全功能电子邮件服务器 (反垃圾、反病毒)



2012年6月23日 比较official,可以参考一下。

http://wiki.extmail.org/extmail_solution_for_linux

你可能需要这些软件包

DBD-mysql-4.020.tar.gz
DBI-1.616.tar.gz
courier-authlib-0.62.4.tar.bz2
MailScanner-4.84.5-2.rpm.tar.gz
extmail-1.0.5.tar.gz
extman-0.2.5.tar.gz
File-Tail-0.99.3.tar.gz
GD-2.46.tar.gz
Unix-Syslog-1.1.tar.gz
fp-Linux-i686-ms.tar.gz   注意是mailserver版本
httpd-2.2.19.tar.bz2
php-5.4.0.tar.gz
mysql-5.0.95.tar.gz
postfix-2.6.2-vda-ng.patch.gz
postfix-2.6.2.tar.gz
rrdtool-1.2.23-3.el5.i386.rpm
rrdtool-perl-1.2.23-3.el5.i386.rpm
spamassassin-3.2.5-1.el5.i386.rpm

http://search.cpan.org 部分软件包可以去这里找

http://rpmfind.net/

http://www.mailscanner.info/downloads.html

http://www.extmail.org/forum/

http://wiki.extmail.org/doku.php

http://www.f-prot.com


##########################################################################

各项服务的启动

service mysqld named restart
/usr/local/dovecot/sbin/dovecot -c /etc/dovecot/dovecot.conf
service courier-authlib restart
postfix start
/usr/local/apache2/bin/apachectl restart
service MailScanner restart
service spamassassin start
service crond start
service courier-authlib restart
mailgraph-init start
qmonitor-init start

service fpscand restart /opt/f-prot/rc-scripts/fpscand.rc-redhat
service scan-mail start /opt/f-prot/rc-scripts/scan-mail.rc-redhat


可以参照如下方法创建脚本,当然软件安装路径可能需要修改

rpm2cpio postfix-2.3.3 |cpio -id
cd etc/rc.d/init.d
cp postfix /etc/init.d

######################################################################
apache:

tar  –zxf  httpd-2.2.9.tar.gz  -C /usr/local/src
cd  /usr/local/src/httpd-2.2.9
./configure  --prefix=/usr/local/apache2  --enable-so  --enable-rewrite
make
make  install

######################################################################
mysql

useradd  –M  –s  /sbin/nologin  mysql
tar  zxf  mysql-5.0.56.tar.gz  -C  /usr/local/src
cd  /usr/local/src/mysql-5.0.56
./configure  --prefix=/usr/local/mysql
make
make install

配置mysql

cd  /usr/local/src/mysql-5.0.56
cp  support-files/my-medium.cnf  /etc/my.cnf  #/usr/local/mysql/bin/mysql_install_db  --user=mysql  #chown  -R  root:mysql  /usr/local/mysql
chown  -R  mysql  /usr/local/mysql/var
echo  "/usr/local/mysql/lib/mysql"   >> /etc/ld.so.conf  添加库文件路径
ldconfig
/usr/local/mysql/bin/mysqld_safe  --user=mysql  &  后台安全动
cd  /usr/local/src/mysql-5.0.56
cp  support-files/mysql.server  /etc/init.d/mysqld  启动脚本
chmod  +x  /etc/init.d/mysqld  脚本执行权限
chkconfig  --add  mysqld  自动启动服务
chkconfig  mysqld  on  默认启动mysql
chkconfig  --list mysqld  查看mysql启动级别
echo  "PATH=$PATH:/usr/local/mysql/bin" >> /etc/profile 全局的环境变量
. /etc/profile

#######################################################################

php

tar  jxf  php-5.2.6.tar.bz2  -C  /usr/local/src
cd  /usr/local/src/php-5.2.6
./configure  --prefix=/usr/local/php5  --enable-mbstring  --with-apxs2=/usr/local/apache2/bin/apxs  --with-mysql=/usr/local/mysql  --with-config-file-path=/usr/local/php5
make
make test
make install
cd  /usr/local/src/php-5.2.6
cp  php.ini-dist  /usr/local/php5/php.ini  复制配置文件



vim /usr/local/apache2/conf/httpd.conf

LoadModule  php5_module  modules/libphp5.so   编译成功会有此项
AddType  application/x-httpd-php  .php  添加这行记录
DirectoryIndex  index.php  index.html


