Ä¿ÇǴнº, ½Ã½ºÅÛ ¿£Áö´Ï¾îÀÇ ½°ÅÍ Ä¿ÇÇÇâÀÌ ³ª´Â *NIX
Ä¿ÇǴнº
½Ã½ºÅÛ/³×Æ®¿÷/º¸¾ÈÀ» ´Ù·ç´Â °÷
* HanIRCÀÇ #coffeenix ¹æ
[ Àåºñ ¹× ȸ¼± ÈÄ¿ø ]
HOME > ³×Æ®¿öÅ©(network) > ¸ÞÀÏ ¼­¹ö(mail) µµ¿ò¸»
°Ë»ö : »çÀÌÆ® WHOIS À¥¼­¹ö Á¾·ù

¸ÞÀÏ ÇÊÅ͸µ(½ºÆÔ¸ÞÀÏ) / procmail (14, ±Û 18, ÀÚ·á 8)

  Å¥¸ÞÀÏ ¼­¹ö ±¸Ãà - ucspi-tcp, daemontools, knetqmail-1.06, vpopmail ÀÛ¼ºÀÏ : 2010/10/07 17:41
 
  • ±Û¾´ÀÌ : Ƽ´Ï ( http://linux.tini4u.net/ )
  • Á¶È¸¼ö : 8569
          [ ÀÌÀüÈ­¸é / ¼öÁ¤ ]   ºñ¹Ð¹øÈ£ :     Àμâ¿ë È­¸é
      --------------------------------------------------------------------------------------
    - ÀÛ ¼º ÀÚ : ±èÇõÁß(Ƽ´Ï) [sky #at# tini4u.net]
    - ÀÛ ¼º ÀÏ : 2010-10-06
    - »ç ÀÌ Æ® : http://linux.tini4u.net/
    - ¿ø Á¦ ¸ñ : Å¥¸ÞÀÏ ¼­¹ö ±¸Ãà - ucspi-tcp, daemontools, knetqmail-1.06, vpopmail
    - ȯ ¡¡ °æ : CentOS 5.x, CentOS 6.x
    - Å° ¿ö µå : ucspi-tcp, daemontools, knetqmail, qmail, vpopmail, libdomainkeys
    - ¾÷µ¥ÀÌÆ® : 2012-01-10
    --------------------------------------------------------------------------------------

    ÀÌ ¹®¼­´Â knetqmail-1.06(qmail.kldp.net)À» ±âÁØÀ¸·Î Á¦ÀÛµÈ ¹®¼­ ÀÔ´Ï´Ù.

    knetqmailÀº qmail.kldp.net ¿î¿µÀÚÀ̽ŠÀÓÀºÀç´Ô²²¼­ netqmail 1.06¿¡
    toaster ÆÐÄ¡ ¹× ¿©·¯°¡Áö Ãß°¡ÀûÀÎ ÆÐÄ¡¸¦ Àû¿ëÇÑ ¼Ò½º ÀÔ´Ï´Ù.

    ±âÁ¸ÀÇ ¹®¼­´Â qmail 1.03 + cocktail 14 patch¸¦ ±âÁØÀ¸·Î Á¦À۵ǾúÀ¸³ª,
    ½Ã°£ÀÌ È帣¸é¼­ °¢Á¾ ÆÐÄ¡¿¡ ¿©·¯ º¯È­°¡ ÀÖ¾ú°í, ¶ÇÇÑ ÀϺδ outdate µÇ±âµµ Çß¾ú½À´Ï´Ù.
    µû¶ó¼­ spf, domainkeys, mail submission µîÀ» ¹Ý¿µÇÑ knetqmailÀÇ ¹®¼­¸¦ Ãß°¡ÀûÀ¸·Î Á¦ÀÛÇÕ´Ï´Ù.

    ¹°·Ð cocktail ÆÐÄ¡¿¡ ¹®Á¦°¡ ÀÖ´Ù´Â °ÍÀº ¾Æ´Õ´Ï´Ù. Áö±Ýµµ ¼ö¸¹Àº ¼­¹ö¿¡¼­ Àß »ç¿ëµÇ°í ÀÖ½À´Ï´Ù.
    ÀÌ ¹®¼­¸¦ º¸½Ã´Â ºÐµé²²¼­ ºÒÇÊ¿äÇÑ ¿ÀÇØ°¡ ¾ø±â¸¦ ºÐ¸íÈ÷ ¹àÈü´Ï´Ù.

    01. ucspi-tcp 0.88 [ÃֽŹöÀü: http://cr.yp.to/ucspi-tcp/install.html]
    ucspi-tcp´Â tcpserver¿Í tcpclient Àü¼ÛÁ¦¾î ÇÁ·ÎÅäÄÝ(TCP client-server)À» ±¸ÃàÇϴµ¥
    Á»´õ Æí¸®ÇÏ°Ô »ç¿ëÇÒ ¼ö ÀÖµµ·Ï Á¦ÀÛµÈ command-line Åø ÀÔ´Ï´Ù.
    ÀÌ ÇÁ·Î±×·¥ÀÇ ÀÚ¼¼ÇÑ Á¤º¸´Â http://cr.yp.to/ucspi-tcp.html ÀÌ°÷À» ÂüÁ¶ÇÏ½Ã¸é µÇ°Ú½À´Ï´Ù.
     [root@localhost]# cd /var/tmp
    [root@localhost]# wget http://cr.yp.to/ucspi-tcp/ucspi-tcp-0.88.tar.gz
    [root@localhost]# wget http://djbware.csi.hu/patches/ucspi-tcp-0.88.errno.patch
    [root@localhost]# tar xfz ucspi-tcp-0.88.tar.gz
    [root@localhost]# cd ucspi-tcp-0.88
    [root@localhost]# patch -p1 < ../ucspi-tcp-0.88.errno.patch
    [root@localhost]# echo "/usr/local" > conf-home
    [root@localhost]# make
    [root@localhost]# make setup check
     


