Friday, August 03, 2007

Setup a mail server that enables smtp auth function

Mail Server IP address: 192.168.1.254
OS: OpenSUSE 10

Setup procedure:

1. Setup Hostname (server1.example.com)

# vi /etc/HOSTNAME
server1.example.com
# vi /etc/hosts
192.168.1.254 server1.example.com server1

2. Setup DNS Server:

# vi /etc/named.conf
Configure:

options {
# The directory statement defines the name server's working directory
directory "/var/lib/named";
# Write dump and statistics file to the log subdirectory. The
# pathenames are relative to the chroot jail.
dump-file "/var/log/named_dump.db";
statistics-file "/var/log/named.stats";
# The forwarders record contains a list of servers to which queries
# should be forwarded. Enable this line and modify the IP address to
# your provider's name server. Up to three servers may be listed.
#forwarders { 192.0.2.1; 192.0.2.2; };
# Enable the next entry to prefer usage of the name server declared in
# the forwarders section.
#forward first;
# The listen-on record contains a list of local network interfaces to
# listen on. Optionally the port can be specified. Default is to
# listen on all interfaces found on your system. The default port is
# 53.
#listen-on port 53 { 127.0.0.1; };
# The listen-on-v6 record enables or disables listening on IPv6
# interfaces. Allowed values are 'any' and 'none' or a list of
# addresses.
listen-on-v6 { any; };
# The next three statements may be needed if a firewall stands between
# the local server and the internet.
#query-source address * port 53;
#transfer-source * port 53;
#notify-source * port 53;
# The allow-query record contains a list of networks or IP addresses
# to accept and deny queries from. The default is to allow queries
# from all hosts.
#allow-query { 127.0.0.1; };
# If notify is set to yes (default), notify messages are sent to other
# name servers when the the zone data is changed. Instead of setting
# a global 'notify' statement in the 'options' section, a separate
# 'notify' can be added to each zone definition.
notify no;
};
zone "." in {
type hint;
file "root.hint";
};
zone "localhost" in {
type master;
file "localhost.zone";
};
zone "0.0.127.in-addr.arpa" in {
type master;
file "127.0.0.zone";
};
zone "example.com"
{
type master;
file "master/example.com.zone";
};


# cd /var/lib/named/master
# vi example.com.zone
Configure:

$TTL 1W

@ IN SOA server1.example.com. root.server1.example.com. (

42 ; serial (d. adams)

2D ; refresh

4H ; retry

6W ; expiry

1W ) ; minimum



IN NS server1

server1 IN A 192.168.1.254



# chown root.named example.com.zone
# rcnamed start
# chkconfig named on
# vi /etc/resolv.conf
Configure:

nameserver 192.168.1.254


3. Setup Postfix mail server and enables smtp auth function:

# vi /etc/postfix/main.cf
Configure:

queue_directory = /var/spool/postfix

command_directory = /usr/sbin

daemon_directory = /usr/lib/postfix

mail_owner = postfix

unknown_local_recipient_reject_code = 550

mynetworks = 127.0.0.0/8





debug_peer_level = 2

debugger_command =

PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin

xxgdb $daemon_directory/$process_name $process_id & sleep 5

sendmail_path = /usr/sbin/sendmail

newaliases_path = /usr/bin/newaliases

mailq_path = /usr/bin/mailq

setgid_group = maildrop

html_directory = /usr/share/doc/packages/postfix/html

manpage_directory = /usr/share/man

sample_directory = /usr/share/doc/packages/postfix/samples

readme_directory = /usr/share/doc/packages/postfix/README_FILES

inet_protocols = all

biff = no

mail_spool_directory = /var/mail

canonical_maps = hash:/etc/postfix/canonical

virtual_alias_maps = hash:/etc/postfix/virtual

virtual_alias_domains = hash:/etc/postfix/virtual

relocated_maps = hash:/etc/postfix/relocated

transport_maps = hash:/etc/postfix/transport

sender_canonical_maps = hash:/etc/postfix/sender_canonical

masquerade_exceptions = root

masquerade_classes = envelope_sender, header_sender, header_recipient

myhostname = server1.example.com

program_directory = /usr/lib/postfix

inet_interfaces = all

masquerade_domains =

mydestination = $myhostname, localhost.$mydomain

defer_transports =

disable_dns_lookups = no

relayhost =

mailbox_command =

mailbox_transport =

strict_8bitmime = no

disable_mime_output_conversion = no

smtpd_sender_restrictions = hash:/etc/postfix/access

smtpd_client_restrictions =

smtpd_helo_required = no

smtpd_helo_restrictions =

strict_rfc821_envelopes = no

smtpd_recipient_restrictions = permit_mynetworks,reject_unauth_destination

smtp_sasl_auth_enable = no

smtpd_sasl_auth_enable = no

smtpd_use_tls = no

smtp_use_tls = no

alias_maps = hash:/etc/aliases

mailbox_size_limit = 0

message_size_limit = 10240000

smtpd_sasl_auth_enable = yes

smtpd_sasl_security_options = noanonymous

broken_sasl_auth_clients = yes

smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination

# rcsaslauthd start
# chkconfig saslauthd on

# rcpostfix start
# chkconfig postfix on

4. Enable pop3 server:

# chkconfig qpopper on
# rcxinetd restart

5. Add user account:

# useradd -m lawrence
# passwd lawrence

-> Finished

No comments: