博客首页
注册
建议与交流
排行榜
加入友情链接
推荐
投诉
搜索:
帮助
wangqh_2008
超越梦想
wangqh2008.cublog.cn
管理博客
发表文章
留言
收藏夹
· AIX
· blog_address
· 软件收藏
· 视频教程,文档
· 生活
· 数据库
}
· db2
· mysql
· oracle
· postsql
· sqlserver
· FreeBSD
· HR
· 外语学习
}
· 日语
· 英语
· IBM websphere
· 通信传输与语音交换
· 网络
}
· cisco
· d-link
· 无线网络
· 常用技巧
· 常见故障
· 方案
· 华为
· linux
}
· CVS
· FTP
· http
· mantis
· pell
· shell
· 安装
· 常用网址下载
· 常用服务配置
· 常用技巧
· 学用Lotus
· 娱乐游戏
· 邮件相关
}
· exchange
· extmail
· postfix
· qmail
· sendmail
· 其他
· 音乐
· slaris
· VPN
· windows
}
· 日常维护
· Vista
· windows2003server
· windows2008server
· windows7
· xp
· 安装
· 常用服务配置
· 培训
· 企业应用
· 汽车驾驶
· 安全相关
}
· 防火墙
· 笔记本杂谈
· 备份与恢复
· 常用链接
· 常用网络地址收藏
· 存储
· 电话系统
· 方案文档下载
· 服务集群
· 负载均衡
· 租房网站
博客圈
音乐
相册
· softbrain
文章
· 生活
· 数据库
}
· DB2
· mysql
· oracle
· postsql
· sqlserver
· 常见问题解决方案
· 通信传输与语音交换
· 网络技术
}
· 3com
· cisco
· D-Link
· 网络基础知识
· 无线网络
· TP-Link
· VPN
· 北电
· 常见问题解决方案
· 华为
· mail服务器
}
· exchange
· extmail
· iredmail
· postfix邮件系统
· postfix反垃圾反病毒
· qmail邮件系统
· sendmail邮件系统
· 学习
· 娱乐
· 娱乐与游戏
· 应用服务器
}
· 论坛
· cvs服务器
· OA
· 硬件故障与检测
· VOIP
· websphere
· 企业ERP解决方案
· 企业应用
}
· dabases
· linux
· network
· windows
· 开源监控与IT管理
· 汽车驾驶
· 安全相关
}
· 网络安全
· linux安全
· windows安全
· 备份与恢复
· 操作系统
}
· AIX
· FreeBSD
· linux
· solaris
· windows VISTA
· windows2003server
· windows2008server
· windows7
· windowsxp
· 常见问题解决方案
· 存储
· 电脑装机指南
· 电话系统
· 防火墙
}
· cisco防火墙
· netcsreen
· 方案
· 负载均衡
· 集群
· 健身
· 经验与技巧
首页
关于作者
姓名:jerry 职业: 年龄: 位置:AM地 个性介绍: MSN:wangqh_2008@hotmail.com
||
<<
>>
||
我的分类
文章列表 - mail服务器
经验: 维护Exchange Server 2003 邮件服务器
<DIV> <DIV id=threadtitle> <H1>经验: 维护Exchange Server 2003 邮件服务器</H1></DIV> <DIV class=t_msgfontfix> <TABLE cellSpacing=0 cellPadding=0> <TBODY> <TR> <TD class=t_msgfont id=postmessage_7154464><FONT style="FONT-SIZE: 12px">前段时间一直有网友在问的问题.<BR>问题一:<BR>随着时间增长,邮件<SPAN class=t_tag onclick=tagshow(event) href="tag.php?name=%B7%FE%CE%F1%C6%F7">服务器</SPAN>邮箱存储占用的空间会不断加大,就算在客户端把邮件删除,可服务器存储邮件占用的空间还是没有减少,这是怎么回事?<BR>问题二:<BR>我的邮件服务器已经好几年啦,怎么样才能把邮箱<SPAN class=t_tag onclick=tagshow(event) href="tag.php?name=%D3%C3%BB%A7">用户</SPAN>比较老的邮件<SPAN class=t_tag onclick=tagshow(event) href="tag.php?name=%D7%D4%B6%AF">自动</SPAN>删除,不让它占用服务器的空间?<BR><BR>就是由这两个问题写了篇文章:<BR>我的办法是做收件人策略+备份,减少邮件存储与及日志<SPAN class=t_tag onclick=tagshow(event) href="tag.php?name=%CE%C4%BC%FE">文件</SPAN>占用服务器空间.(这个<SPAN class=t_tag onclick=tagshow(event) href="tag.php?name=%CA%FD%BE%DD%BF%E2">数据库</SPAN>文件和日志文件是占空间的主要文件).<BR><BR>环境如下:<BR>一台服务器作为DC(contoso.msft)+EXCHANGE,一台加入域(contoso,msft)的客户端.<BR><BR><IMG id=img_0.9757822263003224 style="CURSOR: pointer" height=171 alt="" src="http://blog.ixpub.net/attachments/2008/11/14637836_200811061012021KawG.gif" width=600><BR>环境已搭建好,为了测试自动删除过期邮件,空间占用问题,先给用户发封大邮件,让用户占用服务器空间.<BR>在域内,用户c给用户m(用户实验前已建立)发封大邮件(邮件带附件).<BR>在发之前先检查<SPAN class=t_tag onclick=tagshow(event) href="tag.php?name=%CA%FD%BE%DD">数据</SPAN>库以及日志占用空间大小.<BR><BR><IMG id=img_0.11651958839011855 height=523 alt="" src="http://blog.ixpub.net/attachments/2008/11/14637836_200811061012022Ovtw.gif" width=502><BR><BR>内网邮箱用户互发邮件,占用服务器存储空间.<BR><BR><IMG id=img_0.5728858699094733 height=404 alt="" src="http://blog.ixpub.net/attachments/2008/11/14637836_200811061012023TPIx.gif" width=492><BR><BR><IMG id=img_0.3441184317516142 height=417 alt="" src="http://blog.ixpub.net/attachments/2008/11/14637836_200811061012024x5fo.gif" width=465><BR><BR>检查邮箱,服务器占用空间.(服务器一下涨了好多)<BR><IMG id=img_0.06725197508025254 style="CURSOR: pointer" height=343 alt="" src="http://blog.ixpub.net/attachments/2008/11/14637836_2008110610120258myP.gif" width=600><BR><IMG height=470 alt="" src="http://blog.ixpub.net/attachments/2008/11/14637836_200811061012026OoVt.gif" width=496><BR><IMG height=481 alt="" src="http://blog.ixpub.net/attachments/2008/11/14637836_200811061012027R4pF.gif" width=376><BR>这时可把邮件认为是老邮件,建立收件人邮箱<SPAN class=t_tag onclick=tagshow(event) href="tag.php?name=%B9%DC%C0%ED">管理</SPAN>器策略来管理邮件.<BR>如把2天前的大于是10240k的邮件删除.<BR><IMG height=345 alt="" src="http://blog.ixpub.net/attachments/2008/11/14637836_2008110610120287lKB.gif" width=564><BR>把策略用于用户c和m.<BR>策略<SPAN class=t_tag onclick=tagshow(event) href="tag.php?name=%C9%E8%D6%C3">设置</SPAN>如下:<BR><IMG height=424 alt="" src="http://blog.ixpub.net/attachments/2008/11/14637836_2008110610120292FHU.gif" width=481><BR>让策略立刻生效.<BR><IMG style="CURSOR: pointer" height=287 alt="" src="http://blog.ixpub.net/attachments/2008/11/14637836_2008110610120210W5GZ.gif" width=600><BR><IMG height=483 alt="" src="http://blog.ixpub.net/attachments/2008/11/14637836_2008110610120211dDbU.gif" width=534><BR>验证结果.把时间手工调整一下,如改到3天后.<BR>当前时间,以及3天后时间.邮箱大小变化情况.<BR><IMG height=371 alt="" src="http://blog.ixpub.net/attachments/2008/11/14637836_2008110610120212GdAH.gif" width=577><BR><BR><IMG style="CURSOR: pointer" height=432 alt="" src="http://blog.ixpub.net/attachments/2008/11/14637836_20081106101202138mLf.gif" width=600><BR><BR>客户端邮件已被删除,所以在服务看邮箱存储占用空间大小已经减少.<BR>过期邮件已处理完毕,下面来释放空间.<BR>这时候存储在物理磁盘的空间并没有减少,主要由数据库文件和日志文件组成.<BR>可通过碎片整理和压缩来减少数据库空间,通过备份来删除日志文件.<BR><BR><IMG height=367 alt="" src="http://blog.ixpub.net/attachments/2008/11/14637836_2008110610120214BfnB.gif" width=545><BR><BR>做碎片整理和压缩数据库,做的是脱机数据库整理.<BR><BR>参考文章:<BR><BR><FONT color=#0000ff>http://support.microsoft.com/kb/328804/zh-cn</FONT><BR><BR><FONT color=#0000ff>http://support.microsoft.com/kb/192185/zh-cn</FONT><BR><BR>先检查数据库大小.主要由priv1.edb和priv1.stm构成.<BR><BR><IMG height=411 alt="" src="http://blog.ixpub.net/attachments/2008/11/14637836_20081106101202155ZK7.gif" width=537><BR><BR>1. 在 Exchange <SPAN class=t_tag onclick=tagshow(event) href="tag.php?name=%CF%B5%CD%B3">系统</SPAN>管理器中,右键单击要进行碎片整理的信息存储,然后单击卸除存储。 <BR>2. 在<SPAN class=t_tag onclick=tagshow(event) href="tag.php?name=%C3%FC%C1%EE">命令</SPAN>提示符处,更改至 Exchsrvr\Bin 文件夹,然后键入 eseutil /d 命令、数据库开关以及要使用的任何选项。 <BR>例如,以下命令在邮箱存储数据库上运行标准的碎片整理实用<SPAN class=t_tag onclick=tagshow(event) href="tag.php?name=%B9%A4%BE%DF">工具</SPAN>: <BR>C:\program files\exchsrvr\bin> eseutil /d c:\progra~1\exchsrvr\mdbdata\priv1.edb<BR><BR><IMG height=331 alt="" src="http://blog.ixpub.net/attachments/2008/11/14637836_2008110610120216EHZu.gif" width=524><BR><BR><IMG style="CURSOR: pointer" height=280 alt="" src="http://blog.ixpub.net/attachments/2008/11/14637836_2008110610120217FlSA.gif" width=600><BR><BR><IMG style="CURSOR: pointer" height=491 alt="" src="http://blog.ixpub.net/attachments/2008/11/14637836_2008110610120218VVhK.gif" width=600><BR><BR>结果.<BR><BR><IMG height=306 alt="" src="http://blog.ixpub.net/attachments/2008/11/14637836_2008110610120219kq2E.gif" width=447><BR><BR><IMG height=404 alt="" src="http://blog.ixpub.net/attachments/2008/11/14637836_2008110610120220fl83.gif" width=422><BR><BR>现在空间大小主要是由日志文件占用.通过备份可以清除日志文件,用于释放更多的空间.<BR><BR>参考文章:<BR><BR><FONT color=#0000ff>http://www.5dmail.net/bbs/viewthread.php?tid=55926&extra=page%3D1%26amp%3Bfilter%3Ddigest</FONT><BR><BR>由楼上的图可看出没备份前空间占用情况.<BR><BR>调出ntbackup,对Exchange 的”Information Store“存储组的所有数据库备份.<BR><BR><IMG style="CURSOR: pointer" height=428 alt="" src="http://blog.ixpub.net/attachments/2008/11/14637836_2008110610120221OpRO.gif" width=600><BR><BR>结果log文件减少.空出磁盘空间.<BR><BR><IMG height=490 alt="" src="http://blog.ixpub.net/attachments/2008/11/14637836_2008110610120222o28m.gif" width=437><BR><BR>在这里浅谈了邮件管理和空间占用的问题,希望能对存在这问题的朋友有所帮助...</FONT><BR><STRONG>附件:</STRONG><BR></TD></TR></TBODY></TABLE></DIV></DIV>
查看全文
发表于:2009-03-25 ┆
阅读(261)
┆
评论(0)
http://hi.chinaunix.net/?uid-133135.html
<DIV> <DIV id=wrap> <DIV id=header> <DIV id=spacename> <DIV id=xspace-spacename><STRONG><FONT size=4>MichaelBibby的个人空间</FONT></STRONG> <P><A class=xspace-copyurl title=复制地址 onclick="javascript:setCopy('http://hi.chinaunix.net/?133135');" href="javascript:;">copy</A> <A class=xspace-add2fav title=加入收藏 onclick="javascript:addBookmark('MichaelBibby的个人空间','http://hi.chinaunix.net/?133135');return false;" href="http://hi.chinaunix.net/?133135">Bookmark</A> http://hi.chinaunix.net/?133135 </P></DIV></DIV> <DIV id=menu> <UL id=xspace-menu> <LI><A class=xspace-blog href="http://hi.chinaunix.net/?uid-133135-action-spacelist-type-blog">日志</A> </LI> <LI><A class=xspace-image href="http://hi.chinaunix.net/?uid-133135-action-spacelist-type-image">相册</A> </LI> <LI><A class=xspace-file href="http://hi.chinaunix.net/?uid-133135-action-spacelist-type-file">软件</A> </LI> <LI><A class=xspace-link href="http://hi.chinaunix.net/?uid-133135-action-spacelist-type-link">书签</A> </LI> <LI><A class=xspace-video href="http://hi.chinaunix.net/?uid-133135-action-spacelist-type-video">视频</A> </LI> <LI><A class=xspace-friend href="http://hi.chinaunix.net/?uid-133135-action-spacelist-type-friend">好友</A> </LI> <LI><A class=xspace-mybbs href="http://hi.chinaunix.net/?uid-133135-action-spacelist-type-bbs">论坛</A> </LI> <LI><A class=xspace-guestbook href="http://hi.chinaunix.net/?uid-133135-action-viewpro">留言</A> </LI> <LI><A class=xspace-more href="http://hi.chinaunix.net/?uid-133135-action-spacelist-type-model">更多</A> </LI></UL></DIV></DIV> <DIV class=xspace-layout1 id=content> <DIV class=mainarea-side id=mainarea> <DIV id=xspace-guide><A class=xspace-spacecp href="http://hi.chinaunix.net/batch.manage.php?uid=133135" target=_blank>空间管理</A> 您的位置: <A href="http://hi.chinaunix.net/" target=_blank><FONT color=#000066>ChinaUnix个人空间</FONT></A> » <A href="http://hi.chinaunix.net/?uid-133135"><FONT color=#000066>MichaelBibby的个人空间</FONT></A> » <A href="http://hi.chinaunix.net/?uid-133135"><FONT color=#000066>空间首页</FONT></A> </DIV> <DIV id=mythread> <H3 class=xspace-blocktitle><A class=more href="http://hi.chinaunix.net/?uid-133135-action-spacelist-type-bbs">更多</A>我的主题</H3> <UL class=xspace-itemlist> <LI class=xspace-loglist> <H4 class=xspace-entrytitle><A href="http://bbs.chinaunix.net/viewthread.php?tid=1332707" target=_blank><FONT color=#000066>开源邮件方案之 iRedMail-0.3.2 及 iRedOS-0.1.2 正式版发布</FONT></A></H4> <P class=xspace-smalltxt><A class=xspace-smalltxt href="http://bbs.chinaunix.net/redirect.php?tid=1332707&goto=lastpost#lastpost" target=_blank>2008-12-12 13:34:34</A> / <A class=xspace-smalltxt href="http://bbs.chinaunix.net/forumdisplay.php?fid=14" target=_blank>Mail服务器</A></P> <DIV class=xspace-itemmessage id=xspace-item-t1332707>Hi, all.iRedMail-0.3.2 稳定版发布了。下载地址:http://code.google.com/p/iredmail/downloads/listiRedOS-0.1.2 的 ISO 镜像也已就绪,您可以从以下地址下载:http://www.iredmail.org/iRedOS/0.3.2 主要是基于 0.3.1 做了一些 bug 修正,完善已有组件的功能,并更新了少量软件包。升级文档我们将会.</DIV> <P class=xspace-itemlinks><A href="http://bbs.chinaunix.net/viewthread.php?tid=1332707" target=_blank><FONT color=#000066>查看(520)</FONT></A> <A href="http://bbs.chinaunix.net/post.php?action=reply&fid=14&tid=1332707" target=_blank><FONT color=#000066>评论(16)</FONT></A> </P></LI> <LI class=xspace-loglist> <H4 class=xspace-entrytitle><A href="http://bbs.chinaunix.net/viewthread.php?tid=1325030" target=_blank><FONT color=#000066>iRedOS-0.1.2-beta1 发布,请大家帮忙测试</FONT></A></H4> <P class=xspace-smalltxt><A class=xspace-smalltxt href="http://bbs.chinaunix.net/redirect.php?tid=1325030&goto=lastpost#lastpost" target=_blank>2008-12-02 20:33:04</A> / <A class=xspace-smalltxt href="http://bbs.chinaunix.net/forumdisplay.php?fid=14" target=_blank>Mail服务器</A></P> <DIV class=xspace-itemmessage id=xspace-item-t1325030>Hi, all.iRedOS-0.1.2-beta1 发布了。下载地址:http://www.iredmail.org/iRedOS/0.1.2/iRedOS-0.1.2 包含 iRedMail-0.3.2 的最新测试版本,并修正了 iRedOS-0.1.1里无法自行设置网络和主机名的问题。以下是 0.3.2-beta1 及发布之后修正的一些问题:* 增加补丁用于让 ExtMail 自行创建用户的 ma.</DIV> <P class=xspace-itemlinks><A href="http://bbs.chinaunix.net/viewthread.php?tid=1325030" target=_blank><FONT color=#000066>查看(215)</FONT></A> <A href="http://bbs.chinaunix.net/post.php?action=reply&fid=14&tid=1325030" target=_blank><FONT color=#000066>评论(3)</FONT></A> </P></LI> <LI class=xspace-loglist> <H4 class=xspace-entrytitle><A href="http://bbs.chinaunix.net/viewthread.php?tid=1322889" target=_blank><FONT color=#000066>请帮忙测试:用于 ExtMail 的自动创建用户邮箱补丁</FONT></A></H4> <P class=xspace-smalltxt><A class=xspace-smalltxt href="http://bbs.chinaunix.net/redirect.php?tid=1322889&goto=lastpost#lastpost" target=_blank>2008-11-29 18:38:58</A> / <A class=xspace-smalltxt href="http://bbs.chinaunix.net/forumdisplay.php?fid=14" target=_blank>Mail服务器</A></P> <DIV class=xspace-itemmessage id=xspace-item-t1322889>Hi, all.如果你只使用 ExtMail 而没有使用 ExtMan,相信你在添加新用户之后立即登录 ExtMail,都会无法登录并得到类似的错误信息:Can't chdir to /home/vmail/a.cn/www/, no such file or directory.这是由于 ExtMail 并不自动建立用户邮箱目录导致的。这个补丁的作用就是让 ExtMail 在检测到用户邮箱不存在的时候自.</DIV> <P class=xspace-itemlinks><A href="http://bbs.chinaunix.net/viewthread.php?tid=1322889" target=_blank><FONT color=#000066>查看(290)</FONT></A> <A href="http://bbs.chinaunix.net/post.php?action=reply&fid=14&tid=1322889" target=_blank><FONT color=#000066>评论(2)</FONT></A> </P></LI> <LI class=xspace-loglist> <H4 class=xspace-entrytitle><A href="http://bbs.chinaunix.net/viewthread.php?tid=1320907" target=_blank><FONT color=#000066>开源邮件方案 iRedMail-0.3.2-beta1 发布。希望大家帮忙测试</FONT></A></H4> <P class=xspace-smalltxt><A class=xspace-smalltxt href="http://bbs.chinaunix.net/redirect.php?tid=1320907&goto=lastpost#lastpost" target=_blank>2008-11-27 10:27:28</A> / <A class=xspace-smalltxt href="http://bbs.chinaunix.net/forumdisplay.php?fid=14" target=_blank>Mail服务器</A></P> <DIV class=xspace-itemmessage id=xspace-item-t1320907>Hi, all.iRedMail-0.3.2-beta1 发布了。下载地址:http://code.google.com/p/iredmail/downloads/list0.3.2-beta1 主要是基于 0.3.1 做了一些 bug 修正,完善已有组件的功能,并更新了少量软件包。iRedOS 将会在 iRedMail-0.3.2 正式版发布的时候同时提供下载。之前的版本可以从以下地址下载:htt.</DIV> <P class=xspace-itemlinks><A href="http://bbs.chinaunix.net/viewthread.php?tid=1320907" target=_blank><FONT color=#000066>查看(543)</FONT></A> <A href="http://bbs.chinaunix.net/post.php?action=reply&fid=14&tid=1320907" target=_blank><FONT color=#000066>评论(19)</FONT></A> </P></LI> <LI class=xspace-loglist> <H4 class=xspace-entrytitle><A href="http://bbs.chinaunix.net/viewthread.php?tid=1317777" target=_blank><FONT color=#000066>iRedMail 开源邮件服务解决方案开通官方 QQ 群</FONT></A></H4> <P class=xspace-smalltxt><A class=xspace-smalltxt href="http://bbs.chinaunix.net/redirect.php?tid=1317777&goto=lastpost#lastpost" target=_blank>2008-11-23 18:19:29</A> / <A class=xspace-smalltxt href="http://bbs.chinaunix.net/forumdisplay.php?fid=14" target=_blank>Mail服务器</A></P> <DIV class=xspace-itemmessage id=xspace-item-t1317777>Hi, all.iRedMail 开源邮件服务解决方案项目开通了官方的 QQ 群,欢迎大家加入:75161448。iRedMail 项目主页:http://code.google.com/p/iredmail/</DIV> <P class=xspace-itemlinks><A href="http://bbs.chinaunix.net/viewthread.php?tid=1317777" target=_blank><FONT color=#000066>查看(378)</FONT></A> <A href="http://bbs.chinaunix.net/post.php?action=reply&fid=14&tid=1317777" target=_blank><FONT color=#000066>评论(2)</FONT></A> </P></LI> <LI class=xspace-loglist> <H4 class=xspace-entrytitle><A href="http://bbs.chinaunix.net/viewthread.php?tid=1302374" target=_blank><FONT color=#000066>提供 OpenBSD 4.4 镜像站点:http://www.iredmail.org/openbsd/</FONT></A></H4> <P class=xspace-smalltxt><A class=xspace-smalltxt href="http://bbs.chinaunix.net/redirect.php?tid=1302374&goto=lastpost#lastpost" target=_blank>2008-11-02 14:17:06</A> / <A class=xspace-smalltxt href="http://bbs.chinaunix.net/forumdisplay.php?fid=5" target=_blank>BSD</A></P> <DIV class=xspace-itemmessage id=xspace-item-t1302374>Hi, all.这里提供 OpenBSD 4.4 镜像站点:http://www.iredmail.org/openbsd/服务器及带宽资源是由 zhujibo@gmail 赞助给 iRedMail 开源邮件服务解决方案项目的,在此感谢 zhujibo@gmail。^_^目前只提供 i386, amd64 两个平台,packages 还在同步中。</DIV> <P class=xspace-itemlinks><A href="http://bbs.chinaunix.net/viewthread.php?tid=1302374" target=_blank><FONT color=#000066>查看(763)</FONT></A> <A href="http://bbs.chinaunix.net/post.php?action=reply&fid=5&tid=1302374" target=_blank><FONT color=#000066>评论(10)</FONT></A> </P></LI> <LI class=xspace-loglist> <H4 class=xspace-entrytitle><A href="http://bbs.chinaunix.net/viewthread.php?tid=1297919" target=_blank><FONT color=#000066>紧急:快帮忙 Kevlo 测试 scim 输入法的几个 ports</FONT></A></H4> <P class=xspace-smalltxt><A class=xspace-smalltxt href="http://bbs.chinaunix.net/redirect.php?tid=1297919&goto=lastpost#lastpost" target=_blank>2008-10-27 20:07:45</A> / <A class=xspace-smalltxt href="http://bbs.chinaunix.net/forumdisplay.php?fid=5" target=_blank>BSD</A></P> <DIV class=xspace-itemmessage id=xspace-item-t1297919>Hi, all.台湾的 OpenBSD 开发人员 Kevlo 制作了 scim 的 ports,并已发布到 ports@ 邮件列表,恳请各位 OpenBSD 爱好者尽快帮忙测试,并将测试结果发到邮件列表里,这样才能使 ports 尽快进去官方的 ports tree。地址在以下链接的第三页:http://www.openbsdonly.org/viewtopic.php?f=17&t=607&st=0&sk=t&sd=a.</DIV> <P class=xspace-itemlinks><A href="http://bbs.chinaunix.net/viewthread.php?tid=1297919" target=_blank><FONT color=#000066>查看(316)</FONT></A> <A href="http://bbs.chinaunix.net/post.php?action=reply&fid=5&tid=1297919" target=_blank><FONT color=#000066>评论(3)</FONT></A> </P></LI> <LI class=xspace-loglist> <H4 class=xspace-entrytitle><A href="http://bbs.chinaunix.net/viewthread.php?tid=1296709" target=_blank><FONT color=#000066>在 OpenBSD 4.4 上搭建中文语言环境</FONT></A></H4> <P class=xspace-smalltxt><A class=xspace-smalltxt href="http://bbs.chinaunix.net/redirect.php?tid=1296709&goto=lastpost#lastpost" target=_blank>2008-10-25 21:58:30</A> / <A class=xspace-smalltxt href="http://bbs.chinaunix.net/forumdisplay.php?fid=5" target=_blank>BSD</A></P> <DIV class=xspace-itemmessage id=xspace-item-t1296709>文档整理中:http://code.google.com/p/openbsdonly/wiki/ChineseEnv_OpenBSD_44欢迎大家补充。^_^</DIV> <P class=xspace-itemlinks><A href="http://bbs.chinaunix.net/viewthread.php?tid=1296709" target=_blank><FONT color=#000066>查看(1329)</FONT></A> <A href="http://bbs.chinaunix.net/post.php?action=reply&fid=5&tid=1296709" target=_blank><FONT color=#000066>评论(13)</FONT></A> </P></LI> <LI class=xspace-loglist> <H4 class=xspace-entrytitle><A href="http://bbs.chinaunix.net/viewthread.php?tid=1295621" target=_blank><FONT color=#000066>文泉驿字体进入 OpenBSD ports tree,呼吁测试 scim</FONT></A></H4> <P class=xspace-smalltxt><A class=xspace-smalltxt href="http://bbs.chinaunix.net/redirect.php?tid=1295621&goto=lastpost#lastpost" target=_blank>2008-10-24 12:12:25</A> / <A class=xspace-smalltxt href="http://bbs.chinaunix.net/forumdisplay.php?fid=5" target=_blank>BSD</A></P> <DIV class=xspace-itemmessage id=xspace-item-t1295621>Hi, all.台湾的 OpenBSD 开发人员 Kevlo 已经将文泉驿字体提交进 ports tree,在此希望大家帮忙测试。并且希望大家帮忙测试中文输入法。详细信息请看 OpenBSDonly.org 的帖子:http://www.openbsdonly.org/viewtopic.php?f=17&t=607&start=0&st=0&sk=t&sd=a文档整理中:- 在 OpenBSD 4.4 上搭建中文.</DIV> <P class=xspace-itemlinks><A href="http://bbs.chinaunix.net/viewthread.php?tid=1295621" target=_blank><FONT color=#000066>查看(760)</FONT></A> <A href="http://bbs.chinaunix.net/post.php?action=reply&fid=5&tid=1295621" target=_blank><FONT color=#000066>评论(11)</FONT></A> </P></LI> <LI class=xspace-loglist> <H4 class=xspace-entrytitle><A href="http://bbs.chinaunix.net/viewthread.php?tid=1294002" target=_blank><FONT color=#000066>开源邮件服务解决方案 iRedMail-0.3.1,iRedOS-0.1.1 稳定版(bug fix)发布</FONT></A></H4> <P class=xspace-smalltxt><A class=xspace-smalltxt href="http://bbs.chinaunix.net/redirect.php?tid=1294002&goto=lastpost#lastpost" target=_blank>2008-10-22 12:48:51</A> / <A class=xspace-smalltxt href="http://bbs.chinaunix.net/forumdisplay.php?fid=14" target=_blank>Mail服务器</A></P> <DIV class=xspace-itemmessage id=xspace-item-t1294002>Hi, All.iRedMail-0.3.1 稳定版和 iRedOS-0.1.1 稳定版发布,适用于生产环境。同时,iRedMail 和 iRedOS 进入维护状态,Bibby 已全力以赴进行管理后台的规划和开发。管理后台功能需求征集:http://www.iredmail.org/bbs/viewthread.php?tid=257&extra=page%3D1备注:iRedOS 是基于 CentOS 5.2 裁减,并加入.</DIV> <P class=xspace-itemlinks><A href="http://bbs.chinaunix.net/viewthread.php?tid=1294002" target=_blank><FONT color=#000066>查看(1753)</FONT></A> <A href="http://bbs.chinaunix.net/post.php?action=reply&fid=14&tid=1294002" target=_blank><FONT color=#000066>评论(23)</FONT></A> </P></LI></UL></DIV></DIV> <DIV class=sidearea id=sideleft> <DIV class=xspace-sideblock id=avatar> <DIV id=xspace-avatar><IMG class=xspace-imgstyle style="HEIGHT: 150px" alt=MichaelBibby src="http://hi.chinaunix.net/images/base/space_noface.gif"> <P><A href="http://hi.chinaunix.net/?uid-133135-action-viewpro-showpro-1"><FONT color=#000066>MichaelBibby</FONT></A></P> <P class=xspace-selfintro><FONT color=#000066></FONT></P></DIV></DIV> <DIV class=xspace-sideblock id=action> <H3 class=xspace-blocktitle>用户菜单</H3> <UL id=xspace-action> <LI><A class=xspace-message href="http://hi.chinaunix.net/?uid-133135-action-viewpro"><FONT color=#000066>给我留言</FONT></A> </LI> <LI><A class=xspace-addfriend onclick="javascript:joinfriend('133135');" href="javascript:;"><FONT color=#000066>加入好友</FONT></A> </LI> <LI><A class=xspace-sendpm href="http://bbs.chinaunix.net/pm.php?action=send&uid=133135" target=_blank><FONT color=#000066>发短消息</FONT></A> </LI> <LI><A class=xspace-profile href="http://hi.chinaunix.net/?uid-133135-action-viewpro-showpro-1"><FONT color=#000066>我的介绍</FONT></A> </LI> <LI><A class=xspace-profile href="http://bbs.chinaunix.net/viewpro.php?uid=133135"><FONT color=#000066>论坛资料</FONT></A> </LI> <LI><A class=xspace-ctrlpannel href="http://hi.chinaunix.net/batch.manage.php?uid=133135"><FONT color=#000066>空间管理</FONT></A> </LI></UL></DIV> <DIV class=xspace-sideblock id=calendar> <H3 class=xspace-blocktitle>日历</H3> <TABLE id=xspace-calendar cellSpacing=2 cellPadding=2 width="100%" summary=xspace-Calendar border=0> <TBODY> <TR> <TD align=middle colSpan=7> <TABLE class=xspace-datenav cellSpacing=3 cellPadding=3 summary="xspace-Date nav"> <TBODY> <TR> <TD align=middle><A href="http://hi.chinaunix.net/?action-spacelist-uid-133135-starttime-1228060800-endtime-1230739200"><FONT color=#000066>«</FONT></A></TD> <TD noWrap align=middle><A href="http://hi.chinaunix.net/?action-spacelist-uid-133135-starttime-1230739200-endtime-1233417600"><FONT color=#000066>2009-01-11</FONT></A></TD> <TD align=middle> </TD></TR></TBODY></TABLE></TD></TR> <TR class=xspace-week align=middle> <TD>日</TD> <TD>一</TD> <TD>二</TD> <TD>三</TD> <TD>四</TD> <TD>五</TD> <TD>六</TD></TR> <TR align=middle> <TD> </TD> <TD> </TD> <TD> </TD> <TD> </TD> <TD>1</TD> <TD>2</TD> <TD>3</TD></TR> <TR align=middle> <TD>4</TD> <TD>5</TD> <TD>6</TD> <TD>7</TD> <TD>8</TD> <TD>9</TD> <TD>10</TD></TR> <TR align=middle> <TD>11</TD> <TD>12</TD> <TD>13</TD> <TD>14</TD> <TD>15</TD> <TD>16</TD> <TD>17</TD></TR> <TR align=middle> <TD>18</TD> <TD>19</TD> <TD>20</TD> <TD>21</TD> <TD>22</TD> <TD>23</TD> <TD>24</TD></TR> <TR align=middle> <TD>25</TD> <TD>26</TD> <TD>27</TD> <TD>28</TD> <TD>29</TD> <TD>30</TD> <TD>31</TD></TR></TBODY></TABLE></DIV> <DIV class=xspace-sideblock id=track> <H3 class=xspace-blocktitle>我的回复</H3> <UL class=xspace-list> <LI><A href="http://bbs.chinaunix.net/viewthread.php?tid=1352549" target=_blank><FONT color=#000066>如何解决dovecot默认domian的认证问题?</FONT></A> <LI><A href="http://bbs.chinaunix.net/viewthread.php?tid=1350857" target=_blank><FONT color=#000066>防范自己发给自己的垃圾邮件</FONT></A> <LI><A href="http://bbs.chinaunix.net/viewthread.php?tid=1350292" target=_blank><FONT color=#000066>金笛邮件的反垃圾邮件网管技术</FONT></A> <LI><A href="http://bbs.chinaunix.net/viewthread.php?tid=1344841" target=_blank><FONT color=#000066>postfix+dovecot+mysql+cyrus-sasl+openssl+centos</FONT></A> <LI><A href="http://bbs.chinaunix.net/viewthread.php?tid=1343947" target=_blank><FONT color=#000066>求各位达人提供一个mail服务器解决方案</FONT></A> <LI><A href="http://bbs.chinaunix.net/viewthread.php?tid=1339340" target=_blank><FONT color=#000066>RHEL5中,如何限制某个域、某些用户访问dovecot的pop3s、imaps?</FONT></A> <LI><A href="http://bbs.chinaunix.net/viewthread.php?tid=1338111" target=_blank><FONT color=#000066>我现在的状况是.....</FONT></A> <LI><A href="http://bbs.chinaunix.net/viewthread.php?tid=1336233" target=_blank><FONT color=#000066>即时通讯(IM)服务</FONT></A> <LI><A href="http://bbs.chinaunix.net/viewthread.php?tid=1336194" target=_blank><FONT color=#000066>邮件系统我认为是最复杂应用服务之一.所以建议大家尽力用开源或是破解的如kerio</FONT></A> <LI><A href="http://bbs.chinaunix.net/viewthread.php?tid=1335623" target=_blank><FONT color=#000066>openbsd推荐cwm窗口管理</FONT></A></LI></UL></DIV> <DIV class=xspace-sideblock id=track> <H3 class=xspace-blocktitle>最新来客</H3> <UL class=xspace-list> <LI class="xspace-avatarlist xspace-imgstyle"><A href="http://hi.chinaunix.net/?uid-759047" target=_blank><IMG alt="759047曾经在2008-12-17 09:23:46访问过你的空间" src="http://hi.chinaunix.net/images/base/space_noface.gif"></A> <P><A href="http://hi.chinaunix.net/?uid-759047" target=_blank alt=""><FONT color=#000066>759047</FONT></A></P></LI> <LI class="xspace-avatarlist xspace-imgstyle"><A href="http://hi.chinaunix.net/?uid-780250" target=_blank><FONT color=#000066><IMG alt="780250曾经在2008-12-15 23:18:47访问过你的空间" src="http://hi.chinaunix.net/images/base/space_noface.gif"></FONT></A> <P><A href="http://hi.chinaunix.net/?uid-780250" target=_blank alt=""><FONT color=#000066>780250</FONT></A></P></LI></UL></DIV> <DIV class=xspace-sideblock id=infomation> <H3 class=xspace-blocktitle>数据统计</H3> <UL class=xspace-list> <LI>访问量: 60 <LI>建立时间: 2008-05-31 <LI>更新时间: </LI></UL></DIV> <DIV class=xspace-sideblock id=rss> <H3 class=xspace-blocktitle>RSS订阅</H3> <UL class=xspace-list> <LI class=xspace-logo><A href="http://hi.chinaunix.net/?uid-133135-action-rss-type-"><IMG alt=RSS订阅 src="http://hi.chinaunix.net/images/base/rss.gif" border=0></A> </LI></UL></DIV></DIV></DIV></DIV> <DIV id=xspace-footer> <P id=xspace-footer-ad></P> <P id=xspace-footer_menu><A href="http://hi.chinaunix.net/batch.login.php?action=logout"><FONT color=#000066>清空Cookie</FONT></A> - <A href="mailto:admin2@staff.chinaunix.net"><FONT color=#000066>联系我们</FONT></A> - <A href="http://hi.chinaunix.net/" target=_blank><FONT color=#000066>ChinaUnix个人空间</FONT></A> - <A href="http://bbs.chinaunix.net/" target=_blank><FONT color=#000066>交流论坛</FONT></A> - <A href="http://hi.chinaunix.net/?action/spaces"><FONT color=#000066>空间列表</FONT></A> - <A href="http://hi.chinaunix.net/archiver/" target=_blank><FONT color=#000066>站点存档</FONT></A> - <A href="http://hi.chinaunix.net/?action/register" target=_blank><FONT color=#000066>升级自己的空间</FONT></A> </P> <P id=xspace-copyright>Powered by <A href="http://www.supesite.com/" target=_blank><STRONG><FONT color=#003366>X-Space</FONT></STRONG></A> <STRONG><FONT color=#ff9900>4.0Final</FONT></STRONG> © 2001-2008 <A href="http://www.comsenz.com/" target=_blank><FONT color=#000066>Comsenz Inc.</FONT></A> <BR>Processed in 0.077416 second(s), 8 queries, Gzip enabled<BR><A href="http://www.miibeian.gov.cn/" target=_blank><FONT color=#000066>京ICP证041476号</FONT></A><BR></P></DIV> <DIV id=toolbarshowbtn><A onmouseover=showtoolbar(); href="javascript:;">Open Toolbar</A></DIV> <DIV id=toolbarframe><IFRAME src="http://hi.chinaunix.net/batch.toolbar.php" frameBorder=0 width="100%" scrolling=no></IFRAME></DIV></DIV>
查看全文
发表于:2009-01-11 ┆
阅读(300)
┆
评论(0)
iredmail作者博客
<DIV> <TABLE style="BORDER-COLLAPSE: collapse" height=27 cellSpacing=0 cellPadding=0 width="100%" bgColor=#ffffff background=../../templates/tech/images/bg_menu.gif border=0> <TBODY> <TR> <TD width=20></TD> <TD><A class=list1 href="http://michaelbibby.cublog.cn/" target=_blank><FONT color=#0000ff><U>MichaelBibby.cublog.cn </U></FONT></A></TD> <TD align=right><A class=list1 href="http://blog.chinaunix.net/u/10604/index.php"><U><FONT color=#0000ff>首页</FONT></U></A> | <A class=list1 href="http://blog.chinaunix.net/u/10604/article.php"><U><FONT color=#0000ff>文章</FONT></U></A> | <A class=list1 href="http://blog.chinaunix.net/u/10604/photo.php"><U><FONT color=#0000ff>相册</FONT></U></A> | <A class=list1 href="http://blog.chinaunix.net/u/10604/links.php"><U><FONT color=#0000ff>收藏夹</FONT></U></A> | <A class=list1 href="http://blog.chinaunix.net/u/10604/guestbook.php"><U><FONT color=#0000ff>留言</FONT></U></A> </TD> <TD width=10></TD></TR></TBODY></TABLE> <SCRIPT language=javascript> function $(s){return document.getElementById(s);} function ShowHideDiv(divid,iImg){ if($(divid).style.display == "none"){ iImg.src="../../templates/tech/images/dot2.gif"; $(divid).style.display = "block"; iImg.title="收起"; }else{ iImg.src="../../templates/tech/images/dot4.gif"; $(divid).style.display = "none"; iImg.title="展开"; } } </SCRIPT> <TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 cellPadding=0 width="100%" border=0> <TBODY> <TR> <TD vAlign=top align=middle width=235><BR> <TABLE style="BORDER-COLLAPSE: collapse" borderColor=#111111 cellSpacing=0 cellPadding=0 width=220 border=0> <TBODY> <TR> <TD><IMG alt="" src="http://blog.chinaunix.net/templates/tech/images/left_bg_top.gif" border=0></TD></TR> <TR> <TD align=middle bgColor=#edf2f2 height=25> <TABLE style="BORDER-COLLAPSE: collapse" borderColor=#111111 cellSpacing=0 cellPadding=0 width=200 border=0> <TBODY> <TR> <TD align=middle width=180><FONT style="FONT-SIZE: 10pt" color=#1f72d0><B>关于作者</B></FONT></TD> <TD width=20><IMG title=收起 onclick="ShowHideDiv('aboutwriter',this);return false;" src="http://blog.chinaunix.net/templates/tech/images/dot2.gif" border=0></TD></TR></TBODY></TABLE></TD></TR> <TR> <TD bgColor=#d2dee2 height=1></TD></TR> <TR> <TD bgColor=#ffffff height=1></TD></TR> <TR> <TD id=aboutwriter style="COLOR: #02368d" align=middle bgColor=#f3f6f6> <TABLE style="COLOR: #02368d; BORDER-COLLAPSE: collapse; WORD-WRAP: break-word" height=16 cellSpacing=0 cellPadding=0 width=200 border=0> <TBODY> <TR> <TD align=middle><A href="http://blog.chinaunix.net/u/10604/up_user.jpeg" target=_blank><IMG src="http://blog.chinaunix.net/u/10604/up_user_pre.jpg" border=0><FONT color=#0000ff> </FONT></A></TD></TR> <TR> <TD width=200><PRE style="MARGIN: 5px; LINE-HEIGHT: 150%" width=25>姓名:张煌彬 年龄:1984年 位置:广东深圳福田区 网站:http://www.bsdlife.org</PRE></TD></TR></TBODY></TABLE></TD></TR> <TR> <TD> <TABLE style="BORDER-RIGHT: #d2dee2 1px solid; PADDING-RIGHT: 1px; BORDER-TOP: #d2dee2 1px solid; PADDING-LEFT: 1px; PADDING-BOTTOM: 1px; BORDER-LEFT: #d2dee2 1px solid; PADDING-TOP: 1px; BORDER-BOTTOM: #d2dee2 1px solid; BORDER-COLLAPSE: collapse" cellSpacing=0 cellPadding=0 width=220 align=center bgColor=#ffffff border=0> <TBODY> <TR bgColor=#edf2f2 height=20> <TD title=上一年 style="FONT-SIZE: 9pt; CURSOR: hand; COLOR: #1f72d0" onclick="pushBtm('YU')" align=middle width=14>||</TD> <TD title=上一月 style="FONT-SIZE: 9pt; CURSOR: hand; COLOR: #1f72d0" onclick="pushBtm('MU')" align=middle width=14><<</TD> <TD id=YMBG style="FONT-SIZE: 9pt; COLOR: #1f72d0" noWrap align=middle>2009年1月</TD> <TD id=GZ style="FONT-SIZE: 9pt; COLOR: #1f72d0" noWrap align=middle>己丑年(牛)</TD> <TD title=下一月 style="FONT-SIZE: 9pt; CURSOR: hand; COLOR: #1f72d0" onclick="pushBtm('MD')" align=middle width=14>>></TD> <TD title=下一年 style="FONT-SIZE: 9pt; CURSOR: hand; COLOR: #1f72d0" onclick="pushBtm('YD')" align=middle width=14>||</TD></TR> <TR> <TD colSpan=6> <DIV id=ttdiv align=center width="210"> <TABLE id=datetable style="BORDER-COLLAPSE: collapse" cellSpacing=0 cellPadding=0 width=216 bgColor=#f6f8f8 border=0> <TBODY> <TR style="COLOR: #a6aa97" align=middle bgColor=#edf2f2> <TD width=32 height=24>日</TD> <TD width=32>一</TD> <TD width=32>二</TD> <TD width=32>三</TD> <TD width=32>四</TD> <TD width=32>五</TD> <TD width=32>六</TD></TR> <TR align=middle> <TD noWrap><FONT class="" id=SD0 title="" face="Arial Black" color=#cdbc71 size=2></FONT><BR><FONT id=LD0 style="FONT-SIZE: 7pt"></FONT></TD> <TD noWrap><FONT class="" id=SD1 title="" face="Arial Black" color=#a6aa97 size=2></FONT><BR><FONT id=LD1 style="FONT-SIZE: 7pt"></FONT></TD> <TD noWrap><FONT class="" id=SD2 title="" face="Arial Black" color=#a6aa97 size=2></FONT><BR><FONT id=LD2 style="FONT-SIZE: 7pt"></FONT></TD> <TD noWrap><FONT class="" id=SD3 title="" face="Arial Black" color=#a6aa97 size=2></FONT><BR><FONT id=LD3 style="FONT-SIZE: 7pt"></FONT></TD> <TD noWrap><FONT class="" id=SD4 title="元旦 " style="COLOR: red" face="Arial Black" color=#a6aa97 size=2>1</FONT><BR><FONT id=LD4 style="FONT-SIZE: 7pt"><FONT color=#6fc2ff>元旦 </FONT></FONT></TD> <TD noWrap><FONT class="" id=SD5 title=初七 face="Arial Black" color=#a6aa97 size=2>2</FONT><BR><FONT id=LD5 style="FONT-SIZE: 7pt">初七</FONT></TD> <TD noWrap><FONT class="" id=SD6 title="腊八节 " face="Arial Black" color=#cdbc71 size=2>3</FONT><BR><FONT id=LD6 style="FONT-SIZE: 7pt"><FONT color=#6fc2ff>腊八节 </FONT></FONT></TD></TR> <TR align=middle> <TD noWrap><FONT class="" id=SD7 title=初九 style="COLOR: #cdbc71" face="Arial Black" color=#cdbc71 size=2>4</FONT><BR><FONT id=LD7 style="FONT-SIZE: 7pt">初九</FONT></TD> <TD noWrap><FONT class="" id=SD8 title=小寒 face="Arial Black" color=#a6aa97 size=2>5</FONT><BR><FONT id=LD8 style="FONT-SIZE: 7pt"><FONT color=limegreen>小寒</FONT></FONT></TD> <TD noWrap><FONT class="" id=SD9 title=十一 face="Arial Black" color=#a6aa97 size=2>6</FONT><BR><FONT id=LD9 style="FONT-SIZE: 7pt">十一</FONT></TD> <TD noWrap><FONT class="" id=SD10 title=十二 face="Arial Black" color=#a6aa97 size=2>7</FONT><BR><FONT id=LD10 style="FONT-SIZE: 7pt">十二</FONT></TD> <TD noWrap><FONT class="" id=SD11 title=十三 face="Arial Black" color=#a6aa97 size=2>8</FONT><BR><FONT id=LD11 style="FONT-SIZE: 7pt">十三</FONT></TD> <TD noWrap><FONT class="" id=SD12 title=十四 face="Arial Black" color=#a6aa97 size=2>9</FONT><BR><FONT id=LD12 style="FONT-SIZE: 7pt">十四</FONT></TD> <TD noWrap><FONT class="" id=SD13 title=十五 style="COLOR: #cdbc71" face="Arial Black" color=#cdbc71 size=2>10</FONT><BR><FONT id=LD13 style="FONT-SIZE: 7pt">十五</FONT></TD></TR> <TR align=middle> <TD noWrap><FONT class=todyaColor id=SD14 title=十六 style="COLOR: #cdbc71" face="Arial Black" color=#cdbc71 size=2>11</FONT><BR><FONT id=LD14 style="FONT-SIZE: 7pt">十六</FONT></TD> <TD noWrap><FONT class="" id=SD15 title=十七 face="Arial Black" color=#a6aa97 size=2>12</FONT><BR><FONT id=LD15 style="FONT-SIZE: 7pt">十七</FONT></TD> <TD noWrap><FONT class="" id=SD16 title=十八 face="Arial Black" color=#a6aa97 size=2>13</FONT><BR><FONT id=LD16 style="FONT-SIZE: 7pt">十八</FONT></TD> <TD noWrap><FONT class="" id=SD17 title=十九 face="Arial Black" color=#a6aa97 size=2>14</FONT><BR><FONT id=LD17 style="FONT-SIZE: 7pt">十九</FONT></TD> <TD noWrap><FONT class="" id=SD18 title=二十 face="Arial Black" color=#a6aa97 size=2>15</FONT><BR><FONT id=LD18 style="FONT-SIZE: 7pt">二十</FONT></TD> <TD noWrap><FONT class="" id=SD19 title=廿一 face="Arial Black" color=#a6aa97 size=2>16</FONT><BR><FONT id=LD19 style="FONT-SIZE: 7pt">廿一</FONT></TD> <TD noWrap><FONT class="" id=SD20 title=廿二 face="Arial Black" color=#cdbc71 size=2>17</FONT><BR><FONT id=LD20 style="FONT-SIZE: 7pt">廿二</FONT></TD></TR> <TR align=middle> <TD noWrap><FONT class="" id=SD21 title=廿三 style="COLOR: #cdbc71" face="Arial Black" color=#cdbc71 size=2>18</FONT><BR><FONT id=LD21 style="FONT-SIZE: 7pt">廿三</FONT></TD> <TD noWrap><FONT class="" id=SD22 title="小年 " face="Arial Black" color=#a6aa97 size=2>19</FONT><BR><FONT id=LD22 style="FONT-SIZE: 7pt"><FONT color=#6fc2ff>小年 </FONT></FONT></TD> <TD noWrap><FONT class="" id=SD23 title=大寒 face="Arial Black" color=#a6aa97 size=2>20</FONT><BR><FONT id=LD23 style="FONT-SIZE: 7pt"><FONT color=limegreen>大寒</FONT></FONT></TD> <TD noWrap><FONT class="" id=SD24 title=廿六 face="Arial Black" color=#a6aa97 size=2>21</FONT><BR><FONT id=LD24 style="FONT-SIZE: 7pt">廿六</FONT></TD> <TD noWrap><FONT class="" id=SD25 title=廿七 face="Arial Black" color=#a6aa97 size=2>22</FONT><BR><FONT id=LD25 style="FONT-SIZE: 7pt">廿七</FONT></TD> <TD noWrap><FONT class="" id=SD26 title=廿八 face="Arial Black" color=#a6aa97 size=2>23</FONT><BR><FONT id=LD26 style="FONT-SIZE: 7pt">廿八</FONT></TD> <TD noWrap><FONT class="" id=SD27 title=廿九 style="COLOR: #cdbc71" face="Arial Black" color=#cdbc71 size=2>24</FONT><BR><FONT id=LD27 style="FONT-SIZE: 7pt">廿九</FONT></TD></TR> <TR align=middle> <TD noWrap><FONT class="" id=SD28 title="除夕 " style="COLOR: red" face="Arial Black" color=#cdbc71 size=2>25</FONT><BR><FONT id=LD28 style="FONT-SIZE: 7pt"><FONT color=#6fc2ff>除夕 </FONT></FONT></TD> <TD noWrap><FONT class="" id=SD29 title="春节 " style="COLOR: red" face="Arial Black" color=#a6aa97 size=2>26</FONT><BR><FONT id=LD29 style="FONT-SIZE: 7pt"><FONT color=#6fc2ff>春节 </FONT></FONT></TD> <TD noWrap><FONT class="" id=SD30 title=初二 face="Arial Black" color=#a6aa97 size=2>27</FONT><BR><FONT id=LD30 style="FONT-SIZE: 7pt">初二</FONT></TD> <TD noWrap><FONT class="" id=SD31 title=初三 face="Arial Black" color=#a6aa97 size=2>28</FONT><BR><FONT id=LD31 style="FONT-SIZE: 7pt">初三</FONT></TD> <TD noWrap><FONT class="" id=SD32 title=初四 face="Arial Black" color=#a6aa97 size=2>29</FONT><BR><FONT id=LD32 style="FONT-SIZE: 7pt">初四</FONT></TD> <TD noWrap><FONT class="" id=SD33 title=初五 face="Arial Black" color=#a6aa97 size=2>30</FONT><BR><FONT id=LD33 style="FONT-SIZE: 7pt">初五</FONT></TD> <TD noWrap><FONT class="" id=SD34 title=初六 face="Arial Black" color=#cdbc71 size=2>31</FONT><BR><FONT id=LD34 style="FONT-SIZE: 7pt">初六</FONT></TD></TR> <TR align=middle> <TD noWrap><FONT class="" id=SD35 title="" face="Arial Black" color=#cdbc71 size=2></FONT><BR><FONT id=LD35 style="FONT-SIZE: 7pt"></FONT></TD> <TD noWrap><FONT class="" id=SD36 title="" face="Arial Black" color=#a6aa97 size=2></FONT><BR><FONT id=LD36 style="FONT-SIZE: 7pt"></FONT></TD> <TD noWrap><FONT class="" id=SD37 title="" face="Arial Black" color=#a6aa97 size=2></FONT><BR><FONT id=LD37 style="FONT-SIZE: 7pt"></FONT></TD> <TD noWrap><FONT class="" id=SD38 title="" face="Arial Black" color=#a6aa97 size=2></FONT><BR><FONT id=LD38 style="FONT-SIZE: 7pt"></FONT></TD> <TD noWrap><FONT class="" id=SD39 title="" face="Arial Black" color=#a6aa97 size=2></FONT><BR><FONT id=LD39 style="FONT-SIZE: 7pt"></FONT></TD> <TD noWrap><FONT class="" id=SD40 title="" face="Arial Black" color=#a6aa97 size=2></FONT><BR><FONT id=LD40 style="FONT-SIZE: 7pt"></FONT></TD> <TD noWrap><FONT class="" id=SD41 title="" face="Arial Black" color=#cdbc71 size=2></FONT><BR><FONT id=LD41 style="FONT-SIZE: 7pt"></FONT></TD></TR></TBODY></TABLE></DIV></TD></TR> <TR> <TD colSpan=6 height=1></TD></TR></TBODY></TABLE> <SCRIPT src="../../templates/tech/mdate.js"></SCRIPT> <SCRIPT language=javascript> var arrArtdate=new Array("20051119","20051126","20051127","20051130","20051201","20051202","20051205","20051217","20060102","20060103","20060119","20060210","20060211","20060224","20060225","20060317","20060324","20060507","20060509","20060512","20060513","20060516","20060517","20060615","20060803","20070409","20070411","20070429","20070517",""); initial("ttdiv"); </SCRIPT> </TD></TR> <TR> <TD bgColor=#d2dee2 height=1></TD></TR> <TR> <TD bgColor=#ffffff height=1></TD></TR> <TR> <TD align=middle bgColor=#edf2f2 height=25> <TABLE style="BORDER-COLLAPSE: collapse" borderColor=#111111 cellSpacing=0 cellPadding=0 width=200 border=0> <TBODY> <TR> <TD align=middle width=180><FONT style="FONT-SIZE: 10pt" color=#1f72d0><B>我的分类</B></FONT></TD> <TD width=20><IMG title=收起 onclick="ShowHideDiv('lefttree',this);return false;" src="http://blog.chinaunix.net/templates/tech/images/dot2.gif" border=0></TD></TR></TBODY></TABLE></TD></TR> <TR> <TD bgColor=#d2dee2 height=1></TD></TR> <TR> <TD bgColor=#ffffff height=1></TD></TR> <TR> <TD id=lefttree style="COLOR: #02368d" bgColor=#f3f6f6> <DIV> <DIV> <TABLE cellSpacing=0 cellPadding=0 border=0> <TBODY> <TR> <TD vAlign=center noWrap><A onclick="javascript: ContentsTree.OnNodeClick(1,true);" href="javascript:void(0)"><IMG id=signContentsTree1 style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: 0px" height=19 alt="" src="http://blog.chinaunix.net/templates/tech/images/Minus.gif" width=19></A><A class=listtree onclick="javascript: ContentsTree.OnNodeClick(1,false);" href="http://blog.chinaunix.net/u/10604/article.php"><IMG id=iconContentsTree1 style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: 0px" height=19 alt="" src="http://blog.chinaunix.net/templates/tech/images/OpenFolder.gif" width=19></A></TD> <TD vAlign=center noWrap><A class=listtree onclick="javascript: ContentsTree.OnNodeClick(1,false);" href="http://blog.chinaunix.net/u/10604/article.php"><FONT color=#0000ff><U>我的文章分类</U></FONT></A></TD></TR></TBODY></TABLE></DIV> <DIV id=divContentsTree1 style="DISPLAY: block"> <DIV> <TABLE cellSpacing=0 cellPadding=0 border=0> <TBODY> <TR> <TD vAlign=center noWrap><FONT color=#0000ff><U><IMG style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: 0px" height=19 alt="" src="http://blog.chinaunix.net/templates/tech/images/TreeBlank.gif" width=19></U></FONT><A onclick="javascript: ContentsTree.OnNodeClick(4,true);" href="javascript:void(0)"><FONT color=#0000ff><IMG id=signContentsTree4 style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: 0px" height=19 alt="" src="http://blog.chinaunix.net/templates/tech/images/Plus.gif" width=19></FONT></A><A class=listtree onclick="javascript: ContentsTree.OnNodeClick(4,false);" href="http://blog.chinaunix.net/u/10604/article.php?frmid=23570"><FONT color=#0000ff><U><IMG id=iconContentsTree4 style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: 0px" height=19 alt="" src="http://blog.chinaunix.net/templates/tech/images/ClosedFolder.gif" width=19></U></FONT></A></TD> <TD vAlign=center noWrap><A class=listtree onclick="javascript: ContentsTree.OnNodeClick(4,false);" href="http://blog.chinaunix.net/u/10604/article.php?frmid=23570"><FONT color=#0000ff><U>心情日记</U></FONT></A></TD></TR></TBODY></TABLE></DIV> <DIV id=divContentsTree4 style="DISPLAY: none"><FONT color=#0000ff><U></U></FONT></DIV> <DIV> <TABLE cellSpacing=0 cellPadding=0 border=0> <TBODY> <TR> <TD vAlign=center noWrap><FONT color=#0000ff><U><IMG style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: 0px" height=19 alt="" src="http://blog.chinaunix.net/templates/tech/images/TreeBlank.gif" width=19></U></FONT><A onclick="javascript: ContentsTree.OnNodeClick(5,true);" href="javascript:void(0)"><FONT color=#0000ff><IMG id=signContentsTree5 style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: 0px" height=19 alt="" src="http://blog.chinaunix.net/templates/tech/images/Plus.gif" width=19></FONT></A><A class=listtree onclick="javascript: ContentsTree.OnNodeClick(5,false);" href="http://blog.chinaunix.net/u/10604/article.php?frmid=22495"><FONT color=#0000ff><U><IMG id=iconContentsTree5 style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: 0px" height=19 alt="" src="http://blog.chinaunix.net/templates/tech/images/ClosedFolder.gif" width=19></U></FONT></A></TD> <TD vAlign=center noWrap><A class=listtree onclick="javascript: ContentsTree.OnNodeClick(5,false);" href="http://blog.chinaunix.net/u/10604/article.php?frmid=22495"><FONT color=#0000ff><U>人生哲学</U></FONT></A></TD></TR></TBODY></TABLE></DIV> <DIV id=divContentsTree5 style="DISPLAY: none"><FONT color=#0000ff><U></U></FONT></DIV> <DIV> <TABLE cellSpacing=0 cellPadding=0 border=0> <TBODY> <TR> <TD vAlign=center noWrap><FONT color=#0000ff><U><IMG style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: 0px" height=19 alt="" src="http://blog.chinaunix.net/templates/tech/images/TreeBlank.gif" width=19></U></FONT><A onclick="javascript: ContentsTree.OnNodeClick(6,true);" href="javascript:void(0)"><FONT color=#0000ff><IMG id=signContentsTree6 style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: 0px" height=19 alt="" src="http://blog.chinaunix.net/templates/tech/images/Plus.gif" width=19></FONT></A><A class=listtree onclick="javascript: ContentsTree.OnNodeClick(6,false);" href="http://blog.chinaunix.net/u/10604/article.php?frmid=22535"><FONT color=#0000ff><U><IMG id=iconContentsTree6 style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: 0px" height=19 alt="" src="http://blog.chinaunix.net/templates/tech/images/ClosedFolder.gif" width=19></U></FONT></A></TD> <TD vAlign=center noWrap><A class=listtree onclick="javascript: ContentsTree.OnNodeClick(6,false);" href="http://blog.chinaunix.net/u/10604/article.php?frmid=22535"><FONT color=#0000ff><U>FreeBSD</U></FONT></A></TD></TR></TBODY></TABLE></DIV> <DIV id=divContentsTree6 style="DISPLAY: none"><FONT color=#0000ff><U></U></FONT></DIV> <DIV> <TABLE cellSpacing=0 cellPadding=0 border=0> <TBODY> <TR> <TD vAlign=center noWrap><FONT color=#0000ff><U><IMG style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: 0px" height=19 alt="" src="http://blog.chinaunix.net/templates/tech/images/TreeBlank.gif" width=19></U></FONT><A onclick="javascript: ContentsTree.OnNodeClick(7,true);" href="javascript:void(0)"><FONT color=#0000ff><IMG id=signContentsTree7 style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: 0px" height=19 alt="" src="http://blog.chinaunix.net/templates/tech/images/Plus.gif" width=19></FONT></A><A class=listtree onclick="javascript: ContentsTree.OnNodeClick(7,false);" href="http://blog.chinaunix.net/u/10604/article.php?frmid=20461"><FONT color=#0000ff><U><IMG id=iconContentsTree7 style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: 0px" height=19 alt="" src="http://blog.chinaunix.net/templates/tech/images/ClosedFolder.gif" width=19></U></FONT></A></TD> <TD vAlign=center noWrap><A class=listtree onclick="javascript: ContentsTree.OnNodeClick(7,false);" href="http://blog.chinaunix.net/u/10604/article.php?frmid=20461"><FONT color=#0000ff><U>NetBSD</U></FONT></A></TD></TR></TBODY></TABLE></DIV> <DIV id=divContentsTree7 style="DISPLAY: none"><FONT color=#0000ff><U></U></FONT></DIV> <DIV> <TABLE cellSpacing=0 cellPadding=0 border=0> <TBODY> <TR> <TD vAlign=center noWrap><FONT color=#0000ff><U><IMG style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: 0px" height=19 alt="" src="http://blog.chinaunix.net/templates/tech/images/TreeBlank.gif" width=19></U></FONT><A onclick="javascript: ContentsTree.OnNodeClick(8,true);" href="javascript:void(0)"><FONT color=#0000ff><IMG id=signContentsTree8 style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: 0px" height=19 alt="" src="http://blog.chinaunix.net/templates/tech/images/Plus.gif" width=19></FONT></A><A class=listtree onclick="javascript: ContentsTree.OnNodeClick(8,false);" href="http://blog.chinaunix.net/u/10604/article.php?frmid=17342"><FONT color=#0000ff><U><IMG id=iconContentsTree8 style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: 0px" height=19 alt="" src="http://blog.chinaunix.net/templates/tech/images/ClosedFolder.gif" width=19></U></FONT></A></TD> <TD vAlign=center noWrap><A class=listtree onclick="javascript: ContentsTree.OnNodeClick(8,false);" href="http://blog.chinaunix.net/u/10604/article.php?frmid=17342"><FONT color=#0000ff><U>OpenBSD</U></FONT></A></TD></TR></TBODY></TABLE></DIV> <DIV id=divContentsTree8 style="DISPLAY: none"><FONT color=#0000ff><U></U></FONT></DIV> <DIV> <TABLE cellSpacing=0 cellPadding=0 border=0> <TBODY> <TR> <TD vAlign=center noWrap><FONT color=#0000ff><U><IMG style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: 0px" height=19 alt="" src="http://blog.chinaunix.net/templates/tech/images/TreeBlank.gif" width=19></U></FONT><A onclick="javascript: ContentsTree.OnNodeClick(9,true);" href="javascript:void(0)"><FONT color=#0000ff><IMG id=signContentsTree9 style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: 0px" height=19 alt="" src="http://blog.chinaunix.net/templates/tech/images/Plus.gif" width=19></FONT></A><A class=listtree onclick="javascript: ContentsTree.OnNodeClick(9,false);" href="http://blog.chinaunix.net/u/10604/article.php?frmid=19064"><FONT color=#0000ff><U><IMG id=iconContentsTree9 style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: 0px" height=19 alt="" src="http://blog.chinaunix.net/templates/tech/images/ClosedFolder.gif" width=19></U></FONT></A></TD> <TD vAlign=center noWrap><A class=listtree onclick="javascript: ContentsTree.OnNodeClick(9,false);" href="http://blog.chinaunix.net/u/10604/article.php?frmid=19064"><FONT color=#0000ff><U>OpenBSD FAQ</U></FONT></A></TD></TR></TBODY></TABLE></DIV> <DIV id=divContentsTree9 style="DISPLAY: none"><FONT color=#0000ff><U></U></FONT></DIV> <DIV> <TABLE cellSpacing=0 cellPadding=0 border=0> <TBODY> <TR> <TD vAlign=center noWrap><FONT color=#0000ff><U><IMG style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: 0px" height=19 alt="" src="http://blog.chinaunix.net/templates/tech/images/TreeBlank.gif" width=19></U></FONT><A onclick="javascript: ContentsTree.OnNodeClick(10,true);" href="javascript:void(0)"><FONT color=#0000ff><IMG id=signContentsTree10 style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: 0px" height=19 alt="" src="http://blog.chinaunix.net/templates/tech/images/Plus.gif" width=19></FONT></A><A class=listtree onclick="javascript: ContentsTree.OnNodeClick(10,false);" href="http://blog.chinaunix.net/u/10604/article.php?frmid=19040"><FONT color=#0000ff><U><IMG id=iconContentsTree10 style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: 0px" height=19 alt="" src="http://blog.chinaunix.net/templates/tech/images/ClosedFolder.gif" width=19></U></FONT></A></TD> <TD vAlign=center noWrap><A class=listtree onclick="javascript: ContentsTree.OnNodeClick(10,false);" href="http://blog.chinaunix.net/u/10604/article.php?frmid=19040"><FONT color=#0000ff><U>Python</U></FONT></A></TD></TR></TBODY></TABLE></DIV> <DIV id=divContentsTree10 style="DISPLAY: none"><FONT color=#0000ff><U></U></FONT></DIV> <DIV> <TABLE cellSpacing=0 cellPadding=0 border=0> <TBODY> <TR> <TD vAlign=center noWrap><FONT color=#0000ff><U><IMG style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: 0px" height=19 alt="" src="http://blog.chinaunix.net/templates/tech/images/TreeBlank.gif" width=19></U></FONT><A onclick="javascript: ContentsTree.OnNodeClick(11,true);" href="javascript:void(0)"><FONT color=#0000ff><IMG id=signContentsTree11 style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: 0px" height=19 alt="" src="http://blog.chinaunix.net/templates/tech/images/Plus.gif" width=19></FONT></A><A class=listtree onclick="javascript: ContentsTree.OnNodeClick(11,false);" href="http://blog.chinaunix.net/u/10604/article.php?frmid=19787"><FONT color=#0000ff><U><IMG id=iconContentsTree11 style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: 0px" height=19 alt="" src="http://blog.chinaunix.net/templates/tech/images/ClosedFolder.gif" width=19></U></FONT></A></TD> <TD vAlign=center noWrap><A class=listtree onclick="javascript: ContentsTree.OnNodeClick(11,false);" href="http://blog.chinaunix.net/u/10604/article.php?frmid=19787"><FONT color=#0000ff><U>Server</U></FONT></A></TD></TR></TBODY></TABLE></DIV> <DIV id=divContentsTree11 style="DISPLAY: none"><FONT color=#0000ff><U></U></FONT></DIV> <DIV> <TABLE cellSpacing=0 cellPadding=0 border=0> <TBODY> <TR> <TD vAlign=center noWrap><FONT color=#0000ff><U><IMG style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: 0px" height=19 alt="" src="http://blog.chinaunix.net/templates/tech/images/TreeBlank.gif" width=19></U></FONT><A onclick="javascript: ContentsTree.OnNodeClick(12,true);" href="javascript:void(0)"><FONT color=#0000ff><IMG id=signContentsTree12 style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: 0px" height=19 alt="" src="http://blog.chinaunix.net/templates/tech/images/Minus.gif" width=19></FONT></A><A class=listtree onclick="javascript: ContentsTree.OnNodeClick(12,false);" href="http://blog.chinaunix.net/u/10604/article.php?frmid=19218"><FONT color=#0000ff><U><IMG id=iconContentsTree12 style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: 0px" height=19 alt="" src="http://blog.chinaunix.net/templates/tech/images/OpenFolder.gif" width=19></U></FONT></A></TD> <TD vAlign=center noWrap><A class=listtree onclick="javascript: ContentsTree.OnNodeClick(12,false);" href="http://blog.chinaunix.net/u/10604/article.php?frmid=19218"><FONT color=#800080><U>Shell</U></FONT></A></TD></TR></TBODY></TABLE></DIV> <DIV id=divContentsTree12 style="DISPLAY: block"><FONT color=#800080><U></U></FONT></DIV> <DIV> <TABLE cellSpacing=0 cellPadding=0 border=0> <TBODY> <TR> <TD vAlign=center noWrap><FONT color=#800080><U><IMG style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: 0px" height=19 alt="" src="http://blog.chinaunix.net/templates/tech/images/TreeBlank.gif" width=19></U></FONT><A onclick="javascript: ContentsTree.OnNodeClick(13,true);" href="javascript:void(0)"><FONT color=#800080><IMG id=signContentsTree13 style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: 0px" height=19 alt="" src="http://blog.chinaunix.net/templates/tech/images/Plus.gif" width=19></FONT></A><A class=listtree onclick="javascript: ContentsTree.OnNodeClick(13,false);" href="http://blog.chinaunix.net/u/10604/article.php?frmid=19233"><FONT color=#800080><U><IMG id=iconContentsTree13 style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: 0px" height=19 alt="" src="http://blog.chinaunix.net/templates/tech/images/ClosedFolder.gif" width=19></U></FONT></A></TD> <TD vAlign=center noWrap><A class=listtree onclick="javascript: ContentsTree.OnNodeClick(13,false);" href="http://blog.chinaunix.net/u/10604/article.php?frmid=19233"><FONT color=#0000ff><U>Tools and Tips</U></FONT></A></TD></TR></TBODY></TABLE></DIV> <DIV id=divContentsTree13 style="DISPLAY: none"><FONT color=#0000ff><U></U></FONT></DIV></DIV> <DIV> <TABLE cellSpacing=0 cellPadding=0 border=0> <TBODY> <TR> <TD vAlign=center noWrap><A onclick="javascript: ContentsTree.OnNodeClick(2,true);" href="javascript:void(0)"><FONT color=#0000ff><IMG id=signContentsTree2 style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: 0px" height=19 alt="" src="http://blog.chinaunix.net/templates/tech/images/Minus.gif" width=19></FONT></A><A class=listtree onclick="javascript: ContentsTree.OnNodeClick(2,false);" href="http://blog.chinaunix.net/u/10604/photo.php"><FONT color=#0000ff><U><IMG id=iconContentsTree2 style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: 0px" height=19 alt="" src="http://blog.chinaunix.net/templates/tech/images/OpenFolder.gif" width=19></U></FONT></A></TD> <TD vAlign=center noWrap><A class=listtree onclick="javascript: ContentsTree.OnNodeClick(2,false);" href="http://blog.chinaunix.net/u/10604/photo.php"><FONT color=#0000ff><U>我的图片分类</U></FONT></A></TD></TR></TBODY></TABLE></DIV> <DIV id=divContentsTree2 style="DISPLAY: block"><FONT color=#0000ff><U></U></FONT></DIV> <DIV> <TABLE cellSpacing=0 cellPadding=0 border=0> <TBODY> <TR> <TD vAlign=center noWrap><A onclick="javascript: ContentsTree.OnNodeClick(3,true);" href="javascript:void(0)"><FONT color=#0000ff><IMG id=signContentsTree3 style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: 0px" height=19 alt="" src="http://blog.chinaunix.net/templates/tech/images/Minus.gif" width=19></FONT></A><A class=listtree onclick="javascript: ContentsTree.OnNodeClick(3,false);" href="http://blog.chinaunix.net/u/10604/links.php"><FONT color=#0000ff><U><IMG id=iconContentsTree3 style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: 0px" height=19 alt="" src="http://blog.chinaunix.net/templates/tech/images/OpenFolder.gif" width=19></U></FONT></A></TD> <TD vAlign=center noWrap><A class=listtree onclick="javascript: ContentsTree.OnNodeClick(3,false);" href="http://blog.chinaunix.net/u/10604/links.php"><FONT color=#0000ff><U>我的链接分类</U></FONT></A></TD></TR></TBODY></TABLE></DIV> <DIV id=divContentsTree3 style="DISPLAY: block"> <DIV> <TABLE cellSpacing=0 cellPadding=0 border=0> <TBODY> <TR> <TD vAlign=center noWrap><FONT color=#0000ff><U><IMG style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: 0px" height=19 alt="" src="http://blog.chinaunix.net/templates/tech/images/TreeBlank.gif" width=19></U></FONT><A onclick="javascript: ContentsTree.OnNodeClick(14,true);" href="javascript:void(0)"><FONT color=#0000ff><IMG id=signContentsTree14 style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: 0px" height=19 alt="" src="http://blog.chinaunix.net/templates/tech/images/Plus.gif" width=19></FONT></A><A class=listtree onclick="javascript: ContentsTree.OnNodeClick(14,false);" href="http://blog.chinaunix.net/u/10604/links.php?frmid=3780"><FONT color=#0000ff><U><IMG id=iconContentsTree14 style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: 0px" height=19 alt="" src="http://blog.chinaunix.net/templates/tech/images/ClosedFolder.gif" width=19></U></FONT></A></TD> <TD vAlign=center noWrap><A class=listtree onclick="javascript: ContentsTree.OnNodeClick(14,false);" href="http://blog.chinaunix.net/u/10604/links.php?frmid=3780"><U><FONT color=#0000ff>BSD</FONT></U></A></TD></TR></TBODY></TABLE></DIV> <DIV id=divContentsTree14 style="DISPLAY: none"><U><FONT color=#0000ff></FONT></U></DIV></DIV></DIV></TD></TR> <TR> <TD><U><FONT color=#0000ff><IMG alt="" src="http://blog.chinaunix.net/templates/tech/images/left_bg_bottom.gif" border=0></FONT></U></TD></TR></TBODY></TABLE></TD> <TD width=10><U><FONT color=#0000ff></FONT></U></TD> <TD vAlign=top align=middle><BR> <TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 cellPadding=0 width="100%" border=0> <TBODY> <TR> <TD width=11 height=11><U><FONT color=#0000ff><IMG alt="" src="http://blog.chinaunix.net/templates/tech/images/g_left_top.gif" border=0></FONT></U></TD> <TD width="99%" bgColor=#dddddd height=11><U><FONT color=#0000ff></FONT></U></TD> <TD width=11 height=11><U><FONT color=#0000ff><IMG alt="" src="http://blog.chinaunix.net/templates/tech/images/g_right_top.gif" border=0></FONT></U></TD></TR> <TR> <TD vAlign=top align=middle width="100%" bgColor=#dddddd colSpan=3> <TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 cellPadding=0 width="96%" border=0> <TBODY> <TR height=25> <TD width=10><U><FONT color=#0000ff></FONT></U></TD> <TD width=485><FONT color=#6cb743><B>文章列表 - Shell</B></FONT> </TD></TR> <TR> <TD colSpan=3 height=2></TD></TR></TBODY></TABLE> <TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 cellPadding=0 width="96%" border=0> <TBODY> <TR> <TD width=7 height=7><IMG alt="" src="http://blog.chinaunix.net/templates/tech/images/w_left_top.gif" border=0></TD> <TD width="100%" bgColor=#f3f3f3></TD> <TD width=7 height=7><IMG alt="" src="http://blog.chinaunix.net/templates/tech/images/w_right_top.gif" border=0></TD></TR> <TR> <TD align=middle bgColor=#f3f3f3 colSpan=3> <TABLE style="TABLE-LAYOUT: fixed; BORDER-COLLAPSE: collapse; WORD-WRAP: break-word" cellSpacing=0 cellPadding=0 width="100%" bgColor=#f3f3f3 border=0> <TBODY> <TR height=25> <TD align=middle width=25><IMG height=8 alt="" src="http://blog.chinaunix.net/templates/tech/images/dot.gif" width=8 border=0></TD> <TD width="90%"><A class=list1 href="http://blog.chinaunix.net/u/10604/showart.php?id=60090" target=""><FONT style="FONT-SIZE: 10pt" color=#02368d><B><U>ANSI控制码的说明 </U></B></FONT></A></TD> <TD align=middle width=25><U><IMG title=收起 onclick="ShowHideDiv('art60090',this);" src="http://blog.chinaunix.net/templates/tech/images/dot2.gif" border=0></U> </TD></TR> <TR> <TD width=25></TD> <TD style="MARGIN: 5px; LINE-HEIGHT: 120%" colSpan=2> <DIV id=art60090 style="MARGIN-TOP: 5px; HEIGHT: 100%"><A href="http://bbs.chinaunix.net/viewthread.php?tid=661031&extra=page%3D1"><FONT color=#0000ff>http://bbs.chinaunix.net/viewthread.php?tid=661031&extra=page%3D1</FONT></A> <P> <P><SPAN style="FONT-SIZE: 13px">ANSI控制码的说明<BR>例如:<BR> echo -ne "33[32m" 可以将字符的显示颜色改为绿色<BR> echo -ne "33[3;1H" 可以将光标移到第3行第1列处</SPAN></P> <P><SPAN style="FONT-SIZE: 13px">具体的摘抄一些如下:<BR>33[0m 关闭所有属性<BR>33[1m 设置高亮度<BR>33[…… </SPAN></P></DIV></TD></TR> <TR height=20> <TD align=right colSpan=3><A class=list1 href="http://blog.chinaunix.net/u/10604/showart.php?id=60090" target=""><U><FONT style="FONT-SIZE: 10pt" color=#02368d><B>查看全文</B></FONT><FONT color=#0000ff> </FONT></U></A></TD></TR> <TR height=20> <TD><U><FONT color=#0000ff></FONT></U></TD> <TD align=right colSpan=2>发表于:2005-12-05 10:42:45 ┆ <A class=list1 href="http://blog.chinaunix.net/u/10604/showart.php?id=60090" target=""><U><FONT color=#0000ff>阅读(598) </FONT></U></A>┆ <A class=list1 href="http://blog.chinaunix.net/u/10604/showart.php?id=60090" target=""><FONT color=#0000ff><U>评论(0) </U></FONT></A></TD></TR></TBODY></TABLE></TD></TR> <TR> <TD width=7 height=7><FONT color=#0000ff><U><IMG alt="" src="http://blog.chinaunix.net/templates/tech/images/w_left_buttom.gif" border=0></U></FONT></TD> <TD bgColor=#f3f3f3><FONT color=#0000ff><U></U></FONT></TD> <TD width=7 height=7><FONT color=#0000ff><U><IMG alt="" src="http://blog.chinaunix.net/templates/tech/images/w_right_buttom.gif" border=0></U></FONT></TD></TR></TBODY></TABLE><BR> <TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 cellPadding=0 width="96%" border=0> <TBODY> <TR> <TD width=7 height=7><FONT color=#0000ff><U><IMG alt="" src="http://blog.chinaunix.net/templates/tech/images/w_left_top.gif" border=0></U></FONT></TD> <TD width="100%" bgColor=#f3f3f3><FONT color=#0000ff><U></U></FONT></TD> <TD width=7 height=7><FONT color=#0000ff><U><IMG alt="" src="http://blog.chinaunix.net/templates/tech/images/w_right_top.gif" border=0></U></FONT></TD></TR> <TR> <TD align=middle bgColor=#f3f3f3 colSpan=3> <TABLE style="TABLE-LAYOUT: fixed; BORDER-COLLAPSE: collapse; WORD-WRAP: break-word" cellSpacing=0 cellPadding=0 width="100%" bgColor=#f3f3f3 border=0> <TBODY> <TR height=25> <TD align=middle width=25><FONT color=#0000ff><U><IMG height=8 alt="" src="http://blog.chinaunix.net/templates/tech/images/dot.gif" width=8 border=0></U></FONT></TD> <TD width="90%"><A class=list1 href="http://blog.chinaunix.net/u/10604/showart.php?id=59573" target=""><FONT style="FONT-SIZE: 10pt" color=#02368d><B><U>(转帖)Screen </U></B></FONT></A></TD> <TD align=middle width=25><U><IMG title=收起 onclick="ShowHideDiv('art59573',this);" src="http://blog.chinaunix.net/templates/tech/images/dot2.gif" border=0></U> </TD></TR> <TR> <TD width=25></TD> <TD style="MARGIN: 5px; LINE-HEIGHT: 120%" colSpan=2> <DIV id=art59573 style="MARGIN-TOP: 5px; HEIGHT: 100%"> <P>screen your screen<BR>文:林思敬<BR>電子郵件:<A href="mailto:becks.lin@ec-base.com"><FONT color=#0000ff>becks.lin@ec-base.com</FONT></A></P> <P><A href="http://www.winterxy.com/blog/000128.html"><FONT color=#0000ff>http://www.winterxy.com/blog/000128.html</FONT></A></P> <P><FONT color=#0000ff></FONT> <P>前言<BR>screen 是什么</P> <P>根据其man介绍,screen是个多元化多功能的全屏窗口管理器,每个虚拟终端都可以为你提供DEC VT100 terminal的功能, 也许你会问:DEC VT100 terminal又是什么?如果你登陆过某些字符界面的BBS,或许你会记得在注册时,其要求你输入你的终端机型别,而一般预设就是我…… </P></DIV></TD></TR> <TR height=20> <TD align=right colSpan=3><A class=list1 href="http://blog.chinaunix.net/u/10604/showart.php?id=59573" target=""><U><FONT style="FONT-SIZE: 10pt" color=#02368d><B>查看全文</B></FONT><FONT color=#0000ff> </FONT></U></A></TD></TR> <TR height=20> <TD><U><FONT color=#0000ff></FONT></U></TD> <TD align=right colSpan=2>发表于:2005-12-01 14:05:09 ┆ <A class=list1 href="http://blog.chinaunix.net/u/10604/showart.php?id=59573" target=""><U><FONT color=#0000ff>阅读(422) </FONT></U></A>┆ <A class=list1 href="http://blog.chinaunix.net/u/10604/showart.php?id=59573" target=""><FONT color=#0000ff><U>评论(2) </U></FONT></A></TD></TR></TBODY></TABLE></TD></TR> <TR> <TD width=7 height=7><FONT color=#0000ff><U><IMG alt="" src="http://blog.chinaunix.net/templates/tech/images/w_left_buttom.gif" border=0></U></FONT></TD> <TD bgColor=#f3f3f3><FONT color=#0000ff><U></U></FONT></TD> <TD width=7 height=7><FONT color=#0000ff><U><IMG alt="" src="http://blog.chinaunix.net/templates/tech/images/w_right_buttom.gif" border=0></U></FONT></TD></TR></TBODY></TABLE><BR> <TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 cellPadding=0 width="96%" border=0> <TBODY> <TR> <TD width=7 height=7><FONT color=#0000ff><U><IMG alt="" src="http://blog.chinaunix.net/templates/tech/images/w_left_top.gif" border=0></U></FONT></TD> <TD width="100%" bgColor=#f3f3f3><FONT color=#0000ff><U></U></FONT></TD> <TD width=7 height=7><FONT color=#0000ff><U><IMG alt="" src="http://blog.chinaunix.net/templates/tech/images/w_right_top.gif" border=0></U></FONT></TD></TR> <TR> <TD align=middle bgColor=#f3f3f3 colSpan=3> <TABLE style="TABLE-LAYOUT: fixed; BORDER-COLLAPSE: collapse; WORD-WRAP: break-word" cellSpacing=0 cellPadding=0 width="100%" bgColor=#f3f3f3 border=0> <TBODY> <TR height=25> <TD align=middle width=25><FONT color=#0000ff><U><IMG height=8 alt="" src="http://blog.chinaunix.net/templates/tech/images/dot.gif" width=8 border=0></U></FONT></TD> <TD width="90%"><A class=list1 href="http://blog.chinaunix.net/u/10604/showart.php?id=59490" target=""><FONT style="FONT-SIZE: 10pt" color=#02368d><B><U>一个自动ftp的脚本 </U></B></FONT></A></TD> <TD align=middle width=25><U><IMG title=收起 onclick="ShowHideDiv('art59490',this);" src="http://blog.chinaunix.net/templates/tech/images/dot2.gif" border=0></U> </TD></TR> <TR> <TD width=25></TD> <TD style="MARGIN: 5px; LINE-HEIGHT: 120%" colSpan=2> <DIV id=art59490 style="MARGIN-TOP: 5px; HEIGHT: 100%"> <P>简单,但实用</P> <P> <P>#!/bin/sh</P> <P>ftp -i -n<<EOF<BR />open 192.168.0.5 # 打开ftp服务器192.168.0.5<BR>user USERNAME PASSWORD # 用于登录服务器的用户名和密码<BR>bin &nbs…… </P></DIV></TD></TR> <TR height=20> <TD align=right colSpan=3><A class=list1 href="http://blog.chinaunix.net/u/10604/showart.php?id=59490" target=""><U><FONT style="FONT-SIZE: 10pt" color=#02368d><B>查看全文</B></FONT><FONT color=#0000ff> </FONT></U></A></TD></TR> <TR height=20> <TD><U><FONT color=#0000ff></FONT></U></TD> <TD align=right colSpan=2>发表于:2005-11-30 17:20:23 ┆ <A class=list1 href="http://blog.chinaunix.net/u/10604/showart.php?id=59490" target=""><U><FONT color=#0000ff>阅读(416) </FONT></U></A>┆ <A class=list1 href="http://blog.chinaunix.net/u/10604/showart.php?id=59490" target=""><U><FONT color=#0000ff>评论(0) </FONT></U></A></TD></TR></TBODY></TABLE></TD></TR> <TR> <TD width=7 height=7><U><FONT color=#0000ff><IMG alt="" src="http://blog.chinaunix.net/templates/tech/images/w_left_buttom.gif" border=0></FONT></U></TD> <TD bgColor=#f3f3f3><U><FONT color=#0000ff></FONT></U></TD> <TD width=7 height=7><U><FONT color=#0000ff><IMG alt="" src="http://blog.chinaunix.net/templates/tech/images/w_right_buttom.gif" border=0></FONT></U></TD></TR></TBODY></TABLE><BR> <TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 cellPadding=0 width="96%" border=0> <TBODY> <TR> <TD width=7 height=7><U><FONT color=#0000ff><IMG alt="" src="http://blog.chinaunix.net/templates/tech/images/w_left_top.gif" border=0></FONT></U></TD> <TD width="100%" bgColor=#f3f3f3><U><FONT color=#0000ff></FONT></U></TD> <TD width=7 height=7><U><FONT color=#0000ff><IMG alt="" src="http://blog.chinaunix.net/templates/tech/images/w_right_top.gif" border=0></FONT></U></TD></TR> <TR> <TD id=pagelist align=middle bgColor=#f3f3f3 colSpan=3>共有文章3篇 第(1/1)页 首页 上一页 <FONT color=#ff0000>1</FONT> 下一页 末页</TD></TR> <TR> <TD width=7 height=7><IMG alt="" src="http://blog.chinaunix.net/templates/tech/images/w_left_buttom.gif" border=0></TD> <TD bgColor=#f3f3f3></TD> <TD width=7 height=7><IMG alt="" src="http://blog.chinaunix.net/templates/tech/images/w_right_buttom.gif" border=0></TD></TR></TBODY></TABLE></TD></TR> <TR> <TD width=11 height=11><IMG alt="" src="http://blog.chinaunix.net/templates/tech/images/g_left_bottom.gif" border=0></TD></TR></TBODY></TABLE></TD></TR></TBODY></TABLE></DIV>
查看全文
发表于:2009-01-11 ┆
阅读(364)
┆
评论(0)
centos/redhat 上安装邮件系统(extmail) V0.1
