From owner-freebsd-questions@FreeBSD.ORG Wed Dec 3 18:53:38 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BF9E916A4CE for ; Wed, 3 Dec 2003 18:53:38 -0800 (PST) Received: from mail2.northnetworks.ca (dev.eagle.ca [209.167.58.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id B74F043FE0 for ; Wed, 3 Dec 2003 18:53:35 -0800 (PST) (envelope-from iaccounts@northnetworks.ca) Received: from [127.0.0.1] (dev.eagle.ca [209.167.58.10]) hB42pbCn049425; Wed, 3 Dec 2003 21:51:38 -0500 (EST) (envelope-from iaccounts@northnetworks.ca) From: Steve Bertrand To: Marty Landman In-Reply-To: <6.0.0.22.0.20031203172925.03fd4c90@pop.face2interface.com> References: <001101c3b9bc$495fa120$6501a8c0@dendesk> <1070488810.1014.43.camel@ptp.northnetworks.ca> <6.0.0.22.0.20031203172925.03fd4c90@pop.face2interface.com> Content-Type: text/plain Organization: Northumberland Network Services Message-Id: <1070506384.416.83.camel@ptp.northnetworks.ca> Mime-Version: 1.0 X-Mailer: Ximian Evolution 1.4.5 Date: Wed, 03 Dec 2003 21:53:05 -0500 Content-Transfer-Encoding: 7bit cc: "Dennis M. Yocum" cc: FreeBSD-Questions@freebsd.org Subject: Re: running freebsd with sendmail and qpopper X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: iaccounts@northnetworks.ca List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Dec 2003 02:53:39 -0000 > Like me. So there's at least two of us on the list who need this info. > Speaking personally with some prior help I can now email within the box, > i.e. id1 can email id2 who can then reply back to id1. However going the > next step, receiving email from a remote server and sending email out to > the internet is something I have no clue how to do. Don't even know how to > start, and the stab I made at following tutorials found by googling got me > nowhere at breakneck speed. Not that I'm complaining but you did ask. :) > First off, email relies very heavily on the DNS infrastructure of the Internet. DNS or Domain Name Service is what resolves a name, such as www.freebsd.org to it's IP address. Although it is technically possible to bypass the name for a mail server to get your messages to their destination, it is not proper, and many mail systems will not allow it (especially ones that use virtual domains). ie. In some cases, you could send a mail message to steve@192.168.0.1, and if the server is listening for incoming mail (sendmail) then it may pick it up and deliver it to a local user. Now, further into DNS, a computer must know how to find a mail server within a domain. When I send a message to fbsd-questions@freebsd.org, this is what happens: - I send a message to questions@freebsd.org from my laptop to my smtp server (most would use one their ISP supplied, such as mail.isp.com) - the smtp server does a reverse name lookup in DNS to find out if the IP that sent the mail is allowed to relay mail to the remote destination through it. Reverse lookup is the opposite of resolving names, it is the process of resolving an IP to a name. You can try this with the #dig command: # dig -x your.ip.here Likewise, you can use dig to resolve a name as well: # dig www.freebsd.org - next after the server verifies that you are allowed to relay, it looks in DNS for a Mail Exchange record (MX) of the domain you are trying to send the message to: # dig mx freebsd.org - once your smtp server finds the IP for the mail exchanger for the domain, it sends the message to it - the remote server acknowledges the incoming message, says thanks to the sending server and shuts down the connection - the recipient mail server looks in certain tables and/or files to locate which user the mail actually goes to and delivers it. For a quick and dirty setup on a FreeBSD box, here are the steps: (I hope I don't miss any). They assume the following: - your domain name is example.com, and will only be used for sending/receiving mail on an internal network - your mail server is somehow connected to the Internet, and will be used as an smtp server for the client computers on your network (as you probably use your ISP s servers now - your internal network IP scheme is 192.168.0.0/24 (or 255.255.255.0) - the IP of your mail server is 192.168.0.10 - your default gateway for your network is 192.168.0.1 - your ip of your client computer is 192.168.0.25 - your mail server name is mail.example.com - your client computer name is client.example.com - your mail server will back as a qpopper and DNS server for the network - you are not overly concerned about high security, as this is just an example to get you up and going - you are running as the superuser 1> Set up DNS on the server # cd /etc/namedb # chmod 744 make-localhost # ./make-localhost # ee named.conf Add the following to the bottom of the file: zone "example.com" { type master; file "example.com.zone"; allow-update { none; }; }; Then, up near the top of the file, make the following changes to this section: # Remove the // from this line: // forward only; # and remove the /* and the */ from this section, and change the 127.0.0.1 to the IP address of your ISP DNS server: /* forwarders { 127.0.0.1; }; */ Now create a zone file for this zone: # ee /etc/namedb/example.com.zone Add the following information to this empty file: --- start clip here --- $TTL 360 ; Default cached time to live for all records example.com. IN SOA ns.example.com. admin@example.com. ( 2003120401; Serial 172800 ; Refresh every 2 days 3600 ; Retry every hour 1728000 ; Expire every 20 days 172800 ); Minimum 2 days @ IN NS ns.example.com. ; Set the Mail Exchange record @ IN MX 10 mail.example.com. ns IN A 192.168.0.10 mail IN A 192.168.0.10 client IN A 192.168.0.25 router IN A 192.168.0.1 --- end clip --- Now, tell your name server to look to itself for resolution of names: # echo "search example.com" > /etc/resolv.conf # echo "nameserver 127.0.0.1" >> /etc/resolv.conf Now go configure your windows or whatever client computers to use 192.168.0.10 as it's DNS server. 2> Start the nameserver and load it at startup: # /usr/sbin/named Now, add the following 2 lines to your /etc/rc.conf file: named_enable="YES" named_program="/usr/sbin/named" 3> Configure sendmail # cd /etc/mail # echo "example.com" > relay-domains # echo "example.com" > local-host-names # echo "192.168.0 RELAY" > access 4> Reload sendmail # kill -HUP `cat /var/run/sendmail.pid` or just reboot 5> Add some users on the mail server # man adduser 6> Install qpopper # cd /usr/ports/mail/qpopperpop3 stream tcp nowait root /usr/local/libexec/qpopper qpopper -R -s -c -T 300 # make install clean # ee /etc/inetd.conf Add the following line under the existing pop3 line in this file. Keep the existing one commented. (Note that if the mail line break breaks the line, it should be on a single line when entered in the file) pop3 stream tcp nowait root /usr/local/libexec/qpopper qpopper -R -s -c -T 300 7> Reload inetd # kill -HUP `cat /var/run/inetd.pid` or just reboot 8> Try sending the user an email (whilst logged into the server console or ssh) # mail -s "This is a test" user@example.com # This is the body of the message. The last line in a command # line mail will always be the '.' character to denote the end # of a message # . 9> Check to see if sendmail delivered it to the users mailbox. # ll /var/mail | grep user If his file has more than 0 bytes in it, then he's got mail. 10> Configure your client machine to check email You can set up a new account in outlook or evolution, mozilla or what have you, just configure it with the account name the same as the user name, and the pop3 and smtp servers both as mail.example.com. This will resolve because as described in section 1, you have already configured this machine to look to your DNS server, who has authority to resolve the example.com domain. 11> Check && send email If you receive email for this user into the account, then thank god -- I didn't overlook anything, and you didn't miss any small things in this howto. Now, using your main (real, outside) email account, send a message back to this list to tell us that things are working.(Don't forget to change the smtp server to the new box first) YOU WILL NOT be able to send email to the outside world from the new test account, as when it gets to us, we will respond to someone who honestly owns the domain, which won't be you. Please advise on any errors or omissions. All of this was done from memory (well, almost all). Cheers, Steve > Marty Landman Face 2 Interface Inc 845-679-9387 > Sign On Required: Web membership software for your site > Make a Website: http://face2interface.com/Home/Demo.shtml > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" -- Steve Bertrand President/CTO, Northumberland Network Services t: 905.352.2688 w: www.northnetworks.ca