running freebsd with sendmail and qpopper

Wed Dec 3 18:53:39 PST 2003

> Like me. So there's at least two of us on the list who need this info. 
> Speaking personally with some prior help I can now email within the box, 
> i.e. id1 can email id2 who can then reply back to id1. However going the 
> next step, receiving email from a remote server and sending email out to 
> the internet is something I have no clue how to do. Don't even know how to 
> start, and the stab I made at following tutorials found by googling got me 
> nowhere at breakneck speed. Not that I'm complaining but you did ask. :)
> 

First off, email relies very heavily on the DNS infrastructure of the
Internet. DNS or Domain Name Service is what resolves a name, such as
www.freebsd.org to it's IP address. Although it is technically possible
to bypass the name for a mail server to get your messages to their
destination, it is not proper, and many mail systems will not allow it
(especially ones that use virtual domains). 

ie. In some cases, you could send a mail message to steve at 192.168.0.1,
and if the server is listening for incoming mail (sendmail) then it may
pick it up and deliver it to a local user.

Now, further into DNS, a computer must know how to find a mail server
within a domain. When I send a message to fbsd-questions at freebsd.org,
this is what happens:

- I send a message to questions at freebsd.org from my laptop to my smtp
server (most would use one their ISP supplied, such as mail.isp.com)
- the smtp server does a reverse name lookup in DNS to find out if the
IP that sent the mail is allowed to relay mail to the remote destination
through it. Reverse lookup is the opposite of resolving names, it is the
process of resolving an IP to a name. You can try this with the  #dig
command:
# dig -x your.ip.here
Likewise, you can use dig to resolve a name as well:
# dig www.freebsd.org
- next after the server verifies that you are allowed to relay, it looks
in DNS for a Mail Exchange record (MX) of the domain you are trying to
send the message to:
# dig mx freebsd.org
- once your smtp server finds the IP for the mail exchanger for the
domain, it sends the message to it
- the remote server acknowledges the incoming message, says thanks to
the sending server and shuts down the connection
- the recipient mail server looks in certain tables and/or files to
locate which user the mail actually goes to and delivers it.

For a quick and dirty setup on a FreeBSD box, here are the steps: (I
hope I don't miss any). They assume the following:

- your domain name is example.com, and will only be used for
sending/receiving mail on an internal network
- your mail server is somehow connected to the Internet, and will be
used as an smtp server for the client computers on your network (as you
probably use your ISP s servers now
- your internal network IP scheme is 192.168.0.0/24 (or 255.255.255.0)
- the IP of your mail server is 192.168.0.10
- your default gateway for your network is 192.168.0.1
- your ip of your client computer is 192.168.0.25
- your mail server name is mail.example.com
- your client computer name is client.example.com
- your mail server will back as a qpopper and DNS server for the network
- you are not overly concerned about high security, as this is just an
example to get you up and going
- you are running as the superuser

1> Set up DNS on the server
# cd /etc/namedb
# chmod 744 make-localhost
# ./make-localhost
# ee named.conf
Add the following to the bottom of the file:

zone "example.com" {
        type master;
        file "example.com.zone";
        allow-update { none; };
};

Then, up near the top of the file, make the following changes to this
section:

# Remove the // from this line:
//      forward only;

# and remove the /* and the */ from this section, and change the
127.0.0.1 to the IP address of your ISP DNS server:
/*
        forwarders {
                127.0.0.1;
        };
*/

Now create a zone file for this zone:

# ee /etc/namedb/example.com.zone

Add the following information to this empty file:

--- start clip here ---

$TTL 360      ; Default cached time to live for all records

example.com.	IN      SOA     ns.example.com. admin at example.com.
			(
                                2003120401; Serial
                                172800  ; Refresh every 2 days
                                3600    ; Retry every hour
                                1728000 ; Expire every 20 days
                                172800 ); Minimum 2 days

@	IN      NS	ns.example.com.

; Set the Mail Exchange record

@       IN MX   10      mail.example.com.

ns	IN A		192.168.0.10
mail	IN A		192.168.0.10
client	IN A		192.168.0.25
router  IN A		192.168.0.1

--- end clip ---

Now, tell your name server to look to itself for resolution of names:

# echo "search example.com" > /etc/resolv.conf
# echo "nameserver 127.0.0.1" >> /etc/resolv.conf

Now go configure your windows or whatever client computers to use
192.168.0.10 as it's DNS server.

2> Start the nameserver and load it at startup:
# /usr/sbin/named

Now, add the following 2 lines to your /etc/rc.conf file:

named_enable="YES"
named_program="/usr/sbin/named"

3> Configure sendmail
# cd /etc/mail
# echo "example.com" > relay-domains
# echo "example.com" > local-host-names
# echo "192.168.0 RELAY" > access

4> Reload sendmail
# kill -HUP `cat /var/run/sendmail.pid`
or just reboot

5> Add some users on the mail server
# man adduser

6> Install qpopper
# cd /usr/ports/mail/qpopperpop3 stream tcp nowait root
/usr/local/libexec/qpopper qpopper -R -s -c -T 300
# make install clean

# ee /etc/inetd.conf
Add the following line under the existing pop3 line in this file. Keep
the existing one commented. (Note that if the mail line break breaks the
line, it should be on a single line when entered in the file)

pop3 stream tcp nowait root /usr/local/libexec/qpopper qpopper -R -s -c
-T 300

7> Reload inetd
# kill -HUP `cat /var/run/inetd.pid`
or just reboot

8> Try sending the user an email (whilst logged into the server console
or ssh)

# mail -s "This is a test" user at example.com
# This is the body of the message. The last line in a command
# line mail will always be the '.' character to denote the end
# of a message
# .

9> Check to see if sendmail delivered it to the users mailbox.
# ll /var/mail | grep user

If his file has more than 0 bytes in it, then he's got mail.

10> Configure your client machine to check email
You can set up a new account in outlook or evolution, mozilla or what
have you, just configure it with the account name the same as the user
name, and the pop3 and smtp servers both as mail.example.com. This will
resolve because as described in section 1, you have already configured
this machine to look to your DNS server, who has authority to resolve
the example.com domain.

11> Check && send email
If you receive email for this user into the account, then thank god -- I
didn't overlook anything, and you didn't miss any small things in this
howto.

Now, using your main (real, outside) email account, send a message back
to this list to tell us that things are working.(Don't forget to change
the smtp server to the new box first)

YOU WILL NOT be able to send email to the outside world from the new
test account, as when it gets to us, we will respond to someone who
honestly owns the domain, which won't be you.

Please advise on any errors or omissions. All of this was done from
memory (well, almost all).

Cheers,

Steve

> Marty Landman   Face 2 Interface Inc 845-679-9387
> Sign On Required: Web membership software for your site
> Make a Website: http://face2interface.com/Home/Demo.shtml
> 
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
-- 

Steve Bertrand
President/CTO,
Northumberland Network Services

t: 905.352.2688
w: www.northnetworks.ca