Solved

Setting up a mail server

Posted on 2000-05-15
17
253 Views
Last Modified: 2012-06-27
Hello
I have a static IP and registered domain name. I have already setup my web server and  DNS server. I now want to setup a mail server so I can have pop3 accounts for (example) postmaster@mydomain.com, user@mydomain.com, etc.   I am running RH6.2 and I am not sure where to begin. Please suggest a specific plan and where to go for good howto info. No answers like "just use sendmail" or "just use Qpopper" please
Thanks

Jim
0
Comment
Question by:neptuna
  • 10
  • 7
17 Comments
 
LVL 40

Expert Comment

by:jlevie
Comment Utility
First you'll need to set up sendmail to receive and deliver email. It's pretty easy to do with linuxconf for ordinary, uncomplicated environments. To be able to use POP to access email you'll need the imap support (it includes POP and is on the OS installation CD) installed (kpackage, gnorpm, or just rpm) and enabled (linuxconf).

When setting up sendmail you want to first test for local delivery of email (check with "mail" or a GUI mail client configured for a local mailbox) and then with access via POP or IMAP. When that's working, you can try sending outbound email to where ever you read it now. Even without an MX record you ought to be able to send mail from outside directly to the Full Qualified Domain Name (FQDN) of your server to prove that it will accept mail from the Internet.

Once sendmail has been configured, you'll also need an MX record for your domain that specifies the system you are running sendmail on as the target.
0
 
LVL 40

Expert Comment

by:jlevie
Comment Utility
Whoops, clicked Submit too soon...

The Mail howtos (http://howto.tucows.com/LDP/HOWTO/Mail-Administrator-HOWTO.html and http://howto.tucows.com/LDP/HOWTO/Mail-User-HOWTO.html) provide a good overview of the email system.
0
 

Author Comment

by:neptuna
Comment Utility
Adjusted points from 100 to 175
0
 

Author Comment

by:neptuna
Comment Utility
OK, I have done some researching and have started to configure. This is the hardest thing so far I have setup in Linux. Setting up WEB, DNS, Firewall/Masq was pretty easy. I really want to get a mail server setup. I am increasing the points and will continue to do so as I progress thru this. Here is my progress (or lack of) so far:
I first tried configuring sendmail with Linuxconf like  you said. When I hit the accept button I got the error: Can't compute the domain name of the server, won't except email correctly. Please enter a FQDN in the 'basic host' info.  Because I have a cable modem connection with @home I have to use 'cn973032-a' as my host name. I can tell you what options I put in there if you want. I don't see why it would complain about that. In my DNS I have the hosthame set to ns1.dewliw.com and also have a names mail. and www. resolving to the same IP. How can I get sendmail  to recognise  my actual domain?  I then stumbled on this :
http://www.redhat.com/support/docs/mail.html
which showed how to configure manually using the m4 macro proccesor to edit sendmail.cf.  I made a few changes to the default file. One thing I noticed, the file never included options to specify the domain name or server. After I configured that I restarted sendmail, I did not get an error but it took 10 minutes to restart. That can't be good. Also when I looked at linuxconf again, it still had theh same configs, and I quit without saving , it gave me the error again, like the manual config had no effect.
Now, how do I actually check toi see if it works? Right now I only use my ISP mail adr.
As for POP3, I installed it (ipop3d) and tested to see if it was running by 'telnet mail.dewliq.com 110' and got '+OK POP3 cn973032-a server ready'
so that is good I guess.  I did not see any options for pop3 in linuxconf.  How do I actually set up and test mail boxes?

>Once sendmail has been configured, you'll also >need an MX record for your domain that specifies >the system you are running sendmail on as the >target.
I think this is done.

Basically I have gotten nowhere.
Help
0
 
LVL 40

Expert Comment

by:jlevie
Comment Utility
Actually you've gotten quite a ways along. Sendmail does require an FQDN for the machine and that can easily be obtained (if DNS is properly set up) by executing "nslookup 111.222.333.444" (with 111.222.333.444 being the actual IP address of your machine). My guess is that it is going to return something along the lines of cn973032-a...home.com.

Now, you've registered your own domain name and presumably you want to use mail.my-personal-domain.com, or similar. But a necessary pre-requisite is that the IP address of your machine must be known to whoever is providing the DNS entries for your domain. You can check that the DNS is correctly set up by doing "nslookup mail.my-personal-domain.com". If that returns the correct IP address, all is well. If not, you need to contact whoever is providing the DNS service and have the data set up correctly.

In either of the above cases you need to use linuxconf to set the hostname of your system to be the correct FQDN. You do that by going to "Config->Networking->Client tasks->Basic host information". The opening "Host name" page of that has a field for "Host name", which should read "localhost.localdomain". The real FQDN for the machine is set on the "Adapter N" (most likely "Adapter 1" in your case) page in the "Primary name + domain" field. You'd also put the short name "mail" in my example into the "Aliases" field. After a reboot I believ yooou'll find that linuxconf will allow you to configure sendmail with out errors.

