OPS335 A1 Summer 2013
Objectives
You are an Internet email service provider using virtualization technology and has been charged with setting up two domains for two of your customers to exchange emails. The two domains are "ops335.org" and "<my-learnid>.org".
Network set up
The following diagram is an illustration of the set up of the two email servers for the two domains:
- Host Machine - This is host for the three virtual machines and act as the route/gateway and firewall for the virtual network.
- VM1 - This is the DNS server which is authoritative for the "ops335.org" and "<my-learnid>.org" domains.
- VM2 - This is the email server for the ops335.org domain running postfix. It also runs the IMAP service for users to access their email remotely.
- VM3 - This is the email server for the <my-learnid>.org domain running postfix. It also runs the IMAP service for users to access their email remotely.
Your Tasks
Your ultimate goal is to make sure that users in both domains can send and receive email from each others. For example, if user A and B are users in the ops335.org domain and user X and Y are users in the [my-learnid].org domain, then user A must be able to exchange email with users B, X, and Y. User B must be able to exchange email with A, X, and Y, etc.
To maintain the proper security, SELinux must be enforced on each machine.
The following could be used as a check list for your tasks.
Configuation: Firewall protection
- Configure the firewall on the router (the virtual machine host) to allow and forward only required traffic to go through.
- Configure the firewall on each email server to allow SMTP, IMAP/IMAPS and POP3/POP3S packets.
- Configure the firewall on the DNS server to allow DNS traffic.
Configuration: Postfix and Dovecot
Postfix and Dovecot configuration on VM2
- Configure postfix as the email server for the ops335.org domain
- Configure dovecot as the IMAP server for users in the ops335.org domain
Postfix and Dovecot configuration on VM3
- Configure postfix as the email server for the <my-learnid>.org domain
- Configure dovecot as the IMAP server for users in the <my-learnid>.org domain
DNS configuration on VM1
This DNS server should be set up as the authoritative DNS server for the "ops335.org" and "<my-learnid>.org" zones. Make the main configuration /etc/named.conf as simple as possible. All the zones file should be stored in the /var/named directory.
Testing
You must perform the following tests on both email servers. Record the results for later submission.
For the email server
- Use the telnet command to manually connect to port 143 to verify that you can login to the IMAP server with a valid user name and password.
For your host machine
- Use the telnet command to manually connect to port 143 with the IMAP server's IP address. Verify that you can login to the IMAP server with a valid user name and password.
On another host machine
- Use the telnet command to manually connect to port 143 with your host's IP address. Verify that you can login to the IMAP server with a valid user name and password.
- Use an email client program (e.g. Thunderbird) to connect to your IMAP servers with the appropriate configuration. Verify that you can login to your IMAP servers with a valid user name and password and are able to retrieve email from the user's mail box.
- Send a email to a user of the other domain and verify that the user received your email.
User Guide
- Create a user guide with appropriate information to help your customer to configure an IMAP client (e.g. Thunderbird) to access their email.
To complete your assignment
Once you have everything working properly, record the following information and put them into a PDF file with proper title page, index page and section heading. Your PDF file should contain the following sections:
Network Information
Run the ifconfig command on each machine (host, vm1, vm2, and vm3) and record the output. Indicate clearly the machine name for each recorded output.
Firewall configuration
Run the command "iptables-save -c" on each machine.
DNS Server configuration and Zone information
Record the contents of the file /etc/named.conf on the DNS server and all the zone files in the /var/named directory. Include the file name as the sub-heading.
SELinux Configuration
Record any changes you make to the SELinux runtime options. Include the machine identification as the sub-heading.
Postfix configuration
Record any changes you make to the default settings for Postfix. Include the machine identification as the sub-heading (VM2 and VM3).
Dovecot configuration
Record any changes you make to the default settings for Dovecot. Include the machine identification as the sub-heading (VM2 and VM3).
User list and their email
List the name of the users you created for the ops335.org and <my-learnid>.org domains. Each user should have at least received one email from user in their own domain and one email from user in the other domain. List the contents of each users mail box (/var/mail/username).
Mail log
On each mail server (VM2 and VM3), select at least five appropriate entries in /var/log/maillog that shows the successful transmission of mail messages between the two mail servers.
Please submit the PDF file to your professor by the due date. Please check with your professor on the method of submission.
When submitting your pdf file via email, please use the subject line "OPS335 A1" and name your pdf file as ops335-a1-<learnid>.pdf, replace <learnid> with your actual learn account name.