15、配置sasl认证
[root@mail build] vi /usr/lib/sasl2/smtpd.conf
pwcheck_method: authdaemond
log_level: 3
mech_list: plain login
authdaemond_path:/usr/lib/authlib/var/socket
16、配置courier-imap
[root@mail build] mv /usr/lib/authlib/etc/authlib/authmysqlrc /usr/lib/authlib/etc/authlib/authmysqlrc.bak
[root@mail build] vi /usr/lib/authlib/etc/authlib/authmysqlrc
MYSQL_SERVER localhost
MYSQL_USERNAME postfix
MYSQL_PASSWORD postfix
MYSQL_PORT 0
MYSQL_OPT 0
MYSQL_DATABASE postfix
MYSQL_USER_TABLE userinfo
MYSQL_CRYPT_PWFIELD passwd
MYSQL_UID_FIELD '12345'
MYSQL_GID_FIELD '54321'
MYSQL_LOGIN_FIELD address
MYSQL_HOME_FIELD homedir
MYSQL_NAME_FIELD realname
MYSQL_MAILDIR_FIELD maildir
MYSQL_QUOTA_FIELD quota
[root@mail build] mv /usr/lib/authlib/etc/authlib/authdaemonrc /usr/lib/authlib/etc/authlib/authdaemonrc.bak
[root@mail build] vi /usr/lib/authlib/etc/authlib/authdaemonrc
authmodulelist="authmysql"
authmodulelistorig="authmysql"
version="authdaemond.mysql"
daemons=5
subsystem=mail
DEBUG_LOGIN=0
DEFAULTOPTIONS="wbnodsn=1"
[root@mail build] vi /usr/lib/imapd/etc/pop3d默认
POP3DSTART=NO
改为
POP3DSTART=YES
[root@mail build] vi /usr/lib/imapd/etc/imapd
默认
IMAPDSTART=NO
改为
IMAPDSTART=YES
[root@mail build] chmod +x /usr/lib/authlib/var/
17、安装WebMail
[root@mail build] mv Tmail /var/www/html/webmail
[root@mail build] vi /var/www/html/webmail/config/config_inc.php
$CFG_BASEPATH = "/var/www/html/webmail/temp"; //临时目录
// Mysql
define(MYSQL_HOST, 'localhost'); //数据库主机名
define(MYSQL_USER, 'postfix'); //数据库用户名
define(MYSQL_PASS, 'postfix'); //数据库密码
define(MYSQL_DATA, 'postfix'); //数据库名称
$CFG_NETDISK_PATH = "/var/mail/netdisk"; //文件管理存储目录
[root@mail build] vi /var/www/html/webmail/webadmin/include/config.inc.php
// Mysql
define(MYSQL_HOST, 'localhost'); //数据库主机名
define(MYSQL_USER, 'postfix'); //数据库用户名
define(MYSQL_PASS, 'postfix'); //数据库密码
define(MYSQL_DATA, 'postfix'); //数据库名称
[root@mail build] mkdir /var/mail/netdisk
[root@mail build] chown –R postfix:postfix /var/mail/netdisk
[root@mail build] mkdir /var/www/html/webmail/temp
[root@mail build] chown –R postfix:postfix /var/www/html/webmail/temp
[root@mail build] cp courier-authlib-0.58/courier-authlib.sysvinit /etc/rc.d/init.d/courier-authlib
[root@mail build] chmod 755 /etc/rc.d/init.d/courier-authlib
[root@mail build] chkconfig –-add courier-authlib
[root@mail build] cp courier-imap-4.0.6/courier-imap.sysvinit /etc/rc.d/init.d/courier-imap
[root@mail build] chmod 755 /etc/rc.d/init.d/courier-imap
[root@mail build] chkconfig –-add courier-imap
18、启动服务测试
[root@mail build] chkconfig httpd on
[root@mail build] chkconfig mysqld on
[root@mail build] service httpd start
[root@mail build] service mysqld start
[root@mail build] service courier-authlib start
[root@mail build] service courier-imap start
[root@mail build] postfix start通过后台加入域名和用户名(本文档中的域名为: test.com 、 用户名: test@test.com )
[root@mail build] perl -MMIME::Base64 -e 'print encode_base64("test\@test.com");'
dGVzdEB0ZXN0LmNvbQ==
[root@mail build] perl -MMIME::Base64 -e 'print encode_base64("000000");'
MDAwMDAw
[root@mail build] telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 mail.test.com ESMTP Postfix
ehlo mail
250-mail.test.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250 8BITMIME
auth login
334 VXNlcm5hbWU6
dGVzdEB0ZXN0LmNvbQ== //用户名(test@test.com)
334 UGFzc3dvcmQ6
MDAwMDAw // 密码(000000)
235 Authentication successful //表示成功验证通过
19、安装Clamav
[root@mail build] rpm --import http://dag.wieers.com/packages/RPM-GPG-KEY.dag.txt
[root@mail build] rpm --import RPM-GPG-KEY.dag.txt
[root@mail build] rpm -q gpg-pubkey --qf "%{summary} -> %{version}-%{release}\n"
