Jamers Posted October 3, 2015 Report Share Posted October 3, 2015 最早最早以前是用的自己的服务器架设的邮件服务器,Windows下用过Mdaemon、CmailServer等等。Windows架设服务的事越干越少了,目前服务均架设在FREEBSD中。2011年左右使用了QQ的域名邮箱,一直到最近。现在发现国外的邮件腾讯的邮件服务器居然收不到。无奈重新搞回来吧? 原来Postfix也用过,当时由于对于垃圾邮件处理较好,当时的缺憾就是没有一个漂亮合适的webmail,现在看了一下使用roundcube,原来准备用openwebmail的,只是界面不够漂亮另外就是cgi搞起来麻烦,roundcube则完全符合我的习惯,纯PHP,界面漂亮大方。 目前仅提供最基本的功能,后续再调整反垃圾邮件、杀毒等等功能,开工! Postfix安装:SMTP服务提供,mysql都选上我要使用mysql进行验证的。 cd /usr/ports/mail/postfix make install clean dovecot:POP3、IMAP等服务提供, cd /usr/ports/mail/dovecot/ make install clean 配置dovecot: cp /usr/local/etc/dovecot/example-config/dovecot.conf /usr/local/etc/dovecot/ cp /usr/local/etc/dovecot/example-config/dovecot-sql.conf.ext /usr/local/etc/dovecot/ mkdir /usr/local/etc/dovecot/conf.d/ cp /usr/local/etc/dovecot/example-config/conf.d/* /usr/local/etc/dovecot/conf.d/ ee /usr/local/etc/dovecot/dovecot-sql.conf driver = mysql connect = host=localhost dbname=postfix user=postfix password=postfix default_pass_scheme = MD5 password_query = \ SELECT username, domain, password \ FROM users WHERE username = '%n' AND domain = '%d' AND active = 'Y' user_query = \ SELECT home, uid, gid \ FROM users WHERE username = '%n' AND domain = '%d' iterate_query = SELECT username AS user FROM users 安装postfixadmin cd /usr/ports/mail/postfixadmin make install clean 建立数据库和用户: # Create the database CREATE DATABASE postfix; # Create user and allow him to read from the mail database GRANT SELECT ON postfix.* TO 'postfix'@'localhost' IDENTIFIED BY 'postfix'; FLUSH PRIVILEGES; 自己配置postfixadmin的访问路径,并建立相应数据表和相关数据。位置如下: /usr/local/www/postfixadmin 建立mysql映射: 映射: ee /usr/local/etc/postfix/mysql_virtual_alias_maps.cf user = postfix password = postfix hosts = localhost dbname = postfix table = alias select_field = goto where_field = address additional_conditions = and active = '1' #query = SELECT goto FROM alias WHERE address='%s' AND active = '1' ee /usr/local/etc/postfix/mysql_virtual_domains_maps.cf user = postfix password = postfix hosts = localhost dbname = postfix table = domain select_field = domain where_field = domain additional_conditions = and backupmx = '0' and active = '1' #query = SELECT domain FROM domain WHERE domain='%s' AND backupmx = '0' AND active = '1' ee /usr/local/etc/postfix/mysql_virtual_mailbox_limit_maps.cf user = postfix password = postfix dbname = postfix hosts = localhost table = mailbox select_field = quota where_field = username additional_conditions = and active = '1' #query = SELECT quota FROM mailbox WHERE username='%s' AND active = '1' ee /usr/local/etc/postfix/mysql_virtual_mailbox_maps.cf user = postfix password = postfix dbname = postfix hosts = localhost table = mailbox select_field = CONCAT(domain,'/',maildir) where_field = username additional_conditions = and active = '1' #query = SELECT CONCAT(domain,'/',maildir) FROM mailbox WHERE username='%s' AND active = '1' 其它配置: ee /usr/local/etc/postfix/master.cf 在最后添加一行: dovecot unix - n n - - pipe flags=DRhu user=postfix:postfix argv=/usr/local/libexec/dovecot/deliver -d $(recipient) TLS生成证书: openssl req -new -outform PEM -out /usr/local/etc/postfix/smtpd.cert -newkey rsa:2048 -nodes -keyout /usr/local/etc/postfix/smtpd.key -keyform PEM -days 3650 -x509 chmod 640 /usr/local/etc/postfix/smtpd.key chgrp postfix /usr/local/etc/postfix/smtpd.key cd /usr/local/share/examples/dovecot ee dovecot-openssl.cnf 修改需要改的东西 sh mkcert.sh 安装roundcube: cd /usr/ports/mail/roundcube make install 文件目录为:/usr/local/www/roundcube 配置完成后访问:http://xxxx/installer/ 配置postfix:这里是我目前的配置内容,自己根据需要修改 postconf -e 'virtual_alias_maps = proxy:mysql:/usr/local/etc/postfix/mysql_virtual_alias_maps.cf' postconf -e 'virtual_mailbox_base = /var/spool/postfix' postconf -e 'virtual_mailbox_domains = proxy:mysql:/usr/local/etc/postfix/mysql_virtual_domains_maps.cf' postconf -e 'virtual_mailbox_maps = proxy:mysql:/usr/local/etc/postfix/mysql_virtual_mailbox_maps.cf' postconf -e 'virtual_uid_maps = static:125' postconf -e 'virtual_gid_maps = static:125' postconf -e 'virtual_transport = dovecot' postconf -e 'local_transport = virtual' postconf -e 'local_recipient_maps = $virtual_mailbox_maps' postconf -e 'transport_maps = hash:/usr/local/etc/postfix/transport' postconf -e 'smtpd_sasl_auth_enable = yes' postconf -e 'smtpd_helo_required = yes' postconf -e 'broken_sasl_auth_clients = yes' postconf -e 'smtpd_sasl_security_options = noanonymous' postconf -e 'smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_rbl_client cblless.anti-spam.org.cn, reject_unauth_destination' postconf -e 'smtpd_sasl_exceptions_networks = $mynetworks' postconf -e 'smtpd_sasl_type = dovecot' postconf -e 'smtpd_sasl_path = private/auth' postconf -e 'smtpd_use_tls = yes' postconf -e 'smtpd_tls_cert_file = /usr/local/etc/postfix/smtpd.cert' postconf -e 'smtpd_tls_key_file = /usr/local/etc/postfix/smtpd.key' postconf -e 'smtpd_sasl_local_domain = $mydomain' postconf -e 'smtpd_sasl_tls_security_options = $smtpd_sasl_security_options' postconf -e 'strict_rfc821_envelopes = yes' postconf -e 'disable_vrfy_command = yes' broken_sasl_auth_clients = yes command_directory = /usr/local/sbin config_directory = /usr/local/etc/postfix daemon_directory = /usr/local/libexec/postfix data_directory = /var/db/postfix debug_peer_level = 2 debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5 disable_vrfy_command = yes html_directory = /usr/local/share/doc/postfix inet_interfaces = all inet_protocols = ipv4 local_recipient_maps = $virtual_mailbox_maps local_transport = virtual mail_owner = postfix mailq_path = /usr/local/bin/mailq manpage_directory = /usr/local/man mydestination = $myhostname, $mydomain, localhost mydomain = zomew.com myhostname = mail.zomew.com mynetworks = 192.168.1.0/24, 192.168.2.0/24, 127.0.0.0/8 mynetworks_style = host newaliases_path = /usr/local/bin/newaliases queue_directory = /var/spool/postfix readme_directory = /usr/local/share/doc/postfix sample_directory = /usr/local/etc/postfix sendmail_path = /usr/local/sbin/sendmail setgid_group = maildrop smtpd_banner = $myhostname ESMTP $mail_name smtpd_helo_required = yes smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_exceptions_networks = $mynetworks smtpd_sasl_local_domain = $mydomain smtpd_sasl_path = private/auth smtpd_sasl_security_options = noanonymous smtpd_sasl_tls_security_options = $smtpd_sasl_security_options smtpd_sasl_type = dovecot smtpd_tls_cert_file = /usr/local/etc/postfix/smtpd.cert smtpd_tls_key_file = /usr/local/etc/postfix/smtpd.key smtpd_use_tls = yes strict_rfc821_envelopes = yes transport_maps = hash:/usr/local/etc/postfix/transport unknown_local_recipient_reject_code = 550 virtual_alias_maps = proxy:mysql:/usr/local/etc/postfix/mysql_virtual_alias_maps.cf virtual_gid_maps = static:125 virtual_mailbox_base = /var/spool/postfix virtual_mailbox_domains = proxy:mysql:/usr/local/etc/postfix/mysql_virtual_domains_maps.cf virtual_mailbox_maps = proxy:mysql:/usr/local/etc/postfix/mysql_virtual_mailbox_maps.cf virtual_transport = dovecot virtual_uid_maps = static:125 添加smtps端口: ee /usr/local/etc/postfix/master.cf smtps inet n - n - - smtpd -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes dovecot配置文件:有很多要修改的,这里的内容是dovecot -n显示的内容: # 2.2.18: /usr/local/etc/dovecot/dovecot.conf # OS: FreeBSD 10.2-RELEASE amd64 ufs base_dir = /var/run/dovecot/ first_valid_uid = 125 last_valid_uid = 125 mail_location = maildir:/var/spool/postfix/%d/%u namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = /usr/local/etc/dovecot/dovecot-sql.conf.ext driver = sql } service auth { unix_listener /var/spool/postfix/private/auth { mode = 0666 user = postfix } } ssl_cert = </etc/ssl/certs/dovecot.pem ssl_key = </etc/ssl/private/dovecot.pem userdb { args = /usr/local/etc/dovecot/dovecot-sql.conf.ext driver = sql } /usr/local/etc/dovecot/dovecot.conf protocols = imap pop3 lmtp base_dir = /var/run/dovecot/ /usr/local/etc/dovecot/dovecot-sql.conf.ext driver = mysql connect = host=localhost dbname=postfix user=postfix password=postfix default_pass_scheme = MD5-CRYPT password_query = SELECT password FROM mailbox WHERE username = '%u' user_query = SELECT maildir, 125 as uid,125 as gid FROM mailbox WHERE username = iterate_query = SELECT username AS user FROM mailbox /usr/local/etc/dovecot/conf.d/ 10-auth.conf disable_plaintext_auth = yes !include auth-sql.conf.ext 10-mail.conf mail_location = maildir:/var/spool/postfix/%d/%u first_valid_uid = 125 last_valid_uid = 125 10-master.conf # Postfix smtp-auth unix_listener /var/spool/postfix/private/auth { mode = 0666 user = postfix } 10-ssl.conf ssl = yes ssl_cert = </etc/ssl/certs/dovecot.pem ssl_key = </etc/ssl/private/dovecot.pem Link to comment Share on other sites More sharing options...