000722889.jpg

测试

#vim  /usr/local/apache2/htdocs/test.php
<?php
phpinfo();
?>

在浏览器中输入http://192.168.0.202/test.php


000741401.png

Mysql测试
#vim /usr/local/apache2htdocs/testdb.php

<?php
$link=mysql_connect(‘localhost’ , ‘test’, ‘’);
If  (!$link)  echo  “Fail!!!”;
else  echo  “Success!!!”;
mysql_close();
?>

在IE浏览器中输入网址http://192.168.0.202/testdb.php


000839739.png

000920142.png

######################################################################

postfix
安装postfix之前请先卸载sendmail

service  sendmail  stop
chkconfig  --level 35  sendmail  off

编译安装

groupadd  -g  1200  postdrop
groupadd  -g  1000  postfix
useradd  -M  -u  1000  -g  postfix  -G  postdrop  -s  /sbin/nologin  postfix
tar  zxf  postfix-2.4.6.tar.gz  -C  /usr/local/src
cp  postfix-2.4.6-vda-ng.path.gz  /usr/local/src
cd  /usr/local/src
gunzip  postfix-2.4.6-vda-ng.path.gz
cd  postfix-2.4.6
patch  -p1  <../postfix-2.4.6-vda-ng.path  (补丁文件,-p1是数字1,实验过程中打补丁后编译失败,高版本的应该不需要补丁)
make makefiles 'CCARGS=-DHAS_MYSQL -I/usr/local/mysql/include/mysql -DUSE_SASL_AUTH -DUSE_CYRUS_SASL -I/usr/include/sasl' 'AUXLIBS=-L/usr/local/mysql/lib/mysql  -lmysqlclient  -lz  -lm  -L/usr/lib/sasl2  -lsasl2 -lssl -lcrypto'
make
make  install

安装选择默认设置即可。
配置postfix
postfix主配文件修改
vim /etc/postfix/main.cf

Inet_interfaces  =  all  默认设置
77 myhostname  =  mail.wisefund.com  主机名
mydomain  =  a.com  邮件域名
myorigin  =  $mydomain  外发邮件时发件人地址中的邮件域名
mydestination  =  $mydomain, $myhostname  可接收的邮件地址中的域名
,建议禁用此行
home_mailbox  =  Maildir/  邮件存储位置
postfix  check  检查配置
postfix  start  启动

####################################################################

邮件本地账户

groupadd  test
useradd  -g  test -s  /sbin/nologin  test1
useradd  -g test  -s  /sbin/nologin  test2
passwd  test1
passewd  test2

SMTP发送邮件测试
#telnet localhost 25

Tring 127.0.0.1..
Connected to localhost.localdomain (127.0.0.1).
Escape character is ‘^]’.
220 mail.wisefund.com ESMTP Postfix
EHLO 127.0.0.1

250 mail.wisefund.com
MAIL FROM:test1@a.com

250 2.1.0 ok
RCPT TO: test2@a.com

250 2.1.5 ok
DATA

354 End data with &lt;CR><LF>.<CR><LF>
Subject: test



11111111111111111111111111111


.
250 2.0.0. ok:queued as 2F9AD787DA
quit
221 2.0.0 Bye
Connection closed by foreign host.


查看邮件 ,tab键
#cat /home/test/Maildir/new/

########################################################################

Dovecot

useradd  -M  -s  /sbin/nologin  dovecot
tar  zxf  dovecot-1.1.4.tar.gz  -C  /usr/local/src
cd  /usr/local/src/dovecot-1.1.4
./configure  --sysconfdir=/etc  --with-mysql
make
make  install
cp  /etc/dovecot-example.conf  /etc/dovecot.conf
vim  /etc/dovecot.conf
ssl_disable  =  yes  禁用SSL机制
protocols  =  pop3  imap  指定邮局协议
disable_plaintext_auth  =  no  允许明文密码认证
mail_location  =  maildir:~/Maildir  设置邮件存储格式和位置
vim  /etc/pam.d/dovecot  创建pam认证文件
auth  required  pam_nologin.so
auth  include  system-auth
account  include  system-auth
session  include  system-auth
/usr/local/sbin/dovecot  -c  /etc/dovecot.conf  启动

