diff --git a/mail-doc/mail搭建公司邮箱/image/datebase.png b/mail-doc/mail搭建公司邮箱/image/datebase.png
new file mode 100644
index 0000000..2c6aadf
Binary files /dev/null and b/mail-doc/mail搭建公司邮箱/image/datebase.png differ
diff --git a/mail-doc/mail搭建公司邮箱/image/next.png b/mail-doc/mail搭建公司邮箱/image/next.png
new file mode 100644
index 0000000..ab9f621
Binary files /dev/null and b/mail-doc/mail搭建公司邮箱/image/next.png differ
diff --git a/mail-doc/mail搭建公司邮箱/image/password.png b/mail-doc/mail搭建公司邮箱/image/password.png
new file mode 100644
index 0000000..9e4b25c
Binary files /dev/null and b/mail-doc/mail搭建公司邮箱/image/password.png differ
diff --git a/mail-doc/mail搭建公司邮箱/image/postfixadmin.png b/mail-doc/mail搭建公司邮箱/image/postfixadmin.png
new file mode 100644
index 0000000..513834e
Binary files /dev/null and b/mail-doc/mail搭建公司邮箱/image/postfixadmin.png differ
diff --git a/mail-doc/mail搭建公司邮箱/image/snapshot1.png b/mail-doc/mail搭建公司邮箱/image/snapshot1.png
new file mode 100644
index 0000000..5a09c62
Binary files /dev/null and b/mail-doc/mail搭建公司邮箱/image/snapshot1.png differ
diff --git a/mail-doc/mail搭建公司邮箱/image/snapshot10.png b/mail-doc/mail搭建公司邮箱/image/snapshot10.png
new file mode 100644
index 0000000..1d6ddd7
Binary files /dev/null and b/mail-doc/mail搭建公司邮箱/image/snapshot10.png differ
diff --git a/mail-doc/mail搭建公司邮箱/image/snapshot11.png b/mail-doc/mail搭建公司邮箱/image/snapshot11.png
new file mode 100644
index 0000000..16448c2
Binary files /dev/null and b/mail-doc/mail搭建公司邮箱/image/snapshot11.png differ
diff --git a/mail-doc/mail搭建公司邮箱/image/snapshot12.png b/mail-doc/mail搭建公司邮箱/image/snapshot12.png
new file mode 100644
index 0000000..9ae3fdc
Binary files /dev/null and b/mail-doc/mail搭建公司邮箱/image/snapshot12.png differ
diff --git a/mail-doc/mail搭建公司邮箱/image/snapshot13.png b/mail-doc/mail搭建公司邮箱/image/snapshot13.png
new file mode 100644
index 0000000..86ec6d7
Binary files /dev/null and b/mail-doc/mail搭建公司邮箱/image/snapshot13.png differ
diff --git a/mail-doc/mail搭建公司邮箱/image/snapshot14.png b/mail-doc/mail搭建公司邮箱/image/snapshot14.png
new file mode 100644
index 0000000..865a83d
Binary files /dev/null and b/mail-doc/mail搭建公司邮箱/image/snapshot14.png differ
diff --git a/mail-doc/mail搭建公司邮箱/image/snapshot2.png b/mail-doc/mail搭建公司邮箱/image/snapshot2.png
new file mode 100644
index 0000000..f72b465
Binary files /dev/null and b/mail-doc/mail搭建公司邮箱/image/snapshot2.png differ
diff --git a/mail-doc/mail搭建公司邮箱/image/snapshot3.png b/mail-doc/mail搭建公司邮箱/image/snapshot3.png
new file mode 100644
index 0000000..5539bd5
Binary files /dev/null and b/mail-doc/mail搭建公司邮箱/image/snapshot3.png differ
diff --git a/mail-doc/mail搭建公司邮箱/image/snapshot4.png b/mail-doc/mail搭建公司邮箱/image/snapshot4.png
new file mode 100644
index 0000000..b8d1890
Binary files /dev/null and b/mail-doc/mail搭建公司邮箱/image/snapshot4.png differ
diff --git a/mail-doc/mail搭建公司邮箱/image/snapshot5.png b/mail-doc/mail搭建公司邮箱/image/snapshot5.png
new file mode 100644
index 0000000..ad45891
Binary files /dev/null and b/mail-doc/mail搭建公司邮箱/image/snapshot5.png differ
diff --git a/mail-doc/mail搭建公司邮箱/image/snapshot6.png b/mail-doc/mail搭建公司邮箱/image/snapshot6.png
new file mode 100644
index 0000000..6d56b48
Binary files /dev/null and b/mail-doc/mail搭建公司邮箱/image/snapshot6.png differ
diff --git a/mail-doc/mail搭建公司邮箱/image/snapshot7.png b/mail-doc/mail搭建公司邮箱/image/snapshot7.png
new file mode 100644
index 0000000..cdf6b05
Binary files /dev/null and b/mail-doc/mail搭建公司邮箱/image/snapshot7.png differ
diff --git a/mail-doc/mail搭建公司邮箱/image/snapshot8.png b/mail-doc/mail搭建公司邮箱/image/snapshot8.png
new file mode 100644
index 0000000..5ca45d8
Binary files /dev/null and b/mail-doc/mail搭建公司邮箱/image/snapshot8.png differ
diff --git a/mail-doc/mail搭建公司邮箱/image/snapshot9.png b/mail-doc/mail搭建公司邮箱/image/snapshot9.png
new file mode 100644
index 0000000..0155b41
Binary files /dev/null and b/mail-doc/mail搭建公司邮箱/image/snapshot9.png differ
diff --git a/mail-doc/mail搭建公司邮箱/image/新建域.png b/mail-doc/mail搭建公司邮箱/image/新建域.png
new file mode 100644
index 0000000..7d71b1c
Binary files /dev/null and b/mail-doc/mail搭建公司邮箱/image/新建域.png differ
diff --git a/mail-doc/mail搭建公司邮箱/image/新建邮箱.png b/mail-doc/mail搭建公司邮箱/image/新建邮箱.png
new file mode 100644
index 0000000..da7e2bc
Binary files /dev/null and b/mail-doc/mail搭建公司邮箱/image/新建邮箱.png differ
diff --git a/mail-doc/mail搭建公司邮箱/pic/01测试postfixadmin.png b/mail-doc/mail搭建公司邮箱/pic/01测试postfixadmin.png
new file mode 100644
index 0000000..08da06c
Binary files /dev/null and b/mail-doc/mail搭建公司邮箱/pic/01测试postfixadmin.png differ
diff --git a/mail-doc/mail搭建公司邮箱/pic/02输入setup-ps.png b/mail-doc/mail搭建公司邮箱/pic/02输入setup-ps.png
new file mode 100644
index 0000000..0f76554
Binary files /dev/null and b/mail-doc/mail搭建公司邮箱/pic/02输入setup-ps.png differ
diff --git a/mail-doc/mail搭建公司邮箱/pic/03设置管理员账户.png b/mail-doc/mail搭建公司邮箱/pic/03设置管理员账户.png
new file mode 100644
index 0000000..586e965
Binary files /dev/null and b/mail-doc/mail搭建公司邮箱/pic/03设置管理员账户.png differ
diff --git a/mail-doc/mail搭建公司邮箱/pic/04登录管理员账户.png b/mail-doc/mail搭建公司邮箱/pic/04登录管理员账户.png
new file mode 100644
index 0000000..c666eda
Binary files /dev/null and b/mail-doc/mail搭建公司邮箱/pic/04登录管理员账户.png differ
diff --git a/mail-doc/mail搭建公司邮箱/pic/05新建域.png b/mail-doc/mail搭建公司邮箱/pic/05新建域.png
new file mode 100644
index 0000000..609f8d0
Binary files /dev/null and b/mail-doc/mail搭建公司邮箱/pic/05新建域.png differ
diff --git a/mail-doc/mail搭建公司邮箱/pic/06新建邮箱用户.png b/mail-doc/mail搭建公司邮箱/pic/06新建邮箱用户.png
new file mode 100644
index 0000000..a67e9a7
Binary files /dev/null and b/mail-doc/mail搭建公司邮箱/pic/06新建邮箱用户.png differ
diff --git a/mail-doc/mail搭建公司邮箱/pic/07检测php版本.png b/mail-doc/mail搭建公司邮箱/pic/07检测php版本.png
new file mode 100644
index 0000000..0f3ad46
Binary files /dev/null and b/mail-doc/mail搭建公司邮箱/pic/07检测php版本.png differ
diff --git a/mail-doc/mail搭建公司邮箱/pic/08检测数据库版本.png b/mail-doc/mail搭建公司邮箱/pic/08检测数据库版本.png
new file mode 100644
index 0000000..567af32
Binary files /dev/null and b/mail-doc/mail搭建公司邮箱/pic/08检测数据库版本.png differ
diff --git a/mail-doc/mail搭建公司邮箱/pic/09网页邮箱普通设置.png b/mail-doc/mail搭建公司邮箱/pic/09网页邮箱普通设置.png
new file mode 100644
index 0000000..e009459
Binary files /dev/null and b/mail-doc/mail搭建公司邮箱/pic/09网页邮箱普通设置.png differ
diff --git a/mail-doc/mail搭建公司邮箱/pic/10网页邮箱数据库设置.png b/mail-doc/mail搭建公司邮箱/pic/10网页邮箱数据库设置.png
new file mode 100644
index 0000000..02e0ef8
Binary files /dev/null and b/mail-doc/mail搭建公司邮箱/pic/10网页邮箱数据库设置.png differ
diff --git a/mail-doc/mail搭建公司邮箱/pic/11网页邮箱IMAP设置.png b/mail-doc/mail搭建公司邮箱/pic/11网页邮箱IMAP设置.png
new file mode 100644
index 0000000..e07b6d6
Binary files /dev/null and b/mail-doc/mail搭建公司邮箱/pic/11网页邮箱IMAP设置.png differ
diff --git a/mail-doc/mail搭建公司邮箱/pic/12网页邮箱SMTP设置.png b/mail-doc/mail搭建公司邮箱/pic/12网页邮箱SMTP设置.png
new file mode 100644
index 0000000..42dd200
Binary files /dev/null and b/mail-doc/mail搭建公司邮箱/pic/12网页邮箱SMTP设置.png differ
diff --git a/mail-doc/mail搭建公司邮箱/pic/13网页邮箱显示和用户属性设置.png b/mail-doc/mail搭建公司邮箱/pic/13网页邮箱显示和用户属性设置.png
