The Perfect Server - Debian Squeeze (Debian 6.0) With BIND & Dovecot [ISPConfig 3] - Page 3

4 Install The SSH Server

If you didn't install an SSH server during the basic system installation, you can do it now:

apt-get install ssh openssh-server

From now on you can use an SSH client such as PuTTY and connect from your workstation to your Debian Squeeze server and follow the remaining steps from this tutorial.

 

5 Install vim-nox (Optional)

I'll use vi as my text editor in this tutorial. The default vi program has some strange behaviour on Debian and Ubuntu; to fix this, we install vim-nox:

apt-get install vim-nox

(You don't have to do this if you use a different text editor such as joe or nano.)

 

6 Configure The Network

Because the Debian Squeeze installer has configured our system to get its network settings via DHCP, we have to change that now because a server should have a static IP address. Edit /etc/network/interfaces and adjust it to your needs (in this example setup I will use the IP address 192.168.0.100) (please note that I replace allow-hotplug eth0 with auto eth0; otherwise restarting the network doesn't work, and we'd have to reboot the whole system):

vi /etc/network/interfaces

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
#allow-hotplug eth0
#iface eth0 inet dhcp
auto eth0
iface eth0 inet static
        address 192.168.0.100
        netmask 255.255.255.0
        network 192.168.0.0
        broadcast 192.168.0.255
        gateway 192.168.0.1

Then restart your network:

/etc/init.d/networking restart

Then edit /etc/hosts. Make it look like this:

vi /etc/hosts

127.0.0.1       localhost.localdomain   localhost
192.168.0.100   server1.example.com     server1

# The following lines are desirable for IPv6 capable hosts
::1     ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters

Now run

echo server1.example.com > /etc/hostname
/etc/init.d/hostname.sh start

Afterwards, run

hostname
hostname -f

It is important that both show server1.example.com now!

 

7 Update Your Debian Installation

First make sure that your /etc/apt/sources.list contains the squeeze-updates repository (this makes sure you always get the newest updates for the ClamAV virus scanner - this project publishes releases very often, and sometimes old versions stop working).

vi /etc/apt/sources.list

[...]
deb http://ftp.de.debian.org/debian/ squeeze-updates main
[...]

Run

apt-get update

to update the apt package database and

apt-get upgrade

to install the latest updates (if there are any).

 

8 Change The Default Shell

/bin/sh is a symlink to /bin/dash, however we need /bin/bash, not /bin/dash. Therefore we do this:

dpkg-reconfigure dash

Use dash as the default system shell (/bin/sh)? <-- No

 

9 Synchronize the System Clock

It is a good idea to synchronize the system clock with an NTP (network time protocol) server over the Internet. Simply run

apt-get install ntp ntpdate

and your system time will always be in sync.

Share this page:

31 Comment(s)

Add comment

Comments

From: Rasmus at: 2012-04-14 11:46:43

Great tutorial, thanks!
I followed it, except using Ubuntu 11.10, and when I was done the package dovecot-mysql was missing - resulting in not being able to login to dovecot. Just a heads ups if anyone else have that problem.

Thanks again.

From: Dr. Yves Kreis at: 2012-10-15 15:01:12
From: Dr. Yves Kreis at: 2012-10-15 15:26:54

For Ubuntu 11.10 follow the following tutorial: http://www.howtoforge.com/perfect-server-ubuntu-11.10-ispconfig-3

From: Dr. Yves Kreis at: 2012-10-28 09:43:16

Even a newer one is available by now: http://www.howtoforge.com/perfect-server-ubuntu-12.10-apache2-bind-dovecot-ispconfig-3

From: Ahmad at: 2012-07-29 07:42:24

Just feel to share the new link for downloading debian iso image cd, the above link i s not working.

for 32 bit pc:http://cdimage.debian.org/debian-cd/6.0.5/i386/iso-cd/debian-6.0.5-i386-netinst.iso

 and for 64 bit pc: http://cdimage.debian.org/debian-cd/6.0.5/amd64/iso-cd/debian-6.0.5-amd64-netinst.iso.

 

hope this helps.

