RHEL5安装Postfix+CyrusSASL+dovecot

  默认方式安装RHEL5,不选中任何类型服务器(如WEB服务器,开发服务器,虚拟服务器等)
  安装postfix
  [root@rhel5 ~]# /etc/rc.d/init.d/sendmail stop
  关闭 sm-client: [确定]
  关闭 sendmail: [确定]
  [root@rhel5 ~]# chkconfig sendmail off
  [root@rhel5 Server]# rpm -ivh postfix-2.3.3-2.i386.rpm
  [root@rhel5 Server]# vi /etc/postfix/main.cf
  myhostname = mail.mailidc.cn #设置运行postfix服务的邮件主机的主机名、域名
  mydomain = mailidc.cn
  myorigin = $mydomain #设置由本机寄出的邮件所使用的域名或主机名称
  inet_interfaces = all #设置postfix服务监听的网络接口
  mydestination = $myhostname, $mydomain, localhost.$mydomain, localhost #设置可接收邮件的主机名称或域名
  mynetworks = 127.0.0.1 #设置可转发哪些网络的邮件
  relay_domains = $mydestination #设置可转发哪些网域的邮件
  保存文件。
  检查postfix的配置:
  [root@rhel5 Server]# postconf –n
  [root@rhel5 ~]# chkconfig postfix on
  將postfix加入到root的组:
  # usermod -G root postfix
  SMTP认证的配置
  安装cyrus-sasl
  1、确认cyrus-sasl是否安装了
  [root@rhel5 Server]# rpm -qa|grep cyrus
  cyrus-sasl-plain-2.1.22-4
  cyrus-sasl-lib-2.1.22-4
  cyrus-sasl-2.1.22-4
  Cyrus-SASL V2的密码验证机制
  [root@rhel5 ~]# saslauthd -v
  saslauthd 2.1.22
  authentication mechanisms: getpwent kerberos5 pam rimap shadow ldap
---------------------------------------------------------------------------------
  我们准备用的是shadow的密码验证机制。
  vi /etc/sysconfig/saslauthd
  MECH=shadow
  启动sasl的daemon并测试:
  # service saslauthd start
  # /usr/sbin/testsaslauthd -u 帐号 -p '密码'
  0: OK "Success." =>帐号验证成功了
  [root@rhel5 ~]# chkconfig saslauthd on
  设置postfix启用SMTP认证
  [root@rhel5 Server]# vi /etc/postfix/main.cf
  smtpd_sasl_auth_enable = yes
  smtpd_sasl_local_domain= ''
  smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,
  reject_unauth_destination
  broken_sasl_auth_clients = yes
  smtpd_client_restrictions = permit_sasl_authenticated
  smtpd_sasl_security_options = noanonymous
  wq!保存
  此外,由于当postfix要使用SMTP认证时,会读取/usr/lib/sasl2/smtpd.conf文件的内容以确定所采用的认证方式,所以必须保证/usr/lib/sasl2/smtpd.conf文件的内容是:
  pwcheck_method: saslauthd
  安装设定dovecot(imap、pop3):
  1、确认dovecot是否有安装:
  [root@rhel5 ~]# rpm -qa|grep dovecot
  dovecot-1.0-1.2.rc15.el5
  2、设定用pop3来收取信件:
  #vi /etc/dovecot.conf
  protocols = pop3 # imap imaps pop3 pop3s 支持的功能
  3、启动并测试:
  #service dovecot start
  # telnet localhost 110
  Trying 127.0.0.1...
  Connected to localhost.
  Escape character is '^]'.
------------------------------------------------------------------------
  +OK dovecot ready.
  user 账号
  +OK
  pass 密码
  +OK Logged in.