new file mode 100644
index 0000000..eb226c6
Binary files /dev/null and b/mail-doc/mail搭建公司邮箱/pic/13网页邮箱显示和用户属性设置.png differ
diff --git a/mail-doc/mail搭建公司邮箱/pic/14网页邮箱插件设置.png b/mail-doc/mail搭建公司邮箱/pic/14网页邮箱插件设置.png
new file mode 100644
index 0000000..297fe7a
Binary files /dev/null and b/mail-doc/mail搭建公司邮箱/pic/14网页邮箱插件设置.png differ
diff --git a/mail-doc/mail搭建公司邮箱/pic/15网页邮箱完成设置.png b/mail-doc/mail搭建公司邮箱/pic/15网页邮箱完成设置.png
new file mode 100644
index 0000000..1b98ca5
Binary files /dev/null and b/mail-doc/mail搭建公司邮箱/pic/15网页邮箱完成设置.png differ
diff --git a/mail-doc/mail搭建公司邮箱/pic/16网页邮箱检测数据库设置.png b/mail-doc/mail搭建公司邮箱/pic/16网页邮箱检测数据库设置.png
new file mode 100644
index 0000000..de2e16c
Binary files /dev/null and b/mail-doc/mail搭建公司邮箱/pic/16网页邮箱检测数据库设置.png differ
diff --git a/mail-doc/mail搭建公司邮箱/pic/17网页邮箱检测SMTP和IMAP设置.png b/mail-doc/mail搭建公司邮箱/pic/17网页邮箱检测SMTP和IMAP设置.png
new file mode 100644
index 0000000..06246d4
Binary files /dev/null and b/mail-doc/mail搭建公司邮箱/pic/17网页邮箱检测SMTP和IMAP设置.png differ
diff --git a/mail-doc/mail搭建公司邮箱/pic/18网页邮箱用户修改密码.png b/mail-doc/mail搭建公司邮箱/pic/18网页邮箱用户修改密码.png
new file mode 100644
index 0000000..c890b5b
Binary files /dev/null and b/mail-doc/mail搭建公司邮箱/pic/18网页邮箱用户修改密码.png differ
diff --git a/mail-doc/mail搭建公司邮箱/pic/19雷鸟创建邮箱用户.png b/mail-doc/mail搭建公司邮箱/pic/19雷鸟创建邮箱用户.png
new file mode 100644
index 0000000..2dbf776
Binary files /dev/null and b/mail-doc/mail搭建公司邮箱/pic/19雷鸟创建邮箱用户.png differ
diff --git a/mail-doc/mail搭建公司邮箱/pic/20雷鸟邮箱账户设置.png b/mail-doc/mail搭建公司邮箱/pic/20雷鸟邮箱账户设置.png
new file mode 100644
index 0000000..2631bb6
Binary files /dev/null and b/mail-doc/mail搭建公司邮箱/pic/20雷鸟邮箱账户设置.png differ
diff --git a/mail-doc/mail搭建公司邮箱/pic/21对邮箱账户的修改删除.png b/mail-doc/mail搭建公司邮箱/pic/21对邮箱账户的修改删除.png
new file mode 100644
index 0000000..03a7150
Binary files /dev/null and b/mail-doc/mail搭建公司邮箱/pic/21对邮箱账户的修改删除.png differ
diff --git a/mail-doc/mail搭建公司邮箱/pic/22确认安全例外.png b/mail-doc/mail搭建公司邮箱/pic/22确认安全例外.png
new file mode 100644
index 0000000..a130407
Binary files /dev/null and b/mail-doc/mail搭建公司邮箱/pic/22确认安全例外.png differ
diff --git a/mail-doc/mail搭建公司邮箱/pic/23网页确认安全例外.png b/mail-doc/mail搭建公司邮箱/pic/23网页确认安全例外.png
new file mode 100644
index 0000000..7ea08bf
Binary files /dev/null and b/mail-doc/mail搭建公司邮箱/pic/23网页确认安全例外.png differ
diff --git a/mail-doc/mail搭建公司邮箱/pic/24邮件群发管理.png b/mail-doc/mail搭建公司邮箱/pic/24邮件群发管理.png
new file mode 100644
index 0000000..276201b
Binary files /dev/null and b/mail-doc/mail搭建公司邮箱/pic/24邮件群发管理.png differ
diff --git a/mail-doc/mail搭建公司邮箱/pic/25创建邮件群发.png b/mail-doc/mail搭建公司邮箱/pic/25创建邮件群发.png
new file mode 100644
index 0000000..a85c453
Binary files /dev/null and b/mail-doc/mail搭建公司邮箱/pic/25创建邮件群发.png differ
diff --git a/mail-doc/mail搭建公司邮箱/公司邮箱搭建.md b/mail-doc/mail搭建公司邮箱/公司邮箱搭建.md
new file mode 100644
index 0000000..20e9dd4
--- /dev/null
+++ b/mail-doc/mail搭建公司邮箱/公司邮箱搭建.md
@@ -0,0 +1,2011 @@
+# 1 目的
+
+用新的服务器来替换旧的服务器，新的服务器要实现以下功能：
+
+## 1.1 搭建域名解析服务器
+
+1. 对公司的网站进行域名解析服务
+
+## 1.2 对公司网站进行加密服务
+
+1. 使用ssl对公司网站进行ssl加密服务
+
+## 1.3 邮件服务器所实现的功能
+
+1. 实现邮件收发的功能
+
+2. 实现邮件的垃圾过滤和杀毒的功能
+
+3. 实现网页邮件服务的功能
+
+4. 实现对邮件用户配额,附件大小配置，修改个人密码的功能
+
+5. 实现通过网页管理邮件用户的功能
+
+# 2 邮件域名和网站服务器
+
+## 2.1 安装操作系统
+
+下载debian-8.8.0的操作系统镜像
+
+```
+wget http://ftp.cae.tntech.edu/debian-cd/dvd/debian-8.8.0-amd64-DVD-1.iso
+```
+
+### 2.1.1 分区规划
+
+```
+/		50G
+swap	15G
+/var	1T
+```
+
+### 2.1.2 网络规划
+
+```
+主机名:mail.linx-info.com
+用户:rocky	密码:rocky
+eth1: inet 172.17.201.8/16 brd 172.17.255.255
+eth3: inet 172.31.255.3/24 brd 172.31.255.255
+```
+
+## 2.2 所使用的软件包
+
+### 2.2.1 通过软件源来进行下载的软件包
+
+1. dns服务使用的软件是bind9
+
+```
+named -v
+BIND 9.9.5-9+deb8u15-Debian (Extended Support Version)
+```
+
+2. web服务使用的软件是nginx  php
+
+```
+nginx -v
+nginx version: nginx/1.12.2
+
+php7.0 -v
+PHP 7.0.27-1~dotdeb+8.1 (cli) ( NTS )
+```
+
+3. 数据库使用的是mysql
+
+```
+mysqld --version
+mysqld  Ver 5.5.59-0+deb8u1 for debian-linux-gnu on x86_64 ((Debian))
+```
+
+4. 邮件服务使用的软件是postfix dovecot
+
+```
+postconf -d | grep mail_version
+mail_version = 2.11.3
+milter_macro_v = $mail_name $mail_version
+
+dovecot --version
+2.2.13
+```
+
+5. 垃圾邮件过滤软件使用的是spamassassin
+
+```
+spamassassin --version
+SpamAssassin version 3.4.0
+  running on Perl version 5.20.2
+```
+
+6. 邮件杀毒软件使用的是clamav
+
+```
+freshclam --version
+ClamAV 0.99.3/24373/Thu Mar  8 09:11:49 2018
+```
+
+### 2.2.2 从网站中下载的软件
+
+1. 邮件服务器管理使用的软件是postfixadmin
+
+```
+http://nchc.dl.sourceforge.net/project/postfixadmin/postfixadmin/postfixadmin-3.0/postfixadmin-3.0.tar.gz
+postfixadmin-3.0
+```
+
+2. 网页邮箱使用的是roundcube
+
+```
+https://github.com/roundcube/roundcubemail/releases/download/1.3.3/roundcubemail-1.3.3-complete.tar.gz
+roundcubemail-1.3.3
+```
+
+# 3 新服务器网络配置和软件源配置
+
+搭建的是debian-8.8.0操作系统
+
+## 3.1 网络配置
+
+vi /etc/network/interfaces
+
+```
+source /etc/network/interfaces.d/*
+
+auto lo
+iface lo inet loopback
+auto eth3
+iface eth3 inet static
+        address 172.31.255.3
+        netmask 255.255.255.0
+auto eth1
+iface eth1 inet static
+        address 172.17.201.8
+        netmask 255.255.0.0
+        gateway 172.17.0.254
+```
+
+重启网络
+
+```
+/etc/init.d/networking restart
+```
+
+## 3.2 更改软件源配置和更新软件列表
+
+### 3.2.1 修改软件源配置
+
+把/etc/apt/sources.list修改成以下配置
+
+```
+deb http://mirrors.163.com/debian/ jessie main non-free contrib
+deb http://mirrors.163.com/debian/ jessie-updates main non-free contrib
+deb http://mirrors.163.com/debian/ jessie-backports main non-free contrib
+deb-src http://mirrors.163.com/debian/ jessie main non-free contrib
+deb-src http://mirrors.163.com/debian/ jessie-updates main non-free contrib
+deb-src http://mirrors.163.com/debian/ jessie-backports main non-free contrib
+deb http://mirrors.163.com/debian-security/ jessie/updates main non-free contrib
+deb-src http://mirrors.163.com/debian-security/ jessie/updates main non-free contrib
+deb http://packages.dotdeb.org jessie all
+deb-src http://packages.dotdeb.org jessie all
+```
+
+### 3.2 更新软件列表和操作系统升级
+
+```
+aptitude update -y
+
+由于没有公钥，无法验证下列签名： NO_PUBKEY 9AA38DCD55BE302B
+第一种:
+gpg --keyserver pgpkeys.mit.edu --recv-key 9AA38DCD55BE302B
+gpg -a --export  9AA38DCD55BE302B | sudo apt-key add -
+第二种:
+apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 9D6D8F6BC857C906
+
+aptitude update
+
+aptitude upgrade
+```
+
+
+# 4 安装配置dns服务
+
+安装bind9是要能对公司各个网站提供解析服务,能够实现旧机器的所有解析功能,并且把rd.in.linx域迁移到这台机器上
+
+## 4.1 安装bind9
+
+```
+aptitude install bind9 -y
+```
+
+## 4.2 修改bind9的配置文件
+
+### 4.2.1 配置bind9的配置文件和域文件
+
+拷贝的是旧机器中对应的域名配置和bind9服务的配置拷贝到对应的路径下
+
+```
+tar xf bind-cfg.tar.gz
+cp etc/bind/* /etc/bind
+cp var/cache/bind/* /var/cache/bind
+```
+
+### 4.2.2 在配置文件上添加rd.in.linx域
+
+在/etc/bind/named.conf.local的最后面添加
+
+```
+zone "rd.in.linx" IN{
+	type master;
+	file "rd.in.linx.zone";
+};
+```
+
+### 4.2.3 创建rd.in.linx.zone域名文件
+
+创建/var/cache/bind/rd.in.linx.zone
+
+```
+$ORIGIN  rd.in.linx.
