With HostGators reseller hosting plans, you can quickly and inexpensively setup your own web hosting company.Check out our plans today or call 86696GATOR.F9otKkoSbOk/hqdefault.jpg' alt='Step By Step Install Squirrelmail' title='Step By Step Install Squirrelmail' />Install and configure DNS server in Ubuntu 1.LTSThis comprehensive tutorial describes how to install and configure DNS server in Ubuntu 1.LTS 6.As you may know already, DNS is the short form of Domain name system, which is used to resolve hostnames into IP addresses and vice versa.For the purpose of this guide, I will be using three systems, one for Primary DNS server, other for secondary DNS, and the third one for DNS client.All systems are running with Ubuntu 1.Here is the IP and host name of each system.Primary DNS server Operating system Ubuntu 1.LTS 6.Hostname pri. ostechnix.IP address 1.Secondary DNS server Operating system Ubuntu 1.LTS 6.Hostname sec. ostechnix.IP address 1.DNS Client Operating system Ubuntu 1.LTS 6.Hostname client. IP address 1.Let us get started.Install and Configure DNS server in Ubuntu 1.I will split this guide as as three parts for the sake of simplicity and easy understanding.Install and configure Caching only name server,Install and configure Primary DNS server or Master DNS server.Install and configure Secondary DNS server or Slave DNS server.Let us do it step by step.Part 1 Install and configure Caching only name server,Make sure your Ubuntu server is up to date.Install BIND9.After updating the system, run the following command to install BIND9 packages which are used to setup DNS server.Install BIND9.Configuring Caching name server.Caching name server saves the DNS query results locally for a particular period of time.It reduces the DNS servers traffic by saving the queries locally, therefore it improves the performance and efficiency of the DNS server.To configure Caching name server, edit etcbindnamed.Uncomment the following lines.And then, add your ISP or Google public DNS server IP addresses.Save and close the file.And then restart bind.We have successfully installed the caching name server.Testing Caching name server.Now let us check if it is working or not using command dig x 1.If you see something like below, congratulations Caching name server is working lt lt Di.G 9.P4 Ubuntu lt lt x 1.HEADERlt lt opcode QUERY, status NOERROR, id 2.QUERY 1, ANSWER 1, AUTHORITY 1, ADDITIONAL 3.OPT PSEUDOSECTION.EDNS version 0, flags udp 4.QUESTION SECTION.IN PTR.ANSWER SECTION.IN PTR localhost.AUTHORITY SECTION.IN NS localhost.ADDITIONAL SECTION.IN A 1.IN AAAA 1. Query time 0 msec.SERVER 1.WHEN Tue Aug 2.IST 2.MSG SIZE rcvd 1.Part 2 Install and configure Primary DNS server.Make sure your Ubuntu server is up to date using the following commands sudo apt get updatesudo apt get upgradesudo apt get dist upgrade.Install BIND9.Run the following command to install BIND9 packages.Configuring Primary DNS server.All configuration file be will be available under etcbind directory.Let us edit bind.Edit etcbindnamed.This file should have the following lines in it.If the lines are not there, just add them.Save the changes and exit the file.We need to define the forward and reverse zone files.To do so, edit named.Define the forward and reverse files as shown below.Here, for.And 1. 92. 1. 68.IP address of secondary DNS server.We do this because, the secondary DNS will start to fetch the queries if primary server is down.Save and close the file.Let us now create the zone files which we defined in the previous step.First let us create forward zone file as shown below.Add the following lines TTL 8.IN SOA pri.Serial. 3. 60. 0 Refresh.Retry.Expire. 8. 64. 00 Minimum TTL.IN NS pri.IN NS sec.IN A 1.IN A 1.IN A 1.IN A 1.IN A 1.IN A 1.Similarly, you can add the other client records as defined in the above file.Save and close the file.Next create reverse zone.Add the following lines TTL 8.IN SOA pri.Serial. 3. 60. 0 Refresh.Retry.Expire. 8. 64. 00 Minimum TTL.IN NS pri.IN NS sec.IN PTR ostechnix.IN A 1.IN A 1.IN A 1.IN PTR pri.IN PTR sec.IN PTR client.Save and close the file.Set the proper permissions and ownership to the bind.R 7.R bind bind etcbind.Next, we need to verify the DNS configuration files and zone files.Check the DNS configuration files with commands sudo named checkconf etcbindnamed.If the above commands returns nothing, it means DNS configuration is valid.Next, check the zone files using commands sudo named checkzone ostechnix.Sample output zone ostechnix.IN loaded serial 2.OKCheck the reverse zone file sudo named checkzone ostechnix.Sample output zone ostechnix.IN loaded serial 2.OKIf you got the results as shown above, then everything is good.Now, it is time to check whether the primary DNS server is working or not.Edit etcnetworkinterfaces file sudo vi etcnetworkinterfaces.Add the DNS server IP address.In our case, the DNS server IP is the same IP address of this machine itself.Save and close the file.Finally, restart Bind.Testing primary DNS server.Verify DNS server using dig or nslookup commands.Sample output lt lt Di.G 9. Download Torrent Mysims Pc . P4 Ubuntu lt lt pri.HEADERlt lt opcode QUERY, status NOERROR, id 5.QUERY 1, ANSWER 1, AUTHORITY 2, ADDITIONAL 2.OPT PSEUDOSECTION.EDNS version 0, flags udp 4.QUESTION SECTION.IN A.ANSWER SECTION.IN A 1.AUTHORITY SECTION.IN NS sec.IN NS pri. ostechnix.ADDITIONAL SECTION.IN A 1.Query time 0 msec.SERVER 1.WHEN Tue Aug 2.IST 2.MSG SIZE rcvd 1.Or, use nslookup command as shown below nslookup ostechnix.Sample output Server 1.Address 1.Name ostechnix. lan.Address 1.Name ostechnix. lan.Address 1.Name ostechnix. lan.Fora De Controle Download Dublado 1979 there.Address 1. 92. 1.If you got results something like above, then primary DNS server is up and is working perfectlyPart 2 Install and configure Secondary DNS server.You need a separate system to setup this server.We need secondary DNS server, because in case of any problem with Primary DNS, then secondary dns server will still resolve quries.First, Update server using commands sudo apt get updatesudo apt get upgradesudo apt get dist upgrade.Install BIND9.Install required bind.Configure secondary DNS server.Edit bind.Add the following lines if they are not there.Save and close the file.Next, we need to define zone files.To do so, edit named.Add or modify the following lines.Replace IP address and zone files with your own values.Here, 1.IP address of the primary DNS server.Please note that the path of zone files must be varcachebind directory.It is because App.Armor only allow write access inside it by default.Next set the proper permission and ownership to the bind directory.R 7.R bind bind etcbind.Then, edit network configuration file and add the primary and secondary DNS servers IP address.Save and close the file.Finally, reboot your system to take effect the all changes.Testing Secondary DNS server.As I mentioned already, we use dig or nslookup commands to test DNS server.Let us verify the secondary DNS server with command dig sec.Sample Output lt lt Di.G 9.P4 Ubuntu lt lt sec.HEADERlt lt opcode QUERY, status NOERROR, id 4.QUERY 1, ANSWER 1, AUTHORITY 2, ADDITIONAL 2.OPT PSEUDOSECTION.EDNS version 0, flags udp 4.QUESTION SECTION.IN A.ANSWER SECTION.IN A 1.AUTHORITY SECTION.IN NS sec.IN NS pri. ostechnix.ADDITIONAL SECTION.IN A 1.Query time 2 msec.SERVER 1.WHEN Tue Aug 2.IST 2.MSG SIZE rcvd 1.Similarly, you can verify primary DNS server with command dig pri.Or, just use nslookup command as shown below.Note Please note that the zone files will be transferred only when the Serial Number on the Primary DNS server is higher than the Secondary DNS servers serial number.Configuring DNS client.Edit network configuration file in the client system sudo nano etcnetworkinterfaces.Add the nameserver IP addresses.Save and close the file.How To Setup your own Mail Server