Tuesday, January 15, 2013

ProFTPD Version 1.3.4a + Slackware 12.0

Berikut setingan Proftpd di slackware, agak sedikit berbeda dengan yang ada di Centos, bila di Centos untuk pembuatan root direktorinya bisa di lakukan dengan pembuatan hard link, namun pada Slackware versi 12.0 hal tersebut tidak bisa dilakukan, sehingga cara satu-satunya adalah dengan membuat virtual direktori untuk masing-masing user.
root:# cat /etc/slackware-version
Slackware 12.0.0
root:# proftpd -v
ProFTPD Version 1.3.4a
root:# proftpd -l
Compiled-in modules:
  mod_core.c
  mod_xfer.c
  mod_auth_unix.c
  mod_auth_file.c
  mod_auth.c
  mod_ls.c
  mod_log.c
  mod_site.c
  mod_delay.c
  mod_facts.c
  mod_ident.c
  mod_readme.c
  mod_ratio.c
  mod_tls.c
  mod_wrap.c
  mod_ctrls_admin.c
  mod_cap.c
  mod_ctrls.c
ServerName                      "FTP Server"
ServerType                      standalone
DefaultServer                   on
DeleteAbortedStores             on
HiddenStores                    on
Port                            21
Umask                           022
MaxInstances                    10
MaxClients                      8
MaxClientsPerHost               8
MaxClientsPerUser               8
MaxHostsPerUser                 8
SystemLog                       /var/log/proftpd.log
TransferLog                     /var/log/xferlog
RequireValidShell               off
User                            nobody
Group                           nogroup
AllowOverwrite                  on


    User                        bel
    Group                       users
    AnonRequirePassword         on
        
            AllowAll
        



    User                        art
    Group                       users
    AnonRequirePassword         on
        
            AllowAll
        

Monday, January 14, 2013

Postfix + Dovecot on Centos 6.2 Final Release

Postfix Instalation and Configuration Install postfix package
$ yum install postfix
Edit your main.cf
$ mcedit /etc/postfix/main.cf
and add this basic configuration (change nebula.anekarupatera.lan with your FQDN machine name.
Before editing main.cf we should generate key for ssl/tls certificate, and add the result to main.cf
$ genkey --days 365 nebula.anekarupatera.lan
queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
mail_owner = postfix
relay_domains =
home_mailbox = Maildir/

inet_interfaces = all
inet_protocols = all

myhostname = nebula.anekarupatera.lan
mydomain = anekarupatera.lan
myorigin = $mydomain
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
mynetworks = 192.168.110.0/24, 127.0.0.0/8

unknown_local_recipient_reject_code = 550
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
debug_peer_level = 2
debugger_command =
         PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
         ddd $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/sbin/sendmail.postfix
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq.postfix
setgid_group = postdrop
html_directory = no
manpage_directory
#
# Configuring SSL/TLS in postfix
#
broken_sasl_auth_clients = yes
smtpd_sasl_local_domain =
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_authenticated_header = yes
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
#
smtpd_tls_auth_only = no
smtp_use_tls = yes
smtpd_use_tls = yes
smtp_tls_note_starttls_offer = yes
#
tls_random_source = dev:/dev/urandom
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
smtpd_tls_key_file = /etc/pki/tls/private/nebula.anekarupatera.lan.key
smtpd_tls_cert_file = /etc/pki/tls/certs/nebula.anekarupatera.lan.cert
Start your postfix service
$ /etc/init.d/postfix start
Dovecot Instalation and Configuration
$ yum install dovecot
Edit your dovecot.conf
$mcedit /etc/dovecot/dovecot.conf
And change the following line from
protocols = imap pop3 lmtp
to
protocols = imap pop3
Start your Dovecot service
$ /etc/init.d/dovecot start

iRedMail on CentOS release 6.2 (Final)

DOwnload the latest release of iRedMail here
wget https://bitbucket.org/zhb/iredmail/downloads/iRedMail-0.8.3.tar.bz2
Extract download result using command below
tar -jxvf iRedMail-0.8.3.tar.bz2
After extract finished, go to extract result directory
cd iRedMail-0.8.3
Run iRedMail-0.8.3.sh script
$ sh iRedMail.sh 
< INFO > Checking new version of iRedMail ...
< INFO > Clean metadata of yum repositories.
Loaded plugins: fastestmirror, refresh-packagekit, security
Cleaning repos: base c6-media epel extras updates
20 metadata files removed
8 sqlite files removed
0 metadata files removed
< INFO > Generating yum repository ...
< INFO > Fetching source tarballs ...
< INFO > + 1 of 6: http://iredmail.org/yum/misc/iRedAdmin-0.2.tar.bz2
< INFO > + 2 of 6: http://iredmail.org/yum/misc/roundcubemail-0.8.2.tar.gz
< INFO > + 3 of 6: http://iredmail.org/yum/misc/phpldapadmin-1.2.2.tgz
< INFO > + 4 of 6: http://iredmail.org/yum/misc/phpMyAdmin-3.5.3-all-languages.tar.bz2
< INFO > + 5 of 6: http://iredmail.org/yum/misc/iRedAPD-1.3.8.tar.bz2
< INFO > + 6 of 6: http://iredmail.org/yum/misc/phpPgAdmin-5.0.4.tar.bz2
< INFO > Validate packages ... [ OK ]
< INFO > Install package: dialog
< INFO > Installing package(s): dialog
Loaded plugins: fastestmirror, refresh-packagekit, security
Loading mirror speeds from cached hostfile
.....
...











