http://wiki.nio.name/freebsd/mail邮件服务器安装软件注:没有注明安装选项的按照默认选项安装mysqlcd /usr/ports/databases/mysql51-server/make WITH_XCHARSET=all BUILD_STATIC=yes BUILD_OPTIMIZED=yes install clean在/etc/rc.conf中加入:mysql_enable="YES"mysql_dbdir="/home/mysqldb"启动mysql/usr/local/etc/rc.d/mysql-server startextmancd /usr/ports/mail/extmanmake install cleanextman安装选项MYSQLperl安装选项PERL_64BITINTTHREADSUSE_PERLextmailcd /usr/ports/mail/extmail/make install cleanextmail安装选项MYSQLcyrus-sasl2安装cyrus-sasl2时需要打一个补丁,否则会导致smtp认证失败。这是freebsd升级到8.0后才有的问题,以后cyrus-sasl2更新时应该能解决这个问题吧。lib-checkpw.c.diff下载上面的补丁,存放至/tmp/cd /usr/ports/security/cyrus-sasl2make patchcyrus-sasl2安装选项AUTHDAEMONDLOGINPLAINCRAMDIGESTcd work/cyrus-sasl-2.1.23/libpatch checkpw.c install cleanpostfixcd /usr/ports/mail/postfixmake install cleanpostfix安装选项PCRCSASL2TLSMYSQLVDAYou need user “postfix” added to group “mail”.选择yWould you like to activate Postfix in /etc/mail/mailer.conf选择nmaildropcd /usr/ports/mail/maildrop/make WITH_AUTHLIB=yes install cleanmaildrop安装选项AUTH_MYSQLcourier-imapcd /usr/ports/mail/courier-imap/make install cleancourier-imap安装选项TRASHQUOTAAUTH_MYSQLapachecd /usr/ports/www/apache22make SUEXEC_DOCROOT=/usr/local/www install cleanapache安装选项AUTH_BASICAUTH_DIGESTAUTHN_FILEAUTHN_DBMAUTHN_ANONAUTHN_DEFAULTAUTHN_ALIASAUTHZ_HOSTAUTHZ_GROUPFILEAUTHZ_USERAUTHZ_DBMAUTHZ_OWNERAUTHZ_DEFAULTACTIONSALIASASISAUTOINDEXCERN_METACGICHARSET_LITEDEFLATEDIRDUMPIOENVEXPIRESHEADERSIMAGEMAPINCLUDEINFOLOG_CONFIGLOGIOMIMEMIME_MAGICNEGOTIATIONREWRITESETENVIFSTATUSUNIQUE_IDVHOST_ALIASFILTERVERSIONPATCH_PROXY_CONNECTSUEXECextman图形日志相关软件cd /usr/ports/databases/rrdtoolmake installpython安装选项THREADSUCS4PYMALLOCcd /usr/ports/devel/p5-File-Tailmake installcd /usr/ports/devel/p5-Time-HiResmake installdspam添加dspam用户pw group add dspam -g 1001pw user add dspam -u 1001 -g 1001 -s /sbin/nologin -d /nonexistentcd /usr/ports/mail/dspammake DSPAM_OWNER=dspam DSPAM_HOME_OWNER=dspam install cleandspam安装选项SYSLOGDEBUGDAEMONCLAMAVCLAMAV_LOCALMYSQL51MYSQL_COMPRESSMYSQL_LOCALHASHVIRT_USERSLONG_USERNAMESDOMAIN-SCALESENDMAIL_LDAWebUImake install cleanclamav安装选项ARCARJLHAUNZOOUNRARICONV配置创建虚拟用户pw group add vmail -g 1000pw user add vmail -u 1000 -g 1000 -s /sbin/nologin创建邮件目录mkdir -p /home/domains/nio.namechown -R vmail:vmail /home/domains/启动mysql在/etc/rc.conf中加入mysql_enable="YES"mysql_dbdir="/home/mysqldb"启动mysql/usr/local/etc/rc.d/mysql-server start创建数据库cd /usr/local/www/extman/docsmysql init.sql配置extman编辑/usr/local/www/extman/webman.cf,真对如下选项进行修改SYS_CONFIG = /usr/local/www/extman/SYS_LANGDIR = /usr/local/www/extman/langSYS_TEMPLDIR = /usr/local/www/extman/htmlSYS_PSIZE = 50SYS_GROUPMAIL_SENDER = [email protected]_LANG = zh_CNSYS_DEFAULT_MAXQUOTA = 20000SYS_DEFAULT_MAXALIAS = 100SYS_DEFAULT_MAXUSERS = 300SYS_DEFAULT_MAXNDQUOTA = 20000SYS_USER_DEFAULT_QUOTA = 1000SYS_USER_DEFAULT_NDQUOTA = 500SYS_USER_DEFAULT_EXPIRE = 5ySYS_MYSQL_SOCKET = /tmp/mysql.sockmkdir /tmp/extman/chown -R vmail:vmail /tmp/extman/配置cmdserver配置cmdservercd /usr/local/www/extman/daemon/chmod +x cmdserver修改/usr/local/www/extman/daemon/cmd_plugin/freebsd-cmd将my $mysql_init开头的那行改为my $mysql_init = '/usr/local/etc/rc.d/mysql-server';将my $dspam_init开头那行改为my $dspam_init = '/usr/local/etc/rc.d/dspam';启动cmdserver/usr/local/www/extman/daemon/cmdserver --daemon配置图形日志mkdir /var/libln -s /usr/local/www/extman/addon/mailgraph_ext /usr/local//usr/local/mailgraph_ext/mailgraph-init start配置extmail修改/usr/local/www/extmail/webmail.cf,对如下内容进行修改SYS_CONFIG = /usr/local/www/extmail/SYS_LANGDIR = /usr/local/www/extmail/langSYS_TEMPLDIR = /usr/local/www/extmail/htmlSYS_USER_LANG = zh_CNSYS_MESSAGE_SIZE_LIMIT = 52428800SYS_MFILTER_ON = 0SYS_MYSQL_USER = extmailSYS_MYSQL_PASS = extmailSYS_MYSQL_SOCKET = /tmp/mysql.sockmkdir /tmp/extmailchown vmail:vmail /tmp/extmail/注释掉/usr/local/www/extmail/libs/Ext/Logger/File.pm的45行#printf $fh "$time $host extmail[$$]: $msg\n", @_;否则登陆extmail后会提示Insecure dependency in printf while running with -T switch at /usr/local/www/extmail/libs/Ext/Logger/File.pm line 45.配置apache编辑/usr/local/etc/apache22/httpd.conf,取消如下vhost的注释组。Include etc/apache22/extra/httpd-vhosts.conf创建/usr/local/etc/apache22/Includes/extmail.conf,内容如下: ServerName mail.nio.name DocumentRoot /usr/local/www/extmail/html/ ScriptAlias /extmail/cgi /usr/local/www/extmail/cgi/ Alias /extmail /usr/local/www/extmail/html/ AllowOverride None Options None Order allow,deny Allow from all SuexecUserGroup vmail vmail创建/usr/local/etc/apache22/Includes/extman.conf,内容如下: ServerName extman.nio.name DocumentRoot /usr/local/www/extman/html/ ScriptAlias /extman/cgi /usr/local/www/extman/cgi/ Alias /extman /usr/local/www/extman/html/ AllowOverride None Options None Order allow,deny Allow from all SuexecUserGroup vmail vmailchown -R vmail:vmail /usr/local/www/extmailchown -R vmail:vmail /usr/local/www/extman编辑/etc/rc.conf,加入apache22_enable="YES"启动apache/usr/local/etc/rc.d/apache22 start自动跳转至extmail由于在后面还要配置dspam,均要使用到mail.nio.name这个域名,因此需要使用一个跳转html,让页面自动进入extmail。创建/usr/local/www/index.html,内容如下: -Type" CONTENT="text/html; charset=utf-8">登陆extman登陆http://mail.nio.name,修改管理员的默认密码,创建域nio.name,以及用户[email protected][email protected]。关闭sendmail关闭sendmail。在/etc/rc.conf中加入sendmail_enable="NO"sendmail_submit_enable="NO"sendmail_outbound_enable="NO"sendmail_msp_queue_enable="NO"关闭sendmail维护任务,创建/etc/periodic.conf,内容如下daily_clean_hoststat_enable="NO"daily_status_mail_rejects_enable="NO"daily_status_include_submit_mailq="NO"daily_submit_queuerun="NO"配置postfix基本设置postconf -e 'mydomain = nio.name' //设置域名,就是本机的域名postconf -e 'myhostname = mail.nio.name' //设置本机的FQDN,就是主机名+域名postconf -e 'virtual_mailbox_base = /home/domains' //设置mailbox的目录postconf -e 'virtual_uid_maps=static:1000' //设置使用mailbox的用户,就是vmail的uidpostconf -e 'virtual_gid_maps=static:1000' //设置使用mailbox的组,就是vmail的gidpostconf -e 'mynetworks = 127.0.0.1/32' //设置允许从本机发送邮件,给extmail用postconf -e 'message_size_limit = 102400000'postconf -e 'virtual_mailbox_limit = 1024000000'设置postfix读取extmail数据库cp /usr/local/www/extman/docs/mysql_virtual_alias_maps.cf /usr/local/etc/postfix/cp /usr/local/www/extman/docs/mysql_virtual_mailbox_maps.cf /usr/local/etc/postfix/cp /usr/local/www/extman/docs/mysql_virtual_domains_maps.cf /usr/local/etc/postfix/postconf -e 'virtual_alias_maps = $alias_maps, mysql:/usr/local/etc/postfix/mysql_virtual_alias_maps.cf'postconf -e 'virtual_mailbox_maps = mysql:/usr/local/etc/postfix/mysql_virtual_mailbox_maps.cf'postconf -e 'virtual_mailbox_domains = mysql:/usr/local/etc/postfix/mysql_virtual_domains_maps.cf'设置SASL2使用authdaemond认证创建/usr/local/lib/sasl2/smtpd.conf,内容如下pwcheck_method:authdaemondlog_level:3mech_list:PLAIN LOGINauthdaemond_path:/var/run/authdaemond/socket设置authlib编辑/usr/local/etc/authlib/authdaemonrc,修改如下内容authmodulelist="authmysql"authmodulelistorig="authmysql"编辑/usr/local/etc/authlib/authmysqlrc,修改如下内容MYSQL_SERVER localhostMYSQL_USERNAME extmailMYSQL_PASSWORD extmailMYSQL_PORT 3306MYSQL_DATABASE extmailMYSQL_USER_TABLE mailboxMYSQL_CRYPT_PWFIELD passwordMYSQL_UID_FIELD uidnumberMYSQL_GID_FIELD gidnumberMYSQL_LOGIN_FIELD usernameMYSQL_HOME_FIELD homedirMYSQL_MAILDIR_FIELD maildirMYSQL_QUOTA_FIELD quotaMYSQL_SELECT_CLAUSE SELECT username,password,"",uidnumber,gidnumber,\ CONCAT('/home/domains/',homedir), \ CONCAT('/home/domains/',maildir), \ quota, \ name \ FROM mailbox \ WHERE username = '$(local_part)@$(domain)'设置postfix的smtpd认证postconf -e 'smtpd_sasl_auth_enable=yes' //开启smtpd的sasl认证postconf -e 'broken_sasl_auth_clients = yes' //使postfix可以兼容一些非标准的MUApostconf -e 'smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination' //允许relay认证的SMTP客户端修改authdaemond权限mkdir /var/run/authdaemondchmod 755 /var/run/authdaemond/否则在maillog中会提示warning: SASL authentication failure: cannot connect to Courier authdaemond: Permission denied导致smtpd认证失败启动postfix及courier-authdaemond在/etc/rc.conf中添加postfix_enable="YES"courier_authdaemond_enable="YES"/usr/local/etc/rc.d/postfix start/usr/local/etc/rc.d/courier-authdaemond start测试认证authtest [email protected] password //password是这个用户的密码Authentication succeeded. Authenticated: [email protected] (uid 1000, gid 1000) Home Directory: /home/domains/nio.name/nio Maildir: /home/domains/nio.name/nio/Maildir/ Quota: 5242880SEncrypted Password: $1$vVXZqF2z$2msKkFgv/bR1RyYRKOM5D/Cleartext Password: nio Options: wbnodsn=1启动pop3d在/etc/rc.conf中添加courier_imap_pop3d_enable="YES/usr/local/etc/rc.d/courier-imap-pop3d startextmail的过滤补丁extmail在freebsd8下的黑白名单功能均正常,但对发件人、收件人、标题的过滤有问题,extmail生成的maildrop规则不正确,需要如下补丁。extmail是1.2版本此外,这部分可以不加。webmail的过滤没啥用。我直接就关了。补丁MailFilter.pm.diff内容如下:--- MailFilter.pm.orig 2010-02-02 15:51:22.000000000 +0800+++ MailFilter.pm 2010-02-02 16:05:30.000000000 +0800@@ -322,15 +322,15 @@ if ($rule->{from}) { $need_decode{from} = 1;- push @statements, "(\$FROM=~/.*".slashes($rule->{from}).".