2、安装 Cyrus-SASL2

%cd /usr/ports/security/cyrus-sasl2
%make install WITH_AUTHDAEMON=yes

创建 /usr/local/lib/sasl2/smtpd.conf 加入下面的内容
pwcheck_method:authdaemond
log_level:3
mech_list:PLAIN LOGIN
authdaemond_path:/var/run/authdaemond/socket

3、安装Postfix
%cd /usr/ports/mail/postfix
%make install clean
选择SASL2 、TLS、MySQL、VDA ，安装过程中有两个提问，直接按回车，使用系统默认的回答。

%echo postfix: root >> /etc/aliases
%/usr/local/bin/newaliases
%ln -s /usr/local/sbin/sendmail /usr/sbin/sendmail

如果出现ln: /usr/sbin/sendmail: File exists 提示，把/usr/sbin/sendmail改名再链接。

设置postfix 随系统启动

postfix_enable="YES"                  
sendmail_enable="NO"                  
sendmail_submit_enable="NO"           
sendmail_outbound_enable="NO"
sendmail_msp_queue_enable="NO"
创建/etc/periodic.conf 加入下面的内容

daily_clean_hoststat_enable="NO"
daily_status_mail_rejects_enable="NO"
daily_status_include_submit_mailq="NO"
daily_submit_queuerun="NO"
配置/usr/local/etc/postfix/main.cf ,在你安装时，只需要修改####BASE#### 部分即可

%mv main.cf main.cf.bak
这个配置文件已经加入了maildrop的支持

###################BASE##################
myhostname=mail.extmail.org   #机器的名字
mydomain = extmail.org                #你的域名
mydestination = $myhostname
local_recipient_maps =
command_directory = /usr/local/sbin
#local_transport = virtual
smtpd_banner = extmail.org ESMTP Mail System
message_size_limit = 14680064                #邮件大小
#mailbox_size_limit = 512000000
#################MySQL################
virtual_alias_maps =mysql:/usr/local/etc/postfix/mysql_virtual_alias_maps.cf
#virtual_gid_maps = static:125
#virtual_gid_maps = static:1000
virtual_mailbox_base = /home/data/domains  #邮件保存的目录
virtual_mailbox_domains = mysql:/usr/local/etc/postfix/mysql_virtual_domains_maps.cf
#virtual_mailbox_limit = 512000000
virtual_mailbox_maps = mysql:/usr/local/etc/postfix/mysql_virtual_mailbox_maps.cf
#virtual_minimum_uid = 125
#virtual_minimum_uid = 1000
#virtual_transport = virtual
virtual_transport = maildrop:
maildrop_destination_recipient_limit = 1

#virtual_uid_maps = static:125
#virtual_uid_maps = static:1000
################Quota################
virtual_create_maildirsize = yes
virtual_mailbox_extended = yes
virtual_mailbox_limit_maps = mysql:/usr/local/etc/postfix/mysql_virtual_mailbox_limit_maps.cf
virtual_mailbox_limit_override = yes
virtual_maildir_limit_message = Sorry,the user's Maildir has overdrawn his diskspace quota ,please tray again later.
virtual_overquota_bounce = yes

##############SASL####################
smtpd_sasl_auth_enable = yes
smtpd_sasl2_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes

smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
reject_unauth_pipelining,
reject_invalid_hostname,

reject_rbl_client cbl.anti-spam.org.cn                        #CBL 服务器 具体请看anti-spam.org.cn
#注意上面几行前面是有空格的。


readme_directory = no
sample_directory = /usr/local/etc/postfix
sendmail_path = /usr/local/sbin/sendmail
html_directory = no
setgid_group = maildrop
manpage_directory = /usr/local/man
daemon_directory = /usr/local/libexec/postfix
newaliases_path = /usr/local/bin/newaliases
mailq_path = /usr/local/bin/mailq
queue_directory = /var/spool/postfix
mail_owner = postfix

