legal contact rss
 

DMZ server setup

Take Ubuntu server and choose LAMP, SSH ...

dpkg-reconfigure dash
Use dash as the default system shell (/bin/sh)? <-- No

service apparmor stop
update-rc.d -f apparmor remove 
apt-get remove apparmor apparmor-utils

apt-get -y install ntp ntpdate

apt-get install postfix postfix-mysql postfix-doc mariadb-client mariadb-server openssl getmail4 rkhunter binutils dovecot-imapd dovecot-pop3d dovecot-mysql dovecot-sieve dovecot-lmtpd sudo

General type of mail configuration: <-- Internet Site
System mail name: <-- [the FQDN of the server]

nano /etc/postfix/master.cf

submission inet n       -       -       -       -       smtpd
  -o syslog_name=postfix/submission
  -o smtpd_tls_security_level=encrypt
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
smtps     inet  n       -       -       -       -       smtpd
  -o syslog_name=postfix/smtps
  -o smtpd_tls_wrappermode=yes
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
 
service postfix restart
 
nano /etc/mysql/mariadb.conf.d/50-server.cnf

bind-address = 0.0.0.0
#bind-address           = 127.0.0.1
 
mysql_secure_installation

Remove anonymous users? [Y/n] <-- y
Disallow root login remotely? [Y/n] <-- y
Reload privilege tables now? [Y/n] <-- y
 
service mysql restart
 
 

# AV and stuff

apt-get install amavisd-new spamassassin clamav clamav-daemon zoo unzip bzip2 arj nomarch lzop cabextract apt-listchanges libnet-ldap-perl libauthen-sasl-perl clamav-docs daemon libio-string-perl libio-socket-ssl-perl libnet-ident-perl zip libnet-dns-perl postgrey

ignore the error-message
service spamassassin stop 
update-rc.d -f spamassassin remove
nano /etc/clamav/clamd.conf
AllowSupplementaryGroups true 
 
freshclam
service clamav-daemon start
 
Resources