Ä¿ÇÇÇâÀÌ ³ª´Â *NIX
Ä¿ÇǴнº
½Ã½ºÅÛ/³×Æ®¿÷/º¸¾ÈÀ» ´Ù·ç´Â °÷
*
HanIRCÀÇ #coffeenix ¹æ
[
Àåºñ ¹× ȸ¼± ÈÄ¿ø
]
> Forum <
IT ÀÏÁ¤
N
e
w
!
ÀÚµ¿È ÇÁ·ÎÁ§Æ®
HOME
>
³×Æ®¿öÅ©(network)
>
¸ÞÀÏ ¼¹ö(mail)
µµ¿ò¸»
°Ë»ö :
»çÀÌÆ®
WHOIS
À¥¼¹ö Á¾·ù
¸ÞÀÏ ÇÊÅ͸µ(½ºÆÔ¸ÞÀÏ) / procmail
(14, ±Û 18, ÀÚ·á 8)
Å¥¸ÞÀÏ ¼¹ö ±¸Ãà - ucspi-tcp, daemontools, knetqmail-1.06, vpopmail
ÀÛ¼ºÀÏ : 2010/10/07 17:41
±Û¾´ÀÌ : Ƽ´Ï (
http://linux.tini4u.net/
)
Á¶È¸¼ö : 8651
[
ÀÌÀüȸé
/
¼öÁ¤
] ºñ¹Ð¹øÈ£ :
--------------------------------------------------------------------------------------
- ÀÛ ¼º ÀÚ : ±èÇõÁß(Ƽ´Ï) [sky #at# tini4u.net]
- ÀÛ ¼º ÀÏ : 2010-10-06
- »ç ÀÌ Æ® :
http://linux.tini4u.net/
- ¿ø Á¦ ¸ñ : Å¥¸ÞÀÏ ¼¹ö ±¸Ãà - ucspi-tcp, daemontools, knetqmail-1.06, vpopmail
- ȯ ¡¡ °æ : CentOS 5.x, CentOS 6.x
- Å° ¿ö µå : ucspi-tcp, daemontools, knetqmail, qmail, vpopmail, libdomainkeys
- ¾÷µ¥ÀÌÆ® : 2012-01-10
--------------------------------------------------------------------------------------
ÀÌ ¹®¼´Â knetqmail-1.06(qmail.kldp.net)À» ±âÁØÀ¸·Î Á¦ÀÛµÈ ¹®¼ ÀÔ´Ï´Ù.
knetqmailÀº qmail.kldp.net ¿î¿µÀÚÀ̽ŠÀÓÀºÀç´Ô²²¼ netqmail 1.06¿¡
toaster ÆÐÄ¡ ¹× ¿©·¯°¡Áö Ãß°¡ÀûÀÎ ÆÐÄ¡¸¦ Àû¿ëÇÑ ¼Ò½º ÀÔ´Ï´Ù.
±âÁ¸ÀÇ ¹®¼´Â qmail 1.03 + cocktail 14 patch¸¦ ±âÁØÀ¸·Î Á¦À۵ǾúÀ¸³ª,
½Ã°£ÀÌ È帣¸é¼ °¢Á¾ ÆÐÄ¡¿¡ ¿©·¯ º¯È°¡ ÀÖ¾ú°í, ¶ÇÇÑ ÀϺδ outdate µÇ±âµµ Çß¾ú½À´Ï´Ù.
µû¶ó¼ spf, domainkeys, mail submission µîÀ» ¹Ý¿µÇÑ knetqmailÀÇ ¹®¼¸¦ Ãß°¡ÀûÀ¸·Î Á¦ÀÛÇÕ´Ï´Ù.
¹°·Ð cocktail ÆÐÄ¡¿¡ ¹®Á¦°¡ ÀÖ´Ù´Â °ÍÀº ¾Æ´Õ´Ï´Ù. Áö±Ýµµ ¼ö¸¹Àº ¼¹ö¿¡¼ Àß »ç¿ëµÇ°í ÀÖ½À´Ï´Ù.
ÀÌ ¹®¼¸¦ º¸½Ã´Â ºÐµé²²¼ ºÒÇÊ¿äÇÑ ¿ÀÇØ°¡ ¾ø±â¸¦ ºÐ¸íÈ÷ ¹àÈü´Ï´Ù.
01. ucspi-tcp 0.88 [ÃֽŹöÀü:
http://cr.yp.to/ucspi-tcp/install.html]
ucspi-tcp´Â tcpserver¿Í tcpclient Àü¼ÛÁ¦¾î ÇÁ·ÎÅäÄÝ(TCP client-server)À» ±¸ÃàÇϴµ¥
Á»´õ Æí¸®ÇÏ°Ô »ç¿ëÇÒ ¼ö ÀÖµµ·Ï Á¦ÀÛµÈ command-line Åø ÀÔ´Ï´Ù.
