courier-authlib-0.59.3Extmail-1.0.2Extman-0.2.2maildrop-2.0.4clamav-0.91.2amavisd-newSpamAssassin-3.2.3

#tar zvxf zlib-1.2.3.tar.gz
#cd zlib-1.2.3
#./configure –prefix=/usr –shared
#make
#make test
#make installcourier-authlib-0.59.3Extmail-1.0.2Extman-0.2.2maildrop-2.0.4clamav-0.91.2amavisd-newSpamAssassin-3.2.3 #tar zvxf zlib-1.2.3.tar.gz#cd zlib-1.2.3#./configure –prefix=/usr –shared#make#make test#make install# tar zxvf openssl-0.9.8e.tar.gz
# cd openssl-0.9.8e
# ./config shared zlib
# make
# make test
# make install
# mv /usr/bin/openssl /usr/bin/openssl.OFF
# mv /usr/include/openssl /usr/include/openssl.OFF
# rm /usr/lib/libssl.so
# ln -s /usr/local/ssl/bin/openssl /usr/bin/openssl
# ln -s /usr/local/ssl/include/openssl /usr/include/openssl
# ln -sv /usr/local/ssl/lib/libssl.so.0.9.8  /usr/lib/libssl.so
配置库文件搜索路径
# echo “/usr/local/ssl/lib” >> /etc/ld.so.conf
# ldconfig -vcourier-authlib-0.59.3Extmail-1.0.2Extman-0.2.2maildrop-2.0.4clamav-0.91.2amavisd-newSpamAssassin-3.2.3 #tar zvxf zlib-1.2.3.tar.gz#cd zlib-1.2.3#./configure –prefix=/usr –shared#make#make test#make install# tar zxvf openssl-0.9.8e.tar.gz# cd openssl-0.9.8e# ./config shared zlib# make# make test# make install# mv /usr/bin/openssl /usr/bin/openssl.OFF# mv /usr/include/openssl /usr/include/openssl.OFF# rm /usr/lib/libssl.so# ln -s /usr/local/ssl/bin/openssl /usr/bin/openssl# ln -s /usr/local/ssl/include/openssl /usr/include/openssl# ln -sv /usr/local/ssl/lib/libssl.so.0.9.8  /usr/lib/libssl.so配置库文件搜索路径# echo “/usr/local/ssl/lib” >> /etc/ld.so.conf# ldconfig -v检测安装结果
# openssl version
OpenSSL 0.9.8e 23 Feb 2007
#./configure –prefix=/usr/local/sasl2 –disable-gssapi –disable-anon –disable-sample –disable-digest –enable-plain –enable-login –enable-sql –with-mysql=/usr/local/mysql –with-mysql-includes=/usr/local/mysql/include/mysql –with-mysql-libs=/usr/local/mysql/lib/mysql –with-authdaemond=/usr/local/courier-authlib/var/spool/authdaemon/socket
#make
#make install courier-authlib-0.59.3Extmail-1.0.2Extman-0.2.2maildrop-2.0.4clamav-0.91.2amavisd-newSpamAssassin-3.2.3 #tar zvxf zlib-1.2.3.tar.gz#cd zlib-1.2.3#./configure –prefix=/usr –shared#make#make test#make install# tar zxvf openssl-0.9.8e.tar.gz# cd openssl-0.9.8e# ./config shared zlib# make# make test# make install# mv /usr/bin/openssl /usr/bin/openssl.OFF# mv /usr/include/openssl /usr/include/openssl.OFF# rm /usr/lib/libssl.so# ln -s /usr/local/ssl/bin/openssl /usr/bin/openssl# ln -s /usr/local/ssl/include/openssl /usr/include/openssl# ln -sv /usr/local/ssl/lib/libssl.so.0.9.8  /usr/lib/libssl.so配置库文件搜索路径# echo “/usr/local/ssl/lib” >> /etc/ld.so.conf# ldconfig -v检测安装结果# openssl versionOpenSSL 0.9.8e 23 Feb 2007 #./configure –prefix=/usr/local/sasl2 –disable-gssapi –disable-anon –disable-sample –disable-digest –enable-plain –enable-login –enable-sql –with-mysql=/usr/local/mysql –with-mysql-includes=/usr/local/mysql/include/mysql –with-mysql-libs=/usr/local/mysql/lib/mysql –with-authdaemond=/usr/local/courier-authlib/var/spool/authdaemon/socket#make#make installauth_getpwent.c:48:20: des.h: 没有那个文件或目录
make[3]: *** [auth_getpwent.o] 错误 1
make[3]: Leaving directory `/root/postfix/cyrus-sasl-2.1.22/saslauthd’
make[2]: *** [all] 错误 2
make[2]: Leaving directory `/root/postfix/cyrus-sasl-2.1.22/saslauthd’
make[1]: *** [all-recursive] 错误 1
make[1]: Leaving directory `/root/postfix/cyrus-sasl-2.1.22′
make: *** [all] 错误 2
修改/tmp/cyrus-sasl-2.1.21/saslauthd/Makefiles内的变量CFLAGS添加-I/opt/openssl/include/openssl
    或者直接
     mail~#cp /tmp/cyrus-sasl-2.1.21/mac/libdes/public/des.h /tmp/cyrus-sasl-2.1.21/
     mail~#make
     mail~#make install
关闭原有的sasl：
# mv /usr/lib/libsasl2.a  /usr/lib/libsasl2.a.OFF
# mv /usr/lib/libsasl2.la  /usr/lib/libsasl2.la.OFF
# mv /usr/lib/libsasl2.so.2.0.19  /usr/lib/libsasl2.so.2.0.19.OFF
# mv /usr/lib/sasl2  /usr/lib/sasl2.OFF
# rm /usr/lib/libsasl2.so
# rm /usr/lib/libsasl2.so.2courier-authlib-0.59.3Extmail-1.0.2Extman-0.2.2maildrop-2.0.4clamav-0.91.2amavisd-newSpamAssassin-3.2.3 #tar zvxf zlib-1.2.3.tar.gz#cd zlib-1.2.3#./configure –prefix=/usr –shared#make#make test#make install# tar zxvf openssl-0.9.8e.tar.gz# cd openssl-0.9.8e# ./config shared zlib# make# make test# make install# mv /usr/bin/openssl /usr/bin/openssl.OFF# mv /usr/include/openssl /usr/include/openssl.OFF# rm /usr/lib/libssl.so# ln -s /usr/local/ssl/bin/openssl /usr/bin/openssl# ln -s /usr/local/ssl/include/openssl /usr/include/openssl# ln -sv /usr/local/ssl/lib/libssl.so.0.9.8  /usr/lib/libssl.so配置库文件搜索路径# echo “/usr/local/ssl/lib” >> /etc/ld.so.conf# ldconfig -v检测安装结果# openssl versionOpenSSL 0.9.8e 23 Feb 2007 #./configure –prefix=/usr/local/sasl2 –disable-gssapi –disable-anon –disable-sample –disable-digest –enable-plain –enable-login –enable-sql –with-mysql=/usr/local/mysql –with-mysql-includes=/usr/local/mysql/include/mysql –with-mysql-libs=/usr/local/mysql/lib/mysql –with-authdaemond=/usr/local/courier-authlib/var/spool/authdaemon/socket#make#make installauth_getpwent.c:48:20: des.h: 没有那个文件或目录make[3]: *** [auth_getpwent.o] 错误 1make[3]: Leaving directory `/root/postfix/cyrus-sasl-2.1.22/saslauthd’make[2]: *** [all] 错误 2make[2]: Leaving directory `/root/postfix/cyrus-sasl-2.1.22/saslauthd’make[1]: *** [all-recursive] 错误 1make[1]: Leaving directory `/root/postfix/cyrus-sasl-2.1.22’make: *** [all] 错误 2修改/tmp/cyrus-sasl-2.1.21/saslauthd/Makefiles内的变量CFLAGS添加-I/opt/openssl/include/openssl    或者直接     mail~#cp /tmp/cyrus-sasl-2.1.21/mac/libdes/public/des.h /tmp/cyrus-sasl-2.1.21/     mail~#make     mail~#make install关闭原有的sasl：# mv /usr/lib/libsasl2.a  /usr/lib/libsasl2.a.OFF# mv /usr/lib/libsasl2.la  /usr/lib/libsasl2.la.OFF# mv /usr/lib/libsasl2.so.2.0.19  /usr/lib/libsasl2.so.2.0.19.OFF# mv /usr/lib/sasl2  /usr/lib/sasl2.OFF# rm /usr/lib/libsasl2.so# rm /usr/lib/libsasl2.so.2# ln -sv /usr/local/sasl2/lib/*  /usr/libcourier-authlib-0.59.3Extmail-1.0.2Extman-0.2.2maildrop-2.0.4clamav-0.91.2amavisd-newSpamAssassin-3.2.3 #tar zvxf zlib-1.2.3.tar.gz#cd zlib-1.2.3#./configure –prefix=/usr –shared#make#make test#make install# tar zxvf openssl-0.9.8e.tar.gz# cd openssl-0.9.8e# ./config shared zlib# make# make test# make install# mv /usr/bin/openssl /usr/bin/openssl.OFF# mv /usr/include/openssl /usr/include/openssl.OFF# rm /usr/lib/libssl.so# ln -s /usr/local/ssl/bin/openssl /usr/bin/openssl# ln -s /usr/local/ssl/include/openssl /usr/include/openssl# ln -sv /usr/local/ssl/lib/libssl.so.0.9.8  /usr/lib/libssl.so配置库文件搜索路径# echo “/usr/local/ssl/lib” >> /etc/ld.so.conf# ldconfig -v检测安装结果# openssl versionOpenSSL 0.9.8e 23 Feb 2007 #./configure –prefix=/usr/local/sasl2 –disable-gssapi –disable-anon –disable-sample –disable-digest –enable-plain –enable-login –enable-sql –with-mysql=/usr/local/mysql –with-mysql-includes=/usr/local/mysql/include/mysql –with-mysql-libs=/usr/local/mysql/lib/mysql –with-authdaemond=/usr/local/courier-authlib/var/spool/authdaemon/socket#make#make installauth_getpwent.c:48:20: des.h: 没有那个文件或目录make[3]: *** [auth_getpwent.o] 错误 1make[3]: Leaving directory `/root/postfix/cyrus-sasl-2.1.22/saslauthd’make[2]: *** [all] 错误 2make[2]: Leaving directory `/root/postfix/cyrus-sasl-2.1.22/saslauthd’make[1]: *** [all-recursive] 错误 1make[1]: Leaving directory `/root/postfix/cyrus-sasl-2.1.22’make: *** [all] 错误 2修改/tmp/cyrus-sasl-2.1.21/saslauthd/Makefiles内的变量CFLAGS添加-I/opt/openssl/include/openssl    或者直接     mail~#cp /tmp/cyrus-sasl-2.1.21/mac/libdes/public/des.h /tmp/cyrus-sasl-2.1.21/     mail~#make     mail~#make install关闭原有的sasl：# mv /usr/lib/libsasl2.a  /usr/lib/libsasl2.a.OFF# mv /usr/lib/libsasl2.la  /usr/lib/libsasl2.la.OFF# mv /usr/lib/libsasl2.so.2.0.19  /usr/lib/libsasl2.so.2.0.19.OFF# mv /usr/lib/sasl2  /usr/lib/sasl2.OFF# rm /usr/lib/libsasl2.so# rm /usr/lib/libsasl2.so.2# ln -sv /usr/local/sasl2/lib/*  /usr/libpostfix 2.3以后的版本会分别在/usr/local/lib和/usr/local/include中搜索sasl库文件及头文件，故还须将其链接至此目录中：
# ln -sv /usr/local/sasl2/lib/*  /usr/local/lib
# ln -sv /usr/local/sasl2/include/sasl/*  /usr/local/includecourier-authlib-0.59.3Extmail-1.0.2Extman-0.2.2maildrop-2.0.4clamav-0.91.2amavisd-newSpamAssassin-3.2.3 #tar zvxf zlib-1.2.3.tar.gz#cd zlib-1.2.3#./configure –prefix=/usr –shared#make#make test#make install# tar zxvf openssl-0.9.8e.tar.gz# cd openssl-0.9.8e# ./config shared zlib# make# make test# make install# mv /usr/bin/openssl /usr/bin/openssl.OFF# mv /usr/include/openssl /usr/include/openssl.OFF# rm /usr/lib/libssl.so# ln -s /usr/local/ssl/bin/openssl /usr/bin/openssl# ln -s /usr/local/ssl/include/openssl /usr/include/openssl# ln -sv /usr/local/ssl/lib/libssl.so.0.9.8  /usr/lib/libssl.so配置库文件搜索路径# echo “/usr/local/ssl/lib” >> /etc/ld.so.conf# ldconfig -v检测安装结果# openssl versionOpenSSL 0.9.8e 23 Feb 2007 #./configure –prefix=/usr/local/sasl2 –disable-gssapi –disable-anon –disable-sample –disable-digest –enable-plain –enable-login –enable-sql –with-mysql=/usr/local/mysql –with-mysql-includes=/usr/local/mysql/include/mysql –with-mysql-libs=/usr/local/mysql/lib/mysql –with-authdaemond=/usr/local/courier-authlib/var/spool/authdaemon/socket#make#make installauth_getpwent.c:48:20: des.h: 没有那个文件或目录make[3]: *** [auth_getpwent.o] 错误 1make[3]: Leaving directory `/root/postfix/cyrus-sasl-2.1.22/saslauthd’make[2]: *** [all] 错误 2make[2]: Leaving directory `/root/postfix/cyrus-sasl-2.1.22/saslauthd’make[1]: *** [all-recursive] 错误 1make[1]: Leaving directory `/root/postfix/cyrus-sasl-2.1.22’make: *** [all] 错误 2修改/tmp/cyrus-sasl-2.1.21/saslauthd/Makefiles内的变量CFLAGS添加-I/opt/openssl/include/openssl    或者直接     mail~#cp /tmp/cyrus-sasl-2.1.21/mac/libdes/public/des.h /tmp/cyrus-sasl-2.1.21/     mail~#make     mail~#make install关闭原有的sasl：# mv /usr/lib/libsasl2.a  /usr/lib/libsasl2.a.OFF# mv /usr/lib/libsasl2.la  /usr/lib/libsasl2.la.OFF# mv /usr/lib/libsasl2.so.2.0.19  /usr/lib/libsasl2.so.2.0.19.OFF# mv /usr/lib/sasl2  /usr/lib/sasl2.OFF# rm /usr/lib/libsasl2.so# rm /usr/lib/libsasl2.so.2# ln -sv /usr/local/sasl2/lib/*  /usr/libpostfix 2.3以后的版本会分别在/usr/local/lib和/usr/local/include中搜索sasl库文件及头文件，故还须将其链接至此目录中：# ln -sv /usr/local/sasl2/lib/*  /usr/local/lib# ln -sv /usr/local/sasl2/include/sasl/*  /usr/local/include创建运行时需要的目录并调试启动
# mkdir -pv /var/state/saslauthd
# /usr/local/sasl2/sbin/saslauthd  -a  shadow  pam  -dcourier-authlib-0.59.3Extmail-1.0.2Extman-0.2.2maildrop-2.0.4clamav-0.91.2amavisd-newSpamAssassin-3.2.3 #tar zvxf zlib-1.2.3.tar.gz#cd zlib-1.2.3#./configure –prefix=/usr –shared#make#make test#make install# tar zxvf openssl-0.9.8e.tar.gz# cd openssl-0.9.8e# ./config shared zlib# make# make test# make install# mv /usr/bin/openssl /usr/bin/openssl.OFF# mv /usr/include/openssl /usr/include/openssl.OFF# rm /usr/lib/libssl.so# ln -s /usr/local/ssl/bin/openssl /usr/bin/openssl# ln -s /usr/local/ssl/include/openssl /usr/include/openssl# ln -sv /usr/local/ssl/lib/libssl.so.0.9.8  /usr/lib/libssl.so配置库文件搜索路径# echo “/usr/local/ssl/lib” >> /etc/ld.so.conf# ldconfig -v检测安装结果# openssl versionOpenSSL 0.9.8e 23 Feb 2007 #./configure –prefix=/usr/local/sasl2 –disable-gssapi –disable-anon –disable-sample –disable-digest –enable-plain –enable-login –enable-sql –with-mysql=/usr/local/mysql –with-mysql-includes=/usr/local/mysql/include/mysql –with-mysql-libs=/usr/local/mysql/lib/mysql –with-authdaemond=/usr/local/courier-authlib/var/spool/authdaemon/socket#make#make installauth_getpwent.c:48:20: des.h: 没有那个文件或目录make[3]: *** [auth_getpwent.o] 错误 1make[3]: Leaving directory `/root/postfix/cyrus-sasl-2.1.22/saslauthd’make[2]: *** [all] 错误 2make[2]: Leaving directory `/root/postfix/cyrus-sasl-2.1.22/saslauthd’make[1]: *** [all-recursive] 错误 1make[1]: Leaving directory `/root/postfix/cyrus-sasl-2.1.22’make: *** [all] 错误 2修改/tmp/cyrus-sasl-2.1.21/saslauthd/Makefiles内的变量CFLAGS添加-I/opt/openssl/include/openssl    或者直接     mail~#cp /tmp/cyrus-sasl-2.1.21/mac/libdes/public/des.h /tmp/cyrus-sasl-2.1.21/     mail~#make     mail~#make install关闭原有的sasl：# mv /usr/lib/libsasl2.a  /usr/lib/libsasl2.a.OFF# mv /usr/lib/libsasl2.la  /usr/lib/libsasl2.la.OFF# mv /usr/lib/libsasl2.so.2.0.19  /usr/lib/libsasl2.so.2.0.19.OFF# mv /usr/lib/sasl2  /usr/lib/sasl2.OFF# rm /usr/lib/libsasl2.so# rm /usr/lib/libsasl2.so.2# ln -sv /usr/local/sasl2/lib/*  /usr/libpostfix 2.3以后的版本会分别在/usr/local/lib和/usr/local/include中搜索sasl库文件及头文件，故还须将其链接至此目录中：# ln -sv /usr/local/sasl2/lib/*  /usr/local/lib# ln -sv /usr/local/sasl2/include/sasl/*  /usr/local/include创建运行时需要的目录并调试启动# mkdir -pv /var/state/saslauthd    # /usr/local/sasl2/sbin/saslauthd  -a  shadow  pam  -d启动并测试
# /usr/local/sasl2/sbin/saslauthd -a shadow pam
# /usr/local/sasl2/sbin/testsaslauthd -u root -p root用户密码
配置库文件搜索路径
# echo “/usr/local/sasl2/lib” >> /etc/ld.so.conf
# echo “/usr/local/sasl2/lib/sasl2” >> /etc/ld.so.conf
# ldconfig -v

