Install Postfix On FreeBSD 11.0(Minimal+ports+src+sshd_enable+disable sendmail)
- 詳細內容
- 分類: BSD
- 發佈: 2017-12-05, 週二 07:17
- 作者 Super User
- 點擊數: 24854
freebsd-update fetch
freebsd-update install
reboot
update ports
portsnap fetch
portsnap extract
portsnap fetch update
Install Mysql
cd /usr/ports/databases/mysql57-server
make install WITH_CHARSET=utf8 WITH_XCHARSET=all WITH_COLLATION=utf8_general_ci BUILD_OPTIMIZED=yes BUILD_STATIC=yes WITH_NDB=yes clean
Install Apache + Php
cd /usr/ports/www/apache24
make install clean
cd /usr/ports/lang/php56
make config
add
[X] MAILHEAD Enable mail header patch
make install clean
cd /usr/ports/lang/php56-extensions
make install clean
add
[X] FTP FTP support
[X] GD GD library support
[X] IMAP IMAP support
[X] MBSTRING multibyte string support
[X] MCRYPT Encryption support
[X] MYSQL MySQL database support
[X] MYSQLI MySQLi database support
[X] ZIP ZIP support
[X] ZLIB ZLIB support
cd /usr/ports/www/mod_php56
make config
add
[X] MAILHEAD Enable mail header patch
make install clean
cp -rp /usr/local/etc/php.ini-production /usr/local/etc/php.ini
vi /usr/local/etc/apache24/httpd.conf
ServerName www.jason-tang.com
change
DirectoryIndex index.html
to
DirectoryIndex index.html index.htm index.php
AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps
Install Named
cd /usr/ports/dns/bind910
make install clean
vi /usr/local/etc/namedb/named.conf
change
listen-on { 127.0.0.1; };
to
// listen-on { 127.0.0.1; };
vi /etc/resolv.conf
change to
nameserver 127.0.0.1
nameserver 8.8.8.8
vi /etc/rc.conf
syslogd_enable="YES"
syslogd_flags="-ss"
mysql_enable="YES"
apache24_enable="YES"
named_enable="YES"
reboot
cat /root/.mysql_secret
mysql -u root -p
ALTER USER 'root'@'localhost' IDENTIFIED BY 'test';
exit
/usr/local/etc/rc.d/mysql-server restart
Install Cyrus-sasl
cd /usr/ports/security/cyrus-sasl2
make install clean
vi /usr/local/lib/sasl2/smtpd.conf
pwcheck_method:authdaemond
log_level:3
mech_list: PLAIN LOGIN
authdaemond_path:/var/run/authdaemond/socket
Install Postfix
cd /usr/ports/mail/postfix
make install clean
add
[X] MYSQL MySQL database support
[X] SASL Cyrus SASL support (Dovecot SASL is always built in)
Installing postfix-3.1.4,1...
===> Creating groups.
Using existing group 'mail'.
Creating group 'maildrop' with gid '126'.
Creating group 'postfix' with gid '125'.
===> Creating users
Creating user 'postfix' with uid '125'.
Adding user 'postfix' to group 'mail'.