ÀÌ ÇÁ·Î±×·¥ÀÇ ÀÚ¼¼ÇÑ Á¤º¸´Â
http://cr.yp.to/ucspi-tcp.html
ÀÌ°÷À» ÂüÁ¶ÇÏ½Ã¸é µÇ°Ú½À´Ï´Ù.
[root@localhost]# cd /var/tmp
[root@localhost]# wget
http://cr.yp.to/ucspi-tcp/ucspi-tcp-0.88.tar.gz
[root@localhost]# wget
http://djbware.csi.hu/patches/ucspi-tcp-0.88.errno.patch
[root@localhost]# tar xfz ucspi-tcp-0.88.tar.gz
[root@localhost]# cd ucspi-tcp-0.88
[root@localhost]# patch -p1 < ../ucspi-tcp-0.88.errno.patch
[root@localhost]# echo "/usr/local" > conf-home
[root@localhost]# make
[root@localhost]# make setup check
02. daemontools 0.76 [ÃֽŹöÀü:
http://cr.yp.to/daemontools/install.html]
02-1. daemontools ¼³Ä¡
[root@localhost]# cd /var/tmp
[root@localhost]# wget
http://cr.yp.to/daemontools/daemontools-0.76.tar.gz
[root@localhost]# wget
http://djbware.csi.hu/patches/daemontools-0.76.errno.patch
[root@localhost]# tar xfz daemontools-0.76.tar.gz
[root@localhost]# cd admin/daemontools-0.76
[root@localhost]# patch -p1 < ../../daemontools-0.76.errno.patch
[root@localhost]# echo "/usr/local" > src/home
[root@localhost]# make -C src
[root@localhost]# mkdir /service /command
[root@localhost]# for i in `cat package/commands`; do cp -a src/$i /usr/local/bin/$i; done
[root@localhost]# for i in `cat package/commands`; do ln -sfv /usr/local/bin/$i /command/$i; done
¡Ø Áß°£¿¡ ³ª¿À´Â for... ºÎºÐÀº ½©¿¡¼ Á÷Á¢ ŸÀÌÇÎ Çϼŵµ ½ÇÇàµÇ´Â ºÎºÐ ÀÔ´Ï´Ù.
¡¡ ¼³Ä¡°úÁ¤ Áß°£¿¡ for¹®ÀÌ ³ª¿Ô´Ù°í script¸¦ ¸¸µå´Â ¼ö°í¸¦ ÇÏÁö ¾ÊÀ¸½Ã±æ ¹Ù¶ø´Ï´Ù.
02-2. daemontools ½ÃÀÛ
¡Ø CentOS 5.x ÀÌÇÏ
[root@localhost]# echo "SV:345:respawn:/command/svscanboot" >> /etc/inittab
[root@localhost]# pkill -1 init
¡Ø CentOS 6.x ÀÌ»ó
[root@localhost]# vi /etc/init/svscan.conf
start on runlevel [2345]
stop on runlevel [S016]
respawn
exec /command/svscanboot
[root@localhost]# initctl start svscan
03. qmail, vpopmail ¿¡¼ »ç¿ëÇÒ °èÁ¤°ú ±×·ì »ý¼º
¡Ø -r ¿É¼ÇÀº ½Ã½ºÅÛ °èÁ¤(uid 500 ¹Ì¸¸)À¸·Î »ç¿ëÀÚ¸¦ »ý¼ºÇÏ°Ú´Ù´Â ÀÇ¹Ì ÀÔ´Ï´Ù.
[root@localhost]# groupadd -r nofiles
[root@localhost]# groupadd -r qmail
[root@localhost]# groupadd -r vchkpw
[root@localhost]# useradd -r -M -d /var/qmail/alias -s /sbin/nologin -c "qmail alias" -g qmail alias
[root@localhost]# useradd -r -M -d /var/qmail -s /sbin/nologin -c "qmail daemon" -g qmail qmaild
[root@localhost]# useradd -r -M -d /var/qmail -s /sbin/nologin -c "qmail logger" -g qmail qmaill
[root@localhost]# useradd -r -M -d /var/qmail -s /sbin/nologin -c "qmail passwd" -g qmail qmailp
[root@localhost]# useradd -r -M -d /var/qmail -s /sbin/nologin -c "qmail queue" -g qmail qmailq
[root@localhost]# useradd -r -M -d /var/qmail -s /sbin/nologin -c "qmail remote" -g qmail qmailr
[root@localhost]# useradd -r -M -d /var/qmail -s /sbin/nologin -c "qmail send" -g qmail qmails
[root@localhost]# useradd -r -M -d /home/vpopmail -s /sbin/nologin -c "Vpopmail User" -g vchkpw vpopmail
04. vpopmail 5.4.30 [ÃֽŹöÀü:
http://sourceforge.net/projects/vpopmail/]
¡Ø Å¥¸ÞÀÏÀÇ chkuser ÆÐÄ¡·Î ÀÎÇÏ¿© ÄÄÆÄÀϽà vpopmailÀÇ ¶óÀ̺귯¸®¸¦ ÇÊ¿ä·Î ÇÏ°Ô µÆ½À´Ï´Ù.