courier-authlib-0.59.3Extmail-1.0.2Extman-0.2.2maildrop-2.0.4clamav-0.91.2amavisd-newSpamAssassin-3.2.3 #tar zvxf zlib-1.2.3.tar.gz#cd zlib-1.2.3#./configure –prefix=/usr –shared#make#make test#make install# tar zxvf openssl-0.9.8e.tar.gz# cd openssl-0.9.8e# ./config shared zlib# make# make test# make install# mv /usr/bin/openssl /usr/bin/openssl.OFF# mv /usr/include/openssl /usr/include/openssl.OFF# rm /usr/lib/libssl.so# ln -s /usr/local/ssl/bin/openssl /usr/bin/openssl# ln -s /usr/local/ssl/include/openssl /usr/include/openssl# ln -sv /usr/local/ssl/lib/libssl.so.0.9.8 /usr/lib/libssl.so配置库文件搜索路径# echo “/usr/local/ssl/lib” >> /etc/ld.so.conf# ldconfig -v检测安装结果# openssl versionOpenSSL 0.9.8e 23 Feb 2007 #./configure –prefix=/usr/local/sasl2 –disable-gssapi –disable-anon –disable-sample –disable-digest –enable-plain –enable-login –enable-sql –with-mysql=/usr/local/mysql –with-mysql-includes=/usr/local/mysql/include/mysql –with-mysql-libs=/usr/local/mysql/lib/mysql –with-authdaemond=/usr/local/courier-authlib/var/spool/authdaemon/socket#make#make installauth_getpwent.c:48:20: des.h: 没有那个文件或目录make[3]: *** [auth_getpwent.o] 错误 1make[3]: Leaving directory `/root/postfix/cyrus-sasl-2.1.22/saslauthd’make[2]: *** [all] 错误 2make[2]: Leaving directory `/root/postfix/cyrus-sasl-2.1.22/saslauthd’make[1]: *** [all-recursive] 错误 1make[1]: Leaving directory `/root/postfix/cyrus-sasl-2.1.22’make: *** [all] 错误 2修改/tmp/cyrus-sasl-2.1.21/saslauthd/Makefiles内的变量CFLAGS添加-I/opt/openssl/include/openssl 或者直接 mail~#cp /tmp/cyrus-sasl-2.1.21/mac/libdes/public/des.h /tmp/cyrus-sasl-2.1.21/ mail~#make mail~#make install关闭原有的sasl：# mv /usr/lib/libsasl2.a /usr/lib/libsasl2.a.OFF# mv /usr/lib/libsasl2.la /usr/lib/libsasl2.la.OFF# mv /usr/lib/libsasl2.so.2.0.19 /usr/lib/libsasl2.so.2.0.19.OFF# mv /usr/lib/sasl2 /usr/lib/sasl2.OFF# rm /usr/lib/libsasl2.so# rm /usr/lib/libsasl2.so.2# ln -sv /usr/local/sasl2/lib/* /usr/libpostfix 2.3以后的版本会分别在/usr/local/lib和/usr/local/include中搜索sasl库文件及头文件，故还须将其链接至此目录中：# ln -sv /usr/local/sasl2/lib/* /usr/local/lib# ln -sv /usr/local/sasl2/include/sasl/* /usr/local/include创建运行时需要的目录并调试启动# mkdir -pv /var/state/saslauthd # /usr/local/sasl2/sbin/saslauthd -a shadow pam -d启动并测试# /usr/local/sasl2/sbin/saslauthd -a shadow pam# /usr/local/sasl2/sbin/testsaslauthd -u root -p root用户密码配置库文件搜索路径# echo “/usr/local/sasl2/lib” >> /etc/ld.so.conf# echo “/usr/local/sasl2/lib/sasl2” >> /etc/ld.so.conf# ldconfig -v开机自动启动
# echo “/usr/local/sasl2/sbin/saslauthd -a shadow pam”>>/etc/rc.local

