MailServer!

13 08 2008

Well, I was commissioned by my dad to install a mailserver, and I can say I have successfully done so in a day. It wasn’t easy, I got many errors, and sometimes had absolutely no idea what I was doing, but thanks to the forums I was able to get it working perfectly.

The first thing I had to do was find out what all was necessary for the mailserver. I found this great source from the Ubuntu documentation site which laid everything out nicely. I decided to use Postfix for my Mail Transfer Agent (MTA) since it is the default for Ubuntu. Nothing was terribly difficult about installing it, I just followed the default list of settings they give in the guide. One problem I did run into however, was with Comcast not allowing its customers to directly send out e-mail. They had set their service up so that their block of IP’s could not send e-mails out from their own outbound servers. They listed these IP’s on Spamhause.org. This means that if I sent an e-mail to certain addresses, depending on how strictly they followed the lists from Spamhause, the e-mails could possibly not be delivered. This ended up being a real easy fix. In /etc/postfix/main.cf, I just had to change the “relayhost = ” value to whatever Comcast’s outgoing mailserver address was. In this case, smtp.comcast.net.

Since I had no idea what I was doing to start, I felt the Mail filtering option was something I could add later when I had the server working perfectly. So I skipped over that section and to the Mail Delivery Agent (MDA). For that, I chose Dovecot, since they say it was written primarily with security in mind. From the choices of Protocols, POP3, POP3S, IMAP, and IMAPS, I chose IMAP and IMAPS. There was really no specific reason for this, I read on wikipedia that they were all pretty much the same, IMAPS and POP3S just being more secure. For the choice of mailboxes, I went with Maildir instead of the default mbox. This was because they explained Maildir as saving each individual e-mail to its own file. This reduces the chance of accidentally losing an e-mail, because the files are never modified. With mbox however, each file may contain several e-mails, and so that means the files are modified to write new e-mails to them.

I must say that I did not know anything about either OpenWebmail or SquirrelMail. I just chose one quickly. I am not too impressed with SquirrelMail which I am currently using. It’s kind of ugly and that makes it hard to look at. I just read over OpenWebMail and am considering using that just because you simply download and it’s ready, and looking at the screenshots, it looks a lot nicer.

These are all of the problems I ran into installing this server. Everything works perfectly for me now. I know the forums helped me a lot, and without people replying to my threads there, I’d probably still be stuck. The guide which I linked to at the very beginning of this post was a really big help too. Every step is spot on, and really that’s the only reason I even knew which direction I needed to go.

Advertisements




Let’s kick things off (VSFTPD)

8 08 2008

To start:
~Everything is installed on a Dell PowerEdge 2850 web server
~I installed Ubuntu 8.04 LTS Server Edition. You can download or request a CD be sent to you for free at http://www.ubuntu.com
~I plan on making this a ftp, LAMP, print, and mail server.

After downloading and installing Ubuntu, I thought it would be a good idea to install some sort of GUI, since I am not very knowledgeable in command line operating systems, and I did not feel like spending all the time learning. I decided to go with kubuntu. To install this I just had to enter the command:

sudo apt-get install kubuntu-desktop

Now that I had a GUI, it was time to get started. I figured the easiest thing to do would be to install the ftp client. It seemed pretty basic, and would allow me to back up other computers onto the server right away. I decided to go with vsftpd as this was said to be a reliable and light yet flexible client. To install this I entered the following command.

sudo apt-get install vsftpd

After a long time of trying to customize the config file myself, I was at the end of my fuse. I knew there had to be an easier way. So I searched a little bit on the internet and came accross Webmin. You can read more about what it is on the website, but basically it’s an easy way to manage various aspects of your server. This was pretty much exactly what I was looking for. I downloaded and installed it using this site as a guide.

Now that I had Webmin installed, I noticed it did not come with a module for vsftpd. Luckily someone had made one. Using this site as a guide, I was able to get it up and running.

The issue I was having with vsftpd was with security. I knew there were ways to lock users to their own folders and to create virtual users and all that, but I just could not figure it out. The Webmin module helped me figure that out to some degree. I was able to jail all users to their home directories, but I was never able to figure out how to create the virtual users, and from what I could tell, the module was no help whatsoever. So I decided to not worry so much about the virtual part, and just create local users. So I went into Webmin, and clicked System>>Users and Groups, and selected create new a new user. I noticed vsftpd had already created a user called virtual belonging to a group it had also created, also aptly named virtual. So I figured the “virtual” group had all the right settings. I created my own users and specified where their home directories were to be at. Logins from different machines proved successful, and users were not allowed outside their directories. Everything was great.

The next thing I decided to tackle was VNC. Since I am leaving for school the 14th, I figured I probably wouldn’t be done with this server before then, so I thought it would be nice to be able to work on it remotely from about 760 miles away. The VNC which was already loaded on the system required you to send out an invitation to whomever you wanted to connect to the server. This invitation is only valid for one hour or one login, whichever comes first. So this would require someone to send me an invitation everytime I wanted to work on the server, one phone call and hassle too much. So I looked a little, and found a client which could be started from the terminal. It runs with a single password, so if I know the password and the host, I can connect. This seemed alright for my purposes. I could log into the computer using PuTTY, and execute the command to start the VNC. This site explained, in a clear and concise manner (4 steps), how to set up x11vnc. After installing the client, I simply had to log into my router and open ports 5800 and 5900.

That’s pretty much how far I’ve gotten so far. This is pretty much going straight past all the struggles and searching and straight to the successes. I know this will help someone, even if it’s just me again in the future.