APS 실습망 DNS/Mail 서버 구축 메뉴얼
21_이동근# DNS 서버 다운로드
sudo apt -y install bind9 bind9utils
# DNS 서버 설정
sudo nano /etc/bind/named.conf
----------------------------------------------------------------------------------------------------
include "/etc/bind/named.conf.options";
include "/etc/bind/named.conf.local";
include "/etc/bind/named.conf.default-zones";
----------------------------------------------------------------------------------------------------
sudo nano /etc/bind/named.conf.default-zones
----------------------------------------------------------------------------------------------------
zone "protect.kr" {
type master;
file "/etc/bind/protect.kr.zone";
};
----------------------------------------------------------------------------------------------------
sudo nano /etc/resolv.conf
----------------------------------------------------------------------------------------------------
nameserver 172.16.0.30
----------------------------------------------------------------------------------------------------
# DNS 작동 확인
systemctl restart named
nslookup protect.kr
# zone파일 생성후 DNS 재확인
cd /etc/bind
sudo cp db.local protect.kr.zone
sudo chown root.bind protect.kr.zone
systemctl restart named
nslookup protect.kr
# 서버 위치 설정
sudo nano /etc/bind/protect.kr.zone
----------------------------------------------------------------------------------------------------
;
; BIND data file for local loopback interface
;
$TTL 604800
@ IN SOA localhost. root.localhost. (
2 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS localhost.
@ IN A 192.168.123.200
@ IN AAAA ::1
www IN A 192.168.123.200
mail IN A 192.168.123.200
----------------------------------------------------------------------------------------------------
sudo systemctl restart named
nslookup protect.kr
#Mail 서버 구축
#Postfix
sudo apt -y install postfix sasl2-bin
sudo cp /usr/share/postfix/main.cf.dist /etc/postfix/main.cf
#main.cf 편집
sudo nano /etc/postfix/main.cf
# ine 78: uncomment
mail_owner = postfix
# line 94: uncomment and specify hostname
myhostname = mail.protect.kr
# line 102: uncomment and specify domainname
mydomain = protect.kr
# line 123: uncomment
myorigin = $mydomain
# line 137: uncomment
inet_interfaces = all
# line 185: uncomment
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
# line 228: uncomment and del
local_recipient_maps = *뒷부분 지움*
# line 270: uncomment
mynetworks_style = subnet
# line 287: add your local network
mynetworks = 127.0.0.0/8, 172.16.0.30/24, 192.168.123.200/24
# line 407: uncomment
alias_maps = hash:/etc/aliases
# line 418: uncomment
alias_database = hash:/etc/aliases
# line 440: uncomment
home_mailbox = Maildir/
# line 576: comment out and add (주석처리후 밑에거 추가)
#smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
smtpd_banner = $myhostname ESMTP
# line 650: add
sendmail_path = /usr/sbin/postfix
# line 655: add
newaliases_path = /usr/bin/newaliases
# line 660: add
mailq_path = /usr/bin/mailq
# line 666: add
setgid_group = postdrop
# line 670: comment out
#html_directory =
# line 674: comment out
#manpage_directory =
# line 679: comment out
#sample_directory =
# line 683: comment out
#readme_directory =
# line 684: if also listen IPv6, change to [all]
inet_protocols = ipv4
# add to the end
# for example, limit an email size to 10M
message_size_limit = 10485760
# for example, limit mailbox size to 1G
mailbox_size_limit = 1073741824
# SMTP-Auth settings (add)
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $myhostname
smtpd_recipient_restrictions = permit_mynetworks, permit_auth_destination, permit_sasl_authenticated, reject
#Install Devcot
sudo apt -y install dovecot-core dovecot-pop3d dovecot-imapd
sudo nano /etc/dovecot/dovecot.conf
# line 30: uncomment
listen = *, ::
sudo nano /etc/dovecot/conf.d/10-auth.conf
# line 10: uncomment and change (allow plain text auth)
disable_plaintext_auth = no
# line 100: add
auth_mechanisms = plain login
sudo nano /etc/dovecot/conf.d/10-mail.conf
# line 30: change to Maildir
mail_location = maildir:~/Maildir
sudo nano /etc/dovecot/conf.d/10-master.conf
# line 107-109: uncomment and add
# Postfix smtp-auth
unix_listener /var/spool/postfix/private/auth {
mode = 0666
user = postfix
group = postfix
}
sudo systemctl restart dovecot