bind – 今日という日は贈り物

メールサーバPostfixの設定～

メールを受信したくなったので、メールサーバを立ち上げちゃうことにしました。
設定は以下の通り

・設定のバックアップ

# cd /etc/postfix/
# cp -p main.cf main.cf.org

1 2	# cd /etc/postfix/ # cp -p main.cf main.cf.org

・設定の変更

# vi main.cf
mydomain=snowdrop.asia
myorigin=snowdrop.asia
inet_interface=all
mydestination=$myhostname, localhost, $mydomain, localhost, $mydomain, yosshi.$mydomain
mynetwork_style=subnet
mynetwork=127.0.0.0/8 157.7.155.197
relay_domain=$mydomain

# vi main.cf

mydomain=snowdrop.asia

myorigin=snowdrop.asia

inet_interface=all

mydestination=$myhostname, localhost, $mydomain, localhost, $mydomain, yosshi.$mydomain

mynetwork_style=subnet

mynetwork=127.0.0.0/8 157.7.155.197

relay_domain=$mydomain

その他はそのままでございます。

・起動～

# /etc/init.d/postfix start

1	# /etc/init.d/postfix start

・DNSの設定

# vi /etc/named/named.snowdrop.asia
2 ; serial
IN MX 10 mx.snowdrop.asia.
mx IN A 157.7.155.197

# /etc/init.d/named reload

# vi /etc/named/named.snowdrop.asia

2 ; serial

IN MX 10 mx.snowdrop.asia.

mx IN A 157.7.155.197

# /etc/init.d/named reload

これで、外からもメールが届くかな♪

・mackerel監視を導入

# curl -fsSL https://mackerel.io/assets/files/scripts/setup-yum.sh | sh
# sudo yum install -y mackerel-agent

1 2	# curl -fsSL https://mackerel.io/assets/files/scripts/setup-yum.sh \| sh # sudo yum install -y mackerel-agent

・Postfixからgoogleにメールが届かない件

# vi /etc/postfix/main.cf
---
inet_protocols = ipv4
---
# /etc/init.d/postfix reload
# vi /var/named/named.snowdrop.asia
---
       IN TXT "v=spf1 +ipv4:157.7.155.197/32 ~all"
---
# /etc/init.d/named reload

# vi /etc/postfix/main.cf

---

inet_protocols = ipv4

---

# /etc/init.d/postfix reload

# vi /var/named/named.snowdrop.asia

---

IN TXT "v=spf1 +ipv4:157.7.155.197/32 ~all"

---

# /etc/init.d/named reload

imapサーバを導入する

sudo apt-get install dovecot-imapd

Configuring dovecot-core
---
An SSL cerficicate is needed in order to use IMAP or POP3 over SSL/TSL.
No such certificate was found.
Please choose whether you want to create one now.
This will then be a self-signed certificate.
If you choose not to create a certificate, please adapt Dovecot's configuration file (/etc/dovecot/conf.d/10-ssl.conf).
Create a self-signed SSL certificate?

<no>
----

vi /etc/dovecot/conf.d/10-logging.conf
---
log_path = syslog
---

cp certFile /etc/dovecot/dovecot.pem
cp keyFile  /etc/dovecot/private/dovecot.pem
※ nginxをssl化した時のものを取ってくる

vi /etc/dovecot/conf.d/10-ssl.conf
---
ssl = yes
---

service dovecot start
service dovecot status
ps -ef | grep dovecot
netstat -an | grep 143
netstat -an | grep 993

sudo ufw allow 993/tcp

usermod -a -G mail ACCOUNT
</no>

sudo apt-get install dovecot-imapd

Configuring dovecot-core

---

An SSL cerficicate is needed in order to use IMAP or POP3 over SSL/TSL.

No such certificate was found.

Please choose whether you want to create one now.

This will then be a self-signed certificate.

If you choose not to create a certificate, please adapt Dovecot's configuration file (/etc/dovecot/conf.d/10-ssl.conf).

Create a self-signed SSL certificate?

<no>

----

vi /etc/dovecot/conf.d/10-logging.conf

---

log_path = syslog

---

cp certFile /etc/dovecot/dovecot.pem

cp keyFile /etc/dovecot/private/dovecot.pem

※ nginxをssl化した時のものを取ってくる

vi /etc/dovecot/conf.d/10-ssl.conf

---

ssl = yes

---

service dovecot start

service dovecot status

ps -ef | grep dovecot

netstat -an | grep 143

netstat -an | grep 993

sudo ufw allow 993/tcp

usermod -a -G mail ACCOUNT

</no>

タグ: bind

DNSサーバbindの脆弱性

このサイトの構築メモ♪

メールサーバPostfixの設定～

・DNSの設定

・mackerel監視を導入

・Postfixからgoogleにメールが届かない件

imapサーバを導入する