*BSD中文用户社区

代码: 全选

$ grep -v ^# /etc/inetd.conf
ident           stream  tcp     nowait  _identd /usr/libexec/identd     identd -el
ident           stream  tcp6    nowait  _identd /usr/libexec/identd     identd -el
127.0.0.1:comsat dgram  udp     wait    root    /usr/libexec/comsat     comsat
[::1]:comsat    dgram   udp6    wait    root    /usr/libexec/comsat     comsat
daytime         stream  tcp     nowait  root    internal
daytime         stream  tcp6    nowait  root    internal
time            stream  tcp     nowait  root    internal
time            stream  tcp6    nowait  root    internal
$

代码: 全选

# pkill -HUP inetd

代码: 全选

# cd /usr/ports/mail/postfix/snapshot
# env FLAVOR="mysql sasl2" make install

代码: 全选

# Directory containing all the post* commands
command_directory = /usr/local/sbin
# Directory containing all the Postfix daemon programs
daemon_directory = /usr/local/libexec/postfix
# Location of the Postfix queue and root directory of chrooted Postfix daemons
queue_directory = /var/spool/postfix
 
# Full pathnames of various Postfix commands
sendmail_path = /usr/local/sbin/sendmail
newaliases_path = /usr/local/sbin/newaliases
mailq_path = /usr/local/sbin/mailq
 
# Directories containing documentation
html_directory = /usr/local/share/doc/postfix/html
manpage_directory = /usr/local/man
readme_directory = /usr/local/share/doc/postfix/readme
 
# The owner of the Postfix queue and of most Postfix daemon processes
mail_owner = _postfix
# The group for mail submission and queue management commands
setgid_group = _postdrop
 
# The myhostname parameter specifies the internet hostname of this mail system. It is
# used as default for many other configuration parameters (default = system's FQDN)
myhostname = mail.kernel-panic.it
 
# The internet domain name of this mail system. Used as default for many other
# configuration parameters (default = $myhostname minus the first component)
mydomain = kernel-panic.it
 
# The domain name that locally-posted mail appears to come from, and that locally posted
# mail is delivered to. As you can see, a parameter value may refer to other parameters
myorigin = $myhostname
 
# Network interface addresses that this mail system receives mail on
inet_interfaces = all
 
# Network interface addresses that this mail system receives mail on by way of a
# proxy or NAT unit
proxy_interfaces = router.kernel-panic.it
 
# List of domains that this machine considers itself the final destination for.
# Virtual domains must not be specified here
mydestination = $myhostname, localhost.$mydomain, localhost
 
# List of "trusted" SMTP clients allowed to relay mail through Postfix.
mynetworks = 127.0.0.0/8, 172.16.0.0/24, 172.16.240.0/24
 
# What destination (sub)domains this system will relay mail to
relay_domains = $mydestination
 
# The default host to send mail to when no entry is matched in the optional
# transport(5) table. Square brackets turn off MX lookups
relayhost = [smtp.isp.com]
 
# List of alias databases used by the local delivery agent
alias_maps = hash:/etc/postfix/aliases
 
# Alias database(s) built with "newaliases" or "sendmail -bi". This is a separate
# configuration parameter, because alias_maps may specify tables that are not
# necessarily all under control by Postfix
alias_database = hash:/etc/postfix/aliases
 
# SMTP greeting banner
smtpd_banner = $myhostname ESMTP $mail_name
 
# Postfix is final destination for the specified list of "virtual" domains
virtual_mailbox_domains = kernel-panic.it
 
# Virtual mailboxes base directory
virtual_mailbox_base = /var/vmail
 
# Optional lookup tables with all valid addresses in the domains that match
# $virtual_mailbox_domains.
virtual_mailbox_maps = hash:/etc/postfix/vmailbox
 
# The minimum user ID value accepted by the virtual(8) delivery agent
virtual_minimum_uid = 2000
 
# User ID that the virtual(8) delivery agent uses while writing to the recipient's mailbox
virtual_uid_maps = static:2000
 
# Group ID that the virtual(8) delivery agent uses while writing to the recipient's mailbox
virtual_gid_maps = static:2000
 
# Optional lookup tables that alias specific mail addresses or domains to other local or
# remote address
virtual_alias_maps = hash:/etc/postfix/virtual

代码: 全选

# useradd -d /var/vmail -g =uid -u 2000 -s /sbin/nologin \
> -c "Virtual Mailboxes Owner" -m vmail

代码: 全选

info@kernel-panic.it          kernel-panic.it/info/
d.mazzocchio@kernel-panic.it  kernel-panic.it/d.mazzocchio/
[...]