courier-authlib-0.59.3Extmail-1.0.2Extman-0.2.2maildrop-2.0.4clamav-0.91.2amavisd-newSpamAssassin-3.2.3 #tar zvxf zlib-1.2.3.tar.gz#cd zlib-1.2.3#./configure –prefix=/usr –shared#make#make test#make install# tar zxvf openssl-0.9.8e.tar.gz# cd openssl-0.9.8e# ./config shared zlib# make# make test# make install# mv /usr/bin/openssl /usr/bin/openssl.OFF# mv /usr/include/openssl /usr/include/openssl.OFF# rm /usr/lib/libssl.so# ln -s /usr/local/ssl/bin/openssl /usr/bin/openssl# ln -s /usr/local/ssl/include/openssl /usr/include/openssl# ln -sv /usr/local/ssl/lib/libssl.so.0.9.8 /usr/lib/libssl.so配置库文件搜索路径# echo “/usr/local/ssl/lib” >> /etc/ld.so.conf# ldconfig -v检测安装结果# openssl versionOpenSSL 0.9.8e 23 Feb 2007 #./configure –prefix=/usr/local/sasl2 –disable-gssapi –disable-anon –disable-sample –disable-digest –enable-plain –enable-login –enable-sql –with-mysql=/usr/local/mysql –with-mysql-includes=/usr/local/mysql/include/mysql –with-mysql-libs=/usr/local/mysql/lib/mysql –with-authdaemond=/usr/local/courier-authlib/var/spool/authdaemon/socket#make#make installauth_getpwent.c:48:20: des.h: 没有那个文件或目录make[3]: *** [auth_getpwent.o] 错误 1make[3]: Leaving directory `/root/postfix/cyrus-sasl-2.1.22/saslauthd’make[2]: *** [all] 错误 2make[2]: Leaving directory `/root/postfix/cyrus-sasl-2.1.22/saslauthd’make[1]: *** [all-recursive] 错误 1make[1]: Leaving directory `/root/postfix/cyrus-sasl-2.1.22’make: *** [all] 错误 2修改/tmp/cyrus-sasl-2.1.21/saslauthd/Makefiles内的变量CFLAGS添加-I/opt/openssl/include/openssl 或者直接 mail~#cp /tmp/cyrus-sasl-2.1.21/mac/libdes/public/des.h /tmp/cyrus-sasl-2.1.21/ mail~#make mail~#make install关闭原有的sasl：# mv /usr/lib/libsasl2.a /usr/lib/libsasl2.a.OFF# mv /usr/lib/libsasl2.la /usr/lib/libsasl2.la.OFF# mv /usr/lib/libsasl2.so.2.0.19 /usr/lib/libsasl2.so.2.0.19.OFF# mv /usr/lib/sasl2 /usr/lib/sasl2.OFF# rm /usr/lib/libsasl2.so# rm /usr/lib/libsasl2.so.2# ln -sv /usr/local/sasl2/lib/* /usr/libpostfix 2.3以后的版本会分别在/usr/local/lib和/usr/local/include中搜索sasl库文件及头文件，故还须将其链接至此目录中：# ln -sv /usr/local/sasl2/lib/* /usr/local/lib# ln -sv /usr/local/sasl2/include/sasl/* /usr/local/include创建运行时需要的目录并调试启动# mkdir -pv /var/state/saslauthd # /usr/local/sasl2/sbin/saslauthd -a shadow pam -d启动并测试# /usr/local/sasl2/sbin/saslauthd -a shadow pam# /usr/local/sasl2/sbin/testsaslauthd -u root -p root用户密码配置库文件搜索路径# echo “/usr/local/sasl2/lib” >> /etc/ld.so.conf# echo “/usr/local/sasl2/lib/sasl2” >> /etc/ld.so.conf# ldconfig -v开机自动启动# echo “/usr/local/sasl2/sbin/saslauthd -a shadow pam”>>/etc/rc.local =====================

#tar zxvf db-4.5.20.tar.gz
#cd db-4.5.20/build_unix
#../dist/configure –prefix=/usr/local/BerkeleyDB
#make
#make install

修改相应的头文件指向
# mv  /usr/include/db4  /usr/inculde/db4.OFF
# rm  /usr/include/db_cxx.h
# rm  /usr/include/db.h
# rm  /usr/include/db_185.h
# ln -sv /usr/local/BerkeleyDB/include  /usr/include/db4
# ln -sv /usr/local/BerkeleyDB/include/db.h  /usr/include/db.h
# ln -sv /usr/local/BerkeleyDB/include/db_cxx.h  /usr/include/db_cxx.h

配置库文件搜索路径
# echo “/usr/local/BerkeleyDB/lib” >> /etc/ld.so.conf
# ldconfig –v

===============

1．安装
#groupadd -g 2525 postfix
#useradd -g postfix -u 2525 -s /sbin/nologin -M postfix
#groupadd -g 2526 postdrop
#useradd -g postdrop -u 2526 -s /bin/false -M postdrop

#tar zxvf postfix-2.4.5.tar.gz
#cd postfix-2.4.5
#make makefiles ‘CCARGS=-DHAS_MYSQL -I/usr/local/mysql -DUSE_SASL_AUTH -DUSE_CYRUS_SASL -I/usr/local/sasl2/include/sasl -I/usr/local/BerkeleyDB/include -DUSE_TLS -I/usr/local/ssl/include/openssl ‘ ‘AUXLIBS=-L/usr/local/mysql/lib -lmysqlclient -lz -lm -L/usr/local/sasl2/lib -lsasl2 -L/usr/local/BerkeleyDB/lib -L/usr/local/ssl/lib -lssl -lcrypto’
#make
#make install

bin/postconf: error while loading shared libraries: libmysqlclient.so.15: cannot open shared object file: No such file or directory
make: *** [install] 错误 1

搜索libmysqlclient.so.15，把libmysqlclient.so.15拷一个放/usr/lib或者把libmysqlclient.so.15的路径加到ld.so.conf里ldconfig下就OK

postfix: fatal: bad string length 0 < 1: setgid_group =
make: *** [install] 错误 1

修改/etc/postfix/main.cf 再install

使用以下命令验正postfix是否支持cyrus风格的sasl认证，如果您的输出为以下结果，则是支持的：
# /usr/local/postfix/sbin/postconf -a
cyrus
dovecot

#vi /etc/postfix/main.cf
添加以下内容：
############################CYRUS-SASL############################
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject_invalid_hostname,reject_non_fqdn_hostname,reject_unknown_sender_domain,reject_non_fqdn_sender,reject_non_fqdn_recipient,reject_unknown_recipient_domain,reject_unauth_pipelining,reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_security_options = noanonymous
smtpd_sasl_application_name = smtpd
smtpd_banner = Welcome to our $myhostname ESMTP,Warning: Version not Available!

#vi /usr/local/lib/sasl2/smtpd.conf
(/usr/lib/sasl2/Sendmail.conf ??)
添加如下内容：
pwcheck_method: saslauthd
mech_list: PLAIN LOGIN

让postfix重新加载配置文件
#/usr/local/postfix/sbin/postfix reload

删除sendmail
rpm -e sendmail –nodeps

# tar jxvf courier-authlib-0.59.3.tar.bz2
# cd courier-authlib-0.59.3
#./configure
–prefix=/usr/local/courier-authlib
–sysconfdir=/etc
–without-authpam
–without-authldap
–without-authpwd
–without-authshadow
–without-authvchkpw
–without-authpgsql
–with-authmysql
–with-mysql-libs=/usr/local/mysql/lib/mysql
–with-mysql-includes=/usr/local/mysql/include/mysql
–with-redhat
–with-authmysqlrc=/etc/authmysqlrc
–with-authdaemonrc=/etc/authdaemonrc
CFLAGS=”-march=i686 -O2 -fexpensive-optimizations”
Cannot find either the gdbm or the db library.

ln -sv /root/postfix/db-4.5.20/perl/BerkeleyDB/BerkeleyDB.pm /usr/lib/perl5/site_perl/5.8.5/i386-linux-thread-multi
还是不行

./configure --prefix=/usr --infodir=/usr/share/info --mandir=/usr/share/man && make && make BINOWN=root BINGRP=root install

