The (Almost) Perfect Setup - Debian Sarge (3.1) On A Strato Dedicated-Server (With ISPConfig) - Page 2

STEP 7 - Install and configure bind9 the DNS-Server

apt-get install bind9

/etc/init.d/bind9 stop
  • open and edit the file /etc/default/bind9 to:
OPTIONS="-u bind -t /var/lib/named"
  • run the following steps:
mkdir -p /var/lib/named/etc

mkdir /var/lib/named/dev

mkdir -p /var/lib/named/var/cache/bind

mkdir -p /var/lib/named/var/run/bind/run

mv /etc/bind /var/lib/named/etc

ln -s /var/lib/named/etc/bind /etc/bind

mknod /var/lib/named/dev/null c 1 3

mknod /var/lib/named/dev/random c 1 8

chmod 666 /var/lib/named/dev/null /var/lib/named/dev/random

chown -R bind:bind /var/lib/named/var/*

chown -R bind:bind /var/lib/named/etc/bind
  • open and edit the file /etc/init.d/sysklogd. But only the line SYSLOGD="" to:
SYSLOGD="-a /var/lib/named/dev/log"
  • run the following steps:
/etc/init.d/sysklogd restart

/etc/init.d/bind9 start
  • open and check the file /var/log/syslog for any errors in the last few lines.

STEP 8 - Install and configure MySQL

apt-get install mysql-server mysql-client libmysqlclient12-dev

mysqladmin -u root password replacethiswithyourrootmysqlpassword

netstat -tap

Now you should see something like:

tcp 0 0 localhost:mysql *:* LISTEN 3133/mysqld

STEP 9 - Install and configure Postfix the mail-server with POP3/IMAP

  • run the following steps:
apt-get install postfix postfix-tls procmail libsasl2 sasl2-bin libsasl2-modules ipopd-ssl uw-imapd-ssl (all in one line!)

Answer the questions in following steps:

  • yes
  • pop3 and pop3s
  • no
  • imap2/imaps
  • no
  • Internet Site
  • NONE
  • h12345.serverkompetenz.net
  • h12345.serverkompetenz.net, localhost.serverkompetenz.net, localhost
  • no
  • 127.0.0.0/8
  • 0
  • +
  • yes



Run the following steps:

postconf -e 'smtpd_sasl_local_domain ='

postconf -e 'smtpd_sasl_auth_enable = yes'

postconf -e 'smtpd_sasl_security_options = noanonymous'

postconf -e 'broken_sasl_auth_clients = yes'

postconf -e 'smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination'

postconf -e 'inet_interfaces = all'

echo 'pwcheck_method: saslauthd' >> /etc/postfix/sasl/smtpd.conf

echo 'mech_list: plain login' >> /etc/postfix/sasl/smtpd.conf

For secure email-transport run the following steps:

mkdir /etc/postfix/ssl

cd /etc/postfix/ssl/

openssl genrsa -des3 -rand /etc/hosts -out smtpd.key 1024

chmod 600 smtpd.key

openssl req -new -key smtpd.key -out smtpd.csr

openssl x509 -req -days 3650 -in smtpd.csr -signkey smtpd.key -out smtpd.crt

openssl rsa -in smtpd.key -out smtpd.key.unencrypted

mv -f smtpd.key.unencrypted smtpd.key

openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -days 3650

answer all the questions

postconf -e 'smtpd_tls_auth_only = no'

postconf -e 'smtp_use_tls = yes'

postconf -e 'smtpd_use_tls = yes'

postconf -e 'smtp_tls_note_starttls_offer = yes'

postconf -e 'smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key'

postconf -e 'smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt'

postconf -e 'smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem'

postconf -e 'smtpd_tls_loglevel = 1'

postconf -e 'smtpd_tls_received_header = yes'

postconf -e 'smtpd_tls_session_cache_timeout = 3600s'

postconf -e 'tls_random_source = dev:/dev/urandom'



/etc/init.d/postfix restart



mkdir -p /var/spool/postfix/var/run/saslauthd
  • open and edit the file /etc/default/saslauthd that it looks like this:
# This needs to be uncommented before saslauthd will be run automatically
START=yes
PARAMS="-m /var/spool/postfix/var/run/saslauthd -r"
# You must specify the authentication mechanisms you wish to use.
# This defaults to "pam" for PAM support, but may also include
# "shadow" or "sasldb", like this:
# MECHANISMS="pam shadow"
MECHANISMS="pam"
  • open and edit the PIDFILE-Entry in file /etc/init.d/saslauthd that it looks like this:
PIDFILE="/var/spool/postfix/var/run/${NAME}/saslauthd.pid"

Run the following step:

/etc/init.d/saslauthd start

Create the new file /etc/c-client.cf with following content:

I accept the risk

set disable-plaintext 0

Run the following few steps:

/etc/init.d/inetd restart

telnet localhost 25

quit

If you can see the lines

250-STARTTLS

250-AUTH LOGIN PLAIN

everything is fine.

STEP 10 - Install and configure Courier for Maildir-support

Run the following step:

apt-get install courier-imap courier-imap-ssl courier-pop courier-pop-ssl

Answer the questions in following steps:

  • no
  • Maildir (ok)
  • OK

Run the following steps:

postconf -e 'home_mailbox = Maildir/'

postconf -e 'mailbox_command ='

/etc/init.d/postfix restart

Don´t forget to enable the Maildir-Support in ISPConfig-Menu !

Share this page:

1 Comment(s)