 

From: Dr. Yves Kreis at: 2012-10-15 14:58:28

Better check under http://www.debian.org/distrib/netinst where you always get the latest one...

From: Anonymous at: 2012-07-28 15:31:50

deb http://ftp.de.debian.org/debian squeeze main

From: Rothbard at: 2013-03-05 09:20:49

This script will install all of the necessary programs and changes that need to be made to get ISPConfig running successfully. It uses the Perfect Server guide from Falko Timme as the guide. If you would like, you can manually install all of the things needed using the guides that he has provided. I am just trying to streamline the process.

https://github.com/dclardy64/ISPConfig-3-Debian-Installer

From: at: 2012-04-05 16:05:31

I got some warnings while installing Jailkit

insserv: warning: script 'K01jailkit' missing LSB tags and overrides
insserv: warning: script 'jailkit' missing LSB tags and overrides

so i added the the init.d-config-comment to /etc/init.d/jailkit
 
### BEGIN INIT INFO
# Provides:          jailkit
# Required-Start:    $syslog
# Required-Stop:     $syslog
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: jailkit init
# Description:
#
### END INIT INFO

 
 

From: Imam86 at: 2012-08-01 00:51:58

07-06-2012: Jailkit 2.15 released

They resolved the issues:

insserv: warning: script 'K01jailkit' missing LSB tags and overrides
insserv: warning: script 'jailkit' missing LSB tags and overrides

So the revision:

cd /tmp
wget http://olivier.sessink.nl/jailkit/jailkit-2.15.tar.gz
tar xvfz jailkit-2.15.tar.gz
cd jailkit-2.15
./debian/rules binary

cd ..
dpkg -i jailkit_2.15-1_*.deb
rm -rf jailkit-2.15*

From: bikercho at: 2012-05-25 17:28:10

To enable quota, run these commands:

touch /aquota.user /aquota.group
chmod 600 /aquota.*

mount -o remount /

From: Dr. Yves Kreis at: 2012-10-15 15:07:13

This command quotacheck -avugm creates the two files. Thus you do not need to create them on your own...

From: contrail at: 2012-07-26 00:54:33

System set up on a VPS. Could not send email. The default setting,  for inet_interfaces in the config file  in   /etc/postfix/main.cf   is   loopback-only.   In order to use the server as an outgoing email server set the line to,  inet_interfaces = all       then restart server.

 

From: Dr. Yves Kreis at: 2012-10-15 14:56:18

The default setting on Debian Squeeze is already inet_interfaces = all!

From: Anonymous at: 2012-09-04 14:05:24

You may also need to add dovecot-mysql to your apt-get list.

From: Dr. Yves Kreis at: 2012-10-15 14:54:08

There is no package dovecot-mysql in Debian Squeeze!

From: Dr. Yves Kreis at: 2012-10-28 19:03:54

Also check chapter 14 of Ubuntu 12.10 The Perfect Server for additional information regarding Apache & php (especially with ISPConfig 3.0.5 which will be released soon): http://www.howtoforge.com/perfect-server-ubuntu-12.10-apache2-bind-dovecot-ispconfig-3-p4

From: Anonymous at: 2012-12-06 19:03:35

In Debian 6;

You'll run into AUTH problems if you uncomment ( -o smtpd_tls_security_level=encrypt) if you follow the instructions (force TLS). It should be as follows:

In: /etc/postfix/master.cf

smtp      inet  n       -       -       -       -       smtpd
submission inet n       -       -       -       -       smtpd
#  -o smtpd_tls_security_level=encrypt
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#  -o milter_macro_daemon_name=ORIGINATING
smtps     inet  n       -       -       -       -       smtpd
  -o smtpd_tls_wrappermode=yes
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#  -o milter_macro_daemon_name=ORIGINATING

From: Anonymous at: 2012-12-20 04:56:28

(Install on Wheezy/Debian 7)
Also had to install this:
apt-get install dovecot-mysql dovecot-sieve

Otherwise /var/log/mailerr had lines like this:
dovecot: auth: Fatal: Unknown database driver 'mysql'
dovecot: lda: Fatal: Plugin 'sieve' not found from directory /usr/lib/dovecot/modules

From: Aleksandar at: 2013-02-10 18:04:03

On my installation phpmyadmin wasn't accessible from url so i used method similar as you explained on last chapter how to add squirrelmail to link phpmyadmin to apache

 

 cd /etc/apache2/conf.d/
ln -s ../../phpmyadmin/apache.conf phpmyadmin.conf
/etc/init.d/apache2 reload

 phpmyadmin.conf was already configured so i just needed to link it.

