hul sovannaroth pang da tip saroth · pdf filehome work structure server a: - webmail (https...


Upload: lengoc

Post on 18-Feb-2018




0 download






Contents I. Server C configuration (Debian) ............................................................................................................ 4

II. Server A configuration (CentOS) ......................................................................................................... 15

� IP configuration on server A ........................................................................................................... 15

� Webmail .......................................................................................................................................... 18

� Configure DNS ............................................................................................................................. 18

� Install and configure squirrelmail ............................................................................................... 23

� Create Virtual host ...................................................................................................................... 28

� Postfix .............................................................................................................................................. 31

� Install and configure posfix ......................................................................................................... 31

� SMTP authentication and POP3s ................................................................................................ 33

� Dovecot ........................................................................................................................................... 38

� Install and configure dovecot ..................................................................................................... 38

� Fetchmail ......................................................................................................................................... 42

Antivirus ...................................................................................................................................................... 43

III. Server B configuration (Debian) .......................................................................................................... 47

� DNS .................................................................................................................................................. 47

� Postfix .............................................................................................................................................. 52

� Dovecot ........................................................................................................................................... 59

� Squirrelmail ..................................................................................................................................... 64

� POP3S .............................................................................................................................................. 75

� IMAPs .............................................................................................................................................. 80

� SMTP authentication....................................................................................................................... 87

� SMTP authentication on squirrelmail ............................................................................................. 91

IV. Server D configuration (ubuntu) ......................................................................................................... 96

� Configure DSN ................................................................................................................................. 96

� Configure postfix ........................................................................................................................... 101

� Configure dovecot ......................................................................................................................... 103

� Configure SMTP authentication .................................................................................................... 106

� Configure squirrelmail................................................................................................................... 110

V. Send mail to each server ................................................................................................................... 124

Home work structure

Server A: - Webmail (https is optional) - Postfix (Authenticate and verify sender address, pop3s and imaps) - Dovecot - Fetchmail - Anti-Virus Server B: - Postfix (Authenticate and verify sender address, pop3s and imaps) - Dovecot - Anti-Virus Server C: - Internet Server D: - Webmail (https is optional) - Postfix (Authenticate and verify sender address, pop3s and imaps) - Dovecot - Anti-Virus

I. Server C configuration (Debian) Server C is DNS public, so we need to configure DNS on this server in order to allow each server

communicate to each other by name

Configure IP address on server in the following file

Configure DNS client on server C

Install services bind9 on DNS public

Add configuration to file named.conf

Create file reverse and forward lookup zone

Configure file reverse lookup zone

Configure file forward lookup zone

Configure forwarder on file named.conf.options

Test resolve in local

Test resolve to external

Add DNS record for server A

Create forward lookup zone and then configure this zone

Add server A record to file reverse lookup zone


Add DNS record for server B

Create and configure file forward lookup zone for server B

Add record in reverse lookup zone for server B

Test server B

Add DNS record for server D

Create and configure file forward lookup zone for server D

Configure file reverse lookup zone for server D

Test server D

II. Server A configuration (CentOS)

� IP configuration on server A

Change hostname computer: vi /etc/sysconfig/network


Configure ip address Longing by user root: setup

Select Network configuration

Select Network interface

Configure statice ip or DHCP

Save configuration

Configure dns name on computer

Vi /etc/resove.conf

Search :domain name, nameserver : ip address of dom

Show configure on Ethernet: ifconfig eth0

Client access internet

� Webmail

� Configure DNS

Install bind: yum –y install bind

Package: bind-chroot, bind-util, bind-lib, bind

Copleter install package

Bind information

Configure ip domain:

File configuration bind: vi /etc/name.conf and write configration

Configure file: forward and reverse in /var/named/master

Configure file: forward zone: vi /var/named/master/

Configure file revers zone: vi/var/named/master/

Configure domain name: vi /etc/resolv.conf

Testing configuration bind: tail –f /var/log/messege

Nslookup domain: nslookup domain name

� Install and configure squirrelmail

Remove default set mail: yum –y remove sendmail

Install squiremail: yum –y install squirrelmail

Package installation:

Squirrel mail: Install for dependencies

php-mbstring: update for dependencies

Configure squirrelmail : /usr/share/squirrelmail/config/

Select(1) for organization preferences

Select (1) for organization Name

Type squirrelmail name: for access

Select (r): agree to rename squirrelmail’s name

Select (2): save change configuration

Select (3) for chose sendmail or SMTP

Select (2): chose SMTP

Select (q): for exit configuration

� Create Virtual host

Vi /etc/httpd/conf/httpd.conf

NamevirtualHost : ipaddress of webserver ServerAdmin : user admind on webmail DoccumentRoot : location store root database Servername : Address for access webmail

Create CNAME

Vim /var/named/master/ : file forwardzone on DNS server

Create CNAME of webmail

Testing this webmail : It resolve by DNS server

Access webmail by name

Change picture on squirrelmail logo

/usr/share/squirrelmail/config/ : database store file image on squirrelmail

Type (1) : Organize Preferences

Type (2) : for organize Logo

Copy file image to the /usr/share/squirrelmail/images Type file image name on [../images/sm_logo.png] : ../images/name’s file picture

Squit and save configuration: q and y

� Postfix

Remove sendmail: yum –y remove sendmail

� Install and configure posfix

Yum –y postfix

Configure postfix File configuration: Vi /etc/postfix/

Configure parameter common:

myhostname: is the host name of the system (i.e, the system is called mail or

mydomain: is the domain name for the email server (it can be a real or fake domain name).

myorigin: is the domain name that locally-posted email appears to have come from and is delivered to.

inet_interfaces: sets the network interfaces that Postfix can receive mail on. These need to include at least localhost and the local domain.

mydestination: is the list of domains that will be delivered to (i.e, this server is the final destination for email addressed to these domains).

