User Tools

Site Tools


howtos:mailserverhardy

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

howtos:mailserverhardy [d/m/Y H:i] (current)
Line 1: Line 1:
 +====== Intro ======
  
 +This guide is more or less a copy of "[[howtos:mailserver|Mail Server - Suse 9.3]]" but running on Ubuntu Hardy Heron Server. Luckily Ubuntu has a huge repository contain gazillion pieces of software and almost all I need. Apt is your friend 8-)
 +
 +The reduce the power consumption of my server I've replace it with a low-power Soekris Net5501 with a 2,5" harddisk. This move actually took the power consumption from 60W to sweet low 9W - me like :-D
 +
 +This is what it looks like and what you're hitting right now with your browser:
 +
 +{{:howtos:img_2092.jpg|}}{{:howtos:img_2088.jpg|}}{{:howtos:img_2090.jpg|}}{{:howtos:img_2091.jpg|}}
 +
 +
 +
 +
 +
 +
 +
 +
 +===== Starting Out =====
 +
 +Start out by flashing the Soekris Net5501 with the [[http://www.soekris.com/downloads.htm|latest]] firmware. Can also be downloaded {{:howtos:b5501_133c.bin|here}}.
 +
 +On how to flash it look [[http://wiki.soekris.info/Updating_Bios|here]] or a local copy [[Flash Soekris|here]].
 +
 +The console speed is default 19200/8/1/no flowcontrol. This is somewhat slow so I configured it up to 57600:
 +Boot up the box and enter the BIOS by pressing CTRL-P. Inside the BIOS run:
 +<code>
 +set ConSpeed=57600
 +set ConLock=enabled
 +</code>
 +This put the console speed up to 57600 and locks it from change by applications.
 +
 +
 +As the Soekris has limited input options I used PXE boot to start the installation of Hardy Heron. Of course this requires an other machine to service a tftp server and a dhcp server. You can find inspiration on how to do that [[https://help.ubuntu.com/community/PXEInstallServer|here]].
 +For unknown reasons the console display is unusable if you use the pxelinux.0 file that comes with Ubuntu. Therefore use {{:howtos:pxelinux.0.gz|this}} one instead.
 +
 +As the console speed is now 57.6Kbps, this needs to be changed in the PXE boot config file. Edit the file /var/lib/tftpboot/ubuntu-installer/i386/pxelinux.cfg.serial-9600/default and change all occurrences of 9600 to 57600 then save in its own directory of /var/lib/tftpboot/ubuntu-installer/i386/pxelinux.cfg.serial-57600/ and remember to change the symlink pxelinux.cfg in /var/lib/tftpboot to point to the new 57600 directory.
 +
 +And change the symlink:
 +
 +<code>
 +cd /var/lib/tftpboot
 +sudo rm pxelinux.cfg
 +sudo ln -s ubuntu-installer/i386/pxelinux.cfg.serial-57600 pxelinux.cfg
 +</code>
 +
 +Go through the install like an ordinary Ubuntu server installation except when you get to the partitioning. The boot partition has to be within the first 1023 cylinders otherwise Grub doesn't handle it so well (you'll get an GRUB ERROR 18). I believe it has to do with Grub not being able to reading the boot files. I made the /boot partition around 100MB of size and I was home free.
 +
 +A small note, when getting to keyboard layout, autodetect doesn't work, just select it manually.
 +
 +Pick you partition layout. Make /boot within the first 1023 blocks (make it 100MB ex.), hit install and wait as the packages are downloaded from the Internet and installed.
 +  
 +If you want to you can always boot via PXE again by entering the bios and run: 
 +<code>
 +boot f0
 +</code>
 +
 +
 +When you get to the "Software selection" menu I select "LAMP server" and "OpenSSH server". You may do otherwise but this gets the needed software in quick.
 +
 +Now we need to install some additional software and update the current installed ones:
 +
 +<code>
 +sudo apt-get update
 +sudo apt-get dist-upgrade 
 +sudo apt-get install postfix postfix-mysql postfix-pcre  libmysqlclient15-dev libssl-dev build-essential libapache2-mod-perl2 libgd-text-perl libgd-graph-perl libgd-graph3d-perl dovecot-common dovecot-imapd gallery2 phpmyadmin pure-ftpd pure-ftpd-common pure-ftpd-mysql
 +</code>
 +
 +===== Postfix =====
 +Next one up is postfix. You need to get correct uid and guid for the user postfix:
 +<code>
 +# id postfix
 +uid=200(postfix) gid=200(postfix) groups=200(postfix)
 +</code>
 +
 +With this info at hand you can copy this main.cf file and replace the corresponding postfix uid/guid with your values.
 +
 +__main.cf:__
 +<file>
 +alias_database = hash:/etc/aliases
 +alias_maps = hash:/etc/aliases
 +append_dot_mydomain = no
 +biff = no
 +config_directory = /etc/postfix
 +inet_interfaces = all
 +mailbox_command = procmail -a "$EXTENSION"
 +mailbox_size_limit = 0
 +mydestination = host.domain.dk, localhost.domain.dk, localhost
 +myhostname = host.domain.dk
 +mynetworks = 192.168.1.0/24 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
 +myorigin = /etc/mailname
 +readme_directory = no
 +recipient_delimiter = +
 +relayhost = 
 +smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
 +smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
 +smtpd_client_restrictions = 
 +        check_client_access hash:/etc/postfix/okay_senders
 + check_client_access hash:/etc/postfix/blocked_senders
 +        reject_rbl_client sbl.spamhaus.org
 +        reject_rbl_client xbl.spamhaus.org
 +
 +smtpd_data_restrictions = 
 +        reject_multi_recipient_bounce
 +        permit
 +smtpd_helo_required = yes
 +smtpd_recipient_restrictions = 
 +        reject_non_fqdn_recipient
 +        reject_non_fqdn_sender
 +        permit_mynetworks
 +        check_recipient_access hash:/etc/postfix/protect_ham_spam_accounts
 +        reject_unauth_destination
 +        check_recipient_access hash:/etc/postfix/roleaccount_exceptions
 +        reject_non_fqdn_hostname
 +        reject_invalid_hostname
 +        permit
 +smtpd_restriction_classes = 
 +        has_our_domain_as_sender
 +smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
 +smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
 +smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
 +smtpd_use_tls = yes
 +virtual_alias_maps = proxy:mysql:/etc/postfix/mysql_virtual_alias_maps.cf
 +virtual_gid_maps = static:200
 +virtual_mailbox_base = /usr/local/virtual
 +virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql_virtual_domains_maps.cf
 +virtual_mailbox_limit = 51200000
 +virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
 +virtual_minimum_uid = 200
 +virtual_transport = virtual
 +virtual_uid_maps = static:200
 +</file>
 +
 +===== Dovecot =====
 +
 +For this install I chose to use dovecot instead of couirer-imapd. And it turned out to be a good choice with easy integration for [[sasl-dovecot-postfix-ssl|Postfix SASL]]. 
 +
 +
 +
 +More to come....
howtos/mailserverhardy.txt · Last modified: d/m/Y H:i (external edit)