第 1 頁 (共 1 頁)
Ubuntu 8.04 LTS
發表於 : 2008-07-01 17:42:14
由 schumi
apt-get install openssh-server
apt-get install bind
apt-get install dhcp3-server
apt-get install postfix clamav amavisd-new spamassassin spamc postfix-pcre
apt-get install libsasl2 sasl2-bin
apt-get install dovecot-pop3d dovecot-imapd
bind
發表於 : 2008-07-01 20:52:47
由 schumi
把 zone 加入 /etc/bind/named.conf.local
dhcp3-server
發表於 : 2008-07-01 20:56:19
由 schumi
把 Linux 當作 dhcp router的套件
先改 /etc/default/dhcp3-server
# On what interfaces should the DHCP server (dhcpd) serve DHCP requests?
# Separate multiple interfaces with spaces, e.g. "eth0 eth1".
INTERFACES="eth1"
設定檔在 /etc/dhcp3/dhcpd.conf
# option definitions common to all supported networks...
option domain-name "xxx";
option domain-name-servers 168.95.192.1, 168.95.1.1;
default-lease-time 3600;
max-lease-time 72000;
然後下面
# This is a very basic subnet declaration.
subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.100 192.168.1.199;
option routers 192.168.1.254;
}
完成之後 /etc/init.d/dhcp3-server restart
postfix+dovecot+SASL2
發表於 : 2008-07-01 21:08:21
由 schumi
#postfix
main.cf
mydestination = xxx.com.tw, xxx.com.tw, localhost.xxx.com.tw, localhost
relayhost =
mynetworks = 127.0.0.0/8, 192.168.1.0/24, xxx.xxx.xxx.xxx/32
#customized
always_bcc = maillog
mailbox_size_limit = 300000000
message_size_limit = 200000000
mynetworks_style = subnet
#amavis
content_filter = smtp-amavis:[127.0.0.1]:10024
#SPAM
smtpd_client_restrictions = permit_mynetworks, reject_unknown_sender_domain, reject_rbl_client sbl.spamhaus.org, reject_rbl_client bl.spamcop.net, reject_rbl_client xbl.spamhaus.org, reject_rhsbl_client dsn.rfc-ignorant.org
smtpd_sender_restrictions = reject_unknown_sender_domain
#SASL
smtpd_sasl_auth_enable = yes
smtpd_delay_reject=yes
smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated permit_auth_destination reject
smtpd_client_restrictions = permit_sasl_authenticated
broken_sasl_auth_clients = yes
smtpd_sasl_security_options = noanonymous
master.cf
smtp inet n - n - - smtpd
#amavis((-o前面要空白))
smtp-amavis unix - - - - 2 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
-o disable_dns_lookups=yes
-o max_use=20
127.0.0.1:10025 inet n - - - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_delay_reject=no
-o smtpd_client_restrictions=permit_mynetworks,reject
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o smtpd_data_restrictions=reject_unauth_pipelining
-o smtpd_end_of_data_restrictions=
-o mynetworks=127.0.0.0/8
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
-o smtpd_client_connection_count_limit=0
-o smtpd_client_connection_rate_limit=0
-o receive_override_options=no_header_body_checks,no_unknown_recipient_checks
下面找 pickup 加到下面(-o前面要空白)
-o content_filter=
-o receive_override_options=no_header_body_checks
-----------------------------------------------------------------------------------------------
#spamassassin
改 /etc/default/spamassassin
Spamasssassin autodetects optional components and will use them if they are present. This means that there is no need to configure dcc-client, pyzor and razor. The fine tuning of Spamassassin rules is beyond the scope of this guide. Please refer to the Spamassassin page. Edit /etc/default/spamassassin to activate the Spamassassin daemon change ENABLED=0 to:
ENABLED=1
然後 /etc/init.d/spamassassin restart
-----------------------------------------------------------------------------------------------
#amavis+anti-spam
修改(把前面註解拿掉) /etc/amavis/conf.d/15-content_filter_mode
@bypass_virus_checks_maps = (
\%bypass_virus_checks, \@bypass_virus_checks_acl, \$bypass_virus_checks_re);
@bypass_spam_checks_maps = (
\%bypass_spam_checks, \@bypass_spam_checks_acl, \$bypass_spam_checks_re);
修改 /etc/amavis/conf.d/20-debian_defaults
$final_spam_destiny = D_DISCARD;
然後 /etc/init.d/amavis restart
-----------------------------------------------------------------------------------------------
#dovecot
/etc/dovecot/dovecot.conf
Protocal = pop3 imap
mail_location = mbox:~/mail:INBOX=/var/spool/mail/%u
disable_plaintext_auth = no
/etc/init.d/dovecot start
-----------------------------------------------------------------------------------------------
#SASL2
warning: --update given but /var/run/saslauthd does not exist
* To enable saslauthd, edit /etc/default/saslauthd and set START=yes
照做, 去編輯 /etc/default/saslauthd 然後把 START=no 改成yes
接者啟動 sasl2
/etc/init.d/saslauthd start
addgroup postfix sasl
postfix 方面的設定
/etc/postfix/sasl 底下要新增一個smtpd.conf
內容
pwcheck_method: saslauthd
mech_list:plain login
ntop
發表於 : 2008-07-21 13:40:15
由 schumi
apt-get install ntop
ntop –set-admin-password
http://your.ip:3000
修改 iptable的設定, 只讓內部網路可以利用port 3000, 用網頁瀏覽器看 ntop的統計圖表
/etc/iptables -A INPUT -i eth0 -p tcp --dport 3000 -j DROP
Ubuntu 8.04 預設值
https://xxx.xxx.xxx.xxx:4413/
設定密碼
ntop --set-admin-password=password
rsync
發表於 : 2008-08-29 13:43:22
由 schumi
apt-get install xinetd
nano /etc/xinetd.d/rsync
# default: off
# description: The rsync server is a good addition to am ftp server, as it \
# allows crc checksumming etc.
代碼: 選擇全部
service rsync
{
disable = no
socket_type = stream
wait = no
user = root
server = /usr/bin/rsync
server_args = --daemon
log_on_failure += USERID
}
/etc/init.d/xinetd restart
webmin
發表於 : 2009-01-13 14:03:13
由 yehlu
mysql-server
php5-cli
php5-mysql
php5-gd
unzip
nmap
mod-php5
openssl
libauthen-pam-perl
libio-pty-perl
libmd5-perl
libnet-ssleay-perl
webmin dpkg -i webmin_1.441_all.deb
SASL LOGIN authentication failed: generic failure
發表於 : 2010-09-08 21:34:40
由 yehlu
1./etc/postfix/main.cf
代碼: 選擇全部
#SASL
smtpd_sasl_auth_enable = yes
smtpd_delay_reject=yes
smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated permit_auth_destination reject
smtpd_client_restrictions = permit_sasl_authenticated
broken_sasl_auth_clients = yes
smtpd_sasl_security_options = noanonymous
2./etc/postfix/master.cf
smtp inet n - - - - smtpd
代碼: 選擇全部
smtp inet n - n - - smtpd
3./etc/postfix/sasl/smtpd.conf
代碼: 選擇全部
pwcheck_method: saslauthd
mech_list:plain login
Re: ntop
發表於 : 2012-02-13 16:43:22
由 steven
schumi 寫:apt-get install ntop
ntop –set-admin-password
http://your.ip:3000
修改 iptable的設定, 只讓內部網路可以利用port 3000, 用網頁瀏覽器看 ntop的統計圖表
/etc/iptables -A INPUT -i eth0 -p tcp --dport 3000 -j DROP
Ubuntu 8.04 預設值
https://xxx.xxx.xxx.xxx:4413/
設定密碼
ntop --set-admin-password=password
http://wenku.baidu.com/view/eb25aa660b1 ... 7b40b.html <===NTOP安装手册
ntop -d -b -i eth0 <===更換監測網卡
maillog 都收到2封一樣的信
發表於 : 2012-12-25 17:36:43
由 yehlu
http://serverfault.com/questions/18707/ ... -forwarded
修改 vi /etc/postfix/master.cf
將
-o receive_override_options=no_header_body_checks,no_unknown_recipient_checks
改為
-o receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_address_mappings