From: suther at: 2013-05-06 19:02:05



Why you use open Ports for Mysql. I only allow it from localhost, or if a user has ssh-access, he can tunnel mysql to local port.

With gSTM on linux its easy like 1 2 3

 

 

From: suther at: 2013-05-06 19:47:43

On my Proxmox VM, i only have one comment in fstab:

# UNCONFIGURED FSTAB FOR BASE SYSTEM

Even if i activate Quota for Proxmox-system like this: 7

vzctl set 101 --quotaugidlimit 100 --save

vzctl restart 101

fstab is still empty. How can i got quotas installed?

From: contrail at: 2012-06-25 11:17:05

In the file   jail.local

 filter = pureftpd       should be     filter = pure-ftpd   

else  fail2ban ..fails to start 

 

From: Dr. Yves Kreis at: 2012-10-15 16:34:49

Only if you want to use the default file contained in the Debian package. If you want to use the file created in this tutorial, then filter = pureftpd is correct.

From: at: 2012-08-13 00:10:59

IMPORTANT

This is very basic but important to you, and for your hosting account later to play with php script

After install and configure SquirrelMail, go to http://your_ip/webmail/src/configtest.php

 

And you will see:

ERROR: You have configured PHP not to allow short tags (short_open_tag=off). This shouldn't be a problem with SquirrelMail or any plugin coded coded according to the SquirrelMail Coding Guidelines, but if you experience problems with PHP code being displayed in some of the pages and changing setting to "on" solves the problem, please file a bug report against the failing plugin. The correct contact information is most likely to be found in the plugin documentation.

 

So please change the php configuration at these two files:

/etc/php5/apache2/php.ini

/etc/php5/cgi/php.ini

 

Find and change the value of short_open_tag from Off to On

short_open_tag=On

 

For more information, you can check here:

http://php.net/manual/en/ini.core.php#ini.short-open-tag

It's a basic php configuration, but might be the one of problems with people that use SquirreMail. 

From: Dr. Yves Kreis at: 2012-10-15 16:46:36

By default short_open_tag is set to On in both php.ini files you mention...

From: hesar at: 2011-11-16 07:30:48

Great job - precise thx for this article

From: Mika Nieminen at: 2011-12-13 20:49:06

# this text at the end off the squirrelmail.conf file made squirrelmail a bit more secure

<Directory /usr/share/squirrelmail/*>
  Deny from all
</Directory>
<Directory /usr/share/squirrelmail/images>
  Allow from all
</Directory>
<Directory /usr/share/squirrelmail/plugins>
  Allow from all
</Directory>
<Directory /usr/share/squirrelmail/src>
  Allow from all
</Directory>
<Directory /usr/share/squirrelmail/templates>
  Allow from all
</Directory>
<Directory /usr/share/squirrelmail/themes>
  Allow from all
</Directory>
<Directory /usr/share/squirrelmail/contrib>
  Order Deny,Allow
  Deny from All
  Allow from 127
  Allow from 10
  Allow from 192
</Directory>
<Directory /usr/share/squirrelmail/doc>
  Order Deny,Allow
  Deny from All
  Allow from 127
  Allow from 10
  Allow from 192
</Directory>

From: Anonymous at: 2012-12-20 04:52:27

(Install on Wheezy/Debian 7)
Also had to install:
apt-get install quota quotatool

Otherwise /var/log/ispconfig/cron.log had lines like this:
sh: repquota: command not found

From: rann at: 2013-01-21 18:20:15

Followed your Perfect Server guide for Squeeze and it went perfectly, except for the squirrelmail part. I followed this and got it working, but it's still not working for HTTPS.

Any ideas as to why?

From: at: 2013-04-21 07:34:41

Very good Job!! Thanks!!