Difference between revisions of "OPS335 Lab 4c"

From CDOT Wiki
Jump to: navigation, search
m (dovecot-lda isn't a package, dovecot is.)
m (Oxford comma FTW!)
Line 60: Line 60:
 
=== Installing and Configuring the Local Delivery Agent (LDA) ===
 
=== Installing and Configuring the Local Delivery Agent (LDA) ===
  
Postfix is capable of performing the function of an LDA, but its LDA capabilities are limited, thus postfix is generally not used for that purpose. Currently, the most popular LDA is ''LMTP'', but we will be installing, configuring and using an LDA called '''Dovecot''' since it is also popular and we will later be setting up Dovecot as an '''IMAP''' server. Using both Postfix and Dovecot will actually increase the performance of our IMAP server.
+
Postfix is capable of performing the function of an LDA, but its LDA capabilities are limited, thus postfix is generally not used for that purpose. Currently, the most popular LDA is ''LMTP'', but we will be installing, configuring, and using an LDA called '''Dovecot''' since it is also popular and we will later be setting up Dovecot as an '''IMAP''' server. Using both Postfix and Dovecot will actually increase the performance of our IMAP server.
  
 
'''Perform the following steps:'''
 
'''Perform the following steps:'''

Revision as of 17:01, 22 March 2016

LAB RESOURCES

Online References:


OVERVIEW (RECEIVING EMAIL)

Last week, we configured and run the Postfix application (MTA a.k.a. SMTP server) on our VM2 machine.

We also installed and configured a graphical Mail User Agent (MUA) called Thunderbird to test the connection to the running MTA by sending an email message to your myseneca email account.


The a diagram below (duplicate to lab 4b) shows your basic setup of your email system:


Email-servers.png

This week, we will set up a Postfix demonstration for receiving email on your VM3 machine.

You may ask yourself, "why not install on VM2 machine, since we used the VM2 machine in the previous lab?".

The reason for this (described in the previous lab) was that you will be able to send email out of your network, and receive email from within your network, but you will not receive email from outside of your network due to the following reasons:

  • Individuals outside of your domain will never find the MX records because there are no .org servers pointing to your DNS server (i.e. you haven't paid for it).
  • Even if the individuals could read your MX records, your local network is using IP addresses on a private subnet, which is not routeable on the Internet, so it cannot be reached from outside of your system.


In this lab, we will begin by using the existing Postfix service on your VM3 machine, then add an Local Delivery Agent (LDA) by installing the dovecot-lda package on VM3, configure it, and test it to make sure that is is working correctly.

Finally, we will set up an IMAP server (Dovecot) on VM3, so you can read your email from an MUA such as Thunderbird or a Webmail (we will set up a webmail application in a later lab).


Important.png
Set up MX Record in your DNS Server
If you haven't already done it - set up an MX record in your DNS server to make vm3.yoursenecaid.org the server responsible for receiving emails for anyuser@yoursenecaid.org (vm3 will be used for receiving, vm2 for sending only).


INVESTIGATION: SETTING UP MTA FOR RECEIVING EMAIL

Specifying Which Domains are Used to Delivered the "Received" Mail Messages

The default job of an SMTP server is to forward the message received to another email server. We performed that step in the previous lab: in other words, your postfix MTA receives an email from your MUA (Thunderbird) and forwards it to the destination SMTP server.


The other thing an SMTP server can be configured to do is receive email. Your SMTP server, in this case, forwards the received mail message to another SMTP server, which in turn, forwards it to the Local Delivery Agent (LDA).

This is done using postfix by setting the mydestination parameter (configuration variable) to include $mydomain (this is assuming you've set up mydomain, myorigin , and inet_interfaces the same way as in the previous lab).

Perform the following steps on VM 3:

  1. Edit the /etc/postfix/main.cf file.
  2. Scroll down to the line containing: mydestination and change line to the text shown below:
mydestination = $mydomain, $myhostname, localhost.$mydomain, localhost
Note: Even though your machine's name is vm2.yoursenecaid.org, your postfix MTA will also receive emails addressed to the domain called: yoursenecaid.org

Installing and Configuring the Local Delivery Agent (LDA)

Postfix is capable of performing the function of an LDA, but its LDA capabilities are limited, thus postfix is generally not used for that purpose. Currently, the most popular LDA is LMTP, but we will be installing, configuring, and using an LDA called Dovecot since it is also popular and we will later be setting up Dovecot as an IMAP server. Using both Postfix and Dovecot will actually increase the performance of our IMAP server.

