CentOS+Postfix+Dovecot+PostfixAdmin + Amavisd+ClamAV+SpamAssassin

Standard

基础安装
[[email protected] ~ ] yum install -y postfix dovecot
[[email protected] ~ ] hostname
mail.example.com
[[email protected] ~ ] vi /etc/hosts
127.0.0.1 mail.example.com
[[email protected] ~ ] vi /etc/postfix;

#主机名系统
myhostname = mail.example.com
#域名
mydomain = example.com
#本地投递邮件显示的域名
myorigin = $mydomain
#设置接受邮件的网络接口IP, Listen 127.0.0.1
#inet_interfaces = $myhostname, localhost
#Listen *
inet_interfaces = all
#系统所有本地投递的域名列表
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
#172.28.100.0 为内网IP段
mynetworks = 192.168.100.0/24, 127.0.0.0/8
#允许中继的域名
relay_domains =
#设置存放用户邮件的用户目录
home_mailbox = Maildir/

[[email protected] ~ ] vi /etc/dovecot.conf;

protocols = imap imaps pop3 pop3s
mail_location = maildir:~/Maildir
pop3_uidl_format = %08Xu%08Xv

[[email protected] ~ ] useradd test
[[email protected] ~ ] useradd test2
[[email protected] ~ ] mkdir /home/test/Maildir
[[email protected] ~ ] chown test.test /home/test/Maildir
[[email protected] ~ ] chmod -R 700 /home/test/Maildir
[[email protected] ~ ] mkdir /home/test2/Maildir
[[email protected] ~ ] chown test2.test2 /home/test2/Maildir
[[email protected] ~ ] chmod -R 700 /home/test2/Maildir

至此,已经能用系统帐号收发邮件了.

================================================

下面,在之前基础上修改,使用虚拟用户帐号,安装Mysql和PostfixAdmin

安装配置POSTFIXADMIN

下载
cd /var/www/html/;
wget http://downloads.sourceforge.net/project/postfixadmin/postfixadmin/postfixadmin-2.3.3/postfixadmin-2.3.3.tar.gz;
tar zxvf postfixadmin-2.3.3.tar.gz;
mv postfixadmin-2.3.3.tar.gz postfixadmin;
cd postfixadmin;

修改config文件
vi config.inc.php;

$CONF['configured'] = true;
$CONF['default_language'] = 'cn';
$CONF['postfix_admin_url'] = '/postfixadmin';
$CONF['database_type'] = 'mysql';
$CONF['database_host'] = 'localhost';
$CONF['database_user'] = 'postfix';
$CONF['database_password'] = ‘postfix';
$CONF['database_name'] = 'postfix';
$CONF['domain_path'] = 'YES';
$CONF['domain_in_mailbox'] = 'NO';
$CONF['encrypt'] = 'md5';
$CONF['emailcheck_resolve_domain] = 'NO';

然后别忘了先建个postfix库
mysql -e ‘create database postfix’;

访问安装页面

1.访问http://IP/postfixadmin/setup.php
2.创建Setup password(如:123456)
  点击“Generate password hash”获取一段加密代码
  将该代码拷贝到配置文件config.inc.php中的以下配置中
  $CONF['setup_password'] = 'change';(用加密代码替换change)
  然后再次访问PostfixAdmin的设置页,创建管理员的账号和密码
  (需要正确输入之前创建的Setup password才能创建管理员账号)
3.访问PostfixAdmin的登录页http://IP/postfixadmin/
  使用管理员账号登录后,就可以进行相应的管理工作.

