User Tools

Site Tools


howtos:mailserverhardy

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

howtos:mailserverhardy [d/m/Y H:i] (current)
Line 1: Line 1:
 +====== Intro ======
  
 +This guide is more or less a copy of "​[[howtos:​mailserver|Mail Server - Suse 9.3]]" but running on Ubuntu Hardy Heron Server. Luckily Ubuntu has a huge repository contain gazillion pieces of software and almost all I need. Apt is your friend 8-)
 +
 +The reduce the power consumption of my server I've replace it with a low-power Soekris Net5501 with a 2,5" harddisk. This move actually took the power consumption from 60W to sweet low 9W - me like :-D
 +
 +This is what it looks like and what you're hitting right now with your browser:
 +
 +{{:​howtos:​img_2092.jpg|}}{{:​howtos:​img_2088.jpg|}}{{:​howtos:​img_2090.jpg|}}{{:​howtos:​img_2091.jpg|}}
 +
 +
 +
 +
 +
 +
 +
 +
 +===== Starting Out =====
 +
 +Start out by flashing the Soekris Net5501 with the [[http://​www.soekris.com/​downloads.htm|latest]] firmware. Can also be downloaded {{:​howtos:​b5501_133c.bin|here}}.
 +
 +On how to flash it look [[http://​wiki.soekris.info/​Updating_Bios|here]] or a local copy [[Flash Soekris|here]].
 +
 +The console speed is default 19200/​8/​1/​no flowcontrol. This is somewhat slow so I configured it up to 57600:
 +Boot up the box and enter the BIOS by pressing CTRL-P. Inside the BIOS run:
 +<​code>​
 +set ConSpeed=57600
 +set ConLock=enabled
 +</​code>​
 +This put the console speed up to 57600 and locks it from change by applications.
 +
 +
 +As the Soekris has limited input options I used PXE boot to start the installation of Hardy Heron. Of course this requires an other machine to service a tftp server and a dhcp server. You can find inspiration on how to do that [[https://​help.ubuntu.com/​community/​PXEInstallServer|here]].
 +For unknown reasons the console display is unusable if you use the pxelinux.0 file that comes with Ubuntu. Therefore use {{:​howtos:​pxelinux.0.gz|this}} one instead.
 +
 +As the console speed is now 57.6Kbps, this needs to be changed in the PXE boot config file. Edit the file /​var/​lib/​tftpboot/​ubuntu-installer/​i386/​pxelinux.cfg.serial-9600/​default and change all occurrences of 9600 to 57600 then save in its own directory of /​var/​lib/​tftpboot/​ubuntu-installer/​i386/​pxelinux.cfg.serial-57600/​ and remember to change the symlink pxelinux.cfg in /​var/​lib/​tftpboot to point to the new 57600 directory.
 +
 +And change the symlink:
 +
 +<​code>​
 +cd /​var/​lib/​tftpboot
 +sudo rm pxelinux.cfg
 +sudo ln -s ubuntu-installer/​i386/​pxelinux.cfg.serial-57600 pxelinux.cfg
 +</​code>​
 +
 +Go through the install like an ordinary Ubuntu server installation except when you get to the partitioning. The boot partition has to be within the first 1023 cylinders otherwise Grub doesn'​t handle it so well (you'​ll get an GRUB ERROR 18). I believe it has to do with Grub not being able to reading the boot files. I made the /boot partition around 100MB of size and I was home free.
 +
 +A small note, when getting to keyboard layout, autodetect doesn'​t work, just select it manually.
 +
 +Pick you partition layout. Make /boot within the first 1023 blocks (make it 100MB ex.), hit install and wait as the packages are downloaded from the Internet and installed.
 +  ​
 +If you want to you can always boot via PXE again by entering the bios and run: 
 +<​code>​
 +boot f0
 +</​code>​
 +
 +
