本章——傳送接收郵件的工具為雷鳥
安裝
# yum install dovecot-mysql.x86_64 dovecot.x86_64 -y
編輯檔案
vim 10-mail.conf
mail_location = maildir:/home/vmail/%d/%n/Maildir/ first_valid_uid = 800
開啟
!include auth-sql.conf.ext
# vim auth-sql.conf.ext
檔案提示讓找 args = /etc/dovecot/dovecot-sql.conf.ext 但/etc/dovecot目錄下沒有這個檔案。
提示可以參考模板: # Path for SQL configuration file, see example-config/dovecot-sql.conf.ext
/usr/share/doc/dovecot-2.0.9/example-config cp dovecot-sql.conf.ext /etc/dovecot/
# vim dovecot-sql.conf.ext //主要修改以下幾行
driver = mysql
connect = host=localhost dbname=extmail user=extmail password=extmail
default_pass_scheme = PLAIN
password_query = \ SELECT username, domain, password \ FROM mailbox WHERE username = '%u'
user_query = SELECT maildir, 800 AS uid, 800 AS gid FROM mailbox WHERE username = '%u'
重啟dovecot服務 測試豆腐塊是否成功:
# telnet localhost 110
user redhat@extmail.org pass redhat
豆腐塊SASL認證
首先檢視下幫助文件,怎麼安裝豆腐塊的SASl認證庫。
cd /usr/share/doc/postfix-2.6.6/README_FILES
# less SASL_README
檢視postfix的引數資訊 postconf -d | grep smtpd_sasl
將其寫入main.cf postfix的主配置檔案
postconf -e smtpd_sasl_auth_enable=yes
postconf -e smtpd_sasl_authenticated_header=yes
檢視SASL加密那些認證。
postconf -d | grep smtpd_recipient
postconf -e "smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination, permit_sasl_authenticated"
smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination, permit_sasl_authenticated
開啟SASL認證/認證頭。
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
系統預設的幫助文件做的不怎麼好,自己找個包看。
postfix-2.10.2.tar.gz
tar zxf postfix-2.10.2.tar.gz cd postfix-2.10.2
less SASL_README
vim /etc/sasl2/smtpd.conf
pwcheck_method: auxprop
auxprop_plugin: sql
mech_list: PLAIN LOGIN CRAM-MD5 DIGEST-MD5 NTLM
sql_engine: mysql
sql_hostnames: 127.0.0.1
sql_user: extmail
sql_passwd: extmail
sql_database: extmail sql_select: SELECT
password FROM mailbox WHERE username = '%u@%r'
yum list cyrus-sasl*
rpm -ivh cyrus-sasl-sql-2.1.23-13.el6_3.1.x86_64.rpm
yum install cyrus-sasl-md5.x86_64 cyrus-sasl-devel.x86_64 cyrus-sasl-plain.x86_64 -y
認證
postconf -d | grep smtpd_tls //查詢下tls認證的項,寫入postfix主檔案
postconf -e smtpd_tls_security_level=encrypt cd /etc/pki/tls/certs/ make postfix.pem
postconf -e smtpd_tls_cert_file=/etc/pki/tls/certs/postfix.pem
postconf -e smtpd_tls_received_header=yes
postconf -e "smtpd_tls_session_cache_database=btree:/var/lib/postfix/smtpd_scache"
postconf -e smtpd_tls_auth_only=yes /etc/init.d/postfix restart /etc/init.d/clamd start
郵件的反垃圾反病毒
yum install spamassassin -y cd /usr/share/spamassassin/
yum localinstall clam* -y
下載病毒庫
# rm -rf virusdb/ # chown clamav.clamav *
# yum install -y rpm-build
# ./install.sh
# vim MailScanner.conf //下面的為這個庫要修改的選項引數
Incoming Queue Dir = /var/spool/postfix/hold
Outgoing Queue Dir = /var/spool/postfix/incoming Run As User = postfix Run As Group = postfix MTA = postfix
Incoming Work Group = clamav
Incoming Work Permissions = 0640
Virus Scanners = clamd
Monitors for ClamAV Updates = /var/clamav/*.cld /var/clamav/*.cvd
# rpm -ql clamd
# cd /var/run/clamav/ clamd.pid clamd.sock
Clamd Socket = /var/run/clamav/clamd.sock
Always Include SpamAssassin Report = yes
SpamAssassin User State Dir = /var/spool/MailScanner/spamassassin
Spam Actions = delete High Scoring Spam Actions = delete
[root@vm1 MailScanner]# mkdir spamassassin
# chown -R postfix.clamav .
# cd /etc/postfix/
# vim main.cf
把下面的#去掉
header_checks = regexp:/etc/postfix/header_checks
# vim header_checks 低行下入 /^Received:/ HOLD
下面是檢測語法時 的報錯,和解決方案
MailScanner –lint
報錯解決方案:
ERROR: The "envelope_sender_header" in your spam.assassin.prefs.conf ERROR: is not correct, it should match X-yoursite-MailScanner-From
# cd /etc/MailScanner/
envelope_sender_header X-yoursite-MailScanner-From
報錯: config: failed to parse line, skipping, in "/etc/mail/spamassassin/mailscanner.cf": use_auto_whitelist 0
註釋掉此行 #use_auto_whitelist 0
報錯: Unrar is not installed, it should be in /usr/bin/unrar. This is required for RAR archives to be read to check filenames and filetypes. Virus scanning is not affected.
安裝軟體包 unrar-4.2.4-1.el6.x86_64.rpm
[root@vm1 MailScanner]# /etc/init.d/postfix status master is stopped
[root@vm1 MailScanner]# /etc/init.d/MailScanner start
Starting MailScanner daemons: incoming postfix: [ OK ] outgoing postfix: [ OK ] MailScanner: [ OK ]
[root@vm1 MailScanner]# /etc/init.d/postfix
status master (pid 10891) is running...