代码: 全选

root@kernel-panic.it        root@localhost.kernel-panic.it
postmaster@kernel-panic.it    postmaster@localhost.kernel-panic.it
abuse@kernel-panic.it        postmaster@localhost.kernel-panic.it
[...]

代码: 全选

root: d.mazzocchio@kernel-panic.it
MAILER-DAEMON: postmaster
postmaster: root
bin: root
[...]

代码: 全选

# /usr/local/sbin/postmap /etc/postfix/vmailbox
# /usr/local/sbin/postmap /etc/postfix/virtual
# /usr/local/sbin/newaliases

代码: 全选

# /usr/local/sbin/postfix-enable
old /etc/mailer.conf saved as /etc/mailer.conf.pre-postfix
postfix /etc/mailer.conf enabled
 
NOTE: do not forget to add sendmail_flags="-bd" to
      /etc/rc.conf.local to startup postfix correctly.
 
NOTE: do not forget to add "-a /var/spool/postfix/dev/log" to
      syslogd_flags in /etc/rc.conf.local and restart syslogd.
 
NOTE: do not forget to remove the "sendmail clientmqueue runner"
      from root's crontab.
#

代码: 全选

# sendmail clientmqueue runner
#*/30 * * * * /usr/sbin/sendmail -L sm-msp-queue -Ac -q

代码: 全选

# Specify a location where syslogd(8) should place an additional log socket
# for Postfix
syslogd_flags="-a /var/spool/postfix/dev/log"
 
# Make Postfix start in background and process queued messages every 30 min
sendmail_flags="-bd"

代码: 全选

# chgrp _postdrop /usr/local/sbin/postqueue /usr/local/sbin/postdrop
# chmod 2755 /usr/local/sbin/postqueue /usr/local/sbin/postdrop
# pkill syslogd
# syslogd -a /var/empty/dev/log -a /var/spool/postfix/dev/log
# pkill sendmail
# /usr/local/sbin/sendmail -bd
postfix/postfix-script: starting the Postfix mail system

代码: 全选

# telnet mail.kernel-panic.it 25
Trying 172.16.240.150...
Connected to mail.kernel-panic.it.
Escape character is '^]'.
220 mail.kernel-panic.it ESMTP Postfix
HELO somedomain.org
250 mail.kernel-panic.it
mail from: someone@somedomain.org
250 Ok
rcpt to: d.mazzocchio@kernel-panic.it
250 Ok
data
354 End data with <CR><LF>.<CR><LF>
From: someone@somedomain.org
To: d.mazzocchio@kernel-panic.it
Subject: Test mail
 
