OS: FreeBSD 9.1-release
安裝順序:安裝MailScanner之前一定要先裝Perl5.14才會正確編譯。
1. 安裝Perl 5.14
root@test:/ # cd /usr/ports/lang/perl5.14
root@test:/usr/ports/lang/perl5.14 # make install clean
使用內訂值安裝。
..............................
===> SECURITY REPORT:
This port has installed the following files which may act as network
servers and may therefore pose a remote security risk to the system.
/usr/local/lib/perl5/5.14.2/mach/CORE/libperl.so
If there are vulnerabilities in these programs there may be a security
risk to the system. FreeBSD makes no guarantee about the security of
ports included in the Ports Collection. Please type 'make deinstall'
to deinstall the port if this is a concern.
For more information, and contact details about the security
status of this software, see the following webpage:
http://www.perl.org/
===> Cleaning for perl-5.14.2_3
2. Perl 5.14安裝完成後,隨即開始安裝MailScanner,現在在裝MailScanner時會一併安裝ClamAV和SpamAssassin。
root@test:/usr/ports/lang/perl5.14 # cd /usr/ports/mail/mailscanner/
root@test:/usr/ports/mail/mailscanner # make install
選擇:ClamAV Clamavmodule Spamassassin
............................
選擇:HTTPS
...........................
config: no rules were found! Do you need to run 'sa-update'?
*******************************************************
* _ _ _ _______ ______ __ _ _____ __ _ ______ *
* | | | |_____| |_____/ | \ | | | \ | | ____ *
* |__|__| | | | \_ | \_| __|__ | \_| |_____| *
* *
*******************************************************
* You must install rules before starting spamd! *
*******************************************************
Do you wish to run sa-update to fetch new rules [N]? y
選擇:MILTER
...................................
The provided default configuration requires several directories
to be created:
/var/spool/MailScanner/incoming
/var/spool/MailScanner/incoming/Locks
/var/spool/MailScanner/quarantine
/var/spool/mqueue
/var/spool/mqueue.in
..................................
===> Compressing manual pages for MailScanner-4.84.5_3
===> Registering installation for MailScanner-4.84.5_3
root@test:/usr/ports/mail/mailscanner # make clean
..........................
===> Cleaning for p5-Parse-CPAN-Meta-1.44.04
===> Cleaning for p5-JSON-PP-2.27202
===> Cleaning for MailScanner-4.84.5_3
3. 為MailScanner手動新增工作目錄:
# cd /var/spool/
# mkdir mqueue.in
# mkdir MailScanner
# cd MailScanner/
# mkdir incoming
# mkdir quarantine
4. 進行設定:
4.1打開mta:
root@test:/var/spool # vi /usr/local/etc/rc.d/mta
將sendmail前面的#拿掉。
# Sendmail, 3 instances (for MailScanner):
#
mta_enable="YES"
mta_type="sendmail"
mta_profiles="incoming outgoing submitqueue"
mta_incoming_flags="-L sm-mta-in -bd -OPrivacyOptions=noetrn -OQueueDirectory=/var/spool/mqueue.in -ODeliveryMode=queueonly"
mta_incoming_pidfile="/var/run/sendmail_in.pid"
mta_incoming_configfile="/etc/mail/sendmail.cf"
mta_outgoing_flags="-L sm-mta-out -q15m"
mta_outgoing_pidfile="/var/run/sendmail_out.pid"
mta_outgoing_configfile="/etc/mail/sendmail.cf"
mta_submitqueue_flags="-L sm-msp-queue -Ac -q15m"
mta_submitqueue_pidfile="/var/spool/clientmqueue/sm-client.pid"
mta_submitqueue_configfile="/etc/mail/submit.cf"
/usr/local/etc/rc.d/mta: 150 lines, 4148 characters.
存檔。
4.2 編輯MailScanner設定:
root@test:/var/spool # vi /usr/local/etc/MailScanner/MailScanner.conf
原則上使用default即可。
4.3 設定為開機時啟動。
# vi /etc/rc.conf
# -- MailScanner Settings -- #
sendmail_enable="No"
spamd_enable="Yes"
clamav_clamd_enable="Yes"
clamav_freshclam_enable="YES"
mailscanner_enable="Yes"
mailscanner_configfile="/usr/local/etc/MailScanner/MailScanner.conf"
mailscanner_pidfile="/var/run/MailScanner.pid"
5. 啟動整個程序:
# killall sendmail //將系統舊的sendmail停掉。
# /usr/local/etc/rc.d/mta start //啟動mta
===> mta profile: incoming
Starting mta.
===> mta profile: outgoing
Starting mta.
===> mta profile: submitqueue
Starting mta.
# /usr/local/etc/rc.d/mailscanner start //啟動mailscanner
Starting mailscanner.
# /usr/local/etc/rc.d/clamav-freshclam start //啟動病毒碼更新
Starting clamav_freshclam.
6. 修改系統的mail設定:
# vi /etc/mail/access
將要接受的email設為relay,其他通通設成丟棄!
#.test.com RELAY
#admin@test.com RELAY
aaa@test.com RELAY
bbb@test.com RELAY
ccc@test.com RELAY
test.com discard //表示不在上列relay名單中的信通通扔掉!
存檔。
# vi mailertable
test.com smtp:[192.168.0.1] //指名要轉寄的內部mail server,如果沒有要做這一段這個不用設定。
存檔退出。
# vi relay-domain
test.com
存檔退出。
# vi mailer.conf //使用內訂值,不用改。
# $FreeBSD: release/9.0.0/etc/mail/mailer.conf 93858 2002-04-05 04:25:14Z gshapiro $
#
# Execute the "real" sendmail program, named /usr/libexec/sendmail/sendmail
#
sendmail /usr/libexec/sendmail/sendmail
send-mail /usr/libexec/sendmail/sendmail
mailq /usr/libexec/sendmail/sendmail
newaliases /usr/libexec/sendmail/sendmail
hoststat /usr/libexec/sendmail/sendmail
purgestat /usr/libexec/sendmail/sendmail
# make //請系統重編過剛剛修改過的檔案,沒有compile的話系統是看不懂的。
cp freebsd.mc mail.test.com.mc
/usr/bin/m4 -D_CF_DIR_=/usr/share/sendmail/cf/ /usr/share/sendmail/cf/m4/cf.m4 mail.test.com.mc > mail.test.com.cf
cp freebsd.submit.mc mail.test.com.submit.mc
/usr/bin/m4 -D_CF_DIR_=/usr/share/sendmail/cf/ /usr/share/sendmail/cf/m4/cf.m4 mail.test.com.submit.mc > mail.test.com.submit.cf
/usr/sbin/makemap hash mailertable.db < mailertable
chmod 0640 mailertable.db
/usr/sbin/makemap hash access.db < access
chmod 0640 access.db
完成。日後每次修改/etc/mail/下的檔案,最後都要make一次唷。
# ls /etc/mail/
Makefile mailer.conf
README mailertable
access mailertable.db
access.db mailertable.sample
access.sample relay-domains
aliases sendmail.cf
aliases.db submit.cf
freebsd.cf mail.test.com.cf
freebsd.mc mail.test.com.mc
freebsd.submit.cf mail.test.com.submit.cf
freebsd.submit.mc mail.test.com.submit.mc
helpfile virtusertable.sample
7. 日後如果人員email有異動,可以直接更改/etc/mail/access就可以,更改後記得:
# make
/usr/sbin/makemap hash access.db < access
chmod 0640 access.db
全部完成。
留言列表