¡¡ µû¶ó¼ Å¥¸ÞÀϺ¸´Ù vpopmailÀ» ¸ÕÀú ¼³Ä¡Çϵµ·Ï ÇÕ´Ï´Ù.
¡Ø vpopmailÀÇ È¯°æ¼³Á¤À» ÇÒ¶§ qmail µð·ºÅ丮 ¹× ¸î¸î ¹ÙÀ̳ʸ® À§Ä¡(locate)¸¦ ÇÊ¿ä·Î ÇÕ´Ï´Ù.
¡¡ µû¶ó¼ Å¥¸ÞÀÏÀÌ ¼³Ä¡µÈ °Íó·³ ¼ÓÀ̱â À§ÇÏ¿©, fake ÆÄÀÏÀ» »ý¼ºÇØ ÁÖµµ·Ï ÇÕ´Ï´Ù.
¡¡ (´Ü¼øÈ÷ Å¥¸ÞÀÏÀÇ À§Ä¡¸¸ ¼³Á¤ Çϱ⠶§¹®¿¡, fake ÆÄÀÏ·Î ¼ÓÀÌ´õ¶óµµ ÀüÇô ¹®Á¦°¡ ¾ø½À´Ï´Ù)
[root@localhost]# mkdir -p /var/qmail/bin
[root@localhost]# touch /var/qmail/bin/qmail-newu
[root@localhost]# touch /var/qmail/bin/qmail-inject
[root@localhost]# touch /var/qmail/bin/qmail-newmrh
¡Ø ÇÊÀÚ´Â °ü¸®ÀÇ ÆíÀÇ»ó cdb¸¦ »ç¿ëÇÏÁö ¾Ê°í, mysql database¸¦ ÅëÇÏ¿© µµ¸ÞÀÎ ¹× »ç¿ëÀÚ °ü¸®¸¦ ÇÒ °Í ÀÔ´Ï´Ù.
¡¡ µû¶ó¼ ÇÊÀÚ¿Í °°ÀÌ mysql°ú ¿¬µ¿Çؼ °ü¸®ÇÏ°íÀÚ ÇϽô ºÐµéÀº vpopmail ¼³Ä¡Àü¿¡ mysqlÀÌ ¹Ì¸® ¼³Ä¡µÇ¾î ÀÖ¾î¾ß ÇÕ´Ï´Ù.
¡¡ (¸¸¾à cdb¸¦ »ç¿ëÇÏ°íÀÚ ÇϽŴٸé configure ¿É¼ÇÁß --enable-auth-module=mysql ºÎÅÍ ±× ¾Æ·¡ÀÇ ¸ðµç ¿É¼ÇÀ» Á¦°ÅÇÏ½Ã¸é µË´Ï´Ù)
¡Ø ȯ°æ¼³Á¤(configure)½Ã mysql °ü·Ã ¿¡·¯¸¦ ¸¸³ª´Â °æ¿ì incdir°ú libdirÀÇ °æ·Î¸¦ mysql¿¡ ¸Â°Ô ¼öÁ¤ÇØÁֽñ⠹ٶø´Ï´Ù.
[root@localhost]# cd /var/tmp
[root@localhost]# wget
http://cdnetworks-kr-2.dl.sourceforge.net/project/vpopmail/vpopmail-stable/5.4.30/vpopmail-5.4.30.tar.gz
[root@localhost]# tar xfz vpopmail-5.4.30.tar.gz
[root@localhost]# cd vpopmail-5.4.30
[root@localhost]# ./configure \
--prefix=/home/vpopmail \
--enable-vpopuser=vpopmail \
--enable-vpopgroup=vchkpw \
--enable-tcprules-prog=/usr/local/bin/tcprules \
--enable-tcpserver-file=/etc/tcprules.d/tcp.smtp \
--disable-users-big-dir \
--enable-qmail-ext \
--enable-domainquotas \
--enable-logging=v \
--enable-log-name=vpopmail \
--enable-valias \
--disable-many-domains \
--enable-auth-module=mysql \
--enable-incdir=/usr/include/mysql \
--enable-libdir=/usr/lib/mysql
[root@localhost]# make
[root@localhost]# make install-strip
¡Ø mysql°ú ¿¬µ¿ÇϽô ºÐµé¸¸ ÇÏ¸é µÇ´Â ¼³Á¤ ÀÔ´Ï´Ù. mysqlÀÇ Á¢¼Ó Á¤º¸¸¦ ÀÔ·ÂÇØÁÖ½Ã¸é µË´Ï´Ù.
