daemontools ucspi-tcp qmail vpopmail courier-imap squirrelmail igenus 的安装 autorespond ezmlm-idx qmailadmin 安装指南
国外的一篇很好的文章,虽然按照它的方法无法提供qmail smtp发信认证,因此我对它进行了修改。请注意各软件的版本问题。 编辑于2004.4.26
Linux Qmail Toaster (修正版 by geminis)
Version: 0.6 ChangeLog
Last modified: Mar 02, 2004 15:20
Preface
What's a POP toaster?
What this toaster does and does not do
Assumptions/Support (Please Read!)
Prerequisites
Toaster License
Getting Started
DNS
Remove existing sendmail/pop/imap servers
Download packages
Install Software
daemontools
ucspi-tcp
qmail
vpopmail
courier-imap
squirrelmail
igenus 的安装
autorespond
ezmlm-idx
qmailadmin
Test Drive
Options
Qmail Scanner
安装qmail-scanner and Clamav
--------------------------------------------------------------------------------
Preface
What's a POP toaster?:
I use Dan Bernstein's definition described at http://cr.yp.to/qmail/toaster.html
top
What this toaster does and does not do:
This "howto" will walk you through building a Linux Qmail "Toaster". While these instructions are intended to work with popular Linux distributions, they will probably work on other flavors of Unix without too much modification.
Here's a list of features you'll get:
Qmail SMTP Mail Server with SMTP-AUTH (Plain, Login, CRAM-MD5), TLS (SSL) support, and optional Virus/Spam Scanner.
POP3 Server with CRAM-MD5, APOP, and SSL support
IMAP Server with TLS (SSL) support
WebMail Server
Quota Support (usage viewable by webmail)
Autoresponder
Mailing Lists
Web-Based Email Administration
What this toaster does NOT do is act as a thorough guide to qmail or any of the other packages it installs. Such information is already available in the documentation, Life With Qmail, or other howtos/toasters. I only put this together to document all the commands/urls/procedures that I find myself repeating often. It's intended to have a bit of a "copy and paste" feel to it aimed at the impatient (me). If it's not sufficient for you, take the time to read the documentation of each package that's to be installed. There's no substitute for that.
top
Assumptions/Support
This document assumes that you are familiar with Unix system administration, mail/web protocols, etc. You don't have to be a guru to make this work, but you will be patching and compiling source code, as well as editing configuration files. If you want a "point and click" install experience, this is not for you.
These instructions come with no warranty or guarantee. If you blow up your server, and lose business in the process, that's your problem.
Support is not provided. There are mailing lists for all these packages, as well as one specific to this toaster. See links in the appendix for more information.
Commercial support is available. See http://merchbox.com/qmail.php for more information. There are also other sources of commercial support for the individual packages. See the respective documentation for each package for further information.
top
Prerequisites
If you have installed a recent version of your Linux distribution, you shouldn't have any problems, especially if you did a "server" type of install rather than "Desktop". However, this install DOES require that you have the apache web server and PHP installed. Most distributions come with these now. PHP is only required for SquirrelMail. The main issues you might see are missing development libraries, or gdbm, stunnel, kerberos dev files, or openssl. If you are using an rpm based distro, an easy way to check for these is to issue these commands:
rpm -q gdbm
rpm -q gdbm-devel
rpm -q openssl
rpm -q openssl-devel
rpm -q stunnel
rpm -q krb5-devel (kerberos development files)
If any of the above are not installed, either get the rpm for your architecture (probably on your cd if you have one) or install them manually.
This document was written using RedHat Linux 9.0.
top
Toaster License
This document is covered by the same license as Life With Qmail, and the license is detailed here:
http://www.opencontent.org/opl.shtml
Getting Started
DNS
Before we begin, make sure DNS (mx record) is properly setup. If you were using "merchbox.com" as your virtual domain, here's how your host lookups would look after setting up dns:
[shupp@ns1 toaster]$ host -t mx merchbox.com
merchbox.com. mail is handled by 0 mail.merchbox.com.
[shupp@ns1 toaster]$ host -t a merchbox.com
merchbox.com. has address 216.234.249.114
Remove existing smtp/pop/imap servers
Now we must remove any existing installations of sendmail/postfix and disable pop/imap servers. To remove sendmail and postfix from an rpm based distribution, try this:
rpm -e --nodeps sendmail
rpm -e --nodeps postfix
Unless you have other services that absolutely have to run on this machine, I recommend shutting down inetd or xinetd altogether and removing it from your startup scripts. The only thing you'll need (outside of what we're about to isntall) is ssh, which is probably installed already. This will likely shut off any pop3 or imap servers, as well as other unneccessary ports. Otherwise, disable them manually.
To be sure that these services are disabled, try telnetting to ports 25, 110, and 143 and make sure your connections are refused.
top
Download packages
I keep my software source in /var/src. This is what I'll refer to for the rest of this document.