It works!
.
250 Ok: queued as 548D7286
quit
221 Bye
Connection closed by foreign host.
# tail /var/log/maillog
Dec 16 15:26:35 mail postfix/smtpd[29212]: connect from ws1.lan.kernel-panic.it[172.16.0.15]
Dec 16 15:26:53 mail postfix/smtpd[29212]: 57076222: client=ws1.lan.kernel-panic.it[172.16.0.15]
Dec 16 15:27:02 mail postfix/cleanup[13428]: 57076222: message-id=<20070210142653.57076222@mail.kernel-panic.it>
Dec 16 15:27:02 mail postfix/qmgr[26776]: 57076222: from=<someone@somedomain.org>, size=392, nrcpt=1 (queue active)
Dec 16 15:27:02 mail postfix/virtual[14381]: 57076222: to=<d.mazzocchio@kernel-panic.it>, relay=virtual, delay=15,
delays=15/0.28/0/0.03, dsn=2.0.0, status=sent (delivered to maildir)
Dec 16 15:27:02 mail postfix/qmgr[26776]: 57076222: removed
Dec 16 15:27:06 mail postfix/smtpd[29212]: disconnect from ws1.lan.kernel-panic.it[172.16.0.15]
# cat /var/vmail/kernel-panic.it/d.mazzocchio/new/1118146014.V3I9448M811660.mail.kernel-panic.it
Return-Path: <someone@somedomain.org>
X-Original-To: d.mazzocchio@kernel-panic.it
Delivered-To: d.mazzocchio@kernel-panic.it
Received: from somedomain.org (ws1.lan.kernel-panic.it [172.16.0.15])
    by mail.kernel-panic.it (Postfix) with SMTP id 57076222
    for <d.mazzocchio@kernel-panic.it> Sat, 16 Dec 2007 15:26:47 +0100 (CET)
From: someone@somedomain.org
To: d.mazzocchio@kernel-panic.it
Subject: Test mail
Message-Id: <20070210142653.57076222@mail.kernel-panic.it>
Date: Sat, 16 Dec 2007 15:26:47 +0100 (CET)
 
It works!
#

代码: 全选

# cp /usr/local/share/mysql/my-small.cnf /etc/my.cnf

代码: 全选

bind-address = 127.0.0.1

代码: 全选

# /usr/local/bin/mysql_install_db
[ ... ]
# mysqld_safe &
[ ... ]
# /usr/local/bin/mysql_secure_installation
[ ... ]
Enter current password for root (enter for none): <Enter>
OK, successfully used password, moving on...
[ ... ]
Set root password? [Y/n] Y
New password: root
Re-enter new password: root
Password updated successfully!
[ ... ]
Remove anonymous users? [Y/n] Y
 ... Success!
[ ... ]
Disallow root login remotely? [Y/n] Y
 ... Success!
[ ... ]
Remove test database and access to it? [Y/n] Y
 - Dropping test database...
 ... Success!
 - Removing privileges on test database...
 ... Success!
[ ... ]
Reload privilege tables now? [Y/n] Y
 ... Success!
[ ... ]
#

代码: 全选

if [ -x /usr/local/bin/mysqld_safe ]; then
    echo -n ' MySQL'
    /usr/local/bin/mysqld_safe >/dev/null 2>&1 &
fi

代码: 全选

virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailboxes.cf
virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf

代码: 全选

# mysql -u root -p
password: root
mysql> CREATE DATABASE mail;
Query OK, 1 row affected (0.01 sec)
 
mysql> use mail
Database changed
mysql> CREATE TABLE domains (
    ->        id       INT NOT NULL PRIMARY KEY AUTO_INCREMENT,
    ->        domain   VARCHAR(255) NOT NULL UNIQUE);
Query OK, 0 rows affected (0.02 sec)
 
mysql> CREATE TABLE users (
    ->        id       INT NOT NULL PRIMARY KEY AUTO_INCREMENT,
    ->        login    VARCHAR(255) NOT NULL UNIQUE,
    ->        name     VARCHAR(255) NOT NULL,
    ->        password CHAR(13) NOT NULL,
    ->        uid      SMALLINT NOT NULL DEFAULT 2000,
    ->        gid      SMALLINT NOT NULL DEFAULT 2000,
    ->        home     VARCHAR(255) NOT NULL DEFAULT '/var/vmail',
    ->        maildir  VARCHAR(255) NOT NULL,
    ->        quota    VARCHAR(10)  NOT NULL DEFAULT '10000000S');
Query OK, 0 rows affected (0.01 sec)
 
mysql> CREATE TABLE alias_maps (
    ->        id       INT NOT NULL PRIMARY KEY AUTO_INCREMENT,
    ->        account  VARCHAR(255) NOT NULL UNIQUE,
    ->        alias    VARCHAR(255) NOT NULL);
Query OK, 0 rows affected (0.00 sec)
 
mysql> GRANT SELECT ON mail.* to 'vmail'@'localhost' IDENTIFIED BY 'vmail';
Query OK, 0 rows affected (0.01 sec)
 