配置POSTFIX

vi /etc/postfix/main.cf

#在最后加入
#---------------------Virtual Mailbox settings----------
#89是postfix用户ID `id postfix`
virtual_minimum_uid = 89
virtual_mailbox_base = /var/spool/mail
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_alias_domains = $virtual_alias_maps
virtual_uid_maps = static:89
virtual_gid_maps = static:89
virtual_transport = virtual
maildrop_destination_recipient_limit = 1
maildrop_destination_concurrency_limit = 1
#---------------------Quota--------------------------
message_size_limit = 52428800
mailbox_size_limit = 209715200
virtual_mailbox_limit = 209715200
virtual_create_maildirsize = yes
virtual_mailbox_extended = yes
virtual_mailbox_limit_maps = mysql:/etc/postfix/mysql_virtual_mailbox_limit_maps.cf
virtual_mailbox_limit_override = yes
virtual_mailbox_limit_message = Sorry, The quota of mailbox has overdrawn.
virtual_overquota_bounce = yes
#---------------------SASL--------------------------
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions =  permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = /var/run/dovecot/auth-client #参照dovecot配置
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_security_options = noanonymous
smtpd_sasl_application_name = smtpd
smtpd_banner = $myhostname ESMTP $mail_name ($mail_version)

Postfix的mysql连接配置文件

echo -ne 'user = root\npassword = \nhosts = localhost\ndbname = postfix\ntable = alias\nselect_field = goto\nwhere_field = address' > /etc/postfix/mysql_virtual_alias_maps.cf;
echo -ne 'user = root\npassword = \nhosts = localhost\ndbname = postfix\ntable = domain\nselect_field = domain\nwhere_field = domain' > /etc/postfix/mysql_virtual_domains_maps.cf;
echo -ne 'user = root\npassword = \nhosts = localhost\ndbname = postfix\ntable = mailbox\nselect_field = quota\nwhere_field = username' > /etc/postfix/mysql_virtual_mailbox_limit_maps.cf;
echo -ne 'user = root\npassword = \nhosts = localhost\ndbname = postfix\ntable = mailbox\nselect_field = maildir\nwhere_field = username' > /etc/postfix/mysql_virtual_mailbox_maps.cf;

配置DOVECOT
vi /etc/dovecot.conf

base_dir = /var/run/dovecot
protocols = imap imaps pop3 pop3s
listen = *
disable_plaintext_auth = no
shutdown_clients = yes
log_path = /var/log/dovecot.log
ssl = no
mail_location = maildir:/var/spool/mail/%d/%n
auth default {
  mechanisms = plain login cram-md5
  passdb sql {
    args = /etc/dovecot-mysql.conf
  }
 
  userdb sql {
    args = /etc/dovecot-mysql.conf
  }
...
  socket listen {
    client {
      path = /var/run/dovecot/auth-client #postfix参照于此
      mode = 0660
      user = postfix
      group = postfix
    }
first_valid_uid=89

Dovecot的mysql连接配置文件

vi /etc/dovecot-mysql.conf
driver = mysql
connect = host=localhost dbname=postfix user=root password=
default_pass_scheme = MD5
password_query = SELECT password FROM mailbox WHERE username = '%u'
user_query = SELECT maildir, 89 AS uid, 89 AS gid FROM mailbox WHERE username = '%u'

启动
/etc/init.d/dovecot start
/etc/init.d/postfix start

================================================

打开outlook,在pop和smtp上填上IP地址试试吧.
怎么?不行?看看日志… 发现哪报错了吗?
因为之前CentOS默认安装的postfix是不支持的mysql的(你可以用`postconf -m`看一下是否有mysql支持),所以先卸掉,改yum配置再重装一下.
方法如下:
cp /etc/postfix/main.cf /tmp/
yum remove postfix
vi /etc/yum.repos.d/CentOS-Base.repo

[base]
exclude=postfix-*
[update]
exclude=postfix-*
[centosplus]
includepkgs=postfix-*

yum install postfix
cp /tmp/main.cf /etc/postfix/

================================================

为其加上防病毒及防垃圾邮件功能

安装Amavisd-new, ClamAV and SpamAssassin
因为默认yum下没有amavisd和clamav,所以要先新增rpmforge源
rpm –import http://apt.sw.be/RPM-GPG-KEY.dag.txt
vi /etc/yum.repos.d/CentOS-Base.repo

[rpmforge]
name = Red Hat Enterprise $releasever RPMforge
baseurl = http://apt.sw.be/redhat/el5/en/$basearch/rpmforge
mirrorlist = http://apt.sw.be/redhat/el5/en/mirrors-rpmforge
#mirrorlist = file:///etc/yum.repos.d/mirrors-rpmforge
enabled = 1
protect = 0
gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-rpmforge-dag
gpgcheck = 1

