OPS335 Assignment 1 (1201)

From CDOT Wiki
Revision as of 09:19, 6 March 2012 by Rchan (talk | contribs) (Added March 6, 2012)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Objectives

You are an Internet email service provider using virtualization technology and has been charged with setting up two domains for two of your customers to exchange emails. The two domains are "ops335.org" and "[your-learnid].org".

Network set up

The following diagram is an illustration of the set up of the two email servers for the two domains:

Ops335-A1.png

  • Host Machine - This is host for the three virtual machines and act as the route/gateway and firewall for the virtual network.
  • VM1 - This is DNS server which is authoritative for the "ops335.org" and "[your-learnid].org" domains.
  • VM2 - This is the email server for the ops335.org domain running postfix. It also runs the IMAP service for users to access their email remotely.
  • VM3 - This is the email server for the [your-learnid].org domain running postfix. It also runs the IMAP service for users to access their email remotely.

Your Tasks

You ultimate goal is to make sure that users in both domains can send and receive email form each other. For example, if user A and B are users in the ops335.org domain and user X and Y are users in the [your-learnid].org domain, then A must be able to exchange email with user B, X, and Y. B must be able to exchange email with A, X, and Y, etc.

The maintain the proper security, SELinux must be enforced on each machine.

The following could be used as a check list for your task.

Configuation: Firewall protection

  • Configure the firewall on the route (the virtual machine host) to allow and forward only required traffic to go through.
  • Configure the firewall on each email server to allow only incoming IMAP/IMAPS and POP3/POP3S reqests for accessing users' mail box in each email server.
  • Configure the firewall on the DNS server to allow only incoming DNS traffics.

Configuration: Postfix and Dovecot

Postfix and Dovecot configuration on VM2

  • Configure postfix as the email server for the ops335.org domain
  • Configure dovecot as the IMAP server for users in the ops335.org domain

Postfix and Dovecot configuration on VM3

  • Configure postfix as the email server for the [your-learnid].org domain
  • Configure dovecot as the IMAP server for users in the [your-learnid].org domain

DNS configuration on VM1

This DNS server should be set up as the authoritative DNS server for the "ops335.org" and "[your-learnid].org" zones. Make the main configuration /etc/named.conf as short and simple as possible. All the zones file should be stored in the /var/named directory.

Testing

You must perform the following tests on both email server. Record the results for later submission.

On the email server

  • Use the telnet command to manually connect to port 143 to verify that you can login to the IMAP server with a valid user name and password.

On your host machine

  • Use the telnet command to manually connect to port 143 with the IMAP server's IP address. Verify that you can login to the IMAP server with a valid user name and password.

On another host machine

  • Use the telnet command to mannully connect to port 143 with your host's IP address. Verify that you can login to the IMAP server with a valid user name and password.
  • Use an email client program (e.g. Thunderbird) to connect to the IMAP with the appropriate configuration. Verify that you can login to the IMAP server with a valid user name and password and are able to retrieve email from the user's mail box.
  • Send a email to a user of the other domain and verify that the user received your email.

User Guide

  • Create a user guide with appropriate information to help your customer to configure an IMAP client (e.g. Thunderbird) to access their email remotely.

To complete your assignment

Once you have everything working properly, record the following information and put them into a PDF file with proper title page, index page and section heading. Your PDF file should contain the following sections:

Network Information

Run the ifconfig command each machine (host, vm1, vm2, and vm3) and record the output. Indicate clearly the machine name for each recorded output.

Firewall configuration

Run the command "iptables-save -c" on each machine.

DNS Server configuration and Zone information

Record the contents of the file /etc/named.conf on the DNS server and all the zone files in the /var/named directory. Include the file name as the sub-heading.

SELinux Configuration

Record any changes you make to the SELinux runtime options. Include the machine identification as the sub-heading.

Postfix configuration

Record any changes you make to the default settings for Postfix. Include the machine identification as the sub-heading (VM2 and VM3).

Dovecot configuration

Record any changes you make to the default settings for Dovecot. Include the machine identification as the sub-heading (VM2 and VM3).

User list and their email

List the name of the users you created for the ops335.org and [your-learnid].org domains. Each user should have at least received one email from user in their own domain and one email from user in the other domain. List the contents of each users mail box (/var/mail/username).

Mail log

On each mail server (VM2 and VM3), select at least five appropriate entries in /var/log/maillog that shows the successful transmission of mail messages between the two mail servers.

Please submit the PDF file to your professor by the due date. Please check with your professor on the method of submission.

Added March 6, 2012

When submitting your pdf file via email, please use the subject line "OPS335 A1" and name your pdf file as ops335-a1-[learnid].pdf, replace [learnid] with your actual learn account name.