+; BIND reverse data file for empty rfc1918 zone
+;
+; DO NOT EDIT THIS FILE - it is used for multiple zones.
+; Instead, copy it, edit named.conf, and use that copy.
+;
+$TTL    86400
+@       IN      SOA     rd.in.linx. root.rd.in.linx. (
+						1				; Serial
+						604800			; Refresh
+						86400			; Retry
+						2419200         ; Expire
+						86400 )			; Negative Cache TTL
+;
+@       IN      NS      rd.in.linx.
+rd.in.linx.     IN A 172.31.255.3
+dns             IN A 172.31.255.3
+cloud           IN A 172.31.255.3
+;gitlab         IN      A       172.17.150.10
+;gitlab         IN      A       172.16.6.190
+gitlab          IN      A       172.17.201.11
+gitlab-rd2              IN      A       172.16.0.248
+gitlab-mirrorcd         IN      A       172.16.0.249
+gitlab-ci       IN      A       172.17.150.10
+ibarn           IN      A       172.17.150.30
+;erp            IN      A       172.17.150.20
+erp             IN      A       172.17.201.9
+gitlab-runner1  IN      A       172.17.150.31
+gitlab-runner2  IN      A       172.17.150.32
+gitlab-runner3  IN      A       172.17.150.33
+gitlab-runner4  IN      A       172.17.150.34
+gitlab-runner5  IN      A       172.17.150.35
+wanna-build     IN      A       172.17.150.39
+buildd          IN      A       172.17.150.40
+bz              IN      A       172.17.0.251 ;dev2 bugzilla
+ftp             IN      A       172.17.234.234 ;dev1 bugzilla
+bugzilla        IN      A       172.16.0.4 ;dev1 bugzilla
+rd-server       IN      A       172.16.0.4 ;dev1 rd-server
+gitweb          IN      A       172.16.0.4 ;dev1 gitweb-server
+cgit            IN      A       172.16.0.4 ;dev1 cgit-server
+trac            IN      A       172.16.0.4 ;dev1 trac-server
+testlink        IN      A       172.16.0.4 ;dev1 testlink-server
+blog            IN      A       172.16.0.4 ;dev1 blog
+ntp1            IN      A       172.31.255.8 ;ntp1
+ntp2            IN      A       172.31.255.9 ;ntp2
+tslog           IN      A       172.16.0.234 ;tslog.rd.in.linx
+mirrors         IN      A       172.16.0.234 ;mirror.rd.in.linx
+isoimage        IN      A       172.16.0.234 ;isoimage.rd.in.linx
+gitblog         IN      A       172.17.150.22
+qa              IN      A       172.17.150.22
+oduser-doc              IN      A       172.17.150.22
+oddev-doc               IN      A       172.17.150.22
+search          IN      A       172.17.150.21
+www             IN      A       172.17.150.21
+42.builder      IN      A       172.16.0.250 ;4.2.builder
+proxy           IN      A       172.16.0.250
+pic             IN      A       172.17.150.17; pictures of linx
+autotest        IN      A       172.19.135.254
+linx-info       IN      A       172.31.255.3
+exam            IN      A       172.17.150.24
+yy              IN      A       172.16.3.17
+```
+
+4. 修改解析服务器地址
+
+vi /etc/resove.conf
+
+```
+nameserver 172.17.201.8
+```
+
+5. 重启bind9服务查看状态
+
+通过查看bind9状态,判断bind9的配置文件是否存在错误
+
+```
+/etc/init.d/bind9 restart
+/etc/init.d/bind9 status
+```
+
+如果是以下状态说明bind9服务正常启动
+
+```
+● bind9.service - BIND Domain Name Server
+	Loaded: loaded (/lib/systemd/system/bind9.service; enabled)
+  Drop-In: /run/systemd/generator/bind9.service.d
+			└─50-insserv.conf-$named.conf
+	Active: active (running) since 四 2018-03-15 11:37:59 CST; 2min 3s ago
+		Docs: man:named(8)
+Main PID: 471 (named)
+	CGroup: /system.slice/bind9.service
+			└─471 /usr/sbin/named -f -u bind
+```
+
+## 4.3 测试dns服务器
+
+使用dig命令进行测试解析(显示以下结果)
+
+```
+dig www.linx-info.com @172.17.201.8
+;; OPT PSEUDOSECTION:
+; EDNS: version: 0, flags:; udp: 4096
+;; QUESTION SECTION:
+;www.linx-info.com.		IN	A
+;; ANSWER SECTION:
+www.linx-info.com.	604800	IN	A	172.31.255.3
+;; AUTHORITY SECTION:
+linx-info.com.		604800	IN	NS	ns.
+
+dig mail.linx-info.com @172.17.201.8
+;; OPT PSEUDOSECTION:
+; EDNS: version: 0, flags:; udp: 4096
+;; QUESTION SECTION:
+;mail.linx-info.com.		IN	A
+;; ANSWER SECTION:
+mail.linx-info.com.	604800	IN	A	172.31.255.3
+;; AUTHORITY SECTION:
+linx-info.com.		604800	IN	NS	ns
+
+dig odoo.linx-info.com @172.17.201.8
+;; QUESTION SECTION:
+;odoo.linx-info.com.		IN	A
+;; ANSWER SECTION:
+odoo.linx-info.com.	604800	IN	A	172.31.255.3
+;; AUTHORITY SECTION:
+linx-info.com.		604800	IN	NS	ns
+
+dig erp.rd.in.linx
+;; QUESTION SECTION:
+;erp.rd.in.linx.			IN	A
+;; ANSWER SECTION:
+erp.rd.in.linx.		86400	IN	A	172.17.201.9
+;; AUTHORITY SECTION:
+rd.in.linx.		86400	IN	NS	rd.in.linx.
+;; ADDITIONAL SECTION:
+rd.in.linx.		86400	IN	A	172.31.255.3
+```
+
+# 5 安装配置web服务
+
+安装配置web服务，并且使用证书进行ssl加密
+
+如果已经安装了apache,需先停止apache服务
+
+## 5.1 安装nginx网页服务
+
+```
+/etc/init.d/apache2 stop
+/etc/init.d/apache2 status
+aptitude -y install nginx
+```
+
+## 5.2 生成和配置证书
+
+### 5.2.1 修改openssl配置
+
+```
+cd /etc/ssl
+mkdir CA newcerts
+cd CA
+touch index.txt serial
+cd /etc/ssl
+vi openssl.cnf
+修改[CA_default]区域设置内容
+dir		= /etc/ssl		#CA路径
+certs		= $dir/certs		#发给其他的人的证书
+crl_dir		= $dir/crl		#证书吊销列表,不属于必须创建的目录
+database	= $dir/CA/index.txt	    #存放生成证书文件索引  需要手动创建的文件
+new_certs_dir	= $dir/newcerts	 #新生成的证书存放地  需要手动创建
+
+certificate	= $dir/certs/cacert.pem		
+serial= $dir/CA/serial	 #序列号，自己建的每一个证书都有一个序列号，需创建该文件，并指定从几开始
+crlnumber= $dir/crlnumber
+crl= $dir/crl.pem
+private_key= $dir/private/cakey.pem
+RANDFILE= $dir/private/.rand
+x509_extensions	= usr_cert
+
+name_opt	= ca_default		
+cert_opt	= ca_default		
+
+default_days	= 365			
+default_crl_days= 30		
+default_md	= default		
+preserve	= no
+允许从外部站点获取证书
+# For the CA policy
+[ policy_match ]
+countryName		= optional
+stateOrProvinceName	= optional
+organizationName	= optional
+organizationalUnitName	= optional
+commonName		= supplied
+emailAddress		= optional
+
+
+[ req_distinguished_name ]
+countryName			= Country Name (2 letter code)
+countryName_default		= CN  #证书所属国家
+countryName_min			= 2
+countryName_max			= 2
+
+stateOrProvinceName		= State or Province Name (full name)
+stateOrProvinceName_default	= Beijing    #证书所属省会
+
+localityName			= Locality Name (eg, city)
+localityName_default		= Beijing    #证书所属城市
+
+0.organizationName		= Organization Name (eg, company)
+0.organizationName_default	= Linx Technology Co.,Ltd.    #证书所属城市
+
+```
+
+### 5.2.2 如何生成证书
+
+我们使用旧机器的证书，进行加密，因此跳过生成证书这一步
+
+1. 生成CA服务器的根证书
+
+```
+生成CA服务器自己的私钥
+openssl genrsa 1024 >private/cakey.pem
+为保护CA私钥的安全性，改变私钥文件的权限
+chmod 600 private/*
+使用CA的私钥生成CA服务器自己的认证证书
+openssl req -new -key private/cakey.pem -x509 -out  certs/cacert.pem
+注意：这一步骤生成的cacert.pem文件即为CA服务器的根证书
+```
+
+
+2. 生成Apache服务的认证证书
+
+```
+生成Apache服务的私钥
+openssl genrsa 1024 >private/apache2.key
+为保护CA私钥的安全性，改变私钥文件的权限
+chmod 600 private/*
+使用CA的私钥生成证书请求文件(Certificate Signing Request)
+openssl req -new -key private/apache2.key -out newcerts/apache2.csr
+通过证书请求获取Apache服务的认证证书
+向CA服务器提交申请文件apache2.csr，CA服务器根据该文件签署生成证书
+openssl  ca  -in  newcerts/apache2.csr  -out  newcerts/apache2.crt
+注意：这一步骤生成的apache2.crt文件即为Apache服务的认证证书
+```
+
+
+
+
+### 5.2.3 添加证书
+
+因为有旧机器上的证书,所以不用重新生成新证书,拷贝原服务器里证书到新的服务器中
+
+```
+cd new-mail
+cp ssl-cert-snakeoil.pem /etc/ssl/certs/ssl-cert-snakeoil.pem
+cp ssl-cert-snakeoil.key /etc/ssl/private/ssl-cert-snakeoil.key
+cp mail.crt /etc/ssl/newcerts/
+cp mail.key /etc/ssl/private/
+cp 配置文件存档/CA/etc/ssl/certs/apache2.crt /etc/ssl/certs/
+cp 配置文件存档/CA/etc/ssl/private/apache2.key /etc/ssl/private/
+cp www.linx-info.com /etc/ssl/certs/ -r
+chmod -R 600 /etc/ssl/certs
+chmod -R 600 /etc/ssl/private
+chmod -R 600 /etc/ssl/newcerts
+```
+
+## 5.3 配置nginx
+
+
+### 5.3.1 邮件管理网页的配置
+
+创建/etc/nginx/sites-available/postfixadmin.linx-info.com
+
+```
+server {
+		listen 80;
+		server_name postfixadmin.linx-info.com;
+		return 301 https://$server_name$request_uri;
+}
+
+server {
+		listen          443 ssl;
+		server_name     postfixadmin.linx-info.com;
+		root            /var/www/postfixadmin-3.0;
+		index           index.php;
+		charset         utf-8;
+
+		ssl_certificate           /etc/ssl/certs/ssl-cert-snakeoil.pem;
+		ssl_certificate_key       /etc/ssl/private/ssl-cert-snakeoil.key;
+		ssl_protocols             TLSv1.2;
+		ssl_ciphers               HIGH:!aNULL:!MD5;
+		ssl_prefer_server_ciphers on;
+		ssl_session_cache         shared:SSL:10m;
+		ssl_session_timeout       10m;
+		ssl_ecdh_curve            secp521r1;
+
+		location / {
+				try_files $uri $uri/ index.php;
+		}
+
+		location ~* \.php$ {
+				fastcgi_split_path_info ^(.+\.php)(/.+)$;
+				include       fastcgi_params;
+				fastcgi_pass  unix:/run/php/php7.0-fpm.sock;
+				fastcgi_index index.php;
+				include fastcgi_params;
+				fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+				fastcgi_buffer_size 16k;
+				fastcgi_buffers 4 16k;
+		}
+}
+```
+
+### 5.3.2 odoo网页代理转发的配置
+
+创建/etc/nginx/sites-enabled/odoo.linx-info.com
+
+```
+server {
+		listen 80;
+		server_name odoo.linx-info.com;
+#        return 301 https://$server_name$request_uri;
+		location / {
+				proxy_next_upstream error timeout invalid_header http_500 http_503 http_404;
+				proxy_pass  http://erp.rd.in.linx:8069/  ;
+				proxy_set_header Host odoo.linx-info.com;
+				proxy_set_header X-Real-IP $remote_addr;
+				proxy_set_header X-Forwarded-For  $proxy_add_x_forwarded_for;
+		}
+		access_log /var/log/nginx/odoo.linx-info.com.80.log;
+}
+server {
+		listen 10000;
+		server_name odoo.linx-info.com;
+#        return 301 https://$server_name$request_uri;
+		location / {
+				proxy_next_upstream error timeout invalid_header http_500 http_503 http_404;
+				proxy_pass  http://erp.rd.in.linx:8069/  ;
+				proxy_set_header Host odoo.linx-info.com;
+				proxy_set_header X-Real-IP $remote_addr;
+				proxy_set_header X-Forwarded-For  $proxy_add_x_forwarded_for;
+		}
+		access_log /var/log/nginx/odoo.linx-info.com.10000.log;
+}
+server {
+		listen          443 ssl;
+		server_name     odoo.linx-info.com;
+#ssl_certificate           /etc/ssl/certs/ssl-cert-snakeoil.pem;
+#ssl_certificate_key       /etc/ssl/private/ssl-cert-snakeoil.key;
+		ssl_certificate           /etc/ssl/certs/www.linx-info.com/cert.pem;
+		ssl_certificate_key       /etc/ssl/certs/www.linx-info.com/privkey.pem;
+		ssl_protocols             TLSv1.2;
+		ssl_ciphers               HIGH:!aNULL:!MD5;
+		ssl_prefer_server_ciphers on;
+		ssl_session_cache         shared:SSL:10m;
+		ssl_session_timeout       10m;
+		ssl_ecdh_curve            secp521r1;
+
+		location / {
+				proxy_pass  http://erp.rd.in.linx:8069/;
+		}
+		location ~* \.php$ {
+				fastcgi_split_path_info ^(.+\.php)(/.+)$;
+				include       fastcgi_params;
+				fastcgi_pass  unix:/run/php/php7.0-fpm.sock;
+				fastcgi_index index.php;
+				include fastcgi_params;
+				fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+				fastcgi_buffer_size 16k;
+				fastcgi_buffers 4 16k;
+		}
+		access_log /var/log/nginx/odoo.linx-info.com.443.log;
+}
+```
+
+### 5.3.3 公司网站代理转发的配置
+
+创建/etc/nginx/sites-enabled/www.linx-info.com
+
+```
+server {
+		listen 80;
+		server_name www.linx-info.com;
+#        return 301 https://$server_name$request_uri;
+		location / {
+				proxy_next_upstream error timeout invalid_header http_500 http_503 http_404;
+				proxy_pass  http://172.31.255.4/  ;
+				proxy_set_header Host www.linx-info.com;
+				proxy_set_header X-Real-IP $remote_addr;
+				proxy_set_header X-Forwarded-For  $proxy_add_x_forwarded_for;
+		}
+		access_log  /var/log/nginx/www.linx-info.com.log;
+
+}
+server {
+		listen *:443;
+		ssl on;
+		server_name www.linx-info.com;
+		rewrite ^(.*) http://www.linx-info.com$1 permanent;
+#ssl_certificate           /etc/ssl/certs/ssl-cert-snakeoil.pem;
+#ssl_certificate_key       /etc/ssl/private/ssl-cert-snakeoil.key;
+		ssl_certificate           /etc/ssl/certs/apache2.crt;
+		ssl_certificate_key       /etc/ssl/private/apache2.key;
+}
+```
+
+### 5.3.4 网页邮箱的网页配置
+
+创建/etc/nginx/sites-enabled/mail.linx-info.com
+
+```
+server {
+		listen 80;
+		server_name mail.linx-info.com;
+		return 301 https://$server_name$request_uri;
+}
+
+server {
+		listen          443 ssl;
+		server_name     mail.linx-info.com;
+		root            /var/www/webmail;
+		index           index.php;
+		charset         utf-8;
+#ssl_certificate           /etc/ssl/certs/ssl-cert-snakeoil.pem;
+#ssl_certificate_key       /etc/ssl/private/ssl-cert-snakeoil.key;
+		ssl_certificate           /etc/ssl/newcerts/mail.crt;
+		ssl_certificate_key       /etc/ssl/private/mail.key;
+		ssl_protocols             TLSv1.2 TLSv1 TLSv1.1;
+#        ssl_ciphers               "EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4";
+		ssl_ciphers               HIGH:!aNULL:!MD5;
+		ssl_prefer_server_ciphers on;
+		ssl_session_cache         shared:SSL:10m;
+		ssl_session_timeout       10m;
+		ssl_ecdh_curve            secp521r1;
+
+		location / {
+				try_files $uri $uri/ index.php;
+				client_max_body_size 30m;
+		}
+
+		location ~* \.php$ {
+				fastcgi_split_path_info ^(.+\.php)(/.+)$;
+				include       fastcgi_params;
+				fastcgi_pass  unix:/run/php/php7.0-fpm.sock;
+				fastcgi_index index.php;
+				include fastcgi_params;
+				fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+				fastcgi_buffer_size 16k;
+				fastcgi_buffers 4 16k;
+				client_max_body_size 100m;
+		}
+		access_log /var/log/nginx/mail.linx-info.com.log;
+}
+```
+
+### 5.3.5 创建软连接
+
+```
+
+ln -s /etc/nginx/sites-available/postfixadmin.linx-info.com /etc/nginx/sites-enabled/postfixadmin.linx-info.com
+
+```
+
+### 5.3.6 测试并重启nginx,检查nginx服务状态
+
+1. 通过查看服务器状态判断nginx配置是否存在错误
+
+```
+journalctl -xn
+
+nginx -t
+
+service nginx restart
+
+/etc/init.d/nginx status
+
+```
+
+如果以下状况说明nginx启动成功
+
+```
+● nginx.service - A high performance web server and a reverse proxy server
+	Loaded: loaded (/lib/systemd/system/nginx.service; enabled)
+  Drop-In: /etc/systemd/system/nginx.service.d
+			└─override.conf
+	Active: active (running) since 四 2018-03-15 11:48:09 CST; 3s ago
+	  Docs: man:nginx(8)
+   Process: 1755 ExecStartPost=/bin/sleep 0.1 (code=exited, status=0/SUCCESS)
+   Process: 1751 ExecStart=/usr/sbin/nginx -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
+   Process: 1750 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
+  Main PID: 1754 (nginx)
+    CGroup: /system.slice/nginx.service
+			├─1754 nginx: master process /usr/sbin/nginx -g daemon on; master_process on;
+			└─1756 nginx: worker process
+```
+
+
+使用浏览器访问www.linx-info.com和odoo.linx-info.com,看是否能访问公司网页
+
+
+
+
+2. 注意
+
+问题
+
+debian systemd[1]: Failed to read PID from file /run/nginx.pid: Invalid argument
+
+解决方法：
+
+```
+mkdir -p /etc/systemd/system/nginx.service.d
+printf "[Service]\nExecStartPost=/bin/sleep 0.1\n" > /etc/systemd/system/nginx.service.d/override.conf
+systemctl daemon-reload
+systemctl restart nginx.service
