my certificated

Januari 18, 2011

IPv6 Certification Badge for frankly


Install VMware Server 2 on Ubuntu 8.04 “Hardy”

Agustus 10, 2010

2 Installing VMware Server

To download VMware Server, go to http://www.vmware.com/products/server/ and click on Download Now:

Run the following command to install some necessary packages:

sudo apt-get install linux-headers-`uname -r` build-essential xinetd

Then go to the location where you saved the VMware Server .tar.gz file, e.g. /home/falko/Desktop (replace falko with your own username!):

cd /home/falko/Desktop

Unpack the VMware Server .tar.gz file and run the installer:

tar xvfz VMware-server-*.tar.gz
cd vmware-server-distrib
sudo ./vmware-install.pl

The installer will ask you a lot of questions. You can always accept the default values simply by hitting <ENTER>.

When the installer asks you

In which directory do you want to keep your virtual machine files?
[/var/lib/vmware/Virtual Machines]

you can either accept the default value or specify a location that has enough free space to store your virtual machines.

At the end of the installation, you will be asked to enter a serial number:

Please enter your 20-character serial number.

Type XXXXX-XXXXX-XXXXX-XXXXX or ‘Enter’ to cancel:

Fill in your serial number for VMware Server.

After the successful installation, you can delete the VMware Server download file and the installation directory:

cd /home/falko/Desktop
rm -f VMware-server*
rm -fr vmware-server-distrib/

If you have accepted all default values during the installation, root is now the VMware Server login name. On Ubuntu, root has no password by default, therefore we create a password now:

sudo passwd root

VMware Server 2 does not have a desktop application for managing virtual machines – this is now done through a browser (e.g. Firefox). You can access the management interface over HTTPS (https://<IP ADDRESS>:8333) or HTTP (http://<IP ADDRESS>:8222); the management interface can be accessed locally and also remotely. If you want to access it from the same machine, type https://127.0.0.1:8333 or http://127.0.0.1:8222 into the browser’s address bar.

If you’re using Firefox 3 and use HTTPS, Firefox will complain about the self-signed certificate, therefore you must tell Firefox to accept the certificate.

Afterwards, you will see the VMware Server login form. Type in root and the password you’ve just created:

source:http://www.howtoforge.com/how-to-install-vmware-server-2-on-an-ubuntu-8.04-desktop


