Qmail+Vpopmail 安装相关文档

本文涉及的产品
云数据库 RDS MySQL,集群系列 2核4GB
推荐场景:
搭建个人博客
RDS MySQL Serverless 基础系列,0.5-2RCU 50GB
RDS MySQL Serverless 高可用系列,价值2615元额度,1个月
简介:

网上看了其它人的,自己编译了,记录一下!

Qmail相关
    一:软件说明
netqmail-1.06.tar.gz                Qmail主程序
toaster-scripts-0.9.1.tar.gz        脚本程序
ucspi-tcp-0.88.tar.gz                协助启动和管理的守护程序
vpopmail-5.4.33.tar.gz                以qmail为基础的虚拟域管理包,其允许在一个IP地址添加多个虚拟域
checkpassword-0.90.tar.gz            认证程序
daemontools-0.76.tar.gz                是inetd和winetd的代替品,用它来监听qmail-send,qmail-smtpd,qmail-pop3d 
vqadmin                                通过WEB添加域 
qmailadmin                            通过WEB管理vpopmail域的极好工具 

文档:lifewithqmail.org
 

    二:安装说明
0:禁用sendmail
service sendmail stop
chkconfig sendmail off
rpm -e --nodeps sendmail
yum install httpd php php-mysql mysql mysql-server mysql-devel gdbm gdbm-devel openssl openssl-devel stunnel krb5-devel gcc gcc-c++ libtool libtool-devel

1:安装 Qmail
创建主目录
mkdir /var/qmail
cd qmailsetup/netqmail-1.06/

添加用户
cp INSTALL.ids IDS
vi IDS #删除与系统不相关的行.
chmod 700 IDS; ./IDS

或者
groupadd nofiles &&\
useradd -g nofiles -d /var/qmail/alias -s /sbin/nologin -p'*' alias &&\
useradd -g nofiles -d /var/qmail -s /sbin/nologin -p'*' qmaild &&\
useradd -g nofiles -d /var/qmail -s /sbin/nologin -p'*' qmaill &&\
useradd -g nofiles -d /var/qmail -s /sbin/nologin -p'*' qmailp &&\
groupadd qmail &&\
useradd -g qmail -d /var/qmail -s /sbin/nologin -p'*' qmailq &&\
useradd -g qmail -d /var/qmail -s /sbin/nologin -p'*' qmailr &&\
useradd -g qmail -d /var/qmail -s /sbin/nologin -p'*' qmails

--------编译
make setup check
假如域名是example.com,主机名是dlphin,config-fast 命令行应该这样写:
./config-fast dolphin.example.com

ln -s /var/qmail/bin/sendmail /usr/lib/sendmail
ln -s /var/qmail/bin/sendmail /usr/sbin/sendmail

2:安装 ucspi-tcp
patch < ../netqmail-1.06/other-patches/ucspi-tcp-0.88.errno.patch
make && make setup check

3:安装 daemontools (注意安装位置)
mkdir /package; chmod 1755 /package; cd /package
tar xvf daemontools-0.76.tar.gz
cd /package/admin/daemontools-0.76
cd src
patch < /root/qmailsetup/netqmail-1.06/other-patches/daemontools-0.76.errno.patch
cd ..
package/install

检查svscan是否在运行
ps -ef | grep svscan

4:Qmail启动脚本
复制相关启动脚本到相关文件夹,脚本在附件里(qmail-conf.tar)
chmod 755 /var/qmail/rc
echo ./Maildir/ > /var/qmail/control/defaultdelivery

chmod 755 /var/qmail/bin/qmailctl
ln -s /var/qmail/bin/qmailctl /usr/bin

5:supervise 脚本
mkdir -p /var/log/qmail/{pop3ds,smtpd,pop3d,smtpds}
chown -R qmaill /var/log/qmail
chmod -R 750 /var/log/qmail

chmod -R 755 /var/qmail/supervise/
cd /var/qmail/supervise; chmod +t *

echo 20 > /var/qmail/control/concurrencyincoming
chmod 644 /var/qmail/control/concurrencyincoming