I can check the DNS from here if I know what IP address has been assigned to your system and what your domain name is.

0
 

Author Comment

by:neptuna
Comment Utility
Adjusted points from 175 to 250
0
 

Author Comment

by:neptuna
Comment Utility
Increasing points again.

I am running my own DNS for my domain.  My DNS server (on the same box) works very well.
'nslookup 24.40.52.233'  outputs:
server: ns1.dewliq.com
address: 24.40.52.233

name: proxy1.oaks1.pa.home.com
address: 24.40.32.33

'nslookup mail.dewliq.com'  returns
24.40.52.233

which is correct.  Feel free to nslookup using the ip and names above.

I also changed the hostname to ns1.dewliq.com with alias mail. I rebooted and sendmail started right away. I went in to LinuxConf and just said OK to the sendmail stuff and got no errors.
Now if I go to the file ' /etc/sysconfig/network'
It has the lines:
hostname=ns1.dewliq.com
domainname=newcas1.de.home.com

Should I also change the domain name as well? or does in not matter.
Now I think we are getting somewhere. Now How do I test it? and How do I setup the mail accounts and POP3.

Thanks for the help


0
 
LVL 40

Accepted Solution

by:
jlevie earned 350 total points
Comment Utility
Correct me if I've got any of this wrong. Your domain name is dewliq.com and the system that runs the DNS server is named ns1.dewlig.com at IP 24.40.52.233. Your IP hasn't been delegated to you by your ISP as I see:

levie> nslookup 24.40.52.233
Server:  merlin.dynetics.com
Address:  192.168.0.1

Name:    cn973032-a.newcas1.de.home.com
Address:  24.40.52.233

This will have significance for some Internet mail servers that you may wish to exchange email with. The more paranoid SMTP servers will compare the results of a name->IP lookup (mail.dewliq.com->24.40.52.233) and an IP->name lookup (24.40.52.233->cn97303...home.com). When the results don't match the server will abort the connection. The folks that are doing this (me for example) do so as a part of spam control. You should contact your ISP and ask to have the authority for the IP delegated to your DNS server so that the reverse lookups work properly. The form of the in-addr-arpa zone in your DNS needs specail attention in the case of a single IP (or any netblock less than a Class C network).

Since you've made the systems' FQDN ns1.dewliq.com, which is what it needs to be based on the records at the root servers. Those servers report:

levie> nslookup -q=ns dewliq.com
Server:  merlin.dynetics.com
Address:  192.168.0.1

Non-authoritative answer:
dewliq.com      nameserver = NS1.MAGPAGE.com
dewliq.com      nameserver = NS1.dewliq.com

Authoritative answers can be found from:
NS1.MAGPAGE.com internet address = 216.155.56.2
NS1.dewliq.com  internet address = 24.40.52.233

so the system name needs to be ns1.deqliq.com.

You should probably make the alias for that machine to be ns1 rather than mail. Your DNS should have a CNAME record for mail.dewliq.com (it looks like you have it as an A record right now, which isn't actually legal). In a like manner, any other servers (www.dewliq.com, ftp.dewliq.com, etc) that are runing on that same system should be CNAME record, not A records. The MX record for your domain then needs to be:

dewliq.com.  IN MX 10 ns1.dewliq.com.

as am MX is supposed to always point to an A record. Since the DNS would then contain the alias mail -> ns1 you don't need the alias in the /etc/hosts file.

If you set up sendmail as it should be, no one outside of your domain will typically ever know that the actual mail server is ns1.dewliq.com rather than mail.dewliq.com as you'll configure sendmail to masquerade the entire domain and all mail will appear to be from dewliq.com rather than from mail.dewliq.com. You really want to do this so that you preserve the freedom to move the email server to some other system without breaking people's return addresses.

Yes, /etc/resolv.conf needs to be changed. it should look like:

domainname dewlq.com
nameserver 127.0.0.1
nameserver 216.155.56.2

and your /etc/hosts file should look like:

127.0.0.1    localhost.localdomain localhost
24.40.52.233 ns1.dewliq.com ns1

By default each user account that you create on that system will get an email account (and sendmail will know about it because it's a local account). You can check to see that it works after creating a "some-user" by "mail -s test some-user@dewliq.com". The first message that sendmail handles for a user should cause the creation of the user's inbox (/var/spool/mail/some-user in this case).

Installing the IMAP support from the OS CD (imap-4.7-5.i386.rpm) should automatically enable both POP3 & IMAP email access. I recommend telling your users that they should use mail.dewliq.com as the POP/IMAP/SMTP server (it's a bit of "smoke & mirrors", but like having all the email appear to be from the domain it gives you more freedom in system & network configuration and the users don't have to keep changing things for mail to work). BTW, if your email clients support it, IMAP is much better than POP.
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 

Author Comment

by:neptuna
Comment Utility
OK
I don't think my isp(@home) will let me have control over the IP and change the host name and domain name of it.  Matter of fact I have heard that they don't want customers running any servers of any kind. I am really just doing this for education purposes, I will not be putting up any major web site or mail server. I am not too concerned if some mail does not get through, I won't even be using it much.

