Postfix+SASL+IMAP-UW+MailScanner+F-prot on FreeBSD
網路上有許多相關的文件
可是有些設定或方法 我實際操作遇到了問題
經過嘗試之後 將自己完整的安裝過程紀錄 分享
應該會讓你在整個安裝過程順利進行
我們先停止sendmail 並安裝Postfix
# killall sendmail
# cd /usr/port/mail/postfix
# make install clean
在出現的第一個選單中選擇 SASL 和 TLS
在出現的第二個選單中選擇 DB3 和 PWCHECK
之後的程序中會出現兩個選項,一個是問「是否將 postfix 加入 mail 群組?」,
另一個是問「是否在 /etc/mail/mailer.conf 中啟動 Postfix?」,請都選 y
安裝過程中,會出現指示使用者進行下面動作的訊息
修改 /etc/rc.conf,加入以下設定,以讓 Postfix 取代 Sendmail:
sendmail_enable="YES"
sendmail_flags="-bd"
sendmail_outbound_enable="NO"
sendmail_submit_enable="NO"
sendmail_msp_queue_enable="NO"
建立 /etc/periodic.conf 檔案,內容為:
daily_clean_hoststat_enable="NO"
daily_status_mail_rejects_enable="NO"
daily_status_include_submit_mailq="NO"
daily_submit_queuerun="NO"
編輯 /usr/local/etc/postfix/main.cf 檔案,
設定伺服器環境,通常需設定以下四項:
myhostname = your.host.name
mydomain = your.domain
myorigin = $myhostname
alias_maps = hash:/usr/local/etc/postfix/aliases
建立 alias 資料庫
# postalias /usr/local/etc/postfix/aliases
設定 SASL 認證;修改/etc/group,將postfix加入cyrus群組:
cyrus:*:60:postfix
建立/usr/local/lib/sasl/smtpd.conf,內容為:
pwcheck_method: pwcheck
確定/usr/local/etc/rc.d/cyrus_pwcheck.sh存在下列一行:
cyrus_pwcheck_enable="yes"
啟動 cyrus_pwcheck:
# /usr/local/etc/rc.d/cyrus_pwcheck.sh start
以OpenSSL的方法產生鑰匙,請自行參閱相關文件
加入SSL/TLS支援,編輯/usr/local/etc/postfix/main.cf,加入:
smtpd_recipient_restrictions =
permit_sasl_autheNticated,check_relay_domains,permit_mynetworks
smtpd_client_restrictions = permit_sasl_authenticated
smtpd_sasl_auth_enable= yes
smtpd_sasl_security_options= noanonymous
smtpd_sasl_local_domain = $myhostname
smtp_use_tls = yes
smtpd_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_key_file = /usr/local/etc/postfix/CA/server.pem
smtpd_tls_cert_file = /usr/local/etc/postfix/CA/server.pem
smtpd_tls_CAfile = /usr/local/etc/postfix/CA/server.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
mtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
啟動Postfix
# /usr/local/sbin/postfix start
安裝 IMAP-UW
# cd /usr/ports/mail/cclient
# make -DWITH_SSL_AND_PLAINTEXT install clean
# cd /usr/ports/mail/imap-uw
# make -DWITH_SSL_AND_PLAINTEXT install
# make cert
# make clean
設定 /etc/inetd.conf,加入:
pop3 stream tcp nowait root /usr/local/libexec/ipop3d ipop3d
imap4 stream tcp nowait root /usr/local/libexec/imapd imapd
pop3s stream tcp nowait root /usr/local/libexec/ipop3d ipop3d
imaps stream tcp nowait root /usr/local/libexec/imapd imapd
設定 /etc/hosts.allow,加入:
imapd : ALL : allow
ipop3d : ALL : allow
設定 /etc/pam.conf,加入:
imap auth required pam_unix.so
imap account required pam_unix.so try_first_pass
imap session required pam_deny.so
pop3 auth required pam_unix.so
pop3 account required pam_unix.so try_first_pass
pop3 session required pam_deny.so
IMAP-UW 啟動服務
# killall -HUP inetd
安裝 perl5.8
# cd /usr/ports/lang/perl5.8
# make install clean
# rehash;use.perl port
安裝CPAN模組 請事先安裝套件[ unzip lynx wget ]
# perl -MCPAN -e shell
cpan> install Bundle::libnet
cpan> install Bundle::LWP
cpan> install IO
cpan> quit
停止 postfix 運作
# postfix stop
安裝 f-prot 至 f-prot官方網站 抓取套件
# tar zxvf fp-freebsd-ws.tar.gz
# mv -r f-prot /usr/local/
# /usr/local/f-prot/install-f-prot.pl
安裝 MailScanner
# cd /usr/ports/mail/mailscanner
# make install
# make initial-config clean
編輯 /usr/local/etc/MailScanner/MailScanner.conf
Run As User = postfix
Run As Group = postfix
Incoming Queue Dir = /var/spool/postfix/hold
Outgoing Queue Dir = /var/spool/postfix/incoming
MTA = postfix
Virus Scanners = f-prot
編輯 /usr/local/etc/postfix/main.cf
header_checks = regexp:/usr/local/etc/postfix/header_checks
編輯 /usr/local/etc/postfix/header_checks
/^Received:/ HOLD
最後設定
# mkdir /var/spool/MailScanner
# mkdir /var/spool/MailScanner/incoming
# mkdir /var/spool/MailScanner/quarantine
# chown postfix:postfix /var/spool/MailScanner/incoming
# chown postfix:postfix /var/spool/MailScanner/quarantine
# touch /usr/local/etc/MailScanner/mcp/mcp.spam.assassin.prefs.conf
# touch /usr/local/etc/MailScanner/rules/bounce.rules
# cd /usr/local/etc/rc.d/
# cp mailscanner.sh.sample mailscanner.sh
確認 PATH= 這行有指示unzip位置,例如 /usr/local/bin
在 /etc/crontab 裡面加入這樣一行:
0 1 * * * root /usr/local/f-prot/tools/check-updates.pl -cron
中文化 MailScanner
到網路上抓取翻譯檔 解壓縮至下列位置
編輯 /usr/local/etc/MailScanner/MailScanner.conf
%report-dir% = /usr/local/share/MailScanner/reports/tw
要正常使用至少要有讓 mailscanner 有 r 的權利
重新開機之後 便會自動啟動 Postfix MailScanner IMAP-UW
# sync;sync;sync;shutdown -r now
Last Update: 2005/12/03
Comments
Post new comment