August 7, 2007
postfix FAQ (2)
问题一:
Aug 7 22:26:22 mail postfix/smtpd[16829]: warning: xsasl_cyrus_server_get_mechanism_list: no applicable SASL mechanisms
Aug 7 22:26:22 mail postfix/smtpd[16829]: fatal: no SASL authentication mechanisms
Aug 7 22:26:23 mail postfix/master[16825]: warning: process /usr/libexec/postfix/smtpd pid 16829 exit status 1
Aug 7 22:26:23 mail postfix/master[16825]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling
Aug 7 22:28:06 mail postfix/smtpd[16830]: warning: xsasl_cyrus_server_get_mechanism_list: no applicable SASL mechanisms
Aug 7 22:28:06 mail postfix/smtpd[16830]: fatal: no SASL authentication mechanisms
Aug 7 22:28:07 mail postfix/master[16825]: warning: process /usr/libexec/postfix/smtpd pid 16830 exit status 1
解决方法:
# ln -s /usr/local/lib/sasl2 /usr/lib/sasl2
问题二:
Jan 15 20:24:43 localhost postfix/smtpd[3048]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No such file or directory
原因:系统已经安装sasl-cyrus 删除掉,然后编译重装
July 24, 2006
postfix FAQ
今天把postfix升级到2.3.0 之前2.2.10一直使用很好,当然还是按以前的编译方式,但却发现smtp不正常,察看log显示以下错误
Jul 24 14:58:46 wap postfix/smtpd[15000]: warning: unsupported SASL server implementation: cyrus
Jul 24 14:58:46 wap postfix/smtpd[15000]: fatal: SASL per-process initialization failed
Jul 24 14:58:47 wap postfix/master[14946]: warning: process /usr/libexec/postfix/smtpd pid 15000 exit status 1
Jul 24 14:58:47 wap postfix/master[14946]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling
好生觉得奇怪,察看2.3.0的Change log ,找到原因,原来编译的时候必须加一个参数,英文是这么写的
[Incompat 20051220] The Postfix-with-Cyrus-SASL build procedure has
changed. You now need to specify -DUSE_CYRUS_SASL in addition to
-DUSE_SASL_AUTH or else you end up without any Cyrus SASL support.
The error messages are:
unsupported SASL server implementation: cyrus
unsupported SASL client implementation: cyrus
增加-DUSE_CYRUS_SASL 这个编译参数后,重新编译,测试通过
由 frank 发表于 5:30 PM
May 12, 2006
在postfix下编译安装amavisd-new+clamav+SpamAssassin
前几天给大家介绍了postfix + cyrus-sasl2 + courier-authlib + Courier-IMAP + postfixadmin和maidrop的安装,基本邮件系统已经可以使用,今天继续给大家讲怎么给postfix邮件系统加上防病毒和防垃圾邮件系统
1.安装clamav
wget http://keihanna.dl.sourceforge.net/sourceforge/clamav/clamav-0.88.tar.gz
groupadd clamav
useradd -g clamav -s/bin/false -d/dev/null clamav
./configure --prefix=/usr/local/clamav --with-dbdir=/usr/local/share/clamav
make
make check
make install
vi /usr/local/clamav/etc/clamd.conf
LogSyslog
LogVerbose
LogFacility LOG_MAIL
LogFile /var/log/clamav/clamd.log
PidFile /var/run/clamav/clamd.pid
DatabaseDirectory /usr/local/share/clamav
LocalSocket /var/run/clamav/clamd
StreamMaxLength 10M
User amavis
ScanMail
ScanArchive
ScanRAR
vi /usr/local/clamav/etc/freshclam.conf
DatabaseDirectory /usr/local/share/clamav
UpdateLogFile /var/log/clamav/freshclam.log
LogSyslog
LogVerbose
DatabaseOwner amavis
Checks 12
DatabaseMirror db.CN.clamav.net
DatabaseMirror database.clamav.net
NotifyClamd
注意:注释掉两个文件中Example那行
添加amavis用户和组,配合amavisd使用
groupadd amavis
useradd -g amavis -s /bin/false -c "Amavis User" -d /dev/null amavis
创建日志文件夹并设置权限
mkdir /var/log/clamav
chmod -R 744 /var/log/clamav
chown -R amavis:amavis /var/log/clamav
chown -R amavis.amavis /usr/local/share/clamav
mkdir /var/run/clamav
chmod 700 /var/run/clamav
chown amavis.amavis /var/run/clamav
手动更新病毒库
/usr/local/clamav/bin/freshclam
设置自动更新病毒库
crontab -e
0 4 * * * root /usr/local/clamav/bin/freshclam --quiet -l /var/log/clamd.log
启动
# /usr/local/clamav/sbin/clamd
2.安装amavisd
wget http://www.ijs.si/software/amavisd/amavisd-new-2.4.1.tar.gz
升级file,可以通过file -v看一下版本,要求4.06版本以上
wget ftp://ftp.astron.com/pub/file/file-4.17.tar.gz
安装以下文件,这些都是安装amavisd需要的
perl -MCPAN -e shell
cpan>install Archive::Tar
cpan>install Archive::Zip
cpan>install Compress::Zlib
cpan>install Convert::UUlib
cpan>install MIME::Base64
cpan>install Mail::Internet
cpan>install Net::Server
cpan>install Net::SMTP
cpan>install Digest::MD5
cpan>install IO::Stringy
cpan>install Time::HiRes
cpan>install Unix::Syslog
cpan>install BerkeleyDB
cpan>install Convert::TNEF
cpan>install MIME::Parser
cpan>install MIME::Tools
升级perl到最新版本,至少5.8.2以上版本
wget http://www.perl.com/CPAN/src/stable.tar.gz
tar zvxf stable.tar.gz
cd perl-5.8.8
./configure.gnu --prefix=/usr -Dpager="/bin/less -isR"
make
make test 测试一下,没问题后再install
make install
注意升级perl的话,可能会造成系统的其他perl应用不正常,请慎重升级,一般redhat9.0默认的5.8.0应该也没问题
mkdir -p /var/amavis /var/amavis/tmp /var/amavis/var /var/amavis/db /var/amavis/home
chown -R amavis:amavis /var/amavis
chmod -R 750 /var/amavis
cp amavisd /usr/local/sbin/
chown root /usr/local/sbin/amavisd
chmod 755 /usr/local/sbin/amavisd
cp amavisd.conf /etc/
chown root /etc/amavisd.conf
chmod 644 /etc/amavisd.conf
mkdir /var/virusmails
chown amavis:amavis /var/virusmails
chmod 750 /var/virusmails
#=====================================
修改 /etc/amavisd.conf
$mydomain = 'example.com';
$virus_admin = "postmaster\@$mydomain"; # notifications recip.
