932
edits
Changes
m
# Optional: Configure a DNSSEC Trust Anchor so that your co-nfs server considers the .ops server to already be authenticated. I will provide the key necessary for this through blackboard. (Bonus item +10%)# Optional: Enable postfix restrictions to reject malformed or suspicious incoming mail (Bonus item - up to +10% depending on quality of configuration)<!-- # Optional: Implement dynamic firewall rules to block black-listed IP addresses of email spammer. (Bonus item +10%) -->
→Supporting Services
= Due Dates =
* This assignment worth 15% of your final grade.
* Due Date: December August 6th, 20182019* Important: You must be in the Lab on December 6th, 2018 the due date to present your systems in order to have your assignment marked unless it is for medical reason.
=Specification=
== Basic Services ==
Setup an Internet email system for your assigned DNS Domain using the Virtual Machines in your Virtual Network. Your Internet email system must provide the following functions at the minimum:
* A SMTP email server (running postfix) that is capable of receiving and sending emails for users in your domain.** Users in your domain must be able to send emails to users in the same domain and users in other students' domain domains in the class.** Users in your domain must be able to receive emails from other email users (both in your domain or and from other domains).* An IMAP Access Agent (running dovecot) allowing users in your domain to remotely access their mail.** Users in your domain must be able to access/manage their mail box using IMAP(s) clients or a web browser.* You email server must be configured to check the SPF (sender policy framework) of other domains for incoming email and reject email emails that are violating the sender policy.
* Configure your DNS server to implement and provide the SPF protection for your domain.
* Configure your DNS server to implement and provide the DNSSEC records for your domain.
**Provide the administrator for the .ops domain (your professor) with a copy of the DS key for your domain.
**Configure a DNSSEC Trust Anchor so that your co-nfs server considers the .ops server to already be authenticated. I will provide the key necessary for this through blackboard.
== Supporting Services ==
You need the following services and network infrastructure to support your Internet Email System (some of which should have been configured in assignment 1):
* A Pri-dns must be the primary DNS name server for your domain with the proper MX record(s), SPF record(s), A record(s), and PTR record(s). It must be queriable by any machine.**Update Provide the administrator of the .ops domain (your professor) with glue records for your domain.* Co-nfs must be a caching DNS server info on , accessible to machines in your networks, that will forward traffic to the wiki site as well. URL of server for the wiki site: http://zenitops domain (172.senecac16.on19.ca/wiki/index1), then to your rns-ldap.php/Domainreg * Rns-ldap must be a forwarding server only. If you have trouble editing the wiki page, please send an email to **It must only be queriable by your professorco-nfs.**Provide the administrator It must have a copy of the .ops domain (your professor) with either glue records or a stub root-hints zone definition.
* Proper static network routes to and from other Email servers in the Lab.
<!--
== BONUS ==
# Optional: Use LDAP authentication to secure your web mail server or Access Agent. (Bonus item +10%)
= Evaluation =