    02. daemontools 0.76 [ÃֽŹöÀü: http://cr.yp.to/daemontools/install.html]
    02-1. daemontools ¼³Ä¡
     [root@localhost]# cd /var/tmp
    [root@localhost]# wget http://cr.yp.to/daemontools/daemontools-0.76.tar.gz
    [root@localhost]# wget http://djbware.csi.hu/patches/daemontools-0.76.errno.patch
    [root@localhost]# tar xfz daemontools-0.76.tar.gz
    [root@localhost]# cd admin/daemontools-0.76
    [root@localhost]# patch -p1 < ../../daemontools-0.76.errno.patch
    [root@localhost]# echo "/usr/local" > src/home
    [root@localhost]# make -C src

    [root@localhost]# mkdir /service /command
    [root@localhost]# for i in `cat package/commands`; do cp -a src/$i /usr/local/bin/$i; done
    [root@localhost]# for i in `cat package/commands`; do ln -sfv /usr/local/bin/$i /command/$i; done
     

    ¡Ø Áß°£¿¡ ³ª¿À´Â for... ºÎºÐÀº ½©¿¡¼­ Á÷Á¢ ŸÀÌÇÎ Çϼŵµ ½ÇÇàµÇ´Â ºÎºÐ ÀÔ´Ï´Ù.
    ¡¡ ¼³Ä¡°úÁ¤ Áß°£¿¡ for¹®ÀÌ ³ª¿Ô´Ù°í script¸¦ ¸¸µå´Â ¼ö°í¸¦ ÇÏÁö ¾ÊÀ¸½Ã±æ ¹Ù¶ø´Ï´Ù.

    02-2. daemontools ½ÃÀÛ
    ¡Ø CentOS 5.x ÀÌÇÏ
     [root@localhost]# echo "SV:345:respawn:/command/svscanboot" >> /etc/inittab
    [root@localhost]# pkill -1 init
     

    ¡Ø CentOS 6.x ÀÌ»ó
     [root@localhost]# vi /etc/init/svscan.conf
    start on runlevel [2345]
    stop on runlevel [S016]

    respawn
    exec /command/svscanboot
    [root@localhost]# initctl start svscan
     


    03. qmail, vpopmail ¿¡¼­ »ç¿ëÇÒ °èÁ¤°ú ±×·ì »ý¼º
    ¡Ø -r ¿É¼ÇÀº ½Ã½ºÅÛ °èÁ¤(uid 500 ¹Ì¸¸)À¸·Î »ç¿ëÀÚ¸¦ »ý¼ºÇÏ°Ú´Ù´Â ÀÇ¹Ì ÀÔ´Ï´Ù.
     [root@localhost]# groupadd -r nofiles
    [root@localhost]# groupadd -r qmail
    [root@localhost]# groupadd -r vchkpw

    [root@localhost]# useradd -r -M -d /var/qmail/alias -s /sbin/nologin -c "qmail alias" -g qmail alias
    [root@localhost]# useradd -r -M -d /var/qmail -s /sbin/nologin -c "qmail daemon" -g qmail qmaild
    [root@localhost]# useradd -r -M -d /var/qmail -s /sbin/nologin -c "qmail logger" -g qmail qmaill
    [root@localhost]# useradd -r -M -d /var/qmail -s /sbin/nologin -c "qmail passwd" -g qmail qmailp
    [root@localhost]# useradd -r -M -d /var/qmail -s /sbin/nologin -c "qmail queue" -g qmail qmailq
    [root@localhost]# useradd -r -M -d /var/qmail -s /sbin/nologin -c "qmail remote" -g qmail qmailr
    [root@localhost]# useradd -r -M -d /var/qmail -s /sbin/nologin -c "qmail send" -g qmail qmails
    [root@localhost]# useradd -r -M -d /home/vpopmail -s /sbin/nologin -c "Vpopmail User" -g vchkpw vpopmail
     


    04. vpopmail 5.4.30 [ÃֽŹöÀü: http://sourceforge.net/projects/vpopmail/]
    ¡Ø Å¥¸ÞÀÏÀÇ chkuser ÆÐÄ¡·Î ÀÎÇÏ¿© ÄÄÆÄÀϽà vpopmailÀÇ ¶óÀ̺귯¸®¸¦ ÇÊ¿ä·Î ÇÏ°Ô µÆ½À´Ï´Ù.
    ¡¡ µû¶ó¼­ Å¥¸ÞÀϺ¸´Ù vpopmailÀ» ¸ÕÀú ¼³Ä¡Çϵµ·Ï ÇÕ´Ï´Ù.

