(源自網絡經本人修改)Install Qmail on CentOS 4.2(spamcontrol) and spam antivirus(support Chi
- 詳細內容
- 分類: Linux
- 發佈: 2006-05-28, 週日 15:08
- 作者 Super User
- 點擊數: 28135
請先安裝 mysql 和 apache(php). named
vi /etc/sysconfig/selinux
SELINUX=enforcing
chang to
SELINUX=disabled
setup
加入 httpd mysqld named
reboot
所需軟體:
ucspi-tcp-0.88-2macchi1.i686.rpm
daemontools-0.76-2.i386.rpm
ucspi-unix-0.36-2macchi1.i686.rpm
supervise-scripts-3.5-1.noarch.rpm
qmail.spamcontrol.tar.gz
vpopmail-5.4.13.tar.gz
autorespond-2.0.5.tar.gz
ezmlm-idx-std-0.53.442-5.i386.rpm
qmailadmin-1.2.3.modifyquota.tar.gz.float
sqwebmail-5.0.4.tar.bz2
squirrelmail-1.4.6.tar.gz
all_locales-1.4.6-20060221.tar.gz
安裝:
1. 基本系統 (qmail的啟動,pop3的連接等):
rpm -ivh ucspi-tcp-0.88-2macchi1.i686.rpm
rpm -ivh daemontools-0.76-2.i386.rpm
rpm -ivh ucspi-unix-0.36-2macchi1.i686.rpm
rpm -ivh supervise-scripts-3.5-1.noarch.rpm
2刪除sendmail:
rpm -e --nodeps sendmail
rpm -e --nodeps sendmail-cf
3.安裝Qmail:
1)tar zxvf qmail.spamcontrol.tar.gz
2)cd qmail-1.03
3)./qmail_install_adduser.script
4)./install_spamcontrol.sh
5)make man && make setup check
6)./config-fast 2068.net
7)./finalize.script
8)cd ..
4.MySQL部分:
確保mysql運行正常,添加用戶vpopmail和vpopmailread. vpopmail擁有全部許可權,用於創建及管理 ,vpopmailread只可select,用於vpopmail的日常運行.
1. 進入MySQL: mysql -u root -p , 然後輸入password.
2. 增加MySQL user :
CREATE DATABASE vpopmail;
grant select on vpopmail.* to vpopmailread@localhost identified by 'read-password';
grant all on vpopmail.* to vpopmail@localhost identified by 'vpopmail-password';
3.退出MySQL: quit
5.安裝Vpopmail (qmail 的user可以儲存在Database中):
a)創建vchkpw組及vpopmail用戶:
/usr/sbin/groupadd -g 89 vchkpw
/usr/sbin/useradd -g vchkpw -u 89 vpopmail
b)解開Vpopmail並作修改:
tar -zxvf vpopmail-5.4.13.tar.gz
cd vpopmail-5.4.13
c)安裝(可按實際要求對vpopmail.sh作修改):
./configure \
--enable-auth-logging=y \
--enable-logging=v \
--enable-log-name=vpopmail \
--enable-auth-module=mysql \
--enable-roaming-users=n \
--enable-sqwebmail-pass=n \
--enable-many-domains=n \
--enable-passwd=y \
--disable-clear-passwd \
--enable-tcpserver-file=/etc/tcpcontrol/smtp \
--enable-incdir=/usr/include/mysql \
--enable-libdir=/usr/lib/mysql \
--enable-libs=mysqlclient \
--enable-ip-alias-domains=y \
--enable-qmail-ext=y \
--enable-mysql-replication=n \
--enable-valias=n
--disable-auth-logging Don't record time and ip of last auth attempt. Valid only for CDB, MySQL, PGSQL, LDAP, ActiveDir.
--enable-logging=OPT Log to syslog: n=nothing, e=errors only (default), y=all attempts, p=errors with passwords, v=verbose (all attempts, with passwords).
--enable-log-name=TEXT Set syslog name vpopmail.
--enable-auth-module=MOD Nominate how to store the vpopmail account information (cdb (default), mysql, pgsql, ldap, oracle, sybase, or activedir).