########################################################################

POP3邮件接收测试
#telnet localhost 110
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
+OK Dovecot ready.
user test
+OK
pass 123
+OK Logged in.
list
+OK 1 messages;
1 480
.
retr 1
+OK 480 octets


#######################################################################
导入数据库

#tar  zxf  extman-0.2.5.tar.gz  -C  /usr/local/src
#cd  /usr/local/src/extman-0.2.5/docs
#mysql  -u  root  -p  < extmail.sql
#mysql  -u  root  -p <init.sql
#service  mysqld  restart


Postfix
#postconf -m |grep mysql 返回值有mysql,说明可以支持mysql 数据库的查询表
#vim /etc/postfix/main.cf 配置文件

#mydestination  =  $mydomain, $myhostname  该行需要注释掉
virtual_mailbox_base  =  /mailbox 指定虚拟邮箱存储目录的路径起点
virtual_alias_maps  =  mysql:/etc/postfix/mysql_virtual_alias_maps.cf

指定虚拟邮件用户对应的别名文件位置

virtual_mailbox_maps  =  mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf

指定记录虚拟邮箱地址与存储位置对应关系的映射文件位置

virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf

设置postfix服务器可以接收的虚拟邮件域的域名

#cp extman-0.2.5/docs/mysql_virtual_* /etc/postfix/

virtual_uid_maps = static:1000  设置所有虚拟邮件用户映射的本地用户的UID号
virtual_gid_maps = static:1000  设置所有虚拟邮件用户映射的本地组的GID 号


####################################################################

courier-authlib
注意:确认系统中的rpm格式的mysql 软件被卸载
#tar jxf courier-authlib-0.60.2.tar.bz2 -C /usr/local/src
#cd /usr/local/src/courier-authlib

./configure  --prefix=/usr/local/courier-authlib  --without-stdheaderdir  --with-authmysql  --with-redhat --with-mysql-libs=/usr/local/mysql/lib/mysql  --with-mysql-includes=/usr/local/mysql/include/mysql
make && make  install && make  install-configure  生成默认配置文件authmysqlrc 和 authdaemonrc


#vim /etc/ld.so.conf

/usr/local/courier-authlib/lib/courier-authlib  库文件路径

#ldconfig
修改authdaemonrc主配置文件
#cd /usr/local/courier-authlib/etc/authlib
#cp authdaemonrc authdaemonrc.bak
#vim authdaemonrc

authmodulelist="authmysql"
authmodulelistorig="authmysql"

#chmod -R 755 /usr/local/courier-authlib/var/spool/authdaemon
修改authmysqlrc 文件
#cd /usr/local/courier-authlib/etc/authlib
#cp authmysqlrc authmysqlrc.bak
#vim authmysqlrc

MYSQL_SERVER            localhost 数据库服务器位置
MYSQL_USERNAME          extmail 数据库管理员账户
MYSQL_PASSWORD          extmail 数据库管理员账户密码
MYSQL_SOCKET            /tmp/mysql.sock  #此文件最好定义在/var/tmp/mysql.sock
MYSQL_DATABASE          extmail  虚拟用户数据库
MYSQL_USER_TABLE        mailbox  从mailbox表获得邮件账户信息
MYSQL_CRYPT_PWFIELD     password 从password字段获得账户密码
MYSQL_UID_FIELD         uidnumber 从uidnumber字段获得映射的本地用户UID
MYSQL_GID_FIELD         gidnumber 从gidnumber字段获得映射的本地组GID
MYSQL_LOGIN_FIELD       username 从username字段获得账户名称,带@后缀
MYSQL_HOME_FIELD        concat('/mailbox/',homedir)合并出用户的宿主目录路径
MYSQL_NAME_FIELD        name 从name 字段获得账户名称,不带@后缀
MYSQL_MAILDIR_FIELD     concat('/mailbox/',maildir)合并出用户的邮件存储路径

复制脚本,启动服务

#cd  /usr/local/src/courier-authlib-0.60.2/
#cp  courier-authlib.sysvinit  /etc/init.d/courier-authlib
#chmod  755  /etc/rc.d/init.d/courier-authlib
#chkconfig  --level 35  courier-authlib  on
#service  courier-authlib  start

