Difference between revisions of "OPS535 A2 201603"

From CDOT Wiki
Jump to: navigation, search
(Part 2: Demonstration (3 points))
(Supporting Services)
Line 28: Line 28:
 
# Optional: Use LDAP authentication to secure your web mail server. (Bonus item +10%)
 
# Optional: Use LDAP authentication to secure your web mail server. (Bonus item +10%)
 
# Optional: Enable DNSSEC on your root name server, primary DNS server, caching DNS server (Bonus item +10%)
 
# Optional: Enable DNSSEC on your root name server, primary DNS server, caching DNS server (Bonus item +10%)
 +
# Optional: Implement dynamic firewall rules to block black-listed IP addresses of email spammer. (Bonus item +10%)
  
 
= Evaluation =
 
= Evaluation =

Revision as of 01:08, 16 November 2016

Due Dates

  • This assignment worth 15% of your final grade.
  • Due Date for documentation: November 30th Wednesday, 2016
  • Important: You must be in the Lab on December 5th, 2016 to present your systems in order to have your assignment marked unless it is for medical reason.

Specification

Basic Services

Setup an Internet email system for your assigned DNS Domain using the Virtual Machines in your Virtual Network. Your Internet email system must provide the following functions at the minimum:

  1. A SMTP email server that is capable of receiving and sending emails for users in your domain.
  2. Users in your domain must be able to send emails to users in the same domain and users in other students' domain in the class.
  3. Users in your domain must be able to receive emails from other email users (both in your domain or from other domains).
  4. Users in your domain must be able to access/manage their mail box using IMAP(s) clients or a web browser.
  5. You email server must be configured to check the SPF (sender policy framework) for incoming email and reject email that are violating the sender policy.
  6. Configure your DNS server to implement and provide the SPF protection for your domain

Supporting Services

You need the following services and network infrastructure to support your Internet Email System:

  1. A primary DNS name server for your domain with the proper MX record(s), SPF record(s), and A record(s).
  2. Proper static network routes to and from other Email servers in the Lab.
  3. An IMAP/IMAPS server running on one of your virtual machines.
  4. Two Web Mail servers running on two separated virtual machines. You need to store the users' mail on a NFS server so that both web mail servers can access the users' mail boxes. This will allow your email users to use any one of your two web mail servers. (If you are short on time, one web server will be accepted.)
  5. Make your domain visible on the Lab's network. Please check the wiki site for the root hint file and/or the top level name servers' IP.
  6. Update your DNS server info on the wiki site as well. URL of the wiki site: http://zenit.senecac.on.ca/wiki/index.php/Domainreg . If you have trouble editing the wiki page, please send an email to your professor.
  7. A root name server for delegating domains to their corresponding registrants.
  8. A working LDAP server for storing email user account information. If you are not using LDAP, you must at least use NIS to centralize all your email user accounts.
  9. Optional: Use LDAP authentication to secure your web mail server. (Bonus item +10%)
  10. Optional: Enable DNSSEC on your root name server, primary DNS server, caching DNS server (Bonus item +10%)
  11. Optional: Implement dynamic firewall rules to block black-listed IP addresses of email spammer. (Bonus item +10%)

Evaluation

Part 1: Documentation (7 points)

Your documentation should have enough detail to guide a CNS graduate to replicate your Internet Email system (e.g. to perform a disaster recovery) on a Centos 7.x system. Please use your actual IP addresses and FQDN names in your documentation. The documentation should include at least, but not limited to, the followings:

  1. All the steps required to setup up your Internet email system. (Keep notes when you setting up your web site)
  2. A list of all the rpm packages required.
  3. A list of all configuration files involved (especially for the DNS server and Postfix server).
  4. A list of services needed to support the operation.
  5. Step by step procedure on how to add a new email user to your domain.
  6. Step by step procedure on how to send an email to someone with an email address outside of your domain.
  7. Sample email log entries to show that your mail server has successfully delivered an outgoing email, accepting and rejecting an incoming email with SPF checks.
  8. Sample email log entries to show that your mail server has successfully received an incoming email.

Part 2: Demonstration (3 points)

  1. Add a new email user to your domain.
  2. send an email by the new email user to another user of other domain.
  3. receive an email by the new email user replyed by another user of other domain.
  4. Mail server log entries:
    1. capture log entries to prove that your mail server has received email from users of other domain.
    2. capture log entries to prove that your mail server has sent email to other users of other domain

If you have any questions or need any clarification, please email your instructor by November 25, 2016