网上看了其它人的,自己编译了,记录一下!
Qmail相关
一:软件说明
netqmail-1.06.tar.gz Qmail主程序
toaster-scripts-0.9.1.tar.gz 脚本程序
ucspi-tcp-0.88.tar.gz 协助启动和管理的守护程序
vpopmail-5.4.33.tar.gz 以qmail为基础的虚拟域管理包,其允许在一个IP地址添加多个虚拟域
checkpassword-0.90.tar.gz 认证程序
daemontools-0.76.tar.gz 是inetd和winetd的代替品,用它来监听qmail-send,qmail-smtpd,qmail-pop3d
vqadmin 通过WEB添加域
qmailadmin 通过WEB管理vpopmail域的极好工具
文档:lifewithqmail.org
二:安装说明
0:禁用sendmail
service sendmail stop
chkconfig sendmail off
rpm -e --nodeps sendmail
yum install httpd php php-mysql mysql mysql-server mysql-devel gdbm gdbm-devel openssl openssl-devel stunnel krb5-devel gcc gcc-c++ libtool libtool-devel
1:安装 Qmail
创建主目录
mkdir /var/qmail
cd qmailsetup/netqmail-1.06/
添加用户
cp INSTALL.ids IDS
vi IDS #删除与系统不相关的行.
chmod 700 IDS; ./IDS
或者
groupadd nofiles &&\
useradd -g nofiles -d /var/qmail/alias -s /sbin/nologin -p'*' alias &&\
useradd -g nofiles -d /var/qmail -s /sbin/nologin -p'*' qmaild &&\
useradd -g nofiles -d /var/qmail -s /sbin/nologin -p'*' qmaill &&\
useradd -g nofiles -d /var/qmail -s /sbin/nologin -p'*' qmailp &&\
groupadd qmail &&\
useradd -g qmail -d /var/qmail -s /sbin/nologin -p'*' qmailq &&\
useradd -g qmail -d /var/qmail -s /sbin/nologin -p'*' qmailr &&\
useradd -g qmail -d /var/qmail -s /sbin/nologin -p'*' qmails
--------编译
make setup check
假如域名是example.com,主机名是dlphin,config-fast 命令行应该这样写:
./config-fast dolphin.example.com
ln -s /var/qmail/bin/sendmail /usr/lib/sendmail
ln -s /var/qmail/bin/sendmail /usr/sbin/sendmail
2:安装 ucspi-tcp
patch < ../netqmail-1.06/other-patches/ucspi-tcp-0.88.errno.patch
make && make setup check
3:安装 daemontools (注意安装位置)
mkdir /package; chmod 1755 /package; cd /package
tar xvf daemontools-0.76.tar.gz
cd /package/admin/daemontools-0.76
cd src
patch < /root/qmailsetup/netqmail-1.06/other-patches/daemontools-0.76.errno.patch
cd ..
package/install
检查svscan是否在运行
ps -ef | grep svscan
4:Qmail启动脚本
复制相关启动脚本到相关文件夹,脚本在附件里(qmail-conf.tar)
chmod 755 /var/qmail/rc
echo ./Maildir/ > /var/qmail/control/defaultdelivery
chmod 755 /var/qmail/bin/qmailctl
ln -s /var/qmail/bin/qmailctl /usr/bin
5:supervise 脚本
mkdir -p /var/log/qmail/{pop3ds,smtpd,pop3d,smtpds}
chown -R qmaill /var/log/qmail
chmod -R 750 /var/log/qmail
chmod -R 755 /var/qmail/supervise/
cd /var/qmail/supervise; chmod +t *
echo 20 > /var/qmail/control/concurrencyincoming
chmod 644 /var/qmail/control/concurrencyincoming
下面这个链接一定要做
ln -s /var/qmail/supervise/qmail-send /var/qmail/supervise/qmail-smtpd /var/qmail/supervise/qmail-pop3d /var/qmail/supervise/qmail-pop3ds /var/qmail/supervise/qmail-smtpds /service
6:建立系统别名(似乎没必要?)
别名 目的
postmaster RFC 2821 标准要求, 指向邮件系统管理员(也就是你)
mailer-daemon 反弹邮件事实上的标准接收者
root 转发特权用户, 根(root)用户的邮件给系统管理者
abuse 事实上的邮件滥用(垃圾邮件)举报地址
建立这些系统别名, 取决于你想让这些邮件发送到哪里(一个本地用户或者一个远程地址)并且适当的创建一个.qmail 文件集合. 举个例子, 加入你想让本地用户 dave 接收发给系统管理员和邮件管理员的邮件, 就这么作:
echo dave > /var/qmail/alias/.qmail-root
echo dave > /var/qmail/alias/.qmail-postmaster
ln -s .qmail-postmaster /var/qmail/alias/.qmail-mailer-daemon
ln -s .qmail-postmaster /var/qmail/alias/.qmail-abuse
chmod 644 /var/qmail/alias/.qmail-root /var/qmail/alias/.qmail-postmaster
在 INSTALL.alias 文件里面有更详细的细节.
7:检查qmail状态
qmailctl stat
/service/qmail-send: up (pid 13355) 665 seconds
/service/qmail-send/log: up (pid 13356) 665 seconds
/service/qmail-smtpd: up (pid 13357) 665 seconds
/service/qmail-smtpd/log: up (pid 13358) 665 seconds
messages in queue: 0
messages in queue but not yet preprocessed: 0
检查进程错误消息
ps -efl | grep "service errors" | grep -v grep
8:安装checkpassword
patch < /root/qmailsetup/netqmail-1.06/other-patches/checkpassword-0.90.errno.patch
make; make setup check
测试
Simulate a failed POP login:
# /var/qmail/bin/qmail-popup blah /bin/checkpassword pwd
+OK <...@blah>
user Frodo
+OK
pass Friend
-ERR authorization failed
9:安装vpopmail
CREATE DATABASE vpopmail;
GRANT SELECT ON vpopmail.* TO vpopmailread@localhost IDENTIFIED BY 'password';
GRANT ALL ON vpopmail.* TO vpopmail@localhost IDENTIFIED BY 'password';
flush privileges;
quit;
添加vpopmail运行用户和组
groupadd -g 809 vchkpw && useradd -g vchkpw -d /home/vpopmail -s /sbin/nologin -p'*' -u 809 vpopmail
编译
./configure \
--enable-auth-logging=y --enable-logging=v \
--enable-log-name=vpopmail --enable-auth-module=mysql \
--enable-onchange-script=n \
--enable-sqwebmail-pass=n --enable-many-domains=n \
--enable-passwd=y --disable-clear-passwd \
--enable-tcpserver-file=/etc/tcp.smtp --enable-incdir=/usr/include/mysql \
--enable-libdir=/usr/lib/mysql --enable-libs=mysqlclient \
--enable-ip-alias-domains=y --enable-qmail-ext=y \
--enable-mysql-replication=n --enable-valias=n
可选:--enable-vpopuser=vpopmail --enable-vpopgroup=vchkpw
-----------
如果启用漫游
--enable-roaming-users=y
40 * * * * /home/vpopmail/bin/clearopensmtp 2>&1 > /dev/null
支持漫游用户的原理是当某个漫游用户使用pop3取信以后,则在某断时间内允许该地址通过邮件服务器的转发信件。
make && make install-strip
修改数据库连接
echo "localhost|3306|vpopmail|password|vpopmail">/home/vpopmail/etc/vpopmail.mysql
chmod 640 /home/vpopmail/etc/vpopmail.mysql
chown -R vpopmail.vchkpw /home/vpopmail/etc
建立虚拟域(此处为 test.com)
/home/vpopmail/bin/vadddomain test.com;
/home/vpopmail/bin/vadduser [email protected]; (根据提示设定[email protected]的口令)
tcp.smtp文件定义了是否对某个网络设置RELAYCLIENT环境变量,配置允许连接邮件服务器的网络
echo '127.0.0.1:allow,RELAYCLIENT=""' > /home/vpopmail/etc/tcp.smtp
cd /home/vpopmail/etc ; tcprules tcp.smtp.cdb tcp.smtp.tmp < tcp.smtp
qmailctl cdb
10:安装SMTPS
cd /etc/pki/tls/certs
生成证书
make stunnel.pem
cp -rf stunnel.pem /etc/stunnel/
openssl req -new -x509 -nodes -out servercert.pem -days 3650 -keyout servercert.pem
mv servercert.pem /var/qmail/control/
ln -s /var/qmail/control/servercert.pem /var/qmail/control/clientcert.pem
chown -R vpopmail:qmail /var/qmail/control/clientcert.pem /var/qmail/control/servercert.pem
chmod 600 /var/qmail/control/servercert.pem
qmailctl restart
netstat -tnl #现在应该可以监听995,465了
11: 安装 Courier-IMAP
./configure --prefix=/usr/local --exec-prefix=/usr/local --with-authvchkpw \ --without-authldap --without-authmysql --disable-root-check --with-ssl \ --with-authchangepwdir=/usr/local/libexec/authlib --with-redhat
make && make check
make install-strip && make install-configure
cp courier-authlib.sysvinit /etc/init.d/courier-authlib
chmod 755 /etc/init.d/courier-authlib &&\