./configure --prefix=/usr/local/courier-authlib --sysconfdir=/etc --without-authpam --without-authldap --without-authpwd --without-authshadow --without-authvchkpw --without-authpgsql --with-authmysql=/usr/local/mysql --with-mysql-libs=/usr/local/mysql/lib --with-mysql-includes=/usr/local/mysql/include --with-redhat --with-authmysqlrc=/etc/authmysqlrc --with-authdaemonrc=/etc/authdaemonrc CFLAGS="-march=i686 -O2 -fexpensive-optimizations" CXXFLAGS="-march=i686 -O2 -fexpensive-optimizations" Linking libgdbmobj.la source='testgdbm.C' object='testgdbm.o' libtool=no  DEPDIR=.deps depmode=none /bin/sh ./../depcomp  g++ -DHAVE_CONFIG_H -I. -I. -I.     -fhandle-exceptions -march=i686  -fexpensive-optimizations -c -o testgdbm.o testgdbm.C ./../depcomp: line 512: exec: g++: not found make[3]: *** [testgdbm.o] 错误 127 make[3]: Leaving directory `/root/postfix/courier-authlib-0.59.3/gdbmobj' make[2]: *** [all] 错误 2 make[2]: Leaving directory `/root/postfix/courier-authlib-0.59.3/gdbmobj' make[1]: *** [all-recursive] 错误 1 make[1]: Leaving directory `/root/postfix/courier-authlib-0.59.3' make: *** [all] 错误 2

 安装 gcc-c++-3.4.3-9.EL4.i386.rpm libstdc++-devel-3.4.3-9.EL4.i386.rpm 通过  # chmod 755 /usr/local/courier-authlib/var/spool/authdaemon # cp /etc/authdaemonrc.dist  /etc/authdaemonrc # cp /etc/authmysqlrc.dist  /etc/authmysqlrc  修改/etc/authdaemonrc 文件 authmodulelist="authmysql" authmodulelistorig="authmysql" daemons=5     编辑/etc/authmysqlrc 为以下内容，其中2525，2525 为postfix 用户的UID和GID。 MYSQL_SERVER localhost MYSQL_PORT 3306                   (指定你的mysql监听的端口，这里使用默认的3306) MYSQL_USERNAME  extmail      (这时为后文要用的数据库的所有者的用户名) MYSQL_PASSWORD extmail        (密码) MYSQL_SOCKET  /tmp/mysql.sock MYSQL_DATABASE  extmail MYSQL_USER_TABLE  mailbox MYSQL_CRYPT_PWFIELD  password MYSQL_UID_FIELD  '2525' MYSQL_GID_FIELD  '2525' MYSQL_LOGIN_FIELD  username MYSQL_HOME_FIELD  concat('/var/mailbox/',maildir) MYSQL_NAME_FIELD  name MYSQL_MAILDIR_FIELD  concat('/var/mailbox/',maildir) # cp courier-authlib.sysvinit /etc/init.d/courier-authlib # chmod 755 /etc/init.d/courier-authlib # chkconfig --add courier-authlib # chkconfig --level 2345 courier-authlib on  #echo "/usr/local/courier-authlib/lib/courier-authlib" >> /etc/ld.so.conf # ldconfig -v # service courier-authlib start   (启动服务)

十一、安装Courier-IMAP  # tar jxvf courier-imap-4.1.3.tar.bz2 # cd courier-imap-4.1.3 ./configure   --prefix=/usr/local/courier-imap   --with-redhat   --enable-unicode   --disable-root-check   --with-trashquota   --without-ipv6   CPPFLAGS='-I/usr/local/ssl/include/openssl  -I/usr/local/courier-authlib/include'      LDFLAGS='-L/usr/local/courier-authlib/lib/courier-authlib'     COURIERAUTHCONFIG='/usr/local/courier-authlib/bin/courierauthconfig' # make # make install # cp /usr/local/courier-imap/etc/imapd.dist /usr/local/courier-imap/etc/imapd # cp /usr/local/courier-imap/etc/imapd-ssl.dist /usr/local/courier-imap/etc/imapd-ssl # cp /usr/local/courier-imap/etc/pop3d.dist /usr/local/courier-imap/etc/pop3d # cp /usr/local/courier-imap/etc/pop3d-ssl.dist /usr/local/courier-imap/etc/pop3d-ssl  配置Courier-IMAP，为用户提供pop3服务： vi /usr/local/courier-imap/etc/pop3d POP3DSTART=YES  注：如果你想为用户提供IMAP服务，则需在"/usr/local/courier-imap/etc/imapd"文件中设置"IMAPDSTART=yes"；其它类同；  新建虚拟用户邮箱所在的目录，并将其权限赋予postfix用户： #mkdir –pv /var/mailbox #chown –R postfix /var/mailbox  #cp courier-imap.sysvinit /etc/rc.d/init.d/courier-imapd #chmod 755 /etc/rc.d/init.d/courier-imapd #chkconfig --add courier-imapd #chkconfig --level 2345 courier-imapd on #service courier-imapd start  接下来重新配置SMTP 认证，编辑 /usr/local/lib/sasl2/smtpd.conf ，确保其为以下内容： pwcheck_method: authdaemond log_level: 3 mech_list:PLAIN LOGIN authdaemond_path:/usr/local/courier-authlib/var/spool/authdaemon/socket

十二、安装Extmail-1.0.2

1、安装
# tar zxvf extmail-1.0.2.tar.gz
# mkdir -pv /var/www/extsuite
# mv extmail-1.0.2 /opt/lampp/extsuite/extmail
# cp /opt/lampp/extsuite/extmail/webmail.cf.default /opt/lampp/extsuite/extmail/webmail.cf

2、修改主配置文件
#vi /opt/lampp/extsuite/extmail/webmail.cf

部分修改选项的说明：

将/var/www路径改成/opt/lampp/htdocs

SYS_MESSAGE_SIZE_LIMIT = 5242880
用户可以发送的最大邮件

SYS_USER_LANG = en_US
语言选项，可改作：
SYS_USER_LANG = zh_CN

SYS_MAILDIR_BASE = /home/domains
此处即为您在前文所设置的用户邮件的存放目录，可改作：
SYS_MAILDIR_BASE = /var/mailbox

SYS_MYSQL_USER = db_user
SYS_MYSQL_PASS = db_pass
以上两句句用来设置连接数据库服务器所使用用户名、密码和邮件服务器用到的数据库，这里修改为：
SYS_MYSQL_USER = webman
SYS_MYSQL_PASS = webman

SYS_MYSQL_HOST = localhost
指明数据库服务器主机名，这里默认即可

SYS_MYSQL_SOCKET = /var/lib/mysql/mysql.sock
连接数据库的sock文件位置，这里修改为：
SYS_MYSQL_SOCKET = /tmp/mysql.sock

SYS_MYSQL_TABLE = mailbox
SYS_MYSQL_ATTR_USERNAME = username
SYS_MYSQL_ATTR_DOMAIN = domain
SYS_MYSQL_ATTR_PASSWD = password
以上用来指定验正用户登录里所用到的表，以及用户名、域名和用户密码分别对应的表中列的名称；这里默认即可

SYS_AUTHLIB_SOCKET = /var/spool/authdaemon/socket
此句用来指明authdaemo socket文件的位置，这里修改为：
SYS_AUTHLIB_SOCKET = /usr/local/courier-authlib/var/spool/authdaemon/socket

3、apache相关配置

由于extmail要进行本地邮件的投递操作，故必须将运行apache服务器用户的身份修改为您的邮件投递代理的用户；本例中打开了apache服务器的suexec功能，故使用以下方法来实现虚拟主机运行身份的指定。此例中的MDA为postfix自带，因此将指定为postfix用户：

ServerName mail.benet.org
DocumentRoot /opt/lampp/htdocs/extsuite/extmail/html/
ScriptAlias /extmail/cgi /opt/lampp/htdocs/extsuite/extmail/cgi
Alias /extmail /opt/lampp/htdocs/extsuite/extmail/html
SuexecUserGroup postfix postfix
修改 cgi执行文件属主为apache运行身份用户：
# chown -R postfix.postfix /opt/lampp/htdocs/extsuite/extmail/cgi/

如果您没有打开apache服务器的suexec功能,也可以使用以下方法解决：
# vi /etc/httpd/httpd.conf
User postfix
Group postfix
ServerName mail.c1gstudio.com
DocumentRoot /opt/lampp/htdocs/extsuite/extmail/html/
ScriptAlias /extmail/cgi /opt/lampp/htdocs/extsuite/extmail/cgi
Alias /extmail /opt/lampp/htdocs/extsuite/extmail/html
4、依赖关系的解决

extmail将会用到perl的DBD::Mysql和Unix::syslogd功能，您可以去http://search.cpan.org搜索下载原码包进行安装。
# tar zxvf Unix-Syslog-0.100.tar.gz
# cd Unix-Syslog-0.100
# perl Makefile.PL
# make
# make install

DBD-Mysql目前最新的版本为DBD-mysql-4.005，但它和系统中的perl结合使用时会造成extmail无法正常使用，因此我们采用3的版本：
# tar zxvf DBD-mysql-3.0008_1.tar.gz
# cd cd DBD-mysql-3.0008_1
# perl Makefile.PL (此步骤中如果出现类同Can’t exec “mysql_config”: No such file or directory at Makefile.PL line 76.的错误是因为您的mysql的bin目录没有输出至$PATH环境变量)

Note (probably harmless): No library found for -lmysqlclient
Using DBI 1.40 (for perl 5.008005 on i386-linux-thread-multi) installed in /usr/lib/perl5/vendor_perl/5.8.3/i386-linux-thread-multi/auto/DBI
Writing Makefile for DBD::mysql
———————–
将/usr/local/mysql/lib拷一份到/usr/lib/mysql
/usr/local/mysql/include拷一份到/usr/include/mysql

cp /usr/local/mysql/lib/*.* /usr/lib/mysql
cp /usr/local/mysql/include/*.* /usr/include/mysql

通过

# make
# make install
十三、安装Extman-0.2.2

1、安装及基本配置

#tar zxvf extman-0.2.2.tar.gz
# mv extman-0.2.2 /opt/lampp/htdocs/extsuite/extman

修改配置文件以符合本例的需要：
# vi /opt/lampp/htdocs/extsuite/extman/webman.cf

将/var/www路径改成/opt/lampp/htdocs

SYS_MAILDIR_BASE = /home/domains
此处即为您在前文所设置的用户邮件的存放目录，可改作：
SYS_MAILDIR_BASE = /var/mailbox

SYS_MYSQL_SOCKET = /var/lib/mysql/mysql.sock
此处修改为：
SYS_MYSQL_SOCKET = /tmp/mysql.sock

