RHEL5上安裝郵件系統Postfix+CyrusSASL+dovecot(轉帖)

tonykorn97發表於2008-10-22
預設方式安裝RHEL5,不選中任何型別伺服器(如WEB伺服器,開發伺服器,虛擬伺服器等)[@more@]

安裝postfix

[root@rhel5 ~]# /etc/rc.d/init.d/sendmail stop

關閉 sm-client: [確定]

關閉 sendmail: [確定]

[root@rhel5 ~]# chkconfig sendmail off

[root@rhel5 Server]# rpm -ivh postfix-2.3.3-2.i386.rpm

[root@rhel5 Server]# vi /etc/postfix/main.cf

myhostname = mail.mailidc.cn #設定執行postfix服務的郵件主機的主機名、域名

mydomain = mailidc.cn

myorigin = $mydomain #設定由本機寄出的郵件所使用的域名或主機名稱

inet_interfaces = all #設定postfix服務監聽的網路介面

mydestination = $myhostname, $mydomain, localhost.$mydomain, localhost #設定可接收郵件的主機名稱或域名

mynetworks = 127.0.0.1 #設定可轉發哪些網路的郵件

relay_domains = $mydestination #設定可轉發哪些網域的郵件

儲存檔案。

檢查postfix的配置:

[root@rhel5 Server]# postconf –n

[root@rhel5 ~]# chkconfig postfix on

將postfix加入到root的組:

# usermod -G root postfix

SMTP認證的配置

安裝cyrus-sasl

1、確認cyrus-sasl是否安裝了

[root@rhel5 Server]# rpm -qa|grep cyrus

cyrus-sasl-plain-2.1.22-4

cyrus-sasl-lib-2.1.22-4

cyrus-sasl-2.1.22-4

Cyrus-SASL V2的密碼驗證機制

[root@rhel5 ~]# saslauthd -v

saslauthd 2.1.22

authentication mechanisms: getpwent kerberos5 pam rimap shadow ldap

我們準備用的是shadow的密碼驗證機制。

vi /etc/sysconfig/saslauthd

MECH=shadow

啟動sasl的daemon並測試:

# service saslauthd start

# /usr/sbin/testsaslauthd -u 帳號 -p '密碼'

0: OK "Success." =>帳號驗證成功了

[root@rhel5 ~]# chkconfig saslauthd on

設定postfix啟用SMTP認證

[root@rhel5 Server]# vi /etc/postfix/main.cf

smtpd_sasl_auth_enable = yes

smtpd_sasl_local_domain= ''

smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,

reject_unauth_destination

broken_sasl_auth_clients = yes

smtpd_client_restrictions = permit_sasl_authenticated

smtpd_sasl_security_options = noanonymous

wq!儲存


此外,由於當postfix要使用SMTP認證時,會讀取/usr/lib/sasl2/smtpd.conf檔案的內容以確定所採用的認證方式,所以必須保證/usr/lib/sasl2/smtpd.conf檔案的內容是:

pwcheck_method: saslauthd

安裝設定dovecot(imap、pop3):

1、確認dovecot是否有安裝:

[root@rhel5 ~]# rpm -qa|grep dovecot

dovecot-1.0-1.2.rc15.el5

2、設定用pop3來收取信件:

#vi /etc/dovecot.conf

protocols = pop3 # imap imaps pop3 pop3s 支援的功能

3、啟動並測試:

#service dovecot start

# telnet localhost 110

Trying 127.0.0.1...

Connected to localhost.

Escape character is '^]'.

+OK dovecot ready.

user 賬號

+OK

pass 密碼

+OK Logged in.

[root@rhel5 ~]# chkconfig dovecot on

到這裡postfix、Cyrus SASL、dovecot就可以正常工作了。


讓postfix支援MailScanner、spamassassin、f-prot

A、安裝 F-PROT (F-PROT Antivirus for Linux)

從下載 f-prot

[root@rhel5 ~]# rpm -ivh fp-linux-ws.rpm

B、安裝MailScanner

下載 ... 4.60.8-1.rpm.tar.gz

版本.rpm.tar.gz

(這裡可能會少些perl的套件,出現錯誤訊息!請照著錯誤訊息要的rpm裝完即可!)

# tar zxvf MailScanner-4.60.8-1.rpm.tar.gz

# cd MailScanner-4.60.8-1

# ./install.sh

C、安裝spamassassin

1、確認spamassassin是否有安裝:

# rpm -qa |grep spam

如沒有安裝就安裝該包

[root@rhel5 Server]# rpm -ivh spamassassin-3.1.7-4.el5.i386.rpm

2建立Mailscanner支援spamassassin所需的目錄:

# mkdir /var/spool/MailScanner/spamassassin

# chmod 700 /var/spool/MailScanner/spamassassin

# chown postfix.postfix /var/spool/MailScanner/spamassassin

3、修改spamassassin的設定檔local.cf

可到站點自動生成local.cf的內容。

# vi /etc/mail/spamassassin/local.cf

# How many hits before a message is considered spam.

required_hits 5.0

# Whether to change the subject of suspected spam

rewrite_subject 1

# Text to prepend to subject if rewrite_subject is used

subject_tag *****SPAM*****

# Encapsulate spam in an attachment

report_safe 1

# Use terse version of the spam report

use_terse_report 0

# Enable the Bayes system

use_bayes 1

# Enable Bayes auto-learning

auto_learn 1

# Enable or disable network checks

skip_rbl_checks 1

use_razor2 0

use_dcc 0

use_pyzor 0

# Mail using languages used in these country codes will not be marked

# as being possibly spam in a foreign language.

ok_languages all

# Mail using locales used in these country codes will not be marked

# as being possibly spam in a foreign language.

ok_locales all

4、啟動spamassassin

# service spamassassin start

MailScanner設定

1修改MailScanner.conf

# vi /etc/MailScanner/MailScanner.conf

Run As User = postfix

Run As Group = postfix

Incoming Queue Dir = /var/spool/postfix/hold

Outgoing Queue Dir = /var/spool/postfix/incoming

MTA = postfix

Virus Scanners = f-prot

Always Include SpamAssassin Report = yes

Use SpamAssassin = yes

Required SpamAssassin Score = 4

SpamAssassin User State Dir = /var/spool/MailScanner/spamassassin

SpamAssassin Install Prefix = /usr/bin

SpamAssassin Local Rules Dir = /etc/MailScanner

2、修改 postfix支援mailscanner

# vi /etc/postfix/main.cf

變更以下的值

header_checks = regexp:/etc/postfix/header_checks

# vi /etc/postfix/header_checks

/^Received:/ HOLD

注意, 在 / 之前不可以有空白!

3、變更目錄許可權

# chown postfix.postfix /var/spool/MailScanner/incoming

# chown postfix.postfix /var/spool/MailScanner/quarantine

停止postfix執行、啟動MailScanner

# service postfix stop

# chkconfig postfix off

# service MailScanner start

設定MailScanner,當MTA = postfix時,會自己啟動postfix,如有設定啟動postfix的請先將它停掉

4、定期更新病毒定義檔案

# crontab -e

0 4 * * * /usr/local/f-prot/tools/check-updates.pl

並將原本在/etc/cron.hourly/update_virus_scanners 刪除掉

測試SpamAssassin

發一封郵件帶如下內容,接收後,標題應該帶有標記:

XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X

來自 “ ITPUB部落格 ” ,連結:http://blog.itpub.net/312079/viewspace-1012259/,如需轉載,請註明出處,否則將追究法律責任。

相關文章