1. Set the page timeout time
[[email protected] ~]# Vi/var/www/extsuite/extmail/webmail.cfsys_sess_timeout = 30msys_sess_cookie_only = 1
30 minutes no operation will disconnect the page, and the multi-domain environment can be set separately for each domain.
can also be set to timeout when the user closes the browser:
Sys_sess_timeout = 0sys_sess_cookie_only = 1
2. Limit message size
[[email protected] ~]# Vi/var/www/extsuite/extmail/webmail.cfsys_message_size_limit = 20971520
Mail 20M, including attachments, messages sent for the web;
Multi-domain environments can be set individually for each domain.
3. Limit attachments and Mailbox sizes
[[email protected] ~]# Vi/etc/postfix/main.cfmessage_size_limit = 10485760mailbox_size_limit = 2097152000
Attachment 10M, Mailbox 2G.
4. Limit the maximum number of recipients
[[email protected] ~]# Vi/etc/postfix/main.cfsmtpd_recipient_limit = 100[[email protected] ~]# service Postfix Reload
5. Limit the maximum number of connections
Maillog log error when exceeding the limit of connections:
Mail Imapd:maximum connection limit reached for <IPADDRESS> disconnected
[Email protected] ~]# vi/usr/lib/courier-imap/etc/pop3d# Maximum number of POP3 servers started maxdaemons=100 # Maximu M number of connections to accept from the same IP address Maxperip=10[[email protected] ~]#/usr/lib/courier-imap/libexec /pop3d.rc Stop[[email protected] ~]#/usr/lib/courier-imap/libexec/pop3d.rc start
[[email protected] ~]# vi/usr/lib/courier-imap/etc/imapd# The maximum number of IMAP service processes started maxdaemons=100 # accept the maximum number of connections from the same IP address maxperip= 10[[email protected] ~]#/usr/lib/courier-imap/libexec/imapd.rc stop[[email protected] ~]#/usr/lib/courier-imap/ Libexec/imapd.rc start
6. Set the mailbox Capacity 90% reminders (maildrop)
(1) Prerequisites:
--enable-maildirquota was added when compiling the installation Maildrop
(2) configuration postfix:(added when configuring Maildrop,-W 90 indicates a warning when capacity reaches 90%)
[[email protected] ~]# vi/etc/postfix/master.cfmaildrop unix-n N--pipe F Lags=drhu user=vmail argv=/usr/local/bin/maildrop-w 90-d ${user}@${nexthop} ${recipient} ${user} ${extension} {nexthop }
(3) To view the warning message template path:
[Email protected] ~]# cat/usr/local/src/maildrop-2.7.2/libs/maildir/quotawarnmsg.h#define quotawarnmsg "/usr/local /etc/quotawarnmsg "
(4) Copy the warning message template (copied to the path above):
[Email protected] ~]# Cp/usr/local/src/maildrop-2.7.2/libs/maildir/quotawarnmsg/usr/local/etc/[[email protected] ~ ]# chmod 755/usr/local/etc/quotawarnmsg
(5) Set the warning message template :
[Email protected] ~]# vi/usr/local/etc/quotawarnmsgx-comment:rename/copy This file to Quotawarnmsg, and make Appropriat e changesx-comment:see Deliverquota Mans page for more informationfrom:mail Delivery System <[email protected]>repl y-to: [Email protected]to:valued Customer:; Subject:mail quota Warningmime-version:1.0content-type:text/plain; Charset=iso-8859-1content-transfer-encoding:7bit Your mailbox on the server are now more than 90% full. So, you can continueto receive mail, need to remove some messages from your mailbox.
