RHEL5上安装邮件系统Postfix+CyrusSASL+dovecot
PiOsnoae
|
1#
PiOsnoae 发表于 2007-06-21 00:30
RHEL5上安装邮件系统Postfix+CyrusSASL+dovecot
默认方式安装RHEL5,不选中任何类型服务器(如WEB服务器,开发服务器,虚拟服务器等)
安装postfix [root@rhel5 ~]# /etc/rc.d/init.d/sendmail stop 关闭 sm-client: [确定] 关闭 sendmail: [确定] [root@rhel5 ~]# chkconfig sendmail off [root@rhel5 Server]# rpm -ivh postfix-2.3.3-2.i386.rpm [root@rhel5 Server]# vi /etc/postfix/main.cf myhostname = mail.mailidc.cn #设置运行postfix服务的邮件主机的主机名、域名 mydomain = mailidc.cn myorigin = $mydomain #设置由本机寄出的邮件所使用的域名或主机名称 inet_interfaces = all #设置postfix服务监听的网络接口 mydestination = $myhostname, $mydomain, localhost.$mydomain, localhost #设置可接收邮件的主机名称或域名 mynetworks = 127.0.0.1 #设置可转发哪些网络的邮件 relay_domains = $mydestination #设置可转发哪些网域的邮件 保存文件。 检查postfix的配置: [root@rhel5 Server]# postconf –n [root@rhel5 ~]# chkconfig postfix on 將postfix加入到root的组: # usermod -G root postfix SMTP认证的配置 安装cyrus-sasl 1、确认cyrus-sasl是否安装了 [root@rhel5 Server]# rpm -qa|grep cyrus cyrus-sasl-plain-2.1.22-4 cyrus-sasl-lib-2.1.22-4 cyrus-sasl-2.1.22-4 Cyrus-SASL V2的密码验证机制 [root@rhel5 ~]# saslauthd -v saslauthd 2.1.22 authentication mechanisms: getpwent kerberos5 pam rimap shadow ldap 我们准备用的是shadow的密码验证机制。 vi /etc/sysconfig/saslauthd MECH=shadow 启动sasl的daemon并测试: # service saslauthd start # /usr/sbin/testsaslauthd -u 帐号 -p '密码' 0: OK "Success." =>帐号验证成功了 [root@rhel5 ~]# chkconfig saslauthd on 设置postfix启用SMTP认证 [root@rhel5 Server]# vi /etc/postfix/main.cf smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain= '' smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated, reject_unauth_destination broken_sasl_auth_clients = yes smtpd_client_restrictions = permit_sasl_authenticated smtpd_sasl_security_options = noanonymous wq!保存 此外,由于当postfix要使用SMTP认证时,会读取/usr/lib/sasl2/smtpd.conf文件的内容以确定所采用的认证方式,所以必须保证/usr/lib/sasl2/smtpd.conf文件的内容是: pwcheck_method: saslauthd 安装设定dovecot(imap、pop3): 1、确认dovecot是否有安装: [root@rhel5 ~]# rpm -qa|grep dovecot dovecot-1.0-1.2.rc15.el5 2、设定用pop3来收取信件: #vi /etc/dovecot.conf protocols = pop3 # imap imaps pop3 pop3s 支持的功能 3、启动并测试: #service dovecot start # telnet localhost 110 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. +OK dovecot ready. user 账号 +OK pass 密码 +OK Logged in. [root@rhel5 ~]# chkconfig dovecot on 到这里postfix、Cyrus SASL、dovecot就可以正常工作了。 让postfix支持MailScanner、spamassassin、f-prot A、安装 F-PROT (F-PROT Antivirus for Linux) 从http://files.f-prot.com/files/linux-x86/fp-linux-ws.rpm下载 f-prot [root@rhel5 ~]# rpm -ivh fp-linux-ws.rpm B、安装MailScanner 下载http://www.mailscanner.info/file ... 4.60.8-1.rpm.tar.gz 版本.rpm.tar.gz (这里可能会少些perl的套件,出现错误讯息!请照着错误讯息要的rpm装完即可!) # tar zxvf MailScanner-4.60.8-1.rpm.tar.gz # cd MailScanner-4.60.8-1 # ./install.sh C、安装spamassassin 1、确认spamassassin是否有安装: # rpm -qa |grep spam 如没有安装就安装该包 [root@rhel5 Server]# rpm -ivh spamassassin-3.1.7-4.el5.i386.rpm 2建立Mailscanner支持spamassassin所需的目录: # mkdir /var/spool/MailScanner/spamassassin # chmod 700 /var/spool/MailScanner/spamassassin # chown postfix.postfix /var/spool/MailScanner/spamassassin 3、修改spamassassin的设定档local.cf 可到站点http://www.yrex.com/spam/spamconfig.php自动生成local.cf的内容。 # vi /etc/mail/spamassassin/local.cf # How many hits before a message is considered spam. required_hits 5.0 # Whether to change the subject of suspected spam rewrite_subject 1 # Text to prepend to subject if rewrite_subject is used subject_tag *****SPAM***** # Encapsulate spam in an attachment report_safe 1 # Use terse version of the spam report use_terse_report 0 # Enable the Bayes system use_bayes 1 # Enable Bayes auto-learning auto_learn 1 # Enable or disable network checks skip_rbl_checks 1 use_razor2 0 use_dcc 0 use_pyzor 0 # Mail using languages used in these country codes will not be marked # as being possibly spam in a foreign language. ok_languages all # Mail using locales used in these country codes will not be marked # as being possibly spam in a foreign language. ok_locales all 4、启动spamassassin # service spamassassin start MailScanner设定 1修改MailScanner.conf # vi /etc/MailScanner/MailScanner.conf Run As User = postfix Run As Group = postfix Incoming Queue Dir = /var/spool/postfix/hold Outgoing Queue Dir = /var/spool/postfix/incoming MTA = postfix Virus Scanners = f-prot Always Include SpamAssassin Report = yes Use SpamAssassin = yes Required SpamAssassin Score = 4 SpamAssassin User State Dir = /var/spool/MailScanner/spamassassin SpamAssassin Install Prefix = /usr/bin SpamAssassin Local Rules Dir = /etc/MailScanner 2、修改 postfix支持mailscanner # vi /etc/postfix/main.cf 变更以下的值 header_checks = regexp:/etc/postfix/header_checks # vi /etc/postfix/header_checks /^Received:/ HOLD 注意, 在 / 之前不可以有空白! 3、变更目录权限 # chown postfix.postfix /var/spool/MailScanner/incoming # chown postfix.postfix /var/spool/MailScanner/quarantine 停止postfix执行、启动MailScanner # service postfix stop # chkconfig postfix off # service MailScanner start 设定MailScanner,当MTA = postfix时,会自己启动postfix,如有设定启动postfix的请先将它停掉 4、定期更新病毒定义文件 # crontab -e 0 4 * * * /usr/local/f-prot/tools/check-updates.pl 并将原本在/etc/cron.hourly/update_virus_scanners 删除掉 测试SpamAssassin 发一封邮件带如下内容,接收后,标题应该带有标记: XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X 这样,我们就已经搭建起一个基本的邮件系统。 |