*/)";+ push @statements, "(\/^FROM:\.\*".slashes($rule->{from}).".*/)"; } if ($rule->{recipient}) { $need_decode{recipient} = 1;- push @statements, "(\$TO=~/.*".slashes($rule->{recipient}).".*/)";+ push @statements, "(\/^TO:\.\*".slashes($rule->{recipient}).".*/)"; } if ($rule->{subject}) { $need_decode{subject} = 1;- push @statements, "(\$SUBJECT=~/.*".slashes($rule->{subject}).".*/)";+ push @statements, "(\/SUBJECT:\.\*".slashes($rule->{subject}).".*/)"; } if ($hasattach) { push @statements, "(/^Content-Type: *multipart\\/mixed/)";cd /usr/local/www/extmail/libs/Ext/patch MailFilter.pm 初始化dspam数据库创建数据库及用户mysqlcreate database dspam;grant all on dspam.* to 'dspam'@'localhost' identified by 'dspam';创建数据库结构及初始化数据库cd /usr/local/share/examples/dspam/mysqlmysql -udspam -pdspam -Ddspam 配置dspam/usr/local/etc/dspam.conf配置如下:Home /var/db/dspamStorageDriver /usr/local/lib/dspam/libmysql_drv.soDeliveryHost 127.0.0.1DeliveryPort 10026DeliveryIdent localhostDeliveryProto SMTPOnFail errorTrust rootTrust postfixTrust dspamTrust wwwTRust vmailTrust mailTrust mailnullTrust smmspTrust daemonTrainingMode teftTestConditionalTraining onFeature whitelistAlgorithm graham burtonTokenizer chainPValue bcrWebStats onAllowOverride enableBNRAllowOverride enableWhitelistAllowOverride fallbackDomainAllowOverride ignoreGroupsAllowOverride ignoreRBLLookupsAllowOverride localStoreAllowOverride makeCorpusAllowOverride optInAllowOverride optOutAllowOverride optOutClamAVAllowOverride processorBiasAllowOverride RBLInoculateAllowOverride showFactorsAllowOverride signatureLocationAllowOverride spamActionAllowOverride spamSubjectAllowOverride statisticalSedationAllowOverride storeFragmentsAllowOverride tagNonspamAllowOverride tagSpamAllowOverride trainPristineAllowOverride trainingModeAllowOverride whitelistThresholdAllowOverride dailyQuarantineSummaryClamAVPort 3310ClamAVHost 127.0.0.1ClamAVResponse acceptMySQLServer /tmp/mysql.sockMySQLUser dspamMySQLPass dspamMySQLDb dspamMySQLCompress trueMySQLReconnect trueMySQLUIDInSignature onHashRecMax 98317HashAutoExtend onHashMaxExtents 0HashExtentSize 49157HashPctIncrease 10HashMaxSeek 10HashConnectionCache 10Notifications offLocalMX 127.0.0.1SystemLog onUserLog onOpt outParseToHeaders onChangeModeOnParse onChangeUserOnParse fullServerPID /var/run/dspam.pidServerMode autoServerPass.Relay1 "secret"ServerParameters "--user dspam --deliver=innocent -d %u"ServerIdent "localhost.localdomain"ServerDomainSocketPath "/tmp/dspam.sock"ClientHost /tmp/dspam.sockClientIdent "secret@Relay1"ProcessorURLContext onProcessorBias onStripRcptDomain offtouch /var/run/dspam.pidchown dspam:dspam /var/run/dspam.pid启动dspam。