使用extman源码目录下docs目录中的extmail.sql和init.sql建立数据库：

# cd /opt/lampp/htdocs/extsuite/extman/docs
# mysql -u root -p # mysql -u root -p

修改cgi目录的属主：
# chown -R postfix.postfix /opt/lampp/htdocs/extsuite/extman/cgi/

如果extman访问数据库权限不足的话，可采用以下命令将新生成的数据库赋予webman用户具有所有权限：
mysql> GRANT all privileges on extmail.* TO webman@localhost IDENTIFIED BY ‘webman’;
mysql> GRANT all privileges on extmail.* TO [email protected] IDENTIFIED BY ‘webman’;

在apache的主配置文件中Extmail的虚拟主机部分，添加如下两行：
ScriptAlias /extman/cgi /opt/lampp/htdocs/extsuite/extman/cgi
Alias /extman /opt/lampp/htdocs/extsuite/extman/html

创建其运行时所需的临时目录，并修改其相应的权限：
#mkdir -pv /tmp/extman
#chown postfix.postfix /tmp/extman

好了，到此为止，重新启动apache服务器后，您的Webmail和Extman已经可以使用了，可以在浏览器中输入指定的虚拟主机的名称进行访问，如下：
http://mail.c1gstudio.com

如果不能出现，请确认apache是否加载了cgi模块

Can’t locate /var/www/extsuite/extmail/lang/en_US in @INC (@INC contains: /opt/lampp/htdocs/extsuite/extmail/libs /usr/lib/perl5/5.8.5/i386-linux-thread-multi /usr/lib/perl5/5.8.5 /usr/lib/perl5/site_perl/5.8.5/i386-linux-thread-multi /usr/lib/perl5/site_perl/5.8.4/i386-linux-thread-multi /usr/lib/perl5/site_perl/5.8.3/i386-linux-thread-multi /usr/lib/perl5/site_perl/5.8.2/i386-linux-thread-multi /usr/lib/perl5/site_perl/5.8.1/i386-linux-thread-multi /usr/lib/perl5/site_perl/5.8.0/i386-linux-thread-multi /usr/lib/perl5/site_perl/5.8.5 /usr/lib/perl5/site_perl/5.8.4 /usr/lib/perl5/site_perl/5.8.3 /usr/lib/perl5/site_perl/5.8.2 /usr/lib/perl5/site_perl/5.8.1 /usr/lib/perl5/site_perl/5.8.0 /usr/lib/perl5/site_perl /usr/lib/perl5/vendor_perl/5.8.5/i386-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.4/i386-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.3/i386-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.2/i386-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.1/i386-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.0/i386-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.5 /usr/lib/perl5/vendor_perl/5.8.4 /usr/lib/perl5/vendor_perl/5.8.3 /usr/lib/perl5/vendor_perl/5.8.2 /usr/lib/perl5/vendor_perl/5.8.1 /usr/lib/perl5/vendor_perl/5.8.0 /usr/lib/perl5/vendor_perl) at /opt/lampp/htdocs/extsuite/extmail/libs/Ext/Lang.pm line 65.

———–

将webmail.cf中的SYS_USER_LANG改回 en_US就可解决
选择管理即可登入extman进行后台管理了。默认管理帐号为：[email protected] 密码为：extmail*123*

说明：
(1) 如果您安装后无法正常显示校验码，安装perl-GD模块会解决这个问题。如果想简单，您可以到以下地址下载适合您的平台的rpm包，安装即可： http://dries.ulyssis.org/rpm/packages/perl-GD/info.html
(2) extman-0.2.2自带了图形化显示日志的功能；此功能需要rrdtool的支持，您需要安装此些模块才可能正常显示图形日志。

rpm -i perl-GD-2.35-1.el4.rf.i386.rpm

tail /var/log/maillog

Jan 31 16:16:07 devwww postfix/pickup[25731]: warning: D2A9A12520E: message has been queued for 1 days
Jan 31 16:16:07 devwww postfix/pickup[25731]: D2A9A12520E: uid=0 from=
Jan 31 16:16:07 devwww postfix/cleanup[26068]: warning: D2A9A12520E: virtual_alias_maps map lookup problem for [email protected]
Jan 31 16:16:07 devwww postfix/pickup[25731]: D315F12520E: uid=2525 from=<[email protected]>
Jan 31 16:16:07 devwww postfix/cleanup[26048]: D315F12520E: message-id=<[email protected]>
Jan 31 16:16:07 devwww postfix/cleanup[26048]: warning: D315F12520E: virtual_alias_maps map lookup problem for [email protected]

修改4个配置文件的mysql账号

出错

Jan 31 17:08:50 devwww postfix/local[26236]: warning: dict_nis_init: NIS domain name not set – NIS lookups disabled
Jan 31 17:08:50 devwww postfix/bounce[26235]: 8B4A1125208: sender non-delivery notification: 5C7DB125209
Jan 31 17:08:50 devwww postfix/qmgr[26214]: 8B4A1125208: removed

修改/etc/postfix/main.cf
smtpd_sasl_local_domain = $myhostname
改成
smtpd_sasl_local_domain = $mydomain
Feb 1 11:16:04 devwww postfix/smtpd[27515]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No such file or directory
Feb 1 11:16:04 devwww postfix/smtpd[27515]: warning: localhost.localdomain[127.0.0.1]: SASL login authentication failed: authentication failure
可以通过web发送，使用esmtp时出错

Feb 25 13:16:20 devwww postfix/smtpd[26670]: warning: dict_nis_init: NIS domain name not set – NIS lookups disabled
Feb 25 13:16:21 devwww postfix/smtpd[26670]: connect from unknown[192.168.54.83]
Feb 25 13:16:21 devwww postfix/smtpd[26670]: disconnect from unknown[192.168.54.83]
找一下你的配置文件main.cf中是否有类同于如下行的项(也可能是被注释掉的)，如果有并被注释了，启用它，并将后面关于nis的删除即可。
alias_maps = hash:/etc/aliases, nis:mail.aliases

[root@mail build] perl -MMIME::Base64 -e ‘print encode_base64(“test\@test.com”);’
dGVzdEB0ZXN0LmNvbQ==
[root@mail build] perl -MMIME::Base64 -e ‘print encode_base64(“000000”);’
MDAwMDAw

telnet localhost 25
Trying 127.0.0.1…
Connected to localhost.localdomain (127.0.0.1).
Escape character is ‘^]’.
220 mail.test.com ESMTP Postfix
ehlo mail
250-mail.test.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250 8BITMIME
auth login
334 VXNlcm5hbWU6
dGVzdEB0ZXN0LmNvbQ== //用户名（[email protected]）
334 UGFzc3dvcmQ6
MDAwMDAw // 密码（000000）
235 Authentication successful //表示成功验证通过

最后重装了….T_T

Posted in Mail/Postfix.

Tagged with cpan, Mail/Postfix.

rev="post-135" No comments

By C1G – 2008/03/05

sendmail+sasl2创建带smtp的mail server

参考文章

http://www.5dmail.net/html/2007-8-3/20078300406.htm

使用rhel自带的sendmail和sasl2

修改/etc/mail/local-hosts-name文件

增加本地域和主机的FQDN，记住只是本地主机的FQDN和域名FQDN，不要添加其他域的，否则向外域发送邮件的时候会出现user unknown的错误：

[root@localhost named]# vi /etc/mail/local-host-names

# local-host-names – include all aliases for your machine here.

c1gstudio.com

3.更改/etc/mail/sendmail.mc文件，修改下列地方：

DaemonPortsOptions=Port=smtp,Addr=127.0.0.1, Name=MTA 更改为：

DaemonPortsOptions=Port=smtp,Addr=yourip或者0.0.0.0, Name=MTA

然后m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf

出现错误

/etc/mail/sendmail.mc:10: m4: Cannot open /usr/share/sendmail-cf/m4/cf.m4:

No such file or directory

在rehat 第四张盘中安装sendmail-cf

m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf

通过

4.用户管理

认证的配置：修改/etc/mail/sendmail.mc中的字段，取消“TRUST_AUTH_MECH”一行和下一行“define”处的注释。（于sendmail.mc文件的第48、49）然后m4 /etc/ mail/sendmail.mc>/etc/mail/sendmail.cf。

[root@localhost named]# chkconfig –list saslauthd 开启认证

saslauthd 0:off 1:off 2:off 3:off 4:off 5:off 6:off

[root@localhost named]# chkconfig –level 35 saslauthd on

建立用户帐号

[root@localhost named]# groupadd mailuser

[root@localhost named]# adduser -g mailuser -s /sbin/nologin mike

[root@localhost named]# adduser -g mailuser -s /sbin/nologin john

[root@localhost named]# passwd mike

[root@localhost named]# passwd john 密码都是123

设置邮件别名和邮件群发

修改/etc/aliases文件实现邮件转发和邮件列表：

admin: mike 为邮件用户mike设置别名admin

testgroup: mike,john 实现群发发给testgroup的邮件发给mike 和 john 以上2个可以分别测试

#newaliases

5.访问控制设置

更改/etc/mail/accesss文件，增加：

[root@localhost named]# cat /etc/mail/access

# Check the /usr/share/doc/sendmail/README.cf file for a description

# of the format of this file. (search for access_db in that file)

# The /usr/share/doc/sendmail/README.cf is part of the sendmail-doc

# package.

# by default we allow relaying from localhost…

localhost.localdomain RELAY

localhost RELAY

127.0.0.1 RELAY

c1gstudio.com RELAY

完成后makemap hash /etc/mail/access.db < /etc/mail/access进行数据库更新。

6.#service sendmail restart

[root@localhost named]# service sendmail restart 启动服务

Shutting down sendmail: [FAILED]

Starting sendmail: [ OK ]

Starting sm-client: [ OK ]

[root@localhost named]# telnet localhost 25

Trying 127.0.0.1…

Connected to localhost.localdomain (127.0.0.1).

Escape character is ‘^]’.

220 localhost.localdomain ESMTP Sendmail 8.13.1/8.13.1; Sat, 17 Mar 2007 12:54:47 +0800

ehlo localhost

250-localhost.localdomain Hello localhost.localdomain [127.0.0.1], pleased to meet you

250-ENHANCEDSTATUSCODES

250-PIPELINING

250-8BITMIME

250-SIZE

250-DSN

250-ETRN

250-AUTH DIGEST-MD5 CRAM-MD5 LOGIN PLAIN —认证应该生效

250-DELIVERBY

250 HELP

quit

221 2.0.0 localhost.localdomain closing connection

Connection closed by foreign host.

