1410.html

著名的linux英雄站点的文档打包

# If you set RELAYCLIENT="", this means that the listed IP range is<br>
# allowed to relay mail through our server<br>
#<br>
# If you dont set RELAYCLIENT="", this means that the listed IP range<br>
# will not be able to relay mail through our server<br>
#<br>
# If you set RBLSMTPD="", this means that the listed IP ranges will<br>
# not be checked against any of the RBL databases<br>
#<br>
# If you set RBLSMTPD="some text here", this means that an RBL lookup<br>
# wont be performed, but the mail will be rejected with the specified<br>
# text as a 4xx temp error message<br>
#<br>
# If you set RBLSMTPD="-some text here", this means that an RBL lookup<br>
# wont be performed, but the mail will be rejected with the specified<br>
# text as a 5xx perm error message<br>
#<br>
# If you do not set RBLSMTPD="" or ="some text", then an RBL lookup<br>
# will be performed. If the lookup is successful, then RBLSMTPD will<br>
# return your custom error message (as specified in the -r parameter<br>
# in smtpd supervise script)<br>
#-----------------------------------------------------<br>
# HERE ARE THE RULES :<br>
#----------------------------------------------------------------<br>
# local class-c's allowed to relay WITHOUT RBL checking<br>
123.123.123.:allow,RELAYCLIENT="",RBLSMTPD=""<br>
123.111.111.:allow,RELAYCLIENT="",RBLSMTPD=""<br>
#----------------------------------------------------------------<br>
# these ips are ones that we have setup so that they arent RBL checked<br>
# usually because we have spoken with the owners of the mail server<br>
# in question and for one reason or another they cannot update their<br>
# config, and we still want to be able to receive mail from them.<br>
#<br>
# reminder text goes here for this entry so we know the story...<br>
111.111.111.:allow,RBLSMTPD=""<br>
# reminder text goes here for this entry so we know the story...<br>
222.222.222.222:allow,RBLSMTPD=""<br>
#-----------------------------------------------------------------<br>
# mailXX.offermail.net connecting regularly and sending invalid<br>
# format messages causing exit with status 256 (bare linefeed normally)<br>
# entry added 15/12/2001<br>
# after looking at the mail coming from these servers it was found to be spam<br>
216.242.75.100-116:allow,RBLSMTPD="-Connections from this IP have been banned."<br>
#<br>
#-----------------------------------------------------------------<br>
# heaps of spam from replyto of *@freeamateurhotties.com dec2001<br>
64.228.127.:allow,RBLSMTPD="-Connections refused due to spam from freeamateurhotties.com"<br>
154.20.94.:allow,RBLSMTPD="-Connections refused due to spam from freeamateurhotties.com"<br>
154.20.96.:allow,RBLSMTPD="-Connections refused due to spam from freeamateurhotties.com"<br>
154.20.97.:allow,RBLSMTPD="-Connections refused due to spam from freeamateurhotties.com"<br>
154.20.98.:allow,RBLSMTPD="-Connections refused due to spam from freeamateurhotties.com"<br>
209.151.132.:allow,RBLSMTPD="-Connections refused due to spam from freeamateurhotties.com"<br>
209.151.131.:allow,RBLSMTPD="-Connections refused due to spam from freeamateurhotties.com"<br>
216.18.85.:allow,RBLSMTPD="-Connections refused due to spam from freeamateurhotties.com"<br>
#-----------------------------------------------------------------<br>
# himailer spam 15/7/02<br>
61.230.72-75.:allow,RBLSMTPD="-Connections refused due to spam from HiMailer.com"<br>
#<br>
#-----------------------------------------------------------------<br>
# Allow connections from localhost,<br>
# allow relay (cause the WebMail server runs on localhost),<br>
# and dont do RBL lookup<br>
127.0.0.1:allow,RELAYCLIENT="",RBLSMTPD=""<br>
#-----------------------------------------------------------------<br>
# Everyone else can make connections to our server, but not allowed to relay<br>
# RBL lookups are performed<br>
:allow<br>
<br>
接下来配置 /home/vpopmail/etc/tcp.pop3 文件，这个文件控制允许存取 pop3<br>
服务的机器，在有人攻击 pop3 服务器的时候，可以用这个文件阻止攻击者的 IP 地址。<br>
<br>
vi /home/vpopmail/etc/tcp.pop3<br>
# Allow any client to connect to us via POP3<br>
# If people are abusing POP3 such as denial-of-service on POP3,<br>
# you can add their ips here to block them out<br>
:allow<br>
<br>
# 然后重新建立 /home/vpopmail/etc/tcp.smtp 以及 /home/vpopmail/etc/tcp.pop3 的数据库文件<br>
qmailctl cdb （需要修改脚本 qmailctl 的脚本，cdb 那段的目录修改为 /home/vpopmail ）<br>
<br>
假定你已经删除机器上原来安装的 sendmail 或者 postfix 之类的程序，然后：<br>
<br>
ln -s /var/qmail/bin/sendmail /usr/lib<br>
ln -s /var/qmail/bin/sendmail /usr/sbin<br>
<br>
# 把 postmaster@abc.com 作为弹回邮件的发送者。<br>
echo 'postmaster' &gt; /var/qmail/control/bouncefrom<br>
<br>
# 让 qmail 发送两次弹回的邮件给 doublebounce@abc.com<br>
echo 'doublebounce' &gt; /var/qmail/control/doublebounceto<br>
echo 'abc.com' &gt; /var/qmail/control/doublebouncehost<br>
<br>
<br>
# 如果需要丢弃两次弹回的邮件，就采用：<br>
echo '#' &gt; ~alias/.qmail-doublebounce<br>
# 把邮件最大设为 20MB。<br>
echo '20480000' &gt; /var/qmail/control/databytes<br>
# 邮件队列最多等待 4天。<br>
echo '345600' &gt; /var/qmail/control/queuelifetime<br>
<br>
qmailctl restart 我们可以用 telnet localhost 25 和 110 来分别测试服务运行的情况了。<br>
<br>
四、安装 Vpopmail<br>
<br>
groupadd -g 89 vchkpw<br>
useradd -g vchkpw -u 89 vpopmail<br>
cd /usr/local/src<br>
tar xzf $QM_GZDIR/vpopmail-5.3.20.tar.gz<br>
cd vpopmail-5.3.20<br>
chmod 600 vmysql.h<br>
vi vmysql.h<br>
#define MYSQL_UPDATE_USER "vpopmailuser"<br>
#define MYSQL_UPDATE_PASSWD "vpoppasswd"<br>
#define MYSQL_READ_USER "vpopmailuser"<br>
#define MYSQL_READ_PASSWD "vpoppasswd"<br>
<br>
修改为适合自己的用户名和口令。<br>
在 MySQL 上建立数据库 vpopmail ，并用<br>
grant 命令给以上的用户名和口令赋权限。<br>
<br>
配置命令：<br>
./configure --enable-mysql=y --enable-roaming-users=y --enable-mysql-logging=y --enable-clear-passwd=y <br>
--enable-default-domain=yourdomain.com --enable-defaultquota=50M <br>
--enable-incdir=/opt/mysql/include/mysql --enable-libdir=/opt/mysql/lib/mysql<br>
<br>
make<br>
make install-strip<br>
<br>
vi /home/vpopmail/domains/.quotawarn.msg<br>
可以建立磁盘限额报警信息。<br>
<br>
也可以提醒发件人，收件人的磁盘已满：<br>
echo "Message rejected. Not enough storage space in user's mailbox to accept message." &gt; /home/vpopmail/domains/.over-quota.msg<br>
<br>
五、安装 COURIER IMAP<br>
cd /usr/local/src<br>
tar xjf $QM_GZDIR/courier-imap-1.7.3.tar.bz2<br>
cd courier-imap-1.7.3<br>
vi maildir/maildirpurgetmp.c<br>
<br>
在大约 64 行，把<br>
&& stat_buf.st_ctime &lt; current_time - nage)<br>
修改为：<br>
&& stat_buf.st_mtime &lt; current_time - nage)<br>
<br>
主要解决 IMAP 文件夹同步等按邮件到达时间还是按修改时间的问题。<br>
<br>
./configure <br>
--disable-root-check <br>
--without-authdaemon <br>
--with-authvchkpw<br>
<br>
（这一步会花比较长的时间，请耐心等候）<br>
make<br>
// make check ； 用于检查错误 --enable-workarounds-for-imap-client-bugs<br>
make install-strip<br>
make install-configure<br>
<br>
vi /usr/lib/courier-imap/etc/imapd<br>
（注意是 /usr/lib 不是 /usr/local 有的文档写 /usr/local 是不对的）<br>
<br>
设置或者修改如下参数：<br>
<br>
MAXDAEMONS=40 &lt;- IMAP 服务的最多数目<br>
MAXPERIP=100 &lt;- 每个 IP 地址允许的最多连接数<br>
TCPDOPTS="-nodnslookup -noidentlookup -user=vpopmail -group=vchkpw" &lt;-用指定的用户和组运行 IMAP 服务<br>
AUTHMODULES="authvchkpw" &lt;-用 authvchkpw 作口令认证<br>
IMAP_EMPTYTRASH=Trash:7,Sent:30 &lt;-垃圾箱中的邮件7天后自动删除，已发送邮件 30 天。<br>
IMAPDSTART=YES 设置 imapd 为启动。<br>
<br>
vi /usr/lib/courier-imap/libexec/imapd.rc<br>
修改：<br>
/usr/lib/courier-imap/libexec/couriertcpd -address=$ADDRESS <br>
为：<br>
/usr/lib/courier-imap/libexec/couriertcpd -address=$ADDRESS <br>
-user=vpopmail -group=vchkpw<br>
<br>
六、测试<br>
<br>
测试 POP3 服务：<br>
<br>
telnet localhost 110<br>
Trying 127.0.0.1...<br>
Connected to localhost.localdomain.<br>
Escape character is '^]'.<br>
+OK Hello there.<br>
user user@abc.com<br>
+OK Password required.<br>
pass [password]<br>
+OK logged in.<br>
quit<br>
+OK Bye-bye.<br>
Connection closed by foreign host.<br>
<br>
测试 IMAP 服务：<br>
<br>
telnet localhost 143<br>
<br>
Trying 127.0.0.1...<br>
Connected to localhost.localdomain.<br>
Escape character is '^]'.<br>
* OK Courier-IMAP ready. Copyright 1998-2001 Double Precision, Inc. See COPYING for distribution information.<br>
a001 login user@abc.com [password]<br>
a001 OK LOGIN Ok.<br>
a001 logout<br>
* BYE Courier-IMAP server shutting down<br>
a001 OK LOGOUT completed<br>
Connection closed by foreign host.<br>
<br>
如果不能退出用 Ctrl-] 退出到 telnet&gt; 状态,然后 quit 退出。<br>
<br>
七、安装 Squirrelmail<br>
<br>
cd /usr/local/apache/htdocs<br>