Mudanças entre as edições de "Projeto Integrador - 2013.1 - PC Telecom"
Linha 11: | Linha 11: | ||
==Iniciada configuração do script do configurador do DNS== | ==Iniciada configuração do script do configurador do DNS== | ||
+ | '''08/07/2013''' - Segundo dia de Projeto | ||
+ | |||
+ | ---- | ||
+ | ==Realizado as instalações do DNS== | ||
+ | |||
+ | No servidor: | ||
+ | |||
+ | apt-get install bind9 | ||
+ | apt-get install bind9utils: | ||
+ | |||
+ | zone "pctelecom.sj.ifsc.edu.br" { | ||
+ | type master; | ||
+ | file "/etc/bind/zones/aula.zone"; | ||
+ | }; | ||
+ | # Zona reversa | ||
+ | zone "37.135.200.in-addr.arpa" { | ||
+ | type master; | ||
+ | file "/etc/bind/zones/rev.37.135.200.in-addr.arpa"; | ||
+ | }; | ||
+ | |||
+ | mkdir /etc/bind/zones; | ||
+ | |||
+ | vi /etc/bind/zones/aula.zone | ||
+ | |||
+ | @ IN SOA ns1.pctelecom.sj.ifsc.edu.br. admin.ns1.pctelecom.sj.ifsc.edu.br. ( | ||
+ | 2011091401 ; Serial | ||
+ | 28800 ; Refresh | ||
+ | 3600 ; Retry | ||
+ | 604800 ; Expire | ||
+ | 38400 ) ; Default TTL | ||
+ | NS ns1.pctelecom.sj.ifsc.edu.br. | ||
+ | NS ns2.pctelecom.sj.ifsc.edu.br. | ||
+ | MX 10 mta.pctelecom.sj.ifsc.edu.br. | ||
+ | IN A 192.168.0.1 | ||
+ | $ORIGIN pctelecom.sj.ifsc.edu.br. | ||
+ | ns1 IN A 200.135.37.98 | ||
+ | ns2 IN A 200.135.37.98 | ||
+ | mta IN A 200.135.37.98 | ||
+ | www IN A 200.135.37.98 | ||
+ | web IN CNAME www | ||
+ | |||
+ | vi /etc/bind/zones/rev.37.135.200.in-addr.arpa | ||
+ | |||
+ | $ORIGIN 37.135.200.in-addr.arpa. | ||
+ | @ IN SOA ns1.pctelecom.sj.ifsc.edu.br. admin.ns1.pctelecom.sj.ifsc.edu.br. ( | ||
+ | 2011091401; | ||
+ | 28800; | ||
+ | 604800; | ||
+ | 604800; | ||
+ | 86400 ) | ||
+ | IN NS ns1.pctelecom.sj.ifsc.edu.br. | ||
+ | IN NS ns2.pctelecom.sj.ifsc.edu.br. | ||
+ | 98 IN PTR ns1.pctelecom.sj.ifsc.edu.br. | ||
+ | 98 IN PTR ns2.pctelecom.sj.ifsc.edu.br. | ||
+ | 98 IN PTR mta.pctelecom.sj.ifsc.edu.br. | ||
+ | 98 IN PTR www.pctelecom.sj.ifsc.edu.br. | ||
+ | |||
+ | Na filial: | ||
+ | // secundario (slave) do dominio delegado | ||
+ | zone "subdominio.pctelecom.sj.ifsc.edu.br" IN { | ||
+ | type slave; | ||
+ | file "slave/slave.subdominio.examplo.com.br"; | ||
+ | masters {10.0.0.4;}; | ||
+ | |||
+ | |||
+ | ==Realizado as instalações do SMTP== | ||
+ | |||
+ | apt-get install postfix mailutils | ||
+ | |||
+ | vi /etc/postfix/main.cf | ||
+ | |||
+ | smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) | ||
+ | biff = no | ||
+ | append_dot_mydomain = no | ||
+ | readme_directory = no | ||
+ | mydestination = $myhostname, localhost.$mydomain, localhost | ||
+ | relayhost = | ||
+ | mynetworks = 127.0.0.0/8 10.0.2.0/24 | ||
+ | mailbox_size_limit = 0 | ||
+ | recipient_delimiter = + | ||
+ | inet_interfaces = all | ||
+ | inet_protocols = ipv4 | ||
+ | alias_database = hash:/etc/aliases | ||
+ | alias_maps = hash:/etc/aliases | ||
+ | myhostname = mta.exemplo.com.br | ||
+ | mydomain = exemplo.com.br | ||
+ | myorigin = $mydomain | ||
+ | mydestination = $myhostname, localhost, $mydomain | ||
+ | home_mailbox = Maildir/ | ||
+ | message_size_limit = 10240000 | ||
+ | body_checks = regexp:/etc/postfix/block_words | ||
+ | |||
+ | vi /etc/postfix/block words | ||