以下四个文件在extman 软件包Docs 目录里，使用时，直接复制到/usr/local/etc/postfix 目录即可。

mysql_virtual_alias_maps.cf

user = extmail
password = extmail
hosts = localhost
dbname = extmail
table = alias
select_field = goto
where_field = address
additional_conditions = AND active = '1'

mysql_virtual_domains_maps.cf

user = extmail
password = extmail
hosts = localhost
dbname = extmail
table = domain
select_field = description
where_field = domain
additional_conditions = AND active = '1'

mysql_virtual_mailbox_maps.cf

user = extmail
password = extmail
hosts = localhost
dbname = extmail
table = mailbox
select_field = maildir
where_field = username
additional_conditions = AND active = '1'

mysql_virtual_mailbox_limit_maps.cf

user = extmail
password = extmail
hosts = localhost
dbname = extmail
table = mailbox
select_field = quota
where_field = username
additional_conditions = AND active = '1'
至此postfix 基本设置完成，但还不能收发邮件。

4、安装maildrop
我们在设置邮件服务器时MTA 部分还是使用posfix 本身的帐户进行处理邮件，由于maildrop 不能和postfix 与同一用户身份处理邮件，所以我们新开一个用户用户maildrop 处理。

添加vgroup

pw groupadd vgroup -g 1000
添加vuser

%pw useradd vuser -g 1000 -u 1000 -s /sbin/nologin -d /sbin/nologin -c "virtual mail user"
安装maildrop,记得要把WITH_AUTHLIB=yes 加上

%cd /usr/ports/mail/maildrop
%make install WITH_AUTHLIB=yes
选择AUTH_MYSQL

        lqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqk
               x                    Options for maildrop 2.0.1                      x  
               x lqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqk x  
               x x            [ ] AUTH_LDAP    LDAP support                       x x  
               x x            [X] AUTH_MYSQL   MySQL support                      x x  
               x x            [ ] AUTH_PGSQL   PostgreSQL support                 x x  
               x x            [ ] AUTH_USERDB  Userdb support                     x x  
               x x            [ ] AUTH_VCHKPW  Vpopmail/vchkpw support            x x  
修改/usr/local/etc/postfix/master.cf ,把maildrop 原先已有的记录注译（即删除旧记录），加上下面的内容

maildrop unix -     n     n     -     -     pipe
  flags=DRhu user=vuser argv=/usr/local/bin/maildrop -d ${user}@${nexthop} ${recipient} ${user} ${extension} ${nexthop}

设置邮件存储目录

%mkdir -p /home/data/domains/extmail.org/test
%/usr/local/bin/maildirmake /home/data/domains/extmail.org/test/Maildir
%chown -R 1000:1000 domains/


至此，我们的邮件系统基础部分已经安装完成了。重启系统，开始进行测试。

六、测试系统
1、测试maildrop 是否正常
建议进入系统后去检查/etc/rc.conf 中的服务是否正常。

注意邮件系统用户名格式是：user@domain.ltd ，是支持多域的，和平时用的有点不一样。

用SecureCRT 新开 二个窗口，其中一个用于输入命令，一个查看maillog

%tail -f /var/log/maillog
观察下面的操作,证明maildrop 已投递正常

%echo "test" | maildrop -V 10 -d test@extmail.org
maildrop: authlib: groupid=1000
maildrop: authlib: userid=1000
maildrop: authlib: logname=test@extmail.org, home=/home/data/domains/extmail.org/test, mail=/home/data/domains/extmail.org/test/Maildir/
maildrop: Changing to /home/data/domains/extmail.org/test
Message start at 0 bytes, envelope sender=test@extmail.org
maildrop: Attempting .mailfilter
WARN: quota string '5242880' not parseable
maildrop: Delivery complete.
maillog 将会有如下显示

Mar 10 14:39:58 mail authdaemond: Authenticated: sysusername=, sysuserid=1000, sysgroupid=1000,
homedir=/home/data/domains/extmail.org/test, address=test@extmail.org, fullname=Test user,
maildir=/home/data/domains/extmail.org/test/Maildir/, quota=5242880, options=
Mar 10 14:39:58 mail authdaemond: Authenticated: clearpasswd=, passwd={crypt}uywiuN.XggXXc

2、测试postfix
由于在发信认证时使用的是BASE64 编码，所以要把用户名和密码转BASE64 格式，在此前需要安装 p5-MIME-BASE64

%cd /usr/ports/converters/p5-MIME-Base64/
%make install
测试用户test@extmail.org 密码 test

%perl -MMIME::Base64 -e 'print encode_base64("test\@extmail.org";'                  
dGVzdEBleHRtYWlsLm9yZw==
%perl -MMIME::Base64 -e 'print encode_base64("test";'      
dGVzdA==
看下面的测试过程

%telnet localhost 25
Trying ::1...
telnet: connect to address ::1: Connection refused
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 sharesky.cn ESMTP Mail System
ehlo test.com
250-mail.extmail.org
250-PIPELINING
250-SIZE 14680064
250-VRFY
250-ETRN
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250 8BITMIME
auth login
334 VXNlcm5hbWU6
dGVzdEBleHRtYWlsLm9yZw==
334 UGFzc3dvcmQ6
dGVzdA==
235 Authentication successful
mail from:<test@test.com>
250 Ok
rcpt to:<test@extmail.org>
250 Ok
data
354 End data with .
this is a test.
.
250 Ok: queued as 23CEE5C38
quit
221 Bye
Connection closed by foreign host.

下面是系统所产生的maillog

Mar 10 14:47:45 mail postfix/smtpd[1090]: connect from localhost[127.0.0.1]
Mar 10 14:47:57 mail authdaemond: Authenticated: sysusername=<null>, sysuserid=1000, sysgroupid=1000, homedir=/home/data/domains/extmail.org/test,
address=test@extmail.org, fullname=Test user, maildir=/home/data/domains/extmail.org/test/Maildir/, quota=5242880, options=
Mar 10 14:47:57 mail authdaemond: Authenticated: clearpasswd=test, passwd={crypt}uywiuN.XggXXc
Mar 10 14:48:13 mail postfix/smtpd[1090]: 23CEE5C38: client=localhost[127.0.0.1], sasl_method=login, sasl_username=test@extmail.org
Mar 10 14:48:18 mail postfix/cleanup[1135]: 23CEE5C38: message-id=<20060310144813.23CEE5C38@mail.extmail.org>
Mar 10 14:48:18 mail postfix/qmgr[669]: 23CEE5C38: from=<test@test.com>, size=341, nrcpt=1 (queue active)
Mar 10 14:48:19 mail authdaemond: Authenticated: sysusername=, sysuserid=1000, sysgroupid=1000, homedir=/home/data/domains/extmail.org/test,
address=test@extmail.org, fullname=Test user, maildir=/home/data/domains/extmail.org/test/Maildir/, quota=5242880, options=
Mar 10 14:48:19 mail authdaemond: Authenticated: clearpasswd=, passwd={crypt}uywiuN.XggXXc
Mar 10 14:48:19 mail postfix/pipe[1136]: 23CEE5C38: to=<test@extmail.org>, relay=maildrop, delay=14, status=sent (extmail.org)
Mar 10 14:48:19 mail postfix/qmgr[669]: 23CEE5C38: removed
Mar 10 14:48:20 mail postfix/smtpd[1090]: disconnect from localhost[127.0.0.1]

测试pop3收邮件

%telnet localhost 110
Trying ::1...
telnet: connect to address ::1: Connection refused
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
+OK Hello there.
user test@extmail.org
+OK Password required.
pass test
+OK logged in.
list
+OK POP3 clients that break here, they violate STD53.
1 6
2 403
.

retr 1
+OK 6 octets follow.
test
.
retr 2
+OK 403 octets follow.
Return-Path: <test@test.com>
Delivered-To: test@extmail.org
Received: from test.com (localhost [127.0.0.1])
        by mail.extmail.org (Postfix) with ESMTP id 23CEE5C38
        for <test@extmail.org>; Fri, 10 Mar 2006 14:48:05 +0000 (UTC)
Message-Id: <20060310144813.23CEE5C38@mail.extmail.org>
Date: Fri, 10 Mar 2006 14:48:05 +0000 (UTC)
From: test@test.com
To: undisclosed-recipients:;

this is a test.
.

quit
+OK Bye-bye.
Connection closed by foreign host.
所产生的maillog

Mar 10 16:17:56 mail authdaemond: Authenticated: sysusername=, sysuserid=1000, sysgroupid=1000, homedir=/home/data/domains/extmail.org/test, address=test@extmail.org, fullname=Test user, maildir=/home/data/domains/extmail.org/test/Maildir/, quota=5242880, options=
Mar 10 16:17:56 mail authdaemond: Authenticated: clearpasswd=test, passwd={crypt}uywiuN.XggXXc
Mar 10 16:17:57 mail pop3d: LOGIN, user=test@extmail.org, ip=[127.0.0.1]
Mar 10 16:18:15 mail pop3d: LOGOUT, user=test@extmail.org, ip=[127.0.0.1], top=0, retr=397, time=18

至此，我们已经成功安装了一个邮件系统，下面我们再去增加内容过滤和反垃圾邮件部分还成web部分，成功已经离我们不远了，鼓起干劲，冲啊~~！~！~！~~~RUSH...