  [root@rhel5 ~]# chkconfig dovecot on
  到这里postfix、Cyrus SASL、dovecot就可以正常工作了。
  让postfix支持MailScanner、spamassassin、f-prot
  A、安装 F-PROT (F-PROT Antivirus for Linux)
  从http://files.f-prot.com/files/linux-x86/fp-linux-ws.rpm下载 f-prot
  [root@rhel5 ~]# rpm -ivh fp-linux-ws.rpm
  B、安装MailScanner
  下载http://www.mailscanner.info/file ... 4.60.8-1.rpm.tar.gz
  版本.rpm.tar.gz
  (这里可能会少些perl的套件,出现错误讯息!请照着错误讯息要的rpm装完即可!)
  # tar zxvf MailScanner-4.60.8-1.rpm.tar.gz
  # cd MailScanner-4.60.8-1
  # ./install.sh
  C、安装spamassassin
  1、确认spamassassin是否有安装:
  # rpm -qa |grep spam
  如没有安装就安装该包
  [root@rhel5 Server]# rpm -ivh spamassassin-3.1.7-4.el5.i386.rpm
  2建立Mailscanner支持spamassassin所需的目录:
  # mkdir /var/spool/MailScanner/spamassassin
  # chmod 700 /var/spool/MailScanner/spamassassin
  # chown postfix.postfix /var/spool/MailScanner/spamassassin
  3、修改spamassassin的设定档local.cf
  可到站点http://www.yrex.com/spam/spamconfig.php自动生成local.cf的内容。
  # vi /etc/mail/spamassassin/local.cf
  # How many hits before a message is considered spam.
  required_hits 5.0
--------------------------------------------------------------------
  # Whether to change the subject of suspected spam
  rewrite_subject 1
  # Text to prepend to subject if rewrite_subject is used
  subject_tag *****SPAM*****
  # Encapsulate spam in an attachment
  report_safe 1
  # Use terse version of the spam report
  use_terse_report 0
  # Enable the Bayes system
  use_bayes 1
  # Enable Bayes auto-learning
  auto_learn 1
  # Enable or disable network checks
  skip_rbl_checks 1
  use_razor2 0
  use_dcc 0
  use_pyzor 0
  # Mail using languages used in these country codes will not be marked
  # as being possibly spam in a foreign language.
  ok_languages all
  # Mail using locales used in these country codes will not be marked
  # as being possibly spam in a foreign language.
  ok_locales all
  4、启动spamassassin
  # service spamassassin start
  MailScanner设定
  1修改MailScanner.conf
  # vi /etc/MailScanner/MailScanner.conf
  Run As User = postfix
  Run As Group = postfix
  Incoming Queue Dir = /var/spool/postfix/hold
  Outgoing Queue Dir = /var/spool/postfix/incoming
  MTA = postfix
  Virus Scanners = f-prot
  Always Include SpamAssassin Report = yes
  Use SpamAssassin = yes
  Required SpamAssassin Score = 4
  SpamAssassin User State Dir = /var/spool/MailScanner/spamassassin

  SpamAssassin Install Prefix = /usr/bin
  SpamAssassin Local Rules Dir = /etc/MailScanner
  2、修改 postfix支持mailscanner
  # vi /etc/postfix/main.cf
  变更以下的值
  header_checks = regexp:/etc/postfix/header_checks
  # vi /etc/postfix/header_checks
  /^Received:/ HOLD
  注意, 在 / 之前不可以有空白!
  3、变更目录权限
  # chown postfix.postfix /var/spool/MailScanner/incoming
  # chown postfix.postfix /var/spool/MailScanner/quarantine
  停止postfix执行、启动MailScanner
  # service postfix stop
  # chkconfig postfix off
  # service MailScanner start
  设定MailScanner,当MTA = postfix时,会自己启动postfix,如有设定启动postfix的请先将它停掉
  4、定期更新病毒定义文件
  # crontab -e
  0 4 * * * /usr/local/f-prot/tools/check-updates.pl
  并将原本在/etc/cron.hourly/update_virus_scanners 删除掉
  测试SpamAssassin
  发一封邮件带如下内容,接收后,标题应该带有标记:
  XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X
  这样,我们就已经搭建起一个基本的邮件系统。