Setting up a mail server with Slackware: where to begin?

kikinovak · 09-16-2011, 03:22 AM

Hi,

I'm currently trying to setup a mail server with Slackware. Until now, I've only relied on webhosters doing that job for me, but now, I want to be able to do it on my own server. I've got loads of (printed) documentation in various books, but curiously enough, most of the tutorials are either for Postfix or Exim MTA. So I got myself a copy of O'Reilly's Sendmail book. 1250 pages (gasp!). It's well written, and I've already started reading, but I wonder: isn't there a more simple way, something in the middle between quick-and-dirty and exhaustive? I'm not a lamer for RTFM, only this time, I don't quite know where to begin. Any recommendations?

fgcl2k · 09-16-2011, 04:54 AM

Quote:

Originally Posted by kikinovak

Hi,

I'm currently trying to setup a mail server with Slackware. Until now, I've only relied on webhosters doing that job for me, but now, I want to be able to do it on my own server. I've got loads of (printed) documentation in various books, but curiously enough, most of the tutorials are either for Postfix or Exim MTA. So I got myself a copy of O'Reilly's Sendmail book. 1250 pages (gasp!). It's well written, and I've already started reading, but I wonder: isn't there a more simple way, something in the middle between quick-and-dirty and exhaustive? I'm not a lamer for RTFM, only this time, I don't quite know where to begin. Any recommendations?

You can find many introductory Sendmail tutorials online, but if you want your own mail server you'll need to have a static IP address, set up DNS (MX record, ...), etc. I'm not an expert at this.
If you just want to send your mail from your PC with sendmail it is much simpler.

hua · 09-16-2011, 05:35 AM

First you should answer several questions:

1. Did you already installed the OS (Slackware) on the server successfully? (There are several security related things which belongs rather to the OS installation then the mail system configuration - installed packages, firewall configuration, intrusion detection, remote access ...) There are also things which needs to be done that does not relate to server itself (domain configuration, network configuration, ISP can make things difficult sometimes too)
2. Sendmail is just the part of the mail system - what other applications you plan to use? (for imap-pop3, webmail, antivirus for mail system, spam prevention...)

Sendmail may look scary at first but finally when you configure it several times its easy. Just let us know what steps you already completed and where you are now.

kikinovak · 09-16-2011, 07:13 AM

I already have a public server running Slackware64. I own half a dozen domain names, and I already set up corresponding web services. For example here :

http://www.osteo-sommieres.fr

I have setup DNS (BIND) with the right MX records, so basically I'm all set. Hear my knuckles crack

hua · 09-16-2011, 08:12 AM

The next you want to check out these directories:

/usr/share/sendmail/cf/cf
/etc/mail

First you create your sendmail.cf file. You do not edit this file (/etc/mail/sendmail.cf) by hand rather you use one of the sendmail.mc files in this directory (/usr/share/sendmail/cf/cf). Since the sendmail.cf file is too difficult to know (edit manually) there are those mc files which does contain only those options what you need to modify in the default sednamil.cf file.

This is what you want to do:

Quote:

cd /usr/share/sendmail/cf/cf
m4 sendmail-slackware.mc > sendmail.cf
cp /usr/share/sednamil/cf/cf/sendmail.cf /etc/mail
/etc/rc.d/rc.sendmail restart

This is the way how you edit the configuration options in you sendmail.cf file. But there are still several things which you need to make clear before you can generate a usable config file.

Take a look into the example mc files (personally I used the sendmail-slackware-tls-sasl.mc) and find out what you need.