    ¡Ø vpopmailÀÇ È¯°æ¼³Á¤À» ÇÒ¶§ qmail µð·ºÅ丮 ¹× ¸î¸î ¹ÙÀ̳ʸ® À§Ä¡(locate)¸¦ ÇÊ¿ä·Î ÇÕ´Ï´Ù.
    ¡¡ µû¶ó¼­ Å¥¸ÞÀÏÀÌ ¼³Ä¡µÈ °Íó·³ ¼ÓÀ̱â À§ÇÏ¿©, fake ÆÄÀÏÀ» »ý¼ºÇØ ÁÖµµ·Ï ÇÕ´Ï´Ù.
    ¡¡ (´Ü¼øÈ÷ Å¥¸ÞÀÏÀÇ À§Ä¡¸¸ ¼³Á¤ Çϱ⠶§¹®¿¡, fake ÆÄÀÏ·Î ¼ÓÀÌ´õ¶óµµ ÀüÇô ¹®Á¦°¡ ¾ø½À´Ï´Ù)
     [root@localhost]# mkdir -p /var/qmail/bin
    [root@localhost]# touch /var/qmail/bin/qmail-newu
    [root@localhost]# touch /var/qmail/bin/qmail-inject
    [root@localhost]# touch /var/qmail/bin/qmail-newmrh
     


    ¡Ø ÇÊÀÚ´Â °ü¸®ÀÇ ÆíÀÇ»ó cdb¸¦ »ç¿ëÇÏÁö ¾Ê°í, mysql database¸¦ ÅëÇÏ¿© µµ¸ÞÀÎ ¹× »ç¿ëÀÚ °ü¸®¸¦ ÇÒ °Í ÀÔ´Ï´Ù.
    ¡¡ µû¶ó¼­ ÇÊÀÚ¿Í °°ÀÌ mysql°ú ¿¬µ¿Çؼ­ °ü¸®ÇÏ°íÀÚ ÇϽô ºÐµéÀº vpopmail ¼³Ä¡Àü¿¡ mysqlÀÌ ¹Ì¸® ¼³Ä¡µÇ¾î ÀÖ¾î¾ß ÇÕ´Ï´Ù.
    ¡¡ (¸¸¾à cdb¸¦ »ç¿ëÇÏ°íÀÚ ÇϽŴٸé configure ¿É¼ÇÁß --enable-auth-module=mysql ºÎÅÍ ±× ¾Æ·¡ÀÇ ¸ðµç ¿É¼ÇÀ» Á¦°ÅÇÏ½Ã¸é µË´Ï´Ù)
    ¡Ø ȯ°æ¼³Á¤(configure)½Ã mysql °ü·Ã ¿¡·¯¸¦ ¸¸³ª´Â °æ¿ì incdir°ú libdirÀÇ °æ·Î¸¦ mysql¿¡ ¸Â°Ô ¼öÁ¤ÇØÁֽñ⠹ٶø´Ï´Ù.
     [root@localhost]# cd /var/tmp
    [root@localhost]# wget http://cdnetworks-kr-2.dl.sourceforge.net/project/vpopmail/vpopmail-stable/5.4.30/vpopmail-5.4.30.tar.gz
    [root@localhost]# tar xfz vpopmail-5.4.30.tar.gz
    [root@localhost]# cd vpopmail-5.4.30
    [root@localhost]# ./configure \
    --prefix=/home/vpopmail \
    --enable-vpopuser=vpopmail \
    --enable-vpopgroup=vchkpw \
    --enable-tcprules-prog=/usr/local/bin/tcprules \
    --enable-tcpserver-file=/etc/tcprules.d/tcp.smtp \
    --disable-users-big-dir \
    --enable-qmail-ext \
    --enable-domainquotas \
    --enable-logging=v \
    --enable-log-name=vpopmail \
    --enable-valias \
    --disable-many-domains \
    --enable-auth-module=mysql \
    --enable-incdir=/usr/include/mysql \
    --enable-libdir=/usr/lib/mysql
    [root@localhost]# make
    [root@localhost]# make install-strip
     


    ¡Ø mysql°ú ¿¬µ¿ÇϽô ºÐµé¸¸ ÇÏ¸é µÇ´Â ¼³Á¤ ÀÔ´Ï´Ù. mysqlÀÇ Á¢¼Ó Á¤º¸¸¦ ÀÔ·ÂÇØÁÖ½Ã¸é µË´Ï´Ù.
     [root@localhost]# vi /home/vpopmail/etc/vpopmail.mysql
    localhost|0|DB_USER|PASSWORD|DB_NAME
     


    ¡Ø fake ÆÄÀÏ »èÁ¦
     [root@localhost]# rm -rf /var/qmail 


    05. libdomainkeys 0.69 [ÃֽŹöÀü: http://sourceforge.net/projects/domainkeys/]
     [root@localhost]# cd /var/tmp
    [root@localhost]# wget http://cdnetworks-kr-2.dl.sourceforge.net/project/domainkeys/libdomainkeys/0.69/libdomainkeys-0.69.tar.gz
    [root@localhost]# tar xfz libdomainkeys-0.69.tar.gz
    [root@localhost]# mv libdomainkeys-0.69 libdomainkeys
    [root@localhost]# cd libdomainkeys
    [root@localhost]# echo "-lresolv" > dns.lib
    [root@localhost]# make
     


    06. knetqmail 1.06 [ÃֽŹöÀü: http://qmail.kldp.net/ - ¹®¼­¹öÀü: http://qmail.kldp.net/phpbb/viewtopic.php?f=4&t=8299]
    06-1. knetqmail 1.06 ¼³Ä¡
     [root@localhost]# cd /var/tmp
    [root@localhost]# wget http://.../knetqmail-1.06-20110908.tar.gz
    [root@localhost]# wget http://jeremy.kister.net/quote/qmail-dk-0.54-auth.patch
    [root@localhost]# tar xfz knetqmail-1.06-20110908.tar.gz
    [root@localhost]# cd knetqmail-1.06-20110908
    [root@localhost]# patch -p0 < ../qmail-dk-0.54-auth.patch

    [root@localhost]# echo "gcc -O2 -g -DTLS=20070408 -I/usr/include/openssl -I/home/vpopmail/include" > conf-cc
    [root@localhost]# echo "gcc -s -O2 -g" > conf-ld

    [root@localhost]# make
    [root@localhost]# make setup check

    [root@localhost]# cp -a spfquery /var/qmail/bin
    [root@localhost]# cp -a /var/tmp/libdomainkeys/dknewkey /var/qmail/bin
    [root@localhost]# chown root:qmail /var/qmail/bin/spfquery /var/qmail/bin/dknewkey
    [root@localhost]# chmod 755 /var/qmail/bin/spfquery /var/qmail/bin/dknewkey
     

    ¡Ø ¸¸¾à opensslÀÇ ¼³Ä¡ °æ·Î°¡ ´Ù¸£½Å ºÐÀº, ¼³Ä¡°úÁ¤ Áß°£¿¡ ³ª¿À´Â openssl °æ·Î ºÎºÐÀ» º¯°æÇØÁÖ½Ã¸é µË´Ï´Ù.

    06-2. ¼³Á¤ ÆÄÀÏ »ý¼º
    ¡Ø Å¥¸ÞÀÏ ¿î¿µ¿¡ ÇÊ¿äÇÑ ¼³Á¤ ÆÄÀÏÀ» »ý¼ºÇϵµ·Ï ÇÏ°Ú½À´Ï´Ù.
    ¡¡ ¿ø·¡ Å¥¸ÞÀÏ ¼Ò½º¿¡¼­ config script¸¦ Á¦°øÇÏ°í ÀÖÁö¸¸, ¾ÆÁÖ ±âº»ÀûÀÎ ÆÄÀϸ¸ »ý¼ºÇØÁֹǷÎ
    ¡¡ ÇÊÀÚ´Â ÇÊ¿äÇÑ ÆÄÀÏÀ» Á÷Á¢ »ý¼ºÇØÁÖ´Â ¹æ¹ýÀ» »ç¿ëÇϵµ·Ï ÇÏ°Ú½À´Ï´Ù.
     [root@localhost]# cd /var/qmail/control
    [root@localhost]# touch rcpthosts smtproutes
    [root@localhost]# echo "localhost"       > locals
    [root@localhost]# echo "your-domain.com" > me
    [root@localhost]# echo "your-domain.com" > defaultdomain
    [root@localhost]# echo "your-domain.com" > defaulthost
    [root@localhost]# echo "your-domain.com" > plusdomain
    [root@localhost]# echo "60"              > concurrencyremote
    [root@localhost]# echo "100"             > concurrencyincoming
    [root@localhost]# echo "86400"           > queuelifetime
    [root@localhost]# echo "1"               > spfbehavior
    [root@localhost]# echo "Welcome to Qmail SMTP Server" > smtpgreeting
    [root@localhost]# echo "./Maildir/"      > defaultdelivery
    [root@localhost]# chmod 644 *

    [root@localhost]# cd /var/qmail/users
    [root@localhost]# touch cdb
    [root@localhost]# echo "." > assign
    [root@localhost]# chmod 644 *
     


    06-3. Å¥¸ÞÀÏ µ¥¸óÀ» À§ÇÑ µð·ºÅ丮 ¹× ½ºÅ©¸³Æ® »ý¼º
     [root@localhost]# mkdir -p /var/qmail/supervise
    [root@localhost]# for i in send smtp pop3 submission; do mkdir -p /var/qmail/supervise/$i/log; done
     


     [root@localhost]# vi /var/qmail/rc
    #!/bin/sh

    exec env - PATH="/var/qmail/bin:$PATH" \
            qmail-start "`cat /var/qmail/control/defaultdelivery`"
     

     [root@localhost]# vi /var/qmail/supervise/send/run
    #!/bin/sh

    exec /var/qmail/rc
     

     [root@localhost]# vi /var/qmail/supervise/send/log/run
    #!/bin/sh

    exec /usr/local/bin/setuidgid qmaill \
            /usr/local/bin/multilog t /var/log/qmail/send 2>&1
     

     [root@localhost]# vi /var/qmail/supervise/smtp/run
    #!/bin/sh

    VPOP_UID=`id -u vpopmail`
    VPOP_GID=`id -g vpopmail`

    MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`

    exec /usr/local/bin/softlimit -m 64000000 \
            /usr/local/bin/tcpserver -vRHl0 \
            -x /etc/tcprules.d/tcp.smtp.cdb \
            -c ${MAXSMTPD} \
            -u ${VPOP_UID} -g ${VPOP_GID} 0 25 \
            /var/qmail/bin/qmail-smtpd \
            /home/vpopmail/bin/vchkpw /bin/true 2>&1
     

     [root@localhost]# vi /var/qmail/supervise/smtp/log/run
    #!/bin/sh

    exec /usr/local/bin/setuidgid qmaill \
            /usr/local/bin/multilog t /var/log/qmail/smtp 2>&1
     

     [root@localhost]# vi /var/qmail/supervise/pop3/run
    #!/bin/sh

    VPOP_UID=`id -u vpopmail`
    VPOP_GID=`id -g vpopmail`

    HOSTNAME=`hostname -f`

    exec /usr/local/bin/softlimit -m 48000000 \
            /usr/local/bin/tcpserver -vRHl0 \
            -u ${VPOP_UID} -g ${VPOP_GID} 0 110 \
            /var/qmail/bin/qmail-popup ${HOSTNAME} \
            /home/vpopmail/bin/vchkpw \
            /var/qmail/bin/qmail-pop3d Maildir 2>&1
     

     [root@localhost]# vi /var/qmail/supervise/pop3/log/run
    #!/bin/sh

    exec /usr/local/bin/setuidgid qmaill \
            /usr/local/bin/multilog t /var/log/qmail/pop3 2>&1
     

     [root@localhost]# vi /var/qmail/supervise/submission/run
    #!/bin/sh

    VPOP_UID=`id -u vpopmail`
    VPOP_GID=`id -g vpopmail`

    MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`

    exec /usr/local/bin/softlimit -m 48000000 \
            /usr/local/bin/tcpserver -vRHl0 \
            -x /etc/tcprules.d/tcp.smtp.cdb \
            -c ${MAXSMTPD} \
            -u ${VPOP_UID} -g ${VPOP_GID} 0 587 \
            /var/qmail/bin/qmail-smtpd \
            /home/vpopmail/bin/vchkpw /bin/true 2>&1
     

     [root@localhost]# vi /var/qmail/supervise/submission/log/run
    #!/bin/sh

    exec /usr/local/bin/setuidgid qmaill \
            /usr/local/bin/multilog t /var/log/qmail/submission 2>&1
     


     [root@localhost]# chmod 755 /var/qmail/rc
    [root@localhost]# chown root:qmail /var/qmail/rc

    [root@localhost]# chmod 700 /var/qmail/supervise
    [root@localhost]# chown -R qmaill:qmail /var/qmail/supervise
    [root@localhost]# for i in send smtp pop3 submission; do chmod 1700 /var/qmail/supervise/$i; done
    [root@localhost]# for i in send smtp pop3 submission; do chmod 700 /var/qmail/supervise/$i/log; done
    [root@localhost]# for i in send smtp pop3 submission; do chmod 751 /var/qmail/supervise/$i/run; done
    [root@localhost]# for i in send smtp pop3 submission; do chmod 751 /var/qmail/supervise/$i/log/run; done
     


    06-4. tcp.smtp ¼³Á¤
     [root@localhost]# mkdir -p /etc/tcprules.d
    [root@localhost]# vi /etc/tcprules.d/tcp.smtp
    127.0.0.1:allow,RELAYCLIENT="",CHKUSER_RCPTLIMIT="50",CHKUSER_WRONGRCPTLIMIT="10"
    :allow,CHKUSER_RCPTLIMIT="50",CHKUSER_WRONGRCPTLIMIT="10"
    [root@localhost]# tcprules /etc/tcprules.d/tcp.smtp.cdb /etc/tcprules.d/tcp.smtp.tmp < /etc/tcprules.d/tcp.smtp
     


    06-5. qmail log µð·ºÅ丮 »ý¼º
     [root@localhost]# for i in send smtp pop3 submission; do mkdir -p /var/log/qmail/$i; done
    [root@localhost]# chmod -R 750 /var/log/qmail
    [root@localhost]# chown -R qmaill:qmail /var/log/qmail
     


    06-6. qmail ±¸µ¿ ½ºÅ©¸³Æ® »ý¼º
     [root@localhost]# vi /etc/init.d/qmaild 

     #!/bin/sh
    #
    # qmaild       This shell script takes care of starting and stopping
    #              the qmail system.
    #
    # chkconfig: - 30 80
    # description: qmail is a small, fast, secure replacement for the sendmail package, which is
    #              the program that actually receives, routes, and delivers electronic mail.

    export PATH="$PATH:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/var/qmail/bin"
    svclist="send smtp pop3 submission"

    case "$1" in
        start)
            echo "Starting qmail"

            for svc in $svclist; do
                if [ -e /service/${svc} ]; then
                    if svok /service/${svc}; then
                        svc -u /service/${svc}
                    else
                        echo "${svc} supervise not running"
                    fi
                else
                    ln -s /var/qmail/supervise/${svc} /service/
                fi
            done

            if [ -d /var/lock/subsys ]; then
                touch /var/lock/subsys/qmail
            fi
            ;;
        stop)
            echo "Stopping qmail..."

            for svc in $svclist; do
                if [ -e /service/${svc} ]; then
                    echo "  ${svc}"
                    svc -dx /service/${svc} /service/${svc}/log
                    rm -f /service/${svc}
                fi
            done

            if [ -f /var/lock/subsys/qmail ]; then
                rm -f /var/lock/subsys/qmail
            fi
            ;;
        stat)
            for svc in $svclist; do
                if [ -e /service/${svc} ]; then
                    svstat /service/${svc}
                    svstat /service/${svc}/log
                fi
            done
            qmail-qstat
            ;;
        doqueue|alrm|flush)
            if [ -e /service/send ]; then
                echo "Flushing timeout table and sending ALRM signal to send."
                /var/qmail/bin/qmail-tcpok
                svc -a /service/send
            fi
            ;;
        queue)
            qmail-qstat
            qmail-qread
            ;;
        reload|hup)
            if [ -e /service/send ]; then
                echo "Sending HUP signal to send."
                svc -h /service/send
            fi
            ;;
        pause)
            for svc in $svclist; do
                if [ -e /service/${svc} ]; then
                    echo "Pausing ${svc}"
                    svc -p /service/${svc}
                fi
            done
            ;;
        cont)
            for svc in $svclist; do
                if [ -e /service/${svc} ]; then
                    echo "Continuing ${svc}"
                    svc -c /service/${svc}
                fi
            done
            ;;
        restart)
            echo "Restarting qmail:"
            for svc in $svclist; do
                if [ -e /service/${svc} ]; then
                    if [ "${svc}" != "send" ]; then
                        echo "* Stopping ${svc}."
                        svc -d /service/${svc}
                    fi
                fi
            done

            if [ -e /service/send ]; then
                echo "* Sending send SIGTERM and restarting."
                svc -t /service/send
            fi

            for svc in $svclist; do
                if [ -e /service/${svc} ]; then
                    if [ "${svc}" != "send" ]; then
                        echo "* Restarting ${svc}."
                        svc -u /service/${svc}
                    fi
                fi
            done
            ;;
        cdb)
            if [ -z "`grep '\#define POP_AUTH_OPEN_RELAY 1' /home/vpopmail/include/config.h 2>/dev/null`" ]; then
                tcprules /etc/tcprules.d/tcp.smtp.cdb /etc/tcprules.d/tcp.smtp.tmp < /etc/tcprules.d/tcp.smtp
            else
                /home/vpopmail/bin/clearopensmtp
            fi

            echo "Reloaded /etc/tcprules.d/tcp.smtp."
            ;;
        help)
    cat <        stop -- stops mail service (smtp connections refused, nothing goes out)
          start -- starts mail service (smtp connection accepted, mail can go out)
          pause -- temporarily stops mail service (connections accepted, nothing leaves)
           cont -- continues paused mail service
           stat -- displays status of mail service
            cdb -- rebuild the tcpserver cdb file for smtp
        restart -- stops and restarts smtp, sends send a TERM & restarts it
        doqueue -- schedules queued messages for immediate delivery
         reload -- sends send HUP, rereading locals and virtualdomains
          queue -- shows status of queue
           alrm -- same as doqueue
          flush -- same as doqueue
            hup -- same as reload
    HELP
            ;;
        *)
            echo "Usage: $0 {start|stop|restart|doqueue|flush|reload|stat|pause|cont|cdb|queue|help}"
            exit 1
            ;;
    esac

    exit 0
     

     [root@localhost]# chmod 755 /etc/init.d/qmaild
    [root@localhost]# chkconfig --add qmaild
    [root@localhost]# chkconfig --level 345 qmaild
     


    06-7. qmail ½ÃÀÛ
     [root@localhost]# /etc/init.d/qmaild start 


    ¡Ø À̷μ­ ±âº»ÀûÀΠť¸ÞÀÏ ¼­¹ö »ç¿ëÀÌ °¡´ÉÇØÁ³½À´Ï´Ù. µµ¸ÞÀÎ ¹× À̸ÞÀÏ °èÁ¤À» »ý¼ºÇÑ µÚ »ç¿ëÇÏ½Ã¸é µË´Ï´Ù.
    ¡¡ ÀÌ ¾Æ·¡´Â ¹ø¿ÜÆí(?) ÀÔ´Ï´Ù. Áï, ¼³Á¤ÇϽǺи¸ ¼³Á¤Çϼż­ »ç¿ëÇÏ½Ã¸é µË´Ï´Ù.

    -------------------------------------------------------------------------------------------
    -------------------------------------------------------------------------------------------