#####################################################################

Cyrus sasl 设置
#vim /usr/lib/sasl2/smtpd.conf

pwcheck_method:authdaemond
authdaemond_path:/usr/local/courier-authlib/var/spool/authdaemon/socket

Dovecot配置
#vim /etc/dovecot.conf

mail_location = maildir:/mailbox/%d/%n/Maildir
auth default {
 mechanisms = plain
 passdb sql {
  args = /etc/dovecot-mysql.conf
 }
 userdb sql {
  args = /etc/dovecot-mysql.conf
 }

#vim /etc/dovecot-mysql.conf

driver  =  mysql
connect  =  host=localhost  dbname=extmail  user=extmail  password=extmail
default_pass_scheme  =  CRYPT  数据库中存储的密码串的加密算法
password_query  =  SELECT  username  AS  user,password  AS  password  FROM  mailbox  WHERE  username  =  ‘%u’查询用户密码的语句
user_query  =  SELECT  maildir,  uidnumber  AS  uid,  gidnumber  AS  gid  FROM  mailbox  WHERE  username  =  ‘%u’  查询用户身份语句


在这里说下如果web正常,确无法用客户端hotmail 、foxmail等发送接受的原因,

多半是因为uid&gid的关系

如果你创建的postfix账号id 为2525

postfix/main.cf

virtual_uid_maps = static:2525
virtual_gid_maps = static:
2525

extman/webman.cf

98 UID 2525

101 GID 2525

这样新建的账号就可以用客户端了

旧账号id更改办法:

mysql -u roooy -p

SHOW DATABASES

USER Extmail;

SELECT * FROM mailbox \G

UPDATE mailbox SET uidnumber=2525 WHERE uidnumber=1000

UPDATE mailbox SET gidnumber=2525 WHERE gidnumber=1000


建立虚拟用户
#mkdir -p /mailbox/extmail.org/postmaster/Maildir
#cd /mailbox/extmail.org/postmaster/Maildir
#chown -R postfix:postfix /mailbox
#dovecot 启动服务
虚拟用户测试
确认authlib服务
# /usr/local/courier-authlib/sbin/authtest -s login postmaster@extmail.org extmail
Authentication succeeded. 成功提示信息

Authenticated: postmaster@extmail.org (uid 1000, gid 1000)
Home Directory: /mailbox/extmail.org/postmaster
Maildir: /mailbox/extmail.org/postmaster/Maildir/
Quota: (none)
Encrypted Password: $1$phz1mRrj$3ok6BjeaoJYWDBsEPZb5C0
Cleartext Password: extmail
Options: (none)

########################################################################
ExtMail

基于Perl 语言开发的中文Webmail管理平台
套件:ExtMail --Web 界面的邮件操作
Extman –Web 界面的邮件系统管理

依赖包
#tar -zxf Unix-Syslog-1.1.tar.gz -C /usr/local/src

#cd  /usr/local/src/Unix-Syslog-1.1
#perl  Makefile.PL
#make
#make  install

#tar -zxf DBI-1.607.tar.gz -C /uar/local/src

#cd  /usr/local/src/DBI-1.607
#perl  Makefile.PL
#make
#make  install

#tar -zxf DBD-mysql-4.011.tar.gz -C /usr/local/src

#cd  /usr/loca/src/DBD-4.011
#perl  Makefile.PL --mysql_config=/usr/local/mysql/bin/mysql_config --with-mysql=/usr/local/mysql
#make
#make  install


注意以上三个包在编译安装过程可能会提示 警告信息,


#tar -zxf extmail-1.0.5.tar.gz -C /usr/local/apache2/htdocs

#cd  /usr/local/apache2/htdocs
#mv  extmail-1.0.5  extmail
#cd  extmail
#chown  -R  postfix:postfix  cgi
#cp  webmail.cf.default  webmail.cf