Would you like to activate Postfix in /usr/local/etc/mail/mailer.conf [n]?n
echo 'postfix: root' >> /etc/aliases
/usr/local/bin/newaliases
chown postfix:postfix /etc/opiekeys
pw groupadd vmail -g 500
pw useradd vmail -u 500 -g 500 -s /sbin/nologin -d /dev/null
mkdir /home/domains
chown -R vmail:vmail /home/domains
chmod -R ug+rwx,o-rwx /home/domains
mkdir /usr/local/etc/postfix/TLS
cd /usr/local/etc/postfix/TLS
openssl req -new -x509 -nodes -out smtpd.pem -keyout smtpd.pem -days 7300
Country Name (2 letter code) [AU]:CN
State or Province Name (full name) [Some-State]:Hong Kong
Locality Name (eg, city) []:Hong Kong
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Jason Tang Ltd
Organizational Unit Name (eg, section) []:IT
Common Name (eg, YOUR name) []:Jason Tang
Email Address []: Email住址會使用灌水程式保護機制。你需要啟動Javascript才能觀看它
vi /usr/local/etc/postfix/main.cf
myhostname = mail.jason-tang.com
mydomain = jason-tang.com
myorigin = $mydomain
mydestination = $myhostname localhost localhost.$mydomain
mynetworks = 127.0.0.1/32
inet_interfaces = all
virtual_mailbox_base = /home/domains/
virtual_mailbox_maps = mysql:/usr/local/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_mailbox_domains = mysql:/usr/local/etc/postfix/mysql_virtual_domains_maps.cf
virtual_alias_domains =
virtual_alias_maps = mysql:/usr/local/etc/postfix/mysql_virtual_alias_maps.cf
virtual_uid_maps = static:500
virtual_gid_maps = static:500
virtual_transport = maildrop
maildrop_destination_recipient_limit = 1
maildrop_destination_concurrency_limit = 1
message_size_limit = 51200000
virtual_mailbox_limit = 209715200
broken_sasl_auth_clients = yes
smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination
smtpd_sasl_local_domain = $mydomain
smtpd_sasl_security_options = noanonymous
smtpd_sasl_path = smtpd
smtpd_banner=$myhostname ESMTP $mail_name ($mail_version)
smtp_use_tls = yes
smtpd_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_key_file = /usr/local/etc/postfix/TLS/smtpd.pem
smtpd_tls_cert_file = /usr/local/etc/postfix/TLS/smtpd.pem
smtpd_tls_CAfile = /usr/local/etc/postfix/TLS/smtpd.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
mime_header_checks = regexp:/usr/local/etc/postfix/mime_header_checks.regexp
vi /usr/local/etc/postfix/master.cf
smtps inet n - n - - smtpd
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING
vi /usr/local/etc/postfix/mysql_virtual_alias_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
table = alias
select_field = goto
where_field = address
additional_conditions = AND active = '1'
vi /usr/local/etc/postfix/mysql_virtual_domains_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
table = domain
select_field = description
where_field = domain
additional_conditions = AND active = '1'
vi /usr/local/etc/postfix/mysql_virtual_mailbox_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
table = mailbox
select_field = maildir
where_field = username
additional_conditions = AND active = '1'
vi /usr/local/etc/postfix/mime_header_checks.regexp
/filename=\"?(.*)\.(bat|cmd|com|pif|exe)\"?$/ REJECT
vi /etc/rc.conf
postfix_enable="YES"
Install Sudo
cd /usr/ports/security/sudo
make install clean
vi /usr/local/etc/sudoers
www ALL=(vmail) NOPASSWD: /usr/local/bin/postfixadmin-mailbox-postcreation.sh, /usr/local/bin/postfixadmin-mailbox-postdeletion.sh, /usr/local/bin/postfixadmin-domain-postdeletion.sh
Install Postfixadmin
cd /usr/ports/mail/postfixadmin
make install clean
add
[X] MYSQL MySQL database support
1. Copy *.sh Files
cp -rp /usr/local/share/postfixadmin/ADDITIONS/postfixadmin*.sh /usr/local/bin
chmod 755 /usr/local/bin/postfixadmin*.sh
vi /usr/local/bin/postfixadmin-mailbox-postcreation.sh
change
basedir=/var/spool/maildirs
to
basedir=/home/domains
change
maildirmake "$maildir"
to
/usr/local/bin/maildirmake "$maildir"
vi /usr/local/bin/postfixadmin-mailbox-postdeletion.sh
change
basedir=/var/spool/maildirs
trashbase=/var/spool/deleted-maildirs
to
basedir=/home/domains
trashbase=/home/domains
vi /usr/local/bin/postfixadmin-domain-postdeletion.sh
change
basedir=/var/spool/maildirs
trashbase=/var/spool/deleted-maildirs
to
basedir=/home/domains
trashbase=/home/domains
2. Create the MySQL Database
mysql -u root -p
test
CREATE DATABASE postfix;
GRANT ALL ON postfix.* TO postfix@localhost IDENTIFIED BY "postfix";
exit
3. Configure PostfixAdmin
vi /usr/local/www/postfixadmin/config.inc.php
$CONF['configured'] = true;
$CONF['database_type'] = 'mysqli';
$CONF['database_password'] = 'postfix';
$CONF['admin_email'] = Email住址會使用灌水程式保護機制。你需要啟動Javascript才能觀看它';
$CONF['aliases'] = '0';
$CONF['mailboxes'] = '0';
$CONF['maxquota'] = '0';
$CONF['domain_quota_default'] = '0';
$CONF['domain_quota'] = 'NO';
$CONF['vacation'] = 'YES';
$CONF['vacation_domain'] = 'autoreply.jason-tang.com';
$CONF['footer_text'] = 'Return to mail.jason-tang.com PostfixAdmin';
$CONF['footer_link'] = 'http://mail.jason-tang.com/postfixadmin';
$CONF['mailbox_postcreation_script']='/usr/local/bin/sudo -u vmail /usr/local/bin/postfixadmin-mailbox-postcreation.sh';
// $CONF['mailbox_postedit_script'] = '';
$CONF['mailbox_postdeletion_script']='/usr/local/bin/sudo -u vmail /usr/local/bin/postfixadmin-mailbox-postdeletion.sh';
// $CONF['domain_postcreation_script'] = '';
$CONF['domain_postdeletion_script']='/usr/local/bin/sudo -u vmail /usr/local/bin/postfixadmin-domain-postdeletion.sh';
$CONF['new_quota_table'] = 'NO';
4. Configure Apache
vi /usr/local/etc/apache24/httpd.conf
Alias /postfixadmin "/usr/local/www/postfixadmin/"
<Directory "/usr/local/www/postfixadmin">
Options Indexes
AllowOverride ALL
Require all granted
</Directory>
/usr/local/etc/rc.d/apache24 restart
5.http://IP/postfixadmin/setup.php
You should see a list of 'OK' messages.
Change setup password
Setup password <-------- Input your Setup Password
Setup password (again) <-------- Input your Setup Password again
And then click "Generate password hash"
If you want to use the password you entered as setup password, edit config.inc.php or config.local.php and set
$CONF['setup_password'] = '8c487e1722baa627e55712178141b21b:518761bc455e27d52eb1ed0faffecb8aeea2c90e';
vi /usr/local/www/postfixadmin/config.inc.php
$CONF['setup_password'] = '8c487e1722baa627e55712178141b21b:518761bc455e27d52eb1ed0faffecb8aeea2c90e';
You should see a list of 'OK' messages.
Create superadmin account
Setup password <-------- Input your Setup password
Admin: <-------- Input your Email address(Just for postfixadmin)
Password: <-------- Input your Password
Password (again): <-------- Input your Password again
And then click "Add Admin"
The admin Email住址會使用灌水程式保護機制。你需要啟動Javascript才能觀看它 has been added!
You are done with your basic setup.
You can now login to PostfixAdmin using the account you just created.
mv /usr/local/www/postfixadmin/setup.php /usr/local/www/postfixadmin/setup.php.disabled
chmod 000 /usr/local/www/postfixadmin/setup.php.disabled
Install Courier-imap
cd /usr/ports/mail/courier-imap
make install clean
add
[X] AUTH_MYSQL MySQL support
chmod +x /var/run/authdaemond
vi /usr/local/etc/authlib/authdaemonrc
authmodulelist="authmysql"
authmodulelistorig="authmysql"
vi /usr/local/etc/authlib/authmysqlrc
MYSQL_SERVER localhost
MYSQL_USERNAME postfix
MYSQL_PASSWORD postfix
MYSQL_SOCKET /tmp/mysql.sock
MYSQL_DATABASE postfix
MYSQL_USER_TABLE mailbox
MYSQL_CRYPT_PWFIELD password
MYSQL_UID_FIELD '500'
MYSQL_GID_FIELD '500'
MYSQL_LOGIN_FIELD username
MYSQL_HOME_FIELD concat('/home/domains/',maildir)
MYSQL_NAME_FIELD name
MYSQL_MAILDIR_FIELD concat('/home/domains/',maildir)
MYSQL_QUOTA_FIELD concat(quota,'S')
MYSQL_WHERE_CLAUSE active='1'
cp -rp /usr/local/etc/courier-imap/pop3d.cnf.dist /usr/local/etc/courier-imap/pop3d.cnf
/usr/local/share/courier-imap/mkpop3dcert
cp -rp /usr/local/etc/courier-imap/imapd.cnf.dist /usr/local/etc/courier-imap/imapd.cnf
/usr/local/share/courier-imap/mkimapdcert
/usr/local/share/courier-imap/mkdhparams
vi /usr/local/etc/courier-imap/pop3d-ssl
TLS_CIPHER_LIST="SSLv3:TLSv1:HIGH:!LOW:!MEDIUM:!EXP:!NULL:!aNULL@..."
vi /usr/local/etc/courier-imap/imapd-ssl
TLS_CIPHER_LIST="SSLv3:TLSv1:HIGH:!LOW:!MEDIUM:!EXP:!NULL:!aNULL@..."
vi /etc/rc.conf
courier_authdaemond_enable="YES"
courier_imap_pop3d_enable="YES"
courier_imap_pop3d_ssl_enable="YES"
courier_imap_imapd_enable="YES"
courier_imap_imapd_ssl_enable="YES"
Install Maildrop
cd /usr/ports/mail/maildrop
make WITH_AUTHLIB=yes install clean
[X] AUTH_MYSQL MySQL support
vi /usr/local/etc/postfix/master.cf
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
Install Squirrelmail
cd /usr/ports/mail/squirrelmail
make install clean
cd /usr/ports/mail/squirrelmail-translations
make install clean
chown -R www:www /usr/local/www/squirrelmail
/usr/local/www/squirrelmail/configure
10->1->zh_TW->2->utf-8->S->Q
vi /usr/local/etc/apache24/httpd.conf
Alias /webmail "/usr/local/www/squirrelmail/"
<Directory "/usr/local/www/squirrelmail">
Options Indexes
AllowOverride ALL
Require all granted
</Directory>
reboot
Test:
http://IP/postfixadmin
http://IP/webmail
Install clamav
cd /usr/ports/security/clamav
make install clean
[X] MILTER Compile the milter interface
vi /usr/local/etc/clamav-milter.conf
AddHeader Yes
vi /etc/rc.conf
clamav_clamd_enable="YES"
clamav_freshclam_enable="YES"
clamav_milter_enable="YES"
/usr/local/etc/rc.d/clamav-clamd restart
/usr/local/bin/freshclam
Install SpamAssassin
cd /usr/ports/security/p5-IO-Socket-SSL
make config
Add
[X] IDN International Domain Names support
OK
make install clean
cd /usr/ports/mail/spamassassin
make install clean
/usr/local/bin/sa-update
vi /usr/local/etc/mail/spamassassin/local.cf
rewrite_header Subject *****SPAM*****
report_safe 1
required_score 5.0
use_bayes 1
bayes_auto_learn 1
vi /etc/rc.conf
spamd_enable="YES"
spamd_flags="-u spamd -H /var/spool/spamd"
/usr/local/etc/rc.d/sa-spamd restart
chown -R spamd:spamd /root/.spamassassin
cd /usr/ports/mail/spamass-milter
make install clean
vi /usr/local/etc/rc.d/spamass-milter
change
: ${spamass_milter_socket_mode="644"}
to
: ${spamass_milter_socket_mode="777"}
vi /etc/rc.conf
spamass_milter_enable="YES"
vi /usr/local/etc/postfix/main.cf
milter_connect_macros = b j _ {daemon_name} {if_name} {if_addr}
smtpd_milters =
unix:/var/run/clamav/clmilter.sock
unix:/var/run/spamass-milter.sock
milter_default_action = accept
Install Virtual Vacation
1. Create a local account
pw groupadd vacation -g 501
pw useradd vacation -u 501 -g 501 -s /sbin/nologin -d /nonexistent -c "Virtual Vacation"
2. Install vacation.pl
mkdir /var/spool/vacation
cp -rp /usr/local/share/postfixadmin/VIRTUAL_VACATION/vacation.pl /var/spool/vacation/vacation.pl
chown -R root:vacation /var/spool/vacation
chmod -R 750 /var/spool/vacation
3. Setup the transport type
vi /usr/local/etc/postfix/master.cf
vacation unix - n n - - pipe
flags=Rq user=vacation argv=/var/spool/vacation/vacation.pl -f ${sender} -- ${recipient}
4. Setup the transport maps file
vi /usr/local/etc/postfix/main.cf
transport_maps = hash:/usr/local/etc/postfix/transport
vi /usr/local//etc/postfix/transport
autoreply.jason-tang.com vacation
/usr/local/sbin/postmap /usr/local/etc/postfix/transport
5. Configure vacation.pl
vi /var/spool/vacation/vacation.pl
change
#!/usr/bin/perl -X
to
#!/usr/local/bin/perl -X
our $db_type = 'mysql';
our $db_username = 'postfix';
our $db_password = 'postfix';
our $db_name = 'postfix';
our $vacation_domain = 'autoreply.jason-tang.com';
/usr/local/etc/rc.d/postfix reload
cd /usr/ports/databases/p5-DBD-mysql/
make install clean
reboot