$mailfrom_notify_admin = "postmaster\@$mydomain"; # notifications sender
$mailfrom_notify_recip = "postmaster\@$mydomain"; # notifications sender
$mailfrom_notify_spamadmin = "postmaster\@$mydomain"; # notifications sender
$mailfrom_to_quarantine = ''; # null return path; uses original sender if undef
加入对Clamav 的支持
# ### http://www.clamav.net/
['ClamAV-clamd',
\&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd"],
qr/\bOK$/, qr/\bFOUND$/,
qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
3.安装SpamAssassin
perl -MCPAN -e shell
cpan>install Digest::SHA1
cpan>install HTML::Parser
cpan>install Net::DNS
cpan>install Mail::SPF::Query
cpan>install IP::Country
cpan>install Net::Ident
cpan>install IO::Socket::INET6
cpan>install IO::Socket::SSL
cpan>install DBI
cpan>install LWP::UserAgent
cpan>install Mail::SpamAssassin
SA的配置我这里不讲了,如果你想了解一点,也可参考我在这里的blog笔记
测试amavis
# /usr/local/sbin/amavisd debug
启动停止服务
# /usr/local/sbin/amavisd start|stop
4.让postfix使用amavisd
在/usr/local/etc/postfix/main.cf 加入
content_filter = smtp-amavis:[127.0.0.1]:10024
在/usr/local/etc/postfix/master.cf 加入
smtp-amavis unix - - n - 2 smtp
-o smtp_data_done_timeout=1200
-o disable_dns_lookups=yes
127.0.0.1:10025 inet n - n - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
#============================================
参考文档
http://www.xjtusky.com/article.asp?id=109
http://genco.gen.tc/postfix_virtual.php#amavisdclamav
http://www.toping.net/bbs/htm_data/10/0602/1042.html
http://www.freespamfilter.org/FC4.html
May 10, 2006
Maildrop安装调试笔记
groupadd vmail -g 1001
useradd vmail -u 1001 -g 1001
wget http://internap.dl.sourceforge.net/sourceforge/courier/maildrop-2.0.2.tar.bz2
tar jvxf maildrop-2.0.2.tar.bz2
./configure --enable-sendmail=/usr/sbin/sendmail --enable-trusted-users='root vmail' --enable-syslog=1 --enable-maildirquota --enable-maildrop-uid=1001 --enable-maildrop-uid=1001 --with-trashquota --with-dirsync
make
make install
注意源码安装的,将courierauthconfig 命令链接到/usr/bin里,假设装在:
/usr/local/courier-authlib/bin/courierauthconfig,则:
ln -s /usr/local/courier-authlib/bin/courierauthconfig /usr/bin/courierauthconfig
这样编译出来的maildrop才会ourier Authentication Library extension enabled.
maildrop -v
maildrop 2.0.2 Copyright 1998-2005 Double Precision, Inc.
GDBM extensions enabled.
Courier Authentication Library extension enabled.
Maildir quota extension enabled.
This program is distributed under the terms of the GNU General Public
License. See COPYING for additional information.
如果没有显示Courier Authentication Library extension enabled.说明你的maidrop还不支持courier auth,请仔细检查,重新编译
maildrop建议不要自定义目录安装,可以减少不必要的麻烦,删除很方便:直接在已经编译的源代码目录 make uninstall 就行
配置main.cf和master.cf使postfix调用maildrop
========================
vi /etc/postfix/main.cf
virtual_transport = maildrop
maildrop_destination_recipient_limit = 1
========================
vi /etc/postfix/master.cf
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/local/bin/maildrop -w 90 -d ${user}@${nexthop} ${recipient} ${user} ${extension}${nexthop}
调试maildrop是否正常工作
从其他邮箱发一份邮件到你新建立的email地址,看到类似log记录
May 10 07:21:05 mail postfix/pipe[13994]: 78DCC156AE7: to=<frank@domain.com>, relay=maildrop, delay=0, status=sent
(domain.com)
看到relay=maildrop 并且log没有报错,则说明maildrop已经正常工作
FAQ:
1. 编译安装的时候出现以下报错configure: error: pcre.h not found - install PCRE from www.pcre.org
请安装pcre-devel包
May 7, 2006
笔记postfix + cyrus-sasl2 + courier-authlib + Courier-IMAP + postfixadmin
postfix + cyrus-sasl2 + courier-authlib + Courier-IMAP + postfixadmin
最终修改:2006.5.10
1.安装cyrus-sasl-2.x
删除以前的rpm包以及相关目录
rpm -e --nodeps cyrus-sasl-2.1.10-4 cyrus-sasl-plain-2.1.10-4 cyrus-sasl-md5-2.1.10-4 cyrus-sasl-devel-2.1.10-4
rm -rf /usr/lib/sasl
rm -rf /usr/lib/sasl2
wget ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/cyrus-sasl-2.1.21.tar.gz
./configure
--enable-plain --enable-cram --enable-digest --enable-login --enable-sql
--disable-anon --disable-ntlm --disable-gssapi --disable-krb4 --disable-otp --disable-srp --disable-srp-setpass
-with-authdaemond=/usr/local/courier-authlib/var/spool/authdaemon/socket
--with-mysql=/usr/local/mysql --with-mysql-includes=/usr/local/mysql/include/mysql --with-mysql-
libs=/usr/local/mysql/lib/mysql
make
make install
ln -s /usr/local/lib/sasl2 /usr/lib/sasl2
增加"/usr/local/lib"到你的"/etc/ld.so.conf",并执行ldconfig命令。
vi /usr/local/lib/sasl2/smtpd.conf
pwcheck_method: authdaemond
log_level: 3
mech_list: PLAIN LOGIN
authdaemond_path:/usr/local/courier-authlib/var/spool/authdaemon/socket
注意,这个文件的编辑不要多写一个空格,否则会出现smtp验证不过的问题
2.编译postfix2.x