配置文件
#vim /usr/local/apache2/htdocs/extmail/webmail.cf

SYS_CONFIG  =  /usr/local/apache2/htdocs/extmail/  程序根目录
SYS_LANGDIR  =  /usr/local/apache2/htdocs/extmail/lang  语言包文件目录
SYS_TEMPLDIR  =  /usr/local/apache2/htdocs/extmail/html  系统模版目录
SYS_MAILDIR_BASE  =  /mailbox  邮件存储目录
SYS_MYSQL_USER  =  extmail  访问mysql数据库的用户
SYS_MYSQL_PASS  =  extmail  访问mysql数据库的用户的密码
SYS_MYSQL_DB  =  extmail   使用数据库的名称
SYS_MYSQL_HOST  =  localhost  数据库服务器地址
SYS_MYSQL_SOCKET  =  /tmp/mysql.sock  数据库套接文件位置

##############################################################
#vim /usr/local/apache2/conf/httpd.conf

NameVirtualHost *:80
<VirtualHost *:80>
ServerName mail.wisefund.com
DocumentRoot /usr/local/apache2/htdocs/extmail/html/
ScriptAlias /extmail/cgi/ "/usr/local/apache2/htdocs/extmail/cgi/"
Alias /extmail "/usr/local/apache2/htdocs/extmail/html/"
</VirtualHost>

User postfix 找到 User 该用户为postfix
Group postfix 找到 Group 该组为postfix
( SuexecUerGroup postfix postfix )
#/usr/local/apache2/bin/apachectl restart



到这时基本客户端和网页都可以访问了,但是你可能需要做个dns或者修改hosts,http://mail.a.com

image

#####################################################################
Extman
#tar -zxf GD-2.41.tar.gz -C /usr/local/src

#cd  /usr/local/src/GD-2.41
#perl  Makefile.PL
#make
#make  install

#tar -zxf File-Tail-0.99.3.tar.gz -C /uar/local/src

#cd  /usr/local/src/File-Tail-0.99.3
#perl  Makefile.PL
#make
#make  install

#rpm -ivh rrdtool-1.2.23-3.el5.i386.rpm
#rpm -ivh rrdtool-perl-1.2.23-3.el5.i386.rpm
Extman
#tar -zxf extman-0.2.5.tar.gz -C /usr/local/apache2/htdocs

#cd  /usr/local/apache2/htdocs
#mv  extman-0.2.5  extman
#cd  extman
#chown  -R  postfix:postfix  cgi
#mkdir  /tmp/extman  临时会话保存目录
#chown  -R  postfix:postfix  /tmp/extman

修改配置文件
#vim /usr/localapache2/htdocs/extman/webman.cf

SYS_CONFIG  =  /usr/local/apache2/htdocs/extman/  程序根目录
SYS_LANGDIR  =  /usr/local/apache2/htdocs/extman/lang 语言包文件目录
SYS_TEMPLDIR  =  /usr/local/apache2/htdocs/extman/html  系统模版目录
SYS_MAILDIR_BASE  =  /mailbox  邮件数据存放路径
SYS_MYSQL_USER  =  webman  访问mysql数据库的用户
SYS_MYSQL_PASS  =  webman  访问mysql数据库的用户的密码
SYS_MYSQL_DB  =  extmail  使用的数据库名称
SYS_MYSQL_HOST  =  localhost  数据库服务器地址
SYS_MYSQL_SOCKET  =  /tmp/mysql.sock  数据库套接文件位置
13.3 调整apache主配文件。添加extman相关目录别名

#vim /usr/local/apache2/conf/httpd.conf

NameVirtualHost *:80
<VirtualHost *:80>
ServerName mail.wisefund.com
DocumentRoot /usr/local/apache2/htdocs/extmail/html/
ScriptAlias /extmail/cgi/ "/usr/local/apache2/htdocs/extmail/cgi/"
Alias /extmail "/usr/local/apache2/htdocs/extmail/html/"
ScriptAlias /extman/cgi "/usr/local/apache2/htdocs/extman/cgi/"
Alias /extman "/usr/local/apache2/htdocs/extman/html/"
</VirtualHost>

#/usr/local/apache2/bin/apachectl restart

########################################################################
在客户端访问
http://mail.a.com/extman