    07. SMTP SSL ÀÎÁõ¼­ »ý¼º
    ¡Ø SMTP¸¦ SSLÀ» ÀÌ¿ëÇÏ¿© »ç¿ëÇÒ °æ¿ì SSL ÀÎÁõ¼­°¡ ÇÊ¿ä ÇÕ´Ï´Ù.
    ¡¡ SSL ÀÎÁõ¼­´Â RootCA ¿¡¼­ À¯·á·Î ±¸ÀÔÀ» ÇØ¾ß µÇÁö¸¸, Å×½ºÆ®¸¦ À§ÇÏ¿© »ç¼³ ÀÎÁõ¼­¸¦ »ý¼ºÇϵµ·Ï ÇÏ°Ú½À´Ï´Ù.
     [root@localhost]# cd /var/qmail/control
    [root@localhost]# openssl req -newkey rsa:1024 -x509 -days 365 -nodes -out servercert.pem -keyout servercert.pem
    Generating a 1024 bit RSA private key
    ..........++++++
    .......................................................++++++
    writing new private key to 'servercert.pem'
    -----
    You are about to be asked to enter information that will be incorporated
    into your certificate request.
    What you are about to enter is what is called a Distinguished Name or a DN.
    There are quite a few fields but you can leave some blank
    For some fields there will be a default value,
    If you enter '.', the field will be left blank.
    -----
    Country Name (2 letter quote) [GB]:KR
    State or Province Name (full name) [Berkshire]:Seoul
    Locality Name (eg, city) [Newbury]:Seoul  
    Organization Name (eg, company) [My Company Ltd]:Qmail SMTP Server
    Organizational Unit Name (eg, section) []:
    Common Name (eg, your name or your server's hostname) []:
    Email Address []:
    [root@localhost]# ln -sfv servercert.pem clientcert.pem

    [root@localhost]# openssl ciphers > tlsserverciphers
    [root@localhost]# ln -sfv tlsserverciphers tlsclientciphers

    [root@localhost]# echo "01 01 * * * root /var/qmail/bin/update_tmprsadh >/dev/null 2>&1" >> /etc/crontab
     


    08. Domain Keys ¼¼ÆÃ
    ¡Ø µµ¸ÞÀÎÅ° ½Ã½ºÅÛÀº Yahoo¿¡¼­ ÁÖµµÇÏ¿© °³¹ßµÈ SSL Å°¸¦ ÀÌ¿ëÇÑ ¸ÞÀÏ ÀÎÁõ ¹æ¹ý ÀÔ´Ï´Ù.
    ¡¡ ÀÚ¼¼ÇÑ »çÇ×Àº http://antispam.yahoo.com/domainkeys ÀÌ°÷À» ÂüÁ¶ÇϽñ⠹ٶø´Ï´Ù.
    08-1. SSL Key »ý¼º
    ¡Ø SSL Å°´Â µµ¸ÞÀκ°·Î »ý¼ºÇØÁִ°ÍÀÌ ÁÁ½À´Ï´Ù.
    ¡¡ ¿¹Á¦¿¡¼­´Â example.com À̶ó´Â µµ¸ÞÀο¡ ´ëÇؼ­ ¼¼ÆÃÇÏ°Ú½À´Ï´Ù.
     [root@localhost]# mkdir -p /var/qmail/control/domainkeys
    [root@localhost]# cd /var/qmail/control/domainkeys
    [root@localhost]# mkdir example.com
    [root@localhost]# cd example.com
    [root@localhost]# /var/qmail/bin/dknewkey private > public.txt
    [root@localhost]# chmod 440 private
    [root@localhost]# cd ..
    [root@localhost]# chown -R root:vchkpw example.com
     


    08-2. Å¥¸ÞÀÏ ¹ÙÀ̳ʸ® ±³Ã¼
    ¡Ø Å¥¸ÞÀÏ ¼­¹ö°¡ ¸ÞÀÏ Çì´õ¿¡ ºñ¹ÐÅ°·Î Sign Çϰųª, ȤÀº ÀÎÁõÄõ¸®(Verify query)¸¦ Á¤»óÀûÀ¸·Î ó¸®ÇÒ ¼ö ÀÖµµ·Ï
    ¡¡ qmail-dk¸¦ °ÅÄ¡µµ·Ï ¹ÙÀ̳ʸ® ÆÄÀÏÀ» ±³Ã¼Çϵµ·Ï ÇÏ°Ú½À´Ï´Ù.
     [root@localhost]# cd /var/qmail/bin
    [root@localhost]# mv qmail-queue qmail-queue.orig
    [root@localhost]# ln -sv qmail-dk qmail-queue
    [root@localhost]# chmod 4711 qmail-queue.orig
     


    08-3. tcp.smtp ¼³Á¤ º¯°æ
    ¡Ø knetqmail¿¡ Àû¿ëµÈ µµ¸ÞÀÎÅ° ÆÐÄ¡´Â ±âº»ÀûÀ¸·Î SSL ÀÎÁõ¼­¸¦ /etc/domainkeys/your-domain.com/default ¿¡¼­ ãµµ·Ï µÇ¾î ÀÖ½À´Ï´Ù.
    ¡¡ µû¶ó¼­ Å¥¸ÞÀÏÀÌ Á¤»óÀûÀ¸·Î SSL ÀÎÁõ¼­¸¦ ãÀ» ¼ö ÀÖµµ·Ï ȯ°æº¯¼ö¸¦ ¼³Á¤Çϵµ·Ï ÇÏ°Ú½À´Ï´Ù.
    ¡¡ (Âü°í·Î ÀÎÁõ¼­ ÆÄÀϸíÀº ÀÚÀ¯·Ó°Ô ¼öÁ¤ÀÌ °¡´ÉÇÕ´Ï´Ù. ´Ü, DNS¿¡ ¼³Á¤µÈ HostName°ú µ¿ÀÏÇØ¾ß µË´Ï´Ù)
     [root@localhost]# vi /etc/tcprules.d/tcp.smtp
    127.0.0.1:allow,RELAYCLIENT="",CHKUSER_RCPTLIMIT="50",CHKUSER_WRONGRCPTLIMIT="10",DKSIGN="/var/qmail/control/domainkeys/%/private"
    :allow,CHKUSER_RCPTLIMIT="50",CHKUSER_WRONGRCPTLIMIT="10",DKSIGN="/var/qmail/control/domainkeys/%/private"
    [root@localhost]# tcprules /etc/tcprules.d/tcp.smtp.cdb /etc/tcprules.d/tcp.smtp.tmp < /etc/tcprules.d/tcp.smtp
     


