架构基于FreeBSD和Postfix的IGENUS Webmail邮件系统|FreeBSD,Postfix,IGENUS Webmail,邮件系统-中国源码网

杨廷勇 < scyz # toping.net >

本文介绍使用FreeBSD+Postfix+Cyrus-sasl+Courier-imap+igenus+spamassassin+Clamav+mailscanner+mailscanner-mrtg+mailman
来架构一个具有多域名，有邮件列表、webmail、防病毒、防垃圾邮件、web管理界面的邮件系统。
Jacky, $Revision: 4.51 bate $Date: 2005-12-03

系统主要采用MailScanner+clamav+Spamd+APF来对病毒过滤和垃圾邮件过滤。

本文在4.10、5.3、5.4、6.0上安装测试通过，病毒过滤放弃采用amavisd。主要采用执行效率更高的MailSanner来对邮件过滤和垃圾邮件过滤，配置更容易，并且降低了系统开消。让系统更加稳定，经过严格病毒邮件测试成功率达到了100%。垃圾邮件过滤基本上达到了95%的成功率。

Table of Contents
Chapter 1. 系统安装
1.1 安装MySQL
1.2 安装Apache
1.3 安装PHP
1.4 安装zend
1.5 安装openssl
1.6 安装phpMyAdmin
1.7 通过phpMyadmin设置数据库
1.8安装Courier-imap
1.9安装 postfix 和 cyrus-sasl
1.10 安装expect
Chapter 2. 配置邮件服务器
2.1 配置rc.conf
2.2 配置postfix 和 cyrus-sasl
2.3 配置Courier-imap
Chapter 3. 手动设置第一个用户并测试
Chapter 4. 安装postfix管理工具
4.1安装本人开发的postfix管理工具
4.2 用户登录测试
Chapter 5. 防病毒与防垃圾邮件
5.1 安装Clamav
5.2 安装MailScanner
5.3 安装配置Spamassassin
5.4修改Postfix设定档main.cf
5.5修改mailscanner.conf
5.6新增MailScanner所要用到的资料夹
5.7把病毒提示信息改为中文
5.8MailScanner监管进出邮件
5.9 邮件流量监控（mailscanner-mrtg）安装与设置
5.10．安装APF防垃圾邮件
Chapter 6. 安装webmail
Chapter 7邮件列表（mailman）
Chapter 8. 查看系统状态

Chapter 1. 系统安装

安装之前：因用户数据都保存在/var目录下，因此安装FreeBSD时/var的空间应尽量大。FreeBSD的版本为5.3，按最小化安装，软件包只安装cvsup，安装结束后用cvsup更新ports树。在文档中假设服务器的ip地址为192.168.0.2，域名为toping.net，主机名为mail.toping.net。

请兄弟们仔细一些，注意空格和TAB。

祝兄弟们好运。本人水平有限。如果发现文章中有什么错误和不当的地方请发邮件：scyz@toping.net。我会在第一时间给予答复。

1.1 安装MySQL
mail# cd /usr/ports/databases/mysql40-server
mail# make install clean

编辑/etc/rc.conf，加入
mysql_enable="YES"

1.2 安装Apache
mail# cd /usr/ports/www/apache2
mail# make install clean

编辑/etc/rc.conf，加入
Apache2_enable="YES"

