You are not logged in.
Hi,
I'm trying to set up an email server on a LAN from scratch, and I'm stuck at a few points....I know there are a lot of tutos on the net but I couldn't find one aimed at beginners for a LAN, and couldn't adapt an existing one to my needs.
My goal would be to make my own (internet) mail server, but I don't want to buy anything before fully understand how this works...
From what I read here and there for the first step I need to install and configure bind (no other choices?) to set the MX records.
1) At some point I should add in /etc/named.conf something like
zone "mydomain.com" {
type master;
allow-transfer {any;} ;
file "/etc/bind/db.mydomain.com";
};
Instead of "mydomain.com", can I put anything? Am I right in thinking that I can put in /etc/hosts
192.168.1.10 mail.omicron-domain.com
and then replace "mydomain.com" by "mail.omicron-domain.com" in /etc/named.conf ? Does it actually matter that I put ".com" since I'm on LAN?
2 ) Then I sould edit /etc/bind/db.mydomain.com with something like :
; TTL (Time To Live)
$TTL 604800
; General
@ IN SOA mail.omicron-domain.com. (
2 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ 10800 IN MX 10 mail.omicron-domain.com.
I omitted to put two mail servers as I read in most of the tutorials because I just don't have enought computers at home to test it. I guess this should be working provided that the only mail server does not go down?
How can I actually test if this is working?
Does it mean that the mail server also acts as a dns server?
Not to forgot anything, I think I also should replace in /etc/rc.conf my hostname with "mail.omicron-domain.com".
Any help appreciated !
Last edited by John0000 (2012-05-09 13:02:20)
Offline
Firstly, this post is more about DNS/bind/MX records than mail servers, so changing your thread subject might help get more assistance.
My goal would be to make my own (internet) mail server, but I don't want to buy anything before fully understand how this works...
So you want to accept incoming mail from the whole internet? Or just internally to your LAN?
From what I read here and there for the first step I need to install and configure bind (no other choices?) to set the MX records.
There are many DNS providers out there who can do this for you; trying to learn and setup DNS *and* Mail server at the same time is likely to be overwhelming. It might help to use a free provider for DNS while you learn and setup the Mail server, then come back to learning DNS once you've got that sorted.
1) At some point I should add in /etc/named.conf something like
zone "mydomain.com" { type master; allow-transfer {any;} ; file "/etc/bind/db.mydomain.com"; };
Instead of "mydomain.com", can I put anything?
Well yes, but you need to have bought whatever domain you want to use. You then need to "delegate" you domain thru your domain registrar. This lets other computers on the internet know where to find your DNS server, to be able to resolve DNS records using it.
Am I right in thinking that I can put in /etc/hosts
192.168.1.10 mail.omicron-domain.com
and then replace "mydomain.com" by "mail.omicron-domain.com" in /etc/named.conf ? Does it actually matter that I put ".com" since I'm on LAN?
/etc/hosts is only for YOUR computer. It has nothing to do with bind.
You can use .com on your LAN without a problem; just make sure you're bought that .com so that it's "yours" and you're not "stealing" someone else's.
2 ) Then I sould edit /etc/bind/db.mydomain.com with something like :
; TTL (Time To Live) $TTL 604800 ; General @ IN SOA mail.omicron-domain.com. ( 2 ; Serial 604800 ; Refresh 86400 ; Retry 2419200 ; Expire 604800 ) ; Negative Cache TTL ; @ 10800 IN MX 10 mail.omicron-domain.com.
Yes, you also need an A record for mail.omicron-domain.com. to map the address to an IP address.
mail A 192.168.1.1
The TTL (10800 in your example) and the "IN" are optional these days when writing a RR in a bind zone file.
I omitted to put two mail servers as I read in most of the tutorials because I just don't have enought computers at home to test it. I guess this should be working provided that the only mail server does not go down?
There is no reason you MUST have 2 mail servers. As you've said, it just means mail will be delayed if your primary server goes down. These days I usually recommend against having more than 1 since backup mail servers are usually unable to implement the same level of anti-spam filtering, and spammers know that so they often dump all their spam onto your backup mail server, but that's a topic for another thread.
Are you familiar with our Forum Rules, and How To Ask Questions The Smart Way?
BlueHackers // fscanary // resticctl
Offline
This is a bit out of date now but worth checking out.
Linux Reality podcast - now defunct but all episodes still available.
Simple home mail server episode 061.
http://archive.org/search.php?query=cre … ate&page=2
edit:typo..