Juni 22, 2010

OpenVPN and CentOS 5 Installation and Configuration Guide Many ppl found that installing VPN on linux is not that easy, the abvailable installation guides on VPN is often limited. I have tried a lot of installation guides and finally get it connected successfully. Here are the steps to guide you installed a secure connection between your� CentOS5 and Windows with OpenVPN open source application. 1. Download the required package files. #wget http://openvpn.net/release/openvpn-2.0.9.tar.gz #wget http://openvpn.net/release/lzo-1.08-4.rf.src.rpm 2. Install and build your download files You may need the required repository before start your installation #yum install rpm-build #yum install autoconf.noarch #yum install zlib-devel #yum install pam-devel #yum install openssl-devel If you have the above dependencies installed, you can start your installation as follows: #rpmbuild –rebuild lzo-1.08-4.rf.src.rpm #rpm -Uvh /usr/src/redhat/RPMS/i386/lzo-*.rpm #rpmbuild -tb openvpn-2.0.9.tar.gz #rpm -Uvh /usr/src/redhat/RPMS/i386/openvpn-2.0.9-1.i386.rpm 3. Copy configuration files #cp -r /usr/share/doc/openvpn-2.0.9/easy-rsa/ /etc/openvpn/ #cp /usr/share/doc/openvpn-2.0.9/sample-config-files/server.conf /etc/openvpn/ 4. CA configuration #cd /etc/openvpn/easy-rsa/ #pico vars (or use vi editor, I just like to use pico) then scroll down to the bottom, edit as you like. export KEY_COUNTRY=AU export KEY_PROVINCE=VIC export KEY_CITY=MELBOURNE export KEY_ORG=”THROXVPN” export KEY_EMAIL=”name@email.com” #.� ./vars (note a space between . . ) #./clean-all 5. Build CA #./build-ca Generating a 1024 bit RSA private key ………………………++++++ …………………….++++++ writing new private key to ‘ca.key’ —– You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter ‘.’, the field will be left blank. —– Country Name (2 letter code) [AU]: State or Province Name (full name) [VIC]: Locality Name (eg, city) [MELBOURNE]: Organization Name (eg, company) [THROXVPN]: Organizational Unit Name (eg, section) []:Throx Common Name (eg, your name or your server’s hostname) []:throx.net Email Address [name@mail.com]: Some information above already entered in step 4, hust hit enter and go to next line. 6. Building server key #./build-key-server ovpnsrv1 Generating a 1024 bit RSA private key ………………………………….++++++ …………………….++++++ writing new private key to ‘ovpnsrv1.key’ —– You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter ‘.’, the field will be left blank. —– Country Name (2 letter code) [AU]: State or Province Name (full name) [VIC]: Locality Name (eg, city) [MELBOURNE]: Organization Name (eg, company) [THROXVPN]: Organizational Unit Name (eg, section) []:Throx Common Name (eg, your name or your server’s hostname) []:throx.net Email Address [name@email.com]: Please enter the following ‘extra’ attributes to be sent with your certificate request A challenge password []: An optional company name []: Using configuration from /etc/openvpn/easy-rsa/openssl.cnf Check that the request matches the signature Signature ok The Subject’s Distinguished Name is as follows countryName���������� :P RINTABLE:’AU’ stateOrProvinceName�� :P RINTABLE:’VIC’ localityName��������� :P RINTABLE:’MELBOURNE’ organizationName����� :P RINTABLE:’THROXVPN’ organizationalUnitName:PRINTABLE:’Throx’ commonName����������� :P RINTABLE:’throx.net’ emailAddress��������� :IA5STRING:’name@email.com’ Certificate is to be certified until Apr 10 15:15:27 2018 GMT (3650 days) Sign the certificate? [y/n]:y 1 out of 1 certificate requests certified, commit? [y/n]y Write out database with 1 new entries Data Base Updated 7. Building Diffie Hellman #./build-dh Generating DH parameters, 1024 bit long safe prime, generator 2 This is going to take a long time (Wait until it finished) 8. Copy key certificates to the required folder #cp keys/ca.crt ../ #cp keys/dh1024.pem ../ #cp keys/ovpnsrv1.key ../ #cp keys/ovpnsrv1.crt ../ 9. OpenVPN configuration #cd ../ #pico server.conf dev tap ;dev tun ca ca.crt cert ovpnsrv1.crt key ovpnsrv1.key # This file should be kept secret 10. Startup the OpenVPN service (Finally, hold your breath) #service openvpn restart #chkconfig openvpn on Windows Client Installation and Configuration 1. Download a copy of windows client http://openvpn.net/release/openvpn-2.0.9-install.exe and install it. 2. Create CA in windows machine Open windows cmd.exe command promp and change directory (cd) into c:\program files\openvpn\ >copy vars.bat.sample vars.bat >edit vars.bat (scroll down to the bottom) set KEY_COUNTRY=AU set KEY_PROVINCE=VIC set KEY_CITY=MELBOURNE set KEY_ORG=THROXVPN set KEY_EMAIL=name@mail.com note: the above information must be same as the details set in server previously. 3. Run the file vars.bat >vars 4. Build client’s key and certificate >copy openssl.cnf.sample openssl.cnf >md keys >build-key vpnhome 5. Copy vpnhome.csr to the server directory /etc/openvpn/easy-rsa/keys #cd /etc/openvpn/easy-rsa/ #./sign-req vpnhome Using configuration from /etc/openvpn/easy-rsa/openssl.cnf Check that the request matches the signature Signature ok The Subject’s Distinguished Name is as follows countryName���������� :P RINTABLE:’AU’ stateOrProvinceName�� :P RINTABLE:’VIC’ localityName��������� :P RINTABLE:’MELBOURNE’ organizationName����� :P RINTABLE:’THROXVPN’ organizationalUnitName:PRINTABLE:’Throx’ commonName����������� :P RINTABLE:’throx.net’ emailAddress��������� :IA5STRING:’name@mail.com’ Certificate is to be certified until Apr 10 16:04:33 2018 GMT (3650 days) Sign the certificate? [y/n]:y 1 out of 1 certificate requests certified, commit? [y/n]y Write out database with 1 new entries Data Base Updated 6. Copy new signed certificate to your windows machine Go to /etc/openvpn/easy-rsa/keys/ , you will see 2 new generated file – ca.crt and vpnhome.crt Copy both of them to your Windows home machine c:/Program Files/OpenVPN/config Also copy your windows generated vpnhome.key from C:\Program Files\OpenVPN\easy-rsa\keys to C:\Program Files\OpenVPN\config 7. Setting the client configuration for OpenVPN Copy client.ovpn from C:\Program Files\OpenVPN\sample-config to C:\Program Files\OpenVPN\config Edit it with the followings changes, similar to what you have done in the linux server dev tap ;dev tun dev-node OpenVPN_Tap remote 1194� (example: remote 202.188.1.1 1194) ca ca.crt cert alanghome.crt key alanghome.key ns-cert-type server 8. Configure the network interface for OpenVPN Select “Control Panel” -> “Network Connection” -> “TAP-Win32#(#)” Right-Click to rename as ‘OpenVPN_Tap’ 9. Startup the connection of client Go to START>All Programs>OpenVPN>OpenVPN GUI , click it In the task-bar, select “OpenVPN GUI” -> right-click “Connect” Phew…. if everything set correctly, now you should be connected to your linux via OpenVPN. Source: http://yumax1012.blogspot.com/2007/08/install-openvpn-on-centos-44.html


Membuat mail server

Juni 22, 2010

Installasi mailserver dengan postfix and courier menggunakan authentikasi mysql

Diarsipkan di bawah: LiNuX (based on debian), Mail Server — Tag:, , , , — LQman @ 5:51 am

Tutorial ini menjelaskan Step by Step tentang cara membuat mailserver dg virtual domain (domain email tidak harus selalu sama dg domain komputer yang sesungguhnya) denganberbasiskan postfix dan courier dg memanfaatkan mysql sebagai penyimpan data username & password bagi tiap2 user. Berikut ini yang harus anda lakukan.

( INTERNET )—————-| DMZ |—————-( Local Area Networks )
Step 1: Install paket-paket yang diperlukan
Paket yang diperlukan dalam tutorial ini antara lain :
Untuk Mengirim email (SMTP) : postfix (Pilih: “Local only”), postfix-tls, postfix-mysql, postfix-doc
Untuk Database user : mysql-client-5.0, mysql-server-5.0
Untuk menerima email (POP3 & IMAP) : courier-base (Pilih: “No”), courier-authdaemon, courier-authlib-mysql, courier-pop, courier-pop-ssl, courier-imap, courier-imap-ssl
Untuk Keamanan Pengiriman dan Penerimaan email : libsasl2, libsasl2-modules, libsasl2-modules-sql, openssl
Untuk Mencegah Virus dan Spam : amavisd-new, spamassassin, clamav, clamav-daemon, zoo, unzip, lha
Untuk tampilan WebMail : squirrelmail, phpmyadmin
Untuk testing tools : telnet

root@bajoel:~#apt-get install postfix postfix-tls postfix-mysql postfix-doc mysql-client-5.0 mysql-server-5.0 courier-authdaemon courier-authlib-mysql courier-pop courier-pop-ssl courier-imap courier-imap-ssl libsasl2 libsasl2-modules libsasl2-modules-sql openssl amavisd-new spamassassin clamav clamav-daemon zoo unzip lha squirrelmail phpmyadmin telnet

Step 2: Membuat user, database, dan tabel yang diperlukan pada mysql
Tambahkan database dan tabel-tabel baru pada mysql anda sebagai berikut
root@bajoel:~#mysql -u root -p
password:
mysql>CREATE DATABASE mail;
mysql>CREATE USER 'mailadmin'@'localhost' identified by 'passwordanda';
mysql>USE mail;
mysql>CREATE TABLE domains (
domain varchar(50) NOT NULL,
PRIMARY KEY (domain) )
TYPE=MyISAM;
mysql>CREATE TABLE forwardings (
source varchar(80) NOT NULL,
destination TEXT NOT NULL,
PRIMARY KEY (source) )
TYPE=MyISAM;
mysql>CREATE TABLE users (
email varchar(80) NOT NULL,
password varchar(20) NOT NULL,
PRIMARY KEY (email) )
TYPE=MyISAM;
mysql>GRANT all ON mail.* TO 'mailadmin'@'localhost';

Step 3: Membuat file2 baru sebagai penunjuk ke database mysql
Buat file baru dg nama mysql-virtual_domains.cf
root@bajoel:~#touch /etc/postfix/mysql-virtual_domains.cf
isi file mysql-virtual_domains.cf dg baris-baris dibawah ini:
root@bajoel:~#mcedit /etc/postfix/mysql-virtual_domains.cf
user = mailadmin
password = passwordanda
dbname = mail
table = domains
select_field = ‘virtual’
where_field = domain
hosts = 127.0.0.1