下面这个链接一定要做
ln -s /var/qmail/supervise/qmail-send /var/qmail/supervise/qmail-smtpd /var/qmail/supervise/qmail-pop3d /var/qmail/supervise/qmail-pop3ds /var/qmail/supervise/qmail-smtpds /service

6:建立系统别名(似乎没必要?)
别名     目的
postmaster        RFC 2821 标准要求, 指向邮件系统管理员(也就是你)
mailer-daemon     反弹邮件事实上的标准接收者
root             转发特权用户, 根(root)用户的邮件给系统管理者
abuse             事实上的邮件滥用(垃圾邮件)举报地址
建立这些系统别名, 取决于你想让这些邮件发送到哪里(一个本地用户或者一个远程地址)并且适当的创建一个.qmail 文件集合. 举个例子, 加入你想让本地用户 dave 接收发给系统管理员和邮件管理员的邮件, 就这么作:

    echo dave > /var/qmail/alias/.qmail-root
    echo dave > /var/qmail/alias/.qmail-postmaster
    ln -s .qmail-postmaster /var/qmail/alias/.qmail-mailer-daemon
    ln -s .qmail-postmaster /var/qmail/alias/.qmail-abuse  
    chmod 644 /var/qmail/alias/.qmail-root /var/qmail/alias/.qmail-postmaster

在 INSTALL.alias 文件里面有更详细的细节.

7:检查qmail状态
qmailctl stat
/service/qmail-send: up (pid 13355) 665 seconds
/service/qmail-send/log: up (pid 13356) 665 seconds
/service/qmail-smtpd: up (pid 13357) 665 seconds
/service/qmail-smtpd/log: up (pid 13358) 665 seconds
messages in queue: 0
messages in queue but not yet preprocessed: 0
检查进程错误消息
ps -efl | grep "service errors" | grep -v grep

8:安装checkpassword
patch < /root/qmailsetup/netqmail-1.06/other-patches/checkpassword-0.90.errno.patch
make; make setup check

测试
Simulate a failed POP login:

     # /var/qmail/bin/qmail-popup blah /bin/checkpassword pwd
     +OK <...@blah>
     user Frodo
     +OK
     pass Friend
     -ERR authorization failed

9:安装vpopmail
CREATE DATABASE vpopmail;
GRANT SELECT ON vpopmail.* TO vpopmailread@localhost IDENTIFIED BY 'password';
GRANT ALL ON vpopmail.* TO vpopmail@localhost IDENTIFIED BY 'password';
flush privileges;
quit;

添加vpopmail运行用户和组
groupadd -g 809 vchkpw && useradd -g vchkpw -d /home/vpopmail -s /sbin/nologin -p'*' -u 809 vpopmail

编译
./configure \
--enable-auth-logging=y --enable-logging=v \
--enable-log-name=vpopmail --enable-auth-module=mysql \
--enable-onchange-script=n \
--enable-sqwebmail-pass=n --enable-many-domains=n \
--enable-passwd=y --disable-clear-passwd \
--enable-tcpserver-file=/etc/tcp.smtp --enable-incdir=/usr/include/mysql \
--enable-libdir=/usr/lib/mysql --enable-libs=mysqlclient \
--enable-ip-alias-domains=y --enable-qmail-ext=y \
--enable-mysql-replication=n --enable-valias=n
可选:--enable-vpopuser=vpopmail --enable-vpopgroup=vchkpw
-----------
如果启用漫游
--enable-roaming-users=y
40 * * * * /home/vpopmail/bin/clearopensmtp 2>&1 > /dev/null
支持漫游用户的原理是当某个漫游用户使用pop3取信以后,则在某断时间内允许该地址通过邮件服务器的转发信件。
-----------
make && make install-strip

修改数据库连接
echo "localhost|3306|vpopmail|password|vpopmail">/home/vpopmail/etc/vpopmail.mysql
chmod 640 /home/vpopmail/etc/vpopmail.mysql
chown -R vpopmail.vchkpw /home/vpopmail/etc

建立虚拟域(此处为 test.com)
/home/vpopmail/bin/vadddomain test.com;
/home/vpopmail/bin/vadduser user1@test.com; (根据提示设定user1@test.com的口令)

tcp.smtp文件定义了是否对某个网络设置RELAYCLIENT环境变量,配置允许连接邮件服务器的网络
echo '127.0.0.1:allow,RELAYCLIENT=""' > /home/vpopmail/etc/tcp.smtp
cd /home/vpopmail/etc ; tcprules tcp.smtp.cdb tcp.smtp.tmp < tcp.smtp
qmailctl cdb