察看邮件队列内容：

mailq 或者 sendmail –bp

—–Q-ID—– –Size– —–Q-Time—– ————Sender/Recipient———–

k7TDIVMI001446 450 Tue Aug 29 21:18 [email protected]

(Deferred: 451 mta136.mail.cnb.yahoo.com Resources temporaril)

Q-ID：邮件的队列号。Size：邮件的大小。Q-Time：进入队列的时间。Sender/Recipient：发送与接受人的邮箱。

察看邮件服务器统计信息：

mailstats

M msgsfr bytes_from msgsto bytes_to msgsrej msgsdis Mailer

3 41 19626K 67 183K 1 0 local

4 23 48K 284 321K 1 0 smtp

5 17 34K 36 19583K 5 0 esmtp

9 294 479K 134 462K 0 0 procmail

=====================================================

T 375 20187K 521 20549K 7 0

C 364 363 7

M：是mailer的代号。msgsfr：从此服务器上发出去的邮件。

Msgsfr:代表本服务器发送的邮件数。

Bytes_from：发送出邮件的大小。

Msgsto:收到邮件数。

Bytes_to：首要邮件的大小。

Msgsrej：邮件被deny的次数。

Msgsdis：邮件被discard的次数。

Mailer：sendmail包含的mailer，esmtp主要对外，local主要处理本地的mail。

Posted in LINUX, Mail/Postfix, 技术.

Tagged with mail, sasl2, sendmail, smtp.

rev="post-136" No comments

By C1G – 2008/03/05

postfix+sasl2构建简单邮件服务器

参考http://bbs.chinaunix.net/thread-987344-1-1.html
http://linux.vbird.org/linux_server/0390postfix.php

Postfix-2.4.6
ftp://postfix.get7.biz/postfix/official/postfix-2.4.6.tar.gz

cyrus-sasl-2.1.22
http://download.chinaunix.net/download.php?id=24281&ResourceID=71

cyrus-sasl-2.1.22 + postfix-2.4.6查看当前sasl版本
#saslauthd -v关闭当前运行的SENDMAIL：
#/etc/rc.d/init.d/sendmail stop
禁止开机运行：
#chkconfig -levels 12345 sendmail off
或
#chkconfig sendmail off

关闭原有的sendmail：
# mv /usr/sbin/sendmail /usr/sbin/sendmail.OFF
# mv /usr/bin/newaliases /usr/bin/newaliases.OFF
# mv /usr/bin/mailq /usr/bin/mailq.OFF
# chmod 755 /usr/sbin/sendmail.OFF /usr/bin/newaliases.OFF /usr/bin/mailq.OFF

安装sasl
#tar zxvf cyrus-sasl-2.1.22.tar.gz
#cd cyrus-sasl-2.1.22
#./configure –prefix=/usr/local/sasl2 （注意使用续行符）
–disable-gssapi
–disable-anon
–disable-sample
–disable-digest
–enable-plain
–enable-login

#make
#make install 关闭原有的sasl：
# mv /usr/lib/libsasl2.a  /usr/lib/libsasl2.a.OFF
# mv /usr/lib/libsasl2.la  /usr/lib/libsasl2.la.OFF
# mv /usr/lib/libsasl2.so.2.0.19  /usr/lib/libsasl2.so.2.0.19.OFF
# mv /usr/lib/sasl2  /usr/lib/sasl2.OFF
# rm /usr/lib/libsasl2.so
# rm /usr/lib/libsasl2.so.2

# ln -sv /usr/local/sasl2/lib/*  /usr/lib postfix 2.3以后的版本会分别在/usr/local/lib和/usr/local/include中搜索sasl库文件及头文件，故还须将其链接至此目录中：
# ln -sv /usr/local/sasl2/lib/*  /usr/local/lib
# ln -sv /usr/local/sasl2/include/sasl/*  /usr/local/include创建运行时需要的目录并调试启动
# mkdir -pv /var/state/saslauthd
# /usr/local/sasl2/sbin/saslauthd  -a  shadow   -d启动并测试
# /usr/local/sasl2/sbin/saslauthd -a shadow
# /usr/local/sasl2/sbin/testsaslauthd -u root -p root用户密码配置库文件搜索路径
# echo “/usr/local/sasl2/lib” >> /etc/ld.so.conf
# echo “/usr/local/sasl2/lib/sasl2” >> /etc/ld.so.conf
# ldconfig -v
开机自动启动(使用 sasldb时saslauthd可以取消)
# echo “/usr/local/sasl2/sbin/saslauthd -a shadow “>>/etc/rc.local
安装postfix
#tar zxvf postfix-2.4.6.tar.gz
#cd postfix-2.4.6
#make tidy
#make makefiles CCARGS=’-DUSE_SASL_AUTH -DUSE_CYRUS_SASL -I/usr/local/sasl2/include/sasl’ ‘AUXLIBS=-L/usr/local/sasl2/lib -lsasl2’

#groupadd -g 2525 postfix
#useradd -g postfix -u 2525 -s /sbin/nologin -M postfix

#groupadd -g 2526 postdrop
#useradd -g postdrop -u 2526 -s /bin/false -M postdrop

#make
#make install

按照以下的提示输入相关的路径([]号中的是缺省值，”]”后的是输入值)

　　install_root: [/] /
　　tempdir: [/usr/local/src/ postfix-2.4.5] /tmp
　　config_directory: [/etc/postfix] /etc/postfix
　　daemon_directory: [/usr/libexec/postfix] /usr/local/postfix/libexec
　　command_directory: [/usr/sbin] /usr/local/postfix/sbin
　　queue_directory: [/var/spool/postfix]
　　sendmail_path: [/usr/sbin/sendmail]
　　newaliases_path: [/usr/bin/newaliases]
　　mailq_path: [/usr/bin/mailq]
　　mail_owner: [postfix]
　　setgid_group: [postdrop]
html_directory: [no]
manpages: [/usr/local/man] /usr/local/postfix/man
readme_directory: [no]
这里的postfix将安装在独立的目录/usr/local/postfix中，目的是为了方便管理；您亦可以采用默认安装的方式，可能这样使用起来会更为方便些；

生成别名二进制文件，这个步骤如果忽略，会造成postfix效率极低：
# newaliases

#vi /etc/postfix/main.cf
修改以下几项为您需要的配置
myhostname = mail.c1gstudio.com
myorigin = c1gstudio.com
mydomain = c1gstudio.com
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
mynetworks = 192.168.1.0/24, 127.0.0.0/8
启动postfix
#/usr/local/postfix/sbin/postfix start

# telnet localhost 25
Trying 127.0.0.1…
Connected to localhost.localdomain (127.0.0.1).
Escape character is ‘^]’.
220 mail.c1gstudio.com ESMTP Postfix
ehlo mail.c1gstudio.com
250-mail.c1gstudio.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
MAIL FROM:[email protected]
250 2.1.0 Ok
RCPT TO:[email protected]
250 2.1.5 Ok
data
354 End data with .
subject:Mail test!
Mail test!!!
.
250 2.0.0 Ok: queued as AB94A1A561
quit
221 2.0.0 Bye
Connection closed by foreign host.
使用以下命令验正postfix是否支持cyrus风格的sasl认证，如果您的输出为以下结果，则是支持的：
# /usr/local/postfix/sbin/postconf -a
cyrus
dovecot
#vi /etc/postfix/main.cf
添加以下内容：
############################CYRUS-SASL############################
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject_invalid_hostname,reject_non_fqdn_hostname,reject_unknown_sender_domain,reject_non_fqdn_sender,reject_non_fqdn_recipient,reject_unknown_recipient_domain,reject_unauth_pipelining,reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_security_options = noanonymous
smtpd_sasl_application_name = smtpd
smtpd_banner = Welcome to our $myhostname ESMTP,Warning: Version not Available!

#vi /usr/local/lib/sasl2/smtpd.conf
添加如下内容：
pwcheck_method: saslauthd
mech_list: PLAIN LOGIN

让postfix重新加载配置文件
#/usr/local/postfix/sbin/postfix reload

添加smtp认证用户
===================
使用shadow认证
[root@dev ~]# groupadd mailuser
[root@dev ~]# adduser -g mailuser -s /sbin/nologin service
[root@dev ~]# passwd service
Changing password for user service.
New UNIX password:
BAD PASSWORD: it is too simplistic/systematic
Retype new UNIX password:
passwd: all authentication tokens updated successfully.
[root@dev ~]#

检查是否可以通过认证
[root@dev ~]# /usr/local/sasl2/sbin/testsaslauthd -u service -p 123456
0: OK “Success.”

生成base64备用
[root@dev ~]# perl -MMIME::Base64 -e ‘print encode_base64(“service”);’
c2VydmljZQ==
[root@dev ~]# perl -MMIME::Base64 -e ‘print encode_base64(“123456”);’
MTIzNDU2
[root@dev ~]# telnet localhost 25
REtOWTk5OXh4eA==
Trying 127.0.0.1…
Connected to localhost.localdomain (127.0.0.1).
Escape character is ‘^]’.
220 Welcome to our devmail.c1gstudio.com ESMTP,Warning: Version not Available!
ehlo localhost
250-devmail.c1gstudio.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
auth login
334 VXNlcm5hbWU6
c2VydmljZQ==
334 UGFzc3dvcmQ6
MTIzNDU2
235 2.0.0 Authentication successful
mail from:[email protected]
250 2.1.0 Ok
rcpt to:[email protected]
250 2.1.5 Ok
data
354 End data with .
subject:hello 13:08
this is a test
.
250 2.0.0 Ok: queued as 0BABAD607EB
quit
221 2.0.0 Bye
Connection closed by foreign host.

