(原創)Install Postfix On FreeBSD 7.0
- 詳細內容
- 分類: BSD
- 發佈: 2008-09-22, 週一 00:22
- 作者 Super User
- 點擊數: 28323
Install Postfix On FreeBSD 7.0(Minimal+ports)
install cvsup
pkg_add -r cvsup-without-gui
rehash
update ports
cvsup -g -L 2 -h cvsup.tw.FreeBSD.org /usr/share/examples/cvsup/ports-supfile
install mysql
cd /usr/ports/databases/mysql50-server
make install WITH_CHARSET=utf8 WITH_XCHARSET=all WITH_COLLATION=utf8_general_ci BUILD_OPTIMIZED=yes BUILD_STATIC=yes WITH_NDB=yes clean
install apache + php
cd /usr/ports/www/apache22
make install clean
cd /usr/ports/lang/php5
make config
add
[X] APACHE Build Apache module
[X] MULTIBYTE Enable zend multibyte support
[X] MAILHEAD Enable mail header patch
make install clean
cp -rp /usr/local/etc/php.ini-dist /usr/local/etc/php.ini
vi /usr/local/etc/php.ini
change
magic_quotes_gpc = On
to
magic_quotes_gpc = Off
vi /usr/local/etc/apache22/httpd.conf
change
DirectoryIndex index.html
to
DirectoryIndex index.html index.htm index.php
AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps
cd /usr/ports/lang/php5-extensions
make install clean
add
[X] FTP FTP support
[X] GD GD library support
[X] IMAP IMAP support
[X] MBSTRING multibyte string support
[X] MYSQL MySQL database support
[X] MYSQLI MySQLi database support
[X] ZIP ZIP support
[X] ZLIB ZLIB support
install openssh
cd /usr/ports/security/openssh-portable
make install clean
vi /usr/local/etc/ssh/sshd_config
Port 61093
AllowUsers jason
vi /etc/rc.conf
#sshd_enable="YES"
syslogd_enable="YES"
syslogd_flags="-ss"
sendmail_enable="NONE"
apache22_enable="YES"
mysql_enable="YES"
named_enable="YES"
openssh_enable="YES"
vi /var/named/etc/namedb/named.conf
change
listen-on { 127.0.0.1; };
to
// listen-on { 127.0.0.1; };
vi /etc/resolv.conf
change to
nameserver 127.0.0.1
reboot
install cyrus-sasl
cd /usr/ports/security/cyrus-sasl2
make install WITH_AUTHDAEMON=yes clean
vi /usr/local/lib/sasl2/smtpd.conf
pwcheck_method:authdaemond
log_level:3
mech_list: PLAIN LOGIN
authdaemond_path:/var/run/authdaemond/socket
install Postfix
cd /usr/ports/mail/postfix
make install WITH_AUTHDAEMON=yes clean
add
[X] SASL2 Cyrus SASLv2 (Simple Auth. and Sec. Layer)
[X] TLS Enable SSL and TLS support
[X] MYSQL MySQL maps (choose version with WITH_MYSQL_VER)
You need user "postfix" added to group "mail".
Would you like me to add it [y]? y
Would you like to activate Postfix in /etc/mail/mailer.conf [n]? n
echo 'postfix: root' >> /etc/aliases
/usr/local/bin/newaliases
chown postfix:postfix /etc/opiekeys
mkdir /home/domains
pw groupadd vmail -g 500
pw useradd vmail -u 500 -g 500 -s /sbin/nologin -d /dev/null
chown -R vmail:vmail /home/domains
chmod -R ug+rwx,o-rwx /home/domains
mkdir /usr/local/etc/postfix/TLS
cd /usr/local/etc/postfix/TLS
openssl req -new -x509 -nodes -out smtpd.pem -keyout smtpd.pem -days 3650
Country Name (2 letter code) [AU]:CN
State or Province Name (full name) [Some-State]:Hong Kong
Locality Name (eg, city) []:Hong Kong
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Jason Tang Ltd
Organizational Unit Name (eg, section) []:IT
Common Name (eg, YOUR name) []:Jason Tang
Email Address []:Email住址會使用灌水程式保護機制。你需要啟動Javascript才能觀看它
vi /usr/local/etc/postfix/main.cf
myhostname = mail.jason-tang.com
mydomain = jason-tang.com
myorigin = $mydomain
mydestination = $myhostname localhost localhost.$mydomain
mynetworks = 127.0.0.1/32
inet_interfaces = all
virtual_mailbox_base = /home/domains/
virtual_mailbox_maps = mysql:/usr/local/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_mailbox_domains = mysql:/usr/local/etc/postfix/mysql_virtual_domains_maps.cf
virtual_alias_domains =
virtual_alias_maps = mysql:/usr/local/etc/postfix/mysql_virtual_alias_maps.cf
virtual_uid_maps = static:500
virtual_gid_maps = static:500
virtual_transport = maildrop
maildrop_destination_recipient_limit = 1
maildrop_destination_concurrency_limit = 1
message_size_limit = 51200000
virtual_mailbox_limit = 209715200
virtual_create_maildirsize = yes
virtual_mailbox_extended = yes
virtual_mailbox_limit_maps = mysql:/usr/local/etc/postfix/mysql_virtual_mailbox_limit_maps.cf
virtual_mailbox_limit_override = yes
virtual_maildir_limit_message = Sorry, the user's maildir has overdrawn his diskspace quota, please try again later.