10:安装SMTPS
cd /etc/pki/tls/certs
生成证书
make stunnel.pem
cp -rf  stunnel.pem  /etc/stunnel/
openssl req -new -x509 -nodes -out servercert.pem -days 3650 -keyout servercert.pem
mv servercert.pem /var/qmail/control/
ln -s /var/qmail/control/servercert.pem /var/qmail/control/clientcert.pem
chown -R vpopmail:qmail /var/qmail/control/clientcert.pem /var/qmail/control/servercert.pem
chmod 600 /var/qmail/control/servercert.pem
qmailctl restart
netstat -tnl #现在应该可以监听995,465了


11: 安装 Courier-IMAP
./configure --prefix=/usr/local --exec-prefix=/usr/local --with-authvchkpw \ --without-authldap --without-authmysql --disable-root-check --with-ssl \ --with-authchangepwdir=/usr/local/libexec/authlib --with-redhat
make && make check
make install-strip && make install-configure

cp courier-authlib.sysvinit /etc/init.d/courier-authlib
chmod 755 /etc/init.d/courier-authlib &&\
ln -s /etc/init.d/courier-authlib /etc/rc0.d/K30courier-authlib &&\
ln -s /etc/init.d/courier-authlib /etc/rc1.d/K30courier-authlib &&\
ln -s /etc/init.d/courier-authlib /etc/rc2.d/S80courier-authlib &&\
ln -s /etc/init.d/courier-authlib /etc/rc3.d/S80courier-authlib &&\
ln -s /etc/init.d/courier-authlib /etc/rc4.d/S80courier-authlib &&\
ln -s /etc/init.d/courier-authlib /etc/rc5.d/S80courier-authlib &&\
ln -s /etc/init.d/courier-authlib /etc/rc6.d/K30courier-authlib

su vpopmail
chown -R vpopmail:vchkpw courier-imap-4.1.2
这个目录不能在/root下面,否则权限不够
./configure --prefix=/usr/local --exec-prefix=/usr/local --with-authvchkpw \ --without-authldap --without-authmysql --disable-root-check --with-ssl \ --with-authchangepwdir=/usr/local/libexec/authlib --with-redhat
make && make check
exit
make install-strip && make install-configure
创建证书
/usr/local/sbin/mkimapdcert
sed -i 's/@example.com/@test.com/g' /usr/local/etc/imapd.cnf
sed -i '403s/NO/YES/' /usr/local/etc/imapd
开启MD5验证
sed -i 's/THREAD=REFERENCES\ SORT\ QUOTA\ IDLE/THREAD=REFERENCES\ SORT\ QUOTA\ IDLE\ AUTH=CRAM-MD5/' /usr/local/etc/imapd

sed -i 's/IMAPDSSLSTART=NO/IMAPDSSLSTART=YES/g' /usr/local/etc/imapd-ssl
sed -i '27s/authuserdb\ authpwd\ authshadow\ authcustom\ authvchkpw\ authpipe/authvchkpw/' /usr/local/etc/authlib/authdaemonrc

cp courier-imap.sysvinit /etc/init.d/courier-imap
chmod 755 /etc/init.d/courier-imap &&\
ln -s /etc/init.d/courier-imap /etc/rc0.d/K30courier-imap &&\
ln -s /etc/init.d/courier-imap /etc/rc1.d/K30courier-imap &&\
ln -s /etc/init.d/courier-imap /etc/rc2.d/S80courier-imap &&\
ln -s /etc/init.d/courier-imap /etc/rc3.d/S80courier-imap &&\
ln -s /etc/init.d/courier-imap /etc/rc4.d/S80courier-imap &&\
ln -s /etc/init.d/courier-imap /etc/rc5.d/S80courier-imap &&\
ln -s /etc/init.d/courier-imap /etc/rc6.d/K30courier-imap