--enable-roaming-users Enable POP-before-SMTP functionality.
--enable-sqwebmail-pass Store a copy of the user's password in the the user's maildir for use by pre-v3 sqwebmail.
--disable-many-domains Creates a table for each virtual domain instead of storing all users in a single table. Only valid for MySQL and PostgreSQL
--enable-passwd Enable /etc/passwd (or shadow) accounts in addition to virtual domains.
--disable-clear-passwd Don't store a cleartext version of the password in addition to the encrypted version.
--enable-tcpserver-file=PATH File where tcpserver -x relay information is stored /home/vpopmail/etc/tcp.smtp.
--enable-incdir=DIR Your MySQL/Oracle 'include' directory.
--enable-libdir=DIR Your MySQL/Oracle 'lib' directory.
--enable-ip-alias-domains Enable mapping of default domain via reverse ip lookup table.
--enable-qmail-ext Enable qmail email address extension support.
--enable-mysql-replication Enable support for replicated MySQL auth servers.
--enable-valias Store email aliases in MySQL.
make clean
make
make install-strip
cd ..
rm -rf vpopmail-5.4.13
d)Create the configuration file that vpopmail will use to setup the connection to the mysql database
# MySQL settings, line 1 is config for read-only,
# line 2 is config for update. Settings for each
# line: server|port|user|password|database
vi /home/vpopmail/etc/vpopmail.mysql
localhost|0|vpopmailread|read-password|vpopmail
localhost|0|vpopmail|vpopmail-password|vpopmail
e)setting quota
vi /home/vpopmail/etc/vlimits.default
maxpopaccounts 5
maxforwards -1
maxautoresponders -1
maxmailinglists X
# quota for entire domain, in megabytes
# example shows a domain with a 100MB quota and a limit of 10,000 messages
#quota 100
quota 150
#maxmsgcount 10000
# default quota for newly created users (in bytes)
# example shows a user with a 20MB quota and a limit of 1000 messages
default_quota 31457280
#default_maxmsgcount 1000
f)修改設定:
在/etc/crontab中加上:
vi /etc/crontab
40 * * * * root /home/vpopmail/bin/clearopensmtp 2>&1 > /dev/null
h)測試:
/home/vpopmail/bin/vadddomain test.com
你就可以建立一個test.com的虛擬域了,然後
/home/vpopmail/bin/vadduser Email住址會使用灌水程式保護機制。你需要啟動Javascript才能觀看它
然後根據提示,設定Email住址會使用灌水程式保護機制。你需要啟動Javascript才能觀看它的口令,OK,你已經有了一個基於虛擬域test.com的用戶賬號user1,此賬號和系統本身是毫不相關的!
在Outlook中設定一個新賬號,注意用戶名應該填user1%test.com!然後測試收發.
6.安裝Qmailadmin (qmail web admin):
a)安裝autorespond:
tar zxvf autorespond-2.0.5.tar.gz
cd autorespond-2.0.5
make && make install
cd ..
b)安裝ezmlm:
rpm -ivh ezmlm-idx-std-0.53.442-5.i386.rpm
c)安裝qmailadmin:
tar -zxvf qmailadmin-1.2.3.modifyquota.tar.gz.float
cd qmailadmin-1.2.3
mkdir /var/www/qmailadmin
./configure --disable-ipauth --enable-modify-quota --enable-cgibindir=/var/www/cgi-bin --enable-htmllibdir=/var/www/qmailadmin --enable-htmldir=/var/www/html
make clean
make && make install-strip
cd ..
d)測試
qmailadmin的測試very easy,打開瀏覽器,http://xx.xx.xx.xx/cgi-bin/qmailadmin
輸入虛擬功能變數名稱及postmaster口令,可以管理本域的用戶了。
7) install courier-authlib and courier-imap
tar jxvf courier-authlib-0.57.tar.bz2
cd courier-authlib-0.57
./configure --prefix=/usr/local --exec-prefix=/usr/local --with-authvchkpw --without-authldap --without-authmysql --disable-root-check --with-ssl --with-authchangepwdir=/usr/local/libexec/authlib --with-redhat
make && make check
make install-strip && make install-configure
vi /etc/rc.local
/usr/local/sbin/authdaemond start
cd ..
