在FreeBSD下架起安全的Mail Server及webmail51CTO博客 - 威尼斯人

在FreeBSD下架起安全的Mail Server及webmail51CTO博客

2019年04月02日14时23分52秒 | 作者: 华晖 | 标签: 履行,进入,保存 | 浏览: 2775

一、准备作业1.一台服务器或可充任服务器的电脑2.FreeBSD的装置盘,DVD格局的
二、装置过程1.装置FreeBSD操作系统2.portsnap更新ports树3.编译需求的软件进入/usr/ports/www/nginx履行make config挑选如下[X] FILE_AIO
[X] HTTP_MODULE
[X] HTTP_CACHE_MODULE                                                                                                            
[X] HTTP_GZIP_STATIC_MODULE                                                                                                            
[X] HTTP_PERL_MODULE
[X] HTTP_REALIP_MODULE
[X] HTTP_REWRITE_MODULE
[X] HTTP_SECURE_LINK_MODULE
[X] HTTP_SSL_MODULE
[X] HTTP_SUB_MODULE
[X] HTTP_XSLT_MODULE
[X] WWW然后make install clean进入/usr/port/lang/php52履行make config[X] CLI
[X] CGI
[X] REDIRECT
[X] DISCARD
[X] FASTCGI
[X] FPM
[X] PATHINFO履行make install clean进入/usr/ports/lang/php52-extensions履行make config[X] BZ2
[X] CALENDAR
[X] CTYPE
[X] CURL
[X] DOM
[X] FILEINFO
[X] FILTER
[X] GD
[X] GETTEXT
[X] HASH
[X] ICONV
[X] IMAP
[X] JSON
[X] MBSTRING
[X] MCRYPT
[X] MHASH
[X] MYSQL
[X] MYSQLI
[X] OPENSSL
[X] PCNTL
[X] PCRE
[X] PDO
[X] PDO_MYSQL
[X] POSIX
[X] SESSION
[X] SIMPLEXML
[X] SNMP
[X] SOCKETS
[X] SPL
[X] SYSVMSG
[X] SYSVSEM
[X] SYSVSHM
[X] TOKENIZER
[X] XML
[X] XMLREADER
[X] XMLRPC
[X] XMLWRITER
[X] XSL
[X] ZIP
[X] ZLIB履行make install clean进入/usr/ports/databases/mysql55-server履行make config[X] OPENSSL履行make install clean进入/usr/port/mail/courier-imap履行make config[X] AUTH_MYSQLmake install clean-进入/usr/ports/mail/postfix履行make config[X] PCRE
[X] SASL2
[X] TLS
[X] MYSQL
[X] VDAmake install clean进入/usr/ports/security/clamav履行make config[X] ARC
[X] ARJ
[X] LHA
[X] UNZOO
[X] UNRAR
[X] LLVM
[X] TESTS
[X] MILTER
[X] ICONV                 Enable ICONV supportmake install clean-进入/usr/ports/security/amavisd-new履行make config[X] MYSQL
[X] SASL
[X] SPAMASSASSIN
[X] FILE
[X] RAR
[X] UNRAR
[X] ARJ
[X] LHA
[X] ARC
[X] CAB
[X] RPM
[X] ZOO
[X] LZOP
[X] FREEZE
[X] P7ZIP
[X] MSWORDmake install clean-进入/usr/ports/mail/p5-Mail-SpamAssassin履行make config[X] AS_ROOT
[X] SPAMC
[X] DKIM
[X] SSL
[X] GNUPG
[X] MYSQL履行make install clean-进入/usr/ports/mail/postfixadmin履行make config[X] MYSQL
[X] MYSQLI履行make install clean
软件装置作业完结,进入装备阶段,我很喜欢FreeBSD的一点便是,软件编译完结之后,一切的装备文件都会放在/usr/local/etc下,不需求你处处去找conf或许etc文件夹。

4.装备文件重要第一步翻开/etc/rc.conf写入nginx_enable="YES"
mysql_enable="YES"
php_fpm_enable="YES"进入/usr/local/etc/rc.d顺次履行#./nginx start#./mysql-server start#./php-fpm start装备你的nginx和php,翻开你的网站,直到你看见http://localhost/postfixadmin的装置界面,装置他。
进入/usr/local/etc/postfix翻开main.cf,到文件尾参加下列代码#= BASE
#myhostname = mail
#mydomain = raytoon.cn
home_mailbox = maildir/
#mydestination = $myhostname
#local_recipient_maps =
command_directory = /usr/local/sbin
local_transport = virtual

#= MYSQL =
virtual_gid_maps = static:80
virtual_mailbox_base = /data/mail/virtual
virtual_uid_maps = static:80
virtual_minimum_uid = 80
virtual_alias_maps = mysql:/usr/local/etc/postfix/virtual_alias_maps.cf
virtual_mailbox_domains = mysql:/usr/local/etc/postfix/virtual_domains_maps.cf
virtual_mailbox_maps = mysql:/usr/local/etc/postfix/virtual_mailbox_maps.cf