默认管理员账户:root@extmail.org
默认密码:extmail*123*

image

SYS_CAPTCHA_ON = 0 如果时间不对,可以去掉验证码

image


image

ln –sf /usr/local/apache2/htdocs/extman/addon/mailgraph_ext/mailgraph-ini
/usr/sbin/
ln –sf /usr/local/apache2/htdocs/extman/addon/mailgraph_ext/qmonitor-init
/usr/sbin/
cp –a /usr/local/apache2/htdocs/extman/addon/mailgraph_ext /usr/local

mailgraph-init start
qmonitor start

echo "/usr/sbin/mailgraph-init star" >>/etc/rc.d/rc/local
echo "/usr/sbin/qmoonitor-init start" >> /etc/rc.d/rc/local

图形化日志信息


195015499.jpg

#######################################################################
main.cf 过滤
根据客户端的主机名/地址过滤邮件
vim /etc/postfix/main.cf

smtpd_client_restrictions = check_client_access hash:/etc/postfix/access

vim /etc/postfix/access
192.168.4 REJECT
192.168.4.1 OK
bbc.com REJECT

# postmap /etc/postfix/access

# vim /etc/postfix/main.cf

smtpd_helo_required = yes
smtpd_helo_restrictions = reject_invalid_hostname

# postfix reload

smtpd_sender_login_maps = mysql:/etc/postfix/mysql_virtual_sender_maps.cf,mysql:/etc/postfix/mysql_virtual_alias_maps.cf
smtpd_sender_restrictions =
permit_mynetworks,
reject_sender_login_mismatch,
reject_non_fqdn_sender,
reject_unknown_sender_domain,
check_sender_access hash:/etc/postfix/sender_access

# vim /etc/postfix/sender_access
a@xx.com REJECT
a@ REJECT
www.a.com REJECT
# postmap /etc/postfix/sender_access
生成sender_access.db

# vim /etc/postfix/main.cf

smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
reject_non_fqdn_ recipient,
reject_unknown_recipient_domain

# postfix restart
########################################################################
MailScanner
安装MailScanner 扫描调度工具
# tar zxvf MailScanner-4.75.11-1.rpm.tar.gz
# cd MailScanner-4.75.11-1
# ./install.sh
修改配置文件
# vim /etc/MailScanner/MailScanner.conf

Run As User = postfix
Run As Group = postfix
Incoming Queue Dir = /var/spool/postfix/hold
Outgoing Queue Dir = /var/spool/postfix/incoming
MTA =postfix
SpamAssassin User State Dir = /var/spool/MailScanner/spamassassin
1749 Virus Subject Text = {Virus?} 标题提示文字
1855 Spam Subject Text = {Spam?}   标题提示文字
Virus Scanners = f-port-6   (根据软件版本不同,这里填写的内容有所改变,可以选择auto)
Required SpamAssassin Score =7
High SpamAssassin Score = 10
Spam Actions = deliver header “X-Spam-Status: Yes”
High Soring Spam Actions = delete forward spam@extmail.org 如果score大于10,删除邮件,并转发到指定邮箱

# vim /etc/postfix/main.cf

header_checks = regexp: /etc/postfix/header_checks

# vim /etc/postfix/header_checks
/^Received:/ HOLD
调整属主、属组

chown –R postfix.postfix /var/spool/MailScanner/incoming
chown –R postfix.postfix /var/spool/MailScanner/quarantine

drwxr-xr-x 9 postfix postfix 4096 Apr 14 20:01 incoming
drwxr-xr-x 4 postfix postfix 4096 Apr 13 22:58 quarantine
drwxr-xr-x 2 postfix postfix 4096 Apr 13 20:50 rules
drwxr-xr-x 2 postfix postfix 4096 Apr 14 20:01 spamassassin

chkconfig –level 35 MailScanner on
service MailScanner restart

###################################################################
SpamAssassin

mount /dev/cdrom /mnt/cdrom
cd /mnt/cdrom
rpm –ivh spamassassin-3.1.7-4.e15.i386.rpm

配置文件
/etc/mail/spamassassin/local.cf”保持默认即可

# service spamassassin start
# chkconfig –level 35 spamassassin on

#####################################################################
F-Port

# tar zxvf fp-Linux.x86.32-ms.tar.gz –C /opt/ 注意是mailserver版本,不是 workstation
# cd /opt/f-prot/
# ./install-f-prot.pl

(1) Enter an existing license key you have (e.g. from an e-mail)

(2) Apply for a 30 day trial key

1) Spawn service

比起第二种master.cf会多出:

localhost:10025 inet n n n - 10 spawn user=nobody argv=/opt/f-prot/mailtools/scan-mail.pl -postfix 127.0.0.1:10026