Some of this is version dependent, so please stick to the URLs below!
mkdir -p /var/src/tar
cd /var/src/tar
wget http://cr.yp.to/daemontools/daemontools-0.76.tar.gz
wget http://cr.yp.to/ucspi-tcp/ucspi-tcp-0.88.tar.gz
wget http://shupp.org/software/netqmail-1.05.tar.gz
wget http://shupp.org/patches/qmail-toaster-0.6-1.patch.bz2
wget http://shupp.org/patches/chkuser-0.6.patch
wget http://shupp.org/software/vpopmail-5.4.1.tar.gz
wget http://shupp.org/software/autorespond-2.0.4.tar.gz
wget http://shupp.org/software/qmailadmin-1.2.1.tar.gz
wget http://shupp.org/software/qmailadmin-help-1.0.8.tar.gz
wget http://cr.yp.to/software/ezmlm-0.53.tar.gz
wget http://shupp.org/software/ezmlm-idx-0.40.tar.gz
wget http://shupp.org/software/courier-imap-2.2.2.20040207.tar.bz2
wget http://shupp.org/software/squirrelmail-1.4.2.tar.bz2
wget http://shupp.org/software/quota_usage-1.2.tar.gz
wget http://shupp.org/software/toaster-scripts-0.6.tar.gz
wget http://shupp.org/patches/ezmlm-idx-0.53.400.unified_41.patch
cd ../
tar -xzf tar/netqmail-1.05.tar.gz
cd netqmail-1.05
./collate.sh
top
Install Software
Now that you have downloaded all the software packages to /var/src/tar, please go through each of these installation steps as the appear, and in this order, unless you really know what you're doing. (Because if you did, you wouldn't be reading this, right?)
The below steps assume that your "rc" directories are in /etc/rc.d, and your "init.d" path is "/etc/rc.d/init.d". If yours are different, please substitue paths accordingly.
daemontools
daemontools is a collection of tools for managing UNIX services. It will monitor qmail-send, and qmail-smtpd, and qmail-pop3d services.
Info: http://cr.yp.to/daemontools.html
Install:
mkdir -p /package
chmod 1755 /package
cd /package
tar -xpzf /var/src/tar/daemontools-0.76.tar.gz
cd admin/daemontools-0.76
patch -p1 < /var/src/netqmail-1.05/other-patches/daemontools-0.76.errno.patch
package/install
To verify that daemontools is running, make sure that `ps ax` reports '/bin/sh /command/svscanboot' and 'svscan /service' as running.
top
--------------------------------------------------------------------------------
ucspi-tcp
ucspi-tcp contains tcpserver and tcpclient, command line tools for building client-server applications.
Info: http://cr.yp.to/ucspi-tcp.html
●安装ucspi-tcp-0.88
1.下载相应软件及补丁,由于redhat9.0的glibc的版本问题,必须打补丁才能正常编译。
2.安装ucspi-tcp-0.88
#tar zxvf ucspi-tcp-0.88.tar.gz
#cd ucspi-tcp-0.88
#patch -p1 < ../ucspi-tcp-0.88.a_record.patch
#patch -p1 < ../ucspi-tcp-0.88.errno.patch
#patch -p1 < ../ucspi-tcp-0.88.nobase.patch
#make
#make setup check
top
--------------------------------------------------------------------------------
qmail
qmail rocks. It's a modern smtp server that makes sendmail obsolete.
Info: http://www.qmail.org
The patch you will apply below is a composite of existing patches.
smtp auth 0.4.2
qmail-queue (to allow for virus scanners)
maildir++ patch
support oversize dns packets (not necessary if you use dnscache)
mfcheck (check that the envelope sender has a dns entry)
tarpit delay
qregex (regular expression matching in badmailfrom and badmailto)
big concurrency (set the spawn limit above 255)
Install:
mkdir /var/qmail
groupadd nofiles
useradd -g nofiles -d /var/qmail/alias alias
useradd -g nofiles -d /var/qmail qmaild
useradd -g nofiles -d /var/qmail qmaill
useradd -g nofiles -d /var/qmail qmailp
groupadd qmail
useradd -g qmail -d /var/qmail qmailq
useradd -g qmail -d /var/qmail qmailr
useradd -g qmail -d /var/qmail qmails
# we need to add the vpopmail user here
groupadd -g 89 vchkpw
useradd -u 89 -g vchkpw vpopmail
打补丁及编绎安装qmail
tar zxvf qmail-1.03.tar.gz
tar zxvf qmail-smtpd-auth-0.31.tar.gz
cp qmail-smtpd-auth-0.31/base64.* qmail-1.03 //安装smtp-auth补丁,支持smtp认证
patch -d qmail-1.03 < qmail-smtpd-auth-0.31/auth.patch
cd qmail-1.03
patch -p1 < ../qmail-103.patch
patch -p1 < ../qmailqueue-patch
patch -p1 < ../qmail-maildir++.patch
patch -p1 < ../qmail-1.03.errno.patch
patch -p1 < ../qmail-1.03.qmail_local.patch
