postfix+dovecot+roundcube webmail+postfixadmin搭建邮件系统

常见错误，如果telnet localhost 25提示
fatal: no SASL authentication mechanisms
postfix/master[25461]: warning: process /usr/libexec/postfix/smtpd pid 25799 exit status 1
postfix/master[25461]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling
安装sasl的包，关闭selinux，建立软链接
ln -s /usr/local/lib/sasl2 /usr/lib/sasl2
如果提示 无法保存密码，没有加密，记得修改
$rcmail_config['password_dovecotpw'] = '/usr/bin/doveadm pw';

php修改php.ini里的配置文件以限制上传文件大小
如果使用了nginx，也需要更改nginx里的配置文件

注意点。
1:关闭selinux
2:注意/var/lib/php/session的属组是不是vmail。默认为apache
3:注意安装sasl的所有包包括 python-saslwrapper，cyrus-sasl*
4:注意安装dovecot的包，不然可能提示不能找到mysql的驱动
5:如果他说管理邮箱不是有效的邮箱，可以更改main.cf里的email_check改成NO,后果未知

一.安装配置LAMP
①.下载并安装yum源
(1).163的yum源
(2).rpmforge软件仓库
1 [root@mail ~]# wget https://www.wendangku.net/doc/9a565198.html,/.help/CentOS6-Base-163.repo
2 [root@mail ~]# wget https://www.wendangku.net/doc/9a565198.html,/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm
3 备份原来的源，将163的源放到/etc/yum.repos.d里
4 rpm -ivh rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm
5 yum clean all && yum update
②创建一个vmail用户，用作管理虚拟邮箱的文件夹
useradd -u 2000 -d /home/vmail -m -s /sbin/nologin vmail
③安装并配置LAMP环境
1 yum -y install httpd mysql mysql-devel mysql-server php php-pecl-Fileinfo php-mcrypt php-devel php-mysql php-common php-mbstring php-gd php-imap php-ldap php-odbc php-pear php-xml php-xmlrpc pcre pcre-devel
2 整合Apache与PHP
[root@mail ~]# vim /etc/httpd/conf/httpd.conf
#增加下面现行
AddType application/x-httpd-php .php #apache解析php程序
PHPIniDir "/etc/php.ini" #指定php.ini配置文件路径
#修改这一行增加index.php
DirectoryIndex index.php index.html index.html.var
#修改apache运行的用户和组,原来默认是apache
User vmail
Group vmail
增加ServerName localhost:80
vim /var/www/html/index.php
phpinfo();
?>
启动httpd service httpd start 能看到php的info
二.安装配置postfixadmin
1 下载postfixadmin
wget https://www.wendangku.net/doc/9a565198.html,/project/postfixadmin/postfixadmin/postfixadmin-2.3.6/postfixadmin-2.3.6.tar.gz
解压缩并放入 /var/www/html里。改为postfixadmin
修改配置文件
root@mail html]# cd postfixadmin/
#修改前先备份一下配置文件
[root@mail postfixadmin]# cp config.inc.php config.inc.php.bak
[root@mail postfixadmin]# cp setup.php setup.php.bak
[root@mail postfixadmin]# vim config.inc.php
#找到下面几行并修改
$CONF['configured'] = true;
$CONF['database_type'] = 'mysql';
$CONF['database_host'] = 'localhost';
$CONF['database_user'] = 'postfix';
$CONF['data

