Set Up Ubuntu-Server 6.06 LTS As A Firewall/Gateway For Your Small Business Environment - Page 7

Now configure sasl authentication.

mkdir -p /var/spool/postfix/var/run/saslauthd

Now we have to edit /etc/default/saslauthd. It should look like this:

# This needs to be uncommented before saslauthd will be run automatically
START=yes
PARAMS="-m /var/spool/postfix/var/run/saslauthd -r"
# You must specify the authentication mechanisms you wish to use.
# This defaults to "pam" for PAM support, but may also include
# "shadow" or "sasldb", like this:
# MECHANISMS="pam shadow"
MECHANISMS="pam"

Next edit /etc/init.d/saslauthd and change the location of saslauthd's PID file. Change the value of PIDFILE to /var/spool/postfix/var/run/${NAME}/saslauthd.pid, so that it reads:

PIDFILE="/var/spool/postfix/var/run/${NAME}/saslauthd.pid"

Now populate your system with real users. Set the users shell to /bin/false to avoid security holes.

Next fill /etc/postfix/virtual as you like. I love Webmin for this. You can edit it directly too, of course. However, webmin does a great job.

Gotcha!: "some.domain" etc. can not equal to anything mentioned in the "mydestination" line in

/etc/postfix/main.cf

My /etc/postfix/virtual has the following structure:

some.domain	virtual domain
some.other.domain	virtual domain
some.really.other.domain	virtual domain
[email protected]		user
[email protected]	otheruser
[email protected]	user
[email protected]	otheruser
[email protected]	user
[email protected]	someoneidontlike
[email protected]	someoneidontlike [email protected]
[email protected]	differentuser	[email protected]	someoneidontlike
@some.really.other.domain		someonidontlike		[email protected]

and so on. So I only have to set an alias for root and postmaster in /etc/aliases All other aliases should be in this file. Forwarding and delivering mail to multiple addresses and so fort can (and should, I believe) be set in this file too.

Note that in this kind of setup your users can have as many aliases as they like (untill you get sick of them), but for each user you still have to add a real user, with a home directory.

Don't forget to do

postmap /etc/postfix/virtual

when you are done.

Now we want some rules for spamassassin to do a better job.

First edit /etc/MailScanner/spam.assassin.prefs.conf.

Comment out dcc_path /usr/bin/dccproc. Also comment out razor_timeout 10 and
score RCVD_IN_RSL 0.

Next do:

cd ..
wget http://www.fsl.com/support/Rules_Du_Jour.tar.gz
tar -zxvf Rules_Du_Jour.tar.gz
cd rules_du_jour
mkdir /etc/rulesdujour
cp config /etc/rulesdujour/config
cp rules_du_jour /usr/bin
cp rules_du_jour_wrapper /etc/cron.daily
/etc/cron.daily/rules_du_jour_wrapper

Next we configure the DHCP server.

Edit /etc/dhcp3/dhcpd.conf. Mine now looks like this:

# Local Network
subnet 192.168.1.0 netmask 255.255.255.0 {
	option netbios-name-servers 192.168.1.1;
	option domain-name-servers 192.168.1.1;
	option domain-name "your.domain.here";
	option broadcast-address 192.168.1.255;
	option routers 192.168.1.1;
	range 192.168.1.100 192.168.1.130;
	}

Edit /etc/default/dhcp3-server. It should read

INTERFACES=eth1

Next do:

/etc/init.d/dhcp3-server start

Next install dcc from source

cd /root
wget http://www.dcc-servers.net/dcc/source/dcc.tar.Z
gunzip dcc.tar.Z
tar -xvf dcc.tar
cd dcc*
./configure
make
make install
shutdown -r now

and wait until it is up again.

Share this page:

0 Comment(s)