virtual_overquota_bounce = yes
broken_sasl_auth_clients = yes
smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination
smtpd_sasl_local_domain = $mydomain
smtpd_sasl_security_options = noanonymous
smtpd_sasl_application_name = smtpd
smtpd_banner=$myhostname ESMTP $mail_name ($mail_version)
smtp_use_tls = yes
smtpd_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_key_file = /usr/local/etc/postfix/TLS/smtpd.pem
smtpd_tls_cert_file = /usr/local/etc/postfix/TLS/smtpd.pem
smtpd_tls_CAfile = /usr/local/etc/postfix/TLS/smtpd.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
mime_header_checks = regexp:/usr/local/etc/postfix/mime_header_checks.regexp
vi /usr/local/etc/postfix/master.cf
smtps inet n - n - - smtpd
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING
vi /usr/local/etc/postfix/mysql_virtual_alias_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
table = alias
select_field = goto
where_field = address
additional_conditions = AND active = '1'
vi /usr/local/etc/postfix/mysql_virtual_domains_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
table = domain
select_field = description
where_field = domain
additional_conditions = AND active = '1'
vi /usr/local/etc/postfix/mysql_virtual_mailbox_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
table = mailbox
select_field = maildir
where_field = username
additional_conditions = AND active = '1'
vi /usr/local/etc/postfix/mysql_virtual_mailbox_limit_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
table = mailbox
select_field = quota
where_field = username
additional_conditions = AND active = '1'
vi /usr/local/etc/postfix/mime_header_checks.regexp
/filename=\"?(.*)\.(bat|cmd|com|pif|exe)\"?$/ REJECT
vi /etc/rc.conf
postfix_enable="YES"
install sudo
cd /usr/ports/security/sudo
make install clean
vi /usr/local/etc/sudoers
www ALL=(vmail) NOPASSWD: /usr/local/bin/postfixadmin-mailbox-postcreation.sh, /usr/local/bin/postfixadmin-mailbox-postdeletion.sh, /usr/local/bin/postfixadmin-domain-postdeletion.sh
install Postfixadmin
cd /usr/ports/mail/postfixadmin
make install clean
add
[X] MYSQLI MySQL 4.1+ back-end (use mysqli PHP extension)
1. Create the MySQL Tables
mysql -u root
CREATE DATABASE postfix;
GRANT ALL ON postfix.* TO postfix@localhost IDENTIFIED BY "postfix";
exit
2. Configure PostfixAdmin
vi /usr/local/www/postfixadmin/config.inc.php
$CONF['configured'] = true;
$CONF['postfix_admin_url'] = 'http://mail.jason-tang.com/postfixadmin';
$CONF['database_type'] = 'mysqli';
$CONF['database_password'] = 'postfix';
$CONF['admin_email'] = Email住址會使用灌水程式保護機制。你需要啟動Javascript才能觀看它';
$CONF['domain_path'] = 'YES';
$CONF['domain_in_mailbox'] = 'NO';
$CONF['quota'] = 'YES';
$CONF['mailbox_postcreation_script']='/usr/local/bin/sudo -u vmail /usr/local/bin/postfixadmin-mailbox-postcreation.sh';
$CONF['mailbox_postdeletion_script']='/usr/local/bin/sudo -u vmail /usr/local/bin/postfixadmin-mailbox-postdeletion.sh';
$CONF['domain_postdeletion_script']='/usr/local/bin/sudo -u vmail /usr/local/bin/postfixadmin-domain-postdeletion.sh';
3. Configure Apache
vi /usr/local/etc/apache22/httpd.conf
Alias /postfixadmin "/usr/local/www/postfixadmin/"
<Directory "/usr/local/www/postfixadmin">
Options Indexes
AllowOverride ALL
Order allow,deny
Allow from all
</Directory>
/usr/local/etc/rc.d/apache22 restart
4.http://IP/postfixadmin/setup.php
You should see a list of 'OK' messages.