开机运行
#echo “/usr/local/postfix/sbin/postfix start” >> /etc/rc.d/rc.local

列出配置
#/usr/local/postfix/sbin/postconf -n

可以查看邮件队列
#/usr/local/postfix/sbin/postqueue -p

清除队列
#/usr/local/postfix/sbin/postsuper -d all
去邮箱检查邮件已收到。
dreammail发送也成功。
网站esmtp发送成功。

==========================
使用sasldb验证
# vi /usr/local/lib/sasl2/smtpd.conf:
    pwcheck_method: auxprop
    auxprop_plugin: sasldb
    mech_list: PLAIN LOGIN

找到myhostname的配置备用
# egrep myhostname /etc/postfix/main.cf

#saslpasswd2 -c -u mail.c1gstudio.com andy
输入密码
#cd /etc
#chown postfix sasldb2
查看用户
# sasldblistusers2
取消saslauthdb自启动
#vi /etc/rc.local

然后就可以使用了
测试下来投递速度差不多50封/s

[root@dev ~]# telnet xxx.xxx.xxx.xxx 25
Trying xxx.xxx.xxx.xxx …
telnet: connect to address 221.130.185.107: Connection refused
telnet: Unable to connect to remote host: Connection refused
把main.cf里的inet_interfaces改成all,再关闭后重开服务

postfix的日志分析工具有如下几种

pflogsumm
AWStats
Isoqlog
mailgraph等
更多的postfix logfile analysis在postfix.org的网站上有介绍

http://www.postfix.org/addon.html#logfile

1 下载
http://jimsun.linxnet.com/postfix_contrib.html
2 安装 Date::Calc
#perl -MCPAN -e shell
cpan> install Date::Calc

一路回车
3 安装pflogsumm(安装说明都在README里)
tar zxvf pflogsumm-1.1.0.tar.gz
cd pflogsumm-1.1.0
cp pflogsumm.pl /usr/local/bin/pflogsumm
chown bin:bin /usr/local/bin/pflogsumm
chmod 755 /usr/local/bin/pflogsumm

cp pflogsumm.1 /usr/local/man/man1/pflogsumm.1
chown bin:bin /usr/local/man/man1/pflogsumm.1
chmod 644 /usr/local/man/man1/pflogsumm.1

3 配置系统LANG(在pflogsumm-faq.txt中19条有讲)
vi /etc/sysconfig/i18n
LANG=”en_US”

4 运行命令,查看日志
/usr/local/bin/pflogsumm /var/log/maillog
或
pflogsumm `ls -rt /var/log/maillog*`
或
/usr/local/bin/pflogsumm -d today /var/log/maillog
或
/usr/local/bin/pflogsumm -d yesterday /var/log/maillog

更详细的用法,讲参照man pflogsumm

5 定时把报告发送到邮箱
0 5 * * * /usr/local/bin/pflogsumm -d yesterday /var/log/maillog | mail -s “Mail Report From mail.c1gstudio.com” [email protected]

Posted in Mail/Postfix, 技术.

Tagged with mail, Mail/Postfix, sasl2, smtp.

rev="post-137" No comments

By C1G – 2008/03/05

使用crontab+ssh每天自动完全备份mysql数据

mysql+ftp备份

http://blog.c1gstudio.com/archives/13

自动ssh/scp方法配置
A为本地主机(即用于控制其他主机的机器) ;
B为远程主机(即被控制的机器Server), 假如ip为192.168.60.110;
A和B的系统都是Linux

在A上运行命令:

#cd ~
# ssh-keygen -t rsa (连续三次回车,即在本地生成了公钥和私钥,不设置密码)
# ssh -p 22 [email protected] ‘mkdir .ssh’ (建立目录，需要输入密码，只需一次)
# scp -P 22 ~/.ssh/id_rsa.pub [email protected]:.ssh/id_rsa.pub (copy本地公钥到B，需要输入密码)

===============================================
08-07-03改动
当B机重装或改动时可能遇到下面状况
可能遇到的问题：@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
be:5f:d2:45:66:4d:0c:9e:2b:6b:45:65:a7:b2:85:28.
Please contact your system administrator.
Add correct host key in /root/.ssh/known_hosts to get rid of this message.
Offending key in /root/.ssh/known_hosts:11
RSA host key for localhost has changed and you have requested strict checking.
Host key verification failed.

如上问题，请删除 ~/.ssh/known_hosts指定的行，如上面的第11行，然后再试。
=========================================================

2008-11-11
用scponly创建一个chroot环境的sftp
在B上用root登录
以backup1为例，通过一临时用户拷贝
#mkdir /home/backup1/.ssh
#touch /home/backup1/.ssh/authorized_keys
#chown -R backup1:backup1 /home/backup1/.ssh
#cat /home/backup/.ssh/id_rsa.pub >> /home/backup1/.ssh/authorized_keys

=========================================================

2009-08-19
chmod 0700 /home/backup1/.ssh
chmod 0600 /home/backup1/.ssh/authorized_keys
记得权限要保持一致，否则还是需要输入密码…

=========================================================

=========================================================
2010-3-15更新
A机
# ssh-keygen -t rsa (连续三次回车,即在本地生成了公钥和私钥,不设置密码)
# ssh-copy-id -i ~/.ssh/id_rsa.pub “-p 22 [email protected]”
#有chroot环境的需先复制到临时用户，再移过去，参考上面步骤

=========================================================

在B上用backup用户的命令:
#cd ~
# touch .ssh/authorized_keys (如果已经存在这个文件, 跳过这条)
# cat .ssh/id_rsa.pub >> .ssh/authorized_keys (将id_rsa.pub的内容追加到authorized_keys 中)

回到A机器:
# ssh backup@192.168.60.110 (不需要密码, 登录成功)

在a机上建立放脚本的目录

# cd /opt/lampp
# mkdir shell

copy文件到上面目录

# chmod +x mysqlbackup.sh

在本地/home/backup下建立本地备份目录

# cd /home/backup
# mkdir mysqlbackup && chown root:website mysqlbackup && chmod 0666 mysqlbackup

crontab 设置,每天凌晨3点执行

# crontab -e
0 3 * * * /bin/sh /opt/lampp/shell/mysqlbackup.sh

发下为脚本mysqlbackup.sh

#!/bin/bash
#每天备份mysql数据
#保留3天的备份包

#需备份的服务器名
server=test

#FTP主机
ftphost=’202.100.222.2′
#FTP用户名
ftpusername=test
#FTP密码
ftppassword=test

#ssh主机
sshhost=’202.100.222.2′
#ssh用户名
sshuser=backup
#备份存放目录
remotefolder=backup

#备份文件存放的目录
backuppath=/home/user/mysqlbackup
#备份文件名
file=${server}-mysql-$(date +%Y-%m-%d).tar.gz
#需备份的目录
sourcepath=/opt/lampp/var/mysql
#备份日志
logfile=${backuppath}/mysqlbackup.log

function Backup() #处理涵数
{
/bin/tar -czf ${backuppath}/${file} –exclude=${sourcepath}/mysql.sock ${sourcepath} #执行备份操作
echo -e $(date +%Y-%m-%d_%H:%M:%S)’:tar:’${backuppath}/${file} ${sourcepath}”\r” >>${logfile}

}

function Send()
{
#ssh,使用前请先做好配置
/usr/bin/rsync -av ${backuppath}/${file} -e /usr/bin/ssh ${sshuser}@${sshhost}:${remotefolder}/>>${logfile}

#cd $backuppath
#ftp -i -n open $ftphost user $ftpusername $ftppassword
#if [ ! [ -d BACKUP/$server ]]; then
#mkdir BACKUP/$server #如目录不存在则创建
#fi
#cd BACKUP/$server
#put $file #上传文件
#bye #退出
##!
}

echo -e ‘——————\r’ >>${logfile}
/bin/chown local:website ${logfile} && /bin/chmod 0666 ${logfile}
echo -e $(date +%Y-%m-%d_%H:%M:%S)”:server “${server}” beginning\r” >>${logfile}
/bin/rm -rf ${backuppath}/${serve}r-mysql-$(date +%Y-%m-%d –date=’3 days ago’).tar.gz #删除3天前的压缩文件
echo -e $(date +%Y-%m-%d_%H:%M:%S)”:delete backup file\r” >>$logfile
echo -e $(date +%Y-%m-%d_%H:%M:%S)”stop mysql\r” >>$logfile
/opt/lampp/lampp stopmysql >/dev/null 2>&1 #停止Mysql服务
Backup #调用处理涵数
/opt/lampp/lampp startmysql >/dev/null 2>&1 #启动Mysql服务
echo -e “\r\n”$(date +%Y-%m-%d_%H:%M:%S)”:start mysql\r” >>$logfile
Send

echo -e $(date +%Y-%m-%d_%H:%M:%S)”:mysql backup ok\r” >>$logfile
echo ‘ok’

Posted in Mysql, shell, 备份.

Tagged with crontab, mysql, shell, ssh, 备份.

rev="post-134" No comments

By C1G – 2007/12/06

查看Apache并发请求数及其TCP连接状态[转]

http://blog.s135.com/read.php/269.htm

引用

# prefork MPM
# StartServers: number of server processes to start
# MinSpareServers: minimum number of server processes which are kept spare
# MaxSpareServers: maximum number of server processes which are kept spare
# MaxClients: maximum number of server processes allowed to start
# MaxRequestsPerChild: maximum number of requests a server process servesStartServers 10
MinSpareServers 10
MaxSpareServers 15
ServerLimit 2000
MaxClients 2000
MaxRequestsPerChild 10000

　　查看httpd进程数（即prefork模式下Apache能够处理的并发请求数）：
Linux命令：

引用

ps -ef | grep httpd | wc -l

返回结果示例：
1388
表示Apache能够处理1388个并发请求，这个值Apache可根据负载情况自动调整，我这组服务器中每台的峰值曾达到过2002。

　　查看Apache的并发请求数及其TCP连接状态：
Linux命令：

引用

netstat -n | awk ‘/^tcp/ {++S[$NF]} END {for(a in S) print a, S[a]}’

（这条语句是从新浪互动社区事业部技术总监王老大那儿获得的，非常不错）
返回结果示例：
LAST_ACK 5
SYN_RECV 30
ESTABLISHED 1597
FIN_WAIT1 51
FIN_WAIT2 504
TIME_WAIT 1057
其中的SYN_RECV表示正在等待处理的请求数；ESTABLISHED表示正常数据传输状态；TIME_WAIT表示处理完毕，等待超时结束的请求数。

　　关于TCP状态的变迁，可以从下图形象地看出：

状态：描述
CLOSED：无连接是活动的或正在进行
LISTEN：服务器在等待进入呼叫
SYN_RECV：一个连接请求已经到达，等待确认
SYN_SENT：应用已经开始，打开一个连接
ESTABLISHED：正常数据传输状态
FIN_WAIT1：应用说它已经完成
FIN_WAIT2：另一边已同意释放
ITMED_WAIT：等待所有分组死掉
CLOSING：两边同时尝试关闭
TIME_WAIT：另一边已初始化一个释放
LAST_ACK：等待所有分组死掉

Posted in Apache, shell, 技术.