#= Quota
message_size_limit = 5242880
virtual_mailbox_limit_inbox = no
virtual_mailbox_limit_override = yes
virtual_maildir_extended = yes
virtual_mailbox_extend = yes
virtual_mailbox_limit_override = yes
virtual_create_maildirsize = yes
virtual_mailbox_limit_maps = mysql:/usr/local/etc/postfix/virtual_mailbox_limit_maps.cf
virtual_mailbox_limit = 52428800

# SASL
smtpd_sasl_auth_enable = yes
smtpd_sasl2_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl2_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_delay_reject=yes
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_auth_destination,reject
smtpd_client_restrictions = permit_sasl_authenticated
#smtpd_sasl_local_domain = $mydomain
smtpd_helo_required = yes
strict_rfc821_envelopes = yes保存退出,留意80是用户和组ID,假如你的nginx用户和组ID不是80,你就需求改这两个数字-新建/usr/local/etc/postfix/virtual_mailbox_limit_maps.cfuser = root
password = xxxxxxx
hosts = localhost
dbname = postfix
table = mailbox
select_field = quota
where_field = username保存退出新建/usr/local/etc/postfix/virtual_alias_maps.cfuser = root
password = xxxxxxx
hosts = localhost
dbname = postfix
table = alias
select_field = goto
where_field = address保存退出-新建/usr/local/etc/postfix/virtual_domains_maps.cfuser = root
password = xxxxxxxx
hosts = localhost
dbname = postfix
table = domain
select_field = description
where_field = domain保存退出新建/usr/local/etc/postfix/virtual_mailbox_maps.cfuser = root
password = xxxxxxxx
hosts = localhost
dbname = postfix
table = mailbox
select_field = maildir
where_field = username保存退出-翻开/usr/local/etc/authlib/authdaemonrc,找到authmodulelist=删去其他选项,只留authmysql,找到authmodulelistorig=删去其他,只保存authmysql。参加version="authaemond.mysql"保存退出翻开/usr/local/etc/authlib/authmysqlrcDEFAULT_DOMAIN your.domian
MYSQL_CRYPT_PWFIELD password
MYSQL_DATABASE postfix
MYSQL_GID_FIELD 80
MYSQL_HOME_FIELD /data/mail/virtual
MYSQL_LOGIN_FIELD username
MYSQL_MAILDIR_FIELD maildir
MYSQL_NAME_FIELD name
MYSQL_OPT 0
MYSQL_PASSWORD    xxxxxxxxxx
MYSQL_PORT 3306
#MYSQL_QUOTA_FIELD quota
MYSQL_SERVER        127.0.0.1
MYSQL_UID_FIELD 80
MYSQL_USERNAME    root
MYSQL_USER_TABLE mailbox保存退出进入/usr/local/lib/sasl2/新建文件smtpd.confpwcheck_method: authdaemond
log_level: 3
mech_list: PLAIN LOGIN
authdaemond_path: /var/run/authdaemond/socket保存退出然后进入/etc,修改rc.conf,参加clamav_clamd_enable="YES"
clamav_freshclam_enable="YES"
clamav_milter_enable="YES"
spamd_enable="YES"

sendmail_enable="NONE"
sendmail_submit_enable="NO"
sendmail_outbound_enbale="NO"
#sendmail_msp_queue_enable="NO"
postfix_enable="YES"
courier_authdaemond_enable="YES"
courier_imap_imapd_enable="YES"
courier_imap_imapd_ssl_enable="YES"
courier_imap_pop3d_enable="YES"
courier_imap_pop3d_ssl_enable="YES"
amavisd_enable="YES"
amavisd_pidfile="/var/amavis/amavisd.pid"
amavisd_ram="512m"
amavis_milter_enable="YES"
amavis_p0fanalyzer_enable="YES"
amavis_p0fanalyzer_p0f_filter="tcp dst port 25"重启电脑,假如你不想重启,就在/etc下运转#sh rc#rehash#newaliases
假如你还想运用ssl的imap或pop3,就需求用openssl生成比较合法的pem文件
5.装置webmail进入/usr/ports/mail/atmail履行make config[X] MBSTRING
[X] ICONV履行make install clean完结,这儿需求阐明,atmail装置完结后,你需求去/usr/local/www/atmail下面履行#php lang.php all然后你才干运用中文,不然你只要英文能够用。可是默许没有简体中文,只要繁体的。
imapd和postfix有任何问题能够去/var/log/maillog里边tail盯梢。
版权声明
本文来源于网络,版权归原作者所有,其内容与观点不代表威尼斯人立场。转载文章仅为传播更有价值的信息,如采编人员采编有误或者版权原因,请与我们联系,我们核实后立即修改或删除。

猜您喜欢的文章