1.3 安装PHP
mail# cd /usr/ports/www/mod_php4
mail# make install clean

我的选择：（注意别选DEBUG，否则会和ZEND有冲突）
[X] APACHE2 Use apache 2.x instead of apache 1.3.x

安装需要的PHP扩展模块
mail# cd /usr/ports/lang/php4-extensions
mail# make install clean

我选择了下面的模块：

[X] BCMATH bc style precision math functions
[X] BZ2 bzip2 library support
[X] CALENDAR calendar conversion support
[X] CRACK crack support
[X] CTYPE ctype functions
[X] CURL CURL support
[X] FTP FTP support
[X] GD GD library support
[X] GETTEXT gettext library support
[X] FILEINFO fileinfo support
[X] IMAP IMAP support
[X] MBSTRING multibyte string support
[X] MCAL Modular Calendar Access Library support
[X] MCRYPT Encryption support
[X] MCVE MCVE support
[X] MHASH Crypto-hashing support
[X] MYSQL MySQL database support
[X] PCRE Perl Compatible Regular Expression support
[X] POSIX POSIX-like functions
[X] SESSION session support
[X] TOKENIZER tokenizer support
[X] XML XML support
[X] ZLIB ZLIB support

最后在编辑/usr/local/etc/apache2/httpd.conf最后加入：
DirectoryIndex index.html index.html.var index.php

#注：在DirectoryIndex这里加入index.php,是为了让apache支持首页为index.php的首页文件

AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps

Group www、User www修改为： Group postfix、User postfix
注：以上这一步要在postfix安装后再操作

1.4.安装zend
mail# cd /usr/ports/devel/ZendOptimizer
mail# make install clean

因为版权的问题，他不会自动下载。这里你需要到他的官方网站去下载ZendOptimizer-2.5.10a-freebsd4.3-i386.tar.gz到/usr/ports/distfiles目录下面后再安装。
下载地址：
http://downloads.zend.com/optimizer/2.5.10/ZendOptimizer-2.5.10a-freebsd4.3-i386.tar.gz

完成后在/usr/local/etc/php.ini中加入：
[Zend]
zend_optimizer.optimization_level=15
zend_extension_manager.optimizer="/usr/local/lib/php/20020429/Optimizer"
zend_extension_manager.optimizer_ts="/usr/local/lib/php/20020429/Optimizer_TS"
zend_extension="/usr/local/lib/php/20020429/ZendExtensionManager.so"
zend_extension_ts="/usr/local/lib/php/20020429/ZendExtensionManager_TS.so"

重启apache安装完成。

1.5 安装openssl
mail# cd /usr/ports/security/openssl
mail# make install clean

1.6 安装phpMyAdmin
mail# cd /usr/ports/databases/phpmyadmin
mail# make fetch
注：(在这里建议直接下载后复制安装)

mail# cd /usr/ports/distfiles
mail# tar –zxvf PhpMyadmin-x.tar.gz
mail# mv /usr/local/www/phpMyAdmin-x /usr/local/www/data/dbadmin

修改/usr/local/www/data/dbadmin/config.inc.php
$cfg['PmaAbsoluteUri'] = 'http://192.168.0.2/dbadmin/';
$cfg['Servers'][$i]['auth_type'] = 'http'; // Authentication method (config, http or cookie based)?
注：指定phpmyadmin的认证方式为http方式。

在浏览器输入http://192.168. 0.2/dbadmin/，首次进行登入的用户名为root密码为空，登入后可以修改你的密码。

1.7 通过phpMyadmin设置数据库

建立postfix数据库(注意：数据库名称为postfix)：

mail# mysql –u root –p
mysql# CREATE DATABASE `postfix` ;
mysql# use postfix;

下面为sql语句：

CREATE TABLE domaininfo (
domain_id int(5) NOT NULL auto_increment,
domain varchar(25) NOT NULL default '',
alias varchar(30) default NULL,
passwd varchar(35) NOT NULL default '',
usernum int(5) NOT NULL default '0',
quota int(11) NOT NULL default '0',
des varchar(30) default NULL,
expire date NOT NULL default '0000-00-00',
active tinyint(1) NOT NULL default '1',
create_time datetime default NULL,
PRIMARY KEY (domain_id),
UNIQUE KEY domain (domain),
KEY domain_id (domain_id)
) TYPE=MyISAM COMMENT='domain information';

INSERT INTO domaininfo VALUES (1,'admin',NULL,'$1$.j3.t12.$I7MGf7ZD2HrWwUWQF88Mg1',0,0,'Super Admin','0000-00-00',1,'0000-00-00 00:00:00');