12: 安装Autorespond
make && make install

13: 安装ezmlm
make && make setup

14: 安装Qmailadmin
./configure --enable-cgibindir=/var/www/cgi-bin --enable-htmldir=/var/www/html --enable-ezmlmdir=/usr/local/bin/ezmlm --enable-autoresponder-bin=/usr/bin --enable-modify-quota
make
make install-strip

15:安装MailDrop
./configure --prefix=/usr/local --exec-prefix=/usr/local --enable-maildrop-uid=root --enable-maildrop-gid=vchkpw --enable-maildirquota
make && make install-strip && make install-man

16:安装TNEF reader(解开微软邮件附件用)
./configure && make && make install

17:安装Clamav
groupadd clamav; useradd -g clamav -d /dev/null -s /sbin/nologin clamav
./configure && make && make install

touch /var/log/freshclam.log
chmod 644 /var/log/freshclam.log
chown clamav:clamav /var/log/freshclam.log
cp freshclam /etc/init.d/freshclam #复制脚本过去,脚本在附件里
chmod 755 /etc/init.d/freshclam &&\
ln -s /etc/init.d/freshclam /etc/rc0.d/K30freshclam &&\
ln -s /etc/init.d/freshclam /etc/rc1.d/K30freshclam &&\
ln -s /etc/init.d/freshclam /etc/rc2.d/S80freshclam &&\
ln -s /etc/init.d/freshclam /etc/rc3.d/S80freshclam &&\
ln -s /etc/init.d/freshclam /etc/rc4.d/S80freshclam &&\
ln -s /etc/init.d/freshclam /etc/rc5.d/S80freshclam &&\
ln -s /etc/init.d/freshclam /etc/rc6.d/K30freshclam

# add freshclam.log to logrotate
cp freshclam.logrotate /etc/logrotate.d/freshclam #复制脚本过去,脚本在附件里

# run clamd under daemontools
mkdir -p /var/qmail/supervise/clamd/log
mkdir -p /var/log/{clamd,clamav}
chown clamav.clamav -R /var/log/clamav/ 
chmod 644 -R /var/log/clamav/ 
cp clamd.run /var/qmail/supervise/clamd/run #复制脚本过去,脚本在附件里
cp clamd.log.run /var/qmail/supervise/clamd/log/run #复制脚本过去,脚本在附件里
chmod 755 /var/qmail/supervise/clamd/run
chmod 755 /var/qmail/supervise/clamd/log/run

# Start clamd and freshclam
ln -s /var/qmail/supervise/clamd /service
/etc/init.d/freshclam start

sed -i 's:^Example:#Example:;s:#DatabaseDirectory\ /var/lib/clamav:DatabaseDirectory\ /var/lib/clamav:;s:#UpdateLogFile\ /var/log/freshclam.log:UpdateLogFile\ /var/log/freshclam.log:;s:#LogSyslog:LogSyslog:;s:#PidFile\ /var/run/freshclam.pid:PidFile\ /var/run/freshclam.pid:' /usr/local/etc/freshclam.conf

sed -i 's:#FixStaleSocket\ yes:FixStaleSocket\ yes:;s:#LocalSocket\ /tmp/clamd.socket:LocalSocket\ /var/clamav/clamd.socket:;s:^Example:#Example:;s:#DatabaseDirectory\ /var/lib/clamav:DatabaseDirectory\ /var/lib/clamav:;s:#LogFile\ /tmp/clamd.log:LogFile\ /var/log/clamav/clamd.log:;s:#LogFileMaxSize\ 2M:LogFileMaxSize\ 2M:;s:#LogTime:LogTime:;s:#PidFile\ /var/run/clamd.pid:PidFile /var/run/clamd.pid:;s:#LogSyslog:LogSyslog:;s:#ScanMail:ScanMail:' /usr/local/etc/clamd.conf

cp clamd /etc/init.d/
chkconfig clamd on

mkdir /var/lib/clamav /var/clamav
chown clamav:clamav /var/lib/clamav
#升级clamscan病毒库
freshclam --verbose

#把freshclam加入crontab 定时更新病毒库,自动扫描/home目录
crontab -e
0 1 * * * freshclam --quiet -l /var/log/freshclam.log
0 6 * * * /usr/local/bin/clamscan --recursive --infected --log=/var/log/clamscan.log /home

