1.安裝EXIM
cd /usr/ports/mail/exim
make install clean
設定要收信的DOMAIN資料
ee /usr/local/etc/exim/configure
primary_hostname = 主機名稱(要以FQND為主)
domainlist local_domains = @ : test.com.tw (要收信的DOMAIN)
domainlist relay_to_domains = test.com.tw (要收信的DOMAIN)
hostlist relay_from_hosts = localhost : 127.0.0.1 (LOCAL IP)
若要增加SMTP驗證發信請在最下面加入
##### SMTP驗證 #####
login:
driver = plaintext
public_name = LOGIN
server_prompts = "Username:: : Password::"
server_condition = "${if crypteq{$2}{${extract{1}{:}{${lookup{$1}lsearch{/usr/local/etc/exim/exim.passwd}{$value}{*:*}}}}}{1}{0}}"
server_set_id = $1
cd /usr/ports/mail/exim
make install clean
設定要收信的DOMAIN資料
ee /usr/local/etc/exim/configure
primary_hostname = 主機名稱(要以FQND為主)
domainlist local_domains = @ : test.com.tw (要收信的DOMAIN)
domainlist relay_to_domains = test.com.tw (要收信的DOMAIN)
hostlist relay_from_hosts = localhost : 127.0.0.1 (LOCAL IP)
若要增加SMTP驗證發信請在最下面加入
##### SMTP驗證 #####
login:
driver = plaintext
public_name = LOGIN
server_prompts = "Username:: : Password::"
server_condition = "${if crypteq{$2}{${extract{1}{:}{${lookup{$1}lsearch{/usr/local/etc/exim/exim.passwd}{$value}{*:*}}}}}{1}{0}}"
server_set_id = $1
ee /usr/local/etc/rc.d/eximpasswd.sh --新增此檔
#!/bin/sh
awk -F: '
/^(sash)?root:/ { next }
/^[^:]*:.[^:]/ { print $1 ":" $2 }
' /etc/master.passwd > /usr/local/etc/exim/auth.passwd.tmp
awk -F: '
/^(sash)?root:/ { next }
/^[^:]*:.[^:]/ { print $1 ":" $2 }
' /etc/master.passwd > /usr/local/etc/exim/auth.passwd.tmp
mv /usr/local/etc/exim/auth.passwd.tmp /usr/local/etc/exim/passwd
設定權限
chmod 755 /usr/local/etc/rc.d/eximpasswd.sh
設定每10分鐘COPY一次密碼
ee /etc/crontab
*/10 * * * * root /usr/local/etc/rc.d/eximpasswd.sh
chmod 755 /usr/local/etc/rc.d/eximpasswd.sh
設定每10分鐘COPY一次密碼
ee /etc/crontab
*/10 * * * * root /usr/local/etc/rc.d/eximpasswd.sh
設定開機啟動
ee /etc/rc.conf
sendmail_enable="NONE"
exim_enable="YES"
ee /etc/rc.conf
sendmail_enable="NONE"
exim_enable="YES"
2.安裝POP3(cucipop)
cd /usr/ports/mail/cucipop/
make install clean
執行檔是: /usr/local/libexec/cucipop
開機自動執行:
a.檔案: ee /usr/local/etc/rc.d/cucipop.sh (自己新增檔案)
內容如下:
/usr/local/libexec/cucipop -YaSE 2M (此參數表示超過兩個月的信砍之)
b.變更權限:
chmod 700 /usr/local/etc/rc.d/cucipop.sh
c.手動啟動
/usr/local/etc/rc.d/cucipop.sh
cd /usr/ports/mail/cucipop/
make install clean
執行檔是: /usr/local/libexec/cucipop
開機自動執行:
a.檔案: ee /usr/local/etc/rc.d/cucipop.sh (自己新增檔案)
內容如下:
/usr/local/libexec/cucipop -YaSE 2M (此參數表示超過兩個月的信砍之)
b.變更權限:
chmod 700 /usr/local/etc/rc.d/cucipop.sh
c.手動啟動
/usr/local/etc/rc.d/cucipop.sh
3.安裝openwebmail
因為SUIDPERL的安全性問題所以要移除重裝
cd /usr/ports/lang/perl5.8/
make deinstall clean
make -DENABLE_SUIDPERL install clean
因為SUIDPERL的安全性問題所以要移除重裝
cd /usr/ports/lang/perl5.8/
make deinstall clean
make -DENABLE_SUIDPERL install clean
cd /usr/ports/mail/openwebmail
make all install clean
設定檔在 ee /usr/local/www/cgi-bin/openwebmail/etc/openwebmail.conf
enable_sshterm no -關閉ssh的方式
make all install clean
設定檔在 ee /usr/local/www/cgi-bin/openwebmail/etc/openwebmail.conf
enable_sshterm no -關閉ssh的方式
4.安裝Clamav
cd /usr/ports/security/clamav
make install clean
在 ee /etc/crontab 檔案中在root欄位中加入:
0 6,18 * * * clamav /usr/local/bin/freshclam --quiet -l /var/log/clam-update.log
即每天上午 6 點和下午 6 點各更新一次病毒碼資料庫
cd /usr/ports/security/clamav
make install clean
在 ee /etc/crontab 檔案中在root欄位中加入:
0 6,18 * * * clamav /usr/local/bin/freshclam --quiet -l /var/log/clam-update.log
即每天上午 6 點和下午 6 點各更新一次病毒碼資料庫
mkdir /var/run/clamav/clamd
ee /usr/local/etc/clamd.conf
# Path to a local socket file the daemon will listen on.
# Default: disabled
#LocalSocket /var/run/clamav/clamd
LocalSocket /tmp/clamd
DatabaseDirectory /usr/local/share/clamav 要變成
DatabaseDirectory /var/db/clamav
ee /usr/local/etc/clamd.conf
# Path to a local socket file the daemon will listen on.
# Default: disabled
#LocalSocket /var/run/clamav/clamd
LocalSocket /tmp/clamd
DatabaseDirectory /usr/local/share/clamav 要變成
DatabaseDirectory /var/db/clamav
User clamav 變更成
User vscan
5.安裝amavisd-new
cd /usr/ports/security/amavisd-new
make install clean
設定amavisd-new的設定檔
ee /usr/local/etc/amavisd.conf
$mydomain = 'my-domain.ru'; ---修正DOMAIN
$forward_method = 'smtp:127.0.0.1:10025'; 移除前方的#
$notify_method = $forward_method; 增加一個
$inet_socket_port = 10024; --確定資料
@av_scanners = ( --這是選擇您的掃毒程式將不要的MARK掉要的開起來
### http://www.clamav.net/
['ClamAV-clamd',
# \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd"], --將此行變更成下面的
\&ask_daemon, ["CONTSCAN {}\n", "/tmp/clamd"],
cd /usr/ports/security/amavisd-new
make install clean
設定amavisd-new的設定檔
ee /usr/local/etc/amavisd.conf
$mydomain = 'my-domain.ru'; ---修正DOMAIN
$forward_method = 'smtp:127.0.0.1:10025'; 移除前方的#
$notify_method = $forward_method; 增加一個
$inet_socket_port = 10024; --確定資料
@av_scanners = ( --這是選擇您的掃毒程式將不要的MARK掉要的開起來
### http://www.clamav.net/
['ClamAV-clamd',
# \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd"], --將此行變更成下面的
\&ask_daemon, ["CONTSCAN {}\n", "/tmp/clamd"],
exim設定
ee /usr/local/etc/exim/configure
於hostlist relay_from_hosts =之下加入
local_interfaces = 0.0.0.0.25 : 127.0.0.1.10025
於[routers]處加入
amavis:
driver = manualroute
condition = "${if eq {$interface_port}{10025} {0}{1}}"
# if scanning incoming mails, uncomment the following line and
# change local_domains accordingly
# domains = +local_domains
transport = amavis
route_list = "* localhost byname"
self = send
於[transports]處加入
amavis:
driver = smtp
port = 10024
allow_localhost
amavis:
driver = manualroute
condition = "${if eq {$interface_port}{10025} {0}{1}}"
# if scanning incoming mails, uncomment the following line and
# change local_domains accordingly
# domains = +local_domains
transport = amavis
route_list = "* localhost byname"
self = send
於[transports]處加入
amavis:
driver = smtp
port = 10024
allow_localhost
6.安裝SpamAssassin
cd /usr/ports/mail/spamd/
make install clean
cp /usr/local/etc/spamd.conf.sample /usr/local/etc/spamd.conf
ee /usr/local/etc/spamd.conf
# Enable the Bayes system. 使用貝氏學習系統
use_bayes 1
ee /usr/local/etc/spamd.conf
# Enable the Bayes system. 使用貝氏學習系統
use_bayes 1
# Enable Bayes auto-learning. 開起貝氏自動學習功能
auto_learn 1
auto_learn 1
# Enable or Disable network checks. 略過 RBLs 之檢查
skip_rbl_checks 0
skip_rbl_checks 0
# Whitelist . 白色清單,判定加 -100 分
#whitelist_from *@yahoo.com.tw *@yahoo.com.hk *@yahoogroups.com.hk
#whitelist_from rika@rika.idv.tw
#whitelist_from *@yahoo.com.tw *@yahoo.com.hk *@yahoogroups.com.hk
#whitelist_from rika@rika.idv.tw
rc.conf 設定 --此處要注意優先順序
ee /etc/rc.conf
spamd_enable="YES"
amavisd_enable="YES"
clamav_clamd_enable="YES"
clamav_freshclam_enable="YES"
exim_enable="YES"
細部調整說明
AMaViSd-new
#$QUARANTINEDIR = '/var/virusmails'; --信件預設會保留在該資料夾若不想保留請註解掉即可
#$QUARANTINEDIR = '/var/virusmails'; --信件預設會保留在該資料夾若不想保留請註解掉即可
AMaViSd-new 會呼叫 Mail::SpamAssassin 計算 Hit,分數越高的越可能是廣告信。
$sa_auto_whitelist = 1; # 啟用自動學習白名單 White List
$sa_mail_body_size_limit = 200*1024; # 超過某個特定大小的郵件就不經過 SpamAssassin 的掃瞄。
$sa_tag_level_deflt = 2.0; # 超過這個分數標準者,視為垃圾郵件打分數。
$sa_tag2_level_deflt = 6.3; # 超過這個分數標準者,才允許在郵件標頭加入 Spam 資訊。
$sa_kill_level_deflt = 30 ; # 超過這個標準者,就直接將信件備份後刪除。
$sa_auto_whitelist = 1; # 啟用自動學習白名單 White List
$sa_mail_body_size_limit = 200*1024; # 超過某個特定大小的郵件就不經過 SpamAssassin 的掃瞄。
$sa_tag_level_deflt = 2.0; # 超過這個分數標準者,視為垃圾郵件打分數。
$sa_tag2_level_deflt = 6.3; # 超過這個分數標準者,才允許在郵件標頭加入 Spam 資訊。
$sa_kill_level_deflt = 30 ; # 超過這個標準者,就直接將信件備份後刪除。
全站熱搜