ln -s /etc/init.d/courier-authlib /etc/rc0.d/K30courier-authlib &&\
ln -s /etc/init.d/courier-authlib /etc/rc1.d/K30courier-authlib &&\
ln -s /etc/init.d/courier-authlib /etc/rc2.d/S80courier-authlib &&\
ln -s /etc/init.d/courier-authlib /etc/rc3.d/S80courier-authlib &&\
ln -s /etc/init.d/courier-authlib /etc/rc4.d/S80courier-authlib &&\
ln -s /etc/init.d/courier-authlib /etc/rc5.d/S80courier-authlib &&\
ln -s /etc/init.d/courier-authlib /etc/rc6.d/K30courier-authlib
su vpopmail
chown -R vpopmail:vchkpw courier-imap-4.1.2
这个目录不能在/root下面,否则权限不够
exit
创建证书
/usr/local/sbin/mkimapdcert
sed -i 's/@example.com/@test.com/g' /usr/local/etc/imapd.cnf
sed -i '403s/NO/YES/' /usr/local/etc/imapd
开启MD5验证
sed -i 's/THREAD=REFERENCES\ SORT\ QUOTA\ IDLE/THREAD=REFERENCES\ SORT\ QUOTA\ IDLE\ AUTH=CRAM-MD5/' /usr/local/etc/imapd
sed -i 's/IMAPDSSLSTART=NO/IMAPDSSLSTART=YES/g' /usr/local/etc/imapd-ssl
sed -i '27s/authuserdb\ authpwd\ authshadow\ authcustom\ authvchkpw\ authpipe/authvchkpw/' /usr/local/etc/authlib/authdaemonrc
cp courier-imap.sysvinit /etc/init.d/courier-imap
chmod 755 /etc/init.d/courier-imap &&\
ln -s /etc/init.d/courier-imap /etc/rc0.d/K30courier-imap &&\
ln -s /etc/init.d/courier-imap /etc/rc1.d/K30courier-imap &&\
ln -s /etc/init.d/courier-imap /etc/rc2.d/S80courier-imap &&\
ln -s /etc/init.d/courier-imap /etc/rc3.d/S80courier-imap &&\
ln -s /etc/init.d/courier-imap /etc/rc4.d/S80courier-imap &&\
ln -s /etc/init.d/courier-imap /etc/rc5.d/S80courier-imap &&\
ln -s /etc/init.d/courier-imap /etc/rc6.d/K30courier-imap
12: 安装Autorespond
make && make install
13: 安装ezmlm
make && make setup
14: 安装Qmailadmin
./configure --enable-cgibindir=/var/www/cgi-bin --enable-htmldir=/var/www/html --enable-ezmlmdir=/usr/local/bin/ezmlm --enable-autoresponder-bin=/usr/bin --enable-modify-quota
make
make install-strip
15:安装MailDrop
./configure --prefix=/usr/local --exec-prefix=/usr/local --enable-maildrop-uid=root --enable-maildrop-gid=vchkpw --enable-maildirquota
make && make install-strip && make install-man
16:安装TNEF reader(解开微软邮件附件用)
./configure && make && make install
17:安装Clamav
groupadd clamav; useradd -g clamav -d /dev/null -s /sbin/nologin clamav
touch /var/log/freshclam.log
chmod 644 /var/log/freshclam.log
chown clamav:clamav /var/log/freshclam.log
cp freshclam /etc/init.d/freshclam #复制脚本过去,脚本在附件里
chmod 755 /etc/init.d/freshclam &&\
ln -s /etc/init.d/freshclam /etc/rc0.d/K30freshclam &&\
ln -s /etc/init.d/freshclam /etc/rc1.d/K30freshclam &&\
ln -s /etc/init.d/freshclam /etc/rc2.d/S80freshclam &&\
ln -s /etc/init.d/freshclam /etc/rc3.d/S80freshclam &&\
ln -s /etc/init.d/freshclam /etc/rc4.d/S80freshclam &&\
ln -s /etc/init.d/freshclam /etc/rc5.d/S80freshclam &&\
ln -s /etc/init.d/freshclam /etc/rc6.d/K30freshclam
# add freshclam.log to logrotate
cp freshclam.logrotate /etc/logrotate.d/freshclam #复制脚本过去,脚本在附件里
# run clamd under daemontools
mkdir -p /var/qmail/supervise/clamd/log
mkdir -p /var/log/{clamd,clamav}
chown clamav.clamav -R /var/log/clamav/
chmod 644 -R /var/log/clamav/
cp clamd.run /var/qmail/supervise/clamd/run #复制脚本过去,脚本在附件里
cp clamd.log.run /var/qmail/supervise/clamd/log/run #复制脚本过去,脚本在附件里
chmod 755 /var/qmail/supervise/clamd/run
chmod 755 /var/qmail/supervise/clamd/log/run
# Start clamd and freshclam
ln -s /var/qmail/supervise/clamd /service
/etc/init.d/freshclam start
sed -i 's:^Example:#Example:;s:#DatabaseDirectory\ /var/lib/clamav:DatabaseDirectory\ /var/lib/clamav:;s:#UpdateLogFile\ /var/log/freshclam.log:UpdateLogFile\ /var/log/freshclam.log:;s:#LogSyslog:LogSyslog:;s:#PidFile\ /var/run/freshclam.pid:PidFile\ /var/run/freshclam.pid:' /usr/local/etc/freshclam.conf
sed -i 's:#FixStaleSocket\ yes:FixStaleSocket\ yes:;s:#LocalSocket\ /tmp/clamd.socket:LocalSocket\ /var/clamav/clamd.socket:;s:^Example:#Example:;s:#DatabaseDirectory\ /var/lib/clamav:DatabaseDirectory\ /var/lib/clamav:;s:#LogFile\ /tmp/clamd.log:LogFile\ /var/log/clamav/clamd.log:;s:#LogFileMaxSize\ 2M:LogFileMaxSize\ 2M:;s:#LogTime:LogTime:;s:#PidFile\ /var/run/clamd.pid:PidFile /var/run/clamd.pid:;s:#LogSyslog:LogSyslog:;s:#ScanMail:ScanMail:' /usr/local/etc/clamd.conf
cp clamd /etc/init.d/
chkconfig clamd on
mkdir /var/lib/clamav /var/clamav
chown clamav:clamav /var/lib/clamav
#升级clamscan病毒库
freshclam --verbose
#把freshclam加入crontab 定时更新病毒库,自动扫描/home目录
crontab -e
0 1 * * * freshclam --quiet -l /var/log/freshclam.log
0 6 * * * /usr/local/bin/clamscan --recursive --infected --log=/var/log/clamscan.log /home
18:安装DSPAM (反垃圾邮件)
./configure --with-dspam-owner=vpopmail --with-dspam-group=vchkpw \
--with-delivery-agent=/usr/local/bin/maildrop \
--enable-daemon --enable-clamav --enable-syslog --enable-preferences-extension \
--enable-long-usernames --enable-domain-scale --enable-virtual-users \
--prefix=/usr/local/dspam --with-dspam-mode=2510 \
--with-storage-driver=mysql_drv --with-mysql-includes=/usr/include/mysql \
--with-mysql-libraries=/usr/lib/mysql --with-logdir=/var/log/dspam/
cd src/tools.mysql_drv
mysql -u root -p -e "create database dspam"
mysql -u root -p -e "grant all on dspam.* to dspam@localhost identified by 'bian'"
cat mysql_objects-4.1.sql | mysql dspam -p
cat virtual_users.sql | mysql dspam -p
vi /usr/local/dspam/etc/dspam.conf #修改或增加
EnablePlusedDetail on
PlusedCharacter -
PlusedUserLowercase on
QuarantineMailbox -quarantine
Trust root
Trust dspam
Trust vpopmail
Tokenizer osb
ImprobabilityDrive on
Preference "signatureLocation=headers"
MySQLServer /var/lib/mysql/mysql.sock
MySQLUser dspam
MySQLPass password
MySQLDb dspam
MySQLCompress true
MySQLReconnect true
MySQLConnectionCache 10
MySQLUIDInSignature on
ServerPID /var/run/dspam.pid
===================================
vi /home/vpopmail/domains/example.com/.qmail-default
|/usr/local/dspam/bin/dspam --user $EXT@$HOST --deliver=innocent,spam --mode=teft --feature=tb=N,no,wh --stdout | /usr/local/bin/maildrop /home/vpopmail/global_mailfilter
vi /home/vpopmail/domains/example.com/.qmail-spam
|/usr/local/dspam/bin/dspam --user $SENDER --mode=teft --class=spam --source=error
chown vpopmail.vchkpw .qmail-spam
#安装DSPAM WEBGUI
mkdir /var/www/dspam
cp -r webgui/cgi-bin/* /var/www/dspam/
cp -f webgui/htpdocs/* /var/www/dspam
rm -f Makefile* && rm -f templates/Makefile*