wget ftp://postfix.cn99.com/postfix/official/postfix-2.2.10.tar.gz
tar zvxf postfix-2.2.10.tar.gz
下载VDA补丁,使postfix支持磁盘限额
wget http://web.onda.com.br/nadal/postfix/VDA/postfix-2.2.10-vda.patch.gz
gzip -d postfix-2.2.10-vda.patch.gz
chkconfig --level 2345 sendmail off
安装postfix之前添加相关的用户&用户组
groupadd postfix -g 1000
groupadd postdrop
useradd postfix -u 1000 -g postfix -G postdrop
groupadd vmail -g 1001
useradd vmail -u 1001 -g 1001
mkdir /home/mail
chown vmail:vmail /home/mail
chmod -R 771 /home/mail
打补丁
patch -p1 < ../postfix-2.2.10-vda.patch
make tidy
make makefiles 'CCARGS=-DHAS_MYSQL -I/usr/local/mysql/include/mysql -DUSE_SASL_AUTH -I/usr/local/include/sasl' 'AUXLIBS=-
L/usr/local/mysql/lib/mysql -lmysqlclient -lm -lz -L/usr/local/lib -lsasl2'
make
make install
mv /etc/aliases /etc/aliases.old
ln -s /etc/postfix/aliases /etc/aliases
echo 'root: admin@example.com'>>/etc/postfix/aliases
/usr/bin/newaliases
touch /etc/postfix/mysql_virtual_alias_maps.cf
touch /etc/postfix/mysql_virtual_domains_maps.cf
touch /etc/postfix/mysql_virtual_mailbox_maps.cf
touch /etc/postfix/mysql_virtual_limit_maps.cf
vi /etc/postfix/main.cf
myhostname = mail.example.com # mail.example.com是安装Postfix软件的主机名
mydomain = example.com # example.com是安装Postfix软件的主机名中的域名部分
myorigin = $mydomain
mydestination =
alias_maps = hash:/etc/aliases
home_mailbox = Maildir/ # 使用Maildir作为邮件的存储格式
#=====================MySQL=====================
virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_mailbox_base = /home/mail
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_limit = 102400000
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_minimum_uid = 1001
virtual_uid_maps = static:1001
virtual_gid_maps = static:1001
virtual_transport = virtual
#"virtual_gid_maps"和"virtual_uid_maps"是postfix用户的gid和uid, "virtual_minimum_uid"应当≤"virtual_uid_maps",
"virtual_mailbox_limit"是每个邮箱的大小。
#=====================Quota=====================
virtual_create_maildirsize = yes
virtual_mailbox_extended = yes
virtual_mailbox_limit_maps = mysql:/etc/postfix/mysql_virtual_limit_maps.cf
virtual_mailbox_limit_override = yes
virtual_maildir_limit_message = Sorry, the user's maildir has overdrawn his diskspace quota, please try again later.
virtual_overquota_bounce = yes
#virtual_trash_count=yes
#virtual_trash_name=.Trash
#====================SASL======================
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_non_fqdn_hostname,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unauth_destination,
reject_unauth_pipelining,
reject_invalid_hostname
#reject_rbl_client opm.blitzed.org,
#reject_rbl_client list.dsbl.org,
#reject_rbl_client bl.spamcop.net,
#reject_rbl_client sbl-xbl.spamhaus.org
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
#=============================================
mail_owner = postfix
mailq_path = /usr/bin/mailq
manpage_directory = /usr/local/man
newaliases_path = /usr/bin/newaliases
queue_directory = /var/spool/postfix
readme_directory = no
sample_directory = /etc/postfix
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
unknown_local_recipient_reject_code = 550
编辑cf配置文件
vi /etc/postfix/mysql_virtual_alias_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
table = alias
select_field = goto
where_field = address
additional_conditions = AND active = '1'
=================================
vi /etc/postfix/mysql_virtual_domains_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
table = domain
select_field = description
where_field = domain
additional_conditions = AND active = '1'
=================================
vi /etc/postfix/mysql_virtual_mailbox_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
table = mailbox
select_field = maildir
where_field = username
additional_conditions = AND active = '1'
=================================
vi /etc/postfix/mysql_virtual_limit_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
table = mailbox
select_field = quota
where_field = username
additional_conditions = AND active = '1'
启动和挺直postfix服务
/usr/sbin/postfix start
/usr/sbin/postfix stop
3.编译courier-authlib
wget http://kent.dl.sourceforge.net/sourceforge/courier/courier-authlib-0.58.tar.bz2
tar jvxf courier-authlib-0.58.tar.bz2
./configure
--prefix=/usr/local/courier-authlib --without-stdheaderdir
--without-authuserdb --without-authpam --without-authldap --without-authpwd --without-authshadow --without-authvchkpw --without-authpgsql --without-authcustom
--with-authmysql --with-mysql-libs=/usr/local/mysql/lib/mysql --with-mysql-includes=/usr/local/mysql/include/mysql
--with-redhat
一个关键点:
如果courier-authlib安装到非标准位置(例如安装到/usr/local下),一定记得在./configure时增加--without-stdheaderdir,这样以后在编译Courier-IMAP和maildrop的时候,不用特别指定courier-authlib的库文件位置
make
make install
make install-configure
增加"/usr/local/courier-authlib/lib/courier-authlib"到你的"/etc/ld.so.conf",并执行ldconfig命令。
chmod +x /usr/local/courier-authlib/var/spool/authdaemon
vi /usr/local/courier-authlib/etc/authlib/authdaemonrc 可以不修改
authmodulelist="authmysql"
authmodulelistorig="authmysql"
daemons=10
vi /usr/local/courier-authlib/etc/authlib/authmysqlrc
MYSQL_SERVER localhost
MYSQL_USERNAME postfix
MYSQL_PASSWORD yourpassword
MYSQL_SOCKET /tmp/mysql.sock
MYSQL_DATABASE postfix
MYSQL_USER_TABLE mailbox
MYSQL_CRYPT_PWFIELD password
MYSQL_UID_FIELD 1001
MYSQL_GID_FIELD 1001
MYSQL_LOGIN_FIELD username
MYSQL_HOME_FIELD '/home/mail/' #设置postfix存储邮件的目录
MYSQL_NAME_FIELD name
MYSQL_MAILDIR_FIELD maildir
MYSQL_QUOTA_FIELD quota
MYSQL_WHERE_CLAUSE active='1'
启动courier-authlib
/usr/local/courier-authlib/sbin/authdaemond start
4.编译安装安装Courier-IMAP
wget http://surfnet.dl.sourceforge.net/sourceforge/courier/courier-imap-4.1.0.tar.bz2
tar jvxf courier-imap-4.1.0.tar.bz2
./configure --prefix=/usr/local/courier-imap --with-redhat --enable-unicode --disable-root-check --with-trashquota --without
-ipv6 CPPFLAGS='-I/usr/local/courier-authlib/include' COURIERAUTHCONFIG='/usr/local/courier-authlib/bin/courierauthconfig'
CPPFLAGS='-I/usr/local/courier-authlib/include' 如果编译courier-authlib没有安装在默认路径,必须指定这个,如果之前编译courier-authlib加了--without-stdheaderdir,就不需要指定了
make
make install
cp /usr/local/courier-imap/etc/imapd.dist /usr/local/courier-imap/etc/imapd
cp /usr/local/courier-imap/etc/imapd-ssl.dist /usr/local/courier-imap/etc/imapd-ssl
cp /usr/local/courier-imap/etc/pop3d.dist /usr/local/courier-imap/etc/pop3d
cp /usr/local/courier-imap/etc/pop3d-ssl.dist /usr/local/courier-imap/etc/pop3d-ssl
配置Courier-IMAP,为用户提供pop3服务:
vi /usr/local/courier-imap/etc/pop3d
POP3DSTART=yes
注:如果你想为用户提供IMAP服务,可以在"/usr/local/courier-imap/etc/imapd"文件中设置"IMAPDSTART=yes"。
cp courier-imap.sysvinit /etc/rc.d/init.d/imapd
chmod 755 /etc/rc.d/init.d/imapd
chkconfig --add imapd
5.编译安装postfixadmin
wget http://high5.net/postfixadmin/download.php?file=postfixadmin-2.1.0.tgz
tar -zxvf postfixadmin-2.1.0.tgz
把解压的目录改名拷贝到默认的web目录下,比如 /var/www
cd /var/www/postfixadmin
$ chmod 640 *.php *.css
$ cd /var/www/postfixadmin/admin
$ chmod 640 *.php .ht*
$ cd /var/www/postfixadmin/images/
$ chmod 640 *.gif *.png
$ cd /var/www/postfixadmin/languages/
$ chmod 640 *.lang
$ cd /var/www/postfixadmin/templates/
$ chmod 640 *.tpl
$ cd /var/www/postfixadmin/users/
$ chmod 640 *.php
导入数据库
mysql -uroot -p < DATABASE_MYSQL.TXT
访问:
http://域名/postfixadmin/
6.FAQ:
1.出现authentication error: Input/output error错误的时候
估计是查询mysql时,authdaemond出错了。具体要打开authdaemonrc里的:
DEBUG_LOGIN=2 原来默认是0
然后看看/var/log/message或/var/log/maillog 在认证失败时有什么提示。根据提示去检查问题到底出在哪儿
2.warning: SASL authentication failure: cannot connect to Courier authdaemond: Permission denied
检查 authdaemond的socket所在目录及其父目录的属性是否对smtpd可读。如果不可读则出现这个问题(permission的问题)。
3.warning: SASL authentication failure: cannot connect to Courier authdaemond: No such file or directory
检查/usr/local/lib/sasl2/smtpd.conf,看看是否有多写一个空格,一般空格很难直观的发现
April 30, 2006
《Postfix权威指南》
oreilly_postfix_the_definitive_guide
作者: Kyle D. Dent 著 O'Reilly Taiwan公司 编译
章节目录
序
前言
第一章 简介
Postfix的起源与设计理念
E-mail与Internet
Postfix的角色
Postfix的安全性
如何取得Postfix
第二章 基本概念
Unix的概念
E-mail的概念
第三章 Postfix的结构
Postfix的组件
邮件如何进入Postfix系统
Postfix的队列管理器
投递操作
实际追踪Postfix的邮件处理流程
第四章 基本的配置与管理
第一次启动Postfix
配置文件
重要的考虑事项
管理
master.cf
收信限制
改写地址格式
改变根目录(chroot)
在线说明书
第五章 队列管理
qmgr的运行原理
队列管理工具
第六章 E-mail与DNS
DNS概论
决定邮件路由
Postfix与DNS
常见问题
第七章 本地投递与 POP/IMAP
Postfix的投递代理程序
邮箱格式
本地邮件的投递操作
POP与IMAP
本地邮件传输协议(LMTP)
第八章 虚拟网域
共享网域搭配系统账户
独立网域搭配系统账户
独立网域搭配虚拟账户
虚拟网域搭配特殊格式的邮箱
投递到外部程序
第九章 邮件转发
备用交换器
传输表
入站邮件网关
出站邮件网关
UUCP、传真以及其他投递机制
第十章 邮件列表
简易的邮件列表
邮件列表管理系统
第十一章 反垃圾邮件
垃圾邮件的本质
垃圾邮件的问题
开放转发(Open Relay)
辨别垃圾邮件
反垃圾邮件的措施
Postfix的挡信机制
客户端判别规则
SMTP语法规范参数
内容检查
自定义过滤条件组合
反垃圾邮件实例
第十二章 SASL身份验证
SASL概论
Postfix与SASL
Postfix的SASL配置
测试SASL验证配置
SMTP客户端验证
第十三章 传输层安全协议(TLS)
Postfix与TLS
TLS证书
第十四章 内容过滤
基于命令的过滤
基于守护进程的过滤
其他考虑事项
第十五章 外部数据库
MySQL
LDAP
附录一 配置参数
附录二 Postfix支持工具
附录三 Postfix的编译与安装
附录四 问题集
索引
下载地址 可惜不是中文的,大家先看英文吧,中文书店有买
由 frank 发表于 1:29 PM
April 29, 2006
Courier-IMAP编译出错解决
编译Courier-IMAP的时候,出现以下报错信息:
imaplogin.c:35:32: courierauth.h: 没有那个文件或目录
imaplogin.c:36:37: courierauthdebug.h: 没有那个文件或目录
imaplogin.c:159: warning: `struct authinfo' declared inside parameter list
