The (Almost) Perfect Setup - Debian Sarge (3.1) On A Strato Dedicated-Server (With ISPConfig) - Page 2
STEP 7 - Install and configure bind9 the DNS-Server
apt-get install bind9
/etc/init.d/bind9 stop
- open and edit the file /etc/default/bind9 to:
OPTIONS="-u bind -t /var/lib/named"
- run the following steps:
mkdir -p /var/lib/named/etc
mkdir /var/lib/named/dev
mkdir -p /var/lib/named/var/cache/bind
mkdir -p /var/lib/named/var/run/bind/run
mv /etc/bind /var/lib/named/etc
ln -s /var/lib/named/etc/bind /etc/bind
mknod /var/lib/named/dev/null c 1 3
mknod /var/lib/named/dev/random c 1 8
chmod 666 /var/lib/named/dev/null /var/lib/named/dev/random
chown -R bind:bind /var/lib/named/var/*
chown -R bind:bind /var/lib/named/etc/bind
- open and edit the file /etc/init.d/sysklogd. But only the line SYSLOGD="" to:
SYSLOGD="-a /var/lib/named/dev/log"
- run the following steps:
/etc/init.d/sysklogd restart
/etc/init.d/bind9 start
- open and check the file /var/log/syslog for any errors in the last few lines.
STEP 8 - Install and configure MySQL
apt-get install mysql-server mysql-client libmysqlclient12-dev
mysqladmin -u root password replacethiswithyourrootmysqlpassword
netstat -tap
Now you should see something like:
tcp 0 0 localhost:mysql *:* LISTEN 3133/mysqld
STEP 9 - Install and configure Postfix the mail-server with POP3/IMAP
- run the following steps:
apt-get install postfix postfix-tls procmail libsasl2 sasl2-bin libsasl2-modules ipopd-ssl uw-imapd-ssl (all in one line!)
Answer the questions in following steps:
- yes
- pop3 and pop3s
- no
- imap2/imaps
- no
- Internet Site
- NONE
- h12345.serverkompetenz.net
- h12345.serverkompetenz.net, localhost.serverkompetenz.net, localhost
- no
- 127.0.0.0/8
- 0
- +
- yes
Run the following steps:
postconf -e 'smtpd_sasl_local_domain ='
postconf -e 'smtpd_sasl_auth_enable = yes'
postconf -e 'smtpd_sasl_security_options = noanonymous'
postconf -e 'broken_sasl_auth_clients = yes'
postconf -e 'smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination'
postconf -e 'inet_interfaces = all'
echo 'pwcheck_method: saslauthd' >> /etc/postfix/sasl/smtpd.conf
echo 'mech_list: plain login' >> /etc/postfix/sasl/smtpd.conf
For secure email-transport run the following steps:
mkdir /etc/postfix/ssl
cd /etc/postfix/ssl/
openssl genrsa -des3 -rand /etc/hosts -out smtpd.key 1024
chmod 600 smtpd.key
openssl req -new -key smtpd.key -out smtpd.csr
openssl x509 -req -days 3650 -in smtpd.csr -signkey smtpd.key -out smtpd.crt
openssl rsa -in smtpd.key -out smtpd.key.unencrypted
mv -f smtpd.key.unencrypted smtpd.key
openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -days 3650
answer all the questions
postconf -e 'smtpd_tls_auth_only = no'
postconf -e 'smtp_use_tls = yes'
postconf -e 'smtpd_use_tls = yes'
postconf -e 'smtp_tls_note_starttls_offer = yes'
postconf -e 'smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key'
postconf -e 'smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt'
postconf -e 'smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem'
postconf -e 'smtpd_tls_loglevel = 1'
postconf -e 'smtpd_tls_received_header = yes'
postconf -e 'smtpd_tls_session_cache_timeout = 3600s'
postconf -e 'tls_random_source = dev:/dev/urandom'
/etc/init.d/postfix restart
mkdir -p /var/spool/postfix/var/run/saslauthd
- open and edit the file /etc/default/saslauthd that it looks like this:
# This needs to be uncommented before saslauthd will be run automatically START=yes PARAMS="-m /var/spool/postfix/var/run/saslauthd -r" # You must specify the authentication mechanisms you wish to use. # This defaults to "pam" for PAM support, but may also include # "shadow" or "sasldb", like this: # MECHANISMS="pam shadow" MECHANISMS="pam"
- open and edit the PIDFILE-Entry in file /etc/init.d/saslauthd that it looks like this:
PIDFILE="/var/spool/postfix/var/run/${NAME}/saslauthd.pid"
Run the following step:
/etc/init.d/saslauthd start
Create the new file /etc/c-client.cf with following content:
I accept the risk
set disable-plaintext 0
Run the following few steps:
/etc/init.d/inetd restart
telnet localhost 25
quit
If you can see the lines
250-STARTTLS
250-AUTH LOGIN PLAIN
everything is fine.
STEP 10 - Install and configure Courier for Maildir-support
Run the following step:
apt-get install courier-imap courier-imap-ssl courier-pop courier-pop-ssl
Answer the questions in following steps:
- no
- Maildir (ok)
- OK
Run the following steps:
postconf -e 'home_mailbox = Maildir/'
postconf -e 'mailbox_command ='
/etc/init.d/postfix restart
Don´t forget to enable the Maildir-Support in ISPConfig-Menu !