<DIV> <H1>在centos/redhat 上安装邮件系统(extmail) V0.1 </H1><BR>Author:fengyong 2008-08-31 <P class=STYLE1>请尊重作者劳动,复制转载此文档时,请保留或添加文档来源。版权:开源易有(<A href="http://www.yiyou.org/"><FONT color=#800080>http://www.yiyou.org</FONT></A>)</P> <H2>一、简介:</H2><BR>本文以最简单,最方便的方法在centos 5.2 上安装一个全功能的邮件系统,此文适合REDHAT所有系列,在文中,能用RPM 安装的,我们将采用rpm 安装,如果rpm没有的,我们将创建自己的rpm。部分软件简介:<BR>1、AMP ---apache(web服务) 、mysql(数据库)、php(非必需) 的简称<BR>2、postfix --mta 邮件系统核心<BR>3、courier-authlib--一个为courier-imap,maildrop,sasl2 提供用户信息的后台进程序<BR>4、courier-imap --提供pop3,pop3s,imap,imaps 服务的程序<BR>5、amavisd-new --提供内容过滤<BR>6、clamav -- 著名的杀毒软件<BR>7、extmail --一个著名的webmail程序<BR>8、extman --与extmail集成的后台管理程序<BR>9、slockd --一个基于smtp阶段的反垃圾邮件程序<BR>10、vhmgr --由本文作者编写,用于管理apache,ftp,mysql 的虚拟主机管理程序。<BR><BR>安装环境:<BR>centos 5.2 <BR>域名机器名:mail.yiyou.org<BR>域名:yiyou.org<BR> <H2>二、安装系统</H2>安装系统时,选择“customize software selection”(自定义安装),在package group selection 对话框里选择:<BR><PRE>[*]base [*]devlopment libraries [*]development tools [*]editors [*]text-base internet </PRE>其它不选择。<BR>在setup agnet(或进入系统后运行setup) 里选择firewall configuration 将security level 与SELinux 改为disabled,目的是为了避免在安装调试时产生不必要的麻烦,在系统安装完成后,可以自己去调试安全部分,在这里将不作详细介绍。 <BR>配置yum,在本文中使用的是网通线路,所以选择了http://mirrors.ta139.com/ 作为安装镜像。<BR><PRE>[root@localhost ~]# cd /etc/yum.repos.d/ [root@localhost yum.repos.d]# wget http://mirrors.ta139.com/CentOS-Base.repo.ta139 [root@localhost yum.repos.d]# mv CentOS-Base.repo CentOS-Base.repo.bak [root@localhost yum.repos.d]# mv CentOS-Base.repo.ta139 CentOS-Base.repo </PRE><BR> <H2>三、安装软件</H2><BR> <H3>1、安装AMP</H3><BR><PRE> [root@localhost ~]# yum -y install httpd httpd-devel mysql mysql-devel mysql-server php php-xml php-cli php-pdo php-mbstring php-mcrypt php-gd php-common php-devel php-mysql </PRE>修改启动配置并启动<BR><PRE>[root@localhost ~]# chkconfig --level 345 mysqld on [root@localhost ~]# chkconfig --level 345 httpd on [root@localhost ~]# service mysqld start [root@localhost ~]# service httpd start </PRE> <H3>2、安装phpmyadmin</H3>注意:可以选择自己需要的版本<BR><PRE>[root@localhost ~]# wget http://nchc.dl.sourceforge.net/sourceforge/phpmyadmin/phpMyAdmin-2.11.9-all-languages-utf-8-only.tar.bz2 [root@localhost ~]# tar xjf phpMyAdmin-2.11.9-all-languages-utf-8-only.tar.bz2 [root@localhost ~]# mv phpMyAdmin-2.11.9-all-languages-utf-8-only /var/www/html/phpmyadmin [root@localhost phpmyadmin]# cp config.sample.inc.php config.inc.php </PRE>编辑config.inc.php 改为下面,字符串是任意的。 <PRE>$cfg['blowfish_secret'] = 'skssiwksksie'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */ </PRE>进入phpmyadmin 请马上修改mysql root 用户的密码。<BR> <H3>3、导入extman 后台数据库</H3>将extmail/extman/slockd 上传到服务器,可以使用ftp/winscp 上传<BR><PRE>[root@localhost ~]# tar zxf extman-0.2.5b1.tar.gz [root@localhost ~]# cd extman-0.2.5b1/docs/ [root@localhost docs]# mysql -uroot -p <extmail.sql Enter password: [root@localhost docs]# mysql -uroot -p <init.sql Enter password: </PRE>如何使用了phpmyadmin改了root 密码,记得输入密码,如果密码为空,请按回车。<BR> <H3>4、RPM 简介</H3>下面我们将采用rpm 的方式安装软件<BR>/usr/src/redhat/SPEC spec 文件夹,通常是rpm文件夹<BR>/usr/src/redhat/RPMS 是生成rpm 的文件,下面还有i368,i486 等子文件夹,一般我们用i386 架构<BR>/usr/src/redhat/SOURCE 源文件文件夹<BR>为了安装时切换目录的方便,我们将目录存放到一个shell变量里。<BR><PRE>[root@localhost ~]# export RPMS=/usr/src/redhat/RPMS [root@localhost ~]# export SOURCE=/usr/src/redhat/SOURCES [root@localhost ~]# export SPEC=/usr/src/redhat/SPECS </PRE>在下面安装过程中,大家要记住cd $RPMS 与cd /usr/src/redhat/RPMS 的目的是一样的,只是shell变量的替换。<BR> <H3>5、安装authlib</H3> <H4>A、安装依懒的包</H4><PRE>[root@localhost ~]# yum -y install postgresql-devel expect libtool-ltdl-devel [root@localhost ~]# wget http://prdownloads.sourceforge.net/courier/courier-authlib-0.61.0.tar.bz2 [root@localhost ~]# tar xjf courier-authlib-0.61.0.tar.bz2 [root@localhost ~]# cd courier-authlib-0.61.0 [root@localhost courier-authlib-0.61.0]# cp courier-authlib.spec $SPEC [root@localhost courier-authlib-0.61.0]# cd .. [root@localhost ~]# cp courier-authlib-0.61.0.tar.bz2 $SOURCE [root@localhost ~]# cd $SPEC [root@localhost SPECS]# rpmbuild -bb courier-authlib.spec (创建rpm文件) </PRE> <H4>B、安装生成的rpm</H4><PRE>[root@localhost SPECS]# cd $RPMS/i386 [root@localhost i386]# rpm -ivh courier-authlib-0.61.0-1.i386.rpm [root@localhost i386]# rpm -ivh courier-authlib-devel-0.61.0-1.i386.rpm [root@localhost i386]# rpm -ivh courier-authlib-mysql-0.61.0-1.i386.rpm </PRE> <H4>C、配置authlibdaemon</H4><PRE>[root@localhost i386]# cd /etc/authlib/ [root@localhost authlib]# mv authdaemonrc authdaemonrc.bak [root@localhost authlib]# vim authdaemonrc </PRE><B>输入下面的内容:</B> <PRE>authmodulelist="authmysql" authmodulelistorig="authmysql" daemons=10 authdaemonvar=/var/spool/authdaemon DEBUG_LOGIN=2 DEFAULTOPTIONS="wbnodsn=1" LOGGEROPTS="" </PRE><B>D、配置authmysqlrc</B> <PRE>[root@localhost authlib]# mv authmysqlrc authmysqlrc.bak [root@localhost authlib]# vim authmysqlrc </PRE><B>输入下面的内容:</B> <PRE>MYSQL_SERVER localhost MYSQL_USERNAME extmail MYSQL_PASSWORD extmail MYSQL_PORT 0 MYSQL_SOCKET /var/lib/mysql/mysql.sock MYSQL_OPT 0 MYSQL_DATABASE extmail MYSQL_SELECT_CLAUSE SELECT username,password,"",uidnumber,gidnumber,\ CONCAT('/home/data/domains/',homedir), \ CONCAT('/home/data/domains/',maildir), \ quota, \ name \ FROM mailbox \ WHERE username = '$(local_part)@$(domain)' </PRE> <H4>E、启动authlib</H4><PRE>[root@localhost ~]# service courier-authlib start Starting Courier authentication services: authdaemond [root@localhost ~]# chmod 777 /var/spool/authdaemon/ </PRE> <H3>6、安装courier-imap</H3>由于courier-imap 不能用root身份生成rpm那么我们新建一个普通用户,并创建一个rpm环境<BR><PRE>[root@localhost ~]# useradd yiyou </PRE>软件包依懒需要安装openldap-server,rpm创建完成后可以删除<BR><PRE>[root@localhost ~]# yum -y install openldap-servers [root@localhost ~]# su - yiyou [yiyou@localhost ~]$ mkdir -p rpm/{BUILD,RPMS,SOURCES,SPECS,SRPMS} [yiyou@localhost ~]$ vim ~/.rpmmacros </PRE>输入内容: <PRE>%_topdir /home/yiyou/rpm </PRE><PRE>[yiyou@localhost ~]$ wget http://prdownloads.sourceforge.net/courier/courier-imap-4.4.1.tar.bz2 [yiyou@localhost ~]$ cp courier-imap-4.4.1.tar.bz2 rpm/SOURCES/ [yiyou@localhost ~]$ tar xjf courier-imap-4.4.1.tar.bz2 [yiyou@localhost ~]$ cd courier-imap-4.4.1 [yiyou@localhost courier-imap-4.4.1]$ cp courier-imap.spec ../rpm/SPECS/ [yiyou@localhost courier-imap-4.4.1]$ cd ../rpm/SPECS/ </PRE>编辑courier-imap.spec 将下面的内容: <PRE>%if %suse_version BuildPreReq: rpm >= 3.0.5 /usr/bin/sed openldap2 openldap2-devel %([ %{suse_version} -gt 819 ] && echo /usr/include/fam.h) %else BuildPreReq: rpm >= 4.0.2 sed /usr/include/fam.h openldap-devel openldap-servers %endif </PRE>改为:<BR><PRE>%if %suse_version BuildPreReq: rpm >= 3.0.5 /usr/bin/sed openldap2 openldap2-devel %else BuildPreReq: rpm >= 4.0.2 sed openldap-devel openldap-servers %endif </PRE>创建rpm <PRE>[yiyou@localhost SPECS]$ rpmbuild -bb courier-imap.spec </PRE>完成rpm后,输入exit退出当前用户。<BR><PRE>[root@localhost ~]# rpm -ivh /home/yiyou/rpm/RPMS/i386/courier-imap-4.4.1-1.i386.rpm [root@localhost ~]# service courier-imap start </PRE> <H3>7、安装cyrus-sasl</H3> <H4>A、安装SRPM</H4><PRE>[root@localhost ~]# wget ftp://194.199.20.114/linux/fedora/updates/8/SRPMS/cyrus-sasl-2.1.22-8.fc8.src.rpm [root@localhost ~]# rpm -ivh cyrus-sasl-2.1.22-8.fc8.src.rpm [root@localhost ~]# cd $SPEC </PRE>编辑cyrus-sasl.spec 将下面:<BR><PRE># Bundling copy of Berkeley DB, for sasldb support. topdir=`pwd` pushd db-%{db_version}/build_unix ../dist/configure \ --with-mutex=UNIX/fcntl --disable-shared --enable-static --with-pic \ --with-uniquename=_cyrus_sasl_sasldb_rh \ --prefix=${topdir}/db-instroot \ --includedir=${topdir}/db-instroot/include \ --libdir=${topdir}/db-instroot/lib </PRE>改为:<BR><PRE># Bundling copy of Berkeley DB, for sasldb support. topdir=`pwd` pushd db-%{db_version}/build_unix ../dist/configure \ --with-mutex=UNIX/fcntl --disable-shared --enable-static --with-pic \ --with-uniquename=_cyrus_sasl_sasldb_rh \ --prefix=${topdir}/db-instroot \ --includedir=${topdir}/db-instroot/include \ --libdir=${topdir}/db-instroot/lib \ --with-authdaemond=/var/spool/authdaemon </PRE> <H4>B、生成rpm</H4><PRE>[root@localhost SPECS]# rpmbuild -bb cyrus-sasl.spec [root@localhost RPMS]# cd $RPMS/i386 [root@localhost i386]# rpm -e --nodeps cyrus-sasl-devel cyrus-sasl-plain cyrus-sasl cyrus-sasl-lib (如果这些包存在) [root@localhost i386]# rpm -ihv cyrus-sasl-lib-2.1.22-8.i386.rpm [root@localhost i386]# rpm -ihv cyrus-sasl-2.1.22-8.i386.rpm [root@localhost i386]# rpm -ihv cyrus-sasl-plain-2.1.22-8.i386.rpm </PRE> <H4>C、配置sasl2</H4>创建/usr/lib/sasl2/smtpd.conf 文件,输入下面的内容: <PRE>pwcheck_method:authdaemond log_level:3 mech_list:PLAIN LOGIN authdaemond_path:/var/spool/authdaemon/socket </PRE> <H3>8、安装postfix</H3> <H4>A、下载软件包</H4><PRE>[root@localhost i386]# cd [root@localhost ~]# wget http://ftp.wl0.org/official/2.5/SRPMS/postfix-2.5.4-2.src.rpm [root@localhost ~]# rpm -ivh postfix-2.5.4-2.src.rpm [root@localhost ~]# cd $SPEC </PRE>编辑postfix.spec 修改下面的选项 <PRE>%define distribution rhel-5.0 %define with_mysql_redhat 1 %define with_sasl 2 %define with_vda 1 </PRE> <H4>B、创建rpm </H4><PRE>[root@localhost SPECS]# rpmbuild -bb postfix.spec [root@localhost RPMS]# cd $RPMS/i386 [root@localhost i386]# rpm -ivh postfix-2.5.4-2.rhel4.i386.rpm </PRE> <H4>C、切换mta </H4><PRE>[root@localhost i386]# alternatives --config mta (选择2,postfix) [root@localhost i386]# rpm -e sendmail [root@localhost i386]# cd /usr/sbin/ [root@localhost sbin]# mv sendmail sendmail.bak [root@localhost sbin]# newaliases [root@localhost sbin]# ln -s sendmail.postfix sendmail </PRE> <H4>D、配置postfix </H4><PRE>[root@localhost ~]# cd /etc/postfix/ [root@localhost postfix]# mv main.cf main.cf.bak [root@localhost postfix]# vim main.cf </PRE>输入下面的内容: <PRE>queue_directory = /var/spool/postfix command_directory = /usr/sbin daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix mail_owner = postfix unknown_local_recipient_reject_code = 550 debug_peer_level = 2 debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5 sendmail_path = /usr/sbin/sendmail.postfix newaliases_path = /usr/bin/newaliases.postfix mailq_path = /usr/bin/mailq.postfix setgid_group = postdrop html_directory = /usr/share/doc/postfix-2.5.2-documentation/html manpage_directory = /usr/share/man sample_directory = /etc/postfix readme_directory = /usr/share/doc/postfix-2.5.2-documentation/readme alias_database = hash:/etc/postfix/aliases alias_maps = hash:/etc/postfix/aliases myhostname = mail.yiyou.org mydomain = yiyou.org mydestination = $myhostname smtpd_banner = yiyou.org ESMTP Mail System message_size_limit = 14680064 virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf virtual_mailbox_base = /home/data/domains virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf virtual_mailbox_limit_maps = mysql:/etc/postfix/mysql_virtual_limit_maps.cf virtual_transport = maildrop: maildrop_destination_recipient_limit = 1 #sasl smtpd_sasl_auth_enable = yes smtpd_sasl2_auth_enable = yes smtpd_sasl_security_options = noanonymous broken_sasl_auth_clients = yes smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_unauth_pipelining, reject_invalid_hostname </PRE>复制extman/docs 目录的cf 文件到/etc/postfix <PRE>[root@localhost postfix]# cp /root/extman-0.2.5b1/docs/mysql_virtual_* . </PRE>因为配置文件的用户、密码与数据库时一样,所以不用修改。 <PRE>[root@localhost postfix]# service postfix start </PRE> <H3>9、安装maildrop </H3> <H4>A、下载生成RPM</H4><PRE>[root@localhost postfix]# cd [root@localhost ~]# wget http://prdownloads.sourceforge.net/courier/maildrop-2.0.4.tar.bz2 [root@localhost ~]# cp maildrop-2.0.4.tar.bz2 $SOURCE [root@localhost ~]# tar xjf maildrop-2.0.4.tar.bz2 [root@localhost ~]# cd maildrop-2.0.4 [root@localhost maildrop-2.0.4]# cp maildrop.spec $SPEC [root@localhost maildrop-2.0.4]# cd $SPEC </PRE>编辑maildrop.spec 把下面: <PRE>BuildRequires: /usr/include/fam.h gdbm-devel pcre-devel </PRE>改为: <PRE>BuildRequires: gdbm-devel pcre-devel </PRE>把下面: <PRE>%configure --with-devel --enable-userdb --enable-maildirquota \ --enable-syslog=1 --enable-trusted-users='root mail daemon postmaster qmaild mmdf' \ --enable-restrict-trusted=0 \ --enable-sendmail=/usr/sbin/sendmail </PRE>改为: <PRE>%configure --with-devel --enable-userdb --enable-maildirquota \ --enable-syslog=1 --enable-trusted-users='root mail daemon postmaster qmaild mmdf' \ --enable-restrict-trusted=0 --enable-sendmail=/usr/sbin/sendmail \ --enable-authlib </PRE> <H4>B、创建安装maildrop rpm </H4><PRE>[root@localhost SPECS]# yum -y install pcre-devel [root@localhost SPECS]# rpmbuild -bb maildrop.spec [root@localhost SPECS]# cd $RPMS/i386 [root@localhost i386]# rpm -ivh maildrop-2.0.4-1.i386.rpm </PRE> <H4>C、添加虚似用户及创建目录 </H4><PRE>[root@localhost i386]# cd [root@localhost ~]# groupadd -g 1000 vgroup [root@localhost ~]# useradd -g 1000 -u 1000 -s /sbin/nologin -d /dev/null vuser </PRE>编辑/etc/postfix/master.cf ,加入下面的内容: <PRE>maildrop unix - n n - - pipe flags=DRhu user=vuser argv=/usr/bin/maildrop -d ${user}@${nexthop} ${recipient} ${user} ${extension} ${nexthop} </PRE> <H4>D、创建邮件存储目录 </H4><PRE>[root@localhost ~]# mkdir -p /home/data/domains/extmail.org/postmaster [root@localhost ~]# maildirmake /home/data/domains/extmail.org/postmaster/Maildir [root@localhost ~]# chown -R vuser:vgroup /home/data/domains/ </PRE> <H4>E、测试maildrop </H4><PRE>[root@localhost ~]# echo "test" | maildrop -V 10 -d postmaster@extmail.org maildrop: authlib: groupid=1000 maildrop: authlib: userid=1000 maildrop: authlib: logname=postmaster@extmail.org, home=/home/data/domains/extmail.org/postmaster, mail=/home/data/domains/extmail.org/postmaster/Maildir/ maildrop: Changing to /home/data/domains/extmail.org/postmaster Message start at 0 bytes, envelope sender=postmaster@extmail.org maildrop: Attempting .mailfilter maildrop: Delivery complete. </PRE>出现上以信息说明authlib,maildrop 工作正常<BR> <H4>F、测试pop3</H4><PRE>[root@localhost ~]# telnet localhost 110 Trying 127.0.0.1... Connected to localhost.localdomain (127.0.0.1). Escape character is '^]'. +OK Hello there. user postmaster@extmail.org +OK Password required. pass extmail +OK logged in. list +OK POP3 clients that break here, they violate STD53. 1 6 . retr 1 +OK 6 octets follow. test . quit +OK Bye-bye. Connection closed by foreign host. </PRE> <H4>G、测试postfix </H4><PRE>[root@localhost ~]# perl -MMIME::Base64 -e 'print encode_base64("postmaster\@extmail.org");' cG9zdG1hc3RlckBleHRtYWlsLm9yZw== [root@localhost ~]# perl -MMIME::Base64 -e 'print encode_base64("extmail");' ZXh0bWFpbA== [root@localhost ~]# service postfix restart (重启一下) [root@localhost ~]# telnet localhost 25 Trying 127.0.0.1... Connected to localhost.localdomain (127.0.0.1). Escape character is '^]'. 220 yiyou.org ESMTP Mail System ehlo test.com 250-mail.yiyou.org 250-PIPELINING 250-SIZE 14680064 250-VRFY 250-ETRN 250-AUTH LOGIN PLAIN 250-AUTH=LOGIN PLAIN 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN auth login 334 VXNlcm5hbWU6 cG9zdG1hc3RlckBleHRtYWlsLm9yZw== 334 UGFzc3dvcmQ6 ZXh0bWFpbA== 235 2.7.0 Authentication successful quit 221 2.0.0 Bye Connection closed by foreign host </PRE> <H3>10、安装amavisd-new</H3>编辑/etc/yum.repos.d/CentOS-Base.repo 加入下面的内容: <PRE>[dag] name=Dag RPM Repostory for Red Hat Enterprise Linux baseurl=http://apt.sw.be/redhat/el$releasever/en/$basearch/dag gpgcheck=1 enabled=1 gpgkey=http://dag.wieers.com/packages/RPM-GPG-KEY.dag.txt </PRE><PRE>[root@localhost ~]# yum -y install clamav clamav-db clamd clamav-devel amavisd-new </PRE>编辑/etc/amavisd.conf,修改下面的内容 <PRE>$mydomain = 'yiyou.org'; # a convenient default for other settings </PRE>把下面内容去掉注释,并修改为下面 <PRE> ['ClamAV-clamd', \&ask_daemon, ["CONTSCAN {}\n", "/tmp/clamd.socket"], qr/\bOK$/, qr/\bFOUND$/, qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ], </PRE><PRE>[root@localhost ~]# usermod -G amavis clamav [root@localhost ~]# service clamd start </PRE>在/etc/postfix/master.cf 增加下面的内容: <PRE>smtp-amavis unix - - n - 4 smtp -o smtp_data_done_timeout=1200 -o smtp_send_xforward_command=yes -o disable_dns_lookups=yes 127.0.0.1:10025 inet n - n - - smtpd -o content_filter= -o local_recipient_maps= -o relay_recipient_maps= -o smtpd_restriction_classes= -o smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o mynetworks=127.0.0.0/8 -o strict_rfc821_envelopes=yes -o smtpd_error_sleep_time=0 -o smtpd_soft_error_limit=1001 -o smtpd_hard_error_limit=1000 -o receive_override_options=no_header_body_checks </PRE>在/etc/postfix/main.cf 加入下面的内容 <PRE>content_filter = smtp-amavis:[localhost]:10024 </PRE><PRE>[root@localhost ~]# service postfix reload </PRE> <H3>11、安装extman/extmail</H3> <H4>A、配置apache</H4>修改/etc/httpd/conf/httpd.conf,将下面的选项改为: <PRE>User vuser Group vgroup </PRE><PRE>[root@localhost ~]# cd /etc/httpd/conf.d/ [root@localhost conf.d]# vim extmail.conf </PRE>输入下面的内容: <PRE>Alias /extman/cgi/ /var/www/extsuite/extman/cgi/ Alias /extman /var/www/extsuite/extman/html/ <Location "/extman/cgi"> SetHandler cgi-script Options +ExecCGI </Location> # config for ExtMail Alias /extmail/cgi/ /var/www/extsuite/extmail/cgi/ Alias /extmail /var/www/extsuite/extmail/html/ <Location "/extmail/cgi"> SetHandler cgi-script Options +ExecCGI </Location> </PRE><PRE>[root@localhost ~]# mkdir /var/www/extsuite [root@localhost ~]# tar zxf extmail-1.0.5b1.tar.gz [root@localhost ~]# cp -r extmail-1.0.5b1 /var/www/extsuite/extmail [root@localhost ~]# cp -r extman-0.2.5b1 /var/www/extsuite/extman </PRE> <H4>B、配置extmail参数 </H4><PRE>[root@localhost ~]# cd /var/www/extsuite/extmail/ [root@localhost extmail]# cp webmail.cf.default webmail.cf </PRE>修改webmail.cf 下面的选项 <PRE>SYS_SESS_DIR = /tmp/extmail SYS_MAILDIR_BASE = /home/data/domains SYS_MYSQL_USER = extmail SYS_MYSQL_PASS = extmail </PRE> <H4>C、配置extman参数 </H4><PRE>[root@localhost extmail]# cd /var/www/extsuite/extman/ </PRE>修改webman.cf 下面的选项: <PRE>SYS_MAILDIR_BASE = /home/data/domains </PRE> <H4>D、创建session 目录 </H4><PRE>[root@localhost extman]# mkdir /tmp/{extman,extmail} [root@localhost extman]# chown vuser:vgroup /tmp/ext* </PRE> <H4>E、配置后台日志分析工具 </H4><PRE>[root@localhost addon]# cd /var/www/extsuite/extman/addon/ [root@localhost addon]# cp -r mailgraph_ext /usr/local/ </PRE>将下面的内容加入/etc/rc.local <PRE>/usr/local/mailgraph_ext/mailgraph-init start /usr/local/mailgraph_ext/qmonitor-init start </PRE>安装所依懒的软件包 <PRE>[root@localhost mailgraph_ext]# yum -y install rrdtool perl-rrdtool perl-GD perl-File-Tail </PRE> <H4>F、启动后台进程 </H4><PRE>[root@localhost mailgraph_ext]# /usr/local/mailgraph_ext/qmonitor-init start Starting queue statistics grapher: qmonitor [root@localhost mailgraph_ext]# /usr/local/mailgraph_ext/mailgraph-init start Starting mail statistics grapher: mailgraph_ext </PRE> <H4>G、访问extmail/extman</H4>打开浏览器,输入http://your_ip_address/extmail 注意:your_ip_address 为你实际的ip<BR>第一个测试用户为:postmaster 密码:extmail 域:extmail<BR><BR>打开浏览器,输入http://your_ip_address/extman <BR>extman root 用户为:root@extmail.org 密码为:extmail*123*<BR>注意:进入系统后要修改密码及找回密码的提示问题、答案。<BR> <H3>12、安装slockd</H3>slockd 是一个基于策略的垃圾邮件软件,很多用户反映使用后,反垃圾效果非常明显,但是有部分用户由于对该软件的使用,特性不了解,而产生了很多麻烦。<BR>所在在此建议,如果你对该软件不了解,或者系统里的垃圾邮件少,可以暂时不安装。 <PRE>[root@localhost ~]# tar zxf slockd-0.2beta1.tar.gz [root@localhost ~]# cp -r slockd-0.2beta1 /usr/local/slockd [root@localhost ~]# cd /usr/local/slockd </PRE>将下面的内容加入/etc/rc.local <PRE>/usr/local/slockd/slockd-init start </PRE>[root@localhost slockd]# vim config/main.cf (编辑slockd/config/main.cf)修改下面的内容 <PRE>setsid 1 (去掉注释,让程序成为后台进程) </PRE>修改/etc/postfix/main.cf 将原先的内容: <PRE>smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_unauth_pipelining, reject_invalid_hostname </PRE>改为: <PRE>smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_unauth_pipelining, reject_invalid_hostname, check_policy_service inet:127.0.0.1:10030 </PRE>重载postfix 配置文件 <PRE>[root@localhost slockd]# service postfix reload </PRE> <H3>13、安装vhmgr </H3>vhostmgr 是一款虚似主机管理软件,可以对apache,pure-ftp,mysql 进行管理,是管理员的好帮手。<BR>vhostmgr 有如下特点:<BR>a、只需要安装一个apache,ftp<BR>b、apache 不需要以root 运行。用普通用户身份运行就行了。<BR>c、可以通过web 进行重读配置文件,系统关机,等操作<BR>d、采用apache+cgi 方式运行,容易配置,安装、使用文档详细。<BR>e、如果你是一个管理员,每为一个用户添加主机而麻烦,使用该软件将为你节省大量时间。<BR>f、开通apache,ftp,mysql 都是即时生效。<BR>更多功能,更多方便,使用后才知道!!!<BR>g、支持freebsd ,linux 等多种系统<BR><BR>vhmgr 还有一个重要特点:<FONT color=#ff0000><SPAN class=STYLE1>开源并完全免费使用。</SPAN><BR><BR></FONT><A href="http://www.yiyou.org/56vhostmgr_001beta.html"><FONT color=#0000ff>软件地址</FONT></A><BR><BR>为了不重复劳功,将不再次叙述。<BR><BR>apache 改变运行id 后,php session功能将会出现问题,因为session 的存储目录权限没有跟着改变为新的,只要执行下面的命令即可解决问题。<BR><PRE>[root@localhost slockd]# chown -R vuser:vgroup /var/lib/php/session/ </PRE> <P><SPAN class=STYLE1><FONT color=#ff0000>请尊重作者劳动,复制此文档时,请保留或添加文档来源。版权:开源易有(</FONT><A href="http://www.yiyou.org/"><FONT color=#800080>http://www.yiyou.org</FONT></A><FONT color=#ff0000>)</FONT></SPAN></P></DIV>
查看全文
发表于:2009-01-03 ┆
阅读(236)
┆
评论(0)
(zh CN)OpenBSD(4.1)+Postfix+OpenLDAP+Cyrus-SASL+Co
<DIV> <H1 class=firstHeading>(zh CN)OpenBSD(4.1)+Postfix+OpenLDAP+Cyrus-SASL+Courier</H1> <DIV id=bodyContent> <H3 id=siteSub>From OpenBSD-Wiki</H3> <DIV id=contentSub></DIV> <DIV id=jump-to-nav>Jump to: <A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#column-one"><FONT color=#800080>navigation</FONT></A>, <A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#searchInput"><FONT color=#800080>search</FONT></A></DIV><!-- start content --> <TABLE style="BORDER-RIGHT: #ffcc00 1px solid; BORDER-TOP: #ffcc00 1px solid; BORDER-LEFT: #ffcc00 1px solid; BORDER-BOTTOM: #ffcc00 1px solid; BACKGROUND-COLOR: #ffcc00" width=225> <TBODY> <TR> <TD style="BORDER-RIGHT: #ffcc00 1px solid; BORDER-TOP: #ffcc00 1px solid; BORDER-LEFT: #ffcc00 1px solid; BORDER-BOTTOM: #ffcc00 1px solid; BACKGROUND-COLOR: #ffff66"><FONT size=-1>Written for: OpenBSD Version 4.1</FONT> </TD></TR></TBODY></TABLE> <TABLE style="BORDER-RIGHT: #a604b5 1px solid; BORDER-TOP: #a604b5 1px solid; BORDER-LEFT: #a604b5 1px solid; BORDER-BOTTOM: #a604b5 1px solid; BACKGROUND-COLOR: #a604b5" width=225> <TBODY> <TR> <TD style="BORDER-RIGHT: #a604b5 1px solid; BORDER-TOP: #a604b5 1px solid; BORDER-LEFT: #a604b5 1px solid; BORDER-BOTTOM: #a604b5 1px solid; BACKGROUND-COLOR: #f476ff"><FONT size=-1>Language: zh_CN</FONT> </TD> <TD style="BORDER-RIGHT: #a604b5 1px solid; BORDER-TOP: #a604b5 1px solid; BORDER-LEFT: #a604b5 1px solid; BORDER-BOTTOM: #a604b5 1px solid; BACKGROUND-COLOR: #f476ff"><FONT size=-1>语言:简体中文</FONT> </TD></TR></TBODY></TABLE> <P><A class=image title="image: Tip.png" href="http://openbsd-wiki.org/index.php?title=Image:Tip.png"><IMG height=32 alt="image: Tip.png" src="http://openbsd-wiki.org/images/4/45/Tip.png" width=32 border=0></A> 本文档已不再更新,请查看用于 OpenBSD 4.2 -release 的新版本文档: </P> <UL> <LI><A class="external text" title=http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.2%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.2%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier" rel=nofollow><FONT color=#0000ff>(zh_CN)OpenBSD(4.2)+Postfix+OpenLDAP+Cyrus-SASL+Courier</FONT></A> </LI></UL> <TABLE class=toc id=toc summary=Contents> <TBODY> <TR> <TD> <DIV id=toctitle> <H2>Contents</H2><SPAN class=toctoggle>[<A class=internal id=togglelink href="javascript:toggleToc()"><FONT color=#0000ff>hide</FONT></A>]</SPAN></DIV> <UL> <LI class=toclevel-1><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#First_of_all"><FONT color=#800080><SPAN class=tocnumber>1</SPAN> <SPAN class=toctext>First of all</SPAN></FONT></A> <LI class=toclevel-1><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#Overview"><FONT color=#800080><SPAN class=tocnumber>2</SPAN> <SPAN class=toctext>Overview</SPAN></FONT></A> <UL> <LI class=toclevel-2><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#Author"><FONT color=#800080><SPAN class=tocnumber>2.1</SPAN> <SPAN class=toctext>Author</SPAN></FONT></A> <LI class=toclevel-2><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#About_OpenBSD"><FONT color=#800080><SPAN class=tocnumber>2.2</SPAN> <SPAN class=toctext>About OpenBSD</SPAN></FONT></A> <LI class=toclevel-2><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#OS_.26_Packages"><FONT color=#800080><SPAN class=tocnumber>2.3</SPAN> <SPAN class=toctext>OS & Packages</SPAN></FONT></A> <LI class=toclevel-2><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#Features"><FONT color=#800080><SPAN class=tocnumber>2.4</SPAN> <SPAN class=toctext>Features</SPAN></FONT></A> <LI class=toclevel-2><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#Architecture"><FONT color=#800080><SPAN class=tocnumber>2.5</SPAN> <SPAN class=toctext>Architecture</SPAN></FONT></A> <LI class=toclevel-2><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#Todo"><FONT color=#800080><SPAN class=tocnumber>2.6</SPAN> <SPAN class=toctext>Todo</SPAN></FONT></A> <UL> <LI class=toclevel-3><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#System_administration"><FONT color=#800080><SPAN class=tocnumber>2.6.1</SPAN> <SPAN class=toctext>System administration</SPAN></FONT></A> <LI class=toclevel-3><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#Apache"><FONT color=#800080><SPAN class=tocnumber>2.6.2</SPAN> <SPAN class=toctext>Apache</SPAN></FONT></A> <LI class=toclevel-3><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#OpenLDAP"><FONT color=#800080><SPAN class=tocnumber>2.6.3</SPAN> <SPAN class=toctext>OpenLDAP</SPAN></FONT></A> <LI class=toclevel-3><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#PF"><FONT color=#800080><SPAN class=tocnumber>2.6.4</SPAN> <SPAN class=toctext>PF</SPAN></FONT></A> <LI class=toclevel-3><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#HA"><FONT color=#800080><SPAN class=tocnumber>2.6.5</SPAN> <SPAN class=toctext>HA</SPAN></FONT></A> </LI></UL> <LI class=toclevel-2><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#Credits"><FONT color=#800080><SPAN class=tocnumber>2.7</SPAN> <SPAN class=toctext>Credits</SPAN></FONT></A> </LI></UL> <LI class=toclevel-1><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#Apache.2BPHP"><FONT color=#800080><SPAN class=tocnumber>3</SPAN> <SPAN class=toctext>Apache+PHP</SPAN></FONT></A> <UL> <LI class=toclevel-2><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#Apache_2"><FONT color=#800080><SPAN class=tocnumber>3.1</SPAN> <SPAN class=toctext>Apache</SPAN></FONT></A> <UL> <LI class=toclevel-3><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#.E5.90.AF.E7.94.A8_Apache"><FONT color=#800080><SPAN class=tocnumber>3.1.1</SPAN> <SPAN class=toctext>启用 Apache</SPAN></FONT></A> <LI class=toclevel-3><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#Apache_.E7.9A.84.E5.90.AF.E5.8A.A8.E4.B8.8E.E5.81.9C.E6.AD.A2"><FONT color=#800080><SPAN class=tocnumber>3.1.2</SPAN> <SPAN class=toctext>Apache 的启动与停止</SPAN></FONT></A> </LI></UL> <LI class=toclevel-2><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#.E5.AE.89.E8.A3.85_PHP.EF.BC.9Aphp5-core"><FONT color=#800080><SPAN class=tocnumber>3.2</SPAN> <SPAN class=toctext>安装 PHP:php5-core</SPAN></FONT></A> <LI class=toclevel-2><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#PHP_Extensions"><FONT color=#800080><SPAN class=tocnumber>3.3</SPAN> <SPAN class=toctext>PHP Extensions</SPAN></FONT></A> <UL> <LI class=toclevel-3><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#php5-ldap"><FONT color=#800080><SPAN class=tocnumber>3.3.1</SPAN> <SPAN class=toctext>php5-ldap</SPAN></FONT></A> <LI class=toclevel-3><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#php5-imap"><FONT color=#800080><SPAN class=tocnumber>3.3.2</SPAN> <SPAN class=toctext>php5-imap</SPAN></FONT></A> </LI></UL></LI></UL> <LI class=toclevel-1><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#OpenLDAP_2"><FONT color=#800080><SPAN class=tocnumber>4</SPAN> <SPAN class=toctext>OpenLDAP</SPAN></FONT></A> <UL> <LI class=toclevel-2><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#.E5.AE.89.E8.A3.85_OpenLDAP"><FONT color=#800080><SPAN class=tocnumber>4.1</SPAN> <SPAN class=toctext>安装 OpenLDAP</SPAN></FONT></A> <LI class=toclevel-2><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#.E9.85.8D.E7.BD.AE_OpenLDAP"><FONT color=#800080><SPAN class=tocnumber>4.2</SPAN> <SPAN class=toctext>配置 OpenLDAP</SPAN></FONT></A> <UL> <LI class=toclevel-3><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#authldap.schema"><FONT color=#800080><SPAN class=tocnumber>4.2.1</SPAN> <SPAN class=toctext>authldap.schema</SPAN></FONT></A> <LI class=toclevel-3><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#.2Fetc.2Fopenldap.2Fslapd.conf"><FONT color=#800080><SPAN class=tocnumber>4.2.2</SPAN> <SPAN class=toctext>/etc/openldap/slapd.conf</SPAN></FONT></A> <LI class=toclevel-3><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#.E5.90.AF.E5.8A.A8_OpenLDAP"><FONT color=#800080><SPAN class=tocnumber>4.2.3</SPAN> <SPAN class=toctext>启动 OpenLDAP</SPAN></FONT></A> <LI class=toclevel-3><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#.2Fetc.2Frc.conf.local"><FONT color=#800080><SPAN class=tocnumber>4.2.4</SPAN> <SPAN class=toctext>/etc/rc.conf.local</SPAN></FONT></A> <LI class=toclevel-3><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#.2Fetc.2Frc.local"><FONT color=#800080><SPAN class=tocnumber>4.2.5</SPAN> <SPAN class=toctext>/etc/rc.local</SPAN></FONT></A> <UL> <LI class=toclevel-4><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#reboot"><FONT color=#800080><SPAN class=tocnumber>4.2.5.1</SPAN> <SPAN class=toctext>reboot</SPAN></FONT></A> </LI></UL> <LI class=toclevel-3><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#.E5.88.9D.E5.A7.8B.E5.8C.96_LDAP"><FONT color=#800080><SPAN class=tocnumber>4.2.6</SPAN> <SPAN class=toctext>初始化 LDAP</SPAN></FONT></A> <UL> <LI class=toclevel-4><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#LDAP_.E6.A0.91.E7.BB.93.E6.9E.84"><FONT color=#800080><SPAN class=tocnumber>4.2.6.1</SPAN> <SPAN class=toctext>LDAP 树结构</SPAN></FONT></A> <LI class=toclevel-4><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#root_entry:_dc.3Dbibby.2Cdc.3Dorg"><FONT color=#800080><SPAN class=tocnumber>4.2.6.2</SPAN> <SPAN class=toctext>root entry: dc=bibby,dc=org</SPAN></FONT></A> <LI class=toclevel-4><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#cn.3DManager.2Cdc.3Dbibby.2Cdc.3Dorg"><FONT color=#800080><SPAN class=tocnumber>4.2.6.3</SPAN> <SPAN class=toctext>cn=Manager,dc=bibby,dc=org</SPAN></FONT></A> <LI class=toclevel-4><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#o.3Ddomains.2Cdc.3Dbibby.2Cdc.3Dorg"><FONT color=#800080><SPAN class=tocnumber>4.2.6.4</SPAN> <SPAN class=toctext>o=domains,dc=bibby,dc=org</SPAN></FONT></A> <LI class=toclevel-4><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#o.3DdomainX.com.2Co.3Ddomains.2Cdc.3Dbibby.2Cdc.3Dorg"><FONT color=#800080><SPAN class=tocnumber>4.2.6.5</SPAN> <SPAN class=toctext>o=domainX.com,o=domains,dc=bibby,dc=org</SPAN></FONT></A> <LI class=toclevel-4><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#cn.3Dbibby.2Co.3Ddomain1.com.2Co.3Ddomains.2Cdc.3Dbibby.2Cdc.3Dorg"><FONT color=#800080><SPAN class=tocnumber>4.2.6.6</SPAN> <SPAN class=toctext>cn=bibby,o=domain1.com,o=domains,dc=bibby,dc=org</SPAN></FONT></A> </LI></UL></LI></UL> <LI class=toclevel-2><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#phpLDAPadmin"><FONT color=#800080><SPAN class=tocnumber>4.3</SPAN> <SPAN class=toctext>phpLDAPadmin</SPAN></FONT></A> <UL> <LI class=toclevel-3><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#.E5.AE.89.E8.A3.85_phpLDAPadmin"><FONT color=#800080><SPAN class=tocnumber>4.3.1</SPAN> <SPAN class=toctext>安装 phpLDAPadmin</SPAN></FONT></A> <LI class=toclevel-3><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#.E7.99.BB.E5.BD.95_phpLDAPadmin"><FONT color=#800080><SPAN class=tocnumber>4.3.2</SPAN> <SPAN class=toctext>登录 phpLDAPadmin</SPAN></FONT></A> </LI></UL></LI></UL> <LI class=toclevel-1><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#Postfix"><FONT color=#800080><SPAN class=tocnumber>5</SPAN> <SPAN class=toctext>Postfix</SPAN></FONT></A> <UL> <LI class=toclevel-2><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#Cyrus-SASL.EF.BC.9Asmtpd_.E8.AE.A4.E8.AF.81"><FONT color=#800080><SPAN class=tocnumber>5.1</SPAN> <SPAN class=toctext>Cyrus-SASL:smtpd 认证</SPAN></FONT></A> <UL> <LI class=toclevel-3><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#.2Fusr.2Flocal.2Flib.2Fsasl2.2Fsmtpd.conf"><FONT color=#800080><SPAN class=tocnumber>5.1.1</SPAN> <SPAN class=toctext>/usr/local/lib/sasl2/smtpd.conf</SPAN></FONT></A> <LI class=toclevel-3><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#.2Fetc.2Fsaslauthd.conf"><FONT color=#800080><SPAN class=tocnumber>5.1.2</SPAN> <SPAN class=toctext>/etc/saslauthd.conf</SPAN></FONT></A> <LI class=toclevel-3><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#.2Fetc.2Frc.conf.local_2"><FONT color=#800080><SPAN class=tocnumber>5.1.3</SPAN> <SPAN class=toctext>/etc/rc.conf.local</SPAN></FONT></A> <LI class=toclevel-3><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#.2Fetc.2Frc.local_2"><FONT color=#800080><SPAN class=tocnumber>5.1.4</SPAN> <SPAN class=toctext>/etc/rc.local</SPAN></FONT></A> <LI class=toclevel-3><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#.E6.B5.8B.E8.AF.95_SASL_.E8.AE.A4.E8.AF.81"><FONT color=#800080><SPAN class=tocnumber>5.1.5</SPAN> <SPAN class=toctext>测试 SASL 认证</SPAN></FONT></A> <LI class=toclevel-3><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#.2Fvar.2Flog.2Fauthlog"><FONT color=#800080><SPAN class=tocnumber>5.1.6</SPAN> <SPAN class=toctext>/var/log/authlog</SPAN></FONT></A> </LI></UL> <LI class=toclevel-2><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#.E5.AE.89.E8.A3.85_Postfix"><FONT color=#800080><SPAN class=tocnumber>5.2</SPAN> <SPAN class=toctext>安装 Postfix</SPAN></FONT></A> <UL> <LI class=toclevel-3><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#.E5.AE.89.E8.A3.85.E5.90.8E.E7.9A.84.E5.88.9D.E6.AD.A5.E9.85.8D.E7.BD.AE"><FONT color=#800080><SPAN class=tocnumber>5.2.1</SPAN> <SPAN class=toctext>安装后的初步配置</SPAN></FONT></A> </LI></UL> <LI class=toclevel-2><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#.E9.85.8D.E7.BD.AE_Postfix"><FONT color=#800080><SPAN class=tocnumber>5.3</SPAN> <SPAN class=toctext>配置 Postfix</SPAN></FONT></A> <UL> <LI class=toclevel-3><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#.2Fetc.2Fpostfix.2Fmain.cf"><FONT color=#800080><SPAN class=tocnumber>5.3.1</SPAN> <SPAN class=toctext>/etc/postfix/main.cf</SPAN></FONT></A> <UL> <LI class=toclevel-4><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#Generic"><FONT color=#800080><SPAN class=tocnumber>5.3.1.1</SPAN> <SPAN class=toctext>Generic</SPAN></FONT></A> <LI class=toclevel-4><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#.E8.99.9A.E6.8B.9F.E5.9F.9F"><FONT color=#800080><SPAN class=tocnumber>5.3.1.2</SPAN> <SPAN class=toctext>虚拟域</SPAN></FONT></A> <UL> <LI class=toclevel-5><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#.2Fetc.2Fpostfix.2Ftransport"><FONT color=#800080><SPAN class=tocnumber>5.3.1.2.1</SPAN> <SPAN class=toctext>/etc/postfix/transport</SPAN></FONT></A> <LI class=toclevel-5><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#virtual_mailbox.2Fuid.2Fgid"><FONT color=#800080><SPAN class=tocnumber>5.3.1.2.2</SPAN> <SPAN class=toctext>virtual mailbox/uid/gid</SPAN></FONT></A> </LI></UL> <LI class=toclevel-4><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#SASL_.E7.94.A8.E6.88.B7.E8.AE.A4.E8.AF.81"><FONT color=#800080><SPAN class=tocnumber>5.3.1.3</SPAN> <SPAN class=toctext>SASL 用户认证</SPAN></FONT></A> </LI></UL></LI></UL> <LI class=toclevel-2><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#.E6.B5.8B.E8.AF.95_Postfix_.E7.9A.84_SMTP_.E5.8A.9F.E8.83.BD"><FONT color=#800080><SPAN class=tocnumber>5.4</SPAN> <SPAN class=toctext>测试 Postfix 的 SMTP 功能</SPAN></FONT></A> <LI class=toclevel-2><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#Debug"><FONT color=#800080><SPAN class=tocnumber>5.5</SPAN> <SPAN class=toctext>Debug</SPAN></FONT></A> </LI></UL> <LI class=toclevel-1><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#Courier"><FONT color=#800080><SPAN class=tocnumber>6</SPAN> <SPAN class=toctext>Courier</SPAN></FONT></A> <UL> <LI class=toclevel-2><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#.E5.AE.89.E8.A3.85_courier-.2A"><FONT color=#800080><SPAN class=tocnumber>6.1</SPAN> <SPAN class=toctext>安装 courier-*</SPAN></FONT></A> <UL> <LI class=toclevel-3><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#courier-authlib-ldap"><FONT color=#800080><SPAN class=tocnumber>6.1.1</SPAN> <SPAN class=toctext>courier-authlib-ldap</SPAN></FONT></A> <LI class=toclevel-3><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#courier-imap"><FONT color=#800080><SPAN class=tocnumber>6.1.2</SPAN> <SPAN class=toctext>courier-imap</SPAN></FONT></A> <LI class=toclevel-3><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#courier-pop3"><FONT color=#800080><SPAN class=tocnumber>6.1.3</SPAN> <SPAN class=toctext>courier-pop3</SPAN></FONT></A> </LI></UL> <LI class=toclevel-2><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#.E9.85.8D.E7.BD.AE_Courier-IMAP.2FPOP3"><FONT color=#800080><SPAN class=tocnumber>6.2</SPAN> <SPAN class=toctext>配置 Courier-IMAP/POP3</SPAN></FONT></A> <UL> <LI class=toclevel-3><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#.2Fetc.2Fcourier.2Fauthdaemonrc"><FONT color=#800080><SPAN class=tocnumber>6.2.1</SPAN> <SPAN class=toctext>/etc/courier/authdaemonrc</SPAN></FONT></A> <LI class=toclevel-3><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#.2Fetc.2Fcourier.2Fauthldaprc"><FONT color=#800080><SPAN class=tocnumber>6.2.2</SPAN> <SPAN class=toctext>/etc/courier/authldaprc</SPAN></FONT></A> <LI class=toclevel-3><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#.2Fetc.2Frc.conf.local_3"><FONT color=#800080><SPAN class=tocnumber>6.2.3</SPAN> <SPAN class=toctext>/etc/rc.conf.local</SPAN></FONT></A> <LI class=toclevel-3><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#.2Fetc.2Frc.local_3"><FONT color=#800080><SPAN class=tocnumber>6.2.4</SPAN> <SPAN class=toctext>/etc/rc.local</SPAN></FONT></A> <LI class=toclevel-3><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#.E6.B5.8B.E8.AF.95_POP3.2FIMAP"><FONT color=#800080><SPAN class=tocnumber>6.2.5</SPAN> <SPAN class=toctext>测试 POP3/IMAP</SPAN></FONT></A> <LI class=toclevel-3><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#Debug_2"><FONT color=#800080><SPAN class=tocnumber>6.2.6</SPAN> <SPAN class=toctext>Debug</SPAN></FONT></A> </LI></UL></LI></UL> <LI class=toclevel-1><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#WebMail"><FONT color=#800080><SPAN class=tocnumber>7</SPAN> <SPAN class=toctext>WebMail</SPAN></FONT></A> <UL> <LI class=toclevel-2><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#SquerrilMail"><FONT color=#800080><SPAN class=tocnumber>7.1</SPAN> <SPAN class=toctext>SquerrilMail</SPAN></FONT></A> <UL> <LI class=toclevel-3><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#Plugins"><FONT color=#800080><SPAN class=tocnumber>7.1.1</SPAN> <SPAN class=toctext>Plugins</SPAN></FONT></A> <UL> <LI class=toclevel-4><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#change_ldappass"><FONT color=#800080><SPAN class=tocnumber>7.1.1.1</SPAN> <SPAN class=toctext>change_ldappass</SPAN></FONT></A> </LI></UL></LI></UL> <LI class=toclevel-2><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#Extmail"><FONT color=#800080><SPAN class=tocnumber>7.2</SPAN> <SPAN class=toctext>Extmail</SPAN></FONT></A> </LI></UL> <LI class=toclevel-1><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#Resource_Links"><FONT color=#800080><SPAN class=tocnumber>8</SPAN> <SPAN class=toctext>Resource Links</SPAN></FONT></A> <UL> <LI class=toclevel-2><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#LDAP"><FONT color=#800080><SPAN class=tocnumber>8.1</SPAN> <SPAN class=toctext>LDAP</SPAN></FONT></A> <LI class=toclevel-2><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#Postfix_2"><FONT color=#800080><SPAN class=tocnumber>8.2</SPAN> <SPAN class=toctext>Postfix</SPAN></FONT></A> </LI></UL> <LI class=toclevel-1><A href="http://openbsd-wiki.org/index.php?title=(zh_CN)OpenBSD(4.1)%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#Revision"><FONT color=#800080><SPAN class=tocnumber>9</SPAN> <SPAN class=toctext>Revision</SPAN></FONT></A> </LI></UL> <UL></UL></TD></TR></TBODY></TABLE> <SCRIPT type=text/javascript> if (window.showTocToggle) { var tocShowText = "show"; var tocHideText = "hide"; showTocToggle(); } </SCRIPT> <A name=First_of_all></A> <H1><SPAN class=editsection>[<A title="Edit section: First of all" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=1"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>First of all</SPAN></H1> <P>如果您发现该文档有任何错误、笔误,请直接联系我(<A class="external text" title=mailto:michaelbibby@gmail.com href="mailto:michaelbibby@gmail.com" rel=nofollow><FONT color=#0000ff>Mail</FONT></A>),或者在 <A class="external text" title=http://openbsd-wiki.org/index.php?title=Talk:%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier href="http://openbsd-wiki.org/index.php?title=Talk:%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier" rel=nofollow><FONT color=#0000ff>Discussion</FONT></A> 页面留言,而不要直接编辑本页。 </P><A name=Overview></A> <H1><SPAN class=editsection>[<A title="Edit section: Overview" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=2"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>Overview</SPAN></H1><A name=Author></A> <H2><SPAN class=editsection>[<A title="Edit section: Author" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=3"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>Author</SPAN></H2> <UL> <LI>Contact me: <A class="external text" title=mailto:michaelbibby@gmail.com href="mailto:michaelbibby@gmail.com" rel=nofollow><FONT color=#0000ff>Michael Bibby(张煌彬)</FONT></A> <LI>From: <A class="external free" title=http://www.OpenBSDonly.org/ href="http://www.openbsdonly.org/" rel=nofollow><FONT color=#0000ff>http://www.OpenBSDonly.org/</FONT></A> ,不做普及者!做开路人! <LI>Copyright: 本文档欢迎自由转载,但是请务必保留作者及出处等信息。 </LI></UL><A name=About_OpenBSD></A> <H2><SPAN class=editsection>[<A title="Edit section: About OpenBSD" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=4"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>About OpenBSD</SPAN></H2> <UL> <LI>OpenBSD: "Only two remote holes in the default install, in more than 10 years!" <LI>购买 OpenBSD 光盘是支持 OpenBSD 持续发展的重要途径。 <LI>用于实践、实验本文档的最佳方法是购买一套 OpenBSD 光盘,欢迎您通过 <A class="external free" title=http://www.openbsd.org/orders.html#china href="http://www.openbsd.org/orders.html#china" rel=nofollow><FONT color=#0000ff>http://www.openbsd.org/orders.html#china</FONT></A> 页面的联系方式与我联系。价格: <UL> <LI>CD(4.2 -release,2007.11.01 发布):¥180 <LI>T-Shirt: ¥140 </LI></UL></LI></UL><A name=OS_.26_Packages></A> <H2><SPAN class=editsection>[<A title="Edit section: OS & Packages" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=5"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>OS & Packages</SPAN></H2> <P>本邮件服务器基于 OpenBSD 4.1 -stable 平台搭建,使用到了以下软件: </P><PRE>courier-authlib-0.58p2 courier-authlib-ldap-0.58p1 courier-imap-4.1.1p0 courier-pop3-4.1.1 cyrus-sasl-2.1.21p3-ldap openldap-client-2.3.33 openldap-server-2.3.33p1 php5-core-5.1.6p0 php5-imap-5.1.6p1 php5-ldap-5.1.6p1 phpldapadmin-1.0.1p0 postfix-2.3.7-sasl2-ldap </PRE> <P>以下是作为依赖包被安装的: </P><PRE>c-client-4.64p2 expat-2.0.0 gdbm-1.8.3p0 gettext-0.14.6 libiconv-1.9.2p3 libltdl-1.5.22p1 libxml-2.6.26p0 pcre-6.4p1 cyrus-sasl-2.1.21p3 </PRE> <P>以上软件包都可以在 OpenBSD 官方站点下载到: <A class="external free" title=ftp://ftp.openbsd.org/pub/OpenBSD/4.1/packages/i386/ href="ftp://ftp.openbsd.org/pub/OpenBSD/4.1/packages/i386/" rel=nofollow><FONT color=#0000ff>ftp://ftp.openbsd.org/pub/OpenBSD/4.1/packages/i386/</FONT></A> </P> <P><A class=image title="image: Note.png" href="http://openbsd-wiki.org/index.php?title=Image:Note.png"><IMG height=36 alt="image: Note.png" src="http://openbsd-wiki.org/images/c/cc/Note.png" width=36 border=0></A> 只有 postfix 软件包是使用 ports 编译的,所以你需要下载源码包:postfix-2.3.7.tar.gz。其余软件包都使用 binary packages 直接安装。 </P> <P><A class=image title="image: Tip.png" href="http://openbsd-wiki.org/index.php?title=Image:Tip.png"><IMG height=32 alt="image: Tip.png" src="http://openbsd-wiki.org/images/4/45/Tip.png" width=32 border=0></A> 您可以从离自己较近的镜像站点下载。镜像站点的列表可以在 <A class="external free" title=http://www.openbsd.org/ftp.html href="http://www.openbsd.org/ftp.html" rel=nofollow><FONT color=#0000ff>http://www.openbsd.org/ftp.html</FONT></A> 页面找到。 </P><A name=Features></A> <H2><SPAN class=editsection>[<A title="Edit section: Features" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=6"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>Features</SPAN></H2> <P>目前本文档中的内容所实现的功能有: </P> <UL> <LI>Apache(+PHP):Done. <LI>OpenLDAP(+phpLDAPadmin)安装与配置:Done. <LI>虚拟域:Done. <LI>虚拟用户(LDAP)通过 SASL 认证,使用 Postfix(SMTP) 发送邮件到虚拟域:Done. <LI>POP3/IMAP:Done. </LI></UL><A name=Architecture></A> <H2><SPAN class=editsection>[<A title="Edit section: Architecture" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=7"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>Architecture</SPAN></H2> <P>架构图: </P> <P><A class=image title="image: Arch.png" href="http://openbsd-wiki.org/index.php?title=Image:Arch.png"><IMG height=400 alt="image: Arch.png" src="http://openbsd-wiki.org/images/3/32/Arch.png" width=531 border=0></A> </P> <P>注:本架构图来自 <A class="external text" title=http://wanderingbarque.com/howtos/mailserver/mailserver.html href="http://wanderingbarque.com/howtos/mailserver/mailserver.html" rel=nofollow><FONT color=#0000ff>Secure Virtual Mailserver HOWTO: Postfix + OpenLDAP + Dovecot + Jamm + SASL + SquirrelMail</FONT></A>。针对本文档,只需要将 Dovecot 替换成 Courier-IMAP/Courier-POP3 即可。 </P><A name=Todo></A> <H2><SPAN class=editsection>[<A title="Edit section: Todo" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=8"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>Todo</SPAN></H2> <UL> <LI>更详尽的注释 </LI></UL><A name=System_administration></A> <H3><SPAN class=editsection>[<A title="Edit section: System administration" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=9"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>System administration</SPAN></H3> <UL> <LI>为什么建议不要修改 /etc/rc.conf,而是修改 /etc/rc.conf.local(rc.conf(8),DESCRIPTION 的第二段文字) </LI></UL><A name=Apache></A> <H3><SPAN class=editsection>[<A title="Edit section: Apache" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=10"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>Apache</SPAN></H3> <UL> <LI>增加虚拟主机,为 WebMail 做准备 <LI>修改 /etc/hosts,为 WebMail 做准备 <LI>WebMail(<A class="external text" title=mailto:michaelbibby@gmail.com href="mailto:michaelbibby@gmail.com" rel=nofollow><FONT color=#0000ff>Tell me which one you prefer</FONT></A>) </LI></UL><A name=OpenLDAP></A> <H3><SPAN class=editsection>[<A title="Edit section: OpenLDAP" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=11"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>OpenLDAP</SPAN></H3> <UL> <LI>OpenLDAP 安全(/etc/openldap/slapd.conf) <UL> <LI>attr=userPassword 限制 </LI></UL></LI></UL><A name=PF></A> <H3><SPAN class=editsection>[<A title="Edit section: PF" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=12"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>PF</SPAN></H3> <UL> <LI>Package Filter Rules </LI></UL><A name=HA></A> <H3><SPAN class=editsection>[<A title="Edit section: HA" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=13"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>HA</SPAN></H3> <UL> <LI>High Availability: CARP </LI></UL><A name=Credits></A> <H2><SPAN class=editsection>[<A title="Edit section: Credits" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=14"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>Credits</SPAN></H2> <P>目前为止,这篇文档实现的功能还只是最基本的 SMTP/POP3/IMAP 功能,虽然还根本无法用于生产环境,但是已经初具雏型。 </P> <P><BR>在测试和编写文档的过程中得到了一些朋友的帮助和支持,在此要特别感谢: </P> <UL> <LI><A class="external text" title=http://www.openbsd.org href="http://www.openbsd.org/" rel=nofollow><FONT color=#0000ff>OpenBSD</FONT></A>:我个人最喜欢的 OS。人不能没有个性,而如果你使用的 OS 也极富个性,则在除了使用之外更多了一层喜爱。 <LI><A class="external text" title=http://www.google.com href="http://www.google.com/" rel=nofollow><FONT color=#0000ff>Google</FONT></A>:没有你,我无法完整这篇文档。在学习 Linux/*BSD 的路上,你帮的忙可算是最大。 <LI><A class="external text" title=http://openbsd-wiki.org href="http://openbsd-wiki.org/" rel=nofollow><FONT color=#0000ff>OpenBSD-wiki.org</FONT></A>:本文档是基于该网站上的 <A class="external text" title=http://openbsd-wiki.org/index.php?title=HowTo_Virtual_Domain_Guide_for_v4.0 href="http://openbsd-wiki.org/index.php?title=HowTo_Virtual_Domain_Guide_for_v4.0" rel=nofollow><FONT color=#0000ff>HowTo Virtual Domain Guide for v4.0</FONT></A> 完成的。 </LI></UL> <P><BR>另外还要特别感谢 <A class="external free" title=http://www.OpenBSDonly.org href="http://www.openbsdonly.org/" rel=nofollow><FONT color=#0000ff>http://www.OpenBSDonly.org</FONT></A> 上的: </P> <UL> <LI>congli:一直以来,在学习 FreeBSD/OpenBSD 的过程中都得到了 congli 大哥的许多帮助,真的非常感谢。 <LI>atyu30:你的需求激励着我前进,是压力,也是动力。 </LI></UL> <P><BR>很高兴在学习 OpenBSD 的同时,有这么多的朋友一路同行。 </P><A name=Apache.2BPHP></A> <H1><SPAN class=editsection>[<A title="Edit section: Apache+PHP" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=15"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>Apache+PHP</SPAN></H1> <P>在本文中,将需要用到 phpLDAPadmin 来管理 OpenLDAP,而 phpLDAPadmin 是一个使用 PHP 编写的程序,所以需要搭建 Apache+PHP 来支持 phpLDAPadmin。 </P><A name=Apache_2></A> <H2><SPAN class=editsection>[<A title="Edit section: Apache" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=16"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>Apache</SPAN></H2><A name=.E5.90.AF.E7.94.A8_Apache></A> <H3><SPAN class=editsection>[<A title="Edit section: 启用 Apache" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=17"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>启用 Apache</SPAN></H3> <P>OpenBSD 的基本系统中已经带了 Apache-1.3.x(在 4.1 -release 中是 1.3.29),所以只需要将它启用即可。 </P> <P>编辑 /etc/rc.conf.local 文件,加入以下内容: </P><PRE>httpd_flags="" </PRE> <P>Apahce 的所有文件都放在 /var/www/ 目录下,以下是几个主要的目录及其用途: </P><PRE>/var/www/ |- cgi-bin/ <-- 存放 CGI 程序的主要目录 |- conf/ <-- 存放配置文件的目录 |- htdocs/ <-- 存放 Web 文件的目录 |- logs/ <-- 存放 apache 服务器的日志文件 |- users/ <-- 用于提供给系统用户作个人主页的目录 </PRE><A name=Apache_.E7.9A.84.E5.90.AF.E5.8A.A8.E4.B8.8E.E5.81.9C.E6.AD.A2></A> <H3><SPAN class=editsection>[<A title="Edit section: Apache 的启动与停止" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=18"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>Apache 的启动与停止</SPAN></H3> <P>Apache 使用 apachectl 程序来启动和停止: </P><PRE># apachectl start # apachectl stop </PRE><A name=.E5.AE.89.E8.A3.85_PHP.EF.BC.9Aphp5-core></A> <H2><SPAN class=editsection>[<A title="Edit section: 安装 PHP:php5-core" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=19"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>安装 PHP:php5-core</SPAN></H2><PRE># pkg_add php5-core-5.1.6p0.tgz php5-core-5.1.6p0:libiconv-1.9.2p3: complete php5-core-5.1.6p0:expat-2.0.0: complete php5-core-5.1.6p0:gettext-0.14.6: complete php5-core-5.1.6p0:libxml-2.6.26p0: complete php5-core-5.1.6p0: complete --- php5-core-5.1.6p0 ------------------- To finish the install, enable the php5 module with: /usr/local/sbin/phpxs -s To enable parsing of PHP scripts, add the following to /var/www/conf/httpd.conf: AddType application/x-httpd-php .php Copy the config file below into /var/www/conf/php.ini /usr/local/share/examples/php5/php.ini-recommended Don't forget that the default OpenBSD httpd is chrooted into /var/www by default, so you may need to create support directories such as /var/www/tmp for PHP to work correctly. </PRE> <P>根据提示,执行: </P><PRE># /usr/local/sbin/phpxs -s [activating module `php5' in /var/www/conf/httpd.conf] cp /usr/local/lib/php/libphp5.so /usr/lib/apache/modules/libphp5.so chmod 755 /usr/lib/apache/modules/libphp5.so cp /var/www/conf/httpd.conf /var/www/conf/httpd.conf.bak cp /var/www/conf/httpd.conf.new /var/www/conf/httpd.conf rm /var/www/conf/httpd.conf.new You should copy the sample configuration files from /usr/local/share/examples/php5 to /var/www/conf/php.ini # </PRE> <P>复制 PHP 的配置文件 php.ini: </P><PRE># cp /usr/local/share/examples/php5/php.ini-recommended /var/www/conf/php.ini </PRE> <P>编辑 Apache 的配置文件(/var/www/conf/httpd.conf),让它能够识别和解析 PHP 文件: </P><PRE># [..snip..] # 在 DirectoryIndex 参数中加上 PHP 的索引文件:index.php。 # index.php 和 index.html 的先后顺序决定了 apache 在进入一个目录的时候先读取哪个文件。 DirectoryIndex index.php index.html # 将以下一行内容的注释符号给去掉: AddType application/x-httpd-php .php </PRE> <P>重启 apache 之后,它就能够识别和解析 PHP 文件了: </P><PRE># apachectl stop # apachectl start </PRE> <P>现在可以创建一个 PHP 文件,测试 PHP 是否已经可以正确识别: </P><PRE># vi /var/www/htdocs/index.php <?php phpinfo(); ?> </PRE> <P>使用 Web 浏览器访问你的服务器首页的 index.php 文件: <A class="external free" title=http://your_server_IP/index.php href="http://your_server_ip/index.php" rel=nofollow><FONT color=#0000ff>http://your_server_IP/index.php</FONT></A> ,如果能够看到和以下截图类似的 PHP 信息,则表示 apache 已经可以正确识别和解析 PHP 文件。 </P> <P><A class=image title="image: Phpinfo_openbsd_mail_server.png" href="http://openbsd-wiki.org/index.php?title=Image:Phpinfo_openbsd_mail_server.png"><IMG height=331 alt="image: Phpinfo_openbsd_mail_server.png" src="http://openbsd-wiki.org/images/0/0a/Phpinfo_openbsd_mail_server.png" width=619 border=0></A> </P><A name=PHP_Extensions></A> <H2><SPAN class=editsection>[<A title="Edit section: PHP Extensions" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=20"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>PHP Extensions</SPAN></H2> <P>为了支持整个邮件服务器,我们还需要安装以下 PHP 扩展: </P> <UL> <LI>php5-ldap:用于 phpLDAPadmin <LI>php5-imap:用于 WebMail </LI></UL> <P>以下组件是可选的: </P> <UL> <LI>php5-bz2 <LI>php5-gd </LI></UL> <P>模块在安装完成后需要重启 apache 才能生效。 </P><A name=php5-ldap></A> <H3><SPAN class=editsection>[<A title="Edit section: php5-ldap" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=21"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>php5-ldap</SPAN></H3><PRE># pkg_add php5-ldap-5.1.6p1.tgz php5-ldap-5.1.6p1:cyrus-sasl-2.1.21p3: complete php5-ldap-5.1.6p1:openldap-client-2.3.33: complete php5-ldap-5.1.6p1: complete --- php5-ldap-5.1.6p1 ------------------- Enable this module in php.ini using the following command: /usr/local/sbin/phpxs -a ldap # # /usr/local/sbin/phpxs -a ldap Activating extension : ldap # </PRE> <P>注意:这里将 cyrus-sasl 作为依赖包给装上了,但是因为它不支持 LDAP,所以我们在后面需要将它替换掉。 </P><A name=php5-imap></A> <H3><SPAN class=editsection>[<A title="Edit section: php5-imap" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=22"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>php5-imap</SPAN></H3><PRE># pkg_add php5-imap-5.1.6p1.tgz php5-imap-5.1.6p1:c-client-4.64p2: complete php5-imap-5.1.6p1: complete --- php5-imap-5.1.6p1 ------------------- Enable this module in php.ini using the following command: /usr/local/sbin/phpxs -a imap # # /usr/local/sbin/phpxs -a imap Activating extension : imap # </PRE> <P>安装完成后重启 Apache,在刚才创建的 index.php 文件里应该能看到类似的内容: </P> <P><A class=image title="image: Imap_ldap_openbsd_mail_server.png" href="http://openbsd-wiki.org/index.php?title=Image:Imap_ldap_openbsd_mail_server.png"><IMG height=360 alt="image: Imap_ldap_openbsd_mail_server.png" src="http://openbsd-wiki.org/images/2/29/Imap_ldap_openbsd_mail_server.png" width=618 border=0></A> </P><A name=OpenLDAP_2></A> <H1><SPAN class=editsection>[<A title="Edit section: OpenLDAP" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=23"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>OpenLDAP</SPAN></H1><A name=.E5.AE.89.E8.A3.85_OpenLDAP></A> <H2><SPAN class=editsection>[<A title="Edit section: 安装 OpenLDAP" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=24"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>安装 OpenLDAP</SPAN></H2> <P>packages 里的 openldap-server 只支持使用 ldbm 作为 backend。但是在这里我们不考虑 ldbm 与 bdb 这两种数据库作为 backend 的性能区别,所以直接使用 packages 安装。 </P><PRE># pkg_add openldap-server-2.3.33p1.tgz openldap-server-2.3.33p1: complete # </PRE><A name=.E9.85.8D.E7.BD.AE_OpenLDAP></A> <H2><SPAN class=editsection>[<A title="Edit section: 配置 OpenLDAP" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=25"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>配置 OpenLDAP</SPAN></H2><A name=authldap.schema></A> <H3><SPAN class=editsection>[<A title="Edit section: authldap.schema" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=26"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>authldap.schema</SPAN></H3> <P>这里将使用 courier 提供的 authldap.schema 这个 schema,用于与 Postfix 的整合。 </P><PRE># cd /root # # ftp "http://courier.cvs.sourceforge.net/*checkout*/courier/libs/authlib/authldap.schema" Trying 66.35.250.84... Requesting http://courier.cvs.sourceforge.net/*checkout*/courier/libs/authlib/authldap.schema Successfully retrieved file. # # cp authldap.schema /etc/openldap/schema/courier.schema </PRE> <P>注:在 courier-authlib-ldap 这个包中也包含有 authldap.schema 文件,可以直接代替这里的版本。 </P><A name=.2Fetc.2Fopenldap.2Fslapd.conf></A> <H3><SPAN class=editsection>[<A title="Edit section: /etc/openldap/slapd.conf" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=27"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>/etc/openldap/slapd.conf</SPAN></H3> <P>OpenLDAP 的主配置文件是 <B>/etc/openldap/slapd.conf</B>。在这里,我们需要添加和修改一些内容: </P><PRE>include /etc/openldap/schema/core.schema # 添加以下这些 schema include /etc/openldap/schema/corba.schema include /etc/openldap/schema/cosine.schema include /etc/openldap/schema/inetorgperson.schema include /etc/openldap/schema/nis.schema # 这是为了与 Postfix 整合所需要的 include /etc/openldap/schema/courier.schema pidfile /var/run/openldap/slapd.pid argsfile /var/run/openldap/slapd.args # 日志级别,用于调试。不建议在生产环境中使用调试模式,可能降低服务器性能。 loglevel 256 # ... skip many lines here ... # 如果是直接使用 packages 安装的 openldap,那么只能使用 ldbm 作为 backend。 #database bdb database ldbm suffix "dc=bibby,dc=org" rootdn "cn=Manager,dc=bibby,dc=org" rootpw {SSHA}mHzQL7t4YG/a6g5mt2YPLE/+ErmekI34 directory /var/openldap-data </PRE> <UL> <LI>默认的配置文件只使用(<B>include</B>)了一个 schema(core.schema),这里添加了其它个较常用的 schema: </LI></UL> <OL> <LI>corba.schema <LI>cosine.schema <LI>inetorgperson.schema <LI>nis.schema <LI>courier.schema </LI></OL> <P><BR><A class=image title="image: Danger.png" href="http://openbsd-wiki.org/index.php?title=Image:Danger.png"><IMG height=32 alt="image: Danger.png" src="http://openbsd-wiki.org/images/b/bb/Danger.png" width=32 border=0></A> schema 文件的<B>先后顺序非常重要</B>,因为后面定义的属性的值,会覆盖前面加载的 schema 中定义的。 </P> <P><BR></P> <UL> <LI><B>pidfile/argsfile</B>:这里的 <B>pidfile</B> 和 <B>argsfile</B> 的路径都没有采用默认的 <B>/var/run/</B>,因为我们将以 <B>_openldap:_openldap</B> 这个用户和用户组的身份来运行 openldap 服务,而 <B>/var/run/</B> 目录的权限不允许 <B>_openldap</B> 用户创建 pid 文件,所以这里采用新建 <B>/var/run/openldap/</B> 目录,并将该目录的 owner 设置为 <B>_openldap:_openldap</B> 的方式,使得 <B>_openldap</B> 用户能够将 pid 文件存放在这个目录下。 </LI></UL> <UL> <LI><B>loglevel</B>:这是定义 OpenLDAP 的日志级别。不建议在实际生产环境中使用调试模式,因为大量的日志,需要频繁地使用~I/O,对~LDAP~服务器的性能有一定影响。 </LI></UL> <P><A class=image title="image: Tip.png" href="http://openbsd-wiki.org/index.php?title=Image:Tip.png"><IMG height=32 alt="image: Tip.png" src="http://openbsd-wiki.org/images/4/45/Tip.png" width=32 border=0></A> OpenLDAP 默认将所有日志信息发送到 syslogd 的 'local4' 这个日志级别。所以,为了便于调试,可以将所有日志单独存放在某个日志文件里,比如:<B>/var/log/openldap</B>。修改 <B>/etc/syslog.conf</B>,增加一行: </P><PRE># File: part of /etc/syslog.conf # Notice: run 'touch /var/log/openldap' first. local4.* /var/log/openldap </PRE> <P>再手动创建 /var/log/openldap 这个文件,并通知 syslog 程序重新读取配置文件: </P><PRE># touch /var/log/openldap # kill -HUP $(cat /var/run/syslog.pid) </PRE> <UL> <LI><B>database</B>:这是定义 OpenLDAP 使用哪种数据库作为 backend,用来存储数据。 </LI></UL> <P><A class=image title="image: Warnning.png" href="http://openbsd-wiki.org/index.php?title=Image:Warnning.png"><IMG height=32 alt="image: Warnning.png" src="http://openbsd-wiki.org/images/3/3f/Warnning.png" width=32 border=0></A> 注意:如果是使用 packages 直接安装的 openldap-server,将只能使用 ldbm 作为 backend。 </P> <UL> <LI><B>suffix</B>:这是定义 LDAP 树的前缀。 <LI><B>rootdn</B>:这是定义用来管理整个 LDAP 的管理员账号。 <LI><B>rootpw</B>:这是设定 rootdn 的密码。 </LI></UL> <P><A class=image title="image: Note.png" href="http://openbsd-wiki.org/index.php?title=Image:Note.png"><IMG height=36 alt="image: Note.png" src="http://openbsd-wiki.org/images/c/cc/Note.png" width=36 border=0></A> 这里的 rootpw 後面的是使用 slappasswd 生成的密码,默认是使用 SSHA 这个加密算法的: </P><PRE># slappasswd New password: Re-enter new password: {SSHA}mHzQL7t4YG/a6g5mt2YPLE/+ErmekI34 </PRE> <P>可以用 <B>-h</B> 参数指定 <B>slappasswd</B> 使用其它的加密算法。比如: </P><PRE># slappasswd -h {MD5} </PRE> <UL> <LI><B>directory</B>:这是定义 OpenLDAP 的数据都存放在哪个目录下。 </LI></UL> <P>创建目录并设置权限: </P><PRE># mkdir /var/run/openldap # chown -R _openldap:_openldap /var/run/openldap # chown -R _openldap:_openldap /var/openldap-data # chmod -R 700 /var/openldap-data </PRE><A name=.E5.90.AF.E5.8A.A8_OpenLDAP></A> <H3><SPAN class=editsection>[<A title="Edit section: 启动 OpenLDAP" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=28"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>启动 OpenLDAP</SPAN></H3> <P>都配置好了,现在可以启动 OpenLDAP 了: </P><PRE># /usr/local/libexec/slapd -u _openldap -g _openldap -d 256 & [1] 7558 # @(#) $OpenLDAP: slapd 2.3.33 (Mar 6 2007 20:51:09) $ @i386.ports.openbsd.org:/usr/obj/i386/openldap-2.3.33/build-i386/servers/slapd WARNING: No dynamic config support for database ldbm. slapd starting # </PRE> <P>这时候在 /var/log/openldap 里应该已经有一些信息了,不妨现在查看一下: </P><PRE># tail /var/log/openldap Sep 20 22:07:00 mail slapd[5496]: @(#) $OpenLDAP: slapd 2.3.33 (Mar 6 2007 20:51:09) $ @i386.ports.openbsd.org:/usr/obj/i386/openldap-2.3.33/build-i386/servers/slapd Sep 20 22:07:01 mail slapd[5496]: WARNING: No dynamic config support for database ldbm. Sep 20 22:07:01 mail slapd[5496]: slapd starting </PRE> <P>用 ps 命令确认一下 OpenLDAP 服务器是否确实在运行着: </P><PRE># ps aux | grep 'openldap' _openldap 7558 0.0 1.9 6876 4944 p0 S 8:52AM 0:00.17 /usr/local/libexec/slapd -u _openldap -g ... </PRE> <P>如果看到有类似的输出,则表示确实在跑着。 </P><A name=.2Fetc.2Frc.conf.local></A> <H3><SPAN class=editsection>[<A title="Edit section: /etc/rc.conf.local" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=29"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>/etc/rc.conf.local</SPAN></H3> <P>在 <B>/etc/rc.conf.local</B> 中加入以下内容: </P><PRE>openldap_flags="-u _openldap -g _openldap" </PRE><A name=.2Fetc.2Frc.local></A> <H3><SPAN class=editsection>[<A title="Edit section: /etc/rc.local" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=30"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>/etc/rc.local</SPAN></H3> <P>在 <B>/etc/rc.local</B> 中加入以下内容: </P><PRE># Start OpenLDAP daemon. if [ X"${openldap_flags}" != X"NO" ]; then echo -n ' OpenLDAP' mkdir /var/run/openldap chown -R _openldap:_openldap /var/run/openldap /usr/local/libexec/slapd ${openldap_flags} fi </PRE><A name=reboot></A> <H4><SPAN class=editsection>[<A title="Edit section: reboot" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=31"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>reboot</SPAN></H4> <P>到这里就已经配置好了 OpenLDAP 服务器,建议重启以检查一下是否正常运行。 </P><A name=.E5.88.9D.E5.A7.8B.E5.8C.96_LDAP></A> <H3><SPAN class=editsection>[<A title="Edit section: 初始化 LDAP" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=32"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>初始化 LDAP</SPAN></H3><A name=LDAP_.E6.A0.91.E7.BB.93.E6.9E.84></A> <H4><SPAN class=editsection>[<A title="Edit section: LDAP 树结构" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=33"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>LDAP 树结构</SPAN></H4> <P>这是我们规划好的 LDAP 树结构,请根据自己的需要进行调整: </P><PRE>dc=bibby,dc=org |- cn=Manager |- o=domains |- o=domain1.com |- cn=bibby(mail=bibby@domain1.com) |- o=domain2.com </PRE><A name=root_entry:_dc.3Dbibby.2Cdc.3Dorg></A> <H4><SPAN class=editsection>[<A title="Edit section: root entry: dc=bibby,dc=org" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=34"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>root entry: dc=bibby,dc=org</SPAN></H4> <P>将以下代码保存为一个文件,例如 root.ldif。 </P><PRE>dn: dc=bibby,dc=org objectclass: dcObject objectclass: organization dc: bibby o: bibby </PRE> <P>请先确认 OpenLDAP 已经正在运行,再使用 OpenLDAP 提供的 ldapadd 工具将这个 root dn 添加进去,之后在 phpLDAPadmin 里就能看到这个 dn 了: </P><PRE># ldapadd -x -D "cn=Manager,dc=bibby,dc=org" -W -f root.ldif Enter LDAP Password: adding new entry "dc=bibby,dc=org" # </PRE> <P>简单解释: </P> <UL> <LI><B>-x</B>:使用认证; <LI><B>-D</B>:指定使用哪个 dn 来操作; <LI><B>-W</B>:提示输入密码; <LI><B>-f</B>:指定要添加的 entry 的内容从文件中读入; </LI></UL> <P>详细解释请参考以下命令的输出信息: </P><PRE># ldapadd -h </PRE><PRE># man ldapadd </PRE> <P>看看结果: </P><PRE># ldapsearch -x -D 'cn=Manager,dc=bibby,dc=org' -b 'dc=bibby,dc=org' -W Enter LDAP Password: # extended LDIF # # LDAPv3 # base <dc=bibby,dc=org> with scope subtree # filter: (objectclass=*) # requesting: ALL # # bibby.org dn: dc=bibby,dc=org objectClass: dcObject objectClass: organization dc: bibby o: bibby # search result search: 2 result: 0 Success # numResponses: 2 # numEntries: 1 # </PRE> <P>看到刚才添加的 dn 了吧? </P> <P>简单解释: </P> <UL> <LI><B>-b</B>:要查找哪个 dn 下的内容(base dn for search); </LI></UL> <P>更详细信息请参考以下命令的输出信息: </P><PRE># ldapsearch -h </PRE><PRE># man ldapsearch </PRE><A name=cn.3DManager.2Cdc.3Dbibby.2Cdc.3Dorg></A> <H4><SPAN class=editsection>[<A title="Edit section: cn=Manager,dc=bibby,dc=org" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=35"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>cn=Manager,dc=bibby,dc=org</SPAN></H4> <P>将以下内容保存为 manager.ldif 文件后使用 ldapadd 添加: </P><PRE>dn: cn=Manager,dc=bibby,dc=org objectClass: organizationalRole cn: Manager </PRE><A name=o.3Ddomains.2Cdc.3Dbibby.2Cdc.3Dorg></A> <H4><SPAN class=editsection>[<A title="Edit section: o=domains,dc=bibby,dc=org" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=36"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>o=domains,dc=bibby,dc=org</SPAN></H4> <P>将以下内容保存为 base_ou.ldif 文件后使用 ldapadd 添加: </P><PRE>dn: o=domains,dc=bibby,dc=org objectClass: Organization o: domains </PRE> <P>Postfix 查找用户将从 o=domains,dc=bibby,dc=org 开始查询。 </P><A name=o.3DdomainX.com.2Co.3Ddomains.2Cdc.3Dbibby.2Cdc.3Dorg></A> <H4><SPAN class=editsection>[<A title="Edit section: o=domainX.com,o=domains,dc=bibby,dc=org" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=37"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>o=domainX.com,o=domains,dc=bibby,dc=org</SPAN></H4> <P>下面则是针对每个不同的域设置的一个子结点。 </P> <P>将以下内容复制保存后,使用 ldapadd 添加: </P><PRE>dn: o=domain1.com,o=domains,dc=bibby,dc=org objectClass: Organization o: domain1.com </PRE><PRE>dn: o=domain2.com,o=domains,dc=bibby,dc=org objectClass: Organization o: domain2.com </PRE><A name=cn.3Dbibby.2Co.3Ddomain1.com.2Co.3Ddomains.2Cdc.3Dbibby.2Cdc.3Dorg></A> <H4><SPAN class=editsection>[<A title="Edit section: cn=bibby,o=domain1.com,o=domains,dc=bibby,dc=org" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=38"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>cn=bibby,o=domain1.com,o=domains,dc=bibby,dc=org</SPAN></H4><PRE>dn: cn=bibby,o=domain1.com,o=domains,dc=bibby,dc=org homeDirectory: /home/vmail/domains mail: bibby@domain1.com objectClass: CourierMailAccount objectClass: organizationalPerson objectClass: top mailbox: domain1.com/bibby/.maildir/ userPassword: {MD5}e41hj20lJ7j0XSksFgCEuw== uid: bibby cn: bibby sn: bibby </PRE> <P>这里已经设置了邮箱的路径,即: </P><PRE>/home/vmail/domains/domain1.com/bibby/.maildir/ </PRE> <P>这里也设置了用户的初始密码: </P><PRE>userPassword: {MD5}e41hj20lJ7j0XSksFgCEuw== </PRE> <P>这里的初始密码也是用 slappasswd 工具生成的。 </P><A name=phpLDAPadmin></A> <H2><SPAN class=editsection>[<A title="Edit section: phpLDAPadmin" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=39"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>phpLDAPadmin</SPAN></H2><A name=.E5.AE.89.E8.A3.85_phpLDAPadmin></A> <H3><SPAN class=editsection>[<A title="Edit section: 安装 phpLDAPadmin" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=40"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>安装 phpLDAPadmin</SPAN></H3><PRE># pkg_add phpldapadmin-1.0.1p0.tgz phpldapadmin-1.0.1p0: complete --- phpldapadmin-1.0.1p0 ------------------- phpLDAPAdmin has been installed into /var/www/phpldapadmin-1.0.1 Edit /var/www/phpldapadmin-1.0.1/config/config.php to configure phpLDAPAdmin You should point this to the DocumentRoot of your web-server: # ln -s ../phpldapadmin-1.0.1 /var/www/htdocs/phpldapadmin (make sure you use a relative symlink since Apache is chrooted) For jpeg photos to work properly, you must do this: # mkdir /var/www/tmp # chown www:daemon /var/www/tmp # chmod 1755 /var/www/tmp Where tmp is the $jpeg_temp_dir configured in config.php You can ensure you have a working install by accessing: http://<localhost>/phpldapadmin/index.php </PRE> <P>将 phpldapadmin 做一个符号链接到 /var/www/htdocs 目录: </P><PRE># cd /var/www/htdocs # ln -s ../phpldapadmin-1.0.1 phpldapadmin </PRE> <P>另外,由于 apache 默认是被 chroot 在 /var/www 目录下的,所以如果程序需要访问 /tmp 目录,则必须为它设置 /var/www/tmp 目录: </P><PRE># mkdir /var/www/tmp # chown www:daemon /var/www/tmp # chmod 1755 /var/www/tmp </PRE><A name=.E7.99.BB.E5.BD.95_phpLDAPadmin></A> <H3><SPAN class=editsection>[<A title="Edit section: 登录 phpLDAPadmin" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=41"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>登录 phpLDAPadmin</SPAN></H3> <P>现在可以访问: <A class="external free" title=http://IP/phpldapadmin/ href="http://ip/phpldapadmin/" rel=nofollow><FONT color=#0000ff>http://IP/phpldapadmin/</FONT></A> 作测试了。用户名为 /etc/openldap/slapd.conf 中设置的 dn 的值: </P><PRE>cn=Manager,dc=bibby,dc=org </PRE> <P>密码就是在 /etc/openldap/slapd.conf 里的 rootpw,当然,输入的肯定不是 '{SSHA}XXXXXXXXX' 那一大串,而是用 slappasswd 生成加密字符串时的密码。如下图所示: </P> <P><A class=image title="image: Phpldapadmin_login_openbsd_mail_server.png" href="http://openbsd-wiki.org/index.php?title=Image:Phpldapadmin_login_openbsd_mail_server.png"><IMG height=324 alt="image: Phpldapadmin_login_openbsd_mail_server.png" src="http://openbsd-wiki.org/images/6/68/Phpldapadmin_login_openbsd_mail_server.png" width=657 border=0></A> </P><A name=Postfix></A> <H1><SPAN class=editsection>[<A title="Edit section: Postfix" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=42"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>Postfix</SPAN></H1><A name=Cyrus-SASL.EF.BC.9Asmtpd_.E8.AE.A4.E8.AF.81></A> <H2><SPAN class=editsection>[<A title="Edit section: Cyrus-SASL:smtpd 认证" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=43"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>Cyrus-SASL:smtpd 认证</SPAN></H2> <P>在安装 php5-ldap 组件时,cyrus-sasl2 已经作为依赖的包被安装上了。但是这里却需要 SASL2 能够支持 LDAP,所以这时候只好使用 cyrus-sasl2...-ldap 包来替换掉它: </P><PRE># pkg_add -r cyrus-sasl-2.1.21p3-ldap.tgz cyrus-sasl-2.1.21p3-ldap (extracting): complete cyrus-sasl-2.1.21p3 (deleting): complete cyrus-sasl-2.1.21p3-ldap (installing): complete Clean shared items: complete --- cyrus-sasl-2.1.21p3 ------------------- You should also run rm -rf /var/sasl2/* # # rm -rf /var/sasl2/* </PRE><A name=.2Fusr.2Flocal.2Flib.2Fsasl2.2Fsmtpd.conf></A> <H3><SPAN class=editsection>[<A title="Edit section: /usr/local/lib/sasl2/smtpd.conf" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=44"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>/usr/local/lib/sasl2/smtpd.conf</SPAN></H3><PRE>pwcheck_method: saslauthd mech_list: plain login </PRE><A name=.2Fetc.2Fsaslauthd.conf></A> <H3><SPAN class=editsection>[<A title="Edit section: /etc/saslauthd.conf" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=45"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>/etc/saslauthd.conf</SPAN></H3><PRE>ldap_servers: ldap://127.0.0.1/ ldap_search_base: o=domains,dc=bibby,dc=org ldap_timeout: 10 ldap_filter: mail=%u@%r </PRE><A name=.2Fetc.2Frc.conf.local_2></A> <H3><SPAN class=editsection>[<A title="Edit section: /etc/rc.conf.local" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=46"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>/etc/rc.conf.local</SPAN></H3><PRE>saslauthd_flags="-a ldap -O /etc/saslauthd.conf -m /var/spool/postfix/var/sasl2/" </PRE> <P>注意,这里是大写字母 -O,而不是数字0。 </P> <P><BR>如果需要调试 SASL 认证,请在命令行下使用 -d 参数执行 saslauthd: </P><PRE># /usr/local/sbin/saslauthd -a ldap -O /etc/saslauthd.conf -m /var/spool/postfix/var/sasl2/ -d & </PRE> <P><A class=image title="image: Warnning.png" href="http://openbsd-wiki.org/index.php?title=Image:Warnning.png"><IMG height=32 alt="image: Warnning.png" src="http://openbsd-wiki.org/images/3/3f/Warnning.png" width=32 border=0></A> 注意:-d 参数请不要用在 /etc/rc.conf.local 文件中,这个参数只适合在命令行下执行。 </P> <P><A class=image title="image: Note.png" href="http://openbsd-wiki.org/index.php?title=Image:Note.png"><IMG height=36 alt="image: Note.png" src="http://openbsd-wiki.org/images/c/cc/Note.png" width=36 border=0></A> 添加的 -m 参数是参考了这个贴子:<A class="external text" title=http://archives.neohapsis.com/archives/openbsd/2005-04/0854.html href="http://archives.neohapsis.com/archives/openbsd/2005-04/0854.html" rel=nofollow><FONT color=#0000ff>postfix-2.2.0-sasl2-ldap / cyrus-sasl-2.1.20p3-ldap on OpenBSD 3.7</FONT></A> </P><A name=.2Fetc.2Frc.local_2></A> <H3><SPAN class=editsection>[<A title="Edit section: /etc/rc.local" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=47"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>/etc/rc.local</SPAN></H3><PRE># Start the SASL2 auth daemon if [ X"${saslauthd_flags}" != X"NO" ] ; then echo -n ' saslauthd' mkdir -p /var/spool/postfix/var/sasl2 2>/dev/null /usr/local/sbin/saslauthd ${saslauthd_flags} fi </PRE><A name=.E6.B5.8B.E8.AF.95_SASL_.E8.AE.A4.E8.AF.81></A> <H3><SPAN class=editsection>[<A title="Edit section: 测试 SASL 认证" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=48"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>测试 SASL 认证</SPAN></H3> <P>将 /etc/saslauthd.conf 中的 ldap_filter 的值修改为: </P><PRE>ldap_filter: mail=%u </PRE> <P>之后可以使用 testsaslauthd 进行测试: </P><PRE># mkdir -p /var/spool/postfix/var/sasl2 # /usr/local/sbin/saslauthd -a ldap -O /etc/saslauthd.conf -m /var/spool/postfix/var/sasl2 -d & # # testsaslauthd -f /var/spool/postfix/var/sasl2/mux -u bibby@domain1.com -p password 0: OK "Success." # </PRE> <P><A class=image title="image: Note.png" href="http://openbsd-wiki.org/index.php?title=Image:Note.png"><IMG height=36 alt="image: Note.png" src="http://openbsd-wiki.org/images/c/cc/Note.png" width=36 border=0></A> 因为 OpenBSD 下的 Postfix 被 chroot 在 /var/spool/postfix 底下,所以不能用默认的 /var/sasl2/ 目录,而应该用 /var/spool/postfix/var/sasl2/。 </P><A name=.2Fvar.2Flog.2Fauthlog></A> <H3><SPAN class=editsection>[<A title="Edit section: /var/log/authlog" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=49"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>/var/log/authlog</SPAN></H3> <P>SASL 的日志都会记录在该日志文件中:<B>/var/log/authlog</B>。 </P><A name=.E5.AE.89.E8.A3.85_Postfix></A> <H2><SPAN class=editsection>[<A title="Edit section: 安装 Postfix" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=50"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>安装 Postfix</SPAN></H2> <P>为了让 Postfix 支持 OpenLDAP 作为后台存储用户信息,也支持 SASL 认证,只好通过 ports 编译来加入我们需要的功能。 </P> <P>先用 packages 安装依赖包: </P><PRE># pkg_add pcre-6.4p1.tgz pcre-6.4p1: complete # </PRE> <P>在编译 postfix: </P><PRE># cd /usr/ports/mail/postfix/stable/ # FLAVOR="sasl2 ldap" make package ===> Checking files for postfix-2.3.7-sasl2-ldap `/usr/ports/distfiles/postfix/postfix-2.3.7.tar.gz' is up to date. >> Checksum OK for postfix/postfix-2.3.7.tar.gz. (sha1) ===> postfix-2.3.7-sasl2-ldap depends on: pcre-* - found ===> postfix-2.3.7-sasl2-ldap depends on: cyrus-sasl-* - found ===> postfix-2.3.7-sasl2-ldap depends on: openldap-client-2.* - found ===> Verifying specs: pcre sasl2 ldap.>=2 lber pcre sasl2 ldap.>=2 lber c crypto ssl c crypto ssl ===> found pcre.1.0 sasl2.2.21 ldap.9.1 lber.9.1 c.40.3 crypto.13.0 ssl.11.0 ===> Extracting for postfix-2.3.7-sasl2-ldap ===> Patching for postfix-2.3.7-sasl2-ldap ===> Configuring for postfix-2.3.7-sasl2-ldap [...snip...] ===> Building package for postfix-2.3.7-sasl2-ldap Create /usr/ports/packages/i386/all/postfix-2.3.7-sasl2-ldap.tgz Link to /usr/ports/packages/i386/ftp/postfix-2.3.7-sasl2-ldap.tgz # </PRE> <P>安装 postfix: </P><PRE># pkg_add /usr/ports/packages/i386/all/postfix-2.3.7-sasl2-ldap.tgz postfix-2.3.7-sasl2-ldap: complete --- postfix-2.3.7-sasl2-ldap ------------------- -> Creating /etc/mailer.conf.postfix -> Creating Postfix spool directory and chroot area under /var/spool/postfix Warning: you still need to edit myorigin/mydestination/mynetworks parameter settings in /etc/postfix/main.cf. See also http://www.postfix.org/STANDARD_CONFIGURATION_README.html for information about dialup sites or about sites inside a firewalled network. BTW: Check your /etc/mail/aliases file and be sure to set up aliases that send mail for root and postmaster to a real person, then run /usr/local/sbin/newaliases. +--------------- | Configuration files has been installed in /etc/postfix. | Please update these files to meet your needs. +--------------- +--------------- | Postfix can be set up to replace sendmail entirely. Please read the | documentation at file:/usr/local/share/doc/postfix/html/index.html or | http://www.postfix.org/ carefully before you decide to do this! | | To replace sendmail with postfix you have to install a new mailer.conf | using the following command: | | /usr/local/sbin/postfix-enable | | If you want to restore sendmail, this is done using the following command: | | /usr/local/sbin/postfix-disable +--------------- # </PRE><A name=.E5.AE.89.E8.A3.85.E5.90.8E.E7.9A.84.E5.88.9D.E6.AD.A5.E9.85.8D.E7.BD.AE></A> <H3><SPAN class=editsection>[<A title="Edit section: 安装后的初步配置" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=51"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>安装后的初步配置</SPAN></H3> <P>根据提示,执行命令替换掉系统里的 sendmail: </P><PRE># /usr/local/sbin/postfix-enable </PRE> <P>修改参数让 postfix 在系统启动时自动启动: </P><PRE># echo 'sendmail_flags="-bd"' >> /etc/rc.conf.local </PRE> <P>为 postfix 添加 syslogd 参数: </P><PRE># echo 'syslogd_flags="-a /var/spool/postfix/dev/log"' >> /etc/rc.conf.local </PRE> <UL> <LI>将 crontab 里的定时任务也去掉(在行首加上注释符号'#' 即可): </LI></UL><PRE># crontab -e #*/30 * * * * /usr/sbin/sendmail -L sm-msp-queue -Ac -q </PRE><A name=.E9.85.8D.E7.BD.AE_Postfix></A> <H2><SPAN class=editsection>[<A title="Edit section: 配置 Postfix" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=52"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>配置 Postfix</SPAN></H2><A name=.2Fetc.2Fpostfix.2Fmain.cf></A> <H3><SPAN class=editsection>[<A title="Edit section: /etc/postfix/main.cf" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=53"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>/etc/postfix/main.cf</SPAN></H3><A name=Generic></A> <H4><SPAN class=editsection>[<A title="Edit section: Generic" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=54"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>Generic</SPAN></H4> <P>根据自己的需要,配置以下参数: </P><PRE># File: /etc/postfix/main.cf # myhostname,表示邮件服务器都主机名,通常和系统的 hostname 一致。 myhostname = mail.bibby.org # 邮件服务器所在的域。 mydomain = bibby.org myorigin = $myhostname # inet_interfaces,指定邮件服务器将监听从哪些网络接口进来的服务请求 inet_interfaces = all # mydestination,非常重要的一个参数。告诉邮件服务器,需要将哪些邮件接收下来。 # 在这里表示所有邮件接收人的地址为以下域名结尾的都会被本邮件服务器给收下来: # - @localhost # - @mail.bibby.org # - @domain1.com # - @domain2.com # 其中,domain1.com, domain2.com 都是我们做的虚拟域。 mydestination = $myhostname, localhost, domain1.com, domain2.com mynetworks = 127.0.0.0/8 # 这里指定别名(alias)文件的位置。 # 如果使用 /etc/postfix/aliases 文件,还需要执行这个命令: # # postalias hash:/etc/postfix/aliases # 也可以直接指定为 sendmail 所使用的 aliases 文件: # alias_maps = hash:/etc/aliases # 如果使用 /etc/aliases,还需要执行这个命令: # # /usr/local/sbin/newaliases alias_maps = hash:/etc/postfix/aliases # 邮箱格式将使用 Maildir 格式,而不是 mbox。 home_mailbox = .maildir/ </PRE> <P><A class=image title="image: Note.png" href="http://openbsd-wiki.org/index.php?title=Image:Note.png"><IMG height=36 alt="image: Note.png" src="http://openbsd-wiki.org/images/c/cc/Note.png" width=36 border=0></A> 这里的 /etc/postfix/aliases 文件已由 postfix 提供了,但是还需要多执行一个 postalias 命令来生成 postfix 需要的数据库: </P><PRE># postalias hash:/etc/postfix/aliases </PRE> <P><A class=image title="image: Note.png" href="http://openbsd-wiki.org/index.php?title=Image:Note.png"><IMG height=36 alt="image: Note.png" src="http://openbsd-wiki.org/images/c/cc/Note.png" width=36 border=0></A> 如果需要使用 Sendmail 的 aliases 文件(/etc/aliases),则还需要执行 /usr/local/sbin/newaliases 命令: </P><PRE># /usr/local/sbin/newaliases </PRE><A name=.E8.99.9A.E6.8B.9F.E5.9F.9F></A> <H4><SPAN class=editsection>[<A title="Edit section: 虚拟域" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=55"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>虚拟域</SPAN></H4> <P>以下内容是通过 LDAP 获取虚拟域和虚拟用户的部分: </P><PRE># LDAP Config. transport_maps = hash:/etc/postfix/transport virtual_minimum_uid = 1002 virtual_uid_maps = static:1002 virtual_gid_maps = static:1002 virtual_mailbox_base = /home/vmail/domains virtual_mailbox_maps = ldap:accounts accounts_server_host = 127.0.0.1 #accounts_server_port = 389 accounts_search_base = o=domains,dc=bibby,dc=org accounts_query_filter = (&(mail=%s)(objectClass=CourierMailAccount)) accounts_result_attribute = mailbox accounts_bind = no accountsmap_server_host = 127.0.0.1 #accountsmap_server_port = 389 accountsmap_search_base = o=domains,dc=bibby,dc=org accountsmap_query_filter = (&(mail=%s)(objectClass=CourierMailAccount)) accountsmap_result_attribute = mail accountsmap_bind = no virtual_maps = ldap:aliases aliases_server_host = 127.0.0.1 #aliases_server_port = 389 aliases_search_base = o=domains,dc=bibby,dc=org aliases_query_filter = (&(mail=%s)(objectClass=CourierMailAlias)) aliases_result_attribute = maildrop aliases_bind = no local_recipient_maps = $alias_maps $virtual_mailbox_maps </PRE> <P><A class=image title="image: Warnning.png" href="http://openbsd-wiki.org/index.php?title=Image:Warnning.png"><IMG height=32 alt="image: Warnning.png" src="http://openbsd-wiki.org/images/3/3f/Warnning.png" width=32 border=0></A> 请将这里的 o=domains,dc=bibby,dc=org 替换成你自己设置好的 LDAP 结构。 </P> <P><A class=image title="image: Warnning.png" href="http://openbsd-wiki.org/index.php?title=Image:Warnning.png"><IMG height=32 alt="image: Warnning.png" src="http://openbsd-wiki.org/images/3/3f/Warnning.png" width=32 border=0></A> 请留意这里的这几个参数和值: </P> <UL> <LI>transport_maps = hash:/etc/postfix/transport <LI>virtual_mailbox_base = /home/vmail/domains <LI>virtual_minimum_uid = 1002 <LI>virtual_uid_maps = static:1002 <LI>virtual_gid_maps = static:1002 </LI></UL><A name=.2Fetc.2Fpostfix.2Ftransport></A> <H5><SPAN class=editsection>[<A title="Edit section: /etc/postfix/transport" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=56"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>/etc/postfix/transport</SPAN></H5> <UL> <LI>transport_maps = hash:/etc/postfix/transport </LI></UL> <P>Postfix 会从 transport_maps 参数指定的文件中查找虚拟域,所以我们需要在 /etc/postfix/transport 文件中加入我们的虚拟域的信息: </P><PRE>domain1.com virtual: domain2.com virtual: </PRE> <P>编辑完后还需要执行以下命令,否则 Postfix 会报错: </P><PRE># /usr/local/sbin/postmap /etc/postfix/transport </PRE> <P>另外,为了 Postfix 能够解析 domainX.com 的域名,这里将使用 /etc/hosts 文件来负责解析: </P><PRE>127.0.0.1 domain1.com www.domain1.com mail.domain1.com 127.0.0.1 domain2.com www.domain2.com mail.domain2.com </PRE> <P><A class=image title="image: Note.png" href="http://openbsd-wiki.org/index.php?title=Image:Note.png"><IMG height=36 alt="image: Note.png" src="http://openbsd-wiki.org/images/c/cc/Note.png" width=36 border=0></A> 域名解析属于 DNS 服务器的工作,如果您需要让互联网上的其它服务器能够解析你的域名,请设置您的 DNS 服务器。 </P><A name=virtual_mailbox.2Fuid.2Fgid></A> <H5><SPAN class=editsection>[<A title="Edit section: virtual mailbox/uid/gid" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=57"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>virtual mailbox/uid/gid</SPAN></H5> <UL> <LI>virtual_mailbox_base = /home/vmail/domains <LI>virtual_minimum_uid = 1002 <LI>virtual_uid_maps = static:1002 <LI>virtual_gid_maps = static:1002 </LI></UL> <P>这里我们将创建一个新的用户 vmail,用它的 HOME 目录来存放所有域、所有用户的邮件。这里的 UID/GID 都是指 vmail 这个用户的 UID/GID。 </P> <P>创建 vmail 用户和组: </P><PRE># adduser Use option ``-silent'' if you don't want to see all warnings and questions. Reading /etc/shells Check /etc/master.passwd Check /etc/group Ok, let's go. Don't worry about mistakes. There will be a chance later to correct any input. Enter username []: vmail # 输入用户名 Enter full name []: virtual mail holder # 对这个用户的一些描述,可不填 Enter shell csh ksh nologin sh [ksh]: nologin # 使用 nologin 作为 shell,强烈建议 Uid [1000]: 1002 # 指定 UID 号 Login group vmail [vmail]: Login group is ``vmail''. Invite vmail into other groups: guest no [no]: Login class authpf daemon default staff [default]: Enter password []: # 这里直接回车,因为我们不希望 vmail 用户能够登录系统 Set the password so that user cannot logon? (y/n) [n]: y # 输入 y Name: vmail Password: **** Fullname: virtual mail holder Uid: 1002 Gid: 1002 (vmail) Groups: vmail Login Class: default HOME: /home/vmail Shell: /sbin/nologin OK? (y/n) [y]: # 回车即可创建 vmail 用户 </PRE> <P>接下来创建用于存放虚拟域所有用户邮件的目录,并设置权限: </P><PRE># mkdir -p /home/vmail/domains/ # chown -R vmail:vmail /home/vmail/domains # rm -f /home/vmail/.* </PRE> <P>这里的 /home/vmail/domains 下存放所有以虚拟域的域名命名的目录,用于存放各个域内用户的邮件: </P> <UL> <LI>/home/vmail/domains/domain1.com <LI>/home/vmail/domains/domain2.com </LI></UL> <P>所以在 /etc/postfix/main.cf 中设置: </P><PRE>virtual_mailbox_base = /home/vmail/domains </PRE> <P><A class=image title="image: Tip.png" href="http://openbsd-wiki.org/index.php?title=Image:Tip.png"><IMG height=32 alt="image: Tip.png" src="http://openbsd-wiki.org/images/4/45/Tip.png" width=32 border=0></A> 默认情况下,adduser 工具会将 vmail 组的 GID 设置为和 UID 一样。 </P> <P><A class=image title="image: Note.png" href="http://openbsd-wiki.org/index.php?title=Image:Note.png"><IMG height=36 alt="image: Note.png" src="http://openbsd-wiki.org/images/c/cc/Note.png" width=36 border=0></A> 注意这里的 HOME 目录:/home/vmail。这个目录将用于存放所有域用户的邮件,所以可能需要较大空间,请根据自己的实际情况进行规划。 </P> <P><A class=image title="image: Tip.png" href="http://openbsd-wiki.org/index.php?title=Image:Tip.png"><IMG height=32 alt="image: Tip.png" src="http://openbsd-wiki.org/images/4/45/Tip.png" width=32 border=0></A> 如果需要修改 vmail 用户的 HOME 目录,请使用 vipw 命令修改 /etc/passwd 文件: </P><PRE># vipw </PRE> <P>也可以在使用 adduser 命令时加上 -home 参数: </P><PRE># adduser -home /path/to/vmail/home/dir </PRE> <P>它会将 HOME 目录设置为:/path/to/vmail/home/dir/username。 </P> <P><A class=image title="image: Note.png" href="http://openbsd-wiki.org/index.php?title=Image:Note.png"><IMG height=36 alt="image: Note.png" src="http://openbsd-wiki.org/images/c/cc/Note.png" width=36 border=0></A> 你可能注意到了,我们并没有创建这样的目录: </P><PRE>/home/vmail/domains/domain1.com /home/vmail/domains/domain2.com </PRE> <P>因为 Postfix 会自动创建它,所以这里我们不需要创建。 </P><A name=SASL_.E7.94.A8.E6.88.B7.E8.AE.A4.E8.AF.81></A> <H4><SPAN class=editsection>[<A title="Edit section: SASL 用户认证" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=58"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>SASL 用户认证</SPAN></H4> <P>以下内容是通过 SASL 进行用户认证的部分,将它加到 /etc/postfix/main.cf 中: </P><PRE># For SASL auth smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = smtpd_sasl_security_options = noanonymous broken_sasl_auth_clients = yes smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination </PRE> <P><A class=image title="image: Tip.png" href="http://openbsd-wiki.org/index.php?title=Image:Tip.png"><IMG height=32 alt="image: Tip.png" src="http://openbsd-wiki.org/images/4/45/Tip.png" width=32 border=0></A> 关于如何在 OpenBSD 的 postfix 中配置 sasl 认证,可以在 <B>/usr/local/share/doc/postfix/readme/SASL_README</B> 文件中找到配置的详细信息。 </P> <P><BR>到此,Postfix 的配置就已经完成了,建议您重启系统以进行 Postfix 的 SMTP 测试。 </P><PRE># reboot </PRE><A name=.E6.B5.8B.E8.AF.95_Postfix_.E7.9A.84_SMTP_.E5.8A.9F.E8.83.BD></A> <H2><SPAN class=editsection>[<A title="Edit section: 测试 Postfix 的 SMTP 功能" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=59"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>测试 Postfix 的 SMTP 功能</SPAN></H2> <P>默认情况下,SMTP 服务使用 25 端口监听服务请求。 </P><PRE># telnet localhost 25 Trying ::1... Connected to localhost. Escape character is '^]'. 220 mail.bibby.org ESMTP Postfix #<-- 看到这个就表示 Postfix 在监听 25 端口 helo localhost #<-- 执行 250 mail.bibby.org mail from: bibby@domain1.com #<-- 执行,from 表示发件人 250 2.1.0 Ok rcpt to: bibby@domain1.com #<-- 执行,to 表示收件人 250 2.1.5 Ok data #<-- 执行,data 表示邮件正文 354 End data with <CR><LF>.<CR><LF> hello. #<-- 从这里开始输入邮件正文 Contact me: michaelbibby#gmail.com . #<-- 一个点加回车,表示邮件正文编写完毕 250 2.0.0 Ok: queued as A47D0197B4 #<-- 这里是这封邮件在队列中的编号,您看到的可能和这里的不一样 quit #<-- 执行,退出 telnet 221 2.0.0 Bye Connection closed by foreign host. # </PRE> <P><A class=image title="image: Tip.png" href="http://openbsd-wiki.org/index.php?title=Image:Tip.png"><IMG height=32 alt="image: Tip.png" src="http://openbsd-wiki.org/images/4/45/Tip.png" width=32 border=0></A> 在输入以下两句命令时,Postfix 会查询 LDAP,所以可能会比较慢: </P><PRE>mail from: bibby@domain1.com rcpt to: bibby@domain1.com </PRE> <P>如果这里出现问题,请查看 Postfix 的日志文件以查找问题所在:/var/log/maillog,主要问题应该是在 /etc/postfix/main.cf 文件中 LDAP 的设置上。 </P> <P>这是在 Postfix 的邮件日志(/var/log/maillog)里的内容: </P><PRE>Sep 21 21:15:02 mail postfix/smtpd[2536]: connect from localhost[::1] Sep 21 21:15:21 mail postfix/smtpd[2536]: 4486F197B4: client=localhost[::1] Sep 21 21:15:28 mail postfix/cleanup[25905]: 4486F197B4: message-id=<20070921131521.4486F197B4@mail.bibby.org> Sep 21 21:15:28 mail postfix/qmgr[27062]: 4486F197B4: from=<bibby@domain1.com>, size=333, nrcpt=1 (queue active ) Sep 21 21:15:28 mail postfix/virtual[26736]: 4486F197B4: to=<bibby@domain1.com>, relay=virtual, delay=14, delay s=14/0.05/0/0.01, dsn=2.0.0, status=sent (delivered to maildir) Sep 21 21:15:28 mail postfix/qmgr[27062]: 4486F197B4: removed Sep 21 21:15:30 mail postfix/smtpd[2536]: disconnect from localhost[::1] </PRE> <P>看起来邮件是顺利投递出去了。看看文件系统上是否有邮件文件: </P><PRE># ls /home/vmail/domains/domain1.com/bibby/.maildir/new/ 1190380785.V0If18bM813706.mail.bibby.org </PRE> <P><BR>呵,看来邮件已经正确投递了,看看邮件里的内容是否和刚才发出去的一样: </P><PRE># cat /home/vmail/domains/domain1.com/bibby/.maildir/new/1190380785.V0If18bM813706.mail.bibby.org Return-Path: <bibby@domain1.com> X-Original-To: bibby@domain1.com Delivered-To: bibby@domain1.com Received: from localhost (localhost [IPv6:::1]) by mail.bibby.org (Postfix) with SMTP id 83AC8197B4 for <bibby@domain1.com>; Fri, 21 Sep 2007 21:21:18 +0800 (HKT) Message-Id: <20070921132123.83AC8197B4@mail.bibby.org> Date: Fri, 21 Sep 2007 21:21:18 +0800 (HKT) From: bibby@domain1.com To: undisclosed-recipients:; hello. Contact me: michaelbibby#gmail.com # </PRE> <P>呵,这下放心了。 </P> <P>到此为止,SMTP 服务正常工作。接下来的任务是 POP3/IMAP。 </P><A name=Debug></A> <H2><SPAN class=editsection>[<A title="Edit section: Debug" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=60"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>Debug</SPAN></H2> <P>如果在这里出现了错误,建议给 /etc/postfix/master.cf (第九行)中的 smtpd 加上 -v 参数: </P><PRE>smtp inet n - - - - smtpd -v </PRE><A name=Courier></A> <H1><SPAN class=editsection>[<A title="Edit section: Courier" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=61"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>Courier</SPAN></H1><A name=.E5.AE.89.E8.A3.85_courier-.2A></A> <H2><SPAN class=editsection>[<A title="Edit section: 安装 courier-*" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=62"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>安装 courier-* </SPAN></H2> <P>安装以下软件包: </P> <UL> <LI>courier-authlib <LI>courier-authlib-ldap <LI>courier-imap <LI>courier-pop3 </LI></UL><A name=courier-authlib-ldap></A> <H3><SPAN class=editsection>[<A title="Edit section: courier-authlib-ldap" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=63"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>courier-authlib-ldap</SPAN></H3><PRE># pkg_add courier-authlib-ldap-0.58p1.tgz courier-authlib-ldap-0.58p1:libltdl-1.5.22p1: complete courier-authlib-ldap-0.58p1:courier-authlib-0.58p2: complete courier-authlib-ldap-0.58p1: complete --- courier-authlib-0.58p2 ------------------- Sample configuration files are installed in /etc/courier/. # </PRE><A name=courier-imap></A> <H3><SPAN class=editsection>[<A title="Edit section: courier-imap" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=64"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>courier-imap</SPAN></H3><PRE># pkg_add courier-imap-4.1.1p0.tgz courier-imap-4.1.1p0:gdbm-1.8.3p0: complete courier-imap-4.1.1p0: complete --- courier-imap-4.1.1p0 ------------------- Example config files for Courier-IMAP have been installed in /usr/local/share/examples/courier-imap and copied also to /etc/courier/courier-imap, edit them to your site's needs. Pay particular attention to the details in imapd.cnf, and read ssl(8) if necessary. You MUST set the CN in imapd.cnf to the hostname by which your IMAP server is accessed, or else clients will complain. When this is done, you can use the 'mkimapdcert' script to automatically generate a server certificate, which is installed into /etc/ssl/private/imapd.pem To control the daemon use /usr/local/libexec/imapd.rc and /usr/local/libexec/imapd-ssl.rc, and to run the authdaemon, place the following in /etc/rc.local: mkdir -p /var/run/courier /usr/local/sbin/authdaemond start </PRE><A name=courier-pop3></A> <H3><SPAN class=editsection>[<A title="Edit section: courier-pop3" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=65"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>courier-pop3</SPAN></H3><PRE># pkg_add courier-pop3-4.1.1.tgz courier-pop3-4.1.1: complete --- courier-pop3-4.1.1 ------------------- You now need to edit appropriately the Courier-POP3 configuration files installed in /etc/courier/courier-imap from defaults placed in /usr/local/share/examples/courier-imap. To use POP3-SSL, be sure to read ssl(8) and run the mkpop3dcert script if you require a self-signed certificate. # </PRE><A name=.E9.85.8D.E7.BD.AE_Courier-IMAP.2FPOP3></A> <H2><SPAN class=editsection>[<A title="Edit section: 配置 Courier-IMAP/POP3" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=66"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>配置 Courier-IMAP/POP3</SPAN></H2><A name=.2Fetc.2Fcourier.2Fauthdaemonrc></A> <H3><SPAN class=editsection>[<A title="Edit section: /etc/courier/authdaemonrc" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=67"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>/etc/courier/authdaemonrc</SPAN></H3> <P>告诉 Courier,使用 LDAP 进行认证: </P><PRE>authmodulelist="authldap" authmodulelistorig="authldap" </PRE><A name=.2Fetc.2Fcourier.2Fauthldaprc></A> <H3><SPAN class=editsection>[<A title="Edit section: /etc/courier/authldaprc" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=68"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>/etc/courier/authldaprc</SPAN></H3><PRE># 指定 LDAP 服务器 LDAP_URI ldap://127.0.0.1:389 # 指定从 LDAP 树的哪个子树开始查找 LDAP_BASEDN o=domains,dc=bibby,dc=org #LDAP_BINDDN 这一行需要注释掉 #LDAP_BINDPW 这一行需要注释掉 LDAP_AUTHBIND 1 LDAP_GLOB_UID vmail LDAP_GLOB_GID vmail LDAP_FULLNAME sn </PRE> <P>这里很奇怪的一个问题是,我用该配置文件的示例来写 LDAP_URI 居然报错,提示连接不上 LDAP 服务器: </P><PRE>LDAP_URI ldaps://127.0.0.1 </PRE> <P>而改用 ldap://127.0.0.1:389 却可以。 </P><A name=.2Fetc.2Frc.conf.local_3></A> <H3><SPAN class=editsection>[<A title="Edit section: /etc/rc.conf.local" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=69"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>/etc/rc.conf.local</SPAN></H3><PRE>imapd_flags="" pop3d_flags="" authdaemond_flags="" </PRE><A name=.2Fetc.2Frc.local_3></A> <H3><SPAN class=editsection>[<A title="Edit section: /etc/rc.local" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=70"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>/etc/rc.local</SPAN></H3><PRE># Start the IMAP daemon if [ X"${imapd_flags}" != X"NO" ]; then echo -n ' imap' mkdir /var/run/courier 2>/dev/null /usr/local/libexec/imapd.rc start fi # Start the POP3 daemon if [ X"${pop3d_flags}" != X"NO" ]; then echo -n ' pop3' mkdir /var/run/courier 2>/dev/null /usr/local/libexec/pop3d.rc start fi # Start SASL authdaemond. if [ X"${authdaemond_flags}" != X"NO" ]; then echo -n ' authdaemond' mkdir /var/run/courier-auth 2>/dev/null /usr/local/sbin/authdaemond start fi </PRE> <P>到此,建议重启系统以测试配置。 </P><PRE># reboot </PRE><A name=.E6.B5.8B.E8.AF.95_POP3.2FIMAP></A> <H3><SPAN class=editsection>[<A title="Edit section: 测试 POP3/IMAP" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=71"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>测试 POP3/IMAP</SPAN></H3> <P>重启之后建议使用 Thunderbird 等邮件客户端进行 SMTP/POP3/IMAP 功能的测试。 </P> <P>收发邮件的用户名,填的应该是邮件地址。比如:bibby@domain1.com,而不是:bibby。 </P><A name=Debug_2></A> <H3><SPAN class=editsection>[<A title="Edit section: Debug" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=72"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>Debug</SPAN></H3> <P>在 /etc/courier/authdaemonrc 中有一个关于调试的参数: </P><PRE>##NAME: DEBUG_LOGIN:0 # # Dump additional diagnostics to syslog # # DEBUG_LOGIN=0 - turn off debugging # DEBUG_LOGIN=1 - turn on debugging # DEBUG_LOGIN=2 - turn on debugging + log passwords too DEBUG_LOGIN=0 </PRE> <P>如果需要调试,可以将 DEBUG_LOGIN 的值设置为 1 或者 2。 </P><A name=WebMail></A> <H1><SPAN class=editsection>[<A title="Edit section: WebMail" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=73"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>WebMail</SPAN></H1><A name=SquerrilMail></A> <H2><SPAN class=editsection>[<A title="Edit section: SquerrilMail" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=74"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>SquerrilMail</SPAN></H2> <UL> <LI>从 <A class="external text" title=http://www.squirrelmail.org/download.php href="http://www.squirrelmail.org/download.php" rel=nofollow><FONT color=#0000ff>SquerrilMail</FONT></A> 官方网站的下载页面下载最新版本。 <LI>解压到服务器的 /var/www/htdocs/ 目录: </LI></UL><PRE># bzip2 -d squirrelmail-1.4.10a.tar.bz2 # tar xf squirrelmail-1.4.10a.tar # mv squirrelmail-1.4.10a /var/www/htdocs/mail/ </PRE> <UL> <LI>修改权限: </LI></UL><PRE># chown -R www:www /var/www/htdocs/mail/ </PRE> <UL> <LI>创建目录,用于存放邮件附件等数据: </LI></UL><PRE># mkdir -p /var/www/squirrelmail/data # mkdir /var/www/squirrelmail/attachments # chown www:www /var/www/squirrelmail/data # chgrp www /var/www/squirrelmail/attachments # chmod 730 /var/www/squirrelmail/attachments </PRE> <UL> <LI>配置 SquirrelMail: </LI></UL><PRE># /var/www/htdocs/mail/config/conf.pl </PRE> <P>这里有几个参数需要修改: </P> <UL> <LI> <UL> <LI>Organization Preferences --> Organization Name <LI>Server Settings --> Domain <LI>General Options --> Data Directory (/squirrelmail/data/) <LI>General Options --> Attachment Directory (/squirrelmail/attachments/) <LI>Set pre-defined settings for specific IMAP servers --> courier </LI></UL></LI></UL> <P>因为 Apache 默认是被 chroot 在 /var/www/ 目录下,所以这里的 Data Directory 和 Attachment Directory 目录必须这么写。 </P> <UL> <LI>使用 configtest.php 页面帮助检查设置是否正确: <A class="external free" title=http://your_server_ip/mail/src/configtest.php href="http://your_server_ip/mail/src/configtest.php" rel=nofollow><FONT color=#0000ff>http://your_server_ip/mail/src/configtest.php</FONT></A> </LI></UL> <P><BR>OK,如果没有什么问题的话,现在就可以登录 WebMail 了: <A class="external free" title=http://your_server_ip/mail/ href="http://your_server_ip/mail/" rel=nofollow><FONT color=#0000ff>http://your_server_ip/mail/</FONT></A> </P> <P><A class=image title="image: Squirrelmail_login_openbsd_mail_server.png" href="http://openbsd-wiki.org/index.php?title=Image:Squirrelmail_login_openbsd_mail_server.png"><IMG height=287 alt="image: Squirrelmail_login_openbsd_mail_server.png" src="http://openbsd-wiki.org/images/0/0a/Squirrelmail_login_openbsd_mail_server.png" width=411 border=0></A> </P><A name=Plugins></A> <H3><SPAN class=editsection>[<A title="Edit section: Plugins" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=75"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>Plugins</SPAN></H3><A name=change_ldappass></A> <H4><SPAN class=editsection>[<A title="Edit section: change_ldappass" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=76"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>change_ldappass</SPAN></H4> <UL> <LI>Download <A class="external text" title=http://www.squirrelmail.org/plugin_view.php?id=26 href="http://www.squirrelmail.org/plugin_view.php?id=26" rel=nofollow><FONT color=#0000ff>'change_ldappass'</FONT></A> </LI></UL><A name=Extmail></A> <H2><SPAN class=editsection>[<A title="Edit section: Extmail" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=77"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>Extmail</SPAN></H2> <UL> <LI>Contact me if you have well documented article of extmail on OpenBSD: <A class="external text" title=mailto:michaelbibby@gmail.com href="mailto:michaelbibby@gmail.com" rel=nofollow><FONT color=#0000ff>Bibby(张煌彬)</FONT></A> </LI></UL><A name=Resource_Links></A> <H1><SPAN class=editsection>[<A title="Edit section: Resource Links" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=78"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>Resource Links</SPAN></H1><A name=LDAP></A> <H2><SPAN class=editsection>[<A title="Edit section: LDAP" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=79"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>LDAP</SPAN></H2> <UL> <LI><A class="external text" title=http://www.openldap.org href="http://www.openldap.org/" rel=nofollow><FONT color=#0000ff>OpenLDAP</FONT></A> <LI><A class="external text" title=http://www.5dmail.net/html/2003-10-24/2003102492328.htm href="http://www.5dmail.net/html/2003-10-24/2003102492328.htm" rel=nofollow><FONT color=#0000ff>什么是 LDAP</FONT></A> </LI></UL><A name=Postfix_2></A> <H2><SPAN class=editsection>[<A title="Edit section: Postfix" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=80"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>Postfix</SPAN></H2> <UL> <LI><A class="external text" title=http://www.postfix.org href="http://www.postfix.org/" rel=nofollow><FONT color=#800080>Postfix</FONT></A> <LI><A class="external text" title=http://www.chinalinuxpub.com/read.php?wid=519 href="http://www.chinalinuxpub.com/read.php?wid=519" rel=nofollow><FONT color=#0000ff>Postfix 配置文件 main.cf 中常用参数介绍</FONT></A> </LI></UL><A name=Revision></A> <H1><SPAN class=editsection>[<A title="Edit section: Revision" href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier&action=edit&section=81"><FONT color=#0000ff>edit</FONT></A>]</SPAN> <SPAN class=mw-headline>Revision</SPAN></H1> <UL> <LI>2007.10.18:指出了 SASL 的日志文件的位置。 Thanks to atyu30. <LI>2007.10.15:在 <A class="external text" title=http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#Generic href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier#Generic" rel=nofollow><FONT color=#0000ff>配置 Postfix 的 main.cf(Generic)</FONT></A> 部分,明确指出需要执行 postalias 命令,生成 alias 数据库。Thanks to atyu30. <LI>修正 slapd.conf 的配置参数 database 的默认值为 ldbm。感谢 <A class="external text" title=http://www.openbsdonly.org href="http://www.openbsdonly.org/" rel=nofollow><FONT color=#0000ff>OpenBSDonly.org</FONT></A> 上的 atyu30. <LI>去掉 OpenLDAP 在 /etc/rc.conf.local 文件中的参数定义里多余的一个 '&' 符号。 </LI></UL><!-- Saved in parser cache with key etherpun_openbsdwiki-mw_:pcache:idhash:1489-0!1!0!!en!2 and timestamp 20080415031319 --> <DIV class=printfooter>Retrieved from "<A href="http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier"><FONT color=#0000ff>http://openbsd-wiki.org/index.php?title=%28zh_CN%29OpenBSD%284.1%29%2BPostfix%2BOpenLDAP%2BCyrus-SASL%2BCourier</FONT></A>"</DIV> <DIV id=catlinks> <P class=catlinks><A title=Special:Categories href="http://openbsd-wiki.org/index.php?title=Special:Categories"><FONT color=#0000ff>Categories</FONT></A>: <SPAN dir=ltr><A title=Category:4.1 href="http://openbsd-wiki.org/index.php?title=Category:4.1"><FONT color=#0000ff>4.1</FONT></A></SPAN> | <SPAN dir=ltr><A title=Category:Chinese href="http://openbsd-wiki.org/index.php?title=Category:Chinese"><FONT color=#0000ff>Chinese</FONT></A></SPAN> | <SPAN dir=ltr><A title="Category:Zh CN" href="http://openbsd-wiki.org/index.php?title=Category:Zh_CN"><FONT color=#0000ff>Zh CN</FONT></A></SPAN> | <SPAN dir=ltr><A title=Category:Mail href="http://openbsd-wiki.org/index.php?title=Category:Mail"><FONT color=#0000ff>Mail</FONT></A></SPAN> | <SPAN dir=ltr><A class=new title=Category:Postfix href="http://openbsd-wiki.org/index.php?title=Category:Postfix&action=edit"><FONT color=#0000ff>Postfix</FONT></A></SPAN></P></DIV></DIV></DIV>
查看全文
发表于:2008-04-15 ┆
阅读(1001)
┆
评论(0)
下载mailman程序并安装
<DIV> <TABLE class=t_msg cellSpacing=0 cellPadding=4 bgColor=#f0f3fa border=0> <TBODY> <TR> <TD class=line style="PADDING-TOP: 10px" vAlign=top height="100%"> <DIV class=t_msgfont id=message8111099><B>推荐结合我们推出的免费邮件系统解决方案使用,本案例已经在实际环境中验证通过,其中域名部分请按照您的实际情况修改</B><BR><A href="http://bbs.freesinno.com/viewtopic.php?f=10&t=15" target=_blank><FONT color=#0000ff>http://bbs.freesinno.com/viewtopic.php?f=10&t=15</FONT></A><BR><BR><FONT size=150><B>下载mailman程序并安装</B></FONT><BR># cd /tmp<BR># wget <A href="http://jaist.dl.sourceforge.net/sourceforge/mailman/mailman-2.1.9.tgz" target=_blank><FONT color=#0000ff>http://jaist.dl.sourceforge.net/ ... n/mailman-2.1.9.tgz</FONT></A><BR># tar xvf mailman-2.1.9.tgz<BR># cd mailman-2.1.9<BR># ./configure --prefix=/opt/FreeSInno/Mail/mailman \<BR>--with-username=freesinno.com \<BR>--with-groupname=freesinno.com \<BR>--with-mail-gid=1111 \<BR>--with-cgi-gid=1111 \<BR>--with-mailhost=lists.freesinno.com \<BR>--with-urlhost=lists.freesinno.com<BR># make<BR># make install<BR><BR><FONT size=150><B>配置mailman</B></FONT><BR># cd /opt/FreeSInno/Mail/mailman<BR># touch data/aliases<BR># touch data/virtual-mailman<BR># vi Mailman/mm_cfg.py<BR>增加如下部分<BR><BR> <DIV class=msgbody> <DIV class=msgheader> <DIV class=right><A class=smalltxt onclick="copycode($('code0'));" href="http://bbs.chinaunix.net/thread-1068668-1-1.html###"><FONT color=#800080>[Copy to clipboard]</FONT></A> <A class=smalltxt onclick="toggle_collapse('code0');" href="http://bbs.chinaunix.net/thread-1068668-1-1.html###"><FONT color=#800080>[ <SPAN id=code0_symbol>-</SPAN> ]</FONT></A></DIV>CODE:</DIV> <DIV class=msgborder id=code0 style="font-family:Fixdays">DEFAULT_EMAIL_HOST = 'lists.freesinno.com'<BR>DEFAULT_URL_HOST = 'lists.freesinno.com'<BR>DEFAULT_URL_PATTERN = 'http://%s/mailman/'<BR>MTA = 'Postfix'<BR>POSTFIX_STYLE_VIRTUAL_DOMAINS = ['lists.freesinno.com','freesinno.com']<BR>add_virtualhost('lists.freesinno.com','freesinno.com')<BR>DEFAULT_SERVER_LANGUAGE = 'zh_CN'</DIV></DIV><BR># 执行配置自动检查和修复<BR># ./bin/check_perms -f<BR># ./bin/genaliases<BR># 创建邮件列表mailman<BR># ./bin/newlist mailman<BR>Enter the email of the person running the list: (<FONT color=#404000>这里输入邮件列表所有者的邮件地址</FONT>)<BR>Initial public password: (<FONT color=#404000>这里输入管理密码</FONT>)<BR>Hit enter to notify public owner...(<FONT color=#404000>回车</FONT>)<BR># 把用户添加到邮件列表里测试一下,建一个文本文件,比如members.txt,一行一个邮件地址,然后执行如下命令<BR># ./bin/add_members -n members.txt mailman<BR><BR># 修改mailman管理界面的管理员密码,以便通过界面认证后能够通过界面创建和操作邮件列表<BR># ./bin/mmsitepass<BR><FONT size=150><B>配置Postfix</B></FONT><BR># vi /etc/postfix/main.cf<BR><BR> <DIV class=msgbody> <DIV class=msgheader> <DIV class=right><A class=smalltxt onclick="copycode($('code1'));" href="http://bbs.chinaunix.net/thread-1068668-1-1.html###"><FONT color=#800080>[Copy to clipboard]</FONT></A> <A class=smalltxt onclick="toggle_collapse('code1');" href="http://bbs.chinaunix.net/thread-1068668-1-1.html###"><FONT color=#800080>[ <SPAN id=code1_symbol>-</SPAN> ]</FONT></A></DIV>CODE:</DIV> <DIV class=msgborder id=code1 style="font-family:Fixdays">#myorigin = $mydomain #建议注释掉myorigin(不注释该行mailman将无法使用,原因暂时不明)<BR>virtual_alias_domains = lists.freesinno.com<BR>recipient_delimiter = +<BR>owner_request_special = no<BR>alias_maps = hash:/opt/FreeSInno/Mail/mailman/data/aliases<BR>virtual_alias_maps = hash:/opt/FreeSInno/Mail/mailman/data/virtual-mailman,mysql:/opt/FreeSInno/Mail/postfix/etc/mysql_virtual_alias_maps.cf<BR>transport_maps = hash:/etc/postfix/transport</DIV></DIV><BR># vi /etc/postfix/transport<BR><BR> <DIV class=msgbody> <DIV class=msgheader> <DIV class=right><A class=smalltxt onclick="copycode($('code2'));" href="http://bbs.chinaunix.net/thread-1068668-1-1.html###"><FONT color=#800080>[Copy to clipboard]</FONT></A> <A class=smalltxt onclick="toggle_collapse('code2');" href="http://bbs.chinaunix.net/thread-1068668-1-1.html###"><FONT color=#800080>[ <SPAN id=code2_symbol>-</SPAN> ]</FONT></A></DIV>CODE:</DIV> <DIV class=msgborder id=code2 style="font-family:Fixdays">insert into transport set domain='lists.freesinno.com',destination='local:';</DIV></DIV><BR># /opt/FreeSInno/Mail/postfix/sbin/postmap /etc/postfix/transport<BR><BR><FONT size=150><B>配置mailman的web配置,这里以httpd.conf的虚拟主机为例</B></FONT><BR># vi /opt/FreeSInno/LAMPP/etc/apache/wwwconf/maillists.conf<BR><BR> <DIV class=msgbody> <DIV class=msgheader> <DIV class=right><A class=smalltxt onclick="copycode($('code3'));" href="http://bbs.chinaunix.net/thread-1068668-1-1.html###"><FONT color=#800080>[Copy to clipboard]</FONT></A> <A class=smalltxt onclick="toggle_collapse('code3');" href="http://bbs.chinaunix.net/thread-1068668-1-1.html###"><FONT color=#800080>[ <SPAN id=code3_symbol>-</SPAN> ]</FONT></A></DIV>CODE:</DIV> <DIV class=msgborder id=code3 style="font-family:Fixdays"><VirtualHost *:80><BR>ServerName lists.freesinno.com<BR>ScriptAlias /mailman "/opt/FreeSInno/Mail/mailman/cgi-bin"<BR><Directory "/opt/FreeSInno/Mail/mailman/cgi-bin"><BR>AllowOverride None<BR>Options none<BR>Order allow,deny<BR>Allow from all<BR></Directory><BR>Alias /pipermail "/opt/FreeSInno/Mail/mailman/archives/public"<BR><Directory "/opt/FreeSInno/Mail/mailman/archives/"><BR>AllowOverride None<BR>Options +FollowSymlinks<BR>Order allow,deny<BR>Allow from all<BR></Directory><BR>CustomLog "| /opt/FreeSInno/LAMPP/share/cronolog/sbin/cronolog /opt/FreeSInno/LAMPP/apache/logs/maillists/access_log.%Y%m%d" combined<BR></VirtualHost></DIV></DIV><BR><FONT size=150><B>配置完成,重启httpd、postfix、mailman即可</B></FONT><BR>使用以下链接登录mailman的管理员界面<BR><A href="http://lists.freesinno.com/mailman/admin" target=_blank><FONT color=#0000ff>http://lists.freesinno.com/mailman/admin</FONT></A><BR>使用以下链接查看当前主机的所有邮件列表<BR><A href="http://lists.freesinno.com/pipermail" target=_blank><FONT color=#0000ff>http://lists.freesinno.com/pipermail</FONT></A><BR><BR>本帖转自:<A href="http://bbs.freesinno.com/viewtopic.php?f=10&t=25" target=_blank><FONT color=#0000ff>http://bbs.freesinno.com/viewtopic.php?f=10&t=25</FONT></A><BR><BR>[<I> 本帖最后由 copywu 于 2008-3-21 14:51 编辑 </I>]</DIV><BR style="CLEAR: both"><FONT style="FONT: 12px song, Verdana; COLOR: #000000"><BR><BR></FONT></TD></TR> <TR> <TD>您对本贴的看法:<A href="http://bbs.chinaunix.net/postappraise.php?action=sustain&fid=14&tid=1068668&pid=8111099&page=1&extra=page%3D1"><FONT color=#0000ff>鲜花[0]</FONT></A> <A href="http://bbs.chinaunix.net/postappraise.php?action=oppose&fid=14&tid=1068668&pid=8111099&page=1&extra=page%3D1"><FONT color=#0000ff>臭蛋[0]</FONT></A></TD></TR> <TR> <TD vAlign=bottom><BR>__________________________________<BR><BR>提供专业网络监控告警解决方案<BR>http://www.freesinno.com<BR><BR>Demo<BR>http://demo.freesinno.com<BR></TD></TR></TBODY></TABLE></DIV>
查看全文
发表于:2008-04-03 ┆
阅读(514)
┆
评论(0)
邮件服务器文挡学习列表
<DIV><BR>邮件服务器文挡学习列表</DIV> <DIV><BR>主要是linux下的邮件服务器的配置使用<BR>还有exchange2003等<BR> </DIV> <DIV> </DIV> <DIV> </DIV> <DIV> <BR>Qmail<BR>QMAIL下的主要配置文件<BR>[url] <A href="http://www.ixpub.net/615228.html[/url">http://www.ixpub.net/615228.html[/url</A>]<BR>Qmail郵件隊列工作原理 <BR>[url] <A href="http://www.ixpub.net/615234.html[/url">http://www.ixpub.net/615234.html[/url</A>]<BR>QMAIL 完全攻略 <BR><A href="http://www.ixpub.net/611827.html">http://www.ixpub.net/611827.html</A><BR>Life with qmail -- 中文版(英文版本2 Jan 2006) <BR><A href="http://www.ixpub.net/615388.html">http://www.ixpub.net/615388.html</A><BR>Qmail常见问题解决办法 <BR><A href="http://www.ixpub.net/611989.html">http://www.ixpub.net/611989.html</A><BR> </DIV> <DIV> </DIV> <DIV> </DIV> <DIV><BR>qmail邮件系统<BR>(一)qmail邮件系统Qmail系统的介绍和准备工作 <BR><A href="http://www.ixpub.net/619287.html">http://www.ixpub.net/619287.html</A><BR>(二)qmail邮件系统安装 <BR><A href="http://www.ixpub.net/619288.html">http://www.ixpub.net/619288.html</A><BR>(三)qmail邮件系统qmail的工作原理和配置文件的设置 <BR><A href="http://www.ixpub.net/619289.html">http://www.ixpub.net/619289.html</A><BR>(四)qmail邮件系统ucspi-tcp的原理和设置 <BR><A href="http://www.ixpub.net/619290.html">http://www.ixpub.net/619290.html</A><BR>(五)vpopmail和qmailadmin对用户的管理 <BR><A href="http://www.ixpub.net/619291.html">http://www.ixpub.net/619291.html</A><BR>(六)qmail的日志和管理 ( 1 2 )<BR><A href="http://www.ixpub.net/619292.html">http://www.ixpub.net/619292.html</A><BR> </DIV> <DIV> </DIV> <DIV><BR>思爱普天地 </DIV> <DIV>Linux邮件服务器配置<BR><A href="http://www.ixpub.net/619280.html">http://www.ixpub.net/619280.html</A><BR>安装内容过滤反垃圾邮件 <BR><A href="http://www.ixpub.net/619285.html">http://www.ixpub.net/619285.html</A><BR>OUTLOOK EXPRESS出错信息代码表 <BR><A href="http://www.ixpub.net/619284.html">http://www.ixpub.net/619284.html</A><BR>Exchange.Server.2003.技术参考指南<BR><A href="http://www.ixpub.net/618879.html">http://www.ixpub.net/618879.html</A><BR> </DIV> <DIV> </DIV> <DIV> </DIV> <DIV><BR>邮件基础知识<BR>Email邮件头揭密(基础知识) <BR><A href="http://www.ixpub.net/619281.html">http://www.ixpub.net/619281.html</A><BR> </DIV> <DIV> </DIV> <DIV> </DIV> <DIV>邮件常见问题解析<BR>邮件群发的事故处理 <BR><A href="http://www.ixpub.net/619286.html">http://www.ixpub.net/619286.html</A><BR>关于Postfix 的FAQ 整理 <BR><A href="http://www.ixpub.net/618508.html">http://www.ixpub.net/618508.html</A><BR> </DIV>
查看全文
发表于:2008-04-02 ┆
阅读(540)
┆
评论(0)
MAIL工作原理
<DIV><STRONG><FONT size=2>smtp协议的基本结构</FONT></STRONG> <DIV><SPAN class=421132407-22032007><BR><FONT size=2>smtp (simple mail transfer protocol)协议是为了保证电子邮件的可靠和高效传送。tcp/ip 协议的应用层中包含有smtp协议,但事实上它与传输系统和机制无关,仅要求一个可靠的数据流通道。它可以工作在tcp上,也可以工作在ncp, nits 等协议上。在tcp上,它使用端口25进行传输。smtp的一个重要特点是可以在可交互的通信系统中转发邮件。 <BR><BR>1. smtp的模型 <BR>smtp提供了一种邮件传输的机制,当收件方和发件方都在一个网络上时,可以把邮件直传给对方;当双方不在同一个网络上时,需要通过一个或几个中间服务器转发。smtp首先由发件方提出申请,要求与接收方smtp建立双向的通信渠道,收件方可以是最终收件人也可以是中间转发的服务器。收件方服务器确认可以建立连接后,双发就可以开始通信。下面是smtp的模型示意图。 <BR clear=all></FONT> <DIV><IMG alt="" src="http://www.cnfan.net/uploadfile/mail_system/uploadfile/200801/20080122100517846.jpg" border=0><BR><FONT size=2>发件方smtp向收件方发处mail命令,告知发件方的身份;如果收件方接受,就会回答ok。发件方再发出rcpt命令,告知收件人的身份,收件方smtp确认是否接收或转发,如果同意就回答ok;接下来就可以进行数据传输了。通信过程中,发件方smtp与收件方smtp 采用对话式的交互方式,发件方提出要求,收件方进行确认,确认后才进行下一步的动作。整个过程由发件方控制,有时需要确认几回才可以。 <BR></FONT><IMG alt="" src="http://www.cnfan.net/uploadfile/mail_system/uploadfile/200801/20080122100517752.jpg" border=0><BR><FONT size=2>为了保证回复命令的有效,smtp要求发件方必须提供接收方的服务器及邮箱。邮件的命令和答复有严格的语法定义,并且回复具有相应的数字代码。所有的命令由ascii码组成。命令代码是大小写无关的,如mail和 mail ﹑mail是等效的。 <BR><BR>2. smtp的基本命令 <BR>smtp定义了14个命令,它们是: <BR><BR>helo <SPAN class=421132407-22032007> </SPAN>mail from: <SPAN class=421132407-22032007> </SPAN>rcpt to: <SPAN class=421132407-22032007> </SPAN>data <SPAN class=421132407-22032007> </SPAN>rset <SPAN class=421132407-22032007> </SPAN>send from: <SPAN class=421132407-22032007> </SPAN>soml from: <SPAN class=421132407-22032007> </SPAN>saml from: <SPAN class=421132407-22032007> </SPAN>vrfy <SPAN class=421132407-22032007> </SPAN>expn <SPAN class=421132407-22032007> </SPAN>help [ ] <SPAN class=421132407-22032007> </SPAN>noop <SPAN class=421132407-22032007> </SPAN>quit <SPAN class=421132407-22032007> </SPAN>turn </FONT></DIV> <DIV><BR><FONT size=2>其中使得smtp工作的基本的命令有7个,分别为:helo﹑mail﹑rcpt﹑data﹑rest﹑noop和quit.下面分别介绍如下。 <BR><BR><FONT color=#808080><FONT color=#000000>helo--发件方问候收件方,后面是发件人的服务器地址或标识。收件方回答ok时标识自己的身份。问候和确认过程表明两台机器可以进行通信,同时状态参量被复位,缓冲区被清空。 <BR><BR>mail--这个命令用来开始传送邮件,它的后面跟随发件方邮件地址(返回邮件地址)。它也用来当邮件无法送达时,发送失败通知。为保证邮件的成功发送,发件方的地址应是被对方或中间转发方同意接受的。这个命令会清空有关的缓冲区,为新的邮件做准备。 <BR><BR>rcpt --这个命令告诉收件方收件人的邮箱。当有多个收件人时,需要多次使用该命令,每次只能指明一个人。如果接收方服务器不同意转发这个地址的邮件,它必须报550错误代码通知发件方。如果服务器同意转发,它要更改邮件发送路径,把最开始的目的地(该服务器)换成下一个服务器。 <BR><BR>data--收件方把该命令之后的数据作为发送的数据。数据被加入数据缓冲区中,以单独一行是"."的行结束数据。结束行对于接收方同时意味立即开始缓冲区内的数据传送,传送结束后清空缓冲区。如果传送接受,接收方回复ok。 <BR><BR>rest--这个命令用来通知收件方复位,所有已存入缓冲区的收件人数据,发件人数据和待传送的数据都必须清除,接收放必须回答ok. <BR><BR>noop--这个命令不影响任何参数,只是要求接收放回答ok, 不会影响缓冲区的数据。 <BR><BR>quit--smtp要求接收放必须回答ok,然后中断传输;在收到这个命令并回答ok前,收件方不得中断连接,即使传输出现错误。发件方在发出这个命令并收到ok答复前,也不得中断连接。</FONT> <BR></FONT><BR></FONT><FONT color=#808080><FONT size=2>下面是smtp答复中用到的代码和含义: <BR><BR>500 syntax error, command unrecognized <BR>[this may include errors such as command line too long] <BR>501 syntax error in parameters or arguments <BR>502 command not implemented <BR>503 bad sequence of commands <BR>504 command parameter not implemented <BR>211 system status, or system help reply <BR>214 help message <BR>[information on how to use the receiver or the meaning of a <BR>particular non-standard command; this reply is useful only to the human user] <BR>220 service ready <BR>221 service closing transmission channel <BR>421 service not available, closing transmission channel <BR>[this may be a reply to any command if the service knows it must shut down] <BR>250 requested mail action okay, completed <BR>251 user not local; will forward to <BR>450 requested mail action not taken: mailbox unavailable <BR>[e.g., mailbox busy] <BR>550 requested action not taken: mailbox unavailable <BR>[e.g., mailbox not found, no access] <BR>451 requested action aborted: error in processing <BR>551 user not local; please try <BR>452 requested action not taken: insufficient system storage <BR>552 requested mail action aborted: exceeded storage allocation <BR>553 requested action not taken: mailbox name not allowed <BR>[e.g., mailbox syntax incorrect] <BR>354 start mail input; end with . <BR>554 transaction failed</FONT> </FONT></DIV><FONT size=2> <DIV><BR>最后,让我们看一个rfc821中给出的例子。这封信是smith在主机alpha.arpa 发给主机beta.arpa上的 <BR>jones,green和 brown.并且假定两台主机在同一个网络上。 <BR><BR>s: mail from: <BR>r: 250 ok <BR>s: rcpt to: <BR>r: 250 ok <BR>s: rcpt to: <BR>r: 550 no such user here <BR>s: rcpt to: <BR>r: 250 ok <BR>s: data <BR>r: 354 start mail input; end with . <BR>s: blah blah blah... <BR>s: ...etc. etc. etc. <BR>s: . <BR>r: 250 ok <BR>邮件最后被对方接受。 <BR></DIV> <DIV><BR><BR><STRONG>电子邮件的工作原理</STRONG> <BR><BR><BR>电子邮件与普通邮件有类似的地方,发信者注明收件人的姓名与地址(即邮件地址),发送方服务器把邮件传到收件方服务器,收件方服务器再把邮件发到收件人的邮箱中。如下图所示: <BR></DIV></FONT> <DIV><IMG alt="" src="http://www.cnfan.net/uploadfile/mail_system/uploadfile/200801/20080122100517433.jpg" border=0><BR><FONT size=2>更进一步的解释涉及到以下几个概念: <BR><BR>mua -- mail user agent, 邮件用户代理,帮助用户读写邮件。比如我们常用的outlook,foxmail程序就是; <BR><BR>mta -- mail transport agent, 邮件传输代理,负责把邮件由一个服务器传到另一个服务,比如你公司的邮件服务器,你使用sina信箱来发邮件拿sina的邮件服务器就是;<BR><BR>器或邮件投递代理; <BR><BR>mda -- mail delivery agent, 邮件投递代理,把邮件放到用户的邮箱里,比如你发给对方邮件地址,那对方邮件地址对应的邮件服务器就是,由此可见<U>你的邮件服务器在你接收邮件的时候就是mda,在你发送邮件的时候它就是mta。 <BR></U><BR>整个邮件传输过程如下: <BR><BR>目前使用的smtp 协议是存储转发协议,意味着它允许邮件通过一系列的服务器发送到最终目的地。服务器在一个队列中存储到达的邮件,等待发送到下一个目的地。下一个目的地可以是本地用户,或者是另一个邮件服务器,如下图所示。 </FONT></DIV> <DIV><IMG alt="" src="http://www.cnfan.net/uploadfile/mail_system/uploadfile/200801/20080122100517866.gif" border=0><BR><FONT size=2>如果下游的服务器暂时不可用,mta 就暂时在队列中保存信件,并在以后尝试发送。 <BR><BR><BR><STRONG>电子邮件的信头结构及分析 </STRONG></FONT></DIV><FONT size=2><STRONG> <DIV><BR></DIV> <DIV><FONT size=2></FONT> </DIV> <DIV><FONT size=2><SPAN class=421132407-22032007>6.</SPAN> hi, jack <BR><BR>7. this mail is to explain you the mail format <BR><BR>8. - - - - <BR><BR>9. thanks <BR><BR>10. bob <BR><BR>其中, 1~~4 行称作信件信头(message header) 6~~10行描述信件要表达的内容,称为信体 (message body)。第5行是空行,根据rfc822的要求,信头和信体之间必须加入一空行。[i]信头通常包含字段from, to, subject 和date,有的邮件还包含cc,bcc等字段。 <BR><BR>2. 邮件的信头 <BR><BR>事实上,邮件在传输过程中,服务器要把它打包成一个数据对象,包括上面的信件和一个信封。邮件的投递是依靠信封上的地址或信封信头(envelop address 或envelop header),而不是上面讲的信件上的地址。 <BR><BR>从表面上看,一封邮件是从发件人的机器直接传送到收件人的机器,但通常这并不正确,一封邮件发送和接受过程至少要经过四台计算机。参考下图所示。用户通常在自己的电脑前编写阅读邮件,我们把它叫做客户端 (client 1~~4 )。大部分组织里,都是用一台专门的机器处理邮件,称作邮件服务器 (smtp1, smtp2). 如果用户是从家里拨号上网,那末邮件服务器是isp 提供的。 <BR></FONT></DIV> <DIV><IMG alt="" src="http://www.cnfan.net/uploadfile/mail_system/uploadfile/200801/20080122100522786.gif" border=0><BR><FONT size=2>当某个用户在自己的电脑 client1 前编写完一个邮件,然后把它发送到他的isp 的邮件服务器smtp1。此时她的机器已经完成了所有的工作,但邮件服务器smtp1还必须想法把邮件发送到目的地。smtp1 通过阅读信头或信封上的地址,找到收件认得邮件服务器smtp2, 然后与该服务器建立连接,把邮件发到收件人的服务器上,等待收件人来取阅。 <BR><BR>下面我们将通过一个例子说明整个邮件传送过程及邮件的信头变化。假设发件人的名字叫 sender, email地址是 </FONT><A title=mailto:sender@domain1.com?subject= href="mailto:sender@domain1.com?subject=" target=""><FONT title=mailto:sender@domain1.com?subject= color=#0000ff size=2>sender@domain1.com</FONT></A><FONT size=2>使用的电脑名字叫 client1, ip 地址是 [111.11.1.1] (假设的地址)。 收件人的名字叫 receipt, email 地址是 receipt@domain2.com, 使用的电脑的名字叫 client2,ip 地址是 [222.22.2.2] (假设的地址)。当邮件编辑完传送给其邮件服务器mail.domain1.com 时,邮件的信头格式为: <BR><BR>from: </FONT><A title=mailto:sender@domain1.com?subject= href="mailto:sender@domain1.com?subject=" target=""><FONT title=mailto:sender@domain1.com?subject= color=#0000ff size=2>sender@domain1.com</FONT></A><FONT size=2> <BR><BR>to: </FONT><A title=mailto:receipt@domain2.com?subject= href="mailto:receipt@domain2.com?subject=" target=""><FONT title=mailto:receipt@domain2.com?subject= color=#0000ff size=2>receipt@domain2.com</FONT></A><FONT size=2> <BR><BR>date: tue, mar 18 1998 15:36:24 gmt <BR><BR>x-mailer:sendmail 8.9.0 <BR><BR>subject: greetings <BR><BR>当邮件服务器 mail.domain1.com 把邮件传到接收方的服务器 mail.domain2.com 时,接受方服务器会在信头上记录下有关的计算机信息,邮件的信头变成: <BR><BR>received: from client1.domain1.com (client1.domain1.com [111.11.1.1]) by mail.domain1.com (8.8.5) id 004a21; tue, mar 18 1998 15:3 7:24 gmt <BR><BR>from: </FONT><A title=mailto:sender@domain1.com?subject= href="mailto:sender@domain1.com?subject=" target=""><FONT title=mailto:sender@domain1.com?subject= color=#0000ff size=2>sender@domain1.com</FONT></A><FONT size=2> <BR><BR>to: </FONT><A title=mailto:receipt@domain2.com?subject= href="mailto:receipt@domain2.com?subject=" target=""><FONT title=mailto:receipt@domain2.com?subject= color=#0000ff size=2>receipt@domain2.com</FONT></A><FONT size=2> <BR><BR>date: tue, mar 18 1998 15:36:24 gmt <BR><BR>message-id: <BR><BR>x-mailer:sendmail 8.9.0 <BR><BR>subject: greetings <BR><BR>当收件人服务器mail.domain2.com 把邮件接收并存初下来,等待收件人来阅读时,邮件的信头将会再加入一条记录: <BR><BR>received: from mail.domain1.com (mail.domain1.com [111.11.1.0] ) by mail.domain2.com (8.8.5/8.7.2) with esmtp id laa20869; tue, mar 18 1998 15:39:44 gmt <BR><BR>received: from client1.domain1.com (client1.domain1.com [111.11.1.1]) by mail.domain1.com (8.8.5) id 004a21; tue, mar 18 1998 15:37:24 gmt <BR><BR>from: </FONT><A title=mailto:sender@domain1.com?subject= href="mailto:sender@domain1.com?subject=" target=""><FONT title=mailto:sender@domain1.com?subject= color=#0000ff size=2>sender@domain1.com</FONT></A><FONT size=2> <BR><BR>to: </FONT><A title=mailto:receipt@domain2.com?subject= href="mailto:receipt@domain2.com?subject=" target=""><FONT title=mailto:receipt@domain2.com?subject= color=#0000ff size=2>receipt@domain2.com</FONT></A><FONT size=2> <BR><BR>date: tue, mar 18 1998 15:36:24 gmt <BR><BR>message-id: <BR><BR>x-mailer:sendmail 8.9.0 <BR><BR>subject: greetings <BR><BR>上面整个记录就将是收件人看到的完整的邮件信头。让我们逐行看一下信头中各行的含义: <BR><BR>received: from mail.domain1.com (mail.domain1.com [111.11.1.0] ) by mail.domain2.com (8.8.5/8.7.2) with esmtp id laa20869; tue, mar 18 1998 15:39:44 gmt <BR><BR>这封信是从一台自称为 mail.domain1.com 的机器上接收的;这台机器的ip 地址是[111.11.1.0],真实名字就是标称名字 mail.domain1.com; 接收方的机器名称是 mail.domain2.com, 运行的邮件服务器是 sendmail, 版本(8.8.5/8.7.2) 。接收方机器给邮件的编号是esmtp id laa20869, 接收到的时间是 tue, mar 18 1998 15:39:44 gmt。 <BR><BR>received: from client1.domain1.com (client1.domain1.com [111.11.1.1]) by mail.domain1.com (8.8.5) id 004a21; tue, mar 18 1998 15:37:24 gmt <BR><BR>这条记录表明信件是由机器client1.domain1.com ( ip 地址是 [111.11.1.1]) 在tue, mar 18 1998 15:37:24 gmt交给mail.domain1.com,并赋给编号id 004a21。 <BR><BR>from,to ,date和subject 都易于理解,分别指明发件人,收件人,信件编辑日期及信件主题。 <BR><BR>message-id: <BR><BR>这是由发件方邮件服务器赋给这封邮件的编号。与其它编号不同,这个编号自始至终跟随邮件。 </FONT></DIV></STRONG></FONT></SPAN></DIV></DIV>
查看全文
发表于:2008-03-24 ┆
阅读(761)
┆
评论(0)
Linux9下Mail服务器架设攻略
<DIV> <H1>Linux9下Mail服务器架设攻略</H1> <UL> <LI class="li1 t_c">2007-12-03 22:16:44 作者:<A class=member_url href="http://www.cnfan.net/member/member.php?username=阿军"><FONT color=#000099>IT168</FONT></A> 来源:<A href="" target=_blank><FONT color=#000099>IT168</FONT></A> 浏览次数:<SPAN id=hits>68</SPAN> 文字大小:【<A href="javascript:fontZoom(16)"><FONT color=#000099>大</FONT></A>】【<A href="javascript:fontZoom(14)"><FONT color=#000099>中</FONT></A>】【<A href="javascript:fontZoom(12)"><FONT color=#000099>小</FONT></A>】 </LI></UL> <DIV class=content id=content> <DIV class=contbox><STRONG>简介:</STRONG>我们以Red Hat Linux 9.0为例。在linux下可供选择的邮件服务器套件有Sendmail和Qmail。Qmail比较注重安全问题,如果你需要一个安全的邮件网关,那它是一个不错的可选方案;而Sendmail在稳定性、可移植性、及确保 ...</DIV> <P><STRONG>关键字:</STRONG> <A href="http://mail.cnfan.net//search.php?searchtype=keywords&keywords=Linux9&search=1" target=_blank><FONT color=#000099>Linux9</FONT></A> <A href="http://mail.cnfan.net//search.php?searchtype=keywords&keywords=Mail&search=1" target=_blank><FONT color=#000099>Mail</FONT></A> <A href="http://mail.cnfan.net//search.php?searchtype=keywords&keywords=%B7%FE%CE%F1%C6%F7&search=1" target=_blank><FONT color=#000099>服务器</FONT></A> <A href="http://mail.cnfan.net//search.php?searchtype=keywords&keywords=%BC%DC%C9%E8%B9%A5%C2%D4&search=1" target=_blank><FONT color=#000099>架设攻略</FONT></A> </P> <SCRIPT language=javascript src="http://www.cnfan.net/data//11.js"></SCRIPT> <TABLE height=36 cellSpacing=1 cellPadding=0 width=548 align=center bgColor=#cfd1d1 border=0> <TBODY> <TR> <TD style="FONT-WEIGHT: bold; PADDING-TOP: 3px" align=right width=64 bgColor=#fef8d4> <DIV align=center>热点:</DIV></TD> <TD width=377 bgColor=#ffffff> <TABLE height=28 cellSpacing=0 cellPadding=0 width=377 border=0> <TBODY> <TR> <TD width=12> </TD> <TD width=365><B><FONT color=#0033cc><A href="http://www.testinside.com/" target=_blank><FONT color=#0033cc size=2>Ctrix,HP,EMC,CIW,Oracle,Comptia,IBM,Certification Exams Questions;Bootcamp Braindumps-TestInside</FONT></A></FONT></B></TD></TR></TBODY></TABLE></TD> <TD width=103 bgColor=#ffffff> <DIV align=right><A href="http://www.cnfan.net/" target=_blank><IMG alt=中国网络 src="http://www.cnfan.net/img/cnfan.gif" border=0></A></DIV></TD></TR></TBODY></TABLE> <DIV style="PADDING-RIGHT: 0px; PADDING-LEFT: 5px; FLOAT: right; PADDING-BOTTOM: 5px; PADDING-TOP: 0px"></DIV> <P>我们以Red Hat <A class=keylink href="http://os.cnfan.net/list_20.html" target=_blank><FONT color=#000099>Linux</FONT></A> 9.0为例。在linux下可供选择的邮件服务器套件有Sendmail和Qmail。Qmail比较注重安全问题,如果你需要一个安全的邮件网关,那它是一个不错的可选方案;而Sendmail在稳定性、可移植性、及确保没有bug方面具有一定特色,且可以在网络中搜索到大量的使用资料,因此<A class=keylink href="http://os.cnfan.net/list_20.html" target=_blank><FONT color=#000099>Linux</FONT></A>下一般都选用此系统搭建,本文也是基于Sendmail为例。 </P> <P><STRONG>一. 安装Sendmail。</STRONG></P> <P>完全安装Red Hat <A class=keylink href="http://os.cnfan.net/list_20.html" target=_blank><FONT color=#000099>Linux</FONT></A> 9.0时,Sendmail就会自动内置,版本号为8.12.8-4。如果你不确定<A class=keylink href="http://os.cnfan.net/list_20.html" target=_blank><FONT color=#000099>Linux</FONT></A>是否已经安装有sendmail,可以输入以下命令查看:</P> <P>[root@ahpeng root] rpm –qa grep sendmail</P> <P>如果确定没有安装,请在图形界面下依次选择单击“主菜单-系统设置-添加删除应用程序”,然后在打开的“软件包管理”窗口里选中“邮件服务器”选项,点“更新”后按照提示安装即可。</P> <P>另一种办法是:直接插入<A class=keylink href="http://os.cnfan.net/list_20.html" target=_blank><FONT color=#000099>Linux</FONT></A>第1张安装光盘,选择/RedHat/RPMS目录下的sendmail-8.12.8-4.i386.rpm安装包,之后运行[root@ahpeng RPMS] # rpm -ivh sendmail-8.12.8-4.i386.rpm即可开始安装,再用此方法在第3张安装光盘的同目录下依次安装sendmail-cf.8.12.8-4.i386.rpm、sendmail-doc. 8.12.8-4.i386.rpm。</P> <P><STRONG>二. 启动Sendmail服务系统。</STRONG></P> <P>笔者建议使用带参数的Sendmail命令控制邮件服务器的运行:[root@ahpeng root]# <BR>sendmail -bd –q12h,后跟的参数解释如下:<BR>-b:设定Sendmail服务运行于后台。<BR>-d:指定Sendmail以Daemon(守护进程)方式运行。<BR>-q:设定当Sendmail无法成功发送邮件时,就将邮件保存在队列里,并指定保存时间。上面的12h表示保留12小时。<BR>此外,要检测Sendmail服务器是否正常运行,可以使用命令行:[root@ahpeng root] # /etc/rc.d/init.d/sendmail status。<BR><STRONG>三. 配置Sendmail。</STRONG></P> <P>sendmail.cf的配置语法比较难懂,一般资料上都是采用m4宏处理程序来生成所需的sendmail.cf文件(使用m4编译工具一般不容易出错,还可避免某些带有安全漏洞的宏对服务器造成的破坏)。其配置文件位于/etc/mail/sendmail.cf,在创建的过程中还需要一个模板文件,<A class=keylink href="http://os.cnfan.net/list_20.html" target=_blank><FONT color=#000099>Linux</FONT></A>自带有一个模板文件,位于/etc/mail/sendmail.mc。故可以直接通过修改sendmail.mc模板来达到定制sendmail.cf文件的目的,而不必去死啃哪些难理解的配置命令。配置步骤为:</P> <P>第一步:用模板文件sendmail.mc生成sendmail.cf配置文件,并导出到/etc/mail/目录下,使用命令行为:m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf</P> <P>第二步:再用[root@ahpeng root] /etc/rc.d/init.d/sendmail restart命令行重启sendmail。<BR>至此,邮件服务系统配置完成,已经正常工作。接下来就是创建具体的帐户了。</P> <P><STRONG>四. 建立电子邮件新帐号。</STRONG></P> <P>此步骤相对简单,只需在<A class=keylink href="http://os.cnfan.net/list_20.html" target=_blank><FONT color=#000099>Linux</FONT></A>里新增一个用户即可。依次进入“主菜单-系统设置-用<BR>户和组群”选项,接着打开“Red Hat用户管理器”对话框,点“添加用户”按钮,在接着出现的“创建新用户”窗口中输入用户名及密码即可,如图所示:<BR></P> <P> <TABLE align=center> <TBODY> <TR> <TD><IMG class=fit-image onmousewheel="javascript:return big(this)" style="ZOOM: 90%" alt="" src="http://www.cnfan.net/uploadfile/mail_system/uploadfile/200712/20071203101644970.jpg" onload="javascript:if(this.width>498)this.style.width=498;" border=1></TD></TR> <TR> <TD align=middle>创建mail使用帐号</TD></TR></TBODY></TABLE></P> <P><BR>命令行方式为:[root@ahpeng root]#adduser mailA -p Pass,表示创建了一个mailA的帐号,密码为Pass。</P> <P><STRONG>五. 限制单个用户邮箱容量。</STRONG><BR>如果对用户的邮件容量不加限制,服务器的硬盘是不堪重负的。这可以使用“邮件限额”功能来实现:因为电子邮件的暂存空间是位于/var/spool/mail目录下的,所以只需通过磁盘配额设定每一个邮件帐户在此目录下能使用的最大空间即可。</P> <P><STRONG>六. 单一用户设定多个邮件地址。</STRONG></P> <P>使用别名(alias)可以解决这个问题。别名是sendmail最重要的功能之一。它在aliases这个文本文件中定义,aliases文件的位置由sendmail.cf指定,一般位于/etc目录下。比如前面我们建立的mailA用户要拥有2个邮件地址:<A class=10 href="mailto:mailA@yourdomain.com"><FONT color=#000000>mailA@yourdomain.com</FONT></A>和<A class=10 href="mailto:mailB@yourdomain.com"><FONT color=#000000>mailB@yourdomain.com</FONT></A>,可以这样设置:</P> <P>首先,新增一个账号mailC,然后用<A class=keylink href="http://os.cnfan.net/list_20.html" target=_blank><FONT color=#000099>Linux</FONT></A>的文本编辑器打开/etc/aliases,在里面加上:dearpeter: mailC和truepeter: mailC这两个命令行;然后在命令窗口运行newaliases命令,以要求Sendmail重新读取/etc/aliases文件。如果正确无误,会出现一段回应消息,表示配置成功。这样就可以使用2个地址给mailC发信,而mailC则只需用其中一个账号就可接收寄给以上2个地址的所有邮件。</P> <P>经过以上步骤后,应该就可以用Outlook Express正常发送邮件了,但这时还不能用Outlook Express从服务器端收取邮件的,因为sendmail默认状态并不具备POP3功能,我们还得自己安装并启用它。</P> <P>1. POP3(IMAP)服务器安装。</P> <P>第一步:用以下命令行检查系统是否安装:<BR>[root@ahpeng root]# rpm -qa imap<BR>imap-2001a-18</P> <P>第二步:插入第2张安装光盘,使用下面的命令行开始安装:<BR>[root@ahpeng root]#cd /mnt/cdrom/RedHat/RPMS<BR>[root@ahpeng root]#rpm -ivh imap-2001a-18.i386.rpm</P> <P>2. 启用POP3(IMAP)服务。</P> <P>POP3服务:请先修改/etc/xinetd.d/ipop3文件,将其中的“disable=yes”改为“disable=no”后保存;然后重新启动xinetd程序来读取这个修改过的配置文件,使之生效:<BR>[root@ahpeng root]#/etc/rc.d/init.d/xinetd reload</P> <P>启动IMAP服务的步骤跟POP3一样,只是IMAP的配置文件为/etc/xinetd.d/imap罢了。经过这些折腾,你的<A class=keylink href="http://os.cnfan.net/list_20.html" target=_blank><FONT color=#000099>Linux</FONT></A>已经是一台邮件服务器了!大家学会了吗?</P> <SCRIPT type=text/javascript><!-- google_ad_client = "pub-1295960146753136"; google_ad_width = 300; google_ad_height = 250; google_ad_format = "300x250_as"; google_ad_type = "text_image"; google_ad_channel = ""; google_ui_features = "rc:6"; //--> </SCRIPT> <SCRIPT src="http://pagead2.googlesyndication.com/pagead/show_ads.js" type=text/javascript> </SCRIPT> </DIV></DIV>
查看全文
发表于:2008-03-24 ┆
阅读(348)
┆
评论(0)
基于FreeBSD和Postfix的邮件系统与邮件列表的web mail安装
<DIV> <TABLE style="BORDER-TOP: medium none; MARGIN-BOTTOM: 1px" borderColor=#000000 cellSpacing=0 cellPadding=4 width="98%" align=center bgColor=#f0f3fa border=1> <TBODY> <TR style="HEIGHT: 100%"> <TD style="PADDING-RIGHT: 0px; PADDING-LEFT: 0px; PADDING-BOTTOM: 0px; PADDING-TOP: 0px" vAlign=top width="82%"> <TABLE class=t_msg cellSpacing=0 cellPadding=4 bgColor=#f0f3fa border=0> <TBODY> <TR> <TD class=line style="PADDING-TOP: 10px" vAlign=top height="100%"> <DIV class=t_msgfont id=message4476650><B>基于FreeBSD和Postfix的邮件系统与邮件列表的web mail安装 </B><BR><BR><BR>――――――――――――――――――――――――――――――――――<BR>新增“邮件列表”mailman的安装和设置<BR>新增“邮件流量监控”mailscanner-mrtg的安装和设置<BR>新增php对zend的支持安装<BR>新增使用mailscanner来对进出邮件进行监管。new<BR>修正上一个版本的一些理解性和文件性错误。<BR>主要增强了原来的userinfo数据表。请使用igenus for postfix2.01的用户及时更新。<BR>主要“加强”了病毒过滤和垃圾邮件过滤,更加节约系统资源,使系统配置更简单化。<BR>本文首次使用APF来加强对垃圾邮件的过滤。<BR>垃圾邮件过滤基本上达到了95%的成功率<BR>本文首次使用MailScanner+Clamav配合对邮件病毒进行过滤。<BR>经过严格病毒邮件测试成功率达到了100%。<BR>翻译了病毒邮件提示为中文提示,让系统更加的人性化。<BR>在文档安装过程中加入更详细的说明<BR>在文档软件安装过程中配备了图像,让安装更加的容易。<BR>修正了很多文字性的错误.....<BR>演示:<BR><A href="http://mail.toping.net/" target=_blank><FONT color=#0000ff>http://mail.toping.net</FONT></A><BR>用户名:<A href="mailto:demo@toping.net"><FONT color=#0000ff>demo@toping.net</FONT></A><BR>密 码:demo<BR>――――――――――――――――――――――――――――――――――<BR>FreeBSD+Postfix+Cyrus-sasl+Courier-imap+igenus+spamassassin+Clamav+mailscanner+mailscanner-mrtg+mailman<BR>杨廷勇<BR><BR>Copyright © 2004、2005、2006<BR><BR>本文介绍使用FreeBSD+Postfix+Cyrus-sasl+Courier-imap+igenus+spamassassin+Clamav+mailscanner+mailscanner-mrtg+mailman<BR>来架构一个具有多域名,有邮件列表、webmail、防病毒、防垃圾邮件、web管理界面的邮件系统。<BR>Jacky, $Revision: 4.51 bate $Date: 2005-12-03<BR><BR>系统主要采用MailScanner+clamav+Spamd+APF来对病毒过滤和垃圾邮件过滤。<BR><BR>本文在4.10、5.3、5.4、6.0上安装测试通过,病毒过滤放弃采用amavisd。主要采用执行效率更高的MailSanner来对邮件过滤和垃圾邮件过滤,配置更容易,并且降低了系统开消。让系统更加稳定,经过严格病毒邮件测试成功率达到了100%。垃圾邮件过滤基本上达到了95%的成功率。<BR><BR>Table of Contents <BR>Chapter 1. 系统安装<BR>1.1 安装MySQL<BR>1.2 安装Apache<BR>1.3 安装PHP<BR>1.4 安装zend<BR>1.5 安装openssl<BR>1.6 安装phpMyAdmin<BR>1.7 通过phpMyadmin设置数据库<BR>1.8安装Courier-imap<BR>1.9安装 postfix 和 cyrus-sasl<BR>1.10 安装expect<BR>Chapter 2. 配置邮件服务器<BR>2.1 配置rc.conf<BR>2.2 配置postfix 和 cyrus-sasl<BR>2.3 配置Courier-imap<BR>Chapter 3. 手动设置第一个用户并测试<BR>Chapter 4. 安装postfix管理工具<BR>4.1安装本人开发的postfix管理工具<BR>4.2 用户登录测试<BR>Chapter 5. 防病毒与防垃圾邮件<BR>5.1 安装Clamav<BR>5.2 安装MailScanner<BR>5.3 安装配置Spamassassin<BR>5.4修改Postfix设定档main.cf<BR>5.5修改mailscanner.conf<BR>5.6新增MailScanner所要用到的资料夹<BR>5.7把病毒提示信息改为中文<BR>5.8MailScanner监管进出邮件<BR>5.9 邮件流量监控(mailscanner-mrtg)安装与设置<BR>5.10.安装APF防垃圾邮件<BR>Chapter 6. 安装webmail <BR>Chapter 7邮件列表(mailman)<BR>Chapter 8. 查看系统状态<BR><BR>Chapter 1. 系统安装<BR><BR>安装之前:因用户数据都保存在/var目录下,因此安装FreeBSD时/var的空间应尽量大。FreeBSD的版本为5.3,按最小化安装,软件包只安装cvsup,安装结束后用cvsup更新ports树。在文档中假设服务器的ip地址为192.168.0.2,域名为toping.net,主机名为mail.toping.net。<BR><BR>请兄弟们仔细一些,注意空格和TAB。<BR><BR>祝兄弟们好运。本人水平有限。如果发现文章中有什么错误和不当的地方请发邮件:<A href="mailto:scyz@toping.net"><FONT color=#0000ff>scyz@toping.net</FONT></A>。我会在第一时间给予答复。<BR><BR><BR>1.1 安装MySQL<BR>mail# cd /usr/ports/databases/mysql40-server<BR>mail# make install clean<BR><BR>编辑/etc/rc.conf,加入<BR>mysql_enable="YES" <BR><BR>1.2 安装Apache<BR>mail# cd /usr/ports/www/apache2<BR>mail# make install clean<BR><BR>编辑/etc/rc.conf,加入<BR>Apache2_enable="YES" <BR><BR>1.3 安装PHP<BR>mail# cd /usr/ports/www/mod_php4<BR>mail# make install clean<BR><BR>我的选择:(注意别选DEBUG,否则会和ZEND有冲突)<BR>[X] APACHE2 Use apache 2.x instead of apache 1.3.x<BR><BR>安装需要的PHP扩展模块<BR>mail# cd /usr/ports/lang/php4-extensions<BR>mail# make install clean<BR><BR>我选择了下面的模块:<BR><BR>[X] BCMATH bc style precision math functions <BR>[X] BZ2 bzip2 library support <BR>[X] CALENDAR calendar conversion support <BR>[X] CRACK crack support <BR>[X] CTYPE ctype functions<BR>[X] CURL CURL support<BR>[X] FTP FTP support<BR>[X] GD GD library support<BR>[X] GETTEXT gettext library support <BR>[X] FILEINFO fileinfo support<BR>[X] IMAP IMAP support<BR>[X] MBSTRING multibyte string support <BR>[X] MCAL Modular Calendar Access Library support <BR>[X] MCRYPT Encryption support <BR>[X] MCVE MCVE support <BR>[X] MHASH Crypto-hashing support <BR>[X] MYSQL MySQL database support<BR>[X] PCRE Perl Compatible Regular Expression support <BR>[X] POSIX POSIX-like functions<BR>[X] SESSION session support <BR>[X] TOKENIZER tokenizer support <BR>[X] XML XML support <BR>[X] ZLIB ZLIB support<BR><BR>最后在编辑/usr/local/etc/apache2/httpd.conf最后加入:<BR>DirectoryIndex index.html index.html.var index.php<BR><BR>#注:在DirectoryIndex这里加入index.php,是为了让apache支持首页为index.php的首页文件<BR><BR>AddType application/x-httpd-php .php<BR>AddType application/x-httpd-php-source .phps<BR><BR>Group www、User www修改为: Group postfix、User postfix<BR>注:以上这一步要在postfix安装后再操作<BR><BR>1.4.安装zend<BR>mail# cd /usr/ports/devel/ZendOptimizer<BR>mail# make install clean<BR><BR>因为版权的问题,他不会自动下载。这里你需要到他的官方网站去下载ZendOptimizer-2.5.10a-freebsd4.3-i386.tar.gz到/usr/ports/distfiles目录下面后再安装。<BR>下载地址:<BR><A href="http://downloads.zend.com/optimizer/2.5.10/ZendOptimizer-2.5.10a-freebsd4.3-i386.tar.gz" target=_blank><FONT color=#0000ff>http://downloads.zend.com/optimi ... ebsd4.3-i386.tar.gz</FONT></A><BR><BR>完成后在/usr/local/etc/php.ini中加入:<BR>[Zend]<BR>zend_optimizer.optimization_level=15<BR>zend_extension_manager.optimizer="/usr/local/lib/php/20020429/Optimizer"<BR>zend_extension_manager.optimizer_ts="/usr/local/lib/php/20020429/Optimizer_TS"<BR>zend_extension="/usr/local/lib/php/20020429/ZendExtensionManager.so"<BR>zend_extension_ts="/usr/local/lib/php/20020429/ZendExtensionManager_TS.so"<BR><BR>重启apache安装完成。<BR><BR>1.5 安装openssl<BR>mail# cd /usr/ports/security/openssl<BR>mail# make install clean<BR><BR>1.6 安装phpMyAdmin<BR>mail# cd /usr/ports/databases/phpmyadmin<BR>mail# make fetch<BR>注:(在这里建议直接下载后复制安装)<BR><BR>mail# cd /usr/ports/distfiles<BR>mail# tar –zxvf PhpMyadmin-x.tar.gz<BR>mail# mv /usr/local/www/phpMyAdmin-x /usr/local/www/data/dbadmin<BR><BR>修改/usr/local/www/data/dbadmin/config.inc.php<BR>$cfg['PmaAbsoluteUri'] = 'http://192.168.0.2/dbadmin/';<BR>$cfg['Servers'][$i]['auth_type'] = 'http'; // Authentication method (config, http or cookie based)?<BR>注:指定phpmyadmin的认证方式为http方式。<BR><BR>在浏览器输入<A href="http://192.168./" target=_blank><FONT color=#0000ff>http://192.168.</FONT></A> 0.2/dbadmin/,首次进行登入的用户名为root密码为空,登入后可以修改你的密码。<BR><BR>1.7 通过phpMyadmin设置数据库<BR><BR>建立postfix数据库(注意:数据库名称为postfix):<BR><BR>mail# mysql –u root –p<BR>mysql# CREATE DATABASE `postfix` ; <BR>mysql# use postfix;<BR><BR>下面为sql语句:<BR><BR>CREATE TABLE domaininfo (<BR> domain_id int(5) NOT NULL auto_increment,<BR> domain varchar(25) NOT NULL default '',<BR> alias varchar(30) default NULL,<BR> passwd varchar(35) NOT NULL default '',<BR> usernum int(5) NOT NULL default '0',<BR> quota int(11) NOT NULL default '0',<BR> des varchar(30) default NULL,<BR> expire date NOT NULL default '0000-00-00',<BR> active tinyint(1) NOT NULL default '1',<BR> create_time datetime default NULL,<BR> PRIMARY KEY (domain_id),<BR> UNIQUE KEY domain (domain),<BR> KEY domain_id (domain_id)<BR>) TYPE=MyISAM COMMENT='domain information';<BR><BR>INSERT INTO domaininfo VALUES (1,'admin',NULL,'$1$.j3.t12.$I7MGf7ZD2HrWwUWQF88Mg1',0,0,'Super Admin','0000-00-00',1,'0000-00-00 00:00:00');<BR><BR>CREATE TABLE userinfo (<BR>id int(11) NOT NULL auto_increment,<BR>userid varchar(20) NOT NULL default '',<BR>domain_id int(5) NOT NULL default '0',<BR>address varchar(50) NOT NULL default '',<BR>alias varchar(60) default NULL,<BR>passwd varchar(35) NOT NULL default '',<BR>realname varchar(20) default NULL,<BR>quota int(11) NOT NULL default '0',<BR>active tinyint(1) NOT NULL default '0',<BR>homedir varchar(60) NOT NULL default '',<BR>maildir varchar(60) NOT NULL default '',<BR>create_time datetime NOT NULL default '0000-00-00 00:00:00',<BR>`fax` varchar(20) NOT NULL default '',<BR>`telephone` varchar(15) NOT NULL default '',<BR>`sex` int(1) NOT NULL default '0',<BR>`year` int(4) NOT NULL default '0',<BR>`MONTH` int(2) NOT NULL default '0',<BR>`DAY` int(2) NOT NULL default '0',<BR>`education` varchar(4) NOT NULL default '',<BR>`marital` int(1) NOT NULL default '0',<BR>`occupation` varchar(15) NOT NULL default '',<BR>`companyname` varchar(30) NOT NULL default '',<BR>`province` varchar(6) NOT NULL default '',<BR>PRIMARY KEY (id),<BR>UNIQUE KEY address (address)<BR>) TYPE=InnoDB COMMENT='User Information';<BR><BR>注:对于初学者,建议以上操作都在phpmyadmin中操作更加的简便,如果后面要使用igenus请导入原来igenus的sql。<BR><BR>建立数据库用户并授以相应的权限<BR><BR>mail# mysql –u root –p<BR>mysql# use mysql;<BR>mysql# INSERT INTO user (host,user,password) VALUES('localhost','postfix','');<BR>mysql# update user set password=password('postfix') where User='postfix';<BR>mysql# GRANT ALL ON postfix.* TO postfix@localhost IDENTIFIED BY "postfix";<BR>注:这里加用户名和密码都为:postfix。并授权对postfix数据库进行操作<BR><BR>[<I> 本帖最后由 scyzxp 于 2005-12-4 10:49 编辑 </I>]</DIV><BR style="CLEAR: both"><FONT style="FONT: 12px song,Verdana; COLOR: rgb(0,0,0); font-size-adjust: none; font-stretch: normal; x-system-font: none"><BR><BR></FONT></TD></TR> <TR> <TD>您对本贴的看法:<A href="http://bbs.chinaunix.net/postappraise.php?action=sustain&fid=14&tid=661822&pid=4476650&page=1&extra="><FONT color=#0000ff>鲜花[0]</FONT></A> <A href="http://bbs.chinaunix.net/postappraise.php?action=oppose&fid=14&tid=661822&pid=4476650&page=1&extra="><FONT color=#0000ff>臭蛋[0]</FONT></A></TD></TR> <TR> <TD vAlign=bottom><BR>__________________________________<BR><BR>------------------------------------------------<BR>Postfix技术专业支持论坛<BR><BR>Igenus for Postfix 支持论坛<BR><BR>http://www.thismail.org/bbs<BR>--------------------------------<BR></TD></TR> <TR class=t_infoline> <TD class=line style="PADDING-RIGHT: 5px; PADDING-LEFT: 5px; PADDING-BOTTOM: 5px; PADDING-TOP: 5px"><A href="http://www.cuug.com/" target=_blank><FONT color=red>做DBA,拿高薪,从</FONT><FONT color=blue>CUUG</FONT><FONT color=red>开始</FONT></A> | <A href="http://www.uplooking.com/" target=_blank><FONT color=blue>京/沪/深三地任选5万年薪就业!</FONT></A> | <A href="http://www.unix-center.net/?p=71" target=_blank><FONT color=blue>学Solaris 10 红宝书教程 得iPod大奖</FONT></A> | <A href="http://ad.cn.doubleclick.net/clk;180009591;24299149;m?http://www-306.ibm.com/software/cn/rational/offerings/testing/webapplicationsecurity/" target=_blank><FONT color=red>对黑客防在先 守在后--IBM WatchFire</FONT></A> </TD></TR></TBODY></TABLE></TD></TR></TBODY></TABLE> <TABLE style="MARGIN-BOTTOM: 1px" borderColor=#000000 cellSpacing=0 cellPadding=4 width="98%" align=center bgColor=#fafbfc border=1> <TBODY> <TR style="HEIGHT: 100%"> <TD vAlign=top width="18%"><A name=pid4476655></A><A href="http://bbs.chinaunix.net/profile-uid-206108.html" target=_blank><FONT face=Fixedsys color=#0000ff>scyzxp</FONT></A> <IMG alt=帅哥 src="http://bbs.chinaunix.net/images/default/icon_minigender_male.gif" border=0> <BR> <DIV class=smalltxt>光明使者<BR><BR><BR><BR><IMG src="http://bbs.chinaunix.net/images/default/level/pips5.gif"><BR>UID:206108<BR>注册:2004-12-8<BR>最后登录: 2008-02-12<BR>帖子:<A href="http://search.chinaunix.net/bbs.php?stype=author&q=scyzxp" target=_blank><U><FONT color=#0000ff>824</FONT></U></A><BR>精华:<A href="http://bbs.chinaunix.net/digest.php?authorid=206108"><U><FONT color=#0000ff>2</FONT></U></A> <BR><BR>可用积分:637 <BR>信誉积分:<A title=信誉分默认为100分,发表悬赏帖,并采纳正确答案后,信誉分增加,不采纳则将可能减少><U>100 </U></A><BR>专家积分:<A title=专家积分通过正确回答悬赏帖,并被提问者采纳后获得><U>0</U></A> (本版)<BR><!-- 总积分:<a title="总积分=可用积分+信誉积分+专家积分"><u>737</u></a><br> --><BR>状态:<FONT color=#999999>...离线...</FONT> </DIV><BR>[<A href="http://bbs.chinaunix.net/profile-uid-206108.html" alt="查看此会员的个人资料"><B><FONT color=#0000ff>资料</FONT></B></A>] [<A href="http://bbs.chinaunix.net/pm.php?action=send&uid=206108" target=_blank alt="给此会员发送站内短信"><B><FONT color=#0000ff>站内短信</FONT></B></A>] [<A href="http://blog.chinaunix.net/dir.php?uid=206108" target=_blank alt="进入此会员的CU博客"><B><FONT color=#0000ff>Blog</FONT></B></A>] <BR><BR><BR></TD> <TD style="PADDING-RIGHT: 0px; PADDING-LEFT: 0px; PADDING-BOTTOM: 0px; PADDING-TOP: 0px" vAlign=top width="82%"> <TABLE class=t_msg cellSpacing=0 cellPadding=4 bgColor=#fafbfc border=0> <TBODY> <TR> <TD> <DIV> <DIV class=right style="PADDING-TOP: 4px"><SPAN class=bold> <A href="http://bbs.chinaunix.net/post.php?action=reply&fid=14&tid=661822&repquote=4476655&extra="><FONT color=#0000ff>[引用]</FONT></A> <A href="http://bbs.chinaunix.net/misc.php?action=report&fid=14&tid=661822&pid=4476655&page=1"><FONT color=#0000ff>[报告]</FONT></A> <A onclick="fastreply('回复 #2 scyzxp 的帖子')" href="http://bbs.chinaunix.net/viewthread.php?tid=661822#"><FONT color=#0000ff>[回复]</FONT></A> <A title="评分 0" href="http://bbs.chinaunix.net/misc.php?action=viewratings&tid=661822&pid=4476655"></A><A onclick=scroll(0,0) href="http://bbs.chinaunix.net/viewthread.php?tid=661822#"><IMG alt=顶部 src="http://bbs.chinaunix.net/images/default/top.gif" border=0></A> </SPAN></DIV> <DIV style="PADDING-TOP: 4px"><A class=bold title=复制帖子链接到剪贴板 onclick="setcopy('http://bbs.chinaunix.net/viewthread.php?tid=661822&page=1#pid4476655', '已经复制到剪贴板')" href="http://bbs.chinaunix.net/viewthread.php?tid=661822#"><FONT color=#0000ff>2楼</FONT></A> 发表于 2005-12-4 10:45 </DIV></DIV></TD></TR> <TR> <TD class=line style="PADDING-TOP: 10px" vAlign=top height="100%"> <DIV style="FLOAT: right" align=right></DIV> <DIV class=t_msgfont id=message4476655>1.8 安装Courier-imap<BR>mail# cd /usr/ports/mail/courier-imap<BR>mail# make install clean<BR>我的选择:<BR>[X] OPENSSL Build with OpenSSL support<BR>[X] AUTH_MYSQL MySQL support<BR><BR>在/etc/rc.conf中加入:<BR>courier_authdaemond_enable="YES"<BR>courier_imap_pop3d_enable="YES"<BR>courier_imap_imapd_enable="YES"<BR><BR>mail# cd /usr/local/etc/courier-imap<BR>mail# cp imapd.cnf.dist imapd.cnf<BR>mail# cp pop3d.cnf.dist pop3d.cnf <BR>mail# /usr/local/etc/rc.d/courier-authdaemond.sh start<BR><BR>注:此时会在/var/run/authdaemond/下产生socket,如果没有下面这一步下面的认证无法通过。<BR><BR>mail# chmod +x /var/run/authdaemond<BR><BR>1.9 安装 postfix 和 cyrus-sasl<BR>mail# cd /usr/ports/security/cyrus-sasl2<BR>mail# make install WITH_AUTHDAEMON=yes<BR>mail# make clean<BR><BR>创建/usr/local/lib/sasl2/smtpd.conf<BR><BR>pwcheck_method: authdaemond<BR>log_level: 3<BR>mech_list: PLAIN LOGIN<BR>authdaemond_path:/var/run/authdaemond/socket<BR><BR>更详细的参数设置请看:<BR><A href="http://www.toping.net/viewthread.php?tid=330&fpage=6" target=_blank><FONT color=#0000ff>http://www.toping.net/viewthread.php?tid=330&fpage=6</FONT></A><BR><BR>至此,认证部分基本完成。<BR><BR>安装postfix<BR>mail# cd /usr/ports/mail/postfix<BR>mail# make install clean<BR>我的选择:<BR><BR><BR>回答下面的两问题:<BR>You need user "postfix" added to group "mail".[是否将postfix用户加到mail用户组]<BR>Would you like me to add it [y]? y<BR>Would you like to activate Postfix in /etc/mail/mailer.conf [n]? n<BR><BR>在/etc/rc.conf中加入postfix启动所需的启动选项<BR>在/etc/rc.conf中加入:<BR><BR>sendmail_enable="YES"<BR>sendmail_flags="-bd"<BR>sendmail_pidfile="/var/spool/postfix/pid/master.pid"<BR>sendmail_procname="/usr/local/libexec/postfix/master"<BR>sendmail_outbound_enable="NO"<BR>sendmail_submit_enable="NO"<BR>sendmail_msp_queue_enable="NO"<BR><BR>设置postfix启动所需<BR>mail# ln -s /usr/local/sbin/sendmail /usr/sbin/sendmail<BR><BR>注:如果/usr/sbin/sendmail存在就删了再做上链接,如果升级内核和升级系统后要重新做这一步。<BR><BR>mail# echo ‘postfix: root’ >> /etc/aliases<BR>mail# /usr/local/bin/newaliases<BR>mail# chown postfix:postfix /etc/opiekeys<BR><BR>1.10 安装expect<BR>用于Web客户端建立邮件用户<BR>mail# cd /usr/ports/lang/expect<BR>mail# make install clean<BR><BR>Chapter 2. 配置邮件服务器<BR><BR>本节主要讲述各种服务的参数配置。<BR><BR>2.1 配置rc.conf,编辑/etc/rc.conf<BR><BR>下面是前面所装软件都加入了启动选项的rc.conf配置:<BR><BR>mysql_enable="YES"<BR>apache2_enable="YES"<BR>courier_authdaemond_enable="YES"<BR>courier_imap_pop3d_enable="YES"<BR>courier_imap_imapd_enable="YES"<BR>sendmail_enable="YES"<BR>sendmail_flags="-bd"<BR>sendmail_pidfile="/var/spool/postfix/pid/master.pid"<BR>sendmail_procname="/usr/local/libexec/postfix/master"<BR>sendmail_outbound_enable="NO"<BR>sendmail_submit_enable="NO"<BR>sendmail_msp_queue_enable="NO"<BR><BR>2.2 配置postfix 和 cyrus-sasl<BR>(1)修改/usr/local/etc/postfix/main.cf,在文件最后加入以下内容<BR>mail# ee /usr/local/etc/postfix/main.cf<BR>smtpd_helo_required = yes<BR>strict_rfc821_envelopes = yes<BR>smtpd_etrn_restrictions = permit_mynetworks, reject<BR>#=====================BASE=====================<BR>myhostname = mail.toping.net<BR>mydomain = toping.net<BR>mydestination = $myhostname<BR>local_recipient_maps =<BR>command_directory = /usr/local/sbin<BR>local_transport = virtual<BR>#=====================MySQL=====================<BR>virtual_alias_maps = mysql:/usr/local/etc/postfix/mysql_virtual_alias_maps.cf<BR>virtual_gid_maps = static:125<BR>virtual_mailbox_base = /<BR>virtual_mailbox_domains = mysql:/usr/local/etc/postfix/mysql_virtual_domains_maps.cf<BR>virtual_mailbox_limit = 51200000<BR>virtual_mailbox_maps = mysql:/usr/local/etc/postfix/mysql_virtual_mailbox_maps.cf<BR>virtual_minimum_uid = 125<BR>virtual_transport = virtual<BR>virtual_uid_maps = static:125<BR>#=====================Quota=====================<BR>virtual_create_maildirsize = yes<BR>virtual_mailbox_extended = yes<BR>virtual_mailbox_limit_maps = mysql:/usr/local/etc/postfix/mysql_virtual_mailbox_limit_maps.cf<BR>virtual_mailbox_limit_override = yes<BR>virtual_maildir_limit_message = Sorry, the user's maildir has overdrawn his diskspace quota, please try again later.<BR>virtual_overquota_bounce = yes<BR>#====================SASL=====================<BR>smtpd_sasl_auth_enable = yes<BR>smtpd_sasl_security_options = noanonymous<BR>broken_sasl_auth_clients = yes<BR>smtpd_delay_reject=yes <BR>smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,permit_auth_destination,reject <BR>smtpd_client_restrictions = permit_sasl_authenticated<BR><BR>更详细的参数设置请看论坛:<BR><A href="http://www.toping.net/viewthread.php?tid=550&fpage=2" target=_blank><FONT color=#0000ff>http://www.toping.net/viewthread.php?tid=550&fpage=2</FONT></A><BR><BR>(4)编辑/usr/local/etc/postfix/mysql_virtual_alias_maps.cf<BR>mail# ee /usr/local/etc/postfix/mysql_virtual_alias_maps.cf<BR>user = postfix<BR>password = postfix<BR>hosts = localhost<BR>dbname = postfix<BR>query = SELECT alias FROM userinfo WHERE address='%s' AND active = 1<BR><BR>(5)编辑/usr/local/etc/postfix/mysql_virtual_domains_maps.cf<BR>mail# ee /usr/local/etc/postfix/mysql_virtual_domains_maps.cf<BR>user = postfix<BR>password = postfix<BR>hosts = localhost<BR>dbname = postfix<BR>query = SELECT domain FROM domaininfo WHERE domain='%s'<BR><BR>(6)编辑/usr/local/etc/postfix/mysql_virtual_mailbox_maps.cf<BR>mail# ee /usr/local/etc/postfix/mysql_virtual_mailbox_maps.cf<BR>user = postfix<BR>password = postfix<BR>hosts = localhost<BR>dbname = postfix<BR>query = SELECT maildir FROM userinfo WHERE address='%s' AND active = 1<BR><BR>(7)编辑/usr/local/etc/postfix/mysql_virtual_mailbox_limit_maps.cf<BR>mail# ee /usr/local/etc/postfix/mysql_virtual_mailbox_limit_maps.cf<BR>user = postfix<BR>password = postfix<BR>hosts = localhost<BR>dbname = postfix<BR>query = SELECT quota FROM userinfo WHERE address='%s'<BR><BR>2.3 配置Courier-imap<BR><BR>(1)修改Courier相关设置,/usr/local/etc/courier-imap/imapd:<BR><BR>IMAP_CAPABILITY="IMAP4rev1 CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA" <BR><BR>(2)修改/usr/local/etc/courier-imap/pop3d<BR><BR>POP3AUTH="LOGIN CRAM-MD5 CRAM-SHA1"<BR><BR>(3)编辑修改/usr/local/etc/authlib/authmysqlrc<BR>mail# mv /usr/local/etc/authlib/authmysqlrc /usr/local/etc/authlib/authmysqlrc_bak<BR>mail# ee /usr/local/etc/authlib/authmysqlrc<BR>MYSQL_SERVER localhost //数据库主机地址<BR>MYSQL_USERNAME postfix //数据库用户名<BR>MYSQL_PASSWORD postfix //数据库密码<BR>MYSQL_PORT 0<BR>MYSQL_OPT 0<BR>MYSQL_DATABASE postfix //数据库名称<BR>MYSQL_USER_TABLE userinfo<BR>MYSQL_CRYPT_PWFIELD passwd<BR>MYSQL_UID_FIELD '125'<BR>MYSQL_GID_FIELD '125'<BR>MYSQL_LOGIN_FIELD address<BR>MYSQL_HOME_FIELD homedir<BR>MYSQL_NAME_FIELD realname<BR>MYSQL_MAILDIR_FIELD maildir<BR>MYSQL_QUOTA_FIELD quota<BR>注:这里得用tab键来跳格<BR><BR>(4)编辑/usr/local/etc/authlib/authdaemonrc<BR>mail# mv /usr/local/etc/authlib/authdaemonrc /usr/local/etc/authlib/authdaemonrc_bak<BR>mail# ee /usr/local/etc/authlib/authdaemonrc<BR>authmodulelist="authmysql"<BR>authmodulelistorig="authmysql"<BR>version="authdaemond.mysql"<BR>daemons=5<BR>authdaemonvar=/var/run/authdaemond<BR>subsystem=mail<BR>DEBUG_LOGIN=0<BR>DEFAULTOPTIONS="wbnodsn=1"<BR><BR>重启服务器</DIV><BR style="CLEAR: both"><FONT style="FONT: 12px song,Verdana; COLOR: rgb(0,0,0); font-size-adjust: none; font-stretch: normal; x-system-font: none"><BR><BR></FONT></TD></TR> <TR> <TD>您对本贴的看法:<A href="http://bbs.chinaunix.net/postappraise.php?action=sustain&fid=14&tid=661822&pid=4476655&page=1&extra="><FONT color=#0000ff>鲜花[0]</FONT></A> <A href="http://bbs.chinaunix.net/postappraise.php?action=oppose&fid=14&tid=661822&pid=4476655&page=1&extra="><FONT color=#0000ff>臭蛋[0]</FONT></A></TD></TR> <TR> <TD vAlign=bottom><BR>__________________________________<BR><BR>------------------------------------------------<BR>Postfix技术专业支持论坛<BR><BR>Igenus for Postfix 支持论坛<BR><BR>http://www.thismail.org/bbs<BR>--------------------------------<BR></TD></TR> <TR class=t_infoline> <TD class=line style="PADDING-RIGHT: 5px; PADDING-LEFT: 5px; PADDING-BOTTOM: 5px; PADDING-TOP: 5px"><A href="http://www.cuug.com/" target=_blank><FONT color=red>做DBA,拿高薪,从</FONT><FONT color=blue>CUUG</FONT><FONT color=red>开始</FONT></A> | <A href="http://www.uplooking.com/" target=_blank><FONT color=blue>京/沪/深三地任选5万年薪就业!</FONT></A> | <A href="http://www.unix-center.net/?p=71" target=_blank><FONT color=blue>学Solaris 10 红宝书教程 得iPod大奖</FONT></A> | <A href="http://ad.cn.doubleclick.net/clk;180009591;24299149;m?http://www-306.ibm.com/software/cn/rational/offerings/testing/webapplicationsecurity/" target=_blank><FONT color=red>对黑客防在先 守在后--IBM WatchFire</FONT></A> </TD></TR></TBODY></TABLE></TD></TR></TBODY></TABLE> <TABLE style="MARGIN-BOTTOM: 1px" borderColor=#000000 cellSpacing=0 cellPadding=4 width="98%" align=center bgColor=#f0f3fa border=1> <TBODY> <TR style="HEIGHT: 100%"> <TD vAlign=top width="18%"><A name=pid4476658></A><A href="http://bbs.chinaunix.net/profile-uid-206108.html" target=_blank><FONT face=Fixedsys color=#0000ff>scyzxp</FONT></A> <IMG alt=帅哥 src="http://bbs.chinaunix.net/images/default/icon_minigender_male.gif" border=0> <BR> <DIV class=smalltxt>光明使者<BR><BR><BR><BR><IMG src="http://bbs.chinaunix.net/images/default/level/pips5.gif"><BR>UID:206108<BR>注册:2004-12-8<BR>最后登录: 2008-02-12<BR>帖子:<A href="http://search.chinaunix.net/bbs.php?stype=author&q=scyzxp" target=_blank><U><FONT color=#0000ff>824</FONT></U></A><BR>精华:<A href="http://bbs.chinaunix.net/digest.php?authorid=206108"><U><FONT color=#0000ff>2</FONT></U></A> <BR><BR>可用积分:637 <BR>信誉积分:<A title=信誉分默认为100分,发表悬赏帖,并采纳正确答案后,信誉分增加,不采纳则将可能减少><U>100 </U></A><BR>专家积分:<A title=专家积分通过正确回答悬赏帖,并被提问者采纳后获得><U>0</U></A> (本版)<BR><!-- 总积分:<a title="总积分=可用积分+信誉积分+专家积分"><u>737</u></a><br> --><BR>状态:<FONT color=#999999>...离线...</FONT> </DIV><BR>[<A href="http://bbs.chinaunix.net/profile-uid-206108.html" alt="查看此会员的个人资料"><B><FONT color=#0000ff>资料</FONT></B></A>] [<A href="http://bbs.chinaunix.net/pm.php?action=send&uid=206108" target=_blank alt="给此会员发送站内短信"><B><FONT color=#0000ff>站内短信</FONT></B></A>] [<A href="http://blog.chinaunix.net/dir.php?uid=206108" target=_blank alt="进入此会员的CU博客"><B><FONT color=#0000ff>Blog</FONT></B></A>] <BR><BR><BR></TD> <TD style="PADDING-RIGHT: 0px; PADDING-LEFT: 0px; PADDING-BOTTOM: 0px; PADDING-TOP: 0px" vAlign=top width="82%"> <TABLE class=t_msg cellSpacing=0 cellPadding=4 bgColor=#f0f3fa border=0> <TBODY> <TR> <TD> <DIV> <DIV class=right style="PADDING-TOP: 4px"><SPAN class=bold> <A href="http://bbs.chinaunix.net/post.php?action=reply&fid=14&tid=661822&repquote=4476658&extra="><FONT color=#0000ff>[引用]</FONT></A> <A href="http://bbs.chinaunix.net/misc.php?action=report&fid=14&tid=661822&pid=4476658&page=1"><FONT color=#0000ff>[报告]</FONT></A> <A onclick="fastreply('回复 #3 scyzxp 的帖子')" href="http://bbs.chinaunix.net/viewthread.php?tid=661822#"><FONT color=#0000ff>[回复]</FONT></A> <A title="评分 0" href="http://bbs.chinaunix.net/misc.php?action=viewratings&tid=661822&pid=4476658"></A><A onclick=scroll(0,0) href="http://bbs.chinaunix.net/viewthread.php?tid=661822#"><IMG alt=顶部 src="http://bbs.chinaunix.net/images/default/top.gif" border=0></A> </SPAN></DIV> <DIV style="PADDING-TOP: 4px"><A class=bold title=复制帖子链接到剪贴板 onclick="setcopy('http://bbs.chinaunix.net/viewthread.php?tid=661822&page=1#pid4476658', '已经复制到剪贴板')" href="http://bbs.chinaunix.net/viewthread.php?tid=661822#"><FONT color=#0000ff>3楼</FONT></A> 发表于 2005-12-4 10:45 </DIV></DIV></TD></TR> <TR> <TD class=line style="PADDING-TOP: 10px" vAlign=top height="100%"> <DIV style="FLOAT: right" align=right></DIV> <DIV class=t_msgfont id=message4476658>Chapter 3.手动设置第一个用户并测试 <BR><BR>本章介绍如何开通用户,并且测试系统是否正常。<BR><BR>注:增加用户时请到这里生成加密后的密码后直接插入到数据库中就可以了。<BR><A href="http://www.toping.net/soft" target=_blank><FONT color=#0000ff>http://www.toping.net/soft</FONT></A><BR>mail# mysql<BR>mysql> use postfix;<BR>mysql> show tables;<BR>+-------------------+<BR>| Tables_in_postfix |<BR>+-------------------+<BR>| address |<BR>| admin |<BR>| card |<BR>| domaininfo |<BR>| lastauth |<BR>| logs |<BR>| message |<BR>| personal |<BR>| scheduler |<BR>| stow |<BR>| userinfo |<BR>| vpopmail |<BR>+-------------------+<BR>12 rows in set (0.00 sec)<BR><BR>增加域名和管理员<BR><BR>mysql> desc domaininfo;<BR>+-------------+-------------+------+-----+------------+----------------+<BR>| Field | Type | Null | Key | Default | Extra |<BR>+-------------+-------------+------+-----+------------+----------------+<BR>| domain_id | int(5) | | PRI | NULL | auto_increment |<BR>| domain | varchar(25) | | UNI | | |<BR>| alias | varchar(30) | YES | | NULL | |<BR>| passwd | varchar(35) | | | | |<BR>| usernum | int(5) | | | 0 | |<BR>| quota | int(11) | | | 0 | |<BR>| des | varchar(30) | YES | | NULL | |<BR>| expire | date | | | 0000-00-00 | |<BR>| active | tinyint(1) | | | 1 | |<BR>| create_time | datetime | YES | | NULL | |<BR>+-------------+-------------+------+-----+------------+----------------+<BR>10 rows in set (0.00 sec)<BR><BR>mysql> INSERT INTO `domaininfo` VALUES (7, 'toping.net', NULL, '$1$jNXThQXq$KPjm.WE2f2yX5rceY48vX. ', 50, 500, NULL, '0000-00-00', 1, '2005-04-19 23:19:11');<BR>Query OK, 1 row affected (0.00 sec)<BR><BR>注:这里的toping.net的管理密码为:admin123<BR><BR>mysql> desc userinfo;<BR>+-------------+-------------+------+-----+---------------------+----------------+<BR>| Field | Type | Null | Key | Default | Extra |<BR>+-------------+-------------+------+-----+---------------------+----------------+<BR>| id | int(11) | | PRI | NULL | auto_increment |<BR>| userid | varchar(20) | | | | |<BR>| domain_id | int(5) | | | 0 | |<BR>| address | varchar(50) | | UNI | | |<BR>| alias | varchar(60) | YES | | NULL | |<BR>| passwd | varchar(35) | | | | |<BR>| realname | varchar(20) | YES | | NULL | |<BR>| quota | int(11) | | | 0 | |<BR>| active | tinyint(1) | | | 0 | |<BR>| homedir | varchar(60) | | | | |<BR>| maildir | varchar(60) | | | | |<BR>| create_time | datetime | | | 0000-00-00 00:00:00 | |<BR>| fax | varchar(20) | | | | |<BR>| telephone | varchar(15) | | | | |<BR>| sex | int(1) | | | 0 | |<BR>| year | int(4) | | | 0 | |<BR>| MONTH | int(2) | | | 0 | |<BR>| DAY | int(2) | | | 0 | |<BR>| education | varchar(4) | | | | |<BR>| marital | int(1) | | | 0 | |<BR>| occupation | varchar(15) | | | | |<BR>| companyname | varchar(30) | | | | |<BR>| province | varchar(6) | | | | |<BR>+-------------+-------------+------+-----+---------------------+----------------+<BR>23 rows in set (0.00 sec) <BR><BR>mysql> INSERT INTO `userinfo` VALUES (8, 'webmaster', 7, '<A href="mailto:webmaster@toping.net"><FONT color=#0000ff>webmaster@toping.net</FONT></A>', NULL,'$1$4DLQeNkz$QKCAQqg244XwvLl2SD11f0', 'webmaster', 209715200, 1, '/var/mail/toping.net/webmaster/', '/var/mail/toping.net/webmaster/Maildir/', '2005-04-20 23:45:17', '', '', 0, 0, 0, 0, '', 0, '', '', '');<BR><BR>注:这里的webmaster用户的邮箱密码为:000000<BR><BR>mysql>quit<BR><BR>设置用户的目录与权限:<BR>Mail# mkdir -p /var/mail/toping.net/webmaster<BR>Mail# /usr/local/bin/maildirmake /var/mail/toping.net/webmaster/Maildir<BR>Mail# chmod -R 777 /var/mail/toping.net/<BR>Mail# chown -R postfix:postfix /var/mail/toping.net<BR><BR>至此用户设置完毕,这里只使用一个域名,同理可以设置多个域名。<BR><BR>Chapter 4.安装postfix管理工具<BR><BR>本节主要介绍如何安装和使用本人开发的postfix管理工具。<BR><BR>4.1安装本人开发的postfix管理工具来设置第一个域名和用户<BR>上传管理工具到网站目录<BR>后修改include/config.inc.php中的<BR>define(DOMAINSDIR,"/home/vmail"); 为 define(DOMAINSDIR,"/var/mail");<BR>define(MYSQL_HOST, 'localhost'); 为 您的MySQL服务器的主机名<BR>define(MYSQL_USER, 'root'); 为 您的MySQL的用户名<BR>define(MYSQL_PASS, 'mypasswd'); 为 您的MySQL的密码<BR>define(MYSQL_DATA, 'postfix'); 为 您的邮件服务器的数据库<BR><BR>修改完成后运行:<A href="http://mail.toping.net/webadmin/index.php" target=_blank><FONT color=#0000ff>http://mail.toping.net/webadmin/index.php</FONT></A><BR><BR>完装完成!!<BR><BR>4.2 用户登录测试<BR><BR>用户登录测试<BR><BR>安装p5-MIME-Base64<BR>mail# cd /usr/ports/converters/p5-MIME-Base64/<BR>mail# make install clean<BR><BR>通过p5-MIME-Base64来取得用户名和密码的base64编码<BR>mail# perl -MMIME::Base64 -e 'print encode_base64("webmaster\@toping.net");'<BR>d2VibWFzdGVyQHRvcGluZy5uZXQ=<BR>mail# perl -MMIME::Base64 -e 'print encode_base64("000000");'<BR>MDAwMDAw<BR><BR>测试发送邮件(端口:25):<BR><BR>mail# telnet 127.0.0.1 25<BR>Trying 127.0.0.1...<BR>Connected to 0.<BR>Escape character is '^]'.<BR>220 mail.toping.net ESMTP Postfix<BR>ehlo mail<BR>250-mail.toping.net<BR>250-PIPELINING<BR>250-SIZE 4194304<BR>250-VRFY<BR>250-ETRN<BR>250-AUTH NTLM LOGIN PLAIN OTP<BR>250-AUTH=NTLM LOGIN PLAIN OTP<BR>250 8BITMIME<BR>auth login<BR>334 VXNlcm5hbWU6<BR>d2VibWFzdGVyQHRvcGluZy5uZXQ= //此为用户名id:<A href="mailto:webmaster@toping.net"><FONT color=#0000ff>webmaster@toping.net</FONT></A><BR>334 UGFzc3dvcmQ6<BR>MDAwMDAw //此为用户密码password:000000<BR>235 Authentication successful<BR>MAIL FROM:<<A href="mailto:webmaster@toping.net"><FONT color=#0000ff>webmaster@toping.net</FONT></A>> //告诉服务器发件人的Email地址<BR>250 Ok<BR>RCPT TO:<<A href="mailto:webmaster@toping.net"><FONT color=#0000ff>webmaster@toping.net</FONT></A>> //告诉服务器收件人的地址<BR>250 OK<BR>DATA //告诉服务器开始写信<BR>354 End data with <CR><LF>.<CR><LF><BR>SUBJECT:test //subject后面填写的是邮件的主题<BR>test<BR>. //换行后输入.