Perform the following steps:

  1. Dovecott is not installed when you installed your Virtual machines in previous labs.
  2. Install the Dovecot application by issuing the following command:
    yum install dovecot
  3. Edit your /etc/postfix/main.cf file and scroll down to (or search for) mailbox_command. Add the following line:
mailbox_command = /usr/libexec/dovecot/dovecot-lda -f "$SENDER" -a "$RECIPIENT"
NOTE: Do not replace any variables, those are set automatically by Postfix when it runs the LDA. If you are interested in learning more about the Dovecot application, you can read about dovecot-lda here and here (i.e. optional reading for interest only).
  1. Finally, edit the /etc/dovecot/conf.d/10-mail.conf file and indicated where you want your mail delivered by including the following line
mail_location = maildir:~/Maildir
  1. Restart your postfix service. Note that dovecot-lda is just a program invoked by Postfix, it doesn't have an associated service.

Sending a Mail Message from VM2 (Using Thunderbird)

Perform the following steps:

  1. Use the netstat and telnet commands (like you did in lab 4b) to confirm your service is listening on the correct ports/interfaces. You will probably have to open the appropriate firewall port on vm3 to allow incoming SMTP connections.

    Note: You should be able to send email to any regular user on vm3 using the email address yourusername@yoursenecaid.org using the Thunderbird application on vm2 machine.

  1. Create a new account on your vm3 machine using only your first name. We will use this account as a one-time "test" if the mail message has been received on your VM3 machine (from your VM2 machine).

    Note: It is important that you don't create this same account name on your vm2 machine, since you want to easily identify the difference between the sending and receiving SMTP servers.

  1. We still haven't set up IMAP (for reading email) but we can test that the message is being delivered. Use the new account in Thunderbird to send an email to firstname@yoursenecaid.org and then check the contents of /home/firstname/Maildir/new/ on your vm3 machine. There should be a file there with the contents of your email.
  2. If there is no file, then check the log file /var/log/maillog to see what went wrong.
  3. If you can see a file in the /home/firstname/Maildir/new/ directory, then review the procedures on how you got the email server working (since you have performed many steps and set up many services).
  4. Refer to the diagram at the top of this lab. Which services have you currently set up? Record your findings in your lab Logbook.

Viewing Received Mail Message on VM3 VIA IMAP (Using Thunderbird)

Finally, we will set up the IMAP server so we can read email. The current way we have configured our mail server on our VM3 machine should allow all the email for anyaccount@yoursenecaid.org should be delivered to our vm3 machine. We will set up Dovecot (with IMAP, IMAPS in the next lab) to get easy access to that email.

Perform the following steps:

  1. The configuration file for the Dovecot service (which is not the same thing as dovecot-lda) is: /etc/dovecot/dovecot.conf. Modify the protocols option so that Dovecot will work with IMAP connections, no POP3 or LMTP.
  2. Use the netstat command to confirm the service is listening, and use telnet on the host to confirm you can connect to it.
  3. If you can connect - it's now time to do something wrong, that is connect to our IMAP server using Thunderbird over an unencrypted connection.
  4. Edit the /etc/dovecot/conf.d/10-auth.conf file and set disable_plaintext_auth to no.
  5. Then edit the /etc/dovecot/conf.d/10-ssl.conf file and set ssl to yes.

    Note: This combination of parameters will allow your username and password to be sent over the internet in plain text, for anyone interested to look at. In the following lab we'll set up secure SMTP and IMAP connections, for now this is all we have time for.

  6. Try to connect to your IMAP server with Thunderbird by clicking on your Inbox.
  7. If nothing happens, then check the Thunderbird Activity Manager for any errors. If the connection is successful, you should see the Trash box appear below Inbox.
  8. Finally, send an email message from yoursenecaid@yoursenecaid.org to yoursenecaid@yoursenecaid.org using the Thunderbird application. The mail message should be sent without errors, and you should notice a Sent folder appear in the list. If all worked well, you should see your message arrive in the Inbox and you know that your configuration works correctly.


Record steps, commands, and your observations in this INVESTIGATION in your OPS335 lab log-book


COMPLETING THE LAB

Students should be prepared with all required commands (system information) displayed in a terminal (or multiple terminals) prior to calling the instructor for signoff.

Arrange evidence (command output) for each of these items on your screen, then ask your instructor to review them and sign off on the lab's completion:

Thunderbird with a message sent and received.
Thunderbird server configuration for your account.
Logs on vm2 and vm3 showing the message has been sent and received.


EXPLORATION QUESTIONS

  1. What is the purpose of the Dovecot package?
  2. What is the purpose of the mydestination parameter contained in the /etc/postfix/main.cf file?
  3. Why are IMAP and POP email servers placed on separate machines (vms)?
  4. What is the purpose of the mail_location parameter contained in the /etc/dovecot/conf.d/10-mail.conf file?