After this step, iRedMail instalation will be update all your repo's database, to make sure you get the latest realease of the files. after update all repo's database, it will continue with downloading required packages and install it. You just need to relax and wait ( and hope have fast internet connection ), becasue in my case, it will install ( including update) 80 package.
Complete!




********************************************************************
* Start iRedMail Configurations
********************************************************************
< INFO > Create SSL certification files.
< INFO > Create required system accounts: vmail, iredapd, iredadmin.
< INFO > Configure Apache web server and PHP.
< INFO > Configure PostgreSQL database server.
< INFO > Configure Postfix (Message Transfer Agent).
< INFO > Configure Policyd (postfix policy server, code name cluebringer).
< INFO > Configure Dovecot (pop3/imap/managesieve server, version 2).
< INFO > Configure ClamAV (anti-virus toolkit).
< INFO > Configure Amavisd-new (interface between MTA and content checkers).
< INFO > Configure SpamAssassin (content-based spam filter).
< INFO > Configure iRedAPD (postfix policy daemon).
< INFO > Configure iRedAdmin (official web-based admin panel).
< INFO > Configure Fail2ban (authentication failure monitor).
< INFO > Configure Awstats (logfile analyzer for mail and web server).
< INFO > Configure Roundcube webmail.
< INFO > Configure phpPgAdmin (web-based PostgreSQL management tool).

*************************************************************************
* iRedMail-0.8.3 installation and configuration complete.
*************************************************************************

< INFO > Disable SELinux in /etc/selinux/config.
< Question > Would you like to use firewall rules provided by iRedMail now?
< Question > File: /etc/sysconfig/iptables, with SSHD port: 22. [Y|n] n
and then iRedMail will try to update your ClamAv Database, after installation finish, you will get this notification.
********************************************************************
* URLs of installed web applications:
*
* - Webmail: httpS://merkurius.anekarupatera.lan/mail/
* - Admin Panel (iRedAdmin): httpS://merkurius.anekarupatera.lan/iredadmin/
*   + Username: postmaster@anekarupatera.lan, Password: ********
*

********************************************************************
* Congratulations, mail server setup complete. Please refer to tip
* file for more information:
*
*   - /tmp/iRedMail-0.8.3/iRedMail.tips
*
* And it's sent to your mail account postmaster@anekarupatera.lan.
*
* Please reboot your system to enable mail services.
*
********************************************************************
Important, first you must read the /tmp/iRedMail-0.8.3/iRedMail.tips, on the first installation I've not read it at all, but after got some trouble i came back to read it :D
$ cat /tmp/iRedMail-0.8.3/iRedMail.tips
Finish ??? Not Yet We must update bind configuration with Domain Keys Indentified Main (DKIM), now open your console again.
$ amavisd show keys
Or, if the above command complain about config file, "Config file "/etc/amavisd.conf" does not exist, at /usr/sbin/amavisd line 1799." you can use command below.
$ amavisd -c /etc/amavisd/amavisd.conf showkeys
In my case, the output loook like this
$ amavisd -c /etc/amavisd/amavisd.conf showkeys
; key#1, domain anekarupatera.lan, /var/lib/dkim/anekarupatera.lan.pem
dkim._domainkey.anekarupatera.lan. 3600 TXT (
  "v=DKIM1; p="
  "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCkfeQwd0g+DmQf4PE0vwtO3sJV"
  "pGgLrq1g5Uw0/erPxL8DGj2IdviHQuA364CpOvB4jA4h9U/fJiGBsWNA0SjnLTjV"
  "yLM4iNOSCPISJKnnvcnG6vv4UXDjwYoDJd5JYNbW2tURNMDQeWNdfQ4thLygtPH8"
  "3hkpL1b9EV5Xf9ldAwIDAQAB")
Copy and paste output text to your bind configuration in ONE LINE !!!, make it like this
$ cat /var/named/anekarupatera.lan

$ORIGIN anekarupatera.lan.
$ttl 86400
@       IN      SOA     nebula.anekarupatera.lan. root.anekarupatera.lan. (
                        2009101590
                        43200
                        3600
                        1209600
                        604800 )

                IN      NS                      nebula.anekarupatera.lan.

                IN      MX      10              nebula.anekarupatera.lan.

aurora          IN      A       192.168.110.74
athena          IN      A       192.168.110.200
gaia            IN      A       192.168.110.230
chronos         IN      A       192.168.110.231
porteus         IN      A       192.168.110.232
samba           IN      A       192.168.110.253
nebula          IN      A       192.168.110.254

mail            IN      CNAME   nebula
www             IN      CNAME   nebula

dkim._domainkey.anekarupatera.lan. IN TXT "v=DKIM1; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCkfeQwd0g+DmQf4PE0vwtO3sJVpGgLrq1g5Uw0/erPxL8DGj2IdviHQuA364CpOvB4jA4h9U/fJiGBsWNA0SjnLTjVyLM4iNOSCPISJKnnvcnG6vv4UXDjwYoDJd5JYNbW2tURNMDQeWNdfQ4thLygtPH83hkpL1b9EV5Xf9ldAwIDAQAB"
Now test your DKIM key, it should be pass right now.
# amavisd -c /etc/amavisd/amavisd.conf testkeys
TESTING#1: dkim._domainkey.anekarupatera.lan => pass
Final check, Make sure you have /var/www/awstats/awstats.pl on /var/www/awstats/ directory, if you don't have it, you must create it using command below.
ln /usr/share/awstats/wwwroot/cgi-bin/awstats.pl  /var/www/awstats/awstats.pl
Now reboot your linux.

After Reboot :

READ your iRedMail.tips