Cramsession Linux Newsletter

home

Oct 10 2002

                    LINUX NEWS
            http://www.Cramsession.com
          October 10, 2002 -- Issue #102

TABLE OF CONTENTS

1) Sean’s Notes

2) Linux News

Review of SuSE 8.1 Professional
No, RMS, Linux is not GNU/Linux
Just For Fun
Interview With Red Hat's UI Team

3) Linux Resources

Use Notes on Linux
Postfix Resources
Tasty Recipes
Roll Your Own CD
What I Wish I'd Known When I Was Getting Started

4) App o’ the Week

~~~~~~~~~~~~~~~~~~~~~~ ADVERTISEMENT ~~~~~~~~~~~~~~~~~~~~~~~

Serebra Learning Corporation knows that it’s true, you get paid more if you have the skills. Learn at your own pace with our dynamic training programs for the skills needed to succeed in today’s IT market. The Best Way to Learn Anything, Anywhere, Anytime. Check out this month’s specials!

http://ad.brainbuzz.com/?RC06&AIV92

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

For information on how to advertise in this newsletter please contact mailto:adsales@CramSession.com or visit http://cramsession.com/marketing/default.asp

1) Sean’s Notes

Last week, I started looking at Internet email by describing how email flows from the sender to the receiver. In a nutshell, your mail client (MUA) talks to its mail transfer agent (MTA) with the Simple Mail Transfer Protocol (SMTP) to transmit the message. Your MTA looks up the recipient’s MTA through the MX record for the recipient’s domain. The remote MTA, seeing that the email is for a local recipient, performs local delivery by writing the email to a spool file. The recipient picks up the message, usually by POP or IMAP. This week, I’ll show you how to set up the Postfix MTA to take care of email.

I’ve always been a die-hard Sendmail fan (and still am), but this opportunity to take a look at Postfix was perfect. Even on the front page of http://www.postfix.org, it states that Postfix was designed to look like sendmail on the outside, but to be fast and secure on the inside. The general design, where multiple components interact, leads itself to simplicity over sendmail’s monolithic model.

I’d recommend using the RedHat RPM to install this one, as it goes to great pains to set things up correctly, including running most daemons in a chroot environment to limit what a compromised daemon can do to your system. Failing that, download the source, unpackage, and run the “postfix-install” script.

/etc/postfix is where the config files are stored. main.cf has most of the directives we’re interested in. Unlike our good friend sendmail, we don’t have to generate a config file from another file. Let’s run through some of the important files:

main.cf - specifies the behaviour of the software. Most everything goes here.

master.cf - describes all the daemons and external programs, both internal to postfix, and external for local delivery and relaying to non-SMTP systems.

aliases - a map that allows you to alias local accounts at the local delivery stage. For example, any mail to “fred” can be directed to “susan”, or “fred@new.com”. When you update the file, don’t forget to run “newaliases”.

Into main.cf! First, make sure that postfix will listen on all interfaces. If you see a line like “inet_interfaces localhost”, change the “localhost” to “all”. That’ll ensure it fires up on all the interfaces instead of just the loopback.

Other than that, for my machine called “www.example.com”, and accepting mail for the example.com domain, here is my configuration:

myhostname = www.example.com mydomain = example.com myorigin = $mydomain mydestination = $myhostname, localhost.$mydomain, $mydomain

The first three lines set the host and domain name. You can’t just make these up, they have to resolve in DNS! If you want to receive mail at your own hostname, such as dyn-1-2-3-4.myisp.net, you could get away with:

myhostname = dyn-1-2-3-4.myisp.net mydomain = dyn-1-2-3-4.myisp.net myorigin = $mydomain mydestination = $mydomain

That “mydestination” line, by the way, tells Postfix what domains it will perform local delivery for (note, if you are going to do virtual domains after this, don’t put them here!). In other words, if email comes to your machine, but the domain isn’t listed in mydestination, or set up as a virtual domain, the message will be turfed.

After that, it’s a matter of making sure sendmail isn’t running, and firing up postfix:

service sendmail stop chkconfig sendmail off chkconfig postfix on service postfix start

It’s really that easy! Send yourself some sample emails. Watch /var/log/maillog to see what’s going on.

That, in a nutshell, is the basic installation of Postfix. Compared to sendmail, it’s a lot easier. The documentation at postfix.org is required reading. By default, Red Hat leaves out a lot of the features in main.cf, so if you’re wondering why your changes to the “virtual” file don’t have any effect, it’s because Red Hat didn’t set it up!

Now that you’re on the Internet as an SMTP server, you have a responsibility to not become part of the spam problem. Postfix, by default, is good at blocking people from using you as a relay, but like all good Unix programs, gives you enough rope to hang yourself with. You can check if you’re an open relay by running the following command from your mail server:

telnet relay-test.mail-abuse.org

This host will then connect back to your SMTP port, and attempt to relay mail off of you. If you see the following at the end, then you’re OK:

System appeared to reject relay attempts

Run that command whenever you make any big changes to the configuration file. It only takes about 30 seconds, but believe me, it is worth it. If you get on one of the open relay lists, you’re in for no end of hassles, both from the spammers, and from the people that refuse to accept mail from people on the list.

Well, today we looked at the very basics of the Postfix MTA. The more I play with it (and I’m still a newbie in that respect), the more I’m liking it. In terms of functionality, almost everything I’ve needed in sendmail is there in postfix. It’s far faster and supposedly more secure. Who knows? If I get more comfortable with it, I’ll likely move over some of my existing sendmail servers.

Here are some links from the Postfix site that might help:

Documentation: http://www.postfix.com/docs.html

Basic Config: http://www.postfix.com/basic.html

Red Hat Postfix FAQ (old, but good): http://www.redhat.com/support/resources/faqs/RH-postfix-FAQ/book1.h tml

The man pages for each of the daemons (in /usr/libexec/postfix) also tell you what main.cf directives apply to them, and what configuration maps you can use to alter their behaviour.

Next week, we’ll pick up our mail with a POP daemon.

Long live the Penguin,

Sean mailto:swalberg@cramsession.com

2) Linux News

Review of SuSE 8.1 Professional

Here’s a review of SuSE 8.1 Professional. There are some nice screen shots that show off some of the applications and the general theme.

http://www.osnews.com/story.php?news_id87

No, RMS, Linux is not GNU/Linux

Richard Stallman’s (RMS) insistence on attaching the GNU prefix to Linux has always irked me. After all, the doctor doesn’t get to name the baby, so why should RMS name the OS? He even went so far as to write a FAQ on why he is right (it’s great bathroom reading). Someone has come up with some good arguments for why RMS is wrong.

http://librenix.com/?inode#12

Just For Fun

“We’ve been hearing a lot about Linux in the enterprise these days, but sometimes, as Linus Torvalds likes to say, Open Source projects are ‘just for fun’. Such is the case with the OpenSaurus project, a half dozen guys from North Carolina creating battle robots using Open Source software and easy-to-find hardware. Yes, you know, battle robots, the machines that star in the popular Comedy Central show BattleBots and in scores of less visible competitions around the world.”

http://newsforge.com/newsforge/02/10/08/194259.shtml?tid=8

Interview With Red Hat’s UI Team

A couple of the members of the UI team from Red Hat participated in a lengthy interview about what 8.0 brings, and what they see in the future. It sheds some new light on what was changed, and why they did so.

http://www.osnews.com/story.php?news_id01

3) Linux Resources

Use Notes on Linux

If you’re like me, and are forced to use Lotus Notes at work, then this PDF might come in handy if you’re trying to run under Linux. IBM has put together instructions on how to use WINE to get the Notes client running in lieu of an actual native copy for Linux. Good show, IBM!

ftp://ftp.lotus.com/pub/lotusweb/product/domino/linux/wineinstall.PDF

Postfix Resources

While trying to troubleshoot my postfix setup, I came across this great site. There are pages on various aspects of postfix, such as vacation messages, AV integration, and a very quick “replace sendmail” set of instructions.

http://www.stahl.bau.tu-bs.de/~hildeb/postfix/

Tasty Recipes

As a network guy, I make extensive use of tools such as TCPDump for capturing packets. This document shows some nifty ways of using it, including building helpful graphs.

http://www.geocities.com/d_alan_whinery/net_anal/recipes.htm

Roll Your Own CD

I’ve found the need to create a bootable Linux CD, of which there are many packages out there. However, this one is very bare bones – basically you populate the directories, run a script, and burn the resulting ISO.

http://www.phenix.bnl.gov/~purschke/RescueCD/

What I Wish I’d Known When I Was Getting Started

The title doesn’t give it away, but this document is about firewalls. It’s a basic look at what firewalls are, what they do, and a lot of links and references for you to start learning from.

http://it.rising.com.cn/safety/safetyschool/ywyb/011218fw.htm

4) App o’ the Week

A previous issue of this newsletter had a link to an article about Bayesian mail filtering, and stories of great successes when it comes to detecting spam. Here is an implementation of the algorithm.

http://sourceforge.net/projects/bmf/

(C) 2002 BrainBuzz.com, Inc. All Rights Reserved.

      This message is from CramSession

You are currently subscribed to the following list Hottest Linux News and Resources as: sean@ertw.com

To un-subscribe from this newsletter by e-mail, send a blank email message to: mailto:leave-linuxnews-3825955Y@list.cramsession.com

To subscribe to this newsletter and many others visit our site at: http://newsletters.cramsession.com/signup/default.asp

github.com/swalberg
twitter.com/seanwalberg