cp -rp courier-imap-4.0.4.tar.bz2 /home/vpopmail
chown vpopmail.vchkpw /home/vpopmail/courier-imap-4.0.4.tar.bz2
cd /home/vpopmail
su - vpopmail
tar jxvf courier-imap-4.0.4.tar.bz2
cd courier-imap-4.0.4
./configure --prefix=/usr/local --exec-prefix=/usr/local --with-authvchkpw --without-authldap --without-authmysql --disable-root-check --with-ssl --with-authchangepwdir=/usr/local/libexec/authlib --with-redhat
make && make check
exit
cd /home/vpopmail/courier-imap-4.0.4
make install-strip && make install-configure
/usr/local/sbin/mkimapdcert
vi /usr/local/etc/imapd.cnf
change Email住址會使用灌水程式保護機制。你需要啟動Javascript才能觀看它 to Email住址會使用灌水程式保護機制。你需要啟動Javascript才能觀看它
vi /usr/local/etc/imapd
change IMAPDSTART=NO to IMAPDSTART=YES
vi /usr/local/etc/imapd-ssl
change IMAPDSSLSTART=NO to IMAPDSSLSTART=YES
Make sure that the following configuration exists: TLS_CERTFILE=/usr/local/share/imapd.pem
Special note for people running a small home or office network:
If you are planning on having multiple users connect to your IMAP server from a single IP address, such as in a small home or office network, you may want to increase the "MAXPERIP" setting with the /usr/local/etc/imapd config file. This setting establishes the maximum number of IMAP connections that can be made from a single IP address. An example of this might be if you have a small office network runing on a single DSL or Cable IP address and your mail server is outside of that network. While each computer in your internal network may have it's own private IP address, to the outside world anyone coming from your network has the single routeable IP address assigned to your DSL or Cable connection. The default setting for "MAXPERIP" is 4 so f you have a similar network setup and more than 4 people trying to access your IMAP server, you may want to increase this setting accordingly to avoid connection errors. Within the /usr/local/etc/imapd file, the line you are looking for looks like this:
MAXPERIP=4
vi /usr/local/etc/authlib/authdaemonrc
Around like 27, you should see the "authmodulelist" setting. Make sure that "authvchkpw" is the only module listed. Like so:
authmodulelist="authvchkpw"
Save and exit the file.
cp /usr/local/libexec/imapd.rc /etc/rc.d/init.d/imap
cp /usr/local/libexec/imapd-ssl.rc /etc/rc.d/init.d/imaps
/usr/local/sbin/authdaemond stop
/usr/local/sbin/authdaemond start
/etc/rc.d/init.d/imap stop
/etc/rc.d/init.d/imaps stop
/etc/rc.d/init.d/imap start
/etc/rc.d/init.d/imaps start
vi /etc/rc.d/rc.local
/etc/rc.d/init.d/imap start
/etc/rc.d/init.d/imaps start
cd ..
8.安裝Sqwebmail (webmail):
a)解開sqwebmail,並更新部分file:
tar jxvf sqwebmail-5.0.4.tar.bz2
cd sqwebmail-5.0.4
b)設定環境參數:
INCS=-I/usr/include/mysql
export INCS
LIBS='-L/usr/lib/mysql -lmysqlclient -lz'
export LIBS
CPPFLAGS=-I/usr/include/mysql
LDFLAGS=-L/usr/lib/mysql
export CPPFLAGS
export LDFLAGS
c)安裝前的設定:
mkdir /var/www/sqwebmail
./configure \
--with-cachedir \
--without-gzip \
--enable-webpass=yes \
--enable-softtimeout=1200 \
--enable-autopurge=7 \
--enable-maxpurge=90 \
--enable-unicode \
--enable-cgibindir=/var/www/cgi-bin \
--prefix=/var/www/sqwebmail \
--enable-imagedir=/var/www/html/images/sqwebmail \
--enable-imageurl=/images/sqwebmail/ \
--with-maxargsize=20971520 \
--with-maxformargsize=20971520 \
--with-maxmsgsize=20971520 \
--without-ispell \
--with-authshadow \
--without-authmysql \
--with-authldap \
--with-authuserdb \
--with-authpwd \
--without-authpam \
--with-authvchkpw \
--without-authdaemon
d)安裝:
make configure-check
make
make check
make install-strip
make install-configure
e)安裝後設定:
/var/www/sqwebmail/libexec/sqwebmaild.rc start
vi /etc/rc.d/rc.local
/var/www/sqwebmail/libexec/sqwebmaild.rc start
打開瀏覽器,http://xx.xx.xx.xx/cgi-bin/sqwebmail
Optional Features:
--disable-FEATURE do not include FEATURE (same as --enable-FEATURE=no)
--enable-FEATURE[=ARG] include FEATURE [ARG=yes]
--disable-dependency-tracking Speeds up one-time builds
--enable-dependency-tracking Do not reject slow dependency extractors
--enable-qmaildir=DIR Directory where qmail control and user directories are installed /var/qmail.