base_password'] = 'postfix';
$CONF['database_name'] = 'postfix';
$CONF['admin_email'] = 'postmaster@https://www.wendangku.net/doc/9a565198.html,';
$CONF['encrypt'] = 'dovecot:CRAM-MD5';
$CONF['dovecotpw'] = "/usr/bin/doveadm pw";
$CONF['domain_path'] = 'YES';
$CONF['domain_in_mailbox'] = 'NO';
$CONF['aliases'] = '1000';
$CONF['mailboxes'] = '1000';
$CONF['maxquota'] = '1000';
$CONF['fetchmail'] = 'NO';
$CONF['quota'] = 'YES';
$CONF['used_quotas'] = 'YES';
$CONF['new_quota_table'] = 'YES';
为postfixadmin创建Mysql数据库与权限
service mysqld start
mysqadmin -uroot password root #给root用户增加密码
mysql -uroot -proot
mysql>CREATE USER 'postfix'@'localhost' IDENTIFIED BY 'cdeadmin';
切换到root
mysql>grant all on postfix.* to postfix@'localhost' identified by 'cdeadmin';
mysql> flush privileges;
mysql>grant all on postfix.* to postfix@'%' identified by 'cdeadmin';
修改所有者与所有组
chown -R vmail.vmail postfixadmin/
然后可以打开内部IP/postfixadmin/setup.php进行配置
如果提示can't encrypt password with dovecotpw, see error log for details
原因是因为postfixadmin中config.inc.php
// If you use the dovecot encryption method: where is the dovecotpw binary located?
$CONF['dovecotpw'] = "/usr/sbin/dovecotpw";

已经变成了
$CONF['dovecotpw'] = "/usr/bin/doveadm pw";
然后增加管理员成功后，进入ip/postfixadmin/login.php用创建的账号登陆。
如果出现404，修改/var/lib/php/session目录的权限，改为vmail:vmail

三 配置postfix邮件发送代理
注：Postfix用CentOS6.4系统自带的，因为CentOS6.4里面的postfix包已经支持mysql
1.查看postfix版本
1
2
[root@mail postfixadmin]# rpm -qa | grep postfix
postfix-2.6.6-2.2.el6_1.x86_64
2.配置postfix
[root@mail ~]# vim /etc/postfix/main.cf

#基本配置
myhostname = https://www.wendangku.net/doc/9a565198.html,
mydomain = https://www.wendangku.net/doc/9a565198.html,
myorigin = $mydomain
inet_interfaces = all
mynetworks_style = host
mynetworks = 192.168.18/24, 127.0.0.0/8
#虚拟域名配置
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
# Additional for quota support
virtual_create_maildirsize = yes
virtual_mailbox_extended = yes
virtual_mailbox_limit_maps = mysql:/etc/postfix/mysql_virtual_mailbox_limit_maps.cf
virtual_mailbox_limit_override = yes
virtual_maildir_limit_message = Sorry, this user has exceeded their disk space quota, please try again later.
virtual_overquota_bounce = yes
#Specify the user/group that owns the mail folders. I'm not sure if this is strictly necessary when using Dovecot's LDA.
virtual_uid_maps = static:2000
virtual_gid_maps = static:2000
#Specifies which tables proxymap can read: https://www.wendangku.net/doc/9a565198.html,/postconf.5.html#proxy_read_maps
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mail