Add user mail

Create user with home directory: Add user: Useradd –m username

Password: Password username

Restart postfix: rcpostfix restart telnet connection : telnet hostname/ip address port number telnet LanA 25

View mail log: for show Date /time connection mail

� SMTP authentication and POP3s

Authentication verify sender address

Restart service saslauthd: Install service cyurs-sasl-plain

Add parameter for verify sender address: vi /etc/postfix/

Restart service postfix and saslauthd

Testing Telnet smtp protocol

Configure Microsoft outlook client

Require authentication user send mail

Testing pop3 and smtp protocol


Create key like the following

Edit file dovecot.conf

Restart dovecot

Client need to configure ssl

Success configure POP3s

� Dovecot

� Install and configure dovecot

Yum –y install dovecot

File configure: vi /etc/dovecot.conf

Common parameter: protocols: specifies the protocols available to users to access their email. Dovecot supports imap(s) and

pop3(s), and any or all may be used.

Restart service: rcdovecot restart or /etc/init.d/dovecot restart

Testing protocol POP3: 110 (telnet ip address or hostname port )

Configure username: name user webmail Incoming and outgoing mail server: IP address or name webmail server

Testing Sent and receive mail

Testing user sent mail

User can set and receive mail

� Fetchmail

Install service Fetchmail Yum –y install Fetchmail

Completed installation

Create file download in home user cd /home/username

Create file download: vi ./fetchmailrc

Configuration download mail.

Pool: ip address mail server store mail for eacher server download Proto: protocol use for download User: user store mail box for each user Pass: password user download mail Is : user download mail from mail box server Keep: store mail in mail box webmail server


Install and configuration clamav

Location used to find location download: cd /etc/yum.repos.d

Website address for download package: wget

Install clamav: yum install clamav

Install service clamd: yum –y clamd

Install clamav-devel : yum –y install clamav-devel

Scan virus: clamscan

Update clame: freshclam

III. Server B configuration (Debian)

IP configuration on server B

Eth0 is connect to LAN and Eth1 is connect to wan


Install bind

Configure file named.conf

Create zone

Configure file reverse lookup zone

Configure file forward lookup zone

Configure DNS client on file /etc/resolv.conf

Restart bind and testing

Configure forwarder to DNS public

Restart bind and test resolve name to external

� Postfix

Install services postfix

Select type of package that we need for postfix

Postfix configuration

Restart postfix and we could edit postfix in configuration file /etc/postfix

I want full configuration of, so I need to replace file /etc/postfix / by


Change important parameters for our mail server in configuration file /etc/postfix/

Change myorigin and inet_interfaces

Change my destination

Change local recipient

Add our network

Uncomment alias_maps and alias_database

Uncomment home_mailbox

Enable Header and body check

Enable smtpd_banner

Uncomment and comment the following parameter

Add mail box limite

Restart postfix

� Dovecot

Install package for dovecot

Configure dovecot on file /etc/dovecot/dovecot.conf

Enable mail location

Add login to the following parameter

Enable socket listen and other following parameter

Restart dovecot

Test client

Create user for login mail

Configure with Outlook

Select yes to configure account

Choose manually configure

Choose internet Email

Configure user account and other configuration

Success send receive email from postfix and dovecot

� Squirrelmail

Install services apache2

Restart apache2

Install PHP5 and other services for squirrelmail

Install squirrelmail by using the following command line

File configuration of squirrelmail

Run this command for configure squirrelmail

After enter above command line we will reach the squirrelmail configuration, so we could configure

squirrel mail by follow following

• Enter 1 -> Enter 1 -> write Domain Name: Ex:> s -> Enter -> r

• Enter 2 -> Enter 1 -> write Domain Name: Ex:

• Enter 2 -> Enter a -> Enter 4 -> write DNS IP Ex:

• Enter 2 -> Enter b -> Enter 4 -> write DNS IP Ex: -> s -> enter-> r

• Enter 2 -> Enter a -> Enter 8 -> write: dovecot -> s -> Enter -> r

• Enter 3 -> Enter 3 -> write: Trash

• Enter 3 -> Enter 4 -> write: Sent

• Enter 3 -> Enter 5 -> write: Drafts -> s -> Enter -> r

And after Ctrl + C

Create directory “data and attach” and give permission

Add following line in the file /etc/apache2/apache2.conf

Restart services bind9

Access web mail from client by using http://serverIP/squirrelmail

Success logon to mail

Test sends mail to other user

Logon web mail with other user

Success receive mail from other user

Configure virtual host

Comment parameter that we add at the moment

Configure virtual host in the path /etc/apache2/sites-enabled

Copy files 000-default to

Add the following configuration to our Virtual host file

Enable virtual host on file /etc/apach2/ports.conf

Enable virtual host

Add CNAME to zone file

Restart bind9 and test CNAME

Restart postfix, apache2 and dovecot

Test client access to web mail by using virtual name

Success log on to web mail


Generate certificate

Create certificate

Enable ssl

Tell dovecot the path that we store key

Enable protocol pop3s

Restart dovecot

Testing with default pop3 port

Result testing

Configure pop3s

Success download mail


Add this file to

Uncommand these following line

Enable ssl on file /etc/dovecot/dovecot.conf

Enable protocol Imaps

Restart postfix and dovecot

Error log on webmail by using imap

Configure squirrelmail to use imaps

Type number2 for configure server settings

Type a to update IMAP settings

Type number 5 to change port IMAP to IMAPs

Type number 7 to enable TLS on IMAP

Save configuration by type s

Quite from squirrelmail configuration by type q

Restart postfix and dovecot

Logon to squirrelmail again

Success log on to squirrelmail and display mail

� SMTP authentication

Install package

Configure file /etc/default/saslauthd

File smtpd.conf

Tell postfix by file

rm -r /var/run/saslauthd/

mkdir -p /var/spool/postfix/var/run/saslauthd

ln -s /var/spool/postfix/var/run/saslauthd /var/run

chgrp sasl /var/spool/postfix/var/run/saslauthd

adduser postfix sasl

Restart postfix and saslauthd

Test without smtp authentication

Fail send mail

Success sends mail with authentication

� SMTP authentication on squirrelmail

After we configure smtp authentication on postfix we need to tell squirrelmail about that

Type this command for change setting on squirrelmail

Type 2 for change server setting

Type b for update SMTP setting

Type 7 for configure SMTP authentication any type y for agree use SMTP authentication

Configure setting like below

Save configuration by type s

Quit from squirrelmail configuration by type q

Test logon to squirrelmail again and send mail

Log on to user that we send mail to

IV. Server D configuration (ubuntu)

� Configure DSN

Command update system

Commands install service bind9

Select Y

Go to path “cd/etc/bind”, then delete file “name.conf”

Copy file “named.conf.default-zones to named.conf ”

Type command “vim named.conf”, go to edit in this file

Type zone name of your dns

Create one folder name “master ”

Copy file two “db.127 db.local” to folder master

Rename two file to name of your forwarder and reverser zone

Type command “vim 192.168.11.db ” go to edit in this file reverser zone

Edit two point in this file

Type command “vim” go to edit in file forwarder

In this file change two points

Command restart service bind9

Command put domain name on machine

Command restart service networking

Restart service bind again

Test nslookup

Configure forward to dns publish , this is path to configure forward

In this point you put ip publish that you do forward

Test nslookup google

� Configure postfix

Command installs service postfix

Type Y

Select OK

Select OK

Put name of dns

Command copy file configuration postfix

Path that edit to configure postfix

Three point that you need to edit for postfix

Command restart service postfix

� Configure dovecot

Command installs service dovecot imap and pop3

Type Y

Copy file configure dovecot

Path that configure dovecot

Some point that edit on dovecot

Command restart service dovecot

� Configure SMTP authentication

Install service sasl

Type Y

Command restart service sasl

You need to add command command to postfix for configure authentication

This is syntax that add to postfix for authentication

Restart service postfix

Create user test send receive mail

Test send receive mail on outlook

You need to cross for authentication

Select test configure

Send receive mail successful

Test send mail from user da to user root

Test sends mail from user root to user da

It successful to send and receive

� Configure squirrelmail

Install squirrelmail

Install service apache2

Type Y

Install service php5

Type Y

Configure virtual host

copy file default in /etc/apache2/sites-enabled/

Go to edit in this file

Change two point on this file

Go to edit file /etc/apache2/port.conf

Put Ip address machine dns

Command restart service apache

Add CNAME on dns server

Add CNAME for webmail

Add some point in reverse

Add CNAME for webmail

Test client can access web mail use name of webmail

Configure squirrelmail

Copy CIST_Log to machine ubuntu

Type 1 and click Enter

Type 1 and click Enter

Put Organization Name

Type 2 and click Enter

Put name of company logo that put in /usr/share/squirrelmail/images/

Type R and Click Enter

Type 2 and click Enter

Type 1 and click Enter

Put domain name

Type A and click Enter

Type 4 and click Enter

Put name of machine and domain name

Type B and click Enter

Type 4 and Click Enter

Put name machine install webmail and domain name

Type S and Click Enter

Type Q and click Enter

Restart service apache2

Test access webmail

V. Send mail to each server

Add MX record for server A on public DNS

Add MX record for serverB

Add MX record for server D

In each server such as server B we need to add each server to mydestination in file

Add destination on server A

Send mail from server B to server A

Send Item in server B

Now we logon to user1 in server A, we see one mail receive from server B