM COMMENT='domain information';


INSERT INTO domaininfo VALUES (1,'admin',NULL,'$1$.j3.t12.$I7MGf7ZD2HrWwUWQF88Mg1',0,0,'Super Admin','0000-00-00',1,'0000-00-00 00:00:00');

CREATE TABLE userinfo (
id int(11) NOT NULL auto_increment,
userid varchar(20) NOT NULL default '',
domain_id int(5) NOT NULL default '0',
address varchar(50) NOT NULL default '',
alias varchar(60) default NULL,
passwd varchar(35) NOT NULL default '',
realname varchar(20) default NULL,
quota int(11) NOT NULL default '0',
active tinyint(1) NOT NULL default '0',
homedir varchar(60) NOT NULL default '',
maildir varchar(60) NOT NULL default '',
create_time datetime NOT NULL default '0000-00-00 00:00:00',
`fax` varchar(20) NOT NULL default '',
`telephone` varchar(15) NOT NULL default '',
`sex` int(1) NOT NULL default '0',
`year` int(4) NOT NULL default '0',
`MONTH` int(2) NOT NULL default '0',
`DAY` int(2) NOT NULL default '0',
`education` varchar(4) NOT NULL default '',
`marital` int(1) NOT NULL default '0',
`occupation` varchar(15) NOT NULL default '',
`companyname` varchar(30) NOT NULL default '',
`province` varchar(6) NOT NULL default '',
PRIMARY KEY (id),
UNIQUE KEY address (address)
) TYPE=InnoDB COMMENT='User Information';

在左边点mysql,进放mysql数据库,在右边sql里输入(在输入前先把下面代码里"密码"的密码换你自己的密码并记住,后面有用)

INSERT INTO user (host,user,passWord) VALUES('localhost','postfix','');
update user set password=password('密码') where User='postfix';
GRANT ALL ON postfix.* TO [email protected] IDENTIFIED BY "postfix";

至此,postfix数据库设置完成
以前装过webmail或qmail之类的朋友请先执行下面这一步,否则imap可能安装出错。没有安装过的,请跳过此步直接进入courier-imap安装
cd /usr/ports/security/courier-authlib
make deinstall

1.7 安装Courier-imap
mail# cd /usr/ports/mail/courier-imap
mail# make WITHOUT_OPENSSL=yes WITH_MYSQL=yes install clean
我的选择:

在/etc/rc.conf中加入:


courier_authdaemond_enable="YES"
courier_imap_pop3d_enable="YES"
courier_imap_imapd_enable="YES"




mail# /usr/local/etc/rc.d/courier-authdaemond.sh start



此时会在/var/run/authdaemond/下产生socket

mail# cd /usr/local/etc/courier-imap
mail# cp imapd.cnf.dist imapd.cnf
mail# cp pop3d.cnf.dist pop3d.cnf

1.8 安装 postfix 和 cyrus-sasl

mail# cd /usr/ports/security/cyrus-sasl2

mail# make WITH_AUTHDAEMON=yes install clean



创建/usr/local/lib/sasl2/smtpd.conf
内容如下:
pwcheck_method: authdaemond
log_level: 3
mech_list: PLAIN LOGIN
authdaemond_path:/var/run/authdaemond/socket

至此,认证部分基本完成。
mail# cd /usr/ports/mail/postfix
mail# make install clean
我的选择:


回答下面的两问题:

You need user "postfix" added to group "mail".

Would you like me to add it [y]? y



Would you like to activate Postfix in /etc/mail/mailer.conf [n]? n

在/etc/rc.conf中加入:


 




sendmail_enable="YES"
sendmail_flags="-bd"
sendmail_pidfile="/var/spool/postfix/pid/master.pid"
sendmail_procname="/usr/local/libexec/postfix/master"
sendmail_outbound_enable="NO"
sendmail_submit_enable="NO"
sendmail_msp_queue_enable="NO"



mail# cd /usr/local/etc/rc.d

mail# ln -s /usr/local/sbin/postfix postfix.sh
mail# ln -s /usr/local/sbin/sendmail /usr/sbin/sendmail #如果/usr/sbin/sendmail存在就删了再做上链接
mail# echo 'postfix: root' >> /etc/aliases 中间的空格用"tab"实现
mail# /usr/local/bin/newaliases
mail# chown postfix:postfix /etc/opiekeys


1.9 安装expect
用于Web客户端建立邮件用户
mail# cd /usr/ports/lang/expect
mail# make install clean

Chapter 2. 配置邮件服务器

本节主要讲述各种服务的参数配置。

2.1 配置rc.conf,编辑/etc/rc.conf, 
检查一下是否有以下内容:


mysql_enable="YES"
apache2_enable="YES"
courier_authdaemond_enable="YES"
courier_imap_pop3d_enable="YES"
courier_imap_imapd_enable="YES"
sendmail_enable="YES"
sendmail_flags="-bd"
sendmail_pidfile="/var/spool/postfix/pid/master.pid"
sendmail_procname="/usr/local/libexec/postfix/master"
sendmail_outbound_enable="NO"
sendmail_submit_enable="NO"
sendmail_msp_queue_enable="NO"




2.2 配置postfix 和 cyrus-sasl
(1)创建/etc/periodic.conf
ee /etc/periodic.conf

daily_clean_hoststat_enable="NO"
daily_status_mail_rejects_enable="NO"
daily_status_include_submit_mailq="NO"
daily_submit_queuerun="NO"

(2)修改/usr/local/etc/postfix/main.cf,在文件最后加入以下内容
mail# ee /usr/local/etc/postfix/main.cf

 

smtpd_helo_required = yes
strict_rfc821_envelopes = yes
smtpd_etrn_restrictions = permit_mynetworks, reject
#=====================BASE=====================
myhostname = mail.pc51.net //换成你自己的域名
mydomain = pc51.net //换成你自己的域名
mydestination = $myhostname
local_recipient_maps =
command_directory = /usr/local/sbin
local_transport = virtual
#=====================MySQL=====================
virtual_alias_maps = mysql:/usr/local/etc/postfix/mysql_virtual_alias_maps.cf
virtual_gid_maps = static:125
virtual_mailbox_base = /
virtual_mailbox_domains = mysql:/usr/local/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_limit = 51200000
virtual_mailbox_maps = mysql:/usr/local/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_minimum_uid = 125
virtual_transport = virtual
virtual_uid_maps = static:125
#=====================Quota=====================
virtual_create_maildirsize = yes
virtual_mailbox_extended = yes
virtual_mailbox_limit_maps = mysql:/usr/local/etc/postfix/mysql_virtual_mailbox_limit_maps.cf
virtual_mailbox_limit_override = yes
virtual_maildir_limit_message = Sorry, the user's maildir has overdrawn his diskspace quota, please try again later.
virtual_overquota_bounce = yes
#====================SASL=====================
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_sasl_authenticated permit_auth_destination reject
smtpd_client_restrictions = permit_sasl_authenticated


(3)确认/usr/local/etc/postfix/master.cf的配置有如下内容

 

virtual unix - n n - - virtual


(4)编辑/usr/local/etc/postfix/mysql_virtual_alias_maps.cf
mail# ee /usr/local/etc/postfix/mysql_virtual_alias_maps.cf

 

user = postfix
password = 换成上面数据库里的密码
hosts = localhost
dbname = postfix
query = SELECT alias FROM userinfo WHERE address='%s' AND active=1

(5)编辑/usr/local/etc/postfix/mysql_virtual_domains_maps.cf
mail# ee /usr/local/etc/postfix/mysql_virtual_domains_maps.cf


user = postfix
password = 换成上面数据库里的密码
hosts = localhost
dbname = postfix
query = SELECT domain FROM domaininfo WHERE domain='%s'


(6)编辑/usr/local/etc/postfix/mysql_virtual_mailbox_maps.cf
mail# ee /usr/local/etc/postfix/mysql_virtual_mailbox_maps.cf


user = postfix
password = 换成上面数据库里的密码
hosts = localhost
dbname = postfix
query = SELECT maildir FROM userinfo WHERE address='%s' AND active=1

(7)编辑/usr/local/etc/postfix/mysql_virtual_mailbox_limit_maps.cf

mail# ee /usr/local/etc/postfix/mysql_virtual_mailbox_limit_maps.cf

 

user = postfix
password = 换成上面数据库里的密码
hosts = localhost
dbname = postfix
query = SELECT quota FROM userinfo WHERE username='%s'

2.3 配置Courier-imap
(1)修改Courier相关设置,/usr/local/etc/courier-imap/imapd:


IMAP_CAPABILITY="IMAP4rev1 CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT AUTH=CRAM-md5 AUTH=CRAM-SHA1 IDLE"


(2)修改/usr/local/etc/courier-imap/pop3d

 

POP3AUTH="LOGIN CRAM-MD5 CRAM-SHA1"


(3)编辑修改/usr/local/etc/authlib/authmysqlrc

mail# mv /usr/local/etc/authlib/authmysqlrc /usr/local/etc/auhtlib/authmysqlrc_bak
mail# ee /usr/local/etc/authlib/authmysqlrc



MYSQL_SERVER localhost
MYSQL_USERNAME postfix
MYSQL_PASSWORD 换成上面数据库里的密码
MYSQL_PORT 0
MYSQL_OPT 0
MYSQL_DATABASE postfix
MYSQL_USER_TABLE userinfo
MYSQL_CRYPT_PWFIELD passwd
MYSQL_UID_FIELD '125'
MYSQL_GID_FIELD '125'
MYSQL_LOGIN_FIELD address
MYSQL_HOME_FIELD homedir
MYSQL_NAME_FIELD realname
MYSQL_MAILDIR_FIELD maildir
MYSQL_QUOTA_FIELD quota

(4)编辑/usr/local/etc/authlib/authdaemonrc
mail# mv /usr/local/etc/authlib/authdaemonrc /usr/local/etc/authlib/authdaemonrc_bak
mail# ee /usr/local/etc/authlib/authdaemonrc



authmodulelist="authmysql"
authmodulelistorig="authmysql"
version=“authdaemond.mysql”
daemons=5
authdaemonvar=/var/run/authdaemond
subsystem=mail
DEBUG_LOGIN=0
DEFAULTOPTIONS="wbnodsn=1"

重启服务器
Chapter 3.  手动设置第一个用户并测试


本章介绍如何开通用户,并且测试系统是否正常。(可以在phpmyadmin里操作,具体方法参照上面的)



Mail# mysql



mysql> use postfix;



mysql> show tables;


+-------------------+
| Tables_in_postfix |
+-------------------+
| address |
| admin |
| card |
| domaininfo |
| lastauth |
| logs |
| message |
| personal |
| scheduler |
| stow |
| userinfo |
| vpopmail |
+-------------------+
12 rows in set (0.00 sec)

增加域名和管理员



mysql> desc domaininfo;

+-------------+-------------+------+-----+------------+----------------+

| Field | Type | Null | Key | Default | Extra |

+-------------+-------------+------+-----+------------+----------------+

| domain_id | int(5) | | PRI | NULL | auto_increment |

| domain | varchar(25) | | UNI | | |

| alias | varchar(30) | YES | | NULL | |

| passwd | varchar(35) | | | | |

| usernum | int(5) | | | 0 | |

| quota | int(11) | | | 0 | |

| des | varchar(30) | YES | | NULL | |

| expire | date | | | 0000-00-00 | |

| active | tinyint(1) | | | 1 | |

| create_time | datetime | YES | | NULL | |

+-------------+-------------+------+-----+------------+----------------+

10 rows in set (0.00 sec)




INSERT INTO `domaininfo` VALUES (7, \'pc51.net\', NULL, encrypt(\'whsong\'), 50, 500, NULL, \'0000-00-00\', 1, \'2005-04-19 23:19:11\');
Query OK, 1 row affected (0.00 sec)

INSERT INTO `userinfo` VALUES (8, \'webmaster\', 7, \'
[email protected]\', NULL,encrypt(\'000000\'), \'webmaster\', 209715200, 1, \'/var/mail/pc51.net/webmaster/\', \'/var/mail/pc51.net/webmaster/Maildir/\', \'2005-04-20 23:45:17\', \'\', \'\', 0, 0, 0, 0, \'\', 0, \'\', \'\', \'\');

mysql>quit



设置用户的目录与权限:

Mail# mkdir -p /var/mail/pc51.net/webmaster

Mail# /usr/local/bin/maildirmake /var/mail/pc51.net/webmaster/Maildir



Mail# chmod -R 777 /var/mail/pc51.net/

Mail# chown -R postfix:postfix /var/mail/pc51.net

至此用户设置完毕,这里只使用一个域名,同理可以设置多个域名

Chapter 4.安装postfix管理工具(省略)

4.2 用户登录测试

用户登录测试

安装p5-MIME-Base64

mail# cd /usr/ports/converters/p5-MIME-Base64/

mail# make install clean

通过p5-MIME-Base64来取得用户名和密码的base64编码

mail# perl -MMIME::Base64 -e \'print encode_base64(\"webmaster\\@pc51.net\");\'

d2VibWFzdGVyQHBjNTEubmV0

mail# perl -MMIME::Base64 -e \'print encode_base64(\"000000\");\'

MDAwMDAw

这步可用Foxmail来测试

Chapter 5. 防病毒与防垃圾邮件

本章介绍病毒与垃圾邮件的防范。
5.1 安装Clamav

mail# cd /usr/ports/security/clamav



mail# make install clean

我的选择:



重启服务器

测试

mail# clamscan -r -i /usr/local/www/data

----------- SCAN SUMMARY -----------

Known viruses: 32358

Scanned directories: 47

Scanned files: 866

Infected files: 0

Data scanned: 10.32 MB

I/O buffer size: 131072 bytes

Time: 41.750 sec (0 m 41 s)

升级病毒库

mail# freshclam

ClamAV update process started at Fri May 6 00:12:24 2005

WARNING: Your ClamAV installation is OUTDATED - please update immediately!

WARNING: Local version: 0.83 Recommended version: 0.84

Downloading main.cvd


  • main.cvd updated (version: 31, sigs: 33079, f-level: 4, builder: tkojm)

    Downloading daily.cvd


  • daily.cvd updated (version: 871, sigs: 1178, f-level: 4, builder: ccordes)

    Database updated (34257 signatures) from database.clamav.net (IP: 61.8.0.16)

    Clamd successfully notified about the update.


    5.2 安装MailScanner

    mail# cd /usr/ports/mail/mailscanner

    mail# make install
    第一次执行安装因此需执行make initial-config以建立基本配置文件

    mail# make initial-config

    mail# make clean

    5.3 安装SpamAssassin

    mail# cd /usr/ports/mail/p5-Mail-SpamAssassin

    mail# make install clean

    5.4修改Postfix设定档main.cf

    mail# ee /usr/local/etc/postfix/main.cf

    #header_checks = regexp:/usr/local/etc/postfix/header_checks //默认值

    header_checks = regexp:/usr/local/etc/postfix/header_checks //把注释去掉



    mail# ee /usr/local/etc/postfix/header_checks

    /^Received:/ HOLD //新加入

    5.5修改mailscanner.conf

    mail# ee /usr/local/etc/MailScanner/MailScanner.conf

    #Run As User = //默认值
    Run As User = postfix //修改后
    #Run As Group = //默认值
    Run As Group = postfix //修改后
    #Incoming Queue Dir = /var/spool/mqueue.in //默认值
    Incoming Queue Dir = /var/spool/postfix/hold //修改后
    #Outgoing Queue Dir = /var/spool/mqueue //默认值
    Outgoing Queue Dir = /var/spool/postfix/incoming //修改后
    #MTA = sendmail //默认值
    MTA = postfix //修改后
    #Virus Scanners = none //默认值
    Virus Scanners = clamav //修改后
    #Use SpamAssassin = no //默认值
    Use SpamAssassin = yes //修改后

    5.6新增MailScanner所要用到的资料夹

    mkdir /var/spool/MailScanner
    mkdir /var/spool/MailScanner/incoming
    mkdir /var/spool/MailScanner/quarantine
    chown postfix:postfix /var/spool/MailScanner/incoming
    chown postfix:postfix /var/spool/MailScanner/quarantine
    touch /usr/local/etc/MailScanner/rules/bounce.rules //新建一个空白文件,要不然会出错。
    chmod -R 777 /var/spool/postfix
    cp /usr/local/etc/MailScanner/mcp/10_example.cf.sample /usr/local/etc/MailScanner/mcp/10_example.cf
    cp /usr/local/etc/MailScanner/mcp/mcp.spam.assassin.prefs.conf.sample /usr/local/etc/MailScanner/mcp/mcp.spam.assassin.prefs.conf


    重起系统

    测试病毒过滤:

    mail# telnet localhost 25
    Trying ::1...
    telnet: connect to address ::1: Connection refused
    Trying 127.0.0.1...
    Connected to localhost.
    Escape character is \'^]\'.
    220 mail.toping.net ESMTP Postfix
    mail from:[email protected]
    250 Ok
    rcpt to:[email protected]
    250 Ok
    data
    354 End data with .
    Subject:Virus test

    X5O!P%@AP[4\\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*

    .

    250 Ok: queued as F0C221CC20 //出现F0C221CC20这行表示mailscanner运行成功了
    quit
    221 Bye
    Connection closed by foreign host.

    5.7把病毒提示信息改为中文

    预设系统提示信息为英文,可以下载我修改的中文包。
    http://mail.toping.net/mailscanner/cn.rar
    cd /usr/local/share/MailScanner/reports
    fetch http://mail.toping.net/mailscanner/cn.rar
    rar x cn.rar
    rm cn.rar
    然后编辑 MailScanner.conf
    ee /usr/local/etc/MailScanner/MailScanner.conf
    加入下面的内容

    #%report-dir% = /usr/local/share/MailScanner/reports/en //默认值(加载英文)
    %report-dir% = /usr/local/share/MailScanner/reports/cn //修改后为读取中文

     

    5.8.安装APF防垃圾邮件

    http://apf.org.cn

    http://mail.toping.net/apf/apf.rar
    下载最新的APF包解压到/usr/local/etc/postfix目录。 解包过程参照上面的

    这时/usr/local/etc/postfix目录里边有一个apf-posftix.pl的文件

    修改/usr/local/etc/postfix/master.cf

    mail# ee /usr/local/etc/postfix/master.cf

    加入:

    apf unix - n n - - spawn
    user=nobody argv=/usr/bin/perl /usr/local/etc/postfix/apf-postfix.pl



    修改/usr/local/etc/postfix/main.cf


    mail# ee /usr/local/etc/postfix/main.cf
    把下面一行注释掉
    #smtpd_recipient_restrictions = permit_sasl_authenticated permit_auth_destination reject

    加入下面一行到上面注释掉那一行的下边

    smtpd_recipient_restrictions = reject_non_fqdn_sender permit_sasl_authenticated permit_mynetworks reject_unauth_destination check_policy_service unix:private/apf reject_unknown_recipient_domain

    增加黑白名单:
    1、IP黑名单:
    ip_black_list.txt
    2、IP白名单
    ip_white_list.txt
    3、域名黑名单
    dn_black_list.txt
    4、域名白名单
    dn_white_list.txt


    Chapter 6. 安装webmail

    如何使用本人修改的iGENUS for Postfix 2.01
    [下载]

    http://mail.toping.net/igenus/igenus_for_postfix_2.01.rar

    webmail使用igenus,版本是iGENUS for Postfix 2.01

    建议下载本人修改的iGENUS for Postfix 2.01

    安装方法参考论坛:

    http://www.toping.net/viewthread.php?tid=174%26amp;fpage=1



    安装autorespond。

    mail# cd /usr/ports/mail/autorespond

    mail# make install clean



    修改/usr/local/etc/apache/httpd.conf

    Group www、User www修改为: Group postfix、User postfix



    mail# cd /usr/local/www/data

    mail# chown -R postfix:postfix phpMyAdmin



    mail# cd /usr/local/etc

    mail# cp php.ini-dist php.ini



    修改/usr/local/etc/php.ini

    register_globals = On

    max_execution_time = 30 //改为60 (增加处理脚本的时间限制)

    memory_limit = 8M //改为40M (这样才能发10M的附件)

    post_max_size = 8M //改为10M

    upload_max_filesize = 2M //改为10M



    重启apache

    mail# /usr/local/etc/rc.d/apache2.sh restart

    至此安装完毕
    输入网址http://mail.pc51.net就可以使用WEBMAIL了:)