box_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps
[root@mail ~]# postconf #检查配置文件是否有错误
3.创建Mysql脚本(注意用户名和密码、DBNAME,我这里全是postfix)
(1).创建/etc/postfix/mysql_virtual_domains_maps.cf文件
[root@mail ~]# vim /etc/postfix/mysql_virtual_domains_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
query = SELECT domain FROM domain WHERE domain='%s' AND active = '1'
#optional query to use when relaying for backup MX
#query = SELECT domain FROM domain WHERE domain='%s' AND backupmx = '0' AND active = '1'
(2).创建/etc/postfix/mysql_virtual_alias_maps.cf文件
[root@mail ~]# vim /etc/postfix/mysql_virtual_alias_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
query = SELECT goto FROM alias WHERE address='%s' AND active = '1'
(3).创建/etc/postfix/mysql_virtual_mailbox_maps.cf文件
[root@mail ~]# vim /etc/postfix/mysql_virtual_mailbox_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
query = SELECT CONCAT(domain,'/',maildir) FROM mailbox WHERE username='%s' AND active = '1'
(4).创建/etc/postfix/mysql_virtual_mailbox_limit_maps.cf文件
[root@mail ~]# vim /etc/postfix/mysql_virtual_mailbox_limit_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
query = SELECT quota FROM mailbox WHERE username='%s' AND active = '1'
4.SMTP 认证设定
(1).查看postfix支持的认证，默认支持dovecot
[root@mail ~]# postconf -a
cyrus
dovecot
(2).修改/etc/postfix/main.cf配置文件
[root@mail ~]#vim /etc/postfix/main.cf
#SASL SUPPORT FOR CLIENTS
# Turns on sasl authorization
smtpd_sasl_auth_enable = yes
#Use dovecot for authentication
smtpd_sasl_type = dovecot
# Path to UNIX socket for SASL
smtpd_sasl_path = /var/run/dovecot/auth-client
#Disable anonymous login. We don't want to run an open relay for spammers.
smtpd_sasl_security_options = noanonymous
#Adds support for email software that doesn't follow RFC 4954.
#This includes most versions of Microsoft Outlook before 2007.
broken_sasl_auth_clients = yes
#
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination
5.使用Dovecot做为投递
[root@mail ~]# vim /etc/postfix/main.cf
# TRANSPORT MAP
virtual_transport = dovecot
dovecot_destination_recipient_limit = 1
#修改master.cf文件
[root@mail ~]# vim /etc/postfix/master.cf
#在最后增加这两行,注意flags前面有两个空格，不然会报错
dovecot unix - n n - - pipe，
flags=DRhu user=vmail:vmail argv=/usr/libexec/dovecot/dovecot-lda -f ${sender} -d ${recipient}
九、安装并配置dovecot邮件检索代理
说明：dovecot 1.X 与 dovecot 2.X配置文件的区别，1.X所以的配置都

在同文件中而2.X是多个文件存放的（/etc/dovecot/dovecot.conf 和 /etc/dovecot/conf.d/），所有2.X配置文件比较分散，我把需要修改的配置文件的内容列出来
1.修改dovecot配置文件
(1).修改/etc/dovecot/dovecot.conf #主配置文件
[root@mail ~]# vim /etc/dovecot/dovecot.conf
protocols = imap pop3
listen = *
dict {
quota = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext
}
!include conf.d/*.conf
(2).修改/etc/dovecot/conf.d/10-auth.conf
[root@mail ~]# vim /etc/dovecot/conf.d/10-auth.conf
disable_plaintext_auth = no
auth_mechanisms = plain login cram-md5
!include auth-sql.conf.ext
(3).修改/etc/dovecot/conf.d/10-mail.conf
[root@mail ~]# vim /etc/dovecot/conf.d/10-mail.conf
mail_location = maildir:%hMaildir
mbox_write_locks = fcntl
(4).修改/etc/dovecot/conf.d/10-master.conf
[root@mail ~]# vim /etc/dovecot/conf.d/10-master.conf
service imap-login {
inet_listener imap {
}
inet_listener imaps {
}
}
service pop3-login {
inet_listener pop3 {
}
inet_listener pop3s {
}
}
service lmtp {
unix_listener lmtp {
}
}
service imap {
}
service pop3 {
}
service auth {
unix_listener auth-userdb {
mode = 0600
user = vmail
group = vmail
}
#新加下面一段，为smtp做认证
unix_listener auth-client {
mode = 0600
user = postfix
group = postfix
}
}
service auth-worker {
}
service dict {
unix_listener dict {
mode = 0600
user = vmail
group = vmail
}
}
(5).修改/etc/dovecot/conf.d/15-lda.conf
1
2
3
4
5
[root@mail ~]# vim /etc/dovecot/conf.d/15-lda.conf
protocol lda {
mail_plugins = quota
postmaster_address = postmaster@https://www.wendangku.net/doc/9a565198.html, #管理员邮箱
}
(6).修改/etc/dovecot/conf.d/20-imap.conf
1
2
3
4
[root@mail ~]# vim /etc/dovecot/conf.d/20-imap.conf
protocol imap {
mail_plugins = quota imap_quota
}
(7).修改/etc/dovecot/conf.d/20-pop3.conf
1
2
3
4
5
[root@mail ~]# vim /etc/dovecot/conf.d/20-pop3.conf
protocol pop3 {
pop3_uidl_format = %08Xu%08Xv
mail_plugins = quota
}
(8).修改/etc/dovecot/conf.d/90-quota.conf
[root@mail ~]# vim /etc/dovecot/conf.d/90-quota.conf
plugin {
quota_rule = *:storage=1G
}
plugin {
}
plugin {
quota = dict:User quota::proxy::quota
}
plugin {
}
(9).增加/etc/dovecot/dovecot-sql.conf.ext
[root@mail ~]# vim /etc/dovecot/dovecot-sql.conf.ext
driver = mysql
connect = host=localhost dbname=postfix user=postfix password=postfix
default_pass_scheme = CRAM-MD5
user_query = SELECT CONCAT('/var/vmail/', maildir) AS home, 2000 AS uid, 2000 AS gid, CONCAT('*:bytes=', quota) as quota_rule FROM mailbox WHERE username = '%u' AND active='1'
password_query = SELECT username AS user, password, CONCAT('/var/vmail/', maildir) AS userdb_home, 2000 AS userdb_uid, 2000 AS userdb_gid, CONCAT('*:bytes=', quota) as userdb_quota_rule FROM mailbox WHERE username = '%u' AND active='1'
(10).增加/etc/dovecot/dovecot-dict-sql.conf.ex