[root@localhost]# vi /home/vpopmail/etc/vpopmail.mysql
localhost|0|DB_USER|PASSWORD|DB_NAME
¡Ø fake ÆÄÀÏ »èÁ¦
[root@localhost]# rm -rf /var/qmail
05. libdomainkeys 0.69 [ÃֽŹöÀü:
http://sourceforge.net/projects/domainkeys/]
[root@localhost]# cd /var/tmp
[root@localhost]# wget
http://cdnetworks-kr-2.dl.sourceforge.net/project/domainkeys/libdomainkeys/0.69/libdomainkeys-0.69.tar.gz
[root@localhost]# tar xfz libdomainkeys-0.69.tar.gz
[root@localhost]# mv libdomainkeys-0.69 libdomainkeys
[root@localhost]# cd libdomainkeys
[root@localhost]# echo "-lresolv" > dns.lib
[root@localhost]# make
06. knetqmail 1.06 [ÃֽŹöÀü:
http://qmail.kldp.net/
- ¹®¼¹öÀü:
http://qmail.kldp.net/phpbb/viewtopic.php?f=4&t=8299]
06-1. knetqmail 1.06 ¼³Ä¡
[root@localhost]# cd /var/tmp
[root@localhost]# wget http://.../knetqmail-1.06-20110908.tar.gz
[root@localhost]# wget
http://jeremy.kister.net/quote/qmail-dk-0.54-auth.patch
[root@localhost]# tar xfz knetqmail-1.06-20110908.tar.gz
[root@localhost]# cd knetqmail-1.06-20110908
[root@localhost]# patch -p0 < ../qmail-dk-0.54-auth.patch
[root@localhost]# echo "gcc -O2 -g -DTLS=20070408 -I/usr/include/openssl -I/home/vpopmail/include" > conf-cc
[root@localhost]# echo "gcc -s -O2 -g" > conf-ld
[root@localhost]# make
[root@localhost]# make setup check
[root@localhost]# cp -a spfquery /var/qmail/bin
[root@localhost]# cp -a /var/tmp/libdomainkeys/dknewkey /var/qmail/bin
[root@localhost]# chown root:qmail /var/qmail/bin/spfquery /var/qmail/bin/dknewkey
[root@localhost]# chmod 755 /var/qmail/bin/spfquery /var/qmail/bin/dknewkey
¡Ø ¸¸¾à opensslÀÇ ¼³Ä¡ °æ·Î°¡ ´Ù¸£½Å ºÐÀº, ¼³Ä¡°úÁ¤ Áß°£¿¡ ³ª¿À´Â openssl °æ·Î ºÎºÐÀ» º¯°æÇØÁÖ½Ã¸é µË´Ï´Ù.
06-2. ¼³Á¤ ÆÄÀÏ »ý¼º
¡Ø Å¥¸ÞÀÏ ¿î¿µ¿¡ ÇÊ¿äÇÑ ¼³Á¤ ÆÄÀÏÀ» »ý¼ºÇϵµ·Ï ÇÏ°Ú½À´Ï´Ù.
¡¡ ¿ø·¡ Å¥¸ÞÀÏ ¼Ò½º¿¡¼ config script¸¦ Á¦°øÇÏ°í ÀÖÁö¸¸, ¾ÆÁÖ ±âº»ÀûÀÎ ÆÄÀϸ¸ »ý¼ºÇØÁֹǷÎ
¡¡ ÇÊÀÚ´Â ÇÊ¿äÇÑ ÆÄÀÏÀ» Á÷Á¢ »ý¼ºÇØÁÖ´Â ¹æ¹ýÀ» »ç¿ëÇϵµ·Ï ÇÏ°Ú½À´Ï´Ù.
