OPS345 Lab 6: Difference between revisions

From Littlesvr Wiki
Jump to navigation Jump to search
Line 14: Line 14:


* Create a new VM, similar to the www VM you created earlier. Make sure that it:
* Create a new VM, similar to the www VM you created earlier. Make sure that it:
** Is in vpc-ops345 (where no public IP address should be assigned by default)
** Is in '''vpc-ops345''' (where no public IP address should be assigned by default)
** Has the IP address 10.3.45.12
** Has the IP address '''10.3.45.12'''
** Gets an extra 4GB EBS volume, not to be deleted automatically if the VM is deleted
** Gets an extra '''4GB EBS''' volume, not to be deleted automatically if the VM is deleted
** Is in a new security group named ops345sgemail, which will allow SSH acccess from the router only and SMTP access from anywhere
** Is in a new security group named '''ops345sgemail''', which will allow SSH acccess from the router only and SMTP access from anywhere
** Name the new instance: email
** Name the new instance: '''email'''


*Create a new VM named 'email' in vpc-ops345, 10.3.45.12, with an extra 4GB EBS volume, ops345sgemail, email.asmith15.ops345.ca
*Create a new VM named 'email' in vpc-ops345, 10.3.45.12, with an extra 4GB EBS volume, ops345sgemail, email.asmith15.ops345.ca

Revision as of 07:07, 8 March 2022

THIS PAGE IS A DRAFT, NOT READY FOR USE YET

In this lab we'll start working with email. It's an ancient concept, but it's still relied on for most business communication. New and exciting messaging platforms come and go, but email has been around for decades and isn't going anywhere soon.

Email services components

Originally there was only one "email" protocol: SMTP. It was designed to address, route, and receive messages for a destination user on a destination server. Later an extra couple of protocols (POP3 and IMAP) were developed so that people wouldn't have to read their email on the command-line on the SMTP server. Now there are many components, making a powerful, reliable, but complex system. Here's a simplified diagram of what typically happens when you send an email to someone else:

Email-servers.png

By the end of this course you should be familiar enough with all these components to be able to speak about them comfortably.

We'll set up an SMTP server in this lab and an IMAP server in the next lab.

email VM

  • Create a new VM, similar to the www VM you created earlier. Make sure that it:
    • Is in vpc-ops345 (where no public IP address should be assigned by default)
    • Has the IP address 10.3.45.12
    • Gets an extra 4GB EBS volume, not to be deleted automatically if the VM is deleted
    • Is in a new security group named ops345sgemail, which will allow SSH acccess from the router only and SMTP access from anywhere
    • Name the new instance: email
  • Create a new VM named 'email' in vpc-ops345, 10.3.45.12, with an extra 4GB EBS volume, ops345sgemail, email.asmith15.ops345.ca
  • ssh only from ops345sgprivate
  • add an iptables rule on router to forward port 2212 to email:22, don't forget to edit ops345sg
  • email_public_ip
  • add A record for email now since it will take some time to propagate
  • add MX email.asmith15.ops345.ca.[1]
  • test on router first, records are cached for 60 minutes. test on www second, email third, finally make sure it works on the workstation
  • same instructions as for vg_www-lv_www but vg_email-lv_email, mounted on /home
  • but also mount it on /tmp/home, and move everything from /home to /tmp/home before rebooting
    • can lose access to ssh key if don't do it right - see what happens if mount on /home without
[root@email ~]# vi /etc/fstab 
[root@email ~]# mount /home/
[root@email ~]# ls /home/
lost+found
# try to ssh now, it won't work
[root@email ~]# umount /home/
[root@email ~]# mkdir /tmp/home
[root@email ~]# mount /dev/mapper/vg_email-lv_email /tmp/home/
[root@email ~]# cd /home/
[root@email home]# ls -a
.  ..  andrew
[root@email home]# mv andrew/ /tmp/home/
[root@email home]# cd /
[root@email /]# ls /home/
[root@email /]# ls /tmp/home/
andrew  lost+found
[root@email /]# umount /tmp/home/
[root@email /]# ls /tmp/home/
[root@email /]# ls /home/
[root@email /]# mount /home/
[root@email /]# ls -a /home/andrew/
.  ..  .bash_history  .bash_logout  .bash_profile  .bashrc  .ssh
[root@email /]# reboot
  • Confirm confirm can still log in. if not: have to rebuild email vm
  • The LV on a separate storage device is as valuable as the www LV. If the Vm is lost or damaged: EBS device is still there, and it's also easier to back up.
  • connect to myseneca email using thunderbird on linux mint
  • postfix is installed by default, but only used for localhost
  • instal dovecot to get dovecot-lda
  • /etc/postfix/main.cf:
    • mydomain = asmith15.ops345.ca
    • myorigin = $mydomain
    • inet_interfaces = all
    • mydestination include mydomain
  • restart postfix
  • ss -atnp
  • add access to port 25 from anywhere in ops345sgemail
  • test using telnet from workstation
  • send email from myseneca to asmith15@asmith15.ops345.ca
  • check /var/log/maillog
  • check ~/
  • check /var/mail
  • /etc/postfix/main.cf: mailbox_command = /usr/libexec/dovecot/dovecot-lda -f "$SENDER" -a "$RECIPIENT"
  • /etc/dovecot/conf.d/10-mail.conf: mail_location = maildir:~/Maildir
  • check /var/mail
  • check ~/
  • server can now receive email. cannot send reliably yet, and need to set up dovecot for imap (next lab)
  • create an alias for root: andrew, run newaliases