gpg(CentOS-4 key ) -> 443e1821-421f218f
gpg(Dag Wieers (Dag Apt Repository v1.0) ) -> 6b8d79e6-3f49313d
[root@mail build] vi /etc/yum.repos.d/dag.repo
[dag]
name=Dag RPM Repository for Red Hat Enterprise Linux
baseurl=http://apt.sw.be/redhat/el$releasever/en/$basearch/dag
gpgcheck=1
enabled=1
[root@mail build] yum update
[root@mail build] yum install clamav
20、升级病毒库
[root@mail build] /usr/bin/freshclam
ClamAV update process started at Thu Mar 9 17:23:21 2006
main.cvd is up to date (version: 36, sigs: 44686, f-level: 7, builder: tkojm)
daily.cvd is up to date (version: 1319, sigs: 1376, f-level: 7, builder: ccordes)
21、安装Spamassassin
[root@mail build] yum install spamassassin
[root@mail build] service spamassassin start
22、安装MailScanner
[root@mail build] tar –zxf ../src/MailScanner-4.51.5-1.rpm.tar.gz
[root@mail build] MailScanner-4.51.5-1/install.sh
23、设置MailScanner
[root@mail build] chkconfig sendmail off
[root@mail build] chkconfig --level 2345 MailScanner on
[root@mail build] vi /etc/MailScanner/MailScanner.conf
%org-name% = toping.net
%org-long-name% = wooxian
%web-site% = www.toping.net
%report-dir% = /etc/MailScanner/reports/cn
Run As User = postfix
Run As Group = postfix
Incoming Queue Dir = /var/spool/postfix/hold
Outgoing Queue Dir = /var/spool/postfix/incoming
MTA = postfix
Virus Scanners = clamav
Always Include SpamAssassin Report = yes
Use SpamAssassin = yes
Required SpamAssassin Score = 6
SpamAssassin User State Dir = /var/spool/MailScanner/spamassassin
SpamAssassin Install Prefix = /usr/bin
SpamAssassin Local Rules Dir = /etc/MailScanner
[root@mail build] yum install unrar
[root@mail build] unrar x ../src/cn.rar
[root@mail build] mv cn /etc/MailScanner/reports/
[root@mail build] mv /etc/postfix/header_check /etc/postfix/header_check.bak
[root@mail build] vi /etc/postfix/header_check
/^Received:/ HOLD
[root@mail build] chown –R postfix:postfix /var/spool/MailScanner/*
[root@mail build] postfix stop
[root@mail build] service MailScanner start
24、测试病毒邮件
[root@mail build] telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 mail.test.com ESMTP Postfix
ehlo mail
250-mail.test.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250 8BITMIME
auth login
334 VXNlcm5hbWU6
dGVzdEB0ZXN0LmNvbQ== //用户名(test@test.com)
334 UGFzc3dvcmQ6
MDAwMDAw // 密码(000000)
235 Authentication successful //表示成功验证通过
MAIL FROM:
250 Ok
RCPT TO:
250 Ok
DATA
354 End data with .
Subject:Virus test
X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
.
250 Ok: queued as F0C221CC20 //出现F0C221CC20这行表示mailscanner运行成功了
quit
221 Bye
Connection closed by foreign host.收到邮件后会在主题会变成:{Virus?} Virus test
邮件内容会是以下内容:
警告: 此邮件有一个或多个附加档案被移除
警告: 附加档案名称: (详细讯息).
警告: 请参考此信件附加档案 "toping.net-Attachment-Warning.txt" 取得更详细的资料
此讯息由 MailScanner 电子邮件防护系统发出
-----------------------------------------
原有邮件附加档案为 "详细讯息" 被列入拒绝处理的名单.
且被替换为此讯息.
若您仍希望收到*被感染的*附加档案,,请联络系统管理者.包含以下内容:
Thu Mar 9 15:57:25 2006 病毒侦测报告:
ClamAV: msg-3682-1.txt contains Eicar-Test-Signature
求助问题: 检查 the toping.net () MailScanner 机器的 /var/spool/MailScanner/quarantine/20060309 (编号 639F13F97B.BBC3F).
--
系统管理者
以上内容出现表示mailscanner的病毒过滤生效。并成功运行!!
到此一台具有反垃圾和反病毒的邮件服务器建成了,希望我的文档对邮件服务器爱好者能有所帮助~! 如果文档中有任何问题可以发邮件给我指出来我会马上改正。谢谢大家!祝大家好运!!scyz at toping.net
25、关于本文;
祝兄弟们好运。本人水平有限。如果发现文章中有什么错误和不当的地方请发邮件:scyz@toping.net。我会在第一时间给予答复。
26、更新日志;
新增使用mailscanner来对进出邮件进行监管。new
修正上一个版本的一些理解性和文件性错误。
主要“加强”了病毒过滤和垃圾邮件过滤,更加节约系统资源,使系统配置更简单化。
垃圾邮件过滤基本上达到了95%的成功率
本文首次使用MailScanner+Clamav配合对邮件病毒进行过滤。
经过严格病毒邮件测试成功率达到了100%。
翻译了病毒邮件提示为中文提示,让系统更加的人性化。
27、参考文档;
28、相关文档;
发表评论 
打印本文
推荐本文
加入收藏
返回顶部
关闭窗口