[root@localhost]# cd /var/qmail/control
[root@localhost]# touch rcpthosts smtproutes
[root@localhost]# echo "localhost" > locals
[root@localhost]# echo "your-domain.com" > me
[root@localhost]# echo "your-domain.com" > defaultdomain
[root@localhost]# echo "your-domain.com" > defaulthost
[root@localhost]# echo "your-domain.com" > plusdomain
[root@localhost]# echo "60" > concurrencyremote
[root@localhost]# echo "100" > concurrencyincoming
[root@localhost]# echo "86400" > queuelifetime
[root@localhost]# echo "1" > spfbehavior
[root@localhost]# echo "Welcome to Qmail SMTP Server" > smtpgreeting
[root@localhost]# echo "./Maildir/" > defaultdelivery
[root@localhost]# chmod 644 *
[root@localhost]# cd /var/qmail/users
[root@localhost]# touch cdb
[root@localhost]# echo "." > assign
[root@localhost]# chmod 644 *
06-3. Å¥¸ÞÀÏ µ¥¸óÀ» À§ÇÑ µð·ºÅ丮 ¹× ½ºÅ©¸³Æ® »ý¼º
[root@localhost]# mkdir -p /var/qmail/supervise
[root@localhost]# for i in send smtp pop3 submission; do mkdir -p /var/qmail/supervise/$i/log; done
[root@localhost]# vi /var/qmail/rc
#!/bin/sh
exec env - PATH="/var/qmail/bin:$PATH" \
qmail-start "`cat /var/qmail/control/defaultdelivery`"
[root@localhost]# vi /var/qmail/supervise/send/run
#!/bin/sh
exec /var/qmail/rc
[root@localhost]# vi /var/qmail/supervise/send/log/run
#!/bin/sh
exec /usr/local/bin/setuidgid qmaill \
/usr/local/bin/multilog t /var/log/qmail/send 2>&1
[root@localhost]# vi /var/qmail/supervise/smtp/run
#!/bin/sh
VPOP_UID=`id -u vpopmail`
VPOP_GID=`id -g vpopmail`
MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
exec /usr/local/bin/softlimit -m 64000000 \
/usr/local/bin/tcpserver -vRHl0 \
-x /etc/tcprules.d/tcp.smtp.cdb \
-c ${MAXSMTPD} \
-u ${VPOP_UID} -g ${VPOP_GID} 0 25 \
/var/qmail/bin/qmail-smtpd \
/home/vpopmail/bin/vchkpw /bin/true 2>&1
[root@localhost]# vi /var/qmail/supervise/smtp/log/run
#!/bin/sh
exec /usr/local/bin/setuidgid qmaill \
/usr/local/bin/multilog t /var/log/qmail/smtp 2>&1
[root@localhost]# vi /var/qmail/supervise/pop3/run
#!/bin/sh
VPOP_UID=`id -u vpopmail`
VPOP_GID=`id -g vpopmail`
HOSTNAME=`hostname -f`
exec /usr/local/bin/softlimit -m 48000000 \
/usr/local/bin/tcpserver -vRHl0 \
-u ${VPOP_UID} -g ${VPOP_GID} 0 110 \
/var/qmail/bin/qmail-popup ${HOSTNAME} \
/home/vpopmail/bin/vchkpw \
/var/qmail/bin/qmail-pop3d Maildir 2>&1
[root@localhost]# vi /var/qmail/supervise/pop3/log/run
#!/bin/sh
exec /usr/local/bin/setuidgid qmaill \
/usr/local/bin/multilog t /var/log/qmail/pop3 2>&1
[root@localhost]# vi /var/qmail/supervise/submission/run
#!/bin/sh
VPOP_UID=`id -u vpopmail`
VPOP_GID=`id -g vpopmail`
MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
exec /usr/local/bin/softlimit -m 48000000 \
/usr/local/bin/tcpserver -vRHl0 \
-x /etc/tcprules.d/tcp.smtp.cdb \
-c ${MAXSMTPD} \
-u ${VPOP_UID} -g ${VPOP_GID} 0 587 \
/var/qmail/bin/qmail-smtpd \
/home/vpopmail/bin/vchkpw /bin/true 2>&1
[root@localhost]# vi /var/qmail/supervise/submission/log/run
#!/bin/sh
exec /usr/local/bin/setuidgid qmaill \
/usr/local/bin/multilog t /var/log/qmail/submission 2>&1
[root@localhost]# chmod 755 /var/qmail/rc
[root@localhost]# chown root:qmail /var/qmail/rc
[root@localhost]# chmod 700 /var/qmail/supervise
[root@localhost]# chown -R qmaill:qmail /var/qmail/supervise
[root@localhost]# for i in send smtp pop3 submission; do chmod 1700 /var/qmail/supervise/$i; done
[root@localhost]# for i in send smtp pop3 submission; do chmod 700 /var/qmail/supervise/$i/log; done
[root@localhost]# for i in send smtp pop3 submission; do chmod 751 /var/qmail/supervise/$i/run; done
[root@localhost]# for i in send smtp pop3 submission; do chmod 751 /var/qmail/supervise/$i/log/run; done
06-4. tcp.smtp ¼³Á¤
[root@localhost]# mkdir -p /etc/tcprules.d
[root@localhost]# vi /etc/tcprules.d/tcp.smtp
127.0.0.1:allow,RELAYCLIENT="",CHKUSER_RCPTLIMIT="50",CHKUSER_WRONGRCPTLIMIT="10"
:allow,CHKUSER_RCPTLIMIT="50",CHKUSER_WRONGRCPTLIMIT="10"
[root@localhost]# tcprules /etc/tcprules.d/tcp.smtp.cdb /etc/tcprules.d/tcp.smtp.tmp < /etc/tcprules.d/tcp.smtp
06-5. qmail log µð·ºÅ丮 »ý¼º
[root@localhost]# for i in send smtp pop3 submission; do mkdir -p /var/log/qmail/$i; done