 +When you get to the "​Software selection"​ menu I select "LAMP server"​ and "​OpenSSH server"​. You may do otherwise but this gets the needed software in quick.
 +
 +Now we need to install some additional software and update the current installed ones:
 +
 +<​code>​
 +sudo apt-get update
 +sudo apt-get dist-upgrade ​
 +sudo apt-get install postfix postfix-mysql postfix-pcre ​ libmysqlclient15-dev libssl-dev build-essential libapache2-mod-perl2 libgd-text-perl libgd-graph-perl libgd-graph3d-perl dovecot-common dovecot-imapd gallery2 phpmyadmin pure-ftpd pure-ftpd-common pure-ftpd-mysql
 +</​code>​
 +
 +===== Postfix =====
 +Next one up is postfix. You need to get correct uid and guid for the user postfix:
 +<​code>​
 +# id postfix
 +uid=200(postfix) gid=200(postfix) groups=200(postfix)
 +</​code>​
 +
 +With this info at hand you can copy this main.cf file and replace the corresponding postfix uid/guid with your values.
 +
 +__main.cf:​__
 +<​file>​
 +alias_database = hash:/​etc/​aliases
 +alias_maps = hash:/​etc/​aliases
 +append_dot_mydomain = no
 +biff = no
 +config_directory = /​etc/​postfix
 +inet_interfaces = all
 +mailbox_command = procmail -a "​$EXTENSION"​
 +mailbox_size_limit = 0
 +mydestination = host.domain.dk,​ localhost.domain.dk,​ localhost
 +myhostname = host.domain.dk
 +mynetworks = 192.168.1.0/​24 127.0.0.0/8 [::​ffff:​127.0.0.0]/​104 [::1]/128
 +myorigin = /​etc/​mailname
 +readme_directory = no
 +recipient_delimiter = +
 +relayhost = 
 +smtp_tls_session_cache_database = btree:​${data_directory}/​smtp_scache
 +smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
 +smtpd_client_restrictions = 
 +        check_client_access hash:/​etc/​postfix/​okay_senders
 + check_client_access hash:/​etc/​postfix/​blocked_senders
 +        reject_rbl_client sbl.spamhaus.org
 +        reject_rbl_client xbl.spamhaus.org
 +
 +smtpd_data_restrictions = 
 +        reject_multi_recipient_bounce
 +        permit
 +smtpd_helo_required = yes
 +smtpd_recipient_restrictions = 
 +        reject_non_fqdn_recipient
 +        reject_non_fqdn_sender
 +        permit_mynetworks
 +        check_recipient_access hash:/​etc/​postfix/​protect_ham_spam_accounts
 +        reject_unauth_destination
 +        check_recipient_access hash:/​etc/​postfix/​roleaccount_exceptions
 +        reject_non_fqdn_hostname
 +        reject_invalid_hostname
 +        permit
 +smtpd_restriction_classes = 
 +        has_our_domain_as_sender
 +smtpd_tls_cert_file = /​etc/​ssl/​certs/​ssl-cert-snakeoil.pem
 +smtpd_tls_key_file = /​etc/​ssl/​private/​ssl-cert-snakeoil.key
 +smtpd_tls_session_cache_database = btree:​${data_directory}/​smtpd_scache
 +smtpd_use_tls = yes
 +virtual_alias_maps = proxy:​mysql:/​etc/​postfix/​mysql_virtual_alias_maps.cf
 +virtual_gid_maps = static:200
 +virtual_mailbox_base = /​usr/​local/​virtual
 +virtual_mailbox_domains = proxy:​mysql:/​etc/​postfix/​mysql_virtual_domains_maps.cf
 +virtual_mailbox_limit = 51200000
 +virtual_mailbox_maps = proxy:​mysql:/​etc/​postfix/​mysql_virtual_mailbox_maps.cf
 +virtual_minimum_uid = 200
 +virtual_transport = virtual
 +virtual_uid_maps = static:200
 +</​file>​
 +
 +===== Dovecot =====
 +
 +For this install I chose to use dovecot instead of couirer-imapd. And it turned out to be a good choice with easy integration for [[sasl-dovecot-postfix-ssl|Postfix SASL]]. ​
 +
 +
 +
 +More to come....
howtos/mailserverhardy.txt · Last modified: d/m/Y H:i (external edit)