Several suggestions:

1. You need to know what authentication mechanism you going to use (sasl for plain authentication for example - this requires additional configuration of the saslauthd)
2. Whether you going to use encryption. In default configuration - sendmail will not allow week authentication without encryption (SASL - PLAIN, LOGIN auth) (for encryption you can use stunnel)

Here is an example sendmail-slackware.mc file:

Code:

include(`../m4/cf.m4')
VERSIONID(`SALS supporting setup for Slackware Linux')dnl
OSTYPE(`linux')dnl
dnl# These settings help protect against people verifying email addresses
dnl# at your site in order to send you email that you probably don't want:
define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl
dnl# No timeout for ident:
define(`confTO_IDENT', `0')dnl
dnl# See the README in /usr/share/sendmail/cf for a ton of information on
dnl# how these options work:
FEATURE(`use_cw_file')dnl
FEATURE(`use_ct_file')dnl
FEATURE(`mailertable',`hash -o /etc/mail/mailertable.db')dnl
FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable.db')dnl
FEATURE(`access_db', `hash -T<TMPF> /etc/mail/access')dnl
FEATURE(`blacklist_recipients')dnl
FEATURE(`local_procmail',`',`procmail -t -Y -a $h -d $u')dnl
FEATURE(`always_add_domain')dnl
FEATURE(`redirect')dnl
FEATURE(`no_default_msa')dnl
EXPOSED_USER(`root')dnl
dnl# Also accept mail for localhost.localdomain:
LOCAL_DOMAIN(`localhost.localdomain')dnl
MAILER(local)dnl
MAILER(smtp)dnl
MAILER(procmail)dnl
dnl# Allow SASL authentication/relaying:
define(`confAUTH_OPTIONS', `A')dnl
define(`confAUTH_MECHANISMS', `LOGIN PLAIN DIGEST-MD5 CRAM-MD5')dnl
TRUST_AUTH_MECH(`LOGIN PLAIN DIGEST-MD5 CRAM-MD5')dnl
DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl
LOCAL_CONFIG

When you generate the sendmail.cf file from this sendmail-slackware.mc file it should work.
NOTE: This mc file is modified and the above noted security defaults are changed. You should not use it in production environment in this form.
The lines starting with dnl# or dnl are commented out. Each option should end with dnl.

You need to enable SALS.

Quote:

mkdir /etc/sasl2
touch /etc/sasl2/Sendmail.conf

Put this into the Sendmail.conf file:

Quote:

pwcheck_method: saslauthd
mech_list: login plain

Start the saslauthd:

Quote:

chmod +x /etc/rc.d/rc.saslauthd
/etc/rc.d/rc.saslauthd start
/etc/rc.d/rc.sendmail restart

At this point you should be able to authenticate with sendmail.

Start up imap2 and pop3 - edit the /etc/inetd.conf file and uncomment the imap2 and pop3 lines.

Quote:

/etc/rc.d/rc.inetd restart

Check out what is running:

Quote:

nmap localhost
# You should see this services
25
143
110

And the last ones are the config files in /etc/mail - especially the access, domaintable and local-host-names.
access:

Quote:

mail.yourdomain.com RELAY

domaintable:

Quote:

mail.yourdomain.com yourdomain.com

local-host-names:

Quote:

mail.yourdomain.com
yourdomain.com

Run make in the /etc/mail directory and retart sendmail:

Quote:

cd /etc/mail
make
/etc/rc.d/rc.sendmail restart

Thats it. Now it should work.

NOTE: This is a very quick-and-dirty how-to, so if this works you should focus on security. (Configure encryption, disallow week authentication to be used without encryption, use different authentication application - not sasl, use different imap-pop3 servers and so on ....)

Good luck

SeRi@lDiE · 09-16-2011, 09:19 AM

I would use postfix if you can. Its simpler to configure.

kikinovak · 09-16-2011, 11:50 AM

Thanks everybody for all the detailed answers! Got some homework to do now...

Martinus2u · 09-16-2011, 01:34 PM

qmail is worth a look (and the author famously controversial): http://cr.yp.to/qmail.html

tuxrules · 09-16-2011, 02:00 PM

I run my own mailserver with postfix, dovecot, clamav, amavisd-new I chose postfix because it was easy to setup and has a very friendly and informative mailing list.

I have a dynamic ip along with custom dns package from dyndns.org Works great with ddclient as the ip update agent.