Open main menu

CDOT Wiki β


OPS535 A2 201603

414 bytes removed, 20:04, 3 November 2020
Updating for online delivery
= Due Dates =
* This assignment worth 15% of your final grade.
* Due Date See blackboard for documentation: November 30th Wednesday, 2016 the due date.<!--* Important: You must be in the Lab on December 5th, 2016 the due date to present your systems in order to have your assignment marked unless it is for medical reason.-->
== Basic Services ==
Setup an Internet email system for your assigned DNS assignment Domain using the Virtual Machines in your assignment Virtual Network. Your Internet email system must provide the following functions at the minimum:
# * A SMTP email server (running postfix) that is capable of receiving and sending emails for users in your domain.# <!--** Users in your domain must be able to send emails to users in the same domain and users in other students' domains in the class.** Users in your domain must be able to receive emails from other email users (both in your domain and from other domains).-->** Users in your assignment domain must be able to send emails to users in the classsame domain and users in your lab domain (in theory, this would include any other domain).# ** Users in your domain must be able to receive emails from other email users (both in your lab domain or and from other domains).# <!--* An IMAP Access Agent (running dovecot) allowing users in your domain to remotely access their mail.** Users in your domain must be able to access/manage their mail box using IMAP(s) clients or a web browser.--># * You email server must be configured to check the SPF (sender policy framework) of other domains for incoming email and reject email emails that are violating the sender policy.# * Configure your DNS pri-dns server to implement and provide the SPF protection for your assignment domain.* Configure your pri-dns server to implement and provide the DNSSEC records for your assignment domain.**Provide the administrator for your top domain (The one on your host) with a copy of the DS key for your assignment domain. If you have not already done so, include the glue record as well.**Configure a DNSSEC Trust Anchor so that your co-nfs server considers your top-domain server (the one with the <yourname>.ops zone) to already be authenticated.
== Supporting Services ==
You need the following services and network infrastructure to support your Internet Email System(some of which should have been configured in assignment 1):# A * Pri-dns must be the primary DNS name server for your assignment domain with the proper MX record(s), SPF record(s), A record(s), and A PTR record(s). It must be queriable by any machine.# Proper static network routes to and from other Email servers in **Provide the administrator of the Lab<yourname>.# An IMAP/IMAPS server running on one of ops domain with glue records for your virtual machinesdomain.# Two Web Mail servers running on two separated virtual machines. You need to store the users' mail on * Co-nfs must be a NFS caching DNS server so that both web mail servers can access the users' mail boxes. This will allow your email users , accessible to use any one of machines in your two web mail servers. (If you are short on timenetworks, one web server that will be accepted.)# Make your domain visible on forward traffic to the Lab's network. Please check the wiki site server for the root hint file and/or the top level name servers' IP<yourname>.# Update ops domain (your DNS server info on the wiki site as well. URL of the wiki site: . If you have trouble editing the wiki pagehost), please send an email then to your professorrns-ldap.# A root name * Rns-ldap must be a forwarding server for delegating domains to their corresponding registrantsonly. # A working LDAP server for storing email user account information**It must only be queriable by your co-nfs. If you are not using LDAP, you **It must at least use NIS to centralize all your email user accountshave a copy of the root-hints zone<!--== BONUS ==# Optional: Use LDAP authentication to secure your web mail serveror Access Agent. (Bonus item +10%) # Optional: Enable DNSSEC on your root name server, primary DNS server, caching DNS server Implement dynamic firewall rules to block black-listed IP addresses of email spammer. (Bonus item +10%)-->
= Evaluation =
==Part 1: Documentation (7 points)Script==<!--Your documentation should have enough detail to guide a CNS graduate to replicate your Internet Email system (e.g. to perform a disaster recovery) on a Centos 7.x system. Please use your actual IP addresses and FQDN names in your documentation. The documentation should include at least, but not limited On the due date you will be tasked to, the followings:# All the steps required Add two new email users to setup up your Internet email systemdomain. (Keep notes when you setting up your web site)# A list Name of all the rpm packages requirednew users will be given in class.# A list send an email by one of all configuration files involved (especially for the DNS server and Postfix server).# A list of services needed new email users to support the operation.# Step by step procedure on how to add a other new email user to in your own domain.# Step by step procedure on how to send an email by one of the new email users to someone with an a designated user of other domain.# receive the reply email address outside from the designated user of your the other domain.# Sample email log entries query a record from another domain# query a record from another domain with dnssec information included.-->I will post a script to show blackboard that will capture your mail server has successfully delivered an outgoing email, accepting configuration and rejecting an incoming email with SPF checkslogs.# Sample email log entries You will run this script on your machines and upload the output to show that your mail server has successfully received an incoming emailblackboard.
==Part 2: Demonstration (3 points)==# Add a new email user to your domain.# send an email by the new email user to another user of other domain.# receive an email by the new email user replyed by another user of other domain. # Mail server log entries:## capture log entries to prove that your mail server has received email from users of other domain.## capture log entries to prove that your mail server has sent email to other users of other domain If you have any questions or need any clarification, please email your instructor by November 25, 2016at least one week before the posted due date.