Admin: <-------- Input your Email address(Just for postfixadmin)
Password: <-------- Input your Password
Password (again): <-------- Input your Password again
And then click "Add Admin"
mv /usr/local/www/postfixadmin/setup.php /usr/local/www/postfixadmin/setup.php.disabled
chmod 000 /usr/local/www/postfixadmin/setup.php.disabled
5. Copy .sh files
cp -rp /usr/local/www/postfixadmin/ADDITIONS/postfixadmin*.sh /usr/local/bin
chmod 755 /usr/local/bin/postfixadmin*.sh
vi /usr/local/bin/postfixadmin-mailbox-postcreation.sh
change
basedir=/var/spool/maildirs
to
basedir=/home/domains
change
maildirmake "$maildir"
to
/usr/local/bin/maildirmake "$maildir"
vi /usr/local/bin/postfixadmin-mailbox-postdeletion.sh
change
basedir=/var/spool/maildirs
trashbase=/var/spool/deleted-maildirs
to
basedir=/home/domains
trashbase=/home/domains
vi /usr/local/bin/postfixadmin-domain-postdeletion.sh
change
basedir=/var/spool/maildirs
trashbase=/var/spool/deleted-maildirs
to
basedir=/home/domains
trashbase=/home/domains
install courier-imap
cd /usr/ports/mail/courier-imap
make install clean
add
[X] AUTH_MYSQL MySQL support
chmod +x /var/run/authdaemond
vi /usr/local/etc/authlib/authdaemonrc
authmodulelist="authmysql"
authmodulelistorig="authmysql"
vi /usr/local/etc/authlib/authmysqlrc
MYSQL_SERVER localhost
MYSQL_USERNAME postfix
MYSQL_PASSWORD postfix
MYSQL_SOCKET /tmp/mysql.sock
MYSQL_DATABASE postfix
MYSQL_USER_TABLE mailbox
MYSQL_CRYPT_PWFIELD password
MYSQL_UID_FIELD '500'
MYSQL_GID_FIELD '500'
MYSQL_LOGIN_FIELD username
MYSQL_HOME_FIELD '/home/domains/'
MYSQL_NAME_FIELD name
MYSQL_MAILDIR_FIELD maildir
MYSQL_QUOTA_FIELD concat(quota,'S')
MYSQL_WHERE_CLAUSE active='1'
cp -rp /usr/local/etc/courier-imap/pop3d.cnf.dist /usr/local/etc/courier-imap/pop3d.cnf
/usr/local/share/courier-imap/mkpop3dcert
cp -rp /usr/local/etc/courier-imap/imapd.cnf.dist /usr/local/etc/courier-imap/imapd.cnf
/usr/local/share/courier-imap/mkimapdcert
vi /etc/rc.conf
courier_authdaemond_enable="YES"
courier_imap_pop3d_enable="YES"
courier_imap_pop3d_ssl_enable="YES"
courier_imap_imapd_enable="YES"
courier_imap_imapd_ssl_enable="YES"
install maildrop
cd /usr/ports/mail/maildrop
make WITH_AUTHLIB=yes install clean
[X] AUTH_MYSQL MySQL support
vi /etc/maildroprc
logfile "/home/domains/maildrop.log"
to "$HOME$DEFAULT"
vi /usr/local/etc/postfix/master.cf
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
install squirrelmail
cd /usr/ports/mail/squirrelmail
make install clean
vi /usr/local/etc/php.ini
session.auto_start = 1
chown -R www:www /usr/local/www/squirrelmail
/usr/local/www/squirrelmail/configure
10->1->zh_TW->S->Q
vi /usr/local/etc/apache22/httpd.conf
Alias /webmail "/usr/local/www/squirrelmail/"
<Directory "/usr/local/www/squirrelmail">
Options Indexes
AllowOverride ALL
Order allow,deny
Allow from all
</Directory>
reboot
test:
http://IP/postfixadmin
http://IP/webmail
install clamav
cd /usr/ports/security/clamav
make install clean
[X] MILTER Compile the milter interface
vi /usr/local/etc/rc.d/clamav-milter
change
: ${clamav_milter_socket_mode="755"}
to
: ${clamav_milter_socket_mode="777"}
vi /etc/rc.conf
clamav_clamd_enable="YES"
clamav_freshclam_enable="YES"
clamav_milter_enable="YES"
install SpamAssassin
cd /usr/ports/mail/p5-Mail-SpamAssassin
make install clean
clean
[ ]AS_ROOT
vi /usr/local/etc/mail/spamassassin/local.cf
rewrite_header Subject *****SPAM*****
report_safe 1
required_score 5.0
use_bayes 1
bayes_auto_learn 1
ok_languages zh en
ok_locales en zh
mkdir /root/.spamassassin
chown -R spamd:spamd /root/.spamassassin
vi /etc/rc.conf
spamd_enable="YES"
cd /usr/ports/mail/spamass-milter
make install clean
vi /usr/local/etc/rc.d/spamass-milter
change
: ${spamass_milter_socket_mode="644"}
to
: ${spamass_milter_socket_mode="777"}
vi /etc/rc.conf
spamass_milter_enable="YES"
vi /usr/local/etc/postfix/main.cf
milter_connect_macros = b j _ {daemon_name} {if_name} {if_addr}
smtpd_milters =
unix:/var/run/clamav/clmilter.sock
unix:/var/run/spamass-milter.sock
milter_default_action = accept
vi /etc/mail/sendmail.cf
Xclamav-milter, S=local:/var/run/clamav/clmilter.sock,F=, T=S:4m;R:4m
reboot