[root@localhost]# chmod -R 750 /var/log/qmail
[root@localhost]# chown -R qmaill:qmail /var/log/qmail
06-6. qmail ±¸µ¿ ½ºÅ©¸³Æ® »ý¼º
[root@localhost]# vi /etc/init.d/qmaild
#!/bin/sh
#
# qmaild This shell script takes care of starting and stopping
# the qmail system.
#
# chkconfig: - 30 80
# description: qmail is a small, fast, secure replacement for the sendmail package, which is
# the program that actually receives, routes, and delivers electronic mail.
export PATH="$PATH:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/var/qmail/bin"
svclist="send smtp pop3 submission"
case "$1" in
start)
echo "Starting qmail"
for svc in $svclist; do
if [ -e /service/${svc} ]; then
if svok /service/${svc}; then
svc -u /service/${svc}
else
echo "${svc} supervise not running"
fi
else
ln -s /var/qmail/supervise/${svc} /service/
fi
done
if [ -d /var/lock/subsys ]; then
touch /var/lock/subsys/qmail
fi
;;
stop)
echo "Stopping qmail..."
for svc in $svclist; do
if [ -e /service/${svc} ]; then
echo " ${svc}"
svc -dx /service/${svc} /service/${svc}/log
rm -f /service/${svc}
fi
done
if [ -f /var/lock/subsys/qmail ]; then
rm -f /var/lock/subsys/qmail
fi
;;
stat)
for svc in $svclist; do
if [ -e /service/${svc} ]; then
svstat /service/${svc}
svstat /service/${svc}/log
fi
done
qmail-qstat
;;
doqueue|alrm|flush)
if [ -e /service/send ]; then
echo "Flushing timeout table and sending ALRM signal to send."
/var/qmail/bin/qmail-tcpok
svc -a /service/send
fi
;;
queue)
qmail-qstat
qmail-qread
;;
reload|hup)
if [ -e /service/send ]; then
echo "Sending HUP signal to send."
svc -h /service/send
fi
;;
pause)
for svc in $svclist; do
if [ -e /service/${svc} ]; then
echo "Pausing ${svc}"
svc -p /service/${svc}
fi
done
;;
cont)
for svc in $svclist; do
if [ -e /service/${svc} ]; then
echo "Continuing ${svc}"
svc -c /service/${svc}
fi
done
;;
restart)
echo "Restarting qmail:"
for svc in $svclist; do
if [ -e /service/${svc} ]; then
if [ "${svc}" != "send" ]; then
echo "* Stopping ${svc}."
svc -d /service/${svc}
fi
fi
done
if [ -e /service/send ]; then
echo "* Sending send SIGTERM and restarting."
svc -t /service/send
fi
for svc in $svclist; do
if [ -e /service/${svc} ]; then
if [ "${svc}" != "send" ]; then
echo "* Restarting ${svc}."
svc -u /service/${svc}
fi
fi
done
;;
cdb)
if [ -z "`grep '\#define POP_AUTH_OPEN_RELAY 1' /home/vpopmail/include/config.h 2>/dev/null`" ]; then
tcprules /etc/tcprules.d/tcp.smtp.cdb /etc/tcprules.d/tcp.smtp.tmp < /etc/tcprules.d/tcp.smtp
else
/home/vpopmail/bin/clearopensmtp
fi
echo "Reloaded /etc/tcprules.d/tcp.smtp."
;;
help)
cat <
stop -- stops mail service (smtp connections refused, nothing goes out)
start -- starts mail service (smtp connection accepted, mail can go out)
pause -- temporarily stops mail service (connections accepted, nothing leaves)
cont -- continues paused mail service
stat -- displays status of mail service
cdb -- rebuild the tcpserver cdb file for smtp
restart -- stops and restarts smtp, sends send a TERM & restarts it
doqueue -- schedules queued messages for immediate delivery
reload -- sends send HUP, rereading locals and virtualdomains
queue -- shows status of queue
alrm -- same as doqueue
flush -- same as doqueue
hup -- same as reload
HELP
;;
*)
echo "Usage: $0 {start|stop|restart|doqueue|flush|reload|stat|pause|cont|cdb|queue|help}"
exit 1
;;
esac
exit 0
[root@localhost]# chmod 755 /etc/init.d/qmaild
[root@localhost]# chkconfig --add qmaild
[root@localhost]# chkconfig --level 345 qmaild
06-7. qmail ½ÃÀÛ
[root@localhost]# /etc/init.d/qmaild start
¡Ø À̷μ ±âº»ÀûÀΠť¸ÞÀÏ ¼¹ö »ç¿ëÀÌ °¡´ÉÇØÁ³½À´Ï´Ù. µµ¸ÞÀÎ ¹× À̸ÞÀÏ °èÁ¤À» »ý¼ºÇÑ µÚ »ç¿ëÇÏ½Ã¸é µË´Ï´Ù.
¡¡ ÀÌ ¾Æ·¡´Â ¹ø¿ÜÆí(?) ÀÔ´Ï´Ù. Áï, ¼³Á¤ÇϽǺи¸ ¼³Á¤Çϼż »ç¿ëÇÏ½Ã¸é µË´Ï´Ù.