后按回车,表示信件内容书写完毕<BR>250 Ok: queued as 58DC71D5<BR>quit //发送信件,结束对话,退出SMTP服务器<BR>221 Bye<BR>Connection closed by foreign host<BR><BR>测试收取邮件(端口:110):<BR><BR>mail# telnet 127.0.0.1 110<BR>Trying 127.0.0.1...<BR>Connected to 0<BR>Escape character is '^]'<BR>+OK Hello there<BR>user <A href="mailto:webmaster@toping.net"><FONT color=#0000ff>webmaster@toping.net</FONT></A><BR>+OK Password required<BR>pass 000000<BR>+OK logged in<BR>list<BR>+OK POP3 clients that break here, they violate STD53<BR>1 2217<BR>retr 1 //返回第一封信的全部内容<BR>+OK 2217 octets follow.<BR>Return-Path: <<A href="mailto:webmaster@toping.net"><FONT color=#0000ff>webmaster@toping.net</FONT></A>><BR>X-Original-To: <A href="mailto:webmaster@toping.net"><FONT color=#0000ff>webmaster@toping.net</FONT></A><BR>Delivered-To: <A href="mailto:webmaster@toping.net"><FONT color=#0000ff>webmaster@toping.net</FONT></A><BR>Received: from mail (localhost.toping.net [127.0.0.1])<BR> by mail.toping.net (Postfix) with ESMTP id 58DC71D5<BR> for <<A href="mailto:webmaster@toping.net"><FONT color=#0000ff>webmaster@toping.net</FONT></A>>; Mon, 9 Aug 2004 21:11:20 +0800 (CST)<BR>SUBJECT:test<BR>Message-Id: <<A href="mailto:20040809131120.58DC71D5@mail.toping.net"><FONT color=#0000ff>20040809131120.58DC71D5@mail.toping.net</FONT></A>><BR>Date: Mon, 9 Aug 2004 21:11:20 +0800 (CST)<BR>From: <A href="mailto:webmaster@toping.net"><FONT color=#0000ff>webmaster@toping.net</FONT></A><BR>To: undisclosed-recipients:;<BR>test<BR>.<BR>dele 1 //删除<BR>+OK Deleted<BR>quit<BR>+OK Bye-bye<BR>Connection closed by foreign host<BR><BR>也可以使用任何其它的邮件客户端程序来测试,如foxmail、Outlook Express等等。</DIV><BR style="CLEAR: both"><FONT style="FONT: 12px song,Verdana; COLOR: rgb(0,0,0); font-size-adjust: none; font-stretch: normal; x-system-font: none"><BR><BR></FONT></TD></TR> <TR> <TD>您对本贴的看法:<A href="http://bbs.chinaunix.net/postappraise.php?action=sustain&fid=14&tid=661822&pid=4476658&page=1&extra="><FONT color=#0000ff>鲜花[0]</FONT></A> <A href="http://bbs.chinaunix.net/postappraise.php?action=oppose&fid=14&tid=661822&pid=4476658&page=1&extra="><FONT color=#0000ff>臭蛋[0]</FONT></A></TD></TR> <TR> <TD vAlign=bottom><BR>__________________________________<BR><BR>------------------------------------------------<BR>Postfix技术专业支持论坛<BR><BR>Igenus for Postfix 支持论坛<BR><BR>http://www.thismail.org/bbs<BR>--------------------------------<BR></TD></TR> <TR class=t_infoline> <TD class=line style="PADDING-RIGHT: 5px; PADDING-LEFT: 5px; PADDING-BOTTOM: 5px; PADDING-TOP: 5px"><A href="http://www.cuug.com/" target=_blank><FONT color=red>做DBA,拿高薪,从</FONT><FONT color=blue>CUUG</FONT><FONT color=red>开始</FONT></A> | <A href="http://www.uplooking.com/" target=_blank><FONT color=blue>京/沪/深三地任选5万年薪就业!</FONT></A> | <A href="http://www.unix-center.net/?p=71" target=_blank><FONT color=blue>学Solaris 10 红宝书教程 得iPod大奖</FONT></A> | <A href="http://ad.cn.doubleclick.net/clk;180009591;24299149;m?http://www-306.ibm.com/software/cn/rational/offerings/testing/webapplicationsecurity/" target=_blank><FONT color=red>对黑客防在先 守在后--IBM WatchFire</FONT></A> </TD></TR></TBODY></TABLE></TD></TR></TBODY></TABLE> <TABLE style="MARGIN-BOTTOM: 1px" borderColor=#000000 cellSpacing=0 cellPadding=4 width="98%" align=center bgColor=#fafbfc border=1> <TBODY> <TR style="HEIGHT: 100%"> <TD vAlign=top width="18%"><A name=pid4476663></A><A href="http://bbs.chinaunix.net/profile-uid-206108.html" target=_blank><FONT face=Fixedsys color=#0000ff>scyzxp</FONT></A> <IMG alt=帅哥 src="http://bbs.chinaunix.net/images/default/icon_minigender_male.gif" border=0> <BR> <DIV class=smalltxt>光明使者<BR><BR><BR><BR><IMG src="http://bbs.chinaunix.net/images/default/level/pips5.gif"><BR>UID:206108<BR>注册:2004-12-8<BR>最后登录: 2008-02-12<BR>帖子:<A href="http://search.chinaunix.net/bbs.php?stype=author&q=scyzxp" target=_blank><U><FONT color=#0000ff>824</FONT></U></A><BR>精华:<A href="http://bbs.chinaunix.net/digest.php?authorid=206108"><U><FONT color=#0000ff>2</FONT></U></A> <BR><BR>可用积分:637 <BR>信誉积分:<A title=信誉分默认为100分,发表悬赏帖,并采纳正确答案后,信誉分增加,不采纳则将可能减少><U>100 </U></A><BR>专家积分:<A title=专家积分通过正确回答悬赏帖,并被提问者采纳后获得><U>0</U></A> (本版)<BR><!-- 总积分:<a title="总积分=可用积分+信誉积分+专家积分"><u>737</u></a><br> --><BR>状态:<FONT color=#999999>...离线...</FONT> </DIV><BR>[<A href="http://bbs.chinaunix.net/profile-uid-206108.html" alt="查看此会员的个人资料"><B><FONT color=#0000ff>资料</FONT></B></A>] [<A href="http://bbs.chinaunix.net/pm.php?action=send&uid=206108" target=_blank alt="给此会员发送站内短信"><B><FONT color=#0000ff>站内短信</FONT></B></A>] [<A href="http://blog.chinaunix.net/dir.php?uid=206108" target=_blank alt="进入此会员的CU博客"><B><FONT color=#0000ff>Blog</FONT></B></A>] <BR><BR><BR></TD> <TD style="PADDING-RIGHT: 0px; PADDING-LEFT: 0px; PADDING-BOTTOM: 0px; PADDING-TOP: 0px" vAlign=top width="82%"> <TABLE class=t_msg cellSpacing=0 cellPadding=4 bgColor=#fafbfc border=0> <TBODY> <TR> <TD> <DIV> <DIV class=right style="PADDING-TOP: 4px"><SPAN class=bold> <A href="http://bbs.chinaunix.net/post.php?action=reply&fid=14&tid=661822&repquote=4476663&extra="><FONT color=#0000ff>[引用]</FONT></A> <A href="http://bbs.chinaunix.net/misc.php?action=report&fid=14&tid=661822&pid=4476663&page=1"><FONT color=#0000ff>[报告]</FONT></A> <A onclick="fastreply('回复 #4 scyzxp 的帖子')" href="http://bbs.chinaunix.net/viewthread.php?tid=661822#"><FONT color=#0000ff>[回复]</FONT></A> <A title="评分 0" href="http://bbs.chinaunix.net/misc.php?action=viewratings&tid=661822&pid=4476663"></A><A onclick=scroll(0,0) href="http://bbs.chinaunix.net/viewthread.php?tid=661822#"><IMG alt=顶部 src="http://bbs.chinaunix.net/images/default/top.gif" border=0></A> </SPAN></DIV> <DIV style="PADDING-TOP: 4px"><A class=bold title=复制帖子链接到剪贴板 onclick="setcopy('http://bbs.chinaunix.net/viewthread.php?tid=661822&page=1#pid4476663', '已经复制到剪贴板')" href="http://bbs.chinaunix.net/viewthread.php?tid=661822#"><FONT color=#0000ff>4楼</FONT></A> 发表于 2005-12-4 10:47 </DIV></DIV></TD></TR> <TR> <TD class=line style="PADDING-TOP: 10px" vAlign=top height="100%"> <DIV style="FLOAT: right" align=right></DIV> <DIV class=t_msgfont id=message4476663>Chapter 5. 防病毒与防垃圾邮件<BR><BR>本章介绍病毒与垃圾邮件的防范。 <BR><BR>5.1 安装Clamav<BR>mail# cd /usr/ports/security/clamav<BR>mail# make install clean <BR><BR>我的选择:<BR>[X] MILTER Compile the milter interface <BR>[X] CURL Support URL downloading<BR>[X] LIBUNRAR Support for external Unrar library <BR><BR>要想clamav能自动的启动请在/etc/rc.conf中加入:<BR>clamav_clamd_enable="YES"<BR>clamav_freshclam_enable="YES"<BR><BR>重启服务器<BR><BR>测试杀毒<BR>mail# clamscan -r -i /usr/local/www/data<BR><BR>----------- SCAN SUMMARY -----------<BR>Known viruses: 41293<BR>Engine version: 0.87.1<BR>Scanned directories: 53<BR>Scanned files: 602<BR>Infected files: 0<BR>Data scanned: 41.51 MB<BR>Time: 18.294 sec (0 m 18 s)<BR><BR>升级病毒库<BR>mail# freshclam<BR>ClamAV update process started at Sun Dec 4 01:10:02 2005<BR>main.cvd is up to date (version: 34, sigs: 39625, f-level: 5, builder: tkojm)<BR>daily.cvd is up to date (version: 1200, sigs: 1669, f-level: 6, builder: tomek) <BR><BR>5.2 安装MailScanner<BR>mail# cd /usr/ports/mail/mailscanner<BR>mail# make install<BR><BR>第一次执行安装因此需执行make initial-config以建立基本配置文件 <BR><BR>mail# make initial-config<BR>mail# make clean<BR><BR>5.3 安装SpamAssassin<BR>mail# cd /usr/ports/mail/p5-Mail-SpamAssassin<BR>mail# make install clean<BR><BR>我的选择:<BR>[X] AS_ROOT Run spamd as root (recommended) <BR>[X] DOMAINKEYS DomainKeys support<BR>[X] SSL Build with SSL support for spamd/spamc<BR>[X] MYSQL Add MySQL support<BR>[X] RAZOR Add Vipul's Razor support<BR>[X] SPF_QUERY Add SPF query support<BR>[X] RELAY_COUNTRY Relay country support<BR>[X] TOOLS Install SpamAssassin tools <BR><BR>5.4修改Postfix设定档main.cf<BR>mail# ee /usr/local/etc/postfix/main.cf<BR>#header_checks = regexp:/usr/local/etc/postfix/header_checks //默认值<BR>header_checks = regexp:/usr/local/etc/postfix/header_checks //把注释去掉<BR><BR>编辑/usr/local/etc/postfix/header_checks<BR>mail# ee /usr/local/etc/postfix/header_checks<BR>/^Received:/ HOLD //新加入<BR><BR>5.5修改mailscanner.conf<BR>mail# ee /usr/local/etc/MailScanner/MailScanner.conf<BR>#Run As User = //默认值<BR>Run As User = postfix //修改后<BR>#Run As Group = //默认值<BR>Run As Group = postfix //修改后 <BR>#Incoming Queue Dir = /var/spool/mqueue.in //默认值<BR>Incoming Queue Dir = /var/spool/postfix/hold //修改后<BR>#Outgoing Queue Dir = /var/spool/mqueue //默认值<BR>Outgoing Queue Dir = /var/spool/postfix/incoming //修改后<BR>#MTA = sendmail //默认值<BR>MTA = postfix //修改后<BR>#Virus Scanners = none //默认值<BR>Virus Scanners = clamav //修改后<BR>#Use SpamAssassin = no //默认值<BR>Use SpamAssassin = yes //修改后<BR><BR>5.6新增MailScanner所要用到的资料夹<BR>mail# mkdir /var/spool/MailScanner<BR>mail# mkdir /var/spool/MailScanner/incoming<BR>mail# mkdir /var/spool/MailScanner/quarantine<BR>mail# chown postfix:postfix /var/spool/MailScanner/incoming<BR>mail# chown postfix:postfix /var/spool/MailScanner/quarantine<BR>mail# touch /usr/local/etc/MailScanner/rules/bounce.rules //新建一个空白文件,要不然会出错。<BR>mail# chmod –R 777 /var/spool/postfix<BR>mail#cp /usr/local/etc/MailScanner/mcp/10_example.cf.sample /usr/local/etc/MailScanner/mcp/10_example.cf<BR>mail#cp /usr/local/etc/MailScanner/mcp/mcp.spam.assassin.prefs.conf.sample /usr/local/etc/MailScanner/mcp/mcp.spam.assassin.prefs.conf<BR>注:这里的倒数一、二行实际操作中为一行<BR><BR>重新启动服务器<BR><BR>测试病毒过滤:<BR><BR>mail# telnet localhost 25<BR>Trying ::1...<BR>telnet: connect to address ::1: Connection refused<BR>Trying 127.0.0.1...<BR>Connected to localhost.<BR>Escape character is '^]'.<BR>220 mail.toping.net ESMTP Postfix<BR>mail from:webmaster@toping.net<BR>250 Ok<BR>rcpt to:webmaster@toping.net<BR>250 Ok<BR>data<BR>354 End data with <CR><LF>.<CR><LF><BR>Subject:Virus test<BR><BR>X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*<BR><BR>.<BR>250 Ok: queued as F0C221CC20 //出现F0C221CC20这行表示mailscanner运行成功了<BR>quit<BR>221 Bye<BR>Connection closed by foreign host.<BR><BR>5.7把病毒提示信息改为中文<BR><BR>预设系统提示信息为英文,可以下载我修改的中文包。<BR><BR><A href="http://mail.toping.net/mailscanner/cn.rar" target=_blank><FONT color=#0000ff>http://mail.toping.net/mailscanner/cn.rar</FONT></A><BR><BR>注:把下载下来的文件解压后放到/usr/local/share/MailScanner/reports/cn下面去<BR><BR>mail# ee /usr/local/etc/MailScanner/MailScanner.conf<BR>#%report-dir% = /usr/local/share/MailScanner/reports/en //默认值(加载英文)<BR>%report-dir% = /usr/local/share/MailScanner/reports/cn //修改后为读取中文<BR><BR>5.8.用MailScanner来监管进出邮件<BR>mail# ee MailScanner.conf<BR>Archive Mail = %rules-dir%/archive.rules <BR>mail# ee archive.rules<BR><BR>方法一:互相备份, 以上这样并不会造成 loop <BR>FromOrTo: <A href="mailto:a@toping.net"><FONT color=#0000ff>a@toping.net</FONT></A> yes forward <A href="mailto:b@toping.net"><FONT color=#0000ff>b@toping.net</FONT></A><BR>FromOrTo: <A href="mailto:b@toping.net"><FONT color=#0000ff>b@toping.net</FONT></A> yes forward <A href="mailto:a@toping.net"><FONT color=#0000ff>a@toping.net</FONT></A><BR><BR>方法二:可以 forward 到复数信箱 <BR>FromOrTo: <A href="mailto:a@toping.net"><FONT color=#0000ff>a@toping.net</FONT></A> yes forward <A href="mailto:b@toping.net"><FONT color=#0000ff>b@toping.net</FONT></A> <A href="mailto:c@toping.net"><FONT color=#0000ff>c@toping.net</FONT></A> <A href="mailto:d@toping.net"><FONT color=#0000ff>d@toping.net</FONT></A> <BR><BR>方法三:同时备份到一个或多个档案及一个或多个信箱<BR>FromOrTo: <A href="mailto:a@toping.net"><FONT color=#0000ff>a@toping.net</FONT></A> yes forward /var/spool/MailScanner/archive/a_user_backup.mbx /var/spool/MailScanner/archive/a_user_backup.mbx <A href="mailto:b@toping.net"><FONT color=#0000ff>b@toping.net</FONT></A> <A href="mailto:scyz2@163.com"><FONT color=#0000ff>scyz2@163.com</FONT></A> <BR>注:以上为一行,该档案要先建立且确定该档案拥有者与 MailScanner.conf 的 Run As User = XXXXXXX 相同 <BR><BR>方法四:备份到数据夹及多个信箱或档案<BR>FromOrTo: <A href="mailto:a@toping.net"><FONT color=#0000ff>a@toping.net</FONT></A> yes forward /var/spool/MailScanner/archive/ <A href="mailto:b@toping.net"><FONT color=#0000ff>b@toping.net</FONT></A> <A href="mailto:scyz2@163.com"><FONT color=#0000ff>scyz2@163.com</FONT></A> /var/spool/MailScanner/archive/a_user_backup.mbx <BR>注:以上为一行,权限同SAMPLE3;注意事项, 他会依日期再分数据夹, 日期数据夹内的文件名称 mail queue ID, 格式为 postfix mail queue 格式<BR><BR>更详细的mailscanner.cf的参数请看论坛:<BR><BR><A href="http://www.toping.net/viewthread.php?tid=533&fpage=2" target=_blank><FONT color=#0000ff>http://www.toping.net/viewthread.php?tid=533&fpage=2</FONT></A><BR><BR>5.9.安装MailScanner-mrtg<BR>mail# cd /usr/ports/mail/ mailscanner-mrtg<BR>mail# make install clean<BR><BR>mailscanner-mrtg相关设置<BR>mail# cd /usr/local/etc/mailscanner-mrtg //切换至mailscanner-mrtg 目录<BR>mail# cp mailscanner-mrtg.conf.sample mailscanner-mrtg.conf<BR>mail# cp mailscanner-mrtg.cfg.sample mailscanner-mrtg.cfg<BR>mail# chmod 644 mailscanner-mrtg.conf //更改权限为可修改<BR>mail# chmod 644 mailscanner-mrtg.cfg //更改权限为可修改<BR>mail# ee mailscanner-mrtg.conf //修改mailscanner-mrtg.conf内容如下<BR>#MTA = sendmail //默认值<BR>MTA = postfix //修改后<BR>#Where the MTA puts mail before MailScanner gets it <BR>#Incoming Queue Dir = /var/spool/postfix.in/deferred/ # Postfix<BR>#Incoming Queue Dir = /var/spool/exim.in/input/ # Exim<BR>Incoming Queue Dir = /var/spool/mqueue.in/ # Sendmail //默认值<BR>Incoming Queue Dir = /var/spool/postfix/hold # Postfix //修改后<BR>#Where MailScanner puts your mail after it is scanned <BR>#Outgoing Queue Dir = /var/spool/postfix/incoming/ # Postfix<BR>#Outgoing Queue Dir = /var/spool/exim/input # Exim (?)<BR>Outgoing Queue Dir = /var/spool/mqueue/ # Sendmail //默认值<BR>Outgoing Queue Dir = /var/spool/postfix/incoming/ # Postfix //修改后(把#拿掉)<BR>#Which interfaces to monitor (comma separated list) <BR>Interfaces to Monitor = fxp0 //默认值<BR>Interfaces to Monitor = vr0 //修改后(改成您的网卡吧)<BR><BR>mail# ee /usr/local/etc/apache/httpd.conf //修改apache配置以便读取mailscanner-mrtg数据<BR>内容如下:<BR><BR>#MailScanner Setting<BR>Alias /mailscanner-mrtg/ "/usr/local/www/mailscanner-mrtg/"<BR><BR>产生MailScanner-Mrtg流量图<BR>mail# /usr/local/bin/mrtg /usr/local/etc/mailscanner-mrtg/mailscanner-mrtg.cfg <BR>mail# crontab -e <BR>*/10 * * * * /usr/local/bin/mrtg /usr/local/etc/mailscanner-mrtg/mailscanner-mrtg.cfg<BR><BR>5.10.安装APF防垃圾邮件<BR><A href="http://apf.org.cn/" target=_blank><FONT color=#0000ff>http://apf.org.cn</FONT></A><BR>下载地址:<BR><A href="http://mail.toping.net/apf/apf.rar" target=_blank><FONT color=#0000ff>http://mail.toping.net/apf/apf.rar</FONT></A><BR><BR>下载最新的APF包解压到/usr/local/etc/postfix目录。<BR><BR>这时/usr/local/etc/postfix目录里边有一个apf-posftix.pl的文件<BR>修改/usr/local/etc/postfix/master.cf<BR>mail# ee /usr/local/etc/postfix/master.cf<BR>加入:<BR>apf unix - n n - - spawn<BR> user=nobody argv=/usr/bin/perl /usr/local/etc/postfix/apf-postfix.pl<BR><BR>增加黑白名单:<BR><BR>1、IP黑名单:<BR>ip_black_list.txt<BR><BR>2、IP白名单<BR>ip_white_list.txt<BR><BR>3、域名黑名单<BR>dn_black_list.txt<BR><BR>4、域名白名单<BR>dn_white_list.txt</DIV><BR style="CLEAR: both"><FONT style="FONT: 12px song,Verdana; COLOR: rgb(0,0,0); font-size-adjust: none; font-stretch: normal; x-system-font: none"><BR><BR></FONT></TD></TR> <TR> <TD>您对本贴的看法:<A href="http://bbs.chinaunix.net/postappraise.php?action=sustain&fid=14&tid=661822&pid=4476663&page=1&extra="><FONT color=#0000ff>鲜花[0]</FONT></A> <A href="http://bbs.chinaunix.net/postappraise.php?action=oppose&fid=14&tid=661822&pid=4476663&page=1&extra="><FONT color=#0000ff>臭蛋[0]</FONT></A></TD></TR> <TR> <TD vAlign=bottom><BR>__________________________________<BR><BR>------------------------------------------------<BR>Postfix技术专业支持论坛<BR><BR>Igenus for Postfix 支持论坛<BR><BR>http://www.thismail.org/bbs<BR>--------------------------------<BR></TD></TR> <TR class=t_infoline> <TD class=line style="PADDING-RIGHT: 5px; PADDING-LEFT: 5px; PADDING-BOTTOM: 5px; PADDING-TOP: 5px"><A href="http://www.cuug.com/" target=_blank><FONT color=red>做DBA,拿高薪,从</FONT><FONT color=blue>CUUG</FONT><FONT color=red>开始</FONT></A> | <A href="http://www.uplooking.com/" target=_blank><FONT color=blue>京/沪/深三地任选5万年薪就业!</FONT></A> | <A href="http://www.unix-center.net/?p=71" target=_blank><FONT color=blue>学Solaris 10 红宝书教程 得iPod大奖</FONT></A> | <A href="http://ad.cn.doubleclick.net/clk;180009591;24299149;m?http://www-306.ibm.com/software/cn/rational/offerings/testing/webapplicationsecurity/" target=_blank><FONT color=red>对黑客防在先 守在后--IBM WatchFire</FONT></A> </TD></TR></TBODY></TABLE></TD></TR></TBODY></TABLE> <TABLE style="MARGIN-BOTTOM: 1px" borderColor=#000000 cellSpacing=0 cellPadding=4 width="98%" align=center bgColor=#f0f3fa border=1> <TBODY> <TR style="HEIGHT: 100%"> <TD vAlign=top width="18%"><A name=pid4476665></A><A href="http://bbs.chinaunix.net/profile-uid-206108.html" target=_blank><FONT face=Fixedsys color=#0000ff>scyzxp</FONT></A> <IMG alt=帅哥 src="http://bbs.chinaunix.net/images/default/icon_minigender_male.gif" border=0> <BR> <DIV class=smalltxt>光明使者<BR><BR><BR><BR><IMG src="http://bbs.chinaunix.net/images/default/level/pips5.gif"><BR>UID:206108<BR>注册:2004-12-8<BR>最后登录: 2008-02-12<BR>帖子:<A href="http://search.chinaunix.net/bbs.php?stype=author&q=scyzxp" target=_blank><U><FONT color=#0000ff>824</FONT></U></A><BR>精华:<A href="http://bbs.chinaunix.net/digest.php?authorid=206108"><U><FONT color=#0000ff>2</FONT></U></A> <BR><BR>可用积分:637 <BR>信誉积分:<A title=信誉分默认为100分,发表悬赏帖,并采纳正确答案后,信誉分增加,不采纳则将可能减少><U>100 </U></A><BR>专家积分:<A title=专家积分通过正确回答悬赏帖,并被提问者采纳后获得><U>0</U></A> (本版)<BR><!-- 总积分:<a title="总积分=可用积分+信誉积分+专家积分"><u>737</u></a><br> --><BR>状态:<FONT color=#999999>...离线...</FONT> </DIV><BR>[<A href="http://bbs.chinaunix.net/profile-uid-206108.html" alt="查看此会员的个人资料"><B><FONT color=#0000ff>资料</FONT></B></A>] [<A href="http://bbs.chinaunix.net/pm.php?action=send&uid=206108" target=_blank alt="给此会员发送站内短信"><B><FONT color=#0000ff>站内短信</FONT></B></A>] [<A href="http://blog.chinaunix.net/dir.php?uid=206108" target=_blank alt="进入此会员的CU博客"><B><FONT color=#0000ff>Blog</FONT></B></A>] <BR><BR><BR></TD> <TD style="PADDING-RIGHT: 0px; PADDING-LEFT: 0px; PADDING-BOTTOM: 0px; PADDING-TOP: 0px" vAlign=top width="82%"> <TABLE class=t_msg cellSpacing=0 cellPadding=4 bgColor=#f0f3fa border=0> <TBODY> <TR> <TD> <DIV> <DIV class=right style="PADDING-TOP: 4px"><SPAN class=bold> <A href="http://bbs.chinaunix.net/post.php?action=reply&fid=14&tid=661822&repquote=4476665&extra="><FONT color=#0000ff>[引用]</FONT></A> <A href="http://bbs.chinaunix.net/misc.php?action=report&fid=14&tid=661822&pid=4476665&page=1"><FONT color=#0000ff>[报告]</FONT></A> <A onclick="fastreply('回复 #5 scyzxp 的帖子')" href="http://bbs.chinaunix.net/viewthread.php?tid=661822#"><FONT color=#0000ff>[回复]</FONT></A> <A title="评分 0" href="http://bbs.chinaunix.net/misc.php?action=viewratings&tid=661822&pid=4476665"></A><A onclick=scroll(0,0) href="http://bbs.chinaunix.net/viewthread.php?tid=661822#"><IMG alt=顶部 src="http://bbs.chinaunix.net/images/default/top.gif" border=0></A> </SPAN></DIV> <DIV style="PADDING-TOP: 4px"><A class=bold title=复制帖子链接到剪贴板 onclick="setcopy('http://bbs.chinaunix.net/viewthread.php?tid=661822&page=1#pid4476665', '已经复制到剪贴板')" href="http://bbs.chinaunix.net/viewthread.php?tid=661822#"><FONT color=#0000ff>5楼</FONT></A> 发表于 2005-12-4 10:48 </DIV></DIV></TD></TR> <TR> <TD class=line style="PADDING-TOP: 10px" vAlign=top height="100%"> <DIV style="FLOAT: right" align=right></DIV> <DIV class=t_msgfont id=message4476665>Chapter 6. 安装webmail<BR>如何使用本人修改的iGENUS for Postfix 2.01 <BR><BR>下载地址:<BR><A href="http://mail.toping.net/igenus/igenus_for_postfix_2.01.rar" target=_blank><FONT color=#0000ff>http://mail.toping.net/igenus/igenus_for_postfix_2.01.rar</FONT></A><BR><BR>webmail使用igenus,版本是iGENUS for Postfix 2.01 <BR><BR>建议下载本人修改的iGENUS for Postfix 2.01<BR><BR>安装方法参考论坛:<BR><BR><A href="http://www.toping.net/viewthread.php?tid=174&fpage=1" target=_blank><FONT color=#0000ff>http://www.toping.net/viewthread.php?tid=174&fpage=1</FONT></A> <BR><BR>mail# cd /usr/local/www/data<BR>mail# chown -R postfix:postfix phpMyAdmin<BR>mail# cd /usr/local/etc<BR>mail# cp php.ini-dist php.ini<BR>修改/usr/local/etc/php.ini<BR><BR>webmail上传附件设置:<BR>register_globals = On<BR>max_execution_time = 30 //改为60 (增加处理脚本的时间限制)<BR>memory_limit = 8M //改为40M (这样才能发10M的附件)<BR>post_max_size = 8M //改为10M<BR>upload_max_filesize = 2M //改为10M<BR><BR>重启apache<BR><BR>mail# /usr/local/etc/rc.d/apache2.sh restart<BR><BR>Chapter 7. 安装邮件列表(MAILMAN)安装<BR><BR>本节主要讲述邮件列表mailman的安装和配置<BR><BR>设置/etc/make.conf<BR>mail# ee /etc/make.conf<BR># mail/mailman<BR>MAIL_GID="mailman"<BR><BR>安装mailman<BR>mail# portinstall -m BATCH=yes mail/mailman<BR><BR>配置apache(新加入)<BR>mail# ee /usr/local/etc/apache2/httpd.conf<BR>ScriptAlias /mailman "/usr/local/mailman/cgi-bin"<BR><BR><Directory "/usr/local/mailman/cgi-bin"><BR>AllowOverride None<BR>Options none<BR>Order allow,deny<BR>Allow from all<BR></Directory><BR>Alias /pipermail "/usr/local/mailman/archives/public"<BR><BR><Directory "/usr/local/mailman/archives/"><BR>AllowOverride None<BR>Options +FollowSymlinks<BR>Order allow,deny<BR>Allow from all<BR></Directory><BR>用check_perms<BR>mail# /usr/local/mailman/bin/check_perms -f<BR>注:加上-f参数可以修复。<BR><BR>修改/usr/local/mailman/Mailman/mm_cfg.py,加上:<BR>DEFAULT_EMAIL_HOST = 'lists.toping.net'<BR>MTA = 'Postfix'<BR>POSTFIX_STYLE_VIRTUAL_DOMAINS = ['lists.toping.net', 'toping.net']<BR><BR>添加一个邮件列表: <BR>mail# /usr/local/mailman/bin/newlist mailman<BR><BR>把用户添加到邮件列表里测试,建一个文本文件,比如maillists.txt,一行一个邮件地址,然后执行如下命令: <BR>mail# /usr/local/mailman/bin/add_members -n maillists.txt mailman <BR>mail# ee postfix/main.cf<BR>owner_request_special = no<BR>recipient_delimiter = +<BR><BR>virtual_alias_maps = hash:/usr/local/mailman/data/virtual-mailman,<BR>mysql:/usr/local/etc/postfix/mysql/mysql_virtual_alias_maps.cf<BR>alias_maps = hash:/usr/local/mailman/data/aliases,hash:/usr/local/etc/postfix/aliases<BR><BR>mail# ee Default.py<BR>DEFAULT_EMAIL_HOST = 'lists.toping.net'<BR>DEFAULT_URL_HOST = 'lists.toping.net'<BR>DEFAULT_URL_PATTERN = 'http://%s/mailman/'<BR><BR>DEFAULT_SERVER_LANGUAGE = 'zh_CN'<BR><BR>设置virtual-mailman<BR>mail# ee /usr/local/mailman/data/virtual-mailman<BR>lists.meilai.com <<A href="http://lists.meilai.com/" target=_blank><FONT color=#0000ff>http://lists.meilai.com</FONT></A>> anything<BR><BR>邮件列表的配置<BR><BR>Default.py和mm_cfg.py的配置是针对全局的,对全局配置文件的修改不会影响到已经存在的邮件列表。mailman提供了config_list这个命令来对单个邮件列表进行配置,先导出该邮件列表的配置:<BR><BR>mail# /usr/local/mailman/bin/config_list -o /tmp/config mailman<BR><BR>然后修改/tmp/config文件,里面有很多选项,可以根据自己的要求修改,比如加上回复到邮件列表的邮件头、去掉mailman自动加的边脚等等,最后把这个配置文件导回给邮件列表就可以了:<BR><BR>mail# /usr/local/mailman/bin/config_list -i /tmp/config mailman<BR><BR>下面你可以通过web去管理你的邮件列表:<BR><A href="http://lists.toping.net/mailman/admin/mailman" target=_blank><FONT color=#0000ff>http://lists.toping.net/mailman/admin/mailman</FONT></A><BR>查看邮件列表信息:<BR><A href="http://lists.toping.net/mailman/listinfo/mailman/" target=_blank><FONT color=#0000ff>http://lists.toping.net/mailman/listinfo/mailman/</FONT></A><BR>功能太强大了,这里不一一的讲解,自己去发现吧<BR><BR><BR>Chapter 7. 查看系统状态<BR><BR>本节主要讲述phpSysInfo工具的安装和配置<BR>安装phpSysInfo(2.2)<BR>mail# cd /usr/ports/www/phpSysInfo<BR>mail# make install clean<BR>mail# cd /usr/local/www/data-dist/phpSysInfo<BR>mail# cp config.php.new config.php<BR>相关网址:<BR><A href="http://:www.toping.net/" target=_blank><FONT color=#0000ff>http://:www.toping.net/</FONT></A></DIV><BR style="CLEAR: both"><FONT style="FONT: 12px song,Verdana; COLOR: rgb(0,0,0); font-size-adjust: none; font-stretch: normal; x-system-font: none"><BR><BR></FONT></TD></TR> <TR> <TD></TD></TR></TBODY></TABLE></TD></TR></TBODY></TABLE></DIV>
查看全文
发表于:2008-02-13 ┆
阅读(431)
┆
评论(0)
Linux(RHAS3)+Apache+PHP+MySQL+qmail+vpopmail+iGenu
<DIV><BR> <SCRIPT>function StorePage(){d=document;t=d.selection?(d.selection.type!='None'?d.selection.createRange().text:''):(d.getSelection?d.getSelection():'');void(keyit=window.open('http://www.365key.com/storeit.aspx?t='+escape(d.title)+'&u='+escape(d.location.href)+'&c='+escape(t),'keyit','scrollbars=no,width=475,height=575,left=75,top=20,status=no,resizable=yes'));keyit.focus();}</SCRIPT> <DIV class=post> <DIV class=postTitle> <SCRIPT src="http://wz.csdn.net/javascripts/vote.js"></SCRIPT> <IFRAME style="MARGIN-TOP: 0px; FLOAT: left" border=0 marginWidth=0 frameSpacing=0 marginHeight=0 src="http://wz.csdn.net/vote.aspx?t=qmail%20total%20-%20VAN%20BLOOD%20-%20CSDNBlog&u=http%3A//blog.csdn.net/gimser/archive/2005/12/04/543152.aspx" frameBorder=0 noResize width=54 scrolling=no height=75></IFRAME><A href="http://blog.csdn.net/gimser/archive/2005/12/04/543152.aspx"><IMG height=13 src="http://blog.csdn.net/images/authorship.gif" width=15 border=0><FONT color=#800080> qmail total</FONT></A> <SCRIPT src="http://blog.csdn.net/count.aspx?ID=543152&Type=Rank"></SCRIPT> <SPAN title=文章指数:94><IMG src="http://blog.csdn.net/images/star.gif" border=0><IMG src="http://blog.csdn.net/images/star.gif" border=0><IMG src="http://blog.csdn.net/images/star.gif" border=0><IMG src="http://blog.csdn.net/images/star.gif" border=0><IMG src="http://blog.csdn.net/images/star_half.gif" border=0></SPAN> <IMG title="CSDN Blog推出文章指数概念,文章指数是对Blog文章综合评分后推算出的,综合评分项分别是该文章的点击量,回复次数,被网摘收录数量,文章长度和文章类型;满分100,每月更新一次。" alt="CSDN Blog推出文章指数概念,文章指数是对Blog文章综合评分后推算出的,综合评分项分别是该文章的点击量,回复次数,被网摘收录数量,文章长度和文章类型;满分100,每月更新一次。" src="http://blog.csdn.net/images/ask.gif" border=0> </DIV> <DIV class=postText> <DIV class=pagebody> <DIV id=navbar></DIV> <DIV class=post> <DIV class=posttext>(Linux(RHAS3)+Apache+PHP+MySQL+qmail+vpopmail+iGenus+iGenus admin+ezmlm+autorespond+qmailadmin+vqadmin+imap+qmail-scanner+maildrop+spamassassin+MRTG+isoqlog)<BR><BR><BR>功能列表<BR><BR>SMTP服务器:SMTP-AUTH认证(Plain,Login,CRAM-MD5),TLS(SSL)支持 <BR>POP3服务器:CRAM-MD5,APOP,和SSL支持 <BR>IMAP服务器:TLS(SSL)支持<BR>病毒和垃圾邮件检测 <BR>自动回复 <BR>邮件列表<BR>Web管理<BR>通过Web显示统计信息 <BR>WebMail<BR>MRTG<BR><BR><BR>--------------------------------------------------------------------------------<BR><BR>安装准备<BR><BR>安装环境 <BR><BR>这个安装过程基本上你只需要复制粘贴就可以完成.我在RedHat AS3/9.0/8.0/7.3上安装成功,其他系统还没试过.为了方便安装我在安装Redhat3.0时选了apache、php、mysql,注意mysql-devel和mysql-server开发包一定要装上.另外大家在安装LINUX时一定要装上软件开发和内核开发两个软件组,这样可以避免不必要的由于编译环境的问题而导致的安装问题,这点对于LINUX新手犹为重要。安装系统后,一般另需安装php-mysql这个包,在安装光碟第三张。AS3.0安装后,并没有mysql-server软件包,需自行下载安装,为方便大家,mysql-server软件包我已经与所有软件放在一个包中。<BR><BR>要确认下面的软件是否已经安装:<BR><BR>rpm -q httpd<BR>rpm -q php<BR>rpm -q php-mysql<BR>rpm -q mysql<BR>rpm -q mysql-server<BR>rpm -q mysql-devel<BR>rpm -q gdbm<BR>rpm -q gdbm-devel<BR>rpm -q openssl<BR>rpm -q openssl-devel<BR>rpm -q stunnel<BR>rpm -q krb5-devel<BR><BR><BR>如果你还没有安装, 请先安装它们. 你可以到安装光盘或是在这里找到它们的RPM包 http://www.rpmfind.net.<BR><BR><BR>启动mysql server: <BR># /etc/rc.d/init.d/mysqld start <BR>设置mysql root口令: <BR># mysqladmin -u root password ‘xukixu’(设置你的密码) <BR><BR>mysql的头文件和库文件分别在/usr/include/mysql和/usr/lib/mysql。 <BR>安装完Redhat3.0后,修改/etc/httpd/conf/httpd.conf,使web服务正常启用,为mysql添加root用户的密码。如果设置了防火墙,要打开服务器的www 80、smtp 25和pop3 110三个端口。<BR><BR><BR>检查DNS设置 <BR>在开始之前,确保正确设置了DNS MX记录.例如使用"domain.com"作为邮件域,对MX记录进行测试:<BR><BR>在Linux下:<BR><BR># host -t mx domain.com<BR>domain.com. mail is handled by 10 mail.domain.com.<BR># host -t a mail.domain.com<BR>mail.domain.com. has address xxx.xxx.xxx.xxx <BR><BR>在Windows下:<BR><BR>C:\>nslookup<BR>Default Server: ns.domain.com<BR>Address: xxx.xxx.xxx.xxx<BR>>set type=mx<BR>>domain.com<BR>domain.com MX preference = 10, mail exchanger = mail.domain.com<BR>mail.domain.com internet address = xxx.xxx.xxx.xxx<BR>>exit <BR><BR>卸载已有的邮件系统 <BR>确认没有SMTP/POP/IMAP服务在运行:<BR><BR>/etc/init.d/sendmail stop<BR>netstat -na | grep 25<BR>netstat -na | grep 110<BR>netstat -na | grep 143<BR>ntsysv <BR><BR>删除已有的SMTP/POP/IMAP软件:<BR><BR>rpm -e --nodeps sendmail<BR>rpm -e --nodeps postfix <BR><BR>下载软件 <BR>文中所用的软件:<BR><BR>netqmail-1.05.tar.gz<BR>daemontools-0.76.tar.gz<BR>daemontools-0.76.errno.patch<BR>autorespond-2.0.5.tar.gz<BR>toaster-scripts-0.6.tar.gz<BR>qmail-toaster-0.6-1.patch.bz2<BR>ezmlm-0.53.tar.gz<BR>ezmlm-idx-0.42.tar.gz<BR>courier-imap-2.2.2.20040207.tar.bz2<BR>igenus_2.0.2_20040901_release.tgz<BR>mysql-server-3.23.58-1.i386.rpm<BR>qmailadmin-1.2.3.tar.gz<BR>chkuser-0.6.mysql.patch <BR>ucspi-tcp-0.88.a_record.patch<BR>ucspi-tcp-0.88.errno.patch<BR>ucspi-tcp-0.88.nobase.patch<BR>ucspi-tcp-0.88.tar.gz<BR>vpopmail-5.4.7.tar.gz<BR>qmailadmin-1.2.3.tar.gz<BR>vqadmin-2.3.6.tar.gz<BR>Mail-SpamAssassin-3.0.1.tar.gz<BR>clamav-0.80.tar.gz<BR>qmail-scanner-1.22.tgz<BR>qms-analog-0.3.4.tar.gz<BR>maildrop-1.7.0.tar.bz2<BR>tnef-1.2.3.1.tar.gz<BR>qmailanalog-0.70.tar.gz<BR>qmailanalog-0.70.errno.patch<BR>qlogtools-3.1.tar.gz<BR>qlogtools_errno.patch<BR>zlib-1.1.4.tar.gz<BR>libpng-1.2.7.tar.gz<BR>gd-1.8.3.tar.gz<BR>mrtg-2.10.15.tar.gz<BR>qmailmrtg7-4.0.tar.gz<BR>igenus_admin_0.1.tgz<BR>isoqlog-2.1.1.tar.gz<BR><BR><BR>我把下文中所提到的软件打成了一个包,下载地址为:http://www.xuki.org/qmail_2.0.tar.gz;我一般把软件放在/home/pkg下面,根据个人习惯吧。<BR><BR>tar -xzf netqmail-1.05.tar.gz<BR>cd netqmail-1.05<BR>./collate.sh<BR><BR>注意:./collate.sh这一步不要忘<BR><BR><BR>--------------------------------------------------------------------------------<BR><BR>安装软件 <BR>daemontools <BR><BR>daemontools是一个收集管理UNIX进程的工具.用它来监听qmail-send,qmail-smtpd,qmail-pop3d.<BR><BR>#安装:<BR>cd /home/pkg<BR>tar -zxvf daemontools-0.76.tar.gz<BR>cd admin/daemontools-0.76<BR>patch -p1 < /home/pkg/netqmail-1.05/other-patches/daemontools-0.76.errno.patch<BR>package/install <BR># 验证daemontools已经正常运行:<BR>sleep 5<BR>ps ax | grep svscan <BR><BR><BR>--------------------------------------------------------------------------------<BR><BR><BR>ucspi-tcp <BR>ucspi-tcp包括tcpserver和tcpclient,一个命令行工具来建立client-server应用程序.<BR><BR>#安装:<BR>cd /home/pkg<BR>tar zxvf ucspi-tcp-0.88.tar.gz<BR>cd ucspi-tcp-0.88<BR>patch -p1 < ../ucspi-tcp-0.88.a_record.patch <BR>patch -p1 < ../ucspi-tcp-0.88.errno.patch <BR>patch -p1 < ../ucspi-tcp-0.88.nobase.patch <BR>make<BR>make setup check <BR><BR>--------------------------------------------------------------------------------<BR><BR>qmail <BR><BR>这个toaster补丁,是下面这几个补丁的组合:<BR><BR>smtp auth 0.4.2 <BR><BR>qmail-queue (to allow for virus scanners) <BR><BR>maildir++ patch <BR><BR>support oversize dns packets (not necessary if you use dnscache) <BR><BR>mfcheck (check that the envelope sender has a dns entry) <BR><BR>tarpit delay <BR><BR>qregex (regular expression matching in badmailfrom and badmailto) <BR><BR>big concurrency (set the spawn limit above 255)<BR><BR><BR>#安装:<BR><BR>mkdir /var/qmail<BR>groupadd nofiles<BR>useradd -g nofiles -d /var/qmail/alias alias<BR>useradd -g nofiles -d /var/qmail qmaild<BR>useradd -g nofiles -d /var/qmail qmaill<BR>useradd -g nofiles -d /var/qmail qmailp<BR>groupadd qmail<BR>useradd -g qmail -d /var/qmail qmailq<BR>useradd -g qmail -d /var/qmail qmailr<BR>useradd -g qmail -d /var/qmail qmails <BR><BR># 在这里把vpopmail用户也加上<BR>groupadd -g 89 vchkpw<BR>useradd -u 89 -g vchkpw vpopmail <BR><BR>cd /home/pkg<BR>tar -xzf toaster-scripts-0.6.tar.gz<BR>cd netqmail-1.05/<BR>bunzip2 -c ../qmail-toaster-0.6-1.patch.bz2 | patch -p0<BR>cd netqmail-1.05 <BR><BR># 注:在RedHat上,需要为TLS补丁链接一个include文件:<BR>ln -s /usr/kerberos/include/com_err.h /usr/kerberos/include/krb5.h /usr/kerberos/include/profile.h /usr/include/ <BR><BR>vi qmail-smtpd.c \ 搜索函数straynewline中的451改为553 <BR><BR># 当你的服务器收到无效格式的邮件时,会发送:"I am not going to accept that message at the moment,you can try again later",对方服务器收到后,几秒钟后又会发送同样的邮件给你,造成多次的重复。 <BR># 改为553后,你的服务器将直接发送:"I am not going to accept that message,don't try sending it again.",告诉对方的服务器不要再发这封无效的信件。 <BR><BR><BR>make<BR>make setup check <BR><BR># 用你自己的主机名代替下面的mail.domain.com<BR>./config-fast mail.domain.com <BR><BR>cd /var/qmail/alias<BR>touch .qmail-postmaster .qmail-mailer-daemon .qmail-root<BR>chmod 644 /var/qmail/alias/.qmail*<BR>cd - <BR><BR>echo 1 > /var/qmail/control/mfcheck<BR>echo ./Maildir/ >/var/qmail/control/defaultdelivery <BR><BR>make cert<BR># 按提示输入公司信息 <BR><BR>make tmprsadh<BR># 注:这里可能要多等一会 <BR><BR># 用"crontab -e"在crontab里增加下面这条,每天晚上更新temp keys<BR>01 01 * * * /var/qmail/bin/update_tmprsadh > /dev/null 2>&1 <BR><BR>#为qmail服务建立监控目录和日志文件:<BR><BR>mkdir -p /var/qmail/supervise/qmail-send/log<BR>mkdir -p /var/qmail/supervise/qmail-smtpd/log<BR>mkdir -p /var/qmail/supervise/qmail-pop3d/log<BR>mkdir -p /var/qmail/supervise/qmail-pop3ds/log<BR>chmod +t /var/qmail/supervise/qmail-send<BR>chmod +t /var/qmail/supervise/qmail-smtpd<BR>chmod +t /var/qmail/supervise/qmail-pop3d/log<BR>chmod +t /var/qmail/supervise/qmail-pop3ds/log<BR>cp /home/pkg/toaster-scripts-0.6/send.run /var/qmail/supervise/qmail-send/run<BR>cp /home/pkg/toaster-scripts-0.6/send.log.run /var/qmail/supervise/qmail-send/log/run<BR>cp /home/pkg/toaster-scripts-0.6/smtpd.run /var/qmail/supervise/qmail-smtpd/run<BR>cp /home/pkg/toaster-scripts-0.6/smtpd.log.run /var/qmail/supervise/qmail-smtpd/log/run<BR>cp /home/pkg/toaster-scripts-0.6/pop3d.run /var/qmail/supervise/qmail-pop3d/run<BR>cp /home/pkg/toaster-scripts-0.6/pop3d.log.run /var/qmail/supervise/qmail-pop3d/log/run<BR>cp /home/pkg/toaster-scripts-0.6/pop3ds.run /var/qmail/supervise/qmail-pop3ds/run<BR>cp /home/pkg/toaster-scripts-0.6/pop3ds.log.run /var/qmail/supervise/qmail-pop3ds/log/run<BR>echo 20 > /var/qmail/control/concurrencyincoming<BR>chmod 644 /var/qmail/control/concurrencyincoming<BR>chmod 755 /var/qmail/supervise/qmail-send/run<BR>chmod 755 /var/qmail/supervise/qmail-send/log/run<BR>chmod 755 /var/qmail/supervise/qmail-smtpd/run<BR>chmod 755 /var/qmail/supervise/qmail-smtpd/log/run<BR>chmod 755 /var/qmail/supervise/qmail-pop3d/run<BR>chmod 755 /var/qmail/supervise/qmail-pop3d/log/run<BR>chmod 755 /var/qmail/supervise/qmail-pop3ds/run<BR>chmod 755 /var/qmail/supervise/qmail-pop3ds/log/run<BR>mkdir -p /var/log/qmail/smtpd<BR>mkdir -p /var/log/qmail/pop3d<BR>mkdir -p /var/log/qmail/pop3ds<BR>chown -R qmaill /var/log/qmail <BR><BR>#启动脚本:<BR><BR>cp /home/pkg/toaster-scripts-0.6/rc /var/qmail/<BR>cp /home/pkg/toaster-scripts-0.6/qmailctl /var/qmail/bin/<BR>chmod 755 /var/qmail/rc<BR>chmod 755 /var/qmail/bin/qmailctl <BR><BR>ln -s /var/qmail/bin/qmailctl /usr/bin<BR>ln -s /var/qmail/bin/sendmail /usr/sbin/sendmail<BR>ln -s /var/qmail/bin/sendmail /usr/lib/sendmail <BR><BR># 用daemontools来启动qmail-send和qmail-smtpd<BR>ln -s /var/qmail/supervise/qmail-send /var/qmail/supervise/qmail-smtpd /service <BR><BR>#命令:<BR><BR># 启动,停止,重启,查看队列等<BR>qmailctl start|stop|restart|doqueue|flush|reload|stat|pause|cont|cdb|queue|help <BR><BR><BR># 检查服务<BR>netstat -an | grep 25<BR>ps -ef | grep qmail<BR>ps -efl | grep "service errors" | grep -v grep <BR><BR>日志:<BR><BR>/var/log/maillog<BR>/var/log/qmail/current<BR>/var/log/qmail/pop3d/current<BR>/var/log/qmail/pop3ds/current<BR>/var/log/qmail/smtpd/current<BR><BR>我建议重新回顾一下刚才我们所做的步骤以熟悉对qmail的安装. 下面我们将开始vpopmail的安装.<BR><BR>--------------------------------------------------------------------------------<BR><BR>vpopmail <BR><BR>vpopmail是一个以qmail为基础的虚拟域管理包<BR><BR>vpopmail的用户和组我们前边已经建立了<BR><BR>#配置:<BR><BR>mkdir -p /home/vpopmail/etc <BR><BR># 设置默认域,红色部份改成你要设置的域。<BR>echo "domain.com" > /home/vpopmail/etc/defaultdomain <BR><BR># 设置smtp规则,关闭open relays<BR>echo '127.0.0.1:allow,RELAYCLIENT=""' > /home/vpopmail/etc/tcp.smtp<BR>cd /home/vpopmail/etc ; tcprules tcp.smtp.cdb tcp.smtp.tmp < tcp.smtp <BR><BR># 设置MySQL信息,第一个vpopmail是帐号,xukixu为密码,第二个vpopmail是数据库<BR>echo "localhost|0|vpopmail|xukixu|vpopmail" > /home/vpopmail/etc/vpopmail.mysql<BR><BR>chmod 640 /home/vpopmail/etc/vpopmail.mysql <BR>chown -R vpopmail.vchkpw /home/vpopmail/etc <BR><BR># 在MySQL里添加vpopmail的帐号<BR>mysql -uroot --pxukixu<BR><BR>CREATE DATABASE vpopmail;<BR>GRANT select,insert,update,delete,create,drop ON vpopmail.*<BR>TO vpopmail@localhost IDENTIFIED BY 'xukixu';<BR>FLUSH PRIVILEGES;<BR>QUIT <BR><BR>#安装:<BR><BR>cd /home/pkg/<BR>tar zxvf vpopmail-5.4.7.tar.gz<BR>cd vpopmail-5.4.7<BR><BR># 带数据库支持<BR><BR>./configure --enable-incdir=/usr/include/mysql --enable-libdir=/usr/lib/mysql --disable-roaming-users --enable-logging=p --disable-passwd --enable-clear-passwd --disable-domain-quotas --enable-auth-module=mysql --enable-auth-logging --enable-mysql-logging --disable-valias --disable-mysql-limits<BR><BR>make<BR>make install-strip <BR><BR>#管理:<BR><BR>echo 'export PATH=$PATH:/home/vpopmail/bin' >> /etc/profile<BR>source /etc/profile <BR><BR># 添加域,红色部份前面是域名,后面是管理员(postmaster)密码<BR>vadddomain domain.com xukixu<BR><BR># 添加用户,红色部份为注解,不用输入<BR>vadduser -q 10485760S(邮箱大小) xukixu@domain.com(邮箱帐号) 1234(密码)<BR>vmoduser -c 许靖(邮箱描述) xukixu@domain.com <BR><BR># 设置邮箱容量达到90%的警告信息<BR>vi /home/vpopmail/domains/.quotawarn.msg <BR><BR>From: 邮箱管理员 <BR>Reply-To: postmaster@domain.com<BR>To: 邮箱用户<BR>Subject: 邮箱空间警告<BR>Mime-Version: 1.0<BR>Content-Type: text/html; charset=gb2312<BR>Content-Transfer-Encoding: base64 <BR><BR>您的邮箱空间已经达到90%.如果想继续使用,请删除一些信件.<BR>如果需要帮助,请联系邮箱管理员:<BR>Email : postmaster@domain.com <BR><BR># 设置邮箱已满的警告信息<BR>echo "邮件被拒绝,用户的邮箱空间已满." > /home/vpopmail/domains/.over-quota.msg <BR><BR>#启动脚本:<BR><BR>cp /home/pkg/toaster-scripts-0.6/vpopmailctl /var/qmail/bin<BR>ln -s /var/qmail/bin/vpopmailctl /usr/bin<BR>chmod 755 /var/qmail/bin/vpopmailctl <BR><BR># 用daemontools来启动qmail-pop3d和qmail-pop3ds<BR>ln -s /var/qmail/supervise/qmail-pop3d /service<BR>ln -s /var/qmail/supervise/qmail-pop3ds /service <BR><BR>#命令:<BR><BR># 启动,停止,重启,查看队列等<BR>vpopmailctl start|stop|restart|stat|pause|cont|help <BR><BR># 检查服务<BR>netstat -an | grep 110<BR>ps -ef | grep qmail<BR>ps -efl | grep "service errors" | grep -v grep <BR><BR>#补丁:<BR><BR># 带数据库支持<BR>cd /home/pkg/netqmail-1.05/netqmail-1.05<BR>patch -p0 < /home/pkg/chkuser-0.6.mysql.patch <BR><BR>#修改libmysqlclient.a存在路径<BR>vi conf-mysql<BR>/usr/lib/mysql/libmysqlclient.a<BR>make clean<BR>make<BR>qmailctl stop<BR>make setup check<BR>qmailctl start <BR><BR><BR>安装选项参考:<BR><BR>vpopmail 5.4.7<BR>Current settings<BR>---------------------------------------<BR><BR>vpopmail directory = /home/vpopmail<BR>uid = 89<BR>gid = 89<BR>roaming users = OFF --disable-roaming-users (default)<BR>password learning = OFF --disable-learn-passwords (default)<BR>md5 passwords = ON --enable-md5-passwords (default)<BR>file locking = ON --enable-file-locking (default)<BR>vdelivermail fsync = OFF --disable-file-sync (default)<BR>make seekable = ON --enable-make-seekable (default)<BR>clear passwd = ON --enable-clear-passwd (default)<BR>user dir hashing = ON --enable-users-big-dir (default)<BR>address extensions = OFF --disable-qmail-ext (default)<BR>ip alias = OFF --disable-ip-alias-domains (default)<BR>domain quotas = OFF --disable-domainquotas (default)<BR>auth module = mysql --enable-auth-module=mysql<BR>mysql replication = OFF --disable-mysql-replication (default)<BR>mysql logging = ON --enable-mysql-logging<BR>mysql limits = OFF --disable-mysql-limits (default)<BR>MySQL valias = OFF --disable-valias (default)<BR>auth inc = -I/usr/include/mysql<BR>auth lib = -L/usr/lib/mysql -lmysqlclient -lz -lm<BR>system passwords = OFF --disable-passwd (default)<BR>pop syslog = show failed attempts with clear text password<BR>--enable-logging=p<BR>auth logging = ON --enable-auth-logging (default)<BR>all domains in one SQL table = --enable-many-domains (default)<BR><BR>#POP3和SMTP测试<BR><BR>用outlook测试qmail的smtp和pop3是否正常,注意由于vpopmail支持虚拟域名,所以在outlook中设置邮件帐号时,用户名后要加上域名,如demo@demo.com。smtp是带认证的,在outlook中也要作相应设置。建议先测试正常<BR><BR><BR>后再进行下一步安装。如果qmail出现问题,可查看mysql中的vpopmail数据库,/var/log下的mysqld和maillog日志记录,这样容易很快找出问题。<BR><BR><BR>--------------------------------------------------------------------------------<BR><BR>安装并运行igenus<BR><BR>到http://www.igenus.org下载最新的安装包,我用的是igenus_2.0.2_20040901_release.tgz <BR><BR>#安装:<BR>cd /home/pkg<BR>tar zxvf igenus_2.0.2_20040901_release.tgz -C /var/www/ <BR>cd /var/www/<BR>rm -rf html/<BR>mv igenus html<BR><BR><BR><BR>#建temp文件夹 <BR><BR>cd /var/www/html/<BR>mkdir temp <BR>chmod -R 0755 temp <BR><BR>chown -R vpopmail:vchkpw temp <BR>mkdir /home/netdisk<BR><BR>chmod -R 0755 /home/netdisk <BR>chown -R vpopmail:vchkpw /home/netdisk<BR><BR>chmod -R 0755 /var/www/html/<BR>chown -R vpopmail:vchkpw /var/www/html/<BR><BR><BR>#修改httpd.conf <BR><BR>vi /etc/httpd/conf/httpd.conf<BR>Group vchkpw <BR>User vpopmail <BR>DocumentRoot "/var/www/html/"<BR><BR>AddDefaultCharset GB2312 //使默认页面为中文 <BR><BR>/etc/rc.d/init.d/httpd restart //重启apache,使修改生效 <BR><BR><BR>#修改config_inc.php文件 <BR><BR>cd /var/www/html/config <BR>vi config_inc.php <BR><BR>$CFG_BASEPATH = "/var/www/html/"; \\改成你安装的目录<BR>$CFG_MYSQL_HOST = 'localhost'; <BR>$CFG_MYSQL_USER = 'vpopmail'; \\vpopmail访问mysql的帐号<BR>$CFG_MYSQL_PASS = 'xukixu'; \\vpopmail访问mysql的密码<BR>$CFG_MYSQL_DB = 'vpopmail'; \\数据库<BR>$CFG_TEMP = $CFG_BASEPATh."temp"; \\改成你安装的目录的当前目录下<BR><BR><BR>#重新编制Mysql数据库表格 <BR><BR>#删除之前创建的域名<BR>vdeldomain domain.com<BR><BR>#编辑数据库:<BR>mysql -uroot -pxukixu<BR><BR>use vpopmail;<BR>drop table lastauth;<BR>drop table vpopmail;<BR>quit;<BR><BR>#编辑/var/www/html/docs/iGENUS.sql<BR><BR>vi /var/www/html/docs/iGENUS.sql<BR><BR># phpMyAdmin SQL Dump<BR># version 2.5.3<BR># http://www.phpmyadmin.net<BR>#<BR># Host: localhost<BR># Generation Time: Jun 04, 2004 at 11:26 AM<BR># Server version: 3.23.55<BR># PHP Version: 4.3.0<BR># <BR># Database : `vpopmail`<BR># <BR><BR># --------------------------------------------------------<BR><BR>#<BR># Table structure for table `address`<BR>#<BR><BR>use vpopmail; //加入这一行<BR>CREATE TABLE `address` (<BR>`id` int(11) unsigned NOT NULL auto_increment,<BR>`pw_id` int(5) NOT NULL default '0',<BR>`name` varchar(64) NOT NULL default '',<BR>`email` varchar(128) NOT NULL default '',<BR>UNIQUE KEY `id` (`id`),<BR>KEY `pw_id` (`pw_id`)<BR>) TYPE=MyISAM PACK_KEYS=1 ;<BR><BR># --------------------------------------------------------<BR>。。。。。。。。。<BR>。。。。。。。。。。<BR><BR><BR>CREATE TABLE `vpopmail` (<BR>`pw_id` int(5) unsigned NOT NULL auto_increment,<BR>`pw_name` varchar(32) NOT NULL default '',<BR>`pw_domain` varchar(64) NOT NULL default '',<BR>`pw_passwd` varchar(40) NOT NULL default '',<BR>`pw_uid` int(11) default NULL,<BR>`pw_gid` int(11) default NULL,<BR>`pw_gecos` varchar(48) default NULL,<BR>`pw_dir` varchar(255) default NULL,<BR>`pw_shell` varchar(20) default NULL,<BR>`pw_clear_passwd` varchar(16) default NULL, \\加入这一行 <BR>`createtime` timestamp(14) NOT NULL,<BR>PRIMARY KEY (`pw_id`),<BR>KEY `pw_name` (`pw_name`,`pw_domain`)<BR>) TYPE=MyISAM PACK_KEYS=1 ;<BR><BR>运行<BR>#mysql -uroot -pxukixu </var/www/html/docs/iGENUS.sql 导入数据表。<BR><BR><BR><BR><BR>#设置igenus 定义允许上传下载的邮件的大小<BR><BR>vi /etc/php.ini<BR>#编辑/etc/php.ini<BR><BR>max_execution_time=60<BR>memory_limit=20M<BR>post_max_size = 10M<BR>file_uploads=on<BR>upload_max_filesize=10M<BR>register_globals=On<BR>session.bug_compat_42=0<BR>session.bug_compat_warn=0<BR>sendmail_path = /var/qmail/bin/qmail-inject<BR><BR><BR>vi /etc/httpd/conf/httpd.conf<BR>#编辑/etc/http/conf/httpd.conf <BR><BR><BR>AddType application/x-httpd-php .php<BR>AddType application/x-httpd-php-source .phps<BR>DirectoryIndex index.php index.html<BR>NameVirtualHost *:80<BR><VirtualHost *:80><BR>ServerName mail.domain.net<BR>DocumentRoot /var/www/html<BR></VirtualHost><BR><BR><BR>#重启apache: <BR>#service httpd restart<BR><BR><BR>#如果需要,用vadddomain和vadduser添加新域名和新用户。<BR><BR>最后打开浏览器,输入http://domain.com/,就可以访问网站了。<BR><BR><BR>#Qmail限制附件的大小 <BR><BR>在/var/qmail/control/databytes 文件中设置附件的大小,可以实现对qmail附件大小的限制,一般安装完成后,这个文件是没有的,你可以自己创建。 <BR>smtp方式是以qmail的databytes作限制的 <BR>创建databytes并设置邮件最大为4m <BR><BR># echo 4000000 >/var/qmail/control/databyte<BR><BR><BR>#限制单域的邮箱数量 <BR><BR>vi /home/vpopmail/domains/domain.com/.qmailadmin-limits <BR><BR>maxpopaccounts 200 <BR>default_quota 52428800s <BR><BR>chmod 700 /home/vpopmail/domains/domain.com/.qmailadmin-limits <BR>chwod vpopmail:vchkpw /home/vpopmail/domains/domain.com/.qmailadmin-limits <BR><BR>这样就把邮箱总数限制在200个,每个邮箱为50M了 <BR><BR><BR><BR>#用qmail封mailfrom <BR><BR>vi/var/qmail/control/badmailfrom<BR><BR>这个控制文件实现拒收邮件功能的,每一个地址要单独一行。而且,不用重起qmail就能生效。例如:<BR><BR>peng@96633.net -----限制一个特定的用户 <BR>@sina.com -----限制整个域中的邮件 <BR><BR><BR>--------------------------------------------------------------------------------<BR><BR>安装并运行iGenus_Admin <BR>iGenus_Admin安装 <BR><BR>#下载 <BR>从www.igenus.org 下载igenus_admin的安装文件igenus_admin_0.1.tgz到/home/pkg <BR><BR>#安装 <BR>cd /home/pkg<BR>tar -xzvf igenus_admin_0.1.tgz -C /var/www/html/ <BR><BR>#设置<BR><BR>vi /var/www/html/admin/includes/config_inc.php <BR><BR><?php <BR>/*- <BR>* iGENUS webmail <BR>* <BR>* Copyright (c) 1999-2002 by iGENUS Org. <BR>* All rights reserved. <BR>* Author: Wu Qiong <wuqiong@sczg.com> <BR>* <BR>* $Id: config_inc.php,v 1.11 2004/03/23 13:59:12 wuqiong Exp $ <BR>*/ <BR><BR>if(!defined("INCLUDE_CONFIG_OK")) { <BR>define("INCLUDE_CONFIG_OK","TRUE"); <BR><BR>/* gid flags defind by vpopmail.h */ <BR><BR>// define('NO_PASSWD_CHNG',0x01); <BR>define('NO_POP', 0x02); <BR>define('NO_WEBMAIL', 0x04); <BR>// define('NO_IMAP', 0x08); <BR>// define('BOUNCE_MAIL', 0x10); <BR>// define('NO_RELAY', 0x20); <BR>// define('NO_DIALUP', 0x40); <BR>// define('V_USER0', 0x080); <BR>// define('V_USER1', 0x100); <BR>// define('V_USER2', 0x200); <BR>// define('V_USER3', 0x400); <BR>define('NO_SMTP', 0x800); <BR>// define('QA_ADMIN', 0x1000); <BR><BR>$CFG_VPOPMAIL_HOST = "localhost"; <BR>$CFG_VPOPMAIL_USER = "vpopmail"; \\改为你的帐号 <BR>$CFG_VPOPMAIL_PASS = "vpopmail"; \\改为你的密码 <BR>$CFG_VPOPMAIL_DB = "vpopmail"; <BR>$CFG_VPOPMAIL_TABLE = "vpopmail"; <BR>$CFG_ADMIN_TABLE = "admin"; <BR>$CFG_LAGESITE = true; <BR>$CFG_NUMOFPAGE = 20; <BR><BR>$CFG_MAILBOX['inbox'] = "."; <BR>$CFG_MAILBOX['outbox'] = ".Outbox"; <BR>$CFG_MAILBOX['draft'] = ".Draft"; <BR>$CFG_MAILBOX['trash'] = ".Trash"; <BR><BR>$CFG_VPOPMAIL_PATH = "/home/vpopmail"; \\改为你的vpopmail安装目录 <BR>// $CFG_VPOPMAIL_PATH = "/home2/vpopmail"; <BR><BR>$CFG_SYSADMIN_NAME = "Admin"; <BR>$CFG_SYSADMIN_PASSWD= '$1$GvmONIco$0SwBB.mEoP3KJ5Zda7ioV0'; <BR><BR>$CFG_SYSADMIN_PASSWD_FILE = $CFG_VPOPMAIL_PATH . "/etc/syspasswd.dat"; <BR>$CFG_TIMEOUT = 600; <BR><BR>$CFG_IGENUS_ADM = "iGENUS邮件系统管理"; <BR><BR>$CFG_TEMPLATE_PATH = "template/"; <BR>} <BR>?> <BR><BR>#保存退出 <BR><BR>touch /etc/syspasswd.dat<BR><BR>chown -R vpopmail.vchkpw /var/www/html <BR>chmod -R 755 /var/www/html<BR>chown root /home/vpopmail/bin/vadddomain <BR>chmod a+s /home/vpopmail/bin/vadddomain <BR>chmod 4711 /home/vpopmail/bin/vadddomain <BR>chmod 4711 /home/vpopmail/bin/vdeldomain <BR><BR>#登录设置页面 <BR>http;//domain.com/admin/sys/ <BR><BR>用户:Admin密码Admin来登录.注意A要大写..这个管理帐号密码登录后可以改的 <BR><BR>登录后,首先点"更新数据库"你就会看见你的域名啦.然后点"编辑"把"登录权限 该域管理员(Postmaster)有权登录进行用户管理"这一项打勾,确认后,就可以用 <BR><BR>http;//domain.com/admin/ <BR><BR>来登录管理了。<BR><BR>--------------------------------------------------------------------------------<BR><BR>courier-imap<BR><BR>Courier-IMAP支持IMAP/SIMAP访问<BR><BR>#安装:<BR><BR>cd /home/pkg<BR>tar -xjf courier-imap-2.2.2.20040207.tar.bz2<BR>cd courier-imap-2.2.2.20040207 <BR><BR># 作为vpopmail用户进行安装<BR>chown -R vpopmail:vchkpw ../courier-imap-2.2.2.20040207<BR>su vpopmail<BR>./configure --with-redhat<BR># 注:Redhat用户需要使用"--with-redhat"选项<BR><BR>make<BR>exit<BR>make install-strip<BR>make install-configure<BR><BR>cp courier-imap.sysvinit /etc/rc.d/init.d/courier-imap<BR>chmod 755 /etc/rc.d/init.d/courier-imap<BR>chkconfig --add courier-imap <BR><BR>#配置:<BR><BR># 修改文件/usr/lib/courier-imap/etc/authdaemonrc <BR><BR>authmodulelist="authvchkpw" <BR><BR># 修改文件/usr/lib/courier-imap/etc/imapd <BR><BR>IMAPDSTART=YES <BR><BR># 修改文件/usr/lib/courier-imap/etc/imapd-ssl <BR><BR>IMAPDSSLSTART=YES <BR><BR><BR>#启动:<BR><BR><BR>/etc/rc.d/init.d/courier-imap start <BR><BR><BR>--------------------------------------------------------------------------------<BR><BR>autorespond <BR>Autorespond是一个自动回复工具,可以很好的与qmailadmin配合使用<BR><BR>#安装:<BR><BR>cd /home/pkg<BR>tar -xvzf autorespond-2.0.5.tar.gz<BR>cd autorespond-2.0.5<BR>make<BR>make install <BR><BR><BR>--------------------------------------------------------------------------------<BR><BR>ezmlm <BR>exmlm是一个快速,强大的邮件列表程序,可以通过qmailadmin对其进行配置<BR><BR>#安装:<BR><BR>cd /home/pkg<BR>tar -xvzf ezmlm-0.53.tar.gz<BR>tar -xvzf ezmlm-idx-0.42.tar.gz<BR>cp -rf ezmlm-idx-0.42/* ezmlm-0.53/<BR>cd ezmlm-0.53<BR>patch < idx.patch<BR>chmod u+x makelang<BR><BR><BR>make<BR>make man <BR>make ch_GB #汉字GB2312支持 <BR><BR>make setup <BR><BR><BR>-------------------------------------------------------------------------------<BR><BR>qmailadmin <BR>qmailadmin除了不能添加删除虚拟域外,几乎可以完成所有的虚拟域管理 <BR><BR>#安装:<BR><BR>cd /home/pkg<BR>tar -xvzf qmailadmin-1.2.3.tar.gz<BR>cd qmailadmin-1.2.3 <BR><BR>./configure --enable-htmldir=/var/www/html --enable-cgibindir=/var/www/cgi-bin --enable-vpopuser=vpopmail --enable-autoresponder-bin=/usr/bin --disable-ezmlm-mysql --enable-maxusersperpage=20 --enable-maxaliasesperpage=20 --disable-modify-quota <BR><BR>make<BR>make install-strip<BR>cd /usr/local/share/qmailadmin/lang<BR>mv en en.bak<BR>cp zh-cn en <BR><BR>安装选项参考:<BR><BR><BR>qmailadmin 1.2.3<BR>Current settings<BR>---------------------------------------<BR>cgi-bin dir = /var/www/cgi-bin<BR>html dir = /var/www/html<BR>image dir = /var/www/html/images/qmailadmin<BR>image URL = /images/qmailadmin<BR>template dir = /usr/local/share/qmailadmin<BR>qmail dir = /var/qmail<BR>vpopmail dir = /home/vpopmail<BR>autorespond dir = /usr/bin<BR>ezmlm dir = /var/qmail/bin/ezmlm<BR>ezmlm idx = yes<BR>mysql for ezmlm = yes<BR>help = no<BR>modify quota = yes<BR>domain autofill = no<BR>modify spam check = no <BR><BR><BR>--------------------------------------------------------------------------------<BR><BR>vqadmin<BR><BR>vqadmin是一个基于web 的控制通道. 它允许系统管理员可以执行root用户才能进行的操作. <BR><BR>cd /home/pkg<BR>tar -zxf vqadmin-2.3.6.tar.gz <BR>cd vqadmin-2.3.6<BR><BR>vi db_owner.c <BR><BR>static const char *host="localhost";<BR>static const char *user="vpopmail";<BR>static const char *passwd="xukixu"; /* NULL for no password */<BR>static const char *db="vpopmail";<BR><BR>./configure <BR>make<BR>make install<BR><BR><BR>#现在我们需要将下面几行添加到httpd.conf文件中:<BR><BR>vi /etc/httpd/conf/httpd.conf<BR><BR><Directory "/var/www/cgi-bin/vqadmin"><BR>deny from all<BR>Options ExecCGI<BR>AllowOverride AuthConfig<BR>Order deny,allow<BR></Directory> <BR><BR>#保存文件并退出.<BR><BR>cd /var/www/cgi-bin/vqadmin<BR><BR>chown nobody .htaccess<BR>chmod 600 .htaccess<BR><BR># 创建一个管理帐号及密码<BR>htpasswd -bc /etc/httpd/conf/vqadmin.passwd admin(帐号) adminpass(密码)<BR>chown nobody.nobody /etc/httpd/conf/vqadmin.passwd<BR><BR>chmod 644 /etc/httpd/conf/vqadmin.passwd<BR><BR>chown -R vpopmail.vchkpw /var/www/cgi-bin<BR><BR><BR>#编辑.htaccess<BR><BR>vi .htaccess<BR><BR>AuthType Basic<BR>AuthUserFile /etc/httpd/conf/vqadmin.passwd<BR>AuthName vQadmin<BR>require valid-user<BR>satisfy any<BR><BR>service httpd restart<BR>在你的浏览器上测试一下安装结果:<BR><BR>http://www.domain.com/cgi-bin/vqadmin/vqadmin.cgi<BR><BR><BR>--------------------------------------------------------------------------------<BR><BR>SpamAssassin <BR>安装 SpamAssassin<BR>Spam是一个让人讨厌的字眼. 大部分的人都不喜欢它. 如果你想保护自己免受spam, 你就需要安装SpamAssassin.<BR><BR>安装SpamAssassin 要用到Time-HiRes、Digest-SHA1、HTML-Parser、perl-DB_File和HTML-Tagset. 如果你没有安装的话,必须首先安装它,此文件均在RHAS3安装光盘第二和第三张中。对应的软件包为:<BR><BR><BR>perl-Time-HiRes-1.38-3.i386.rpm<BR>perl-Digest-SHA1-2.01-15.1.i386.rpm<BR>perl-HTML-Parser-3.26-17.i386.rpm<BR>perl-HTML-Tagset-3.03-28.noarch.rpm<BR>perl-DB_File-1.804-88.i386.rpm<BR><BR><BR># 安装SpamAssassin<BR><BR>groupadd spamd<BR>useradd -g spamd -s /bin/false spamd<BR><BR>cd /home/pkg<BR>tar -xzvf Mail-SpamAssassin-3.0.1.tar.gz<BR>cd Mail-SpamAssassin-3.0.1<BR><BR>export LC_ALL=C<BR>perl Makefile.PL<BR>make<BR>make install<BR><BR>#我们想要SpamAssassin 随系统自动启动,安装目录中提供了一个起动脚本<BR><BR>cp spamd/redhat-rc-script.sh /etc/rc.d/init.d/spamd<BR>vi /etc/rc.d/init.d/spamd<BR><BR>SPAMDOPTIONS="-d -c -u spamd -H /home/spamd -m5"<BR><BR>#修改其中一行为上所示。<BR><BR>chmod 755 /etc/rc.d/init.d/spamd<BR>chkconfig --add spamd<BR><BR>#spamassassin的过滤模板在/etc/mail/spamassassin/local.cf,修改为:<BR><BR>vi /etc/mail/spamassassin/local.cf<BR><BR>required_hits 5.0 <BR>rewrite_subject 1 <BR>subject_tag ********SPAM******** <BR>report_safe 1 <BR>defang_mime 0 <BR>rewrite_subject 0 <BR>report_header 1 <BR>use_terse_report 1 <BR>use_bayes 1 <BR>auto_learn 1 <BR>skip_rbl_checks 1 <BR>use_razor2 0 <BR>use_dcc 0 <BR>use_pyzor 0 <BR><BR>score SUBJ_FULL_OF_8BITS 0.0 <BR>score BASE64_ENC_TEXT 0.0 <BR>score BAYES_99 0.1 <BR>score BAYES_90 0.1 <BR>score SUBJ_ILLEGAL_CHARS 0.1 <BR>score FROM_ILLEGAL_CHARS 0.5 <BR>score HEAD_ILLEGAL_CHARS 0.5 <BR>score MIME_BASE64_TEXT 0.5 <BR>ok_locales en zh <BR><BR><BR>chmod 755 /etc/rc.d/init.d/spamd<BR>chkconfig --add spamd<BR>service spamd start<BR><BR>#运行ntsysv,将spamd设定的为开机运行.<BR><BR># 进行一个spam和non-spam的测试<BR><BR>spamassassin -t < sample-spam.txt > spamtest.txt<BR>less spamtest.txt<BR>spamassassin -t < sample-nonspam.txt > nospamtest.txt<BR>less nospamtest.txt <BR>#spamtest.txt文件在主题一段中将包含"*****SPAM*****" 这一行, 而nospamtest.txt文件中则没有.<BR><BR>#建立SpamAssassin的学习系统 <BR>sa-learn --rebuild -D -p user_prefs <BR><BR>sa-learn --dump all 可以查看自学习的数据信息 <BR><BR><BR>--------------------------------------------------------------------------------<BR><BR>Clamav <BR>#添加所需的组和用户<BR><BR>groupadd clamav<BR>useradd -g clamav -s /bin/false clamav<BR><BR>#安装软件<BR><BR>cd /home/pkg <BR>tar -xzvf clamav-0.80.tar.gz<BR>cd clamav-0.80<BR>./configure<BR>make check<BR>make install<BR><BR>#测试Clamav <BR>clamscan --recursive --log=/tmp/clamscan.log ./ //扫描当前目录,测试clamscn是否运行<BR>cat /tmp/clamscan.log<BR><BR>#更改/usr/local/etc/freshclam.conf文件,去掉下面选项前面的#:<BR>vi /usr/local/etc/freshclam.conf<BR><BR>#Example \\前面加上# <BR>UpdateLogFile /var/log/freshclam.log \\去掉前面的#<BR>LogSyslog \\去掉前面的#<BR><BR>更改/usr/local/etc/clamd.conf文件,去掉下面选项前面的#: <BR>vi /usr/local/etc/clamd.conf<BR><BR>#Example \\前面加上# <BR>LogFile /var/log/clamav/clamd.log \\去掉前面的# <BR>LogFileMaxSize 2M \\去掉前面的# <BR>LogTime \\去掉前面的# <BR>PidFile /var/run/clamd.pid \\去掉前面的# <BR>DatabaseDirectory /var/lib/clamav \\去掉前面的#,并且修改路径为/usr/local/share/clamav <BR>LogSyslog \\去掉前面的#<BR>ScanMail \\去掉前面的#<BR><BR><BR>touch /var/log/freshclam.log <BR>chmod 644 /var/log/freshclam.log <BR>chown clamav:clamav /var/log/freshclam.log <BR><BR>#升级clamscan病毒库<BR>freshclam --verbose<BR><BR>#把freshclam加入crontab 定时更新病毒库,自动扫描/home目录<BR><BR>crontab -e<BR><BR>0 1 * * * freshclam --quiet -l /var/log/freshclam.log<BR>0 6 * * * /usr/local/bin/clamscan --recursive --infected --exclude /usr/local/share/clamav/viruses.db --exclude /usr/local/share/clamav/viruses.db2 --log=/var/log/clamscan.log /home<BR><BR><BR>#创建freshclam日志记录文件<BR><BR>mkdir -p /var/log/clamav<BR>touch /var/log/clamav/clamd.log<BR>chown clamav.clamav -R /var/log/clamav/<BR>chmod 644 -R /var/log/clamav/ <BR><BR>#创建clamav启动脚本<BR>vi /etc/rc.d/init.d/clamav<BR><BR>#!/bin/sh<BR>#<BR># Startup / shutdown script for Clam Antivirus<BR><BR><BR>case "$1" in<BR>start)<BR>/usr/local/sbin/clamd && echo -n 'Clamd started'<BR>/usr/local/bin/freshclam -d -c 2 -l /var/log/freshclam.log<BR>echo -n ' freshclam started'<BR>;;<BR><BR>stop)<BR>/usr/bin/killall clamd > /dev/null 2>&1 && echo -n 'Clamd stoped'<BR>/usr/bin/killall freshclam > /dev/null 2>&1 && echo -n ' freshclam Stoped'<BR>;;<BR><BR>*)<BR>echo ""<BR>echo "Usage: `basename $0` { start | stop }"<BR>echo ""<BR>exit 64<BR>;;<BR>esac<BR><BR>#使其能够执行<BR>chmod 755 /etc/rc.d/init.d/clamav<BR><BR>#随开机起动<BR>echo /etc/rc.d/init.d/clamav start >/etc/rc.d/rc.local<BR><BR><BR>--------------------------------------------------------------------------------<BR><BR>MailDrop and TNEF reader <BR>TNEF是一个从"application/ms-tnef". 类型中找出MIME附件的程序.这仅仅是微软系统中的一种附件.<BR><BR>TNEF程序允许将封装成TNEF的附件提取出来. 安装TNEF并不是必须的, 但我强烈推荐安装它!<BR><BR># 安装 maildrop<BR>cd /home/pkg<BR>tar -xjvf maildrop-1.7.0.tar.bz2<BR>cd maildrop-1.7.0<BR>./configure<BR>make<BR>make install-strip<BR>make install-man<BR><BR># 安装 the tnef<BR>cd /home/pkg<BR>tar -xzvf tnef-1.2.3.1.tar.gz<BR>cd tnef-1.2.3.1<BR>./configure<BR>make<BR>make install<BR><BR>#使用Maildrop调用SpamAssassin <BR><BR>#在/home/vpopmail/domains/localhost.com(你创建的域)/ 建立mailfilter文件 <BR>touch mailfilter <BR>chown vpopmail:vchkpw mailfilter <BR>chmod 700 mailfilter <BR><BR>vi mailfilter<BR><BR>#mailfilter内容如下: <BR><BR>VPOP="| /home/vpopmail/bin/vdelivermail '' bounce-no-mailbox" <BR>VHOME=`/home/vpopmail/bin/vuserinfo -d $EXT@$HOST` <BR><BR>if ( $SIZE < 262144 ) <BR>{ <BR>exception { <BR>xfilter "/usr/bin/spamc -f -u $EXT@$HOST" <BR>} <BR>} <BR><BR>if (/^X-Spam-Flag: YES/) <BR>{ <BR># try filtering it using user-defined rules <BR>exception { <BR>include $VHOME/Maildir/.mailfilter <BR>} <BR># then try delivering it to a Spam folder <BR>exception { <BR># to "$VPOP" <BR>to "$VHOME/Maildir/.Spam/" <BR>} <BR># ah well, I guess they'll just have to live with disappointment <BR>exception { <BR>to "$VPOP" <BR>} <BR>} <BR>else <BR>{ <BR>exception { <BR>include $VHOME/Maildir/.mailfilter <BR>} <BR>exception { <BR>to "$VPOP" <BR>} <BR>} <BR><BR>#修改.qmail-default内容如下:<BR><BR>| /usr/local/bin/maildrop ./mailfilter<BR><BR><BR>--------------------------------------------------------------------------------<BR><BR><BR>qmail-scanner&qms-analog <BR>为了能够扫描邮件服务器中进出的邮件, 我们需要安装 qmail-scanner. 如果你之前没有安装perl-suidperl,我们还需要安装它<BR><BR>cd /home/pkg<BR>rpm -Uvh perl-suidperl-5.8.0-88.3.i386.rpm<BR><BR>#解开qmail-scanner...<BR><BR>tar zxvf qmail-scanner-1.22.tgz<BR><BR>#解压qms-analog...<BR><BR>tar zxvf qms-analog-0.3.4.tar.gz<BR><BR>cd qms-analog-0.3.4<BR><BR>make all<BR><BR>#下一步,我们拷贝所需要的qms-analog文件到qmail-scanner安装目录<BR><BR>cp qmail-scanner-1.22-st-qms-20040530.patch /home/pkg/qmail-scanner-1.22/<BR><BR>cp qms-config-script /home/pkg/qmail-scanner-1.22/<BR><BR>#现在,让我们打上qms-analog补丁<BR><BR>cd /home/pkg/qmail-scanner-1.22<BR><BR>chmod 755 qms-config-script <BR><BR>patch -p1 < qmail-scanner-1.22-st-qms-20040530.patch <BR><BR>#继续安装qmail-scanner,添加所需的组和用户<BR><BR>groupadd qscand<BR>useradd -g qscand -s /bin/false qscand<BR><BR>#我们通过qms-config-script脚本来安装qmail-scanner,编辑qms-config-script<BR><BR>vi qms-config-script<BR><BR>#修改下面红色部份以达到我们的需求:<BR><BR>#!/bin/sh<BR><BR>if [ "$1" != "install" ]; then<BR>INSTALL=<BR>else<BR>INSTALL="--install"<BR>fi<BR><BR>./configure --domain domain.com \<BR>--qmail-queue-binary /var/qmail/bin/qmail-queue \<BR>--admin postmaster \<BR>--local-domains "domain1.com,domain2.com,......" \<BR>--add-dscr-hdrs yes \<BR>--dscr-hdrs-text "X-Antivirus-MYDOMAIN" \<BR>--ignore-eol-check yes \<BR>--sa-quarantine 0 \<BR>--sa-delete 0 \<BR>--sa-reject no \<BR>--sa-subject ":SPAM:" \<BR>--sa-alt yes \<BR>--sa-debug no \<BR>--notify admin \<BR>--redundant yes \<BR>--lang en_GB \<BR>--debug no \<BR>--unzip yes \<BR>--scanners clamscan,verbose_spamassassin \<BR>"$INSTALL"<BR><BR>#注意: "--admin" 和 "--domain" 参数组成了帐号"user"@"domain name". 警告消息将通过qmail-scanner 发往这个邮件帐号, 所以必须确认这是一个管理级别的帐号. 另外,所有域的警告信息都会发给这个帐号, 所以一定要小心. <BR><BR>#保存并退出。<BR><BR>#现在我们测试qmail-scanner安装<BR><BR>./qms-config-script<BR><BR>#在第一步时, 按y 允许qmail-scanner提前configure. 第二步时, 按y,建立 qmail-queue-scanner.pl 文件.<BR><BR>#测试如果没有错误 ,就可以进行下一步安装<BR><BR>./qms-config-script install <BR><BR>#看看/var/qmail/bin/qmail-scanner-queue.pl是否存在<BR><BR>chown qscand:qscand /var/qmail/bin/qmail-scanner-queue.pl<BR>chmod 4755 /var/qmail/bin/qmail-scanner-queue.pl<BR><BR>#然后用一个普通用户登陆,执行/var/qmail/bin/qmail-scanner-queue.pl -z <BR><BR>setuidgid qscand /var/qmail/bin/qmail-scanner-queue.pl -z //如果没有Can't do setuid出现,安装OK <BR>setuidgid qscand /var/qmail/bin/qmail-scanner-queue.pl -r //查看qmailscan当前包含的特征<BR>setuidgid qscand /var/qmail/bin/qmail-scanner-queue.pl -g //保存qmailscan定义特征的修改,使他生效。 <BR><BR>chown qscand:qscand /var/qmail/bin/qmail-scanner-queue.pl <BR>chmod 4755 /var/qmail/bin/qmail-scanner-queue.pl <BR><BR><BR>chown -R qscand:qscand /var/spool/qmailscan<BR><BR>vi /var/qmail/supervise/qmail-smtpd/run<BR><BR>#在你的qmail启动脚本加入红色部份<BR>#!/bin/sh<BR>QMAILDUID=`id -u vpopmail`<BR>NOFILESGID=`id -g vpopmail`<BR>PATH=$PATH:/usr/local/bin:/var/qmail/bin<BR>QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl" export QMAILQUEUE<BR>MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`<BR>exec /usr/local/bin/softlimit -m 40000000 \<BR>/usr/local/bin/tcpserver -v -H -R -l 0 \<BR>-x /home/vpopmail/etc/tcp.smtp.cdb -c "$MAXSMTPD" \<BR>-u "$QMAILDUID" -g "$NOFILESGID" 0 smtp \<BR>/var/qmail/bin/qmail-smtpd \<BR>/home/vpopmail/bin/vchkpw /bin/true 2>&1<BR><BR>#后重新启动smtp服务 <BR><BR>qmailctl stop<BR>qmailctl start<BR>qmailctl stat<BR><BR>#这里有测试程序 <BR><BR>cd /home/pkg/qmail-scanner-1.22/contrib/<BR><BR>chmod 755 test_installation.sh<BR><BR>./test_installation.sh -doit<BR><BR>#这个脚本会设定的管理员邮件地址发送3个邮件,第一个邮件是一般的正常邮件,第二个邮件中会包含eicar.com测试病毒,第三个邮件同样包含eicar.com测试病毒,不过所附带的文件名不是eicar.com。 <BR>#如果qmail-scanner安装正确,管理员就应该可以收到关于后面的两个邮件的警告邮件。 <BR>#如果系统出错,可以查看/var/spool/qmailscan/qmail-queue.log日志文件。 <BR>#qmail-scanner的特征过滤在/var/spool/qmailscan/quarantine-attachments.txt<BR><BR>#主要的排错监测日志 <BR><BR>/var/spool/qmailscan/quarantine.log <BR>/var/spool/qmailscan/qmail-queue.log<BR>/var/spool/qmailscan/qms-events.log<BR>/var/log/clamav/clamd.log <BR>/var/log/maillog <BR><BR><BR>--------------------------------------------------------------------------------<BR><BR>QmailAnalog & qlogtools <BR>Qmailanalog针对qmail的日志进行一些最基本的分析,并将结果发送到你指定的位置。在我的方案中,设置qmailanalog每天晚上运行,并将结果发送给管理员。 在使用qmailanalog时,我们还将会用到qlogtools软件包。<BR><BR><BR>qlogtools提供一系列分析qmail日志的工具,这些工具将文件中诲涩难懂的日志转换成便於我们阅读和能够理解的报告。当安装完成Qmailstats和Qlogtools后,我将会创建一个脚本让它每天晚上运行,并将报告发送到管理<BR><BR><BR>员邮箱。这个脚本也可用到我们先前安装的qms-analog,qms-analog将会提供qmail-scanner运行状态报告。<BR><BR>#先安装qmailanalog<BR><BR>cd /home/pkg/<BR>tar zxvf qmailanalog-0.70.tar.gz<BR>cd qmailanalog-0.70<BR><BR>patch < /home/pkg/qmailanalog-0.70.errno.patch<BR>make && make setup check<BR><BR>#安装qlogtools<BR><BR>cd /home/pkg/<BR>tar zxvf qlogtools-3.1.tar.gz<BR>cd qlogtools-3.1<BR>patch < /home/pkg/qlogtools_errno.patch<BR><BR>make<BR><BR>./installer<BR><BR>#现在我们要创建一个脚本,并将它添加到cron,让其每天晚上运行并产生报告。<BR><BR>#下面是一个可靠的脚本,它将会收集qmailanalog输出的信息并产生报告。<BR><BR>#红色部份改成你的域名。<BR>vi /var/qmail/bin/qmailstats<BR><BR>#!/bin/sh<BR># Qmailanalog invocation script<BR>PATH=/usr/local/qmailanalog/bin:/var/qmail/bin:/bin:/usr/bin:/usr/local/bin<BR>QMAILSTATS="/tmp/q.$$"<BR>EMAILMSG="/tmp/qms.$$"<BR>umask 077<BR>cat /var/log/qmail/* /var/log/qmail/pop3d/* /var/log/qmail/pop3ds/* /var/log/qmail/smtpd/* | tai64n2tai | awk '{$1=substr($1,1,index($1,".")+6);print}' | matchup > $QMAILSTATS 5>/dev/null<BR><BR>DATE=`date +'%D'`<BR><BR>echo "To: postmaster@yourdomain.com" > $EMAILMSG<BR>echo "From: postmaster@yourdomain.com" >> $EMAILMSG<BR>echo "Subject: Nightly Qmail Stats Report for $DATE" >> $EMAILMSG<BR>echo "" >> $EMAILMSG<BR>echo "" >> $EMAILMSG<BR>echo "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~" >> $EMAILMSG<BR>zoverall < $QMAILSTATS >> $EMAILMSG<BR>echo "" >> $EMAILMSG<BR>echo "" >> $EMAILMSG<BR>echo "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~" >> $EMAILMSG<BR>zfailures < $QMAILSTATS >> $EMAILMSG<BR>echo "" >> $EMAILMSG<BR>echo "" >> $EMAILMSG<BR>echo "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~" >> $EMAILMSG<BR>zdeferrals < $QMAILSTATS >> $EMAILMSG<BR>echo "" >> $EMAILMSG<BR>echo "" >> $EMAILMSG<BR>echo "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~" >> $EMAILMSG<BR>echo "~~~~~~~~~~~~~~~~~~~~~~~~~~ L a s t 2 4 H o u r s ~~~~~~~~~~~~~~~~~~~~~~~~~~~" >> $EMAILMSG<BR>cat /var/spool/qmailscan/qms-events.log | qms-analog 24 >> $EMAILMSG<BR>echo "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~" >> $EMAILMSG<BR>echo "~~~~~~~~~~~~~~~~~~~~~~~~~~~~ A l l R e c o r d s ~~~~~~~~~~~~~~~~~~~~~~~~~~~~" >> $EMAILMSG<BR>cat /var/spool/qmailscan/qms-events.log | qms-analog 0 >> $EMAILMSG<BR>cat $EMAILMSG | qmail-inject<BR><BR>rm -f $QMAILSTATS<BR>rm -f $EMAILMSG<BR><BR><BR>#设置此脚本可执行<BR><BR>chmod 750 /var/qmail/bin/qmailstats<BR><BR>#现在,让我们运行脚本<BR><BR>/var/qmail/bin/qmailstats<BR><BR>#确认你的管理员邮箱,你将会收到一份非常详尽的报告。<BR><BR>#如果测试运行正常,那就加入cron让其每天早上3点运行。<BR><BR>crontab -e<BR>0 3 * * * /var/qmail/bin/qmailstats 1>/dev/null 2>/dev/null <BR><BR><BR>--------------------------------------------------------------------------------<BR><BR>isoqlog <BR>isoqlog是一个qmail日志分析工具,它是用perl写的,可以分析和统计qmail的运行日志,并生成漂亮的HTML格式的报表,如果服务器上已经安装WEB服务,管理员就可以通过浏览器来查看这些报表。相对于<BR><BR><BR>qmailanalog,isoqlog分析的项目稍微少一些。<BR><BR>isoqlog可以生成多个邮件域的报表;对于每个邮件域,isoqlog可以统计出每天、每月、每年的邮件流量以及字节数,还生成相应的统计柱状图;对于每天的报表,isoqlog可以根据邮件投递的数量以及字节数的多少来对邮<BR><BR><BR>件用户进行排列。<BR><BR>#安装isoqlog<BR><BR>cd /home/pkg<BR>tar zxvf isoqlog-2.1.1.tar.gz<BR>cd isoqlog-2.1.1<BR>./configure <BR>make<BR>make install<BR>make clean<BR><BR>cd isoqlog<BR><BR>mkdir /var/www/html/isoqlog <BR>cp -pr ./htmltemp/images ./htmltemp/library /var/www/html/isoqlog <BR><BR><BR>#配置isoqlog<BR>cd /usr/local/etc<BR>mv isoqlog.conf-dist isoqlog.conf<BR><BR>vi isoqlog.conf<BR><BR>#将下面红色部份改成你的安装目录和主机名称。<BR><BR>#isoqlog Configuration file<BR><BR>logtype = "qmail-multilog" #log type qmai-multilog, qmail-syslog, sendmail, postfix<BR>logstore = "/var/log/qmail" #<BR>domainsfile = "/usr/local/etc/isoqlog.domains" #<BR>outputdir = "/var/www/html/isoqlog" #html outpur directory<BR>htmldir = "/usr/local/share/isoqlog/htmltemp"<BR>langfile = "/usr/local/share/isoqlog/lang/english"<BR>hostname = "mail.domain.com"<BR><BR>maxsender = 100<BR>maxreceiver = 100<BR>maxtotal = 100<BR><BR>maxbyte = 100<BR><BR><BR>#保存并退出。<BR><BR>#下一步是告诉isoqlog哪些虚拟域需要产生统计报表,我希望我的mail服务器能够报告每个域的状态,所以只需要简单的创建了个链接即可:<BR><BR>ln -s /var/qmail/control/rcpthosts isoqlog.domains<BR><BR>#现在,isoqlog应该能够正常运行了,运行如下命令测试一下效果:<BR><BR>/usr/local/bin/isoqlog<BR><BR>#通过如下页面查看输出结果:<BR><BR>http://domain.com/isoqlog<BR><BR>#你可以点击各个虚拟域名称显示其报表。<BR><BR><BR>#我们希望isoqlog能够即时提供报表,将如下内容加入crontab<BR><BR>crontab -e<BR>58 * * * * /usr/local/bin/isoqlog 1>/dev/null 2>/dev/null<BR><BR>#每个小时的第58分钟运行一次<BR><BR><BR>--------------------------------------------------------------------------------<BR><BR><BR>MRTG <BR>安装 MRTG<BR>多路由器通信监视器(MRTG)是在网络链路上监控通信负载的一件工具。 MRTG 产生包含图表的HTML网页,它可以将系统中的通信情况实时的显示在页面上。 我们可以在我们的系统上使用它来监控电子邮件和spam情况。 <BR><BR># 安装 zlib (压缩的图形文件包)<BR>cd /home/pkg<BR>tar -xzf zlib-1.1.4.tar.gz<BR>mv zlib-1.1.4/ zlib<BR>cd zlib<BR>./configure<BR>make<BR>cd ..<BR><BR># 安装 libpng (PNG图片格式包)<BR>tar -xzf libpng-1.2.7.tar.gz<BR>mv libpng-1.2.7/ libpng<BR>cd libpng<BR>make -f scripts/makefile.std CC=gcc ZLIBLIB=../zlib ZLIBINC=../zlib<BR>rm *.so.* *.so<BR>cd ..<BR><BR># 安装 gd (制图软件包)<BR>tar -xzf gd-1.8.3.tar.gz<BR>mv gd-1.8.3/ gd<BR>cd gd<BR>make INCLUDEDIRS="-I. -I../zlib -I../libpng" LIBDIRS="-L../zlib -L. -L../libpng" LIBS="-lgd -lpng -lz -lm"<BR>make install<BR>cd ..<BR><BR># 编译 MRTG<BR>tar -xzf mrtg-2.10.15.tar.gz<BR>cd mrtg-2.10.15/<BR>./configure --prefix=/usr/local/mrtg-2 –-with-gd=/home/pkg/gd/ --with-z=/home/pkg/zlib/ --with-png=/home/pkg/libpng/<BR>make<BR>make install<BR>#所有MRTG需要的软件包都安装在了 /usr/local/mrtg-2 目录下. 你现在可以安全的删除上面编译的源码. 但是你最好留着,以便你编译下一个版本的MRTG时所需.<BR><BR>#通过安装inter7的qmailmrtg ,我们将在我们的系统上安装MRTG<BR><BR># 编译 qmailmrtg<BR>cd /home/pkg<BR>tar -xzf qmailmrtg7-4.0.tar.gz<BR>cd qmailmrtg7-4.0<BR>make<BR>make install<BR>mkdir /var/www/html/qmailmrtg<BR>cp qmail.mrtg.cfg index.html /var/www/html/qmailmrtg <BR>cd /var/www/html/qmailmrtg/<BR>#修改 qmail.mrtg.cfg 和 index.html文件, 将所有出现FQDN 的地方都改成你的完整域名(例如: test.com). 如果你的HTTP MRTG目录并不是默认的 (例如: 你并没有把 /var/www/html/作为你的web根目录), 则必须在/var<BR><BR><BR>/www/html/qmailmrtg/qmail.mrtg.cfg 文件中修改WorkDir变量为正确的路径. 如果你不需要记录某项服务, 你可以在所不需要记录的服务每一行的前面加一个# 来注释掉它,并删除index.html中对应的服务项目。<BR><BR>#你可以修改 pop3和smtp所在的行, 设置MaxBytes参数来重写tcpserver中-cX所在行.<BR><BR>#你还可以修改concurrency来重写concurrencyremote或concurrencylocal 的值. 如果这些文件在/var/qmail/control 目录下并不存在,则qmail默认的值为20.<BR><BR>#下面是我们的最后一步,将下面一段添加到crontab中, 以使我们能每五分钟升级一次MRTG数据. 运行如下命令:<BR><BR>crontab -e<BR>#添加下面一段 (使MRTG每五分钟运行一次) 然后退出crontab:<BR><BR>*/5 * * * * /usr/local/mrtg-2/bin/mrtg /var/www/html/qmailmrtg/qmail.mrtg.cfg 2>&1 > /dev/null<BR>#现在运行MRTG三次来安装它. 你将会收到3次警告消息. 之后,你将不会再收到警告了.<BR><BR>env LANG=C /usr/local/mrtg-2/bin/mrtg /var/www/html/qmailmrtg/qmail.mrtg.cfg<BR>#现在应该安装好了. 为了能显示些信息,我们等待15分钟的日志记录. 你可以通过下面的地址来检查图形监控情况:<BR><BR>http://your.host.name/qmailmrtg/<BR>查看它们的图形监控情况!<BR><BR><BR>--------------------------------------------------------------------------------<BR><BR>测试 <BR><BR>测试igenus <BR><BR>http://domain.com/ <BR><BR><BR>测试qmailadmin <BR><BR>http://domain.com/cgi-bin/qmailadmin<BR><BR><BR>测试vQadmin <BR><BR>http://domain.com/cgi-bin/vqadmin/vqadmin.cgi<BR><BR><BR>测试SMTP认证<BR><BR># telnet localhost 25<BR><BR>Trying 127.0.0.1...<BR><BR>Connected to mail.domain.com (127.0.0.1).<BR>Escape character is '^]'.<BR>220 mail. domain.com ESMTP<BR>EHLO hostname<BR>250-mail.domain.com<BR>250-AUTH LOGIN CRAM-MD5 PLAIN<BR>250-AUTH=LOGIN CRAM-MD5 PLAIN<BR>250-PIPELINING<BR>250 8BITMIME <BR><BR><BR>测试POP3<BR><BR># telnet localhost 110<BR>Trying 127.0.0.1...<BR>Connected to localhost.localdomain.<BR>Escape character is '^]'.<BR>+OK Hello there.<BR>user xy.wang@domain.com<BR>+OK Password required.<BR>pass [password]<BR>+OK logged in.<BR>quit<BR>+OK Bye-bye.<BR>Connection closed by foreign host.<BR><BR><BR>测试IMAP<BR># telnet localhost 143<BR>Trying 127.0.0.1...<BR>Connected to localhost.localdomain(127.0.0.1).<BR>Escape character is '^]'.<BR>* OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE ACL ACL2=UNION STARTTLS] Courier-IMAP ready. Copyright 1998-2004 Double Precision, <BR><BR><BR>Inc. See COPYING for distribution information.<BR>a001 login user@test.com [password]<BR>a001 OK LOGIN Ok.<BR>a001 logout<BR>* BYE Courier-IMAP server shutting down<BR>a001 OK LOGOUT completed<BR>Connection closed by foreign host. <BR><BR><BR>--------------------------------------------------------------------------------<BR><BR>邮件系统维护: <BR>邮件系统相关日志 <BR><BR>/var/log/maillog<BR>/var/log/qmail/current<BR>/var/log/qmail/pop3d/current<BR>/var/log/qmail/pop3ds/current<BR>/var/log/qmail/smtpd/current<BR>/var/spool/qmailscan/qmail-queue.log<BR>/var/spool/qmailscan/qms-events.log<BR>/var/spool/qmailscan/quarantine.log<BR><BR><BR>设置Qmail用户邮箱的容量 <BR># cd /home/vpopmail/bin <BR>#./vsetuserqutoa domain.com 10500000s --domain.com这个域,都设成10m的 <BR>#./vsetuserqutoa xuki@domain.com 10500000s ---只把xuki@domain.com这个用户单独设置为10m。<BR><BR><BR>批量添加用户<BR><BR>例1:<BR><BR>新建一文件 batchadduser.sh,将以下内容拷入文件中保存 ,运行chmod u+x batchadduser.sh使其可执行。<BR><BR>#!/bin/bash <BR>#batchadduser.sh: batch add mail user. <BR>#install step. <BR>#chmod u+x batchadduser <BR>#./batchadduser.sh domain datafile <BR>if [ $# -lt 2 ] <BR>then <BR>echo "usage: $0 domain datafile" <BR>exit 1 <BR>fi <BR>domain=$1 <BR>datafile=$2 <BR>addcmd=/home/vpopmail/bin/vadduser <BR>while read username passwd <BR>do <BR>$addcmd $username@$domain $passwd <BR>done < $datafile <BR><BR>user文件内容的格式 <BR>username1 passwd <BR>username2 passwd2 <BR>............<BR><BR><BR>运行batchadduser.sh domain.com user即可批量添加用户。<BR><BR>例2:<BR><BR>我把用户名放到一个文本文件中,一个名字一行,密码和它的帐号一致,用户自己再去改密码。 <BR><BR>while read line <BR>do <BR>echo $line <BR>./vadduser $line $line <BR>done < user<BR><BR><BR>有选择地清理不需要的Mail Queue <BR><BR>1、处理队列中的邮件: <BR><BR>如想在队列中的邮件马上传递,可以 <BR># kill -HUP qmail-send <BR>要删除队列中的邮件 <BR>1) 停止QMAIL <BR>2) mv /var/qmail/queue/lock /var/qmail/;find /var/qmail/queue/ -type f -exec rm {} \; ;mv /var/qmail/lock /var/qmail/queue/<BR>3) 重启QMAIL. <BR>队列中的邮件包含在以下目录中 /var/qmail/queue/{info,mess,remote,local}/hash/#number <BR>2、在邮件队列中快速删除从一个地方发过来但又不存在的邮件 设bad.jite.com是这个域。可以键入以下命令 <BR># echo # > ~alias/.qmail-baddomain-default <BR># echo bad.jite.com:alias-baddomain>> /var/qmail/control/virtualdomains <BR># echo bad.jite.com:127.0.0.1 >> /var/qmail/control/smtproutes <BR>然后运行/var/qmail/bin/qmail-tcpok,给qmail-send 一个HUP信号 <BR>3、删除队列中的大量广告信息 <BR><BR>先停止QMAIL. <BR>1) 停止qmail, qmail-smtpd <BR>2) 在以下默认目录下 /var/qmail/queue/mess <BR>find /var/qmail/queue/mess -type f -exec grep "^Subject:dss" {} \; -print -exec rm {} \;<BR>3) 运行queue-fix清除相关文件, <BR>4) 重启qmail.<BR><BR><BR>使用sh备份qmail+mysql数据到指定的ftp地址的方法<BR>备份vpopmail的domains目录、qmail的control目录和mysql的var数据存放目录,使用crontab定时进行操作。下面是脚本文件,具体的目录视自己的系统更改: <BR>mkdir /var/qmailbakup <BR>cd /var/qmailbakup <BR>touch qmailbakup.sh <BR>chmod 755 qmailbakup .sh <BR>vi qmailbakup.sh <BR>[code:1:d480555598] <BR>#!/bin/sh <BR>DATE=`date +%Y-%m-%d-%H` <BR>cd /var/qmailbakup/ <BR>tar cvzf domains.$DATE.tar.gz /home/vpopmail/domains <BR>tar cvzf control.$DATE.tar.gz /var/qmail/control <BR>tar cvzf mysql.$DATE.tar.gz /usr/local/mysql/var <BR>ftp -n 192.168.0.21 << ! //你的ftp服务器的地址 <BR>user qmail qmailbakup //ftp用户名和密码,注意要有put权限 <BR>binary <BR>put domains.$DATE.tar.gz <BR>put control.$DATE.tar.gz <BR>put mysql.$DATE.tar.gz <BR>bye <BR>! <BR>rm -f domains.$DATE.tar.gz control.$DATE.tar.gz mysql.$DATE.tar.gz //删除本机产生的文件,如果你想在本服务器也保存一份备份,去掉该项即可。 <BR>[/code:1:d480555598] <BR>使用crontab定时执行: <BR>vi /etc/crontab <BR>00 20 * * 0-6 /var/qmailbakup/qmailbakup.sh <BR>这样每天晚上8:00执行改备份程序。 <BR><BR><BR>给新浪发信的解决办法 <BR>qmail <BR>echo "我的邮件服务器的真实域名(A记录)" > /var/qmail/control/helohost <BR><BR><BR>临时限制一个用户的pop3 <BR>vmoduser -p email_addr or domain ( for the entire domain )<BR><BR><BR>修改默认的域名 <BR>A: <BR>要更改haohao.com为默认域。 <BR>方法: <BR>更改~qmail/control/ <BR>defaultdomain <BR>me <BR>plusdomains <BR>逐一更改启动pop3和 smtp的启动脚本: <BR>修改:email.3sk.com为haohaoo.com <BR>在最上边添加:export VPOPMAIL_DOMAIN=haohaoo.com <BR><BR><BR>将一个系统的Qmail用户完整地转移到另一个系统 <BR>A: <BR>a.cdb配置的?那么请把/home/vpopmail/domains这个文件夹备份好就可以了。用户和密码文件,还有用户信件都在这个目录下。 <BR>还应该备份/var/qmail/control下的相关配置文件。 <BR><BR>b.如果是以MYSQL数据库方式来存储用户认证信息的 <BR>只需要备份 <BR>~vpopmail/domain下的所有邮件 <BR>/var/qmail/control的配置文件 <BR>MYSQL数据库目录下的vpopmail库目录。一般是/var/lib/mysql(RPM)、/usr/local/mysql/data、/usr/local/mysql/var下面。 <BR><BR><BR>把一邮件域的名字比如a.com更改为b.com,如何实现 <BR>以下几个步骤: <BR>1、cd /home/vpopmail/domains <BR>mv a.com b.com <BR>2、把vpopmail数据库的vpopmail表导出把所有a.com改为b.com,然后删除vpopmail表,再导入. <BR>3、把把vpopmail数据库的dir_control表的a.com改为b.com <BR>4、在/home/qmail/control 目录下把 virtualdomains和rcpthosts下的的a.com改为b.com. <BR>5、在/home/qmail/users目录下把assign文件的a.com改为b.com <BR>6、需要运行qmail-newu重新生成cdb。assign只是配置文件,cdb才是实际的数据文件。<BR>加快 qmail 投递邮件速度 <BR>A: /var/qmail/control下面是qmail的控制文件,这两个文件: <BR>Concurrentcylocal default: 10 最大本地同时传送数 <BR>Concurrencyremote default: 20 最大远程同时传送数 <BR>更改域的默认管理账号 <BR>A: vmoduser有个-a参数,可以赋予用户管理权限。 <BR><BR>如果想全面禁用postmaster的特殊权限话,就只能改源代码了。 <BR><BR><BR>QMAIL下的主要配置文件(/var/qmail/control目录下): <BR>文件名 默认值 使用者 用途 <BR>badmailfrom none qmail-smtpd 黑名单地址 <BR>bouncefrom MAILER-DAEMON qmail-send 退回邮件 <BR>bouncehost me qmail-send 退回邮件 <BR>concurrencylocal 10 qmail-send 本地同时投递邮件的数目 <BR>concurrencyremote 20 qmail-send 同时投递至远程主机的数目 <BR>defaultdomain me qmail-inject 默认域名 <BR>defaulthost me qmail-inject 默认主机名 <BR>databytes 0 qmail-smtpd 邮件的最大容量 (0=无限制) <BR>doublebouncehost me qmail-send <BR>doublebounceto postmaster qmail-send <BR>envnoathost me qmail-send 没有"@"的默认域名 <BR>helohost me qmail-remote 主机名 <BR>idhost me qmail-inject Message-ID的主机名 <BR>localiphost me qmail-smtpd 本地IP的替代名 <BR>locals me qmail-send 传递至本地的域名 <BR>me 系统正式域名 various <BR>morercpthosts none qmail-smtpd 第二个rcpthosts <BR>percenthack none qmail-send 使用 "%"格式的域名 <BR>plusdomain me qmail-inject <BR>qmqpservers none qmail-qmqpc QMQP服务器的IP地址 <BR>queuelifetime 604800 qmail-send 在队列中邮件保存的时间(秒) <BR>rcpthosts none qmail-smtpd 接收邮件的域名 <BR>smtpgreeting me qmail-smtpd <BR>smtproutes none qmail-remote <BR>timeoutconnect 60 qmail-remote SMTP连接超时时间 <BR>timeoutremote 1200 qmail-remote 等待远程主机的时间 <BR>timeoutsmtpd 1200 qmail-smtpd SMTP客户连接超时的时间 <BR>virtualdomains none qmail-send 虚拟域名 <BR><BR><BR>Qmail限制附件大小 <BR>我的配置经验==》Qmail限制附件大小: <BR>1.在/var/qmail/control/databytes 中设置附件大小,这个文件要手动建立,直接输入数字就行,默认单位为bytes,如10485760为10M; <BR>2.Webmail中发送附件默认只支持500K左右,如想支持5M附件,修改如下文件 <BR># vi /etc/php.ini <BR><BR>post_max_filesize=5M //320行 <BR>upload_max_filesize=5M //405行 <BR>session.bug_compat_42=0 //加入到641行 <BR>session.bug_compat_warn=0 <BR><BR># vi /etc/httpd/conf.d/php.conf <BR>LimitRequestBody 5242880 //修改14行的值为5M<BR><BR><BR>WebMail上传附件大小限制 (解决上传文件不能大于512KB的问题) <BR>更改/etc/httpd/conf.d/php.conf:<BR><BR>LimitRequestBody 524288中的524288正好跟512KB相等,将其更改为10485760,设置允许最大上传的附件为10MB。<BR><BR><BR>------------------------------------------------------------------------------<BR>无言感激<BR>http://www.xuki.org/qmail.html</DIV></DIV> <HR> <DIV class=post> <DIV class=posttop> <DIV class=username>dtltd</DIV> <DIV class=date>05-06-17, 15:23</DIV></DIV> <DIV class=posttext>Warning: SAFE MODE Restriction in effect. The script whose uid is 89 is not allowed to access /var/qmail/users/assign owned by uid 0 in /var/www/html/admin/includes/fun_inc.php on line 148<BR><BR>Warning: fopen("/var/qmail/users/assign", "r") - Resource temporarily unavailable in /var/www/html/admin/includes/fun_inc.php on line 148<BR><BR>Warning: fgets(): supplied argument is not a valid File-Handle resource in /var/www/html/admin/includes/fun_inc.php on line 149<BR><BR>Warning: fclose(): supplied argument is not a valid File-Handle resource in /var/www/html/admin/includes/fun_inc.php on line 153</DIV></DIV> <HR> <DIV id=copyright>vBulletin Version 3.0.7.23 简体中文翻译与插件制作 NewvBB.com™ 2005。</DIV></DIV><BR><BR> <P id=TBPingURL>Trackback: http://tb.blog.csdn.net/TrackBack.aspx?PostId=543152</P><BR></DIV></DIV></DIV>
