基於Linux平台企業郵件方案

←手機掃碼閱讀     火星人 @ 2014-03-03 , reply:0

基於Linux平台企業郵件方案

基於Linux平台企業郵件方案


一,.安裝準備
我的伺服器:mail.ourlab.org
host -t mx ourlab.org

rpm -e --nodpes sendmail postfix

安裝qmail郵件伺服器之前,當然你得配置好dns了,至於dns得mx怎麼配置,不是我們今天要講的重點。
首先為了安裝順利進行,大家先確認系統是否安裝了以下程序,我們用一個簡單的命令來查詢:
rpm -qa |grep g++ gcc-g++ gdbm gdbm-devel openssl openssl-devel stunnel krb5-devel bzip2 bzip2-devel
然後刪除系統自帶的郵件系統,以免安裝受影響
rpm -e --nodeps sendmail postfix



二.下載所需軟體包

-----------------------------
附加要建立的目錄:
mkdir -p /var/src/tar
mkdir -p /package
mkdir /var/qmail

-----------------------------
umask 0022
mkdir -p /var/src/tar  (將tar.tar.gz解壓后的文件存放在/var/src/tar下)
tar -xzf tar/netqmail-1.05.tar.gz
cd netqmail-1.05
./collate.sh



三,Qmail的安裝軟體
1.daemontools
mkdir -p /package
chmod 1755 /package
cd /package
tar -xpzf /var/src/tar/daemontools-0.76.tar.gz
cd admin/daemontools-0.76
patch -p1 < /var/src/netqmail-1.05/other-patches/daemontools-0.76.errno.patch
package/install

# 驗證daemontools已經正常運行:

sleep 5

ps ax | grep svscan



# add the "clear" service

cd ../
mkdir clear
touch clear/down

cat > clear/run <<EOF
#!/bin/sh
yes '' | head -4000 | tr '\n' .

# When you want to clear the service errors, just run this:
# svc -o /service/clear
EOF

chmod +x clear/run
chmod a-w clear/down

ln -s /package/admin/clear /service/clear


2.ucspi-tcp
cd /var/src/
tar -xzf tar/ucspi-tcp-0.88.tar.gz
cd ucspi-tcp-0.88
patch -p1 < /var/src/netqmail-1.05/other-patches/ucspi-tcp-0.88.errno.patch
# NOTE: If you are on the x86_64 platform, you need to remove the
# "-02" argument to gcc in conf-cc. See this for details

make
make setup check



3.qmail的安裝

mkdir /var/qmail
groupadd nofiles
useradd -g nofiles -d /var/qmail/alias alias
useradd -g nofiles -d /var/qmail qmaild
useradd -g nofiles -d /var/qmail qmaill
useradd -g nofiles -d /var/qmail qmailp
groupadd qmail
useradd -g qmail -d /var/qmail qmailq
useradd -g qmail -d /var/qmail qmailr
useradd -g qmail -d /var/qmail qmails
cd /var/src
tar zxvf tar/toaster-scripts-0.8.1.tar.gz

-------------------------------------------------
cd netqmail-1.05/netqmail-1.05/

# 搜索函數straynewline中的451改為553

vi qmail-smtpd.c
# 當你的伺服器收到無效格式的郵件時,會發送:"I am not going to accept that message at the moment,you can try again later",對方伺服器收到后,幾秒鐘后又會發送同樣的郵件給你,造成多次的重複。

# 改為553后,你的伺服器將直接發送:"I am not going to accept that message,don't try sending it again.",告訴對方的伺服器不要再發這封無效的信件。



# RedHat/Fedora用戶可能需要為TLS補丁鏈接一個include文件

# 輸入如下命令:

ln -s /usr/kerberos/include/com_err.h /usr/kerberos/include/krb5.h /usr/kerberos/include/profile.h /usr/include/

# 刪除sendmail的鏈接

rm -rf /usr/sbin/sendmail
rm -rf /usr/lib/sendmail

make
make setup check

注意qmail的補丁將在vpopmail安裝以後打

./config-fast mail.ourlab.org   你可以填寫你實際郵件伺服器的域名

設置管理員的郵箱地址。
cd /var/qmail/alias
echo "admin@ourlab.org" > .qmail-postmaster
echo "admin@ourlab.org" > .qmail-mailer-daemon
echo "admin@ourlab.org" > .qmail-root
chmod 644 ~alias/.qmail*