--enable-qmail-newu=PATH Full path to qmail-newu program.
--enable-qmail-inject=PATH Full path to qmail-inject program.
--enable-qmail-newmrh=PATH Full path to qmail-newmrh program.
--enable-vpopuser=USER User name allocated to vpopmail vpopmail.
--enable-vpopgroup=GROUP Group name allocated to vpopmail vchkpw.
--enable-tcprules-prog=PATH Full path to tcprules program /usr/{local/}bin/tcprules.
--disable-rebuild-tcpserver-file Disable rebuilding of tcpserver relay control file.
--enable-relay-clear-minutes=# Expire time for roaming users after pop authentication [180].
--enable-learn-passwords If no password is stored for a user, learn it the first time they authenticate.
--disable-md5-passwords Use DES crypt() instead of MD5 encryption for passwords.
--disable-file-locking Don't use file locking.
--enable-file-sync Enable file sync after each message is delivered.
--disable-make-seekable Don't try to make input to vdelivermail seekable.
--disable-users-big-dir Disable hashing of user directories.
--enable-domainquotas Enable non-system domain quotas. See README.quotas for more info.
--enable-domains-dir=TEXT Set domains directory name for ~vpopmail/domains/user/.
--enable-mysql-logging Enable authentication logging to MySQL. Uses setting from --enable-auth-logging.
--enable-pgsql-logging Enable authentication logging to PostgreSQL. Uses setting from --enable-auth-logging.
--enable-mysql-limits Use MySQL to store limits instead of .qmailadmin-limits files.
9) install SquirrelMail
tar -zxvf squirrelmail-1.4.6.tar.gz
mv squirrelmail-1.4.6 /var/www/squirrelmail
tar -zxvf all_locales-1.4.6-20060221.tar.gz
./install
Please enter path to your squirrelmail installation: /var/www/squirrelmail
/var/www/squirrelmail/config/conf.pl
10->1->zh_TW->S
vi /etc/httpd/conf/httpd.conf
Alias /webmail "/var/www/squirrelmail/"
/etc/init.d/httpd restart
建設qmail伺服器的垃圾郵件病毒防護系統 CentOS 4.2
1、maildrop-1.8.1.tar.bz2
2、perl-Time-HiRes-1.55-3.i386.rpm (CentOS 4.2)
3、perl-Digest-SHA1-2.07-5.i386.rpm (CentOS 4.2)
4、clamav-0.88-1.i386.rpm
5、clamav-db-0.88-1.i386.rpm
6、clamav-devel-0.88-1.i386.rpm
7、clamav-server-0.88-1.i386.rpm (掃描病毒郵件)
8、Mail-SpamAssassin-3.0.4.tar.bz2 (掃描垃圾郵件)
9、perl-suidperl-5.8.5-16.RHEL4.i386.rpm (CentOS 4.2)
10、qmail-scanner-1.25.tgz
一 maildrop安裝:
1) tar jxvf maildrop-1.8.1.tar.bz2
2) cd maildrop-1.8.1
3) ./configure
4) make
5) make install-strip
6) make install-man
7) cd ..