18:安装DSPAM (反垃圾邮件)
./configure --with-dspam-owner=vpopmail --with-dspam-group=vchkpw \
--with-delivery-agent=/usr/local/bin/maildrop \
--enable-daemon --enable-clamav --enable-syslog --enable-preferences-extension \
--enable-long-usernames --enable-domain-scale --enable-virtual-users \
--prefix=/usr/local/dspam --with-dspam-mode=2510 \
--with-storage-driver=mysql_drv --with-mysql-includes=/usr/include/mysql \
--with-mysql-libraries=/usr/lib/mysql --with-logdir=/var/log/dspam/
make && make install

cd src/tools.mysql_drv
mysql -u root -p -e "create database dspam"
mysql -u root -p -e "grant all on dspam.* to dspam@localhost identified by 'bian'"
cat mysql_objects-4.1.sql | mysql dspam -p
cat virtual_users.sql | mysql dspam -p 

vi /usr/local/dspam/etc/dspam.conf #修改或增加
EnablePlusedDetail on
PlusedCharacter - 
PlusedUserLowercase on 
QuarantineMailbox -quarantine

Trust root 
Trust dspam 
Trust vpopmail

Tokenizer osb 
ImprobabilityDrive on

Preference "signatureLocation=headers"

MySQLServer /var/lib/mysql/mysql.sock 
MySQLUser dspam 
MySQLPass password
MySQLDb dspam 
MySQLCompress true 
MySQLReconnect true 
MySQLConnectionCache 10 
MySQLUIDInSignature on

ServerPID               /var/run/dspam.pid

===================================

vi /home/vpopmail/domains/example.com/.qmail-default
|/usr/local/dspam/bin/dspam --user $EXT@$HOST --deliver=innocent,spam --mode=teft --feature=tb=N,no,wh --stdout | /usr/local/bin/maildrop /home/vpopmail/global_mailfilter
vi /home/vpopmail/domains/example.com/.qmail-spam 
|/usr/local/dspam/bin/dspam --user $SENDER --mode=teft --class=spam --source=error 
chown vpopmail.vchkpw .qmail-spam 

#安装DSPAM WEBGUI
mkdir /var/www/dspam
cp -r webgui/cgi-bin/* /var/www/dspam/
cp -f webgui/htpdocs/* /var/www/dspam
rm -f Makefile* && rm -f templates/Makefile*
chown -R vpopmail:vchkpw /var/www/dspam
cd /var/www/dspam 
chmod 444 *.* && chmod 554 *.cgi && chmod 555 templates && chmod 444 templates/*

vi /var/www/dspam/configure.pl
$CONFIG{'DSPAM_ARGS'}
= "--deliver=innocent --class=innocent --source=error --user %CURRENT_USER% -d %u"
改为:
$CONFIG{'DSPAM_ARGS'}
= "--deliver=innocent --class=innocent --feature=wh,no,tb --source=error --user $ENV{'REMOTE_USER'} --stdout | /var/qmail/bin/qmail-inject $ENV{'REMOTE_USER'}";

vi /etc/httpd/conf/httpd.conf
增加:
Listen 88
<VirtualHost *:88>
ServerName dspam.test.com
SuexecUserGroup vpopmail vchkpw
DocumentRoot /var/www/dspam
CustomLog /var/log/httpd/logs/dspam.access combined

ErrorLog /var/log/httpd/logs/dspam.errors
Alias / "/var/www/dspam/"

<Directory "/var/www/dspam/">
DirectoryIndex dspam.cgi
Options +ExecCGI -Includes +Indexes
Addhandler cgi-script .cgi
AuthName "DSPAM LOGIN"
Require valid-user
Order allow,deny
Allow from all
AuthType Basic
AuthUserFile /var/www/dspam/.htpasswd
Require valid-user
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
====================
htpasswd -c /var/www/dspam/.htpasswd user@test.com #添加用户和密码


    三:测试
1)以上安装完成后,最好重启下服务器
2)通过命令行测试收发邮件
=====================开始SMTP发信操作==========================
[root@onki control]# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 test.com ESMTP
ehlo mail.test.com
250-test.com
250-PIPELINING
250 8BITMIME
mail from:user1@test.com
250 ok
rcpt to:user2@test.com
250 ok
data
354 go ahead
this is a test!
.
250 ok 1318501063 qp 7668
quit
221 test.com
Connection closed by foreign host.