mysql> INSERT INTO domains (domain) VALUES ('kernel-panic.it');
Query OK, 1 row affected (0.01 sec)
 
mysql> INSERT INTO users (login, name, password, maildir)
    -> VALUES ('d.mazzocchio@kernel-panic.it', 'Daniele Mazzocchio', ENCRYPT('danix'),
    ->         'kernel-panic.it/d.mazzocchio/');
Query OK, 1 row affected (0.01 sec)
 
mysql> INSERT INTO alias_maps (account, alias)
    -> VALUES ('postmaster@kernel-panic.it', 'postmaster@localhost.kernel-panic.it');
Query OK, 1 row affected (0.00 sec)
 
mysql> INSERT INTO alias_maps (account, alias)
    -> VALUES ('root@kernel-panic.it', 'root@localhost.kernel-panic.it');
Query OK, 1 row affected (0.00 sec)

代码: 全选

user = vmail
password = vmail
 
# solution 1:
# hosts = db_server_name
# Solution 2: skip this parameter
# Solution 3 (this file is required only by chrooted processes):
# hosts = unix:/mysql/mysql.sock
# Solution 4:
hosts = 127.0.0.1
 
dbname = mail
query = SELECT domain FROM domains WHERE domain='%s'

代码: 全选

user = vmail
password = vmail
 
# solution 1:
# hosts = db_server_name
# Solution 2: skip this parameter
# Solution 3 (this file is required only by chrooted processes):
# hosts = unix:/mysql/mysql.sock
# Solution 4:
hosts = 127.0.0.1
 
dbname = mail
query = SELECT alias FROM alias_maps WHERE account='%s'

代码: 全选

user = vmail
password = vmail
 
# solution 1:
# hosts = db_server_name
# Solution 2: skip this parameter
# Solution 3 (this file is required by both chrooted and non-chrooted processes):
# hosts = unix:/mysql/mysql.sock unix:/var/spool/postfix/mysql/mysql.sock
# Solution 4:
hosts = 127.0.0.1
 
dbname = mail
query = SELECT maildir FROM users WHERE login='%s'

代码: 全选

# postfix reload
postfix/postfix-script: refreshing the Postfix mail system

代码: 全选

[ ... ]
authmodulelist="authmysql"
[ ... ]

代码: 全选

MYSQL_SERVER         127.0.0.1
MYSQL_USERNAME       vmail
MYSQL_PASSWORD       vmail
# If you connect through the socket:
#MYSQL_SOCKET         /path/to/mysql.sock
#MYSQL_PORT           0
MYSQL_PORT           3306
MYSQL_OPT            0
MYSQL_DATABASE       mail
MYSQL_USER_TABLE     users
MYSQL_CRYPT_PWFIELD  password
MYSQL_DEFAULT_DOMAIN kernel-panic.it
MYSQL_UID_FIELD      uid
MYSQL_GID_FIELD      gid
MYSQL_LOGIN_FIELD    login
MYSQL_HOME_FIELD     home
MYSQL_NAME_FIELD     name
MYSQL_MAILDIR_FIELD  maildir
MYSQL_QUOTA_FIELD    quota
# MYSQL_WHERE_CLAUSE    field=value AND field=value...

代码: 全选

# /usr/local/sbin/mkimapdcert
[ ... ]

代码: 全选

# mkdir -p /var/run/courier{,-auth}/
# /usr/local/sbin/authdaemond start
# /usr/local/libexec/imapd.rc start
# /usr/local/libexec/imapd-ssl.rc start

代码: 全选

echo -n ' Courier-IMAP'
/bin/mkdir -p /var/run/courier{,-auth}/
[ -x /usr/local/sbin/authdaemond ] && /usr/local/sbin/authdaemond start
[ -x /usr/local/libexec/imapd.rc ] && /usr/local/libexec/imapd.rc start
[ -x /usr/local/libexec/imapd-ssl.rc ] && /usr/local/libexec/imapd-ssl.rc start