開啟SPF設置
echo 3 > /var/qmail/control/spfbehavior


#添加qmail的幫助手冊

echo MANPATH /var/qmail/man >> /etc/man.config


#為qmail服務建立監控目錄和日誌文件:
cd /var/src
cp toaster-scripts-0.8.1/rc /var/qmail/rc
chmod 755 /var/qmail/rc
mkdir /var/log/qmail
echo ./Maildir/ >/var/qmail/control/defaultdelivery
cp toaster-scripts-0.8.1/qmailctl /var/qmail/bin/
chmod 755 /var/qmail/bin/qmailctl
ln -s /var/qmail/bin/qmailctl /usr/bin
ln -s /var/qmail/bin/sendmail /usr/sbin/sendmail
ln -s /var/qmail/bin/sendmail /usr/lib/sendmail
#Now create the supervise directories/scripts for the qmail services:
mkdir -p /var/qmail/supervise/qmail-send/log
mkdir -p /var/qmail/supervise/qmail-smtpd/log
mkdir -p /var/qmail/supervise/qmail-pop3d/log
mkdir -p /var/qmail/supervise/qmail-pop3ds/log
cp /var/src/toaster-scripts-0.8.1/send.run /var/qmail/supervise/qmail-send/run
cp /var/src/toaster-scripts-0.8.1/send.log.run /var/qmail/supervise/qmail-send/log/run
cp /var/src/toaster-scripts-0.8.1/smtpd.run /var/qmail/supervise/qmail-smtpd/run
cp /var/src/toaster-scripts-0.8.1/smtpd.log.run /var/qmail/supervise/qmail-smtpd/log/run
cp /var/src/toaster-scripts-0.8.1/pop3d.run /var/qmail/supervise/qmail-pop3d/run
cp /var/src/toaster-scripts-0.8.1/pop3d.log.run /var/qmail/supervise/qmail-pop3d/log/run
# cp /var/src/toaster-scripts-0.8.1/stunnel.conf /var/qmail/supervise/qmail-pop3ds/
cp /var/src/toaster-scripts-0.8.1/pop3ds.run /var/qmail/supervise/qmail-pop3ds/run
cp /var/src/toaster-scripts-0.8.1/pop3ds.log.run /var/qmail/supervise/qmail-pop3ds/log/run
echo 20 > /var/qmail/control/concurrencyincoming
chmod 644 /var/qmail/control/concurrencyincoming
chmod 755 /var/qmail/supervise/qmail-send/run
chmod 755 /var/qmail/supervise/qmail-send/log/run
chmod 755 /var/qmail/supervise/qmail-smtpd/run
chmod 755 /var/qmail/supervise/qmail-smtpd/log/run
chmod 755 /var/qmail/supervise/qmail-pop3d/run
chmod 755 /var/qmail/supervise/qmail-pop3d/log/run
chmod 755 /var/qmail/supervise/qmail-pop3ds/run
chmod 755 /var/qmail/supervise/qmail-pop3ds/log/run
mkdir -p /var/log/qmail/smtpd
mkdir -p /var/log/qmail/pop3d
mkdir -p /var/log/qmail/pop3ds
chown -R qmaill /var/log/qmail

允許daemontools來啟動qmail
ln -s /var/qmail/supervise/qmail-send /var/qmail/supervise/qmail-smtpd /service

檢測qmail是否安裝成功
sleep 5
qmailctl stat



四,Vpopmail的安裝
vpopmail是一個以qmail為基礎的虛擬域管理包;其允許在一個IP地址添加多個虛擬域;並且可以不需要使用系統帳號做郵件帳號。

參考:http://vpopmail.sf.net/

groupadd -g 89 vchkpw
useradd -u 89 -g vchkpw vpopmail

mkdir -p /home/vpopmail/etc

echo "ourlab.org" > /home/vpopmail/etc/defaultdomain
echo "localhost|0|vpopmail|52netseek|vpopmail" > ~vpopmail/etc/vpopmail.mysql
chown vpopmail:vchkpw ~vpopmail/etc/vpopmail.mysql
chmod 640 ~vpopmail/etc/vpopmail.mysql
chown -R vpopmail:vchkpw ~vpopmail/etc
mysql -u root -p
>CREATE DATABASE vpopmail;
>GRANT select,insert,update,delete,create,drop ON vpopmail.* TO vpopmail@localhost IDENTIFIED BY '52netseek';
>flush privileges;
>quit


cd /var/src
tar -xzf tar/vpopmail-5.4.13.tar.gz
cd vpopmail-5.4.13
patch -p0 < ../tar/vpopmail-5.4.13-cumulative-1.patch

