-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
ironmantis7x wrote:
>
>
> Hey -- I am a fairly new person to linux and would like to deepen my
> skills with it. Are there any members in the Broomfield, CO area?? I am
> looking to learn how to make a linux mail server and a linux based web
> server.
>
Here is a compilation of two posted I sent to this list about a year ago:
While we're covering sendmail, here is the process I used for setting
up sendmail to send and receive email as a fully operational MTA (Main
Transport Agent) on my web/mail server on OpenBSD 4.0:
- - ------------
/etc/inetd.conf
uncomment both pop3 lines and make sure that pop3 entry is present in
/etc/services
restart- kill -HUP `cat /var/run/inetd.
- - ------------
/etc/rc.conf
confirm 'bd' before -q30m on sendmail flags line
...then change 'localhost.cf' to 'sendmail.cf'
...then comment out the sendmail line in a cron job
with command: crontab -u root -e
- - ------------
/etc/mail/virtusert
add lines for your users, example: wittig@...
...and rebuild database (instructions in file header comments)
- - ------------
/etc/mail/aliases
alias all empty fields to root, and then direct all root mail to
whoever will be handling root and all the various daemon-generated email.
- - ------------
/etc/mail/local-
add your localhost domain names, example: robertwittig.
- - ------------
/etc/ssh/sshd_
uncomment or add:
PermitRootLogin = no
MaxAuthTries = 6
This is what I did initially, and left in place, to lock up the ssh
log-in procedure from all the idiots trying to brute-force their way
in, but later I added a much more secure PF packet filter ruleset,
limiting very strictly exactly who can log in using ssh, and from
which IP address ranges.
- - ------------
As mentioned in an earlier post by me, SMTP and some other stuff has
to be set up on your page on your Registrar's website. Here is a copy
of that earlier post:
> You might want to consider becoming familiar with the Operating
> System, and then with all of the security considerations that are
> necessary to maintain a Mail Transport Agent, first.
>
> In order to properly set up sendmail, the first thing you will need to
> do is obtain a static IP address from your ISP, and permission to
> operate a server on your ISP account.
>
> If you run a server on your account without their permission, using
> one of those services that acts as a substitute for an actual static
> IP address, and your ISP catches you, they may not be very happy.
>
> Then, you will have to register a domain name, and set up your A
> record, MX record and aliases and DNS IP's on the Registrar's site.
>
> Then you will have to modify a bunch of files on your server.
>
> Those files and their locations vary for one OS and distribution to
> the next.
>
> I am only familiar with running sendmail on OpenBSD, so you will have
> to determine on your own, all of the details, how you will be setting
> up your own MTA... here is a sample tutorial:
>
> http://www.elandsys
>
>
> More important than actually getting the mailserver up and running,
> though, is setting it up and maintaining it in a secure fashion, so
> that it is not vulnerable to spammers.
>
> If a sendmail MTA is set up incorrectly, or compromised by an
> unpatched vulnerability, you could have your mailserver spewing
> literally billions of spam messages out onto the Internet.
>
> If that happens, you will have a lot of enemies and very angry people
> looking for a piece of your hide... and your ISP, looking for you to
> reimburse them, for all of the bandwidth the spammer used.
>
- --
- -wittig
http://www.robertwi
http://robertwittig
http://robertwittig
.
-----BEGIN PGP SIGNATURE---
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with CentOS - http://enigmail.
iQEVAwUBS6jidv9qkhA
88saedvbSspvLy846ou
xddbmFvmIk4zkMDuXf7
3PubhBtI49XhXCAleRc
YiiwanrPoyZrw2Z7YlM
tKl2njjFu5yEeNynp5m
=gzgl
-----END PGP SIGNATURE---
No comments:
Post a Comment