CREATE TABLE userinfo (
id int(11) NOT NULL auto_increment,
userid varchar(20) NOT NULL default '',
domain_id int(5) NOT NULL default '0',
address varchar(50) NOT NULL default '',
alias varchar(60) default NULL,
passwd varchar(35) NOT NULL default '',
realname varchar(20) default NULL,
quota int(11) NOT NULL default '0',
active tinyint(1) NOT NULL default '0',
homedir varchar(60) NOT NULL default '',
maildir varchar(60) NOT NULL default '',
create_time datetime NOT NULL default '0000-00-00 00:00:00',
`fax` varchar(20) NOT NULL default '',
`telephone` varchar(15) NOT NULL default '',
`sex` int(1) NOT NULL default '0',
`year` int(4) NOT NULL default '0',
`MONTH` int(2) NOT NULL default '0',
`DAY` int(2) NOT NULL default '0',
`education` varchar(4) NOT NULL default '',
`marital` int(1) NOT NULL default '0',
`occupation` varchar(15) NOT NULL default '',
`companyname` varchar(30) NOT NULL default '',
`province` varchar(6) NOT NULL default '',
PRIMARY KEY (id),
UNIQUE KEY address (address)
) TYPE=InnoDB COMMENT='User Information';

注：对于初学者，建议以上操作都在phpmyadmin中操作更加的简便，如果后面要使用igenus请导入原来igenus的sql。

建立数据库用户并授以相应的权限

mail# mysql –u root –p
mysql# use mysql;
mysql# INSERT INTO user (host,user,password) VALUES('localhost','postfix','');
mysql# update user set password=password('postfix') where User='postfix';
mysql# GRANT ALL ON postfix.* TO postfix@localhost IDENTIFIED BY "postfix";
注：这里加用户名和密码都为：postfix。并授权对postfix数据库进行操作

1.8 安装Courier-imap
mail# cd /usr/ports/mail/courier-imap
mail# make install clean
我的选择：
[X] OPENSSL Build with OpenSSL support
[X] AUTH_MYSQL MySQL support

在/etc/rc.conf中加入：
courier_authdaemond_enable="YES"
courier_imap_pop3d_enable="YES"
courier_imap_imapd_enable="YES"

mail# cd /usr/local/etc/courier-imap
mail# cp imapd.cnf.dist imapd.cnf
mail# cp pop3d.cnf.dist pop3d.cnf
mail# /usr/local/etc/rc.d/courier-authdaemond.sh start

注：此时会在/var/run/authdaemond/下产生socket，如果没有下面这一步下面的认证无法通过。

mail# chmod +x /var/run/authdaemond

1.9 安装 postfix 和 cyrus-sasl
mail# cd /usr/ports/security/cyrus-sasl2
mail# make install WITH_AUTHDAEMON=yes
mail# make clean

创建/usr/local/lib/sasl2/smtpd.conf

pwcheck_method: authdaemond
log_level: 3
mech_list: PLAIN LOGIN
authdaemond_path:/var/run/authdaemond/socket

更详细的参数设置请看：
http://www.toping.net/bbs/htm_data/7/0508/330.html

至此，认证部分基本完成。

安装postfix
mail# cd /usr/ports/mail/postfix
mail# make install clean

我的选择：
[X] VDA VDA (Virtual Delivery Agent)
[X] MySQL MySQL map lookups (choose version with WITH_MYSQL_VER)
[X] TLS SSL and TLS
[X] SASL2 Cyrus SASLv2 (Simple Authentication and Security Layer)

回答下面的两问题：
You need user "postfix" added to group "mail".[是否将postfix用户加到mail用户组]
Would you like me to add it [y]? y
Would you like to activate Postfix in /etc/mail/mailer.conf [n]? n