查看全文
发表于:2008-01-28 ┆
阅读(756)
┆
评论(0)
postfix配置方案大全
<DIV> <TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 cellPadding=0 width="96%" border=0> <TBODY> <TR> <TD width="100%" bgColor=#f3f3f3></TD> <TD width=7 height=7><IMG alt="" src="http://blog.chinaunix.net/templates/tech/images/w_right_top.gif" border=0></TD></TR> <TR> <TD align=middle bgColor=#f3f3f3 colSpan=3> <TABLE style="TABLE-LAYOUT: fixed; BORDER-COLLAPSE: collapse; WORD-WRAP: break-word" cellSpacing=0 cellPadding=0 width="100%" bgColor=#f3f3f3 border=0> <TBODY> <TR height=25> <TD align=middle width=25><IMG height=8 alt="" src="http://blog.chinaunix.net/templates/tech/images/dot.gif" width=8 border=0></TD> <TD width="90%"><A class=list1 href="http://blog.chinaunix.net/u/5948/showart_467169.html" target=_blank><FONT style="FONT-SIZE: 10pt" color=#02368d><B><U>【置顶】RHEL4上安装基于postfix的全功能邮件服务器(全部使用目前最新源码包构建) </U></B></FONT></A></TD> <TD align=middle width=25><U><IMG title=收起 onclick="ShowHideDiv('art467169',this);" alt="" src="http://blog.chinaunix.net/templates/tech/images/dot2.gif" border=0></U> </TD></TR> <TR> <TD width=25></TD> <TD colSpan=2> <DIV id=art467169 style="MARGIN: 5px; LINE-HEIGHT: 150%">本文凝聚了作者不少的安装经验,写出来供各位同仁参考指正,也为自己留一个“备份”,以便以后安装时作为参照!<BR>安装过程中借鉴了不少google出来的文章,是你们先行的足迹为作者今天的成功打下了基础,在此先行谢过!<BR>转载请注明出处:<A href="http://marion.cublog.cn/" target=_blank><FONT color=#0000ff>http://marion.cublog.cn</FONT></A><BR><BR><BR><FONT color=#0000ff size=4>所用软件包:</FONT>(本文中,以下软件包都将在/usr/local/src中存放)<BR><BR>Postfix-2.4.5<BR>Mysql-5.0.45<BR>Sasl-2.1.22<BR>DB-4.5.20<BR>O……</DIV><TEXTAREA id=text467169 style="DISPLAY: none">本文凝聚了作者不少的安装经验,写出来供各位同仁参考指正,也为自己留一个“备份”,以便以后安装时作为参照!<BR>安装过程中借鉴了不少google出来的文章,是你们先行的足迹为作者今天的成功打下了基础,在此先行谢过!<BR>转载请注明出处:<A href="http://marion.cublog.cn/" target=_blank><FONT color=#0000ff>http://marion.cublog.cn</FONT></A><BR><BR><BR><FONT color=#0000ff size=4>所用软件包:</FONT>(本文中,以下软件包都将在/usr/local/src中存放)<BR><BR>Postfix-2.4.5<BR>Mysql-5.0.45<BR>Sasl-2.1.22<BR>DB-4.5.20<BR>O……</TEXTAREA> <SCRIPT language=javascript> <!-- $("art467169").innerHTML=$("text467169").value; //--> </SCRIPT> </TD></TR> <TR height=20> <TD align=right colSpan=3><A class=list1 href="http://blog.chinaunix.net/u/5948/showart_467169.html" target=_blank><FONT style="FONT-SIZE: 10pt" color=#02368d><B><U>查看全文</U></B></FONT></A> </TD></TR> <TR height=20> <TD></TD> <TD align=right colSpan=2>发表于:2008-01-18 ┆ <A class=list1 href="http://blog.chinaunix.net/u/5948/showart_467169.html" target=_blank><U><FONT color=#800080>阅读(109)</FONT></U></A> ┆ <A class=list1 href="http://blog.chinaunix.net/u/5948/showart_467169.html" target=_blank><U><FONT color=#800080>评论(0)</FONT></U></A> </TD></TR></TBODY></TABLE></TD></TR> <TR> <TD width=7 height=7><IMG alt="" src="http://blog.chinaunix.net/templates/tech/images/w_left_buttom.gif" border=0></TD> <TD bgColor=#f3f3f3></TD> <TD width=7 height=7><IMG alt="" src="http://blog.chinaunix.net/templates/tech/images/w_right_buttom.gif" border=0></TD></TR></TBODY></TABLE><BR> <TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 cellPadding=0 width="96%" border=0> <TBODY> <TR> <TD width=7 height=7><IMG alt="" src="http://blog.chinaunix.net/templates/tech/images/w_left_top.gif" border=0></TD> <TD width="100%" bgColor=#f3f3f3></TD> <TD width=7 height=7><IMG alt="" src="http://blog.chinaunix.net/templates/tech/images/w_right_top.gif" border=0></TD></TR> <TR> <TD align=middle bgColor=#f3f3f3 colSpan=3> <TABLE style="TABLE-LAYOUT: fixed; BORDER-COLLAPSE: collapse; WORD-WRAP: break-word" cellSpacing=0 cellPadding=0 width="100%" bgColor=#f3f3f3 border=0> <TBODY> <TR height=25> <TD align=middle width=25><IMG height=8 alt="" src="http://blog.chinaunix.net/templates/tech/images/dot.gif" width=8 border=0></TD> <TD width="90%"><A class=list1 href="http://blog.chinaunix.net/u/5948/showart_467158.html" target=_blank><FONT style="FONT-SIZE: 10pt" color=#02368d><B><U>【置顶】Postfix配置Step By Step(一)</U></B></FONT></A> </TD> <TD align=middle width=25><IMG title=收起 onclick="ShowHideDiv('art467158',this);" alt="" src="http://blog.chinaunix.net/templates/tech/images/dot2.gif" border=0> </TD></TR> <TR> <TD width=25></TD> <TD colSpan=2> <DIV id=art467158 style="MARGIN: 5px; LINE-HEIGHT: 150%"> <DIV> 很早就想试下Linux下的<A href="http://postfix.org.cn/" target=_blank><FONT color=#0000ff>Postfix</FONT></A>服务,也看了网上很多相关的教程,但是每当我看到那长长的篇幅就打退堂鼓了,但是有些东西在技术的道路上始终是要经历和面对的,这些天就一直在鼓捣着这东东,现在把自已的经历写出来,希望能对大家有点用.对于大侠来讲,这些算不了什么,但至少相对我这种还在Linux门外徊徘的人来说,它是我学习的一个历程.其中 <SPAN style="COLOR: rgb(0,0,255)" twffan="done">蓝色</SPAN>字体需用户输入,白色字体是系统显示,……</DIV></DIV><TEXTAREA id=text467158 style="DISPLAY: none"><DIV> 很早就想试下Linux下的<A href="http://postfix.org.cn/" target=_blank><FONT color=#0000ff>Postfix</FONT></A>服务,也看了网上很多相关的教程,但是每当我看到那长长的篇幅就打退堂鼓了,但是有些东西在技术的道路上始终是要经历和面对的,这些天就一直在鼓捣着这东东,现在把自已的经历写出来,希望能对大家有点用.对于大侠来讲,这些算不了什么,但至少相对我这种还在Linux门外徊徘的人来说,它是我学习的一个历程.其中 <SPAN style="COLOR: rgb(0,0,255)" twffan="done">蓝色</SPAN>字体需用户输入,白色字体是系统显示,……</TEXTAREA> <SCRIPT language=javascript> <!-- $("art467158").innerHTML=$("text467158").value; //--> </SCRIPT> </TD></TR> <TR height=20> <TD align=right colSpan=3><A class=list1 href="http://blog.chinaunix.net/u/5948/showart_467158.html" target=_blank><FONT style="FONT-SIZE: 10pt" color=#02368d><B><U>查看全文</U></B></FONT></A> </TD></TR> <TR height=20> <TD></TD> <TD align=right colSpan=2>发表于:2008-01-18 ┆ <A class=list1 href="http://blog.chinaunix.net/u/5948/showart_467158.html" target=_blank><U><FONT color=#800080>阅读(82)</FONT></U></A> ┆ <A class=list1 href="http://blog.chinaunix.net/u/5948/showart_467158.html" target=_blank><U><FONT color=#800080>评论(0)</FONT></U></A> </TD></TR></TBODY></TABLE></TD></TR> <TR> <TD width=7 height=7><IMG alt="" src="http://blog.chinaunix.net/templates/tech/images/w_left_buttom.gif" border=0></TD> <TD bgColor=#f3f3f3></TD> <TD width=7 height=7><IMG alt="" src="http://blog.chinaunix.net/templates/tech/images/w_right_buttom.gif" border=0></TD></TR></TBODY></TABLE><BR> <TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 cellPadding=0 width="96%" border=0> <TBODY> <TR> <TD width=7 height=7><IMG alt="" src="http://blog.chinaunix.net/templates/tech/images/w_left_top.gif" border=0></TD> <TD width="100%" bgColor=#f3f3f3></TD> <TD width=7 height=7><IMG alt="" src="http://blog.chinaunix.net/templates/tech/images/w_right_top.gif" border=0></TD></TR> <TR> <TD align=middle bgColor=#f3f3f3 colSpan=3> <TABLE style="TABLE-LAYOUT: fixed; BORDER-COLLAPSE: collapse; WORD-WRAP: break-word" cellSpacing=0 cellPadding=0 width="100%" bgColor=#f3f3f3 border=0> <TBODY> <TR height=25> <TD align=middle width=25><IMG height=8 alt="" src="http://blog.chinaunix.net/templates/tech/images/dot.gif" width=8 border=0></TD> <TD width="90%"><A class=list1 href="http://blog.chinaunix.net/u/5948/showart_467188.html" target=_blank><FONT style="FONT-SIZE: 10pt" color=#02368d><B><U>Postfix 电子邮件系统精要2</U></B></FONT></A> </TD> <TD align=middle width=25><IMG title=收起 onclick="ShowHideDiv('art467188',this);" alt="" src="http://blog.chinaunix.net/templates/tech/images/dot2.gif" border=0> </TD></TR> <TR> <TD width=25></TD> <TD colSpan=2> <DIV id=art467188 style="MARGIN: 5px; LINE-HEIGHT: 150%"> <DIV>◆<STRONG>Corurier-imap安装配置</STRONG> <DIV twffan="done">Postfix只是实现邮件系统的smtp功能,pop3或imap则需要另外的软件来实现,这个软件就是courier-imap(当然也有别的软件可以选择)。</DIV> <DIV twffan="done"><STRONG>(1)安装courier-imap</STRONG></DIV> <DIV twffan="done"></DIV> <DIV twffan="done"> <TABLE class=MsoNormalTable style="BORDER-RIGHT: medium none; BORDER-TOP: medium none; BACKGROUND: rgb(243,243,243) 0% 50%; MARGIN: auto auto auto 5.4pt; BORDER-LEFT: medium none; BORDER-BOTTOM: medium none; BORDER-COLLAPSE: collapse; moz-background-clip: -moz-initial; moz-background-origin: -moz-initial; moz-background-inline-policy: -moz-initial" cellSpacing=0 cellPadding=0 border=1> <TBODY> <TR style="HEIGHT: 31.5pt"> <TD style="BORDER-RIGHT: windowtext 1pt dotted; PADDING-RIGHT: 5.4pt; BORDER-TOP: windowtext 1pt dotted; PADDING-LEFT: 5.4pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: windowtext 1pt dotted; WIDTH: 396pt; PADDING-TOP: 0cm; BORDER-BOTTOM: windowtext 1pt dotted; HEIGHT: 31.5pt; BACKGROUND-COLOR: transparent" vAlign=top width=528><SPAN lang=EN-US style="FONT-SIZE: 10pt; COLOR: black; FONT-FAMILY: 宋体" twffan="done"> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 10pt; COLOR: black; FONT-FAMILY: 宋体" twffan="done">[root@mailserv2 ~]# <B>cd<?xml:namespace prefix = o /><o:p></o:p></B></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 10pt; COLOR: black; FONT-FAMILY: 宋体" twffan="done">[root@mailserv2 ~]#<B> tar jxvf courier-imap-<?xml:namespace prefix = st1 /><st1:chsdate w:st="on" isrocdate="False" islunardate="False" day="30" month="12" year="1899">4.1.3</st1:chsdate>.tar.bz2<o:p></o:p></B></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 10pt; COLOR: black; FONT-FAMILY: 宋体" twffan="done">[root@mailserv2 ~]# <B>cd courier-imap-<st1:chsdate w:st="on" isrocdate="False" islunardate="False" day="30" month="12" year="1899">4.1.3</st1:chsdate><o:p></o:p></B></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done"><FONT face="Times New Roman"> [root@mailserv2courier-imap-<st1:chsdate w:st="on" isrocdate="False" islunardate="False" day="30" month="12" year="1899">4.1.3</st1:chsdate>]#<B>./configure --prefix=/usr/local/imap --with-redhat <o:p></o:p></B></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><B><SPAN lang=EN-US twffan="done"><FONT face="Times New Roman">--disable-root-check --enable-unicode=utf-8,iso-8859-1,gb2312,gbk,gb18030<o:p></o:p></FONT></SPAN></B></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><B><FONT face="Times New Roman"><SPAN lang=EN-US twffan="done">--with-trashquota --with-dirsync </SPAN><I><SPAN lang=EN-US twffan="done">--with-mysql-libs=/usr/local/mysql/lib/mysql --with-mysql-includes=/usr/local/mysql/include/mysql/ --with-authmysql --with-authmysql=yes<o:p></o:p></SPAN></I></FONT></B></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 20pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 10pt; COLOR: black; FONT-FAMILY: 宋体" twffan="done">[root@mailserv2 courier-imap-<st1:chsdate w:st="on" isrocdate="False" islunardate="False" day="30" month="12" year="1899">4.1.3</st1:chsdate>]#<B> make<o:p></o:p></B></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 20pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 10pt; COLOR: black; FONT-FAMILY: 宋体" twffan="done">[root@mailserv2 courier-imap-<st1:chsdate w:st="on" isrocdate="False" islunardate="False" day="30" month="12" year="1899">4.1.3</st1:chsdate>]#<B> make install<o:p></o:p></B></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 20pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 10pt; COLOR: black; FONT-FAMILY: 宋体" twffan="done">[root@mailserv2 courier-imap-<st1:chsdate w:st="on" isrocdate="False" islunardate="False" day="30" month="12" year="1899">4.1.3</st1:chsdate>]#<B> make install-configure<o:p></o:p></B></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"></DIV></SPAN></TD></TR></TBODY></TABLE></DIV> <DIV twffan="done"><STRONG>(2)修改配置文件/usr/local/imap/etc/pop3d及/usr/local/imap/etc/imapd。</STRONG>把/usr/local/imap/etc/pop3d 文件的行"POP3DSTART=NO"改成"POP3DSTART=YES",再依照这个形式把文件 /usr/local/imap/etc/imapd的行"IMAPDSTART=NO"改成"IMAPDSTART=YES"即可。</DIV> <DIV twffan="done"><STRONG>(3)复制文件 courier-imap.sysvinit到目录/usr/local/imap/sbin,</STRONG>以便于启动imap的守护进程。</DIV> <DIV twffan="done">[root@mailserv2 courier-imap-4.1.3]# cp courier-imap.sysvinit /usr/local/imap/sbin/imapd</DIV> <DIV twffan="done"><STRONG>(4)测试imap服务。</STRONG></DIV> <DIV twffan="done">[root@mailserv2 courier-imap-4.1.3]# /usr/local/imap/sbin/imapd start<BR>Starting Courier-IMAP server: imap pop3</DIV> <DIV twffan="done"><STRONG>◆安装courier-maildrop</STRONG> </DIV> <DIV twffan="done">Maiidrop的作用是本地投递,即把收到的邮件移动到相应的用户目录。在前面配置postfix的时候,我们已经把与maildrop相关的东西写进文件/etc/postfix/master.cf了,因此这里就不再叙述。前面的步骤我们也提到过pcre 这个软件,它是安装maildrop所必须的,所以需要先安装这个软件(如果系统不存在这个软件的话)。</DIV> <DIV twffan="done"></DIV> <DIV twffan="done"> <TABLE class=MsoNormalTable style="BORDER-RIGHT: medium none; BORDER-TOP: medium none; BACKGROUND: rgb(243,243,243) 0% 50%; MARGIN: auto auto auto 5.4pt; BORDER-LEFT: medium none; BORDER-BOTTOM: medium none; BORDER-COLLAPSE: collapse; moz-background-clip: -moz-initial; moz-background-origin: -moz-initial; moz-background-inline-policy: -moz-initial" cellSpacing=0 cellPadding=0 border=1> <TBODY> <TR style="HEIGHT: 31.5pt"> <TD style="BORDER-RIGHT: windowtext 1pt dotted; PADDING-RIGHT: 5.4pt; BORDER-TOP: windowtext 1pt dotted; PADDING-LEFT: 5.4pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: windowtext 1pt dotted; WIDTH: 396pt; PADDING-TOP: 0cm; BORDER-BOTTOM: windowtext 1pt dotted; HEIGHT: 31.5pt; BACKGROUND-COLOR: transparent" vAlign=top width=528><SPAN lang=EN-US style="FONT-SIZE: 10pt; COLOR: black; FONT-FAMILY: 宋体" twffan="done"><SPAN lang=EN-US twffan="done"><FONT face="Times New Roman"></FONT> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21.75pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done"><FONT face="Times New Roman"><FONT size=3>[root@mailserv2 courier-imap-<st1:chsdate w:st="on" isrocdate="False" islunardate="False" day="30" month="12" year="1899">4.1.3</st1:chsdate>]#<B> cd<o:p></o:p></B></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21.75pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done"><FONT face="Times New Roman"><FONT size=3>[root@mailserv2 courier-imap-<st1:chsdate w:st="on" isrocdate="False" islunardate="False" day="30" month="12" year="1899">4.1.3</st1:chsdate>]#<B> tar jxvf pcre-7.2.tar.bz2</B><o:p></o:p></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21.75pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done"><FONT face="Times New Roman"><FONT size=3>[root@mailserv2 courier-imap-<st1:chsdate w:st="on" isrocdate="False" islunardate="False" day="30" month="12" year="1899">4.1.3</st1:chsdate>]# <B>cd pcre-7.2<o:p></o:p></B></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21.75pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done"><FONT face="Times New Roman"><FONT size=3>[root@mailserv2 courier-imap-<st1:chsdate w:st="on" isrocdate="False" islunardate="False" day="30" month="12" year="1899">4.1.3</st1:chsdate>]# <B>./configure<o:p></o:p></B></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21.75pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done"><FONT face="Times New Roman"><FONT size=3>[root@mailserv2 courier-imap-<st1:chsdate w:st="on" isrocdate="False" islunardate="False" day="30" month="12" year="1899">4.1.3</st1:chsdate>]# <B>make</B><o:p></o:p></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21.75pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done"><FONT face="Times New Roman"><FONT size=3>[root@mailserv2 courier-imap-<st1:chsdate w:st="on" isrocdate="False" islunardate="False" day="30" month="12" year="1899">4.1.3</st1:chsdate>]# <B>make install<o:p></o:p></B></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><FONT face="Times New Roman"><FONT size=3><SPAN style="FONT-FAMILY: 宋体" twffan="done">//安装</SPAN><SPAN lang=EN-US twffan="done">pcre</SPAN><SPAN style="FONT-FAMILY: 宋体" twffan="done">应该是非常容易的事情,片刻之间就可搞定,接下来安装</SPAN><SPAN lang=EN-US twffan="done">maildrop.</SPAN><SPAN style="FONT-FAMILY: 宋体" twffan="done">在执行配置过程中,需要很多选项,不要疏漏。</SPAN><SPAN lang=EN-US twffan="done"><o:p></o:p></SPAN></FONT></FONT></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21.75pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done"><FONT face="Times New Roman"><FONT size=3>[root@mailserv2 pcre-7.2]# <B>cd<o:p></o:p></B></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21.75pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done"><FONT face="Times New Roman"><FONT size=3>[root@mailserv2 pcre-7.2]# <B>tar jxvf maildrop-<st1:chsdate w:st="on" isrocdate="False" islunardate="False" day="30" month="12" year="1899">2.0.4</st1:chsdate>.tar.bz2</B><o:p></o:p></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21.75pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done"><FONT face="Times New Roman"><FONT size=3>[root@mailserv2 pcre-7.2]# <B>cd maildrop-<st1:chsdate w:st="on" isrocdate="False" islunardate="False" day="30" month="12" year="1899">2.0.4</st1:chsdate></B><o:p></o:p></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21.75pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done"><FONT face="Times New Roman"><FONT size=3>[root@mailserv2 maildrop-<st1:chsdate w:st="on" isrocdate="False" islunardate="False" day="30" month="12" year="1899">2.0.4</st1:chsdate>]# <B>./configure --prefix=/usr/local/maildrop --enable-<o:p></o:p></B></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><FONT face="Times New Roman"><B><SPAN lang=EN-US twffan="done"><FONT size=3>sendmail=/usr/sbin/sendmail --enable-trusted-users='root vmail' --enable-syslog=1 <o:p></o:p></FONT></SPAN></B></FONT></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><FONT face="Times New Roman"><B><SPAN lang=EN-US twffan="done"><FONT size=3>--enable-maildirquota --enable-maildrop-uid=1001 --enable-maildrop-gid=1001 --with<o:p></o:p></FONT></SPAN></B></FONT></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><FONT face="Times New Roman"><B><SPAN lang=EN-US twffan="done"><FONT size=3>-trashquota --with-dirsync<o:p></o:p></FONT></SPAN></B></FONT></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21.75pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done"><FONT face="Times New Roman"><FONT size=3>[root@mailserv2 maildrop-<st1:chsdate w:st="on" isrocdate="False" islunardate="False" day="30" month="12" year="1899">2.0.4</st1:chsdate>]# <B>make<o:p></o:p></B></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21.75pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done"><FONT face="Times New Roman"><FONT size=3>[root@mailserv2 maildrop-<st1:chsdate w:st="on" isrocdate="False" islunardate="False" day="30" month="12" year="1899">2.0.4</st1:chsdate>]# <B>make install<o:p></o:p></B></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21.75pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done"><FONT face="Times New Roman"><FONT size=3>[root@mailserv2 maildrop-<st1:chsdate w:st="on" isrocdate="False" islunardate="False" day="30" month="12" year="1899">2.0.4</st1:chsdate>]# <B>cp /usr/local/maildrop/bin/maildrop /usr/bin<o:p></o:p></B></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21.75pt; TEXT-ALIGN: left" align=left twffan="done"></DIV></SPAN></SPAN></TD></TR></TBODY></TABLE></DIV> <DIV twffan="done">下面的命令简单验证maildrop</DIV> <DIV twffan="done"></DIV> <DIV twffan="done"> <TABLE class=MsoNormalTable style="BORDER-RIGHT: medium none; BORDER-TOP: medium none; BACKGROUND: rgb(243,243,243) 0% 50%; MARGIN: auto auto auto 5.4pt; BORDER-LEFT: medium none; BORDER-BOTTOM: medium none; BORDER-COLLAPSE: collapse; moz-background-clip: -moz-initial; moz-background-origin: -moz-initial; moz-background-inline-policy: -moz-initial" cellSpacing=0 cellPadding=0 border=1> <TBODY> <TR style="HEIGHT: 31.5pt"> <TD style="BORDER-RIGHT: windowtext 1pt dotted; PADDING-RIGHT: 5.4pt; BORDER-TOP: windowtext 1pt dotted; PADDING-LEFT: 5.4pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: windowtext 1pt dotted; WIDTH: 396pt; PADDING-TOP: 0cm; BORDER-BOTTOM: windowtext 1pt dotted; HEIGHT: 31.5pt; BACKGROUND-COLOR: transparent" vAlign=top width=528><SPAN lang=EN-US style="FONT-SIZE: 10pt; COLOR: black; FONT-FAMILY: 宋体" twffan="done"> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21.75pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done"><FONT size=3><FONT face="Times New Roman">[root@mailserv2 ~]# <B>maildrop –v</B><o:p></o:p></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21.75pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done"><FONT size=3><FONT face="Times New Roman">maildro<st1:chsdate w:st="on" isrocdate="False" islunardate="False" day="30" month="12" year="1899">p 2.0.4</st1:chsdate> Copyright 1998-2005 Double Precision, Inc.<o:p></o:p></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21.75pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done"><FONT size=3><FONT face="Times New Roman">GDBM extensions enabled.<o:p></o:p></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21.75pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done"><FONT size=3><FONT face="Times New Roman">Courier Authentication Library extension enabled.<o:p></o:p></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21.75pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done"><FONT size=3><FONT face="Times New Roman">Maildir quota extension enabled.<o:p></o:p></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21.75pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done"><FONT size=3><FONT face="Times New Roman">This program is distributed under the terms of the GNU General Public<o:p></o:p></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21.75pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done"><FONT size=3><FONT face="Times New Roman">License. See COPYING for additional information.</FONT></FONT></SPAN></DIV></SPAN></TD></TR></TBODY></TABLE></DIV> <DIV twffan="done">输出内容一定要有"Courier Authentication Library extension enabled"这一行。如果没有这个输出,那是非常不幸的事情了,返回去挨个排错吧。那么这个"Courier Authentication Library extension enabled"是怎么一回事呢?这表明maildrop已经和前面我们安装配置的SASL和courier-authlib紧密结合在一起了。</DIV> <DIV twffan="done">知道maildrop把邮件移动到哪个用户目录还是非常有必要的,这个操作就是maildrop的日志记录。这里我们创建一个新文件/etc/maildroprc,这个文件就2行内容:</DIV> <DIV twffan="done"></DIV> <DIV twffan="done"> <TABLE class=MsoNormalTable style="BORDER-RIGHT: medium none; BORDER-TOP: medium none; BACKGROUND: rgb(243,243,243) 0% 50%; MARGIN: auto auto auto 23.4pt; BORDER-LEFT: medium none; BORDER-BOTTOM: medium none; BORDER-COLLAPSE: collapse; moz-background-clip: -moz-initial; moz-background-origin: -moz-initial; moz-background-inline-policy: -moz-initial" cellSpacing=0 cellPadding=0 border=1> <TBODY> <TR style="HEIGHT: 30.75pt"> <TD style="BORDER-RIGHT: windowtext 1pt dotted; PADDING-RIGHT: 5.4pt; BORDER-TOP: windowtext 1pt dotted; PADDING-LEFT: 5.4pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: windowtext 1pt dotted; WIDTH: 360pt; PADDING-TOP: 0cm; BORDER-BOTTOM: windowtext 1pt dotted; HEIGHT: 30.75pt; BACKGROUND-COLOR: transparent" vAlign=top width=480> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done">[root@mailserv2 mailbox]# <B>more /etc/maildroprc</B> <o:p></o:p></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done">logfile "/var/mailbox/maildrop.log"<SPAN twffan="done"> </SPAN><o:p></o:p></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done">to "$HOME/$DEFAULT"<o:p></o:p></SPAN></DIV></TD></TR></TBODY></TABLE></DIV> <DIV twffan="done">我们来看一个正常运行的postfix邮件系统的maildrop日志,就会对maildrop有更清楚的认识。</DIV> <DIV twffan="done"></DIV> <DIV twffan="done"> <TABLE class=MsoNormalTable style="BORDER-RIGHT: medium none; BORDER-TOP: medium none; BACKGROUND: rgb(243,243,243) 0% 50%; MARGIN: auto auto auto 23.4pt; BORDER-LEFT: medium none; BORDER-BOTTOM: medium none; BORDER-COLLAPSE: collapse; moz-background-clip: -moz-initial; moz-background-origin: -moz-initial; moz-background-inline-policy: -moz-initial" cellSpacing=0 cellPadding=0 border=1> <TBODY> <TR style="HEIGHT: 70.5pt"> <TD style="BORDER-RIGHT: windowtext 1pt dotted; PADDING-RIGHT: 5.4pt; BORDER-TOP: windowtext 1pt dotted; PADDING-LEFT: 5.4pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: windowtext 1pt dotted; WIDTH: 387pt; PADDING-TOP: 0cm; BORDER-BOTTOM: windowtext 1pt dotted; HEIGHT: 70.5pt; BACKGROUND-COLOR: transparent" vAlign=top width=516> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done">[root@mailserv2 mailbox]# tail<SPAN twffan="done"> </SPAN>maildrop.log <o:p></o:p></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done">Date: Sat Oct<SPAN twffan="done"> </SPAN>6 12:45:20 2007<o:p></o:p></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done">From: "Saundra Y. Echols" <<A href="mailto:saundra@MS13.HINET.NET"><FONT color=#0000ff>saundra@MS13.HINET.NET</FONT></A>><o:p></o:p></SAUNDRA@MS13.HINET.NET></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done">Subj: No girls laugh at me now, haha, i laugh at them<o:p></o:p></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done">File: /mail/mailbox//sery.com/magazine/<SPAN twffan="done"> </SPAN><SPAN twffan="done"> </SPAN>(3355)<o:p></o:p></SPAN></DIV></TD></TR></TBODY></TABLE>上面的日志表明收到一封来自<A href="mailto:Saundra@ms13.hinet.net"><A href="mailto:Saundra@ms13.hinet.net"><FONT color=#0000ff>Saundra@ms13.hinet.net</FONT></A></A>的信,maildrop把邮件移动到目录/mail/mailbox/sery.com/magazine。 </DIV> <DIV twffan="done">很可惜maidrop没有创建和删除邮件用户目录的能力,在配置postfixadmin时,我们提到需要使用2个shell脚本 /usr/sbin/maildirdel.sh及/usr/sbin/maildirmake.sh,这2个脚本的作用就是用来弥补maildrop不能创建/删除目录这个缺陷的。</DIV> <DIV twffan="done"></DIV> <DIV twffan="done"> <TABLE class=MsoNormalTable style="BORDER-RIGHT: medium none; BORDER-TOP: medium none; BACKGROUND: rgb(243,243,243) 0% 50%; MARGIN: auto auto auto 23.4pt; BORDER-LEFT: medium none; BORDER-BOTTOM: medium none; BORDER-COLLAPSE: collapse; moz-background-clip: -moz-initial; moz-background-origin: -moz-initial; moz-background-inline-policy: -moz-initial" cellSpacing=0 cellPadding=0 border=1> <TBODY> <TR style="HEIGHT: 54.75pt"> <TD style="BORDER-RIGHT: windowtext 1pt dotted; PADDING-RIGHT: 5.4pt; BORDER-TOP: windowtext 1pt dotted; PADDING-LEFT: 5.4pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: windowtext 1pt dotted; WIDTH: 387pt; PADDING-TOP: 0cm; BORDER-BOTTOM: windowtext 1pt dotted; HEIGHT: 54.75pt; BACKGROUND-COLOR: transparent" vAlign=top width=516> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt" twffan="done"><SPAN lang=EN-US twffan="done">[root@mailserv2 ~]# <B>more /usr/sbin/maildirmake.sh</B> <o:p></o:p></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt" twffan="done"><SPAN lang=EN-US twffan="done">#!/bin/bash <o:p></o:p></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt" twffan="done"><SPAN lang=EN-US twffan="done">set -e <o:p></o:p></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt" twffan="done"><SPAN lang=EN-US twffan="done">if [ ! -d /var/mailbox/$1 ] <o:p></o:p></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt" twffan="done"><SPAN lang=EN-US twffan="done">then <o:p></o:p></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt" twffan="done"><SPAN lang=EN-US twffan="done">mkdir /var/mailbox/$1 <o:p></o:p></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt" twffan="done"><SPAN lang=EN-US twffan="done">fi<SPAN twffan="done"> </SPAN><o:p></o:p></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt" twffan="done"><SPAN lang=EN-US twffan="done">chown -R vmail:vmail /var/mailbox/$1 <o:p></o:p></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt" twffan="done"><SPAN lang=EN-US twffan="done">cd "/var/mailbox/$1" <o:p></o:p></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt" twffan="done"><SPAN lang=EN-US twffan="done">/usr/local/imap/bin/maildirmake $2 <o:p></o:p></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt" twffan="done"><SPAN lang=EN-US twffan="done">mkdir /var/mailbox/$1/$2/Maildir<o:p></o:p></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt" twffan="done"><SPAN lang=EN-US twffan="done">chown -R vmail:vmail /var/mailbox/$1/$2<o:p></o:p></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt" twffan="done"><SPAN lang=EN-US twffan="done"><o:p> </o:p></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt" twffan="done"><SPAN lang=EN-US twffan="done">[root@mailserv2 ~]# <B>more /usr/sbin/maildirdel.sh</B> <o:p></o:p></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt" twffan="done"><SPAN lang=EN-US twffan="done">#!/bin/bash <o:p></o:p></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt" twffan="done"><SPAN lang=EN-US twffan="done">rm -rf /mail/mailbox/$1/$2<o:p></o:p></SPAN></DIV></TD></TR></TBODY></TABLE></DIV> <DIV twffan="done">这2个脚本由web调用,而web(apache)的执行用户为vmail,出于安全考虑,我们给vmail用户的权限非常有限,为了保证这2个 shell脚本能正常执行,需要使用sudo这个工具来完成这个任务。尽管可以使用vi这样的编辑器来修改/etc/sudoers这个配置文件,但还是不及visudo可靠,因为visudo可以对修改的内容做语法检查,如果更改不正确,保存文件是会给出提示。把行"vmail ALL = NOPASSWD: /usr/sbin/maildirmake.sh , /usr/sbin/maildirdel.sh"追加到文件末尾即可!</DIV> <DIV twffan="done">有的时候,在postfixadmin里创建新的邮件帐号,帐号倒是创建成功了,却并没有在指定的位置生成相应的虚拟用户目录,从网上收集的信息来看,这个问题似乎很普遍,我本人也被这个问题困扰过--以vmail 用户手动执行sudo /usr/sbin/maildirdel.sh就能创建目录,用web方式就是不行-实验多次才找出原因,原来是/etc/sudoers里需要把 "Defaults requiretty"这行注释掉。有人可能要问,你怎么知道要这样做呢?答:我是通过看apache日志知道要这样干的。</DIV> <DIV twffan="done">◆<STRONG>邮件病毒检查和垃圾邮件过滤</STRONG> </DIV> <DIV twffan="done">抗病毒使用软件是clamav,安装时一定要用当前的最新版本。垃圾邮件过滤可使用一个名为SpamAssassin的perl模块。通过采用amavisd-new这个容器,可以把clamav和SpamAssassin整合起来。</DIV> <DIV twffan="done"><STRONG>(1)安装配置clamav.</STRONG> </DIV> <DIV twffan="done"> <TABLE class=MsoNormalTable style="BORDER-RIGHT: medium none; BORDER-TOP: medium none; BACKGROUND: rgb(243,243,243) 0% 50%; MARGIN: auto auto auto 5.4pt; BORDER-LEFT: medium none; BORDER-BOTTOM: medium none; BORDER-COLLAPSE: collapse; moz-background-clip: -moz-initial; moz-background-origin: -moz-initial; moz-background-inline-policy: -moz-initial" cellSpacing=0 cellPadding=0 border=1> <TBODY> <TR style="HEIGHT: 31.5pt"> <TD style="BORDER-RIGHT: windowtext 1pt dotted; PADDING-RIGHT: 5.4pt; BORDER-TOP: windowtext 1pt dotted; PADDING-LEFT: 5.4pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: windowtext 1pt dotted; WIDTH: 396pt; PADDING-TOP: 0cm; BORDER-BOTTOM: windowtext 1pt dotted; HEIGHT: 31.5pt; BACKGROUND-COLOR: transparent" vAlign=top width=528> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 10pt; COLOR: black; FONT-FAMILY: 宋体" twffan="done">[root@mailserv2 ~]# useradd clamav<BR>[root@mailserv2 ~]# cd<BR>[root@mailserv2 ~]# cd clamav-0.91.2<BR>[root@mailserv2 ~]# ./configure --prefix=/usr/local/clamav --with-dbdir=/usr/local/share/clamav --disable-zlib-vcheck <BR>[root@mailserv2 ~]# make<BR>[root@mailserv2 ~]# make install</SPAN></DIV></TD></TR></TBODY></TABLE></DIV> <DIV twffan="done">Clamav有2个配置文件,一个主配置文件/usr/local/clamav/etc/clamd.conf,一个病毒更新配置文件/usr/local/clamav/etc/ freshclam.conf。现把修改好的配置文件列于下面:</DIV> <DIV twffan="done"></DIV> <DIV twffan="done"> <TABLE class=MsoNormalTable style="BORDER-RIGHT: medium none; BORDER-TOP: medium none; BACKGROUND: rgb(243,243,243) 0% 50%; MARGIN: auto auto auto 5.4pt; BORDER-LEFT: medium none; BORDER-BOTTOM: medium none; BORDER-COLLAPSE: collapse; moz-background-clip: -moz-initial; moz-background-origin: -moz-initial; moz-background-inline-policy: -moz-initial" cellSpacing=0 cellPadding=0 border=1> <TBODY> <TR style="HEIGHT: 31.5pt"> <TD style="BORDER-RIGHT: windowtext 1pt dotted; PADDING-RIGHT: 5.4pt; BORDER-TOP: windowtext 1pt dotted; PADDING-LEFT: 5.4pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: windowtext 1pt dotted; WIDTH: 396pt; PADDING-TOP: 0cm; BORDER-BOTTOM: windowtext 1pt dotted; HEIGHT: 31.5pt; BACKGROUND-COLOR: transparent" vAlign=top width=528><SPAN lang=EN-US style="FONT-SIZE: 10pt; COLOR: black; FONT-FAMILY: 宋体" twffan="done"> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done"><FONT face="Times New Roman">[root@mailserv2 ~]# <B>more /usr/local/clamav/etc/freshclam.conf | sed -n '/^#/!p'</B><o:p></o:p></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 9pt" twffan="done"><FONT face="Times New Roman"><FONT size=2>DatabaseDirectory /usr/local/share/clamav<o:p></o:p></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 9pt" twffan="done"><FONT face="Times New Roman"><FONT size=2>UpdateLogFile /var/log/clamav/freshclam.log<o:p></o:p></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 9pt" twffan="done"><FONT face="Times New Roman"><FONT size=2>LogVerbose yes<o:p></o:p></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 9pt" twffan="done"><FONT face="Times New Roman"><FONT size=2>LogSyslog yes<o:p></o:p></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 9pt" twffan="done"><FONT face="Times New Roman"><FONT size=2>LogFacility LOG_MAIL<o:p></o:p></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 9pt" twffan="done"><FONT face="Times New Roman"><FONT size=2>DatabaseOwner amavis<o:p></o:p></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 9pt" twffan="done"><FONT face="Times New Roman"><FONT size=2>DatabaseMirror db.CN.clamav.net<o:p></o:p></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 9pt" twffan="done"><o:p><FONT face="Times New Roman" size=2> </FONT></o:p></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 9pt" twffan="done"><FONT face="Times New Roman"><FONT size=2>DatabaseMirror database.clamav.net<o:p></o:p></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done"><FONT face="Times New Roman">[root@mailserv2 ~]# <B>more /usr/local/clamav/etc/clamd.conf | sed -n '/^#/!p'</B><o:p></o:p></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 9pt" twffan="done"><FONT face="Times New Roman"><FONT size=2>LogFile /var/log/clamav/clamd.log<o:p></o:p></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 9pt" twffan="done"><FONT face="Times New Roman"><FONT size=2>LogSyslog yes<o:p></o:p></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 9pt" twffan="done"><FONT face="Times New Roman"><FONT size=2>LogVerbose yes<o:p></o:p></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 9pt" twffan="done"><FONT face="Times New Roman"><FONT size=2>PidFile /var/run/clamav/clamd.pid<o:p></o:p></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 9pt" twffan="done"><FONT face="Times New Roman"><FONT size=2>DatabaseDirectory /usr/local/share/clamav<o:p></o:p></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 9pt" twffan="done"><FONT face="Times New Roman"><FONT size=2>LocalSocket /var/run/clamav/clamd.socket<o:p></o:p></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 9pt" twffan="done"><FONT face="Times New Roman"><FONT size=2>StreamMaxLength <st1:chmetcnv w:st="on" tcsc="0" numbertype="1" negative="False" hasspace="False" sourcevalue="20" unitname="m">20M</st1:chmetcnv><o:p></o:p></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 9pt" twffan="done"><FONT face="Times New Roman"><FONT size=2>User amavis<o:p></o:p></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 9pt" twffan="done"><FONT face="Times New Roman"><FONT size=2>ScanMail yes<o:p></o:p></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 9pt" twffan="done"><FONT face="Times New Roman" size=2>ScanArchive yes</FONT></SPAN></DIV></SPAN></TD></TR></TBODY></TABLE></DIV> <DIV twffan="done">这2个文件有很多注释,我用sed把它过滤掉了。Clamd.conf中,有"User amavis"这样一行。为什么不用默认的用户clamav而使用amavis呢?这样做的目的是为了与amavis-new结合在一起。既然没有这个用户,就手动创建一个(useradd amavis)。接下来需要手动创建一些目录并赋予相应的权限,用来记录日志等用途;我把它作成一个shell脚本,直接执行即可,脚本的内容如下所示:</DIV> <DIV twffan="done"></DIV> <DIV twffan="done"> <TABLE class=MsoNormalTable style="BORDER-RIGHT: medium none; BORDER-TOP: medium none; BACKGROUND: rgb(243,243,243) 0% 50%; MARGIN: auto auto auto 5.4pt; BORDER-LEFT: medium none; BORDER-BOTTOM: medium none; BORDER-COLLAPSE: collapse; moz-background-clip: -moz-initial; moz-background-origin: -moz-initial; moz-background-inline-policy: -moz-initial" cellSpacing=0 cellPadding=0 border=1> <TBODY> <TR style="HEIGHT: 31.5pt"> <TD style="BORDER-RIGHT: windowtext 1pt dotted; PADDING-RIGHT: 5.4pt; BORDER-TOP: windowtext 1pt dotted; PADDING-LEFT: 5.4pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: windowtext 1pt dotted; WIDTH: 396pt; PADDING-TOP: 0cm; BORDER-BOTTOM: windowtext 1pt dotted; HEIGHT: 31.5pt; BACKGROUND-COLOR: transparent" vAlign=top width=528><SPAN lang=EN-US style="FONT-SIZE: 10pt; COLOR: black; FONT-FAMILY: 宋体" twffan="done"> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN twffan="done"><FONT size=3><FONT face="Times New Roman"><SPAN twffan="done"> </SPAN><SPAN lang=EN-US twffan="done">[root@mailserv2 ~]# <B>more<SPAN twffan="done"> </SPAN>/root/clamav.sh</B><o:p></o:p></SPAN></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><FONT face="Times New Roman"><SPAN lang=EN-US twffan="done"><SPAN twffan="done"><FONT size=3> </FONT></SPAN></SPAN><SPAN lang=EN-US style="FONT-SIZE: 9pt" twffan="done">#!/bin/bash<o:p></o:p></SPAN></FONT></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 9pt" twffan="done"><FONT face="Times New Roman"><SPAN twffan="done"> </SPAN># create directory for clamav<o:p></o:p></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt 13.5pt; TEXT-INDENT: -13.5pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 9pt" twffan="done"><FONT face="Times New Roman"><SPAN twffan="done"> </SPAN><SPAN twffan="done"> </SPAN>mkdir /var/log/clamav <BR>chmod -R 744 /var/log/clamav <BR>chown -R amavis:amavis /var/log/clamav <BR>chown -R amavis.amavis /usr/local/share/clamav <BR>mkdir /var/run/clamav <BR>chmod 700 /var/run/clamav <BR>chown amavis.amavis /var/run/clamav</FONT></SPAN></DIV></SPAN></TD></TR></TBODY></TABLE></DIV> <DIV twffan="done">脚本执行成功后,再执行 [root@mailserv2 ~]# /usr/local/clamav/bin/freshclam 手动更新病毒库。</DIV> <DIV twffan="done"><STRONG>(2)安装和配置avamvis-new。</STRONG>解压包amavisd-new-2.5.2.tar.gz,然后把它移动到相关的位置。这里还是用一个脚本来做这个事情,脚本的内容如下:</DIV> <DIV twffan="done"></DIV> <DIV twffan="done"> <TABLE class=MsoNormalTable style="BORDER-RIGHT: medium none; BORDER-TOP: medium none; BACKGROUND: rgb(243,243,243) 0% 50%; MARGIN: auto auto auto 5.4pt; BORDER-LEFT: medium none; BORDER-BOTTOM: medium none; BORDER-COLLAPSE: collapse; moz-background-clip: -moz-initial; moz-background-origin: -moz-initial; moz-background-inline-policy: -moz-initial" cellSpacing=0 cellPadding=0 border=1> <TBODY> <TR style="HEIGHT: 31.5pt"> <TD style="BORDER-RIGHT: windowtext 1pt dotted; PADDING-RIGHT: 5.4pt; BORDER-TOP: windowtext 1pt dotted; PADDING-LEFT: 5.4pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: windowtext 1pt dotted; WIDTH: 396pt; PADDING-TOP: 0cm; BORDER-BOTTOM: windowtext 1pt dotted; HEIGHT: 31.5pt; BACKGROUND-COLOR: transparent" vAlign=top width=528><SPAN lang=EN-US style="FONT-SIZE: 10pt; COLOR: black; FONT-FAMILY: 宋体" twffan="done"><SPAN twffan="done"><FONT size=3><FONT face="Times New Roman"><SPAN twffan="done"> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done">[root@mailserv2 ~]#<B> more /root/amavis.sh<o:p></o:p></B></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><B><SPAN lang=EN-US style="FONT-SIZE: 9pt" twffan="done">#</SPAN></B><SPAN lang=EN-US style="FONT-SIZE: 9pt" twffan="done">!/bin/bash<o:p></o:p></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 9pt" twffan="done">cd /root<o:p></o:p></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 9pt" twffan="done"><FONT color=#0000ff>tar amavisd-new-2.5.2.tar.gz</FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 9pt" twffan="done"></SPAN><SPAN lang=EN-US style="FONT-SIZE: 9pt" twffan="done"><FONT color=#0000ff>cd amavisd-new-2.5.2</FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 9pt" twffan="done"></SPAN><SPAN lang=EN-US style="FONT-SIZE: 9pt" twffan="done">mkdir -p /var/amavis /var/amavis/tmp /var/amavis/var /var/amavis/db <BR>chown -R amavis:amavis /var/amavis <BR>chmod -R 750 /var/amavis <BR>cp amavisd /usr/local/sbin/ <BR>chown root /usr/local/sbin/amavisd <BR>chmod 755 /usr/local/sbin/amavisd <BR>cp amavisd.conf /etc/ <BR>chown root /etc/amavisd.conf <BR>chmod 644 /etc/amavisd.conf<o:p></o:p></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 10.5pt; FONT-FAMILY: " twffan="done" Times New Roman>mkdir /var/virusmails <BR>chown amavis:amavis /var/virusmails <BR>chmod 750 /var/virusmails</SPAN></DIV></SPAN></FONT></FONT></SPAN></SPAN></TD></TR></TBODY></TABLE></DIV> <DIV twffan="done">执行完脚本后别忘记检查一下是否都按我们的意愿工作,如/usr/local/sbin目录是否有文件amavisd。</DIV> <DIV twffan="done">Amavisd的配置文件/etc/amavisd.conf比较复杂,需要修改的内容如下:</DIV> <DIV twffan="done"></DIV> <DIV twffan="done"> <TABLE class=MsoNormalTable style="BORDER-RIGHT: medium none; BORDER-TOP: medium none; BACKGROUND: rgb(243,243,243) 0% 50%; MARGIN: auto auto auto 32.4pt; BORDER-LEFT: medium none; BORDER-BOTTOM: medium none; BORDER-COLLAPSE: collapse; moz-background-clip: -moz-initial; moz-background-origin: -moz-initial; moz-background-inline-policy: -moz-initial" cellSpacing=0 cellPadding=0 border=1> <TBODY> <TR style="HEIGHT: 140.25pt"> <TD style="BORDER-RIGHT: windowtext 1pt dotted; PADDING-RIGHT: 5.4pt; BORDER-TOP: windowtext 1pt dotted; PADDING-LEFT: 5.4pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: windowtext 1pt dotted; WIDTH: 360pt; PADDING-TOP: 0cm; BORDER-BOTTOM: windowtext 1pt dotted; HEIGHT: 140.25pt; BACKGROUND-COLOR: transparent" vAlign=top width=480> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 9pt" twffan="done">$max_servers=8; <BR>$daemon_user = 'amavis'; <BR>$daemon_group = 'amavis'; <BR>$mydomain = 'sery.com'; <BR>$db_home = "$MYHOME/db"; <BR>$inet_socket_port = 10024; <BR>$sa_tag_level_deflt = -100; <BR>$sa_tag2_level_deflt = 6.3; <BR>$sa_kill_level_deflt = $sa_tag2_level_deflt; <BR>$virus_admin = "virusalert@$mydomain"; <BR>$sa_spam_subject_tag = '***SPAM*** '; <BR>$notify_method = $forward_method; <BR>$forward_method = 'smtp:127.0.0.1:10025'; <BR>$final_virus_destiny = D_DISCARD; <BR>$final_banned_destiny = D_DISCARD; <BR>$final_spam_destiny = D_PASS; <BR>['ClamAV-clamd', <BR>&ask_daemon, ["CONTSCAN {}n", "/var/run/clamav/clamd"], <BR>qr/bOK$/, qr/bFOUND$/, <BR>qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ], <o:p></o:p></SPAN></DIV></TD></TR></TBODY></TABLE></DIV> <DIV twffan="done">上述修改确认无误后,执行 [root@mailserv2 ~]# /usr/local/sbin/amavisd debug 测试amavis。一般而言,测试皆不能正常进行,因为所需要的很多perl模块很可能没有被安装。还好,报错信息给出了所需的模块。这时你需要到<A href="http://www.cpan.org/"><A href="http://www.cpan.org/" target=_blank><FONT color=#0000ff>www.cpan.org</FONT></A></A>下载相关的模块,然后安装;也可能遇到包依赖,再下载依赖的包,安装这个依赖,再反回来安装先前那个包,如此反复,很是烦人,极考验人的耐性。等到 /usr/local/sbin/amavisd debug 输出没有错误方才完成。有另外一种方法,即运行 [root@mailserv2 ~]# perl MCPAN -e shell ,然后执行 cpan> install Time::HiRes 这样的命令挨个安装缺少的perl模块。根据我的经验,这样干很耗时,并且有的模块用这种方法安装还不灵,所以还不如在网站下载模块安装有效。下面给出一个perl模块的安装实例:</DIV> <DIV twffan="done"></DIV> <DIV twffan="done"> <TABLE class=MsoNormalTable style="BORDER-RIGHT: medium none; BORDER-TOP: medium none; BACKGROUND: rgb(243,243,243) 0% 50%; MARGIN: auto auto auto 32.4pt; BORDER-LEFT: medium none; BORDER-BOTTOM: medium none; BORDER-COLLAPSE: collapse; moz-background-clip: -moz-initial; moz-background-origin: -moz-initial; moz-background-inline-policy: -moz-initial" cellSpacing=0 cellPadding=0 border=1> <TBODY> <TR style="HEIGHT: 54.75pt"> <TD style="BORDER-RIGHT: windowtext 1pt dotted; PADDING-RIGHT: 5.4pt; BORDER-TOP: windowtext 1pt dotted; PADDING-LEFT: 5.4pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: windowtext 1pt dotted; WIDTH: 360pt; PADDING-TOP: 0cm; BORDER-BOTTOM: windowtext 1pt dotted; HEIGHT: 54.75pt; BACKGROUND-COLOR: transparent" vAlign=top width=480> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done"><FONT size=2>[root@mailserv2 ~]# <B>cd<o:p></o:p></B></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done"><FONT size=2>[root@mailserv2 ~]# <B>tar zxvf BerkeleyDB-0.32.tar.gz</B><o:p></o:p></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done"><FONT size=2>[root@mailserv2 ~]# <B>cd BerkeleyDB-0.32</B><o:p></o:p></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done"><FONT size=2>[root@mailserv2 ~]#<B> perl Makefile.PL</B><o:p></o:p></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done"><FONT size=2>[root@mailserv2 ~]# <B>make<o:p></o:p></B></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done"><FONT size=2>[root@mailserv2 ~]#<B> make install</B></FONT></SPAN></DIV></TD></TR></TBODY></TABLE></DIV>◆<STRONG>Webmail安装配置</STRONG> <DIV twffan="done">可供postfix选择的webmail不是很丰富,通过比较,我选择extmail作为postfix的webmail客户端工具,本来 extmail也包括像postfixadmin这样的web管理工具(extman),因为前面我们已经用了postfixadmin, 这里我只用extmail。</DIV> <DIV twffan="done">下载ExtMail-Solution-Linux-0.1.tar.gz后解压,然后把它移动到目录/var/www/extsuite/extmail。在apache的配置文件httpd.conf末尾追加下面的内容以便用户可以通过web方式访问extmail:</DIV> <DIV twffan="done"></DIV> <TABLE class=MsoNormalTable style="BORDER-RIGHT: medium none; BORDER-TOP: medium none; BACKGROUND: rgb(243,243,243) 0% 50%; MARGIN: auto auto auto 32.4pt; BORDER-LEFT: medium none; BORDER-BOTTOM: medium none; BORDER-COLLAPSE: collapse; moz-background-clip: -moz-initial; moz-background-origin: -moz-initial; moz-background-inline-policy: -moz-initial" cellSpacing=0 cellPadding=0 border=1> <TBODY> <TR style="HEIGHT: 54.75pt"> <TD style="BORDER-RIGHT: windowtext 1pt dotted; PADDING-RIGHT: 5.4pt; BORDER-TOP: windowtext 1pt dotted; PADDING-LEFT: 5.4pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: windowtext 1pt dotted; WIDTH: 360pt; PADDING-TOP: 0cm; BORDER-BOTTOM: windowtext 1pt dotted; HEIGHT: 54.75pt; BACKGROUND-COLOR: transparent" vAlign=top width=480><SPAN lang=EN-US twffan="done"> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><B><SPAN lang=EN-US style="FONT-SIZE: 9pt; COLOR: blue" twffan="done"> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><B style="mso-bidi-font-weight: normal"><SPAN lang=EN-US style="FONT-SIZE: 9pt; COLOR: blue; mso-bidi-font-size: 10.5pt" twffan="done">DirectoryIndex<SPAN style="mso-spacerun: yes" twffan="done"> </SPAN>index.html index.php<SPAN style="mso-spacerun: yes" twffan="done"> </SPAN>index.cgi<o:p></o:p></SPAN></B></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><B style="mso-bidi-font-weight: normal"><SPAN lang=EN-US style="FONT-SIZE: 9pt; COLOR: blue; mso-bidi-font-size: 10.5pt" twffan="done">ScriptAlias /extmail/cgi/<SPAN style="mso-spacerun: yes" twffan="done"> </SPAN>/mail/www/extsuite/extmail/cgi/<o:p></o:p></SPAN><%2</B></DIV></SPAN></B></DIV></SPAN></TD></TR></TBODY></TABLE></DIV></DIV><TEXTAREA id=text467188 style="DISPLAY: none"><DIV>◆<STRONG>Corurier-imap安装配置</STRONG> <DIV twffan="done">Postfix只是实现邮件系统的smtp功能,pop3或imap则需要另外的软件来实现,这个软件就是courier-imap(当然也有别的软件可以选择)。</DIV> <DIV twffan="done"><STRONG>(1)安装courier-imap</STRONG></DIV> <DIV twffan="done"></DIV> <DIV twffan="done"> <TABLE class=MsoNormalTable style="BORDER-RIGHT: medium none; BORDER-TOP: medium none; BACKGROUND: rgb(243,243,243) 0% 50%; MARGIN: auto auto auto 5.4pt; BORDER-LEFT: medium none; BORDER-BOTTOM: medium none; BORDER-COLLAPSE: collapse; moz-background-clip: -moz-initial; moz-background-origin: -moz-initial; moz-background-inline-policy: -moz-initial" cellSpacing=0 cellPadding=0 border=1> <TBODY> <TR style="HEIGHT: 31.5pt"> <TD style="BORDER-RIGHT: windowtext 1pt dotted; PADDING-RIGHT: 5.4pt; BORDER-TOP: windowtext 1pt dotted; PADDING-LEFT: 5.4pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: windowtext 1pt dotted; WIDTH: 396pt; PADDING-TOP: 0cm; BORDER-BOTTOM: windowtext 1pt dotted; HEIGHT: 31.5pt; BACKGROUND-COLOR: transparent" vAlign=top width=528><SPAN lang=EN-US style="FONT-SIZE: 10pt; COLOR: black; FONT-FAMILY: 宋体" twffan="done"> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 10pt; COLOR: black; FONT-FAMILY: 宋体" twffan="done">[root@mailserv2 ~]# <B>cd<?xml:namespace prefix = o /><o:p></o:p></B></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 10pt; COLOR: black; FONT-FAMILY: 宋体" twffan="done">[root@mailserv2 ~]#<B> tar jxvf courier-imap-<?xml:namespace prefix = st1 /><st1:chsdate w:st="on" isrocdate="False" islunardate="False" day="30" month="12" year="1899">4.1.3</st1:chsdate>.tar.bz2<o:p></o:p></B></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 10pt; COLOR: black; FONT-FAMILY: 宋体" twffan="done">[root@mailserv2 ~]# <B>cd courier-imap-<st1:chsdate w:st="on" isrocdate="False" islunardate="False" day="30" month="12" year="1899">4.1.3</st1:chsdate><o:p></o:p></B></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done"><FONT face="Times New Roman">&nbsp;[root@mailserv2courier-imap-<st1:chsdate w:st="on" isrocdate="False" islunardate="False" day="30" month="12" year="1899">4.1.3</st1:chsdate>]#<B>./configure&nbsp; --prefix=/usr/local/imap&nbsp; --with-redhat&nbsp;<o:p></o:p></B></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><B><SPAN lang=EN-US twffan="done"><FONT face="Times New Roman">--disable-root-check&nbsp; --enable-unicode=utf-8,iso-8859-1,gb2312,gbk,gb18030<o:p></o:p></FONT></SPAN></B></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><B><FONT face="Times New Roman"><SPAN lang=EN-US twffan="done">--with-trashquota&nbsp; --with-dirsync </SPAN><I><SPAN lang=EN-US twffan="done">--with-mysql-libs=/usr/local/mysql/lib/mysql --with-mysql-includes=/usr/local/mysql/include/mysql/ --with-authmysql --with-authmysql=yes<o:p></o:p></SPAN></I></FONT></B></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 20pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 10pt; COLOR: black; FONT-FAMILY: 宋体" twffan="done">[root@mailserv2 courier-imap-<st1:chsdate w:st="on" isrocdate="False" islunardate="False" day="30" month="12" year="1899">4.1.3</st1:chsdate>]#<B> make<o:p></o:p></B></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 20pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 10pt; COLOR: black; FONT-FAMILY: 宋体" twffan="done">[root@mailserv2 courier-imap-<st1:chsdate w:st="on" isrocdate="False" islunardate="False" day="30" month="12" year="1899">4.1.3</st1:chsdate>]#<B> make install<o:p></o:p></B></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 20pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 10pt; COLOR: black; FONT-FAMILY: 宋体" twffan="done">[root@mailserv2 courier-imap-<st1:chsdate w:st="on" isrocdate="False" islunardate="False" day="30" month="12" year="1899">4.1.3</st1:chsdate>]#<B> make install-configure<o:p></o:p></B></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"></DIV></SPAN></TD></TR></TBODY></TABLE></DIV> <DIV twffan="done"><STRONG>(2)修改配置文件/usr/local/imap/etc/pop3d及/usr/local/imap/etc/imapd。</STRONG>把/usr/local/imap/etc/pop3d 文件的行"POP3DSTART=NO"改成"POP3DSTART=YES",再依照这个形式把文件 /usr/local/imap/etc/imapd的行"IMAPDSTART=NO"改成"IMAPDSTART=YES"即可。</DIV> <DIV twffan="done"><STRONG>(3)复制文件 courier-imap.sysvinit到目录/usr/local/imap/sbin,</STRONG>以便于启动imap的守护进程。</DIV> <DIV twffan="done">[root@mailserv2 courier-imap-4.1.3]# cp courier-imap.sysvinit /usr/local/imap/sbin/imapd</DIV> <DIV twffan="done"><STRONG>(4)测试imap服务。</STRONG></DIV> <DIV twffan="done">[root@mailserv2 courier-imap-4.1.3]# /usr/local/imap/sbin/imapd&nbsp; start<BR>Starting Courier-IMAP server: imap pop3</DIV> <DIV twffan="done"><STRONG>◆安装courier-maildrop</STRONG> </DIV> <DIV twffan="done">Maiidrop的作用是本地投递,即把收到的邮件移动到相应的用户目录。在前面配置postfix的时候,我们已经把与maildrop相关的东西写进文件/etc/postfix/master.cf了,因此这里就不再叙述。前面的步骤我们也提到过pcre 这个软件,它是安装maildrop所必须的,所以需要先安装这个软件(如果系统不存在这个软件的话)。</DIV> <DIV twffan="done"></DIV> <DIV twffan="done"> <TABLE class=MsoNormalTable style="BORDER-RIGHT: medium none; BORDER-TOP: medium none; BACKGROUND: rgb(243,243,243) 0% 50%; MARGIN: auto auto auto 5.4pt; BORDER-LEFT: medium none; BORDER-BOTTOM: medium none; BORDER-COLLAPSE: collapse; moz-background-clip: -moz-initial; moz-background-origin: -moz-initial; moz-background-inline-policy: -moz-initial" cellSpacing=0 cellPadding=0 border=1> <TBODY> <TR style="HEIGHT: 31.5pt"> <TD style="BORDER-RIGHT: windowtext 1pt dotted; PADDING-RIGHT: 5.4pt; BORDER-TOP: windowtext 1pt dotted; PADDING-LEFT: 5.4pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: windowtext 1pt dotted; WIDTH: 396pt; PADDING-TOP: 0cm; BORDER-BOTTOM: windowtext 1pt dotted; HEIGHT: 31.5pt; BACKGROUND-COLOR: transparent" vAlign=top width=528><SPAN lang=EN-US style="FONT-SIZE: 10pt; COLOR: black; FONT-FAMILY: 宋体" twffan="done"><SPAN lang=EN-US twffan="done"><FONT face="Times New Roman"></FONT> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21.75pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done"><FONT face="Times New Roman"><FONT size=3>[root@mailserv2 courier-imap-<st1:chsdate w:st="on" isrocdate="False" islunardate="False" day="30" month="12" year="1899">4.1.3</st1:chsdate>]#<B> cd<o:p></o:p></B></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21.75pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done"><FONT face="Times New Roman"><FONT size=3>[root@mailserv2 courier-imap-<st1:chsdate w:st="on" isrocdate="False" islunardate="False" day="30" month="12" year="1899">4.1.3</st1:chsdate>]#<B> tar jxvf pcre-7.2.tar.bz2</B><o:p></o:p></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21.75pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done"><FONT face="Times New Roman"><FONT size=3>[root@mailserv2 courier-imap-<st1:chsdate w:st="on" isrocdate="False" islunardate="False" day="30" month="12" year="1899">4.1.3</st1:chsdate>]# <B>cd pcre-7.2<o:p></o:p></B></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21.75pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done"><FONT face="Times New Roman"><FONT size=3>[root@mailserv2 courier-imap-<st1:chsdate w:st="on" isrocdate="False" islunardate="False" day="30" month="12" year="1899">4.1.3</st1:chsdate>]# <B>./configure<o:p></o:p></B></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21.75pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done"><FONT face="Times New Roman"><FONT size=3>[root@mailserv2 courier-imap-<st1:chsdate w:st="on" isrocdate="False" islunardate="False" day="30" month="12" year="1899">4.1.3</st1:chsdate>]# <B>make</B><o:p></o:p></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21.75pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done"><FONT face="Times New Roman"><FONT size=3>[root@mailserv2 courier-imap-<st1:chsdate w:st="on" isrocdate="False" islunardate="False" day="30" month="12" year="1899">4.1.3</st1:chsdate>]# <B>make install<o:p></o:p></B></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><FONT face="Times New Roman"><FONT size=3><SPAN style="FONT-FAMILY: 宋体" twffan="done">//安装</SPAN><SPAN lang=EN-US twffan="done">pcre</SPAN><SPAN style="FONT-FAMILY: 宋体" twffan="done">应该是非常容易的事情,片刻之间就可搞定,接下来安装</SPAN><SPAN lang=EN-US twffan="done">maildrop.</SPAN><SPAN style="FONT-FAMILY: 宋体" twffan="done">在执行配置过程中,需要很多选项,不要疏漏。</SPAN><SPAN lang=EN-US twffan="done"><o:p></o:p></SPAN></FONT></FONT></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21.75pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done"><FONT face="Times New Roman"><FONT size=3>[root@mailserv2 pcre-7.2]# <B>cd<o:p></o:p></B></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21.75pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done"><FONT face="Times New Roman"><FONT size=3>[root@mailserv2 pcre-7.2]# <B>tar jxvf maildrop-<st1:chsdate w:st="on" isrocdate="False" islunardate="False" day="30" month="12" year="1899">2.0.4</st1:chsdate>.tar.bz2</B><o:p></o:p></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21.75pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done"><FONT face="Times New Roman"><FONT size=3>[root@mailserv2 pcre-7.2]# <B>cd maildrop-<st1:chsdate w:st="on" isrocdate="False" islunardate="False" day="30" month="12" year="1899">2.0.4</st1:chsdate></B><o:p></o:p></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21.75pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done"><FONT face="Times New Roman"><FONT size=3>[root@mailserv2 maildrop-<st1:chsdate w:st="on" isrocdate="False" islunardate="False" day="30" month="12" year="1899">2.0.4</st1:chsdate>]# <B>./configure&nbsp; --prefix=/usr/local/maildrop&nbsp; --enable-<o:p></o:p></B></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><FONT face="Times New Roman"><B><SPAN lang=EN-US twffan="done"><FONT size=3>sendmail=/usr/sbin/sendmail&nbsp;--enable-trusted-users='root&nbsp;vmail'&nbsp; --enable-syslog=1&nbsp; <o:p></o:p></FONT></SPAN></B></FONT></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><FONT face="Times New Roman"><B><SPAN lang=EN-US twffan="done"><FONT size=3>--enable-maildirquota&nbsp; --enable-maildrop-uid=1001&nbsp; --enable-maildrop-gid=1001&nbsp; --with<o:p></o:p></FONT></SPAN></B></FONT></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><FONT face="Times New Roman"><B><SPAN lang=EN-US twffan="done"><FONT size=3>-trashquota&nbsp;--with-dirsync<o:p></o:p></FONT></SPAN></B></FONT></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21.75pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done"><FONT face="Times New Roman"><FONT size=3>[root@mailserv2 maildrop-<st1:chsdate w:st="on" isrocdate="False" islunardate="False" day="30" month="12" year="1899">2.0.4</st1:chsdate>]# <B>make<o:p></o:p></B></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21.75pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done"><FONT face="Times New Roman"><FONT size=3>[root@mailserv2 maildrop-<st1:chsdate w:st="on" isrocdate="False" islunardate="False" day="30" month="12" year="1899">2.0.4</st1:chsdate>]# <B>make install<o:p></o:p></B></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21.75pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done"><FONT face="Times New Roman"><FONT size=3>[root@mailserv2 maildrop-<st1:chsdate w:st="on" isrocdate="False" islunardate="False" day="30" month="12" year="1899">2.0.4</st1:chsdate>]# <B>cp&nbsp;/usr/local/maildrop/bin/maildrop&nbsp;/usr/bin<o:p></o:p></B></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21.75pt; TEXT-ALIGN: left" align=left twffan="done"></DIV></SPAN></SPAN></TD></TR></TBODY></TABLE></DIV> <DIV twffan="done">下面的命令简单验证maildrop</DIV> <DIV twffan="done"></DIV> <DIV twffan="done"> <TABLE class=MsoNormalTable style="BORDER-RIGHT: medium none; BORDER-TOP: medium none; BACKGROUND: rgb(243,243,243) 0% 50%; MARGIN: auto auto auto 5.4pt; BORDER-LEFT: medium none; BORDER-BOTTOM: medium none; BORDER-COLLAPSE: collapse; moz-background-clip: -moz-initial; moz-background-origin: -moz-initial; moz-background-inline-policy: -moz-initial" cellSpacing=0 cellPadding=0 border=1> <TBODY> <TR style="HEIGHT: 31.5pt"> <TD style="BORDER-RIGHT: windowtext 1pt dotted; PADDING-RIGHT: 5.4pt; BORDER-TOP: windowtext 1pt dotted; PADDING-LEFT: 5.4pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: windowtext 1pt dotted; WIDTH: 396pt; PADDING-TOP: 0cm; BORDER-BOTTOM: windowtext 1pt dotted; HEIGHT: 31.5pt; BACKGROUND-COLOR: transparent" vAlign=top width=528><SPAN lang=EN-US style="FONT-SIZE: 10pt; COLOR: black; FONT-FAMILY: 宋体" twffan="done"> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21.75pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done"><FONT size=3><FONT face="Times New Roman">[root@mailserv2 ~]# <B>maildrop –v</B><o:p></o:p></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21.75pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done"><FONT size=3><FONT face="Times New Roman">maildro<st1:chsdate w:st="on" isrocdate="False" islunardate="False" day="30" month="12" year="1899">p 2.0.4</st1:chsdate> Copyright 1998-2005 Double Precision, Inc.<o:p></o:p></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21.75pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done"><FONT size=3><FONT face="Times New Roman">GDBM extensions enabled.<o:p></o:p></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21.75pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done"><FONT size=3><FONT face="Times New Roman">Courier Authentication Library extension enabled.<o:p></o:p></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21.75pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done"><FONT size=3><FONT face="Times New Roman">Maildir quota extension enabled.<o:p></o:p></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21.75pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done"><FONT size=3><FONT face="Times New Roman">This program is distributed under the terms of the GNU General Public<o:p></o:p></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21.75pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done"><FONT size=3><FONT face="Times New Roman">License. See COPYING for additional information.</FONT></FONT></SPAN></DIV></SPAN></TD></TR></TBODY></TABLE></DIV> <DIV twffan="done">输出内容一定要有"Courier Authentication Library extension enabled"这一行。如果没有这个输出,那是非常不幸的事情了,返回去挨个排错吧。那么这个"Courier Authentication Library extension enabled"是怎么一回事呢?这表明maildrop已经和前面我们安装配置的SASL和courier-authlib紧密结合在一起了。</DIV> <DIV twffan="done">知道maildrop把邮件移动到哪个用户目录还是非常有必要的,这个操作就是maildrop的日志记录。这里我们创建一个新文件/etc/maildroprc,这个文件就2行内容:</DIV> <DIV twffan="done"></DIV> <DIV twffan="done"> <TABLE class=MsoNormalTable style="BORDER-RIGHT: medium none; BORDER-TOP: medium none; BACKGROUND: rgb(243,243,243) 0% 50%; MARGIN: auto auto auto 23.4pt; BORDER-LEFT: medium none; BORDER-BOTTOM: medium none; BORDER-COLLAPSE: collapse; moz-background-clip: -moz-initial; moz-background-origin: -moz-initial; moz-background-inline-policy: -moz-initial" cellSpacing=0 cellPadding=0 border=1> <TBODY> <TR style="HEIGHT: 30.75pt"> <TD style="BORDER-RIGHT: windowtext 1pt dotted; PADDING-RIGHT: 5.4pt; BORDER-TOP: windowtext 1pt dotted; PADDING-LEFT: 5.4pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: windowtext 1pt dotted; WIDTH: 360pt; PADDING-TOP: 0cm; BORDER-BOTTOM: windowtext 1pt dotted; HEIGHT: 30.75pt; BACKGROUND-COLOR: transparent" vAlign=top width=480> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done">[root@mailserv2 mailbox]# <B>more /etc/maildroprc</B> <o:p></o:p></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done">logfile "/var/mailbox/maildrop.log"<SPAN twffan="done">&nbsp; </SPAN><o:p></o:p></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done">to "$HOME/$DEFAULT"<o:p></o:p></SPAN></DIV></TD></TR></TBODY></TABLE></DIV> <DIV twffan="done">我们来看一个正常运行的postfix邮件系统的maildrop日志,就会对maildrop有更清楚的认识。</DIV> <DIV twffan="done"></DIV> <DIV twffan="done"> <TABLE class=MsoNormalTable style="BORDER-RIGHT: medium none; BORDER-TOP: medium none; BACKGROUND: rgb(243,243,243) 0% 50%; MARGIN: auto auto auto 23.4pt; BORDER-LEFT: medium none; BORDER-BOTTOM: medium none; BORDER-COLLAPSE: collapse; moz-background-clip: -moz-initial; moz-background-origin: -moz-initial; moz-background-inline-policy: -moz-initial" cellSpacing=0 cellPadding=0 border=1> <TBODY> <TR style="HEIGHT: 70.5pt"> <TD style="BORDER-RIGHT: windowtext 1pt dotted; PADDING-RIGHT: 5.4pt; BORDER-TOP: windowtext 1pt dotted; PADDING-LEFT: 5.4pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: windowtext 1pt dotted; WIDTH: 387pt; PADDING-TOP: 0cm; BORDER-BOTTOM: windowtext 1pt dotted; HEIGHT: 70.5pt; BACKGROUND-COLOR: transparent" vAlign=top width=516> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done">[root@mailserv2 mailbox]# tail<SPAN twffan="done">&nbsp; </SPAN>maildrop.log <o:p></o:p></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done">Date: Sat Oct<SPAN twffan="done">&nbsp; </SPAN>6 12:45:20 2007<o:p></o:p></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done">From: "Saundra Y. Echols" &lt;<A href="mailto:saundra@MS13.HINET.NET"><FONT color=#0000ff>saundra@MS13.HINET.NET</FONT></A>&gt;<o:p></o:p></SAUNDRA@MS13.HINET.NET></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done">Subj: No girls laugh at me now, haha, i laugh at them<o:p></o:p></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done">File: /mail/mailbox//sery.com/magazine/<SPAN twffan="done">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; </SPAN><SPAN twffan="done">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</SPAN>(3355)<o:p></o:p></SPAN></DIV></TD></TR></TBODY></TABLE>上面的日志表明收到一封来自<A href="mailto:Saundra@ms13.hinet.net"><A href="mailto:Saundra@ms13.hinet.net"><FONT color=#0000ff>Saundra@ms13.hinet.net</FONT></A></A>的信,maildrop把邮件移动到目录/mail/mailbox/sery.com/magazine。 </DIV> <DIV twffan="done">很可惜maidrop没有创建和删除邮件用户目录的能力,在配置postfixadmin时,我们提到需要使用2个shell脚本 /usr/sbin/maildirdel.sh及/usr/sbin/maildirmake.sh,这2个脚本的作用就是用来弥补maildrop不能创建/删除目录这个缺陷的。</DIV> <DIV twffan="done"></DIV> <DIV twffan="done"> <TABLE class=MsoNormalTable style="BORDER-RIGHT: medium none; BORDER-TOP: medium none; BACKGROUND: rgb(243,243,243) 0% 50%; MARGIN: auto auto auto 23.4pt; BORDER-LEFT: medium none; BORDER-BOTTOM: medium none; BORDER-COLLAPSE: collapse; moz-background-clip: -moz-initial; moz-background-origin: -moz-initial; moz-background-inline-policy: -moz-initial" cellSpacing=0 cellPadding=0 border=1> <TBODY> <TR style="HEIGHT: 54.75pt"> <TD style="BORDER-RIGHT: windowtext 1pt dotted; PADDING-RIGHT: 5.4pt; BORDER-TOP: windowtext 1pt dotted; PADDING-LEFT: 5.4pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: windowtext 1pt dotted; WIDTH: 387pt; PADDING-TOP: 0cm; BORDER-BOTTOM: windowtext 1pt dotted; HEIGHT: 54.75pt; BACKGROUND-COLOR: transparent" vAlign=top width=516> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt" twffan="done"><SPAN lang=EN-US twffan="done">[root@mailserv2 ~]# <B>more /usr/sbin/maildirmake.sh</B> <o:p></o:p></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt" twffan="done"><SPAN lang=EN-US twffan="done">#!/bin/bash <o:p></o:p></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt" twffan="done"><SPAN lang=EN-US twffan="done">set -e <o:p></o:p></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt" twffan="done"><SPAN lang=EN-US twffan="done">if [ ! -d /var/mailbox/$1 ] <o:p></o:p></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt" twffan="done"><SPAN lang=EN-US twffan="done">then <o:p></o:p></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt" twffan="done"><SPAN lang=EN-US twffan="done">mkdir /var/mailbox/$1 <o:p></o:p></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt" twffan="done"><SPAN lang=EN-US twffan="done">fi<SPAN twffan="done">&nbsp; </SPAN><o:p></o:p></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt" twffan="done"><SPAN lang=EN-US twffan="done">chown -R vmail:vmail /var/mailbox/$1 <o:p></o:p></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt" twffan="done"><SPAN lang=EN-US twffan="done">cd "/var/mailbox/$1" <o:p></o:p></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt" twffan="done"><SPAN lang=EN-US twffan="done">/usr/local/imap/bin/maildirmake $2 <o:p></o:p></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt" twffan="done"><SPAN lang=EN-US twffan="done">mkdir /var/mailbox/$1/$2/Maildir<o:p></o:p></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt" twffan="done"><SPAN lang=EN-US twffan="done">chown -R vmail:vmail /var/mailbox/$1/$2<o:p></o:p></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt" twffan="done"><SPAN lang=EN-US twffan="done"><o:p>&nbsp;</o:p></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt" twffan="done"><SPAN lang=EN-US twffan="done">[root@mailserv2 ~]# <B>more /usr/sbin/maildirdel.sh</B> <o:p></o:p></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt" twffan="done"><SPAN lang=EN-US twffan="done">#!/bin/bash <o:p></o:p></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt" twffan="done"><SPAN lang=EN-US twffan="done">rm -rf /mail/mailbox/$1/$2<o:p></o:p></SPAN></DIV></TD></TR></TBODY></TABLE></DIV> <DIV twffan="done">这2个脚本由web调用,而web(apache)的执行用户为vmail,出于安全考虑,我们给vmail用户的权限非常有限,为了保证这2个 shell脚本能正常执行,需要使用sudo这个工具来完成这个任务。尽管可以使用vi这样的编辑器来修改/etc/sudoers这个配置文件,但还是不及visudo可靠,因为visudo可以对修改的内容做语法检查,如果更改不正确,保存文件是会给出提示。把行"vmail ALL = NOPASSWD: /usr/sbin/maildirmake.sh , /usr/sbin/maildirdel.sh"追加到文件末尾即可!</DIV> <DIV twffan="done">有的时候,在postfixadmin里创建新的邮件帐号,帐号倒是创建成功了,却并没有在指定的位置生成相应的虚拟用户目录,从网上收集的信息来看,这个问题似乎很普遍,我本人也被这个问题困扰过--以vmail 用户手动执行sudo /usr/sbin/maildirdel.sh就能创建目录,用web方式就是不行-实验多次才找出原因,原来是/etc/sudoers里需要把 "Defaults&nbsp;&nbsp;&nbsp; requiretty"这行注释掉。有人可能要问,你怎么知道要这样做呢?答:我是通过看apache日志知道要这样干的。</DIV> <DIV twffan="done">◆<STRONG>邮件病毒检查和垃圾邮件过滤</STRONG> </DIV> <DIV twffan="done">抗病毒使用软件是clamav,安装时一定要用当前的最新版本。垃圾邮件过滤可使用一个名为SpamAssassin的perl模块。通过采用amavisd-new这个容器,可以把clamav和SpamAssassin整合起来。</DIV> <DIV twffan="done"><STRONG>(1)安装配置clamav.</STRONG> </DIV> <DIV twffan="done"> <TABLE class=MsoNormalTable style="BORDER-RIGHT: medium none; BORDER-TOP: medium none; BACKGROUND: rgb(243,243,243) 0% 50%; MARGIN: auto auto auto 5.4pt; BORDER-LEFT: medium none; BORDER-BOTTOM: medium none; BORDER-COLLAPSE: collapse; moz-background-clip: -moz-initial; moz-background-origin: -moz-initial; moz-background-inline-policy: -moz-initial" cellSpacing=0 cellPadding=0 border=1> <TBODY> <TR style="HEIGHT: 31.5pt"> <TD style="BORDER-RIGHT: windowtext 1pt dotted; PADDING-RIGHT: 5.4pt; BORDER-TOP: windowtext 1pt dotted; PADDING-LEFT: 5.4pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: windowtext 1pt dotted; WIDTH: 396pt; PADDING-TOP: 0cm; BORDER-BOTTOM: windowtext 1pt dotted; HEIGHT: 31.5pt; BACKGROUND-COLOR: transparent" vAlign=top width=528> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 10pt; COLOR: black; FONT-FAMILY: 宋体" twffan="done">[root@mailserv2 ~]# useradd clamav<BR>[root@mailserv2 ~]# cd<BR>[root@mailserv2 ~]# cd clamav-0.91.2<BR>[root@mailserv2 ~]# ./configure --prefix=/usr/local/clamav --with-dbdir=/usr/local/share/clamav --disable-zlib-vcheck <BR>[root@mailserv2 ~]# make<BR>[root@mailserv2 ~]# make install</SPAN></DIV></TD></TR></TBODY></TABLE></DIV> <DIV twffan="done">Clamav有2个配置文件,一个主配置文件/usr/local/clamav/etc/clamd.conf,一个病毒更新配置文件/usr/local/clamav/etc/ freshclam.conf。现把修改好的配置文件列于下面:</DIV> <DIV twffan="done"></DIV> <DIV twffan="done"> <TABLE class=MsoNormalTable style="BORDER-RIGHT: medium none; BORDER-TOP: medium none; BACKGROUND: rgb(243,243,243) 0% 50%; MARGIN: auto auto auto 5.4pt; BORDER-LEFT: medium none; BORDER-BOTTOM: medium none; BORDER-COLLAPSE: collapse; moz-background-clip: -moz-initial; moz-background-origin: -moz-initial; moz-background-inline-policy: -moz-initial" cellSpacing=0 cellPadding=0 border=1> <TBODY> <TR style="HEIGHT: 31.5pt"> <TD style="BORDER-RIGHT: windowtext 1pt dotted; PADDING-RIGHT: 5.4pt; BORDER-TOP: windowtext 1pt dotted; PADDING-LEFT: 5.4pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: windowtext 1pt dotted; WIDTH: 396pt; PADDING-TOP: 0cm; BORDER-BOTTOM: windowtext 1pt dotted; HEIGHT: 31.5pt; BACKGROUND-COLOR: transparent" vAlign=top width=528><SPAN lang=EN-US style="FONT-SIZE: 10pt; COLOR: black; FONT-FAMILY: 宋体" twffan="done"> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done"><FONT face="Times New Roman">[root@mailserv2 ~]# <B>more /usr/local/clamav/etc/freshclam.conf | sed -n '/^#/!p'</B><o:p></o:p></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 9pt" twffan="done"><FONT face="Times New Roman"><FONT size=2>DatabaseDirectory /usr/local/share/clamav<o:p></o:p></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 9pt" twffan="done"><FONT face="Times New Roman"><FONT size=2>UpdateLogFile /var/log/clamav/freshclam.log<o:p></o:p></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 9pt" twffan="done"><FONT face="Times New Roman"><FONT size=2>LogVerbose yes<o:p></o:p></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 9pt" twffan="done"><FONT face="Times New Roman"><FONT size=2>LogSyslog yes<o:p></o:p></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 9pt" twffan="done"><FONT face="Times New Roman"><FONT size=2>LogFacility LOG_MAIL<o:p></o:p></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 9pt" twffan="done"><FONT face="Times New Roman"><FONT size=2>DatabaseOwner amavis<o:p></o:p></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 9pt" twffan="done"><FONT face="Times New Roman"><FONT size=2>DatabaseMirror db.CN.clamav.net<o:p></o:p></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 9pt" twffan="done"><o:p><FONT face="Times New Roman" size=2>&nbsp;</FONT></o:p></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 9pt" twffan="done"><FONT face="Times New Roman"><FONT size=2>DatabaseMirror database.clamav.net<o:p></o:p></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done"><FONT face="Times New Roman">[root@mailserv2 ~]# <B>more /usr/local/clamav/etc/clamd.conf | sed -n '/^#/!p'</B><o:p></o:p></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 9pt" twffan="done"><FONT face="Times New Roman"><FONT size=2>LogFile /var/log/clamav/clamd.log<o:p></o:p></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 9pt" twffan="done"><FONT face="Times New Roman"><FONT size=2>LogSyslog yes<o:p></o:p></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 9pt" twffan="done"><FONT face="Times New Roman"><FONT size=2>LogVerbose yes<o:p></o:p></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 9pt" twffan="done"><FONT face="Times New Roman"><FONT size=2>PidFile /var/run/clamav/clamd.pid<o:p></o:p></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 9pt" twffan="done"><FONT face="Times New Roman"><FONT size=2>DatabaseDirectory /usr/local/share/clamav<o:p></o:p></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 9pt" twffan="done"><FONT face="Times New Roman"><FONT size=2>LocalSocket /var/run/clamav/clamd.socket<o:p></o:p></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 9pt" twffan="done"><FONT face="Times New Roman"><FONT size=2>StreamMaxLength <st1:chmetcnv w:st="on" tcsc="0" numbertype="1" negative="False" hasspace="False" sourcevalue="20" unitname="m">20M</st1:chmetcnv><o:p></o:p></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 9pt" twffan="done"><FONT face="Times New Roman"><FONT size=2>User amavis<o:p></o:p></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 9pt" twffan="done"><FONT face="Times New Roman"><FONT size=2>ScanMail yes<o:p></o:p></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 9pt" twffan="done"><FONT face="Times New Roman" size=2>ScanArchive yes</FONT></SPAN></DIV></SPAN></TD></TR></TBODY></TABLE></DIV> <DIV twffan="done">这2个文件有很多注释,我用sed把它过滤掉了。Clamd.conf中,有"User amavis"这样一行。为什么不用默认的用户clamav而使用amavis呢?这样做的目的是为了与amavis-new结合在一起。既然没有这个用户,就手动创建一个(useradd amavis)。接下来需要手动创建一些目录并赋予相应的权限,用来记录日志等用途;我把它作成一个shell脚本,直接执行即可,脚本的内容如下所示:</DIV> <DIV twffan="done"></DIV> <DIV twffan="done"> <TABLE class=MsoNormalTable style="BORDER-RIGHT: medium none; BORDER-TOP: medium none; BACKGROUND: rgb(243,243,243) 0% 50%; MARGIN: auto auto auto 5.4pt; BORDER-LEFT: medium none; BORDER-BOTTOM: medium none; BORDER-COLLAPSE: collapse; moz-background-clip: -moz-initial; moz-background-origin: -moz-initial; moz-background-inline-policy: -moz-initial" cellSpacing=0 cellPadding=0 border=1> <TBODY> <TR style="HEIGHT: 31.5pt"> <TD style="BORDER-RIGHT: windowtext 1pt dotted; PADDING-RIGHT: 5.4pt; BORDER-TOP: windowtext 1pt dotted; PADDING-LEFT: 5.4pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: windowtext 1pt dotted; WIDTH: 396pt; PADDING-TOP: 0cm; BORDER-BOTTOM: windowtext 1pt dotted; HEIGHT: 31.5pt; BACKGROUND-COLOR: transparent" vAlign=top width=528><SPAN lang=EN-US style="FONT-SIZE: 10pt; COLOR: black; FONT-FAMILY: 宋体" twffan="done"> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN twffan="done"><FONT size=3><FONT face="Times New Roman"><SPAN twffan="done">&nbsp;</SPAN><SPAN lang=EN-US twffan="done">[root@mailserv2 ~]# <B>more<SPAN twffan="done">&nbsp; </SPAN>/root/clamav.sh</B><o:p></o:p></SPAN></FONT></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><FONT face="Times New Roman"><SPAN lang=EN-US twffan="done"><SPAN twffan="done"><FONT size=3>&nbsp;&nbsp; </FONT></SPAN></SPAN><SPAN lang=EN-US style="FONT-SIZE: 9pt" twffan="done">#!/bin/bash<o:p></o:p></SPAN></FONT></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 9pt" twffan="done"><FONT face="Times New Roman"><SPAN twffan="done">&nbsp;&nbsp; </SPAN># create directory for clamav<o:p></o:p></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt 13.5pt; TEXT-INDENT: -13.5pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 9pt" twffan="done"><FONT face="Times New Roman"><SPAN twffan="done">&nbsp;&nbsp; </SPAN><SPAN twffan="done">&nbsp;</SPAN>mkdir&nbsp;/var/log/clamav <BR>chmod&nbsp;-R&nbsp;744&nbsp;/var/log/clamav <BR>chown&nbsp;-R&nbsp;amavis:amavis&nbsp;/var/log/clamav <BR>chown&nbsp;-R&nbsp;amavis.amavis&nbsp;/usr/local/share/clamav <BR>mkdir&nbsp;/var/run/clamav <BR>chmod&nbsp;700&nbsp;/var/run/clamav <BR>chown&nbsp;amavis.amavis&nbsp;/var/run/clamav</FONT></SPAN></DIV></SPAN></TD></TR></TBODY></TABLE></DIV> <DIV twffan="done">脚本执行成功后,再执行 [root@mailserv2 ~]# /usr/local/clamav/bin/freshclam 手动更新病毒库。