with anti spam configuration in 6.View on Github.Issue.Introduction.This tutorial will teach you how to set up your own robust email server.We are focusing on a small personal server with up to a few email accounts.After following this guide, you will have a fully functional mail server and you can connect with your favourite client to access, read and send emails.The Anti Spam configuration will drop unwanted messages.This tutorial will use yourdomain.The desired email address will be yournameyourdomain.We assume that our server has the IP address 1.Software and technologies used.Postfix v.SMTP server.Dovecot v.IMAP server. We will use Unix user accounts and tunnel the SASL authentication through TLSEmails in transit inboundoutbound will be encrypted using TLS if supported by the foreign mail server.Postgrey v.SPF Sender Policy Framework validating to reduce spam more about.SPFSPF and DMARC DNS entry to prevent spoofing.DKIM Domain Keys Identified Mail to sign our email messages moreabout DKIMPrerequisites.Personal.Every step will be explained in the tutorial and you will get it running even with minimal Unix knowledge.Nevertheless, you should be used to work on the command line and know how to use a text editor.Furthermore it takes some Unix skills to administrate the working mail server.Youre invited to follow the links in this tutorial to learn more about the software and techniques used.System.A VPS running Ubuntu 1.Debian based distribution.Get a VPS hereYour own FQDN domain name.We will be working on a root shell and the tutorial will use vim as text editor.Preparing our system.Setting up the host nameecho mail.Adding our domain to etchostsvim etchosts.We add yourdomain.Setting up the mailnameecho yourdomain.Thats the name that will appear on the right side of the in our email address.In this case, yourdomain.Installing required packages.Updating the systemapt get update apt get upgrade.Installingapt get install postfix postfix policyd spf perl postgrey dovecot core dovecot imapd opendkim opendkim tools postfix stop.Hit No if asked to create a SSL certificate.Choose Internet Site and press ok 2 times when asked by the postfix installer.Setting up DNSWe assume that our domain is already setup in the DNS control panel and we see the default DNS records.Setting up the A recordThere is a dot after the domain nameSetting up the MX recordThere is a dot after the domain nameSetting up the SPF record.We create a new TXT recordvspf.The SPF record protects from email spoofing.It will simply tell other mail servers that only our server is authorized to send emails for yourdomain.SPF.Setting up the DMARC record.We create a new TXT record named dmarc.There is a dot after the domain namevDMARC1 pquarantine ruamailto postmasteryourdomain.Now we will setup the hostname for the PTR record.Our configuration should look similar to this.It will take a while to propagate the new configuration throughout the entire internet.Generating SSL certificates.There are different ways to generate a SSL certificate.The tutorial will use a self signed certificate but we could also use a CAcert, which can be obtained for free from startssl.Either ways, the connection from our email client to the mail server will be encrypted.Creating the certificateopenssl req x.We will be asked to answer a few questions.It is important that we enter mail.Common name.Generating a 2.RSA private key.You are about to be asked to enter information that will be incorporated.What you are about to enter is what is called a Distinguished Name or a DN.There are quite a few fields but you can leave some blank.For some fields there will be a default value.If you enter., the field will be left blank.Country Name 2 letter code AU AT.State or Province Name full name Some State Styria.Locality Name eg, city Vienna.Organization Name eg, company Internet Widgits Pty Ltd.Organizational Unit Name eg, section.Common Name e.FQDN or