在/etc/rc.conf中加入postfix启动所需的启动选项
在/etc/rc.conf中加入：

sendmail_enable="YES"
sendmail_flags="-bd"
sendmail_pidfile="/var/spool/postfix/pid/master.pid"
sendmail_procname="/usr/local/libexec/postfix/master"
sendmail_outbound_enable="NO"
sendmail_submit_enable="NO"
sendmail_msp_queue_enable="NO"

设置postfix启动所需
mail# ln -s /usr/local/sbin/sendmail /usr/sbin/sendmail

注：如果/usr/sbin/sendmail存在就删了再做上链接，如果升级内核和升级系统后要重新做这一步。

mail# echo ‘postfix: root’ >> /etc/aliases
mail# /usr/local/bin/newaliases
mail# chown postfix:postfix /etc/opiekeys

1.10 安装expect
用于Web客户端建立邮件用户
mail# cd /usr/ports/lang/expect
mail# make install clean

Chapter 2. 配置邮件服务器

本节主要讲述各种服务的参数配置。

2.1 配置rc.conf，编辑/etc/rc.conf

下面是前面所装软件都加入了启动选项的rc.conf配置：

mysql_enable="YES"
apache2_enable="YES"
courier_authdaemond_enable="YES"
courier_imap_pop3d_enable="YES"
courier_imap_imapd_enable="YES"
sendmail_enable="YES"
sendmail_flags="-bd"
sendmail_pidfile="/var/spool/postfix/pid/master.pid"
sendmail_procname="/usr/local/libexec/postfix/master"
sendmail_outbound_enable="NO"
sendmail_submit_enable="NO"
sendmail_msp_queue_enable="NO"

2.2 配置postfix 和 cyrus-sasl
(1)修改/usr/local/etc/postfix/main.cf，在文件最后加入以下内容
mail# ee /usr/local/etc/postfix/main.cf
smtpd_helo_required = yes
strict_rfc821_envelopes = yes
smtpd_etrn_restrictions = permit_mynetworks, reject
#=====================BASE=====================
myhostname = mail.toping.net
mydomain = toping.net
mydestination = $myhostname
local_recipient_maps =
command_directory = /usr/local/sbin
local_transport = virtual
#=====================MySQL=====================
virtual_alias_maps = mysql:/usr/local/etc/postfix/mysql_virtual_alias_maps.cf
virtual_gid_maps = static:125
virtual_mailbox_base = /
virtual_mailbox_domains = mysql:/usr/local/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_limit = 51200000
virtual_mailbox_maps = mysql:/usr/local/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_minimum_uid = 125
virtual_transport = virtual
virtual_uid_maps = static:125
#=====================Quota=====================
virtual_create_maildirsize = yes
virtual_mailbox_extended = yes
virtual_mailbox_limit_maps = mysql:/usr/local/etc/postfix/mysql_virtual_mailbox_limit_maps.cf
virtual_mailbox_limit_override = yes
virtual_maildir_limit_message = Sorry, the user's maildir has overdrawn his diskspace quota, please try again later.
virtual_overquota_bounce = yes
#====================SASL=====================
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_delay_reject=yes
smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,permit_auth_destination,reject
smtpd_client_restrictions = permit_sasl_authenticated

更详细的参数设置请看论坛：
http://www.toping.net/bbs/htm_data/7/0601/871.html

(4)编辑/usr/local/etc/postfix/mysql_virtual_alias_maps.cf
mail# ee /usr/local/etc/postfix/mysql_virtual_alias_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
query = SELECT alias FROM userinfo WHERE address='%s' AND active = 1

(5)编辑/usr/local/etc/postfix/mysql_virtual_domains_maps.cf
mail# ee /usr/local/etc/postfix/mysql_virtual_domains_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
query = SELECT domain FROM domaininfo WHERE domain='%s'

(6)编辑/usr/local/etc/postfix/mysql_virtual_mailbox_maps.cf
mail# ee /usr/local/etc/postfix/mysql_virtual_mailbox_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
query = SELECT maildir FROM userinfo WHERE address='%s' AND active = 1