二 安裝 perl-Time-HiRes-1.55-3.i386.rpm 和 perl-Digest-SHA1-2.07-5.i386.rpm
1) rpm -ivh perl-Time-HiRes-1.55-3.i386.rpm
2) rpm -ivh perl-Digest-SHA1-2.07-5.i386.rpm
三 安裝clamav
1) groupadd qscand
2) useradd -g qscand -s /bin/false qscand
3) rpm -ivh clamav-*.rpm
4) chown -R qscand.qscand /var/log/clamav
5) vi /etc/clamd.conf
User clamav change to User qscand
6) /etc/rc.d/init.d/clamd start
7) chkconfig --add clamd
8) chkconfig clamd on
9) true > /var/log/clamav/freshclam.log
10) chmod 666 /var/log/clamav/freshclam.log
更新病毒庫,freshclam
11) /usr/bin/freshclam
(把freshclam加入crontab 定時更新病毒庫,
vi /etc/crontab
加入
01 0 * * * root /usr/bin/freshclam
01 12 * * * root /usr/bin/freshclam
)
四 安裝Mail-SpamAssassin-3.0.4.tar.bz2 (若需要掃描垃圾郵件則安裝,否則不用安裝[可能會影響正常郵件])
1) tar jxvf Mail-SpamAssassin-3.0.4.tar.bz2
2) cd Mail-SpamAssassin-3.0.4
3) export LANG=en_US
4) perl Makefile.PL
5) make
6) make install
7) groupadd spamd
8) useradd -g spamd -s /bin/false spamd
9) vi /etc/sysconfig/spamassassin
Add the following line..
SPAMDOPTIONS="-x -u spamd -H /home/spamd -d"
10) vi /etc/mail/spamassassin/local.cf
Add the following line...
# SpamAssassin config file for version 2.5x
# generated by http://www.yrex.com/spam/spamconfig.php (version 1.01)
# How many hits before a message is considered spam.
required_hits 5.0
# Whether to change the subject of suspected spam
rewrite_subject 1
# Text to prepend to subject if rewrite_subject is used
subject_tag *****SPAM*****
# Encapsulate spam in an attachment
report_safe 1
# Use terse version of the spam report
use_terse_report 0
# Enable the Bayes system
use_bayes 1
# Enable Bayes auto-learning
auto_learn 1
# Enable or disable network checks
skip_rbl_checks 0
use_razor2 1
use_dcc 1
use_pyzor 1
# Mail using languages used in these country codes will not be marked
# as being possibly spam in a foreign language.
# - chinese english
ok_languages zh en
# Mail using locales used in these country codes will not be marked
# as being possibly spam in a foreign language.
ok_locales en zh
11) cp spamd/redhat-rc-script.sh /etc/rc.d/init.d/spamd
12) /etc/rc.d/init.d/spamd start
13) chkconfig --add spamd
14) chkconfig spamd on
15) spamassassin -t < sample-spam.txt
16) spamassassin -t < sample-nonspam.txt
17) cd ..
四 安裝perl-suidperl-5.8.5-16.RHEL4.i386.rpm
1) rpm -ivh perl-suidperl-5.8.5-16.RHEL4.i386.rpm
五 安裝qmail-scanner-1.25.tgz
1) tar zxvf qmail-scanner-1.25.tgz
2) cd qmail-scanner-1.25
3) ./configure --admin postmaster --domain test.com --scanners clamdscan,fast_spamassassin --notify recips --qmail-queue-binary /var/qmail/bin/qmail-queue --install
4) vi /var/qmail/bin/qmail-scanner-queue.pl
change
my $spamc_subject='';
to
my $spamc_subject='+++++Trash+++++';
然後用一個普通用戶登陸,執行
5) /var/qmail/bin/qmail-scanner-queue.pl -z
修改環境變數
1 在你的qmail啟動腳本加入
vi /service/qmail-smtpd/run
加入:
QMAILQUEUE=/var/qmail/bin/qmail-scanner-queue.pl
export QMAILQUEUE
重起qmail的smtpd 測試
qmailctl restart
這裏有測試程式
./contrib/test_installation.sh -doit