FreeBSD Step by Step 4.10

ee /root/.bashrc
PS1=”[u@h:w]# “
ee /home/scs/.bashrc
PS1=”[u@h:w]# “
cd /usr/ports/net/cvsup-without-gui
make && make install
cp /usr/share/examples/cvsup/standard-supfile /etc/standard-supfile
cp /usr/share/examples/cvsup/ports-supfile /etc/ports-supfile
cd /etc/
cvsup -g -L 2 standard-supfile -h cvsup4.freebsd.org
cvsup -g -L 2 ports-supfile -h cvsup4.freebsd.org
cd /usr/ports/lang/perl5.8
make && make install
cd /usr/src
make buildworld


# cd /usr/src/sys/i386/conf
# mkdir /root/kernels
# cp GENERIC /root/kernels/MYKERNEL  
# ln -s /root/kernels/MYKERNEL


# /usr/sbin/config MYKERNEL
Change into the build directory. config(8) will print the name of this directory after being run as above.


# cd ../compile/MYKERNEL
For FreeBSD versions prior to 5.0, use the following form instead:


# cd ../../compile/MYKERNEL
Compile the kernel.


# make depend
# make
Install the new kernel.


# make install
reboot
cd /usr/src
make installworld
cd /usr/ports/ftp/proftpd
make && make install

or use the FTP in inetd…works well too


ee /etc/inetd.conf


ftp     stream  tcp     nowait  root    /usr/libexec/ftpd       ftpd -l
#ftp    stream  tcp6    nowait  root    /usr/libexec/ftpd       ftpd -l
save changes


ps -ax | grep inetd
kill inetd process and restart it.

cd /usr/ports/www/apache13-modssl
make && make install


Unpack the ucspi-tcp package: 

     gunzip ucspi-tcp-0.88.tar

     tar -xf ucspi-tcp-0.88.tar

     cd ucspi-tcp-0.88

Compile the ucspi-tcp programs: 

     make

As root, install the ucspi-tcp programs under /usr/local: 

     make setup check


Installation daemontools
Create a /package directory: 
     mkdir -p /package

     chmod 1755 /package

     cd /package


Download daemontools-0.76.tar.gz into /package. Unpack the daemontools package: 
     gunzip daemontools-0.76.tar

     tar -xpf daemontools-0.76.tar

     rm daemontools-0.76.tar

     cd admin/daemontools-0.76


Compile and set up the daemontools programs: 
     package/install



Install Qmail
 
Now you can unpack the packages.
    cd /usr/local/src
    gunzip netqmail-1.05.tar.gz
    tar xpf netqmail-1.05.tar
    cd netqmail-1.05
    ./collate.sh  # watch for errors here
    cd ..

 


 
 
 
 
There should now be directories called /usr/local/src/netqmail-1.05
 
Create users and groups
The easiest way to create the necessary users and groups is to create a little script file to do it for you. In the source directory you’ll find a file called INSTALL.ids. It contains the command lines for many platforms, so copying the file to another name and editing that is quick and easy.
    cd /usr/local/src/netqmail-1.05/netqmail-1.05
    ee IDS, paste the following lines below
    pw groupadd nofiles
    pw useradd qmaild -g nofiles -d /var/qmail -s /nonexistent
    pw useradd alias -g nofiles -d /var/qmail/alias -s /nonexistent
    pw useradd qmaill -g nofiles -d /var/qmail -s /nonexistent
    pw useradd qmailp -g nofiles -d /var/qmail -s /nonexistent
    pw groupadd qmail
    pw useradd qmailq -g qmail -d /var/qmail -s /nonexistent
    pw useradd qmailr -g qmail -d /var/qmail -s /nonexistent
    pw useradd qmails -g qmail -d /var/qmail -s /nonexistent
Then to run it, either use chmod to make it executable or run it with sh:
First method:
    chmod 700 IDS
    ./IDS
When the script finishes, all of your users and groups will be created and you can go on to the next section. But what do you do if your system isn’t listed in INSTALL.ids? You’ll have to create them manually. Start by using your favorite editor and editing /etc/group. You need to add the following two lines to the end of the file:
    qmail:*:2107:
    nofiles:*:2108:

Next, using vipw (most systems have it, if not you’ll need to use your editor again but this time on /etc/passwd) add these lines to the end of the file:
    alias:*:7790:2108::/var/qmail/alias:/bin/true
    qmaild:*:7791:2108::/var/qmail:/bin/true
    qmaill:*:7792:2108::/var/qmail:/bin/true
    qmailp:*:7793:2108::/var/qmail:/bin/true
    qmailq:*:7794:2107::/var/qmail:/bin/true
    qmailr:*:7795:2107::/var/qmail:/bin/true
    qmails:*:7796:2107::/var/qmail:/bin/true
Do the build
Now you can start building qmail. Change to the /usr/local/src/netqmail-1.05/netqmail-1.05 directory and let’s get started:
    cd /usr/local/src/netqmail-1.05/netqmail-1.05
In the Verify Build Environment section, you located your C compiler. If it’s not called cc or the directory it resides in isn’t in your PATH environment variable, you’ll need to edit conf-cc and conf-ld. Say your compiler is gcc, and it’s in your PATH. Simply edit conf-cc and conf-ld and replace “cc” with “gcc”.
Now type the following:
    make setup check
After the build is complete, you’ll need to do your post installation configuration. A couple of scripts are provided to make this job a lot easier. For example, if your domain is example.com and the hostname of your computer is dolphin, your config-fast line would look like this:
    ./config-fast lists.domain.com
 
Install Qmail
 
*************************
Supervise scripts creation
*************************
ee /var/qmail/rc
#!/bin/sh
# Using stdout for logging
# Using control/defaultdelivery from qmail-local to deliver messages by default
exec env – PATH=”/var/qmail/bin:$PATH” 
qmail-start “`cat /var/qmail/control/defaultdelivery`”

*******************
ee /var/qmail/bin/qmailctl

Copy from 
http://www.lifewithqmail.org/qmailctl-script-dt70
***************************
Create Supervise Script Directories
mkdir -p /var/qmail/supervise/qmail-send/log
mkdir -p /var/qmail/supervise/qmail-smtpd/log
***************************
Qmail-smtpd Run
ee /var/qmail/supervise/qmail-smtpd/run
 
#!/bin/sh

QMAILDUID=`id -u qmaild`
NOFILESGID=`id -g qmaild`
MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
LOCAL=`head -1 /var/qmail/control/me`

if [ -z “$QMAILDUID” -o -z “$NOFILESGID” -o -z “$MAXSMTPD” -o -z “$LOCAL” ]; then
    echo QMAILDUID, NOFILESGID, MAXSMTPD, or LOCAL is unset in
    echo /var/qmail/supervise/qmail-smtpd/run
    exit 1
fi

if [ ! -f /var/qmail/control/rcpthosts ]; then
    echo “No /var/qmail/control/rcpthosts!”
    echo “Refusing to start SMTP listener because it’ll create an open relay”
    exit 1
fi

exec /usr/local/bin/softlimit -m 2000000 
    /usr/local/bin/tcpserver -v -R -l “$LOCAL” -x /etc/tcp.smtp.cdb -c “$MAXSMTPD” 
        -u “$QMAILDUID” -g “$NOFILESGID” 0 smtp /var/qmail/bin/qmail-smtpd 2>&1
 
***************************
Qmail-smtpd run file
ee /var/qmail/supervise/qmail-smtpd/log/run

#!/bin/sh
exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t /var/log/qmail/smtpd
 
***************************
Qmail-send run file
ee /var/qmail/supervise/qmail-send/run

#!/bin/sh
exec /var/qmail/rc
***************************
Qmail-send log run file

ee /var/qmail/supervise/qmail-send/log/run

#!/bin/sh
exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t /var/log/qmail
***************************
chmod 755 /var/qmail/rc
chmod 755 /var/qmail/bin/qmailctl
chmod 755 /var/qmail/supervise/qmail-send/run
chmod 755 /var/qmail/supervise/qmail-send/log/run
chmod 755 /var/qmail/supervise/qmail-smtpd/run
chmod 755 /var/qmail/supervise/qmail-smtpd/log/run

echo ./Maildir/ >/var/qmail/control/defaultdelivery
ln -s /var/qmail/supervise/qmail-send /var/qmail/supervise/qmail-smtpd /service
ln -s /var/qmail/bin/qmailctl /usr/bin

mkdir -p /var/log/qmail/smtpd
chown qmaill /var/log/qmail /var/log/qmail/smtpd

echo 20 > /var/qmail/control/concurrencyincoming
chmod 644 /var/qmail/control/concurrencyincoming

mv /usr/lib/sendmail /usr/lib/sendmail.old
mv /usr/sbin/sendmail /usr/sbin/sendmail.old

chmod 0 /usr/lib/sendmail.old /usr/sbin/sendmail.old

ln -s /var/qmail/bin/sendmail /usr/lib
ln -s /var/qmail/bin/sendmail /usr/sbin

ln -s .qmail-postmaster /var/qmail/alias/.qmail-mailer-daemon
chmod 644 /var/qmail/alias/.qmail-root /var/qmail/alias/.qmail-postmaster /var/qmail/alias/.qmail-mailer-daemon
echo ‘127.:allow,RELAYCLIENT=””‘ >>/etc/tcp.smtp
echo ‘192.:allow,RELAYCLIENT=””‘ >>/etc/tcp.smtp
qmailctl cdb
ee /home/scs/downloads/inst_check.sh
#!/bin/sh
Verify your local qmail alias files
/var/qmail/alias/
.qmail-root
me
.qmail-postmaster
me
This is what my /var/qmail/alias looks like before installing Mailman
lrwxr-xr-x  1 root  qmail  17 May  2 18:55 .qmail-mailer-daemon -> .qmail-postmaster
-rw-r–r–  1 root  qmail   3 May  5 01:21 .qmail-postmaster
-rw-r–r–  1 root  qmail   3 May  5 01:20 .qmail-root
here is what my control files look like in Qmail
[root@lists:/var/qmail/control]# ls -l

-rw-r–r– 1 root qmail 3 May 15 08:42 concurrencyincoming
-rw-r–r– 1 root qmail 11 May 15 08:42 defaultdelivery
-rw-r–r– 1 root qmail 10 May 15 08:25 defaultdomain
-rw-r–r– 1 root qmail 26 May 15 10:17 locals
-rw-r–r– 1 root qmail 16 May 15 08:25 me
-rw-r–r– 1 root qmail 10 May 15 08:25 plusdomain
-rw-r–r– 1 root qmail 26 May 15 10:17 rcpthosts
ee /var/qmail/control/locals
localhost
lists.domain.com

ee /var/qmail/control/me
lists.domain.com
ee /var/qmail/control/rcpthosts
localhost
lists.domain.com
********************
put the qmail.sh in /usr/local/etc/rc.d/qmail.sh
#!/bin/sh
echo -n “qmail-smtpd, “
QMAILQUEUE=”/var/qmail/bin/qmail-scanner-queue.pl” export QMAILQUEUE
chmod 755 qmail.sh
 
reboot server
ee /etc/rc.conf
add this stuff to the rc.conf
 
sendmail_enable=”NONE”
ipfilter_enable=”YES”
ipfilter_flags=”-Ds”
ipfilter_program=”/sbin/ipf -Fa -f”
ipfilter_rules=”/etc/ipf.conf”
ipmon_enable=”YES”
ipmon_flags=”-Dn /var/log/firewall_logs”
spamd_enable=”YES”
clamav_clamd_enable=”YES”
 
install spamassassin from ports
if you get an error about not right version of perl type
use.perl port 
cd /usr/ports/mail/p5-Mail-SpamAssassin
 
install clamav .80
gunzip clamav.80.tar.gz
tar xpf clamav.80.tar
cd clamav.0.80
add group and user clamav //might have to use /stand/sysinstall
groupadd clamav

useradd -g clamav -s /bin/false -c “Clam AntiVirus” clamav


./configure
make
make install
 
Getting ready for Qmail-Scanner
Install db3 from ports collection
cd /usr/ports/databases/db3 
make && make install 
Install tnef-1.1 from the ports collection. 
cd /usr/ports/converters/tnef 
make && make install 
Install unzip from the ports collection. 
cd /usr/ports/archivers/unzip 
make && make install

Install maildrop from ports
cd /usr/ports/mail/maildrop
make && make install
 
Download Perl module Time::HiRes from 
fetch http://www.cpan.org/authors/id/D/DE/DEWEG/Time-HiRes-01.20.tar.gz 
tar xzvf Time-HiRes-01.20.tar.gz 
cd Time-HiRes-01.20 
perl Makefile.PL 
make 
make test 
su – 
cd /Time-HiRes-01.20 
make install 

Download Perl module DB_File from 
fetch http://www.cpan.org/authors/id/P/PM/PMQS/DB_File-1.801.tar.gz 
tar xzvf DB_File-1.801.tar.gz 
cd DB_File-1.801 
perl Makefile.PL 
*use.perl system*
make 
make test 
cd /DB_File-1.801 
make install 
 
use.perl port
reboot server
add user and group qscand using /stand/sysinstall (ok whatever i don’t remember the command line, when you only build two servers a user the gui is nice!)
Download qmail-scanner-1.20
http://qmail-scanner.sourceforge.net/
put in /home/scs/downloads/qmail-scanner
gunzip – qmail-scanner.1.22.tgz
tar xvf qmail-scanner.1.22.tar
chown root /usr/bin/suidperl
chmod 4711 /usr/bin/suidperl
./configure –admin scs –domain lists.deviq.com –notify admin –local-domains lists.deviq.com –log-details yes,syslog –add-dscr-hdrs yes –scanners auto –debug no –unzip yes –install
 

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

%d bloggers like this: