postfix邮件系统完整版

邮件系统完整版redhat9+postfix+cyrus-sasl+mysql+postfixadmin+courier-imap+courier-maildrop+squirrelmail(courier-sqwebmailopenwebmail)+clamav+spamassassin+amavisd-new2005年5月5日加入CyrusSASLwithMySQLEncryptedPasswords2005年5月3日更新防病毒及防垃圾2005年4月12日加入mysql日志管理2005年4月10日至13日加入openwebmail2005年4月8日加入apache自启动脚本2004年10左右成稿1.mysql2.apache3.php4.cyrus-sasl5.postfix6.postfixadmin7.courier-authlib8.courier-imap9.courier-maildrop10.webmail10.1.sqwebmai10.2.squirrelmail10.3.openwebmail11.clamav12.spamassassin13.amavisd-new14.后记加一点说明15.附：启动脚本本文用到的软件MySQL4.1.11网站：下载APACHE2.0.54网站：下载PHP4.3.11网站：下载Cyrus-SASL2.1.20网站：/sasl下载Postfix2.2.3网站：下载PostfixAdmin2.1.0网站：下载Courier-authlib0.55网站：/authlib下载Courier-IMAP4.0.2网站：/imap下载Courier-maildrop1.8.0网站：/maildrop下载Courier-sqwebmail5.0.1网站：/sqwebmail下载SquirrelMail1.4.4网站：下载Openwebmail2.51网站：下载clamav0.84网站：下载Spamassassin3.0.3网站：下载amavisd-new2.3.0网站：http:/www.ijs.si/software/amavisd下载1.安装mysql4.1.11#groupaddmysql#useradd-gmysqlmysql#wget/get/Downloads/MySQL-4.1/mysql-4.1.11.tar.gz/from//#tar-zxvfmysql-4.1.11.tar.gz#cdmysql-4.1.11#./configure-prefix=/usr/local/mysql-with-charset=gbk#make#makeinstall#cpsupport-files/f/etc/f设置自启动#cpsupport-files/mysql.server/etc/rc.d/init.d/mysqld#chmod700/etc/rc.d/init.d/mysqld#chkconfig-addmysqld安装完以后要初始化数据库，要是升级安装的请跳过#cd/usr/local/mysql#/usr/local/mysql/bin/mysql_install_db-user=mysql#chown-Rroot.#chown-Rmysqlvar#chgrp-Rmysql.#/usr/local/mysql/bin/mysqld_safe-user=mysql&好了，至此mysql安装完毕，你可以这样起动你的mysql服务#/etc/rc.d/init.d/mysqldstart#ln-s/usr/local/mysql/bin/mysql/sbin/mysql#ln-s/usr/local/mysql/bin/mysqladmin/sbin/mysqladmin为了能让系统找到mysql，请运行如下命令#PATH=$PATH:/usr/local/mysql/bin#exportPATH#echo/usr/local/mysql/lib/mysql/etc/ld.so.conf#ldconfig日志管理开启错误日志（在safe_mysqld项下添加）#vi/etc/fsafe_mysqlderr-log=/var/log/mysqld/err.log开启常规日志和更新日志(在mysqld项下添加）#vi/etc/fmysqldlog=/var/log/mysqld/log.loglog-update=/var/log/mysqld/update.log创建日志文件并设置权限#mkdir/var/log/mysqld#touch/var/log/mysqld/err.log/var/log/mysqld/log.log/var/log/mysqld/update.log#chown-Rmysql.mysql/var/log/mysqld#servicemysqldrestart说明：错误日志包含了服务器写入标准错误输出设备的所有消息，同时还包括了mysql服务的启动和关闭事件常规日志用来记录有关mysql服务器运行的常规信息，包括用户的连接、查询及其他各种时间更新日志用来记录修改数据库的查询信息，包括所有涉及数据库修改的SQl语句的查询记录建议调试结束后关闭日志Gototop.2.安装apache2.0.54#wget/httpd/httpd-2.0.54.tar.bz2#tarjxvfhttpd-2.0.54.tar.bz2#cdhttpd-2.0.54#./configure-prefix=/usr/local/apache#make#makeinstall设置自启动#cpsupport/apachectl/etc/init.d/httpd修改/etc/init.d/httpd#vi/etc/init.d/httpd(在第两行之后添加如下内容)#!/bin/sh#StartupscriptfortheApacheWebServer#chkconfig:-8515#description:ApacheisaWorldWideWebserver.Itisusedtoserve#HTMLfilesandCGI.#processname:httpd#pidfile:/usr/local/apache/log/httpd.pid#config:/usr/local/apache/conf/httpd.conf#chkconfig-addhttpd#chmod755/etc/init.d/httpd#chkconfighttpdon创建网页根目录#mkdir/var/www#vi/usr/local/apache/conf/httpd.conf/存放网页的目录,原来为DocumentRoot，改成：DocumentRoot/var/www/这句应该和DocumentRoot的目录保持一致，原来为，改成：/Indexes：当在目录中找不到DirectoryIndex列表中指定的文件就生成当前目录的文件列表/FollowSymlinks：允许符号链接跟随，访问不在本目录下的文件OptionsIndexesFollowSymLinks/禁止读取.htaccess配置文件的内容AllowOverrideNone/指定先执行Allow（允许）访问规则，再执行Deny（拒绝）访问规则Orderallow,deny/设置Allow（允许）访问规则，允许所有连接Allowfromall启动服务：#/usr/local/apache/bin/apachectlstart或#servicehttpdstartGototop.3.安装php4.3.11#wget/get/php-4.3.11.tar.bz2/from//mirror#tar-jxvfphp-4.3.11.tar.bz2#cdphp-4.3.11#./configure-prefix=/usr/local/php-with-mysql=/usr/local/mysql-with-apxs2=/usr/local/apache/bin/apxs#make#makeinstall#cpphp.ini-dist/usr/local/php/lib/php.ini#vi/usr/local/php/lib/php.ini;default_charset=iso-8859-1在这行下面加一行default_charset=gbk#vi/usr/local/apache/conf/httpd.conf找到#AddTypeapplication/x-tar.tgz这行，在下面加两行。AddTypeapplication/x-httpd-php.phpAddTypeapplication/x-httpd-php-source.phps找到下面一行在后面加上index.php，这表示网站的默认页也能够为index.phpDirectoryIndexindex.htmlindex.html.varindex.php注意：改变了http.conf后，要重启apache服务器，否则不会生效！php常用配置max_execution_time=30;/改为600(增加处理脚本的时间限制)max_input_time=600;/最大输出时间600秒memory_limit=8M;/改为40M(这样才能发10M的附件)register_global=Onpost_max_size=2M;/php可接受的post方法大小2Mfile_uploads=On;/允许上载文件upload_max_filesize=2M;/最大上载文件2Msession.auto_start=1;/session自动启动Gototop.4.安装cyrus-sasl2.1.20如果系统安装已经，先卸载它，或使用下面方法关闭它#mv/usr/lib/sasl/usr/lib/sasl.OFF#mv/usr/lib/sasl2/usr/lib/sasl2.OFF编译安装cyrus-sasl2.1.20#wget/pub/cyrus-mail/cyrus-sasl-2.1.20.tar.gz#tarzxvfcyrus-sasl-2.1.20.tar.gz#cdcyrus-sasl-2.1.20#./configure-disable-anon-enable-plain-enable-login-enable-sql-with-mysql=/usr/local/mysql-with-mysql-includes=/usr/local/mysql/include/mysql-with-mysql-libs=/usr/local/mysql/lib/mysql#make#makeinstall为了让postfix能找到sasl，请运行如下命令：#echo/usr/local/lib/etc/ld.so.conf#ldconfig#ln-s/usr/local/lib/sasl2/usr/lib/sasl2cyrus-sasl的密码是不加密的，可以下载加密认证补丁#/lopaka/sysadmin/cyrus-sasl-mysql-encrypt/software-sources/patch-linux#patchlib/checkpw.cpatch-linux重新编译安装#LDFLAGS=-lcrypt./configure-disable-anon-enable-plain-enable-login-enable-sql-with-mysql=/usr/local/mysql-with-mysql-includes=/usr/local/mysql/include/mysql-with-mysql-libs=/usr/local/mysql/lib/mysql#make#makeinstallGototop.5.安装postfix2.2.3如果你的系统上原来有sendmail，先将其停止并将其文件改名：#/etc/init.d/sendmailstop#chkconfig-level0123456sendmailoff#mv/usr/bin/newaliases/usr/bin/newaliases.orig#mv/usr/bin/mailq/usr/bin/mailq.orig#mv/usr/sbin/sendmail/usr/sbin/sendmail.orig开始安装#groupadd-g12345postfix#useradd-u12345-g12345-cpostfix-d/dev/null-s/bin/falsepostfix#groupadd-g54321postdrop#wget/postfix/official/postfix-2.2.3.tar.gz#tar-zxvfpostfix-2.2.3.tar.gz#cdpostfix-2.2.3(BuildingPostfixwithSASLauthenticationandmysqlsupport)#make-fMakefile.initmakefilesCCARGS=-DHAS_MYSQL-I/usr/local/mysql/include/mysql-DUSE_SASL_AUTH-I/usr/local/include/saslAUXLIBS=-L/usr/local/mysql/lib/mysql-lmysqlclient-lz-lm-L/usr/local/lib-lsasl2#makeinstall如果/etc/aliases文件不存在，请用如下命令创建：#echopostfix:root/etc/aliases#/usr/bin/newaliases注意：本例中Mysql安装在/usr/lcoal/mysql，sasl2安装在/usr/lib/sasl2。如果安装路径不同，请自行修改编译时CCARGS和AUXLIBS选项。在执行makeinstall的时候可能会得到如下的提示(如果没有就不用管了)：/usr/libexec/ld-elf.so.1:Sharedobjectlibmysqlclient.so.12notfound这是因为mysql不是安装在默认目录中的，所以需要告诉postfix应该到哪里去找libmysqlclient.so.12，使用ldconfig就可以达到这个目的：#echo/usr/local/mysql/lib/mysql/etc/ld.so.conf#ldconfigGototop.6.安装postfixadmin2.1.0建立apache和maildrop的用户和组#groupaddvmail-g1001#useraddvmail-u1001-g1001-s/bin/false-d/dev/null#vi/usr/local/apache/conf/httpd.conf把UsernobodyGroup#-1改为UservmailGroupvmail#wget/postfixadmin/download.php?file=postfixadmin-2.1.0.tgz#tar-zxvfpostfixadmin-2.1.0.tgz#mvpostfixadmin-2.1.0/var/www/postfixadmin更改权限，假定运行apache的用户和组为vmail#chown-Rvmail:vmail/var/www/postfixadmin#cd/var/www/postfixadmin#chmod640*.php*.css#cd/var/www/postfixadmin/admin/#chmod640*.php.ht*#cd/var/www/postfixadmin/images/#chmod640*.gif*.png#cd/var/www/postfixadmin/languages/#chmod640*.lang#cd/var/www/postfixadmin/templates/#chmod640*.tpl#cd/var/www/postfixadmin/users/#chmod640*.php建立mysql表#cd/var/www/postfixadmin#mysql-uroot-pDATABASE_MYSQL.TXT#cpconfig.inc.php.sampleconfig.inc.php#viconfig.inc.php本例中的配置如下：/Languageconfig/Languagefilesarelocatedin./languages.$CONFdefault_language=cn;/DatabaseConfig/database_typeisforfuturereference.$CONFdatabase_type=mysql;$CONFdatabase_host=localhost;$CONFdatabase_user=postfixadmin;$CONFdatabase_password=postfixadmin;$CONFdatabase_name=postfix;/$CONFencrypt=md5crypt;$CONFencrypt=cleartext;/Mailboxes/IfyouwanttostorethemailboxesperdomainsetthistoYES./Example:/usr/local/virtual/domain.tld/usernamedomain.tld$CONFdomain_path=YES;/IfyoudontwanttohavethedomaininyourmailboxsetthistoNO./Example:/usr/local/virtual/domain.tld/username$CONFdomain_in_mailbox=NO;/Quota/WhenyouwanttoenforcequotaforyourmailboxuserssetthistoYES.$CONFquota=YES;/Youcaneitheruse1024000or1048576$CONFquota_multiplier=1024000;我们在这里使用明文口令方式，如果想使用密文，请把$CONFencrypt=cleartext;改成$CONFencrypt=md5crypt;邮箱的存储格式使用domain.ltd/username的形式，所以设置：$CONFdomain_path=YES;$CONFdomain_in_mailbox=NO;然后打开浏览器，进入postfixadmin的欢迎界面，点击网页上的setup，看看检查是否通过，记得要删除setup.php文件。然后进入/postfixadmin/admin/index.php，就可以新建域名、管理员以及邮箱了。Gototop.#vi/etc/postfix/main.cf#=BASE=#主机名称(用FQDN的方式来写)myhostname=#domain名称mydomain=#邮件标头上面的mailfrom的那个地址myorigin=$mydomain#可用来收件的主机名称（这里没有使用$mydomain是因为我们将使用virtualhost）mydestination=$myhostnamelocalhostlocalhost.$mydomain#允许不使用smtp发信认证的网段mynetworks=/8inet_interfaces=all#使用的邮箱格式#home_mailbox=Maildir/#mailbox_transport=maildrop#=VritualMailboxsettings=#指定用户邮箱所在的根目录virtual_mailbox_base=/var/mailbox/#指定postfix如何去检索邮件用户,这里是采用mysql(用户邮箱的目录)virtual_mailbox_maps=mysql:/etc/postfix/mysql/mysql_virtual_mailbox_maps.cfvirtual_mailbox_domains=mysql:/etc/postfix/mysql/mysql_virtual_domains_maps.cfvirtual_alias_domains=virtual_alias_maps=mysql:/etc/postfix/mysql/mysql_virtual_alias_maps.cf#邮件账号的uid,使用apache的运行用户virtual_uid_maps=static:1001virtual_gid_maps=static:1001#virtual_uid_maps=mysql:/etc/postfix/mysql/mysql-virtual_uid_maps.cf#virtual_gid_maps=mysql:/etc/postfix/mysql/mysql-virtual_gid_maps.cf#usethisforvirtualdelivery（如果没有安装maildrop，则此处为virtual）#virtual_transport=virtual#usethisformaildrop-delivery（如果有maildrop，则此处为maildrop）virtual_transport=maildrop#Maildrop-Optionsforusagewithmaildropmaildrop_destination_recipient_limit=1maildrop_destination_concurrency_limit=1#/var/mailbox/最后的/字符不能省略#所有的MySQL查询配置文件统一存放在/etc/postfix/mysql中#=QUOTA=#每封信的最大大小(10M),postfix的默认值是10M,但这指的是邮件正文和编码后附件的总和,经过#base64编码,附件的大小会增加35%左右,因此这里设定可接受邮件的大小为14Mmessage_size_limit=14336000#邮箱的默认大小(10M)virtual_mailbox_limit=20971520virtual_create_maildirsize=yesvirtual_mailbox_extended=yes#指定postfix如何获得用户的quota信息(每个用户的邮箱大小)virtual_mailbox_limit_maps=mysql:/etc/postfix/mysql_virtual_mailbox_limit_maps.cf#是否允许覆盖默认邮箱的大小virtual_mailbox_limit_override=yesvirtual_maildir_limit_message=Sorry,theusersmaildirhasoverdrawnhisdiskspacequota,pleasetryagainlater.virtual_overquota_bounce=yes#=SASL=broken_sasl_auth_clients=yes#Inordertoallowmailrelayingbyauthenticatedclientssmtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject_invalid_hostname,reject_non_fqdn_hostname,reject_unknown_sender_domain,reject_non_fqdn_sender,reject_non_fqdn_recipient,reject_unknown_recipient_domain,reject_unauth_pipelining,reject_unauth_destination,permitsmtpd_sasl_auth_enable=yessmtpd_sasl_local_domain=$myhostnamesmtpd_sasl_security_options=noanonymoussmtpd_sasl_application_name=smtpdsmtpd_banner=$myhostnameESMTPVersionnotAvailableGototop.建立/var/mailbox并设置权限#mkdir/var/mailbox#chown-Rvmail:vmail/var/mailbox#chmod-Rug+rwx,o-rwx/var/mailbox建立/etc/postfix/mysql文件夹和MySQL查询配置文件#mkdir/etc/postfix/mysql1、vi/etc/postfix/mysql/mysql_virtual_alias_maps.cfuser=postfixpassword=postfixhosts=localhostdbname=postfixtable=aliasselect_field=gotowhere_field=address2、vi/etc/postfix/mysql/mysql_virtual_domains_maps.cfuser=postfixpassword=postfixhosts=localhostdbname=postfixtable=domainselect_field=descriptionwhere_field=domain#additional_conditions=andbackupmx=0andactive=13、vi/etc/postfix/mysql/mysql_virtual_mailbox_maps.cfuser=postfixpassword=postfixhosts=localhostdbname=postfixtable=mailboxselect_field=maildirwhere_field=username#additional_conditions=andactive=14、vi/etc/postfix/mysql/mysql_virtual_mailbox_limit_maps.cfuser=postfixpassword=postfixhosts=localhostdbname=postfixtable=mailboxselect_field=quotawhere_field=username#additional_conditions=andactive=1Gototop.