The (Almost) Perfect Setup - Debian Sarge (3.1) On A Strato Dedicated-Server (With ISPConfig) - Page 2

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Submitted by TobiasTM (Contact Author) (Forums) on Fri, 2006-07-14 14:03. ::

STEP 7 - Install and configure bind9 the DNS-Server

apt-get install bind9

/etc/init.d/bind9 stop

  • open and edit the file /etc/default/bind9 to:
    • OPTIONS="-u bind -t /var/lib/named"
  • run the following steps:

    • mkdir -p /var/lib/named/etc

    mkdir /var/lib/named/dev

    mkdir -p /var/lib/named/var/cache/bind

    mkdir -p /var/lib/named/var/run/bind/run

    mv /etc/bind /var/lib/named/etc

    ln -s /var/lib/named/etc/bind /etc/bind

    mknod /var/lib/named/dev/null c 1 3

    mknod /var/lib/named/dev/random c 1 8

    chmod 666 /var/lib/named/dev/null /var/lib/named/dev/random

    chown -R bind:bind /var/lib/named/var/*

    chown -R bind:bind /var/lib/named/etc/bind

  • open and edit the file /etc/init.d/sysklogd. But only the line SYSLOGD="" to:
    • SYSLOGD="-a /var/lib/named/dev/log"
  • run the following steps:

    • /etc/init.d/sysklogd restart

    /etc/init.d/bind9 start

  • open and check the file /var/log/syslog for any errors in the last few lines.

    • STEP 8 - Install and configure MySQL

    apt-get install mysql-server mysql-client libmysqlclient12-dev

    mysqladmin -u root password replacethiswithyourrootmysqlpassword

    netstat -tap

    Now you should see something like:

    tcp 0 0 localhost:mysql *:* LISTEN 3133/mysqld

    STEP 9 - Install and configure Postfix the mail-server with POP3/IMAP

  • run the following steps:

    • apt-get install postfix postfix-tls procmail libsasl2 sasl2-bin libsasl2-modules ipopd-ssl uw-imapd-ssl (all in one line!)

    Answer the questions in following steps:
  • yes
  • pop3 and pop3s
  • no
  • imap2/imaps
  • no
  • Internet Site
  • NONE
  • h12345.serverkompetenz.net
  • h12345.serverkompetenz.net, localhost.serverkompetenz.net, localhost
  • no
  • 127.0.0.0/8
  • 0
  • +
  • yes


    • Run the following steps:

    postconf -e 'smtpd_sasl_local_domain ='

    postconf -e 'smtpd_sasl_auth_enable = yes'

    postconf -e 'smtpd_sasl_security_options = noanonymous'

    postconf -e 'broken_sasl_auth_clients = yes'

    postconf -e 'smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination'

    postconf -e 'inet_interfaces = all'

    echo 'pwcheck_method: saslauthd' >> /etc/postfix/sasl/smtpd.conf

    echo 'mech_list: plain login' >> /etc/postfix/sasl/smtpd.conf

    For secure email-transport run the following steps:

    mkdir /etc/postfix/ssl

    cd /etc/postfix/ssl/

    openssl genrsa -des3 -rand /etc/hosts -out smtpd.key 1024

    chmod 600 smtpd.key

    openssl req -new -key smtpd.key -out smtpd.csr

    openssl x509 -req -days 3650 -in smtpd.csr -signkey smtpd.key -out smtpd.crt

    openssl rsa -in smtpd.key -out smtpd.key.unencrypted

    mv -f smtpd.key.unencrypted smtpd.key

    openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -days 3650

    answer all the questions

    postconf -e 'smtpd_tls_auth_only = no'

    postconf -e 'smtp_use_tls = yes'

    postconf -e 'smtpd_use_tls = yes'

    postconf -e 'smtp_tls_note_starttls_offer = yes'

    postconf -e 'smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key'

    postconf -e 'smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt'

    postconf -e 'smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem'

    postconf -e 'smtpd_tls_loglevel = 1'

    postconf -e 'smtpd_tls_received_header = yes'

    postconf -e 'smtpd_tls_session_cache_timeout = 3600s'

    postconf -e 'tls_random_source = dev:/dev/urandom'



    /etc/init.d/postfix restart



    mkdir -p /var/spool/postfix/var/run/saslauthd

  • open and edit the file /etc/default/saslauthd that it looks like this:
    • # This needs to be uncommented before saslauthd will be run automatically
START=yes
PARAMS="-m /var/spool/postfix/var/run/saslauthd -r"
# You must specify the authentication mechanisms you wish to use.
# This defaults to "pam" for PAM support, but may also include
# "shadow" or "sasldb", like this:
# MECHANISMS="pam shadow"
MECHANISMS="pam"
  • open and edit the PIDFILE-Entry in file /etc/init.d/saslauthd that it looks like this:
    • PIDFILE="/var/spool/postfix/var/run/${NAME}/saslauthd.pid"

    Run the following step:

    /etc/init.d/saslauthd start

    Create the new file /etc/c-client.cf with following content:

    I accept the risk

    set disable-plaintext 0

    Run the following few steps:

    /etc/init.d/inetd restart

    telnet localhost 25

    quit

    If you can see the lines

    250-STARTTLS

    250-AUTH LOGIN PLAIN

    everything is fine.

    STEP 10 - Install and configure Courier for Maildir-support

    Run the following step:

    apt-get install courier-imap courier-imap-ssl courier-pop courier-pop-ssl

    Answer the questions in following steps:
  • no
  • Maildir (ok)
  • OK
    • Run the following steps:

    postconf -e 'home_mailbox = Maildir/'

    postconf -e 'mailbox_command ='

    /etc/init.d/postfix restart

    Don´t forget to enable the Maildir-Support in ISPConfig-Menu !

    up

    Copyright © 2006 Tobias Groebe
    All Rights Reserved.
    add comment | view as pdf view as pdf | print: this | all page(s) |
    Please do not use the comment function to ask for help! If you need help, please use our forum.
    Comments will be published after administrator approval.
    Command missing at the end of STEP 9
    Submitted by goldstift (registered user) on Mon, 2007-02-26 11:54.

    Hi there,

     first of all "thanks for the nice tutorial".

    I'm afraid your tutorial lacks a point. When you check authentication method is supported at the end fo STEP 9, the information about the methods is just printed out, when you type

    ehlo localhost

     Don't mind. Just got it, when I compared yours to the tutorial done by Falko.

    Once again thanks a lot.

    Bye ,

    goldstift

    reply | view as pdf view as pdf
    Sponsored Links: Unified Communications: Thoughts, Strategies and Predictions
    Join the discussion.
    www.seamlessenterprise.com

    IP Convergence
    Integrate your wireless and wireline networks.
    Learn how from the experts at Sprint.
    www.seamlessenterprise.com

    Wireless & Wireline Integration
    Thoughts, strategies and solutions: join the discussion
    www.seamlessenterprise.com

    Unified Communications 2009
    Join the Discussion. Now.
    www.seamlessenterprise.com