t
[root@mail ~]# vim /etc/dovecot/dovecot-dict-sql.conf.ext
connect = host=localhost dbname=postfix user=postfix password=postfix
map {
pattern = priv/quota/storage
table = quota2
username_field = username
value_field = bytes
}
map {
pattern = priv/quota/messages
table = quota2
username_field = username
value_field = messages
}
2.重新启动服务
[root@mail ~]# service postfix restart
关闭 postfix： [确定]
启动 postfix： [确定]
[root@mail ~]# service dovecot restart
停止 Dovecot Imap： [失败]
正在启动 Dovecot Imap： [确定]
至此dovecot配置全部完成，^_^ ……
当我们执行postfixadmin的备份，会出现以下警告，并不能实现备份！
(1).修改/var/www/html/admin/backup.php文件
[root@mail admin]# vim /var/www/html/admin/backup.php
#增加一行（如下图）
date_default_timezone_set('PRC');

十一、安装并配置WebMail(Roundcubemail)
1.解压并重命名
[root@mail ~]# tar -xf roundcubemail-0.9.2.tar.gz -C /var/www/html/
[root@mail ~]# cd /var/www/html/
[root@mail html]# ls
admin index.php phpmyadmin roundcubemail-0.9.2
[root@mail html]# mv roundcubemail-0.9.2 webmail
[root@mail html]# ls
admin index.php phpmyadmin webmail
2.配置WebMail
打开 ip:/webmail/installer/可以查看哪些OK了

3.修改php.ini
[root@mail installer]# vim /etc/php.ini
date.timezone = Asia/Shanghai
4.修改apache中PHPini的位置
[root@mail installer]# vim /etc/httpd/conf/httpd.conf
PHPIniDir "/etc/php.ini"
[root@mail installer]# service httpd restart
Stopping httpd: [ OK ]
Starting httpd: [ OK ]
5.修改所有Web文件的所属者与所属组
[root@mail ~]# cd /var/www/html/
[root@mail html]# ll
total 16
drwxrwxr-x 14 1000 1010 4096 Jul 11 05:25 admin
-rw-r--r-- 1 root root 18 Jul 11 04:12 index.php
drwxr-xr-x 9 root root 4096 Jul 11 04:17 phpmyadmin
drwxr-xr-x 11 501 80 4096 Jun 16 23:10 webmail
[root@mail html]# chown -R vmail.vmail admin
[root@mail html]# chown -R vmail.vmail phpmyadmin
[root@mail html]# chown -R vmail.vmail webmail
[root@mail html]# ll
total 16
drwxrwxr-x 14 vmail vmail 4096 Jul 11 05:25 admin
-rw-r--r-- 1 root root 18 Jul 11 04:12 index.php
drwxr-xr-x 9 vmail vmail 4096 Jul 11 04:17 phpmyadmin
drwxr-xr-x 11 vmail vmail 4096 Jun 16 23:10 webmail
6.查看session保存位置
[root@mail html]# vim /etc/php.ini
session.save_path = "/var/lib/php/session"
7.修改session文件的所属组
[root@mail html]# cd /var/lib/php/
[root@mail php]# ll
total 4
drwxrwx--- 2 root apache 4096 Feb 22 10:56 session
[root@mail php]# chown -R .vmail session/
[root@mail php]# ll
total 4
drwxrwx--- 2 root vmail 4096 Feb 22 10:56 session
9.单击NEXT我们继

续进行设置（下面是必须配置的选项）
(1).配置webmail的显示名称
一般配置的是登录页面显示的名称
(2).配置Webmail数据库相关（我这里全部设置是,roundcubemail）
(3).配置IMAP
(4).配置SMTP服务器
(5).配置完成效果如下，（大家可以看到我们配置好的选项都被列出来了，我们得下载两个配置文件main.inc.php和db.inc.php并上传到时服务器中）
(6).上传至服务器相关目录中
[root@mail ~]# cd /var/www/html/webmail/config/
[root@mail config]# ll
total 92
-rw-r--r-- 1 root root 2905 Jul 10 22:15 db.inc.php
-rw-r--r-- 1 vmail vmail 2893 Jun 16 23:10 db.inc.php.dist
-rw-r--r-- 1 root root 38438 Jul 10 22:15 main.inc.php
-rw-r--r-- 1 vmail vmail 38414 Jun 16 23:10 main.inc.php.dist
-rw-r--r-- 1 vmail vmail 2731 Jun 16 23:10 mimetypes.php
(7). 给WebMail授权
mysql> CREATE DATABASE roundcubemail;
Query OK, 1 row affected (0.00 sec)
mysql> GRANT ALL PRIVILEGES ON roundcubemail.* TO roundcubemail@localhost IDENTIFIED BY 'roundcubemail';
FLUSH PRIVILEGES;Query OK, 0 rows affected (0.01 sec)
mysql> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.00 sec)
10.单击CONTINUE继续
11.单击初始化数据库按钮
12.初始化完成并查看数据库表
13.下面我们进行WebMail测试

十二、安装并配置病毒扫描与垃圾邮件过滤
1.安装安amavisd-new、clamav及spamassassin
[root@mail ~]# yum install -y amavisd-new clamav clamav-devel clamd spamassassin
2.查看amavisd-new、clamav及spamassassin开机自启动
大家可以看到spamassassin是个服务是停止的开机没有启动，是因为amavisd-new直接将spamassassin作为一个模块使用，所以不需要守护进程，自然开机不需要启动
3.修改SpamAssassin配置文件
SpamAssassin作为amavisd-new的模块是需要特别配置，只要安装就行，但是你也可以定制它通过修改
[root@mail ~]# vim /etc/mail/spamassassin/local.cf
# These values can be overridden by editing ~/.spamassassin/user_prefs.cf
# (see spamassassin(1) for details)
# These should be safe assumptions and allow for simple visual sifting
# without risking lost emails.
required_hits 5
report_safe 0
rewrite_header Subject [SPAM]
我这里只是列出为给大家看一下，有需要的博友自行修改，我这里就不修改了
4.修改ClamAV配置文件/etc/clamd.conf
说明,ClamAV的设定存放在/etc/clamd.conf内,我们修改/etc/clamd.conf配置文件让ClamAV知道，Amavisd-new将会利用本地的UNIX通讯端与它通信而不是利用tcp端口来与它通信！
[root@mail ~]# vim /etc/clamd.conf
#利用本地通信
LocalSocket /var/run/clamav/clamd.sock
#注释掉TCP通信端口
#TCPSocket 3310
5.修改Amavisd-new配置文件/etc/amavisd.conf
(1).通过去除以下数行的注释来停止检查病毒域垃圾邮件（由于下面数行默认是被注释掉的，因此病毒及垃圾邮件在预设中默认是被启动的）

[root@mail ~]# vim /etc/amavisd.con
# @bypass_virus_checks_maps = (1); # controls running of anti-virus code
# @bypass_spam_checks_maps = (1); # controls running of anti-spam code
# $bypass_decode_parts = 1; # controls running of decoders&dearchivers
(2).接着可以看到下面几行
$max_servers = 2; # num of pre-forked children (2..30 is common), -m
$daemon_user = "amavis"; # (no default; customary: vscan or amavis), -u
$daemon_group = "amavis"; # (no default; customary: vscan or amavis), -g
$inet_socket_port = 10024; # listen on this local TCP port(s)
# $notify_method = 'smtp:[127.0.0.1]:10025';
# $forward_method = 'smtp:[127.0.0.1]:10025'; # set to undef with milter!
说明，
$max_servers 设定同步执行的Amavisd-new进程数量，而且必须与/etc/postfix/master.cf内的amavisfeed服务的maxproc中相符合
$daemon_user及$daemon_group应该用来匹配Amavisd-new的用户及群组
$inet_socket_port 定义Amavisd-new将会在哪一个tcp端口接纳来自Postfix的连接
$notify_method及$forward_method定义Amavisd-new把邮件重新注入Postfix的途径
(3).以下是必须修改项
$mydomain = 'https://www.wendangku.net/doc/9a565198.html,'; #我这里是https://www.wendangku.net/doc/9a565198.html,域
$MYHOME = '/var/amavis';
$helpers_home = "$MYHOME/var";
$lock_file = "$MYHOME/var/amavisd.lock";
$pid_file = "$MYHOME/var/amavisd.pid";
$myhostname = 'https://www.wendangku.net/doc/9a565198.html,'; #我这里是https://www.wendangku.net/doc/9a565198.html,主机
(4).下面是SpamAssassin设定来替换预设的SpamAssassin设置
$sa_tag_level_deflt = 2.0; # add spam info headers if at, or above that level
$sa_tag2_level_deflt = 6.2; # add 'spam detected' headers at that level
$sa_kill_level_deflt = 6.9; # triggers spam evasive actions (e.g. blocks mail)
$sa_dsn_cutoff_level = 10; # spam level beyond which a DSN is not sent
$sa_crediblefrom_dsn_cutoff_level = 18; # likewise, but for a likely valid From
# $sa_quarantine_cutoff_level = 25; # spam level beyond which quarantine is off
$penpals_bonus_score = 8; # (no effect without a @storage_sql_dsn database)
$penpals_threshold_high = $sa_kill_level_deflt; # don't waste time on hi spam
$bounce_killer_score = 100; # spam score points to add for joe-jobbed bounces
$sa_mail_body_size_limit = 400*1024; # don't waste time on SA if mail is larger
$sa_local_tests_only = 0; # only tests which do not require internet access?
说明，默认不需要修改但你得知道它们和意义，可以方便的帮助我们设置垃圾邮件‘
$sa_tag_level_deflt 指定Amavisd-new由哪一个级别开始写入X-Spam-Flag、X-Spam-Score、X-Spam-Status等垃圾邮件资讯标头，假如你想为所有邮件加入资讯标头，请把此值设为 -999
$sa_tag2_level_deflt 指定由哪一个级别开始在垃圾邮件的标头上标签它们
$sa_kill_level_deflt 指定Amavisd-new由哪一个级别开始拦截和扣留邮件。这个用途很大，因为SpamAssassin在

