Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Kefa Rabah
Global Open Versity, Vancouver Canada
krabah@globalopenversity.org
www.globalopenversity.org
1.0 Introduction 1
Summary 6
1
© April 2007, Kefa Rabah, Global Open Versity, Vancouver Canada
1.0 Introduction
Over the last decade, the popularity of domain hosting has increased exponentially for many companies of
all sizes. All these domains need to be hosted somewhere, but corporate-level hosting of Web sites and
mail domains can be exorbitantly expensive for start-up and small to medium size businesses.
With the growth of the Internet, e-mail has also quickly become the main vehicle to spread information
through corporate users and the public at large. As the demand for fast, cheap and reliable e-mail grows,
more individuals and business large and small are turning to open source Linux to provide a fast, cheap
and reliable solution. And Sendmail is at the forefront of this cool messaging technology and it can be
easily scaled-up. One of the best solutions is using virtual hosting, which allows multiple domains to be
housed on a single server or server cluster. This is a valuable strategy for both a large company with the
hardware and bandwidth to host hundreds of domains and a small business with a mere two domains to
control its hosting solution with ease. In this Hands-on Lab session, we’ll take a look at how to configure
Sendmail to work on a single machine, but can also be scaled up to handle more than one domain. There
will be need to lock it down from security point of view. Also we’ll give our users’ ability to access their
email using RoundCube Webmail client via Dovecot POP/IMAP server.
Sendmail is a general purpose internetwork email routing facility that supports many kinds of mail-transfer
and -delivery methods, including the Simple Mail Transfer Protocol (SMTP) used for email transport over
the Internet. It’s currently the most popular mail transfer agent (MTA) on the Internet. Its popularity is due
in part to its position as the standard MTA under most variants of the Linux/Unix-like operating systems.
Sendmail was originally developed by Eric Allman, in 1979, as "delevermail", which first shipped with
BSD 4.0. This program was not very flexible and required configuration at compile time. With the growth of
TCP protocol and other factors, it became obvious that delevermail was not flexible enough to handle
these new demands. Eric Allman had to recreate Sendmail from scratch, and what he produced has
become the standard for MTAs. Rather than reject messages that did not conform to protocols, sendmail
is designed to be tolerant of these messages. For those individuals who have never configured an e-mail
server, this hands-on manual will demonstrate how to configure sendmail 8.13.8 after a fresh install of
CentOS5.
Dovecot is an open source IMAP and POP3 server for Linux/UNIX-like systems, written primarily with
security in mind. Apple Inc. includes Dovecot for email services in Mac OS X 10.6 Snow Leopard Server.
Developed by Timo Sirainen, Dovecot was first released in July 2002. Dovecot primarily aims to be a
lightweight, fast and easy to set up open source messaging server. It can work with standard mbox,
Maildir, and its own experimental native high-performance dbox formats. It is fully compatible with UW
1
© April 2007, Kefa Rabah, Global Open Versity, Vancouver Canada
IMAP and Courier IMAP servers’ implementation of them, as well as mail clients accessing the mailboxes
directly.
Dovecot also includes a Mail delivery agent (called Local delivery agent in Dovecot’s documentation), with
optional Sieve filtering support. It also supports a variety of authentication schemas for IMAP and POP
access including CRAM-MD5 and the more secure DIGEST-MD5. It’s a Mail Delivery Agent is simple and
easy to install. In this HowTo guide and lab session, we’ll explain how to set it up as an IMAP or POP3
server. For alternate IMAP/POP3 servers see Courier or Cyrus.
We also need to lockdown our Sendmail server to secure our Sendmail server against cyber-criminals and
malwares. For this we’ll use Clamd. Clamd which comes integrated with ClamAV and Clamav-db fits the
bill for our task. It’s a multi-threaded daemon that uses libclamav to scan files for viruses. The daemon
listens for incoming connections on Unix and/or TCP socket and scans files or directories on demand for
viruses. The daemon is fully configurable via the clamd.conf file. It reads the configuration from
/etc/clamd.conf.
Clam AntiVirus (ClamAV) is an open source (GPL) anti-virus toolkit for UNIX, designed especially for e-
mail scanning on mail gateways. It provides a number of utilities including a flexible and scalable multi-
threaded daemon, a command line scanner and advanced tool for automatic database updates. The core
of the package is an anti-virus engine available in a form of shared library.
MailScanner is an open source free anti-virus and anti-spam filter protecting over 5 billion e-mails every
week, for many millions of users. MailScanner is an email virus scanner, vulnerability protector, and spam
tagger. It supports the Postfix, Sendmail, Exim, Qmail, and ZMailer MTAs, and the Sophos, McAfee, F-
Prot, F-Secure, CommandAV, InoculateIT, Inoculan, eTrust, Kaspersky, Nod32, AntiVir, BitDefender,
RAV, Panda, DrWeb, ClamAV, and other anti-virus scanners.
RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It
provides full functionality you expect from an e-mail client, including MIME support, address book, folder
manipulation, message searching and spell checking. RoundCube Webmail is written in PHP and requires
a MySQL or Postgres database. The user interface is fully skinnable using XHTML and CSS 2.