(5) If you want to use the Chinese sender name and the Chinese theme, you can do the following:
[Email protected] ~]# perl-e ' use mime::base64; Print encode_base64 ("system administrator") '; 57o757uf566h55cg5zgy[[email protected] ~]# perl-e ' use mime::base64; Print encode_base64 ("Mailbox Quota warning") '; 6yku566x6ywn6akd6k2m5zgk[[email protected] ~]# vi/usr/local/etc/quotawarnmsgfrom: "= ? UTF-8? b?57o757uf566h55cg5zgy?= "<[email protected]> Subject: =? UTF-8? B?6yku566x6ywn6akd6k2m5zgk?=content-type:text/plain; Charset=unicode (UTF-8) Content-transfer-encoding:8bit Your mailbox space has been used 90%, if you want to use it properly, clear some messages from your mailbox, or contact your administrator. Your mailbox on the server are now more than 90% full. So, you can continueto receive mail, need to remove some messages from your mailbox.
Test:
[email protected] The default space size of the email account is 5 m:
using [email protected] to send a 4M attachment to test, test will receive a warning message:
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/57/84/wKioL1SczIOAAnzwAAHHbPDtBYM163.jpg "style=" float: none; "title=" Qq20141226104046.png "alt=" Wkiol1sczioaanzwaahhbpdtbym163.jpg "/>
Note: The content of the message displayed on the Web side is normal, and the Foxmail client receives the message content is garbled, the conversion encoding format is UTF-8 after the display is normal, so it is best to write the English content in the template.
7. Postfix Black and white list
MAIN.CF commented out the AMAVISD 10024 filter, so the message does not go through the AMAVISD black and white list
(1) Add Access table restrictions:
Smtpd_client_restrictions =
Check_client_access hash:/etc/postfix/client_access #限制客户端IP地址
Smtpd_sender_restrictions =
Check_sender_access hash:/etc/postfix/sender_access #限制发件人地址
Smtpd_recipien_restrictions =
Check_recipien_access hash:/etc/postfix/recipien_access #限制收件人地址
(2) Create an Access table
Vi/etc/postfix/client_access
10.188.1.172 REJECT "IP 172 is User Ywzhou"
192.168.1 REJECT
Extmail.org REJECT
Vi/etc/postfix/sender_access
[Email protected] REJECT
[Email protected] REJECT
Abc.example.com REJECT
Vi/etc/postfix/recipien_access
[Email protected] REJECT
(3) Convert to database format
As long as you modify the Access table to do the conversion operation:
Postmap/etc/postfix/client_access
Postmap/etc/postfix/sender_access
Postmap/etc/postfix/recipien_access
The xxx_access.db file will be generated
(4) Load configuration file
Service Postfix Reload
8, restrict users to send mail to group mailbox
Process: Mail comes in via smtpd, sender filters, check that the recipient is the group address in groups [email protected],
The address calls the class GROUP_LIMIT_RSB, the class call accesses the table RSB, checks if the sender is set to OK in the table, and then rejects the
(1) Add Access table restrictions:
Vi/etc/postfix/main.cf
Smtpd_sender_restrictions =
#这里和前面不同, add the To access table in the from limit
Check_recipient_access hash:/etc/postfix/group_limit/groups
#定义 the "Check recipient" class, a group account corresponds to a
Smtpd_restriction_classes =
GROUP_LIMIT_RSB,
GROUP_LIMIT_CWB,
Group_limit_all
#为类添加发件人访问表
GROUP_LIMIT_RSB =
Check_sender_access HASH:/ETC/POSTFIX/GROUP_LIMIT/RSB,
Reject
GROUP_LIMIT_CWB =
Check_sender_access HASH:/ETC/POSTFIX/GROUP_LIMIT/CWB,
Reject
Group_limit_all =
Check_sender_access Hash:/etc/postfix/group_limit/all,
Reject
#给类添加规则, check the sender Access table, other deny
(2) Create an Access table
Mkdir/etc/postfix/group_limit
#群组账号列表, and the class that it calls
Vi/etc/posftix/group_limit/groups
[Email protected] GROUP_LIMIT_RSB
[Email protected] GROUP_LIMIT_CWB
[Email protected] Group_limit_all
#设置类调用的访问表
Vi/etc/postfix/group_limit/rsb
[Email protected] Ok
Vi/etc/postfix/group_limit/cwb
[Email protected] Ok
Vi/etc/postfix/group_limit/all
Yourmail.com OK
(3) Convert to hash database format
Postmap/etc/postfix/group_limit/group_limit
Postmap/etc/postfix/group_limit/rsb
Postmap/etc/postfix/group_limit/cwb
Postmap/etc/postfix/group_limit/all
(4) Load configuration file
Service Postfix Reload
Problem
With Extmail web, any user can be a group of aliases
Because Webmail is sent via a pipe call/usr/sbin/sendmail email is not subject to this limitation
The webmail must be sent using SMTP to implement this restriction
9, restrict the user can only send and receive mail inside
Refer to the previous section group restrictions
Process: Outgoing mail to test01~03, recipient filtering, check its sender call local_senders_in Access table,
01 and 02 are set in the table to call the Local_limit_in class, which calls Local_domains to access the Table sender table,
The table does not have an extranet sender's domain name and therefore rejects 01 and 02, but 03 is normal;
Similarly 01~03 email to the extranet, local_senders_out limit 01 and 03 can only be sent to the domain in Local_domains,
Therefore, 02 is not restricted.