+```
+
+
+
+# 6 配置邮件服务器
+
+## 6.1 安装邮件服务的相关软件
+
+### 6.1.1 安装mysql数据库
+
+```
+aptitude install mysql-server -y
+根据提示设置mysql的root用户的密码,设置为rocky123
+```
+
+### 6.1.2 安装邮件传输代理软件
+
+```
+aptitude install -y postfix postfix-mysql
+```
+
+1. 选中“Internet Site”确定。
+
+2. 删除默认“debian”，输入`linx-info.com`确定。
+
+### 6.1.3 安装IMAP和POP3邮件服务器
+
+```
+aptitude install -y dovecot-core dovecot-imapd dovecot-lmtpd dovecot-mysql
+```
+
+### 6.1.4 安装php和相关插件
+
+```
+aptitude install -y  php7.0-imap php7.0-mysql php7.0-mcrypt php7.0-intl php-apc php5-memcache php-curl php7.0-gd php-xml-parser php-imap php-mbstring php-fpm php-mysqlnd
+```
+
+### 6.1.5 安装垃圾邮件过滤软件
+
+```
+aptitude install -y spamassassin
+```
+
+## 6.1.6 安装邮件杀毒软件
+
+```
+aptitude install -y amavisd-new clamav-daemon clamsmtp zoo unzip bzip2 libnet-ph-perl libnet-snpp-perl libnet-telnet-perl nomarch lzop pax
+```
+
+## 6.2 为邮件服务创建数据库
+
+创建一个新的mysql数据库
+
+```
+数据库名:postfixdb
+
+数据库用户:root
+
+密码是:rocky123
+
+赋予postfix用户权限。
+```
+请使用一下命令
+
+```
+mysql -uroot -p 密码rocky123
+create database postfixdb;    创建数据库
+grant all on postfixdb.* to 'postfix'@'localhost' identified by 'rocky123'; 赋予权限
+exit
+mysql -upostfix -p 密码rocky123
+show databases;
+exit
+```
+
+
+## 6.3 创建mailbox的管理用户
+
+### 6.3.1 创建管理用户
+
+创建一个系统帐号vmail 它属于mail组，家目录是/var/vmail，不支持登录，附加文字为Virtual MailDir Handler
+
+```
+useradd -r -u 150 -g mail -m -d /var/vmail -s /sbin/nologin -c "Virtual MailDir Handler" vmail
+```
+
+## 6.4 配置dovecot
+
+### 6.4.1 修改数据库配置文件
+
+修改成/etc/dovecot/dovecot-sql.conf.ext,删除所有的换成一下配置
+
+```
+driver = mysql
+connect = host=127.0.0.1 user=postfix password=rocky123 dbname=postfixdb
+default_pass_scheme = MD5-CRYPT
+password_query = \
+ SELECT username as user, password, '/var/vmail/%d/%n' as userdb_home, \
+ 'maildir:/var/vmail/%d/%n' as userdb_mail, 150 as userdb_uid, 8 as userdb_gid \
+ FROM mailbox WHERE username = '%u' AND active = '1'
+user_query = \
+ SELECT '/var/vmail/%d/%n' as home, 'maildir:/var/vmail/%d/%n' as mail, \
+ 150 AS uid, 8 AS gid, concat('dirsize:storage=', quota) AS quota \
+ FROM mailbox WHERE username = '%u' AND active = '1'
+```
+
+### 6.4.2 修改认证方式配置文件
+
+修改/etc/dovecot/conf.d/10-auth.conf,搜索auth_mechanisms字段，把那一行修改成一下配置,如auth_mechanisms = plain login,然后搜索auth-system.conf.ext和auth-sql.conf.ext和auth-ldap.conf.ext，对照下面配置进行修改
+
+```
+auth_mechanisms = plain login
+
+#!include auth-system.conf.ext
+!include auth-sql.conf.ext
+#!include auth-ldap.conf.ext
+```
+
+### 6.4.3 修改邮件配置文件
+
+修改/etc/dovecot/conf.d/10-mail.conf,搜索mail_location，mail_uid，mail_gid，mail_access_groups，first_valid_uid，last_valid_uid，照着一下配置进行修改，修改mail的目录及相关权限
+
+```
+mail_location = maildir:/var/vmail/%d/%n
+
+mail_uid = vmail
+mail_gid = mail
+
+mail_access_groups = mail
+
+first_valid_uid = 150
+last_valid_uid = 150
+```
+
+### 6.4.4 修改ssl证书路径配置文件
+
+修改/etc/dovecot/conf.d/10-ssl.conf,搜索ssl，ssl_cert，ssl_key，照着一下配置修改．dovecot软件使能ssl加密
+
+```
+ssl = yes
+
+ssl_cert = </etc/dovecot/dovecot.pem
+ssl_key = </etc/dovecot/private/dovecot.pem
+
+```
+
+### 6.4.5 创建添加dovecot证书
+
+1. 检查dovecot目录下是否有dovecot.pem文件,如果有,不需要手动生成,如果没有，手动生成，根据提示将pem文件拷贝对应路径下
+
+```
+apt-get source dovecot
+tar xf dovecot_version.orig.tar.gz
+cd dovecot-version
+cd doc
+sh mkcert.sh
+cp /etc/ssl/private/dovecot.pem /etc/dovecot/private/
+cp /etc/ssl/certs/dovecot.pem /etc/dovecot/
+```
+
+### 6.4.6 修改dovecot主配置文件
+
+修改/etc/dovecot/conf.d/10-master.conf,搜索lmtp，auth，auth-worker，中的服务内容进行修改，修改对应的权限和用户
+
+```
+service lmtp {
+		unix_listener /var/spool/postfix/private/dovecot-lmtp {
+				mode = 0600
+				user = postfix
+				group = postfix
+		}
+}
+
+service auth {
+	unix_listener /var/spool/postfix/private/auth {
+		mode = 0666
+		user = postfix
+		group = postfix
+	}
+	unix_listener auth-userdb {
+		mode = 0600
+		user = vmail
+		#group = vmail
+	}
+	user = dovecot
+}
+
+service auth-worker {
+	user = vmail
+}
+
+```
+
+### 6.4.7 修改dovecot的lda配置文件
+
+修改/etc/dovecot/conf.d/15-lda.conf,搜索postmaster_address，修改等号后的内容为postmaster@mail.linx-info.com
+
+```
+postmaster_address = postmaster@mail.linx-info.com
+```
+
+### 6.4.8 更改dovecot和邮箱用户权限
+
+使dovecot和邮箱用户都能读取相应的配置文件内容
+
+```
+chown -R vmail:dovecot /etc/dovecot
+chmod -R o-rwx /etc/dovecot
+```
+
+### 6.4.9 启动服务
+
+```
+systemctl enable dovecot
+systemctl restart dovecot
+/etc/init.d/dovecot  status
+```
+
+如果是以下状态，说明docecot启动成功
+
+```
+● dovecot.service - Dovecot IMAP/POP3 email server
+	Loaded: loaded (/lib/systemd/system/dovecot.service; enabled)
+	Active: active (running) since 四 2018-03-15 11:38:03 CST; 14min ago
+  Main PID: 494 (dovecot)
+	CGroup: /system.slice/dovecot.service
+			├─494 /usr/sbin/dovecot -F
+			├─564 dovecot/anvil
+			├─565 dovecot/log
+			└─588 dovecot/config
+```
+
+
+
+
+## 6.5 配置postfix
+
+### 6.5.1 检查mysql的监听地址是否为127.0.0.1
+
+1. 查看mysql的监听地址
+
+```
+cat /etc/mysql/my.cnf | grep bind-address
+bind-address        = 127.0.0.1
+```
+
+2. 如果没有的话，在/etc/mysql/my.cnf中添加
+
+```
+bind-address        = 127.0.0.1
+```
+
+### 6.5.2 postfix对mysql进行相关映射
+
+1. 虚拟域的别名映射配置文件
+
+创建/etc/postfix/mysql_virtual_alias_domainaliases_maps.cf
+
+```
+user = postfix
+password = rocky123
+hosts = 127.0.0.1
+dbname = postfixdb
+query = SELECT goto FROM alias,alias_domain WHERE alias_domain.alias_domain = '%d' AND alias.address=concat('%u', '@', alias_domain.target_domain) AND alias.active = 1
+```
+
+2. 虚拟别名映射配置文件
+
+创建/etc/postfix/mysql_virtual_alias_maps.cf
+
+```
+user = postfix
+password = rocky123
+hosts = 127.0.0.1
+dbname = postfixdb
+table = alias
+select_field = goto
+where_field = address
+additional_conditions = and active = '1'
+```
+
+3. 虚拟域映射配置文件
+
+创建/etc/postfix/mysql_virtual_domains_maps.cf
+
+```
+user = postfix
+password = rocky123
+hosts = 127.0.0.1
+dbname = postfixdb
+table = domain
+select_field = domain
+where_field = domain
+additional_conditions = and backupmx = '0' and active = '1'
+```
+
+4. 虚拟邮箱别名的映射配置文件
+
+创建/etc/postfix/mysql_virtual_mailbox_domainaliases_maps.cf
+
+```
+user = postfix
+password = rocky123
+hosts = 127.0.0.1
+dbname = postfixdb
+query = SELECT maildir FROM mailbox, alias_domain
+  WHERE alias_domain.alias_domain='%d'
+  AND mailbox.username=concat('%u', '@', alias_domain.target_domain )
+  AND mailbox.active = 1
+```
+
+5. 虚拟邮箱的映射配置文件
+
+创建/etc/postfix/mysql_virtual_mailbox_maps.cf
+
+```
+user = postfix
+password = rocky123
+hosts = 127.0.0.1
+dbname = postfixdb
+table = mailbox
+select_field = CONCAT(domain, '/', local_part)
+where_field = username
+additional_conditions = and active = '1'
+```
+
+### 6.5.3 创建postfix的头部检测配置文件
+
+创建/etc/postfix/header_checks
+
+```
+/^Received:/                 IGNORE
+/^User-Agent:/               IGNORE
+/^X-Mailer:/                 IGNORE
+/^X-Originating-IP:/         IGNORE
+/^x-cr-[a-z]*:/              IGNORE
+/^Thread-Index:/             IGNORE
+```
+
+### 6.5.4 把dovecot关联到postfix软件中
+
+1. 修改/etc/postfix/main.cf
+
+vi打开/etc/postfix/main.cf文件．搜索# TLS parameters一行，将这一行及以后行换成一下配置
+
+```
+# TLS parameters
+smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
+smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
+smtpd_use_tls = yes
+smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
+smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
+
+# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
+# information on enabling SSL in the smtp client.
+
+smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
+myhostname = mail.linx-info.com
+alias_maps = hash:/etc/aliases
+alias_database = hash:/etc/aliases
+myorigin = /etc/mailname
+mydestination = localhost
+relayhost =
+mynetworks = 127.0.0.0/8 127.0.0.1 172.17.201.0/24 172.16.0.0/24 172.31.255.0/24 172.16.3.0/24
+mailbox_command = procmail -a "$EXTENSION"
+mailbox_size_limit = 0
+recipient_delimiter = +
+inet_interfaces = all
+virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf, mysql:/etc/postfix/mysql_virtual_mailbox_domainaliases_maps.cf
+virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf, mysql:/etc/postfix/mysql_virtual_alias_domainaliases_maps.cf
+virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf
+smtpd_tls_auth_only = yes
+smtpd_sasl_type = dovecot
+smtpd_sasl_path = private/auth
+smtpd_sasl_auth_enable = yes
+smtpd_recipient_restrictions = reject_unauth_pipelining, permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_unauth_destination, permit
+inet_protocols = ipv4
+virtual_transport = lmtp:unix:private/dovecot-lmtp
+content_filter = amavis:[127.0.0.1]:10024
+receive_override_options = no_address_mappings
+message_size_limit = 102400000
+```
+
+
+### 6.5.9 打开postfix所需要的功能
+
+修改/etc/postfix/master.cf,打开submission，smtps，amavis等功能，参考一下配置
+
+```
+smtp      inet  n       -       -       -       -       smtpd
+#smtp      inet  n       -       -       -       1       postscreen
+#smtpd     pass  -       -       -       -       -       smtpd
+#dnsblog   unix  -       -       -       -       0       dnsblog
+#tlsproxy  unix  -       -       -       -       0       tlsproxy
+submission inet n       -       -       -       -       smtpd
+  -o syslog_name=postfix/submission
+  -o smtpd_tls_security_level=encrypt
+  -o smtpd_sasl_auth_enable=yes
+  -o smtpd_reject_unlisted_recipient=no
+  -o smtpd_client_restrictions=$mua_client_restrictions
+  -o smtpd_helo_restrictions=$mua_helo_restrictions
+  -o smtpd_sender_restrictions=$mua_sender_restrictions
+  -o smtpd_recipient_restrictions=
+  -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
+  -o milter_macro_daemon_name=ORIGINATING
+smtps     inet  n       -       -       -       -       smtpd
+  -o syslog_name=postfix/smtps
+  -o smtpd_tls_wrappermode=yes
+  -o smtpd_sasl_auth_enable=yes
+  -o smtpd_reject_unlisted_recipient=no
+  -o smtpd_client_restrictions=$mua_client_restrictions
+  -o smtpd_helo_restrictions=$mua_helo_restrictions
+  -o smtpd_sender_restrictions=$mua_sender_restrictions
+  -o smtpd_recipient_restrictions=
+  -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
+  -o milter_macro_daemon_name=ORIGINATING
+amavis unix - - - - 2 smtp
+  -o smtp_data_done_timeout=1200
+  -o smtp_send_xforward_command=yes
+```
+
+### 6.5.10 重启相应服务并查看状态
+
+```
+service postfix restart
+service postfix status
+service dovecot restart
+service dovecot status
+```
+
+如果是以下状态，说明postfix启动成功
+
+```
+● postfix.service - LSB: Postfix Mail Transport Agent
+	Loaded: loaded (/etc/init.d/postfix)
+   Drop-In: /run/systemd/generator/postfix.service.d
+			└─50-postfix-$mail-transport-agent.conf
+    Active: active (running) since 四 2018-03-15 11:38:20 CST; 16min ago
+   Process: 1440 ExecReload=/etc/init.d/postfix reload (code=exited, status=0/SUCCESS)
+   Process: 1163 ExecStart=/etc/init.d/postfix start (code=exited, status=0/SUCCESS)
+    CGroup: /system.slice/postfix.service
+			├─1378 /usr/lib/postfix/master
+			├─1452 pickup -l -t unix -u -c
+			├─1453 qmgr -l -t unix -u
+			├─2082 trivial-rewrite -n rewrite -t unix -u -c
+			├─2090 smtpd -n 127.0.0.1:10025 -t inet -u -o content_filter= -o receive_override_options=no_unknown_re...
+			├─2091 proxymap -t unix -u
+			└─2092 tlsmgr -l -t unix -u -c
+```
+
+
+
+## 6.6 安装和配置网页邮件管理软件
+
+### 6.6.1 下载安装包
+
+```
+wget http://nchc.dl.sourceforge.net/project/postfixadmin/postfixadmin/postfixadmin-3.0/postfixadmin-3.0.tar.gz
+```
+
+### 6.6.2 解压到对应路径
+
+```
+tar xf postfixadmin-3.0.tar.gz -C /var/www
+```
+
+### 6.6.3 postfixadmin关联数据库
+
+修改/var/www/postfixadmin-3.0/config.inc.php,搜索configured，database_type，database_host，database_user，database_password，database_name，domain_path，domain_in_mailbox，修改配置，以下配置进行参考
+
+```
+$CONF['configured'] = true;
+
+$CONF['database_type'] = 'mysqli';
+$CONF['database_host'] = 'localhost';
+$CONF['database_user'] = 'postfix';              
+$CONF['database_password'] = 'rocky123';         
+$CONF['database_name'] = 'postfixdb';            
+
+$CONF['domain_path'] = 'NO';
+$CONF['domain_in_mailbox'] = 'YES';
+
+```
+
+### 6.6.4 修改var目录权限
+
+```
+chmod 777 -R /var
+/etc/init.d/nginx restart
+```
+
+### 6.6.5 创建postfixadmin管理用户
+
+访问https://postfixadmin.linx-info.com/setup.php
+
+点击我已充分了解可能的风险，点击添加例外
+
+![测试postfixadmin](./pic/23网页确认安全例外.png)
+
+您应该看到如下所示的内容：
+
+```
+Testing database connection - OK - mysqli://mysqli://postfix:xxxxx@localhost/postfixdb
+```
+![测试postfixadmin](./pic/01测试postfixadmin.png)
+
+在“Setup password”后面的框中输入密码(rocky123)。会提示类似如下：
+
+![输入setup-ps.png](./pic/02输入setup-ps.png)
+
+```
+If you want to use the password you entered as setup password, edit config.inc.php or config.local.php and set
+
+$CONF['setup_password'] = '6441d5a80679a5409ee4c25f3deaeaed:e121e1e5814823cb3276cffd615f2d47d84d8faa';
+```
+
+修改setup_password到配置文件中
+
+```
+将`$CONF['setup_password'] = '6441d5a80679a5409ee4c25f3deaeaed:e121e1e5814823cb3276cffd615f2d47d84d8faa'`替换到`/var/www/postfixadmin-3.0/config.inc.php`文件中的相应位置。（可通过在config.inc.php文件中搜索“setup_password”找到对应位置>）
+```
+
+![设置管理员账户](./pic/03设置管理员账户.png)
+
+```
+在setup password:栏中输入rocky123  
+在admin:栏中输入admin@linx-info.com  
+在password:栏中输入rocky123  
+在password(again):栏中输入rocky123  
+点击add admin按钮
+```
+
+## 6.7 配置邮件过滤软件
+
+### 6.7.1 添加邮件过滤用户
+
+```
+adduser spamd --disabled-login
+```
+
+### 6.7.2 修改spamassassin配置文件
+
+修改/etc/default/spamassassin,将配置换成如下配置,将spamassassin使能
+
+```
+ENABLED=1
+OPTIONS="--create-prefs --max-children 5 -d 127.0.0.1 --username spamd --helper-home-dir /home/spamd/ -s /home/spamd/spamd.log"
+PIDFILE="/home/spamd/spamd.pid"
+CRON=1
+
+```
+
+### 6.7.3 添加spamassassin功能到postfix
+
+修改/etc/postfix/master.cf
+
+找到smtp      inet  n       -       -       -       -       smtpd,并在下方添加如下内容
+
+```
+    -o content_filter=spamassassin
+spamassassin unix  -       n       n       -       -       pipe
+   user=nobody argv=/usr/bin/spamc -f -e /usr/sbin/sendmail -oi -f ${sender} ${recipient}
+
+```
+
+### 6.7.4 启动服务
+
+```
+systemctl enable spamassassin
+systemctl restart spamassassin
+systemctl restart postfix
+/etc/init.d/postfix status
+
+```
+
+如果是一下情况说明spamassassin启动成功
+
+```
+● spamassassin.service - Perl-based spam filter using text analysis
+	Loaded: loaded (/lib/systemd/system/spamassassin.service; enabled)
+	Active: active (running) since 四 2018-03-15 11:38:17 CST; 21min ago
+   Process: 2046 ExecReload=/bin/kill -HUP $MAINPID (code=exited, status=0/SUCCESS)
+   Process: 509 ExecStart=/usr/sbin/spamd -d --pidfile=/var/run/spamassassin.pid $OPTIONS (code=exited, status=0/SUCCESS)
+  Main PID: 2070 (/usr/sbin/spamd)
+    CGroup: /system.slice/spamassassin.service
+			├─2070 /usr/sbin/spamd -d --pidfile=/var/run/spamassassin.pid --create-prefs --max-children 5 -d 127.0....
+			├─2086 spamd child
+			└─2087 spamd child
+```
+
+## 6.8 配置邮件杀毒软件
+
+### 6.8.1 更新病毒库
+
+```
+/etc/init.d/clamav-freshclam stop
+freshclam
+```
+
+### 6.8.2 编辑clamsmtp配置文件
+
+修改/etc/clamsmtpd.conf,搜索Header:取消注释，搜索User:修改用户，参考以下配置
+
+```
+Header: X-AV-Checked: ClamAV using ClamSMTP
+User: clamav
+```
+
+
+
+### 6.8.3 编辑连接过滤模式的配置文件
+
+修改/etc/amavis/conf.d/15-content_filter_mode,把配置文件换成如下配置
+
+```
+use strict;
+# You can modify this file to re-enable SPAM checking through spamassassin
+# and to re-enable antivirus checking.
+#
+# Default antivirus checking mode
+# Please note, that anti-virus checking is DISABLED by
+# default.
+# If You wish to enable it, please uncomment the following lines:
+@bypass_virus_checks_maps = (
+				   \%bypass_virus_checks, \@bypass_virus_checks_acl, \$bypass_virus_checks_re);
+#
+# Default SPAM checking mode
+# Please note, that anti-spam checking is DISABLED by
+# default.
+# If You wish to enable it, please uncomment the following lines:
+@bypass_spam_checks_maps = (
+				   \%bypass_spam_checks, \@bypass_spam_checks_acl, \$bypass_spam_checks_re);
+1;  # ensure a defined return
+```
+
+### 6.8.4 编辑amavis系统默认配置文件
+
+修改/etc/amavis/conf.d/20-debian_defaults,参考如下配置
+
+```
+[...]
+$QUARANTINEDIR = "$MYHOME/virusmails";
+$quarantine_subdir_levels = 1; # enable quarantine dir hashing
+
+$log_recip_templ = undef;    # disable by-recipient level-0 log entries
+$DO_SYSLOG = 1;              # log via syslogd (preferred)
+$syslog_ident = 'amavis';    # syslog ident tag, prepended to all messages
+$syslog_facility = 'mail';
+$syslog_priority = 'debug';  # switch to info to drop debug output, etc
+
+$enable_db = 1;              # enable use of BerkeleyDB/libdb (SNMP and nanny)
+$enable_global_cache = 1;    # enable use of libdb-based cache if $enable_db=1
+
+$inet_socket_port = 10024;   # default listening socket
+
+$sa_spam_subject_tag = '***SPAM*** ';
+$sa_tag_level_deflt  = 2.0;  # add spam info headers if at, or above that level
+$sa_tag2_level_deflt = 6.31; # add 'spam detected' headers at that level
+$sa_kill_level_deflt = 6.31; # triggers spam evasive actions
+$sa_dsn_cutoff_level = 10;   # spam level beyond which a DSN is not sent
+
+[...]
+$final_virus_destiny      = D_DISCARD;  # (data not lost, see virus quarantine)
+$final_banned_destiny     = D_BOUNCE;   # D_REJECT when front-end MTA
+$final_spam_destiny       = D_BOUNCE;
+$final_bad_header_destiny = D_PASS;     # False-positive prone (for spam)
+[...]
+```
+
+### 6.8.5 编辑user配置文件
+
+修改/etc/amavis/conf.d/50-user,把配置文件换成如下配置
+
+```
+use strict;
+
+#
+# Place your configuration directives here.  They will override those in
+# earlier files.
+#
+# See /usr/share/doc/amavisd-new/ for documentation and examples of
+# the directives you can use in this file
+#
+
+$pax='pax';
+#------------ Do not modify anything below this line -------------
+1;  # ensure a defined return
+```
+
+### 6.8.6 编辑node_id配置文件
+
+修改/etc/amavis/conf.d/05-node_id把配置文件换成如下配置
+
+```
+use strict;
+
+# $myhostname is used by amavisd-new for node identification, and it is
+# important to get it right (e.g. for ESMTP EHLO, loop detection, and so on).
+
+chomp($myhostname = `hostname --fqdn`);
+
+# To manually set $myhostname, edit the following line with the correct Fully
+# Qualified Domain Name (FQDN) and remove the # at the beginning of the line.
+#
+$myhostname = "mail.linx-info.com";
+
+1;  # ensure a defined return
+```
+
+### 6.8.7 杀毒软件关联到postfix
+
+修改/etc/postfix/master.cf
+
+在结尾添加如下内容
+
+```
+scan      unix  -       -       n       -       16      smtp
+    -o smtp_send_xforward_command=yes
+    -o smtp_enforce_tls=no
+127.0.0.1:10025 inet  n -       n       -       16      smtpd
+    -o content_filter=
+    -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
+    -o smtpd_helo_restrictions=
+    -o smtpd_client_restrictions=
+    -o smtpd_sender_restrictions=
+    -o smtpd_recipient_restrictions=permit_mynetworks,reject
+    -o mynetworks_style=host
+    -o smtpd_authorized_xforward_hosts=127.0.0.0/8
+```
+
+
+
+### 6.8.8 添加用户和重启服务
+
+```
+adduser clamav amavis
+/etc/init.d/amavis restart
+/etc/init.d/clamav-daemon restart
+/etc/init.d/clamav-freshclam restart
+postconf -e 'content_filter = amavis:[127.0.0.1]:10024'
+postconf -e 'receive_override_options = no_address_mappings'
+
+```
+
+## 6.9 在postfixadmin创建域和创建用户
+
+访问登录管理员账户https://postfixadmin.linx-info.com/
+
+![登录管理员账户](./pic/04登录管理员账户.png)
+
+### 6.9.1 创建域
+
+点击域名清单中的新建域，填写相应信息。
+
+```
+域：linx-info.com
+描述：linx
+别名数：0
+邮箱数：0
+```
+
+![新建域](./pic/05新建域.png)
+
+### 6.9.2 创建邮箱用户
+
+点击虚拟用户清单中的新建邮箱，填写相应信息。
+
+```
+用户名：test
+密码：rocky123
+姓名：test
+限制：2000
+```
+
+![新建邮箱用户](./pic/06新建邮箱用户.png)
+
+### 6.9.3 更改显示一页邮件用户的设置
+
+```
+vi /var/www/postfixadmin-3.0/config.inc.php
+$CONF['page_size'] = '1000';
+```
+
+打开浏览器访问postfixadmin@linx-info.com/upgrade.php可生效
+
+
+## 6.10 安装和配置roundcube网页邮箱
+
+### 6.10.1 下载roundcubemail
+
+```
+cd /var/www/
+wget https://github.com/roundcube/roundcubemail/releases/download/1.3.3/roundcubemail-1.3.3-complete.tar.gz
+tar xf roundcubemail-1.3.3-complete.tar.gz
+mv roundcubemail-1.3.3 webmail
+chown -R www-data webmail
+/etc/init.d/nginx restart
+```
+
+### 6.10.2 打开浏览器进入roundcube安装界面
+
+1. 打开浏览器访问mail.linx-info.com/installer/index.php
+
+- Checking PHP version 必须OK  
+
+![检测php版本](./pic/07检测php版本.png)
+
+- Checking databases mysql 必须OK  
+
+![检测数据库版本](./pic/08检测数据库版本.png)
+
+- 通常设置
+
+![网页邮箱普通设置](./pic/09网页邮箱普通设置.png)
+
+- mysql授权和roundcubemail相关日志信息  
+
+![网页邮箱数据库设置](./pic/10网页邮箱数据库设置.png)
+
+- IMAP设置  
+
+![网页邮箱IMAP设置](./pic/11网页邮箱IMAP设置.png)
+
+- SMTP设置  
+
+![网页邮箱SMTP设置](./pic/12网页邮箱SMTP设置.png)
+
+- 进行显示和用户属性配置  
+
+![网页邮箱显示和用户属性设置](./pic/13网页邮箱显示和用户属性设置.png)
+
+- 插件选中passwd
+
+![网页邮箱显示和用户属性设置](./pic/14网页邮箱插件设置.png)
+
+- 点击continue然后进入到测试界面进行测试  
+
+![网页邮箱完成设置](./pic/15网页邮箱完成设置.png)
+
+- 点击initialize database按钮
+
+![网页邮箱检测数据库设置](./pic/16网页邮箱检测数据库设置.png)
+
+
+![网页邮箱检测SMTP和IMAP设置](./pic/17网页邮箱检测SMTP和IMAP设置.png)
+
+- 按照图片输入，点击send test mail按钮 刷新后显示ok，说明测试成功
+
+- 按照图片输入，密码为rocky123，点击check login 刷新后显示ok，说明测试成功
+
+### 6.10.3 对密码插件配置进行修改
+
+只有对密码插件进行修改普通用户才能修改密码
+
+```
+cd /var/www/webmail/plugins/password/
+cp config.inc.php.dist config.inc.php
+
+vi config.inc.php
+
+查找password_db_dsn和password_query，修改参数，照以下配置修改
+
+$config['password_db_dsn'] = 'mysql://postfix:rocky123@localhost/postfixdb';
+// The SQL query used to change the password.
+// The query can contain the following macros that will be expanded as follows:
+// %p is replaced with the plaintext new password
+// %c is replaced with the crypt version of the new password, MD5 if available
+// otherwise DES. More hash function can be enabled using the password_crypt_hash
+// configuration parameter.
+// %D is replaced with the dovecotpw-crypted version of the new password
+// %o is replaced with the password before the change
+// %n is replaced with the hashed version of the new password
+// %q is replaced with the hashed password before the change
+// %h is replaced with the imap host (from the session info)
+// %u is replaced with the username (from the session info)
+// %l is replaced with the local part of the username
+// (in case the username is an email address)
+// %d is replaced with the domain part of the username
+// (in case the username is an email address)
+// Escaping of macros is handled by this module.
+// Default: "SELECT update_passwd(%c, %u)"
+$config['password_query'] = 'UPDATE mailbox SET password=%c WHERE username=%u';
+```
+
+## 6.11 测试邮件服务器
+
+### 6.11.1 通过网页进行测试邮件服务器
+
+1. 从浏览器中访问https://mail.linx-info.com　登录帐号
+
+帐号：test@linx-info.com 密码:rocky123
+
+2. 内网测试
+
+将test@linx-info.com作为收件人进行收发测试
+
+如果能进行正常收发说明好使
+
+3. 外网测试
+
+将XXXXXXX@qq.com作为收件人进行发送测试
+
+从XXXXXXX@qq.com作为发件人，test@linx-info.com为收件人进行接收测试
+
+如果能进行正常收发说明好使
+
+4. 修改密码测试
+
+![网页邮箱用户修改密码](./pic/18网页邮箱用户修改密码.png)
+
+### 6.11.2 通过thunderbird进行测试邮件服务器
+
+1. 配置thunderbird邮箱
+
+点击左侧的本地文件夹，在创建新用户下点击电子邮件,点击跳过使用已有的电子邮箱
+
+![雷鸟创建邮箱用户](./pic/19雷鸟创建邮箱用户.png)
+
+输入名字，邮箱，和密码，点击继续后，再点击手动进行配置
+
+![雷鸟邮箱账户设置](./pic/20雷鸟邮箱账户设置.png)
+
+点击确认安全例外,点击完成
+
+![确认安全例外](./pic/22确认安全例外.png)
+
+2. 内网测试
+
+将test@linx-info.com作为收件人进行收发测试,点击确认安全例外
+
+![确认安全例外](./pic/22确认安全例外.png)
+
+如果能进行正常收发说明好使
+
+3. 外网测试
+
+将XXXXXXX@qq.com作为收件人进行发送测试
+
+从XXXXXXX@qq.com作为发件人，test@linx-info.com为收件人进行接收测试
+
+如果能进行正常收发说明好使
+
+## 6.12 迁移用户数据库和邮件数据
+
+### 6.12.1 批量添加用户
+
+
+首先ssh进入旧机器中，到用户目录，收集邮箱用户
+
+```
+cd /var/vmail/
+ls > user.lst 
+vi user.lst
+删除user.lst这一行
+```
+
+拷贝user.lst到新机器并执行脚本
+
+```
+cd /var/www/postfixadmin-3.0/scripts/
+vi mail.list.sh
+#!/bin/bash
+for list in `cat $1`
+do
+	echo "$list"@linx-info.com
+	#./postfixadmin-cli mailbox delete "$list@linx-info.com"
+	./postfixadmin-cli mailbox add "$list"@linx-info.com --password rocky123 --password2 rocky123 --quota 1000 --name $list
+	#./postfixadmin-cli mailbox update "$list"@linx-info.com --password rocky123 --password2 rocky123 --quota 2000 --name $list
+	echo $?
+	sleep 8
+done
+
+bash mail.list.sh user.lst
+
+```
+
+### 6.12.2 迁移数据库密码
+
+1. 修改加密方式
+
+修改 /etc/dovecot/dovecot-sql.conf.ext
+
+```
+default_pass_scheme = CRYPT
+```
+
+修改 /var/www/postfixadmin-3.0/config.inc.php
+
+```
+$CONF['encrypt'] = 'mysql_encrypt';
+```
+
+2. 更新数据库密码
+
+ssh登入172.31.255.3的机器上导出旧数据的用户和密码
+
+```
+mysql -u mail_admin -procky -e "use mail;select * from users;" |awk '{print $1 "\t" $2}'  >user-pass.lst
+```
+
+写更新数据库密码脚本
+
+```
+vi change_dbpasswd.sh
+#!/bin/bash
+
+IFS=$'\n'
+for list in  `cat $1`
+do
+	user=`echo $list |awk '{ print $1 }'`
+	passwd=`echo $list |awk '{ print $2 }'`
+	#       mysql -uroot -procky123 -e "show databases;use postfixdb;show tables;select * from mailbox where username=\"test@linx-info.com\""
+	mysql -uroot -procky123 -e "use postfixdb;update mailbox set password=\"$passwd\"  where username=\"$user\""
+done
+```
+
+执行脚本更新密码
+
+```
+sh change_dbpasswd.sh user-pass.lst
+```
+
+## 6.12.3 添加群发的邮箱 
+
+通过创建别名，实现对邮箱的群发
+
+```
+浏览器输入https://postfixadmin.linx-info.com(帐号admin@linx-info.com密码rocky123)登入进行管理
+
+点击虚拟用户清单，点击新建别名，照着一下填写就行，转到写6.12.1里面的user.lst的用户,点击新建别名按钮
+
+```
+![创建邮件群发](./pic/25创建邮件群发.png)
+
+### 6.12.3 同步邮箱数据
+
+为什么要同步好几次，因为数据过大，要使旧机器和新机器的数据一致，先同步大部分数据，然后进行更新数据．减小停机时间．
+
+1. 开始同步
+
+```
+rsync -aqH root@172.31.255.3:/var/vmail/linx-info.com /var/vmail/    
+```
+
+2. 再次同步
+
+```
+rsync -auq root@172.31.255.3:/var/vmail/linx-info.com /var/vmail/
+```
+
+
+## 6.13 防病毒测试和垃圾邮件过滤测试
+
+### 6.13.1 防病毒测试
+
+```
+wget https://secure.eicar.org/eicar.com.txt
+```
+
+把下载的文件eicar.com.txt当附件发送，看是否能发送．接收者邮箱原则上是接收不到的
+
+查看日志有一下信息，说明防病毒测试通过
+
+```
+tail -f /var/log/clamav/clamav.log
+...
+/var/lib/amavis/tmp/amavis-20180227T101259-25737-XQpYuk9H/parts/p002: Eicar-Test-Signature(44d88612fea8a8f36de82e1278abb02f:68) FOUND
+```
+
+### 6.13.2 垃圾邮件测试
+
+```
+wget http://spamassassin.apache.org/gtube/gtube.txt
+```
+
+把下载的文件eicar.com.txt当附件发送，看是否能发送，接收邮箱原则上是接收不到的，发送者邮箱会收到一个由邮件服务器发送的邮件"considered unsolicited bulk email说明垃圾过滤测试通过
+
+## 6.14 调整邮箱的上传附件大小
+
+### 6.14.1 修改 postfix 中邮件大小的设置
+
+1. Postfix 是一个邮件传送代理（MTA），因此，要修改配置以使它能传送大附件的邮件。
+
+假设要修改附件大小为 100MB，需对 message_size_limit 和 mailbox_size_limit 做如下修改：
+
+```
+postconf -e message_size_limit='104857600'
+postconf -e mailbox_size_limit='104857600'
+```
+
+2. 之后重启 Postfix 服务，使上述修改生效:
+
+```
+/etc/init.d/postfix restart
+```
+
+注意:  
+
+104857600 是由 100 (MB) x 1024 (KB) x 1024 (Bit) 计算得到的结果。
+邮件在发送前会被客户端（Outlook，Thunderbird等）重新编码，导致邮件大小会超过 100MB，所以建议将上述设置中的邮件大小改为 110MB 或 120MB 即可。  
+
+如果 mailbox_size_limit 的值比 message_size_limit 小，你会在 Postfix 日志 文件里看到这样的错误信息：fatal: main.cf configuration error: mailbox_size_limit is smaller than message_size_limit.
+这样你就可以通过客户端正常发送邮件了。
+
+### 6.14.2 修改 Roundcube 网页邮箱的附件上传大小
+
+1. 如果使用 Roundcube 网页邮箱，需要额外更改两个地方：
+
+修改 PHP 设置允许上传大附件
+
+修改 PHP 配置文件/etc/php/7.0/cli/php.ini和/etc/php/7.0/fpm/php.ini中的 memory_limit， upload_max_filesize 和 post_max_size 三个参数：
+
+```
+memory_limit = 200M;
+upload_max_filesize = 100M;
+post_max_size = 100M;
+```
+
+2. 修改 Roundcube 网页邮箱设置以允许上传大附件
+
+修改 roundcube 目录下的 .htaccess 文件:
+
+```
+php_value    memory_limit   200M
+php_value    upload_max_filesize    100M
+php_value    post_max_size  100M
+```
+
+3. 重启php-fpm 服务以使上述修改生效。
+
+```
+/etc/init.d/php7.0-fpm restart
+```
+
+### 6.14.3 限制 Nginx 上传文件大小
+
+1. 在配置文件/etc/nginx/nginx.conf中找到参数 client_max_body_size ，按需要修改大小：(或在网页配置文件配置里修改/etc/nginx/sites-enabled/mail.linx-info.com)
+
+```
+http {
+		...
+		client_max_body_size 100m;
+		...
+}
+```
+
+# 7 邮件服务器维护(推荐第一种)
+
+## 7.1 第一种方法:
+
+浏览器访问https://postfixadmin.linx-info.com
+
+帐号admin@linx-info.com密码rocky123
+
+登入进行管理邮箱用户
+
+### 7.1.1. 创建用户（针对新同事入职)
+
+在虚拟用户清单下点击新建邮箱，然后按要求添加新同事
+
+![新建邮箱用户](./pic/06新建邮箱用户.png)
+
+### 7.1.2. 修改用户
+
+在虚拟用户清单,在邮箱中找到要修改的邮箱帐户，点击编辑
+
+![对邮箱账户的修改删除](./pic/21对邮箱账户的修改删除.png)
+
+### 7.1.3. 删除用户（针对老同事离职）
+
+在虚拟用户清单,在邮箱中找到要删除的邮箱帐户，点击删除
+
+![对邮箱账户的修改删除](./pic/21对邮箱账户的修改删除.png)
+
+## 7.2 第二种方法:(有利于批量操作)
+
+### 7.2.1. 创建用户（针对新同事入职）
+
+```
+cd /var/www/postfixadmin-3.0/scripts/
+./postfixadmin-cli mailbox add new@linx-info.com --password rocky123 --password2 rocky123 --quota 2000 --name new (其中new为用户成员，--name后的参数为别名)
+```
+
+### 7.2.2. 修改用户
+
+```
+./postfixadmin-cli mailbox update list@linx-info.com --password rocky123 --password2 rocky123 --quota 2000 --name list (可以对指定用户的密码，限制大小，别名进行修改)
+```
+
+### 7.2.3. 删除用户（针对老同事离职）
+
+```
+./postfixadmin-cli mailbox delete "libai@linx-info.com" (删除用户邮箱)
+#删除别名成员中删除离职的同事。
+```
+
+## 7.3 管理群发的邮箱 
+
+### 7.3.1 对别名all@linx-info.com进行管理
+
+通过对别名all@linx-info.com添加或删除，实现对群发邮箱的管理
+
+```
+浏览器输入https://postfixadmin.linx-info.com(帐号admin@linx-info.com密码rocky123)登入进行管理
+
+点击虚拟用户清单，在别名项里点击all@linx-info.com行中有编辑，然后进行添加或删除对应的邮箱
+```
+
+![邮件群发管理](./pic/24邮件群发管理.png)
+
+# 8 问题汇总
+
+## 8.1 确认安全例外
+
+1. 由于证书过期，目前使用服务器证书，使用时需要确认安全例外．对发件服务和收件服务均需要确认安全例外
+
+2. 测试方法，给自己发邮件，在发送和接收时都会弹出确认安全例外的窗口，点击确认即可，确认安全例外后检测是否正常发收邮件
+
+3. 有些用户的用户不能自动弹出，需要重启客户端，然后安装1,2步骤进行测试
+
+## 8.2 邮件客户端原有文件夹不显示
+
+1. 有些用户收件箱中的子文件夹不显示，需要订阅一下
+
+2. 可以通过网页进行文件夹管理,登录mail.linx-info.com
+
+3. 点击右上角设置，点击左侧文件夹管理
+
+4. 在文件夹管理中选择需要显示的文件夹
+
+5. 也可在邮件客户端自己查找相关功能
+
+## 8.3 商务部门外网发送异常
+
+1. 商务部门使用outlook进行发件，发送至外网的邮件会被退信
+
+2. 调试了基本配置，发现没有问题
+
+3. 安装虚拟机，软件环境测试
+
+4. 发件正常，怀疑是配置问题且与网络相关
+
+5. 无法发送外网(应将所有需要转发的网段加入mynetworks)
+
+```
+vi /etc/postfix/main.cf
+mynetworks = 127.0.0.0/8 127.0.0.1 172.17.201.0/24 172.16.0.0/24 172.31.255.0/24 172.16.3.0/24
+```
+
+6. 原有邮件服务器配置mynetworks = 127.0.0.0/8,172.16.0.0/24(不清楚为什么没有被退信)
+
+## 8.4 成都gitlab自动发件功能失效
+
+1. 经排查发现邮件服务器上没有相关的邮箱
+
+2. 成都方面说通过重启路由器恢复正常
+
+
+# 9 参考网址
+
+```
+http://www.javashuo.com/content/p-5123204.html
+https://bbs.aliyun.com/read/300051.html
+https://www.rosehosting.com/blog/setup-and-configure-a-mail-server-with-postfixadmin/
+```
+
+# 10 存档
+
+[文档存档](../搭建文档存档/)
+
+[配置软件包存档](../配置软件包存档/)
diff --git a/mail-doc/搭建文档存档/公司邮箱服务器搭建手册.md.odt b/mail-doc/搭建文档存档/公司邮箱服务器搭建手册.md.odt
new file mode 100644
index 0000000..2ed67e3
Binary files /dev/null and b/mail-doc/搭建文档存档/公司邮箱服务器搭建手册.md.odt differ
diff --git a/mail-doc/搭建文档存档/公司邮箱服务器搭建手册.md.pdf b/mail-doc/搭建文档存档/公司邮箱服务器搭建手册.md.pdf
new file mode 100644
index 0000000..5daf422
Binary files /dev/null and b/mail-doc/搭建文档存档/公司邮箱服务器搭建手册.md.pdf differ
diff --git a/mail-doc/配置软件包存档/mail搭建公司邮箱.tar.gz b/mail-doc/配置软件包存档/mail搭建公司邮箱.tar.gz
new file mode 100644
index 0000000..ef3c572
Binary files /dev/null and b/mail-doc/配置软件包存档/mail搭建公司邮箱.tar.gz differ