Solution
In this Hands-on Lab session, you’ll learn how to setup virtual network on VMware (you may also use any
other virtual machines like MS VirtualPC, Linux Xen, or VirtualBox from Sun). In this lab session, we’ll
concentrate on installing Sendmail server with Dovecot server and Roundcube webmail client on a clean
install Linux CentOS5 Server. You will learn how to install and configure Webmin to help with configuring
DNS server. I’ll also show you how to set static IP address which is required for successful deploying a
DNS and messaging servers. Finally, we’ll go through a step-by-step process to install Sendmail
messaging server, Dovecot POP/IMAP server and Roundcube Webmail client. You’ll also have an
opportunity to do some hands-on lab assignments at the end of the lab session. Upon completion of the
hands-on labs you’ll have gained a competency level and a capability to be able to plan design implement
and deploy an enterprise grade messaging solution using Sendmail.
2
© April 2007, Kefa Rabah, Global Open Versity, Vancouver Canada
Assumptions
It’s assumed that you have a good understanding of Linux operating system and its working environment.
It’s also assumed that you know how to install and configure Linux CentOS5, if not go ahead and pop over
to scribd.com and check out a good HowTo entitled “Install Configure and Upgrade Linux CentOS5 Server
v1.1” to get you started.
Other related articles that you may need for this Hands-on Lab session:
5. The system will now install and will required CDs 1-6.
6. Once the system reboots disable firewall and SElinux.
7. Make sure your /etc/hosts file has the line:
IP address and FQDN hostname (i.e. 192.168.83.21 linuxc.monstserv.com linuxc).
8. Reboot the system (for changes to take effect).
9. Then run yum update to my sure your system is fully up to date.
10. Reboot the system.
11. OS server installation complete and ready for DNS, Sendmail and Dovecot servers’ installation.
3
© April 2007, Kefa Rabah, Global Open Versity, Vancouver Canada
2. Webmin is the most powerful administration tool in its nature. We will use it to set up our DNS, but I
will not go over it in detail because we already know how to use other administrative tools. It is not
difficult to use because it is web based, in any event, you should know that you can use it remotely to
administrate the system. Checkout a great HowTo by the same author on Docstoc.com for the
detailed lab manual “Using Webmin and Bind9 to Setup DNS Server on Linux. In this Hands-on
manual you will learn how to use Webmin to setup DNS Server and mail, www and ftp aliases on the
Linux CentOS5 server.
3. While here also note our hostname: linuxc.monstserv.com
4. Other servers are:
mail.monstserv.com
www.monstserv.com
ftp.monstserv.com
5. Check out /etc/hosts to ensure that you have a correct setup, in our case, it’s as follows:
6. To ensure that your DNS server is installed and configured correctly, perform the following test via
dig and nslookup command:
;; QUESTION SECTION:
;linuxc.monstserv.com. IN A
;; ANSWER SECTION:
linuxc.monstserv.com. 38400 IN A 192.168.83.21
;; AUTHORITY SECTION:
monstserv.com. 38400 IN NS linuxc.monstserv.com.
4
© April 2007, Kefa Rabah, Global Open Versity, Vancouver Canada
Name: linuxc.monstserv.com
Address: 192.168.83.21
7. We’re good and ready to move on Part 3, Install and configure Sendmail server
Assumptions
It’s assumed that you have a good understanding of Linux operating system and its working environment.
It’s also assumed that you know how to install and configure Sendmail on Linux CentOS5, if not go ahead
and pop over to lulu.com and check out a good Hands-on manual by the same author entitled “Deploy
Secure Messaging Solution using Sendmail & Dovecot Servers with ClamAV on Linux” to get you started.
# chkconfig sendmail on
# chkconfig dovecot on
# chkconfig saslauthd on
2. As of now the sendmail server is ready. The server can be accessed by outlook or any mail client.
1. Round cube requires MySQL support and PHP greater than 5.2.0.
2. Therefore if your current version of PHP is 5.1.6, then you need to update PHP version.
5
© April 2007, Kefa Rabah, Global Open Versity, Vancouver Canada
# cd /etc/yum.repos.d
# wget dev.centos.org/centos/5/CentOS-Testing.repo
# wget
nchc.dl.sourceforge.net/project/roundcubemail/roundcubemail/0.3.1/roundcube
mail-0.3.1.tar.gz
6
© April 2007, Kefa Rabah, Global Open Versity, Vancouver Canada
# mv roundcube /usr/share/
<IfModule mod_alias.c>
Alias /rcm /usr/share/roundcube
</IfModule>
<Directory /usr/share/roundcube>
Options None
Order allow,deny
allow from all
</Directory>
Include /etc/httpd/conf/roundcube.conf
6. To access the full hands-on training register for the Sendmail Server Admin Training (EBT102).
• Module 07 - Install Guide Secure Sendmail with Dovecot & Roundcube Webmail v1.0
-----------------------------------------------
Kefa Rabah is the Founder and CIO, of Serengeti Systems Group Inc. Kefa is knowledgeable in
several fields of Science & Technology, IT Security Compliance and Project Management, and
Renewable Energy Systems. He is also the founder of Global Open Versity, a place to enhance
your educating and career goals using the latest innovations and technologies.
7
© April 2007, Kefa Rabah, Global Open Versity, Vancouver Canada