配置/usr/local/lib/sasl2/smtpd.conf#vi/usr/local/lib/sasl2/smtpd.confpwcheck_method:auxpropauxprop_plugin:sqlmech_list:plainloginsql_engine:mysqlsql_hostnames:localhostsql_user:postfixsql_passwd:postfixsql_database:postfixsql_select:SELECTpasswordFROMmailboxWHEREusername=%u%randdomain=%randactive=1启动postfix#postfixstart测试smtp#telnetlocalhost25Trying.Connectedtolocalhost.EESMTPVersionnotA250-PIPELINING250-SIZE10240000250-VRFY250-ETRN250-AUTHLOGINPLAIN250-AUTH=LOGINPLAIN2508BITMIMEGototop.7.安装Courier-authlib0.55新版本的imap不再包含authenticationlibrary，必须先安装Courierauthenticationlibrary#wget/beta/courier-authlib/courier-authlib-0.55.20050407.tar.bz2#tar-jxvfcourier-authlib-0.55.20050407.tar.bz2#cdcourier-authlib-0.55.20050407#./configure-with-redhat-with-authmysql=yes-with-mailuser=vmail-with-mailgroup=vmail-with-mysql-libs=/usr/local/mysql/lib/mysql-with-mysql-includes=/usr/local/mysql/include/mysql/#make#makeinstall#makeinstall-configure#vi/usr/local/etc/authlib/authdaemonrc（确保只使用mysql认证模块）authmodulelist=authmysqlauthmodulelistorig=authmysql#vi/usr/local/etc/authlib/authmysqlrcMYSQL_SERVERlocalhostMYSQL_SOCKET/tmp/mysql.sockMYSQL_DATABASEpostfixMYSQL_USERNAMEpostfixMYSQL_PASSWORDpostfixMYSQL_USER_TABLEmailboxMYSQL_LOGIN_FIELDusername#MYSQL_CRYPT_PWFIELDpasswordMYSQL_CLEAR_PWFIELDpasswordMYSQL_UID_FIELD1001MYSQL_GID_FIELD1001MYSQL_HOME_FIELD/var/mailbox/MYSQL_MAILDIR_FIELDmaildirMYSQL_NAME_FIELDnameMYSQL_QUOTA_FIELDquotaMYSQL_WHERE_CLAUSEactive=1DEFAULT_DOMAIN注意：确认在这个文件中不能用空格键，只能用tab键。确认只使用单引号，比如：/var/mailbox/,UID,GID（本文为1001）localhost不能用单引号确认你的/etc/hosts文件中有localhost编译时如果支持Ipv6可能导致错误MYSQL_GID_FIELD和MYSQL_UID_FIELD是maildrop的UID和GID，而不是MySQL的。如果想使用md5密码，把MYSQL_CLEAR_PWFIELDpassword改成MYSQL_CRYPT_PWFIELDpassword启动服务要是想让imap开机就启动服务：#cpcourier-authlib.sysvinit/etc/rc.d/init.d/courier-authlib#chmod755/etc/rc.d/init.d/courier-authlib#chkconfig-level0123456courier-authlibon手动启动服务：#authdaemondstart测试courier-authlib检查进程：#pstree|grepauthdaemond|-authdaemond.mys-5*authdaemond.mysGototop.8.安装Courier-imap4.0.2#wget/beta/imap/courier-imap-0050403.tar.bz2#tar-jxvfcourier-imap-0050403.tar.bz2#cdcourier-imap-0050403#./configure-prefix=/usr/local/imap-with-redhat-disable-root-check-enable-unicode=utf-8,iso-8859-1,gb2312,gbk,gb18030-with-trashquota-with-dirsync#make#makeinstall-strip（先install-strip，如果失败，再makeinstall）#makeinstall-configure#vi/usr/local/imap/etc/pop3d将POP3DSTART=NO改为POP3DSTART=YES#vi/usr/local/imap/etc/imapd将IMAPDSTART=NO改为IMAPDSTART=YES让imap自启动：#cpcourier-imap.sysvinit/etc/rc.d/init.d/courier-imap#chmod755/etc/rc.d/init.d/courier-imap#chkconfig-level0123456courier-imapon手动启动服务：#/usr/local/imap/libexec/pop3d.rcstart#/usr/local/imap/libexec/imapd.rcstart测试courier-imap检查进程：#pstree|grepcourier|-2*courierlogger|-2*couriertcpd检查端口，应该有如下端口打开：#netstat-an|grepLISTENtcp00:1:*LISTENtc