安装配置amavisd和clamav
yum install amavisd-new clamav clamd spamassassin
vi /etc/amavisd.conf

$max_servers = 2;                # num of pre-forked children (2..30 is common), -m
$daemon_user  = "amavis";         # (no default;  customary: vscan or amavis), -u
$daemon_group = "amavis";        # (no default;  customary: vscan or amavis), -g
[...]
$inet_socket_port = 10024;       # listen on this local TCP port(s)
[...]
# $notify_method  = 'smtp:[127.0.0.1]:10025';
# $forward_method = 'smtp:[127.0.0.1]:10025';  # set to undef with milter!
[...]
$mydomain = 'example.com';        # Edit: a convenient default for other settings
$MYHOME = '/var/amavis';                # Uncomment: a convenient default for other settings, -H
$helpers_home = "$MYHOME/var";           # Uncomment: working directory for SpamAssassin, -S
$lock_file = "$MYHOME/var/amavisd.lock"; # Uncomment, -L
$pid_file  = "$MYHOME/var/amavisd.pid";    # Uncomment, -P
$myhostname = 'mail.example.com';         # Uncomment & Edit: must be a fully-qualified domain name!
[...]
$QUARANTINEDIR = "/var/virusmails";
[...]
#@local_domains_maps....  # Comment this line
[...]
$sa_tag_level_deflt  = -999;  # add spam info headers if at, or above that level
$sa_tag2_level_deflt = 5.0;  # add 'spam detected' headers at that level
$sa_kill_level_deflt = 5.0;  # triggers spam evasive actions (e.g. blocks mail)
$sa_dsn_cutoff_level = 17;   # spam level beyond which a DSN is not sent
$sa_quarantine_cutoff_level = 20; # spam level beyond which quarantine is off
$sa_spam_subject_tag = '[SPAM] ';
[...]
$final_virus_destiny      = D_PASS;   # Uncomment this line if you want to receive mails with tag $final_spam_destiny       = D_PASS;   # Uncomment this line if you want to receive mails with tag
# ### http://www.clamav.net/
['ClamAV-clamd',
  \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd.sock"],
  qr/\bOK$/m, qr/\bFOUND$/m,
  qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ],

vi /etc/postfix/master.cf

#增加如下内容:
smtp-amavis  unix    -    -    n    -    4    smtp
        -o smtp_data_done_timeout=1200
        -o smtp_send_xforward_command=yes
        -o disable_dns_lookups=yes
127.0.0.1:10025 inet    n    -    n    -    -    smtpd
        -o content_filter=
        -o local_recipient_maps=
        -o relay_recipient_maps=
        -o smtpd_restriction_classes=
        -o smtpd_helo_restrictions=
        -o smtpd_sender_restrictions=
        -o smtpd_recipient_restrictions=permit_mynetworks,reject
        -o mynetworks=127.0.0.0/8
        -o strict_rfc821_envelopes=yes
        -o smtpd_error_sleep_time=0
        -o smtpd_soft_error_limit=1001
        -o smtpd_hard_error_limit=1000
        -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks

/etc/init.d/clamd start;
/etc/init.d/spamassassin start;
/etc/init.d/amavisd start;
/etc/init.d/postfix reload;

转载请注明出处: http://yemaosheng.com

3 thoughts on “CentOS+Postfix+Dovecot+PostfixAdmin + Amavisd+ClamAV+SpamAssassin

  1. torba

    收藏了,楼主全用yum rpm简易安装,新手老手一学就会,可做标准材料了,要能上个webmail就更好了。

  2. 侯门霸王

    大家注意了:下载支持mysql的postfix时候这里面说的有问题的,应该是:
    [base]
    exclude=postfix-*
    [update]
    exclude=postfix-*
    [centosplus]
    name=CentOS-$releasever – Plus
    mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=centosplus
    #baseurl=http://mirror.centos.org/centos/$releasever/centosplus/$basearch/
    gpgcheck=1
    enabled=1
    gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-centos5
    includepkgs=postfix-*
    exclude=postfix-*plus*

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.