./configure --enable-incdir=/usr/include/mysql --enable-libdir=/usr/lib/mysql --disable-roaming-users --enable-logging=p --disable-passwd --enable-clear-passwd --disable-domain-quotas --enable-auth-module=mysql --enable-auth-logging --enable-sql-logging --disable-valias --disable-mysql-limits --enable-learn-passwords
(在這要注意你的MYSQL安裝的目錄,和共享庫目錄)
make && make install-strip

#管理:

echo 'export PATH=$PATH:/home/vpopmail/bin' >> /etc/profile

source /etc/profile

echo '127.0.0.1:allow,RELAYCLIENT=""' > /home/vpopmail/etc/tcp.smtp

cd ~vpopmail/etc
tcprules tcp.smtp.cdb tcp.smtp.tmp < tcp.smtp

cd /home/vpopmail/bin
chmod 4755 vchkpw           \\設置 smtp-auth
chown root.root vchkpw      \\設置 smtp-auth
如果使用帶驗證的smtp,smtp進程要調用密碼驗證程序,則必須要使用 setuid 和setgid。提高vchkpw的許可權,才能完成setgid操作。
# cd /home/vpopmail/bin
---------------------------------------------------------------------------------------------------------------
# 添加域,前面是域名,後面是管理員(postmaster)密碼
# vadddomain ourlab.org 52netseek //應先生成一個其它的虛擬域名,不然會有問題,無法自動生成vpopmail資料庫

# vadduser netseek@ourlab.org 52netseek

# 添加用戶

vadduser -q 10m okman@ourlab.org 52netseek

vmoduser -c okman okman@ourlab.org

-----------------------------------------------------------------------------------------------------------------------

# 設置郵箱容量達到90%的警告信息

vi /home/vpopmail/domains/.quotawarn.msg



From: 郵箱管理員

Reply-To: postmaster@ourlab.org

To: 郵箱用戶

Subject: 郵箱空間警告

Mime-Version: 1.0

Content-Type: text/html; charset=gb2312

Content-Transfer-Encoding: base64



您的郵箱空間已經達到90%.如果想繼續使用,請刪除一些信件.

如果需要幫助,請聯繫郵箱管理員:

Email : postmaster@ourlab.org





# 設置郵箱已滿的警告信息

echo "郵件被拒絕,用戶的郵箱空間已滿." > /home/vpopmail/domains/.over-quota.msg


-------------------------------------------------------------------------------------------------------------

cd /var/src
cp toaster-scripts-0.8.1/vpopmailctl /var/qmail/bin/vpopmailctl
chmod 755 /var/qmail/bin/vpopmailctl
ln -s /var/qmail/bin/vpopmailctl /usr/bin
cd /var/src/netqmail-1.05/netqmail-1.05
bunzip2 -c ../../tar/qmail-toaster-0.8.3.patch.bz2 | patch -p0
make clean
make
qmailctl stop
make setup check
chown -R vpopmail:vchkpw /var/qmail/spam
make cert
make tmprsadh
-------------------scripts----------------------------------------------------------------------------------

#crontab -e //每天晚上更新temp keys
01 01 * * * /var/qmail/bin/update_tmprsadh > /dev/null 2>&1

# start qmail back up
qmailctl start

#allow daemontools to start vpopmail
ln -s /var/qmail/supervise/qmail-pop3d /var/qmail/supervise/qmail-pop3ds /service

#verify that it's running with vpopmailctl
sleep 5
vpopmailctl stat


# 檢查服務

netstat -an | grep 110

ps -ef | grep qmail

ps -efl | grep "service errors" | grep -v grep

--------------------------Webmail的安裝----------------------------
1.Apache的設置:
#vi /etc/httpd/conf/httpd.conf
Group Apache
User Apache
修改為:
User vpopmail
Group vchkpw