    08-4. DNS ¼¼ÆÃ
    ¡Ø µµ¸ÞÀÎ Å° ÀÎÁõ ½Ã½ºÅÛÀÌ »ç¿ëÇÒ TXT ·¹Äڵ带 Ãß°¡Çϵµ·Ï ÇÕ´Ï´Ù.
    ¡¡ TXT ·¹Äڵ忡 »ç¿ëµÉ °ªÀº SSL Key »ý¼º ºÎºÐ¿¡¼­ ÃßÃâÇÑ public.txt ÆÄÀÏÀÇ ³»¿ëÀ» ÀÌ¿ëÇÏ½Ã¸é µË´Ï´Ù.
     [root@localhost]# cat /var/qmail/control/domainkeys/example.com/public.txt
    private._domainkey¡¡¡¡IN¡¡¡¡¡¡¡¡TXT¡¡¡¡¡¡"k=rsa; p=MEwwDQYJKoZ..... SSL Key End"
     


     [root@localhost]# vi /var/named/data/example.com.zone
    _domainkey¡¡¡¡¡¡¡¡¡¡¡¡IN¡¡¡¡¡¡¡¡TXT¡¡¡¡¡¡"o=-"
    private._domainkey¡¡¡¡IN¡¡¡¡¡¡¡¡TXT¡¡¡¡¡¡"k=rsa; p=MEwwDQYJKoZ..... SSL Key End"
     
      Ä¿ÇǴнº Ä«Æä ÃÖ±Ù ±Û
    [03/24] Youtube òÁ&#2
    [03/20] Re: ¿Â¶óÀΰÔÀÓÀÇ Á¾ÁÖ±¹ ´ëÇѹα¹
    [03/20] ½ÇÁ¦&#4
    [03/18] ±¹°¡&#5
    [10/20] Cross Compiler ±ò
    [07/14] SSL ¬¡¬°
    [04/26] Re: µµ½ºÈ­¸é ¿ø°ÝÁ¶Á¾ ¿©ºÎ
    [04/25] µµ½ºÈ­¸é ¿ø°ÝÁ¶Á¾ ¿©ºÎ
    [10/30] Cshell¿¡¼­ ³­¼ö ¼³Á¤
    [10/23] °øÇ×öµµÁÖ½Äȸ»ç SE ±¸ÀÎ Ëì
    [01/26] Re: wgetÀ¸·Î ´Ù¸¥¼­¹ö¿¡ÀÖ´Â µð·ºÅ丮¸¦ °¡Á®¿À·Á°íÇÕ´Ï´Ù.
    [01/25] wgetÀ¸·Î ´Ù¸¥¼­¹ö¿¡ÀÖ´Â µð·ºÅ丮¸¦ °¡Á®¿À·Á°íÇÕ´Ï´Ù.
    [01/11] ƯÁ¤ ¾Èµå·ÎÀ̵å WebView ¹öÀü¿¡¼­ SSL ¹®Á¦ (WebView ¹ö±×)
    [08/01] DNS forwarder (Àü´ÞÀÚ) ¼­¹ö¸¦ ÅëÇؼ­ Äõ¸®ÇÏ¸é ¿ª¹æÇâÀ» ¹Þ¾Æ¿ÀÁú ¸øÇÕ´Ï´Ù.
    [05/16] (ÁÖ)ÈÄÀÌÁî ½Ã½ºÅÛ¿£Áö´Ï¾î (°æ·ÂÀÚ) ¸ðÁý
      New!   ÃÖ±Ù¿¡ µî·ÏÇÑ ÆäÀÌÁö
      KiCad EDA Suite project (Free/Libre/Open-Source EDA Suite) (CAD)
      ¿ÀÇÂij½ºÄÉÀ̵å ijµå (OpenCASCADE CAD)
      QCad for Windows --- GNU GPL (Free Software)
      The Hello World Collection
      IPMI¸¦ È°¿ëÇÑ ¸®´ª½º ¼­¹ö°ü¸®
      DNS ¼³Á¤ °Ë»ç
      nagiosgraph ¼³Ä¡ ¹æ¹ý
      Slony-I ¼³Ä¡ ¹æ¹ý (postgresql replication tool)
      Qmail±â¹ÝÀÇ Anti spam ½Ã½ºÅÛ ±¸ÃàÇϱâ
      clusterssh

    [ ÇÔ²²ÇÏ´Â »çÀÌÆ® ]




    ¿î¿µÁø : ÁÁÀºÁøÈ£(truefeel), ¾ß¼ö(yasu), ¹ü³ÃÀÌ, sCag
    2003³â 8¿ù 4ÀÏ~