Set up Postfix to remove / change specific headers within emails that pass through their systems. The most common use for this is to set up a relaying server that will remove any reference of where source emails originated and relevant information about the sender's computer. Another useful application for this …
Postfix Domain Keys Identified Mail - DKIM
[cc lang="bash"]
\$ apt-get install dkim-filter
\$ vi /etc/default/dkim-filter
\$ vi /etc/dkim-filter.conf
\$ vi /etc/postfix/dk.domains
\$ dkim-genkey -s mail -d jokeru.ro
\$ mv mail.private /etc/postfix/dk.key
\$ vi /etc/postfix/dk.sign
\$ service dkim-filter restart
\$ vi /etc/postfix/main.cf
\$ service postfix restart
\$ cat mail …
IPSec Transport Mode with Manual Keys
Server_1 - 192.168.1.1
$ apt-get install ipsec-tools
$ cat <<'EOF' > /etc/ipsec-tools.conf
#!/usr/sbin/setkey -f
## Flush the SAD and SPD
## SAD = Security Association Database
## SPD = Security Policy Database
flush;
spdflush;
## AH = Authentication Header
## AH SAs using 128 bit long keys - dd if=/dev/random count=16 bs=1 …Bandwidth test using Iperf
Iperf is a simple client/server tool that you can use to test the bandwidth between 2 linux devices.
For our setup we'll consider the following:
Server = 10.20.30.40
Client = 50.60.70.80
on Server
$ apt-get install iperf
$ iperf -s
on Client
$ apt-get install iperf
$ iperf -c …IPIP Tunnel
IPIP kind of tunnels is the simplest one. It has the lowest overhead, but can incapsulate only IPv4 unicast traffic, so you will not be able to setup OSPF, RIP or any other multicast-based protocol. You can setup only one tunnel for unique tunnel endpoints pair. It can work with …
GRE Tunnel
GRE tunnels can incapsulate IPv4/IPv6 unicast/multicast traffic, so it is de-facto tunnel standard for dynamic routed networks. You can setup up to 64K tunnels for an unique tunnel endpoints pair. It can work with FreeBSD and cisco IOS. Kernel module is 'ip_gre'.
The following setup will configure a …
Relay mails from Server 1 through Server 2
Server 1 (Postfix) - 10.20.30.40
$ vi /etc/postfix/main.cf # add: relayhost = 50.60.70.80
$ service postfix reload
Server 2 (Postfix) - 50.60.70.80
$ vi /etc/postfix/main.cf # update: mynetworks = 127.0.0.1/8, 10.20.30.40/32
$ service postfix reload
Postfix monitoring with pflogsumm
[cc lang="bash"]
\$ apt-get install pflogsumm bsd-mailx
\$ vi /etc/logrotate.conf
\$ vi /etc/postfix/daily_report.sh
\$ chmod +x /etc/postfix/daily_report.sh
\$ crontab -e
[/cc]
/etc/logrotate.conf
[cc lang="bash"]
.....
/var/log/mail.log {
missingok
daily
rotate 7
create
compress
start 0
}
[/cc]
/etc/postfix/daily_report.sh
[cc lang …
Mail Server - Postfix with Virtual Domains & Users (MySQL)
$ apt-get install postfix postfix-mysql mailutils
# @ Postfix Configuration - No configuration
$ echo 'mail.jokeru.ro' > /etc/mailname
$ vi /etc/postfix/main.cf
$ vi /etc/aliases
$ newaliases
$ vi /etc/postfix/mysql-virtual_domains.cf
$ vi /etc/postfix/mysql-virtual_mailboxes.cf
$ vi /etc/postfix/mysql-virtual_forwardings.cf
$ vi /etc/postfix/mysql-virtual_email2email.cf
$ chmod o= /etc/postfix/mysql-virtual_*.cf …MySQL create new DB and User
Setup
mysql> CREATE DATABASE pinky;
Query OK, 1 row affected (0.00 sec)
mysql> CREATE USER 'pinky_user'@'localhost' IDENTIFIED BY 'p1nk1';
Query OK, 0 rows affected (0.00 sec)
mysql> GRANT ALL PRIVILEGES ON pinky.* TO 'pinky_user'@'localhost';
Query OK, 0 rows affected (0.00 sec)
Cleanup
mysql> DROP USER …