2.vi /etc/php.ini
max_execution_time=60
memory_limit=20M
post_max_size =10M
file_uploads=on
upload_max_filesize=10M
register_globals=On
session.bug_compat_42=0
session.bug_compat_warn=0
sendmail_path = /var/qmail/bin/qmail-inject
chmod 777 /var/lib/php/session/ -R

3.安裝iGenus
tar zxvf igenus_2.0.2_20040901_release.tgz -C /var/www/
cd /var/www/
rm -rf html/
mv igenus html

#建temp文件夾
mkdir /tmp/temp
chmod -R 0755 /tmp/temp
chown -R vpopmail:vchkpw /tmp/temp

mkdir /home/netdisk
chmod -R 0755 /home/netdisk
chown -R vpopmail:vchkpw /home/netdisk

chmod -R 0755 /var/www/html/
chown -R vpopmail:vchkpw /var/www/html/

#cd /var/www/html/config
vi config_inc.php
$CFG_BASEPATH = "/var/www/html/"; \\改成你安裝的目錄
$CFG_MYSQL_HOST = 'localhost';
$CFG_MYSQL_USER = 'vpopmail'; \\vpopmail訪問mysql的帳號
$CFG_MYSQL_PASS = '52netseek'; \\vpopmail訪問mysql的密碼
$CFG_MYSQL_DB = 'vpopmail'; \\資料庫
$CFG_TEMP = "/tmp/temp"; \\刪除$CFG_BASEPATH,並修改路徑

vdeldomain ourlab.org //刪除之前創建的域名

#mysql -uroot -p
use vpopmail;
drop table lastauth;
drop table vpopmail; // 這個表中沒有.................
quit;

# vi /var/www/html/docs/iGENUS.sql
use vpopmail; //加入這一行
`pw_shell` varchar(20) default NULL, 在最後一個表的這個後面加上.

`pw_clear_passwd` varchar(16) default NULL, \\加入這一行

mysql -uroot -p < iGENUS.sql


------------裝IGENUSWEB管理界面------------------------
Igenus管理頁面工具(可選,我測試此處還有點問題,----基實用後面的qmailamdin+vqadmin管理起來也非常方便!)
tar -xzvf igenus_admin_0.1.tgz -C /var/www/html/
vi /var/www/html/admin/includes/config_inc.php

$CFG_VPOPMAIL_USER = "vpopmail"; \\改為你的帳號

$CFG_VPOPMAIL_PASS = "52netseek"; \\改為你的密碼

$CFG_VPOPMAIL_PATH = "/home/vpopmail"; \\改為你的vpopmail安裝目錄
《解決方案》

回復 1# 三里屯搖滾


   
#修改config_inc.php文件
vi /usr/local/apps/www/igenus/config/config_inc.php
---------------------------------
$CFG_BASEPATH = "/usr/local/apps/www/igenus/"; \\改成你安裝的目錄

$CFG_MYSQL_HOST = 'localhost';  

$CFG_MYSQL_USER = 'root'; \\vpopmail訪問mysql的帳號

$CFG_MYSQL_PASS = '12345'; \\vpopmail訪問mysql的密碼

$CFG_MYSQL_DB = 'vpopmail'; \\資料庫

$CFG_TEMP = "/tmp/temp"; \\刪除$CFG_BASEPATH,並修改路徑
---------------------------------
#保存退出


touch /etc/syspasswd.dat

chown -R vpopmail.vchkpw /var/www/html

chmod -R 755 /var/www/html

#登錄設置頁面

http://mail.ourlab.org/admin/sys/

用戶:Admin密碼Admin來登錄.注意A要大寫..這個管理帳號密碼登錄后可以改的



登錄后,首先點"更新資料庫"你就會看見你的域名.然後點"編輯"把"登錄許可權 該域管理員(Postmaster)有權登錄進行用戶管理"這一項打勾,確認后,就可以用

http://mail.ourlab.org/admin/

來登錄管理了。





-----------------------基本郵件安裝完成----------------


安裝:Courier IMAP & IMAP SSL
安裝:courier-authlib
cd /var/src
tar -xjf tar/courier-authlib-0.58.tar.bz2
cd courier-authlib-0.58
./configure --prefix=/usr/local --exec-prefix=/usr/local --with-authvchkpw --without-authldap --without-authmysql --disable-root-check --with-ssl --with-authchange pwdir=/usr/local/libexec/authlib --with-redhat
gmake
gmake install-strip
gmake install-configure