预设情况下不会这样做
$sa_dsn_cutoff_level 指定由哪一个级别开始寄件失败通告不会被发送给寄件人。由于多数垃圾邮件寄件者的地址都是伪造的，不为明显的垃圾邮件发送寄件失败通告是最合理的，要不然你只会加剧反向散寄的问题
$sa_quarantine_cutoff_level 指定哪一个级别开始不必扣留垃圾邮件。这个选项预设是被注释掉的，意思是所有邮件都会被扣留
(5).下面是发送通告的邮件地址（默认是管理员邮箱，接收垃圾邮件通告的邮箱）
修改为，
$virus_admin = "postmaster\@$mydomain"; # notifications recip.
$mailfrom_notify_admin = "postmaster\@$mydomain"; # notifications sender
$mailfrom_notify_recip = "postmaster\@$mydomain"; # notifications sender
$mailfrom_notify_spamadmin = "postmaster\@$mydomain"; # notifications sender
(6).设置ClamAV的部分
# ### https://www.wendangku.net/doc/9a565198.html,/
#['ClamAV-clamd',
# \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd.sock"],
# qr/\bOK$/m, qr/\bFOUND$/m,
# qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ],
修改为，
#去掉相关注释就行
# ### https://www.wendangku.net/doc/9a565198.html,/
['ClamAV-clamd',
\&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd.sock"],
qr/\bOK$/m, qr/\bFOUND$/m,
qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ],
说明，/var/run/clamav/clamd.sock这个设定必须与我们先前在/etc/clamd.conf内输入的LocalSocket /var/run/clamav/clamd.sock设定相一致。
6.修改Postfix配置文件
(1).修改/etc/postfix/master.cf
[root@mail ~]# vim /etc/postfix/master.cf
# ==========================================================================
# # service type private unpriv chroot wakeup maxproc command + args
# # (yes) (yes) (yes) (never) (100)
# # ==========================================================================
# #
amavisfeed unix - - n - 2 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
-o smtp_tls_note_starttls_offer=no
-o disable_dns_lookups=yes
-o max_use=20
说明，请注意在maxproc栏内的数值 2 必须要与/etc/amavisd.conf内的$max_servers设定一致。
有关各选项的详细解释请参阅Amavisd-new的文档（vim /usr/share/doc/amavisd-new-2.8.0/README.postfix）。
然后我们定义一个专用的服务把邮件重新注入Postfix。我们为此在/etc/postfix/master.cf内加入一个在localhost(127.0.0.1)的tcp 10025端口（/etc/amavisd.conf的预设值）上监听的smtp服务：
# ==========================================================================
# # service type private unpriv chroot wakeup maxproc command + args
# # (yes) (yes) (yes) (never) (100)
# # ==========================================================================
127.0.0.1:10

025 inet n - n - - smtpd
-o content_filter=
-o smtpd_delay_reject=no
-o smtpd_client_restrictions=permit_mynetworks,reject
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o smtpd_data_restrictions=reject_unauth_pipelining
-o smtpd_end_of_data_restrictions=
-o smtpd_restriction_classes=
-o mynetworks=127.0.0.0/8
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
-o smtpd_client_connection_count_limit=0
-o smtpd_client_connection_rate_limit=0
-o receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_milters,no_address_mappings
-o local_header_rewrite_clients=
-o smtpd_milters=
-o local_recipient_maps=
注意，以上两项首行前面一定不能有空格，否则会出错！！！
(2).修改/etc/postfix/main.cf加入以下设定来启用邮件过滤
[root@mail ~]# vim /etc/postfix/main.cf
#filter mail
content_filter = amavisfeed:[127.0.0.1]:10024
(3).重启postfix服务
7.启动clamd及amavisd服务：
service clamd start
service amavisd start

十三、安装并配置managesieve插件
说明，managesieve插件实现邮件过滤和Vacation功能
1.在Doevecot2.0之后的版本，如果需要做邮件过滤的功能需要dovecot-pigeonhole扩展包的支持
[root@mail ~]# yum install -y dovecot-pigeonhole
2.配置dovecot配置文件
[root@mail ~]# vim /etc/dovecot/dovecot.conf
protocols = imap pop3 sieve
[root@mail ~]# vim /etc/dovecot/conf.d/15-lda.conf
mail_plugins = quota sieve
3.重新启动dovecot
[root@mail ~]# service dovecot restart
4. 查看Dovecot监听4190端口
[root@mail ~]# netstat -ntulp | grep 4190
tcp 0 0 0.0.0.0:4190 0.0.0.0:* LISTEN 17998/dovecot
[root@mail ~]#
5.managesieve配置文件修改，将模板复制成config.inc.php，做如下修改
[root@mail ~]# cd /var/www/html/webmail/plugins/managesieve/
[root@mail managesieve]# ls
Changelog config.inc.php.dist lib localization managesieve.js managesieve.php package.xml skins tests
[root@mail managesieve]# cp config.inc.php.dist config.inc.php
[root@mail managesieve]# vim config.inc.php
#修改端口为
$rcmail_config['managesieve_port'] = 4190;
6.在主配置文件中使插件生效
1
2
[root@mail ~]# vim /var/www/html/webmail/config/main.inc.php
$rcmail_config['plugins'] = array('managesieve');