vi qmail-smtpd.c //将函数straynewline中的451改为553
//将451改为553是为避免当其它服务器给你发来无效格式的邮件时,你的服务器陷入循环应答。当你的服务器收到无效格式的邮件时,一般会发送:"I am not going to accept that message at the moment,you can try again later",对方服务器收到后,几秒钟后又会发送同样的邮件给你,造成多次的重复。改为553后,你的服务器将直接发送:"I am not going to accept that message,don't try sending it again.",告诉对方的服务器不要再发这封无效的信件。
make setup check
./config-fast mail.cloud.com
# note: RedHat 9 users will need to link certain include files for the TLS patch:
ln -s /usr/kerberos/include/com_err.h /usr/kerberos/include/krb5.h /usr/kerberos/include/profile.h /usr/include/
# as well as remove the sendmail link:
rm /usr/sbin/sendmail
make # 如果这里发生openssl链接库的错误,请升级你的openssl版本
make setup check
# turn on checking for valid dns envelope sender
echo 1 > /var/qmail/control/mfcheck
添加别名用户:
touch /var/qmail/alias/.qmail-root
touch /var/qmail/alias/.qmail-postmaster
touch /var/qmail/alias/.qmail-mailer-daemon
chmod 644 /var/qmail/alias/.qmail*
或者用以下命令:
(cd ~alias; touch .qmail-postmaster .qmail-mailer-daemon .qmail-root)
chmod 644 ~alias/.qmail*
# on the next line replace "full.hostname" with the hostname of your mail server
./config-fast full.hostname
make cert
# enter your company's information
make tmprsadh
# NOTE: This may take a LONG time
# now add the followowing line to your crontab via `crontab -e` to update these temp keys each night
01 01 * * * /var/qmail/bin/update_tmprsadh > /dev/null 2>&1
Configure:
cd /var/src
cp toaster-scripts-0.6/rc /var/qmail/rc
chmod 755 /var/qmail/rc
mkdir /var/log/qmail
echo ./Maildir/ >/var/qmail/control/defaultdelivery
cp toaster-scripts-0.6/qmailctl /var/qmail/bin/
chmod 755 /var/qmail/bin/qmailctl
ln -s /var/qmail/bin/qmailctl /usr/bin
ln -s /var/qmail/bin/sendmail /usr/sbin/sendmail
ln -s /var/qmail/bin/sendmail /usr/lib/sendmail
#Now create the supervise directories/scripts for the qmail services:
mkdir -p /var/qmail/supervise/qmail-send/log
mkdir -p /var/qmail/supervise/qmail-smtpd/log
mkdir -p /var/qmail/supervise/qmail-pop3d/log
mkdir -p /var/qmail/supervise/qmail-pop3ds/log
chmod +t /var/qmail/supervise/qmail-send
chmod +t /var/qmail/supervise/qmail-smtpd
chmod +t /var/qmail/supervise/qmail-pop3d/log
chmod +t /var/qmail/supervise/qmail-pop3ds/log
cp /var/src/toaster-scripts-0.6/send.run /var/qmail/supervise/qmail-send/run
cp /var/src/toaster-scripts-0.6/send.log.run /var/qmail/supervise/qmail-send/log/run
cp /var/src/toaster-scripts-0.6/smtpd.run /var/qmail/supervise/qmail-smtpd/run
cp /var/src/toaster-scripts-0.6/smtpd.log.run /var/qmail/supervise/qmail-smtpd/log/run
cp /var/src/toaster-scripts-0.6/pop3d.run /var/qmail/supervise/qmail-pop3d/run
cp /var/src/toaster-scripts-0.6/pop3d.log.run /var/qmail/supervise/qmail-pop3d/log/run
cp /var/src/toaster-scripts-0.6/pop3ds.run /var/qmail/supervise/qmail-pop3ds/run
cp /var/src/toaster-scripts-0.6/pop3ds.log.run /var/qmail/supervise/qmail-pop3ds/log/run
echo 20 > /var/qmail/control/concurrencyincoming
chmod 644 /var/qmail/control/concurrencyincoming
chmod 755 /var/qmail/supervise/qmail-send/run
chmod 755 /var/qmail/supervise/qmail-send/log/run
chmod 755 /var/qmail/supervise/qmail-smtpd/run
chmod 755 /var/qmail/supervise/qmail-smtpd/log/run
chmod 755 /var/qmail/supervise/qmail-pop3d/run
chmod 755 /var/qmail/supervise/qmail-pop3d/log/run
chmod 755 /var/qmail/supervise/qmail-pop3ds/run
chmod 755 /var/qmail/supervise/qmail-pop3ds/log/run
mkdir -p /var/log/qmail/smtpd
mkdir -p /var/log/qmail/pop3d
mkdir -p /var/log/qmail/pop3ds
chown -R qmaill /var/log/qmail
echo postmaster > /var/qmail/control/bouncefrom \\退回邮件
echo mail.cloud.com > /var/qmail/control/helohost \\主机名(解决新浪拒收邮件问题)
echo 10485760 > /var/qmail/control/databytes \\接收邮件的最大容量 (0=无限制)??
echo 40 > /var/qmail/control/concurrencylocal \\本地同时投递邮件的数目
echo 40 > /var/qmail/control/concurrencyremote 、、同时投递至远程主机的数目
注意:
/var/qmail/control/locals中必须有缺省域名,否则投递失败的邮件将不知所踪。
#allow daemontools to start qmail
ln -s /var/qmail/supervise/qmail-send /var/qmail/supervise/qmail-smtpd /service
#verify that it's running with qmailctl
sleep 5
qmailctl stat
qmail的启动脚本也可以参考以下所写的格式:
#cp /var/qmail/boot/home /var/qmail/rc
# vi /var/qmail/rc //对rc文件进行修改,以决定投送方式:
#!/bin/sh
# Using splogger to send the log through syslog.
# Using dot-forward to support sendmail-style ~/.forward files.
# Using qmail-local to deliver messages to ~/Mailbox by default.
exec env - PATH="/var/qmail/bin:$PATH" qmail-start ./Maildir/ splogger qmail &
#vi /var/qmail/smtp //编辑smtp服务的启动脚本
#!/bin/sh
# -c 100指同时并行连接数为100
QMAILDUID=qmaild
NOFILESGID=nofiles
/usr/local/bin/tcpserver -H -R -c 100 -l 0 -t 1 -v -p -x /home/vpopmail/etc/tcp.smtp.cdb -u $QMAILDUID -g $NOFILESGID 0 smtp /var/qmail/bin/qmail-smtpd mail.cloud.com /home/vpopmail/bin/vchkpw /bin/true /bin/cmd5checkpw /bin/true 2>&1 | /var/qmail/bin/splogger smtpd 3 &
#vi /var/qmail/pop3 //编辑pop3服务的启动脚本
#!/bin/sh
/usr/local/bin/tcpserver -l mail.cloud.com -U -c 100 -H -R 0 pop3 /var/qmail/bin/qmail-popup mail.cloud.com /home/vpopmail/bin/vchkpw /var/qmail/bin/qmail-pop3d Maildir &
//这里要注意,这三个文件中的命令在一行,最好直接复制,绝对可用,我自己的启动脚本copy过来的。
#chmod 755 /var/qmail/rc
#chmod 755 /var/qmail/smtp
#chmod 755 /var/qmail/pop3
运行qmail并测试
#/var/qmail/rc
#/var/qmail/smtp
#/var/qmail/pop3
#ps aux | grep "qmail" //查看qmail的服务进程是否已完全正常启动
如果qmail已正常启动,用outlook测试qmail的smtp和pop3是否正常,注意由于vpopmail支持虚拟域名,所以在outlook中设置邮件帐号时,用户名后要加上域名,如demo@demo.com。smtp是带认证的,在outlook中也要作相应设置。建议先将qmail测试正常后再安装igenus。如果qmail出现问题,可查看mysql中的vpopmail数据库,/var/log下的mysqld和maillog日志记录,这样容易很快找出问题。
需要注意的是:
如果你在X下用X的kmail客户端测试,smtp的验证要选择LOGIN,POP的验证选择纯文本(APOP是错的,虽然有时候mail客户端会自动检测条到APOP上面),如果有好几个验证方式给你选择的话。
如果能发信,但收不到,这个时候看一下/var/log/maillog会找到答案的,一般是由于找不到libmysqlclient.so.12这个mysql库文件造成的,前面我之所以要copy到/usr/lib下就是因为这个问题经常卡我(因我都是编译安装程序的,所以程序的位置都指定了的)
top
--------------------------------------------------------------------------------
Vpopmail
Vpopmail is a virtual domain package add-on for qmail. It can handle multiple domains
on a single IP address, and none of the user accounts are /etc/passwd or "system" accounts.
Info: http://vpopmail.sf.net
Because we will only be using vchkpw (the pop authentication tool) with qmail-smtpd for SMTP-AUTH, we don't want it to open relays. The patch applied below fixes this.
Install:
cd /var/src
# the vchkpw group and vpopmail user was created while installing qmail for make cert
tar -xzf tar/vpopmail-5.2.1.tar.gz
cd vpopmail-5.2.1
进行编译:
./configure --prefix=/home/vpopmail \\指定安装路径
--enable-mysql=y \\是否应用Mysql数据库
--enable-incdir=/usr/include/mysql \\Mysql数据库include文件所在目录
--enable-libdir=/usr/lib/mysql \\Mysql数据库lib文件所在目录
--enable-default-domain=mydomain.com \\定义虚拟域名
--enable-passwd=n \\是否使用系统密码验证方式
--enable-defaultquota=10485760 \\定义缺省邮箱大小,10485760为10MB,20971520为20MB,52428800为50MB
--enable-tcprules-prog=/usr/local/bin/tcprules \\指定tcprules目录
--enable-tcpserver-file=/home/vpopmail/etc/tcp.smtp \\指定tcprules应用规则文件
--enable-vpopuser=vpopmail \\vpopmail的用户
--enable-vpopgroup=vchkpw \\vpopmail的组
--enable-ip-alias-domains=n \\在虚拟域中允许通过反向IP地址查找虚拟域名
--enable-sqwebmail-pass=y \\sqwebmail密码验证支持
--enable-hardquota=10000000 \\限制磁盘限额为10M就需要使用下面这个配置参数,若磁盘限额超出,将拒绝接受该用户的新邮件,并返回一封拒绝信息邮件,其中的信息可以定制
make
make install-strip
echo '127.:allow,RELAYCLIENT=""' >/home/vpopmail/etc/tcp.smtp
(cd ~vpopmail/etc ; tcprules tcp.smtp.cdb tcp.smtp.tmp < tcp.smtp)
# install the vpopmail start script
cp ../toaster-scripts-0.6/vpopmailctl /var/qmail/bin/vpopmailctl
chmod 755 /var/qmail/bin/vpopmailctl
ln -s /var/qmail/bin/vpopmailctl /usr/bin
#allow daemontools to start vpopmail
ln -s /var/qmail/supervise/qmail-pop3d /var/qmail/supervise/qmail-pop3ds /service
#verify that it's running with vpopmailctl
sleep 5
vpopmailctl stat
# add chkuser.tmda.patch now that vpopmail is installed
cd /var/src/netqmail-1.05/netqmail-1.05
patch -p0 < /var/src/tar/chkuser-0.6.patch
make clean
make
qmailctl stop
make setup check
qmailctl start
top
--------------------------------------------------------------------------------
Courier-IMAP
Courier-IMAP will supply IMAP/SIMAP access.
Info: http://www.inter7.com/courierimap
Install:
cd /var/src
tar -xjf tar/courier-imap-2.2.2.20040207.tar.bz2
cd courier-imap-2.2.2.20040207
# build as vpopmail
chown -R vpopmail:vchkpw ../courier-imap-2.2.2.20040207
su vpopmail 必须以非root身份执行
# configure may take some time...
./configure --with-redhat是可选项,如果是redhat,就必须加上
# note: redhat users need to add "--with-redhat"
make
exit
make install-strip
make install-configure
cp courier-imap.sysvinit /etc/rc.d/init.d/courier-imap
chmod 755 /etc/rc.d/init.d/courier-imap
ln -s ../init.d/courier-imap /etc/rc.d/rc0.d/K30courier-imap
ln -s ../init.d/courier-imap /etc/rc.d/rc1.d/K30courier-imap
ln -s ../init.d/courier-imap /etc/rc.d/rc2.d/S80courier-imap
ln -s ../init.d/courier-imap /etc/rc.d/rc3.d/S80courier-imap
ln -s ../init.d/courier-imap /etc/rc.d/rc4.d/S80courier-imap
ln -s ../init.d/courier-imap /etc/rc.d/rc5.d/S80courier-imap
ln -s ../init.d/courier-imap /etc/rc.d/rc6.d/K30courier-imap
Configure:
Edit /usr/lib/courier-imap/etc/authdaemonrc
Change authmodulelist="..." to authmodulelist="authvchkpw"
Edit /usr/lib/courier-imap/etc/imapd
Change 'IMAPDSTART=NO' to 'IMAPDSTART=YES'
Edit /usr/lib/courier-imap/etc/imapd-ssl
Change 'IMAPDSSLSTART=NO' to 'IMAPDSSLSTART=YES'
Start IMAP server
/etc/rc.d/init.d/courier-imap start
top
--------------------------------------------------------------------------------
SquirrelMail
SquirrelMail is a web based IMAP client
Info: http://www.squirrelmail.org
NOTE: This section assumes that your apache ServerRoot is /var/www and that your DocumentRoot is /var/www/html, and also that your web server runs as apache:apache
Install:
cd /var/src
tar -xjf tar/squirrelmail-1.4.2.tar.bz2
cd squirrelmail-1.4.2
cd plugins
tar -xvzf ../../tar/quota_usage-1.2.tar.gz
cp quota_usage/config.php.sample quota_usage/config.php
cd ../
./configure
# here you will have to set a few options:
go to Server Settings (2) and change the Server Software from "cyrus" to "courier" (a)
From the main menu, go to General Options (4) and change Data Direcotry (2) to "/var/www/data/"
From the main menu, go to Plugins and enable the quota_usage plugin, along with any others you prefer
Save settings
quit
# move the data directory into place and change permissions to the user:group that the web server runs as:
mv data /var/www/
chown -R apache:apache /var/www/data
# install squirrelmail
cd ../
mv squirrelmail-1.4.2 /var/www/html/
top
●安装并运行igenus
1.到http://www.igenus.org下载最新的安装包
#tar zxvf igenus_2_20030516_snap.tgz -C /www/htdocs/
2.建temp文件夹
cd /www/htdocs/igenus
mkdir temp
chmod -R 0755 temp
chown -R vpopmail:vchkpw temp
3.修改httpd.conf
#vi /web/httpd/conf/httpd.conf
Group Apache
User Apache
修改为:
Group vchkpw
User vpopmail
AddDefaultCharset ISO-8859-1
修改为
AddDefaultCharset GB2312 //使默认页面为中文,2.x的apache需要修改
#/etc/rc.d/init.d/httpd restart //重启apache,使修改生效
4.修改config_inc.php文件
# cd /www/htdocs/igenus/config
# vi config_inc.php
$CFG_BASEPATH = "/www/htdocs/html/igenus";
$CFG_MYSQL_HOST = 'localhost';
$CFG_MYSQL_USER = 'vpopmail';
$CFG_MYSQL_PASS = '12345678'; \\改成你的密码
$CFG_MYSQL_DB = 'vpopmail';
$CFG_TEMP = $CFG_BASEPATh."/temp";
5.重新编制Mysql数据库表格
#mysql -u root -p
mysql>use vpopmail;
mysql>alter table vpopmail drop primary key;
mysql>alter table vpopmail add column pw_id int(5) NOT NULL primary key auto_increment;
mysql>create table address (
id int(11) unsigned NOT NULL auto_increment,
pw_id int(5) unsigned NOT NULL default '0',
name varchar(64) NOT NULL default '',
email varchar(128) NOT NULL default '',
UNIQUE KEY id (id),
KEY pw_id (pw_id)
) TYPE=MyISAM;
mysql>CREATE TABLE stow (
id int(11) unsigned NOT NULL auto_increment,
pw_id int(5) NOT NULL default '0',
name varchar(64) NOT NULL default '',
http varchar(128) NOT NULL default '',
memo varchar(255) NOT NULL default '',
PRIMARY KEY (id)
) TYPE=MyISAM PACK_KEYS=1; //收藏夹的表
mysql>quit;
--------------------------------------------------------------------------------
autorespond
Autorespond is compatible autoresponder/vacation type tool that works well with vdelivermail and qmailadmin.
Info: http://qmailadmin.sf.net
Install:
cd /var/src
tar -xzf tar/autorespond-2.0.4.tar.gz
cd autorespond-2.0.4
make
make install
top
--------------------------------------------------------------------------------
ezmlm-idx
Fast, full featured Mailing List Manager configureable from qmailadmin.
