IP, hostname & domain name assign:

Assign IP address by using setup command

#setup (press enter)

Network configuration (press enter)

Select the NIC & get a window where assign IP address net mask gateway etc.

Finally use this command for bring the device up

#service network restart
#chkconfig network on

OR assign the IP address in the NIC device script

# vim /etc/sysconfig/network-scripts/ifcfg-eth0

The device is always bringing up for enable this IP address.

#chkconfig network on

By using this command check the device IP address

#ifconfig

Then enter the hostname & domain name. ere networking is always yes.
# vim /etc/sysconfig/network

NETWORKING=yes
HOSTNAME=dns.asianatelbd.com

In the /etc/resolv.conf file enter the nameserver IP & domain.

# vim /etc/resolv.conf
nameserver 192.168.2.1
search asianatelbd.com

DNS Server Configuration:

First install the the RPM package
bind-9.3.3-7.el5
bind-utils-9.3.3-7.el5
bind-chroot-9.3.3-7.el5
caching-nameserver-9.3.3-7.el5

RPM install process

# rpm -ivh bind*
# rpm -ivh caching-nameserver-9.3.3-7.el5
Copy the named.caching-nameserver.conf & rename it named.conf
# cd /var/named/chroot/etc/
# cp named.caching-nameserver.conf named.conf

Check the group owner, file permission & change it

[root@dns etc]# ls -lZ named.conf
[root@dns etc]# chgrp named named.conf
[root@dns etc]# chmod 640 named.conf

[root@dns etc]#vim named.conf

options {
listen-on port 53 { 127.0.0.1; 192.168.2.1; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
query-source port 53;
query-source-v6 port 53;
allow-query { localhost; 192.168.2.0/24; };
};

Here the
listen-on port 53 loop back & DNS IP.
allow-query { localhost; 192.168.2.0/24; }; (This IP block query this DNS)
.
Check the named.conf file
[root@dns etc]#named-checkconf named.conf

The domain name, reverse IP and forward zone & reverse zone file names are declare here
[root@dns etc]# vim named.rfc1912.zones
zone "asianatelbd.com" IN {
type master;
file "asianatel.fz";
allow-update { none; };
};
zone "2.168.192.in-addr.arpa" IN {
type master;
file "asianatel.rz";
allow-update { none; };
};
By using this command test the named file is ok or have any error.
[root@dns etc]# service named configtest

Enter this location & create the forward zone, reverse zone file.
[root@dns named]# cd /var/named/chroot/var/named/

You can copy the named.local file, rename it which is declare the named.rfc1912.zones file The
forward zone, reverse zone file's permission 640 and group owner must named.

[root@dns named]# cp named.local asianatel.fz

[root@dns named]# chmod 640 asianatel.fz
[root@dns named]# chgrp named asianatel.fz

Check the permission and group owner

[root@dns named]# ls -lZ asianatel.fz

Editing the file

[root@dns named]# vim asianatel.fz
$TTL 86400
@ IN SOA dns.asianatelbd.com. root@asianatelbd.com. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS dns.asianatelbd.com.
IN MX 10 mail.asianatelbd.com.
asianatelbd.com. IN A 192.168.2.1
dns.asianatelbd.com. IN A 192.168.2.1
dns IN A 192.168.2.1
mail.asianatelbd.com. IN A 192.168.2.2

Check the file have any error or not.

[root@dns named]# named-checkzone asianatel.fz asianatel.fz

Copy the file & rename asianatel.rz

[root@dns named]# cp asianatel.fz asianatel.rz
Change the permission & group owner
[root@dns named]# chmod 640 asianatel.rz
[root@dns named]# chgrp named asianatel.rz

Editing the content of asianatel.rz file

[root@dns named]# vim asianatel.rz
$TTL 86400
@ IN SOA dns.asianatelbd.com. root@asianatelbd.com. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS dns.asianatelbd.com.

1 IN PTR asianatelbd.com
1 IN PTR dns.asianatelbd.com
2 IN PTR mail..asianatelbd.com

Check the file have any error or not.

[root@dns named]# named-checkzone asianatel.rz asianatel.rz

Start or Restart the service

[root@dns named]# service named start
[root@dns named]# service named restart

Using this command the DNS is always up at boot time

[root@dns named]# chkconfig named on

Check or query the DNS

[root@dns named]# dig asianatelbd.com
[root@dns named]# dig dns.asianatelbd.com

Here, status is always noerror.If status show any error or servfail or NXDOMAIN the DNS can't
resolv this domain or IP..

IP tables for DNS

First REJECT all request under 53 port

[root@dns ~]# iptables -I INPUT -p tcp --dport 53 -j REJECT
[root@dns ~]# iptables -I INPUT -p udp --dport 53 -j REJECT

Then ACCEPT the loop back & 192.168.2.0/24 block IP

[root@dns ~]# iptables -I INPUT 1 -p tcp -s 127.0.0.1 --dport 53 -j ACCEPT
[root@dns ~]# iptables -I INPUT 1 -p udp -s 127.0.0.1 --dport 53 -j ACCEPT
[root@dns ~]# iptables -I INPUT 1 -p tcp -s 192.168.2.0/24 --dport 53 -j ACCEPT
[root@dns ~]# iptables -I INPUT 1 -p udp -s 192.168.2.0/24 --dport 53 -j ACCEPT
 MAIL Server configuration:

Dovecot for imap and pop

The necessary RPM for dovecot is

dovecot-1.0-1.2.rc15.el5

Install the RPM

[root@dns ~]# rpm -ivh dovecot-1.0-1.2.rc15.el5
#yum install dovecot*

Check the system time & date.By default dovecot.pem file containing a private key and self signed
certificate, remove it.
[root@dns ~]# vim /etc/dovecot.conf
protocols = imap imaps pop3 pop3s

Start or restart the dovecot

[root@dns ~]# service dovecot start
[root@dns ~]# service dovecot restart

chkconfig whether dovecot start at boot time

[root@dns ~]# chkconfig dovecot on

Send a test message & check the dovecot private key certification
[root@dns ~]# echo 'this a test' | mail -s test root

Send mail configuration:

First install the sendamil rpm

root@dns ~]#rpm -ivh sendamil-8.13.8-2.el5

#yum install sendmail*

Enter and change this content of this file

[root@dns ~]# vim /etc/mail/sendmail.mc
#DAEMON_OPTIONS(`Port=smtp,Addr=0.0.0.0, Name=MTA')dnl ###Block This line
LOCAL_DOMAIN(`asianatelbd.com')dnl

The sendmail.mc file is human readable and sendmail.cf file is machine readable. So make this file
machine readable by using the microprocessor m4
[root@dns ~]# m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf

Insert the doamin name and mailbox name in this file

[root@dns ~]# vim /etc/mail/local-host-names
asianatelbd.com
mail.asianatelbd.com

Insert the access or reject domain or IP block in this file

[root@dns ~]# vim /etc/mail/access
Connect:localhost.localdomain RELAY
Connect:localhost RELAY
Connect:127.0.0.1 RELAY
Connect:asianatelbd.com RELAY
Connect:mail.asianatelbd.com RELAY
Connect:192.168.3. REJECT

Here asianatelbd.com domain accesses this mail server and 192.168.3.0/24 is rejecting from this
mail server.

Mapping this change

[root@dns ~]# makemap hash /etc/mail/access.db < /etc/mail/access

If aliases is need then change this file at last line

[root@dns ~]#vim /etc/aliases
tito: ato,saifur

Here ato, saifur get tito's mail.

Start or restart the sendmail service

[root@dns ~]# service sendmail start
[root@dns ~]# service sendmail restart

Automatically start the sendmail after next reboot

[root@dns ~]# chkconfig sendmail on

Entry the mail domain name at DNS forward & reverse zone file
[root@dns ~]#vim asianatelbd.fz
$TTL 86400
@ IN SOA dns.asianatelbd.com. root@asianatelbd.com. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
 3600000 ; Expire
86400 ) ; Minimum
IN NS dns.asianatelbd.com.
IN MX 10 mail.asianatelbd.com.
asianatelbd.com IN A 192.168.2.1
dns IN A 192.168.2.1
mail IN A 192.168.2.2

[root@dns ~]#vim asianatelbd.rz

$TTL 86400
@ IN SOA dns.asianatelbd.com. root@asianatelbd.com. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS dns.asianatelbd.com.
IN MX 10 mail.asianatelbd.com.

1 IN PTR asianatelbd.com
1 IN PTR dns.asianatelbd.com
2 IN PTR mail.asianatelbd.com

Then restart the DNS.

IP tables for sendamil(25),iamp(143),pop(110)

First insert the rule for kernel

[root@dns ~]# iptables -I INPUT -p tcp -m state --state ESTABLISHED,RELATED -j
ACCEPT

Then insert the rules for 25 ports

[root@dns ~]# iptables -I INPUT -p tcp --dport 25 -s 192.168.2.0/24 -m state --state NEW -j
ACCEPT
[root@dns ~]# iptables -I INPUT -p udp --dport 25 -s 192.168.2.0/24 -m state --state NEW -j
ACCEPT

Insert the rules for 110 & 143 port

[root@dns ~]# iptables -I INPUT -p tcp --dport 110 -s 192.168.2.0/24 -j ACCEPT
[root@dns ~]# iptables -I INPUT -p udp --dport 110 -s 192.168.2.0/24 -j ACCEPT
[root@dns ~]# iptables -I INPUT -p tcp --dport 143 -s 192.168.2.0/24 -j ACCEPT
[root@dns ~]# iptables -I INPUT -p udp --dport 143 -s 192.168.2.0/24 -j ACCEPT

Test the mail server to send and receive a mail:

To login into mail server by using 25 port and send a test mail
[root@dns ~]# telnet mail.asianatelbd.com 25

Trying 192.168.2.1...
Connected to mail.asianatelbd.com (192.168.2.1).
Escape character is '^]'.
220 dns.asianatelbd.com ESMTP Sendmail 8.13.8/8.13.8; Tue, 30 Dec 2008 00:31:38 -0500
mail from: <tito@asianatelbd.com>
250 2.1.0 <tito@asianatelbd.com>... Sender ok
rcpt to: <tito@asianatelbd.com>
250 2.1.5 <tito@asianatelbd.com>... Recipient ok
data
354 Enter mail, end with "." on a line by itself
test
this is test mail message
.
250 2.0.0 mBU5VcmW003284 Message accepted for delivery

To login into mail server by using 110 port and read a mail
[root@dns ~]# telnet mail.asianatelbd.com 110
Trying 192.168.2.1...
Connected to mail.asianatelbd.com (192.168.2.1).
Escape character is '^]'.
+OK Dovecot ready.
user tito
+OK
pass 1
+OK Logged in.
stat (show on mailbox status)
+OK 512 1
stat 1