Last edited by bergersau (2012-05-08 11:23:23)
Offline
Thx for the answers. I'm going to check this episode
Ok so I reformulate : I want to create a lan email server, so that I understand the full process (DNS, postfix, dovecot..., security with iptables rules) before going 'live' and buying a real domain.
Well yes, but you need to have bought whatever domain you want to use
Well if I'm on lan then I don't have to buy anything yet right?
Here is the zone I created
$TTL 7200
; omicron.tld
@ IN SOA ns.omicron.tld. root.omicron.tld. (
18 ; Serial
28800 ; Refresh
1800 ; Retry
604800 ; Expire - 1 week
86400 ) ; Minimum
IN NS ns
ns IN A 192.168.1.159
@ 10800 IN MX 10 mail1
I beleive it is correct because when I do
dig @127.0.0.1 omicron.tld MX
I get
;; ANSWER SECTION:
omicron.tld. 10800 IN MX 10 mail1.omicron.tld.
;; AUTHORITY SECTION:
omicron.tld. 7200 IN NS ns.omicron.tld.
;; ADDITIONAL SECTION:
ns.omicron.tld. 7200 IN A 192.168.1.159
Is it the correct way of checking this works?
Finally, last question, is the only thing I have to do with the other computers on the LAN is changing /etc/resolv.conf with
nameserver 192.168.1.159
?
Offline
Well if I'm on lan then I don't have to buy anything yet right?
If you're just doing development and testing on your local network, then that is correct... For clarity though, I would use something outside of the "public" TLD's to prevent leakage and confusion... Looks like you've changed that in your zone file from .com to .tld already though. I use .pvt for internal networks.
Here is the zone I created
.............
I beleive it is correct because when I dodig @127.0.0.1 omicron.tld MX
I get
;; ANSWER SECTION: omicron.tld. 10800 IN MX 10 mail1.omicron.tld. ;; AUTHORITY SECTION: omicron.tld. 7200 IN NS ns.omicron.tld. ;; ADDITIONAL SECTION: ns.omicron.tld. 7200 IN A 192.168.1.159
You still need to add in a A record for mail1.... The "Additional" section should return the IP address(es) for that host.
For example, my work domain has 2 MX records (priority 10 and 20). The primary has an A record returned in the additional section, and the backup has an A and an AAAA record:
;; ANSWER SECTION:
mycompany.com.au. 3600 IN MX 20 backup-mx.mycompany.com.au.
mycompany.com.au. 3600 IN MX 10 primary-mx.mycompany.com.au.
<snip>
;; ADDITIONAL SECTION:
primary-mx.mycompany.com.au. 3600 IN A 59.xxx.xxx.38
backup-mx.mycompany.com.au. 3600 IN A 106.xxx.xxx.67
backup-mx.mycompany.com.au. 3600 IN AAAA 2400:8900::xxxx:xxxx:fe93:381a
(Yes, I know this goes against what I said earlier about multiple MX hosts, but I am able to replicate our anti-spam on both hosts )
Is it the correct way of checking this works?
Yes, correct way to test your DNS.
Finally, last question, is the only thing I have to do with the other computers on the LAN is changing /etc/resolv.conf with
nameserver 192.168.1.159
?
It should be.
Last edited by fukawi2 (2012-05-08 23:02:15)
Are you familiar with our Forum Rules, and How To Ask Questions The Smart Way?
BlueHackers // fscanary // resticctl
Offline
Hi !
Thanks for the clarifications, I added as well the A record for 'mail1'.
I finally managed to get it to work, I am able to read and recover mail with evolution from another computer on my lan.
I didn't do the part on reverse dns though, but I guess that will be mandatory if I put the server on the internet..
If anyone is interested my working file looks like this :
$TTL 7200
; omicron.tld
@ IN SOA ns.omicron.tld. root.omicron.tld. (
23 ; Serial
28800 ; Refresh
1800 ; Retry
604800 ; Expire - 1 week
86400 ) ; Minimum
NS ns
@ MX 10 mail1
localhost A 127.0.0.1
ns A 192.168.1.159
mail1 A 192.168.1.159
Offline
Glad you got it going
I didn't do the part on reverse dns though, but I guess that will be mandatory if I put the server on the internet..
It is a good idea to help avoid your mail being spammed. Once the server has a public address then the reverse DNS will be managed by your provider, unless you own a public /24 or larger (in which case you probably wouldn't be asking these questions )
Are you familiar with our Forum Rules, and How To Ask Questions The Smart Way?
BlueHackers // fscanary // resticctl
Offline