Jamers Posted October 3, 2015 Author Report Share Posted October 3, 2015 postfix添加RBL过滤垃圾邮件: main.cf 删除部分为了测试是否有效改成警告。正式使用的时候删除。 smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, warning_if_reject reject_rbl_client cblless.anti-spam.org.cn, reject_unauth_destination 在使用过程中发现还有一些伪造发信地址的情况发生,例如: Received: from xx.xx.xx.xx (unknown [23.99.111.214]) Received: from principal ([78.60.184.40]) by igh44-mail.transoceanic.shari.koran.intesis.cl (InterMail vM.5.01.05.12 313-520-296-997-665-49051947) with ESMTP id <20984197562965.KWRN818804.qvo56-mail.city.defrock.intesis.cl@denouement> for <xxx@xxx.com>; Wed, 07 Oct 2015 16:15:17 +0100 添加过滤条件: main.cf中添加验证 header_checks = pcre:/usr/local/etc/postfix/header_checks ee /usr/local/etc/postfix/header_checks if /^Received:/ /^Received: +from +223\.68\.199\.14 +\((unknown \[.*\])\)/ reject blacklist with Received: header: $1 endif 看看结果如何! Link to comment Share on other sites More sharing options...
Jamers Posted October 6, 2015 Author Report Share Posted October 6, 2015 roundcube密码无法修改: 修改配置文件: 居然无法提交SQL语句,伤! cp /usr/local/www/roundcube/plugins/password/config.inc.php.dist /usr/local/www/roundcube/plugins/password/config.inc.php ee /usr/local/www/roundcube/plugins/password/config.inc.php $config['password_db_dsn'] = 'mysql://postfix:postfix@localhost/postfix'; $rcmail_config['password_query'] = 'UPDATE mailbox SET password=%c WHERE username=%u'; //最后加一行,自动建立默认文件夹 $config['create_default_folders'] = true; Link to comment Share on other sites More sharing options...
Jamers Posted October 10, 2015 Author Report Share Posted October 10, 2015 垃圾邮件过滤事宜参考:http://wiki2.dovecot.org/Plugins/Antispam 反垃圾邮件设置:cd /usr/ports/mail/dovecot2-antispam-pluginmake install 然后在IMAP客户端标注垃圾邮件即可自动完成学习。 mailscanner+SpamAssassin /usr/ports/mail/mailscannermake install spamassassin 选上用来过滤垃圾邮件,杀毒模块自己选 cd /usr/ports/mail/spamass-rulesmake install ee /etc/rc.conf spamd_enable="YES" mta_enable="YES" mta_type="postfix" mailscanner_enable="YES" mailscanner_configfile="/usr/local/etc/MailScanner/MailScanner.conf" clamav_clamd_enable="YES" clamav_freshclam_enable="YES" mkdir -p /var/spool/MailScanner/incoming /var/spool/MailScanner/quarantine ##chown -R postfix:postfix /var/spool/MailScanner ee /usr/local/etc/MailScanner/MailScanner.conf %org-name% = zomew %org-long-name% = zomew.com %web-site% = www.zomew.com Run As User = postfix Incoming Queue Dir = /var/spool/postfix/incoming MTA = postfix ee /usr/local/etc/freshclam.conf #病毒库更新镜象地址设置,增加中国和日本的服务器 DatabaseMirror db.cn.clamav.net DatabaseMirror db.jp.clamav.net ee /usr/local/etc/clamd.conf #编辑杀毒配置文件 LogClean yes LogVerbose yes ee /usr/local/etc/mail/spamassassin/local.cf rewrite_header Subject *****SPAM***** Link to comment Share on other sites More sharing options...
Recommended Posts
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now