OS: FreeBSD 9.1-release

安裝順序:安裝MailScanner之前一定要先裝Perl5.14才會正確編譯。

 

1. 安裝Perl 5.14

root@test:/ # cd /usr/ports/lang/perl5.14
root@test:/usr/ports/lang/perl5.14 # make install clean
使用內訂值安裝。
..............................
===> SECURITY REPORT:
      This port has installed the following files which may act as network
      servers and may therefore pose a remote security risk to the system.
/usr/local/lib/perl5/5.14.2/mach/CORE/libperl.so

      If there are vulnerabilities in these programs there may be a security
      risk to the system. FreeBSD makes no guarantee about the security of
      ports included in the Ports Collection. Please type 'make deinstall'
      to deinstall the port if this is a concern.

      For more information, and contact details about the security
      status of this software, see the following webpage:
http://www.perl.org/
===>  Cleaning for perl-5.14.2_3

 

2. Perl 5.14安裝完成後,隨即開始安裝MailScanner,現在在裝MailScanner時會一併安裝ClamAV和SpamAssassin。

root@test:/usr/ports/lang/perl5.14 # cd /usr/ports/mail/mailscanner/
root@test:/usr/ports/mail/mailscanner # make install

選擇:ClamAV Clamavmodule Spamassassin

............................

選擇:HTTPS
...........................

config: no rules were found!  Do you need to run 'sa-update'?

*******************************************************
* _  _  _ _______  ______ __   _ _____ __   _  ______ *
* |  |  | |_____| |_____/ | \  |   |   | \  | |  ____ *
* |__|__| |     | |    \_ |  \_| __|__ |  \_| |_____| *
*                                                     *
*******************************************************
*    You must install rules before starting spamd!    *
*******************************************************
Do you wish to run sa-update to fetch new rules [N]? y

選擇:MILTER

...................................

        The provided default configuration requires several directories
        to be created:

                /var/spool/MailScanner/incoming
                /var/spool/MailScanner/incoming/Locks
                /var/spool/MailScanner/quarantine
                /var/spool/mqueue
                /var/spool/mqueue.in

..................................

===>   Compressing manual pages for MailScanner-4.84.5_3
===>   Registering installation for MailScanner-4.84.5_3

root@test:/usr/ports/mail/mailscanner # make clean
..........................

===>  Cleaning for p5-Parse-CPAN-Meta-1.44.04
===>  Cleaning for p5-JSON-PP-2.27202
===>  Cleaning for MailScanner-4.84.5_3

3. 為MailScanner手動新增工作目錄:

# cd /var/spool/
# mkdir mqueue.in
# mkdir MailScanner
# cd MailScanner/
# mkdir incoming
# mkdir quarantine

4. 進行設定:

4.1打開mta:

root@test:/var/spool # vi /usr/local/etc/rc.d/mta

將sendmail前面的#拿掉。

# Sendmail, 3 instances (for MailScanner):
#
mta_enable="YES"
mta_type="sendmail"
mta_profiles="incoming outgoing submitqueue"
mta_incoming_flags="-L sm-mta-in -bd -OPrivacyOptions=noetrn -OQueueDirectory=/var/spool/mqueue.in -ODeliveryMode=queueonly"
mta_incoming_pidfile="/var/run/sendmail_in.pid"
mta_incoming_configfile="/etc/mail/sendmail.cf"
mta_outgoing_flags="-L sm-mta-out -q15m"
mta_outgoing_pidfile="/var/run/sendmail_out.pid"
mta_outgoing_configfile="/etc/mail/sendmail.cf"
mta_submitqueue_flags="-L sm-msp-queue -Ac -q15m"
mta_submitqueue_pidfile="/var/spool/clientmqueue/sm-client.pid"
mta_submitqueue_configfile="/etc/mail/submit.cf"

/usr/local/etc/rc.d/mta: 150 lines, 4148 characters.
存檔。

 