cp courier-authlib.sysvinit /etc/init.d/courier-authlib
chmod 755 /etc/init.d/courier-authlib
ln -s ../init.d/courier-authlib /etc/rc0.d/K30courier-authlib
ln -s ../init.d/courier-authlib /etc/rc1.d/K30courier-authlib
ln -s ../init.d/courier-authlib /etc/rc2.d/S80courier-authlib
ln -s ../init.d/courier-authlib /etc/rc3.d/S80courier-authlib
ln -s ../init.d/courier-authlib /etc/rc4.d/S80courier-authlib
ln -s ../init.d/courier-authlib /etc/rc5.d/S80courier-authlib
ln -s ../init.d/courier-authlib /etc/rc6.d/K30courier-authlib


#vi /usr/local/etc/authlib/authdaemonrc
Change authmodulelist="..." to authmodulelist="authvchkpw"
/etc/init.d/courier-authlib start

安裝 Courier-IMAP:
cd /var/src
tar -xjf tar/courier-imap-4.1.0.tar.bz2
cd courier-imap-4.1.0
chown -R vpopmail:vchkpw ../courier-imap-4.1.0
su vpopmail
./configure --prefix=/usr/local --exec-prefix=/usr/local --with-authvchkpw --without-authldap --without-authmysql --disable-root-check --with-ssl --with-authchangepwdir=/usr/local/libexec/authlib --with-redhat
gmake
exit
gmake install-strip
gmake install-configure
/usr/local/sbin/mkimapdcert

cp courier-imap.sysvinit /etc/init.d/courier-imap
chmod 755 /etc/init.d/courier-imap
ln -s ../init.d/courier-imap /etc/rc0.d/K30courier-imap
ln -s ../init.d/courier-imap /etc/rc1.d/K30courier-imap
ln -s ../init.d/courier-imap /etc/rc2.d/S80courier-imap
ln -s ../init.d/courier-imap /etc/rc3.d/S80courier-imap
ln -s ../init.d/courier-imap /etc/rc4.d/S80courier-imap
ln -s ../init.d/courier-imap /etc/rc5.d/S80courier-imap
ln -s ../init.d/courier-imap /etc/rc6.d/K30courier-imap

#vi /usr/local/etc/imapd.cnf  
vi /usr/local/etc/imapd (whereis imapd)
'IMAPDSTART=YES'
#vi /usr/local/etc/imapd-ssl
IMAPDSSLSTART=YES
TLS_CERTFILE=/usr/local/share/imapd.pem

#/etc/init.d/courier-imap start

--------------------------------------------------安裝完成-------------------------

---------------安裝管理工具---------------------------------------------
ezmlm ? 一個快速,強大的郵件列表程序,可以通過qmailadmin對其進行配置
autorespond ? 自動回復程序,可以很好的與qmailadmin配合使用
qmailadmin ? 通過WEB管理vpopmail域的極好工具
vqadmin ? 通過WEB添加域
---------------------------------------------------------
1.安裝autorespond  //autorespond-2.0.5.tar.gz可以測試一下新版本
cd /var/src
tar zxvf tar/autorespond-2.0.4.tar.gz
cd autorespond-2.0.4
patch -p1 < ../tar/autorespond-2.0.4-2.0.5.patch
make && make install

2.ezmlm-idx
cd /var/src
tar -xzf tar/ezmlm-0.53.tar.gz
tar -xzf tar/ezmlm-idx-0.443.tar.gz
cp -rf  ezmlm-idx-0.443/* ezmlm-0.53/
cd ezmlm-0.53
patch -p0 < idx.patch
make && make man
#漢字GB2312支持
make ch_GB && make setup


==========================WEB界面管理工具的安裝================================================================

安裝:Qmailadmin
cd /var/src
tar -xzf tar/qmailadmin-1.2.10.tar.gz
cd qmailadmin-1.2.10/
./configure --enable-help --enable-cgibindir=/var/www/cgi-bin --enable-htmldir=/var/www/html --enable-modify-quota --enable-domain-autofill=yes
make && make install-strip
cd ../
tar -xzf tar/qmailadmin-help-1.0.8.tar.tar
cd qmailadmin-help-1.0.8
mkdir /var/www/html/images/qmailadmin/help
cp -rp * /var/www/html/images/qmailadmin/help

http://mail.ourlab.org/cgi-bin/qmailadmin



安裝:Vqadmin
#cd /var/src
#tar -zxf tar/vqadmin-2.3.6.tar.gz
#cd vqadmin-2.3.6
#vi db_owner.c
static const char *host="localhost";
static const char *user="vpopmail";
static const char *passwd="52netseek";  /* NULL for no password */
static const char *db="vpopmail";

