關閉SELINUX
# vi /etc/sysconfig/selinux
SELINUX=enforcing
改成
SELINUX=disabled
安裝RPMforge
# rpm -Uvh http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el6.rf.x86_64.rpm
RPMforge是Dag, Dries和其他的打包者合作的套件庫,提供CentOS超過4000種以上的套件
更新套件
# yum -y update
網路校時
# yum -y install ntp #安裝NTP
# /usr/sbin/ntpdate tock.stdtime.gov.tw #執行網路校時針對 tock.stdtime.gov.tw
# /usr/sbin/hwclock -w #將時間寫入BIOS
# vi /etc/crontab
加入 10 5 * * * root /usr/sbin/ntpdate tock.stdtime.gov.tw && /sbin/hwclock –w
#排程自動校時每天5:10校時
安裝Postfix
1.移除sendmail安裝postfix
# /etc/init.d/sendmail stop #停用sendmail
# yum install postfix #安裝postfix
# rpm -e sendmail #移除sendmail
# service postfix start #啟動postfix服務
2. postfix設定
設定檔位置 /etc/postfix/main.cf設定 postfix 可接收外部連線
vi /etc/postfix/main.cf
將inet_interfaces = localhost #註解
改成
inet_interfaces = all
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
mydomain = example.com.tw
myhostname = mail.example.com.tw
home_mailbox = Maildir/
# service postfix restart #重新啟動postfix服務
3. 測試 postfix(smtp)
# telnet localhost smtp
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 mail.acme.local ESMTP Postfix
ehlo localhost
250-mail.acme.local
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
mail from:<johndoe>
250 2.1.0 Ok
rcpt to:<johndoe>
250 2.1.5 Ok
data
354 End data with <CR><LF>.<CR><LF>
test
.
250 2.0.0 Ok: queued as 9729067C17
quit
221 2.0.0 Bye
Connection closed by foreign host.
[root@mail ~]#
看信件內容:
To check if the mail indeed exists
# cd /home/johndoe/Maildir/new
[root@mail new]# ls
1185669817.Vfd00I18012M795756.mail.acme.local
[root@mail new]# cat 1185669817.Vfd00I18012M795756.mail.acme.local
Don’t worry, you don’t have to type in the whole filename above. Just type in the first few characters say 118 then press Tab to activate automatic completion.
From johndoe@mail.acme.local Thu Feb 22 21:48:28 2007
Return-Path: <johndoe@mail.acme.local>
X-Original-To: johndoe
Delivered-To: johndoe@mail.acme.local
Received: from localhost.localdomain (localhost.localdomain [127.0.0.1])
by mail.acme.local (Postfix) with SMTP id 9729067C17
for <johndoe>; Thu, 22 Feb 2007 21:48:26 -0500 (EST)
Message-Id: <20070222134827.9729067C17@mail.acme.local>
Date: Thu, 22 Feb 2007 21:48:26 -0500 (EST)
From: johndoe@mail.acme.local
To: undisclosed-recipients:;
test
[root@mail mail]#
4. 設定postfix SMTP 驗證
安裝 cyrus-sasl-md5 cyrus-sasl-plain cyrus-sasl 套件
yum install cyrus-sasl-md5 cyrus-sasl-plain cyrus-sasl -y
vi /etc/dovecot/conf.d/10-master.conf
service auth {
unix_listener /var/spool/postfix/private/auth {
mode = 0666
user = postfix
group = postdrop
}
}
vi /etc/dovecot/conf.d/10-auth.conf
auth_mechanisms = plain login
vi /etc/postfix/main.cf
find the keys below and change its values as follows or add it at the bottom of the file if the key (the word before the = sign) cannot be found.
mynetworks = 127.0.0.0/8
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions = permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination
broken_sasl_auth_clients = yes
smtpd_sasl_security_options = noanonymous
chkconfig saslauthd on #設定開機啟動
service saslauthd restart #啟動saslauthd服務
利用telnet 測式smtp認證功能是否生效(要有出現LOGIN PLAIN才算)
[root@mail ~]# telnet mail smtp
Trying 192.168.0.1...
Connected to mail.acme.local (192.168.0.1).
Escape character is '^]'.
220 mail.acme.local ESMTP Postfix
ehlo localhost
250-mail.acme.local
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
Note the new 250-AUTH lines. See the old SMTP Telnet Test.
mail from:<johndoe>
250 2.1.0 Ok
rcpt to:<test@example.com>
554 5.7.1 <test@example.com>: Relay access denied
It works, now to check if we can send it after authenticating.
auth plain AGpvaG5kb2UAcGFzc3dvcmQ=
235 2.0.0 Authentication successful
rcpt to:<test@example.com>
250 2.1.5 Ok
quit
221 2.0.0 Bye
Connection closed by foreign host.