YOUR name mail.Email Address postmasteryourdomain.Postfix Configuration.Backing up the configuration filescp etcpostfixmaster.Configuration in main.We empty the file and add our configurationBase config.Aliases Recipients.SSLv.SSLv. 3.ORIGINATING.Security and Anti Spam cinfig.Configuration in master.This line must be active smtp inet n smtpd.We uncomment the following submission inet n smtpd.More information about the postfix configuration parameters can be found here.Dovecot Configuration.Backing up the configuration filecp etcdovecotdovecot.Configuration in dovecot.We empty the file and add our configuration.INBOXvarmailu.Trash.Sent. autosubscribe Trash.Sent.More information about the dovecot configuration parameters can be found here.Restarting dovecotservice dovecot restart.Adding our mail user.Now we add the user for our mail account.In this example our emailaddress will be yournameyourdomain.We can add as many usersemail addresses as we want.Setting Aliasesvim etcaliases.The configuration can be adapted to your needs.Here we tell postfix to forward all messages addressed to aliases to the mailbox of user yourname.Compiling the alias filenewaliases.Setting up DKIM Domain Keys Identified MailCreating the directory and filesmkdir etcopendkim.Key.Table. We enter the following line all in the first line default.Signing.Table. We enter the following line yourdomain.Generating the key pairopendkim genkey s default d mail.D etcopendkim.Changing ownership of the private key filechown opendkim opendkim etcopendkimdefault.Configuration in opendkimvim etcdefaultopendkim.We add the line below to the configuration.SOCKETinet 8.Configuration in opendkim.We fill the file with our configuration.Syslog yes.Syslog.Success Yes.Key.Table refile etcopendkimKey.Table.Signing. Table refile etcopendkimSigning.Table.Selector default.Signature.Algorithm rsa sha.Canonicalization relaxedsimple.Auto.Restart Yes.Auto.Restart. Rate 51h.Internal.Hosts 1.Oversign.Headers From.Setting the DKIM DNS recordcat etcopendkimdefault.This is our public key which will be used to verify the signature in our emails.IN TXT vDKIM1 krsa.MIGf.HL0. GCSq. GSIb.DQESYJFOA4.GNADCBi.QKBg. QDSv.Py. WRs.ZIexm. S2.Tu. QAXKPi.Q3. AXn.NORe.Xdg. Kx. Iq.Awl.O7d. Qtglu. WwTH8.Mrbmx.Ugwaa. Lenj.IRvx.XQqr. Wq. Zl. MwQAJx.AGhfaGVTYa7.PFWf.XLoqo. BW5ar.Ew.O2. 0O2uw. 5Ik.Hjk. KZb. QIDAQAB DKIM key default for mail.Now we add a new TXT record As name we put there is a dot at the end default.As text we add use your public key from etcopendkimdefault.DKIM1 krsa pMIGf.HL0.GCSq. GSIb. 3DQESYJFOA4.GNADCBi.QKBg. QDSv.Py. WRs.ZIexm. S2. Tu. QAXKPi.Q3.AXn. 4j. 25. NORe.Xdg.Kx. Iq. Awl.O7d. Qtglu.WwTH8.Mrbmx. 5Ugwaa.Lenj.IRvx. 7hvkj.XQqr. Wq. Zl. MwQAJx.AGhfaGVTYa7.PFWf.XLoqo. BW5ar.Ew.O2. 0O2uw. 5Ik.Hjk. KZb. QIDAQAB.It will take a while to propagate the new configuration throughout the entire internet.Starting postfix and restarting opendkimpostfix start service opendkim restart.Connecting with a Client.Now we will connect with our email client.In the tutorial we use Thunderbird as client.Just add a new email account in Thunderbird and it will auto detect the servers configuration.The configuration should look like this Testing the mail server.Its time to test our server.Lets send and receive emails within Thunderbird.We can observe the ongoing transactions and spot possible errors by monitoring our syslog.We can test our SPF and DKIM configuration here and DMARC here.Some more testing can be done here, or here.Postgrey in action.Pass May 1.Reject at first try May 1.NOQUEUE reject RCPT.Recipient address rejected Greylisted, see http postgrey.ESMTP helo.DKIM in action.Sending an email May 1.AA6.DC2 DKIM Signature header.SPF in action.Pass May 1.Policy actionPREPEND.Received SPF pass verifier.Reject May 1.Policy action5. 50 Please see http www.Why smfrom idsomeone 4yourdomain.May 1.
|
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |