Date: Wed, 03 Dec 2003 23:29:59 -0500 From: Steve Bertrand <iaccounts@northnetworks.ca> To: Marty Landman <MLandman@face2interface.com> Cc: FreeBSD-Questions@freebsd.org Subject: Re: running freebsd with sendmail and qpopper Message-ID: <1070512198.416.102.camel@ptp.northnetworks.ca> In-Reply-To: <1070506384.416.83.camel@ptp.northnetworks.ca> References: <001101c3b9bc$495fa120$6501a8c0@dendesk> <1070488810.1014.43.camel@ptp.northnetworks.ca> <6.0.0.22.0.20031203172925.03fd4c90@pop.face2interface.com> <1070506384.416.83.camel@ptp.northnetworks.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
I noticed some errors here:
In section 4, the RELAY should say OK.
In section 6, the first line should read:
/usr/ports/mail/qpopper
delete the trailing garbage.
EOF
> > Like me. So there's at least two of us on the list who need this info.
> > Speaking personally with some prior help I can now email within the box,
> > i.e. id1 can email id2 who can then reply back to id1. However going the
> > next step, receiving email from a remote server and sending email out to
> > the internet is something I have no clue how to do. Don't even know how to
> > start, and the stab I made at following tutorials found by googling got me
> > nowhere at breakneck speed. Not that I'm complaining but you did ask. :)
> >
>
> First off, email relies very heavily on the DNS infrastructure of the
> Internet. DNS or Domain Name Service is what resolves a name, such as
> www.freebsd.org to it's IP address. Although it is technically possible
> to bypass the name for a mail server to get your messages to their
> destination, it is not proper, and many mail systems will not allow it
> (especially ones that use virtual domains).
>
> ie. In some cases, you could send a mail message to steve@192.168.0.1,
> and if the server is listening for incoming mail (sendmail) then it may
> pick it up and deliver it to a local user.
>
> Now, further into DNS, a computer must know how to find a mail server
> within a domain. When I send a message to fbsd-questions@freebsd.org,
> this is what happens:
>
> - I send a message to questions@freebsd.org from my laptop to my smtp
> server (most would use one their ISP supplied, such as mail.isp.com)
> - the smtp server does a reverse name lookup in DNS to find out if the
> IP that sent the mail is allowed to relay mail to the remote destination
> through it. Reverse lookup is the opposite of resolving names, it is the
> process of resolving an IP to a name. You can try this with the #dig
> command:
> # dig -x your.ip.here
> Likewise, you can use dig to resolve a name as well:
> # dig www.freebsd.org
> - next after the server verifies that you are allowed to relay, it looks
> in DNS for a Mail Exchange record (MX) of the domain you are trying to
> send the message to:
> # dig mx freebsd.org
> - once your smtp server finds the IP for the mail exchanger for the
> domain, it sends the message to it
> - the remote server acknowledges the incoming message, says thanks to
> the sending server and shuts down the connection
> - the recipient mail server looks in certain tables and/or files to
> locate which user the mail actually goes to and delivers it.
>
> For a quick and dirty setup on a FreeBSD box, here are the steps: (I
> hope I don't miss any). They assume the following:
>
> - your domain name is example.com, and will only be used for
> sending/receiving mail on an internal network
> - your mail server is somehow connected to the Internet, and will be
> used as an smtp server for the client computers on your network (as you
> probably use your ISP s servers now
> - your internal network IP scheme is 192.168.0.0/24 (or 255.255.255.0)
> - the IP of your mail server is 192.168.0.10
> - your default gateway for your network is 192.168.0.1
> - your ip of your client computer is 192.168.0.25
> - your mail server name is mail.example.com
> - your client computer name is client.example.com
> - your mail server will back as a qpopper and DNS server for the network
> - you are not overly concerned about high security, as this is just an
> example to get you up and going
> - you are running as the superuser
>
> 1> Set up DNS on the server
> # cd /etc/namedb
> # chmod 744 make-localhost
> # ./make-localhost
> # ee named.conf
> Add the following to the bottom of the file:
>
> zone "example.com" {
> type master;
> file "example.com.zone";
> allow-update { none; };
> };
>
> Then, up near the top of the file, make the following changes to this
> section:
>
> # Remove the // from this line:
> // forward only;
>
> # and remove the /* and the */ from this section, and change the
> 127.0.0.1 to the IP address of your ISP DNS server:
> /*
> forwarders {
> 127.0.0.1;
> };
> */
>
> Now create a zone file for this zone:
>
> # ee /etc/namedb/example.com.zone
>
> Add the following information to this empty file:
>
> --- start clip here ---
>
> $TTL 360 ; Default cached time to live for all records
>
> example.com. IN SOA ns.example.com. admin@example.com.
> (
> 2003120401; Serial
> 172800 ; Refresh every 2 days
> 3600 ; Retry every hour
> 1728000 ; Expire every 20 days
> 172800 ); Minimum 2 days
>
> @ IN NS ns.example.com.
>
> ; Set the Mail Exchange record
>
> @ IN MX 10 mail.example.com.
>
> ns IN A 192.168.0.10
> mail IN A 192.168.0.10
> client IN A 192.168.0.25
> router IN A 192.168.0.1
>
> --- end clip ---
>
> Now, tell your name server to look to itself for resolution of names:
>
> # echo "search example.com" > /etc/resolv.conf
> # echo "nameserver 127.0.0.1" >> /etc/resolv.conf
>
> Now go configure your windows or whatever client computers to use
> 192.168.0.10 as it's DNS server.
>
> 2> Start the nameserver and load it at startup:
> # /usr/sbin/named
>
> Now, add the following 2 lines to your /etc/rc.conf file:
>
> named_enable="YES"
> named_program="/usr/sbin/named"
>
> 3> Configure sendmail
> # cd /etc/mail
> # echo "example.com" > relay-domains
> # echo "example.com" > local-host-names
> # echo "192.168.0 RELAY" > access
>
> 4> Reload sendmail
> # kill -HUP `cat /var/run/sendmail.pid`
> or just reboot
>
> 5> Add some users on the mail server
> # man adduser
>
> 6> Install qpopper
> # cd /usr/ports/mail/qpopperpop3 stream tcp nowait root
> /usr/local/libexec/qpopper qpopper -R -s -c -T 300
> # make install clean
>
> # ee /etc/inetd.conf
> Add the following line under the existing pop3 line in this file. Keep
> the existing one commented. (Note that if the mail line break breaks the
> line, it should be on a single line when entered in the file)
>
> pop3 stream tcp nowait root /usr/local/libexec/qpopper qpopper -R -s -c
> -T 300
>
> 7> Reload inetd
> # kill -HUP `cat /var/run/inetd.pid`
> or just reboot
>
> 8> Try sending the user an email (whilst logged into the server console
> or ssh)
>
> # mail -s "This is a test" user@example.com
> # This is the body of the message. The last line in a command
> # line mail will always be the '.' character to denote the end
> # of a message
> # .
>
> 9> Check to see if sendmail delivered it to the users mailbox.
> # ll /var/mail | grep user
>
> If his file has more than 0 bytes in it, then he's got mail.
>
> 10> Configure your client machine to check email
> You can set up a new account in outlook or evolution, mozilla or what
> have you, just configure it with the account name the same as the user
> name, and the pop3 and smtp servers both as mail.example.com. This will
> resolve because as described in section 1, you have already configured
> this machine to look to your DNS server, who has authority to resolve
> the example.com domain.
>
> 11> Check && send email
> If you receive email for this user into the account, then thank god -- I
> didn't overlook anything, and you didn't miss any small things in this
> howto.
>
> Now, using your main (real, outside) email account, send a message back
> to this list to tell us that things are working.(Don't forget to change
> the smtp server to the new box first)
>
> YOU WILL NOT be able to send email to the outside world from the new
> test account, as when it gets to us, we will respond to someone who
> honestly owns the domain, which won't be you.
>
> Please advise on any errors or omissions. All of this was done from
> memory (well, almost all).
>
> Cheers,
>
> Steve
>
>
> > Marty Landman Face 2 Interface Inc 845-679-9387
> > Sign On Required: Web membership software for your site
> > Make a Website: http://face2interface.com/Home/Demo.shtml
> >
> > _______________________________________________
> > freebsd-questions@freebsd.org mailing list
> > http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"
--
Steve Bertrand
President/CTO,
Northumberland Network Services
t: 905.352.2688
w: www.northnetworks.ca
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1070512198.416.102.camel>