[root@mail ~]#
安裝dovecot pop3服務
yum install dovecot #安裝dovecot
vi /etc/dovecot/dovecot.conf
protocols = imap imaps pop3 pop3s
改成
protocols = pop3 imap lmtp
vi /etc/dovecot/conf.d/10-auth.conf
disable_plaintext_auth = no
(檢查看看outlook setting
disable_plaintext_auth = yes <--- 使用SSL/TLS
disable plaintext_auth = no <--- 跟上面的相反)
vi /etc/dovecot/conf.d/10-mail.conf
#mail_location = mbox:~/mail:INBOX=/var/mail/%u (不用mbox)
改成
mail_location = maildir:/var/spool/maildir/%u
vi /etc/dovecot/conf.d/20-pop3.conf
pop3_uidl_format = %08Xu%08Xv
pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
設定啟動 dovecot 服務,並設定開機自動啟動
chkconfig dovecot on
service dovecot start
測試 Dovecot
Sample dovecot session. Replace johndoe and password with any valid user name and password.
[root@mail ~]# telnet localhost pop3
+OK dovecot ready.
user johndoe
+OK
pass password
+OK Logged in.
list
+OK 1 messages:
1 622
.
retr 1
+OK 622 octets
Return-Path: <johndoe@mail.acme.local>
X-Original-To: johndoe
Delivered-To: johndoe@mail.acme.local
Received: from localhost.localdomain (localhost.localdomain [127.0.0.1])
by mail.acme.local (Postfix) with SMTP id 9729067C17
for <johndoe>; Thu, 22 Feb 2007 09:06:37 -0500 (EST)
Message-Id: <20070222140640.9729067C17@mail.acme.local>
Date: Thu, 22 Feb 2007 09:06:37 -0500 (EST)
From: johndoe@mail.acme.local
To: undisclosed-recipients:;
X-IMAPbase: 1172153557 1
Status: O
X-UID: 1
Content-Length: 5
X-Keywords:
test
.
quit
+OK Logging out.
Connection closed by foreign host.
[root@mail ~]#
防火牆安裝
yum install system-config-firewall
掃毒clamd及過濾廣告信軟體spamassassin
1. yum install clamd spamassassin
2. 啟動 clamd
freshclam
service clamd start
chkconfig clamd on
3. 啟用 SpamAssassin AWL Plugin
vi /etc/mail/spamassassin/v310.pre
取消這行註解loadplugin Mail::SpamAssassin::Plugin::AWL讓 SpamAssassin 載入 AWL (Auto-White-List) Plugin
(因應 MailScanner.conf 的 use_auto_whitelist 參數無效問題)
安裝MailScanner
1. 安裝 MailScanner
yum install perl-Archive-Zip perl-DBI perl-DBD-SQLite perl-Filesys-Df perl-Net-CIDR perl-OLE-Storage_Lite perl-Sys-Hostname-Long perl-Sys-SigAction perl-MIME-tools gcc make rpm-build -y
wget http://www.mailscanner.info/files/4/rpm/MailScanner-4.84.5-3.rpm.tar.gz
tar zxf MailScanner-*
cd MailScanner-*
./install.sh
2. MailScanner 基本設置
vi /etc/MailScanner/MailScanner.conf
%org-name% = www.example.com.tw
Run As User = postfix
Run As Group = postdrop
Incoming Queue Dir = /var/spool/postfix/hold
Outgoing Queue Dir = /var/spool/postfix/incoming
MTA = postfix
Incoming Work Group = clam
Incoming Work Permissions = 0640
Virus Scanners = clamd
Clamd Socket = /var/run/clamav/clamd.sock
SpamAssassin User State Dir = /var/spool/MailScanner/spamassassin
High Scoring Spam Actions = deliver
vi /etc/MailScanner/virus.scanners.conf
clamd /bin/false /usr
vi /etc/MailScanner/spam.assassin.prefs.conf
bayes_ignore_header X- www.example.com.tw -MailScanner
bayes_ignore_header X- www.example.com.tw -MailScanner-SpamCheck
bayes_ignore_header X- www.example.com.tw -MailScanner-SpamScore
bayes_ignore_header X- www.example.com.tw -MailScanner-Information
envelope_sender_header X- www.example.com.tw -MailScanner-From
#use_auto_whitelist 0
cd /var/spool/MailScanner
mkdir spamassassin
chown -R postfix:clam *
chmod -R 750 *
vi /etc/postfix/main.cf
header_checks = regexp:/etc/postfix/header_checks
echo "/^Received:/ HOLD" >> /etc/postfix/header_checks
vi $(which MailScanner)
#!/usr/bin/perl -I/usr/lib/MailScanner -U
3. 修改權限
chown postfix.postdrop /var/spool/MailScanner/incoming chown postfix.postdrop /var/spool/MailScanner/quarantine
4. 檢查 MailScanner 設置是否正確
MailScanner --lint
5. 啟動 MailScanner
service postfix stop
chkconfig postfix off
service MailScanner start
chkconfig MailScanner on
參考:
http://presitw.blogspot.tw/2012/05/centos-62-mail-postfixdovecotmailscanne.html
沒有留言:
張貼留言