Tagged with apache, shell, tcp.

rev="post-133" No comments

By C1G – 2007/11/29

网站负载均衡技术[转]

http://blog.s135.com/read.php/307.htm

DNS轮循
　　DNS轮循是指将相同的域名解释到不同的IP，随机使用其中某台主机的技术。但其具有明显的缺点：一旦某个服务器出现故障，即使及时修改了DNS设置，还是要等待足够的时间（刷新时间）才能发挥作用，在此期间，保存了故障服务器地址的客户计算机将不能正常访问服务器。DNS负载均衡采用的是简单的轮循负载算法，不能区分服务器的差异，不能反映服务器的当前运行状态，不能做到为性能较好的服务器多分配请求，甚至会出现客户请求集中在某一台服务器上的情况。

　　F5 BIG-IP
　　简介：F5 Networks 公司的著名硬件负载均衡交换机。支持硬件四层、七层交换。不同的型号性能不同，BIG-IP 6400可以支持800万条并发连接，低一点型号的可以支持400万条以上的并发连接。性能极高，但价格也不菲。
　　价格：BIG-IP 6400的价格在16万元人民币左右。
　　网址：http://www.f5.com.cn/（中国） http://www.f5.com/（全球）

　　LVS（Linux Virtual Server）
　　简介：软件四层交换。LVS是在Linux内核中作四层交换，只花128个字节记录一个连接信息，不涉及到文件句柄操作，故没有65535最大文件句柄数的限制。LVS性能很高，可以支持100～400万条并发连接。
　　价格：免费、开源
　　网址：http://zh.linuxvirtualserver.org/

　　L7SW（Layer7 switching）
　　简介：软件七层交换。这是一款类似LVS的新负载均衡软件，我没有实际应用过，性能未知，因此不作评价。这是它的英文介绍：Layer7 switching is driving a low-level engine using networking design to speed-up forwarding of data stream. Implementation in this project is split into a userspace daemon and a low-level kernelspace forwarding engine. Userspace daemon is responsible for scheduling and switching decisions. Kernelspace forwarding engine is responsible for forwarding stream and using TCP-Splicing scheme. TCP-Splicing is the postponement of the connection between the client and the server in order to obtain sufficient information to make a routing decision. This project is close to Linux Virtual Server project since lot of discusions on this topics have been made online and offline LVS project.
　　价格：免费、开源
　　网址：http://www.linux-l7sw.org/

　　HAProxy
　　简介：软件七层交换，反向代理服务器。目前还不支持虚拟主机，但其配置简单，拥有非常不错的服务器健康检查功能，当其代理的后端服务器出现故障，HAProxy会自动将该服务器摘除，故障恢复后再自动将该服务器加入。另外，HAProxy还支持双机热备。我曾经用过一段时间，能支持2～3万条并发连接。现在我用它做普通的小并发负载均衡，主要用到的是它的服务器健康检查功能。
　　价格：免费、开源
　　网址：http://haproxy.1wt.eu/

　　Nginx
　　简介：软件七层交换，反向代理服务器。能够很好地支持虚拟主机，可配置性很强，可以按URL做负载均衡。我目前一直在用，大约能支持3～5万条并发连接。
　　价格：免费、开源
　　网址：http://wiki.codemongers.com/NginxChs（中文维基）

Posted in 网站架构.

Tagged with 网站架构, 负载均衡.

rev="post-132" No comments

By C1G – 2007/11/29

解决不能通过mysql.sock连接MySQL问题

mysql不能启动，报找不到xxx.sock

kill -9 进程。不行
查看my.cnf配置。没错

看了一下error.log,发现没空间了

/opt占了三十几G，原来apache日志一直没清过，新上的产品每天又产生近2G的日志。

把日志删了后就正常了.

修改apache不产生日志
<coolcode>
CustomLog combined /dev/null
</coolcode>

Posted in linux 维护优化, Mysql, 技术.

Tagged with mysql.

rev="post-131" No comments

By C1G – 2007/11/16

squid 安装

按照此贴安装
http://bbs.chinaunix.net/thread-873126-1-1.html

wget http://www.squid-cache.org/Versions/v2/2.6/squid-2.6.STABLE23.tar.gz
tar zxvf squid-2.6.STABLE23.tar.gz
cd squid-2.6.STABLE23
# 来自车东
./configure –prefix=/opt/squid-2.6.STABLE23 –enable-useragent-log –enable-referer-log –with-large-files –enable-default-err-language=Simplify_Chinese –enable-err-languages=”Simplify_Chinese English” –disable-internal-dns
make
make install
ln -s /opt/squid-2.6.STABLE23 /opt/squid

++apache的log显示ip来源都是127.0.0.1,修改配置文件使其可以正常记录来访IP
将CustomLog的%h改为%{X-Forwarded-For}i,其它不变.

++快速清空cache
echo ” ” > $CachePath/caches/swap.state

对于类似http://you.video.sina.com.cn/index.html之类的网页，squid只会生成一个缓存文件。可以用squid附带的squidclient工具清除：
引用
squidclient -m PURGE -p 80 “http://you.video.sina.com.cn/index.html”

多个网址可参考这里
但在取URL时存在10%的错误率
http://www.365bloglink.com/go.php?id=0215245
老外的程序，可以批量清除某类URL的Squid缓存，支持正则表达式
http://blog.s135.com/read.php/308.htm

常用命令
1，初始化你在 squid.conf 里配置的 cache 目录
#squid/sbin/squid -z
如果有错误提示，请检查你的 cache目录的权限。
2，对你的squid.conf 排错，即验证 squid.conf 的语法和配置。
#squid/sbin/squid -k parse
如果squid.conf 有语法或配置错误，这里会返回提示你，如果没有返回，恭喜，可以尝试启动squid。
3，在前台启动squid，并输出启动过程。
#squid/sbin/squid -N -d1
如果有到 ready to server reques，恭喜，启动成功。
然后 ctrl + c，停止squid，并以后台运行的方式启动它。
4，启动squid在后台运行。
#squid/sbin/squid -s
这时候可以 ps -A 来查看系统进程，可以看到俩个 squid 进程。
5，停止 squid
#squid/sbin/squid -k shutdown
这个不用解释吧。
6，重引导修改过的 squid.conf
#squid/sbin/squid -k reconfigure
这个估计用的时候比较多，当你发现你的配置有不尽你意的时候，可以随时修改squid.conf，然后别忘记对你的 squid.conf排错，然后再执行此指令，即可让squid重新按照你的 squid.conf 来运行。
7，把squid添加到系统启动项
编辑 /etc/rc.d/rc.local
添加如下行：
echo “65535”>/proc/sys/fs/file-max
ulimit -HSn 65535
/usr/local/squid/sbin/squid -s
当然，并不是每个人都喜欢这种启动方式，你可以用你最习惯的方式；或者把它安装为服务。

#查看运行信息
/usr/local/squid/bin/squidclient -h 127.0.0.1 -p 81 mgr:info

#分割日志
20 0 * * * /usr/local/squid/sbin/squid -k rotate

再来点其他的。
1，修改cache 缓存目录的权限。
#chown -R squid:squid /home/cache
我的cache缓存目录是 /home/cache,squid执行用户和用户组是 squid，squid。
2，修改squid 日志目录的权限
#chown -R squid:squid /usr/local/squid/var/logs
这一步并不是适合每一个使用squid的用户.意为让squid有权限在该目录进行写操作。
例如生成 access.log cache.log store.log
3，查看你的日志文档。
#more /usr/local/squid/var/logs/access.log | grep TCP_MEM_HIT
该指令可以看到在squid运行过程中，有那些文件被squid缓存到内存中，并返回给访问用户。
#more /usr/local/squid/var/logs/access.log | grep TCP_HIT
该指令可以看到在squid运行过程中，有那些文件被squid缓存到cache目录中，并返回给访问用户。
#more /usr/local/squid/var/logs/access.log | grep TCP_MISS
该指令可以看到在squid运行过程中，有那些文件没有被squid缓存，而是现重原始服务器获取并返回给访问用户。
关于 TCP_XXXX 等参数及代表的信息，请参看《squid中文权威指南》13.2.1 章节。
当然，本例中的蓝色文字是可以修改为其他的参数，例如你的域名 www.xxxx.com ，同样可以看到access.log里关于该域名的行。

安装时需注意rh的selinux安全设置,会造成无创建cache目录

64位系统注意cache_mem 大小,过大会报 out of memory
可用tcmalloc 优化内存

Posted in Squid/varnish, 技术.

Tagged with squid.

rev="post-130" No comments

By C1G – 2007/11/15

redhat4 gcc 安装

glibc-kernheaders glibc-headers glibc-devel cpp gcc 五个文件,注意顺序

http://download.quicklinux.org/RPMS.os/
http://download.quicklinux.org/RPMS.os/glibc-kernheaders-2.4-9.1.89.i386.rpm
http://download.quicklinux.org/RPMS.os/glibc-headers-2.3.4-3.i386.rpm
http://download.quicklinux.org/RPMS.os/glibc-devel-2.3.4-3.i386.rpm
http://download.quicklinux.org/RPMS.os/cpp-3.4.3-17.i386.rpm
http://download.quicklinux.org/RPMS.os/libgcc-3.4.3-17.i386.rpm
http://download.quicklinux.org/RPMS.os/gcc-3.4.3-17.i386.rpm

相关的rpm包在redhat的iso镜像里都能找到。

wget 以上包

rpv -ivh 安装

安装好后，使用 rpm -qa | grep gcc 会发现gcc已经成功安装了，我们还可以使用 rpm -qR gcc-xxx 查询一下gcc都依赖于哪些文件。

Posted in LINUX, 技术.

rev="post-129" No comments

By C1G – 2007/11/14

复制到系统剪贴板之IE,ff兼容版

http://www.w3c-cn.com/article.asp?id=88

请另存代码测试

FF下需设一下安全
第一步.在Firefox浏览器的地址栏中输入 about:config
第二步.将 signed.applets.codebase_principal_support 的值从 false 更新为 true 。

Posted in JavaScript/DOM/XML, 技术.

rev="post-128" No comments

By C1G – 2007/11/14

« Previous Next »

postfix全功能邮件服务器

sendmail+sasl2创建带smtp的mail server

postfix+sasl2构建简单邮件服务器

使用crontab+ssh每天自动完全备份mysql数据

查看Apache并发请求数及其TCP连接状态[转]

网站负载均衡技术[转]

解决不能通过mysql.sock连接MySQL问题

squid 安装

redhat4 gcc 安装

复制到系统剪贴板之IE,ff兼容版

请另存代码测试

About C1G军火库

分类

归档

其他操作

近期文章

近期评论

AI

博客互联

安全

我的

技术论坛

收藏夹

架构研发

设计体验

请另存代码测试

Subscribe

About C1G军火库

分类

归档

其他操作

近期文章

近期评论

标签

AI

博客互联

安全

我的

技术论坛

收藏夹

架构研发

设计体验