在/etc/rc.conf中加入dspam_enable="YES"/usr/local/etc/rc.d/dspam start配置postfix支持dspampostconf -e 'dspam_destination_recipient_limit = 1'postconf -e 'smtpd_client_restrictions = permit_mynetworks,permit_sasl_authenticated,check_client_access pcre:/usr/local/etc/postfix/dspam_filter_access'postconf -e 'enable_original_recipient = no' //设置always_bbc后放置出现重复邮件postconf -e 'always_bcc = [email protected]' //所有邮件都转发给管理员,这样管理员可以帮助学习垃圾邮件创建/usr/local/etc/postfix/dspam_filter_access,内容如下:/./ FILTER dspampostmap /usr/local/etc/postfix/dspam_filter_access在/usr/local/etc/postfix/master.cf中加入127.0.0.1:10025 inet n - n - - smtpd -o content_filter= -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks -o local_recipient_maps= -o relay_recipient_maps= -o smtpd_restriction_classes= -o smtpd_client_restrictions= -o smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o mynetworks=127.0.0.0/8 -o strict_rfc821_envelopes=yes -o smtpd_error_sleep_time=0 -o smtpd_soft_error_limit=1001 -o smtpd_hard_error_limit=1000dspam unix - n n - - pipe flags=DRhu user=dspam argv=/usr/local/bin/dspam --client --deliver=innocent,spam --user ${recipient} --mail-from=${sender}修改/usr/local/etc/postfix/master.cf,修改smtp inet n - n - - smtpd为smtp inet n - n - - smtpd -o content_filter=lmtp:unix:/tmp/dspam.sock重启postfix配置apache支持dspam webui创建/usr/local/etc/apache22/Includes/dspam.conf ServerName dspam.nio.name DocumentRoot /usr/local/www/dspam AddDefaultCharset UTF-8 AllowOverride None Options None Order allow,deny Allow from all DirectoryIndex dspam.cgi AddHandler cgi-script cgi pl Options +ExecCGI AuthType Basic AuthName "DSPAM Control Center" AuthUserFile /usr/local/www/dspam/htpasswd Require valid-user SuexecUserGroup dspam dspamchown -R dspam:dspam /usr/local/www/dspam/配置dspam webuicd /usr/local/www/dspam/cp configure.pl.sample configure.plcp default.prefs.sample default.prefecho dspam > adminshtpasswd -c htpasswd dspam让dspam webui支持中文下载dspam-unicode.tar.gz,解压缩后覆盖到/usr/local/www/dspam。修改几个cgi文件中的路径为你本机中的路径。修改dspam webui权限chown -R dspam:dspam /usr/local/www/dspam/让dspam能够通过webui修改配置cd /var/db/dspamln -s /usr/local/www/dspam/default.prefs ./chmod ug+w /usr/local/www/dspam/default.prefs让extmail支持垃圾邮件报告修改/usr/local/www/extmail/webmail.cfSYS_SPAM_REPORT_ON = 1SYS_SPAM_REPORT_TYPE = dspam编辑/usr/local/www/extmail/tools/spam_report.pl,修改my $dspam = '/usr/bin/dspamc --client --user extmail';为my $dspam = '/usr/local/bin/dspamc --client --user dspam';配置postfix的maildrop转发postconf -e 'virtual_transport = maildrop:'postconf -e 'maildrop_destination_recipient_limit = 1' //maildrop不支持一次接收多个收件人修改/usr/local/etc/postfix/master.cf,加入maildrop unix - n n - - pipe flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}修改maildroprclogfile "/home/domains/maildrop.log"DECODER="/usr/local/www/extmail/tools/decode -v"if ((/^(From|Sender|Return-Path):.*MAILER\-DAEMON/)){ BADSENDER=1} if ( /^X-DSPAM-Result:.*Spam.*/ ) { exception { to "$HOME/Maildir/.Junk/." } }dspam标示修改如果邮件内容老出现如下内容:!DSPAM:1,49179586289971925617086!将dspam的配置修改为signatureLocation=headers注意:需要修改如下几个文件中的signatureLocation/var/db/dspam/data/local/dspam/dspam.prefs/usr/local/etc/dspam.conf/usr/local/www/dspam/default.prefs修改后重启dspam即可。
02-12 08:00