4.2 編輯MailScanner設定:

root@test:/var/spool # vi /usr/local/etc/MailScanner/MailScanner.conf
原則上使用default即可。

 

4.3 設定為開機時啟動。

# vi /etc/rc.conf

# -- MailScanner Settings -- #
sendmail_enable="No"
spamd_enable="Yes"
clamav_clamd_enable="Yes"
clamav_freshclam_enable="YES"
mailscanner_enable="Yes"
mailscanner_configfile="/usr/local/etc/MailScanner/MailScanner.conf"
mailscanner_pidfile="/var/run/MailScanner.pid"

 

5. 啟動整個程序:

# killall sendmail                    //將系統舊的sendmail停掉。
# /usr/local/etc/rc.d/mta start    //啟動mta
===> mta profile: incoming
Starting mta.
===> mta profile: outgoing
Starting mta.
===> mta profile: submitqueue
Starting mta.

# /usr/local/etc/rc.d/mailscanner start    //啟動mailscanner
Starting mailscanner.

# /usr/local/etc/rc.d/clamav-freshclam start    //啟動病毒碼更新
Starting clamav_freshclam.

 

6. 修改系統的mail設定:

# vi /etc/mail/access

將要接受的email設為relay,其他通通設成丟棄!

#.test.com                        RELAY
#admin@test.com          RELAY
aaa@test.com        RELAY
bbb@test.com          RELAY
ccc@test.com           RELAY
test.com          discard    //表示不在上列relay名單中的信通通扔掉!
存檔。

# vi mailertable

test.com          smtp:[192.168.0.1]                //指名要轉寄的內部mail server,如果沒有要做這一段這個不用設定。
存檔退出。

# vi relay-domain

test.com
存檔退出。

# vi mailer.conf    //使用內訂值,不用改。

# $FreeBSD: release/9.0.0/etc/mail/mailer.conf 93858 2002-04-05 04:25:14Z gshapiro $
#
# Execute the "real" sendmail program, named /usr/libexec/sendmail/sendmail
#
sendmail        /usr/libexec/sendmail/sendmail
send-mail       /usr/libexec/sendmail/sendmail
mailq           /usr/libexec/sendmail/sendmail
newaliases      /usr/libexec/sendmail/sendmail
hoststat        /usr/libexec/sendmail/sendmail
purgestat       /usr/libexec/sendmail/sendmail

# make    //請系統重編過剛剛修改過的檔案,沒有compile的話系統是看不懂的。
cp freebsd.mc mail.test.com.mc
/usr/bin/m4 -D_CF_DIR_=/usr/share/sendmail/cf/   /usr/share/sendmail/cf/m4/cf.m4 mail.test.com.mc > mail.test.com.cf
cp freebsd.submit.mc mail.test.com.submit.mc
/usr/bin/m4 -D_CF_DIR_=/usr/share/sendmail/cf/   /usr/share/sendmail/cf/m4/cf.m4 mail.test.com.submit.mc > mail.test.com.submit.cf
/usr/sbin/makemap hash mailertable.db < mailertable
chmod 0640 mailertable.db
/usr/sbin/makemap hash access.db < access
chmod 0640 access.db

完成。日後每次修改/etc/mail/下的檔案,最後都要make一次唷。

 

# ls /etc/mail/

Makefile                        mailer.conf
README                          mailertable
access                          mailertable.db
access.db                       mailertable.sample
access.sample                   relay-domains
aliases                         sendmail.cf
aliases.db                      submit.cf
freebsd.cf                      mail.test.com.cf
freebsd.mc                      mail.test.com.mc
freebsd.submit.cf               mail.test.com.submit.cf
freebsd.submit.mc               mail.test.com.submit.mc
helpfile                        virtusertable.sample

7. 日後如果人員email有異動,可以直接更改/etc/mail/access就可以,更改後記得:

# make
/usr/sbin/makemap hash access.db < access
chmod 0640 access.db

全部完成。

, , , ,

貓熊麗麗 發表在 痞客邦 PIXNET 留言(0) 人氣()