#./configure --enable-cgibindir=/var/www/cgi-bin --enable-htmldir=/var/www/html  --enable-mysql=y --includedir=/usr/include/mysql --libdir=/usr/lib/mysql
(下面編譯出錯,指定MSYQL安裝相關的目錄,出錯,我直接用啦./configure)
#make && make install-strip

#vi /etc/httpd/conf/httpd.conf
<Directory "/var/www/cgi-bin/vqadmin">
deny from all
Options ExecCGI
AllowOverride AuthConfig
Order deny,allow
</Directory>

#cd /var/www/cgi-bin/vqadmin
創建.htaccess:
vi .htaccess

AuthType Basic
AuthUserFile /etc/httpd/conf/.vqapwd
AuthName vQadmin
require valid-user
satisfy any

#chown vpopmail .htaccess
#chmod 644 .htaccess
#htpasswd -bc /etc/httpd/conf/.vqapwd admin 52netseek
#chmod 644 /etc/httpd/conf/.vqapwd
重新啟動apache
從瀏覽器訪問:http://mail.ourlab.org/cgi-bin/vqadmin/vqadmin.cgi



-----------------------mysql要安裝其開發相關的包,否則出現編譯不過去----全部安裝成功----------郵件包括管理全部安裝完啦----------------


-------------------------------------------------病毒防護相關--------------------------------------------------------------------------

安裝SpamAssassin  http://www.spamassassin.org  
#rpm -qa |grep spamassassin
spamassassin-3.0.4-1.el4 //我安裝系統是已經安裝好啦.

1.直接安裝
cd /root
perl -MCPAN -e shell  (這個是直接安裝,要在有外網連接的狀態才能在功安裝)
o conf prerequisites_policy ask
install Mail::SpamAssassin
quit

2.下載源碼安裝
安裝 SpamAssassin
# 安裝Time-HiRes perl模塊
cd /var/src
# 注意: 如果你是第一次運行CPAN,你將會被問一系列的問題.
# 大部分問題默認就行了.
perl -MCPAN -e'shell'
cpan> install Time::HiRes
cpan> exit
# 安裝SpamAssassin
cd /var/src
tar -xzf tar/Mail-SpamAssassin-3.1.4.tar.gz
cd Mail-SpamAssassin-3.1.4
perl Makefile.PL
make
make install

#配置spamasssassin
#修改起動腳本使spamassassin支持vpopmail
#修改如下一行:
vi /etc/init.d/spamassassin
SPAMDOPTIONS="-d -c -m5 -H -x -u spamd -v"
vi /etc/sysconfig/spamassassin
SPAMDOPTIONS="-d -c -m5 -H -x -u spamd -v"

#spamassassin的過濾模板在/etc/mail/spamassassin/local.cf,修改為:
vi /etc/mail/spamassassin/local.cf
-------------------------------
required_score          5.0

rewrite_header Subject ********SPAM********

report_safe            1

use_bayes              1

skip_rbl_checks         0

ok_languages            zh en

ok_locales              en ko

score HEAD_ILLEGAL_CHARS 0

score SUBJ_ILLEGAL_CHARS 0

score DATE_IN_PAST_03_06 0

score UPPERCASE_25_50 0

score UPPERCASE_50_75 0

score UPPERCASE_75_100 0

score X_MSMAIL_PRIORITY_HIGH 0

score X_PRIORITY_HIGH 0

score TO_TXT 100

score RATWARE_HASH_2 100

score RATWARE_HASH_2_V2 100

score BAYES_99 0.1

score BAYES_80 0.1

score BAYES_60 0.1

score FROM_ILLEGAL_CHARS 0.1

score MIME_BASE64_TEXT 0.1

score NO_RDNS_DOTCOM_HELO 0.1

score CHINA_HEADER 0.1

score NO_REAL_NAME 0.2

score HTML_MESSAGE 0.2

score MIME_HTML_ONLY 0.2

score MIME_HTML_ONLY_MULTI 0.2

score FORGED_MUA_OUTLOOK 0.2

score FORGED_HOTMAIL_RCVD 0.2

score FORGED_OUTLOOK_TAGS 0.2

score MAILTO_TO_SPAM_ADDR 0.2



#黑白名單

whitelist_from *@domain.com



# ---------------------------------------------------------------------------

# 使用中國反垃圾郵件聯盟的CBL/CDL

# URL: http://www.anti-spam.org.cn/

header RCVD_IN_CBL eval:check_rbl('cbl', 'cbl.anti-spam.org.cn.')

