Network Configuration Page |1

Documentation Assignment 2 OPS535 By: Andrew Greene Student # 027993047 Professor: Raymond Chan

Network Mail Configuration Documentation

Andrew Greene #027993047 OPS535

Network Configuration Page |2

Table of Contents
NETWORK TOPOLOGY ........................................................................................................................................... 3 IP ADDRESSING SCHEME ........................................................................................................................................ 3 ADDING MX RECORDS TO DNS .............................................................................................................................. 4 SETTING UP POP3/IMAP SERVER ON VM3 ............................................................................................................. 4 CONFIGURING DOVECOT TO USE POP ................................................................................................................... 4 TESTING / TROUBLE SHOOTING DOVECOT LOCALLY .............................................................................................. 4 TESTING / TROUBLE SHOOTING DOVECOT REMOTELY ........................................................................................... 6 INSTALLING/CONFIGURING SENDMAIL .................................................................................................................. 6 TROUBLESHOOTING SMTP SERVER ........................................................................................................................ 7 SETTING UP USERS MAILBOXES USING NFS VIA VM2............................................................................................. 9 ADDING NEW EMAIL USER TO YOUR DOMAIN ...................................................................................................... 9 INSTALLING SQUIRRELMAIL ................................................................................................................................. 10 TESTING SQUIRRELMAIL ...................................................................................................................................... 11 IS THE PROBLEM ON THE SERVER?....................................................................................................................... 11 IS THE PROBLEM WITH THE NETWORK? .............................................................................................................. 12 IS THE PROBLEM WITH THE LOCAL EMAIL CLIENT? .............................................................................................. 13 RPM PACKAGES REQUIRED .................................................................................................................................. 13 SERVICES REQUIRED FOR THIS EMAIL SYSTEM FUNCTION ................................................................................... 14

Andrew Greene #027993047 OPS535

Network Configuration Page |3

Network Topology

IP Addressing Scheme
DNS Server VM1 Network ID: 192.168.8.0 Subnet Range: 192.168.8.1 192.168.8.254 Subnet Mask: 255.255.255.0 IP Address: 192.168.8.53 NFS Server VM2 Network ID: 192.168.8.0 Subnet Range: 192.168.8.1 192.168.8.254 Subnet Mask: 255.255.255.0 IP Address: 192.168.8.2 NIS & POP3 / IMAP Server VM3 Network ID: 192.168.8.0 Subnet Range: 192.168.8.1 192.168.8.254 Subnet Mask: 255.255.255.0 IP Address: 192.168.8.3

Andrew Greene #027993047 OPS535

Network Configuration Page |4

Adding MX Records to DNS

You will need to add MX records to your forward zone file so that mail will be routed to the correct server when it is received. Edit /var/named/chroot/var/named/named.my-hosts and the following 2 records: mail aplus.ca. IN CNAME vm3 IN MX 10 mail.aplus.ca.

Once the following records have been added you will need to restart the named service for the changes to take effect: Run the following command to restart DNS: Service named restart

Setting Up POP3/IMAP Server On VM3

In order to setup a POP3 and IMAP server on vm3 you will need to download and install the dovecot package using yum. This package contains the imap-login and pop3-login daemons which use the imap and pop3 protocols. By default dovecot only runs IMAP so you will need to configure dovecot to use POP.

Configuring Dovecot to use POP

Edit the /etc/dovecot.conf file with the following line: Protocols = imap imaps pop3 pop3s After making these changes restart the dovecot service: /sbin/service dovecot restart Next you will want to make this service start up by default on the next boot: Chkconfig dovecot on

Testing / Trouble Shooting Dovecot Locally

First you will want to check that the dovecot service is running: Service dovecot status Andrew Greene #027993047 OPS535

Network Configuration Page |5 If the service is running you will want to test connectivity locally: Open a terminal then run the following commands [root@mail ~]# telnet localhost pop3 +OK dovecot ready. user vm3mail +OK pass password +OK Logged in. list +OK 1 messages: 1 622 . retr 1 +OK 622 octets Return-Path: vm3mail@mail.aplus.ca X-Original-To: vm3mail Delivered-To: vm3mail@mail.aplus.ca Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by mail.aplus.ca (Sendmail) with SMTP id 943284B43 for <johndoe>; Thu, 22 Feb 2007 09:06:37 -0500 (EST) Message-Id: 20120222140640.943284B43@mail.aplus.ca Date: Thu, 3 Apr 2012 09:06:37 -0500 (EST) From: vm3mail@mail.vm3.aplus.ca To: undisclosed-recipients:; X-IMAPbase: 1172153557 1 Status: O X-UID: 1 Content-Length: 5 X-Keywords: test . quit +OK Logging out. Connection closed by foreign host. [root@vm3 ~]# After sending the test email if you do not receive it you should check the /var/log/maillog for errors pertaining to the email you sent. Andrew Greene #027993047 OPS535

Network Configuration Page |6

Testing / Trouble Shooting Dovecot Remotely

Next you will want to run the same command as above but this time from a different server and include the FQDN with the following command: [root@mail ~]# telnet mail.aplus.ca pop3 Use the same commands from above to send another test email from the remote server if you run into problems check that you have DNS functioning properly and that the named service is actually running on VM1. If it is next you will want to check /var/log/maillog and look for any errors pertaining to the email you just sent from the remote server.

Installing/Configuring Sendmail
You will need to download the following packages in order to configure send mail properly sendmail and sendmail-cf: Yum install sendmail Yum install sendmail-cf After you have installed the required packages you will need to find and change the following files located in the /etc/mail/ directory:

Edit the /etc/mail/sendmail.cf file with the following line # SMTP daemon options O DaemonPortOptions=Port=smtp,Name=MTA # who I masquerade as (null for no masquerading) (see also $=M) DMaplus.ca

Edit the /etc/mail/sendmail.mc file with the following line dnl # The following example makes mail from this host and any additional dnl # specified domains appear to be sent from mydomain.com dnl # MASQUERADE_AS(`aplus.ca')dnl

Andrew Greene #027993047 OPS535

Network Configuration Page |7 Edit the /etc/mail/local-host-names file with the following line # local-host-names - include all aliases for your machine here. mail.aplus.ca aplus.ca

Edit the /etc/mail/access file with the following line # by default we allow relaying from localhost... Connect:localhost.localdomain RELAY Connect:localhost RELAY Connect:127.0.0.1 RELAY After you have configured all of the files previously mentioned you will need to Rebuild the file using either the Makefile in the configuration directory or by issuing the command m4 sendmail.mc > /etc/sendmail.cf then you will need to restart the sendmail service on all of the virtual machines: Service sendmail restart Next you will want to make this service start up by default on the next boot: Chkconfig sendmail on

Troubleshooting SMTP Server

Step 1. Ensure that your mail client setup is correctly configured. 1. In the configuration section of your mail client, ensure that your outgoing mail server is pointing to the mail server you want to use. 2. Verify that the computer you are trying to send email from is not running a firewall that may be interfering with SMTP traffic on port 25. Ensure that if you are behind a firewall, that it is not blocking the network traffic between your mail client and the mail server. 3. Verify if other similar configured mail clients are able to send out mail. If so, try to find out the differences with yours and if needed correct and retry. 4. If the underlying operating system has a telnet capable client, verify if a connection on port 25 (SMTP) of the mail server.

Andrew Greene #027993047 OPS535

Network Configuration Page |8 Open a command line and type telnet mailserver.mydomain.com 25 A sendmail server will answer with a following similar output: 220 mailserver.mydomain.com ESMTP Sendmail 8.13.8+Sun/8.13.8; Mon, 21 Apr 2008 11:36:17 +0200 (CEST) When you type the ?help? command the available commands the mail server understands are listed: 214-2.0.0 This is sendmail version 8.13.8+Sun 214-2.0.0 Topics: 214-2.0.0 HELO EHLO MAIL RCPT DATA 214-2.0.0 RSET NOOP QUIT HELP VRFY 214-2.0.0 EXPN VERB ETRN DSN STARTTLS 214-2.0.0 For more info use HELP . 214-2.0.0 To report bugs in the implementation contact Sun Microsystems 214-2.0.0 Technical Support. 214-2.0.0 For local information send email to Postmaster at your site. 214 2.0.0 End of HELP info Try the following to send an e-mail from the command line: helo clienthostname.mydomain.com 250 clienthostname.mydomain.com Hello clienthostname.mydomain.com [129.159.231.54], pleased to meet you mail from:myname@mydomain.com 250 2.1.0 myname@mydomain.com Sender ok rcpt to:recepientname@recepientdomainname.com 250 2.1.5 recepientname@recepientdomainname.com Recipient ok data 354 Enter mail, end with . on a line by itself

subject: This is a test to:recepientname@recepientdomainname.com This contains the BODY of a test mail . 250 2.0.0 m3L9aH0W018247 Message accepted for delivery quit 221 2.0.0 mailserver.mydomain.com closing connection Note the dot (.) at the end of the mail body.

Andrew Greene #027993047 OPS535

Network Configuration Page |9

If this test succeeds (mail is delivered to its final destination) you most likely have a configuration issue on your mail client. 5. If the underlying operating system allows you to analyze the network traffic on the network interface(s) (using ethereal, wireshark, netcap, tcpdump, snoop, etc) t ry to capture the network traffic while trying to send a mail form the mail client. Analyze if there is SMTP traffic between your client and the mail server.

Setting Up Users Mailboxes using NFS via VM2

Now that you have your POP3/IMAP server up and running you will need to set up the users mailboxes to use the NFS share via vm2. The first thing you will need to do is mount the /var/spool/mail directory to vm2 from the mail server (vm3) but before you can mount this directory you will need to edit the exports file on vm2 to all vm3 to mount that directory. Edit /etc/exports add the following line to that file: /var/spool/mail 192.168.8.3(rw,no_root_squash)

Then run the following command to update your exports information: Exportfs a You should now be allowed to mount that directory from vm3 on vm2 Mounting the vm3 /var/spool/mail directory on vm2 with the following command: mount -t nfs 192.168.8.2:/var/spool/mail /var/spool/mail You will also need to edit the /etc/fstab file with the above information if you want the directory to be mounted automatically next time your system boots up.

Adding new email user to your domain

If you want to add a new email user you will need to run the following command: Useradd user-name-here Then you will have to give that user a password with the following command: Passwd user-name-here Andrew Greene #027993047 OPS535

N e t w o r k C o n f i g u r a t i o n P a g e | 10 You should note that if your /etc/default/useradd file has not been updated to use the NFS shared directory you will need to add some options to the useradd command Useradd -d home_dir Next you will need to update the NIS maps info to include the new users you have just created. Running the following command to update NIS: /var/yp/Makefile Once the updates have been made you can confirm that the user has been created by running the following command from vm1 or vm2: Ypcat passwd

Installing Squirrelmail
You will need to download the squirrelmail package in order to use webmail Yum install squirrelmail Then you will need to start the httpd service with the following command: Service httpd start Next you will want to make this service start up by default on the next boot: Chkconfig httpd on Then you will need to configure send by running the following command /usr/share/squirrelmail/config/conf.pl Type in D and press Enter to select the Set pre-defined settings for specific IMAP servers menu. Type in dovecot and press Enter. Then type in 2 and press Enter and select the server settings menu. After that you type in 1 and press Enter to select the Domain menu. Type in your domain name and press Enter. Save your changes and quit when you are done. The final thing to do is set the SELinux rules use the following commands: setsebool httpd_can_network_connect on setsebool httpd_can_sendmail on Andrew Greene #027993047 OPS535

N e t w o r k C o n f i g u r a t i o n P a g e | 11

Testing Squirrelmail
Click the browser icon at the top near the System menu to launch the Firefox web browser. In the address box, type in http://localhost/webmail/src/configtest.php and press Enter. Check for any errors. In the address box, type in http://localhost/webmail and press Enter. Type in a valid username and password and click Login.

Is the problem on the server?

The best way to test server problems is to try to use your webmail. Webmail is hosted on the server itself, and so bypasses your network and your local email client. This makes it ideal for troubleshooting. Visit your webmail URL: http://vm2.aplus.ca/webmail Log into webmail with your full email address and email password. If you CAN'T log in, please try to reset your password. o If you still get an authentication error, this is most likely a server issue. o If you don't get an error, but it takes a very long time to log in and/or times out, please skip to Email troubleshooting - mailbox size. If you CAN log in, proceed to the next step. Send yourself a test message. You can send to this same email address, or to an external email address (such as a Hotmail or Gmail account). Reply to the message to test both sending and receiving. If you get an immediate error when attempting to send or receive, note the exact error. This is a server issue. If you get a bounceback, please skip to Email troubleshooting - bouncebacks. If you get no error, but the message has not delivered for at least five minutes, please skip to Email troubleshooting - missing emails. If you can successfully send and receive from webmail, this indicates that the server is fine. Proceed to the next step, then the next section, to troubleshoot possible network problems. There are a small number of server problems that might not be "caught" by the webmail test. If you notice one of the following, please first continue with the next troubleshooting sections, because these problems are just as likely to be caused by a network or email client problem. If you finish troubleshooting and are still having one of the problems described below, continue to the final step. If you have SMTP or Outgoing mail server connection problems, the mail server may be configured incorrectly. If you have problems with POP but not IMAP, webmail uses IMAP only, so again, the mail server setting in your email client may be configured incorrectly. Andrew Greene #027993047 OPS535

N e t w o r k C o n f i g u r a t i o n P a g e | 12

Is the problem with the network?

Some email problems can occur between your computer and the (mt) Media Temple server. There are dozens of connection points between your computer and the server. There's a connection from your computer to your local network, from your local network to your Internet Service Provider, from your Internet Service Provider to the next Internet Service Provider down the line, and so on. A problem with one of these connection points is a network problem. Follow the steps below to continue troubleshooting: Run a telnet test to the server for the appropriate port. You can run this test from your command line telnet aplus.ca 25 You should replace example.com with your own mail server name (the same as your domain name in most cases), and 25 with the port number you are try to test. Here's a summary of port numbers related to email: 25 - standard outgoing SMTP port Note - this port is consistently blocked by Internet Service Providers in an effort to prevent spam. See the special Outgoing mail blocked on Port 25 section below for further assistance. 587 - alternate outgoing SMTP port 465 - SSL encrypted outgoing SMTP port 110 - incoming POP port 995 - SSL encrypted incoming POP port 143 - incoming IMAP port 993 - SSL encrypted incoming IMAP port Examine the results of your telnet test. A response of "220" or "Connected" indicates connection success - continue on to the email client troubleshooting below. A timeout or "Unable to connect" message indicates that you have a network problem. While a problem on a specific port may not show itself in a generic traceroute, it doesn't hurt to try. For detailed instructions, on running a traceroute, see Using the traceroute command. For quick reference, run one of the following from your command prompt: traceroute aplus.ca

Andrew Greene #027993047 OPS535

N e t w o r k C o n f i g u r a t i o n P a g e | 13

Is the problem with the local email client?

If your webmail test and your telnet tests from the previous section haven't turned up any server or network problems, this indicates that the problem is most likely with your local email client. The suggestions go in order from least to most changes required for your current setup. The best thing you can do for your email client is to double-check all of your settings. Even if they are correct, sometimes re-typing them can jog your email program into functioning correctly. We have a list of articles with the correct settings here: Third-party email applications. If that doesn't resolve the issue, you may want to try recreating the email account. Again, that can jog your software into using the correct settings. See the link above for helpful walkthroughs. Perform an online search for any specific error messages that you see in the email client. You can also search in that email program's help forums specifically. Contact the support team for your specific email application. Check their website for instructions on how to receive support. Reinstall the email client - note that this will delete any existing downloaded emails and custom settings! Try a different email client. Thunderbird is free and works on both Mac OS X and Windows.

RPM Packages Required

VM1 DNS Server :
Apache Web Server BIND Sendmail Sednmail-cf Squirrelmail

VM2 NFS Server:

Apache Web Server NFS Sendmail Andrew Greene #027993047 OPS535

N e t w o r k C o n f i g u r a t i o n P a g e | 14 Sednmail-cf Squirrelmail

VM 3 NIS and POP3/IMAP Server:

Apache Web Server BIND Dovecot NIS Sendmail Sednmail-cf Squirrelmail

Services Required For This Email System Function

Named (vm1,vm3) Dovecot (vm3) sendmail (vm1,vm2,vm3) ypbind(vm1,vm2,vm3) ypserv(vm3) yppasswdd(vm3)

Andrew Greene #027993047 OPS535