</DIV> <DIV twffan="done"><STRONG>(2)安装和配置avamvis-new。</STRONG>解压包amavisd-new-2.5.2.tar.gz,然后把它移动到相关的位置。这里还是用一个脚本来做这个事情,脚本的内容如下:</DIV> <DIV twffan="done"></DIV> <DIV twffan="done"> <TABLE class=MsoNormalTable style="BORDER-RIGHT: medium none; BORDER-TOP: medium none; BACKGROUND: rgb(243,243,243) 0% 50%; MARGIN: auto auto auto 5.4pt; BORDER-LEFT: medium none; BORDER-BOTTOM: medium none; BORDER-COLLAPSE: collapse; moz-background-clip: -moz-initial; moz-background-origin: -moz-initial; moz-background-inline-policy: -moz-initial" cellSpacing=0 cellPadding=0 border=1> <TBODY> <TR style="HEIGHT: 31.5pt"> <TD style="BORDER-RIGHT: windowtext 1pt dotted; PADDING-RIGHT: 5.4pt; BORDER-TOP: windowtext 1pt dotted; PADDING-LEFT: 5.4pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: windowtext 1pt dotted; WIDTH: 396pt; PADDING-TOP: 0cm; BORDER-BOTTOM: windowtext 1pt dotted; HEIGHT: 31.5pt; BACKGROUND-COLOR: transparent" vAlign=top width=528><SPAN lang=EN-US style="FONT-SIZE: 10pt; COLOR: black; FONT-FAMILY: 宋体" twffan="done"><SPAN twffan="done"><FONT size=3><FONT face="Times New Roman"><SPAN twffan="done"> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done">[root@mailserv2 ~]#<B> more /root/amavis.sh<o:p></o:p></B></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><B><SPAN lang=EN-US style="FONT-SIZE: 9pt" twffan="done">#</SPAN></B><SPAN lang=EN-US style="FONT-SIZE: 9pt" twffan="done">!/bin/bash<o:p></o:p></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 9pt" twffan="done">cd /root<o:p></o:p></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 9pt" twffan="done"><FONT color=#0000ff>tar amavisd-new-2.5.2.tar.gz</FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 9pt" twffan="done"></SPAN><SPAN lang=EN-US style="FONT-SIZE: 9pt" twffan="done"><FONT color=#0000ff>cd&nbsp; amavisd-new-2.5.2</FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 9pt" twffan="done"></SPAN><SPAN lang=EN-US style="FONT-SIZE: 9pt" twffan="done">mkdir&nbsp;-p&nbsp;/var/amavis&nbsp;/var/amavis/tmp&nbsp;/var/amavis/var&nbsp;/var/amavis/db <BR>chown&nbsp;-R&nbsp;amavis:amavis&nbsp;/var/amavis <BR>chmod&nbsp;-R&nbsp;750&nbsp;/var/amavis <BR>cp&nbsp;amavisd&nbsp;/usr/local/sbin/ <BR>chown&nbsp;root&nbsp;/usr/local/sbin/amavisd <BR>chmod&nbsp;755&nbsp;/usr/local/sbin/amavisd <BR>cp&nbsp;amavisd.conf&nbsp;/etc/ <BR>chown&nbsp;root&nbsp;/etc/amavisd.conf <BR>chmod&nbsp;644&nbsp;/etc/amavisd.conf<o:p></o:p></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 10.5pt; FONT-FAMILY: " twffan="done" Times New Roman>mkdir&nbsp;/var/virusmails <BR>chown&nbsp;amavis:amavis&nbsp;/var/virusmails <BR>chmod&nbsp;750&nbsp;/var/virusmails</SPAN></DIV></SPAN></FONT></FONT></SPAN></SPAN></TD></TR></TBODY></TABLE></DIV> <DIV twffan="done">执行完脚本后别忘记检查一下是否都按我们的意愿工作,如/usr/local/sbin目录是否有文件amavisd。</DIV> <DIV twffan="done">Amavisd的配置文件/etc/amavisd.conf比较复杂,需要修改的内容如下:</DIV> <DIV twffan="done"></DIV> <DIV twffan="done"> <TABLE class=MsoNormalTable style="BORDER-RIGHT: medium none; BORDER-TOP: medium none; BACKGROUND: rgb(243,243,243) 0% 50%; MARGIN: auto auto auto 32.4pt; BORDER-LEFT: medium none; BORDER-BOTTOM: medium none; BORDER-COLLAPSE: collapse; moz-background-clip: -moz-initial; moz-background-origin: -moz-initial; moz-background-inline-policy: -moz-initial" cellSpacing=0 cellPadding=0 border=1> <TBODY> <TR style="HEIGHT: 140.25pt"> <TD style="BORDER-RIGHT: windowtext 1pt dotted; PADDING-RIGHT: 5.4pt; BORDER-TOP: windowtext 1pt dotted; PADDING-LEFT: 5.4pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: windowtext 1pt dotted; WIDTH: 360pt; PADDING-TOP: 0cm; BORDER-BOTTOM: windowtext 1pt dotted; HEIGHT: 140.25pt; BACKGROUND-COLOR: transparent" vAlign=top width=480> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US style="FONT-SIZE: 9pt" twffan="done">$max_servers=8;&nbsp; <BR>$daemon_user&nbsp;=&nbsp;'amavis'; <BR>$daemon_group&nbsp;=&nbsp;'amavis'; <BR>$mydomain&nbsp;=&nbsp;'sery.com'; <BR>$db_home&nbsp;=&nbsp;"$MYHOME/db"; <BR>$inet_socket_port&nbsp;=&nbsp;10024; <BR>$sa_tag_level_deflt&nbsp;=&nbsp;-100;&nbsp; <BR>$sa_tag2_level_deflt&nbsp;=&nbsp;6.3;&nbsp; <BR>$sa_kill_level_deflt&nbsp;=&nbsp;$sa_tag2_level_deflt; <BR>$virus_admin&nbsp;=&nbsp;"virusalert@$mydomain"; <BR>$sa_spam_subject_tag&nbsp;=&nbsp;'***SPAM***&nbsp;'; <BR>$notify_method&nbsp;=&nbsp;$forward_method; <BR>$forward_method&nbsp;=&nbsp;'smtp:127.0.0.1:10025';&nbsp; <BR>$final_virus_destiny&nbsp;=&nbsp;D_DISCARD; <BR>$final_banned_destiny&nbsp;=&nbsp;D_DISCARD; <BR>$final_spam_destiny&nbsp;=&nbsp;D_PASS; <BR>['ClamAV-clamd', <BR>&amp;ask_daemon,&nbsp;["CONTSCAN&nbsp;{}n",&nbsp;"/var/run/clamav/clamd"], <BR>qr/bOK$/,&nbsp;qr/bFOUND$/, <BR>qr/^.*?:&nbsp;(?!Infected&nbsp;Archive)(.*)&nbsp;FOUND$/&nbsp;], <o:p></o:p></SPAN></DIV></TD></TR></TBODY></TABLE></DIV> <DIV twffan="done">上述修改确认无误后,执行 [root@mailserv2 ~]# /usr/local/sbin/amavisd debug 测试amavis。一般而言,测试皆不能正常进行,因为所需要的很多perl模块很可能没有被安装。还好,报错信息给出了所需的模块。这时你需要到<A href="http://www.cpan.org/"><A href="http://www.cpan.org/" target=_blank><FONT color=#0000ff>www.cpan.org</FONT></A></A>下载相关的模块,然后安装;也可能遇到包依赖,再下载依赖的包,安装这个依赖,再反回来安装先前那个包,如此反复,很是烦人,极考验人的耐性。等到 /usr/local/sbin/amavisd debug 输出没有错误方才完成。有另外一种方法,即运行 [root@mailserv2 ~]# perl MCPAN -e shell ,然后执行 cpan&gt; install Time::HiRes 这样的命令挨个安装缺少的perl模块。根据我的经验,这样干很耗时,并且有的模块用这种方法安装还不灵,所以还不如在网站下载模块安装有效。下面给出一个perl模块的安装实例:</DIV> <DIV twffan="done"></DIV> <DIV twffan="done"> <TABLE class=MsoNormalTable style="BORDER-RIGHT: medium none; BORDER-TOP: medium none; BACKGROUND: rgb(243,243,243) 0% 50%; MARGIN: auto auto auto 32.4pt; BORDER-LEFT: medium none; BORDER-BOTTOM: medium none; BORDER-COLLAPSE: collapse; moz-background-clip: -moz-initial; moz-background-origin: -moz-initial; moz-background-inline-policy: -moz-initial" cellSpacing=0 cellPadding=0 border=1> <TBODY> <TR style="HEIGHT: 54.75pt"> <TD style="BORDER-RIGHT: windowtext 1pt dotted; PADDING-RIGHT: 5.4pt; BORDER-TOP: windowtext 1pt dotted; PADDING-LEFT: 5.4pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: windowtext 1pt dotted; WIDTH: 360pt; PADDING-TOP: 0cm; BORDER-BOTTOM: windowtext 1pt dotted; HEIGHT: 54.75pt; BACKGROUND-COLOR: transparent" vAlign=top width=480> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done"><FONT size=2>[root@mailserv2 ~]# <B>cd<o:p></o:p></B></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done"><FONT size=2>[root@mailserv2 ~]# <B>tar zxvf BerkeleyDB-0.32.tar.gz</B><o:p></o:p></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done"><FONT size=2>[root@mailserv2 ~]# <B>cd BerkeleyDB-0.32</B><o:p></o:p></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done"><FONT size=2>[root@mailserv2 ~]#<B> perl Makefile.PL</B><o:p></o:p></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done"><FONT size=2>[root@mailserv2 ~]# <B>make<o:p></o:p></B></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><SPAN lang=EN-US twffan="done"><FONT size=2>[root@mailserv2 ~]#<B> make install</B></FONT></SPAN></DIV></TD></TR></TBODY></TABLE></DIV>◆<STRONG>Webmail安装配置</STRONG> <DIV twffan="done">可供postfix选择的webmail不是很丰富,通过比较,我选择extmail作为postfix的webmail客户端工具,本来 extmail也包括像postfixadmin这样的web管理工具(extman),因为前面我们已经用了postfixadmin, 这里我只用extmail。</DIV> <DIV twffan="done">下载ExtMail-Solution-Linux-0.1.tar.gz后解压,然后把它移动到目录/var/www/extsuite/extmail。在apache的配置文件httpd.conf末尾追加下面的内容以便用户可以通过web方式访问extmail:</DIV> <DIV twffan="done"></DIV> <TABLE class=MsoNormalTable style="BORDER-RIGHT: medium none; BORDER-TOP: medium none; BACKGROUND: rgb(243,243,243) 0% 50%; MARGIN: auto auto auto 32.4pt; BORDER-LEFT: medium none; BORDER-BOTTOM: medium none; BORDER-COLLAPSE: collapse; moz-background-clip: -moz-initial; moz-background-origin: -moz-initial; moz-background-inline-policy: -moz-initial" cellSpacing=0 cellPadding=0 border=1> <TBODY> <TR style="HEIGHT: 54.75pt"> <TD style="BORDER-RIGHT: windowtext 1pt dotted; PADDING-RIGHT: 5.4pt; BORDER-TOP: windowtext 1pt dotted; PADDING-LEFT: 5.4pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: windowtext 1pt dotted; WIDTH: 360pt; PADDING-TOP: 0cm; BORDER-BOTTOM: windowtext 1pt dotted; HEIGHT: 54.75pt; BACKGROUND-COLOR: transparent" vAlign=top width=480><SPAN lang=EN-US twffan="done"> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><B><SPAN lang=EN-US style="FONT-SIZE: 9pt; COLOR: blue" twffan="done"> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><B style="mso-bidi-font-weight: normal"><SPAN lang=EN-US style="FONT-SIZE: 9pt; COLOR: blue; mso-bidi-font-size: 10.5pt" twffan="done">DirectoryIndex<SPAN style="mso-spacerun: yes" twffan="done">&nbsp; </SPAN>index.html index.php<SPAN style="mso-spacerun: yes" twffan="done">&nbsp; </SPAN>index.cgi<o:p></o:p></SPAN></B></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: left" align=left twffan="done"><B style="mso-bidi-font-weight: normal"><SPAN lang=EN-US style="FONT-SIZE: 9pt; COLOR: blue; mso-bidi-font-size: 10.5pt" twffan="done">ScriptAlias /extmail/cgi/<SPAN style="mso-spacerun: yes" twffan="done">&nbsp;&nbsp; </SPAN>/mail/www/extsuite/extmail/cgi/<o:p></o:p></SPAN><%2</TEXTAREA> <SCRIPT language=javascript> <!-- $("art467188").innerHTML=$("text467188").value; //--> </SCRIPT> </TD></TR> <TR height=20> <TD align=right colSpan=3><A class=list1 href="http://blog.chinaunix.net/u/5948/showart_467188.html" target=_blank><FONT style="FONT-SIZE: 10pt" color=#02368d><B><U>查看全文</U></B></FONT></A> </TD></TR> <TR height=20> <TD></TD> <TD align=right colSpan=2>发表于:2008-01-18 ┆ <A class=list1 href="http://blog.chinaunix.net/u/5948/showart_467188.html" target=_blank><U><FONT color=#0000ff>阅读(23)</FONT></U></A> ┆ <A class=list1 href="http://blog.chinaunix.net/u/5948/showart_467188.html" target=_blank><U><FONT color=#0000ff>评论(0)</FONT></U></A> </TD></TR></TBODY></TABLE></TD></TR> <TR> <TD width=7 height=7><IMG alt="" src="http://blog.chinaunix.net/templates/tech/images/w_left_buttom.gif" border=0></TD> <TD bgColor=#f3f3f3></TD> <TD width=7 height=7><IMG alt="" src="http://blog.chinaunix.net/templates/tech/images/w_right_buttom.gif" border=0></TD></TR></TBODY></TABLE><BR> <TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 cellPadding=0 width="96%" border=0> <TBODY> <TR> <TD width=7 height=7><IMG alt="" src="http://blog.chinaunix.net/templates/tech/images/w_left_top.gif" border=0></TD> <TD width="100%" bgColor=#f3f3f3></TD> <TD width=7 height=7><IMG alt="" src="http://blog.chinaunix.net/templates/tech/images/w_right_top.gif" border=0></TD></TR> <TR> <TD align=middle bgColor=#f3f3f3 colSpan=3> <TABLE style="TABLE-LAYOUT: fixed; BORDER-COLLAPSE: collapse; WORD-WRAP: break-word" cellSpacing=0 cellPadding=0 width="100%" bgColor=#f3f3f3 border=0> <TBODY> <TR height=25> <TD align=middle width=25><IMG height=8 alt="" src="http://blog.chinaunix.net/templates/tech/images/dot.gif" width=8 border=0></TD> <TD width="90%"><A class=list1 href="http://blog.chinaunix.net/u/5948/showart_467186.html" target=_blank><FONT style="FONT-SIZE: 10pt" color=#02368d><B><U>Postfix 电子邮件系统精要3</U></B></FONT></A> </TD> <TD align=middle width=25><IMG title=收起 onclick="ShowHideDiv('art467186',this);" alt="" src="http://blog.chinaunix.net/templates/tech/images/dot2.gif" border=0> </TD></TR> <TR> <TD width=25></TD> <TD colSpan=2> <DIV id=art467186 style="MARGIN: 5px; LINE-HEIGHT: 150%"> <DIV> <DIV twffan="done">到这里,postfix的安装配置算是完成了。我们来逐个检查这些服务的正确性,简单的方法就是启动每一个服务,根据服务的运行来掌握各个服务是否正常。为了方便所有服务随开机自动启动,我把它们都加在了文件/etc/rc.local里,这些内容包括: </DIV></DIV></DIV><TEXTAREA id=text467186 style="DISPLAY: none"><DIV> <DIV twffan="done">到这里,postfix的安装配置算是完成了。我们来逐个检查这些服务的正确性,简单的方法就是启动每一个服务,根据服务的运行来掌握各个服务是否正常。为了方便所有服务随开机自动启动,我把它们都加在了文件/etc/rc.local里,这些内容包括: </DIV> <TABLE class=MsoNormalTable style="BORDER-RIGHT: medium none; BORDER-TOP: medium none; BACKGROUND: rgb(243,243,243) 0% 50%; MARGIN: auto auto auto 23.4pt; BORDER-LEFT: medium none; BORDER-BOTTOM: medium none; BORDER-COLLAPSE: collapse; moz-backg……</TEXTAREA> <SCRIPT language=javascript> <!-- $("art467186").innerHTML=$("text467186").value; //--> </SCRIPT> </TD></TR> <TR height=20> <TD align=right colSpan=3><A class=list1 href="http://blog.chinaunix.net/u/5948/showart_467186.html" target=_blank><FONT style="FONT-SIZE: 10pt" color=#02368d><B><U>查看全文</U></B></FONT></A> </TD></TR> <TR height=20> <TD></TD> <TD align=right colSpan=2>发表于:2008-01-18 ┆ <A class=list1 href="http://blog.chinaunix.net/u/5948/showart_467186.html" target=_blank><U><FONT color=#0000ff>阅读(113)</FONT></U></A> ┆ <A class=list1 href="http://blog.chinaunix.net/u/5948/showart_467186.html" target=_blank><U><FONT color=#0000ff>评论(0)</FONT></U></A> </TD></TR></TBODY></TABLE></TD></TR> <TR> <TD width=7 height=7><IMG alt="" src="http://blog.chinaunix.net/templates/tech/images/w_left_buttom.gif" border=0></TD> <TD bgColor=#f3f3f3></TD> <TD width=7 height=7><IMG alt="" src="http://blog.chinaunix.net/templates/tech/images/w_right_buttom.gif" border=0></TD></TR></TBODY></TABLE><BR> <TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 cellPadding=0 width="96%" border=0> <TBODY> <TR> <TD width=7 height=7><IMG alt="" src="http://blog.chinaunix.net/templates/tech/images/w_left_top.gif" border=0></TD> <TD width="100%" bgColor=#f3f3f3></TD> <TD width=7 height=7><IMG alt="" src="http://blog.chinaunix.net/templates/tech/images/w_right_top.gif" border=0></TD></TR> <TR> <TD align=middle bgColor=#f3f3f3 colSpan=3> <TABLE style="TABLE-LAYOUT: fixed; BORDER-COLLAPSE: collapse; WORD-WRAP: break-word" cellSpacing=0 cellPadding=0 width="100%" bgColor=#f3f3f3 border=0> <TBODY> <TR height=25> <TD align=middle width=25><IMG height=8 alt="" src="http://blog.chinaunix.net/templates/tech/images/dot.gif" width=8 border=0></TD> <TD width="90%"><A class=list1 href="http://blog.chinaunix.net/u/5948/showart_467184.html" target=_blank><FONT style="FONT-SIZE: 10pt" color=#02368d><B><U>Postfix 电子邮件系统精要2</U></B></FONT></A> </TD> <TD align=middle width=25><IMG title=收起 onclick="ShowHideDiv('art467184',this);" alt="" src="http://blog.chinaunix.net/templates/tech/images/dot2.gif" border=0> </TD></TR> <TR> <TD width=25></TD> <TD colSpan=2> <DIV id=art467184 style="MARGIN: 5px; LINE-HEIGHT: 150%"> <DIV>◆<STRONG>Corurier-imap安装配置</STRONG> <DIV twffan="done">Postfix只是实现邮件系统的smtp功能,pop3或imap则需要另外的软件来实现,这个软件就是courier-imap(当然也有别的软件可以选择)。</DIV> <DIV twffan="done"><STRONG>(1)安装courier-imap</STRONG></DIV> <DIV twffan="done"></DIV> <DIV twffan="done"></DIV></DIV></DIV><TEXTAREA id=text467184 style="DISPLAY: none"><DIV>◆<STRONG>Corurier-imap安装配置</STRONG> <DIV twffan="done">Postfix只是实现邮件系统的smtp功能,pop3或imap则需要另外的软件来实现,这个软件就是courier-imap(当然也有别的软件可以选择)。</DIV> <DIV twffan="done"><STRONG>(1)安装courier-imap</STRONG></DIV> <DIV twffan="done"></DIV> <DIV twffan="done"> <TABLE class=MsoNormalTable style="BORDER-RIGHT: medium none; BORDER-TOP: medium none; BACKGROUND: rgb(243,243,243) 0% 50%; MARGIN: auto auto auto 5.4pt; BORDER-LEFT: medium none; BORDER-BOTTOM……</TEXTAREA> <SCRIPT language=javascript> <!-- $("art467184").innerHTML=$("text467184").value; //--> </SCRIPT> </TD></TR> <TR height=20> <TD align=right colSpan=3><A class=list1 href="http://blog.chinaunix.net/u/5948/showart_467184.html" target=_blank><FONT style="FONT-SIZE: 10pt" color=#02368d><B><U>查看全文</U></B></FONT></A> </TD></TR> <TR height=20> <TD></TD> <TD align=right colSpan=2>发表于:2008-01-18 ┆ <A class=list1 href="http://blog.chinaunix.net/u/5948/showart_467184.html" target=_blank><U><FONT color=#800080>阅读(155)</FONT></U></A> ┆ <A class=list1 href="http://blog.chinaunix.net/u/5948/showart_467184.html" target=_blank><U><FONT color=#800080>评论(0)</FONT></U></A> </TD></TR></TBODY></TABLE></TD></TR> <TR> <TD width=7 height=7><IMG alt="" src="http://blog.chinaunix.net/templates/tech/images/w_left_buttom.gif" border=0></TD> <TD bgColor=#f3f3f3></TD> <TD width=7 height=7><IMG alt="" src="http://blog.chinaunix.net/templates/tech/images/w_right_buttom.gif" border=0></TD></TR></TBODY></TABLE><BR> <TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 cellPadding=0 width="96%" border=0> <TBODY> <TR> <TD width=7 height=7><IMG alt="" src="http://blog.chinaunix.net/templates/tech/images/w_left_top.gif" border=0></TD> <TD width="100%" bgColor=#f3f3f3></TD> <TD width=7 height=7><IMG alt="" src="http://blog.chinaunix.net/templates/tech/images/w_right_top.gif" border=0></TD></TR> <TR> <TD align=middle bgColor=#f3f3f3 colSpan=3> <TABLE style="TABLE-LAYOUT: fixed; BORDER-COLLAPSE: collapse; WORD-WRAP: break-word" cellSpacing=0 cellPadding=0 width="100%" bgColor=#f3f3f3 border=0> <TBODY> <TR height=25> <TD align=middle width=25><IMG height=8 alt="" src="http://blog.chinaunix.net/templates/tech/images/dot.gif" width=8 border=0></TD> <TD width="90%"><A class=list1 href="http://blog.chinaunix.net/u/5948/showart_467178.html" target=_blank><FONT style="FONT-SIZE: 10pt" color=#02368d><B><U>Postfix 电子邮件系统精要1</U></B></FONT></A> </TD> <TD align=middle width=25><IMG title=收起 onclick="ShowHideDiv('art467178',this);" alt="" src="http://blog.chinaunix.net/templates/tech/images/dot2.gif" border=0> </TD></TR> <TR> <TD width=25></TD> <TD colSpan=2> <DIV id=art467178 style="MARGIN: 5px; LINE-HEIGHT: 150%"> <DIV> <DIV twffan="done"> <DIV align=center twffan="done"><STRONG><FONT size=3>Postfix 电子邮件系统精要</FONT></STRONG></DIV> <DIV align=center twffan="done"><FONT size=2>作者:田逸(<A href="mailto:sery@163.com"><A href="mailto:sery@163.com"><FONT color=#0000ff>sery@163.com</FONT></A></A>) from <A href="http://www.51cto.com/art/200710/57530.htm"><A href="http://www.51cto.com/art/200710/57530.htm" target=_blank><FONT color=#0000ff>http://www.51cto.com/art/200710/57530.htm</FONT></A></A></FONT></DIV></DIV></DIV></DIV><TEXTAREA id=text467178 style="DISPLAY: none"><DIV> <DIV twffan="done"> <DIV align=center twffan="done"><STRONG><FONT size=3>Postfix 电子邮件系统精要</FONT></STRONG></DIV> <DIV align=center twffan="done"><FONT size=2>作者:田逸(<A href="mailto:sery@163.com"><A href="mailto:sery@163.com"><FONT color=#0000ff>sery@163.com</FONT></A></A>)&nbsp; from <A href="http://www.51cto.com/art/200710/57530.htm"><A href="http://www.51cto.com/art/200710/57530.htm" target=_blank><FONT color=#0000ff>http://www.51cto.com/art/200710/57530.htm</FONT></A></A></……</TEXTAREA> <SCRIPT language=javascript> <!-- $("art467178").innerHTML=$("text467178").value; //--> </SCRIPT> </TD></TR> <TR height=20> <TD align=right colSpan=3><A class=list1 href="http://blog.chinaunix.net/u/5948/showart_467178.html" target=_blank><FONT style="FONT-SIZE: 10pt" color=#02368d><B><U>查看全文</U></B></FONT></A> </TD></TR> <TR height=20> <TD></TD> <TD align=right colSpan=2>发表于:2008-01-18 ┆ <A class=list1 href="http://blog.chinaunix.net/u/5948/showart_467178.html" target=_blank><U><FONT color=#0000ff>阅读(111)</FONT></U></A> ┆ <A class=list1 href="http://blog.chinaunix.net/u/5948/showart_467178.html" target=_blank><U><FONT color=#0000ff>评论(0)</FONT></U></A> </TD></TR></TBODY></TABLE></TD></TR> <TR> <TD width=7 height=7><IMG alt="" src="http://blog.chinaunix.net/templates/tech/images/w_left_buttom.gif" border=0></TD> <TD bgColor=#f3f3f3></TD> <TD width=7 height=7><IMG alt="" src="http://blog.chinaunix.net/templates/tech/images/w_right_buttom.gif" border=0></TD></TR></TBODY></TABLE><BR> <TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 cellPadding=0 width="96%" border=0> <TBODY> <TR> <TD width=7 height=7><IMG alt="" src="http://blog.chinaunix.net/templates/tech/images/w_left_top.gif" border=0></TD> <TD width="100%" bgColor=#f3f3f3></TD> <TD width=7 height=7><IMG alt="" src="http://blog.chinaunix.net/templates/tech/images/w_right_top.gif" border=0></TD></TR> <TR> <TD align=middle bgColor=#f3f3f3 colSpan=3> <TABLE style="TABLE-LAYOUT: fixed; BORDER-COLLAPSE: collapse; WORD-WRAP: break-word" cellSpacing=0 cellPadding=0 width="100%" bgColor=#f3f3f3 border=0> <TBODY> <TR height=25> <TD align=middle width=25><IMG height=8 alt="" src="http://blog.chinaunix.net/templates/tech/images/dot.gif" width=8 border=0></TD> <TD width="90%"><A class=list1 href="http://blog.chinaunix.net/u/5948/showart_467163.html" target=_blank><FONT style="FONT-SIZE: 10pt" color=#02368d><B><U>Postfix配置Q&A </U></B></FONT></A></TD> <TD align=middle width=25><U><IMG title=收起 onclick="ShowHideDiv('art467163',this);" alt="" src="http://blog.chinaunix.net/templates/tech/images/dot2.gif" border=0></U> </TD></TR> <TR> <TD width=25></TD> <TD colSpan=2> <DIV id=art467163 style="MARGIN: 5px; LINE-HEIGHT: 150%"> 在配置Postfix中遇到的一些问题及相关的解决方法,希望在遇到相同的问题时能起参考的作用.在这里有必要提到一些相关的日志文件,因为很多的错误都会在日志中有体现,日志文件的存放位置可以由用户定义,这里所说的日志文件是按前面的文章中定义的存放位置( <A href="http://waringid.blog.51cto.com/65148/58210"><A href="http://waringid.blog.51cto.com/65148/58210" target=_blank><FONT color=#000000>http://waringid.blog.51cto.com/65148/58210</FONT></A></A>),请自行参照更改. <DIV twffan="done">系统日志:</DIV></DIV><TEXTAREA id=text467163 style="DISPLAY: none"> 在配置Postfix中遇到的一些问题及相关的解决方法,希望在遇到相同的问题时能起参考的作用.在这里有必要提到一些相关的日志文件,因为很多的错误都会在日志中有体现,日志文件的存放位置可以由用户定义,这里所说的日志文件是按前面的文章中定义的存放位置( <A href="http://waringid.blog.51cto.com/65148/58210"><A href="http://waringid.blog.51cto.com/65148/58210" target=_blank><FONT color=#000000>http://waringid.blog.51cto.com/65148/58210</FONT></A></A>),请自行参照更改. <DIV twffan="done">系统日志:<SPAN sty……</TEXTAREA> <SCRIPT language=javascript> <!-- $("art467163").innerHTML=$("text467163").value; //--> </SCRIPT> </TD></TR></TBODY></TABLE></TD></TR></TBODY></TABLE></DIV>
查看全文
发表于:2008-01-24 ┆
阅读(1535)
┆
评论(0)
qmail邮局迁移用户到postfix
<DIV> <DIV class=article id=article align=left> <H1 class=subject style="WORD-WRAP: break-word"><B><IMG src="http://coolerfeng.blog.51cto.com/images/orig_1.gif" border=0> qmail邮局迁移用户到postfix </B></H1> <HR style="BORDER-RIGHT: #eeeeee 1px solid; BORDER-TOP: #eeeeee 1px solid; BORDER-LEFT: #eeeeee 1px solid; BORDER-BOTTOM: #eeeeee 1px solid" align=center width="94%" SIZE=1> <DIV> <DIV class=posttime><SMALL><FONT size=2>2007-10-22 14:58:13</FONT></SMALL></DIV> <DIV style="PADDING-LEFT: 20px; WIDTH: 94%"> 标签:<SPAN style="COLOR: #aaaaaa"><A class=operlink href="http://blog.51cto.com/tagindex.php?keyword=%C7%A8%D2%C6" target=_blank><FONT color=#0000ff>迁移</FONT></A> <A class=operlink href="http://blog.51cto.com/tagindex.php?keyword=postfix" target=_blank><FONT color=#0000ff>postfix</FONT></A> <A class=operlink href="http://blog.51cto.com/tagindex.php?keyword=qmail" target=_blank><FONT color=#0000ff>qmail</FONT></A></SPAN> <BR><BR></DIV></DIV> <DIV> <TABLE id=content style="TABLE-LAYOUT: fixed; WIDTH: 650px" cellSpacing=10 cellPadding=0 width=650 border=0> <TBODY> <TR> <TD> <DIV class=copy><STRONG>版权声明:</STRONG>原创作品,允许转载,转载时请务必以超链接形式标明文章 <A style="TEXT-DECORATION: underline" href="http://coolerfeng.blog.51cto.com/133059/47159" target=_blank><FONT color=#800080>原始出处</FONT></A> 、作者信息和本声明。否则将追究法律责任。<A href="http://coolerfeng.blog.51cto.com/133059/47159"><FONT color=#800080>http://coolerfeng.blog.51cto.com/133059/47159</FONT></A></DIV></TD></TR> <TR> <TD> <DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><FONT size=3><SPAN lang=EN-US>qmail</SPAN><SPAN style="FONT-FAMILY: 宋体; mso-ascii-font-family: " Roman?? New ?Times mso-hansi-font-family: Roman?; Times>邮局迁移用户到postfix</SPAN></FONT></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><SPAN lang=EN-US><?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" /><o:p><FONT size=3> 原来的qmail邮件系统垃圾邮件太多,因此安装了新系统。</FONT></o:p></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><SPAN lang=EN-US><o:p><FONT size=3> 安装结束后测试收发邮件正常。</FONT></o:p></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><FONT size=3><SPAN style="FONT-FAMILY: 宋体; mso-ascii-font-family: " Roman?? New ?Times mso-hansi-font-family: Roman?; Times> 接下来需要将以前的用户账户,密码导入到新的邮件系统中</SPAN><SPAN lang=EN-US><o:p></o:p></SPAN></FONT></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><SPAN lang=EN-US><o:p><FONT size=3> </FONT></o:p></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><FONT size=3><SPAN style="FONT-FAMILY: 宋体; mso-ascii-font-family: " Roman?? New ?Times mso-hansi-font-family: Roman?; Times>经过分析后,发现纪录用户信息的表中主要字段基本相同。可以导出账户。</SPAN><SPAN lang=EN-US><o:p></o:p></SPAN></FONT></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><FONT size=3><SPAN style="FONT-FAMILY: 宋体; mso-ascii-font-family: " Roman?? New ?Times mso-hansi-font-family: Roman?; Times>表结构分析</SPAN><SPAN lang=EN-US>,</SPAN><SPAN style="FONT-FAMILY: 宋体; mso-ascii-font-family: " Roman?? New ?Times mso-hansi-font-family: Roman?; Times>相同的字段对比:(左qmail右postfix)</SPAN><SPAN lang=EN-US><o:p></o:p></SPAN></FONT></DIV> <TABLE class=MsoTableGrid style="BORDER-RIGHT: medium none; BORDER-TOP: medium none; BORDER-LEFT: medium none; BORDER-BOTTOM: medium none; BORDER-COLLAPSE: collapse; mso-border-alt: solid windowtext .5pt; mso-yfti-tbllook: 480; mso-padding-alt: 0cm 5.4pt 0cm 5.4pt; mso-border-insideh: .5pt solid windowtext; mso-border-insidev: .5pt solid windowtext" cellSpacing=0 cellPadding=0 border=1> <TBODY> <TR style="mso-yfti-irow: 0; mso-yfti-firstrow: yes"> <TD style="BORDER-RIGHT: windowtext 1pt solid; PADDING-RIGHT: 5.4pt; BORDER-TOP: windowtext 1pt solid; PADDING-LEFT: 5.4pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: windowtext 1pt solid; WIDTH: 213.05pt; PADDING-TOP: 0cm; BORDER-BOTTOM: windowtext 1pt solid; BACKGROUND-COLOR: transparent; mso-border-alt: solid windowtext .5pt" vAlign=top width=284> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><SPAN lang=EN-US>pw_name</SPAN></DIV></TD> <TD style="BORDER-RIGHT: windowtext 1pt solid; PADDING-RIGHT: 5.4pt; BORDER-TOP: windowtext 1pt solid; PADDING-LEFT: 5.4pt; BORDER-LEFT-COLOR: #ece9d8; PADDING-BOTTOM: 0cm; WIDTH: 213.05pt; PADDING-TOP: 0cm; BORDER-BOTTOM: windowtext 1pt solid; BACKGROUND-COLOR: transparent; mso-border-alt: solid windowtext .5pt; mso-border-left-alt: solid windowtext .5pt" vAlign=top width=284> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><SPAN lang=EN-US>username</SPAN></DIV></TD></TR> <TR style="mso-yfti-irow: 1"> <TD style="BORDER-RIGHT: windowtext 1pt solid; PADDING-RIGHT: 5.4pt; PADDING-LEFT: 5.4pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: windowtext 1pt solid; WIDTH: 213.05pt; BORDER-TOP-COLOR: #ece9d8; PADDING-TOP: 0cm; BORDER-BOTTOM: windowtext 1pt solid; BACKGROUND-COLOR: transparent; mso-border-alt: solid windowtext .5pt; mso-border-top-alt: solid windowtext .5pt" vAlign=top width=284> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><SPAN lang=EN-US>pw_passwd</SPAN></DIV></TD> <TD style="BORDER-RIGHT: windowtext 1pt solid; PADDING-RIGHT: 5.4pt; PADDING-LEFT: 5.4pt; BORDER-LEFT-COLOR: #ece9d8; PADDING-BOTTOM: 0cm; WIDTH: 213.05pt; BORDER-TOP-COLOR: #ece9d8; PADDING-TOP: 0cm; BORDER-BOTTOM: windowtext 1pt solid; BACKGROUND-COLOR: transparent; mso-border-alt: solid windowtext .5pt; mso-border-left-alt: solid windowtext .5pt; mso-border-top-alt: solid windowtext .5pt" vAlign=top width=284> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><SPAN lang=EN-US>password</SPAN></DIV></TD></TR> <TR style="mso-yfti-irow: 2"> <TD style="BORDER-RIGHT: windowtext 1pt solid; PADDING-RIGHT: 5.4pt; PADDING-LEFT: 5.4pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: windowtext 1pt solid; WIDTH: 213.05pt; BORDER-TOP-COLOR: #ece9d8; PADDING-TOP: 0cm; BORDER-BOTTOM: windowtext 1pt solid; BACKGROUND-COLOR: transparent; mso-border-alt: solid windowtext .5pt; mso-border-top-alt: solid windowtext .5pt" vAlign=top width=284> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><SPAN lang=EN-US>pw_dir</SPAN></DIV></TD> <TD style="BORDER-RIGHT: windowtext 1pt solid; PADDING-RIGHT: 5.4pt; PADDING-LEFT: 5.4pt; BORDER-LEFT-COLOR: #ece9d8; PADDING-BOTTOM: 0cm; WIDTH: 213.05pt; BORDER-TOP-COLOR: #ece9d8; PADDING-TOP: 0cm; BORDER-BOTTOM: windowtext 1pt solid; BACKGROUND-COLOR: transparent; mso-border-alt: solid windowtext .5pt; mso-border-left-alt: solid windowtext .5pt; mso-border-top-alt: solid windowtext .5pt" vAlign=top width=284> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><SPAN lang=EN-US>maildir</SPAN></DIV></TD></TR> <TR style="mso-yfti-irow: 3"> <TD style="BORDER-RIGHT: windowtext 1pt solid; PADDING-RIGHT: 5.4pt; PADDING-LEFT: 5.4pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: windowtext 1pt solid; WIDTH: 213.05pt; BORDER-TOP-COLOR: #ece9d8; PADDING-TOP: 0cm; BORDER-BOTTOM: windowtext 1pt solid; BACKGROUND-COLOR: transparent; mso-border-alt: solid windowtext .5pt; mso-border-top-alt: solid windowtext .5pt" vAlign=top width=284> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><SPAN lang=EN-US>pw_dir</SPAN></DIV></TD> <TD style="BORDER-RIGHT: windowtext 1pt solid; PADDING-RIGHT: 5.4pt; PADDING-LEFT: 5.4pt; BORDER-LEFT-COLOR: #ece9d8; PADDING-BOTTOM: 0cm; WIDTH: 213.05pt; BORDER-TOP-COLOR: #ece9d8; PADDING-TOP: 0cm; BORDER-BOTTOM: windowtext 1pt solid; BACKGROUND-COLOR: transparent; mso-border-alt: solid windowtext .5pt; mso-border-left-alt: solid windowtext .5pt; mso-border-top-alt: solid windowtext .5pt" vAlign=top width=284> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><SPAN lang=EN-US>homedir</SPAN></DIV></TD></TR> <TR style="mso-yfti-irow: 4"> <TD style="BORDER-RIGHT: windowtext 1pt solid; PADDING-RIGHT: 5.4pt; PADDING-LEFT: 5.4pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: windowtext 1pt solid; WIDTH: 213.05pt; BORDER-TOP-COLOR: #ece9d8; PADDING-TOP: 0cm; BORDER-BOTTOM: windowtext 1pt solid; BACKGROUND-COLOR: transparent; mso-border-alt: solid windowtext .5pt; mso-border-top-alt: solid windowtext .5pt" vAlign=top width=284> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><SPAN lang=EN-US>pw_domain</SPAN></DIV></TD> <TD style="BORDER-RIGHT: windowtext 1pt solid; PADDING-RIGHT: 5.4pt; PADDING-LEFT: 5.4pt; BORDER-LEFT-COLOR: #ece9d8; PADDING-BOTTOM: 0cm; WIDTH: 213.05pt; BORDER-TOP-COLOR: #ece9d8; PADDING-TOP: 0cm; BORDER-BOTTOM: windowtext 1pt solid; BACKGROUND-COLOR: transparent; mso-border-alt: solid windowtext .5pt; mso-border-left-alt: solid windowtext .5pt; mso-border-top-alt: solid windowtext .5pt" vAlign=top width=284> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><SPAN lang=EN-US>domain</SPAN></DIV></TD></TR> <TR style="mso-yfti-irow: 5; mso-yfti-lastrow: yes"> <TD style="BORDER-RIGHT: windowtext 1pt solid; PADDING-RIGHT: 5.4pt; PADDING-LEFT: 5.4pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: windowtext 1pt solid; WIDTH: 213.05pt; BORDER-TOP-COLOR: #ece9d8; PADDING-TOP: 0cm; BORDER-BOTTOM: windowtext 1pt solid; BACKGROUND-COLOR: transparent; mso-border-alt: solid windowtext .5pt; mso-border-top-alt: solid windowtext .5pt" vAlign=top width=284> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><SPAN lang=EN-US>pw_name</SPAN></DIV></TD> <TD style="BORDER-RIGHT: windowtext 1pt solid; PADDING-RIGHT: 5.4pt; PADDING-LEFT: 5.4pt; BORDER-LEFT-COLOR: #ece9d8; PADDING-BOTTOM: 0cm; WIDTH: 213.05pt; BORDER-TOP-COLOR: #ece9d8; PADDING-TOP: 0cm; BORDER-BOTTOM: windowtext 1pt solid; BACKGROUND-COLOR: transparent; mso-border-alt: solid windowtext .5pt; mso-border-left-alt: solid windowtext .5pt; mso-border-top-alt: solid windowtext .5pt" vAlign=top width=284> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><SPAN lang=EN-US>uid</SPAN></DIV></TD></TR></TBODY></TABLE> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><SPAN lang=EN-US><o:p><FONT size=3> </FONT></o:p></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><FONT size=3><SPAN style="FONT-FAMILY: 宋体; mso-ascii-font-family: " Roman?? New ?Times mso-hansi-font-family: Roman?; Times>不过这里依然有一些小区别,如右边的</SPAN><SPAN lang=EN-US>username</SPAN><SPAN style="FONT-FAMILY: 宋体; mso-ascii-font-family: " Roman?? New ?Times mso-hansi-font-family: Roman?; Times>比左边的</SPAN><SPAN lang=EN-US>pw_name</SPAN><SPAN style="FONT-FAMILY: 宋体; mso-ascii-font-family: " Roman?? New ?Times mso-hansi-font-family: Roman?; Times>多了</SPAN><SPAN lang=EN-US>@</SPAN><SPAN style="FONT-FAMILY: 宋体; mso-ascii-font-family: " Roman?? New ?Times mso-hansi-font-family: Roman?; Times>域名</SPAN></FONT></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><FONT size=3><SPAN style="FONT-FAMILY: 宋体; mso-ascii-font-family: " Roman?? New ?Times mso-hansi-font-family: Roman?; Times>待会我们导出数据后对数据进行一些修改。</SPAN><SPAN lang=EN-US><o:p></o:p></SPAN></FONT></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><FONT size=3><SPAN style="FONT-FAMILY: 宋体; mso-ascii-font-family: " Roman?? New ?Times mso-hansi-font-family: Roman?; Times>先从</SPAN><SPAN lang=EN-US>qmail</SPAN><SPAN style="FONT-FAMILY: 宋体; mso-ascii-font-family: " Roman?? New ?Times mso-hansi-font-family: Roman?; Times>的</SPAN><SPAN lang=EN-US>mysql</SPAN><SPAN style="FONT-FAMILY: 宋体; mso-ascii-font-family: " Roman?? New ?Times mso-hansi-font-family: Roman?; Times>数据库中将需要的字段导出为文件</SPAN><SPAN lang=EN-US><o:p></o:p></SPAN></FONT></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><SPAN lang=EN-US><FONT size=3>#mysql -uroot -p<o:p></o:p></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><SPAN lang=EN-US><FONT size=3>>use vpopmail;<o:p></o:p></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><SPAN lang=EN-US><FONT size=3>>select<SPAN style="mso-spacerun: yes"> </SPAN>pw_name,pw_name,pw_passwd,pw_dir,pw_dir,pw_domain into outfile 'mailuser.sql' from<SPAN style="mso-spacerun: yes"> </SPAN>vpopmail;<o:p></o:p></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><SPAN lang=EN-US><FONT size=3>>exit;<o:p></o:p></FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><FONT size=3><SPAN style="FONT-FAMILY: 宋体; mso-ascii-font-family: " Roman?? New ?Times mso-hansi-font-family: Roman?; Times>然后把导出的</SPAN><SPAN lang=EN-US>mailuser.sql</SPAN><SPAN style="FONT-FAMILY: 宋体; mso-ascii-font-family: " Roman?? New ?Times mso-hansi-font-family: Roman?; Times>用</SPAN><SPAN lang=EN-US>ssh</SPAN><SPAN style="FONT-FAMILY: 宋体; mso-ascii-font-family: " Roman?? New ?Times mso-hansi-font-family: Roman?; Times>传到新的机器上。因为我们需要修改数据,这里先用</SPAN><SPAN lang=EN-US>ssh</SPAN><SPAN style="FONT-FAMILY: 宋体; mso-ascii-font-family: " Roman?? New ?Times mso-hansi-font-family: Roman?; Times>客户端传回</SPAN><SPAN lang=EN-US>windows</SPAN><SPAN style="FONT-FAMILY: 宋体; mso-ascii-font-family: " Roman?? New ?Times mso-hansi-font-family: Roman?; Times>机器上。</SPAN></FONT></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><SPAN lang=EN-US><o:p><FONT size=3> </FONT></o:p></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><FONT size=3><SPAN style="FONT-FAMILY: 宋体; mso-ascii-font-family: " Roman?? New ?Times mso-hansi-font-family: Roman?; Times>用写字板打开</SPAN><SPAN lang=EN-US>mailuser.sql</SPAN><SPAN style="FONT-FAMILY: 宋体; mso-ascii-font-family: " Roman?? New ?Times mso-hansi-font-family: Roman?; Times>文件,运用查找替换功能进行我们所需要的修改。并将所有的分隔符由原来的</SPAN><SPAN lang=EN-US>tab</SPAN><SPAN style="FONT-FAMILY: 宋体; mso-ascii-font-family: " Roman?? New ?Times mso-hansi-font-family: Roman?; Times>替换为逗号。注意都要用半角格式。</SPAN></FONT></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><SPAN style="FONT-FAMILY: 宋体; mso-ascii-font-family: " Roman?? New ?Times mso-hansi-font-family: Roman?; Times><FONT size=3>重新保存</FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><SPAN lang=EN-US><o:p><FONT size=3> </FONT></o:p></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><SPAN style="FONT-FAMILY: 宋体; mso-ascii-font-family: " Roman?? New ?Times mso-hansi-font-family: Roman?; Times><FONT size=3>登录新邮件服务器,</FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><SPAN lang=EN-US><FONT size=3>#mysql –<?xml:namespace prefix = st1 ns = "urn:schemas-microsoft-com:office:smarttags" /><st1:City w:st="on"><st1:place w:st="on">ur</st1:place></st1:City>oot –p</FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><SPAN lang=EN-US><FONT size=3>>use extmail; </FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><SPAN lang=EN-US><FONT size=3>> LOAD DATA LOCAL INFILE '/root/mailuser.sql' INTO TABLE mailbox FIELDS TERMINATED BY ',' (username,homedir,maildir,domain,uid,password);</FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><FONT size=3><SPAN style="FONT-FAMILY: 宋体; mso-ascii-font-family: " Roman?? New ?Times mso-hansi-font-family: Roman?; Times>这里的字段排序要和</SPAN><SPAN lang=EN-US>sql</SPAN><SPAN style="FONT-FAMILY: 宋体; mso-ascii-font-family: " Roman?? New ?Times mso-hansi-font-family: Roman?; Times>文件中的字段顺序一致。</SPAN></FONT></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><SPAN lang=EN-US><o:p><FONT size=3> </FONT></o:p></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><SPAN style="FONT-FAMILY: 宋体; mso-ascii-font-family: " Roman?? New ?Times mso-hansi-font-family: Roman?; Times><FONT size=3>接下来我们需要将用户邮件导过来。</FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><SPAN lang=EN-US><FONT size=3>登录旧邮件系统。打包邮箱目录并上传。</FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><SPAN lang=EN-US><FONT size=3>tar czvf<SPAN style="mso-spacerun: yes"> </SPAN>domain.tar.gz /home/vpopmail/domains/</FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><SPAN lang=EN-US><FONT size=3>sftp ip</FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><SPAN style="FONT-FAMILY: 宋体; mso-ascii-font-family: " Roman?? New ?Times mso-hansi-font-family: Roman?; Times><FONT size=3>输入密码</FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><SPAN lang=EN-US><FONT size=3>put domain.tar.gz</FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><SPAN lang=EN-US><FONT size=3>exit</FONT></SPAN></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><FONT size=3><SPAN style="FONT-FAMILY: 宋体; mso-ascii-font-family: " Roman?? New ?Times mso-hansi-font-family: Roman?; Times>然后将</SPAN><SPAN lang=EN-US>domain</SPAN><SPAN style="FONT-FAMILY: 宋体; mso-ascii-font-family: " Roman?? New ?Times mso-hansi-font-family: Roman?; Times>解压缩到对应的目录,然后登录邮箱,</SPAN></FONT></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><FONT size=3><SPAN style="FONT-FAMILY: 宋体; mso-ascii-font-family: " Roman?? New ?Times mso-hansi-font-family: Roman?; Times>mv 目录 /home/domains/</SPAN></FONT></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><FONT size=3><SPAN style="FONT-FAMILY: 宋体; mso-ascii-font-family: " Roman?? New ?Times mso-hansi-font-family: Roman?; Times>\cp -R 目录 /home/domains/</SPAN></FONT></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><FONT size=3><SPAN style="FONT-FAMILY: 宋体; mso-ascii-font-family: " Roman?? New ?Times mso-hansi-font-family: Roman?; Times>加斜杠的意思是屏蔽cp的别名功能,强制覆盖已经存在的文件</SPAN></FONT></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><FONT size=3><SPAN style="FONT-FAMILY: 宋体; mso-ascii-font-family: " Roman?? New ?Times mso-hansi-font-family: Roman?; Times>复制完后记得修改一下属性</SPAN></FONT></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><FONT size=3><SPAN style="FONT-FAMILY: 宋体; mso-ascii-font-family: " Roman?? New ?Times mso-hansi-font-family: Roman?; Times>chown -R vuser.vgroup /home/domains/</SPAN></FONT></DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><FONT size=3><SPAN style="FONT-FAMILY: 宋体; mso-ascii-font-family: " Roman?? New ?Times mso-hansi-font-family: Roman?; Times></SPAN></FONT> </DIV> <DIV class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><FONT size=3><SPAN style="FONT-FAMILY: 宋体; mso-ascii-font-family: " Roman?? New ?Times mso-hansi-font-family: Roman?; Times></SPAN></FONT> </DIV> <P>本文出自 “<A href="http://coolerfeng.blog.51cto.com/"><FONT color=#0000ff>风吹云动</FONT></A>” 博客,请务必保留此出处<A href="http://coolerfeng.blog.51cto.com/133059/47159"><FONT color=#800080>http://coolerfeng.blog.51cto.com/133059/47159</FONT></A></P><A class=hidden href="http://coolerfeng.blog.51cto.com/133059/47159"><FONT color=#800080>本文出自 51CTO.COM技术博客</FONT></A></DIV></TD></TR></TBODY></TABLE></DIV></DIV><BR></DIV>
查看全文
发表于:2008-01-03 ┆
阅读(465)
┆
评论(0)
CentOS 5 全功能WWW服务器搭建全教程 V3.0
<DIV> <H1 id=blog_title style="FONT-WEIGHT: normal; FONT-SIZE: 14pt; MARGIN: 0px">CentOS 5 全功能WWW服务器搭建全教程 V3.0 </H1> <DIV class="smallfont shade" style="MARGIN-BOTTOM: 10px"><SPAN class=shade>发表于 2007-11-11 20:32 作者:</SPAN> <A href="http://www.cnprint.org/bbs/blogs/1/"><FONT color=#215ca1>wangyu1314</FONT></A> <!-- | <a href="http://www.cnprint.org/bbs/blogs/1/blog66.html" class="shade">永久链接</a>--><BR><A href="http://www.cnprint.org/bbs/blogs/1/"><FONT color=#215ca1>wangyu1314</FONT></A> <SPAN class=shade>更新于 2007-12-14 13:39</SPAN> <SPAN class=shade>(优化编译参数)</SPAN> </DIV><!-- ads could go here --> <DIV id=blog_message style="MARGIN-BOTTOM: 10px">CentOS 5 全功能WWW服务器搭建全教程<BR><BR><FONT color=red>请注意,附件中的word文件由于有文档格式很麻烦,不会即时更新,请下载者直接复制本网页内容。</FONT><BR><BR>V3.0 2007年11月11日 将搭建教程划分阶段以适应不同需要。加入程序优化,程序安全,加入memcache,squid, mod_security等高级应用, 安装vBulletin+vBseo, 服务器安全设置,以及日常管理功能。<BR><BR>V2.0 2007年10月18日 操作系统更新为centos 5.0 apache 更新为2.2.6版本,php更新为5.2.5, mysql 更新为5.0.46, Zend Optimizer 更新为3.3.0。解决新平台下的一些问题。修正文字错误。<BR><BR>v1.2 2007年2月12日 apache 更新为2.2.4版本,增加mod_ssl和openssl支持,增加apr和apr-util的编译, php更新为5.2.1,增加集成Suhosin补丁,mysql 更新为5.0.33, Zend Optimizer 更新为3.2.2,增加phpmyadmin。修改一些文字错误。<BR><BR>v1.0 2007年1月11日<BR><BR>V3.0版本文字文明在<BR>http://www.cnprint.org/bbs/blogs/1/blog66.html<BR>长期在线维护。欢迎转帖,转帖时请勿删除本说明。<BR>By 二戒<BR><BR>先声明,以下的这些文字个人的安装笔记,是参考了网上许多高手的成功经验组合而成的,说实话我自己的东西不多 :)我想把这些经验写下来,既可以对其他跟我一样摸索的兄弟一个经验,也可以防止以后自己都忘记了,嘿嘿。<BR>所以如果某个大虾看到我借用了你的资源,请不要生气。同时欢迎大家指出错误。<BR>一、基本系统安装<BR>1、下载CentOS 5<BR>我是下载的DVD版本,大家也可以下载服务器CD安装版本,其实都差不多。大家可以到这儿下载,速度很快的。<BR>http://ftp.iasi.roedu.net/mirrors/centos.org/5/isos/i386/CentOS-5.0-i386-bin-DVD.iso<BR>建议在windows下用BT或迅雷下载,速度会快很多。<BR>下载后刻录成光盘。我建议你刻录DVD啦,如果是菜鸟,把图形界面也装上,可以在图形界面进行学习,当然强烈不建议在服务器上装桌面。<BR>Centos 5系列任何一个版本就行了,安装后可以通过yum upgrade直接更新为最新版本。<BR><BR>2、安装CentOS 5<BR>作为服务器,不安装不需要的组件,所以在选择组件的时候,除了选择FTP SERVER外取消所有组件的选择。也不要选web服务器。因为我们后面要手动编译安装。<BR>系统约定RPM包和源码包存放位置<BR>RPM包和源码包存放位置 /usr/local/src<BR>源码包编译安装位置(prefix) /usr/local/xxx<BR>脚本以及维护程序存放位置 /usr/local/sbin<BR>MySQL 数据库位置 /var/lib/mysql<BR>Apache 网站根目录 /usr/local/apache2/htdocs<BR>Apache 虚拟主机日志根目录 /data/logs/www<BR>yum RPM包信息文件 /etc/yum.list<BR><BR>3、系统环境部署及调整<BR>(1)检查系统是否正常<BR># more /var/log/messages //检查有无系统内核级错误信息<BR># demesg //检查硬件设备是否有错误信息<BR># ifconfig //检查网卡设置是否正确<BR># ping www.163.com // 检查网络是否正常<BR>(2)关闭不需要的服务<BR># export LANG='en_US' //设置语言<BR># setup //选择启动的服务<BR>进入system service 选项。<BR>以space 键选定所需服务。<BR>以下仅列出需要启动的服务,未列出的服务一律关闭:<BR>crond<BR>irqbalance 仅当服务器CPU为S.M.P架构或支持双核心、HT技术时,才需开启,否则关闭。<BR>microcode_ctl<BR>network<BR>iptables<BR>vsftpd<BR>sshd<BR>syslog<BR>yum-updatesd<BR>(3)修改/etc/yum.repos.d/CentOS-Base.repo,将镜象站点地址改为在中国的镜象站点地址。不然我们通过yum安装软件速度会极慢。修改如下:<BR># CentOS-Base.repo<BR>#<BR># This file uses a new mirrorlist system developed by Lance Davis for CentOS.<BR># The mirror system uses the connecting IP address of the client and the<BR># update status of each mirror to pick mirrors that are updated to and<BR># geographically close to the client. You should use this for CentOS updates<BR># unless you are manually picking other mirrors.<BR>#<BR># If the mirrorlist= does not work for you, as a fall back you can try the<BR># remarked out baseurl= line instead.<BR>#<BR>#<BR>[base]<BR>name=CentOS-$releasever - Base<BR>baseurl=http://mirrors.shlug.org/centos/$releasever/os/$basearch/<BR>gpgcheck=1<BR>gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5<BR>protect=1<BR>#released updates<BR>[updates]<BR>name=CentOS-$releasever - Updates<BR>baseurl=http://mirrors.shlug.org/centos/$releasever/updates/$basearch/<BR>gpgcheck=1<BR>gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5<BR>protect=1<BR>#packages used/produced in the build but not released<BR>[addons]<BR>name=CentOS-$releasever - Addons<BR>baseurl=http://mirrors.shlug.org/centos/$releasever/addons/$basearch/<BR>gpgcheck=1<BR>gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5<BR>protect=0<BR>#additional packages that may be useful<BR>[extras]<BR>name=CentOS-$releasever - Extras<BR>baseurl=http://mirrors.shlug.org/centos/$releasever/extras/$basearch/<BR>gpgcheck=1<BR>gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5<BR>protect=0<BR>#additional packages that extend functionality of existing packages<BR>[centosplus]<BR>name=CentOS-$releasever - Plus<BR>baseurl=http://mirrors.shlug.org/centos/$releasever/centosplus/$basearch/<BR>gpgcheck=1<BR>enabled=0<BR>gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5<BR>protect=1<BR>#contrib - packages by Centos Users<BR>[contrib]<BR>name=CentOS-$releasever - Contrib<BR>baseurl=http://mirrors.shlug.org/centos/$releasever/contrib/$basearch/<BR>gpgcheck=1<BR>enabled=0<BR>protect=0<BR>gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5<BR>保存文件。<BR>(4)更新系统,我们使用yum,<BR>运行:<BR># yum upgrade<BR>建议更新所有列出的程序,包括内核,rhel 5.X的稳定性还要继续努力呢。<BR>(5)定时校正服务器时间<BR># yum install –y ntp<BR># crontab -e<BR>0 23 * * * /usr/sbin/ntpdate 210.72.145.44<BR>以上命令设置好后存盘。<BR># /sbin/service crond reload<BR>重载计划任务配置<BR>您的机器将在每天的23:00根据中国国家授时中心的NTP服务器时间自动校准时间。<BR>(6)FTP服务器的配置<BR>vi /etc/vsftpd/vsftpd.conf<BR>把anonymous_enable=YES<BR>修改为anonymous_enable=No不允许匿名登录。<BR>添加两句<BR>chroot_local_user=yes<BR>listen_port=2121<BR>将用户锁定在主目录,并将FTP监听端口修改为2121<BR>把ftpd_banner=*前的注释去掉。后面改成你的欢迎信息(这样设置可以避免显示ftp服务器的版本信息)<BR>然后保存,service vsftpd start就可以了。<BR>这时应当添加用户,因为root默认不能通过FTP方式登录,也不安全。<BR>groupadd upload<BR>useradd upload -g upload -d /usr/local/apache2/htdocs/ -M<BR>如果FTP登录时出现<BR>ftp服务器连接失败,错误提示:<BR>500 OOPS: cannot change directory:/home/*******<BR>500 OOPS: child died<BR>解决方法:<BR># setsebool ftpd_disable_trans 1<BR># service vsftpd restart<BR>这样对于我们上传一些文件到系统中很方便。<BR>大家有兴趣的可以看下这篇文章对vsftpd进行一个比较详细的了解<BR>http://blog.chinaunix.net/u/10047/showart_198837.html<BR>4、重新启动系统<BR># init 6<BR>此时系统启动成功,可以删除老的内核<BR><BR>二、安装mysql, apache, php, Zend Optimizer等基本环境<BR>5. 使用 yum 程序安装所需开发包(以下为标准的rpm包名称)<BR># yum install gcc gcc-c++ gcc-g77 flex bison autoconf automake bzip2-devel zlib-devel ncurses-devel libjpeg-devel libpng-devel libtiff-devel freetype-devel pam-devel openssl-devel libxml2-devel gettext-devel pcre-devel<BR>#这里我们将编译GD所必须的一些小软件比如libpng,libtiff,freetype,libjpeg,gettext-devel等先用RPM 的方式一并安装好,避免手动编译浪费时间,同时也能避免很多错误,这几个小软件的编译很麻烦。这几个小软件编译错误了,GD当然安装不了,php5的编译当然也没戏了。所以我们抓大放小,对这些小牛鬼蛇神采取快速简洁的方式进行安装。并且对服务器的性能也不能产生什么影响。<BR>另外libxml2系统已经默认安装了,所以我们不需要手工编译了,直接安装它的开发包就行了。<BR>6. 源码编译安装所需包 (Source)<BR>(1) GD2<BR># cd /usr/local/src<BR># wget http://www.libgd.org/releases/gd-2.0.35.tar.gz<BR># tar xzvf gd-2.0.35.tar.gz<BR># cd gd-2.0.35<BR># yum install libtool libtool-ltdl<BR># aclocal<BR># CHOST="i686-pc-linux-gnu" CFLAGS="-O3 -msse2 -mmmx -Wall -W -mfpmath=sse -mcpu=pentium4 -march=pentium4 -pipe -fomit-frame-pointer" CXXFLAGS="-O3 -msse2 -mmmx -Wall -W -mfpmath=sse -funroll-loops -mcpu=pentium4 -march=pentium4 -pipe -felide-constructors -fno-exceptions -fno-rtti -fomit-frame-pointer" ./configure --prefix=/usr/local/gd2 --mandir=/usr/share/man<BR>// 注意,CHOST="i686-pc-linux-gnu" CFLAGS="-O3 -msse2 -mmmx -Wall -W -mfpmath=sse -mcpu=pentium4 -march=pentium4 -pipe -fomit-frame-pointer" CXXFLAGS="-O3 -msse2 -mmmx -Wall -W -mfpmath=sse -funroll-loops -mcpu=pentium4 -march=pentium4 -pipe -felide-constructors -fno-exceptions -fno-rtti -fomit-frame-pointer" 这个环境参数只针对intel P4 芯片,如果你的CPU是AMD的,注意不能使用。请查看相应的编译优化参数。否则程序会无法编译,即使编译成功也无法运行,嘿嘿。<BR>关于其他CPU的优化参见我的BLOG的一篇转贴:<BR>http://www.cnprint.org/bbs/blogs/1/blog43.html<BR>//./configure 配置。<BR># make //make 是用来编译的,它从 Makefile 中读取指令,然后编译。<BR># make install //make install 是用来安装的,它也从 Makefile 中读取指令,安装到指定的位置。<BR>(2) Apache 日志截断程序<BR># cd /usr/local/src<BR># wget http://cronolog.org/patches/cronolog-1.7.0-beta.tar.gz<BR># tar cronolog-1.7.0-beta.tar.gz<BR># cd cronolog-1.7.0-beta<BR>#CHOST="i686-pc-linux-gnu" CFLAGS="-O3 -msse2 -mmmx -Wall -W -mfpmath=sse -mcpu=pentium4 -march=pentium4 -pipe -fomit-frame-pointer" CXXFLAGS="-O3 -msse2 -mmmx -Wall -W -mfpmath=sse -funroll-loops -mcpu=pentium4 -march=pentium4 -pipe -felide-constructors -fno-exceptions -fno-rtti -fomit-frame-pointer" ./configure --prefix=/usr/local/cronolog && make && make install<BR><BR>7、编译mysql 5.0.50<BR>mysql 5.0.50是企业版本,貌似双数版本都是企业版本了。个人觉得代码质量要比社区版本要好一些。大家可以下载,免费使用。并不需要向mysql公司交钱。<BR>#cd /usr/local/src<BR># wget http://mirror.provenscaling.com/mysql/enterprise/source/5.0/mysql-5.0.50.tar.gz<BR># tar xzvf mysql-5.0.50.tar.gz<BR># cd mysql-5.0.50<BR>修改mysql 客户端最大连接数, 默认的只有100,远远达不到我们的要求。<BR># vi sql/mysqld.cc<BR>搜索找到下面一行:<BR>{"max_connections", OPT_MAX_CONNECTIONS,<BR>"The number of simultaneous clients allowed.", (gptr*) &max_connections,<BR>(gptr*) &max_connections, 0, GET_ULONG, REQUIRED_ARG, 100, 1, 16384, 0, 1,<BR>0},<BR>将其中的100改为1500, 当然小点也可以,根据你的需要来,不建议改的太大。<BR>{"max_connections", OPT_MAX_CONNECTIONS,<BR>"The number of simultaneous clients allowed.", (gptr*) &max_connections,<BR>(gptr*) &max_connections, 0, GET_ULONG, REQUIRED_ARG, 1500, 1, 16384, 0, 1,<BR>0},<BR>保存。<BR># CHOST="i686-pc-linux-gnu" CFLAGS="-O3 -msse2 -mmmx -Wall -W -mfpmath=sse -mcpu=pentium4 -march=pentium4 -pipe -fomit-frame-pointer" CXXFLAGS="-O3 -msse2 -mmmx -Wall -W -mfpmath=sse -funroll-loops -mcpu=pentium4 -march=pentium4 -pipe -felide-constructors -fno-exceptions -fno-rtti -fomit-frame-pointer" ./configure --prefix=/usr/local/mysql --localstatedir=/var/lib/mysql --with-comment=Source --with-server-suffix=-enterprise-gpl --with-mysqld-user=mysql --without-debug --with-big-tables --with-charset=utf8 --with-collation=utf8_general_ci --with-extra-charsets=gbk,latin1 --with-pthread --enable-static --with-client-ldflags=-all-static --with-mysqld-ldflags=-all-static --enable-assembler --without-innodb --without-ndb-debug --without-isam --enable-local-infile --with-readline --with-raid<BR>配置成功会提示:<BR>MySQL has a Web site at http://www.mysql.com/ which carries details on the<BR>latest release, upcoming features, and other information to make your<BR>work or play with MySQL more productive. There you can also find<BR>information about mailing lists for MySQL discussion.<BR>Remember to check the platform specific part of the reference manual for<BR>hints about installing MySQL on your platform. Also have a look at the<BR>files in the Docs directory.<BR>Thank you for choosing MySQL!<BR># make<BR>编译的时间可能会比较长,毕竟优化的比较厉害。<BR># make install<BR>编译安装完成后执行后续操作:<BR># useradd mysql //添加 mysql 用户<BR># cd /usr/local/mysql<BR># bin/mysql_install_db --user=mysql<BR># chown -R root:mysql . //设置权限,注意后面有一个 "."<BR># chown -R mysql /var/lib/mysql //设置 mysql 目录权限<BR># chgrp -R mysql . //注意后面有一个 "."<BR># cp share/mysql/my-medium.cnf /etc/my.cnf<BR># cp share/mysql/mysql.server /etc/rc.d/init.d/mysqld //开机自动启动 mysql。<BR># chmod 755 /etc/rc.d/init.d/mysqld<BR># chkconfig --add mysqld<BR>#添加LIB PATH<BR>echo "/usr/local/mysql/lib" >> /etc/ld.so.conf && ldconfig<BR>vi /etc/my.cnf<BR>修改 MySQL 配置,增加部分优化参数,如下:<BR>[mysqld]<BR>ft_min_word_len=2<BR>运行以下命令即可启动 MySQL 服务器:<BR># /etc/rc.d/init.d/mysqld start //启动 MySQL<BR># bin/mysqladmin -u root password "password_for_root"<BR># service mysqld stop //关闭 MySQL<BR><BR>8. 编译安装 Apache<BR># cd /usr/local/src<BR># wget http://www.ip97.com/apache.org/httpd/httpd-2.2.6.tar.gz<BR># tar zxvf httpd-2.2.6.tar.gz<BR># cd httpd-2.2.6<BR>先依次安装apr和apr-util<BR># cd srclib/apr<BR># CHOST="i686-pc-linux-gnu" CFLAGS="-O3 -msse2 -mmmx -Wall -W -mfpmath=sse -mcpu=pentium4 -march=pentium4 -pipe -fomit-frame-pointer" CXXFLAGS="-O3 -msse2 -mmmx -Wall -W -mfpmath=sse -funroll-loops -mcpu=pentium4 -march=pentium4 -pipe -felide-constructors -fno-exceptions -fno-rtti -fomit-frame-pointer" ./configure --prefix=/usr/local/apr --enable-threads --enable-other-child --enable-static<BR># make && make install<BR># cd ../apr-util<BR># CHOST="i686-pc-linux-gnu" CFLAGS="-O3 -msse2 -mmmx -Wall -W -mfpmath=sse -mcpu=pentium4 -march=pentium4 -pipe -fomit-frame-pointer" CXXFLAGS="-O3 -msse2 -mmmx -Wall -W -mfpmath=sse -funroll-loops -mcpu=pentium4 -march=pentium4 -pipe -felide-constructors -fno-exceptions -fno-rtti -fomit-frame-pointer" ./configure --prefix=/usr/local/apr-util --with-apr=/usr/local/apr/ --with-mysql=/usr/local/mysql<BR># make && make install<BR>cd /usr/local/src/httpd-2.2.6<BR># CHOST="i686-pc-linux-gnu" CFLAGS="-O3 -msse2 -mmmx -Wall -W -mfpmath=sse -mcpu=pentium4 -march=pentium4 -pipe -fomit-frame-pointer" CXXFLAGS="-O3 -msse2 -mmmx -Wall -W -mfpmath=sse -funroll-loops -mcpu=pentium4 -march=pentium4 -pipe -felide-constructors -fno-exceptions -fno-rtti -fomit-frame-pointer" ./configure --prefix=/usr/local/apache2 --enable-mods-shared=all --with-mysql=/usr/local/mysql --enable-cache --enable-file-cache --enable-mem-cache --enable-disk-cache --enable-static-support --enable-static-htpasswd --enable-static-htdigest --enable-static-rotatelogs --enable-static-logresolve --enable-static-htdbm --enable-static-ab --enable-static-checkgid --disable-cgid --disable-cgi --with-apr=/usr/local/apr/ --with-apr-util=/usr/local/apr-util/ --enable-ssl --with-ssl=/usr/include/openssl --with-pcre<BR># make<BR># make install<BR>注解:<BR>./configure //配置源代码树<BR>--prefix=/usr/local/apache2 //体系无关文件的顶级安装目录PREFIX ,也就Apache的安装目录。<BR>--enable-module=so //打开 so 模块,so 模块是用来提 DSO 支持的 apache 核心模块<BR>--enable-mods-shared=all //编译全部的模板,对于不需要我们可以在httpd.conf去掉。<BR>--enable-cache //支持缓存<BR>--enable-file-cache //支持文件缓存<BR>--enable-mem-cache //支持记忆缓存<BR>--enable-disk-cache //支持磁盘缓存<BR>--enable-static-support //支持静态连接(默认为动态连接)<BR>--enable-static-htpasswd //使用静态连接编译 htpasswd - 管理用于基本认证的用户文件<BR>--enable-static-htdigest //使用静态连接编译 htdigest - 管理用于摘要认证的用户文件<BR>--enable-static-rotatelogs //使用静态连接编译 rotatelogs - 滚动 Apache 日志的管道日志程序<BR>--enable-static-logresolve //使用静态连接编译 logresolve - 解析 Apache 日志中的IP地址为主机名<BR>--enable-static-htdbm //使用静态连接编译 htdbm - 操作 DBM 密码数据库<BR>--enable-static-ab //使用静态连接编译 ab - Apache HTTP 服务器性能测试工具<BR>--enable-static-checkgid //使用静态连接编译 checkgid<BR>--disable-cgid //禁止用一个外部 CGI 守护进程执行CGI脚本<BR>--disable-cgi //禁止编译 CGI 版本的 PHP<BR>--enable-ssl // 编译 ssl模块。<BR>我们不再使用worker模式编译apache,worker模式和php貌似有一些不协调不稳定之处。所以使用了默认的perfork模式。<BR>将apache设置成开机自启动:<BR>在/etc/rc.d/rc.local文件中加入一行<BR>/usr/local/apache2/bin/apachectl start<BR>这样每次重新启动系统以后,apache也会随系统一起启动.<BR>或者将apache安装为系统服务<BR># cp /usr/local/apache2/bin/apachectl /etc/rc.d/init.d/httpd<BR>然后 vi /etc/rc.d/init.d/httpd 添加(#!/bin/sh下面)<BR># chkconfig: 2345 50 90<BR># description: Activates/Deactivates Apache Web Server<BR>最后,运行chkconfig把Apache添加到系统的启动服务组里面:<BR># chkconfig --add httpd<BR># chkconfig httpd on<BR><BR>9、编译php 5.2.5<BR>Suhosin是php增强型安全补丁,可以编译到静态内核中,也可以编译成php动态扩展。我个人强烈你建议安装成静态内核。Suhosin已经进入 Gentoo Linux、FreeBSD、OpenSuSE Linux、Mandriva Linux、Debian Linux官方包。下面的以下先说静态安装步骤。当然你也可以在安装php后将它编译成php的动态扩展。<BR># cd /usr/local/src<BR># wget http://cn.php.net/get/php-5.2.5.tar.gz/from/this/mirror<BR>wget http://www.hardened-php.net/suhosin/_media/suhosin-patch-5.2.5-0.9.6.2.patch.gz<BR># tar zxvf php-5.2.5.tar.gz<BR># gunzip suhosin-patch-5.2.5-0.9.6.2.patch.gz<BR># cd php-5.2.5<BR># patch -p 1 -i ../suhosin-patch-5.2.5-0.9.6.2.patch<BR># ./buildconf --force<BR># CHOST="i686-pc-linux-gnu" CFLAGS="-O3 -msse2 -mmmx -Wall -W -mfpmath=sse -mcpu=pentium4 -march=pentium4 -pipe -fomit-frame-pointer" CXXFLAGS="-O3 -msse2 -mmmx -Wall -W -mfpmath=sse -funroll-loops -mcpu=pentium4 -march=pentium4 -pipe -felide-constructors -fno-exceptions -fno-rtti -fomit-frame-pointer" ./configure --prefix=/usr/local/php --with-apxs2=/usr/local/apache2/bin/apxs --with-pear=/usr/share/php --with-zlib-dir --with-bz2 --with-libxml-dir=/usr --with-gd=/usr/local/gd2 --enable-gd-native-ttf --enable-gd-jis-conv --with-freetype-dir --with-jpeg-dir --with-png-dir --with-ttf=shared,/usr --enable-mbstring --with-mysql=/usr/local/mysql --with-mysqli=/usr/local/mysql/bin/mysql_config --with-config-file-path=/etc --with-iconv --disable-ipv6 --enable-static --enable-zend-multibyte --enable-inline-optimization --enable-zend-multibyte --enable-sockets --enable-soap --with-openssl --with-gettext --enable-suhosin<BR>配置成功会提示:<BR>+--------------------------------------------------------------------+<BR>| License: |<BR>| This software is subject to the PHP License, available in this |<BR>| distribution in the file LICENSE. By continuing this installation |<BR>| process, you are bound by the terms of this license agreement. |<BR>| If you do not agree with the terms of this license, you must abort |<BR>| the installation process at this point. |<BR>+--------------------------------------------------------------------+<BR>Thank you for using PHP.<BR># make<BR># make test<BR># make install<BR># cp php.ini-recommended /etc/php.ini<BR># echo "/usr/local/php/lib" >> /etc/ld.so.conf && ldconfig<BR>在这里也顺便说一下将suhosin安装成为php的动态扩展的方法。毕竟网上根本不见它的中文安装教程。<BR>虽然我个人不推荐这种方式。<BR>wget http://www.hardened-php.net/suhosin/_media/suhosin-0.9.20.tgz<BR>tar zxvf suhosin-0.9.20.tgz<BR>cd suhosin-0.9.20<BR>./configure --with-php-config=/usr/local/php/bin/php-config<BR>make<BR>make install<BR>会提示编译的模块存在的目录,记住它。<BR>Installing shared extensions: /usr/local/php/lib/php/extensions/no-debug-zts-20060613/<BR>然后在php.ini中增加一行下列语句。<BR>extension="/usr/local/php/lib/php/extensions/no-debug-zts-20060613/suhosin.so"<BR><BR>10、整合apache 与php<BR># vi /usr/local/apache2/conf/httpd.conf<BR>在最后一行加上:<BR>AddType application/x-httpd-php .php<BR>查找:(设置 WEB 默认文件)<BR>DirectoryIndex index.html<BR>修改为:<BR>DirectoryIndex index.php index.html index.htm<BR>找到这一段:<BR># AllowOverride controls what directives may be placed in .htaccess files.<BR># It can be "All", "None", or any combination of the keywords:<BR># Options FileInfo AuthConfig Limit<BR>#<BR>AllowOverride none<BR>更改为AllowOverride all<BR>允许apache rewrite<BR>保存httpd.conf,退出。<BR># /usr/local/apache2/bin/apachectl restart //重启 Apache<BR>这时会出现错误:<BR>/usr/local/apache2/bin/apachectl start<BR>httpd: Syntax error on line 107 of /usr/local/apache2/conf/httpd.conf: Cannot load /usr/local/apache2/modules/libphp5.so into server: /usr/local/apache2/modules/libphp5.so: cannot restore segment prot after reloc: Permission denied<BR>不急,我们慢慢解决。<BR>这个Permission denied问题,在centos 5下面一般是Selinux引起的,作为生产用服务器,我建议你千万别草率地关掉Selinux一了百了。就像家里的防盗网,阻碍了你的猫自由进出窗户,你不能为了猫方便,就把防盗网简单拆除是同样的道理。我看见网上许多人建议把Selinux简单关闭来解决这个问题,这是削足适履的做法,不值得提倡。<BR>我们可以这样操作:<BR># audit2allow -a //查看究竟问题出在什么地方<BR><no matches><BR>allow unconfined_t usr_t:file execmod;<BR>allow useradd_t var_log_t:file { read write };<BR>然后<BR># cd /etc/selinux/targeted/modules/<BR># audit2allow -M local -d<BR>屏幕产生如下提示:<BR>Generating type enforcment file: local.te<BR>Compiling policy<BR>checkmodule -M -m -o local.mod local.te<BR>semodule_package -o local.pp -m local.mod<BR>******************** IMPORTANT ***********************<BR>In order to load this newly created policy package into the kernel,<BR>you are required to execute<BR>semodule -i local.pp<BR>我们运行<BR># semodule -i local.pp<BR>这样就让Selinux加载了新的规则。<BR>更详细的内容请看我在BLOG上的转贴:<BR>http://www.cnprint.org/bbs/blogs/1/blog48.html<BR>重启apache<BR>哈哈,apache不会再报错了吧?<BR>这样我保留了selinux的功能,同时apache也能正常运行。<BR>PHP5.1.x开始需要设置时区,默认时区与中国时区差8个小时,这种情况需要在php.ini中这么设置,找到date.timezone,去掉前面的分号,修改为以下值,大陆地区可用的值是:Asia/Chongqing ,Asia/Shanghai ,Asia/Urumqi (依次为重庆,上海,乌鲁木齐)<BR>不然一些php程序的时间老是和中国标准时间相差8个小时。我的我的VBB论坛在windows上就是这样。这儿有亚洲地区的对应时区。<BR>http://www.php.net/manual/en/timezones.asia.php<BR>11、安装 Zend Optimizer<BR># cd /usr/local/src<BR># wget http://downloads.zend.com/optimizer/3.3.0/ZendOptimizer-3.3.0-linux-glibc21-i386.tar.gz<BR># tar xzvf ZendOptimizer-3.3.0-linux-glibc21-i386.tar.gz<BR># ./ZendOptimizer-3.3.0-linux-glibc21-i386/install.sh<BR>按照它的提示一步步进行就行了。<BR>总之一句话。如果你的服务器环境不需要ZendOptimizer,那么能不安就不安装这个。避免和eaccelerator冲突。<BR>12. 查看确认 L.A.M.P 环境信息<BR>vi /usr/local/apache2/htdocs/phpinfo.php<BR>新增加下面一行,并保存。<BR><?php phpinfo(); ?><BR># chmod 755 /usr/local/apache2/htdocs/phpinfo.php<BR>用浏览器打开 http://192.168.9.150/phpinfo.php<BR>检查 phpinfo中的各项信息是否正确。<BR>测试php与mysql的连接<BR># vi /usr/local/apache2/htdocs/testdb.php<BR>增加下面几行,并保存。<BR><?php<BR>$link=mysql_connect('localhost','root','yourpassword');<BR>if(!$link) echo "fail";<BR>else echo "success";<BR>mysql_close();<BR>?><BR># chmod 755 /usr/local/apache2/htdocs/testdb.php<BR># service mysqld start<BR>用浏览器打开 http://192.168.9.150/testdb.php<BR>如果输出success就OK了<BR>到这一步,一个基本的lamp就建立完成了。如果你是初学者,下面的步骤根据需要参考,不必全部照做,记住一句话,功能越多,越容易出错,在任何领域都是这样。<BR><BR>三、LAMP环境加速,包括squid, memcache, eaccelerator<BR>13、安装eaccelerator<BR>eaccelerator是php的加速软件,使用后php的执行效率会有较大幅度的提升。目前eaccelerator 0.9.5.2已经和ZendOptimizer-3.3.0能够基本上兼容啦。不过我个人觉得,ZendOptimizer-3.3.0没有加速的功能,反而使php运行变慢,只是起到了运行zend加密文件的作用而已。闲话不多说了,大家有兴趣的,可以去google下。<BR># cd /usr/local/src<BR># wget http://bart.eaccelerator.net/source/0.9.5.2/eaccelerator-0.9.5.2.tar.bz2<BR># tar -jxvf eaccelerator-0.9.5.2.tar.bz2<BR># cd eaccelerator-0.9.5.2<BR>export PHP_PREFIX="/usr/local/php"<BR>$PHP_PREFIX/bin/phpize //指定一下php的目录<BR># CHOST="i686-pc-linux-gnu" CFLAGS="-O3 -msse2 -mmmx -Wall -W -mfpmath=sse -mcpu=pentium4 -march=pentium4 -pipe -fomit-frame-pointer" CXXFLAGS="-O3 -msse2 -mmmx -Wall -W -mfpmath=sse -funroll-loops -mcpu=pentium4 -march=pentium4 -pipe -felide-constructors -fno-exceptions -fno-rtti -fomit-frame-pointer" ./configure --enable-eaccelerator=shared --with-php-config=$PHP_PREFIX/bin/php-config --with-eaccelerator-shared-memory // 设置<BR># make & make install<BR>编译安装后我们会看到屏幕提示的eaccelerator.so所在的目录,php5.2.X系列是在 /usr/local/php/lib/php/extensions/no-debug-zts-20060613/eaccelerator.so,记住这个路径,待会要用到。<BR>修改php.ini(安装完zend之后,php.ini存放于/usr/local/Zend/etc)<BR>在文件最后,zend之前,注意,这部分内容务必放在zend之前,不然可能会出现不可预期的服务器问题。添加下列信息:<BR>[eaccelerator]<BR>extension="/usr/local/php/lib/php/extensions/no-debug-zts-20060613/eaccelerator.so"<BR>eaccelerator.shm_size="32"<BR>eaccelerator.cache_dir="/tmp/eaccelerator"<BR>eaccelerator.enable="1"<BR>eaccelerator.optimizer="1"<BR>eaccelerator.check_mtime="1"<BR>eaccelerator.debug="0"<BR>eaccelerator.filter=""<BR>eaccelerator.shm_max="0"<BR>eaccelerator.shm_ttl="0"<BR>eaccelerator.shm_prune_period="0"<BR>eaccelerator.shm_only="0"<BR>eaccelerator.compress="1"<BR>eaccelerator.compress_level="9"<BR>然后<BR># mkdir /tmp/eaccelerator // 建立目录<BR># chmod 0777 /tmp/eaccelerator // 修改目录属性<BR>解释:<BR>zend_extension 是安装完程序自动指示给我们的文件路径和文件名<BR>如果您使用 thread safe 编译安装 PHP,则您必须使用 “zend_extension_ts” 代替 默认添加的“zend_extension”。我就必须修改这里,否则不起作用。<BR>zend_extension_ts="/home/php/lib/php/extensions/no-debug-zts-20060613/eaccelerator.so"<BR>实际上,安装好eAccelerator以后, /home/php/lib/php/extensions/下会生成2个目录,一个是no-debug-zts-xxxxxxxx,一个是no- debug-non-zts-xxxxxxxx,2个目录下都有eaccelerator.so文件。<BR>eaccelerator.shm_size="32"<BR>eAccelerator 可以使用的共享内存的数量 (以兆为单位) . "0" 是指操作系统的默认值. 默认值是 "0".可根据服务器的实际情况来调整,16,32,64,128都是可以的。<BR>eaccelerator.cache_dir="/home/php/tmp"<BR>这个目录是给磁盘缓存使用. eAccelerator 在这里储存预先编译好的代码, 进程数据, 内容以及用户的自定义内容. 同样的数据也能被储存在共享内存中 (这样可以提高访问速度). 默认的设置是 "/tmp/eaccelerator".<BR>eaccelerator.enable="1"<BR>开启或关闭 eAccelerator。”1″ 为开启,”0″ 为关闭。默认值为 “1″。<BR>eaccelerator.optimizer="1"<BR>启或关闭内部优化器,可以提升代码执行速度。”1″ 为开启,”0″ 为关闭。默认值为 “1″。<BR>eaccelerator.check_mtime="1"<BR>打开或者关闭 PHP 的文件修改检查. "1" 是指打开, "0" 是指关闭. 如果您在修改以后重新编译 PHP 的文件,那么您应当设置为 "1". 默认值是 "1".<BR>eaccelerator.debug="0"<BR>开启或关闭调试日志记录。”1″ 为开启,”0″ 为关闭。默认值为 “0″。<BR>eaccelerator.filter=""<BR>判断哪些 PHP 文件必须缓存。您可以指定缓存和不缓存的文件类型(如 “*.php *.phtml”等)<BR>如果参数以 “!” 开头,则匹配这些参数的文件被忽略缓存。默认值为 “”,即,所有 PHP 文件<BR>都将被缓存。<BR>eaccelerator.shm_max="0"<BR>当使用 ” eaccelerator_put() ” 函数时禁止其向共享内存中存储过大的文件。该参数指定允许<BR>存储的最大值,单位:字节 (10240, 10K, 1M)。”0″ 为不限制。默认值为 “0″。<BR>eaccelerator.shm_ttl="0"<BR>当 eAccelerator 获取新脚本的共享内存大小失败时,它将从共享内存中删除所有在<BR>最后 “shm_ttl” 秒内无法存取的脚本缓存。默认值为 “0″,即:不从共享内春中删除<BR>任何缓存文件。<BR>eaccelerator.shm_prune_period="0"<BR>当 eAccelerator 获取新脚本的共享内存大小失败时,他将试图从共享内存中删除早于<BR>“shm_prune_period” 秒的缓存脚本。默认值为 “0″,即:不从共享内春中删除<BR>任何缓存文件。<BR>eaccelerator.shm_only="0"<BR>允许或禁止将已编译脚本缓存在磁盘上。该选项对 session 数据和内容缓存无效。默认<BR>值为 “0″,即:使用磁盘和共享内存进行缓存。<BR>eaccelerator.compress="1"<BR>允许或禁止压缩内容缓存。默认值为 “1″,即:允许压缩。<BR>eaccelerator.compress_level="9"<BR>指定内容缓存的压缩等级。默认值为 “9″,为最高等级。<BR>最后重新启动apachectl<BR>重启apache,phpinfo显示:<BR>This program makes use of the Zend Scripting Language Engine:<BR>Zend Engine v2.2.0, Copyright (c) 1998-2006 Zend Technologies<BR>with eAccelerator v0.9.5.2, Copyright (c) 2004-2006 eAccelerator, by eAccelerator<BR>with Zend Extension Manager v1.0.11, Copyright (c) 2003-2006, by Zend Technologies<BR>with Zend Optimizer v3.3.0, Copyright (c) 1998-2006, by Zend Technologies<BR>也会有eAccelerator的具体信息。<BR><BR>14、安装Squid,提供web反向代理缓存<BR>Squid是一个更专业的代理服务器,性能和效率会比Apache的mod_proxy高很多。<BR>Squid Internet Object Cache (Harvest Project的后续版本) 是美国政府大力助的一项研究计划,其目的为解决网络带宽不足的问题,是现在Unix系统上使用者最多功能也最完整的一套软体。Apache和 Netscape虽附有相关的Proxy模块,但因其功能简单而不够普及。有关squid的详细说明可到squid网站(http: //www.squid-cache.org)查询。<BR>反向代理是和前两种代理完全不同的一种代理服务。使用它可以降低原始WEB服务器的负载。反向代理服务器承担了对原始WEB服务器的静态页面的请求,防止原始服务器过载。它位于本地WEB服务器和Internet之间,处理所有对WEB服务器的请求,组织了WEB服务器和Internet的直接通信。如果互联网用户请求的页面在代理服务器上有缓冲的话,代理服务器直接将缓冲内容发送给用户。如果没有缓冲则先向WEB服务器发出请求,取回数据,本地缓存后再发送给用户。这种方式通过降低了向WEB服务器的请求数从而降低了WEB服务器的负载。<BR>下载squid<BR># wget http://www.squid-cache.org/Versions/v2/2.6/squid-2.6.STABLE16.tar.bz2<BR># tar jxvf squid-2.6.STABLE16.tar.bz2<BR># cd squid-2.6.STABLE16<BR># CHOST="i686-pc-linux-gnu" CFLAGS="-O3 -msse2 -mmmx -Wall -W -mfpmath=sse -mcpu=pentium4 -march=pentium4 -pipe -fomit-frame-pointer" CXXFLAGS="-O3 -msse2 -mmmx -Wall -W -mfpmath=sse -funroll-loops -mcpu=pentium4 -march=pentium4 -pipe -felide-constructors -fno-exceptions -fno-rtti -fomit-frame-pointer" ./configure --prefix=/usr/local/squid --enable-async-io=500 --with-maxfd=65536 --disable-delay-pools --disable-mem-gen-trace --disable-useragent-log --enable-kill-parent-hack --disable-arp-acl --enable-epoll --disable-ident-lookups --enable-snmp --enable-large-cache-files --with-large-files --with-pthreads --enable-underscore --enable-storeio="aufs,coss,diskd,ufs" --enable-err-language="Simplify_Chinese" --enable-default-err-languages="Simplify_Chinese"<BR># make && make install<BR>如果是2.6的内核,才能支持epoll的IO模式,旧版本的内核则只能选择poll或其他模式了;另外,记得带上支持大文件的选项,否则在access log等文件达到2G的时候就会报错。<BR>设定 squid 的配置大概如下内容:<BR># mv /usr/local/squid/etc/squid.conf /usr/local/squid/etc/squid.conf.bak<BR># vi /usr/local/squid/etc/squid.conf<BR>#服务器IP 192.168.9.150<BR>#监听服务器的80端口,反向代理,支持域名和IP的虚拟主机<BR>http_port 192.168.9.150:80 vhost vport<BR>#防止天涯盗链,转嫁给百度<BR>acl tianya referer_regex -i tianya<BR>http_access deny tianya<BR>deny_info http://www.baidu.com/logs.gif tianya<BR>#防止百度机器人爬死服务器,这将导致百度不能收录你的网站内容,请注意<BR>acl AntiBaidu req_header User-Agent Baiduspider<BR>http_access deny AntiBaidu<BR>#Squid信息设置<BR>visible_hostname www.cnprint.org<BR>cache_mgr admin@cnprint.org<BR>#squid使用的用户组和用户名<BR>cache_effective_user nobody<BR>cache_effective_group nobody<BR>tcp_recv_bufsize 65535 bytes<BR>client_persistent_connections off<BR>server_persistent_connections on<BR>half_closed_clients off<BR>#单台使用,不使用该功能<BR>icp_port 0<BR>#设置Squid所能使用的内存共40MB,这个值因人而异,每次处理缓存大小为40MB,当缓存空间使用达到95%时新的内容将取代旧的而不直接添加到目录中,直到空间又下降到90%才停止这一活动<BR>cache_mem 40 MB<BR>cache_swap_low 90<BR>cache_swap_high 95<BR>#最大缓存文件大小,超过这个值则不缓存,这个值因人而异,maximum_object_size_in_memory #装入内存缓存的文件大小,这个值对Squid的性能影响比较大,因为默认值是8K,超过8K的文件都不装入内存,而实际应用中很多网页和图片等都超过 8KB, 个人认为如果缓存不装入内存而存在磁盘上,性能和apache直接读取磁盘文件没什么区别,甚至不如直接访问apache,现在设置成小于4兆的文件通通装入内存缓存.<BR>maximum_object_size 4096 KB<BR>minimum_object_size 0 KB<BR>maximum_object_size_in_memory 4096 KB<BR>ipcache_size 1024<BR>ipcache_low 90<BR>ipcache_high 95<BR>cache_replacement_policy lru<BR>memory_replacement_policy lru<BR>#磁盘缓存的类型和目录,大小,一二级目录的设置,这里磁盘缓存大小是100MB,都是 16*256 级子目录<BR>cache_dir ufs /usr/local/squid/var/cache 100 16 256<BR>#这个设置是不记录store.log<BR>cache_store_log none<BR>#设置默认刷新规则<BR>refresh_pattern -i ^ftp: 1440 20% 10080<BR>refresh_pattern -i ^gopher: 1440 0% 1440<BR>refresh_pattern . 0 20% 4320<BR>#不要相信ETag 因为有gzip<BR>acl apache rep_header Server ^Apache<BR>broken_vary_encoding allow apache<BR>#设置超时策略<BR>forward_timeout 20 seconds<BR>connect_timeout 15 seconds<BR>read_timeout 3 minutes<BR>request_timeout 1 minutes<BR>persistent_request_timeout 15 seconds<BR>client_lifetime 15 minutes<BR>shutdown_lifetime 5 seconds<BR>negative_ttl 10 seconds<BR>#打开emulate_httpd_log选项,将使Squid仿照Aapche的日志格式<BR>emulate_httpd_log on<BR>#日志格式combined的设置<BR>logformat combined %>a %ui %un [%tl] "%rm %ru HTTP/%rv" %Hs %<st "%{Referer}>h" "%{User-Agent}>h" %Ss:%Sh<BR>#这里是设置pid和日志文件的位置,因人而异,同时日志格式是combined,awstats可以直接调用分析了<BR>pid_filename /usr/local/squid/var/squid.pid<BR>cache_log /usr/local/squid/var/logs/cache.log<BR>access_log /usr/local/squid/var/logs/access.log combined<BR>#设置不想缓存的目录或者文件类型<BR>acl all src 0.0.0.0/0.0.0.0<BR>acl QUERY urlpath_regex cgi-bin .php .cgi .avi .wmv .rm .ram .mpg .mpeg .zip .exe<BR>cache deny QUERY<BR>#2.6的反向代理加速配置<BR>#代理到本机的80端口的服务,仅仅做为原始内容服务器<BR>cache_peer 127.0.0.1 parent 80 0 no-query originserver login=PASS<BR>#错误文档<BR>error_directory /usr/local/squid/share/errors/Simplify_Chinese<BR>保存。<BR>mkdir /usr/local/squid/var/cache<BR>chown -R nobody:nobody /usr/local/squid/var/cache<BR>chown -R nobody:nobody /usr/local/squid/var/logs/<BR>chmod 777 /usr/local/squid/var/cache<BR>修改httpd.conf<BR>初始化和启动squid<BR># /usr/local/squid/sbin/squid -z<BR># /usr/local/squid/sbin/squid -NCd1<BR>第一条命令是先初始化squid缓存哈希子目录,只需执行一次即可。<BR>最好还编辑/etc/hosts 文件<BR>添加以下内容<BR>192.168.9.150 cnprint.org www cnprint.org<BR>这样免去查询DNS,速度也快一些。<BR>现在大家肯定急着要打开浏览器访问你的网站看看效果吧,其实没啥变化,要等到有流量访问,squid把文件都装到内存后,效果才明显。可以用top命令观察squid的内存使用情况或者用<BR>cat /usr/local/squid/var/logs/access.log |grep TCP_MEM_HIT<BR>如果看到很多的TCP_MEM_HIT ,这表明该文件是从内存缓存读取的,squid已经起作用了!你再用浏览器打开该文件,应该是快如闪电了。。呵呵,大功告成了!还有其他类型的HIT,如 TCP_HIT等等,这些是从磁盘读取的,我觉得加速的意义不大,只不过缓解了apache的压力而已。<BR>3. 启动squid:./bin/RunCache &<BR>这边我使用squid附带的启动脚本来启动squid,有个好处就是,如果squid的进程死了的话,这个脚本会自动启动squid,对于运行在线上的服务器来说,这点太重要了。<BR>开机自动运行squid<BR>修改开机自动运行文件,将 /usr/local/squid/bin/RunCache & 加进开机自动执行的程序中。<BR>因为第一次是以 root 身份启动,所以,/usr/local/squid/var/squid.out 及 /usr/local/squid/var/squid.pid 的拥有者是 root ,这会造成下列以 nobody 身份启动 squid 时,会有错误出现,所以,必须在第二次由 rc.local 启动前,先行将 squid.out 及 squid.pid 两个文件的所有者(owner)改为 nobody,即是<BR>chown nobody:nobody /usr/local/squid/var/squid.out<BR>chown nobody:nobody /usr/local/squid/var/logs/squid.pid<BR>在 /etc/rc.d/rc.local 中加入<BR>/usr/local/squid/bin/RunCache &<BR><BR>15、memcache + libevent 安装<BR>memcached是一个高性能的分布式的内存对象缓存系统,通过在内存里维护一个统一的巨大的hash表,它能够用来存储各种格式的数据,包括图像、视频、文件以及数据库检索的结果等。最初为了加速 LiveJournal 访问速度而开发的,后来被很多大型的网站采用。起初作者编写它可能是为了提高动态网页应用,为了减轻数据库检索的压力,来做的这个缓存系统。它的缓存是一种分布式的,也就是可以允许不同主机上的多个用户同时访问这个缓存系统,这种方法不仅解决了共享内存只能是单机的弊端,同时也解决了数据库检索的压力,最大的优点是提高了访问获取数据的速度!基于memcached作者对分布式cache的理解和解决方案。 memcached完全可以用到其他地方比如分布式数据库,分布式计算等领域。<BR>Memcache是danga.com的一个项目,最早是为 LiveJournal 服务的,目前全世界不少人使用这个缓存项目来构建自己大负载的网站,来分担数据库的压力。(关于Memcache的更多信息请Google)<BR>Memcache官方网站:http://www.danga.com/memcached<BR>服务器端主要是安装memcache服务器端,目前的最新版本是 memcached-1.2.3。<BR>另外,Memcache用到了libevent这个库用于Socket的处理,所以还需要安装libevent,libevent的最新版本是libevent-1.3e。(如果你的系统已经安装了libevent,可以不用安装)<BR>官网:http://www.monkey.org/~provos/libevent/<BR>(1)、安装memcached服务器端<BR>编译安装:<BR># cd /usr/local/src<BR># wget http://monkey.org/~provos/libevent-1.3e.tar.gz<BR># tar zxvf libevent-1.3e.tar.gz<BR># cd libevent-1.3e<BR># CHOST="i686-pc-linux-gnu" CFLAGS="-O3 -msse2 -mmmx -Wall -W -mfpmath=sse -mcpu=pentium4 -march=pentium4 -pipe -fomit-frame-pointer" CXXFLAGS="-O3 -msse2 -mmmx -Wall -W -mfpmath=sse -funroll-loops -mcpu=pentium4 -march=pentium4 -pipe -felide-constructors -fno-exceptions -fno-rtti -fomit-frame-pointer" ./configure --prefix=/usr/local && make && make install<BR># echo "/usr/local/lib" >> /etc/ld.so.conf && ldconfig<BR># cd ../<BR># wget http://www.danga.com/memcached/dist/memcached-1.2.3.tar.gz<BR># tar zxvf memcached-1.2.3.tar.gz<BR># cd memcached-1.2.3<BR># CHOST="i686-pc-linux-gnu" CFLAGS="-O3 -msse2 -mmmx -Wall -W -mfpmath=sse -mcpu=pentium4 -march=pentium4 -pipe -fomit-frame-pointer" CXXFLAGS="-O3 -msse2 -mmmx -Wall -W -mfpmath=sse -funroll-loops -mcpu=pentium4 -march=pentium4 -pipe -felide-constructors -fno-exceptions -fno-rtti -fomit-frame-pointer" ./configure --prefix=/usr/local/memcached --with-libevent=/usr/local<BR># make && make install<BR>备注:如果 libevent 不是安装在 /usr 目录下,那么需要把 libevent-1.3e.so.1 拷贝/链接到 /usr/lib 中,否则 memcached 有可能无法正常加载。<BR>(2)、安装php对memcache支持模块<BR>安装php-memcache模块,这是memcache的php客户端,php-memcache需要pecl库的支持。<BR># cd /usr/local/src<BR># wget http://pecl.php.net/get/memcache-2.2.0.tgz<BR># tar zxvf memcache-2.2.0.tgz<BR>#cd memcache-2.2.0<BR>#export PHP_PREFIX=/usr/local/php<BR>#$PHP_PREFIX/bin/phpize<BR>#CHOST="i686-pc-linux-gnu" CFLAGS="-O3 -msse2 -mmmx -Wall -W -mfpmath=sse -mcpu=pentium4 -march=pentium4 -pipe -fomit-frame-pointer" CXXFLAGS="-O3 -msse2 -mmmx -Wall -W -mfpmath=sse -funroll-loops -mcpu=pentium4 -march=pentium4 -pipe -felide-constructors -fno-exceptions -fno-rtti -fomit-frame-pointer" ./configure --enable-memcache --with-zlib-dir --with-php-config=$PHP_PREFIX/bin/php-config<BR>#make && make install<BR>修改php.ini<BR>在最末尾增加一行:<BR>extension="/usr/local/php/lib/php/extensions/no-debug-zts-20060613/memcache.so"<BR>运行以下命令来启动 memcached:<BR>#/usr/local/memcached/bin/memcached \<BR>-l 192.168.9.139 -d -p 11211 -u nobody -m 128<BR>表示用 daemon 的方式启动 memcached,监听在 192.168.9.19 的 11211 端口上,运行用户为 nobody,为其分配 128MB 的内存。<BR>这时查看一下进程,看memcached启动成功没有。<BR>top -U nobody<BR>可以看到<BR>5867 nobody 15 0 2352 684 276 S 0.0 0.1 0:00.00 memcached<BR>说明 memcached安装成功,并正在运行。<BR>设置成开机自动运行<BR>在 /etc/rc.d/rc.local 中加入<BR>/usr/local/memcached/bin/memcached -l 192.168.9.150 -d -p 11211 -u nobody -m 128<BR><BR>四、附加功能配置, 包括ssl, mysqlhotcopy, phpmyadmin<BR><BR>15、安装DBI和DBD for mysql<BR><BR>//用于提供perl访问mysql数据库的接口规范,请确认你已经安装了perl,一般默认系统都装上了。<BR>因为我们要用到mysqlhotcopy功能,需要这两个小程序的支持。<BR># wget http://mirrors.xueron.com/CPAN/authors/id/T/TI/TIMB/DBI-1.601.tar.gz<BR>首先,安装DBI包:<BR># tar zxvf DBI-1.061.tar.gz<BR># cd DBI-1.061<BR># perl Makefile.PL<BR># make<BR># make test<BR># make install<BR><BR>wget http://search.cpan.org/CPAN/authors/id/C/CA/CAPTTOFU/DBD-mysql-4.005.tar.gz<BR># tar zxvf DBD-mysql-4.005.tar.gz<BR># cp /usr/local/mysql/lib/mysql/libmysqlclient.so.15 /usr/lib/<BR># perl Makefile.PL --libs="-L/usr/local/mysql/lib/mysql -lmysqlclient -L/usr/lib -lz " --cflags=-I/usr/local/mysql/include/mysql --mysql_config=/usr/local/mysql/bin/mysql_config --testhost=127.0.0.1--testsocket=/tmp/mysql.sock --testdb=test --testuser=root --testpassword="youpassword"<BR># make<BR># make test<BR># make instll<BR>测试执行 mysqlhotcopy 並出現如下类似錯誤訊息<BR>#/usr/local/mysql/bin/mysqlhotcopy mysql /tmp/test -u root -p 'password'<BR>Invalid db.table name 'mysql.mysql`.`activity' at /usr/local/bin/mysqlhotcopy line 855.<BR>Ans:<BR>找到了 [MySQL Bugs: #27303: mysqlhotcopy dies with error Invalid db.table name 'foo.bar`.`baz'] 说明将 mysqlhotcopy 文件修改一下后即可顺利执行 mysqlhotcopy 了<BR>#vi /usr/local/mysql/bin/mysqlhotcopy //在第 835 下新增一行<BR>835 my @dbh_tables = eval { $dbh->tables() };<BR>836 map { s/^.*?\.//o } @dbh_tables; //加入此行<BR>mysql 5.0.50后已经修正这个错误。<BR><BR>16、配置https<BR>vi /usr/local/apache2/conf/httpd.conf<BR># 监听443端口,支持https连接<BR>取消注释 httpd.conf 中的 Include conf/extra/httpd-ssl.conf<BR>设置SSL并创建自己的CA<BR># cd /etc/pki/tls/misc<BR># ./CA -newca<BR>屏幕上出现如下的提示:CA certificate filename (or enter to create)<BR>这是要求输入要创建的CA的证书文件名, 可以直接回车或输入证书文件名。<BR>Making CA certificate ...<BR>Generating a 1024 bit RSA private key<BR>.........++++++<BR>................................++++++<BR>writing new private key to './demoCA/private/./cakey.pem'<BR>Enter PEM pass phrase:<BR>Verifying password - Enter PEM pass phrase:-<BR>此时要求输入和验证CA的私钥口令、国家代码(中国是CN)、省份、城市或地区、组织或企业名称、部门名称、CA的名称或服务器的主机名称、管理员电子邮件地址。<BR>至此,在当前目录下生成了demoCA的目录,CA的证书就在该目录下,文件名为cacert.pem<BR>生成服务器的证书请求<BR># ./CA -newreq<BR>屏幕上出现如下的提示:<BR>Generating a 1024 bit RSA private key<BR>.....................................................++++++<BR>.....++++++<BR>writing new private key to 'newreq.pem'<BR>Enter PEM pass phrase:<BR>Verifying password - Enter PEM pass phrase:<BR>此时要求输入和验证服务器的私钥口令、国家代码(中国是CN)、省份、城市或地区、组织或企业名称、部门名称、CA的名称或服务器的主机名称、管理员电子邮件地址。<BR>Please enter the following 'extra' attributes<BR>to be sent with your certificaterequest<BR>A challenge password []:<BR>An optional company name []:<BR>.Request (and private key) is in newreq.pem<BR>这是要求输入服务器的相关信息。<BR>此时,在当前目录下生成了一个名为newreq.pem的文件,包含了要生成服务器数字证书的请求。<BR>签署证书<BR># ./CA -sign<BR>屏幕上出现如下的提示:<BR>Using configuration from /usr/share/ssl/openssl.cnf<BR>Enter PEM pass phrase:<BR>此时一样需要输入CA的私钥口令、国家代码(中国是CN)、省份、城市或地区、组织或企业名称、部门名称、CA的名称或服务器的主机名称、管理员电子邮件地址。<BR>Certificate is to be certified until Nov 19 13:46:19 2002 GMT (365 days)<BR>Sign the certificate? [y/n]:y<BR>这时显示证书请求文件中的各项信息,并询问是否要签署证书,回答y,进行签署。<BR>1 out of 1 certificate requests certified, commit? [y/n]y<BR>回答y,会显示已经签署的证书的信息,并在当前目录下生成服务器的证书文件newcert.pem。<BR># mkdir /usr/local/apache2/conf/ssl.crt/<BR># mkdir /usr/local/apache2/conf/ssl.key/<BR># cp newcert.pem /usr/local/apache2/conf/ssl.crt/server.pem<BR># cp newreq.pem /usr/local/apache2/conf/ssl.key/server.pem<BR>更改服务器的证书文件的相关配置<BR># vi /usr/local/apache2/conf/extra/httpd-ssl.conf<BR>查找并修改<BR># Server Certificate:<BR># Point SSLCertificateFile at a PEM encoded certificate. If<BR># the certificate is encrypted, then you will be prompted for a<BR># pass phrase. Note that a kill -HUP will prompt again. Keep<BR># in mind that if you have both an RSA and a DSA certificate you<BR># can configure both in parallel (to also allow the use of DSA<BR># ciphers, etc.)<BR>SSLCertificateFile /usr/local/apache2/conf/ssl.crt/server.pem<BR>#SSLCertificateFile /usr/local/apache2/conf/server-dsa.crt<BR># Server Private Key:<BR># If the key is not combined with the certificate, use this<BR># directive to point at the key file. Keep in mind that if<BR># you've both a RSA and a DSA private key you can configure<BR># both in parallel (to also allow the use of DSA ciphers, etc.)<BR>SSLCertificateKeyFile /usr/local/apache2/conf/ssl.key/server.pem<BR>#SSLCertificateKeyFile /usr/local/apache2/conf/server-dsa.key<BR>示例文件<BR>在SSL的根目录中生成一个index.html,它是如下所示:<BR><html><BR>这是SSL示例!<BR></html><BR>测试<BR>假如Web服务器的DNS名称是www.cnprint.org.<BR>在浏览器的URL地址栏里输入 http://www.cnprint.org/,浏览器便会显示APACHE安装时确省的Test Page.<BR>在浏览器的URL地址栏里输入 https://www.cnprint.org/,注意:是 https 而不是http !<BR>浏览器会提示站点已经采用了SSL进行数据的加密传输.由于我们的CA证书不是浏览器缺省的信任的根证书,所以,浏览器会说无法确认服务器的证书可信。暂时不管,一直NEXT,最后,浏览器会显示:这是SSL示例!<BR>可以把CA的证书放在非SSL的站点上,让浏览器下载并安装CA证书,并将其设置成可信任的根证书,便可解决上面的问题.8 解除HTTPD起动时的口令输入。<BR>由于安全的原因,Web服务器的私钥是口令加密了的,每次重新起动HTTPD或Linux时,都会要求输入Web服务器的私钥的口令。<BR>如果要解除HTTPD起动时的口令输入,可以这样:<BR># cd /usr/local/apache2/conf/ssl.key/<BR># cp server.pem server.pem.org<BR># openssl rsa -in server.pem.org -out server.pem<BR># chmod 400 server.pem<BR>另外在网上看到一个方法,我没有试。有兴趣的可以试下。<BR>创建SSL密码自动应答文件,否则每次Apache启动的时候,都会要求你输入SSL的密码.<BR>创建 /usr/local/apache2/conf/ssl.key/sendsslpwd ,内容如下.<BR>#!/bin/bash<BR>SSLpasswd="YOUR PASSPHRASE"<BR>echo $SSLpasswd<BR>chmod 755 /usr/local/apache2/conf/ssl.key/sendsslpwd<BR>此时,Web服务器的私钥已经没有口令加密,一定要确保server.pem文件除root外,任何用户均无权读取它。<BR><BR>17、安装phpmyadmin,管理mysql数据库<BR># cd /usr/local/apache2/htdocs/<BR># wget http://nchc.dl.sourceforge.net/sourceforge/phpmyadmin/phpMyAdmin-2.11.1-all-languages-utf-8-only.tar.gz<BR># tar zxvf phpMyAdmin-2.11.1-all-languages-utf-8-only.tar.gz<BR># mv phpMyAdmin-2.11.1-all-languages-utf-8-only phpmyadmin<BR># cd phpmyadmin/libraries<BR>修改配置文件<BR># vi config.default.php<BR>找到这几行进行修改:<BR>$cfg['Servers'][$i]['auth_type'] = 'http'; // Authentication method (valid choices: config, http, HTTP, signon or cookie)<BR>$cfg['Servers'][$i]['user'] = 'root'; // MySQL user<BR>$cfg['Servers'][$i]['password'] = 'PASSWORD'; // MySQL password (only needed<BR><BR>五、服务器安全配置<BR><BR>18、编译安装mod_security<BR>mod_security是一个集入侵检测和防御引擎功能的开源web应用安全程序(或web应用程序防火墙)。<BR>它以Apache Web服务器的模块方式运行, 目标是增强web应用程序的安全性, 防止web应用程序受到已知或未知的攻击。<BR># cd /usr/local/src<BR># wget http://www.modsecurity.org/download/modsecurity-apache_2.1.3.tar.gz<BR># tar -zxvf modsecurity-apache_2.1.3.tar.gz<BR># cd modsecurity-apache_2.1.3/apache2<BR># cat /usr/local/apache2/conf/httpd.conf | grep "ServerRoot" | grep -v "#"<BR>ServerRoot "/usr/local/apache2"<BR>#<BR>#vi Makefile<BR>top_dir = /usr/local/apache2<BR>#<BR># make<BR># make install<BR>vi /usr/local/apache2/conf/httpd.conf<BR>加载下列模块<BR>LoadModule unique_id_module modules/mod_unique_id.so<BR>LoadModule security2_module modules/mod_security2.so<BR>添加一行:<BR>Include conf/modsecurity/*.conf<BR>保存。<BR>cd /usr/local/src/modsecurity-apache_2.1.3/rules<BR># mkdir /usr/local/apache2/conf/modsecurity<BR># cp *.conf /usr/local/apache2/conf/modsecurity/<BR>根据你的需要,You may want to edit and customize modsecurity_crs_10_config.conf.<BR>Additionally you may want to edit modsecurity_crs_30_http_policy.conf which enforces an application specific HTTP protocol usage.<BR>重启apache<BR><BR>19、Iptables规则<BR>vi /usr/local/sbin/fw.sh<BR>将以下脚本命令粘贴到 fw.sh 文件中。<BR><BR>#!/bin/bash<BR># Stop iptables service first<BR>service iptables stop<BR># Load FTP Kernel modules<BR>/sbin/modprobe ip_conntrack_ftp<BR>/sbin/modprobe ip_nat_ftp<BR># Inital chains default policy<BR>/sbin/iptables -F -t filter<BR>/sbin/iptables -P INPUT DROP<BR>/sbin/iptables -P OUTPUT ACCEPT<BR># Enable Native Network Transfer<BR>/sbin/iptables -A INPUT -i lo -j ACCEPT<BR># Accept Established Connections<BR>/sbin/iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT<BR># ICMP Control<BR>/sbin/iptables -A INPUT -p icmp -m limit --limit 1/s --limit-burst 10 -j ACCEPT<BR># WWW Service<BR>/sbin/iptables -A INPUT -p tcp --dport 80 -j ACCEPT<BR># FTP Service<BR>/sbin/iptables -A INPUT -p tcp --dport 2121 -j ACCEPT<BR># SSH Service<BR>/sbin/iptables -A INPUT -p tcp --dport 59825 -j ACCEPT<BR># Anti DDOS<BR>/sbin/iptables -I INPUT -p tcp --syn -m ttl --ttl-eq 117 -j DROP<BR>/sbin/iptables -I INPUT -p tcp --syn -m length --length :40 -j DROP<BR><BR># chmod 755 /usr/local/sbin/fw.sh<BR># echo '/usr/local/sbin/fw.sh' >> /etc/rc.d/rc.local<BR># /usr/local/sbin/fw.sh<BR><BR>20、apachet和 php 优化设置<BR>对于访问量稍大的站点,Apache的这些默认配置是无法满足需求的,我们仍需调整Apache的一些参数,使Apache能够在大访问量环境下发挥出更好的性能。以下我们对Apache配置文件httpd.conf中对性能影响较大的参数进行一些说明。<BR>(1) Timeout 该参数指定Apache在接收请求或发送所请求内容之前的最长等待时间(秒),若超过该时间Apache则放弃处理该请求,并释放连接。该参数默认值为120,推荐设置为60,对于访问量较大的网站可以设置为30。<BR>(2) KeepAlive 该参数控制Apache是否允许在一个连接中有多个请求,默认打开。但对于大多数论坛类型站点来说,通常设置为off以关闭该支持。<BR>(3) MPM - prefork.c 在默认情况下Apache使用Prefork(进程)工作模式,可以说这部分的参数设置是对Apache性能影响的核心和关键。<BR>查看你的apache运行的模式:<BR># /usr/local/apache2/bin/httpd -l<BR>Compiled in modules:<BR>core.c<BR>prefork.c<BR>http_core.c<BR>mod_so.c<BR>然后用户可以在配置文档中找到以下配置段:<BR><IfModule prefork.c><BR>StartServers 5<BR>MinSpareServers 5<BR>MaxSpareServers 10<BR>MaxClients 15<BR>MaxRequestsPerChild 0<BR></IfModule><BR>这就是控制Apache进程工作的配置段,为了更好的理解上述配置中的各项参数,下面让我们先了解一下Apache是如何控制进程工作的。我们知道,在 Unix系统中,很多服务(Service)的守护进程(Daemon)在启动时会创建一个进程以准备应答可能的连接请求,服务即进入了端口监听状态,当一个来自客户端(Client)的请求被发送至服务所监听的端口时,该服务进程即会处理该请求,在处理过程中,该进程处于独占状态,也就是说如果此时有其他请求到达,这些请求只能“排队”等待当前请求处理完成且服务进程释放。这样就会导致越来越多的请求处于队列等待状态,实际表现就是该服务处理能力非常低下。Apache使用Prefork模式很好的解决了这一问题。下面我们来看看Apache实际上是如何高效率工作的。<BR>当Apache启动时,Apache会启动StartSpareServers个空闲进程同时准备接收处理请求,当多个请求到来时, StarSpareServers进行会越来越少,当空闲进程减少到MinSpareServers个时,Apache为了能够继续有充裕的进程处理请求,它会再启动StartsServers个进程备用,这样就大大减少了请求队列等待的可能,使得服务效率提高,这也是为什么叫做Pre-fork的原因;让我们继续跟踪Apache的工作,我们假设Apache已经启动了200个进程来处理请求,理论上来说,此时Apache一共有205个进程,而过了一段时间,假设有100个请求都得到了Apache的响应和处理,那么此时这100个进程就被释放成为空闲进程,那么此时Apache有105个空闲进程。而对于服务而言,启动太多的空闲进程时没有任何意义的,反而会降低服务器的整体性能,那么Apache真的会有105个空闲进程么?当然不会!实际上 Apache随时在检查自己,当发现有超过MaxSpareServers个空闲进程时,则会自动停止关闭一些进程,以保证空闲进程不过过多。说到这里,用户应该对Apache的工作方式有了一定的了解,如果想获得更多更详细的说明请参阅Apache手册文档。<BR>我们还有两个参数没有介绍:MaxClients和MaxRequestPerchild;MaxClients指定Apache在同一时间内最多允许有多少客户端能够与其连接,如果超过MaxClients个连接,客户端将会得到一个“服务器繁忙”的错误页面。我们看到默认情况下MaxClients设置为15,这对一些中型站点和大型站点显然是远远不够的!也许您需要同时允许512个客户端连接才能满足应用需求,好吧,那么就让我们把 MaxClients修改为512,保存httpd.conf并退出,重启Apache,很遗憾,在重启过程当中您看到了一些错误提示,Apache重启失败。错误提示中告诉您MaxClients最大只能设定为256,相信您一定很失望。不过不要沮丧,Apache作为世界一流的Web Server一定不会如此单薄的!在默认情况下,MaxClients的确只能设定为不超过256的整数,但是,如果您有需要完全可以随意定制,此时就需要使用ServerLimit参数来配合使用,简单的说ServerLimit就像是水桶,而MaxClients就像是水,您可以通过更换更大的水桶(将ServerLimit设定为一个较大值)来容纳更多的水(MaxClients),但要注意,MaxClients的设定数值是不能大于 ServerLimit的设定数值的!<BR>下面让我们了解一下MaxRequestPerChild参数,该参数指定一个连接进程中可以有多少个线程同时工作。也许这样解释过于专业,那么您只要想想“网络蚂蚁”、“网际快车FlashGet”中的“多点同时下载”即可,该参数实际上就是限制最多可以用几个“点”。默认设置为0,即为:不限制。但需要注意,如果将该值设置的过小会引起访问问题,如果没有特殊需要或者访问量压力并非很大可以保持默认值,如果访问量很大则推荐设置为2048。<BR>好了,解释了这么多,让我们看看经过修改后Perfork.c配置段的推荐配置:<BR><IfModule prefork.c><BR>StartServers 5<BR>MinSpareServers 5<BR>MaxSpareServers 10<BR>ServerLimit 1024<BR>MaxClients 768<BR>MaxRequestsPerChild 0<BR></IfModule><BR>完成了上述对Apache的调整,Apache已经获得了较大的性能改善。记住,在修改任何参数后都需要重启Apache才能生效的。有关Apache的优化远远不止这些,有兴趣的用户可以阅读Apache手册文档或者寻找一些文献资料学习。<BR>2. PHP优化对于PHP的优化主要是对php.ini中的相关主要参数进行合理调整和设置,以下我们就来看看php.ini中的一些对性能影响较大的参数应该如何设置。<BR># vi /etc/php.ini<BR>(1) PHP函数禁用找到:<BR>disable_functions =<BR>该选项可以设置哪些PHP函数是禁止使用的,PHP中有一些函数的风险性还是相当大的,可以直接执行一些系统级脚本命令,如果允许这些函数执行,当PHP程序出现漏洞时,损失是非常严重的!以下我们给出推荐的禁用函数设置:<BR>disable_functions = phpinfo,passthru,exec,system,popen,chroot,escapeshellcmd,escapeshellarg,shell_exec,proc_open,proc_get_status<BR>需注意:如果您的服务器中含有一些系统状态检测的PHP程序,则不要禁用shell_exec,proc_open,proc_get_status等函数。<BR>(2) PHP脚本执行时间找到:<BR>max_execution_time = 30<BR>该选项设定PHP程序的最大执行时间,如果一个PHP脚本被请求,且该PHP脚本在max_execution_time时间内没能执行完毕,则PHP不再继续执行,直接给客户端返回超时错误。没有特殊需要该选项可保持默认设置30秒,如果您的PHP脚本确实需要长执行时间则可以适当增大该时间设置。<BR>(3) PHP脚本处理内存占用找到:<BR>memory_limit = 8M<BR>该选项指定PHP脚本处理所能占用的最大内存,默认为8MB,如果您的服务器内存为1GB以上,则该选项可以设置为12MB以获得更快的PHP脚本处理效率。<BR>(4) PHP全局函数声明找到:<BR>register_globals = Off<BR>网络上很多关于PHP设置的文章都推荐将该选项设置为On,其实这是一种及其危险的设置方法,很可能引起严重的安全性问题。如果没有特殊的需要,强烈推荐保留默认设置!<BR>(5) PHP上传文件大小限制找到:<BR>upload_max_filesize = 2M<BR>该选项设定PHP所能允许最大上传文件大小,默认为2MB。根据实际应用需求,可以适当增大该设置。<BR>(6) Session存储介质找到:<BR>session.save_path<BR>如果你的PHP程序使用Session对话,则可以将Session存储位置设置为/dev/shm,/dev/shm是Linux系统独有的TMPFS 文件系统,是以内存为主要存储方式的文件系统,比RAMDISK更优秀,因为可以使用DISKSWAP作为补充,而且是系统自带的功能模块,不需要另行配置。想想看,从磁盘IO操作到内存操作,速度会快多少?只是需要注意,存储在/dev/shm的数据,在服务器重启后会全部丢失。不过这对于 Session来说是无足轻重的<BR>(7)找到short_open_tag = Off<BR>修改成short_open_tag = On,一些国内的php程序不标准,关闭可能会出错。<BR><BR>21、mysql优化及安全设置<BR>Mysql的优化设置<BR>打开/etc/my.cnf文件,修改以下设置,如果没有,可手动添加。调整设置时,请量力而行,这与你的服务器的配置有关,特别是内存大小。以下设置比较适合于1G内存的服务器,但并不绝对。<BR>#指定索引缓冲区的大小,它决定索引处理的速度,尤其是索引读的速度。通过检查状态值Key_read_requests和Key_reads,可以知道 key_buffer_size设置是否合理。比例key_reads / key_read_requests应该尽可能的低,至少是1:100,1:1000更好(上述状态值可以使用show status like 'key_reads'获得)。key_buffer_size只对MyISAM表起作用。即使你不使用MyISAM表,但是内部的临时磁盘表是 MyISAM表,也要使用该值。可以使用检查状态值created_tmp_disk_tables得知详情。<BR>key_buffer = 384M<BR>#要求MySQL能有的连接数量。当主要MySQL线程在一个很短时间内得到非常多的连接请求,这就起作用,然后主线程花些时间(尽管很短)检查连接并且启动一个新线程。back_log值指出在MySQL暂时停止回答新请求之前的短时间内多少个请求可以被存在堆栈中。只有如果期望在一个短时间内有很多连接,你需要增加它,换句话说,这值对到来的TCP/IP连接的侦听队列的大小。你的操作系统在这个队列大小上有它自己的限制。试图设定back_log高于你的操作系统的限制将是无效的。默认数值是50<BR>back_log = 200<BR>#一个包的最大尺寸。消息缓冲区被初始化为net_buffer_length字节,但是可在需要时增加到max_allowed_packet个字节。缺省地,该值太小必能捕捉大的(可能错误)包。如果你正在使用大的BLOB列,你必须增加该值。它应该象你想要使用的最大BLOB的那么大。<BR>max_allowed_packet = 4M<BR>#允许的同时客户的数量。增加该值增加 mysqld要求的文件描述符的数量。这个数字应该增加,否则,你将经常看到 Too many connections 错误。 默认数值是100<BR>max_connections = 1024<BR>#指定表高速缓存的大小。每当MySQL访问一个表时,如果在表缓冲区中还有空间,该表就被打开并放入其中,这样可以更快地访问表内容。通过检查峰值时间的状态值Open_tables和Opened_tables,可以决定是否需要增加table_cache的值。如果你发现open_tables等于 table_cache,并且opened_tables在不断增长,那么你就需要增加table_cache的值了(上述状态值可以使用show status like 'Open_tables'获得)。注意,不能盲目地把table_cache设置成很大的值。如果设置得太高,可能会造成文件描述符不足,从而造成性能不稳定或者连接失败。<BR>table_cache = 512<BR>#每个线程排序所需的缓冲<BR>sort_buffer_size = 4M<BR>#当一个查询不断地扫描某一个表,MySQL会为它分配一段内存缓冲区。read_buffer_size变量控制这一缓冲区的大小。如果你认为连续扫描进行得太慢,可以通过增加该变量值以及内存缓冲区大小提高其性能。<BR>read_buffer_size = 4M<BR>#加速排序操作后的读数据,提高读分类行的速度。如果正对远远大于可用内存的表执行GROUP BY或ORDER BY操作,应增加read_rnd_buffer_size的值以加速排序操作后面的行读取。仍然不明白这个选项的用处……<BR>read_rnd_buffer_size = 8M<BR>#用于REPAIR TABLE。不明白这个选项的用处,百度上找到的设置方向也是五花八门,有128M、64M、32M等,折中选一个。<BR>myisam_sort_buffer_size = 64M<BR>#可以复用的保存在中的线程的数量。如果有,新的线程从缓存中取得,当断开连接的时候如果有空间,客户的线置在缓存中。如果有很多新的线程,为了提高性能可以这个变量值。通过比较 Connections 和 Threads_created 状态的变量,可以看到这个变量的作用。<BR>thread_cache_size = 128<BR>#查询结果缓存。第一次执行某条SELECT语句的时候,服务器记住该查询的文本内容和它返回的结果。服务器下一次碰到这个语句的时候,它不会再次执行该语句。作为代替,它直接从查询缓存中的得到结果并把结果返回给客户端。<BR>query_cache_size = 32M<BR>#最大并发线程数,cpu数量*2<BR>thread_concurrency = 2<BR>#设置超时时间,能避免长连接<BR>wait_timeout = 120<BR>#关闭不需要的表类型,如果你需要,就不要加上这个<BR>skip-innodb<BR>skip-bdb<BR>关于mysql的优化设置及检查,这篇文章很值得一看 http://tech.itdb.cn/n/200607/27/n20060727_30398.shtml<BR>Mysql的安全设置<BR>打开/etc/my.cnf文件,修改以下设置,如果没有,可手动添加。<BR>#取消文件系统的外部锁<BR>skip-locking<BR>#不进行域名反解析,注意由此带来的权限/授权问题<BR>skip-name-resolve<BR>#禁止MySQL中用“LOAD DATA LOCAL INFILE”命令。这个命令会利用MySQL把本地文件读到数据库中,然后用户就可以非法获取敏感信息了。网络上流传的一些攻击方法中就有用它的,它也是很多新发现的SQL Injection攻击利用的手段!<BR>local-infile = 0<BR>#关闭远程连接,即3306端口。这是MySQL的默认监听端口。由于此处MySQL只服务于本地脚本,所以不需要远程连接。尽管MySQL内建的安全机制很严格,但监听一个TCP端口仍然是危险的行为,因为如果MySQL程序本身有问题,那么未授权的访问完全可以绕过MySQL的内建安全机制。(你必须确定,你是否真的不需要远程连接mysql)<BR>skip-networking<BR>修改完my.cnf后,还需要对mysql的用户名、帐号、及默认数据库进行调整<BR>首先先登录mysql,在终端窗口输入 /usr/local/mysql/bin/mysql -u root -p<BR>然后会提示输入密码,输入正确密码后,会出现mysql>提示符。<BR>输入以下命令:<BR>mysql>use mysql;<BR>mysql>update user set user="centos" where user="root"; (将mysql的root用户名修改成centos,防止root的密码被暴力破解)<BR>mysql>select Host,User,Password,Select_priv,Grant_priv from user;<BR>mysql>delete from user where user=''; (删除user用户)<BR>mysql>delete from user where password=''; (删除user用户)<BR>mysql>delete from user where host=''; (删除user用户)<BR>mysql>drop database test; (删除默认的test数据库)<BR>mysql>flush privileges; (刷新mysql的缓存,让以上设置立即生效)<BR>mysql>quit;<BR>为了使以上优化和安全设置生效,请重启Mysql服务或Linux。<BR>关于Mysql的安全设置,这篇文章很值得一看<BR>http://www.unixren.com/linux/bencandy.php?fid=21&id=459<BR><BR>22、操作系统安全调整<BR>1、 CentOS或Red Had Enterprise Linux 4 的用户要首先要打开SElinux,方法是修改/etc/selinux/config文件中的SELINUX="" 为enforcing 。它可以保证你的系统不会非正常的崩溃。有些人认为应该关闭,我强烈不推荐,当然只是将centos用来玩玩,不是用于实际服务器则无所谓了。<BR>2、启用iptables 防火墙,对增加系统安全有许多好处。设置好防火墙的规则。<BR>3、执行setup 关闭那些不需要的服务 ,记住少开一个服务,就少一个危险。<BR>4、禁止Control-Alt-Delete 键盘关闭命令<BR>在"/etc/inittab" 文件中注释掉下面这行(使用#):<BR>ca::ctrlaltdel:/sbin/shutdown -t3 -r now <BR>改为:<BR>#ca::ctrlaltdel:/sbin/shutdown -t3 -r now <BR>为了使这项改动起作用,输入下面这个命令:<BR># /sbin/init q<BR>5、给"/etc/rc.d/init.d" 下script文件设置权限<BR>给执行或关闭启动时执行的程序的script文件设置权限。<BR># chmod -R 700 /etc/rc.d/init.d/* <BR>这表示只有root才允许读、写、执行该目录下的script文件。<BR>6、修改"/etc/host.conf"文件<BR>"/etc/host.conf"说明了如何解析地址。编辑"/etc/host.conf"文件(vi /etc/host.conf),加入下面这行:<BR># Lookup names via DNS first then fall back to /etc/hosts. <BR>order bind,hosts <BR># We have machines with multiple IP addresses. <BR>multi on <BR># Check for IP address spoofing. <BR>nospoof on <BR>第一项设置首先通过DNS解析IP地址,然后通过hosts文件解析。第二项设置检测是否"/etc/hosts"文件中的主机是否拥有多个IP地址(比如有多个以太口网卡)。第三项设置说明要注意对本机未经许可的电子欺骗。<BR>7、使"/etc/services"文件免疫<BR>使"/etc/services"文件免疫,防止未经许可的删除或添加服务:<BR># chattr +i /etc/services<BR>8.阻止你的系统响应任何从外部/内部来的ping请求。<BR>既然没有人能ping通你的机器并收到响应,你可以大大增强你的站点的安全性。你可以加下面的一行命令到/etc/rc.d/rc.local,以使每次启动后自动运行。<BR>echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all<BR>9、对你的系统上所有的用户设置资源限制可以防止DoS类型攻击(denial of service attacks)<BR>如最大进程数,内存数量等。例如,对所有用户的限制象下面这样:<BR>vi /etc/security/limits.conf<BR>下面的代码示例中,所有用户每个会话都限制在 10 MB,并允许同时有四个登录。第三行禁用了每个人的内核转储。第四行除去了用户 bin 的所有限制。ftp 允许有 10 个并发会话(对匿名 ftp 帐号尤其实用);managers 组的成员的进程数目限制为 40 个。developers 有 64 MB 的 memlock 限制,wwwusers 的成员不能创建大于 50 MB 的文件。<BR>清单 3. 设置配额和限制<BR>* hard rss 10000<BR>* hard maxlogins 4<BR>* hard core 0<BR>bin -<BR>ftp hard maxlogins 10<BR>@managers hard nproc 40<BR>@developers hard memlock 64000<BR>@wwwusers hard fsize 50000<BR>要激活这些限制,您需要在 /etc/pam.d/login 底部添加下面一行: session required /lib/security/pam_limits.so。<BR>10、注释掉不需要的用户和用户组。<BR>vipw<BR>root:x:0:0:root:/root:/bin/bash<BR>bin:x:1:1:bin:/bin:/sbin/nologin<BR>daemon:x:2:2:daemon:/sbin:/sbin/nologin<BR>adm:x:3:4:adm:/var/adm:/sbin/nologin<BR>lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin<BR>sync:x:5:0:sync:/sbin:/bin/sync<BR>shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown<BR>halt:x:7:0:halt:/sbin:/sbin/halt<BR>mail:x:8:12:mail:/var/spool/mail:/sbin/nologin<BR>news:x:9:13:news:/etc/news:<BR>uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin<BR>operator:x:11:0:operator:/root:/sbin/nologin<BR>games:x:12:100:games:/usr/games:/sbin/nologin<BR>gopher:x:13:30:gopher:/var/gopher:/sbin/nologin<BR>ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin<BR>nobody:x:99:99:Nobody:/:/sbin/nologin<BR>dbus:x:81:81:System message bus:/:/sbin/nologin<BR>vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin<BR>rpm:x:37:37::/var/lib/rpm:/sbin/nologin<BR>haldaemon:x:68:68:HAL daemon:/:/sbin/nologin<BR>netdump:x:34:34:Network Crash Dump user:/var/crash:/bin/bash<BR>nscd:x:28:28:NSCD Daemon:/:/sbin/nologin<BR>sshd:x:74:74:Privilerpc:x:32:32:Portmapper RPC user:/:/sbin/nologin<BR>rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin<BR>nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin<BR>mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin<BR>smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin<BR>pcap:x:77:77::/var/arpwatch:/sbin/nologin<BR>xfs:x:43:43:X Font Server:/etc/X11/fs:/sbin/nologin<BR>ntp:x:38:38::/etc/ntp:/sbin/nologin<BR>gdm:x:42:42::/var/gdm:/sbin/nologin<BR>pegasus:x:66:65:tog-pegasus OpenPegasus WBEM/CIM services:/var/lib/Pegasus:/sbin/nologin<BR>htt:x:100:101:IIIMF Htt:/usr/lib/im:/sbin/nologin<BR>wangjing:x:500:500::/home/wangjing:/bin/bash<BR>mysql:x:101:102:MySQL server:/var/lib/mysql:/bin/bash<BR>apache:x:48:48:Apache:/var/www:/sbin/nologin<BR>ge-separated SSH:/var/empty/sshd:/sbin/nologin<BR>对于不需要的用户全部加 # 注释掉。注意,我不建议直接删除,当你某种原因需要某个用户时,自己重新会很麻烦。<BR>vi /etc/group<BR>root:x:0:root<BR>bin:x:1:root,bin,daemon<BR>daemon:x:2:root,bin,daemon<BR>sys:x:3:root,bin,adm<BR>adm:x:4:root,adm,daemon<BR>tty:x:5:<BR>disk:x:6:root<BR>lp:x:7:daemon,lp<BR>mem:x:8:<BR>kmem:x:9:<BR>wheel:x:10:root<BR>mail:x:12:mail<BR>news:x:13:news<BR>uucp:x:14:uucp<BR>man:x:15:<BR>games:x:20:<BR>gopher:x:30:<BR>dip:x:40:<BR>ftp:x:50:<BR>lock:x:54:<BR>nobody:x:99:<BR>users:x:100:<BR>dbus:x:81:<BR>floppy:x:19:<BR>vcsa:x:69:<BR>rpm:x:37:<BR>haldaemon:x:68:<BR>utmp:x:22:<BR>netdump:x:34:<BR>nscd:x:28:<BR>slocate:x:21:<BR>sshd:x:74:<BR>rpc:x:32:<BR>rpcuser:x:29:<BR>nfsnobody:x:65534:<BR>mailnull:x:47:<BR>smmsp:x:51:<BR>pcap:x:77:<BR>xfs:x:43:<BR>ntp:x:38:<BR>gdm:x:42:<BR>pegasus:x:65:<BR>htt:x:101:<BR>wangjing:x:500:<BR>mysql:x:102:<BR>apache:x:48:<BR>对于不需要的用户组全部加 # 注释掉。注意,我不建议直接删除,当你某种原因需要某个用户组时,自己重新会很麻烦。<BR>11、用chattr命令给下面的文件加上不可更改属性。<BR># chattr +i /etc/passwd<BR># chattr +i /etc/shadow<BR># chattr +i /etc/group<BR># chattr +i /etc/gshadow<BR>注意执行这个操作后,以root身份都不能向系统增加用户或者修改密码了。如果我们要增加用户或者修改密码的。应该先用chattr -i /etc/passwd等命令解除不可写设置,再进行操作。<BR>12、修改sshd的端口。<BR>修改/etc/ssh/sshd_config,将里面的 Port 改为 59825,(具体的端口你随意。当然不能和其他程序的端口冲突了)。并注释掉前面的#号,然后<BR>pkill sshd<BR>service sshd start<BR>就行了<BR>注意最好在本地修改这个端口,否则容易出现把自己锁在外面的情况。修改了本处端口后,还要注意修改防火墙的ssh端口。<BR>13、 内核参数调整<BR>vi /etc/sysctl.conf<BR>net.ipv4.conf.default.accept_source_route=0<BR>net.ipv4.icmp_echo_ignore_broadcasts=1<BR>#net.ipv4.icmp_echo_ignore_all=1<BR>net.ipv4.icmp_ignore_bogus_error_responses=1<BR>net.ipv4.ip_conntrack_max=65535<BR>net.ipv4.tcp_syn_retries=1<BR>net.ipv4.tcp_fin_timeout=5<BR>net.ipv4.tcp_synack_retries=1<BR>net.ipv4.tcp_syncookies=1<BR>net.ipv4.route.gc_timeout=100<BR>net.ipv4.tcp_keepalive_time=500<BR>net.ipv4.tcp_max_syn_backlog=10000<BR># sysctl -p //查看<BR>14、经常检查系统日志。系统日志主要位于/var/log/目录下。防患于未然。<BR>通过以上设置你的系统一般来说就比较安全了。当然安全与不安全是道与魔的斗争。<BR>经过这几个步骤,我们一个比较安全的LAMP服务器就环境基本建立成功啦。感觉上也不是很难,是吧?<BR><BR>六、日常常用的管理功能<BR># cd /usr/local/src<BR># wget ftp://ftp.ncftp.com/ncftp/ncftp-3.2.1-src.tar.gz<BR># tar zxvf ncftp-3.2.1-src.tar.gz<BR># cd ncftp-3.2.1-src<BR># ./configure --prefix=/usr/local/ncftp<BR># make && make install<BR><BR>23、mysql数据库自动备份并上传到服务器<BR>服务器数据的备份<BR>1、数据备份<BR>为了防止意外情况的发生造成数据的丢失,关键数据或整个系统或对有选择的系统部分,在本地和异地进行定时备份,以保证系统全部或部分在灾害出现时也能持续运行。<BR>2、具体方案<BR>1)、数据库每日备份<BR>每天4:00,将Cnprintbbs数据库拷贝至/root/back后进行压缩,然后上传至192.168.1.9服务器上,/root/back留有压缩版本。<BR>运行脚本/root/scripts/back.sh<BR>例子:<BR>#!/bin/bash<BR>rm /root/back/Cnprintbbs/* -rf<BR>/usr/local/mysql/bin/mysqlhotcopy Cnprintbbs /root/back/Cnprintbbs -u root -p uefer77693<BR>sleep 5<BR>cd /root/back<BR>tar zcf `hostname`-Cnprintbbs`date +%Y%m%d`.tar.gz Cnprintbbs<BR>sleep 5<BR>echo "tar ok!"<BR>/usr/local/ncftp/bin/ncftpput -u gamebak -p gamebak@root 192.168.1.9 / /root/back/`hostname`-Cnprintbbs`date +%Y%m%d`.tar.gz<BR>sleep 10<BR>echo "upload Cnprintbbs ok!"<BR>保存,并设置计划任务。<BR># crontab -e<BR>增加一行:<BR>00 4 * * * /root/scripts/back.sh<BR>每天凌晨4点将自动备份数据库并上传。<BR>2)、数据库即时备份<BR>每隔1小时,将Cnprintbbs数据库拷贝至/root/back/hour目录进行备份,然后将压缩文件传给特定服务器。<BR>例子:<BR>#!/bin/bash<BR>hottime=`date +%Y%m%d%H%M`<BR>mkdir /root/back/hour/Cnprintbbs"$hottime"<BR>/usr/local/mysql/bin/mysqlhotcopy Cnprintbbs /root/back/hour/Cnprintbbs"$hottime" -u root -p uefer77693<BR>sleep 5<BR>cd /root/back/hour<BR>tar zcf `hostname`-Cnprintbbs"$hottime".tar.gz Cnprintbbs"$hottime"<BR>sleep 5<BR>echo "tar ok!"<BR>/usr/local/ncftp/bin/ncftpput -u backupdb -p backupdb 192.168.102.119 / /root/back/hour/`hostname`-Cnprintbbs"$hottime".tar.gz<BR>sleep 20<BR>echo "upload Cnprintbbs ok!"<BR>rm `hostname`-Cnprintbbs"$hottime".tar.gz -f<BR>3)、日志备份<BR>每天02:00,将/log/下前一天的日志,进行压缩,然后上传至192.168.9.1服务器。<BR>运行脚本/root/scripts/upload_daily<BR>例子:<BR>#!/bin/bash<BR>cd /log/<BR>mkdir log`date --date '1 days ago' +%Y%m%d`<BR>mv *.log.`date --date '1 days ago' +%y%m%d`-* log`date --date '1 days ago' +%Y%m%d`<BR>sleep 10<BR>tar zcvf `hostname`-log`date --date '1 days ago' +%Y%m%d`.tar.gz log`date --date '1 days ago' +%Y%m%d`<BR>/usr/local/ncftp/bin/ncftpput -u log -p log@root 218.80.198.234 / /log/`hostname`-log`date --date '1 days ago' +%Y%m%d`.tar.gz<BR>rm `hostname`-log`date --date '1 days ago' +%Y%m%d`.tar.gz<BR>注:计划任务通过/etc/crontab –e来进行设置<BR>4)、即时日志备份<BR>直接运行/home/root/tools/upload 将最新日志上传至192.168.1.9服务器,方便研发部门查看。<BR>运行脚本/home/root/tools/upload,(如果所有服务器的日志都需要上传,可以运行网关服务器上的/home/root/tools/allupload)<BR>24、Squid缓存删除及重启<BR>1. squid使用时间长了,速度会变慢,我的建议是每2小时kill掉squid 进程,RunAccel脚本会自动再启动的它。<BR>2. 写一脚本,放进crontab中,每天凌晨4点左右把cache目录清空。<BR>#!/bin/sh<BR># squid clean swap and restart scrīpt by marco lu<BR>SQUID_DIR=/usr/local/squid/<BR>PID_FILE=${SQUID_DIR}var/logs/squid.pid<BR>CACHE_DIR=${SQUID_DIR}var/cache<BR>PPID=`ps aux | grep -i squid | grep -v grep|awk '{print $2}'`<BR>kill -9 ${PPID} > /dev/null<BR>kill -9 `cat ${PID_FILE}` > /dev/null<BR>rm -rf $CACHE_DIR/*<BR>${SQUID_DIR}sbin/squid -z > /dev/null<BR>if [ $? -eq 0 ]<BR>then<BR>${SQUID_DIR}bin/RunAccel & > /dev/null<BR>fi<BR>七、安装vBulletin 3.6.8和vBseo 3.1.0<BR>vBulletin和vbseo 3.0.1都是商业软件,本地址的下载链接仅供试用,请于下载后24小时内删除,购买正版请联系相应官方。<BR>25、安装vBulletin 3.6.8<BR>vBulletin 是一个强大的论坛社区解决方案,使用它您可以轻易为您的网站创建论坛系统。vBulletin 基于 PHP 和 MySQL (一个高效开源的数据库引擎)。这些坚固后台技术使我们开发的产品有着不同凡响的速度和可靠的稳定性。<BR>wget http://www.cnprint.org/bbs/blogs/1/attachments/14d1194582909-phpforce_vbulletin3.6.8_patch2_zhplus3.1.5_vb1234567890.zip<BR>安装教程请见:http://www.vbulletin-china.cn/docs/html?manualversion=30608602<BR>特别提醒:请打开config.php有关memcache设置。<BR>26、安装vBseo 3.1.0<BR>vBSEO为vBulletin(最流行的网站论坛)搜索优化程序, 用它可很容易地为你的vBulletin网站提供强大的搜索功能。<BR>下载vBseo安装程序:<BR>wget http://www.cnprint.org/bbs/blogs/1/attachments/23d1195552798-vbseo.v3.1.0.for.vbulletin.3.x.php.nullified.incl.keygen-gysn.zip<BR>1、打开vBseo压缩包,解压缩,FTP以二进制方式上传upload文件夹下所有文件及目录至vbb对应目录。<BR>2、Linux系统下需首先修改"vB-root/includes/config_vbseo.php" 文件属性为可写(CHMOD 666)<BR>3、确认vbb控制台启动插件功能, 在插件与产品栏目--产品管理--添加/管理产品,import导入'Product'目录中的crawlability_vbseo.xml (如果中文UTF-8版个别情况下导入错误则可以把此文件用编辑软件另存为utf-8编码),产品添加完毕。<BR>4、将'htaccess'目录中.htaccess 文件上传至论坛根目录,有些操作系统下.htaccess 不可见,这时可以只将htaccess.txt文件上传到vbb根目录,删除刚才上传的.htaccess文件,将刚才上传的txt文件更名为. htaccess。<BR>5、在浏览器中输入http: //你的网址/你的VBB目录/vbseocp.php配置你的vbseo,输入两次你的Vbseo管理面板密码,也可以事先编辑upload\ includes\config_vbseo.php文件,在define('VBSEO_ADMIN_PASSWORD', 'ABC')中加入你想要的管理密码(就在后面的引号中间加入,比如ABC)。<BR>6、vbseo管理界面下如果需要输入授权码请用附带的keygen为你的Domain算号并拷贝32位授权码即可,配置完毕后将第二步中'config_vbseo.php' 文件属性改回只读(CHMOD 644)<BR>7、开始使用你的VBSEO,第一次安装以后可以直接通过VBB后台进入Vbseo管理界面。<BR>8、如果有必要,将htacess规则移到httpd.conf中。可以大大降低apache的负载。<BR>NameVirtualHost *:80<BR><VirtualHost *:80><BR>ServerName www.cnprint.org<BR>DocumentRoot "/usr/local/apache2/htdocs"<BR>#ErrorLog logs/error_log<BR># CustomLog logs/access_log combined<BR></VirtualHost><BR><Directory "/usr/local/apache2/htdocs"><BR>Options Indexes FollowSymLinks<BR>AllowOverride none<BR>Order allow,deny<BR>Allow from all<BR></Directory><BR><Directory "/usr/local/apache2/htdocs/bbs"><BR>Options Indexes FollowSymLinks<BR>AllowOverride all<BR>RewriteEngine On<BR>#RewriteBase /bbs<BR>RewriteCond %{HTTP_HOST} !^www\.cnprint\.org<BR>RewriteRule (.*) http://www.cnprint.org/bbs/$1 [L,R=301]<BR>#RewriteRule ^((urllist|sitemap_).*\.(xml|txt)(\.gz)?)$ vbseo_sitemap/vbseo_getsitemap.php?sitemap=$1 [L]<BR>RewriteCond %{QUERY_STRING} !vbseourl=<BR>RewriteCond %{REQUEST_URI} !(admincp/|modcp/|chat|cron)<BR>RewriteRule ^(.*\.php)$ vbseo.php?vbseourl=$1 [L,QSA]<BR>RewriteCond %{REQUEST_FILENAME} !\.(jpg|gif)$<BR>RewriteRule ^(archive/.*)$ vbseo.php?vbseourl=$1 [L,QSA]<BR>RewriteCond %{REQUEST_FILENAME} !-f<BR>RewriteCond %{REQUEST_FILENAME} !-d<BR>RewriteCond %{REQUEST_FILENAME} !^(admincp|modcp|clientscript|cpstyles|images)/<BR>RewriteRule ^(.+)$ vbseo.php?vbseourl=$1 [L,QSA]<BR>Order allow,deny<BR>Allow from all<BR></Directory></DIV><!-- attachments --> <DIV style="MARGIN-TOP: 10px"> <FIELDSET class=fieldset><LEGEND>上传的附件</LEGEND> <TABLE cellSpacing=3 cellPadding=0 border=0> <TBODY> <TR> <TD><IMG class=inlineimg title="文件类型: doc" style="VERTICAL-ALIGN: baseline" height=16 alt="文件类型: doc" src="http://www.cnprint.org/bbs/images/attach/doc.gif" width=16 border=0></TD> <TD><A href="http://www.cnprint.org/bbs/blogs/1/attachments/18d1194784473-v3.doc"><FONT color=#215ca1>V3.doc</FONT></A> (306.5 KB, 136 次查看)</TD></TR></TBODY></TABLE></FIELDSET> </DIV><!-- / attachments --> <DIV class="alt2 smallfont" style="PADDING-RIGHT: 6px; MARGIN-TOP: 1px; PADDING-LEFT: 6px; PADDING-BOTTOM: 6px; PADDING-TOP: 6px; TEXT-ALIGN: right"> <DIV style="FLOAT: left"><SPAN class=shade><FONT color=#777777>发表在</FONT></SPAN> <A href="http://www.cnprint.org/bbs/blogs/1/category4/"><FONT color=#215ca1>Linux</FONT></A>, <A href="http://www.cnprint.org/bbs/blogs/1/category5/"><FONT color=#215ca1>vBulletin</FONT></A></DIV><SPAN class=shade><A class=shade href="http://www.cnprint.org/bbs/blogs/1/blog66.html#comments"><FONT color=#777777>评论</FONT></A></SPAN> <SPAN id=commentcount1>0</SPAN> <A href="http://www.cnprint.org/bbs/blog.php?do=sendtofriend&b=66" rel=nofollow><IMG class=inlineimg title=Email文章 alt=Email文章 src="http://www.cnprint.org/bbs/images/misc/blog/email_go.gif" border=0></A> </DIV> <DIV class=cleardiv style="MARGIN-TOP: 24px"></DIV> <DIV class=smallfont style="FLOAT: right"><SPAN class=shade><FONT color=#777777>评论总数</FONT></SPAN> <SPAN id=commentcount2>0</SPAN></DIV> <H2 id=comments_heading style="FONT-SIZE: 12pt; MARGIN-BOTTOM: 6px"><A name=comments></A>评论</H2> <DIV id=lastcommentdiv></DIV> <TABLE cellSpacing=0 cellPadding=1 width="100%" border=0> <TBODY> <TR vAlign=top> <TD class=smallfont> </TD></TR></TBODY></TABLE> <DIV class=tborder style="MARGIN-TOP: 24px"> <DIV class=thead style="MARGIN: 1px">作者为 wangyu1314 的最新文章 </DIV> <UL class="alt1 nobullets smallfont" style="PADDING-RIGHT: 6px; PADDING-LEFT: 6px; PADDING-BOTTOM: 6px; MARGIN: 0px 1px 1px; PADDING-TOP: 6px"> <LI class=smallfont style="MARGIN-BOTTOM: 6px"><A href="http://www.cnprint.org/bbs/blogs/1/blog103.html"><FONT color=#215ca1>rhel 5.x 将YUM指定为光盘--yum配置格式示例</FONT></A> <SPAN class="smallfont shade"><FONT color=#777777>(2007-12-13)</FONT></SPAN> <LI class=smallfont style="MARGIN-BOTTOM: 6px"><A href="http://www.cnprint.org/bbs/blogs/1/blog101.html"><FONT color=#215ca1>Nginx 0.5.33 + PHP 5.2.5(FastCGI)搭建胜过Apache 10倍的Web服务器(第2版)[原创]</FONT></A> <SPAN class="smallfont shade"><FONT color=#777777>(2007-12-07)</FONT></SPAN> <LI class=smallfont style="MARGIN-BOTTOM: 6px"><A href="http://www.cnprint.org/bbs/blogs/1/blog58.html"><FONT color=#215ca1>一个未经实际运用测试的mysql 5.0编译参数</FONT></A> <SPAN class="smallfont shade"><FONT color=#777777>(2007-12-07)</FONT></SPAN> <LI class=smallfont style="MARGIN-BOTTOM: 6px"><A href="http://www.cnprint.org/bbs/blogs/1/blog99.html"><FONT color=#215ca1>用rsync实现网站镜像和备份</FONT></A> <SPAN class="smallfont shade"><FONT color=#777777>(2007-11-30)</FONT></SPAN> </LI></UL></DIV></DIV>
查看全文
发表于:2007-12-29 ┆
阅读(819)
┆
评论(0)
CenTOS 5下面用自带的RPM包安装基于Postfix的邮件系统(MySQL)
<DIV> <DIV id=cutoolbar width="100%" height="25"><IFRAME border=0 src="/toolbar.php" frameBorder=0 width="100%" scrolling=no height=25></IFRAME></DIV> <SCRIPT src="/js/toolbar.js"></SCRIPT> <CENTER> <TABLE class=tabletop style="BORDER-COLLAPSE: collapse" height=130 cellSpacing=0 cellPadding=0 width=760 bgColor=#ffffff background=../../templates/default/images/bg_top.gif border=0> <TBODY> <TR> <TD align=middle width=500> <TABLE style="BORDER-COLLAPSE: collapse" borderColor=#2870c7 cellSpacing=0 cellPadding=0 border=1> <TBODY> <TR> <TD bgColor=#ecfdfd> <P style="MARGIN: 5px; LINE-HEIGHT: 150%"><FONT style="FONT-SIZE: 12pt" color=#1e8dc5><B>ruochen</B></FONT></P></TD></TR></TBODY></TABLE></TD> <TD width=260></TD></TR></TBODY></TABLE> <TABLE style="BORDER-COLLAPSE: collapse" height=27 cellSpacing=0 cellPadding=0 width=760 background=../../templates/default/images/bg_menu.gif border=0> <TBODY> <TR> <TD align=right><A class=list1 href="http://blog.chinaunix.net/u/3675/index.php"><U><FONT color=#800080>首页</FONT></U></A> | <A class=list1 href="http://blog.chinaunix.net/u/3675/article.php"><U><FONT color=#0000ff>文章</FONT></U></A> | <A class=list1 href="http://blog.chinaunix.net/u/3675/photo.php"><U><FONT color=#0000ff>相册</FONT></U></A> | <A class=list1 href="http://blog.chinaunix.net/u/3675/links.php"><U><FONT color=#0000ff>收藏夹</FONT></U></A> | <A class=list1 href="http://blog.chinaunix.net/u/3675/guestbook.php"><U><FONT color=#0000ff>留言</FONT></U></A> </TD> <TD width=10></TD></TR></TBODY></TABLE> <TABLE style="BORDER-COLLAPSE: collapse; WORD-WRAP: break-word" cellSpacing=0 cellPadding=0 width=760 bgColor=#ffffff border=0> <TBODY> <TR> <TD align=middle height=25><FONT style="FONT-SIZE: 14pt" color=#02368d><B>CenTOS 5下面用自带的RPM包安装基于Postfix的邮件系统(MySQL)</B></FONT><BR></TD></TR> <TR> <TD align=middle height=9><IMG height=9 alt="" src="http://blog.chinaunix.net/templates/default/images/right_line.gif" width=502 border=0></TD></TR> <TR> <TD align=middle> <TABLE style="BORDER-COLLAPSE: collapse; WORD-WRAP: break-word" cellSpacing=0 cellPadding=0 width=740 border=0> <TBODY> <TR> <TD width=740> <DIV id=art style="MARGIN: 15px; LINE-HEIGHT: 150%" width="560"> <P><STRONG>CenTOS 5下面用自带的RPM包安装基于Postfix的邮件系统(MySQL)</STRONG><BR>(Postfix+Mysql+Dovecot+Extmail+Extman+Mailscanner+Spamassassin+Clamav)<BR>Author:汪洋<BR>Nickname:ruochen / ruochen0926<BR>Date:20070927<BR>Version:1.0<BR>Contact: E-Mail:yang_wang(at)sae.com.hk QQ:967409<BR>Blog:http://ruochen.cublog.cn/<BR>Note:参考了网上很多网友的帖子,都比较零散,不一一列出,如果在安装或者使用过程中有疑问,请到我的blog跟帖,我会尽快回复</P> <P><BR>目录:<BR>目标:配置一个功能齐全的Mail系统<BR>1)安装需要的软件包<BR>2)DNS相关配置<BR>2.1)建立正向反向和MX记录<BR>2.2)测试DNS配置<BR>3)安装Postfix<BR>4)配置Postfix<BR>4.1)配置Postfix的主配置文件 /etc/postfix/main.cf<BR>4.2)配置Postfix虚拟用户的配置文件<BR>5)配置dovecot (IMAP/IMAPS/POP3/POP3S)<BR>5.1)配置dovecot的主配置文件/etc/dovecot.conf<BR>5.2)配置dovecot的mysql认证配置文件<BR>6)测试发信认证及收信<BR>6.1)LOGIN登录测试<BR>6.2)pop3收信测试<BR>7)安装Extmail-1.0.2<BR>7.1)解压安装<BR>7.2)修改Extmail主配置文件<BR>7.3)APACHE相关配置<BR>7.4)Extmail依赖关系的解决<BR>8)安装Extman-0.2.2<BR>8.1)解压安装<BR>8.2)修改Extman的主配置文件<BR>8.3)APACHE相关配置<BR>9)开启Apache/Mysql/Bind,并让他们自启动<BR>10)安装反垃圾SpamAssassin<BR>11)安装反病毒Clamav<BR>12)安装MailScanner</P> <P> </P> <P>1)安装需要的软件包<BR>Mysql部分<BR>[root@mailtest /]# rpm -qa|grep mysql<BR>mysql-connector-odbc-3.51.12-2.2<BR>mysql-devel-5.0.22-2.1<BR>mysql-server-5.0.22-2.1<BR>mod_auth_mysql-3.0.0-3.1<BR>php-mysql-5.1.6-15.el5<BR>mysql-5.0.22-2.1<BR>libdbi-dbd-mysql-0.8.1a-1.2.2</P> <P><BR>Http部分<BR>[root@mailtest /]# rpm -qa|grep http<BR>httpd-2.2.3-6.el5.centos.1</P> <P>Php部分<BR>[root@mailtest /]# rpm -qa|grep php<BR>php-mysql-5.1.6-5.el5<BR>php-5.1.6-5.el5<BR>php-mbstring-5.1.6-5.el5<BR>php-common-5.1.6-5.el5<BR>php-cli-5.1.6-5.el5<BR>php-pdo-5.1.6-5.el5<BR>php-gd-5.1.6-5.el5</P> <P><BR>Perl部分<BR>[root@mailtest noarch]# rpm -qa|grep perl<BR>perl-HTML-Tagset-3.10-2.1.1<BR>perl-Digest-HMAC-1.01-15<BR>perl-HTML-Parser-3.56-1<BR>perl-Sys-Hostname-Long-1.4-1<BR>perl-Net-DNS-0.59-1.fc6<BR>perl-XML-SAX-0.14-5<BR>perl-IO-stringy-2.108-1<BR>perl-DBI-1.56-1<BR>perl-5.8.8-10<BR>mod_perl-2.0.2-6.1<BR>perl-Socket6-0.19-3.fc6<BR>perl-IO-Socket-INET6-2.51-2.fc6<BR>perl-IO-String-1.08-1.1.1<BR>perl-Convert-ASN1-0.20-1.1<BR>perl-TimeDate-1.16-3<BR>perl-MIME-tools-5.420-1<BR>perl-DBD-SQLite-1.13-1<BR>perl-BSD-Resource-1.28-1.fc6.1<BR>perl-DBD-MySQL-3.0007-1.fc6<BR>perl-IO-Zlib-1.04-4.2.1<BR>perl-Digest-SHA1-2.11-1.2.1<BR>perl-Archive-Tar-1.30-1.fc6<BR>perl-IO-Socket-SSL-1.01-1.fc6<BR>perl-LDAP-0.33-3.fc6<BR>perl-libwww-perl-5.805-1.1.1<BR>perl-MailTools-1.71-1<BR>perl-Convert-TNEF-0.17-1<BR>perl-Filesys-Df-0.90-1<BR>perl-URI-1.35-3<BR>perl-Compress-Zlib-1.42-1.fc6<BR>perl-Net-IP-1.25-2.fc6<BR>perl-XML-NamespaceSupport-1.09-1.2.1<BR>perl-Net-CIDR-0.11-1<BR>perl-Archive-Zip-1.16-1<BR>perl-String-CRC32-1.4-2.fc6<BR>perl-Net-SSLeay-1.30-4.fc6<BR>perl-Convert-BinHex-1.119-2</P> <P><BR>Spamassassin部分<BR>[root@mailtest /]# rpm -qa|grep spamassassin<BR>spamassassin-3.1.7-4.el5</P> <P><BR>Dovecot部分<BR>[root@mailtest /]# rpm -qa|grep dovecot<BR>dovecot-1.0-1.2.rc15.el5 #imap imaps pop3 pop3s</P> <P><BR>Cyrus-sasl部分<BR>[root@mailtest /]# rpm -qa|grep cyrus-sasl<BR>cyrus-sasl-lib-2.1.22-4<BR>cyrus-sasl-plain-2.1.22-4<BR>cyrus-sasl-devel-2.1.22-4<BR>cyrus-sasl-2.1.22-4<BR>cyrus-sasl-md5-2.1.22-4<BR>cyrus-sasl-sql-2.1.22-4</P> <P> </P> <P>Spamassassin所依赖的包<BR>perl-Archive-Tar-1.30-1.fc6.noarch.rpm <BR>perl-IO-Socket-SSL-1.01-1.fc6.noarch.rpm<BR>perl-Compress-Zlib-1.42-1.fc6.i386.rpm <BR>perl-IO-Zlib-1.04-4.2.1.noarch.rpm<BR>perl-Digest-HMAC-1.01-15.noarch.rpm <BR>perl-Net-DNS-0.59-1.fc6.i386.rpm<BR>perl-Digest-SHA1-2.11-1.2.1.i386.rpm <BR>perl-Net-IP-1.25-2.fc6.noarch.rpm<BR>perl-HTML-Parser-3.55-1.fc6.i386.rpm <BR>perl-Net-SSLeay-1.30-4.fc6.i386.rpm<BR>perl-HTML-Tagset-3.10-2.1.1.noarch.rpm <BR>perl-Socket6-0.19-3.fc6.i386.rpm<BR>perl-IO-Socket-INET6-2.51-2.fc6.noarch.rpm </P> <P> </P> <P>Postfix所依赖的包<BR>db4-devel-4.3.29-9.fc6.i386.rpm<BR>e2fsprogs-devel-1.39-8.el5.i386.rpm<BR>krb5-devel-1.5-17.i386.rpm<BR>zlib-devel-1.2.3-3.i386.rpm<BR>openssl-devel-0.9.8b-8.3.el5.i386.rpm<BR>mysql-devel-5.0.22-2.1.i386.rpm<BR>cyrus-sasl-devel-2.1.22-4.i386.rpm</P> <P><BR>gcc所依赖的包<BR>libgomp-4.1.1-52.el5.i386.rpm<BR>gcc-4.1.1-52.el5.i386.rpm</P> <P>其他软件包<BR>perl-libwww-perl-5.805-1.1.1.noarch.rpm<BR>avahi-compat-howl-0.6.16-1.el5.i386.rpm<BR>openldap-servers-sql-2.3.27-5.i386.rpm<BR>perl-LDAP-0.33-3.fc6.noarch.rpm<BR>kernel-devel-2.6.18-8.el5.i686.rpm<BR>elfutils-libelf-0.125-3.el5.i386.rpm<BR>elfutils-libelf-devel-0.125-3.el5.i386.rpm<BR>rpm-build-4.4.2-37.el5.i386.rpm</P> <P>建议安装与系统管理相关的两个包<BR>nmap-4.11-1.1.i386.rpm<BR>sysstat-7.0.0-3.el5.i386.rpm<BR>下面的两个软件包用于clamav的数字签名<BR>gmp-devel-4.1.4-10.el5<BR>gmp-4.1.4-10.el5</P> <P> </P> <P>2)DNS相关配置<BR>2.1)建立正向反向和MX记录<BR>[root@mailtest ~]# cat /var/named/named.test.hk<BR>$TTL 86400<BR>@ IN SOA test.hk. test1.test.hk (<BR> 1997022700 ; Serial<BR> 28800 ; Refresh<BR> 14400 ; Retry<BR> 3600000 ; Expire<BR> 86400 ) ; Minimum<BR> IN NS mailtest<BR>test.hk. IN MX 5 mail.test.hk.<BR>mail IN A 10.10.119.204<BR>mailtest IN A 10.10.119.204<BR>[root@mailtest ~]# cat /var/named/named.10.10.119<BR>$TTL 86400<BR>@ IN SOA test.hk. test1.test.hk (<BR> 1997022700 ; Serial<BR> 28800 ; Refresh<BR> 14400 ; Retry<BR> 3600000 ; Expire<BR> 86400 ) ; Minimum<BR> IN NS mailtest<BR>204 IN PTR mail.test.hk.<BR>204 IN PTR mailtest.test.hk.<BR>[root@mailtest ~]# hostname<BR>mailtest.test.hk</P> <P><BR>2.2)测试DNS配置<BR>[root@mailtest ~]# nslookup mail.test.hk<BR>Server: 10.10.119.204<BR>Address: 10.10.119.204#53</P> <P>Name: mail.test.hk<BR>Address: 10.10.119.204</P> <P>[root@mailtest ~]# nslookup mailtest.test.hk<BR>Server: 10.10.119.204<BR>Address: 10.10.119.204#53</P> <P>Name: mailtest.test.hk<BR>Address: 10.10.119.204</P> <P>[root@mailtest ~]# nslookup 10.10.119.204<BR>Server: 10.10.119.204<BR>Address: 10.10.119.204#53</P> <P>204.119.10.10.in-addr.arpa name = mail.test.hk.<BR>204.119.10.10.in-addr.arpa name = mailtest.test.hk.</P> <P>[root@mailtest ~]# ping mailtest.test.hk<BR>PING mailtest.test.hk (10.10.119.204) 56(84) bytes of data.<BR>64 bytes from mailtest.test.hk (10.10.119.204): icmp_seq=1 ttl=64 time=0.793 ms<BR>64 bytes from mailtest.test.hk (10.10.119.204): icmp_seq=2 ttl=64 time=0.046 ms<BR>64 bytes from mailtest.test.hk (10.10.119.204): icmp_seq=3 ttl=64 time=0.040 ms</P> <P>--- mailtest.test.hk ping statistics ---<BR>3 packets transmitted, 3 received, 0% packet loss, time 2002ms<BR>rtt min/avg/max/mdev = 0.040/0.293/0.793/0.353 ms<BR>[root@mailtest ~]# ping mail.test.hk<BR>PING mail.test.hk (10.10.119.204) 56(84) bytes of data.<BR>64 bytes from mail.test.hk (10.10.119.204): icmp_seq=1 ttl=64 time=0.395 ms<BR>64 bytes from mail.test.hk (10.10.119.204): icmp_seq=2 ttl=64 time=0.037 ms<BR>64 bytes from mail.test.hk (10.10.119.204): icmp_seq=3 ttl=64 time=0.038 ms</P> <P>--- mail.test.hk ping statistics ---<BR>3 packets transmitted, 3 received, 0% packet loss, time 2001ms<BR>rtt min/avg/max/mdev = 0.037/0.156/0.395/0.169 ms</P> <P>Note:DNS的配置错误多看Bind的日志文件/var/log/messages</P> <P><BR>3)安装Postfix<BR>虽然CentOS 5自带Postfix,但因为其不支持SSL及Mysql/LDAP,所以我们需要自行编译</P> <P>[root@mailtest /]# rpm -e sendmail --nodeps #卸载系统自带的sendmail<BR>[root@mailtest /]# groupadd postfix #添加postfix用户<BR>[root@mailtest /]# groupadd postdrop #添加postdrop组<BR>[root@mailtest /]# useradd postfix -g postfix -G postdrop -c "Postfix User" -d /dev/null -s /sbin/nologin #添加postfix用户<BR>[root@mailtest /]# mkdir -pv /tmp/postfix #建立postfix的临时目录<BR>[root@mailtest /]# chown -R postfix.postfix /tmp/postfix #给postfix的临时目录相关权限<BR>[root@mailtest /]# mkdir -pv /home/domains/ #建立虚拟邮件用户的邮件存放目录<BR>[root@mailtest /]# chown -R postfix.postfix /home/ #给虚拟邮件用户的邮件存放目录相关权限<BR>[root@mailtest /]# tar zxvf postfix-2.4.6.tar.gz #解压postfix包<BR>[root@mailtest /]# cd postfix-2.4.6 #进入postfix解压目录<BR>[root@mailtest postfix-2.4.5]# make -f Makefile.init makefiles 'CCARGS=-DHAS_MYSQL -I/usr/include/mysql -DUSE_TLS -DUSE_CYRUS_SASL -DUSE_SASL_AUTH -I/usr/include/sasl -DHAS_LDAP' 'AUXLIBS=-L/usr/lib/mysql -lmysqlclient -lz -lm -L/usr/lib -lssl -lcrypto -lsasl2 -L/usr/lib/openldap -llber -lldap' #配置编译环境支持sasl/tls/mysql/ldap.相关编译参数参考readme文件<BR> </P> <P>[root@mailtest postfix-2.4.6]# make #编译postfix<BR>[root@mailtest postfix-2.4.6]# make install #安装postfix文件到相应目录并配置<BR>Note:make install命令后的所有问题都直接敲回车键即可。最好能改下临时目录到/tmp/postfix</P> <P>生成别名二进制文件,这个步骤如果忽略,会造成postfix效率极低:<BR>[root@mailtest postfix-2.4.6]# newaliases</P> <P><BR>4)配置Postfix<BR>4.1)配置Postfix的主配置文件 /etc/postfix/main.cf<BR>#=====================BASE=========================<BR>myhostname = mail.test.hk #postfix服务的邮件主机的主机名,建虚拟域时不要建这个同名的<BR>mydomain = test.hk #postfix服务的邮件主机的域名<BR>myorigin = $mydomain #设置由本机寄出的邮件所使用的域名或主机名称<BR>mydestination = $myhostname localhost localhost.$mydomain #设置可接收邮件的主机名称或域名<BR>mynetworks = 10.10.119.0/24 127.0.0.0/8 #设置可转发哪些网络的邮件,不需要认证的网段<BR>inet_interfaces = all #设置postfix服务监听的网络接口<BR>#relay_domains = $mydestination #设置可转发哪些网域的邮件</P> <P>#=====================Vritual Mailbox settings=========================<BR>virtual_mailbox_base = /home/domains<BR>virtual_mailbox_maps = mysql:/etc/postfix/mysql/mysql_virtual_mailbox_maps.cf<BR>virtual_mailbox_domains = mysql:/etc/postfix/mysql/mysql_virtual_domains_maps.cf<BR>virtual_alias_domains =<BR>virtual_alias_maps = mysql:/etc/postfix/mysql/mysql_virtual_alias_maps.cf<BR>virtual_uid_maps = static:501<BR>virtual_gid_maps = static:502<BR>virtual_transport = virtual<BR>maildrop_destination_recipient_limit = 1<BR>maildrop_destination_concurrency_limit = 1</P> <P>#====================QUOTA========================<BR>message_size_limit = 5242880 #每个邮件最大尺寸5M<BR>mailbox_size_limit = 209715200 #邮箱大小限制200M<BR>virtual_mailbox_limit = 209715200 #虚拟邮箱大小限制200M<BR>virtual_create_maildirsize = yes<BR>virtual_mailbox_extended = yes<BR>virtual_mailbox_limit_maps = mysql:/etc/postfix/mysql/mysql_virtual_limit_maps.cf<BR>virtual_mailbox_limit_override = yes<BR>virtual_maildir_limit_message = Sorry, the user's maildir has overdrawn his diskspace quota, please try again later.<BR>virtual_overquota_bounce = yes</P> <P>#====================SASL========================<BR>smtpd_sasl_type = dovecot #使用dovecot进行验证<BR>smtpd_sasl_path = /var/run/dovecot/auth-client #与dovecot.conf中如下的的path一致<BR>broken_sasl_auth_clients = yes<BR>smtpd_recipient_restrictions = permit_mynetworks,<BR> permit_sasl_authenticated,<BR> reject_invalid_hostname,<BR> reject_non_fqdn_hostname,<BR> reject_unknown_sender_domain,<BR> reject_non_fqdn_sender,<BR> reject_non_fqdn_recipient,<BR> reject_unknown_recipient_domain,<BR> reject_unauth_pipelining,<BR> reject_unauth_destination,<BR> permit</P> <P> </P> <P># From: 本地域 To: 任何地址 必须认证且验证用户和From:必须一致<BR># From: 任何非本地地址 To: 本地地址 无需认证<BR># From: 任何非本地 To: 任何地址 拒绝</P> <P>#列出本地用户的列表,以便验证 From: 本地域 To: 本地域<BR>#smtpd_sender_login_maps =<BR># mysql:/etc/postfix/mysql/mysql_virtual_sender_maps.cf,<BR># mysql:/etc/postfix/mysql/mysql_virtual_alias_maps.cf</P> <P>#smtpd_reject_unlisted_sender = yes</P> <P>#本地域向本地域发信也需要SMTP身份验证<BR>#smtpd_sender_restrictions =<BR># reject_sender_login_mismatch,<BR># reject_authenticated_sender_login_mismatch,<BR># reject_unauthenticated_sender_login_mismatch</P> <P><BR>#smtpd_error_sleep_time = 1s<BR>#smtpd_soft_error_limit = 10<BR>#smtpd_hard_error_limit = 20</P> <P><BR>smtpd_sasl_auth_enable = yes<BR>smtpd_sasl_local_domain = $myhostname<BR>smtpd_sasl_security_options = noanonymous<BR>smtpd_sasl_application_name = smtpd<BR>smtpd_banner=$myhostname ESMTP "Version not Available"</P> <P>readme_directory = no<BR>sample_directory = /etc/postfix<BR>sendmail_path = /usr/sbin/sendmail<BR>html_directory = no<BR>setgid_group = postdrop<BR>command_directory = /usr/sbin<BR>manpage_directory = /usr/local/man<BR>daemon_directory = /usr/libexec/postfix<BR>newaliases_path = /usr/bin/newaliases<BR>mailq_path = /usr/bin/mailq<BR>queue_directory = /var/spool/postfix<BR>mail_owner = postfix</P> <P>#====================SSL/TLS========================<BR>smtp_use_tls = yes<BR>smtpd_use_tls = yes<BR>smtp_tls_note_starttls_offer = yes<BR>smtpd_tls_key_file = /etc/ssl/smtpd.pem<BR>smtpd_tls_cert_file = /etc/ssl/smtpd.pem<BR>smtpd_tls_CAfile = /etc/ssl/smtpd.pem<BR>smtpd_tls_loglevel = 1<BR>smtpd_tls_received_header = yes<BR>smtpd_tls_session_cache_timeout = 3600s<BR>tls_random_source = dev:/dev/urandom</P> <P><BR>生成证书<BR>[root@mailtest postfix]# mkdir /etc/ssl<BR>[root@mailtest postfix]# cd /etc/ssl<BR>[root@mailtest ssl]# openssl req -new -x509 -nodes -out smtpd.pem -keyout smtpd.pem -days 3650<BR>Generating a 1024 bit RSA private key<BR>..++++++<BR>..++++++<BR>writing new private key to 'smtpd.pem'<BR>-----<BR>You are about to be asked to enter information that will be incorporated<BR>into your certificate request.<BR>What you are about to enter is what is called a Distinguished Name or a DN.<BR>There are quite a few fields but you can leave some blank<BR>For some fields there will be a default value,<BR>If you enter '.', the field will be left blank.<BR>-----<BR>Country Name (2 letter code) [GB]:CN<BR>State or Province Name (full name) [Berkshire]:GD<BR>Locality Name (eg, city) [Newbury]:DG<BR>Organization Name (eg, company) [My Company Ltd]:www.test.hk<BR>Organizational Unit Name (eg, section) []:PROC<BR>Common Name (eg, your name or your server's hostname) []:www.test.hk<BR>Email Address []:test1@test.hk</P> <P><BR>4.2)配置Postfix虚拟用户的配置文件<BR>[root@mailtest mysql]# vi /etc/postfix/mysql/mysql_virtual_alias_maps.cf<BR>user = extmail<BR>password = extmail<BR>hosts = localhost<BR>dbname = extmail<BR>table = alias<BR>select_field = goto<BR>where_field = address<BR>additional_conditions = AND active = '1'</P> <P>[root@mailtest mysql]# vi /etc/postfix/mysql/mysql_virtual_domains_maps.cf<BR>user = extmail<BR>password = extmail<BR>hosts = localhost<BR>dbname = extmail<BR>table = domain<BR>select_field = domain<BR>where_field = domain<BR>additional_conditions = AND active = '1'</P> <P>[root@mailtest mysql]# vi /etc/postfix/mysql/mysql_virtual_limit_maps.cf<BR>user = extmail<BR>password = extmail<BR>hosts = localhost<BR>dbname = extmail<BR>table = mailbox<BR>select_field = quota<BR>where_field = username<BR>additional_conditions = AND active = '1'</P> <P>[root@mailtest mysql]# vi /etc/postfix/mysql/mysql_virtual_mailbox_maps.cf<BR>user = extmail<BR>password = extmail<BR>hosts = localhost<BR>dbname = extmail<BR>table = mailbox<BR>select_field = maildir<BR>where_field = username<BR>additional_conditions = AND active = '1'</P> <P> </P> <P>5)配置dovecot<BR>5.1)配置dovecot的主配置文件/etc/dovecot.conf<BR>[root@mailtest /]# cp /etc/dovecot.conf /etc/dovecot.conf-orig #备份一份dovecot的原始配置文件<BR>[root@mailtest /]# vi /etc/dovecot.conf #编辑dovecot配置文件<BR>base_dir=/var/run/dovecot<BR>protocols=imap imaps pop3 pop3s<BR>listen=*<BR>mail_location = maildir:/vmail/domains/%d/%n/Maildir #虚拟用户maildir形式的邮箱路径(和Extmail一致)<BR>auth default {<BR>mechanisms = plain login digest-md5 cram-md5 ntlm rpa apop anonymous gssapi #认证方法(ldap认证不支持除plain login外的)<BR>passdb sql { #去掉前面的注释<BR>args = /etc/dovecot-sql.conf #定义mysql文件路径<BR>userdb sql { #去掉前面的注释<BR>args = /etc/dovecot-sql.conf #定义mysql文件路径<BR>socket listen {<BR>client {<BR>path = /var/run/dovecot/auth-client<BR> mode = 0660<BR> user = postfix #添加<BR> group = postfix #添加<BR> } #去掉前面的注释<BR> } #去掉前面的注释<BR>}</P> <P>5.2)配置dovecot的mysql认证配置文件<BR>[root@mailtest ~]# more /etc/dovecot-sql.conf<BR>driver = mysql<BR>connect = host=/var/lib/mysql/mysql.sock dbname=extmail user=extmail password=extmail<BR>default_pass_scheme = MD5<BR>#password_query = select username as user,password from mailbox where substring(username,1,instr(username,'@')-1) = '%n' and active='1' #这样些的话,不同的域有相同的用户的话会出现多个匹配导致认证失败<BR>password_query = select username as user,password from mailbox where username = '%u' and active='1'<BR>user_query = select maildir as home,501 as uid ,502 as gid from mailbox where username='%u' and active='1'</P> <P> </P> <P><BR>6)测试发信认证及收信<BR>您可以通过登录postfixadmin新建虚拟域和虚拟用户,也可以直接在mysql中进行创建;<BR>本示例中创建了一个虚拟域:test.hk,并创建了两个虚拟用户:<BR><A href="mailto:test1@test.hk"><FONT color=#0000ff>test1@test.hk</FONT></A>和<A href="mailto:test2@test1.hk"><FONT color=#0000ff>test2@test1.hk</FONT></A>,密码分别为test1和test2</P> <P>由于login认证采用Base64编码格式,故先将用户test1\@test.hk的登录名和密码进行相应的编码:<BR>[root@mailtest postfix]# perl -e 'use MIME::Base64; print encode_base64("test1\@test.hk")'<BR>dGVzdDFAdGVzdC5oaw== </P> <P>[root@mailtest postfix]# perl -e 'use MIME::Base64; print encode_base64("test1")'<BR>dGVzdDE=</P> <P>6.1)LOGIN登录测试:<BR>C:\>telnet 10.10.119.204 25<BR>220 mail.test.hk ESMTP "Version not Available"<BR>ehlo mail<BR>250-mail.test.hk<BR>250-PIPELINING<BR>250-SIZE 5242880<BR>250-VRFY<BR>250-ETRN<BR>250-STARTTLS<BR>250-AUTH PLAIN LOGIN<BR>250-AUTH=PLAIN LOGIN<BR>250-ENHANCEDSTATUSCODES<BR>250-8BITMIME<BR>250 DSN<BR>AUTH LOGIN<BR>334 VXNlcm5hbWU6<BR>dGVzdDFAdGVzdC5oaw==<BR>334 UGFzc3dvcmQ6<BR>dGVzdDE=<BR>235 2.0.0 Authentication successful<BR>mail from:test1\@test.hk<BR>250 2.1.0 Ok<BR>rcpt to:test2\@test.hk<BR>250 2.1.5 Ok<BR>data<BR>354 Please start mail input.<BR>test send mail<BR>.<BR>quit<BR>221 Closing connection. Good bye.</P> <P>Connection to host lost.<BR>C:\></P> <P><BR>6.2)POP3收信测试<BR>先对用户<A href="mailto:test2@test.hk"><FONT color=#0000ff>test2@test.hk</FONT></A>进行Base64编码,而后认证登入,测试pop3收信<BR>[root@mailtest postfix]# perl -e 'use MIME::Base64; print encode_base64("test2\@test.hk")'<BR>dGVzdDJAdGVzdC5oaw==<BR>[root@mailtest postfix]# perl -e 'use MIME::Base64; print encode_base64("test2")'<BR>dGVzdDI=</P> <P><BR>C:\>telnet 10.10.119.204 110<BR>+OK Dovecot ready.<BR>AUTH LOGIN<BR>+ VXNlcm5hbWU6<BR>dGVzdDJAdGVzdC5oaw==<BR>+ UGFzc3dvcmQ6<BR>dGVzdDI=<BR>+OK Logged in.<BR>LIST<BR>+OK 1 messages:<BR>1 1410<BR>.<BR>RETR 1<BR>+OK 1410 octets<BR>Return-Path: <<A href="mailto:test1@test.hk"><FONT color=#0000ff>test1@test.hk</FONT></A>><BR>X-Original-To: <A href="mailto:test2@test.hk"><FONT color=#0000ff>test2@test.hk</FONT></A><BR>Delivered-To: <A href="mailto:test2@test.hk"><FONT color=#0000ff>test2@test.hk</FONT></A><BR>Received: from d2800js7mh1x (unknown [10.10.119.250])<BR> by mail.test.hk (Postfix) with ESMTP id E8D9413B540<BR> for <<A href="mailto:test2@test.hk"><FONT color=#0000ff>test2@test.hk</FONT></A>>; Fri, 16 Nov 2007 08:23:43 +0800 (CST)<BR>Message-ID: <<A href="mailto:000801c827f4$d041b610$fa770a0a@d2800js7mh1x"><FONT color=#0000ff>000801c827f4$d041b610$fa770a0a@d2800js7mh1x</FONT></A>><BR>From: "test1" <<A href="mailto:test1@test.hk"><FONT color=#0000ff>test1@test.hk</FONT></A>><BR>To: <<A href="mailto:test2@test.hk"><FONT color=#0000ff>test2@test.hk</FONT></A>><BR>Subject: test.hk<BR>Date: Fri, 16 Nov 2007 10:02:55 +0800<BR>MIME-Version: 1.0<BR>Content-Type: multipart/alternative;<BR> boundary="----=_NextPart_000_0003_01C82837.DBACB3E0"<BR>X-Priority: 3<BR>X-MSMail-Priority: Normal<BR>X-Mailer: Microsoft Outlook Express 6.00.2900.3138<BR>X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3198</P> <P>This is a multi-part message in MIME format.</P> <P>------=_NextPart_000_0003_01C82837.DBACB3E0<BR>Content-Type: text/plain;<BR> charset="gb2312"<BR>Content-Transfer-Encoding: quoted-printable</P> <P>test.hk<BR>------=_NextPart_000_0003_01C82837.DBACB3E0<BR>Content-Type: text/html;<BR> charset="gb2312"<BR>Content-Transfer-Encoding: quoted-printable</P> <P><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"><BR><HTML><HEAD><BR><META http-equiv=3DContent-Type content=3D"text/html; charset=3Dgb2312"><BR><META content=3D"MSHTML 6.00.2900.3199" name=3DGENERATOR><BR><STYLE></STYLE><BR></HEAD><BR><BODY bgColor=3D#ffffff><BR><DIV><FONT face=3DArial size=3D2>test.hk</FONT></DIV></BODY></HTML></P> <P>------=_NextPart_000_0003_01C82837.DBACB3E0--</P> <P><BR>.</P> <P>7)安装Extmail-1.0.2<BR>7.1)解压安装<BR># tar zxvf extmail-1.0.2.tar.gz<BR># mkdir -pv /var/www/extsuite<BR># mv extmail-1.0.2 /var/www/extsuite/extmail<BR># cp /var/www/extsuite/extmail/webmail.cf.default /var/www/extsuite/extmail/webmail.cf</P> <P>7.2)修改Extmail主配置文件<BR>#vi /var/www/extsuite/webmail.cf<BR>部分修改选项的说明:</P> <P>SYS_SESS_DIR = /tmp/<BR>临时目录选项,可改作:<BR>SYS_SESS_DIR = /tmp/extmail/</P> <P>然后建立目录并附权限<BR>[root@mailtest extmail]# mkdir /tmp/extmail<BR>[root@mailtest extmail]# chown -R postfix.postfix /tmp/extmail/</P> <P>SYS_MESSAGE_SIZE_LIMIT = 5242880<BR>用户可以发送的最大邮件</P> <P>SYS_USER_LANG = en_US<BR>语言选项,可改作:<BR>SYS_USER_LANG = zh_CN</P> <P>SYS_LOG_TYPE = syslog<BR>LOG选项,如果用syslog,需要安装Unix:syslog模块,此处选择用ASCII文件作为日志<BR>SYS_LOG_TYPE = file</P> <P>生成extmail日志文件并赋予权限<BR>[root@mailtest extmail]# touch /var/log/extmail.log<BR>[root@mailtest extmail]# chown postfix.postfix /var/log/extmail.log</P> <P><BR>SYS_MAILDIR_BASE = /home/domains</P> <P>SYS_MYSQL_USER = db_user<BR>SYS_MYSQL_PASS = db_pass<BR>SYS_MYSQL_DB = extmail<BR>以上三句用来设置连接数据库服务器所使用用户名、密码和邮件服务器用到的数据库,这里修改为:<BR>SYS_MYSQL_USER = extmail<BR>SYS_MYSQL_PASS = extmail<BR>SYS_MYSQL_DB = extmail</P> <P>7.3)APACHE相关配置<BR>由于extmail要进行本地邮件的投递操作,故必须将运行apache服务器用户的身份修改为您的邮件投递代理的用户;本例中打开了apache服务器的suexec功能,故使用以下方法来实现虚拟主机运行身份的指定。此例中的MDA为postfix自带,因此将指定为postfix用户:</P> <P>备份一份Apache的主配置文件<BR>[root@mailtest soft]# cp /etc/httpd/conf/httpd.conf /etc/httpd/conf/httpd.conf-orig</P> <P>注释掉#DocumentRoot "/var/www/html"启用基于域名的虚拟主机<BR><VirtualHost mail.test.hk:80><BR>ServerName mail.test.hk<BR>DocumentRoot /var/www/extsuite/extmail/html/<BR>ScriptAlias /extmail/cgi /var/www/extsuite/extmail/cgi<BR>Alias /extmail /var/www/extsuite/extmail/html<BR>SuexecUserGroup postfix postfix<BR></VirtualHost></P> <P><BR>修改 cgi执行文件属主为apache运行身份用户:<BR>[root@mailtest soft]# chown -R postfix.postfix /var/www/extsuite/extmail/cgi/</P> <P>如果您没有打开apache服务器的suexec功能,也可以使用以下方法解决:<BR>[root@mailtest soft]# vi /etc/httpd/config/httpd.conf<BR>User postfix<BR>Group postfix</P> <P><VirtualHost mail.test.hk:80><BR>ServerName mail.test.hk<BR>DocumentRoot /var/www/extsuite/extmail/html/<BR>ScriptAlias /extmail/cgi /var/www/extsuite/extmail/cgi<BR>Alias /extmail /var/www/extsuite/extmail/html<BR>ScriptAlias /extman/cgi /var/www/extsuite/extman/cgi<BR>Alias /extman /var/www/extsuite/extman/html<BR></VirtualHost></P> <P> </P> <P>7.4)Extmail依赖关系的解决<BR>extmail将会用到perl的DBD::Mysql和Unix::syslogd功能,对于第一个模块,我是安装OS自带的RPM包,第二个模块没有使用,前面有说明<BR>perl-DBD-MySQL-3.0007-1.fc6</P> <P><BR>下面是网上的方法解决依赖问题<BR>extmail将会用到perl的DBD::Mysql和Unix::syslogd功能,您可以去<A href="http://search.cpan.org/"><FONT color=#0000ff>http://search.cpan.org</FONT></A>搜索下载原码包进行安装。<BR># tar zxvf Unix-Syslog-0.100.tar.gz<BR># cd Unix-Syslog-0.100<BR># perl Makefile.PL<BR># make<BR># make install</P> <P>DBD-Mysql目前最新的版本为DBD-mysql-4.005,但它和系统中的perl结合使用时会造成extmail无法正常使用,因此我们采用3的版本:<BR># tar zxvf DBD-mysql-3.0002_4.tar.gz <BR># cd cd DBD-mysql-3.0002_4<BR># perl Makefile.PL (此步骤中如果出现类同Can't exec "mysql_config": No such file or directory at Makefile.PL line 76.的错误是因为您的mysql的bin目录没有输出至$PATH环境变量)<BR># make<BR># make install</P> <P>8)安装Extman-0.2.2<BR>8.1)解压安装<BR>[root@mailtest soft]# tar zxvf extman-0.2.2.tar.gz<BR>[root@mailtest soft]# mv extman-0.2.2 /var/www/extsuite/extman</P> <P><BR>8.2)修改Extman的主配置文件<BR>[root@mailtest soft]# vi /var/www/extsuite/extman/webman.cf</P> <P>SYS_SESS_DIR = /tmp/<BR>临时目录选项,可改作:<BR>SYS_SESS_DIR = /tmp/extman/</P> <P>然后建立目录并附权限<BR>[root@mailtest extmail]# mkdir -pv /tmp/extman<BR>[root@mailtest extmail]# chown -R postfix.postfix /tmp/extman/</P> <P><BR>修改cgi执行文件属主为apache运行身份用户<BR>[root@mailtest soft]# chown -R postfix.postfix /var/www/extsuite/extman/cgi/</P> <P><BR>8.3)APACHE相关配置 <BR>在apache的主配置文件中Extmail的虚拟主机部分,添加如下两行:<BR>ScriptAlias /extman/cgi /var/www/extsuite/extman/cgi<BR>Alias /extman /var/www/extsuite/extman/html</P> <P>最后虚拟主机的配置文件成为下面的这个样子<BR><VirtualHost mail.test.hk:80><BR>ServerName mail.test.hk<BR>DocumentRoot /var/www/extsuite/extmail/html/<BR>ScriptAlias /extmail/cgi /var/www/extsuite/extmail/cgi<BR>Alias /extmail /var/www/extsuite/extmail/html<BR>ScriptAlias /extman/cgi /var/www/extsuite/extman/cgi<BR>Alias /extman /var/www/extsuite/extman/html<BR>SuexecUserGroup postfix postfix<BR></VirtualHost></P> <P><BR>配置Mailgraph_ext,使用Extman的图形日志:<BR>接下来安装图形日志的运行所需要的软件包Time::HiRes、File::Tail和rrdtool,其中前两个包您可以去<A href="http://search.cpan.org/"><FONT color=#0000ff>http://search.cpan.org</FONT></A>搜索并下载获得,后一个包您可以到 <A href="http://oss.oetiker.ch/rrdtool/pub/?M=D"><FONT color=#0000ff>http://oss.oetiker.ch/rrdtool/pub/?M=D</FONT></A>下载获得; 注意安装顺序不能改换。</P> <P>安装Time::HiRes<BR>#tar zxvf Time-HiRes-1.9707.tar.gz <BR>#cd Time-HiRes-1.9707<BR>#perl Makefile.PL <BR>#make<BR>#make test<BR>#make install</P> <P>安装File::Tail<BR>#tar zxvf File-Tail-0.99.3.tar.gz <BR>#cd File-Tail-0.99.3<BR>#perl Makefile.PL <BR>#make<BR>#make test<BR>#make install</P> <P>安装rrdtool-1.2.26<BR>#tar zxvf rrdtool-1.2.26.tar.gz <BR>#cd rrdtool-1.2.26<BR>#./configure --prefix=/usr/local/rrdtool<BR>#make<BR>#make install</P> <P>创建必要的符号链接(Extman会到这些路径下找相关的库文件)<BR>#ln -sv /usr/local/rrdtool/lib/perl/5.8.8/i386-linux-thread-multi/auto/RRDs/RRDs.so /usr/lib/perl5/5.8.8/i386-linux-thread-multi/<BR>#ln -sv /usr/local/rrdtool/lib/perl/5.8.8/RRDp.pm /usr/lib/perl5/5.8.8<BR>#ln -sv /usr/local/rrdtool/lib/perl/5.8.8/i386-linux-thread-multi/RRDs.pm /usr/lib/perl5/5.8.8</P> <P>复制mailgraph_ext到/usr/local,并启动之<BR># cp -r /var/www/extsuite/extman/addon/mailgraph_ext /usr/local <BR># /usr/local/mailgraph_ext/mailgraph-init start<BR># /usr/local/mailgraph_ext/qmonitor-init start</P> <P>添加到自动启动队列<BR>echo "/usr/local/mailgraph_ext/mailgraph-init start" >> /etc/rc.local<BR>echo "/usr/local/mailgraph_ext/qmonitor-init start" >> /etc/rc.local</P> <P><BR>注意:安装以上软件所之前,请确保您的系统已经安装了tcl、tcl-devel、freetype、freetype-devel、libart_lgpl和libart_lgpl-devel等相关的软件包</P> <P> </P> <P><BR>9)开启Apache/Mysql/Bind,并让他们自启动<BR>[root@mailtest /]# chkconfig --level 2345 httpd on<BR>[root@mailtest /]# chkconfig --level 2345 mysqld on<BR>[root@mailtest /]# chkconfig --level 2345 named on<BR>[root@mailtest /]# service httpd start<BR>[root@mailtest /]# service mysqld start<BR>[root@mailtest /]# service named start</P> <P><BR>10)安装反垃圾SpamAssassin<BR>安装系统自带的spamassassin包</P> <P>11)安装反病毒Clamav<BR>从下面的网站下载clamav<BR><A href="http://www.clamav.net/download"><FONT color=#0000ff>http://www.clamav.net/download</FONT></A></P> <P>[root@mail ~]# groupadd clamav<BR>[root@mail ~]# useradd -g clamav -s /bin/nologin -c "Clam AntiVirus" clamav<BR>[root@mail ~]# mkdir /etc/clamav<BR>[root@mail ~]# chown -R clamav.clamav /etc/clamav</P> <P>[root@mail ~]# tar zxvf clamav-0.91.2.tar.gz<BR>[root@mail clamav-0.91.2]# cd clamav-0.91.2<BR>[root@mail clamav-0.91.2]# ./configure --sysconfdir=/etc/clamav<BR>[root@mail clamav-0.91.2]# make<BR>[root@mail clamav-0.91.2]# make install</P> <P>配置clamav的主配置文件<BR>#vi /etc/clamav/clamd.conf <BR>请先将文件中的 Example 这行删除掉或在其前面加上 # 注释掉<BR>去掉注释或更改下面行的值<BR>LogFile /var/log/clamav/clamd.log<BR>LogFileMaxSize 2M<BR>PidFile /home/clamav/clamd.pid<BR>DatabaseDirectory /usr/local/share/clamav<BR>LocalSocket /home/clamav/clamd.sock<BR>ScanMail yes<BR>ScanArchive yes<BR>ArchiveMaxFiles 1000<BR>MaxThreads 200<BR>MaxDirectoryRecursion 15<BR>User clamav<BR>这样 clamav 就基本可以工作了</P> <P>接下来要下载病毒资料库<BR>首先编辑 /etc/clamav/freshclam.conf 文件<BR>[root@mail clamav-0.91.2]# vi /etc/clamav/freshclam.conf<BR>请先将文件中的 Example 这行删除掉或在其前面加上 # 注释掉<BR>去掉次行注释并修改为 UpdateLogFile /var/log/clamav/freshclam.log</P> <P><BR>在 DatabaseMirror database.clamav.net 行下面在加入几个地址,更多地址请参考文档 clamav.pdf<BR>DatabaseMirror clamav.inet6.fr<BR>DatabaseMirror clamav.netopia.pt<BR>DatabaseMirror clamav.sonic.net</P> <P>这样该文件就可以了。若升级数据库时无法连接就注释掉DatabaseMirror database.clamav.net 行,留下剩下的行.<BR>下面生成/var/log/freshclam.log 文件<BR>[root@mail clamav-0.91.2]# mkdir /var/log/clamav<BR>touch /var/log/clamav/clamd.log<BR>touch /var/log/clamav/freshclam.log<BR>chmod 600 /var/log/clamav/freshclam.log<BR>chmod 600 /var/log/clamav/clamd.log<BR>chown clamav /var/log/clamav/clamd.log<BR>chown clamav /var/log/clamav/freshclam.log</P> <P><BR>运行数据库的更新 <BR>[root@mail clamav-0.91.2]# freshclam -d -c 2 (-d 选项为该命令以 daemon 方式运行 -c 2 这个选项的意思是每天检查2次数据库更新)<BR>[root@mail clamav-0.91.2]# freshclam --quiet --stdout 手动更新数据库</P> <P>更新结束后请到 /usr/src/clamav-0.91.2/test 目录下检查数据库里所认知的病毒数量<BR>执行 clamscan test</P> <P><BR>建议用户做成启动脚本<BR>/etc/rc3.d/S91clamav 内容如下:<BR>/usr/local/bin/freshclam -d -c 2<BR>/usr/local/sbin/clamd</P> <P> </P> <P>12)安装MailScanner<BR>MailScanner-4.65.3-1.rpm.tar.gz<BR>tar -zvxf MailScanner-4.65.3-1.rpm.tar.gz<BR>cd <BR>./install.sh</P> <P><BR>可以将里面的src.rpm用rpmbuild --rebuild **.src.rpm<BR>然后到/usr/src/redhat/RPMS/noarch去安装生成的rpm包</P> <P> </P> <P>建立Mailscanner支持spamassassin所需的目录:<BR># mkdir /var/spool/MailScanner/spamassassin <BR># chmod 700 /var/spool/MailScanner/spamassassin <BR># chown postfix.postfix /var/spool/MailScanner/spamassassin</P> <P>修改spamassassin的配置文件<BR>vi /etc/mail/spamassassin/local.cf<BR># How many hits before a message is considered spam. <BR>required_hits 5.0 <BR># Text to prepend to subject if rewrite_subject is used <BR>rewrite_header Subject *****SPAM***** <BR># Encapsulate spam in an attachment <BR>report_safe 1 <BR># Enable the Bayes system <BR>use_bayes 1 <BR># Enable or disable network checks <BR>skip_rbl_checks 1 <BR>use_razor2 0 <BR>use_pyzor 0 <BR># Mail using locales used in these country codes will not be marked <BR># as being possibly spam in a foreign language. <BR>ok_locales all </P> <P> </P> <P><BR>修改MailScanner.conf<BR># vi /etc/MailScanner/MailScanner.conf <BR>Run As User = postfix <BR>Run As Group = postfix <BR>Incoming Queue Dir = /var/spool/postfix/hold <BR>Outgoing Queue Dir = /var/spool/postfix/incoming <BR>MTA = postfix <BR>Virus Scanners = clamav <BR>Always Include SpamAssassin Report = yes <BR>Use SpamAssassin = yes <BR>Required SpamAssassin Score = 4 <BR>SpamAssassin User State Dir = /var/spool/MailScanner/spamassassin <BR>SpamAssassin Install Prefix = /usr/bin <BR>SpamAssassin Local Rules Dir = /etc/MailScanner</P> <P>修改 postfix支持mailscanner<BR># vi /etc/postfix/main.cf<BR>变更以下的值<BR>header_checks = regexp:/etc/postfix/header_checks<BR># vi /etc/postfix/header_checks<BR>/^Received:/ HOLD<BR>注意, 在 / 之前不可以有空白!</P> <P>变更目录权限<BR># chown postfix.postfix /var/spool/MailScanner/incoming <BR># chown postfix.postfix /var/spool/MailScanner/quarantine<BR>停止postfix执行、启动MailScanner<BR># service postfix stop <BR># chkconfig postfix off <BR># service MailScanner start<BR>设定MailScanner,当MTA = postfix时,会自己启动postfix,如有设定启动postfix的请先将它停掉<BR>定期更新病毒定义文件<BR># crontab -e <BR>0 4 * * * /usr/local/bin/freshclam</P> <P> </P> <P><BR>FAQ<BR>1)进入postfixadmin的管理页面出现下面的警告提示<BR>Warning: Magic Quotes: OFF (using internal function!)<BR>postfixadmin 2.1有这个警告<BR>最新的版本2.2默认是要关闭这个的(也即默认是OK)</P> <P>要想2.1版本消除这个警告,修改/etc/php.ini文件<BR>[root@mailtest /]# vi /etc/php.ini<BR>; Magic quotes for incoming GET/POST/Cookie data.<BR>#magic_quotes_gpc = Off<BR>magic_quotes_gpc = On 《==打开这一个就可以消除警告</P> <P>; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc.<BR>magic_quotes_runtime = Off<BR>magic_quotes_runtime = On</P> <P><BR>2)如何显示dovecot的所有配置<BR>[root@mailtest ~]# dovecot -a</P> <P>3)如何显示postfix的所有配置<BR>[root@mailtest ~]# postconf -n</P> <P><BR>4)如何检查配置文件是否正确<BR>[root@mailtest ~]# postfix check<BR>这个检查程序秉持“没有消息就是好消息”的Unix优良传统,如果你的系统一切无误,它不会出现任何信息;否则,它会将查出来的问题显示在屏幕上,并同时记录在日志文件里。</P> <P>5)检查日志<BR>[root@mailtest ~]# egrep '(reject|warning|error|fatal|panic):' /var/log/maillog</P> <P> </P> <P>6)/var/log/maillog出现下面的<BR>Nov 19 12:06:00 mailtest postfix/smtpd[2055]: warning: dict_nis_init: NIS domain name not set - NIS lookups disabled</P> <P>修改alias_maps,去掉nis:mail.aliases<BR>[root@mailtest postfix]# postconf -v |grep nis<BR>alias_maps = hash:/etc/aliases, nis:mail.aliases</P> <P><BR>7)在postfix中配置RBL/CBL<BR>reject_rbl_client cbl.anti-spam.org.cn=127.0.8.2<BR>reject_rbl_client cdl.anti-spam.org.cn=127.0.8.4<BR>reject_rbl_client cblplus.anti-spam.org.cn=127.0.8.6<BR>reject_rbl_client cblless.anti-spam.org.cn=127.0.8.5</P> <P><BR>reject_rbl_client cbl.anti-spam.org.cn #CBL 服务器 具体请看anti-spam.org.cn<BR>可以用多个 reject_rbl_client 分隔依次使用多个RBL</P> <P><BR>如果您想先测试一下RBL服务是否工作正常,可以在reject_maps_rbl指令和reject_rbl_client指令前加上warning_if_reject来改变默认的拒绝动作为警告(警告信息会在邮件日志中看到)。等确认工作正常后再去掉警告指令</P> <P><BR>postfix 设置了RBL后无法收到邮件 退信内容 <BR>Non-authoritative answer<BR>Recursive queries supported by this server<BR>Query for 5.209.96.202.sbl.spamhaus.org type=255 class=1<BR>这是因为设置了RBL后没有加验证码需要修改 main.cf 在 cbl.anti-spam.org.cn后加入验证码<BR> reject_rbl_client cbl.anti-spam.org.cn=127.0.8.2<BR> reject_rbl_client cdl.anti-spam.org.cn=127.0.8.4<BR> reject_rbl_client cblplus.anti-spam.org.cn=127.0.8.6<BR> reject_rbl_client cblless.anti-spam.org.cn=127.0.8.5<BR>然后重新加载服务 /etc/init.d/postfix reload </P> <P> </P> <P>加入<BR>smtpd_client_restrictions = permit_sasl_authenticated,<BR> reject_rbl_client cbl.abuseat.org,<BR> reject_rbl_client bl.spamcop.net,<BR> reject_rbl_client zen.spamhaus.org,<BR> reject_rbl_client cblless.anti-spam.org.cn,<BR> reject_rbl_client dsn.rfc-ignorant.org,<BR> reject_rbl_client relays.ordb.org</P> <P>垃圾邮件就大大减少了。呵呵!</P> <P> </P> <P>CBL/CDL/CBL+/CBL-的配置参数</P> <P>名称 地址 测试地址 返回状态码 <BR>CBL cbl.anti-spam.org.cn 2.0.0.127.cbl.anti-spam.org.cn. 127.0.8.2 <BR>CDL cdl.anti-spam.org.cn 0.0.0.240.cdl.anti-spam.org.cn. 127.0.8.4 <BR>CBL+ cblplus.anti-spam.org.cn 2.0.0.127.cblplus.anti-spam.org.cn. 127.0.8.6 <BR>CBL- cblless.anti-spam.org.cn 2.0.0.127.cblless.anti-spam.org.cn. 127.0.8.5</P> <P>CBL+ --是CBL和CDL的合集<BR>CBL- --是CBL+中去掉了全部的CML<BR>BML --大型邮件运营商列表会影响到我们的CBL/CBL+/CBL-等黑名单的IP地址的收录<BR>TML --可信邮件服务器地址,不属于主要邮件运营商,但在反垃圾邮件方面做过切实工作,并能积极响应垃圾邮件投诉的邮件服务器地址。加入TML可以邮件服务器不但可确保不会被加入到CBL-中,而且可以确保意外发生的一些垃圾邮件发送并不会导致您的邮件发送被阻</P> <P> </P> <P><BR>8)如何让Postfix直接支持SpamAssassin<BR>在/etc/postfix/master.cf中添加下面倒数3行<BR>smtp inet n - n - - smtpd<BR> -o content_filter=spamassassin<BR>spamassassin unix - n n - - pipe<BR> user=nobody argv=/usr/bin/spamc -f -e /usr/sbin/sendmail -oi -f ${sender} ${recipient}</P> <P> </P> <P>9)如何利用sendmail的mailer支持postfix<BR>smtp inet n - n - - smtpd -o content_filter=clamav<BR>clamav unix - n n - - pipe <BR> flags=R user=clamav argv=/usr/local/bin/clamfilter -F <A href="mailto:postmaster@test.hk"><FONT color=#0000ff>postmaster@test.hk</FONT></A> -f ${sender} -- ${recipient}</P> <P><BR>10)如何用MySQL做postfix的后台<BR>如本例</P> <P>11)如何用OpenLDAP做后台,<BR>需下面的perl模块支持<BR>perl-XML-NamespaceSupport-1.09-1.2.1.noarch.rpm<BR>perl-XML-SAX-0.14-5.noarch.rpm<BR>perl-Convert-ASN1-0.20-1.1.noarch.rpm<BR>perl-LDAP-0.33-3.fc6.noarch.rpm </P> <P><BR>[root@mailtest ldap]# cat /etc/dovecot-ldap.conf<BR>hosts = 10.10.119.204:389<BR>dn = cn=Manager,dc=extmail.org<BR>dnpass = 123456<BR>ldap_version = 3<BR>base = o=extmailAccount,dc=extmail.org<BR>deref = never<BR>scope = subtree<BR>user_attrs = mail,homeDirectory,,,uidNumber,gidNumber<BR>user_filter = (&(objectClass=extmailUser)(mail=%u)(active=1))<BR>pass_attrs = mail,userPassword<BR>pass_filter = (&(objectClass=extmailUser)(mail=%u)(active=1))<BR>default_pass_scheme = CRYPT<BR>user_global_uid = postfix<BR>user_global_gid = postfix<BR>auth_bind = yes</P> <P><BR>[root@mailtest docs]# cat ldap_virtual_alias_maps.cf<BR>server_host = localhost<BR>search_base = o=extmailAlias,dc=extmail.org<BR>query_filter = (&(objectClass=extmailAlias)(mailLocalAddress=%s)(active=1))<BR>result_attribute = mail<BR>cache = no<BR>bind = no<BR>scope = sub</P> <P>[root@mailtest docs]# cat ldap_virtual_domains_maps.cf<BR>server_host = localhost<BR>search_base = o=extmailAccount,dc=extmail.org<BR>query_filter = (&(objectClass=extmailDomain)(virtualDomain=%s)(active=1))<BR>result_attribute = virtualDomain<BR>cache = no<BR>bind = no<BR>scope = sub</P> <P>[root@mailtest docs]# cat ldap_virtual_mailbox_maps.cf<BR>server_host = localhost<BR>search_base = o=extmailAccount,dc=extmail.org<BR>query_filter = (&(objectClass=extmailUser)(mail=%s)(active=1))<BR>result_attribute = mailMessageStore<BR>cache = no<BR>bind = no<BR>scope = sub</P> <P><BR>[root@mailtest docs]# cat ldap_virtual_limit_maps.cf<BR>server_host = localhost<BR>search_base = o=extmailAccount,dc=extmail.org<BR>query_filter = (&(objectClass=extmailUser)(mail=%s)(active=1))<BR>result_attribute = mailQuota<BR>cache = no<BR>bind = no<BR>scope = sub</P> <P>然后修改/etc/postfix/main.cf中相关的mysql为ldap<BR>并配置ectmail/extman的配置参数文件webmail.cf为ldap认证和相关参数</P> <P><BR>参数<BR>sender_bcc_maps=hash:/etc/postfix/sender_maps<BR>recipient_bcc_maps=hash:/etc/postfix/recipient_maps</P> <P> </P> <P><BR>参考文档<BR>postfixadmin+on+debian+sarge with dovecot<BR><A href="http://bliki.rimuhosting.com/space/knowledgebase/linux/mail/postfixadmin+on+debian+sarge"><FONT color=#0000ff>http://bliki.rimuhosting.com/space/knowledgebase/linux/mail/postfixadmin+on+debian+sarge</FONT></A></P> <P>postfix+with+amavis+and+mysql<BR><A href="http://bliki.rimuhosting.com/space/knowledgebase/linux/mail/postfix+with+amavis+and+mysql"><FONT color=#0000ff>http://bliki.rimuhosting.com/space/knowledgebase/linux/mail/postfix+with+amavis+and+mysql</FONT></A></P> <P><A href="http://bliki.rimuhosting.com/space/comment-knowledgebase/linux/mail/postfix+with+amavis+and+mysql-1"><FONT color=#0000ff>http://bliki.rimuhosting.com/space/comment-knowledgebase/linux/mail/postfix+with+amavis+and+mysql-1</FONT></A><BR><A href="http://bliki.rimuhosting.com/space/knowledgebase/linux/mail/postfix+notes"><FONT color=#0000ff>http://bliki.rimuhosting.com/space/knowledgebase/linux/mail/postfix+notes</FONT></A></P> <P><FONT color=#0000ff></FONT> </P> <P>postfixadmin+on+RHEL4<BR><A href="http://bliki.rimuhosting.com/space/knowledgebase/linux/mail/postfixadmin+on+RHEL4"><FONT color=#0000ff>http://bliki.rimuhosting.com/space/knowledgebase/linux/mail/postfixadmin+on+RHEL4</FONT></A></P> <P>完整强大的邮件系统就这样被我弄出来了 <BR><A href="http://bbs.chinaunix.net/thread-982996-1-1.html"><FONT color=#0000ff>http://bbs.chinaunix.net/thread-982996-1-1.html</FONT></A></P> <P>变通实现dovecot + postfix + postfixadmin + mysql 虚拟用户认证服务器 <BR><A href="http://bbs.chinaunix.net/thread-952938-1-1.html"><FONT color=#0000ff>http://bbs.chinaunix.net/thread-952938-1-1.html</FONT></A></P> <P><BR>Postfix SMTP身份验证完整方案解析<BR><A href="http://www.5dmail.cn/html/2007-3-14/2007314200207.htm"><FONT color=#0000ff>http://www.5dmail.cn/html/2007-3-14/2007314200207.htm</FONT></A></P> <P><FONT color=#0000ff></FONT> </P> <DIV><FONT color=#0000ff></FONT></DIV></DIV></TD></TR></TBODY></TABLE></TD></TR> <TR> <TD align=middle height=25><FONT color=#02368d>创建于: 2007-11-20 11:49:03,修改于: 2007-12-12 11:17:28,已浏览78次,有评论0条</FONT> </TD></TR> <TR> <TD align=middle height=9><IMG height=13 alt="" src="http://blog.chinaunix.net/templates/default/images/line1.gif" width=702 border=0></TD></TR> <TR> <TD align=middle> <TABLE style="COLOR: #02368d; BORDER-COLLAPSE: collapse" cellSpacing=0 cellPadding=0 width=700 align=center border=0> <TBODY> <TR> <TD colSpan=3 height=20><B>网友评论</B></TD></TR></TBODY></TABLE></TD></TR> <TR> <TD align=middle height=9><IMG height=13 alt="" src="http://blog.chinaunix.net/templates/default/images/line1.gif" width=702 border=0></TD></TR> <TR> <TD align=middle><IFRAME id=iframe_data style="DISPLAY: none" name=iframe_data width=0 height=0></IFRAME> <FORM id=sortForm onsubmit="return check();" action=../comment_insert.php method=post target=iframe_data><INPUT type=hidden value=0 name=ctype> <INPUT id=iscomment type=hidden value=1 name=iscomment> <INPUT id=artid type=hidden value=426492 name=artid> <INPUT id=userid type=hidden value=3675 name=userid> <TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 cellPadding=0 width=700 align=center border=0> <TBODY> <TR> <TD style="COLOR: #0000cc" height=25> 发表评论 </TD></TR> <TR> <TD height=25> 昵称:<INPUT id=nickname size=30 name=nickname> <INPUT id=noname onclick="if(nickname.value=='')nickname.value='本站网友'" type=checkbox><LABEL for=noname>匿名</LABEL> </TD></TR> <TR> <TD><TEXTAREA id=comment style="BORDER-RIGHT: #999999 1px solid; BORDER-TOP: #999999 1px solid; FONT-SIZE: 12px; BORDER-LEFT: #999999 1px solid; LINE-HEIGHT: 150%; BORDER-BOTTOM: #999999 1px solid; FONT-FAMILY: Tahoma,Verdana,宋体,Fixedsys" name=comment rows=5 cols=80></TEXTAREA> <INPUT type=submit value=提交> </TD></TR></TBODY></TABLE></FORM> <SCRIPT language=javascript> function $(s){return document.getElementById(s);} function check(){ if($("iscomment").value==0){ if($("username").value==""){ alert('请输入您的用户名!'); $("username").select(); return false; } if($("password").value==""){ alert('请输入您的密码!'); $("password").select(); return false; } }else{ if($("nickname").value==""){ alert('请输入您的称呼!'); $("nickname").select(); return false; } } if($("comment").value==""){ alert('你忘记输入内容了!'); $("comment").select(); return false; } return true; } </SCRIPT> </TD></TR></TBODY></TABLE> <TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 cellPadding=0 width=760 border=0> <TBODY> <TR> <TD bgColor=#663300 height=1></TD></TR> <TR> <TD align=middle>版权所有 ChinaUnix.net 页面生成时间:0.28116</TD></TR></TBODY></TABLE></CENTER></DIV>
查看全文
发表于:2007-12-29 ┆
阅读(1147)
┆
评论(0)
CenTOS 5下面用自带的RPM包安装基于Postfix的邮件系统(LDAP)
<DIV> <TABLE style="BORDER-COLLAPSE: collapse; WORD-WRAP: break-word" cellSpacing=0 cellPadding=0 width=760 bgColor=#ffffff border=0> <TBODY> <TR> <TD align=middle height=25><FONT style="FONT-SIZE: 14pt" color=#02368d><B>CenTOS 5下面用自带的RPM包安装基于Postfix的邮件系统(LDAP)</B></FONT><BR></TD></TR> <TR> <TD align=middle height=9><IMG height=9 alt="" src="http://blog.chinaunix.net/templates/default/images/right_line.gif" width=502 border=0></TD></TR> <TR> <TD align=middle> <TABLE style="BORDER-COLLAPSE: collapse; WORD-WRAP: break-word" cellSpacing=0 cellPadding=0 width=740 border=0> <TBODY> <TR> <TD width=740> <DIV id=art style="MARGIN: 15px; LINE-HEIGHT: 150%" width="560"> <P><STRONG>CenTOS 5下面用自带的RPM包安装基于Postfix的邮件系统(LDAP)</STRONG><BR>(Postfix+OpenLDAP+Dovecot+Extmail+Extman+Mailscanner+Spamassassin+Clamav)<BR>Author:汪洋<BR>Nickname:ruochen / ruochen0926<BR>Date:20070927<BR>Version:1.0<BR>Contact: E-Mail:yang_wang(at)sae.com.hk QQ:967409<BR>Blog:http://ruochen.cublog.cn/<BR>Note:参考了网上很多网友的帖子,都比较零散,不一一列出,如果在安装或者使用过程中有疑问,请到我的blog跟帖,我会尽快回复</P> <P><BR>目录:<BR>目标:配置一个功能齐全的Mail系统<BR>1)安装需要的软件包<BR>2)DNS相关配置<BR>2.1)建立正向反向和MX记录<BR>2.2)测试DNS配置<BR>3)安装Postfix<BR>4)配置Postfix<BR>4.1)配置Postfix的主配置文件 /etc/postfix/main.cf<BR>4.2)配置Postfix虚拟用户的配置文件<BR>5)配置dovecot (IMAP/IMAPS/POP3/POP3S)<BR>5.1)配置dovecot的主配置文件/etc/dovecot.conf<BR>5.2)配置dovecot的mysql认证配置文件<BR>6)测试发信认证及收信<BR>6.1)LOGIN登录测试<BR>6.2)pop3收信测试<BR>7)安装Extmail-1.0.2<BR>7.1)解压安装<BR>7.2)修改Extmail主配置文件<BR>7.3)APACHE相关配置<BR>7.4)Extmail依赖关系的解决<BR>8)安装Extman-0.2.2<BR>8.1)解压安装<BR>8.2)修改Extman的主配置文件<BR>8.3)APACHE相关配置<BR>9)开启Apache/Mysql/Bind,并让他们自启动<BR>10)安装反垃圾SpamAssassin<BR>11)安装反病毒Clamav<BR>12)安装MailScanner<BR>13)FQA<BR>13.1)进入postfixadmin的管理页面出现下面的警告提示 Warning: Magic Quotes: OFF (using internal function!)<BR>13.2)如何显示dovecot的所有配置<BR>13.3)如何显示postfix的所有配置<BR>13.4)如何检查配置文件是否正确<BR>13.5)检查日志<BR>13.6)/var/log/maillog出现下面的<BR>Nov 19 12:06:00 mailtest postfix/smtpd[2055]: warning: dict_nis_init: NIS domain name not set - NIS lookups disabled<BR>13.7)在postfix中配置RBL/CBL<BR>13.8)如何让Postfix直接支持SpamAssassin<BR>13.9)如何利用sendmail的mailer支持postfix<BR>13.10)如何用MySQL做后台,<BR>13.11)如何用OpenLDAP做后台,<BR>13.12)Open LDAP服务器的备份和恢复</P> <P><BR>1)安装需要的软件包<BR>LDAP部分<BR>[root@mailtest /]# rpm -qa|grep ldap<BR>openldap-2.3.27-5<BR>openldap-devel-2.3.27-5<BR>openldap-servers-2.3.27-5<BR>php-ldap-5.1.6-5.el5<BR>nss_ldap-253-3<BR>python-ldap-2.2.0-2.1</P> <P> </P> <P>Http部分<BR>[root@mailtest /]# rpm -qa|grep http<BR>httpd-2.2.3-6.el5.centos.1</P> <P>Php部分<BR>[root@mailtest /]# rpm -qa|grep php<BR>php-mysql-5.1.6-5.el5<BR>php-cli-5.1.6-5.el5<BR>php-5.1.6-5.el5<BR>php-ldap-5.1.6-5.el5<BR>php-pdo-5.1.6-5.el5<BR>php-mbstring-5.1.6-5.el5<BR>php-common-5.1.6-5.el5<BR>php-gd-5.1.6-5.el5</P> <P><BR>Perl部分<BR>[root@mailtest noarch]# rpm -qa|grep perl<BR>perl-HTML-Tagset-3.10-2.1.1<BR>perl-Digest-HMAC-1.01-15<BR>perl-HTML-Parser-3.56-1<BR>perl-Sys-Hostname-Long-1.4-1<BR>perl-Net-DNS-0.59-1.fc6<BR>perl-XML-SAX-0.14-5<BR>perl-IO-stringy-2.108-1<BR>perl-DBI-1.56-1<BR>perl-5.8.8-10<BR>mod_perl-2.0.2-6.1<BR>perl-Socket6-0.19-3.fc6<BR>perl-IO-Socket-INET6-2.51-2.fc6<BR>perl-IO-String-1.08-1.1.1<BR>perl-Convert-ASN1-0.20-1.1<BR>perl-TimeDate-1.16-3<BR>perl-MIME-tools-5.420-1<BR>perl-DBD-SQLite-1.13-1<BR>perl-BSD-Resource-1.28-1.fc6.1<BR>perl-DBD-MySQL-3.0007-1.fc6<BR>perl-IO-Zlib-1.04-4.2.1<BR>perl-Digest-SHA1-2.11-1.2.1<BR>perl-Archive-Tar-1.30-1.fc6<BR>perl-IO-Socket-SSL-1.01-1.fc6<BR>perl-LDAP-0.33-3.fc6<BR>perl-libwww-perl-5.805-1.1.1<BR>perl-MailTools-1.71-1<BR>perl-Convert-TNEF-0.17-1<BR>perl-Filesys-Df-0.90-1<BR>perl-URI-1.35-3<BR>perl-Compress-Zlib-1.42-1.fc6<BR>perl-Net-IP-1.25-2.fc6<BR>perl-XML-NamespaceSupport-1.09-1.2.1<BR>perl-Net-CIDR-0.11-1<BR>perl-Archive-Zip-1.16-1<BR>perl-String-CRC32-1.4-2.fc6<BR>perl-Net-SSLeay-1.30-4.fc6<BR>perl-Convert-BinHex-1.119-2<BR>perl-GD-2.35-1.fc6.rf.i386.rpm</P> <P><BR>Spamassassin部分<BR>[root@mailtest /]# rpm -qa|grep spamassassin<BR>spamassassin-3.1.7-4.el5</P> <P><BR>Dovecot部分<BR>[root@mailtest /]# rpm -qa|grep dovecot<BR>dovecot-1.0-1.2.rc15.el5 #imap imaps pop3 pop3s</P> <P><BR>Cyrus-sasl部分<BR>[root@mailtest /]# rpm -qa|grep cyrus-sasl<BR>cyrus-sasl-lib-2.1.22-4<BR>cyrus-sasl-plain-2.1.22-4<BR>cyrus-sasl-devel-2.1.22-4<BR>cyrus-sasl-2.1.22-4<BR>cyrus-sasl-md5-2.1.22-4<BR>cyrus-sasl-sql-2.1.22-4</P> <P>OpenLDAP部分<BR>[root@mail pub]# rpm -qa|grep ldap<BR>openldap-2.3.27-5<BR>openldap-servers-2.3.27-5<BR>openldap-clients-2.3.27-5<BR>openldap-devel-2.3.27-5</P> <P>Openldap-2.0*是必要套件,一定要先安装;<BR>Openldap-servers*是服务器套件;<BR>openldap-clients*是操作程序套件;<BR>openldap-devel*是开发工具套件.<BR>db4-4.3.29-9.fc6 BreakDB<BR>db4-devel-4.3.29-9.fc6 BreakDB开发包</P> <P>如果需要用ldap做一些高级应用,还需要加装如下套件:<BR>php-ldap-5.1.6-5.el5<BR>python-ldap-2.2.0-2.1<BR>nss_ldap-253-3</P> <P><BR>下面的包是配置openLDAP的GUI管理界面lam所需要的<BR>mhash-0.9.9-1.el5<BR>php-mhash-5.1.6-12</P> <P><BR>Apache LDAP认证的模块,根据自己需要来安装<BR><A href="http://authzldap.othello.ch/"><FONT color=#0000ff>http://authzldap.othello.ch/</FONT></A><BR>mod_authz_ldap.i386</P> <P><BR>Spamassassin所依赖的包<BR>perl-Archive-Tar-1.30-1.fc6.noarch.rpm <BR>perl-IO-Socket-SSL-1.01-1.fc6.noarch.rpm<BR>perl-Compress-Zlib-1.42-1.fc6.i386.rpm <BR>perl-IO-Zlib-1.04-4.2.1.noarch.rpm<BR>perl-Digest-HMAC-1.01-15.noarch.rpm <BR>perl-Net-DNS-0.59-1.fc6.i386.rpm<BR>perl-Digest-SHA1-2.11-1.2.1.i386.rpm <BR>perl-Net-IP-1.25-2.fc6.noarch.rpm<BR>perl-HTML-Parser-3.55-1.fc6.i386.rpm <BR>perl-Net-SSLeay-1.30-4.fc6.i386.rpm<BR>perl-HTML-Tagset-3.10-2.1.1.noarch.rpm <BR>perl-Socket6-0.19-3.fc6.i386.rpm<BR>perl-IO-Socket-INET6-2.51-2.fc6.noarch.rpm </P> <P> </P> <P>Postfix所依赖的包<BR>db4-devel-4.3.29-9.fc6.i386.rpm<BR>e2fsprogs-devel-1.39-8.el5.i386.rpm<BR>krb5-devel-1.5-17.i386.rpm<BR>zlib-devel-1.2.3-3.i386.rpm<BR>openssl-devel-0.9.8b-8.3.el5.i386.rpm<BR>mysql-devel-5.0.22-2.1.i386.rpm<BR>cyrus-sasl-devel-2.1.22-4.i386.rpm</P> <P><BR>gcc所依赖的包<BR>libgomp-4.1.1-52.el5.i386.rpm</P> <P><BR>其他软件包<BR>perl-libwww-perl-5.805-1.1.1.noarch.rpm<BR>avahi-compat-howl-0.6.16-1.el5.i386.rpm<BR>perl-LDAP-0.33-3.fc6.noarch.rpm<BR>kernel-devel-2.6.18-8.el5.i686.rpm<BR>elfutils-libelf-0.125-3.el5.i386.rpm<BR>elfutils-libelf-devel-0.125-3.el5.i386.rpm<BR>rpm-build-4.4.2-37.el5.i386.rpm<BR>mutt-1.4.2.2-3.el5.i386.rpm</P> <P>建议安装与系统管理相关的两个包<BR>nmap-4.11-1.1.i386.rpm<BR>sysstat-7.0.0-3.el5.i386.rpm</P> <P>下面的两个软件包用于clamav的数字签名<BR>gmp-devel-4.1.4-10.el5<BR>gmp-4.1.4-10.el5</P> <P><BR>Note:安装系统是选择安装dovecot+spamassassin+gcc+openldap+php,并建议建立一个管理用户</P> <P><BR>2)DNS相关配置<BR>2.1)建立正向反向和MX记录<BR>[root@mail ~]# cat /var/named/named.test.hk<BR>$TTL 86400<BR>@ IN SOA test.hk. postmaster.test.hk. (<BR> 1997022700 ; Serial<BR> 28800 ; Refresh<BR> 14400 ; Retry<BR> 3600000 ; Expire<BR> 86400 ) ; Minimum<BR> IN NS mail.test.hk<BR>test.hk. IN MX 5 mail.test.hk.<BR>mail IN A 10.10.119.204<BR>www IN A 10.10.119.204<BR>[root@mail ~]# cat /var/named/named.10.10.119<BR>$TTL 86400<BR>@ IN SOA test.hk. postmaster.test.hk. (<BR> 1997022700 ; Serial<BR> 28800 ; Refresh<BR> 14400 ; Retry<BR> 3600000 ; Expire<BR> 86400 ) ; Minimum<BR> IN NS mail.test.hk<BR>204 IN PTR <A href="http://www.test.hk/"><FONT color=#0000ff>www.test.hk</FONT></A>.<BR>204 IN PTR mail.test.hk.<BR>[root@mailtest ~]# hostname<BR>mail.test.hk</P> <P><BR>2.2)测试DNS配置<BR>[root@mailtest ~]# nslookup mail.test.hk<BR>Server: 10.10.119.204<BR>Address: 10.10.119.204#53</P> <P>Name: mail.test.hk<BR>Address: 10.10.119.204</P> <P>[root@mailtest ~]# nslookup <A href="http://www.test.hk/"><FONT color=#0000ff>www.test.hk</FONT></A><BR>Server: 10.10.119.204<BR>Address: 10.10.119.204#53</P> <P>Name: <A href="http://www.test.hk/"><FONT color=#0000ff>www.test.hk</FONT></A><BR>Address: 10.10.119.204</P> <P>[root@mailtest ~]# nslookup 10.10.119.204<BR>Server: 10.10.119.204<BR>Address: 10.10.119.204#53</P> <P>204.119.10.10.in-addr.arpa name = mail.test.hk.<BR>204.119.10.10.in-addr.arpa name = <A href="http://www.test.hk/"><FONT color=#0000ff>www.test.hk</FONT></A>.</P> <P>[root@mailtest ~]# ping <A href="http://www.test.hk/"><FONT color=#0000ff>www.test.hk</FONT></A><BR>PING mailtest.test.hk (10.10.119.204) 56(84) bytes of data.<BR>64 bytes from mailtest.test.hk (10.10.119.204): icmp_seq=1 ttl=64 time=0.793 ms<BR>64 bytes from mailtest.test.hk (10.10.119.204): icmp_seq=2 ttl=64 time=0.046 ms<BR>64 bytes from mailtest.test.hk (10.10.119.204): icmp_seq=3 ttl=64 time=0.040 ms</P> <P>--- mailtest.test.hk ping statistics ---<BR>3 packets transmitted, 3 received, 0% packet loss, time 2002ms<BR>rtt min/avg/max/mdev = 0.040/0.293/0.793/0.353 ms<BR>[root@mailtest ~]# ping mail.test.hk<BR>PING mail.test.hk (10.10.119.204) 56(84) bytes of data.<BR>64 bytes from mail.test.hk (10.10.119.204): icmp_seq=1 ttl=64 time=0.395 ms<BR>64 bytes from mail.test.hk (10.10.119.204): icmp_seq=2 ttl=64 time=0.037 ms<BR>64 bytes from mail.test.hk (10.10.119.204): icmp_seq=3 ttl=64 time=0.038 ms</P> <P>--- mail.test.hk ping statistics ---<BR>3 packets transmitted, 3 received, 0% packet loss, time 2001ms<BR>rtt min/avg/max/mdev = 0.037/0.156/0.395/0.169 ms</P> <P>Note:DNS的配置错误多看Bind的日志文件/var/log/messages</P> <P><BR>3)安装Postfix<BR>虽然CentOS 5自带Postfix,但因为其不支持SSL及Mysql/LDAP,所以我们需要自行编译</P> <P>[root@mailtest /]# rpm -e sendmail --nodeps #卸载系统自带的sendmail<BR>[root@mailtest /]# groupadd postfix #添加postfix用户<BR>[root@mailtest /]# groupadd postdrop #添加postdrop组<BR>[root@mailtest /]# useradd postfix -g postfix -G postdrop -c "Postfix User" -d /dev/null -s /sbin/nologin #添加postfix用户<BR>[root@mailtest /]# mkdir -p /tmp/postfix #建立postfix的临时目录<BR>[root@mailtest /]# chown -R postfix.postfix /tmp/postfix #给postfix的临时目录相关权限<BR>[root@mailtest /]# mkdir -p /home/domains/ #建立虚拟邮件用户的邮件存放目录<BR>[root@mailtest /]# chown -R postfix.postfix /home/domains/ #给虚拟邮件用户的邮件存放目录相关权限<BR>[root@mailtest /]# tar zxvf postfix-2.4.6.tar.gz #解压postfix包<BR>[root@mailtest /]# cd postfix-2.4.6 #进入postfix解压目录<BR>[root@mailtest postfix-2.4.5]# make -f Makefile.init makefiles 'CCARGS=-DHAS_MYSQL -I/usr/include/mysql -DUSE_TLS -DUSE_CYRUS_SASL -DUSE_SASL_AUTH -I/usr/include/sasl -DHAS_LDAP' 'AUXLIBS=-L/usr/lib/mysql -lmysqlclient -lz -lm -L/usr/lib -lssl -lcrypto -lsasl2 -L/usr/lib/openldap -llber -lldap' #配置编译环境支持sasl/tls/mysql/ldap.相关编译参数参考readme文件<BR> </P> <P>[root@mailtest postfix-2.4.6]# make #编译postfix<BR>[root@mailtest postfix-2.4.6]# make install #安装postfix文件到相应目录并配置<BR>Note:make install命令后的所有问题都直接敲回车键即可。最好能改下临时目录到/tmp/postfix</P> <P>生成别名二进制文件,这个步骤如果忽略,会造成postfix效率极低:<BR>[root@mailtest postfix-2.4.6]# newaliases</P> <P><BR>4)配置Postfix<BR>4.1)配置Postfix的主配置文件 /etc/postfix/main.cf<BR>#=====================BASE=========================<BR>myhostname = mail.test.hk #postfix服务的邮件主机的主机名,建虚拟域时不要建这个同名的<BR>mydomain = test.hk #postfix服务的邮件主机的域名<BR>myorigin = $mydomain #设置由本机寄出的邮件所使用的域名或主机名称<BR>mydestination = $myhostname localhost localhost.$mydomain #设置可接收邮件的主机名称或域名<BR>mynetworks = 10.10.119.0/24 127.0.0.0/8 #设置可转发哪些网络的邮件,不需要认证的网段<BR>inet_interfaces = all #设置postfix服务监听的网络接口<BR>#relay_domains = $mydestination #设置可转发哪些网域的邮件</P> <P>#=====================Vritual Mailbox settings=========================<BR>virtual_mailbox_base = /home/domains<BR>virtual_mailbox_maps = ldap:/etc/postfix/ldap/ldap_virtual_mailbox_maps.cf<BR>virtual_mailbox_domains = ldap:/etc/postfix/ldap/ldap_virtual_domains_maps.cf<BR>virtual_alias_domains =<BR>virtual_alias_maps = ldap:/etc/postfix/ldap/ldap_virtual_alias_maps.cf<BR>virtual_uid_maps = static:501<BR>virtual_gid_maps = static:502<BR>virtual_transport = virtual<BR>maildrop_destination_recipient_limit = 1<BR>maildrop_destination_concurrency_limit = 1</P> <P>#====================QUOTA========================<BR>message_size_limit = 5242880 #每个邮件最大尺寸5M<BR>mailbox_size_limit = 209715200 #邮箱大小限制200M<BR>virtual_mailbox_limit = 209715200 #虚拟邮箱大小限制200M<BR>virtual_create_maildirsize = yes<BR>virtual_mailbox_extended = yes<BR>virtual_mailbox_limit_maps = ldap:/etc/postfix/ldap/ldap_virtual_limit_maps.cf<BR>virtual_mailbox_limit_override = yes<BR>virtual_maildir_limit_message = Sorry, the user's maildir has overdrawn his diskspace quota, please try again later.<BR>virtual_overquota_bounce = yes</P> <P>#====================SASL========================<BR>smtpd_sasl_type = dovecot #使用dovecot进行验证<BR>smtpd_sasl_path = /var/run/dovecot/auth-client #与dovecot.conf中如下的的path一致<BR>broken_sasl_auth_clients = yes<BR>smtpd_recipient_restrictions = permit_mynetworks,<BR> permit_sasl_authenticated,<BR> reject_invalid_hostname,<BR> reject_non_fqdn_hostname,<BR> reject_unknown_sender_domain,<BR> reject_non_fqdn_sender,<BR> reject_non_fqdn_recipient,<BR> reject_unknown_recipient_domain,<BR> reject_unauth_pipelining,<BR> reject_unauth_destination,<BR> permit</P> <P> </P> <P># From: 本地域 To: 任何地址 必须认证且验证用户和From:必须一致<BR># From: 任何非本地地址 To: 本地地址 无需认证<BR># From: 任何非本地 To: 任何地址 拒绝</P> <P>#列出本地用户的列表,以便验证 From: 本地域 To: 本地域<BR>#smtpd_sender_login_maps =<BR># mysql:/etc/postfix/mysql/mysql_virtual_sender_maps.cf,<BR># mysql:/etc/postfix/mysql/mysql_virtual_alias_maps.cf</P> <P>#smtpd_reject_unlisted_sender = yes</P> <P>#本地域向本地域发信也需要SMTP身份验证<BR>#smtpd_sender_restrictions =<BR># reject_sender_login_mismatch,<BR># reject_authenticated_sender_login_mismatch,<BR># reject_unauthenticated_sender_login_mismatch</P> <P><BR>#smtpd_error_sleep_time = 1s<BR>#smtpd_soft_error_limit = 10<BR>#smtpd_hard_error_limit = 20</P> <P><BR>smtpd_sasl_auth_enable = yes<BR>smtpd_sasl_local_domain = $myhostname<BR>smtpd_sasl_security_options = noanonymous<BR>smtpd_sasl_application_name = smtpd<BR>smtpd_banner=$myhostname ESMTP "Version not Available"</P> <P>readme_directory = no<BR>sample_directory = /etc/postfix<BR>sendmail_path = /usr/sbin/sendmail<BR>html_directory = no<BR>setgid_group = postdrop<BR>command_directory = /usr/sbin<BR>manpage_directory = /usr/local/man<BR>daemon_directory = /usr/libexec/postfix<BR>newaliases_path = /usr/bin/newaliases<BR>mailq_path = /usr/bin/mailq<BR>queue_directory = /var/spool/postfix<BR>mail_owner = postfix</P> <P>#====================SSL/TLS========================<BR>smtp_use_tls = yes<BR>smtpd_use_tls = yes<BR>smtp_tls_note_starttls_offer = yes<BR>smtpd_tls_key_file = /etc/ssl/smtpd.pem<BR>smtpd_tls_cert_file = /etc/ssl/smtpd.pem<BR>smtpd_tls_CAfile = /etc/ssl/smtpd.pem<BR>smtpd_tls_loglevel = 1<BR>smtpd_tls_received_header = yes<BR>smtpd_tls_session_cache_timeout = 3600s<BR>tls_random_source = dev:/dev/urandom</P> <P><BR>生成证书<BR>[root@mailtest postfix]# mkdir /etc/ssl<BR>[root@mailtest postfix]# cd /etc/ssl<BR>[root@mailtest ssl]# openssl req -new -x509 -nodes -out smtpd.pem -keyout smtpd.pem -days 3650<BR>Generating a 1024 bit RSA private key<BR>..++++++<BR>..++++++<BR>writing new private key to 'smtpd.pem'<BR>-----<BR>You are about to be asked to enter information that will be incorporated<BR>into your certificate request.<BR>What you are about to enter is what is called a Distinguished Name or a DN.<BR>There are quite a few fields but you can leave some blank<BR>For some fields there will be a default value,<BR>If you enter '.', the field will be left blank.<BR>-----<BR>Country Name (2 letter code) [GB]:CN<BR>State or Province Name (full name) [Berkshire]:GD<BR>Locality Name (eg, city) [Newbury]:DG<BR>Organization Name (eg, company) [My Company Ltd]:www.test.hk<BR>Organizational Unit Name (eg, section) []:PROC<BR>Common Name (eg, your name or your server's hostname) []:www.test.hk<BR>Email Address []:test1@test.hk</P> <P><BR>4.2)配置Postfix虚拟用户的配置文件<BR>[root@mail ~]# cat /etc/postfix/ldap/ldap_virtual_alias_maps.cf<BR>server_host = localhost<BR>search_base = o=extmailAlias,dc=test.hk<BR>query_filter = (&(objectClass=extmailAlias)(mailLocalAddress=%s)(active=1))<BR>result_attribute = mail<BR>cache = no<BR>bind = no<BR>scope = sub</P> <P>[root@mail ~]# cat /etc/postfix/ldap/ldap_virtual_domains_maps.cf<BR>server_host = localhost<BR>search_base = o=extmailAccount,dc=test.hk<BR>query_filter = (&(objectClass=extmailDomain)(virtualDomain=%s)(active=1))<BR>result_attribute = virtualDomain<BR>cache = no<BR>bind = no<BR>scope = sub</P> <P>[root@mail ~]# cat /etc/postfix/ldap/ldap_virtual_limit_maps.cf<BR>server_host = localhost<BR>search_base = o=extmailAccount,dc=test.hk<BR>query_filter = (&(objectClass=extmailUser)(mail=%s)(active=1))<BR>result_attribute = mailQuota<BR>cache = no<BR>bind = no<BR>scope = sub</P> <P>[root@mail ~]# cat /etc/postfix/ldap/ldap_virtual_mailbox_maps.cf<BR>server_host = localhost<BR>search_base = o=extmailAccount,dc=test.hk<BR>query_filter = (&(objectClass=extmailUser)(mail=%s)(active=1))<BR>result_attribute = mailMessageStore<BR>cache = no<BR>bind = no<BR>scope = sub</P> <P>[root@mail ~]# cat /etc/postfix/ldap/ldap_virtual_sender_maps.cf<BR>server_host = localhost<BR>search_base = o=extmailAccount,dc=test.hk<BR>query_filter = (&(objectClass=extmailUser)(mail=%s)(active=1))<BR>result_attribute = mail<BR>cache = no<BR>bind = no<BR>scope = sub</P> <P>[root@mail ~]# cat /etc/postfix/ldap/init.ldif<BR># test.hk<BR>dn: dc=test.hk<BR>objectClass: organization<BR>objectClass: dcObject<BR>dc: test.hk<BR>o: test.hk</P> <P># Manager, test.hk<BR>dn: cn=Manager,dc=test.hk<BR>objectClass: top<BR>objectClass: organizationalRole<BR>cn: Manager</P> <P># domains + users: o=extmailAccount, dc=test.hk<BR>dn: o=extmailAccount,dc=test.hk<BR>objectClass: organization<BR>o: extmailAccount</P> <P># aliases: o=extmailAlias, dc=test.hk<BR>dn: o=extmailAlias,dc=test.hk<BR>objectClass: organization<BR>o: extmailAlias</P> <P># manager: o=extmailManager, dc=test.hk<BR>dn: o=extmailManager,dc=test.hk<BR>objectClass: organization<BR>o: extmailManager</P> <P># Domain: virtualDomain=test.hk, o=extmailAccount, dc=test.hk<BR>dn: virtualDomain=test.hk, o=extmailAccount, dc=test.hk<BR>virtualDomain: test.hk<BR>description: A virtualDomain for test.hk<BR>hashDirPath: A0/B0<BR>Transport: virtual:<BR>domainMaxQuota: 1073741824<BR>domainMaxUsers: 50<BR>domainMaxAlias: 50<BR>domainMaxNetStore: 1073741824<BR>defaultQuota: 5242880<BR>defaultNetStore: 5242880<BR>defaultExpire: 1y<BR>disablesmtpd: 0<BR>disablesmtp: 0<BR>disablewebmail: 0<BR>disablenetdisk: 0<BR>disableimap: 1<BR>disablepop3: 0<BR>active: 1<BR>expireDate: 2010-10-01 10:00:01<BR>createDate: 2007-02-14 13:47:56<BR>objectclass: top<BR>objectclass: extmailDomain</P> <P># User: <A href="mailto:mail=postmaster@test.hk"><FONT color=#0000ff>mail=postmaster@test.hk</FONT></A>, virtualDomain=test.hk, o=extmailAccount, dc=test.hk<BR>dn: <A href="mailto:mail=postmaster@test.hk"><FONT color=#0000ff>mail=postmaster@test.hk</FONT></A>, virtualDomain=test.hk, o=extmailAccount, dc=test.hk<BR>cn: Test user<BR>uid: test<BR>mail: <A href="mailto:postmaster@test.hk"><FONT color=#0000ff>postmaster@test.hk</FONT></A><BR>virtualDomain: test.hk<BR>mailMessageStore: test.hk/postmaster/Maildir/<BR>homeDirectory: test.hk/postmaster<BR>userName: <A href="mailto:postmaster@test.hk"><FONT color=#0000ff>postmaster@test.hk</FONT></A><BR>mailQuota: 104857600S<BR>netdiskQuota: 52428800S<BR>uidNumber: 1000<BR>gidNumber: 1000<BR>userPassword: {CRYPT}$1$phz1mRrj$3ok6BjeaoJYWDBsEPZb5C0<BR>active: 1<BR>disablesmtpd: 0<BR>disablesmtp: 0<BR>disablewebmail: 0<BR>disablenetdisk: 0<BR>disableimap: 0<BR>disablepop3: 0<BR>expireDate: 2010-10-01 00:00:00<BR>createDate: 2007-02-14 17:56:33<BR>objectClass: top<BR>objectClass: uidObject<BR>objectClass: extmailUser</P> <P># Alias: <A href="mailto:mailLocalAddress=support@test.hk"><FONT color=#0000ff>mailLocalAddress=support@test.hk</FONT></A>, o=extmailAlias, dc=test.hk<BR>dn: <A href="mailto:mailLocalAddress=support@test.hk"><FONT color=#0000ff>mailLocalAddress=support@test.hk</FONT></A>, o=extmailAlias, dc=test.hk<BR>mailLocalAddress: <A href="mailto:support@test.hk"><FONT color=#0000ff>support@test.hk</FONT></A><BR>virtualDomain: test.hk<BR>mail: <A href="mailto:postmaster@test.hk"><FONT color=#0000ff>postmaster@test.hk</FONT></A><BR>active: 1<BR>objectclass: extmailAlias</P> <P># Manager: <A href="mailto:mail=root@test.hk"><FONT color=#0000ff>mail=root@test.hk</FONT></A>, o=extmailManager, dc=test.hk<BR>dn: <A href="mailto:mail=root@test.hk"><FONT color=#0000ff>mail=root@test.hk</FONT></A>, o=extmailManager, dc=test.hk<BR>cn: Root<BR>uid: root<BR>mail: <A href="mailto:root@test.hk"><FONT color=#0000ff>root@test.hk</FONT></A><BR>userPassword: {CRYPT}$1$BrT9qxfB$Ha81Mb5YVV6rNKNN5jmtj1<BR>managerType: admin<BR>active: 1<BR>question: who are you?<BR>answer: postmaster<BR>disablePasswdChange: 0<BR>createDate: 2007-02-14 18:32:14<BR>expireDate: 2010-08-01 00:00:00<BR>objectclass: top<BR>objectclass: extmailManager</P> <P><BR>[root@mail ~]# cp /etc/openldap/DB_CONFIG.example /var/lib/ldap/DB_CONFIG<BR>[root@mail ~]# slapadd -vl init.ldif<BR>[root@mail ~]# chown -R ldap.ldap /var/lib/ldap/<BR>[root@mail ~]# chkconfig --level 0123456 ldap on<BR>[root@mail ~]# service ldap start</P> <P> </P> <P><BR>5)配置dovecot<BR>5.1)配置dovecot的主配置文件/etc/dovecot.conf<BR>[root@mail /]# cp /etc/dovecot.conf /etc/dovecot.conf-orig #备份一份dovecot的原始配置文件<BR>[root@mail /]# vi /etc/dovecot.conf #编辑dovecot配置文件<BR>base_dir=/var/run/dovecot<BR>protocols=imap imaps pop3 pop3s<BR>listen=*<BR>mail_location = maildir:/home/domains/%d/%n/Maildir #虚拟用户maildir形式的邮箱路径(和Extmail一致)<BR>auth default {<BR>mechanisms = plain login #认证方法(ldap认证不支持除plain login外的)<BR>passdb ldap { #去掉前面的注释<BR>args = /etc/dovecot-ldap.conf #定义mysql文件路径<BR>userdb ldap { #去掉前面的注释<BR>args = /etc/dovecot-ldap.conf #定义mysql文件路径<BR>socket listen {<BR>client {<BR>path = /var/run/dovecot/auth-client<BR> mode = 0660<BR> user = postfix #添加<BR> group = postfix #添加<BR> } #去掉前面的注释<BR> } #去掉前面的注释<BR>}</P> <P>5.2)配置dovecot的ldap认证配置文件<BR>[root@mail ldap]# cat /etc/dovecot-ldap.conf<BR>hosts = 10.10.119.204:389<BR>dn = cn=Manager,dc=test.hk<BR>dnpass = 123456<BR>ldap_version = 3<BR>base = o=extmailAccount,dc=test.hk<BR>deref = never<BR>scope = subtree<BR>user_attrs = mail,homeDirectory,,,uidNumber,gidNumber<BR>user_filter = (&(objectClass=extmailUser)(mail=%u)(active=1))<BR>pass_attrs = mail,userPassword<BR>pass_filter = (&(objectClass=extmailUser)(mail=%u)(active=1))<BR>default_pass_scheme = crypt<BR>user_global_uid = postfix<BR>user_global_gid = postfix<BR>auth_bind = yes</P> <P> </P> <P>6)测试发信认证及收信<BR>您可以通过登录postfixadmin新建虚拟域和虚拟用户,也可以直接在mysql中进行创建;<BR>本示例中创建了一个虚拟域:test.hk,并创建了两个虚拟用户:<BR><A href="mailto:test1@test.hk"><FONT color=#0000ff>test1@test.hk</FONT></A>和<A href="mailto:test2@test1.hk"><FONT color=#0000ff>test2@test1.hk</FONT></A>,密码分别为test1和test2</P> <P>由于login认证采用Base64编码格式,故先将用户test1\@test.hk的登录名和密码进行相应的编码:<BR>[root@mailtest postfix]# perl -e 'use MIME::Base64; print encode_base64("test1\@test.hk")'<BR>dGVzdDFAdGVzdC5oaw== </P> <P>[root@mailtest postfix]# perl -e 'use MIME::Base64; print encode_base64("test1")'<BR>dGVzdDE=</P> <P>6.1)LOGIN登录测试:<BR>C:\>telnet 10.10.119.204 25<BR>220 mail.test.hk ESMTP "Version not Available"<BR>ehlo mail<BR>250-mail.test.hk<BR>250-PIPELINING<BR>250-SIZE 5242880<BR>250-VRFY<BR>250-ETRN<BR>250-STARTTLS<BR>250-AUTH PLAIN LOGIN<BR>250-AUTH=PLAIN LOGIN<BR>250-ENHANCEDSTATUSCODES<BR>250-8BITMIME<BR>250 DSN<BR>AUTH LOGIN<BR>334 VXNlcm5hbWU6<BR>dGVzdDFAdGVzdC5oaw==<BR>334 UGFzc3dvcmQ6<BR>dGVzdDE=<BR>235 2.0.0 Authentication successful<BR>mail from:test1\@test.hk<BR>250 2.1.0 Ok<BR>rcpt to:test2\@test.hk<BR>250 2.1.5 Ok<BR>data<BR>354 Please start mail input.<BR>test send mail<BR>.<BR>quit<BR>221 Closing connection. Good bye.</P> <P>Connection to host lost.<BR>C:\></P> <P><BR>6.2)POP3收信测试<BR>先对用户<A href="mailto:test2@test.hk"><FONT color=#0000ff>test2@test.hk</FONT></A>进行Base64编码,而后认证登入,测试pop3收信<BR>[root@mailtest postfix]# perl -e 'use MIME::Base64; print encode_base64("test2\@test.hk")'<BR>dGVzdDJAdGVzdC5oaw==<BR>[root@mailtest postfix]# perl -e 'use MIME::Base64; print encode_base64("test2")'<BR>dGVzdDI=</P> <P><BR>C:\>telnet 10.10.119.204 110<BR>+OK Dovecot ready.<BR>AUTH LOGIN<BR>+ VXNlcm5hbWU6<BR>dGVzdDJAdGVzdC5oaw==<BR>+ UGFzc3dvcmQ6<BR>dGVzdDI=<BR>+OK Logged in.<BR>LIST<BR>+OK 1 messages:<BR>1 1410<BR>.<BR>RETR 1<BR>+OK 1410 octets<BR>Return-Path: <<A href="mailto:test1@test.hk"><FONT color=#0000ff>test1@test.hk</FONT></A>><BR>X-Original-To: <A href="mailto:test2@test.hk"><FONT color=#0000ff>test2@test.hk</FONT></A><BR>Delivered-To: <A href="mailto:test2@test.hk"><FONT color=#0000ff>test2@test.hk</FONT></A><BR>Received: from d2800js7mh1x (unknown [10.10.119.250])<BR> by mail.test.hk (Postfix) with ESMTP id E8D9413B540<BR> for <<A href="mailto:test2@test.hk"><FONT color=#0000ff>test2@test.hk</FONT></A>>; Fri, 16 Nov 2007 08:23:43 +0800 (CST)<BR>Message-ID: <<A href="mailto:000801c827f4$d041b610$fa770a0a@d2800js7mh1x"><FONT color=#0000ff>000801c827f4$d041b610$fa770a0a@d2800js7mh1x</FONT></A>><BR>From: "test1" <<A href="mailto:test1@test.hk"><FONT color=#0000ff>test1@test.hk</FONT></A>><BR>To: <<A href="mailto:test2@test.hk"><FONT color=#0000ff>test2@test.hk</FONT></A>><BR>Subject: test.hk<BR>Date: Fri, 16 Nov 2007 10:02:55 +0800<BR>MIME-Version: 1.0<BR>Content-Type: multipart/alternative;<BR> boundary="----=_NextPart_000_0003_01C82837.DBACB3E0"<BR>X-Priority: 3<BR>X-MSMail-Priority: Normal<BR>X-Mailer: Microsoft Outlook Express 6.00.2900.3138<BR>X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3198</P> <P>This is a multi-part message in MIME format.</P> <P>------=_NextPart_000_0003_01C82837.DBACB3E0<BR>Content-Type: text/plain;<BR> charset="gb2312"<BR>Content-Transfer-Encoding: quoted-printable</P> <P>test.hk<BR>------=_NextPart_000_0003_01C82837.DBACB3E0<BR>Content-Type: text/html;<BR> charset="gb2312"<BR>Content-Transfer-Encoding: quoted-printable</P> <P><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"><BR><HTML><HEAD><BR><META http-equiv=3DContent-Type content=3D"text/html; charset=3Dgb2312"><BR><META content=3D"MSHTML 6.00.2900.3199" name=3DGENERATOR><BR><STYLE></STYLE><BR></HEAD><BR><BODY bgColor=3D#ffffff><BR><DIV><FONT face=3DArial size=3D2>test.hk</FONT></DIV></BODY></HTML></P> <P>------=_NextPart_000_0003_01C82837.DBACB3E0--</P> <P><BR>.</P> <P>7)安装Extmail-1.0.2<BR>7.1)解压安装<BR># tar zxvf extmail-1.0.2.tar.gz<BR># mkdir -p /var/www/extsuite<BR># mv extmail-1.0.2 /var/www/extsuite/extmail<BR># cp /var/www/extsuite/extmail/webmail.cf.default /var/www/extsuite/extmail/webmail.cf</P> <P>7.2)修改Extmail主配置文件<BR># vi /var/www/extsuite/extmail/webmail.cf<BR>部分修改选项的说明:</P> <P>SYS_SESS_DIR = /tmp/<BR>临时目录选项,可改作:<BR>SYS_SESS_DIR = /tmp/extmail/</P> <P>然后建立目录并附权限<BR>[root@mailtest extmail]# mkdir -p /tmp/extmail<BR>[root@mailtest extmail]# chown -R postfix.postfix /tmp/extmail/</P> <P>SYS_MESSAGE_SIZE_LIMIT = 5242880<BR>用户可以发送的最大邮件</P> <P>SYS_USER_LANG = en_US<BR>语言选项,可改作:<BR>SYS_USER_LANG = zh_CN</P> <P>SYS_LOG_TYPE = syslog<BR>LOG选项,如果用syslog,需要安装Unix:syslog模块,此处选择用ASCII文件作为日志<BR>SYS_LOG_TYPE = file</P> <P>生成extmail日志文件并赋予权限<BR>[root@mailtest extmail]# touch /var/log/extmail.log<BR>[root@mailtest extmail]# chown postfix.postfix /var/log/extmail.log</P> <P><BR>SYS_MAILDIR_BASE = /home/domains<BR>[root@mailtest extmail]# mkdir -p /home/domains<BR>[root@mailtest extmail]# chown -R postfix.postfix /home/domains</P> <P>SYS_BACKEND_TYPE = mysql<BR>后台数据库选项,可改作:<BR>SYS_BACKEND_TYPE = ldap</P> <P>SYS_LDAP_BASE = o=extmailAccount,dc=example.com<BR>SYS_LDAP_RDN = cn=Manager,dc=example.com<BR>SYS_LDAP_PASS = secret<BR>以上三句用来设置连接数据库服务器所使用用户名、密码和邮件服务器用到的数据库,这里修改为:<BR>SYS_LDAP_BASE = o=extmailAccount,dc=test.hk<BR>SYS_LDAP_RDN = cn=Manager,dc=test.hk<BR>SYS_LDAP_PASS = 123456</P> <P> </P> <P>SYS_G_ABOOK_TYPE = file<BR>全集地址本选项,可改作:<BR>SYS_G_ABOOK_TYPE = ldap</P> <P> </P> <P>SYS_G_ABOOK_LDAP_BASE = ou=AddressBook,dc=example.com<BR>SYS_G_ABOOK_LDAP_ROOTDN = cn=Manager,dc=example.com<BR>SYS_G_ABOOK_LDAP_ROOTPW = secret<BR>SYS_G_ABOOK_LDAP_FILTER = objectClass=OfficePerson<BR>全集地址本选项,可改作:<BR>SYS_G_ABOOK_LDAP_BASE i= ou=AddressBook,dc=test.hk<BR>SYS_G_ABOOK_LDAP_ROOTDN = cn=Manager,dc=test.hk<BR>SYS_G_ABOOK_LDAP_ROOTPW = 123456<BR>SYS_G_ABOOK_LDAP_FILTER = objectClass=OfficePerson</P> <P><BR>SYS_CRYPT_TYPE = md5crypt<BR>密码加密选项,可改作:<BR>SYS_CRYPT_TYPE = crypt</P> <P> </P> <P>7.3)APACHE相关配置<BR>由于extmail要进行本地邮件的投递操作,故必须将运行apache服务器用户的身份修改为您的邮件投递代理的用户;本例中打开了apache服务器的suexec功能,故使用以下方法来实现虚拟主机运行身份的指定。此例中的MDA为postfix自带,因此将指定为postfix用户:</P> <P>备份一份Apache的主配置文件<BR>[root@mailtest soft]# cp /etc/httpd/conf/httpd.conf /etc/httpd/conf/httpd.conf-orig</P> <P>注释掉#DocumentRoot "/var/www/html"启用基于域名的虚拟主机<BR><VirtualHost 10.10.119.204:80><BR>ServerName mail.test.hk<BR>DocumentRoot /var/www/extsuite/extmail/html/<BR>ScriptAlias /extmail/cgi /var/www/extsuite/extmail/cgi<BR>Alias /extmail /var/www/extsuite/extmail/html<BR>SuexecUserGroup postfix postfix<BR></VirtualHost></P> <P><VirtualHost 10.10.119.204:80><BR>ServerName <A href="http://www.test.hk/"><FONT color=#0000ff>www.test.hk</FONT></A><BR>DocumentRoot /var/www/html/<BR></VirtualHost></P> <P>注意修改下面的几项:<BR>Listen 10.10.119.204:80<BR>ServerName 10.10.119.204:80<BR>NameVirtualHost 10.10.119.204:80</P> <P> </P> <P><BR>修改 cgi执行文件属主为apache运行身份用户:<BR>[root@mailtest soft]# chown -R postfix.postfix /var/www/extsuite/extmail/cgi/</P> <P> </P> <P><BR>如果您没有打开apache服务器的suexec功能,也可以使用以下方法解决:<BR>[root@mailtest soft]# vi /etc/httpd/config/httpd.conf<BR>User postfix<BR>Group postfix</P> <P><VirtualHost mail.test.hk:80><BR>ServerName mail.test.hk<BR>DocumentRoot /var/www/extsuite/extmail/html/<BR>ScriptAlias /extmail/cgi /var/www/extsuite/extmail/cgi<BR>Alias /extmail /var/www/extsuite/extmail/html<BR>ScriptAlias /extman/cgi /var/www/extsuite/extman/cgi<BR>Alias /extman /var/www/extsuite/extman/html<BR></VirtualHost></P> <P> </P> <P>7.4)Extmail依赖关系的解决<BR>extmail将会用到perl的DBD::Mysql和Unix::syslogd功能,对于第一个模块,我是安装OS自带的RPM包,第二个模块没有使用,前面有说明<BR>perl-DBD-MySQL-3.0007-1.fc6</P> <P><BR>下面是网上的方法解决依赖问题<BR>extmail将会用到perl的DBD::Mysql和Unix::syslogd功能,您可以去<A href="http://search.cpan.org/"><FONT color=#0000ff>http://search.cpan.org</FONT></A>搜索下载原码包进行安装。<BR># tar zxvf Unix-Syslog-0.100.tar.gz<BR># cd Unix-Syslog-0.100<BR># perl Makefile.PL<BR># make<BR># make install</P> <P>DBD-Mysql目前最新的版本为DBD-mysql-4.005,但它和系统中的perl结合使用时会造成extmail无法正常使用,因此我们采用3的版本:<BR># tar zxvf DBD-mysql-3.0002_4.tar.gz <BR># cd cd DBD-mysql-3.0002_4<BR># perl Makefile.PL (此步骤中如果出现类同Can't exec "mysql_config": No such file or directory at Makefile.PL line 76.的错误是因为您的mysql的bin目录没有输出至$PATH环境变量)<BR># make<BR># make install</P> <P>8)安装Extman-0.2.2<BR>8.1)解压安装<BR>[root@mailtest soft]# tar zxvf extman-0.2.2.tar.gz<BR>[root@mailtest soft]# mv extman-0.2.2 /var/www/extsuite/extman<BR>[root@mail rpm]# cd /var/www/extsuite/extman/docs/<BR>[root@mail docs]# cp extmail.schema /etc/openldap/schema/<BR>[root@mail docs]# cp ldap_virtual_* /etc/postfix/ldap/</P> <P><BR>8.2)修改Extman的主配置文件<BR>[root@mailtest soft]# vi /var/www/extsuite/extman/webman.cf</P> <P>SYS_SESS_DIR = /tmp/<BR>临时目录选项,可改作:<BR>SYS_SESS_DIR = /tmp/extman/</P> <P>然后建立目录并附权限<BR>[root@mailtest extmail]# mkdir -p /tmp/extman<BR>[root@mailtest extmail]# chown -R postfix.postfix /tmp/extman/</P> <P>SYS_CAPTCHA_ON = 1<BR>显示图形验证码,可改作:<BR>SYS_CAPTCHA_ON = 0</P> <P><BR>SYS_GROUPMAIL_SENDER = <A href="mailto:postmaster@extmail.org"><FONT color=#0000ff>postmaster@extmail.org</FONT></A></P> <P>SYS_GROUPMAIL_SENDER = <A href="mailto:postmaster@test.hk"><FONT color=#0000ff>postmaster@test.hk</FONT></A></P> <P><BR>SYS_CRYPT_TYPE = md5crypt<BR>密码加密选项,可改作:<BR>SYS_CRYPT_TYPE = crypt</P> <P>SYS_BACKEND_TYPE = mysql<BR>后台数据库选项,可改作:<BR>SYS_BACKEND_TYPE = ldap</P> <P>SYS_LDAP_BASE = dc=extmail.org<BR>SYS_LDAP_RDN = cn=Manager,dc=extmail.org<BR>SYS_LDAP_PASS = 123456<BR>LDAP配置选项,可改作:<BR>SYS_LDAP_BASE = dc=test.hk<BR>SYS_LDAP_RDN = cn=Manager,dc=test.hk<BR>SYS_LDAP_PASS = 123456</P> <P><BR>修改cgi执行文件属主为apache运行身份用户<BR>[root@mailtest soft]# chown -R postfix.postfix /var/www/extsuite/extman/cgi/</P> <P><BR>8.3)APACHE相关配置 <BR>在apache的主配置文件中Extmail的虚拟主机部分,添加如下两行:<BR>ScriptAlias /extman/cgi /var/www/extsuite/extman/cgi<BR>Alias /extman /var/www/extsuite/extman/html</P> <P>最后虚拟主机的配置文件成为下面的这个样子<BR><VirtualHost 10.10.119.204:80><BR>ServerName mail.test.hk<BR>DocumentRoot /var/www/extsuite/extmail/html/<BR>ScriptAlias /extmail/cgi /var/www/extsuite/extmail/cgi<BR>Alias /extmail /var/www/extsuite/extmail/html<BR>ScriptAlias /extman/cgi /var/www/extsuite/extman/cgi<BR>Alias /extman /var/www/extsuite/extman/html<BR>SuexecUserGroup postfix postfix<BR></VirtualHost></P> <P><VirtualHost 10.10.119.204:80><BR>ServerName <A href="http://www.test.hk/"><FONT color=#0000ff>www.test.hk</FONT></A><BR>DocumentRoot /var/www/html/<BR></VirtualHost></P> <P>配置Mailgraph_ext,使用Extman的图形日志<BR>接下来安装图形日志的运行所需要的软件包Time::HiRes、File::Tail和rrdtool,其中前两个包您可以去<A href="http://search.cpan.org/"><FONT color=#0000ff>http://search.cpan.org</FONT></A>搜索并下载获得,后一个包您可以到 <A href="http://oss.oetiker.ch/rrdtool/pub/?M=D"><FONT color=#0000ff>http://oss.oetiker.ch/rrdtool/pub/?M=D</FONT></A>下载获得; 注意安装顺序不能改换。</P> <P>安装Time::HiRes<BR>#tar zxvf Time-HiRes-1.9707.tar.gz <BR>#cd Time-HiRes-1.9707<BR>#perl Makefile.PL <BR>#make<BR>#make test<BR>#make install</P> <P>安装File::Tail<BR>#tar zxvf File-Tail-0.99.3.tar.gz <BR>#cd File-Tail-0.99.3<BR>#perl Makefile.PL <BR>#make<BR>#make test<BR>#make install</P> <P>安装rrdtool-1.2.26<BR>#tar zxvf rrdtool-1.2.26.tar.gz <BR>#cd rrdtool-1.2.26<BR>#./configure --prefix=/usr/local/rrdtool<BR>#make<BR>#make install</P> <P>创建必要的符号链接(Extman会到这些路径下找相关的库文件)<BR>#ln -sv /usr/local/rrdtool/lib/perl/5.8.8/i386-linux-thread-multi/auto/RRDs/RRDs.so /usr/lib/perl5/5.8.8/i386-linux-thread-multi/<BR>#ln -sv /usr/local/rrdtool/lib/perl/5.8.8/RRDp.pm /usr/lib/perl5/5.8.8<BR>#ln -sv /usr/local/rrdtool/lib/perl/5.8.8/i386-linux-thread-multi/RRDs.pm /usr/lib/perl5/5.8.8</P> <P>复制mailgraph_ext到/usr/local,并启动之<BR># cp -r /var/www/extsuite/extman/addon/mailgraph_ext /usr/local <BR># /usr/local/mailgraph_ext/mailgraph-init start<BR># /usr/local/mailgraph_ext/qmonitor-init start</P> <P>添加到自动启动队列<BR>echo "/usr/local/mailgraph_ext/mailgraph-init start" >> /etc/rc.local<BR>echo "/usr/local/mailgraph_ext/qmonitor-init start" >> /etc/rc.local</P> <P><BR>注意:安装以上软件所之前,请确保您的系统已经安装了tcl、tcl-devel、freetype、freetype-devel、libart_lgpl和libart_lgpl-devel等相关的软件包</P> <P> </P> <P><BR>9)开启Apache/Mysql/Bind,并让他们自启动<BR>[root@mailtest /]# chkconfig --level 2345 httpd on<BR>[root@mailtest /]# chkconfig --level 2345 mysqld on<BR>[root@mailtest /]# chkconfig --level 2345 named on<BR>[root@mailtest /]# service httpd start<BR>[root@mailtest /]# service mysqld start<BR>[root@mailtest /]# service named start</P> <P><BR>10)安装反垃圾SpamAssassin<BR>安装系统自带的spamassassin包</P> <P>11)安装反病毒Clamav<BR>从下面的网站下载clamav<BR><A href="http://www.clamav.net/download"><FONT color=#0000ff>http://www.clamav.net/download</FONT></A></P> <P>[root@mail ~]# groupadd clamav<BR>[root@mail ~]# useradd -g clamav -s /bin/nologin -c "Clam AntiVirus" clamav<BR>[root@mail ~]# mkdir /etc/clamav<BR>[root@mail ~]# chown -R clamav.clamav /etc/clamav</P> <P>[root@mail ~]# tar zxvf clamav-0.91.2.tar.gz<BR>[root@mail clamav-0.91.2]# cd clamav-0.91.2<BR>[root@mail clamav-0.91.2]# ./configure --sysconfdir=/etc/clamav<BR>[root@mail clamav-0.91.2]# make<BR>[root@mail clamav-0.91.2]# make install</P> <P>配置clamav的主配置文件<BR>#vi /etc/clamav/clamd.conf <BR>请先将文件中的 Example 这行删除掉或在其前面加上 # 注释掉<BR>去掉注释或更改下面行的值<BR>LogFile /var/log/clamav/clamd.log<BR>LogFileMaxSize 2M<BR>PidFile /home/clamav/clamd.pid<BR>DatabaseDirectory /usr/local/share/clamav<BR>LocalSocket /home/clamav/clamd.sock<BR>ScanMail yes<BR>ScanArchive yes<BR>ArchiveMaxFiles 1000<BR>MaxThreads 200<BR>MaxDirectoryRecursion 15<BR>User clamav<BR>这样 clamav 就基本可以工作了</P> <P>接下来要下载病毒资料库<BR>首先编辑 /etc/clamav/freshclam.conf 文件<BR>[root@mail clamav-0.91.2]# vi /etc/clamav/freshclam.conf<BR>请先将文件中的 Example 这行删除掉或在其前面加上 # 注释掉<BR>去掉次行注释并修改为 UpdateLogFile /var/log/clamav/freshclam.log</P> <P><BR>在 DatabaseMirror database.clamav.net 行下面在加入几个地址,更多地址请参考文档 clamav.pdf<BR>DatabaseMirror clamav.inet6.fr<BR>DatabaseMirror clamav.netopia.pt<BR>DatabaseMirror clamav.sonic.net</P> <P>这样该文件就可以了。若升级数据库时无法连接就注释掉DatabaseMirror database.clamav.net 行,留下剩下的行.<BR>下面生成/var/log/freshclam.log 文件<BR>[root@mail clamav-0.91.2]# mkdir /var/log/clamav<BR>touch /var/log/clamav/clamd.log<BR>touch /var/log/clamav/freshclam.log<BR>chmod 600 /var/log/clamav/freshclam.log<BR>chmod 600 /var/log/clamav/clamd.log<BR>chown clamav /var/log/clamav/clamd.log<BR>chown clamav /var/log/clamav/freshclam.log</P> <P><BR>运行数据库的更新 <BR>[root@mail clamav-0.91.2]# freshclam -d -c 2 (-d 选项为该命令以 daemon 方式运行 -c 2 这个选项的意思是每天检查2次数据库更新)<BR>[root@mail clamav-0.91.2]# freshclam --quiet --stdout 手动更新数据库</P> <P>更新结束后请到 /usr/src/clamav-0.91.2/test 目录下检查数据库里所认知的病毒数量<BR>执行 clamscan test</P> <P><BR>建议用户做成启动脚本<BR>/etc/rc3.d/S91clamav 内容如下:<BR>/usr/local/bin/freshclam -d -c 2<BR>/usr/local/sbin/clamd</P> <P> </P> <P>12)安装MailScanner<BR>MailScanner-4.65.3-1.rpm.tar.gz<BR>tar -zvxf MailScanner-4.65.3-1.rpm.tar.gz<BR>cd <BR>./install.sh</P> <P><BR>可以将里面的src.rpm用rpmbuild --rebuild **.src.rpm<BR>然后到/usr/src/redhat/RPMS/noarch去安装生成的rpm包</P> <P> </P> <P>建立Mailscanner支持spamassassin所需的目录:<BR># mkdir /var/spool/MailScanner/spamassassin <BR># chmod 700 /var/spool/MailScanner/spamassassin <BR># chown postfix.postfix /var/spool/MailScanner/spamassassin</P> <P>修改spamassassin的配置文件<BR>vi /etc/mail/spamassassin/local.cf<BR># How many hits before a message is considered spam. <BR>required_hits 5.0 <BR># Text to prepend to subject if rewrite_subject is used <BR>rewrite_header Subject *****SPAM***** <BR># Encapsulate spam in an attachment <BR>report_safe 1 <BR># Enable the Bayes system <BR>use_bayes 1 <BR># Enable or disable network checks <BR>skip_rbl_checks 1 <BR>use_razor2 0 <BR>use_pyzor 0 <BR># Mail using locales used in these country codes will not be marked <BR># as being possibly spam in a foreign language. <BR>ok_locales all </P> <P> </P> <P><BR>修改MailScanner.conf<BR># vi /etc/MailScanner/MailScanner.conf <BR>Run As User = postfix <BR>Run As Group = postfix <BR>Incoming Queue Dir = /var/spool/postfix/hold <BR>Outgoing Queue Dir = /var/spool/postfix/incoming <BR>MTA = postfix <BR>Virus Scanners = clamav <BR>Always Include SpamAssassin Report = yes <BR>Use SpamAssassin = yes <BR>Required SpamAssassin Score = 4 <BR>SpamAssassin User State Dir = /var/spool/MailScanner/spamassassin <BR>SpamAssassin Install Prefix = /usr/bin <BR>SpamAssassin Local Rules Dir = /etc/MailScanner</P> <P>修改 postfix支持mailscanner<BR># vi /etc/postfix/main.cf<BR>变更以下的值<BR>header_checks = regexp:/etc/postfix/header_checks<BR># vi /etc/postfix/header_checks<BR>/^Received:/ HOLD<BR>注意, 在 / 之前不可以有空白!</P> <P>变更目录权限<BR># chown postfix.postfix /var/spool/MailScanner/incoming <BR># chown postfix.postfix /var/spool/MailScanner/quarantine<BR>停止postfix执行、启动MailScanner<BR># service postfix stop <BR># chkconfig postfix off <BR># service MailScanner start<BR>设定MailScanner,当MTA = postfix时,会自己启动postfix,如有设定启动postfix的请先将它停掉<BR>定期更新病毒定义文件<BR># crontab -e <BR>0 4 * * * /usr/local/bin/freshclam</P> <P> </P> <P><BR>FAQ<BR>1)Open LDAP服务器数据的导入和导出(实现备份)<BR>导出数据<BR>ldapsearch -xW -D "cn=Manager,dc=test.hk" -b "dc=test.hk" >bak.ldif</P> <P>导入数据<BR>ldapadd -xW -D "cn=Manager,dc=test.hk" -f<bak.ldif</P> <P>Note:如果你的邮件用户很多,最好再架个一主两从服务器结构,主只写,从两从服务器读</P> <P><BR>2)配置phpldapadmin</P> <P>// $ldapservers->SetValue($i,'appearance','password_hash','md5');<BR>密码加密选项,可改作:<BR>$ldapservers->SetValue($i,'appearance','password_hash','crypt');</P> <P>3)其他问题参见前一篇基于MySQL的Postfix的文章</P> <P> </P> <P><BR>参考文档<BR>同前一片基于MySQL的Postfix</P></DIV></TD></TR></TBODY></TABLE></TD></TR></TBODY></TABLE></DIV>
查看全文
发表于:2007-12-29 ┆
阅读(671)
┆
评论(0)
PostfixとAPOP,POP before SMTP
<DIV> <CENTER> <TABLE width="90%" align=center> <TBODY> <TR> <TR> <TD align=right><IMG src="http://www.paken.org/right.png" border=0 VALIGN="middle"> <A href="http://www.excite.co.jp/world/url/?wb_url=http://www.paken.org:8080/linux/linux-tips/postfix.html&wb_lp=JAEN&wb_dis=2&wb_co=excitejapan"><FONT color=#0000ff>Rough English Here</FONT></A></TD></TR> <TR> <TD> </TD></TR> <TR> <TD align=right><A href="http://www.paken.org/index.html"><IMG src="http://www.paken.org/paken_ss.png" border=0></A></TD></TR> <TR> <TD align=middle><A href="http://www.paken.org/linux/index.html"><IMG src="http://www.paken.org/linux/linuxlife.png" border=0></A></TD></TR></TBODY></TABLE> <P><FONT size=4><B>PostfixとAPOP,POP before SMTP</B></FONT> </CENTER> <BLOCKQUOTE><FONT color=#808080><SMALL><FONT size=2>10/18, 2003: 更新停止<BR>11/6, 2002: </FONT><A href="http://www.paken.org/linux/linux-tips/postfix2.html"><FONT color=#0000ff size=2>Maildir形式を使うページ</FONT></A><FONT size=2>を新設しました.なお,このページの説明ではシャットダウン時に不備があるようです(注意書きを追加しました).<BR>3/3, 2002: DRACのインストールにシャットダウン時にdracdを停止する記述を追加.portmapに関する記述を追加<BR>3/3, 2002: procmailの不具合に関する記述を追加.qpopper-4.0.3-0vl1dracのSRPMをダウンロード可能に.<BR>8/31, 2001: ページ公開<BR>[028935] </FONT></SMALL></FONT> <P> <P><FONT color=#ff0000 size=4>内容が古くなったため、今後このページは更新されません。ご了承下さい。</FONT> <P>えー,Vine Linux 2.1.5でPostfixを動かし,APOPとPOP before SMTPを使ったメールサーバを構築する試みです. <P>ちなみに"APOP"というのはPOPのユーザ認証の手続きを暗号化してパスワード垂れ流し状態を回避する仕組みですね.それから"POP before SMTP"というのはちょっとややこしんですが,SMTPには本来認証手続きがないために外部からのメールのリレーを許可すると不正中継に使われてしまう恐れがあります.だからといってメールのリレーを許可しないと外部からSMTPが使えなくなるので,たとえば自宅にメールサーバがあって,外出先から自宅のアカウントでメールを出したい,なんてときには不便です. そこで,外部のマシンがPOP接続をした場合,その後数分間は同じマシンからのSMTPリレーを許可することで,あたかもSMTPにユーザ認証機能が付いているかのようにするのが"POP before SMTP"です. <P>APOPにはqpopper,POP before SMTPにはDRAC(Dynamic Relay Authorization Control)というのを使います. <P>さらにMaildir形式を使いたい方は <A href="http://www.paken.org/linux/linux-tips/postfix2.html"><FONT color=#0000ff>こちら</FONT></A> をご覧ください. </P></BLOCKQUOTE><IMG src="http://www.paken.org/linux/kero.gif"> <B>DRAC (Dynamic Relay Authorization Control)のインストール</B> <BLOCKQUOTE>"POP before SMTP"を機能させるために必要なソフトです. <OL> <LI><A href="http://mail.cc.umanitoba.ca/drac/" target=_blank><FONT color=#0000ff>http://mail.cc.umanitoba.ca/drac/</FONT></A> から"drac.tar.Z"をダウンロードして解凍する. <P> <TABLE cellPadding=5 bgColor=#fffff0 border=1> <TBODY> <TR> <TD><PRE>> tar xzvf drac.tar.Z </PRE></TD></TR></TBODY></TABLE> <P></P> <LI>Makefileを編集(変更が必要な行だけ書いてあります) <P> <TABLE cellPadding=5 bgColor=#fffff0 border=1> <TBODY> <TR> <TD><PRE>INSTALL = install EBIN = /usr/sbin DEFS = -DSOCK_RPC -DFCNTL_LOCK -DGETHOST -DDASH_C -DREQ_HASH CFLAGS = $(DEFS) -g LDLIBS = -ldb TSTLIBS = -L. -ldrac RPCGENFLAGS = -C -I MANADM = 8 </PRE></TD></TR></TBODY></TABLE> <P></P> <LI>rpc.dracd.c を編集(パスを変更) <P> <TABLE cellPadding=5 bgColor=#fffff0 border=1> <TBODY> <TR> <TD><PRE>#define DBFILE "/etc/postfix/dracd.db" #define ALFILE "/etc/postfix/dracd.allow" </PRE></TD></TR></TBODY></TABLE> <P></P> <LI>dracd-setup.linux を編集(POP認証の有効期限を5分にする) <P> <TABLE cellPadding=5 bgColor=#fffff0 border=1> <TBODY> <TR> <TD><PRE>"daemon rpc.dracd&"の行を daemon rpc.dracd -e 5& に変更. </PRE></TD></TR></TBODY></TABLE> <P></P> <LI>コンパイルとインストール <P> <TABLE cellPadding=5 bgColor=#fffff0 border=1> <TBODY> <TR> <TD><PRE>> make # make install # make install-man # cp dracd-setup.linux /etc/rc.d/init.d/dracd # ln -s /etc/rc.d/init.d/dracd /etc/rc.d/rc3.d/S78dracd # ln -s /etc/rc.d/init.d/dracd /etc/rc.d/rc5.d/S78dracd # ln -s /etc/rc.d/init.d/dracd /etc/rc.d/rc6.d/K22dracd </PRE></TD></TR></TBODY></TABLE> <P><FONT color=#ff0000>11/6, 2002 追記</FONT>:このやり方だとマシンのシャットダウン時にFailする,という指摘を以前どなたかからメールいただいて,たしか解決法も教えていただいたのですが,せっかくのメールを紛失してしまいました. Failしても無視して構わないかもしれませんが,気になる方は修正してみてください. <P></P> <LI>Qpopperのインストール時に必要なライブラリを手動でインストール <P> <TABLE cellPadding=5 bgColor=#fffff0 border=1> <TBODY> <TR> <TD><PRE># cp libdrac.a /usr/lib/ </PRE></TD></TR></TBODY></TABLE> <P></P></LI></OL>ちなみに"Berkeley DB"という組込み用データベースが必要である,とありますが,Vine2.1.5では特にインストールしなくてもいいようです. </BLOCKQUOTE><IMG src="http://www.paken.org/linux/kero.gif"> <B>Qpopperのインストール</B> <BLOCKQUOTE>Vineには最初から入っていますが,DRACに対応させるために再コンパイルが必要です.Vine SeedからSRPMをもらってきて,SPECファイルを編集して再構築します. <P>作成したバイナリはこちら。これをお使いいただければ,<FONT color=#ff0000>以下の手順は省略可能</FONT>です. <BLOCKQUOTE>DRAC対応QpopperのRPMパッケージです.Vine2.1.5で動作を確認しています. <P><FONT size=2>(ファイル名をクリックするとダウンロードページが表示されます)</FONT> <TABLE cellPadding=2 border=1 VSPACE="10"> <TBODY> <TR> <TH>ファイル名</TH> <TH>サイズ</TH> <TH>日付</TH> <TH>ライセンス</TH> <TH>備考</TH></TR> <TR> <TD><A href="http://www.paken.org/linux/linux-tips/qpopper-4.0.3-0vl1drac.i386.rpm"><FONT color=#0000ff>qpopper-4.0.3-0vl1drac.i386.rpm</FONT></A></TD> <TD>620k</TD> <TD>8/31, 2001</TD> <TD>BSD</TD> <TD><BR></TD></TR> <TR> <TD><A href="http://www.paken.org/linux/linux-tips/qpopper-4.0.3-0vl1drac.src.rpm"><FONT color=#0000ff>qpopper-4.0.3-0vl1drac.src.rpm</FONT></A></TD> <TD>2.3M</TD> <TD>3/3, 2002</TD> <TD>BSD</TD> <TD><BR></TD></TR></TBODY></TABLE></P></BLOCKQUOTE> <OL> <LI>Vine Seedから"qpopper-4.0.3-0vl1.src.rpm"をもらってきてインストール <P> <TABLE cellPadding=5 bgColor=#fffff0 border=1> <TBODY> <TR> <TD><PRE># rpm -ivh qpopper-4.0.3-0vl1.src.rpm </PRE></TD></TR></TBODY></TABLE> <P></P> <LI>DRAC対応にするため,SPECファイルを編集 <P> <TABLE cellPadding=5 bgColor=#fffff0 border=1> <TBODY> <TR> <TD><PRE># cd /usr/src/redhat/SPECS # emacs qpopper.spec (%buildセクションに追加) --prefix=/usr \ --enable-bulletins=/var/spool/mail/bulletins \ --enable-specialauth \ --with-pam=qpopper \ --with-popuid=pop \ --enable-apop=/etc/pop.auth \ <FONT color=#ff0000>--enable-drac</FONT> (←これ) (%preセクションのuseraddにオプションを追加) /usr/sbin/useradd -M -g pop pop -c "Pop Account"<FONT color=#ff0000> -d /dev/null -s /dev/null</FONT> </PRE></TD></TR></TBODY></TABLE> <P></P> <LI>rpmを作成 <P> <TABLE cellPadding=5 bgColor=#fffff0 border=1> <TBODY> <TR> <TD><PRE># rpm -ba qpopper.spec </PRE></TD></TR></TBODY></TABLE> <P></P> <LI>Qpopperをupdate <P> <TABLE cellPadding=5 bgColor=#fffff0 border=1> <TBODY> <TR> <TD><PRE># cd /usr/src/redhat/RPMS/i386 # rpm -Uvh qpopper-4.0.3-0vl1drac.i386.rpm </PRE></TD></TR></TBODY></TABLE> <P></P></LI></OL></BLOCKQUOTE><IMG src="http://www.paken.org/linux/kero.gif"> <B>Postfixの設定</B> <BLOCKQUOTE>/etc/postfix/main.cf を編集します.最後の項目が"POP before SMTP"の設定です.他の部分はお使いのサーバにあわせて適切に設定してください. <P> <TABLE cellPadding=5 bgColor=#fffff0 border=1> <TBODY> <TR> <TD><PRE>myhostname = kappa.chmodx.dyndns.org <FONT color=#ff0000>←メールサーバのFQDN</FONT> mydomain = chmodx.dyndns.org <FONT color=#ff0000>←自ドメイン名</FONT> myorigin = $mydomain inet_interfaces = all mydestination = $myhostname, localhost.$mydomain $mydomain mynetworks = 192.168.1.0/24, 127.0.0.0/8 <FONT color=#ff0000>←SMTPを受け付けるアドレス</FONT> smtpd_recipient_restrictions = <FONT color=#ff0000>←POP before SMTPを使用する設定</FONT> permit_mynetworks check_client_access hash:/etc/postfix/dracd check_relay_domains </PRE></TD></TR></TBODY></TABLE> <P></P></BLOCKQUOTE><IMG src="http://www.paken.org/linux/kero.gif"> <B>APOPの設定</B> <BLOCKQUOTE> <OL> <LI>RPMパッケージをインストールするとユーザ 'pop'が自動的に作成されるはずですが,もしなんらかの理由でできていなければ,手動で作成します. <P> <TABLE cellPadding=5 bgColor=#fffff0 border=1> <TBODY> <TR> <TD><PRE># /usr/sbin/useradd -d /dev/null -s /dev/null -M pop </PRE></TD></TR></TBODY></TABLE> <P></P> <LI>qpopperのAPOP用DBを初期化します. <P> <TABLE cellPadding=5 bgColor=#fffff0 border=1> <TBODY> <TR> <TD><PRE># /usr/sbin/popauth -init </PRE></TD></TR></TBODY></TABLE> <P></P> <LI>ユーザごとにAPOPアカウントを作成します. <P> <TABLE cellPadding=5 bgColor=#fffff0 border=1> <TBODY> <TR> <TD><PRE># /usr/sbin/popauth -user komoriya </PRE></TD></TR></TBODY></TABLE> <P></P></LI></OL></BLOCKQUOTE><IMG src="http://www.paken.org/linux/kero.gif"> <B>procmailのアップデート</B> <BLOCKQUOTE>Vine Linux 2.1.5の場合,procmailをprocmail-3.21-0vl0.1にアップデートする必要があります. "rpm -q procmail"として,procmail-3.21-0vl0(もしくはこれ以前のバージョン)の場合は3.21-0vl0.1にアップデートしてください. <P>古いバージョンの場合,/var/spool/mail/以下に書き込み権限がないため,ユーザごとのスプールファイルを手動で作成する必要があります. <P>詳しくは <A href="http://www.vinelinux.org/errata/2x/20020117.html"><FONT color=#0000ff>こちらをご覧ください</FONT></A>. <P> <TABLE cellPadding=5 bgColor=#fffff0 border=1> <TBODY> <TR> <TD><PRE># rpm -Fvh procmail-3.21-0vl0.1.i386.rpm </PRE></TD></TR></TBODY></TABLE> <P></P></BLOCKQUOTE><IMG src="http://www.paken.org/linux/kero.gif"> <B>Inetd, Dracd, Postfixの(再)起動</B> <BLOCKQUOTE> <P> <TABLE cellPadding=5 bgColor=#fffff0 border=1> <TBODY> <TR> <TD><PRE># /etc/rc.d/init.d/inet restart # /etc/rc.d/init.d/dracd start # /etc/rc.d/init.d/postfix restart </PRE></TD></TR></TBODY></TABLE> <P>なお,portmapが起動していることを確認してください(もし起動していなければ # /etc/rc.d/init.d/portmap start). </P></BLOCKQUOTE>あとはメールクライアントを適切に設定すれば,使えるようになるはずです. <TABLE cellPadding=0 width="80%" align=center> <TBODY> <TR> <TD colSpan=3> <HR> </TD></TR> <TR> <TD align=left><FONT size=2>Copyright © 2001-2002 KOMORIYA Takeru</FONT></TD> <TD align=middle><FONT size=2>リンクはご自由に (<A href="http://www.sal.tohoku.ac.jp/~gothit/webpolicy.html"><FONT color=#0000ff>参考</FONT></A>) </FONT></TD> <TD align=right><A href="http://www.paken.org/linux/index.html"><FONT color=#0000ff>→Linux Lifeにもどる</FONT></A></TD></TR></TBODY></TABLE></DIV>
查看全文
发表于:2007-12-29 ┆
阅读(597)
┆
评论(0)
postfixのスパムメール対策(排除率は99.975%だった)●
<DIV> <DIV align=center> <TABLE cellSpacing=0 cellPadding=0 summary=table1 border=0> <TBODY> <TR> <TD><IMG alt=up_l src="http://cmf.ohtanz.com/hp/up_l.gif"></TD> <TD id=up-c><IMG height=20 alt=dmy src="http://cmf.ohtanz.com/hp/dmy.gif" width=20></TD> <TD><IMG alt=up_r src="http://cmf.ohtanz.com/hp/up_r.gif"></TD></TR> <TR> <TD id=left-c><IMG height=20 alt=dmy src="http://cmf.ohtanz.com/hp/dmy.gif" width=20></TD> <TD vAlign=top noWrap bgColor=#ffffff><A href="http://cmf.ohtanz.com/" name=top><IMG alt=home src="http://cmf.ohtanz.com/hp/home.gif" border=0></A> <SCRIPT type=text/javascript> <!-- document.write("<img src='./cgi-bin/access_check/access_check.cgi?"); document.write(document.referrer+"' width=1 height=1>"); //--> </SCRIPT> <IMG height=1 src="http://cmf.ohtanz.com/cgi-bin/access_check/access_check.cgi?http://www.google.co.jp/search?q=postfix&hl=ja&lr=lang_ja&start=20&sa=N" width=1> <IMG height=1 alt=dmy src="http://cmf.ohtanz.com/cgi-bin/mycounter/cmfcount2.cgi?all=a" width=1> <IMG height=1 alt=dmy src="http://cmf.ohtanz.com/cgi-bin/mycounter/cmfcount2.cgi?day=a" width=1> <IMG height=1 alt=dmy src="http://cmf.ohtanz.com/cgi-bin/mycounter/cmfcount2.cgi?yes=a" width=1> <DIV align=center> <P class=ttl>●postfixのスパムメール対策(排除率は99.975%だった)●<BR>(2007/11/12更新)</P></DIV> <P><FONT color=#c80000>※(2007/11/12追加) <BR>最近、本記事に関してS25R方式を導入しているということで、リンクして下さるサイト様をぼちぼち見掛けるのですが、 <BR>本記事ではあくまで<STRONG>S25R方式を参考にしたスパム対策</STRONG>でありS25R方式ではありませんのでご注意下さい。 <BR>S25R方式を導入されたい方は<A href="http://www.gabacho-net.jp/anti-spam/"><FONT color=#ff0000>スパム対策技術</FONT></A>さんをご一読下さい。 </FONT></P> <P><FONT color=#c80000>※(2007/7/18追加) <BR>本スパムメール対策は基本的に<STRONG>海外ホストからの非スパムメールを受取ることがほとんど無く、 <BR>国内ホストからのスパムメールが少ない環境の方</STRONG>ならば幸せになれるかもしれません、 <BR>それ以外の環境で使用すると思わぬ弊害(reject_unknown_clientによるREJECT等)や逆効果といった自体を招く可能性がありますので、 <BR>導入される場合は以下の説明を一通り目を通して頂き、貴殿の運用ポリシーに合っているか等十分検討して下さい。 </FONT></P> <P><A href="http://cmf.ohtanz.com/antispam.20070203.html"><FONT color=#ff0000>従来のスパムメール対策</FONT></A>に<A href="http://cmf.ohtanz.com/blog/archives/54"><FONT color=#ff0000>Postfixのスパムメール対策Ver3</FONT></A>で紹介した<A href="http://www.postfix-jp.info/trans-2.2/jhtml/cidr_table.5.html"><FONT color=#ff0000>cidr_table</FONT></A>、<STRONG>reject_unknown_client</STRONG>等細かい修正を加えて、 <BR>どのくらいREJECTの効果が上がるか?、また誤判定を減らすことができるか?ということを調査したかったので1ヶ月間統計を取りました。 </P> <P>今回のスパムメール対策の趣旨は基本的には従来と同じ運用ポリシーですが、ウチに来るスパムメールのほとんどが<STRONG>海外ホストから来ている</STRONG>ということに着目して、 <BR>国内のIPを掻き集めてそれを<A href="http://www.postfix-jp.info/trans-2.2/jhtml/cidr_table.5.html"><FONT color=#ff0000>cidr_table</FONT></A>に追加することで、国内ホストからの接続だった場合は<STRONG>smtpd_client_restrictions</STRONG>の評価をスキップして、 <BR>海外ホストからの接続だった場合のみ<STRONG>smtpd_client_restrictions</STRONG>を評価させるというのが今回の目的だった訳です。 </P> <P>国内ホストのIPの収集、<A href="http://www.postfix-jp.info/trans-2.2/jhtml/cidr_table.5.html"><FONT color=#ff0000>cidr_table</FONT></A>の作成については<A href="http://cmf.ohtanz.com/blog/archives/51"><FONT color=#ff0000>CIDRを算出するスクリプトを作ってみた。</FONT></A>をご覧下さい。 <BR><S>当方が作成した<A href="http://www.postfix-jp.info/trans-2.2/jhtml/cidr_table.5.html"><FONT color=#ff0000>cidr_table</FONT></A>は<A href="http://cmf.ohtanz.com/download/ipv4Jp.zip"><FONT color=#ff0000>ipv4Jp.zip</FONT></A>に同封されています。</S> </P> <P><S>APNICのIPv4 ranges</S><A href="http://ftp.apnic.net/stats/apnic/delegated-apnic-latest"><FONT color=#ff0000>http://ftp.apnic.net/stats/apnic/delegated-apnic-latest</FONT></A>は日々更新される為、毎回手動でcidr_tableを更新するのも大変なので、 <BR>この際JPNICが管理しているIPは諦めてAPNICで管理している国内ホストのIPのみを自動で収集してcidir_tableの更新も自動化するようにしました。 <BR>(※9割以上はAPNICのみの情報で足りているのでさほど影響はないと思います。東京大学のIPはJPNICでしか管理されてないみたいですが。) </P> <P>今回の運用ポリシーは下記のとおりです。 </P> <P>» Postfix設定パラメータによる制限の誤判定を限りなく0にする<BR>» 配送されたメールがスパムと判定された場合はそのメールを隔離する<BR>» 隔離されたスパムメールの中に非スパムメールが混在していないか確認できるようにする<BR>» 隔離されたスパムメールを容易に削除できるようにする<BR>» 国内ホストからのメールは制限を甘くする<BR>» 海外ホストからのメールは制限を厳しくする<BR></P> <P><STRONG>■Postfix設定パラメータによる制限の設定</STRONG> </P> <P>●<A href="http://www.gabacho-net.jp/anti-spam/"><FONT color=#ff0000>「S25R方式」</FONT></A>を参考にした制限 <BR><FONT color=#c80000>ルール1:逆引きFQDNの最下位のホスト名にハイフン(-)で2つ以上に区切られた1~3桁の数字が含まれる場合は要求を拒否 <BR>ルール2:逆引きFQDNの最下位のホスト名にドット(.)で2つ以上に区切られた1~3桁の数字が含まれる場合は要求を拒否 <BR>ルール3:逆引きFQDNの最下位のホスト名にエックス(x)で2つ以上に区切られた1~3桁の数字が含まれる場合は要求を拒否 <BR>ルール4:逆引きFQDNの最下位のホスト名に連続した4つ以上の数字が含まれる場合は要求を拒否 <BR>ルール5:逆引きFQDNの最下位のホスト名に「dhcp、dial、ppp、dsl、flets、ftth、cable」が含まれる場合は要求を拒否 </FONT></P> <P>●/etc/postfix/client_restrictionsの作成 <BR>> vi /etc/postfix/client_restrictions </P><PRE>------------------------------------------------------------------------------ # *** WHITE LIST *** #/^192\.168\.1\.2$/ OK # *** BLACK LIST *** # #/^219\.117\.232\.107$/ REJECT #/^59\.106\.20\.223$/ REJECT #/^124\.37\.15\.8$/ REJECT #/^ns1\.mdhfc\.com$/ REJECT # *** GENERIC PROTECTION *** # [rule 1] /^[^.]*.*[0-9]{1,3}-[0-9]{1,3}.*\..+\.[a-z]/ 450 may not be mail exchanger # [rule 2] /^[^.]*.*[0-9]{1,3}\.[0-9]{1,3}.*\..+\.[a-z]/ 450 may not be mail exchanger # [rule 3] /^[^.]*.*[0-9]{1,3}x[0-9]{1,3}.*\..+\.[a-z]/ 450 may not be mail exchanger # [rule 4] /^[^.]*.*[0-9]{4}.*\..+\.[a-z]/ 450 may not be mail exchanger # [rule 5] /^[^.]*.*(dhcp|dial|ppp|dsl|flets|ftth|cable).*\..+\.[a-z]/ 450 may not be mail exchanger ------------------------------------------------------------------------------ </PRE> <P>●/etc/postfix/client_cidrの作成<FONT color=#c80000>(2007/06/25更新)</FONT> <BR><S><A href="http://cmf.ohtanz.com/download/ipv4Jp.zip"><FONT color=#ff0000>ipv4Jp.zip</FONT></A>に同封されている<STRONG>client_cidr</STRONG>を/etc/postfixに設置して、postmap /etc/postfix/client_cidrを実行します。</S> <BR><A href="http://cmf.ohtanz.com/download/getApnicCidr.txt"><FONT color=#ff0000>getApnicCidr.txt</FONT></A>をDLして下記を適宜修正して下さい。 </P> <P>> wget <A href="http://cmf.ohtanz.com/download/getApnicCidr.txt"><FONT color=#ff0000>http://cmf.ohtanz.com/download/getApnicCidr.txt</FONT></A> <BR>> vi getApnicCidr.txt </P><PRE>------------------------------------------------------------------------------ 1: #!/usr/bin/perl #PerlのPATH 8: my $CIDR_TABLE = '/etc/postfix/client_cidr'; #postfix用cidr_tableのPATH ------------------------------------------------------------------------------ </PRE><FONT color=#c80000>修正が終わったらgetApnicCidr.plにリネームしてパーミッションを変更します。 </FONT> <P>> mv getApnicCidr.txt /usr/local/bin/getApnicCidr.pl <BR>> chmod 700 /usr/local/bin/getApnicCidr.pl </P><FONT color=#c80000>※getApnicCidr.plを実行して/etc/postfix/client_cidr.dbが生成されていたら成功です。後は1日1回自動更新されるようにgetApnicCidr.plをcronに追加しておきます。 </FONT> <P>●/etc/postfix/main.cfの編集 <BR></P>> vi /etc/postfix/main.cf <PRE>------------------------------------------------------------------------------ disable_vrfy_command = yes #SMTP VRFYコマンドを無効にする。 smtpd_client_restrictions = #SMTPコネクション時の制限 permit_mynetworks #自ネットワークからの要求は許可 check_client_access btree:/etc/mail/dracd #POP before SMTP認証済ホストからの要求は許可 check_client_access cidr:/etc/postfix/client_cidr #国内ホストからの要求は許可 reject_unknown_client #逆引きできないホストからの要求は拒否 check_client_access regexp:/etc/postfix/client_restrictions #S25R方式を参考にしたaccessテーブルによる制限 reject_unlisted_recipient #宛先不明なアドレスへの要求は拒否 reject_unauth_destination #自ネットワーク以外への要求は拒否 smtpd_helo_required = yes #HELO又はEHLOコマンドを送信してこない要求は拒否 smtpd_sender_restrictions = #MAIL FROMコマンド時の制限 permit_mynetworks #自ネットワークからの要求は許可 check_sender_access regexp:/etc/postfix/sender_restrictions #メールアドレスのaccessテーブルによる制限 reject_unknown_sender_domain #メールアドレスのホスト名がDNS A又はMXレコードを持っていない場合は要求を拒否 reject_non_fqdn_sender #メールアドレスのホスト名がFQDN形式ではない場合は要求を拒否 reject_unverified_sender #メールアドレスがバウンスしたり配送先に到達できない場合は要求を拒否 smtpd_recipient_restrictions = #RCPT TOコマンド時の制限 permit_mynetworks #自ネットワークからの要求は許可 check_client_access btree:/etc/mail/dracd #POP before SMTP認証済ホストからの要求は許可 reject_unauth_destination #自ネットワーク以外への要求は拒否 ------------------------------------------------------------------------------ </PRE><FONT color=#c80000>※/etc/postfix/sender_restrictionsはMAIL FROMに送信されてくるメールアドレスを検査して可否判定します。 <BR>※編集が終わったらpostfix reloadを実行します。 <BR>※参考までに当方の現在の<A href="http://cmf.ohtanz.com/pbs/main.cf.txt"><FONT color=#ff0000>main.cf</FONT></A>です。 </FONT> <P><STRONG>■ベイジアンスパムフィルタ「<A href="http://bsfilter.org/"><FONT color=#ff0000>bsfilter</FONT></A>」の導入</STRONG> </P> <P>●<A href="http://bsfilter.org/"><FONT color=#ff0000>bsfilter</FONT></A>のインストール <BR>> apt-get install bsfilter </P> <P>●作業ディレクトリの作成 <BR>> mkdir /var/lib/bsfilter <BR>> chmod 755 /var/lib/bsfilter </P> <P>●bsfilter.confの作成 <BR>> vi /etc/bsfilter.conf </P><PRE>------------------------------------------------------------------------------ homedir /var/lib/bsfilter #作業ディレクトリ insert-revision #メールのヘッダに「X-Spam-Revision」を追加 insert-flag #メールのヘッダに「X-Spam-Flag」を追加 insert-probability #メールのヘッダに「X-Spam-Probability」を追加 auto-update #cleanかspamか判定した後、その結果をtokenデータベースに追加し確率データベースも更新 pipe #標準出力する(procmail用) ------------------------------------------------------------------------------ </PRE> <P>●<A href="http://www.db.is.kyushu-u.ac.jp/computer/solarisserver/bs.spam"><FONT color=#ff0000>http://www.db.is.kyushu-u.ac.jp/computer/solarisserver/bs.spam</FONT></A>からスパムなトークンを頂いてくる <BR>> wget <A href="http://www.db.is.kyushu-u.ac.jp/computer/solarisserver/bs.spam"><FONT color=#ff0000>http://www.db.is.kyushu-u.ac.jp/computer/solarisserver/bs.spam</FONT></A> </P> <P>●頂いてきたスパムなトークンを学習させる <BR>> bsfilter --config-file /etc/bsfilter.conf --import-spam ./bs.spam </P> <P>●クリーンなメールを学習させる <BR>> bsfilter --config-file /etc/bsfilter.conf --mbox --add-clean ./***.mbx <BR><FONT color=#c80000>※普段使っているメーラーがmbox形式だったのでそれを全部入れてみました。 </FONT></P> <P>●sdbmを更新 <BR>> bsfilter --update --config-file /etc/bsfilter.conf </P> <P>●オーナーの関係でデータベースが読み込みできなかったのでパーミッションを変更 <BR>> chmod 666 /var/lib/bsfilter/* </P> <P>●スパムと認識されたクリーンなメールを学習させるスクリプトを作成 <BR>> vi /usr/local/bin/bsfilter-clean.sh </P><PRE>------------------------------------------------------------------------------ #!/bin/sh FILE=$1 if [ -n "$1" ]; then bsfilter --homedir /var/lib/bsfilter --sub-spam --add-clean --update ${FILE} chmod 666 /var/lib/bsfilter/* fi ------------------------------------------------------------------------------ </PRE>> chmod 700 /usr/local/bin/bsfilter-clean.sh <P><FONT color=#c80000>※使い方:/usr/local/bin/bsfilter-clean.sh クリーンなメール </FONT></P> <P>●クリーンと認識されたスパムなメールを学習させるスクリプトを作成 > vi /usr/local/bin/bsfilter-spam.sh </P><PRE>------------------------------------------------------------------------------ #!/bin/sh FILE=$1 if [ -n "$1" ]; then bsfilter --homedir /var/lib/bsfilter --sub-clean --add-spam --update ${FILE} chmod 666 /var/lib/bsfilter/* fi ------------------------------------------------------------------------------ </PRE>> chmod 700 /usr/local/bin/bsfilter-spam.sh <P><FONT color=#c80000>※使い方:/usr/local/bin/bsfilter-clean.sh スパムなメール </FONT></P> <P><STRONG>■procmailから使用するDNSBL、URLBLチェックスクリプトの導入</STRONG> <BR><FONT color=#c80000>※自作のPerlスクリプト「<A href="http://cmf.ohtanz.com/download/procdnsbl.txt"><FONT color=#ff0000>procdnsbl</FONT></A>」を使用します。(base64encode、quoted-printable対応) <BR>※<A href="http://cmf.ohtanz.com/download/procdnsbl.txt"><FONT color=#ff0000>procdnsbl</FONT></A>はDNSBL、URLBLに該当した場合にメールヘッダーにX-DnsBL、X-UrlBLを付与します。 </FONT></P> <P>> wget <A href="http://cmf.ohtanz.com/download/procdnsbl.txt"><FONT color=#ff0000>http://cmf.ohtanz.com/download/procdnsbl.txt</FONT></A> <BR>> mv procdnsbl.txt /usr/local/bin/procdnsbl <BR>> chmod 755 /usr/local/bin/procdnsbl <BR><FONT color=#c80000>※利用するDNSBL、URLBLを変更したい場合はprocdnsbl内の15行目の@DNS_BL、20行目の@URL_BLを変更して下さい。 </FONT></P> <P><STRONG>■procmailの準備</STRONG> </P> <P>●procmail用ログファイルの作成 <BR>> touch /var/log/procmail <BR>> chmod 666 /var/log/procmail </P> <P>●procmail用ログファイルをlogrotateに追加 > vi /etc/logrotate.d/procmail </P><PRE>------------------------------------------------------------------------------ /var/log/procmail { create 666 root root } ------------------------------------------------------------------------------ </PRE> <P>●スパムと判定されたメールを格納するspamディレクトリの作成 <BR>> mkdir ~hoge/Maildir/spam <BR>> chown hoge:hoge ~hoge/Maildir/spam <BR>> chmod 700 ~hoge/Maildir/spam </P> <P>●spamディレクトリに入ったメールを1つのメールにまとめるスクリプトの作成 <BR><FONT color=#c80000>※~hoge/Maildir/newに擬似的なメールを生成します。</FONT> <BR>> vi /usr/local/bin/spamsend.sh </P><PRE>------------------------------------------------------------------------------ #!/bin/sh export LANG=en PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin CONF=/usr/local/etc/spamsend.txt HOST=`hostname` MAILDATE=`date "+%a, %d %b %Y %H:%M:%S +0900"` LIST=`cat $CONF` for u in $LIST do COUNT=`ls /home/$u/Maildir/spam/ | wc -l` if [ $COUNT -ne 0 ]; then FILEDATE=`date '+%s'` MAIL=/home/$u/Maildir/new/$FILEDATE.$$.$HOST echo "Date: $MAILDATE" >> $MAIL echo "From: postmaster@example.com" >> $MAIL echo "To: $u@example.com" >> $MAIL echo "Subject: SPAM MAIL LIST" >> $MAIL echo "MIME-Version: 1.0" >> $MAIL echo "Content-Type: text/plain; charset=iso-2022-jp" >> $MAIL echo "Content-Transfer-Encoding: 7bit" >> $MAIL echo "" >> $MAIL echo "[[[[[SPAM MAIL LIST]]]]]" >> $MAIL echo "" >> $MAIL nkf -mj /home/$u/Maildir/spam/* >> $MAIL chown $u:$u $MAIL chmod 600 $MAIL rm -f /home/$u/Maildir/spam/* fi done ------------------------------------------------------------------------------ </PRE> <P><FONT color=#c80000>※From、Toのメールアドレスは適宜修正して下さい。</FONT> </P>> chmod 700 /usr/local/bin/spamsend.sh <P>●spamsend.sh対象のアカウントを管理するファイルの作成 <BR>> vi /usr/local/etc/spamsend.txt </P><PRE>------------------------------------------------------------------------------ hoge hogehoge ------------------------------------------------------------------------------ </PRE> <P>●spamsend.shをcronに追加 <BR>> vi crontab -e </P><PRE>------------------------------------------------------------------------------ 0 0-23/4 * * * /usr/local/bin/spamsend.sh ------------------------------------------------------------------------------ </PRE><FONT color=#c80000>※4時間おきに実行</FONT> <P>●~hoge/.forwardの作成 <BR>> vi ~hoge/.forward </P><PRE>------------------------------------------------------------------------------ "|IFS=' ' && exec /usr/bin/procmail -f- || exit 75 #~/Maildir/" ------------------------------------------------------------------------------ </PRE> <P>●~hoge/.procmailrcの作成 <BR>> vi ~hoge/.procmailrc </P><PRE>------------------------------------------------------------------------------ PATH=/bin:/usr/bin:/usr/local/bin LOGFILE=/var/log/procmail MAILDIR=${HOME}/Maildir DEFAULT=${MAILDIR} :0 fw | /usr/local/bin/procdnsbl :0 * ^X-(Dns|Url)BL: * ${MAILDIR}/spam/. :0 fw | /usr/bin/bsfilter --config-file /etc/bsfilter.conf :0 * ^X-Spam-Probability: *(1|0\.[89]) ${MAILDIR}/spam/. :0 ${MAILDIR}/ ------------------------------------------------------------------------------ </PRE> <P><STRONG>■上記スパムメール対策の統計(2007/4/26-2007/5/26)</STRONG> </P> <TABLE cellSpacing=0 cellPadding=2 bgColor=#e6e6e6 summary=total border=1> <TBODY> <TR> <TD class=total align=middle>内容</TD> <TD class=total align=middle>割合(%)</TD> <TD class=total align=middle>合計</TD></TR> <TR> <TD class=total>メール総数</TD> <TD class=total align=right>-----</TD> <TD class=total align=right>30,298</TD></TR> <TR> <TD class=total>非スパムメールで正常に配送されたメール</TD> <TD class=total align=right>-----</TD> <TD class=total align=right>453</TD></TR> <TR> <TD class=total>非スパムメールで誤判定によりREJECTされたメール</TD> <TD class=total align=right>-----</TD> <TD class=total align=right>1</TD></TR> <TR> <TD class=total>スパムメール総数</TD> <TD class=total align=right>-----</TD> <TD class=total align=right>29,844</TD></TR> <TR> <TD class=total>reject_unknown_client(smtpd_client_restrictions)によるREJECT</TD> <TD class=total align=right>44.317%</TD> <TD class=total align=right>13,226</TD></TR> <TR> <TD class=total>client_restrictions(smtpd_client_restrictions)によるREJECT</TD> <TD class=total align=right>27.043%</TD> <TD class=total align=right>8,071</TD></TR> <TR> <TD class=total>reject_unauth_destination(smtpd_recipient_restrictions)によるREJECT</TD> <TD class=total align=right>16.666%</TD> <TD class=total align=right>4,974</TD></TR> <TR> <TD class=total>reject_unverified_sender(smtpd_sender_restrictions)によるREJECT</TD> <TD class=total align=right>9.415%</TD> <TD class=total align=right>2,810</TD></TR> <TR> <TD class=total>reject_unknown_sender_domain(smtpd_sender_restrictions)によるREJECT</TD> <TD class=total align=right>1.722%</TD> <TD class=total align=right>514</TD></TR> <TR> <TD class=total>procmail(bsfilter、procdnsbl)によるREJECT</TD> <TD class=total align=right>0.646%</TD> <TD class=total align=right>193</TD></TR> <TR> <TD class=total>その他のREJECT(Relay access denied等)</TD> <TD class=total align=right>0.164%</TD> <TD class=total align=right>49</TD></TR> <TR> <TD class=total>配送されたスパムメール</TD> <TD class=total align=right>0.023%</TD> <TD class=total align=right>7</TD></TR> <TR> <TD class=total>Postfix設定パラメータトータルのREJECT</TD> <TD class=total align=right>99.329%</TD> <TD class=total align=right>29,644</TD></TR> <TR> <TD class=total>Postfix設定パラメータ、procmail(bsfilter、procdnsbl)トータルのREJECT</TD> <TD class=total align=right>99.975%</TD> <TD class=total align=right>29,837</TD></TR></TBODY></TABLE> <P>※上記統計を取るために、ブラウザ上からPostfixでREJECTされたログ、procmailで配送されたログを確認するためのスクリプトを作成しました。 </P><A href="http://cmf.ohtanz.com/blog/wp-content/uploads/2007/04/image36.jpg"><IMG alt=RejectMail src="http://cmf.ohtanz.com/blog/wp-content/uploads/2007/04/image36.jpg" width="50%"></A> <P>※<A href="http://cmf.ohtanz.com/download/RejectMail.zip"><FONT color=#ff0000>RejectMail.zip</FONT></A>をダウンロードして同封されているGrepMaillog.pl、index.cgiを適宜修正して下さい。 </P><PRE>GrepMaillog.pl---------------------------------------------------------------- 1:#!/usr/bin/perl ・ ・ ・ 8:my $VIEWDIR = '/hoge/RejectMail'; #WWWアクセス可能な作業ディレクトリ 9:my $MAILLOG = '/var/log/maillog'; #PostfixログのPATH 10:my $PROCMAIL = '/var/log/procmail'; #procmailログのPATH 11:my $WWWUSER = 'www'; #WWW上からCGI実行可能なユーザー ------------------------------------------------------------------------------ </PRE><PRE>index.cgi--------------------------------------------------------------------- 1:#!/usr/bin/perl ・ ・ ・ 5:my $VIEW_DIR = '/hoge/RejectMail'; #WWWアクセス可能な作業ディレクトリ 6:my $VIEW_URI = 'http://www.example.com/RejectMail'; #作業ディレクトリのURI 7:my $MY_SCR = 'index.cgi'; #このスクリプトのファイル名 ------------------------------------------------------------------------------ </PRE> <P>※これら2つのスクリプトを作業ディレクトリに設置してパーミッションを変更後、 <BR>GrepMaillog.plを手動で実行して作業ディレクトリにyyyymmdd.prc、yyyymmdd.txtが作成されているか確認してみて下さい、 <BR>yyyymmdd.prc、yyyymmdd.txtが作成されていたら、ブラウザからindex.cgiにアクセスしてみて下さい、 <BR>何れも問題なければGrepMaillog.plをcronに追加して設置は完了です。 </P> <P><STRONG>■あとがき</STRONG> </P> <P>統計を取ってみた感想として、1通だけ<A href="http://cmf.ohtanz.com/blog/archives/59"><FONT color=#ff0000>誤判定してしまったメール</FONT></A>があったものの、予想以上の好結果に非常に満足しております。 <BR>まさか1ヶ月で約3万通(リトライ要求もあるのでもう少し少ないとは思いますが)ものスパムが来ているとは思ってもいませんでしたけど・・・(゜д゜) <BR></P> <P>また当方は以前からメールチェッカー「<A href="http://limelab.s41.xrea.com/"><FONT color=#ff0000>Liam</FONT></A>」を使用しているので<A href="http://limelab.s41.xrea.com/"><FONT color=#ff0000>Liam</FONT></A>でspamsend.shでまとめられたスパムメール中に非スパムメールが混在していないかをチェックし、 <BR>もし混在してた場合はそのまま非スパムメールをコピペして救済するといった方法をとっています。 </P> <P>これだけのフィルタリングを行うとサーバーへの負荷が気になるところですが、 <BR>昨年末に自宅サーバーを余っていたCPU:Pen4 3.06Ghz、Memory:512Mx2、MB:P4P800-E Deluxeに <BR>Vine4.0を入れて運用してますが、load averageが1.00に達することはありません。 </P> <P><FONT color=#c80000><STRONG>結論として1つのフィルタリングのみに頼らず複数のフィルタリングを組み合わせることが1番効果的ではないかと思いました。 </STRONG></FONT></P> <P>Postfix2.3からアクセステーブルでsleepが使用できる(2.2でもコンパイル時にオプションを付ければ可)そうなので、 <BR><A href="http://www.gabacho-net.jp/anti-spam/"><FONT color=#ff0000>「S25R方式」</FONT></A>で該当した場合にsleepで遅延を起こすことで、向こうが諦めてコネクションを切ってくる <BR>(正常なMTAであれば5分まで平気なはず?)なんてこともできるみたいです。VineでPostfix2.3のrpm早くリリースされないかな~・・・ </P> <P><A style="TEXT-DECORATION: underline" href="http://cmf.ohtanz.com/antispam.html#top"><FONT color=#ff0000>▲TOP</FONT></A></P></TD> <TD id=right-c><IMG height=20 alt=dmy src="http://cmf.ohtanz.com/hp/dmy.gif" width=20></TD></TR> <TR> <TD><IMG alt=low_l src="http://cmf.ohtanz.com/hp/low_l.gif"></TD> <TD id=low-c><IMG height=20 alt=dmy src="http://cmf.ohtanz.com/hp/dmy.gif" width=20></TD> <TD><IMG alt=low_r src="http://cmf.ohtanz.com/hp/low_r.gif"></TD></TR></TBODY></TABLE></DIV></DIV>
查看全文
发表于:2007-12-29 ┆
阅读(505)
┆
评论(1)
CentOS 4.0 - Postfix+ClamAV+Amavisd-newによるウイルス対策
<DIV> <DIV id=base><!-- ■BEGIN: id:base --> <DIV id=header><!-- ■BEGIN id:header --> <DIV id=logo><A href="http://park1.wakwak.com/~ima/index.html"><FONT color=#800080>ごった煮</FONT></A></DIV> <DIV align=right><FONT color=#800080><!--#include virtual="include/sitesearch.inc" --></FONT></DIV> <DIV align=right>Total:<IMG src="http://park1.wakwak.com/~ima/cgi-bin/count/dayx.cgi?gif"> Today:<IMG src="http://park1.wakwak.com/~ima/cgi-bin/count/dayx.cgi?today"> Yesterday:<IMG src="http://park1.wakwak.com/~ima/cgi-bin/count/dayx.cgi?yes"> </DIV></DIV><!-- □END id:header --> <DIV id=navigator><!-- ■BEGIN: id:navigator --> <A href="http://park1.wakwak.com/~ima/index.html"><FONT color=#800080>Home</FONT></A> | <!-- <a href="sitesearch.php">検索</a> | --><!-- <a href="wiki/">Wiki</a> | --> <A href="http://park1.wakwak.com/~ima/computer_top.html"><FONT color=#800080>Top</FONT></A> | <A href="http://park1.wakwak.com/~ima/freebsd_top.html"><FONT color=#800080>FreeBSD</FONT></A> | <A href="http://park1.wakwak.com/~ima/linux_top.html"><FONT color=#800080>Linux</FONT></A> | <A href="http://park1.wakwak.com/~ima/macosx_top.html"><FONT color=#0000ff>MacOSX</FONT></A> | <A href="http://park1.wakwak.com/~ima/windows_top.html"><FONT color=#800080>Windows</FONT></A> | <A href="http://park1.wakwak.com/~ima/java_top.html"><FONT color=#0000ff>Java</FONT></A> | <A href="http://park1.wakwak.com/~ima/dotnet_top.html"><FONT color=#0000ff>.NET</FONT></A> | <A href="http://park1.wakwak.com/~ima/php_top.html"><FONT color=#0000ff>PHP</FONT></A> | <A href="http://park1.wakwak.com/~ima/visualcpp_top.html"><FONT color=#0000ff>VisualC++</FONT></A> | <A href="http://park1.wakwak.com/~ima/linuxc_top.html"><FONT color=#0000ff>Linux-C</FONT></A> | <A href="http://park1.wakwak.com/~ima/oracle_top.html"><FONT color=#800080>Oracle</FONT></A> | </DIV><!-- □END id:navigator --> <DIV id=wrap_content><!-- ■BEGIN id:wrap_content --> <DIV id=content><!-- ■BEGIN id:content --> <H1 class=title><A href="http://park1.wakwak.com/~ima/centos4_top.html"><FONT color=#800080>CentOS 4.0</FONT></A> - Postfix+ClamAV+Amavisd-newによるウイルス対策</H1><PRE style="PADDING-LEFT: 16px; MARGIN-LEFT: 16px">Postfix+ClamAV+Amavisd-newによるウイルス対策を行います </PRE><BR> <DIV id=body><!-- ■BEGIN id:body --> <H3>更新履歴</H3> <DIV> <UL> <LI><FONT color=red>2007.07.01</FONT> YUMの更新でいつの間にかエラーを吐いていたので設定見直し <LI><FONT color=red>2006.07.24</FONT> パスワード付きZIPファイルに対する対応を追記 <LI><FONT color=red>2005.09.08</FONT> SPAMメールの取り扱い及びテスト方法を追記 </LI></UL></DIV><BR> <H1>対象OS、バージョン</H1> <UL class=list2> <LI>CentOS 4.x <LI>postfix-2.1.5-4.2.RHEL4 <LI>clamd-0.90.3-1.el4.rf <LI>clamav-0.90.3-1.el4.rf <LI>clamav-db-0.90.3-1.el4.rf <LI>amavisd-new-2.5.1-1.el4.rf </LI></UL><BR> <H1>追記 2007/7/1</H1> <DIV>YUMで更新している内、いつの間にか(CentOS4.5の後くらいかしら?)、メールログにエラーが発生していた。<BR>エラー内容はこんな感じ・・・<BR><PRE class=commandline>ClamAV-clamd: Can't connect to INET socket 127.0.0.1:3310:..... </PRE>とか・・・<BR><PRE class=commandline>(09541-15) (!!)WARN: all primary virus scanners failed, considering backups </PRE>なので、後述の設定内容を見直し・校正してます。<BR></DIV> <H1>前提条件</H1> <DIV><A href="http://park1.wakwak.com/~ima/centos4_postfix0001.html"><FONT color=#0000ff>Postfixの導入</FONT></A>や<A href="http://park1.wakwak.com/~ima/centos4_postfix0003.html"><FONT color=#0000ff>Postfix+PostfixAdminによるバーチャルホスト運用(PostgreSQL編)</FONT><A>で<BR>メールの送受信環境は整っているものとします。<BR>ここでは、<A href="http://park1.wakwak.com/~ima/centos4_postfix0003.html"><FONT color=#0000ff>Postfix+PostfixAdminによるバーチャルホスト運用(PostgreSQL編)</FONT><A>で構築された環境<BR>に対して行う事を前提にしています。<BR></DIV><BR> <H1>各ソフトウェアの構成</H1> <DIV>Postfix,ClamAV,amavisの構成は以下の様になります。<BR><IMG src="http://park1.wakwak.com/~ima/images/cnetos4-clamav0001.png"> <BR>ウイルス付きメールはvirusalert@example.comに転送します。<BR>また、送信者に対し、警告メールを送付します。<BR></DIV><BR> <H1>作業手順</H1> <DIV> <DIV> <UL> <LI><STRONG><A href="http://park1.wakwak.com/~ima/centos4_postfix0006.html#clamav"><FONT color=#800080>ClamAVの導入</FONT></A></STRONG> <LI><STRONG><A href="http://park1.wakwak.com/~ima/centos4_postfix0006.html#amavis"><FONT color=#800080>amavisd-newの導入</FONT></A></STRONG> <LI><STRONG><A href="http://park1.wakwak.com/~ima/centos4_postfix0006.html#postfix"><FONT color=#800080>Postfixの設定</FONT></A></STRONG> <LI><STRONG><A href="http://park1.wakwak.com/~ima/centos4_postfix0006.html#mailaccount"><FONT color=#800080>メールアカウントの登録</FONT></A></STRONG> <LI><STRONG><A href="http://park1.wakwak.com/~ima/centos4_postfix0006.html#test"><FONT color=#800080>動作確認</FONT></A></STRONG> </LI></UL></DIV></DIV><BR><A name=clamav> <H1>ClamAVの導入</H1> <DIV> <H2>インストール</H2> <DIV>yumにてインストールします。<BR>rootにて以下を実行します。<BR><PRE class=commandline># yum install clamd </PRE>依存関係で clamav.i386,clamav-db.i386 もインストールされます。<BR></DIV><BR> <H2>設定</H2> <DIV>設定ファイルは/etc/clamd.confです。<BR><BR> <H3>パスワード付きZIPファイルをウイルスアラートとしない</H3> <DIV>ArchiveBlockEncrypted というパラメータを指定すると、パスワード付きZIPファイルを無条件にウイルス、<BR><B>VIRUS(Encrypted.Zip) </B>というアラートが送られてきます。<BR>CentOSではデフォルトで有効となっていますので、この機能をOFFにするには、コメント化します。<BR><BR><PRE class=commandline><FONT color=red>#</FONT>ArchiveBlockEncrypted </PRE></DIV><BR></DIV><BR> <H2>clamscanを使ってみる</H2> <DIV><PRE class=commandline># clamscan ファイル名[or ディレクトリ名] </PRE>で、指定したファイル(ディレクトリ下のファイル)のウイルスチェックを行います。<BR>使用例:<BR><PRE class=commandline># clamscan aaa.txt aaa.txt: OK <- ウイルスがいた場合、FOUNDとなる。 ----------- SCAN SUMMARY ----------- Known viruses: 36934 Engine version: 0.86.2 Scanned directories: 0 Scanned files: 1 Infected files: 0 Data scanned: 0.00 MB Time: 2.971 sec (0 m 2 s) </PRE></DIV><BR> <H2>Clamdの設定</H2> <DIV>/etc/clamd.confに以下の設定を行う。<BR><PRE class=commandline>LocalSocket /var/run/clamav/clamd.sock </PRE>※初期値は/tmp/clamdなんですが・・・何か気持ち悪い為。。。<BR></DIV><BR> <H2>Clamdの自動起動設定</H2> <DIV>マシン起動時(ランレベル2,3,4,5)にclamdが起動する様にします。<BR>rootにて以下を実行します。<BR><PRE class=commandline># chkconfig --level 2345 clamd on </PRE></DIV><BR> <H2>Clamdの起動</H2> <DIV>rootにて以下を実行します。<BR><PRE class=commandline># /etc/rc.d/init.d/clamd start </PRE></DIV><BR> <H2>ウイルスデータベースの更新</H2> <DIV>freshclamコマンドで、ウイルスデータベースを更新します。<BR>freshclamの設定ファ%
查看全文
发表于:2007-12-29 ┆
阅读(288)
┆
评论(0)
Postfix + Courier-IMAP + OpenLDAPによるメールサーバ構築(TOP)
<DIV> <TABLE cellSpacing=0 cellPadding=0 width=804 border=0> <TBODY> <TR> <TD width=10 background=../img/wakuL.png><BR> <TD vAlign=top width=784><!-- base --> <TABLE cellSpacing=0 cellPadding=0 width=784 border=0> <TBODY> <TR> <TD><!-- Menu --> <TABLE cellSpacing=0 cellPadding=0 width=784 border=0> <TBODY> <TR><!-- TOP LOGO --> <TD align=middle width=184 bgColor=#ffffff><FONT size=4><A href="http://park15.wakwak.com/~unixlife/index.html"><IMG alt=UNIXな生活 src="http://park15.wakwak.com/~unixlife/img/logo.png" width=184 border=0></A> </FONT></TD><!-- TOP LOGO End --><!-- Menu Bar --> <TD><!-- Menu Button --> <TABLE cellSpacing=0 cellPadding=0 width=600 border=0> <TBODY> <TR> <TD vAlign=center align=right width=600 bgColor=#e1932f height=25><FONT color=#ffffff>更新:2004/7/9 </FONT></TD></TR></TBODY></TABLE><!-- Menu Button End --><!-- Menu Text --> <TABLE cellSpacing=0 cellPadding=0 width=600 border=0> <TBODY> <TR> <TD vAlign=bottom align=left bgColor=#ecb063 height=25><FONT color=#ffffff><A href="http://park15.wakwak.com/~unixlife/linux/index.html"><IMG alt=Linuxな生活 src="http://park15.wakwak.com/~unixlife/img/linux-2-w.png" width=100 border=0></A></FONT></TD> <TD vAlign=bottom align=left bgColor=#ecb063 height=25><FONT color=#ffffff><A href="http://park15.wakwak.com/~unixlife/freebsd/index.html"><IMG alt= FreeBSDな生活 src="http://park15.wakwak.com/~unixlife/img/freebsd-2-w.png" width=100 border=0></A><BR></FONT></TD> <TD vAlign=bottom align=left bgColor=#ecb063 height=25><FONT color=#ffffff><A href="http://park15.wakwak.com/~unixlife/solaris/index.html"><IMG alt= Solarisな生活 src="http://park15.wakwak.com/~unixlife/img/solaris-2-w.png" width=100 border=0></A><BR></FONT></TD> <TD vAlign=bottom align=left bgColor=#ecb063 height=25><FONT color=#ffffff><A href="http://park15.wakwak.com/~unixlife/java/index.html"><IMG alt= JAVAな生活 src="http://park15.wakwak.com/~unixlife/img/java-2-w.png" width=100 border=0></A><BR></FONT></TD> <TD vAlign=bottom align=left bgColor=#ecb063 height=25><FONT color=#ffffff><A href="http://park15.wakwak.com/~unixlife/practical/index.html"><IMG alt=" Practical use" src="http://park15.wakwak.com/~unixlife/img/practical-2.png" width=100 border=0></A><BR></FONT></TD> <TD vAlign=bottom align=left bgColor=#ecb063 height=25><FONT color=#ffffff><A href="http://park15.wakwak.com/~unixlife/cgi-bin/board/c-board.cgi"><IMG alt= 掲示版 src="http://park15.wakwak.com/~unixlife/img/kei-2-w.png" width=100 border=0></A><BR></FONT></TD></FONT></TR><!-- Menu Text End --></TBODY></TABLE></TD><!-- Menu Bar End--></TR></TBODY></TABLE><!-- Menu End --></TD></TR><!-- Center --> <TR> <TD> <TABLE cellSpacing=0 cellPadding=0 width=784 border=0> <TBODY> <TR> <TD width=4 background=../img/shiki4.png height=4></TD> <TD width=776 background=../img/shiki4.png height=4></TD> <TD width=4 background=../img/shiki4.png height=4></TD></TR><!-- Contents Base--> <TR> <TD vAlign=top> <TABLE cellSpacing=0 cellPadding=0 width=784 border=0> <TBODY> <TR> <TD width=4 bgColor=#ecb063></TD> <TD bgColor=#ecb063><FONT color=#ffffff size=3>Postfix + Courier-IMAP + OpenLDAPによるメールサーバ構築(TOP)</FONT></TD> <TD width=4 bgColor=#ecb063></TD></TR> <TR> <TD width=4 bgColor=#ffffff><BR></TD> <TD width=776 bgColor=#ffffff><!-- Contents --> <TABLE cellSpacing=2 cellPadding=2 width=776 border=0> <TBODY> <TR> <TD width="100%" bgColor=#ffffff> Postfix + Courier-IMAP + OpenLDAPによるメールサーバ構築です。今回はかなり長丁場です。<BR> 構築環境は、基本的にDebian "sarge"ですが、各アプリケーションをソースからインストールする場合も捕捉しておきますので、 他のLinuxではこちらを参考にしてください。FreeBSDはPortsを利用できます。設定はソースからインストールする場合を参考にしてください。<BR> なお、Postfixの設定例は、2.0系と2.1系両方をあげてあります。ご利用するバージョンに合わせて設定してください。<BR><BR></TD></TR> <TR> <TD width="100%" bgColor=#e8c091>メールサーバの概要</TD></TR> <TR> <TD width="100%" bgColor=#ffffff> SMTPサーバには、Postfixを利用しバーチャル対応とします。SMTP認証にはCyrus-SASLを利用します。IMAPとPOPサーバはCourier-IMAPと同POPサーバを使いますが、 こちらの認証はCourier付属のauthdeamonで行います。<BR> OpenLDAPには、全てのユーザ情報を保存し一元管理します。Postfix,Cyrus-SASL,CourierはOpenLDAPにアクセスし、認証やメールアドレス、 配送先の情報を取得します。 また、付加機能として、ブラウザからメール操作できるようにSquirrelmailを利用します。メーリングリスト用アプリケーションはfmlです。 ついでにOpenSSLを利用し、SSL/TLSでの利用を可能にします。<BR>なお、設定は順を追って説明します。<BR><BR></TD></TR> <TR> <TD width="100%" bgColor=#e8c091>メールサーバの構築</TD></TR> <TR> <TD width="100%" bgColor=#ffffff>1.<A href="http://park15.wakwak.com/~unixlife/practical/postfix2-2.html"><FONT color=#0011ff>OpenLDAPのインストールと設定</FONT></A><BR>2.<A href="http://park15.wakwak.com/~unixlife/practical/postfix2-3.html"><FONT color=#0011ff>Bindのインストールと設定</FONT></A><BR>3.<A href="http://park15.wakwak.com/~unixlife/practical/postfix2-4.html"><FONT color=#9f571d>Postfixのインストールと設定</FONT></A><BR>4.<A href="http://park15.wakwak.com/~unixlife/practical/postfix2-5.html"><FONT color=#9f571d>Cyrus-SASLのインストールと設定</FONT></A><BR>5.<A href="http://park15.wakwak.com/~unixlife/practical/postfix2-6.html"><FONT color=#9f571d>Courier-IMAPのインストールと設定</FONT></A><BR>6.<A href="http://park15.wakwak.com/~unixlife/practical/postfix2-7.html"><FONT color=#9f571d>OpenSSLによる、SSL/TLSの設定</FONT></A><BR>7.<A href="http://park15.wakwak.com/~unixlife/practical/postfix2-8.html"><FONT color=#9f571d>fmlのインストールと設定</FONT></A><BR>8.<A href="http://park15.wakwak.com/~unixlife/practical/postfix2-9.html"><FONT color=#9f571d>Apacheのインストールと設定</FONT></A><BR>9.<A href="http://park15.wakwak.com/~unixlife/practical/postfix2-10.html"><FONT color=#9f571d>Squirrelmailのインストールと設定</FONT></A><BR><BR></TD></TR></TBODY></TABLE><!-- Contents End --></TD> <TD width=4 bgColor=#ffffff><FONT color=#9f571d><BR></FONT></TD></TR></TBODY></TABLE></TD> <TR> <TD width=4 background=../img/shiki2.png height=4><FONT color=#9f571d></FONT></TD> <TD width=776 background=../img/shiki2.png height=4><FONT color=#9f571d></FONT></TD> <TD width=4 background=../img/shiki2.png height=4><FONT color=#9f571d></FONT></TD></TR><!-- Contents Base End --></TBODY></TABLE></TD></TR><!-- Center End --><!-- bottom --> <TR> <TD vAlign=center align=right width=784 bgColor=#e1932f height=20><FONT color=#ffffff>Producted by Tomoya Sakurai <BR></FONT></TD></TR><!-- bottom End --></TBODY></TABLE><!-- base End --></TD> <TD width=10 background=../img/wakuR.png><BR></TD></TD></TR></TBODY></TABLE><!-- waku End --></DIV>
查看全文
发表于:2007-12-29 ┆
阅读(444)
┆
评论(0)