-------------------------------------------------------------------------------------------
-------------------------------------------------------------------------------------------
07. SMTP SSL ÀÎÁõ¼ »ý¼º
¡Ø SMTP¸¦ SSLÀ» ÀÌ¿ëÇÏ¿© »ç¿ëÇÒ °æ¿ì SSL ÀÎÁõ¼°¡ ÇÊ¿ä ÇÕ´Ï´Ù.
¡¡ SSL ÀÎÁõ¼´Â RootCA ¿¡¼ À¯·á·Î ±¸ÀÔÀ» ÇØ¾ß µÇÁö¸¸, Å×½ºÆ®¸¦ À§ÇÏ¿© »ç¼³ ÀÎÁõ¼¸¦ »ý¼ºÇϵµ·Ï ÇÏ°Ú½À´Ï´Ù.
[root@localhost]# cd /var/qmail/control
[root@localhost]# openssl req -newkey rsa:1024 -x509 -days 365 -nodes -out servercert.pem -keyout servercert.pem
Generating a 1024 bit RSA private key
..........++++++
.......................................................++++++
writing new private key to 'servercert.pem'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter quote) [GB]:KR
State or Province Name (full name) [Berkshire]:Seoul
Locality Name (eg, city) [Newbury]:Seoul
Organization Name (eg, company) [My Company Ltd]:Qmail SMTP Server
Organizational Unit Name (eg, section) []:
Common Name (eg, your name or your server's hostname) []:
Email Address []:
[root@localhost]# ln -sfv servercert.pem clientcert.pem
[root@localhost]# openssl ciphers > tlsserverciphers
[root@localhost]# ln -sfv tlsserverciphers tlsclientciphers
[root@localhost]# echo "01 01 * * * root /var/qmail/bin/update_tmprsadh >/dev/null 2>&1" >> /etc/crontab
08. Domain Keys ¼¼ÆÃ
¡Ø µµ¸ÞÀÎÅ° ½Ã½ºÅÛÀº Yahoo¿¡¼ ÁÖµµÇÏ¿© °³¹ßµÈ SSL Å°¸¦ ÀÌ¿ëÇÑ ¸ÞÀÏ ÀÎÁõ ¹æ¹ý ÀÔ´Ï´Ù.
¡¡ ÀÚ¼¼ÇÑ »çÇ×Àº
http://antispam.yahoo.com/domainkeys
ÀÌ°÷À» ÂüÁ¶ÇϽñ⠹ٶø´Ï´Ù.
08-1. SSL Key »ý¼º
¡Ø SSL Å°´Â µµ¸ÞÀκ°·Î »ý¼ºÇØÁִ°ÍÀÌ ÁÁ½À´Ï´Ù.
¡¡ ¿¹Á¦¿¡¼´Â example.com À̶ó´Â µµ¸ÞÀο¡ ´ëÇؼ ¼¼ÆÃÇÏ°Ú½À´Ï´Ù.
[root@localhost]# mkdir -p /var/qmail/control/domainkeys
[root@localhost]# cd /var/qmail/control/domainkeys
[root@localhost]# mkdir example.com
[root@localhost]# cd example.com
[root@localhost]# /var/qmail/bin/dknewkey private > public.txt
[root@localhost]# chmod 440 private
[root@localhost]# cd ..
[root@localhost]# chown -R root:vchkpw example.com
08-2. Å¥¸ÞÀÏ ¹ÙÀ̳ʸ® ±³Ã¼
¡Ø Å¥¸ÞÀÏ ¼¹ö°¡ ¸ÞÀÏ Çì´õ¿¡ ºñ¹ÐÅ°·Î Sign Çϰųª, ȤÀº ÀÎÁõÄõ¸®(Verify query)¸¦ Á¤»óÀûÀ¸·Î ó¸®ÇÒ ¼ö ÀÖµµ·Ï
¡¡ qmail-dk¸¦ °ÅÄ¡µµ·Ï ¹ÙÀ̳ʸ® ÆÄÀÏÀ» ±³Ã¼Çϵµ·Ï ÇÏ°Ú½À´Ï´Ù.
[root@localhost]# cd /var/qmail/bin
[root@localhost]# mv qmail-queue qmail-queue.orig
[root@localhost]# ln -sv qmail-dk qmail-queue
[root@localhost]# chmod 4711 qmail-queue.orig
08-3. tcp.smtp ¼³Á¤ º¯°æ
¡Ø knetqmail¿¡ Àû¿ëµÈ µµ¸ÞÀÎÅ° ÆÐÄ¡´Â ±âº»ÀûÀ¸·Î SSL ÀÎÁõ¼¸¦ /etc/domainkeys/your-domain.com/default ¿¡¼ ãµµ·Ï µÇ¾î ÀÖ½À´Ï´Ù.