(1) Add Access table restrictions:
Vi/etc/postfix/main.cf
Smtpd_recipient_restrictions =
Check_sender_access hash:/etc/postfix/group_limit/local_senders_in
Check_recipient_access Hash:/etc/postfix/group_limit/local_senders_out
Smtpd_restriction_classes =
Local_limit_in,
Local_limit_out
Local_limit_in =
Check_sender_access Hash:/etc/postfix/group_limit/local_domains,
Reject
Local_limit_out =
Check_recipient_access Hash:/etc/postfix/group_limit/local_domains,
Reject
(2) Create an Access table
Vi/etc/posftix/group_limit/local_senders_in
[Email protected] local_limit_in
[Email protected] local_limit_in
Vi/etc/posftix/group_limit/local_senders_out
[Email protected] Local_limit_out
[Email protected] Local_limit_out
Vi/etc/postfix/group_limit/local_domains
Yourmail.com OK
seconed.cn OK
(3) Convert to hash database format
Postmap/etc/postfix/group_limit/local_domains
Postmap/etc/postfix/group_limit/local_senders_in
Postmap/etc/postfix/group_limit/local_senders_out
(4) Load configuration file
Service Postfix Reload
10. AMAVISD Limit
Vi/etc/amavisd.conf
#对本地发出的邮件不进行内容过滤
$policy _bank{' mynets '} = {# mail originating from @mynetworks
Originating = 1, # is true in Mynets by default, but let's make it explicit
Os_fingerprint_method = undef, # don ' t query p0f for internal clients
Allow_disclaimers = 1, # enables disclaimer insertion if available
#添加以下三行参数, do not check
Bypass_spam_checks_maps = [1],
Bypass_banned_checks_maps = [1],
Bypass_header_checks_maps = [1],
};
# Enable auto-learning white list
$sa _auto_whitelist = 1;
# Configure the Black and white list, can not set, so postfix commented out 10024 filters, will not go through this list
Read_hash (\%whitelist_sender, '/etc/amavisd/whitelist ');
Read_hash (\%blacklist_sender, '/etc/amavisd/blacklist ');
VI Whitelist
[Email protected] #单个邮件地址
test.com #整个域
. test1.com #整个域及其子域
#限制附件格式
$banned _filename_re = New_re (
QR ' _\. (Exe-ms|dll) $ ',
QR ' \. [_./]*[a-za-z][_./*\. ( Exe|vbs|pif|scr|bat|cmd|com|cpl|dll) \.? $ ' I,
qr '. \. (exe|vbs|pif|scr|cpl) $ ' I,
To release attachments in the specified format, delete the fields, such as bat.
Service AMAVISD Restart
This article is from the "Moon Ching Xing Fei" blog, please be sure to keep this source http://ywzhou.blog.51cto.com/2785388/1596169
Postfix mailbox (13): Throttling policy