DMZ server setup
Take Ubuntu server and choose LAMP, SSH ...
dpkg-reconfigure dash
Use dash as the default system shell (/bin/sh)? <-- No
service apparmor stop
update-rc.d -f apparmor remove
apt-get remove apparmor apparmor-utils
apt-get -y install ntp ntpdate
apt-get install postfix postfix-mysql postfix-doc mariadb-client mariadb-server openssl getmail4 rkhunter binutils dovecot-imapd dovecot-pop3d dovecot-mysql dovecot-sieve dovecot-lmtpd sudo
General type of mail configuration: <-- Internet Site
System mail name: <-- [the FQDN of the server]
nano /etc/postfix/master.cf
submission inet n - - - - smtpd
-o syslog_name=postfix/submission
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
smtps inet n - - - - smtpd
-o syslog_name=postfix/smtps
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
service postfix restart
nano /etc/mysql/mariadb.conf.d/50-server.cnf
bind-address = 0.0.0.0
#bind-address = 127.0.0.1
mysql_secure_installation
Remove anonymous users? [Y/n] <-- y
Disallow root login remotely? [Y/n] <-- y
Reload privilege tables now? [Y/n] <-- y
service mysql restart
# AV and stuff
apt-get install amavisd-new spamassassin clamav clamav-daemon zoo unzip bzip2 arj nomarch lzop cabextract apt-listchanges libnet-ldap-perl libauthen-sasl-perl clamav-docs daemon libio-string-perl libio-socket-ssl-perl libnet-ident-perl zip libnet-dns-perl postgrey
ignore the error-message
service spamassassin stop
update-rc.d -f spamassassin remove
nano /etc/clamav/clamd.conf
AllowSupplementaryGroups truefreshclam
service clamav-daemon startResources