2) Standalone SMTP proxy

直接执行

scan-mail.pl -daemon -proxy -proxy_address 127.0.0.1:10025 -smtp_address 127.0.0.1:10026

安装过程会出现的提示


升级F-Port 病毒库(确保能访问Internet)
# /opt/f-prot/fpupdate

ln -fs /opt/f-prot/fpscan /usr/local/bin/fpscan
ln -fs /opt/f-prot/doc/man/fpscan.1 /usr/local/man/man1/
ln -fs /opt/f-prot/doc/man/fprot-conf.5 /usr/local/man/man5/
ln -fs /opt/f-prot/doc/man/fpupdate.8 /usr/local/man/man8/
ln -fs /opt/f-prot/fpscand /usr/local/sbin/fpscand
ln -fs /opt/f-prot/fpmon /usr/local/sbin/fpmon
ln -fs /opt/f-prot/doc/man/fpscand.8 /usr/local/man/man8/
ln -fs /opt/f-prot/doc/man/fp-milter.8 /usr/local/man/man8/
ln -fs /opt/f-prot/doc/man/fp-qmail.8 /usr/local/man/man8/
ln -fs /opt/f-prot/doc/man/fpmon.8 /usr/local/man/man8/
ln -fs /opt/f-prot/doc/man/fp.so.8 /usr/local/man/man8/

cp /opt/f-prot/f-prot.conf.default /opt/f-prot/f-prot.conf
ln -fs /opt/f-prot/etc/f-prot.conf /etc/f-prot.conf
chmod a+x /opt/f-prot/fpscan
chmod u+x /opt/f-prot/fpupdate
ln -fs /opt/f-prot/man_pages/scan-mail.pl.8 /usr/share/man/man8/
chmod +x /opt/f-prot/mailtools/scan-mail.pl


# crontab –e (计划任务)

00 9 * * * /opt/f-prot/fpupdate/tools/check-updates.pl -cron


# service crond start
#

Scan-mail.pl Standalone SMTP proxy

#vim posfix/main.cf

content_filter = smtp:[127.0.0.1]:10025
master.cf
scan unix - - n - 10 smtp
localhost:10026 inet n - n - 10 smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o myhostname=localhost
-o smtpd_helo_restrictions=
-o smtpd_client_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o smtpd_use_tls=no
-o mynetworks=127.0.0.0/8
vim /etc/f-prot.conf
SCANMAIL_STARTUP="-daemon -proxy -proxy_address 127.0.0.1:10025 -smtp_address 127.0.0.1:10026"

service fpscand restart /opt/f-prot/rc-scripts/fpscand.rc-redhat
service scan-mail start /opt/f-prot/rc-scripts/scan-mail.rc-redhat



The first entry specifies that Postfix's master service shall run at most 10 processes simultaneously to pipe the mail from the SMTP daemon to external filter. The second entry makes the master service run at most 10 SMTP processes simultaneously on address localhost:10026 to receive the mail from the filter, and configures it so it does not loop the mail back to the external filter. And the third entry makes the master service run at most 10 instances simultaneously of the Mail Scanner to filter the mail on address localhost:10026 and advises the Mail Scanner that the SMTP daemon it is supposed to relay SMTP connections to is running on address 127.0.0.1:10026.

#######################################################################

测试



病毒测试数据:

X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
EICAR-STANDARD-ANTIVIRUS-TEST-FILE

垃圾邮件测试数据:

XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X


可以新建一个接受病毒、垃圾的邮箱,当然你也可以设置规则直接删掉它:

可以看到发往1@a.com的邮件被转到了spam@a.com

注意用户名,及收、发信人

垃圾邮件

image

image

病毒邮件


001752350.jpg

001703837.png


Scanned Modify Subject = yes

测实结果,未提示检测到病毒。

001637446.png



#################################################

2012年6月23日13:55:12

今天做项目,又把邮件做了一遍,改动如下。


vim /opt/f-prot/f-prot.conf


FPSCAND_LISTENADDRESS="127.0.0.1:10025"

#vim posfix/main.cf


content_filter = smtp:[127.0.0.1]:10025


master.cf Usage as a Postfix spawn service



localhost:10025inetnnn-10spawn
user=anybodyargv=/opt/f-prot/mailtools/scan-mail.pl-postfix 127.0.0.1:10026

或者


vim /etc/f-prot.conf


SCANMAIL_STARTUP="-daemon -proxy -proxy_address 127.0.0.1:10025 -smtp_address 127.0.0.1:10026"

或者Postfix plugin run as a standalone proxy


/opt/f-prot/mailtools/scan-mail.pl -daemon -proxy -proxy_address 127.0.0.1:10025 -smtp_address 127.0.0.1:10026

红色部分不能同时配置,发送邮件时extmail会出现如下错误


Connect to 127.0.0.1:25 fail, Net::SMTP: connect: Connection refused


telnet拒绝连接


telnet 127.0.0.1 25


Trying 127.0.0.1...
telnet: connect to address 127.0.0.1: Connection refused




135719414.png

135745252.png


######################################################################


########################################################################

实验过程中出现的错误

注意路径,拼写

注意文件、目录权限问题

Q :mysql PID file not found and Can't connect to MySQL through socket mysql.sock
A :cd /usr/local/mysql/lib/mysql/var/
rm -f $hosname.pid $hostname.err
echo `ps aux | grep mysql | grep "user=mysql" | grep -v "grep" | awk '{print $2}'`&gt;&gt; $hostname.pid


Q:
Apr 13 16:31:29 mail postfix/master[7998]: warning: process /usr/libexec/postfix/smtpd pid 8081 exit status 1
Apr 13 16:31:29 mail postfix/master[7998]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling
fatal: open database /etc/aliases.db: No such file or directory
it looks like you have files in main.cf that do not exist, check /etc/postfix/main.cf and create any needed files.
A: newalias | postmap /etc/aliases


Q:Apr 13 16:31:28 mail postfix/smtpd[8081]: fatal: open database /etc/postfix/access.db: No such file or directory
A: postmap /etc/postfix/access



Q extmail 无法发送邮件 Connect to 172.0.0.1:25 fail, Net::SMTP: connect: timeout
A fuser -k -n -tcp 25
vim /etc/postfix/main.cf
114 inet_interfaces = all
SYS_SMTP_HOST = 127.0.0.1
SYS_SMTP_PORT = 25

hostname locahost.localdoamin
Q:[root@web xinetd.d]# telnet 127.0.0.1 25
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
到这里就没有下文了
A:mynetworks = 64.146.69.0/8, 127.0.0.0/8 #
You are an open relay for the 64-class A network (64.0.0.0/8), so I suggest you FIX that. I suppose you mean for just your Class C network:
mynetworks = 127.0.0.0/8, 64.146.69.0/24
Does telnet localhost 25 work ?

vi /usr/local/lib/sasl2/smtpd.conf
pwcheck_method:authdaemond
#log_level: 3
#mech_list: PLAIN LOGIN
authdaemond_path:/usr/local/var/spool/authdaemon/socket



Q:User's home directory /var/spool/postfix is not writable
A:chown -R postfix /var/spool/postfix


Apr 13 18:28:51 mail MailScanner[11778]: User's home directory /home/postfix does not exist
Apr 13 18:28:51 mail MailScanner[11778]: User's home directory /home/postfix is not writable

Apr 13 18:28:52 mail MailScanner[11778]: Using SpamAssassin results cache
Apr 13 18:28:52 mail MailScanner[11778]: Connected to SpamAssassin cache database
Apr 13 18:28:52 mail MailScanner[11778]: Enabling SpamAssassin auto-whitelist functionality...
Apr 13 18:28:54 mail MailScanner[11684]: I have found f-prot-6 scanners installed, and will use them all by default.



Q : You need to set the "SpamAssassin User State Dir" to a directory that the "Run As User" can write to
A :SpamAssassin User State Dir = /var/spool/MailScanner/spamassassin
mkdir /var/spool/MailScanner/spamassassin
chgown postfix /var/spool/MailScanner/spamassassin

Q Shutting down scan-mail daemon/etc/init.d/scan-mail: line 64: kill: (18983) - No such process
A echo `ps aux | grep scan-mail | grep -v "grep" | awk '{print $2}'` >>/var/run/scan-mail.pid






Clamav