Open main menu

CDOT Wiki β

OPS535 A2 201603

Revision as of 18:12, 9 November 2018 by Peter.callaghan (talk | contribs) (Fixing a typo)

Due Dates

  • This assignment worth 15% of your final grade.
  • Due Date for documentation: August 10, 2018
  • Important: You must be in the Lab on August 9, 2018 to present your systems in order to have your assignment marked unless it is for medical reason.

Specification

Basic Services

Setup an Internet email system for your assigned DNS Domain using the Virtual Machines in your Virtual Network. Your Internet email system must provide the following functions at the minimum:

  • A SMTP email server that is capable of receiving and sending emails for users in your domain.
    • Users in your domain must be able to send emails to users in the same domain and users in other students' domain in the class.
    • Users in your domain must be able to receive emails from other email users (both in your domain or from other domains).
  • An IMAP Access Agent allowing users in your domain to remotely access their mail.
    • Users in your domain must be able to access/manage their mail box using IMAP(s) clients or a web browser.
  • You email server must be configured to check the SPF (sender policy framework) of other domains for incoming email and reject email that are violating the sender policy.
  • Configure your DNS server to implement and provide the SPF protection for your domain.
  • Configure your DNS server to implement and provide the DNSSEC records for your domain.
    • Provide the administrator for the .ops domain (your professor) with a copy of the DS key for your domain.

Supporting Services

You need the following services and network infrastructure to support your Internet Email System (some of which should have been configured in assignment 1):

  • A primary DNS name server for your domain with the proper MX record(s), SPF record(s), A record(s), and PTR record(s).
    • Update your DNS server info on the wiki site as well. URL of the wiki site: http://zenit.senecac.on.ca/wiki/index.php/Domainreg . If you have trouble editing the wiki page, please send an email to your professor.
    • Provide the administrator of the .ops domain (your professor) with either glue records or a stub zone definition.
  • Proper static network routes to and from other Email servers in the Lab.

BONUS

  1. Optional: Use LDAP authentication to secure your web mail server or Access Agent. (Bonus item +10%)
  2. Optional: Configure a DNSSEC Trust Anchor so that your co-nfs server considers the .ops server to already be authenticated. I will provide the key necessary for this through blackboard. (Bonus item +10%)
  3. Optional: Enable postfix restrictions to reject malformed or suspicious incoming mail (Bonus item - up to +10% depending on quality of configuration)

Evaluation

Part 1: Documentation (7 points)

Your documentation should have enough detail to guide a CNS graduate to replicate your Internet Email system (e.g. to perform a disaster recovery) on a Centos 7.x system. Please use your actual IP addresses and FQDN names in your documentation. The documentation should include at least, but not limited to, the followings:

  1. All the steps required to setup up your Internet email system. (Keep notes when you setting up your web site)
  2. A list of all the rpm packages required.
  3. A list of all configuration files involved (especially for the DNS server and Postfix server).
  4. A list of services needed to support the operation.
  5. Step by step procedure on how to add a new email user to your domain.
  6. Step by step procedure on how to send an email to someone with an email address outside of your domain.
  7. Sample email log entries to show that your mail server has successfully delivered an outgoing email, accepting and rejecting an incoming email with SPF checks.
  8. Sample email log entries to show that your mail server has successfully received an incoming email.

Part 2: Demonstration (3 points)

  1. Add two new email users to your domain. Name of the new users will be given in class.
  2. send an email by one of the new email users to the other new email user in your own domain.
  3. send an email by one of the new email users to a designated user of other domain.
  4. receive the reply email from the designated user of the other domain.
  5. Mail server log entries:
    1. capture log entries to prove that your mail server has received reply email from the designated user of the other domain.
    2. capture log entries to prove that your mail server has sent email to the designated user of other domain
    3. capture log entries to prove that your mail server has received a new email from the designated user of the other domain.
    4. capture log entries to prove that your mail server has sent an reply email to the designated user of the other domain.
  6. Put the following information to a text file:
    1. the email between the two new email users,
    2. the email to the designated user of the other domain,
    3. the reply email from the designated user of the other domain,
    4. the new email from the designated user of the other domain,
    5. the reply email to the designated user of the other domain, and
    6. all mail log entries mentioned.

Name the text file as "ops535-a2-demo-report-[Seneca-Id].txt" and upload it to blackboard on the evaluation date.

If you have any questions or need any clarification, please email your instructor at least one week before the posted due date.