Monday, March 10, 2003 04:41:06

Mail Server dibelakang NAT Firewall

Article and tutorial that related to Linux Operating System  
Bagaimana jika sebuah jaringan dengan gateway router slackware 8.1 hardisk minim, sehingga gak punya space buat menampung sebuah mailserver?. Tentu dengan adanya keterbatasan tersebut kita tidak boleh berkecil hati.
Kondisi
=====
Router : Slackware 8.1
Hardisk Minim (pas cuma sisa buat log)
MailServer : Slackware 8.1 (IP local, Hardisk Gede)
Domain : pocongsakti.mu
Kerja
=====
Pindah direktori aktif anda ke /usr/local/src
[Sun Mar  9][04:29am][root@projects.pocongsakti.mu][/home/nukemafia]
 1 => cd /usr/local/src/

Sekarang coba download source postfix (liat di http://www.postfix.org/download.html)
[Sun Mar  9][05:24am][root@projects.pocongsakti.mu][/usr/local/src]
 2 => wget -c ftp://ftp.cbn.net.id/mirror/postfix-release/official/postfix-2.0.6-20030305.tar.gz

[Sun Mar  9][05:31am][root@projects.pocongsakti.mu][/usr/local/src]
 3 => tar -zxvf postfix-2.0.6-20030305.tar.gz

[Sun Mar  9][05:34am][root@projects.pocongsakti.mu][/usr/local/src]
 4 => cd postfix-2.0.6-20030305

Kompilasi
=========

[Sun Mar  9][05:38am][root@projects.pocongsakti.mu][/usr/local/src/postfix-2.0.6-20030305]
 6 => make

Bikin user dan groups yang ngejalanin postfix
[Sun Mar  9][05:43am][root@projects.pocongsakti.mu][/usr/local/src/postfix-2.0.6-20030305]
 7 => groupadd -g 80 postfix
[Sun Mar  9][05:46am][root@projects.pocongsakti.mu][/usr/local/src/postfix-2.0.6-20030305]
 8 => groupadd -g 81 postdrop
[Sun Mar  9][05:46am][root@projects.pocongsakti.mu][/usr/local/src/postfix-2.0.6-20030305]
 9 => useradd -g 81 -d /dev/null -s /bin/false -c Postfix postfix
[Sun Mar  9][05:47am][root@projects.pocongsakti.mu][/usr/local/src/postfix-2.0.6-20030305]
 10 => useradd -g 81 -d /dev/null -s /bin/false -c Postdrop postdrop

sekarang lakukan instalasi
[Sun Mar  9][05:49am][root@projects.pocongsakti.mu][/usr/local/src/postfix-2.0.6-20030305]
 11 => make install

eh ada pilihan, mo pilih yang mana?? udah pakek yang default aja :p
Please specify the prefix for installed file names. Specify this ONLY
if you are building ready-to-install packages for distribution to other
machines.
install_root: [/]

Please specify a directory for scratch files while installing Postfix. You
must have write permission in this directory.
tempdir: [/usr/local/src/postfix-2.0.6-20030305]

Please specify the destination directory for installed Postfix
configuration files.
config_directory: [/etc/postfix]
Please specify the destination directory for installed Postfix daemon
programs. This directory should not be in the command search path of
any users.
daemon_directory: [/usr/libexec/postfix]

Please specify the destination directory for installed Postfix
administrative commands. This directory should be in the command search
path of adminstrative users.
command_directory: [/usr/sbin]

Please specify the destination directory for Postfix queues.
queue_directory: [/var/spool/postfix]

Please specify the full destination pathname for the installed Postfix
sendmail command. This is the Sendmail-compatible mail posting interface.
sendmail_path: [/usr/sbin/sendmail]

Please specify the full destination pathname for the installed Postfix
newaliases command. This is the Sendmail-compatible command to build
alias databases for the Postfix local delivery agent.
newaliases_path: [/usr/bin/newaliases]
Please specify the full destination pathname for the installed Postfix
mailq command. This is the Sendmail-compatible mail queue listing command.
mailq_path: [/usr/bin/mailq]

Please specify the owner of the Postfix queue. Specify an account with
numerical user ID and group ID values that are not used by any other
accounts on the system.
mail_owner: [postfix]

Please specify the group for mail submission and for queue management
commands. Specify a group name with a numerical group ID that is
not shared with other accounts, not even with the Postfix mail_owner
account. You can no longer specify "no" here.
setgid_group: [postdrop]

Please specify the destination directory for the Postfix on-line manual
pages. You can no longer specify "no" here.
manpage_directory: [/usr/local/man]

Please specify the destination directory for the Postfix sample
configuration files.
sample_directory: [/etc/postfix]
Please specify the destination directory for the Postfix README
files. Specify "no" if you do not want to install these files.
readme_directory: [no]

Oke sekarang instalasi udah selesai. tinggal bikin config nya aja.

Konfigurasi
===========

Pindah direktori dulu ke /etc/postfix
[Sun Mar  9][05:51am][root@projects.pocongsakti.mu][/usr/local/src/postfix-2.0.6-20030305]
 12 => cd /etc/postfix/

Edit file /etc/postfix/main.cf dengan pico atau vi
[Sun Mar  9][05:58am][root@projects.pocongsakti.mu][/etc/postfix]
 13 => pico main.cf

myhostname = projects.pocongsakti.mu
mydomain = pocongsakti.mu
inet_interfaces = all
mydestination = $myhostname, localhost.$myhostname, $mydomain
mynetworks_style = subnet
mynetworks = 192.168.1.0/24, 127.0.0.0/8, 202.46.80.113/28, 202.143.102.113/28
relay_domains = $mydestination
alias_maps = hash:/etc/postfix/aliases, nis:mail.aliases
alias_database = hash:/etc/postfix/aliases

selesai!!! sekarang loe edit file /etc/postfix/aliases
[Sun Mar  9][06:15am][root@projects.pocongsakti.mu][/etc/postfix]
 14 => pico aliases

bikin file aliases
[Sun Mar  9][06:16am][root@projects.pocongsakti.mu][/etc/postfix]
 15 => echo "root: nukemafia" > /etc/aliases

Ganti nukemafia dengan user account anda, lalu bikin database buat aliases
[Sun Mar  9][06:32am][root@projects.pocongsakti.mu][/etc/postfix]
 16 => newaliases

sekarang coba kita jalanin postfix nya
[Sun Mar  9][06:33am][root@projects.pocongsakti.mu][/etc/postfix]
 17 => postfix start
postfix/postfix-script: starting the Postfix mail system

Okee... cek ada eror gak ??
[Sun Mar  9][06:45am][root@projects.pocongsakti.mu][/etc/postfix]
 18 => tail -f /var/log/maillog
Mar  9 06:46:27 projects postfix/postfix-script: starting the Postfix mail system
Mar  9 06:46:27 projects postfix/master[13744]: daemon started -- version 2.0.6-20030305

[Sun Mar  9][06:49am][root@projects.pocongsakti.mu][/etc/postfix]
 19 => ps awux |grep post
root     13744  0.0  1.1  2540  708 ?        S    06:46   0:00 /usr/libexec/postfix/master
postfix  13745  0.0  1.0  1992  620 ?        S    06:46   0:00 pickup -l -t fifo -u
postfix  13746  0.0  1.0  2028  664 ?        S    06:46   0:00 qmgr -l -t fifo -u
root     13774  0.0  0.7  1404  464 pts/6    S    06:54   0:00 grep post
[Sun Mar  9][06:54am][root@projects.pocongsakti.mu][/etc/postfix]

Masih kurang yakin postfix nya jalan, cobain yang ini deh :P~
[Sun Mar  9][06:54am][root@projects.pocongsakti.mu][/etc/postfix]
 20 => telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 projects.pocongsakti.mu ESMTP Postfix


Okeh... udah kan... sekarang coba kirim email

[Sun Mar  9][06:58am][root@projects.pocongsakti.mu][/etc/postfix]
 22 => dmesg |mail root@projects.pocongsakti.mu

cek di log file nya
[Sun Mar  9][06:58am][root@projects.pocongsakti.mu][/etc/postfix]
 23 => tail -f /var/log/maillog
Mar  9 06:58:26 projects postfix/pickup[13745]: 2063A32B: uid=0 from=
Mar  9 06:58:26 projects postfix/cleanup[13784]: 2063A32B: message-id=<20030308235825.2063A32B@projects.pocongsakti.mu>
Mar  9 06:58:26 projects postfix/qmgr[13746]: 2063A32B: from=, size=7219, nrcpt=1 (queue active)
Mar  9 06:58:26 projects postfix/local[13786]: warning: dict_nis_init: NIS domain name not set - NIS lookups disabled
Mar  9 06:58:26 projects postfix/local[13786]: 2063A32B: to=, orig_to=,
Postfix udah terinstalasi, sekarang tinggal mengarahin firewall bila ada koneksi ke port smto di arahin ke iplokal mailserver

ssh dulu ke router firewall

[Sun Mar  9][07:01am][root@projects.pocongsakti.mu][/etc/postfix]
 24 => ssh root@comdex.byte.or.id
root@comdex.byte.or.id's password:
Last login: Sun Mar  9 00:13:09 2003 from 192.168.1.125

root@comdex:~# iptables -t nat -A PREROUTING -p tcp -d 202.46.80.125 --dport smtp -j DNAT --to 192.168.1.125:25

Set MX domain anda

mx.pocongsakti.mu. IN A 202.46.80.125
projects.pocongsakti.mu. IN MX 0 mx.pocongsakti.mu

[Sun Mar  9][07:07am][root@projects.pocongsakti.mu][/etc/postfix]
 25 => host -t mx projects.pocongsakti.mu
projects.pocongsakti.mu mail is handled by 0 mx.pocongsakti.mu.
[Sun Mar  9][07:07am][root@projects.pocongsakti.mu][/etc/postfix]
 26 => host mx.pocongsakti.mu
mx.pocongsakti.mu has address 202.46.80.125

Wassalam

Catatan:
Tulisan asli nukemafia dapat dilihat disini


Permalink logo del.icio.usadd to del.icio.us | view as pdfview as pdf