howtos:mailserverhardy
Differences
This shows you the differences between two versions of the page.
howtos:mailserverhardy [25/08/2017 13:33] – created domingo | howtos:mailserverhardy [02/12/2018 21:34] (current) – external edit 127.0.0.1 | ||
---|---|---|---|
Line 1: | Line 1: | ||
+ | ====== Intro ====== | ||
+ | This guide is more or less a copy of " | ||
+ | |||
+ | The reduce the power consumption of my server I've replace it with a low-power Soekris Net5501 with a 2,5" harddisk. This move actually took the power consumption from 60W to sweet low 9W - me like :-D | ||
+ | |||
+ | This is what it looks like and what you're hitting right now with your browser: | ||
+ | |||
+ | {{: | ||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | ===== Starting Out ===== | ||
+ | |||
+ | Start out by flashing the Soekris Net5501 with the [[http:// | ||
+ | |||
+ | On how to flash it look [[http:// | ||
+ | |||
+ | The console speed is default 19200/ | ||
+ | Boot up the box and enter the BIOS by pressing CTRL-P. Inside the BIOS run: | ||
+ | < | ||
+ | set ConSpeed=57600 | ||
+ | set ConLock=enabled | ||
+ | </ | ||
+ | This put the console speed up to 57600 and locks it from change by applications. | ||
+ | |||
+ | |||
+ | As the Soekris has limited input options I used PXE boot to start the installation of Hardy Heron. Of course this requires an other machine to service a tftp server and a dhcp server. You can find inspiration on how to do that [[https:// | ||
+ | For unknown reasons the console display is unusable if you use the pxelinux.0 file that comes with Ubuntu. Therefore use {{: | ||
+ | |||
+ | As the console speed is now 57.6Kbps, this needs to be changed in the PXE boot config file. Edit the file / | ||
+ | |||
+ | And change the symlink: | ||
+ | |||
+ | < | ||
+ | cd / | ||
+ | sudo rm pxelinux.cfg | ||
+ | sudo ln -s ubuntu-installer/ | ||
+ | </ | ||
+ | |||
+ | Go through the install like an ordinary Ubuntu server installation except when you get to the partitioning. The boot partition has to be within the first 1023 cylinders otherwise Grub doesn' | ||
+ | |||
+ | A small note, when getting to keyboard layout, autodetect doesn' | ||
+ | |||
+ | Pick you partition layout. Make /boot within the first 1023 blocks (make it 100MB ex.), hit install and wait as the packages are downloaded from the Internet and installed. | ||
+ | | ||
+ | If you want to you can always boot via PXE again by entering the bios and run: | ||
+ | < | ||
+ | boot f0 | ||
+ | </ | ||
+ | |||
+ | |||
+ | When you get to the " | ||
+ | |||
+ | Now we need to install some additional software and update the current installed ones: | ||
+ | |||
+ | < | ||
+ | sudo apt-get update | ||
+ | sudo apt-get dist-upgrade | ||
+ | sudo apt-get install postfix postfix-mysql postfix-pcre | ||
+ | </ | ||
+ | |||
+ | ===== Postfix ===== | ||
+ | Next one up is postfix. You need to get correct uid and guid for the user postfix: | ||
+ | < | ||
+ | # id postfix | ||
+ | uid=200(postfix) gid=200(postfix) groups=200(postfix) | ||
+ | </ | ||
+ | |||
+ | With this info at hand you can copy this main.cf file and replace the corresponding postfix uid/guid with your values. | ||
+ | |||
+ | __main.cf: | ||
+ | < | ||
+ | alias_database = hash:/ | ||
+ | alias_maps = hash:/ | ||
+ | append_dot_mydomain = no | ||
+ | biff = no | ||
+ | config_directory = / | ||
+ | inet_interfaces = all | ||
+ | mailbox_command = procmail -a " | ||
+ | mailbox_size_limit = 0 | ||
+ | mydestination = host.domain.dk, | ||
+ | myhostname = host.domain.dk | ||
+ | mynetworks = 192.168.1.0/ | ||
+ | myorigin = / | ||
+ | readme_directory = no | ||
+ | recipient_delimiter = + | ||
+ | relayhost = | ||
+ | smtp_tls_session_cache_database = btree: | ||
+ | smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) | ||
+ | smtpd_client_restrictions = | ||
+ | check_client_access hash:/ | ||
+ | check_client_access hash:/ | ||
+ | reject_rbl_client sbl.spamhaus.org | ||
+ | reject_rbl_client xbl.spamhaus.org | ||
+ | |||
+ | smtpd_data_restrictions = | ||
+ | reject_multi_recipient_bounce | ||
+ | permit | ||
+ | smtpd_helo_required = yes | ||
+ | smtpd_recipient_restrictions = | ||
+ | reject_non_fqdn_recipient | ||
+ | reject_non_fqdn_sender | ||
+ | permit_mynetworks | ||
+ | check_recipient_access hash:/ | ||
+ | reject_unauth_destination | ||
+ | check_recipient_access hash:/ | ||
+ | reject_non_fqdn_hostname | ||
+ | reject_invalid_hostname | ||
+ | permit | ||
+ | smtpd_restriction_classes = | ||
+ | has_our_domain_as_sender | ||
+ | smtpd_tls_cert_file = / | ||
+ | smtpd_tls_key_file = / | ||
+ | smtpd_tls_session_cache_database = btree: | ||
+ | smtpd_use_tls = yes | ||
+ | virtual_alias_maps = proxy: | ||
+ | virtual_gid_maps = static:200 | ||
+ | virtual_mailbox_base = / | ||
+ | virtual_mailbox_domains = proxy: | ||
+ | virtual_mailbox_limit = 51200000 | ||
+ | virtual_mailbox_maps = proxy: | ||
+ | virtual_minimum_uid = 200 | ||
+ | virtual_transport = virtual | ||
+ | virtual_uid_maps = static:200 | ||
+ | </ | ||
+ | |||
+ | ===== Dovecot ===== | ||
+ | |||
+ | For this install I chose to use dovecot instead of couirer-imapd. And it turned out to be a good choice with easy integration for [[sasl-dovecot-postfix-ssl|Postfix SASL]]. | ||
+ | |||
+ | |||
+ | |||
+ | More to come.... |
howtos/mailserverhardy.txt · Last modified: 02/12/2018 21:34 by 127.0.0.1