The magpage name server reflects the IP of a website I had 2 years ago and that IP is long gone and is just there because internic requires 2 name servers. You can ignore the magpage IP.  Before I setup my DNS server, my primary was run by a friend of mine called fennco.com. After I setup my DNS I made mine the primary and I will be making his the secondary. But he is overseas for another week. When he returns I will have him change the IP and I will submit the change to internic.

I was unaware that it was illegal to use multiple A names. In that case I will switch then to CNAMES.

>as you'll configure sendmail to masquerade the >entire domain and all mail will appear to be from >dewliq.com rather than from mail.dewliq.com.

How do I configure this??
 

Thanks for the help I am increasing the points.
 
0
 

Author Comment

by:neptuna
Comment Utility
Adjusted points from 250 to 300
0
 
LVL 40

Expert Comment

by:jlevie
Comment Utility
I think you are correct about @home and their attitude towards subscribers running servers. I felt that you should know of the potential problem, but if the email problem is acceptable then you don't need the IP delegated.

I agree with your comments about the secondary nameserver and having it simply listed at this point shouldn't cause much (if any) of a problem. It would be a problem if you left it like that and it wasn't actually acting as a secondary.

Saying that it's is illegal is perhaps a bit too strong of a statement (or DNS servers would reject multiple A records with the same IP). All of the DNS "sanity & syntax checkers that I know of do object strenuously to the practice. That and the fact that the RFC's say that you should do that are enough for me. Perhaps it's better to say that the practice is highly discouraged. There should be a unique corresponce between hostnames & IP's defined via A & PTR records. The need to have a system known by multiple names (aliases) is what CNAME records are for.

Setting up masquerading is easy. The "Basic Sendmail configuration" page in linuxconf has a field at the top labeled "Present your system as:", which is where you put your domain name (dewliq.com). Let it build a new sendmail.cf file and you should be set.
0
 

Author Comment

by:neptuna
Comment Utility
Adjusted points from 300 to 350
0
 

Author Comment

by:neptuna
Comment Utility
Thought we were done, but test failed.  I revised my DNS and restarted everthing. I tried to send messages using mail,pine, and netscapte to jkipp@dewliq.com (my account).  Mail got kicked back to my root. Here are the errors:
553 mail.dewliq.com. config error: mail loops back to me (mx problem?)
554 jkipp@dewliq.com...local config error

Also when I setup the mail settings in netscape, when I logged on, it asked for password for
jkipp@mail.dewliq.com ??

I found this but I was not sure if I should use this. I thought the first 3 options for linuxconf sendmail took care of the domain stuff:
http://www.redhat.com/support/docs/faqs/RH-sendmail-FAQ/x64.html

I thought I was there..getting frustrated.
Raising points..help

Thanks
0
 

Author Comment

by:neptuna
Comment Utility
It works now. I think the problem was LinuxConf. I usually try to avoid it. I mad a file copied the file sendmail.mc and added the masquerade and other files based on info I found at the sendmail site and other sites.  I then used M4 to write the file to sendmail.cf and restarted sendmail and now it all  works.
I have unistalled LinuxConf. It does more harm than good. I learn so much more by setting stuff up manually.

Thanks for the help
0
 
LVL 40

Expert Comment

by:jlevie
Comment Utility
The "mail loops back to me" is the classic problem of sendmail not knowing who it's to receive mail for. That problem is in the sendmail FAQ at http://www.sendmail.org and the solution is to add a Cw definition for the local domain.

If you like direct editing of files, (and I agree that it's in general that it's a better way) you'd love FreeBSD. There are no, nada, not a single one, GUI admi tools. Everything is controlled by direct file edits. And the way they've done it is pretty straight forward. Almost all system configuration is done by simple edits to /etc/rc.conf. The system, for the most part, doesn't use loadable modules, so that headache is avoided (but you do on occasion need to build custom kernels).

I've just converted my firewall box to FreeBSD this weekend. Subjectively, it feels a fair bit faster than Linux (I know it boots a whole lot faster).
0
 

Author Comment

by:neptuna
Comment Utility
Thanks.  I have heard good things about FreeBSD. I am building another box as soon as I get all the parts in. I may try FreeBSD or maybe one of the other Linux Distros.  

I simply added my domain name to the sendmail.cw file and made sure the conf file had the use cwfiile line.  Plugged in the masquerade line in to make it look like user@domain instead of user@mail.domain.

IT works very well. So far not problems sending mail.

Thanks again
0
 
LVL 40

Expert Comment

by:jlevie
Comment Utility
Cool...
0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

Suggested Solutions

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now