默认方式安装RHEL5,不选中任何类型服务器(如WEB服务器,开发服务器,虚拟服务器等)
[root@rhel5 ~]# /etc/rc.d/init.d/sendmail stop
关闭 sm-client: [确定]
关闭 sendmail: [确定]
[root@rhel5 ~]# chkconfig sendmail off
[root@rhel5 Server]# rpm -ivh postfix-2.3.3-2.i386.rpm
[root@rhel5 Server]# vi /etc/postfix/main.cf
myhostname = mail.mailidc.cn #设置运行postfix服务的邮件主机的主机名、域名
mydomain = mailidc.cn
myorigin = $mydomain #设置由本机寄出的邮件所使用的域名或主机名称
inet_interfaces = all #设置postfix服务监听的网络接口
mydestination = $myhostname, $mydomain, localhost.$mydomain, localhost #设置可接收邮件的主机名称或域名
mynetworks = 127.0.0.1 #设置可转发哪些网络的邮件
relay_domains = $mydestination #设置可转发哪些网域的邮件
保存文件。
检查postfix的配置:
[root@rhel5 Server]# postconf Cn
[root@rhel5 ~]# chkconfig postfix on
postfix加入到root的组:
# usermod -G root postfix
SMTP认证的配置
安装cyrus-sasl
1、确认cyrus-sasl是否安装了
[root@rhel5 Server]# rpm -qa|grep cyrus
cyrus-sasl-plain-2.1.22-4
cyrus-sasl-lib-2.1.22-4
cyrus-sasl-2.1.22-4
Cyrus-SASL V2的密码验证机制
[root@rhel5 ~]# saslauthd -v
saslauthd 2.1.22
authentication mechanisms: getpwent kerberos5 pam rimap shadow ldap
我们准备用的是shadow的密码验证机制。
vi /etc/sysconfig/saslauthd
MECH=shadow
启动sasl的daemon并测试:
# service saslauthd start
# /usr/sbin/testsaslauthd -u 帐号 -p '密码'
0: OK "Success." =>帐号验证成功了
[root@rhel5 ~]# chkconfig saslauthd on
设置postfix启用SMTP认证
[root@rhel5 Server]# vi /etc/postfix/main.cf
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain= ''
smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,
reject_unauth_destination
broken_sasl_auth_clients = yes
smtpd_client_restrictions = permit_sasl_authenticated
smtpd_sasl_security_options = noanonymous
wq!保存
此外,由于当postfix要使用SMTP认证时,会读取/usr/lib/sasl2/smtpd.conf文件的内容以确定所采用的认证方式,所以必须保证/usr/lib/sasl2/smtpd.conf文件的内容是:
pwcheck_method: saslauthd
安装设定dovecot(imap、pop3):
1、确认dovecot是否有安装:
[root@rhel5 ~]# rpm -qa|grep dovecot
dovecot-1.0-1.2.rc15.el5
2、设定用pop3来收取信件:
#vi /etc/dovecot.conf
protocols = pop3 # imap imaps pop3 pop3s 支持的功能
3、启动并测试:
#service dovecot start
# telnet localhost 110
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
+OK dovecot ready.
user 账号
+OK
pass 密码
+OK Logged in.
[root@rhel5 ~]# chkconfig dovecot on
到这里postfix、Cyrus SASL、dovecot就可以正常工作了。
让postfix支持MailScanner、spamassassin、f-prot
A、安装 F-PROT (F-PROT Antivirus for Linux)
从http://files.f-prot.com/files/linux-x86/fp-linux-ws.rpm下载 f-prot
[root@rhel5 ~]# rpm -ivh fp-linux-ws.rpm
B、安装MailScanner
下载http://www.mailscanner.info/file ... 4.60.8-1.rpm.tar.gz
版本.rpm.tar.gz
(这里可能会少些perl的套件,出现错误讯息!请照着错误讯息要的rpm装完即可!)
# tar zxvf MailScanner-4.60.8-1.rpm.tar.gz
# cd MailScanner-4.60.8-1
# ./install.sh
C、安装spamassassin
1、确认spamassassin是否有安装:
# rpm -qa |grep spam
如没有安装就安装该包
[root@rhel5 Server]# rpm -ivh spamassassin-3.1.7-4.el5.i386.rpm
2建立Mailscanner支持spamassassin所需的目录:
# mkdir /var/spool/MailScanner/spamassassin
# chmod 700 /var/spool/MailScanner/spamassassin
# chown postfix.postfix /var/spool/MailScanner/spamassassin
3、修改spamassassin的设定档local.cf
可到站点http://www.yrex.com/spam/spamconfig.php自动生成local.cf的内容。
# vi /etc/mail/spamassassin/local.cf
# How many hits before a message is considered spam.
required_hits 5.0
# Whether to change the subject of suspected spam
rewrite_subject 1
# Text to prepend to subject if rewrite_subject is used
subject_tag *****SPAM*****
# Encapsulate spam in an attachment
report_safe 1
# Use terse version of the spam report
use_terse_report 0
# Enable the Bayes system
use_bayes 1
# Enable Bayes auto-learning
auto_learn 1
# Enable or disable network checks
skip_rbl_checks 1
use_razor2 0
use_dcc 0
use_pyzor 0
# Mail using languages used in these country codes will not be marked
# as being possibly spam in a foreign language.
ok_languages all
# Mail using locales used in these country codes will not be marked
# as being possibly spam in a foreign language.
ok_locales all
4、启动spamassassin
# service spamassassin start
MailScanner设定
1修改MailScanner.conf
# vi /etc/MailScanner/MailScanner.conf
Run As User = postfix
Run As Group = postfix
Incoming Queue Dir = /var/spool/postfix/hold
Outgoing Queue Dir = /var/spool/postfix/incoming
MTA = postfix
Virus Scanners = f-prot
Always Include SpamAssassin Report = yes
Use SpamAssassin = yes
Required SpamAssassin Score = 4
SpamAssassin User State Dir = /var/spool/MailScanner/spamassassin
SpamAssassin Install Prefix = /usr/bin
SpamAssassin Local Rules Dir = /etc/MailScanner
2、修改 postfix支持mailscanner
# vi /etc/postfix/main.cf
变更以下的值
header_checks = regexp:/etc/postfix/header_checks
# vi /etc/postfix/header_checks
/^Received:/ HOLD
注意, 在 / 之前不可以有空白!
3、变更目录权限
# chown postfix.postfix /var/spool/MailScanner/incoming
# chown postfix.postfix /var/spool/MailScanner/quarantine
停止postfix执行、启动MailScanner
# service postfix stop
# chkconfig postfix off
# service MailScanner start
设定MailScanner,当MTA = postfix时,会自己启动postfix,如有设定启动postfix的请先将它停掉
4、定期更新病毒定义文件
# crontab -e
0 4 * * * /usr/local/f-prot/tools/check-updates.pl
并将原本在/etc/cron.hourly/update_virus_scanners 删除掉
测试SpamAssassin
发一封邮件带如下内容,接收后,标题应该带有标记:
XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X
这样,我们就已经搭建起一个基本的邮件系统。