Info: http://www.ezmlm.org
Install:
安装ezmlm and ezmlm-idx使qmail支持邮件列表功能
1.注意:为了启用maillist的MySQL支持,你必须首先:
建立mysql管理用户:(Ex:user:ezmlm,pass:ezmlm)
# mysql -u root -pwangxu
>use mysql;
>create database ezmlm;
>grant all on ezmlm.* to ezmlm@localhost identified by "ezmlmpassword";
>flush privileges;
>exit;
# mysqladmin -u root -pwangxu create ezmlm
2.ezmlm-idx包含有对ezmlm的修正和补充,他们是一个整体。
#cd /home/software
# tar -zxvf ezmlm-0.53.tar.gz
# tar -zxvf ezmlm-idx-0.40.tar.gz
# mv -Rf ezmlm-idx-0.40/* ezmlm-0.53/ //将ezmlm-idx-0.40下的文件覆盖到ezmlm-0.53下
# cd ezmlm-0.53
# patch < idx.patch
# patch < ../ezmlm-idx-0.53.400.unified_41.patch
# make mysql #MySQL 支持
# make clean
# make man
# make ch_GB #汉字GB2312支持
修改conf-sqlcc文件
内容为:-I/usr/include/mysql
修改conf-sqlld
内容为: -L/usr/lib/mysql -lmysqlclient -lnsl -lm -lz
-lz是增加zip压缩支持
修改conf-bin
第一行:/var/qmail/bin/ezmlm
修改conf-man
第一行:/var/qmail/man
修改conf-qmail
第一行:/var/qmail
# make setup
修改/usr/local/qmail/bin/ezmlm/ezmlmrc将"To:##L@##H"修改为"To:<#L#>@<#H#>",主要是修改用邮件客户端收到信之后,收件人地址显示格式错误。
邮件列表收到的信息乱码解决方法:
在/home/vpopmail/domains/cloud.com/maillistname/下建立一个charset的文件
#touch charset
#chown vpopmail:vchkpw charset
#chmod go-r charset
#vi charset 添加一行gb2312
这样你发一份邮件到maillistname@xxx.xxx 你收到的信息将可以正确的显示中文了!
3.在你建立一个基于MySQL的maillist之前,你必须保证ezmlm库中已存在一个对应的表(其实我发现没有表,ezmlm会自动建立,只是会提示错误):
Ex:你想建一个基于MySQL的maillist:testlist
# /var/qmail/bin/ezmlm/ezmlm-mktab -d testlist | mysql -uezmlm -pezmlm -f ezmlm
这样就在ezmlm库中为testlist建立了一系列相关表格:
+------------------------+
| Tables |
+------------------------+
| testlist |
| testlist_allow |
| testlist_allow_slog |
| testlist_cookie |
| testlist_deny |
| testlist_deny_slog |
| testlist_digest |
| testlist_digest_cookie |
| testlist_digest_mlog |
| testlist_digest_slog |
| testlist_mlog |
| testlist_mod |
| testlist_mod_slog |
| testlist_slog |
+------------------------+
你可以用一下命令察看! (也不需要这样麻烦的,安装了qmailadmin后可以使用qmailadmin管理邮件列表了)
# mysqlshow -uezmlm -pezmlm ezmlm
top
--------------------------------------------------------------------------------
qmailadmin
Qmailadmin can handle nearly all virtual email administration tasks for you from a web browser, except for adding and removing virtual domains.
Info: http://sourceforge.net/projects/qmailadmin
The patch applied below fixes a problem with the default_quota directive used in the .qmailadmin-limits file.
Install:
cd /var/src
tar -xzf tar/qmailadmin-1.2.1.tar.gz
cd qmailadmin-1.2.1
./configure --enable-help=y
make
make install-strip
cd ../
tar -xzf tar/qmailadmin-help-1.0.8.tar.gz
cd qmailadmin-help-1.0.8
mkdir /var/www/html/images/qmailadmin/help
cp -rp * /var/www/html/images/qmailadmin/help
Your toaster installation is done! Now we're ready to take it for a test drive.
top
--------------------------------------------------------------------------------
Test Drive
Here we'll add a virtual domain, 'test.com', and test sending/receiving mail. Substitue 'test.com' for whatever domain you setup DNS for.
# Add the domain to vpopmail
/home/vpopmail/bin/vadddomain test.com [password]
This creates the default "postmaster" account for test.com. You will use this account with qmailadmin. Try adding/removing users with qmailadmin here:
http://mail.test.com/cgi-bin/qmailadmin
To test out quota usage support, create a user with a 6MB quota like so:
/home/vpopmail/bin/vadduser -q 6000000000S user@test.com [password]
# verify the user settings, and create the "maildirsize" file
/home/vpopmail/bin/vuserinfo user@test.com
Now, to log into SquirrelMail as user@test.com, point your browser here:
http://mail.test.com/squirrelmail-1.4.2/
Send yourself a message. If you get it, it's likely you're up and running.
To test your POP server, try telnetting to port 110 and logging in.
# telnet localhost 110
Trying 127.0.0.1...
Connected to localhost.localdomain.
Escape character is '^]'.
+OK Hello there.
user user@test.com
+OK Password required.
pass [password]
+OK logged in.
quit
+OK Bye-bye.
Connection closed by foreign host.
Test your IMAP server in the same way:
# telnet localhost 143
Trying 127.0.0.1...
Connected to localhost.localdomain.
Escape character is '^]'.
* OK Courier-IMAP ready. Copyright 1998-2001 Double Precision, Inc. See COPYING for distribution information.
a001 login user@test.com [password]
a001 OK LOGIN Ok.
a001 logout
* BYE Courier-IMAP server shutting down
a001 OK LOGOUT completed
Connection closed by foreign host.
top
--------------------------------------------------------------------------------
Options
Qmail Scanner
Your qmail installation is already patched (qmail-queue patch) to support qmail-scanner, a popular tool for using commercial virus scanners with qmail. Go to http://qmail-scanner.sourceforge.net for installation instructions.
Qmail下的免费防病毒网关antivir-mailgate简易安装
现在病毒猖狂啊,做网管的,网络出了乱子,麻烦就大了,病毒一扩散就比较麻烦了,以下介绍一个适合于unix/linux下的病毒邮件网关。
1.先去该公司网址注册一下,获得一个一年期限的license
www.antivir.de/order/privreg/linux.htm
2.开始安装
# tar zxf avlxmgt.tgz
# cd antivir-mailgate-2.0.1.16
# ./avinstall.pl
这里程序会询问你的一些安装路径这类问题,很easy的,一路回车吧!
默认情况下,antivir-mailgate是通过监听25端口,收到mail后杀毒处理在通过unix管道调用传递给qmail的。因此,首先需要建立以下链接,因为安装qmail的时候已经做过了。所以这里就可以省略了。
ln -s /var/qmail/bin/sendmail /usr/lib/sendmail
ln -s /var/qmail/bin/sendmail /usr/sbin/sendmail
修改工作目录的权限和所有者,注意必须是0700的权限模式,否则无法启动,会报错误的
# chown uucp.uucp /var/spool/avmailgate -R
# chmod 0700 /var/spool/avmailgate -R
编辑配置文件,以下是几个有用的配置选项,其他的就不多说了,配置文件里面都有说明的,很easy的,如果你想测试一下,看杀毒后的输出,可以修改里面的选项,追加附加的头部到mail里面去。另外,安装脚本会在rc.d目录下建立相应的启动连接,请确保你的qmail的启动脚本在病毒网关之后启动。INSTALL.qmail文件中提到了3种工作模式,默认的是通过监听25端口,收到邮件后进行杀毒处理后在直接通过unix管道传递给qmail进程处理,还有一种模式是让qmail监听825端口,病毒网关收到邮件后直接转发给825端口上的进程,这种模式下效率可能没有默认的工作模式的效率好,这两种模式下都有个弊病,就是25端口上的病毒网关进程没有验证功能了,INSTALL.qmail文件还有一个方法就是使用两个qmail进程和一个病毒网关协同工作,一个做前台监听25端口,这样就可以验证了,这个前台进程收到邮件后在转发到病毒网关进程,病毒网关进行杀毒处理后在转发到后台的qmail进程上,这个进程在进行本地投送处理,文件里描述的比较详细了,我就不多说了,有兴趣的朋友可以照着做。
# vi /etc/avmailgate.conf
User uucp (默认以uucp用户和uucp组工作,请保证你的系统是否存在这两个帐号)
Group uucp
SpoolDir /var/spool/avmailgate (工作目录)
ForwardTo /usr/lib/sendmail -oem -oi(默认的工作模式)
# vi /etc/avmailgate.acl #这个文件控制允许接收mail的域,一般不需要修改
# /usr/sbin/rcavgate start (启动mail防毒网关)
检查启动输出
# cat /var/log/maillog
# vi /etc/crontab
#每天的0:25分自动更新病毒库
25 0 * * * /usr/lib/AntiVir/antivir –update -q
安装 qmail-scanner and ClamAV
为了能够扫描邮件服务器中进出的邮件, 我们需要安装 qmail-scanner. 如果你之前没有安装perl-suidperl,我们还需要安装它(RedHat 7.3 是不会安装它的). 下面将指导你如何安装.
# 安装 perl-suidperl
rpm -i /var/src/tar/perl-suidperl-5.6.1-34.99.6.i386.rpm
# 安装 qmail-scanner
cd /var/src
tar -xzf tar/qmail-scanner-1.15.tgz
cd qmail-scanner-1.15
./configure –-scanners "clamscan,verbose_spamassassin" --admin "user" --domain "test.com" –-install
注意: "--admin" 和 "--domain" 参数组成了帐号"user"@"domain name". 警告消息将通过qmail-scanner 发往这个邮件帐号, 所以必须确认这是一个管理级别的帐号. 另外,所有域的警告信息都会发给这个帐号, 所以一定要小心. 在第一步时, 按y 允许qmail-scanner提前configure. 第二步时, 按y,建立 qmail-queue-scanner.pl 文件.
cp quarantine-attachments.txt /var/spool/qmailscan
su qmaild -c "/var/qmail/bin/qmail-scanner-queue.pl -g
# 如果qmail-scanner-queue.pl 在安装过程中有问题, 按照下面的方法复制建立
# cp qmail-scanner-queue.pl /var/qmail/bin/qmail-scanner-queue.pl
现在我们需要将qmail-scanner-queue.pl 加入到qmail-smtpd 启动脚本中
vi /var/qmail/supervise/qmail-smtpd/run
添加下面一段:
QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"
export QMAILQUEUE
将:
exec /usr/local/bin/softlimit -m 2000000 \
改为:
exec /usr/local/bin/softlimit -m 15000000 \
保存文件,退出vi. 现在, 我们将要安装真正病毒扫描程序, “Clam Anti-Virus”. 可以从如下地址http://clamav.elektrapro.com 获取更多的信息. 首先我们需要为clamAV 建立一个用户和组:
/usr/sbin/groupadd clamav
/usr/sbin/useradd -g clamav -s /bin/false -c "Clam Antivirus" clamav
cd /var/src
tar -xzf tar/clamav-0.53.tar.gz
cd clamav-0.53
./configure
make
make install
# 确认是否在运行
clamscan -r -l scan.txt .
cat scan.txt
rm -rf scan.txt
# 建立日志文件...
touch /var/log/clam-update.log
chmod 644 /var/log/clam-update.log
chown clamav /var/log/clam-update.log
# 通过添加下面一行到cron文件来自动检查病毒库升级
crontab -e
0 8 * * * /usr/local/bin/freshclam --quiet -l /var/log/clam-update.log
[ESC]:wq
# 设置相应的属性和权限...
chown -R qmailq.qmail /var/qmail/bin/qmail-scanner-queue.pl
chown -R qmailq.qmail /var/spool/qmailscan
chmod -R 755 /var/spool/qmailscan
# 最后.重启邮件服务
/var/qmail/bin/qmailctl restart
/var/qmail/bin/vpopmailctl restart
OK, 让我们测试一下病毒扫描是不是在运行. 记的那些在#3步下载的测试病毒文件吗? 我们将利用它们来测试. 打开你喜欢的邮件客户端 (SquirrelMail?) 用一个测试帐号发一封测试邮件给另外一个测试用户(你可能需要建立两个测试帐号). 在你的电子邮件中附上病毒测试文件,把它发送给第二个测试帐号. 如果你以管理帐号登陆, 你将会看到一封病毒警告信件. 我们可以在日志文件中看到qmail-scanner和clamAV确实截获了测试病毒:
cat /var/spool/qmailscan/qmail-queue.log
26. 安装 MRTG
多路由器通信监视器(MRTG)是在网络链路上监控通信负载的一件工具。 MRTG 产生包含图表的HTML网页,它可以将系统中的通信情况实时的显示在页面上。 我们可以在我们的系统上使用它来监控电子邮件和spam情况。
# 安装 zlib (压缩的图形文件包)
cd /var/src
tar -xzf tar/zlib-1.1.4.tar.gz
mv zlib-1.1.4/ zlib
cd zlib
./configure
make
cd ..
# 安装 libpng (PNG图片格式包)
tar -xzf tar/libpng-1.0.12.tar.gz
mv libpng-1.0.12/ libpng
cd libpng
make -f scripts/makefile.std CC=gcc ZLIBLIB=../zlib ZLIBINC=../zlib
rm *.so.* *.so
cd ..
# 安装 gd (制图软件包)
tar -xzf tar/gd-1.8.3.tar.gz
mv gd-1.8.3/ gd
cd gd
make INCLUDEDIRS="-I. -I../zlib -I../libpng" \
LIBDIRS="-L../zlib -L. -L../libpng" LIBS="-lgd -lpng -lz -lm"
make install
cd ..
# 编译 MRTG
tar -xzf tar/mrtg-2.9.25.tar.gz
cd mrtg-2.9.25/
./configure --prefix=/usr/local/mrtg-2 –-with-gd=/var/src/gd/ \
--with-z=/var/src/zlib/ --with-png=/var/src/libpng/
make
make install
所有MRTG需要的软件包都安装在了 /usr/local/mrtg-2 目录下. 你现在可以安全的删除上面编译的源码. 但是你最好留着,以便你编译下一个版本的MRTG时所需.
通过安装inter7的qmailmrtg ,我们将在我们的系统上安装MRTG
# 编译 qmailmrtg
cd /var/src
tar -xzf tar/qmailmrtg7-3.4.tar.gz
# 如果你没有从optionalScripts.tar.gz中解压出这些文件, 那你要这样做
tar -xzf tar/optionalScripts.tar.gz
cd qmailmrtg7-3.4
make
make install
mkdir /usr/local/apache/htdocs/qmailmrtg
cp ../optionalScripts/qmail.mrtg.cfg /usr/local/apache/htdocs/qmailmrtg
cp ../optionalScripts/index.html /usr/local/apache/htdocs/qmailmrtg
cd /usr/local/apache/htdocs/qmailmrtg/
修改 qmail.mrtg.cfg 和 index.html文件, 将所有出现FQDN 的地方都改成你的完整域名(例如: test.com). 如果你的HTTP MRTG目录并不是默认的 (例如: 你并没有把 /usr/local/apache作为你的web根目录), 则必须在/usr/local/htdocs/qmailmrtg/qmail.mrtg.cfg 文件中修改WorkDir变量为正确的路径. 如果你不记录pop和smtp服务, 你可以在pop3和smtp所在每一行的前面加一个# 来注释掉它. 我现在已经移去它们了, 如果你决定不记录的话,你可以删除它们.
你可以修改 pop3和smtp所在的行, 设置MaxBytes参数来重写tcpserver中-cX所在行.
你还可以修改concurrency来重写concurrencyremote或concurrencylocal 的值. 如果这些文件在/var/qmail/control 目录下并不存在,则qmail默认的值为20.
OK, MRTG现在可以图形化qmail日志记录, 为了添加对SpamAssassin 的支持. 我们需要安装“Date::Parse” 模块, 让我们开始吧:
cd /var/src/optionalScripts
perl -MCPAN -e'shell'
cpan> install Date::Parse
cpan> quit
#你可能需要将这些modules移动到你的Perl lib目录, 如下:
#mv /root/perl/* /usr/lib/perl5/5.6.1/i386-linux/
cp glmrtg.pl /usr/local/bin
cp mrtgspam /usr/local/bin
chmod 755 /usr/local/bin/glmrtg.pl
chmod 755 /usr/local/bin/mrtgspam
OK!现在我们将对收集到的SpamAssassin进行一下统计 (spam vs. non-spam). 下面是我们的最后一步,将下面一段添加到crontab中, 以使我们能每五分钟升级一次MRTG数据. 运行如下命令:
crontab -e
添加下面一段 (使MRTG每五分钟运行一次) 然后退出crontab:
*/5 * * * * /usr/local/mrtg-2/bin/mrtg /usr/local/apache/htdocs/qmailmrtg/qmail.mrtg.cfg 2>&1 > /dev/null
现在运行MRTG三次来安装它. 你将会收到3次警告消息. 之后,你将不会再收到警告了.
/usr/local/mrtg-2/bin/mrtg /usr/local/apache/htdocs/qmailmrtg/qmail.mrtg.cfg
现在应该安装好了. 为了能显示些信息,我们等待15分钟的日志记录. 你可以通过下面的地址来检查图形监控情况:
http://your.host.name/qmailmrtg/
查看它们的图形监控情况!