+ | |||
+ | /(.*)viagra(.*)/ REJECT [COD#01] | ||
+ | /(.*)penis(.*)/ REJECT [COD#02] | ||
+ | |||
+ | mailbox_command = | ||
+ | smtpd_sasl_local_domain = | ||
+ | smtpd_sasl_auth_enable = yes | ||
+ | smtpd_sasl_security_options = noanonymous | ||
+ | broken_sasl_auth_clients = yes | ||
+ | smtpd_recipient_restrictions = permit_sasl_authenticated,\ | ||
+ | permit_mynetworks,reject_unauth_destination | ||
+ | /ˆReceived:/ HOLD | ||
+ | |||
+ | vi /etc/postfix/sasl/smtpd.conf | ||
+ | |||
+ | pwcheck_method: saslauthd | ||
+ | mech_list: plain login | ||
+ | |||
+ | touch smtpd.key | ||
+ | chmod 600 smtpd.key | ||
+ | openssl genrsa 1024 > smtpd.key | ||
+ | openssl req -new -key smtpd.key -x509 -days 3650 -out smtpd.crt | ||
+ | openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out \ | ||
+ | cacert.pem -days 3650 | ||
+ | sudo mv smtpd.key /etc/ssl/private/ | ||
+ | sudo mv smtpd.crt /etc/ssl/certs/ | ||
+ | sudo mv cakey.pem /etc/ssl/private/ | ||
+ | sudo mv cacert.pem /etc/ssl/certs/ | ||
+ | |||
+ | smtp_tls_security_level = may | ||
+ | smtpd_tls_security_level = may | ||
+ | smtpd_tls_auth_only = no | ||
+ | smtp_tls_note_starttls_offer = yes | ||
+ | smtpd_tls_key_file = /etc/ssl/private/smtpd.key | ||
+ | smtpd_tls_cert_file = /etc/ssl/certs/smtpd.crt | ||
+ | smtpd_tls_CAfile = /etc/ssl/certs/cacert.pem | ||
+ | smtpd_tls_loglevel = 1 | ||
+ | smtpd_tls_received_header = yes | ||
+ | smtpd_tls_session_cache_timeout = 3600s | ||
+ | tls_random_source = dev:/dev/urandom | ||
+ | |||
+ | apt-get libsasl2-2 | ||
+ | apt-get sasl2-bin | ||
+ | apt-get libsasl2-modules | ||
+ | |||
+ | vi /var/spool/postfix/var/run/saslauthd | ||
+ | |||
+ | vi /etc/default/saslauthd | ||
+ | START=yes | ||
+ | PWDIR="/var/spool/postfix/var/run/saslauthd" | ||
+ | PARAMS="-m ${PWDIR}" | ||
+ | PIDFILE="${PWDIR}/saslauthd.pid" | ||
+ | OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd" | ||
+ | |||
+ | dpkg-statoverride –force –update –add root sasl 755 | ||
+ | /var/spool/postfix/var/run/saslauthd | ||
+ | /etc/init.d/saslauthd start | ||
+ | |||
+ | $ telnet localhost 25 | ||
+ | $ ehlo localhost | ||
+ | $ quit | ||
+ | |||
+ | apt-get install courier-imap | ||
+ | apt-get install courier-imap-ssl | ||
+ | |||
+ | $ telnet localhost imap | ||
+ | $ imap login root senha | ||
+ | $ ˆ] |
Edição das 22h13min de 9 de julho de 2013
08/07/2013 - Primeiro dia de Projeto
Equipe
- Andrey
- Daniel
- Deivid
- Leandro
- Hyowatha
Iniciada configuração do script do configurador do DNS
08/07/2013 - Segundo dia de Projeto
Realizado as instalações do DNS
No servidor:
apt-get install bind9 apt-get install bind9utils:
zone "pctelecom.sj.ifsc.edu.br" { type master; file "/etc/bind/zones/aula.zone"; };
- Zona reversa
zone "37.135.200.in-addr.arpa" { type master; file "/etc/bind/zones/rev.37.135.200.in-addr.arpa"; };
mkdir /etc/bind/zones;
vi /etc/bind/zones/aula.zone
@ IN SOA ns1.pctelecom.sj.ifsc.edu.br. admin.ns1.pctelecom.sj.ifsc.edu.br. ( 2011091401 ; Serial 28800 ; Refresh 3600 ; Retry 604800 ; Expire 38400 ) ; Default TTL NS ns1.pctelecom.sj.ifsc.edu.br. NS ns2.pctelecom.sj.ifsc.edu.br. MX 10 mta.pctelecom.sj.ifsc.edu.br. IN A 192.168.0.1 $ORIGIN pctelecom.sj.ifsc.edu.br. ns1 IN A 200.135.37.98 ns2 IN A 200.135.37.98 mta IN A 200.135.37.98 www IN A 200.135.37.98 web IN CNAME www