chown -R vpopmail:vchkpw /var/www/dspam
cd /var/www/dspam
chmod 444 *.* && chmod 554 *.cgi && chmod 555 templates && chmod 444 templates/*
vi /var/www/dspam/configure.pl
$CONFIG{'DSPAM_ARGS'}
= "--deliver=innocent --class=innocent --source=error --user %CURRENT_USER% -d %u"
改为:
= "--deliver=innocent --class=innocent --feature=wh,no,tb --source=error --user $ENV{'REMOTE_USER'} --stdout | /var/qmail/bin/qmail-inject $ENV{'REMOTE_USER'}";
vi /etc/httpd/conf/httpd.conf
增加:
Listen 88
<VirtualHost *:88>
ServerName dspam.test.com
SuexecUserGroup vpopmail vchkpw
DocumentRoot /var/www/dspam
CustomLog /var/log/httpd/logs/dspam.access combined
ErrorLog /var/log/httpd/logs/dspam.errors
Alias / "/var/www/dspam/"
<Directory "/var/www/dspam/">
DirectoryIndex dspam.cgi
Options +ExecCGI -Includes +Indexes
Addhandler cgi-script .cgi
AuthName "DSPAM LOGIN"
Require valid-user
Order allow,deny
Allow from all
AuthType Basic
AuthUserFile /var/www/dspam/.htpasswd
</Directory>
</VirtualHost>
====================
htpasswd -c /var/www/dspam/.htpasswd [email protected] #添加用户和密码
三:测试
1)以上安装完成后,最好重启下服务器
2)通过命令行测试收发邮件
=====================开始SMTP发信操作==========================
[root@onki control]# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 test.com ESMTP
ehlo mail.test.com
250-test.com
250-PIPELINING
250 8BITMIME
mail from:[email protected]
250 ok
rcpt to:[email protected]
data
354 go ahead
this is a test!
.
250 ok 1318501063 qp 7668
quit
221 test.com
Connection closed by foreign host.
======================开始POP3收信操作==========================
[root@onki control]# telnet localhost 110 #telnet登录110端口
+OK <[email protected]>
user [email protected] # 用户名
+OK
pass mypassword # 登录密码
stat # 查看邮箱状态
+OK 1 240
list # 邮件列表
1 240
top 1 0 # 查看指定邮件的邮件头,0表示查看整个邮件头,其它正整数表示限制返回多少行。
Return-Path: <>
Delivered-To: [email protected]
Received: (qmail 7740 invoked from network); 13 Oct 2011 10:24:39 -0000
Received: from localhost (HELO mail.test.com) (127.0.0.1)
by test.com with SMTP; 13 Oct 2011 10:24:39 -0000
retr 1 # 获取指定邮件
Received: from localhost (HELO mail.onki.cn) (127.0.0.1)
by onki.cn with SMTP; 13 Oct 2011 10:24:39 -0000
dele 1 # 删除第1封邮件
quit # 退出
======================================
openssl s_client -connect localhost:465
测试 telnet localhost 25 差不多
openssl s_client -connect localhost:995
测试 telnet localhost 110 差不多
IMAPS测试
openssl s_client -connect localhost:993
a01 login [email protected] user
a01 OK LOGIN Ok.
a02 list "" *
* LIST (\Marked \HasNoChildren) "." "INBOX"
a02 OK LIST completed
a20 logout
* BYE Courier-IMAP server shutting down
a20 OK LOGOUT completed
closed
IMAP测试
telnet localhost 143
其它和IMAPS一样
四:其它说明 (网上其它兄弟的,有些没遇到过)
1:如果在foxmail或其他软件中,收信正常,发信有错误,请把/var/qmail/supervise/qmail-smtpd/run中添加的域名去 掉,然后把/home/vpopmail/etc/tcp.smtp.cdb所有者与组修改为vpopmail.vchkpw即可
2:/home/vpopmail/etc/defaultdomain (foxmail中无法仅使用名称,而要使用全称才能取信的功能)
3:关于qmail-pop3d/run与qmail-pop3ds/run中填写域名的问题,在run中会有'hostname',需要写入自己的域名,这时候填写应该把‘’也去掉,
不然会出现类似/home/Maildir之类的错误,特别提醒下!
4:给外网发信出现,The server reply: 553 sorry,that domain isn't in my list of allowed rcpthosts错误
需要修改/var/qmail/control/rcpthosts文件,添加相关域名