imaplogin.c:159: warning: its scope is only this definition or declaration, which is probably not what you want
imaplogin.c: In function `login_callback':
imaplogin.c:169: dereferencing pointer to incomplete type
imaplogin.c:170: warning: implicit declaration of function `auth_getoption'
imaplogin.c:170: dereferencing pointer to incomplete type
imaplogin.c:171: warning: assignment makes pointer from integer without a cast
imaplogin.c:175: dereferencing pointer to incomplete type
imaplogin.c:180: dereferencing pointer to incomplete type
imaplogin.c:184: dereferencing pointer to incomplete type
imaplogin.c:199: dereferencing pointer to incomplete type
imaplogin.c:200: dereferencing pointer to incomplete type
imaplogin.c:223: warning: implicit declaration of function `auth_callback_default'
imaplogin.c:227: dereferencing pointer to incomplete type
imaplogin.c:228: dereferencing pointer to incomplete type
imaplogin.c:233: dereferencing pointer to incomplete type
imaplogin.c:233: dereferencing pointer to incomplete type
imaplogin.c:243: dereferencing pointer to incomplete type
imaplogin.c:247: dereferencing pointer to incomplete type
imaplogin.c:251: dereferencing pointer to incomplete type
imaplogin.c:252: dereferencing pointer to incomplete type
imaplogin.c: In function `do_imap_command':
imaplogin.c:281: warning: implicit declaration of function `courier_authdebug_login'
imaplogin.c:375: warning: implicit declaration of function `auth_login'
imaplogin.c:376: warning: implicit declaration of function `courier_safe_printf'
imaplogin.c: In function `main':
imaplogin.c:454: warning: implicit declaration of function `courier_authdebug_login_init'
imaplogin.c: In function `login_imap':
imaplogin.c:599: warning: implicit declaration of function `DPRINTF'
make[3]: *** [imaplogin.o] Error 1
make[3]: Leaving directory `/root/soft/postfix/courier-imap-4.1.0/imap'
make[2]: *** [all] Error 2
make[2]: Leaving directory `/root/soft/postfix/courier-imap-4.1.0/imap'
make[1]: *** [all-recursive] Error 1
make[1]: Leaving directory `/root/soft/postfix/courier-imap-4.1.0'
make: *** [all] Error 2
google寻找了一圈,没有实质性的答案,不过仔细看了编译出错的,很快就找到解决办法,就是在预编译的时候加 CPPFLAGS='-I/usr/local/courier-authlib/include'
那完整的编译参数是
./configure --prefix=/usr/local/courier-imap --with-redhat --enable-unicode --disable-root-check --with-trashquota --without-ipv6 \
CPPFLAGS='-I/usr/local/courier-authlib/include' \
COURIERAUTHCONFIG='/usr/local/courier-authlib/bin/courierauthconfig'
April 12, 2006
qmail中的几个error的产生的原因和解决方法
qmail中的几个error的产生的原因和解决方法
1 deferral: Unable_to_chdir_to_maildir._(#4.2.1)
这个是qmail找不到用户的收信目录所致。如果你是用vpopmail的虚拟域名来管理的,那看看你的control/locals文件,里面不能有虚拟域名,只能有实际域名(这个实际域名的意思应该是使用系统用户作为用户的域,而不是使用vpopmail的虚拟用户的域)。因此呢,如果不是用vpopmail,那么可能是系统用户的目录权限设置不正确。
如果发生这个错误,首先保证你没有对user/assign做过手动修改,添加域名都是使用vpopmail的vadddomin命令来添加的,没有修改过~vopmail/domins目录以及其下面目录的权限和属主,然后修改了locals文件之后重启应该就没有问题了。
2 deferral: Uh-oh:_.qmail_has_prog_delivery_but_has_x_bit_set._(#4.7.0)
这个是因为你的.qmail文件设置了x属性,把.qmail文件的x去掉就ok了。这个.qmail文件就在你的domins/xxx.com下面,包括比如.qmail-default之类的文件,修改一下权限,去掉x就ok了。
3 454 oops, unable to write pipe and I can't auth (#4.3.0)
这个错误是在你打了smtp auth的补丁之后,却发现不能正常auth,输入了正确的用户名密码还是提示不正确。可以通过下面的命令来测试。
[root@caph qmail-smtpd]# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 xxx.com ESMTP
ehlo
250-xxx.com
250-PIPELINING
250-8BITMIME
250-SIZE 104857600
250 AUTH LOGIN PLAIN CRAM-MD5 //显示这个通常表示你已经打好了补丁,不过这个是可以通过修改qmail-smtp.c文件来定制的。
auth login
334 VXNlcm5hbWU6
awefaq23rasdf
334 UGFzc3dvcmQ6
awefwaef
454 oops, unable to write pipe and I can't auth (#4.3.0)
quit
221 xxx.com
Connection closed by foreign host.
出现了这种问题是因为smtp运行脚本没有设置正确的用户所致。将你的smtp的tcpserver命令的运行用户和组指定一下。
QMAILDUID=`id -u vpopmail`
QMAILDGID=`id -g vpopmail`
/usr/local/bin/tcpserver -v -H -R -l "$LOCAL" -x /etc/tcp.smtp.cdb -c "$MAXSMTPD"
-u "$QMAILDUID" -g "$QMAILDGID" 0 smtp /usr/local/bin/rblsmtpd -r relays.ordb.org
/var/qmail/bin/qmail-smtpd
/home/vpopmail/bin/vchkpw /bin/true /bin/cmd5checkpw /bin/true 2>&1
不需要修改~vpopmail/bin/vchkpw的属性。
4 451 qq write error or disk full (#4.3.0)
通常产生这个可能有2个原因:(1)你的qmail queue所在的磁盘空间不足。(2)qmail-queue的权限设置不正确或者文件有问题。
错误信息:the smtp server reply:qq crashed (#5.1.1)
修改stmp启动脚本,改大smtp的softlimit
Sorry. Although I'm listed as a best-preference MX or A for that host,it isn't in my control/locals file, so I don't treat it as local. (#5.4.6)
修改源码:ipme.c
ip_scan("0.0.0.0",&ix.ip);--92行左右加进
if (!ipalloc_append(&ipme,&ix)) { close(moreipme_fd); return 0; }
在邮件队列中快速删除从一个地方发过来但又不存在的邮件?
A:
设bad.jite.com是这个域。可以键入以下命令
echo # > ~alias/.qmail-baddomain-default
echo bad.jite.com:alias-baddomain>> /var/qmail/control/virtualdomains
echo bad.jite.com:127.0.0.1 >> /var/qmail/control/smtproutes
然后运行/var/qmail/bin/qmail-tcpok,给qmail-send 一个HUP信号
解决qmail经常收到来至<#@[]>这样的邮件!
首先说明一下<>和<#@[]>都是系统bouce信件信封(envelope)上的寄信人地址
这两种信都是系统产生的,区别在于<>往往是系统single bouce的地址,而<#@[]>则是系统double bounces或者triple bouces的地址
系统用这两种地址是为了避免邮件回路(mail loops)
来自<#@[]>一般都是系统的double bounces
要去掉这些double bounces可以有一种简单的办法
其原理是产生一个nobody的地址,发往这里的信件都会被丢弃,这样double bouces就不会烦你的postmaster了
具体步骤如下:
echo # > /var/qmail/alias/.qmail-nobody
echo nobody > /var/qmail/control/doublebounceto
December 30, 2005
qmail+vpopmail安装笔记
这次重新安装,参考了Bill's Linux Qmail Toaster的文章,改作者对qmail的应用做了深度的整合,基本上实现了大家普遍关心的Qmail SMTP 发信验证,SSL支持和病毒,垃圾邮件检测的支持。
我今天的笔记不包括垃圾邮件和病毒的检测,大家如果关心的可以去Bill's Linux Qmail Toaster详细看看。
安装qmail邮件服务器之前,当然你得配置好dns了,至于dns得mx怎么配置,不是我们今天要讲的重点。
首先为了安装顺利进行,大家先确认系统是否安装了以下程序,我们用一个简单的命令来查询:
rpm -qa |grep g++ gcc-g++ gdbm gdbm-devel openssl openssl-devel stunnel krb5-devel bzip2 bzip2-devel
如果没有安装的话,可以到系统的安装盘寻找相应的rpm包,我的系统是redhat 9.0。如果你是fedra或者Debian,那你更加方便,只要yum或者apt-get安装缺失的软件包就行。
然后删除系统自带的邮件系统,以免安装受影响
rpm -e --nodeps sendmail postfix
1。下载所需软件包 wget http://cr.yp.to/daemontools/daemontools-0.76.tar.gz cd ../ 2。安装软件
mkdir -p /var/src/tar 我们把所有的软件下载到此
cd /var/src/tar
wget http://cr.yp.to/ucspi-tcp/ucspi-tcp-0.88.tar.gz
wget http://shupp.org/software/netqmail-1.05.tar.gz
wget http://shupp.org/patches/qmail-toaster-0.8.patch.bz2
wget http://shupp.org/software/vpopmail-5.4.10.tar.gz
wget http://shupp.org/software/autorespond-2.0.4.tar.gz
wget http://shupp.org/patches/autorespond-2.0.4-2.0.5.patch
wget http://shupp.org/software/qmailadmin-1.2.9.tar.gz
wget http://shupp.org/software/qmailadmin-help-1.0.8.tar.gz
wget http://cr.yp.to/software/ezmlm-0.53.tar.gz
wget http://shupp.org/software/ezmlm-idx-0.443.tar.gz
wget http://shupp.org/software/courier-imap-4.0.6.tar.bz2
wget http://shupp.org/software/courier-authlib-0.58.tar.bz2
wget http://shupp.org/software/squirrelmail-1.4.5.tar.bz2
wget http://shupp.org/software/quota_usage-1.3-1.2.7.tar.gz
wget http://shupp.org/software/toaster-scripts-0.8.tar.gz
tar -xzf tar/netqmail-1.05.tar.gz
cd netqmail-1.05
./collate.sh
daemontools
mkdir -p /package
chmod 1755 /package
cd /package
tar -xpzf /var/src/tar/daemontools-0.76.tar.gz
cd admin/daemontools-0.76
patch -p1 < /var/src/netqmail-1.05/other-patches/daemontools-0.76.errno.patch
package/install
ucspi-tcp
cd /var/src/
tar -xzf tar/ucspi-tcp-0.88.tar.gz
cd ucspi-tcp-0.88
patch -p1 < /var/src/netqmail-1.05/other-patches/ucspi-tcp-0.88.errno.patch
make
make setup check
qmail
mkdir /var/qmail
groupadd nofiles
useradd -g nofiles -d /var/qmail/alias alias
useradd -g nofiles -d /var/qmail qmaild
useradd -g nofiles -d /var/qmail qmaill
useradd -g nofiles -d /var/qmail qmailp
groupadd qmail
useradd -g qmail -d /var/qmail qmailq
useradd -g qmail -d /var/qmail qmailr
useradd -g qmail -d /var/qmail qmails
cd /var/src
tar -xzf tar/toaster-scripts-0.8.tar.gz
cd netqmail-1.05/netqmail-1.05/
ln -s /usr/kerberos/include/com_err.h /usr/kerberos/include/krb5.h /usr/kerberos/include/profile.h /usr/include/
rm /usr/sbin/sendmail
make
make setup check
注意qmail的补丁将在vpopmail安装以后打
打开SPF checking
echo 3 > /var/qmail/control/spfbehavior
cd ~alias; echo "admin@example.com" > .qmail-postmaster ;\
echo "admin@example.com" > .qmail-mailer-daemon ;\
echo "admin@example.com" > .qmail-root )
chmod 644 ~alias/.qmail*
./config-fast full.hostname 你可以填写你实际邮件服务器的域名
修改qmail的man路径
Edit /etc/man.config
Add "MANPATH /var/qmail/man"
相应脚本
cd /var/src
cp toaster-scripts-0.8/rc /var/qmail/rc
chmod 755 /var/qmail/rc
mkdir /var/log/qmail
echo ./Maildir/ >/var/qmail/control/defaultdelivery
cp toaster-scripts-0.8/qmailctl /var/qmail/bin/
chmod 755 /var/qmail/bin/qmailctl
ln -s /var/qmail/bin/qmailctl /usr/bin
ln -s /var/qmail/bin/sendmail /usr/sbin/sendmail
ln -s /var/qmail/bin/sendmail /usr/lib/sendmail
#Now create the supervise directories/scripts for the qmail services:
mkdir -p /var/qmail/supervise/qmail-send/log
mkdir -p /var/qmail/supervise/qmail-smtpd/log
mkdir -p /var/qmail/supervise/qmail-pop3d/log
mkdir -p /var/qmail/supervise/qmail-pop3ds/log
cp /var/src/toaster-scripts-0.8/send.run /var/qmail/supervise/qmail-send/run
cp /var/src/toaster-scripts-0.8/send.log.run /var/qmail/supervise/qmail-send/log/run
cp /var/src/toaster-scripts-0.8/smtpd.run /var/qmail/supervise/qmail-smtpd/run
cp /var/src/toaster-scripts-0.8/smtpd.log.run /var/qmail/supervise/qmail-smtpd/log/run
cp /var/src/toaster-scripts-0.8/pop3d.run /var/qmail/supervise/qmail-pop3d/run
cp /var/src/toaster-scripts-0.8/pop3d.log.run /var/qmail/supervise/qmail-pop3d/log/run
cp /var/src/toaster-scripts-0.8/pop3ds.run /var/qmail/supervise/qmail-pop3ds/run
cp /var/src/toaster-scripts-0.8/pop3ds.log.run /var/qmail/supervise/qmail-pop3ds/log/run
echo 20 > /var/qmail/control/concurrencyincoming
chmod 644 /var/qmail/control/concurrencyincoming
chmod 755 /var/qmail/supervise/qmail-send/run
chmod 755 /var/qmail/supervise/qmail-send/log/run
chmod 755 /var/qmail/supervise/qmail-smtpd/run
chmod 755 /var/qmail/supervise/qmail-smtpd/log/run
chmod 755 /var/qmail/supervise/qmail-pop3d/run
chmod 755 /var/qmail/supervise/qmail-pop3d/log/run
chmod 755 /var/qmail/supervise/qmail-pop3ds/run
chmod 755 /var/qmail/supervise/qmail-pop3ds/log/run
mkdir -p /var/log/qmail/smtpd
mkdir -p /var/log/qmail/pop3d
mkdir -p /var/log/qmail/pop3ds
chown -R qmaill /var/log/qmail
允许daemontools来启动qmail
ln -s /var/qmail/supervise/qmail-send /var/qmail/supervise/qmail-smtpd /service
检测qmail是否安装成功
sleep 5
qmailctl stat
Vpopmail
groupadd -g 89 vchkpw
useradd -u 89 -g vchkpw vpopmail
cd /var/src
tar -xzf tar/vpopmail-5.4.10.tar.gz
cd vpopmail-5.4.10
./configure --enable-logging=v
make
make install-strip
echo '127.:allow,RELAYCLIENT=""' > ~vpopmail/etc/tcp.smtp
cd ~vpopmail/etc
tcprules tcp.smtp.cdb tcp.smtp.tmp < tcp.smtp
安装vpopmail启动脚本
cp ../toaster-scripts-0.8/vpopmailctl /var/qmail/bin/vpopmailctl
chmod 755 /var/qmail/bin/vpopmailctl
ln -s /var/qmail/bin/vpopmailctl /usr/bin
这时候我们可以安装qmail的补丁了
cd /var/src/netqmail-1.05/netqmail-1.05
bunzip2 -c ../../tar/qmail-toaster-0.8.patch.bz2 | patch -p0
make clean
make
qmailctl stop
make setup check
chown -R vpopmail:vchkpw /var/qmail/spam
重启启动qmail
qmailctl start
允许daemontools来启动vpopmail
ln -s /var/qmail/supervise/qmail-pop3d /var/qmail/supervise/qmail-pop3ds /service
检测vpopmail
sleep 5
vpopmailctl stat
测试
添加域:
/home/vpopmail/bin/vadddomain test.com [会让你定义密码]
添加用户:
/home/vpopmail/bin/vadduser -q 6MB user@test.com
然后用outlook测试一下你新建的帐号,就ok了
July 15, 2005
让CBL结合SpamAssassin使用
中国反垃圾邮件联盟的实时黑名单服务(RBL) —— CBL/CDL/CBL+/CBL-相信很多邮件服务器的管理员都在用,在其官方的使用说明中,有关qmail的使用,只是在smtp启动教本设置了使用rbl检查。有个弊端,就是可能误杀正常邮件。我个人认为还是把邮件都收下来(当然你的邮件服务器如果用户俩巨大的话,不用考虑我的情况)然后让邮件都打上“垃圾邮件”的标示,让用户用客户端软件的过虑策略自己去处理。
其实SpamAssassin本身自带rbl的检测,当然你得在local.cf打开skip_rbl_checks ,默认是检查rbl的
skip_rbl_checks 0
然后我们在/usr/share/spamassassin/ 修改20_dnsbl_tests.cf
添加以下语句
# CBL
# URL: http://www.anti-spam.org.cn/
header RCVD_IN_CBL eval:check_rbl('cbl+', 'cblplus.anti-spam.org.cn.')
describe RCVD_IN_CBL Received via a relay in cblplus.anti-spam.org.cn
tflags RCVD_IN_CBL net
ok,重启spamd服务,这样SpamAssassin就可以使用cbl的服务了
注:要使用cbl的服务,还得先去他们的网站进行注册,否则是用不了的
July 14, 2005
SpamAssassin的简单应用
这里我们只讲SpamAssassin的简单应用,就是利用SpamAssassin的规则集把垃圾邮件标注为垃圾邮件,然后在客户端outlook用策略把带有垃圾邮件字符的邮件自动转移到垃圾邮件目录。
参看文章
CCERT中文垃圾邮件过滤规则集
试验环境:redhat9.0
前提条件:已经安装好qmail,本文已经搭建的环境是qmail+vpopmail+igeus
1:安装SpamAssassin
安装方法1:直接通过CPAN安装
perl -MCPAN -e shell
install Mail::SpamAssassin
2:自己编译安装
去http://spamassassin.apache.org下载最新版本的软件
解压后:# perl Makefile.PL
# make
# make install
如果make过程中报错,可以参看此文解决相关问题http://blog.5ilinux.com/archives/2005/07/spamassassin.html
3:配置local.cf文件
# vi /etc/mail/spamassassin/local.cf
# How many hits before a message is considered spam.
required_hits 9.5# Text to prepend to subject if rewrite_subject is used
rewrite_header Subject *****垃圾邮件*****# Encapsulate spam in an attachment
report_safe 1# Enable the Bayes system
use_bayes 1# Enable Bayes auto-learning
bayes_auto_learn 1# Enable or disable network checks
skip_rbl_checks 1
use_razor2 0
use_dcc 0
use_pyzor 0# Mail using languages used in these country codes will not be marked
# as being possibly spam in a foreign language.
ok_languages all# Mail using locales used in these country codes will not be marked
# as being possibly spam in a foreign language.
ok_locales all
关于SpamAssassin的配置文件,可参考SpamAssassin 3.x 配置指南(中文版)
4:下载垃圾邮件中文规则集
wget -N -P /usr/share/spamassassin www.ccert.edu.cn/spam/sa/Chinese_rules.cf
5:qmail和SpamAssassin的结合
在SpamAssassin 3.x 的spamc 目录下编译qmail-spamc
# cc -O -o qmail-spamc qmail-spamc.c
# install -m 755 qmail-spamc /var/qmail/bin
# ln -s /var/qmail/bin/qmail-queue /usr/bin/qmail-queue
编辑 /etc/tcp.smtp 如下
127.:allow,RELAYCLIENT=""
:allow,QMAILQUEUE="/var/qmail/bin/qmail-spamc"
然后:
tcprules tcp.smtp.cdb tcp.smtp.tmp < tcp.smtp
在编译目录spamd目录下
mv redhat-rc-script.sh /etc/rc.d/init.d/spamd
启动spamd
/etc/rc.d/init.d/spamd start
这样SpamAssassin会根据规则集自动判断垃圾邮件,把认为潜在可能的垃圾邮件打上****垃圾邮件****的标,一目了然,至于客户端outlook怎么设置策略自动转移垃圾邮件,就不用我说了吧。
July 12, 2005
安装SpamAssassin遇到问题的解决
编译安装SpamAssassin过程中:
报以下错误
[root@www Mail-SpamAssassin-3.0.4]# perl Makefile.PL
What email address or URL should be used in the suspected-spam report
text for users who want more information on your filter installation?
(In particular, ISPs should change this to a local Postmaster contact)
default text: [the administrator of that system]
Check network rules during 'make test' (test scripts may fail due to
network problems)? (y/n) [n] y
Warning: prerequisite Digest::SHA1 0 not found.
Writing Makefile for Mail::SpamAssassin
Makefile written by ExtUtils::MakeMaker 6.03
[root@www Mail-SpamAssassin-3.0.4]# make
/usr/bin/perl spamc/configure.pl --prefix="/usr" --sysconfdir="/etc/mail/spamassassin" --datadir="/usr/share/spamassassin" --enable-ssl="no"
cd spamc
/usr/bin/perl version.h.pl
version.h.pl: creating version.h
spamc/configure.pl: version.h.pl: Failed to get the version from Mail::SpamAssassin.
Please use the --with-version= switch to specify it manually.
The error was:
version.h.pl: version.h.pl: version.h.pl: version.h.pl: version.h.pl: version.h.pl: version.h.pl: Can't locate Digest/SHA1.pm in @INC (@INC contains: ../lib /usr/lib/perl5/5.8.0/i386-linux-thread-multi /usr/lib/perl5/5.8.0 /usr/lib/perl5/site_perl/5.8.0/i386-linux-thread-multi /usr/lib/perl5/site_perl/5.8.0 /usr/lib/perl5/site_perl /usr/lib/perl5/vendor_perl/5.8.0/i386-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.0 /usr/lib/perl5/vendor_perl .) at ../lib/Mail/SpamAssassin/EvalTests.pm line 33.
BEGIN failed--compilation aborted at ../lib/Mail/SpamAssassin/EvalTests.pm line 33.
Compilation failed in require at ../lib/Mail/SpamAssassin/PerMsgStatus.pm line 56.
BEGIN failed--compilation aborted at ../lib/Mail/SpamAssassin/PerMsgStatus.pm line 56.
Compilation failed in require at ../lib/Mail/SpamAssassin.pm line 74.
BEGIN failed--compilation aborted at ../lib/Mail/SpamAssassin.pm line 74.
Compilation failed in require at version.h.pl line 27.
make: *** [spamc/Makefile] Error 2
解决办法:
根据perl时的错误提示是找不到Warning: prerequisite Digest::SHA1 0 not found.所以我们安装Digest::SHA1
安装后,重新编译,顺利编译SpamAssassin
July 11, 2005
spamassassin的中文垃圾邮件过滤规则集
我想每个邮件服务器的管理员最大的烦恼就是日益增多的垃圾邮件,以前国外报道垃圾邮件怎么怎么影响工作,似乎没怎么感受,好像离的好远,可现在每天上班头一件事就是处理多达好几百的垃圾邮件,已经成为我每天特头疼的事情。
决定这几天对我的qmal邮件系统动刀,解决日益严重的垃圾邮件问题。初步定位为qmail + vpopmail + maildrop + spamassassin 实现邮件过滤的方案。
另外还发现了一份spamassassin的中文垃圾邮件过滤规则集,我想应该会对自己有用。
CCERT反垃圾邮件研究小组利用CCERT所掌握的最新和丰富的样本数据,推出了第一个基于SpamAssassin的中文垃圾邮件过滤规则集Chinese_rules.cf。该规则集每周更新一次,时效性非常好。
Chinese_rules.cf是在SpamAssassin 官方网站上发布的第一个中文垃圾邮件过滤规则集,也是用Google,Yahoo,百度,MSN搜索“中文垃圾邮件过滤”时所返回的第一条结果。
下载Chinese_rules.cf
CCERT中文垃圾邮件解决方案 CCERT-Anti-Spam-Solutions.pdf