十四，配置使用修改密码插件
roundcube自带修改密码插件但是没有使用
使用插件的方法是修改config/main.inc.php文件。里面
$rcmail_config['plugins'] = array('managesieve','password')就是启用插件
插件放在plugins

目录下，插件目录的名字不能打错，一般和插件内的php文件名字相同
修改password下的config.inc.php文件，因为我是使用doveadm pw加密的。而doveadm pw的命令地址已经更换，所以需要指定该命令地址
$rcmail_config['password_driver'] = 'sql'; 使用sql来修改密码
$rcmail_config['password_confirm_current'] = true;
$rcmail_config['password_db_dsn'] = 'mysql://postfix:postfixpassword@localhost/postfix'; 这里是指的修改的数据库的类型，用户名，用户名密码 和数据库表
$rcmail_config['password_query'] = 'UPDATE mailbox SET password=%D WHERE username=%u LIMIT 1'; 这是修改数据库的命令。mailbox是webmail的表名， %D指的是使用dovecot方式加密
$rcmail_config['password_dovecotpw'] = '/usr/bin/doveadm pw'; 这是指定加密命令的位置，如果没有这一句会提示密码无法加密
其他基本是默认配置

十五，导入通讯录csv文件。
先导出一个vcard文件，然后转换成csv。将;全部换成,
保留表头First Name,Display Name,Nickname,Primary Email 就可以。不要用excel去编辑，否则导入以后中文是乱码，因为excel不是用utf8字符集
十六，一些其他的配置
1.web页面里默认可以允许随便编辑身份，并且能发送。
更改config/main.inc.php的$rcmail_config['identities_level']
// Set identities access level:
// 0 - many identities with possibility to edit all params
// 1 - many identities with possibility to edit all params but not email address
// 2 - one identity with possibility to edit all params
// 3 - one identity with possibility to edit all params but not email address
// 4 - one identity with possibility to edit only signature
$rcmail_config['identities_level'] = 3;
默认是0，改为3

基本注意的就是权限，和命令的位置问题
2.Postfix对特定邮件地址限制发件人的设置
因公司需要将all@https://www.wendangku.net/doc/9a565198.html,地址设置权限，只允许指定的人员可以给全体员工发邮件，做下笔记。
1. 修改/etc/postfix/main.cf
添加：
smtpd_restriction_classes = vip_rec
vip_rec = check_sender_access hash:/etc/postfix/local_domains,reject
修改smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated,…………..加上check_recipient_access hash:/etc/postfix/local_recipients
即：
smtpd_recipient_restrictions = check_recipient_access hash:/etc/postfix/local_recipients, permit_mynetworks, permit_sasl_authenticated,......(写在permit_mynetworks前面)
2. 创建local_recipients文件，设置收件人策略
#vi /etc/postfix/local_recipients
文件内容如下：
all@https://www.wendangku.net/doc/9a565198.html, vip_rec
然后
#postmap local_recipients 生成hash
3.创建local_domains文件，设置发件人规则
#vi /etc/postfix/local_domains
文件内容如下：
ceo@https://www.wendangku.net/doc/9a565198.html, ok
cto@https://www.wendangku.net/doc/9a565198.html, ok
然后
#postmap local_domains
4.Reload postfix
#/etc/init.d/postfix reload
测试了一下，使用不在local_domai

ns文件中的邮箱对all@https://www.wendangku.net/doc/9a565198.html,发信会被拒绝，提示：554 5.7.1 Recipient address rejected: Access denied。