======================开始POP3收信操作==========================

[root@onki control]# telnet localhost 110   #telnet登录110端口
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
+OK <7747.1318501500@test.com>
user user2@test.com           # 用户名
+OK
pass mypassword                    # 登录密码
+OK
stat                                                  # 查看邮箱状态
+OK 1 240
list                                           # 邮件列表
+OK
1 240
.
top 1 0                         # 查看指定邮件的邮件头,0表示查看整个邮件头,其它正整数表示限制返回多少行。
+OK
Return-Path: <>
Delivered-To: user1@onki.cn
Received: (qmail 7740 invoked from network); 13 Oct 2011 10:24:39 -0000
Received: from localhost (HELO mail.test.com) (127.0.0.1)
  by test.com with SMTP; 13 Oct 2011 10:24:39 -0000
this is a test!

retr 1                     # 获取指定邮件
+OK
Return-Path: <>
Delivered-To: user1@onki.cn
Received: (qmail 7740 invoked from network); 13 Oct 2011 10:24:39 -0000
Received: from localhost (HELO mail.onki.cn) (127.0.0.1)
  by onki.cn with SMTP; 13 Oct 2011 10:24:39 -0000
this is a test!
dele 1                # 删除第1封邮件
+OK
quit           # 退出
+OK
Connection closed by foreign host.
======================================
openssl s_client -connect localhost:465
测试 telnet localhost 25 差不多
openssl s_client -connect localhost:995 
测试 telnet localhost 110 差不多
======================================
IMAPS测试
openssl s_client -connect localhost:993
 a01 login user@test.com user
a01 OK LOGIN Ok.
a02 list "" *
* LIST (\Marked \HasNoChildren) "." "INBOX"
a02 OK LIST completed
a20 logout
* BYE Courier-IMAP server shutting down
a20 OK LOGOUT completed
closed
IMAP测试
telnet localhost 143
其它和IMAPS一样
======================================


    四:其它说明 (网上其它兄弟的,有些没遇到过)
1:如果在foxmail或其他软件中,收信正常,发信有错误,请把/var/qmail/supervise/qmail-smtpd/run中添加的域名去 掉,然后把/home/vpopmail/etc/tcp.smtp.cdb所有者与组修改为vpopmail.vchkpw即可
2:/home/vpopmail/etc/defaultdomain (foxmail中无法仅使用名称,而要使用全称才能取信的功能)
3:关于qmail-pop3d/run与qmail-pop3ds/run中填写域名的问题,在run中会有'hostname',需要写入自己的域名,这时候填写应该把‘’也去掉,
不然会出现类似/home/Maildir之类的错误,特别提醒下!
4:给外网发信出现,The server reply: 553 sorry,that domain isn't in my list of allowed rcpthosts错误
需要修改/var/qmail/control/rcpthosts文件,添加相关域名



本文转自 nonono11 51CTO博客,原文链接:http://blog.51cto.com/abian/1107871,如需转载请自行联系原作者

相关文章
|
7月前
|
数据安全/隐私保护
Outlook Webmail使用方法
Outlook Webmail使用方法
|
Web App开发 Linux 索引
Linux服务器---邮件服务openwebmail配置
配置openwebmail       通过修改配置文件openwebmail.conf,实现个性化邮箱定制。用户可以自由的更改邮箱logo、域名、容量 、签名等信息。1、重定向index,快速打开邮箱。
1147 0
|
测试技术 Linux 开发工具
Linux中mail邮件服务postfix故障解决方法
故障点 Llnux做好邮箱服务后不能与Windows的outlook连接或者登录提示出错。 可以看到我在Windows上的outlook添加的我自己的服务器配置的mail信息 显示任务:登录到接收邮件服务器(P0P3) 失败 发送测试电子邮件信息 失败 错误:登录到接收邮件服务器(POP3):找不到电子邮件服务器。
6248 0
|
SQL 关系型数据库 测试技术
|
Linux 开发工具 网络协议