Activity Configure Webmail
Activity Configure Webmail
Description
Webmail is often used as an alternative for managing mail, and can be quicker and easier to access than using a traditional mail client.
Deliverables
Functioning web server running Apache, and SquirrelMail. These services could run on the same or a separate virtual machine from your mail server(s).
Diagram:
Tasks
Install Apache
Install and configure SquirrelMail
Send/receive mail using mail client
Send/receive email using browser
Hints
When testing SquirrelMail for the first time, check: /etc/httpd/conf.d/squirrelmail.conf
Questions
Where is your mailbox stored when using a web client to retrieve mail?
How did you enable http: access to webmail?
Activity Configure POP/IMAP Server
Description
The next piece of your mail server configuration is to add POP/IMAP access, then configure a standard mail client to retrieve mail.
Deliverables
Two functioning mail servers running Postfix, Dovecot POP/IMAP. SMTP Authentication is extra and optional.
Resources:
http://en.wikipedia.org/wiki/SMTP_Authenticationhttp://en.wikipedia.org/wiki/Simple_Authentication_and_Security_Layerhttp://www.postfix.org/SASL_README.htmlDiagram:
Tasks
Read documentation
Install and configure Dovecot
#yum install dovecot -y
Use IMAP first, and test the configuration until it works
Make sure mail is delivered to a maildir
Use POP second, and test the configuration until it works
Configure mail client (MUA to retrieve mail from your servers)
Hints
Make sure your mail server is working and confirm messages are being delivered to a maildir before proceeding with setting up a client, or authentication.
Practice the procedure to test each configuration multiple times.
If the mail client doesnt work after adding authentication options, start by adding the minimum amount for it to work, then building from there. Test each option before proceeding with the next one.
Questions
While monitoring your connection with Wireshark, send some mail.
List the process steps in your own words.
Were you able to reconstruct the message?
How did you confirm messages were being delivered to a maildir instead of an mbox?
Check your users maildir before reading mail, and then after it has been read. What happens?
What is SASL?
Is your method of authentication secure? How do you know?
What are the fundamental differences between POP and IMAP?
What is yum?
Activity Install and Configure Postfix
Description
After completing your first CentOS install, you should now be ready to install another CentOS machine, and configure Postfix on both your guest machines.
Deliverables
Two functioning mail servers running Postfix. Each server must be capable of sending mail to a maildir directory for at least one local user (not root) on the system.
Tasks:
Learn how to stop/start/reload postfix
Create at least one user for testing mail
Enable Postfix on runlevels 2,3, and 5 (chkconfig)
Edit the following parameters in main configuration file for postfix
myhostname
mydomain
myorigin
mydestination
inet_interfaces
mynetworks
home_mailbox
Change second CentOS install hostname to a different domain name (e.g. mail.domainB.tsp)
Test your postfix installation
Use the mail command to send a simple message to a local user
Use telnet to send a simple message to a remote user (i.e. gmail account)
Send an email to your second mail server (from mail.mydomain.tsp to mail.mydomain2.tsp)
Diagram:
Hints
The resources provided are an overview, not a step by step set of instructions. Youll need to piece together what you need to do to get things working. Some trial and error is expected.Ignore the Dovecot configuration for now, as we will do that later.Do not copy/use the naming convention from the example diagrams. Create your own. This should be in your documentation.You need to find the directory where local mail is stored (maildir).You need to find out where postfix stores its configuration files.You need to figure out how to view/edit filesThe Telnet client is not installed by default in CentOS Since this is a virtual machine you have the ability to snapshot it before making changes.
Questions
What is an open relay? When might you use one?
What is a runlevel?
How do you add users to the system?
Were you able to use your hostname to telnet to your local machine? Why or why not?
What is the difference between mbox and maildir?
Activity Create the Environment
Description
To complete our environment, well need a router to act as your gateway, DHCP, and DNS server. Your device will also resolve names for your local testing domain.
Deliverables
A functioning pfsense router that also performs DHCP, and DNS. One CentOS machine that can communicate across the network. You should be able to ping an address on the internet (google.ca).
Resources:
https://www.pfsense.org/download/
https://www.centos.org/download/https://blog.paranoidpenguin.net/2017/07/pfsense-how-to-add-a-mx-record-to-a-local-zone/https://docs.netgate.com/pfsense/en/latest/Diagram:
Tasks
Make sure youre taking notes and creating documentation. You will need to hand them in.
Disable DHCP in Virtual Box. DHCP should be provided by the default gatewayDisable the firewall on CentOS You can enable it after your configuration is doneDisable SELINUX on CentOS You can enable it after your configuration is doneEdit this file: /etc/selinux/configREBOOT AFTER EDITING THIS FILE
Download and install Virtual Box on your Windows host.
Install pfsense as a virtual machineTake all updates before proceeding with further configurationConfigure your router (pfSense) to Register DHCP leases in the DNS Resolver. This setting is found in Services > DNS Resolver
Configure MX records for your router. This setting is found in Services > DNS Resolver > General Settings > Display Custom Options
The line below is an example (use your own naming convention)
local-data: "example.com. IN MX 10 mail.example.com."
Install CentOS as a virtual machine
Choose the option - Server with a GUI:
Take all updates before proceeding with further configuration. In Terminal:
# yum update -y
# reboot
Make sure your network has internet access through the pfsense routerPing google.ca (from the router and the CentOS VM)
Hints
Disable SELINUX on CentOS You can enable it after your configuration is doneDisable the firewall on CentOS You can enable it after your configuration is doneMake sure DHCP has been disabled in Virtual Box. DHCP should be provided by the default gatewaySince this is a virtual machine you have the ability to snapshot it before making changes.Make sure you reboot the router after major configuration changes.Use CentOS as your Linux install. You want the x86_64 versionConfirm the router has been setup correctly before configuring the CentOS VM.Use Wireshark to troubleshoot any network connectivity issues.QuestionsWhich DNS server resolves the names for your private network?
What is the address of the router that passes traffic directly to the school network?
What is the MAC address of the machine the CentOS box is communicating with?
When you edited the SELINUX config file, what did you change?
How did you disable the firewall on CentOS?
Did you document what went right and what went wrong?
Could you rebuild this setup from your notes?