七、安装反垃圾邮件
1、安装amavisd-new
内容过滤我们采用了amavisd-new ，主要考滤到amavsid-new 配置方便，当然你也可以使用mailscanner，还是那一句，咸鱼白菜，各有所好。

%cd /usr/ports/security/amavisd-new/
%make install clean
只选择MYSQL

在安装Amavisd-new 时，系统会自动把Spamassassin 装上去

               lqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqk
               x             Options for p5-Mail-SpamAssassin 3.1.0_6               x  
               x lqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqk x  
               x x   [X] AS_ROOT        Run spamd as root (recommended)           x x  
               x x   [ ] DOMAINKEYS     DomainKeys support                        x x  
               x x   [X] SSL            Build with SSL support for spamd/spamc    x x  
               x x   [X] MYSQL          Add MySQL support                         x x  
               x x   [ ] PGSQL          Add PostreSQL support                     x x  
               x x   [ ] RAZOR          Add Vipul's Razor support                 x x  
               x x   [ ] SPF_QUERY      Add SPF query support                     x x  
               x x   [ ] RELAY_COUNTRY  Relay country support                     x x  
               x x   [X] TOOLS          Install SpamAssassin tools                x x  
在/etc/rc.conf 加入下面的内容

amavisd_enable="YES"
spamd_enable="YES"
修改 /usr/local/etc/amavisd.conf

$mydomain = 'extmail.org';
垃圾邮件病毒通知

$virus_admin               = "postmaster\@$mydomain";  # notifications recip.
$mailfrom_notify_admin     = "postmaster\@$mydomain";  # notifications sender
$mailfrom_notify_recip     = "postmaster\@$mydomain";  # notifications sender
$mailfrom_notify_spamadmin = "postmaster\@$mydomain"; # notifications sender
$mailfrom_to_quarantine = ''; # null return path; uses original sender if undef
去除对附件的转换

$banned_filename_re = new_RE(
#把中间的内容全部加上#
);

加入对Clamav 的支持

# ### http://www.clamav.net/
['ClamAV-clamd',
   \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd"],
   qr/\bOK$/, qr/\bFOUND$/,
   qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
在/usr/local/etc/postfix/main.cf 加入

content_filter = smtp-amavis:[127.0.0.1]:10024

在/usr/local/etc/postfix/master.cf 加入

smtp-amavis unix -   -   n     -       2  smtp
        -o smtp_data_done_timeout=1200
        -o disable_dns_lookups=yes
                                                                                 
127.0.0.1:10025 inet n -       n       -       -  smtpd
        -o content_filter=
        -o local_recipient_maps=
        -o relay_recipient_maps=
        -o smtpd_restriction_classes=
        -o smtpd_client_restrictions=
        -o smtpd_helo_restrictions=
        -o smtpd_sender_restrictions=
        -o smtpd_recipient_restrictions=permit_mynetworks,reject
        -o mynetworks=127.0.0.0/8

重启postfix

%/usr/local/etc/rc.d/postfix.sh restart
postfix/postfix-script: stopping the Postfix mail system
postfix/postfix-script: starting the Postfix mail system
对于Spamassassin 配置文件/usr/local/etc/mail/spamassassin/local.cf 请参考

http://spamassassin.apache.org/

# SpamAssassin config file for version 3.x
# NOTE: NOT COMPATIBLE WITH VERSIONS 2.5 or 2.6
# See http://www.yrex.com/spam/spamconfig25.php for earlier versions
# Generated by http://www.yrex.com/spam/spamconfig.php (version 1.50)

# How many hits before a message is considered spam.
required_score           5.0

# Encapsulate spam in an attachment (0=no, 1=yes, 2=safe)
report_safe             1

# Enable the Bayes system
use_bayes               1

# Enable Bayes auto-learning
bayes_auto_learn              1

# Enable or disable network checks
skip_rbl_checks         0
use_razor2              1
use_dcc                 1
use_pyzor               1

# Mail using languages used in these country codes will not be marked
# as being possibly spam in a foreign language.
ok_languages            all

# Mail using locales used in these country codes will not be marked
# as being possibly spam in a foreign language.
ok_locales              all