代码: 全选

#!/usr/bin/env python
 
import imaplib
 
# Constants
IMAP_SRV = "mail.kernel-panic.it"
USER     = "d.mazzocchio@kernel-panic.it"
PASSWD   = "danix"
 
# Connect to server
imap_srv = imaplib.IMAP4(IMAP_SRV)
imap_srv.login(USER, PASSWD)
 
# Select the INBOX folder
imap_srv.select()
 
# Retrieve message list
msg_nums = imap_srv.search(None, 'ALL')[1]
 
# Print all messages
for num in msg_nums[0].split():
    msg = imap_srv.fetch(num, '(RFC822)')[1]
    print 'Message %s\n%s\n' % (num, msg[0][1])
 
# Disconnect from server
imap_srv.close()
imap_srv.logout()

代码: 全选

# /usr/local/sbin/mkpop3dcert
[ ... ]
# /usr/local/libexec/pop3d.rc start
# /usr/local/libexec/pop3d-ssl.rc start

代码: 全选

[ -x /usr/local/libexec/pop3d.rc ] && /usr/local/libexec/pop3d.rc start
[ -x /usr/local/libexec/pop3d-ssl.rc ] && /usr/local/libexec/pop3d-ssl.rc start

代码: 全选

# telnet mail.kernel-panic.it 110
Trying 172.16.240.150...
Connected to mail.kernel-panic.it.
Escape character is '^]'.
+OK Hello there.
user d.mazzocchio@kernel-panic.it
+OK Password required.
pass danix
+OK logged in.
list
1 2531
[ ... ]
quit
+OK Bye-bye.
Connection closed by foreign host.
#

代码: 全选

# /usr/local/bin/maildirmake -q 10000000S /var/vmail/kernel-panic.it/d.mazzocchio
# chown vmail /var/vmail/kernel-panic.it/d.mazzocchio/maildirsize

代码: 全选

[ ... ]
qdeliver  unix  -       n       n       -       -       pipe
  flags=uh user=vmail argv=/usr/local/bin/deliverquota -c -w 90 /var/vmail/${domain}/${user}

代码: 全选

virtual_transport = qdeliver

代码: 全选

qdeliver_destination_concurrency_limit = 1
qdeliver_destination_recipient_limit = 1

代码: 全选

rewrite_header    Subject    ***** SPAM *****
report_safe    1
lock_method    flock
required_score    8.0

代码: 全选

DatabaseDirectory    /var/db/clamav
DatabaseOwner        _clamav
DNSDatabaseInfo        current.cvd.clamav.net
DatabaseMirror        db.it.clamav.net
DatabaseMirror        database.clamav.net
MaxAttempts        3
checks            24

代码: 全选

# freshclam
ClamAV update process started at Tue Dec 18 00:35:25 2007
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.90.3 Recommended version: 0.92
DON'T PANIC! Read http://www.clamav.net/support/faq
Downloading main.cvd [100%]
main.cvd updated (version: 45, sigs: 169676, f-level: 21, builder: sven)
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Current functionality level = 16, recommended = 21
DON'T PANIC! Read http://www.clamav.net/support/faq
Downloading daily.cvd [100%]
daily.cvd updated (version: 5160, sigs: 8698, f-level: 21, builder: sven)
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Current functionality level = 16, recommended = 21
DON'T PANIC! Read http://www.clamav.net/support/faq
Database updated (178374 signatures) from db.it.clamav.net (IP: 193.206.139.37)
#

代码: 全选

16 * * * * /usr/local/bin/freshclam >/dev/null 2>&1

代码: 全选

DatabaseDirectory    /var/db/clamav
LocalSocket        /var/clamav/clamd.sock
User            _clamav
[...]

代码: 全选

# touch /var/log/clamd.log
# chown _clamav /var/log/clamd.log
# clamd

代码: 全选

if [ -x /usr/local/sbin/clamd ]; then
    echo -n ' clamd'
    [ -S /var/clamav/clamd.sock ] && rm -f /var/clamav/clamd.sock
    /usr/local/sbin/clamd >/dev/null 2>&1
fi

代码: 全选

# COMMONLY ADJUSTED SETTINGS:
 
$max_servers = 2;
$daemon_user  = '_clamav';     # Run under the same user as ClamAV
$daemon_group = '_clamav';     # Run under the same group as ClamAV
 
$mydomain = 'kernel-panic.it';
 
$MYHOME   = '/var/amavisd';
$TEMPBASE = "$MYHOME/tmp";   # Working directory, needs to be created manually
$ENV{TMPDIR} = $TEMPBASE;
$QUARANTINEDIR = '/var/clamav/quarantine';
 
[...]
 