(7)编辑/usr/local/etc/postfix/mysql_virtual_mailbox_limit_maps.cf
mail# ee /usr/local/etc/postfix/mysql_virtual_mailbox_limit_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
query = SELECT quota FROM userinfo WHERE address='%s'

2.3 配置Courier-imap

(1)修改Courier相关设置，/usr/local/etc/courier-imap/imapd：

IMAP_CAPABILITY="IMAP4rev1 CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA"

(2)修改/usr/local/etc/courier-imap/pop3d

POP3AUTH="LOGIN CRAM-MD5 CRAM-SHA1"

(3)编辑修改/usr/local/etc/authlib/authmysqlrc
mail# mv /usr/local/etc/authlib/authmysqlrc /usr/local/etc/authlib/authmysqlrc_bak
mail# ee /usr/local/etc/authlib/authmysqlrc
MYSQL_SERVER localhost //数据库主机地址
MYSQL_USERNAME postfix //数据库用户名
MYSQL_PASSWORD postfix //数据库密码
MYSQL_PORT 0
MYSQL_OPT 0
MYSQL_DATABASE postfix //数据库名称
MYSQL_USER_TABLE userinfo
MYSQL_CRYPT_PWFIELD passwd
MYSQL_UID_FIELD '125'
MYSQL_GID_FIELD '125'
MYSQL_LOGIN_FIELD address
MYSQL_HOME_FIELD homedir
MYSQL_NAME_FIELD realname
MYSQL_MAILDIR_FIELD maildir
MYSQL_QUOTA_FIELD quota
注：这里得用tab键来跳格

(4)编辑/usr/local/etc/authlib/authdaemonrc
mail# mv /usr/local/etc/authlib/authdaemonrc /usr/local/etc/authlib/authdaemonrc_bak
mail# ee /usr/local/etc/authlib/authdaemonrc
authmodulelist="authmysql"
authmodulelistorig="authmysql"
version="authdaemond.mysql"
daemons=5
authdaemonvar=/var/run/authdaemond
subsystem=mail
DEBUG_LOGIN=0
DEFAULTOPTIONS="wbnodsn=1"

重启服务器

Chapter 3.手动设置第一个用户并测试

本章介绍如何开通用户，并且测试系统是否正常。

增加域名和管理员

mysql> INSERT INTO `domaininfo` VALUES (7, 'toping.net', NULL, '$1$jNXThQXq$KPjm.WE2f2yX5rceY48vX. ', 50, 500, NULL, '0000-00-00', 1, '2005-04-19 23:19:11');
Query OK, 1 row affected (0.00 sec)

注：这里的toping.net的管理密码为：admin123

mysql> INSERT INTO `userinfo` VALUES (8, 'webmaster', 7, 'webmaster@toping.net', NULL,'$1$4DLQeNkz$QKCAQqg244XwvLl2SD11f0', 'webmaster', 209715200, 1, '/var/mail/toping.net/webmaster/', '/var/mail/toping.net/webmaster/Maildir/', '2005-04-20 23:45:17', '', '', 0, 0, 0, 0, '', 0, '', '', '');

注：这里的webmaster用户的邮箱密码为：000000

[1] [2]

责任编辑 webmaster

相关链接

BSD大家族: FreeBSD,OpenBSD,...

架构基于FreeBSD和Postfix的I...

Solaris,Linux和FreeBSD内核比较

FreeBsd下查看系统硬件配置

姓名：		QQ：
性别：	男女	MSN：
E-mail：		主页：
评分：	1 2 3 4 5
评论内容：
验证码：

架构基于FreeBSD和Postfix的IGENUS Webmail邮件系统

作者： 来源：zz 发表时间：2006-08-03 浏览次数： 字号：大 中 小

作者：来源：zz 发表时间：2006-08-03 浏览次数：字号：大中小