describe RCVD_IN_CBL Received via a relay in cbl.anti-spam.org.cn

tflags RCVD_IN_CBL net



header RCVD_IN_CDL eval:check_rbl('cdl-notfirsthop', 'cdl.anti-spam.org.cn.')

describe RCVD_IN_CDL CDL: dialup sender did non-local SMTP

tflags RCVD_IN_CDL net



#SCORE

score RCVD_IN_CBL 4.0

score RCVD_IN_CDL 3.0
--------------------------------------

#運行ntsysv,將spamassassin設定的為開機運行

#使用CCERT 中文垃圾郵件過濾規則集Chinese_rules.cf
wget -N -P /usr/share/spamassassin www.ccert.edu.cn/spam/sa/Chinese_rules.cf

#添加SpamAssasin服務啟動必須的用戶
useradd spamd
#啟動SpamAssassin
service  spamassassin start

#定期自動更新中文反垃圾郵件規則
crontab ?e
#加入
0 0 1 * * wget -N -P /usr/share/spamassassin www.ccert.edu.cn/spam/sa/Chinese_rules.cf;/etc/init.d/spamassassin restart;/etc/init.d/spamassassin restart;

#建立SpamAssassin的學習系統
sa-learn --sync -D -p user_prefs

#查看自學習的數據信息
sa-learn --dump all

#查看調試信息
spamassassin --lint ?D

#進行一個spam和non-spam的測試
spamassassin -t < sample-spam.txt > spamtest.txt
less spamtest.txt
spamassassin -t < sample-nonspam.txt > nospamtest.txt
less nospamtest.txt
#spamtest.txt文件在主題一段中將包含"*****SPAM*****" 這一行, 而nospamtest.txt文件中則沒有.

OK了,到次qmail的主要模塊都裝上了,要實測正常收發,請注意將你正式域名的MX記錄指向過來。

---------------------------------------------------------------------------------------------------------------------

# 在 daemontools下運行spamd
mkdir -p /var/qmail/supervise/spamd/log
mkdir -p /var/log/spamd
chown qmaill /var/log/spamd
cp /var/src/toaster-scripts-0.8/spamd.run /var/qmail/supervise/spamd/run
cp /var/src/toaster-scripts-0.8/spamd.log.run /var/qmail/supervise/spamd/log/run
chmod 755 /var/qmail/supervise/spamd/run
chmod 755 /var/qmail/supervise/spamd/log/run
cp /var/src/toaster-scripts-0.8/local.cf /etc/mail/spamassassin/local.cf
mkdir /etc/mail/spamassassin/.spamassassin/
chown vpopmail /etc/mail/spamassassin/.spamassassin/
ln -s /var/qmail/supervise/spamd /service



2.安裝:ClamAV  http://clamav.sf.net
#rpm -qa|grep gmp-devel  先查看是否安裝此包

cd /var/src
groupadd clamav
useradd -g clamav clamav

升級zlib到1.2.2否則編譯出錯:
cd  /var/src
tar -xzf tar/zlib-1.2.3.tar.gz
./configure
make
make install

tar -xzf tar/clamav-0.88.4.tar.gz
cd clamav-0.88.4
patch -p0 < ../tar/clamav-0.88.4-stderr.patch
patch -p0 < ../tar/clamav-0.88.4-conf.patch
patch -p0 < ../tar/clamav-0.88.4-freshclamconf.patch
./configure
make
make install
# setup freshclam
touch /var/log/freshclam.log
chmod 600 /var/log/freshclam.log
chown clamav /var/log/freshclam.log
cp /var/src/toaster-scripts-0.8.1/freshclam /etc/init.d/freshclam
chmod 755 /etc/init.d/freshclam
ln -s ../init.d/freshclam /etc/rc0.d/K30freshclam
ln -s ../init.d/freshclam /etc/rc1.d/K30freshclam
ln -s ../init.d/freshclam /etc/rc2.d/S80freshclam
ln -s ../init.d/freshclam /etc/rc3.d/S80freshclam
ln -s ../init.d/freshclam /etc/rc4.d/S80freshclam
ln -s ../init.d/freshclam /etc/rc5.d/S80freshclam
ln -s ../init.d/freshclam /etc/rc6.d/K30freshclam