# Leave only ClamAV uncommented
@av_scanners = (
  ['ClamAV-clamd',
    \&ask_daemon, ["CONTSCAN {}\n", "/var/clamav/clamd.sock"],
    qr/\bOK$/, qr/\bFOUND$/,
    qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
);
 
[...]
 
# Leave only ClamAV uncommented
@av_scanners_backup = (
  ['ClamAV-clamscan', 'clamscan',
    "--stdout --disable-summary -r --tempdir=$TEMPBASE {}", [0], [1],
    qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
);
 
1;

代码: 全选

# mkdir /var/amavisd/tmp
# chown -R _clamav:_clamav /var/amavisd/
# /usr/local/sbin/amavisd debug
Dec 18 22:07:11 mail.kernel-panic.it /usr/local/sbin/amavisd[24429]: starting.
/usr/local/sbin/amavisd at mail.kernel-panic.it amavisd-new-2.3.2 (20050629), Unicode aware
Dec 18 22:07:11 mail.kernel-panic.it /usr/local/sbin/amavisd[24429]: user=,
EUID: 0 (0);  group=, EGID: 0 31 20 5 4 3 2 0 (0 31 20 5 4 3 2 0)
Dec 18 22:07:11 mail.kernel-panic.it /usr/local/sbin/amavisd[24429]: Perl version               5.008008
[...]

代码: 全选

if [ -x /usr/local/sbin/amavisd ]; then
    echo -n ' amavisd'
    /usr/local/sbin/amavisd >/dev/null 2>&1
fi

代码: 全选

smtp-amavis unix -    -    -    -    2  smtp
    -o smtp_data_done_timeout=1200
    -o smtp_send_xforward_command=yes
    -o disable_dns_lookups=yes
    -o max_use=20
 
127.0.0.1:10025 inet n    -    -    -    -  smtpd
    -o content_filter=
    -o local_recipient_maps=
    -o relay_recipient_maps=
    -o smtpd_restriction_classes=
    -o smtpd_delay_reject=no
    -o smtpd_client_restrictions=permit_mynetworks,reject
    -o smtpd_helo_restrictions=
    -o smtpd_sender_restrictions=
    -o smtpd_recipient_restrictions=permit_mynetworks,reject
    -o mynetworks_style=host
    -o mynetworks=127.0.0.0/8
    -o strict_rfc821_envelopes=yes
    -o smtpd_error_sleep_time=0
    -o smtpd_soft_error_limit=1001
    -o smtpd_hard_error_limit=1000
    -o smtpd_client_connection_count_limit=0
    -o smtpd_client_connection_rate_limit=0
    -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks

代码: 全选

# postconf -e 'content_filter=smtp-amavis:[127.0.0.1]:10024'
# postfix reload
postfix/postfix-script: refreshing the Postfix mail system

代码: 全选

# install -m 700 -d /etc/postfix/ssl/private

代码: 全选

# openssl req -days 3650 -nodes -new -x509 -keyout /etc/ssl/private/ca.key \
> -out /etc/ssl/ca.crt
[ ... ]
Country Name (2 letter code) []: IT
State or Province Name (full name) []: Italy
Locality Name (eg, city) []: Milan
 
Organization Name (eg, company) []: Kernel Panic Inc.
Organizational Unit Name (eg, section) []: Postfix CA
Common Name (eg, fully qualified host name) []: ca.lan.kernel-panic.it
Email Address []: <enter>
#

代码: 全选

# openssl req -days 3650 -nodes -new -keyout /etc/postfix/ssl/private/server.key \
> -out /etc/postfix/ssl/private/server.csr
[ ... ]
Country Name (2 letter code) []: IT
State or Province Name (full name) []: Italy
Locality Name (eg, city) []: Milan
 
Organization Name (eg, company) []: Kernel Panic Inc.
Organizational Unit Name (eg, section) []: Postfix Server
Common Name (eg, fully qualified host name) []: mail.kernel-panic.it
Email Address []: <enter>
 
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []: <enter>
An optional company name []: <enter>
 
#

代码: 全选

# openssl x509 -req -days 3650 -in /etc/postfix/ssl/private/server.csr \
> -out /etc/postfix/ssl/server.crt -CA /etc/ssl/ca.crt \
> -CAkey /etc/ssl/private/ca.key -CAcreateserial
 
Signature ok
subject=/C=IT/ST=Italy/L=Milan/O=Kernel Panic Inc./OU=Postfix Server/CN=mail.kernel-panic.it
Getting CA Private Key
#

代码: 全选

# Enable (optional) TLS encryption
smtpd_tls_security_level = may
# Enable logging of TLS handshake and certificate information
smtpd_tls_loglevel = 1
 
# TLS certificates
smtpd_tls_cert_file = /etc/postfix/ssl/server.crt
smtpd_tls_key_file = /etc/postfix/ssl/private/server.key
smtpd_tls_CAfile = /etc/ssl/ca.crt
 
# External entropy source for the pseudo random number generator pool.
# Specify /dev/arandom when /dev/urandom gives timeout errors.
tls_random_source = dev:/dev/urandom

代码: 全选

smtps     inet  n       -       n       -       -       smtpd
  -o smtpd_tls_wrappermode=yes
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
  -o milter_macro_daemon_name=ORIGINATING

代码: 全选

# postfix reload
postfix/postfix-script: refreshing the Postfix mail system

代码: 全选

# Enable SASL authentication in the Postfix SMTP server
smtpd_sasl_auth_enable = yes
 
# Only accept mail from trusted networks, authenticated clients or mail with
# a 'RCPT TO' address that Postfix is forwarder or final destination for
smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated 
  reject_unauth_destination
 
# Enable inter-operability with old SMTP clients
broken_sasl_auth_clients = yes
 
# Name of the Postfix SMTP server's local SASL authentication realm
smtpd_sasl_local_domain = $mydomain

代码: 全选

pwcheck_method: authdaemond
authdaemond_path: /var/run/courier-auth/socket
mech_list: PLAIN LOGIN

代码: 全选

smtp inet n - n - - smtpd
[ ... ]

代码: 全选

# postfix reload
postfix/postfix-script: refreshing the Postfix mail system

代码: 全选

$ perl -MMIME::Base64 -e 'print encode_base64("\0d.mazzocchio\@kernel-panic.it\0danix");'
AGQubWF6em9jY2hpb0BrZXJuZWwtcGFuaWMuaXQAZGFuaXg=
$ telnet mail.kernel-panic.it 25
Trying 172.16.240.150...
Connected to mail.kernel-panic.it.
Escape character is '^]'.
220 mail.kernel-panic.it ESMTP Postfix
EHLO somedomain.org
250-mail.kernel-panic.it
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
AUTH PLAIN AGQubWF6em9jY2hpb0BrZXJuZWwtcGFuaWMuaXQAZGFuaXg=
235 2.0.0 Authentication successful
quit
221 2.0.0 Bye
Connection closed by foreign host.
$

代码: 全选

# ln -s /var/www/conf/modules.sample/php5.conf /var/www/conf/modules
# ln -fs /var/www/conf/php5.sample/mbstring.ini /var/www/conf/php5/mbstring.ini

代码: 全选

AddType application/x-httpd-php .php

代码: 全选

# apachectl restart
/usr/sbin/apachectl restart: httpd restarted

代码: 全选

# tar -zxvf squirrelmail-x.x.x.tar.gz -C /var/www/htdocs
# mv /var/www/htdocs/squirrelmail-x.x.x /var/www/htdocs/webmail

代码: 全选

# install -d -o www -g www  /var/www/squirrelmail/data
# install -d -g www -m 730 /var/www/squirrelmail/attachments
# install -d -o www -g www -m 700 /var/www/tmp