¡¡ µû¶ó¼ Å¥¸ÞÀÏÀÌ Á¤»óÀûÀ¸·Î SSL ÀÎÁõ¼¸¦ ãÀ» ¼ö ÀÖµµ·Ï ȯ°æº¯¼ö¸¦ ¼³Á¤Çϵµ·Ï ÇÏ°Ú½À´Ï´Ù.
¡¡ (Âü°í·Î ÀÎÁõ¼ ÆÄÀϸíÀº ÀÚÀ¯·Ó°Ô ¼öÁ¤ÀÌ °¡´ÉÇÕ´Ï´Ù. ´Ü, DNS¿¡ ¼³Á¤µÈ HostName°ú µ¿ÀÏÇØ¾ß µË´Ï´Ù)
[root@localhost]# vi /etc/tcprules.d/tcp.smtp
127.0.0.1:allow,RELAYCLIENT="",CHKUSER_RCPTLIMIT="50",CHKUSER_WRONGRCPTLIMIT="10",DKSIGN="/var/qmail/control/domainkeys/%/private"
:allow,CHKUSER_RCPTLIMIT="50",CHKUSER_WRONGRCPTLIMIT="10",DKSIGN="/var/qmail/control/domainkeys/%/private"
[root@localhost]# tcprules /etc/tcprules.d/tcp.smtp.cdb /etc/tcprules.d/tcp.smtp.tmp < /etc/tcprules.d/tcp.smtp
08-4. DNS ¼¼ÆÃ
¡Ø µµ¸ÞÀÎ Å° ÀÎÁõ ½Ã½ºÅÛÀÌ »ç¿ëÇÒ TXT ·¹Äڵ带 Ãß°¡Çϵµ·Ï ÇÕ´Ï´Ù.
¡¡ TXT ·¹Äڵ忡 »ç¿ëµÉ °ªÀº SSL Key »ý¼º ºÎºÐ¿¡¼ ÃßÃâÇÑ public.txt ÆÄÀÏÀÇ ³»¿ëÀ» ÀÌ¿ëÇÏ½Ã¸é µË´Ï´Ù.
[root@localhost]# cat /var/qmail/control/domainkeys/example.com/public.txt
private._domainkey¡¡¡¡IN¡¡¡¡¡¡¡¡TXT¡¡¡¡¡¡"k=rsa; p=MEwwDQYJKoZ..... SSL Key End"
[root@localhost]# vi /var/named/data/example.com.zone
_domainkey¡¡¡¡¡¡¡¡¡¡¡¡IN¡¡¡¡¡¡¡¡TXT¡¡¡¡¡¡"o=-"
private._domainkey¡¡¡¡IN¡¡¡¡¡¡¡¡TXT¡¡¡¡¡¡"k=rsa; p=MEwwDQYJKoZ..... SSL Key End"
Ä¿ÇǴнº Ä«Æä ÃÖ±Ù ±Û
[04/25]
±¹°¡
[04/24]
º¸Çè
[04/22]
Re: OpenSSL Ãë¾àÁ¡ Á¤¸®, Logjam(·Î±×Àë)¿¡¼ Heartbleed±îÁö
[04/21]
LET¡¯S START WITH ON
[04/21]
º¸Çè
[04/20]
Á¦ÁÖ
[04/20]
±¹³»
[04/19]
Á¦ÁÖ
[04/18]
??? ?????
[04/17]
???? onion ?????? -
[04/11]
±¹°¡
[04/10]
Stride Into Dream:
[03/20]
Re: ¿Â¶óÀΰÔÀÓÀÇ Á¾ÁÖ±¹ ´ëÇѹα¹
[10/20]
Cross Compiler ±ò
[07/14]
SSL ¬¡¬°
N
e
w
! ÃÖ±Ù¿¡ µî·ÏÇÑ ÆäÀÌÁö
KiCad EDA Suite project (Free/Libre/Open-Source EDA Suite) (CAD)
¿ÀÇÂij½ºÄÉÀ̵å ijµå (OpenCASCADE CAD)
QCad for Windows --- GNU GPL (Free Software)
The Hello World Collection
IPMI¸¦ È°¿ëÇÑ ¸®´ª½º ¼¹ö°ü¸®
DNS ¼³Á¤ °Ë»ç
nagiosgraph ¼³Ä¡ ¹æ¹ý
Slony-I ¼³Ä¡ ¹æ¹ý (postgresql replication tool)
Qmail±â¹ÝÀÇ Anti spam ½Ã½ºÅÛ ±¸ÃàÇϱâ
clusterssh
[ ÇÔ²²ÇÏ´Â »çÀÌÆ® ]
¿î¿µÁø :
ÁÁÀºÁøÈ£(truefeel)
, ¾ß¼ö(yasu), ¹ü³ÃÀÌ, sCag
2003³â 8¿ù 4ÀÏ~