# add freshclam.log to logrotate
cp /var/src/toaster-scripts-0.8.1/freshclam.logrotate /etc/logrotate.d/freshclam

# run clamd under daemontools
mkdir -p /var/qmail/supervise/clamd/log
mkdir -p /var/log/clamd
chown clamav /var/log/clamd
cp ../toaster-scripts-0.8.1/clamd.run /var/qmail/supervise/clamd/run
cp ../toaster-scripts-0.8.1/clamd.log.run /var/qmail/supervise/clamd/log/run
chmod 755 /var/qmail/supervise/clamd/run
chmod 755 /var/qmail/supervise/clamd/log/run

# Start clamd and freshclam
ln -s /var/qmail/supervise/clamd /service
/etc/init.d/freshclam start


3.安裝 ripmime
ripmime is a tool for extracting MIME attachments from email, and is used by qscanq. See http://www.pldaniels.com/ripmime/ for more details

Install:

cd /var/src/
tar -xzf tar/ripmime-1.4.0.6.tar.gz
cd ripmime-1.4.0.6
make
make install

4.simscan

simscan
要求qmail已經安裝啦 qmail-queue 補丁, a new tool for using virus/spam scanners with qmail. The nice thing is that it prevents viruses (and optionally spam) from even getting into your queue. This is different from qmail-scanner, which will quarantine infected messages instead of stopping them at the SMTP level. Go to http://inter7.com/?page=simscan for more information.

cd /var/src/
tar -xzf tar/simscan-1.2.tar.gz
cd simscan-1.2
patch -p0 < ../tar/ripmime.txt
./configure --enable-user=clamav \
--enable-clamav=y \
--enable-spam=y \
--enable-spam-passthru=y \
--enable-per-domain=y \
--enable-ripmime \
--enable-attach=y \
--enable-received=y

make
make install-strip

# add default rules for simscan
echo ":clam=yes,spam=yes,spam_passthru=yes,attach=.vbs:.lnk:.scr:.wsh:.hta:.pif" > /var/qmail/control/simcontrol
# update /var/qmail/control/simcontrol.cdb
/var/qmail/bin/simscanmk
# put versions for received header in /var/qmail/control/simversions.cdb
/var/qmail/bin/simscanmk -g

# turn on scanning
echo ':allow,QMAILQUEUE="/var/qmail/bin/simscan"' >> ~vpopmail/etc/tcp.smtp
qmailctl cdb


5.

------------------監控------------------------------------------

1.先安裝GD庫:
  我已經安裝好啦相關的gd,zlib....

2.安裝MRTG
tar -xzf tar/mrtg-2.14.5.tar.gz
cd mrtg-2.14.5/
./configure --prefix=/usr/local
make && make install



3.安裝Qmailmrtg7 - MRTG Graphs
tar -xzf tar/qmailmrtg7-4.2.tar.gz
cd qmailmrtg7-4.2
patch -p0 < ../tar/qmailmrtg7-4.2-cfg.patch
make
make install

cp qmail.mrtg.cfg /etc/
indexmaker --section=title /etc/qmail.mrtg.cfg > /var/www/html/qmailmrtg/index.html
# now run mrtg 3 times to get rid of initial cron errors
env LANG=C mrtg /etc/qmail.mrtg.cfg
env LANG=C mrtg /etc/qmail.mrtg.cfg
env LANG=C mrtg /etc/qmail.mrtg.cfg

# Add the following line to your crontab
0-55/5 * * * * env LANG=C /usr/bin/mrtg /etc/qmail.mrtg.cfg > /dev/null


http://192.168.0.86/qmailmrtg/index.html
《解決方案》

還用qmail??




[火星人 ] 基於Linux平台企業郵件方案已經有648次圍觀

http://coctec.com/docs/service/show-post-1923.html