vi /etc/bind/zones/rev.37.135.200.in-addr.arpa
$ORIGIN 37.135.200.in-addr.arpa. @ IN SOA ns1.pctelecom.sj.ifsc.edu.br. admin.ns1.pctelecom.sj.ifsc.edu.br. ( 2011091401; 28800; 604800; 604800; 86400 ) IN NS ns1.pctelecom.sj.ifsc.edu.br. IN NS ns2.pctelecom.sj.ifsc.edu.br. 98 IN PTR ns1.pctelecom.sj.ifsc.edu.br. 98 IN PTR ns2.pctelecom.sj.ifsc.edu.br. 98 IN PTR mta.pctelecom.sj.ifsc.edu.br. 98 IN PTR www.pctelecom.sj.ifsc.edu.br.
Na filial: // secundario (slave) do dominio delegado zone "subdominio.pctelecom.sj.ifsc.edu.br" IN { type slave; file "slave/slave.subdominio.examplo.com.br"; masters {10.0.0.4;};
Realizado as instalações do SMTP
apt-get install postfix mailutils
vi /etc/postfix/main.cf
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) biff = no append_dot_mydomain = no readme_directory = no mydestination = $myhostname, localhost.$mydomain, localhost relayhost = mynetworks = 127.0.0.0/8 10.0.2.0/24 mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = all inet_protocols = ipv4 alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases myhostname = mta.exemplo.com.br mydomain = exemplo.com.br myorigin = $mydomain mydestination = $myhostname, localhost, $mydomain home_mailbox = Maildir/ message_size_limit = 10240000 body_checks = regexp:/etc/postfix/block_words
vi /etc/postfix/block words
/(.*)viagra(.*)/ REJECT [COD#01] /(.*)penis(.*)/ REJECT [COD#02]
mailbox_command = smtpd_sasl_local_domain = smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous broken_sasl_auth_clients = yes smtpd_recipient_restrictions = permit_sasl_authenticated,\ permit_mynetworks,reject_unauth_destination /ˆReceived:/ HOLD
vi /etc/postfix/sasl/smtpd.conf
pwcheck_method: saslauthd mech_list: plain login
touch smtpd.key chmod 600 smtpd.key openssl genrsa 1024 > smtpd.key openssl req -new -key smtpd.key -x509 -days 3650 -out smtpd.crt openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out \ cacert.pem -days 3650 sudo mv smtpd.key /etc/ssl/private/ sudo mv smtpd.crt /etc/ssl/certs/ sudo mv cakey.pem /etc/ssl/private/ sudo mv cacert.pem /etc/ssl/certs/
smtp_tls_security_level = may smtpd_tls_security_level = may smtpd_tls_auth_only = no smtp_tls_note_starttls_offer = yes smtpd_tls_key_file = /etc/ssl/private/smtpd.key smtpd_tls_cert_file = /etc/ssl/certs/smtpd.crt smtpd_tls_CAfile = /etc/ssl/certs/cacert.pem smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes smtpd_tls_session_cache_timeout = 3600s tls_random_source = dev:/dev/urandom
apt-get libsasl2-2 apt-get sasl2-bin apt-get libsasl2-modules
vi /var/spool/postfix/var/run/saslauthd
vi /etc/default/saslauthd START=yes PWDIR="/var/spool/postfix/var/run/saslauthd" PARAMS="-m ${PWDIR}" PIDFILE="${PWDIR}/saslauthd.pid" OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd"
dpkg-statoverride –force –update –add root sasl 755 /var/spool/postfix/var/run/saslauthd /etc/init.d/saslauthd start
$ telnet localhost 25 $ ehlo localhost $ quit
apt-get install courier-imap apt-get install courier-imap-ssl
$ telnet localhost imap $ imap login root senha $ ˆ]