基于postfix邮件网关搭建

原创

新颖 2011-11-23 11:23:27 博主文章分类：邮件服务器 ©著作权

©著作权归作者所有：来自51CTO博客作者新颖的原创作品，请联系作者获取转载授权，否则将追究法律责任

操作系统：Centos 5.X

准备以下系列软件
mysql-5.1.59.tar.gz
postfix-2.8.2.tar.gz
clamav-0.97.2-1.el5.rf.x86_64.rpm
clamav-db-0.97.2-1.el5.rf.x86_64.rpm
clamav-devel-0.97.2-1.el5.rf.x86_64.rpm
clamd-0.97.2-1.el5.rf.x86_64.rpm
MailScanner-4.84.3-1.rpm.tar.gz

准备条件
删除相关的软件包

rpm -e --nodeps mysql
rpm -e --nodeps cyrus-sasl-*
rpm -e --nodeps httpd
rpm -e --nodeps sendmail

安装rpm依赖包(已安装的就不需要安装啦)

rpm -ivh vim-common-6.3.046-0.40E.7.i386.rpm vim-enhanced-6.3.046-0.40E.7.i386.rpm
rpm -ivh pcre-devel-4.5-3.2.RHEL4.i386.rpm
yum -y install gcc ncurses-devel autoconf automake libtool g++ db4-devel

新建用户

groupadd -g 789 postfix
useradd -u 789 -g 789 -d/dev/null -s/sbin/nologin postfix
groupadd -g 13579 postdrop

开始安装
安装mysql

autoreconf --force --install
./configure \
         "--prefix=/usr/local/mysql" \
         "--localstatedir=/usr/local/mysql/data" \
         "--with-comment=Source" \
         "--with-server-suffix=-Slevin" \
         "--with-mysqld-user=mysql" \
         "--without-debug" \
         "--with-big-tables" \
         "--with-charset=utf8" \
         "--with-collation=utf8_general_ci" \
         "--with-extra-charsets=all" \
         "--with-pthread" \
         "--enable-assembler"
make&&make install

echo "/usr/local/mysql/lib/mysql/" >> /etc/ld.so.conf
ldconfig

安装postfix

make makefiles \
'CCARGS=-DHAS_MYSQL -I/usr/local/mysql/include/mysql ' \
'AUXLIBS=-L/usr/local/mysql/lib/mysql -lmysqlclient -lz -lm '
make install
/usr/bin/newaliases

这里贴出我自己的配置文件
cat /etc/postfix/main.cf

command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
html_directory = no
mail_owner = postfix
mailq_path = /usr/bin/mailq
manpage_directory = /usr/local/man
newaliases_path = /usr/bin/newaliases
queue_directory = /var/spool/postfix
readme_directory = no
sample_directory = /etc/postfix
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
unknown_local_recipient_reject_code = 550

alias_maps = hash:/etc/aliases
# hostname
mynetworks = 127.0.0.1
myhostname = mail.xxx.com
mydomains = mail.xxx.com
mydestination = $mynetworks $myhostname

inet_interfaces = all
# banner
mail_name = Postfix - by make a slevin
smtpd_banner = $myhostname ESMTP $mail_name

# response immediately
smtpd_error_sleep_time = 0s

# Message and return code control
message_size_limit = 104857600
mailbox_size_limit = 524288000
show_user_unknown_table_name = no

# Queue lifetime control
bounce_queue_lifetime = 1d
maximal_queue_lifetime = 1d

debug_peer_list=1
relay_domains=xxx.cn 设置过滤的域名
transport_maps=hash:/etc/postfix/transport 邮件路由配置文件
relay_recipient_maps=mysql:/etc/postfix/mysql_list_user.cf 收件人限制配置

#smtpd_recipient_restrictions =permit_mynetworks,reject_non_fqdn_hostname,reject_non_fqdn_sender,reject_non_fqdn_recipient,reject_unauth_destination,reject_unauth_pipelining,reject_invalid_hostname,reject_unknown_recipient_domain,reject_rbl_client cblless.anti-spam.org.cn

header_checks = regexp:/etc/postfix/header_checks MailScanner靠这个参数来对邮件进行过滤

下面贴出上面所用到的配置文件
cat /etc/postfix/transport

xxx.com smtp:[192.168.0.25]:25

cat /etc/postfix/mysql_list_user.cf

user = test
password = 000000
hosts = 192.168.0.25
dbname = email
query= SELECT email FROM user WHERE email='%s'

cat /etc/postfix/header_checks

/^Received:/ HOLD 中间空格必须是table键

运行命令

postmap /etc/postfix/transport

暂时把header_checks参数注释然后启动postfix来测试简单的路由转发是否成功

启动命令：postfix start

假设上面测试成功，那接着配置下一步的过滤

安装杀毒过滤

rpm -ivh clamav-0.97.2-1.el5.rf.x86_64.rpm   \
         clamav-db-0.97.2-1.el5.rf.x86_64.rpm     \
         clamav-devel-0.97.2-1.el5.rf.x86_64.rpm   \
         clamd-0.97.2-1.el5.rf.x86_64.rpm

配置杀毒

ln -s /usr/bin/freshclam /usr/local/bin/freshclam

/usr/local/bin/freshclam

安装spamassassin

yum -y install spamassassin

配置spamassassin

wget -N -P /usr/share/spamassassin www.ccert.edu.cn/spam/sa/Chinese_rules.cf
crontab -e
0 0 1 * * wget -N -P /usr/share/spamassassin www.ccert.edu.cn/spam/sa/Chinese_rules.cf;/etc/init.d/MailScanner restart

安装MailScanner

tar xvf MailScanner-4.84.3-1.rpm.tar.gz
cd MailScanner-4.84.3-1
./install.sh (这个过程要很久)

安装完之后修改配置文件，里面选项很多，我只把几个关键的写出来
vi /etc/MailScanner/MailScanner.conf

%org-name% = yoursite 自己定义
%org-long-name% = Your Organisation Name Here 自己定义
%web-site% = http://www.your-organisation.com/ 自己定义
Run As User = postfix
Run As Group = postfix
Incoming Queue Dir = /var/spool/postfix/hold
Outgoing Queue Dir = /var/spool/postfix/incoming
MTA = postfix
Incoming Work User = postfix
Incoming Work Group = clamav
Incoming Work Permissions = 0640
Clamd Socket = /var/run/clamav/clamd.sock
Is Definitely Spam = %rules-dir%/spam.blacklist.rules 默认没这个文件，必须要新建这个文件

给上面配置选项的目录赋予权限

cd /var/spool/MailScanner/
mkdir spamassassin
mkdir .spamassassin
chown -R postfix:clamav /var/spool/MailScanner/incoming
chown -R postfix:postfix /var/spool/MailScanner/quarantine
chown -R postfix:postfix /var/spool/MailScanner/spamassassin

接着取消postfix的main.cf文件的header_checks注释

启动所有程序

chkconfig spamassassin on
chkconfig MailScanner on
/etc/init.d/clamd start
/etc/init.d/spamassassin start
/etc/init.d/MailScanner start

查看/var/log/maillog,自己测试发送邮件，如果日志没报错并且能够成功过滤就说明发送成功了