Buat file baru dg nama mysql-virtual_forwardings.cf yg berisi :
root@bajoel:~#touch /etc/postfix/mysql-virtual_forwardings.cf
isi file mysql-virtual_forwardings.cf dg baris-baris dibawah ini:
root@bajoel:~#mcedit /etc/postfix/mysql-virtual_forwardings.cf
user = mailadmin
password = passwordanda
dbname = mail
table = forwardings
select_field = destination
where_field = source
hosts = 127.0.0.1

Buat file baru dg nama user mysql-virtual_mailboxes.cf yg berisi :
root@bajoel:~#touch /etc/postfix/mysql-virtual_mailboxes.cf
isi file mysql-virtual_mailboxes.cf dg baris-baris dibawah ini:
root@bajoel:~#mcedit /etc/postfix/mysql-virtual_mailboxes.cf
user = mailadmin
password = passwordanda
dbname = mail
table = users
select_field = CONCAT(SUBSTRING_INDEX(email,’@’,-1),’/’,SUBSTRING_INDEX(email,’@’,1),’/’)
where_field = email
hosts = 127.0.0.1

Buat file baru mysql-virtual_email2email.cf yang berisi :
root@bajoel:~#touch /etc/postfix/mysql-virtual_email2email.cf
isi file mysql-virtual_email2email.cf dg baris-baris dibawah ini:
root@bajoel:~#mcedit /etc/postfix/mysql-virtual_email2email.cf
user = mailadmin
password = passwordanda
dbname = mail
table = users
select_field = email
where_field = email
hosts = 127.0.0.1

[Penting] Demi keamanan, pastikan hanya user root & postfix saja yang bisa mengakses file-file yang telah anda buat.
root@bajoel:~#chown root:postfix /etc/postfix/mysql-virtual_*.cf
root@bajoel:~#chmod u=rw,g=r,o= /etc/postfix/mysql-virtual_*.cf

Step 4: Membuat user baru pada system kita sebagai administrator-email
User ini bertugas untuk membuat maildir baru setiap ada user baru yang mendaftar pada mailserver anda
root@bajoel:~#groupadd -g 5000 mail-admin
root@bajoel:~#useradd -g mail-admin -u 5000 mail-admin -d /home/mail -m
root@bajoel:~#mkdir /home/mail
root@bajoel:~#chown -R mail-admin:mail-admin /home/mail
root@bajoel:~#chmod -R u=rwx,g=,o= /home/mail

Step 5: Mengkonfigurasi postfix sbg server SMTP
File main.cf ini adalah file konfigurasi utama dari postfix
root@bajoel:~#mcedit /etc/postfix/main.cf
Editlah file tsb, sehingga menjadi seperti dibawah ini:
inet_interfaces = all
myhostname = mail.domain-anda.org (fqdn)
mydestination = (jangan menuliskan virtual domain disini -> lebih baik dikosongi saja)
mynetworks = lqman.org (nama domain anda)
virtual_alias_domains =
virtual_alias_maps = mysql:/etc/postfix/mysql-virtual_forwardings.cf mysql:/etc/postfix/mysql-virtual_email2email.cf
virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual_domains.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual_mailboxes.cf
virtual_mailbox_base = /home/mail
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
smtpd_use_tls = yes
smtpd_tls_cert_file = /etc/postfix/smtpd.cert
smtpd_tls_key_file = /etc/postfix/smtpd.key

Testing…
Restart service postfix, dan cobalah untuk mengakses port 25 dengan telnet
root@bajoel:~#/etc/init.d/postfix restart
root@bajoel:~#postfix check

Jika tidak muncul suatu pesan kesalahan, berarti anda sukses…….
root@bajoel:~#telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.localdomain.
Escape character is '^]'.
220 mail.lqman.org ESMTP Postfix (Debian/GNU)

Jika muncul sebagaimana tulisan diatas, berarti postfix anda sudah berjalan lancar…….
Tekanlah tombol Ctrl+] lalu ketik quit untuk keluar dari sesi telnet,
Ambilah napas dalam-dalam, dan lanjutkan perjuangan ;)

Step 6: Mengaktifkan fasilitas authentikasi pada postfix (Auth-SMTP)
Tell Postfix to use SASL/MySQL, dg cara buat file baru dg nama /etc/postfix/sasl/smtpd.conf
root@bajoel:~#touch /etc/postfix/sasl/smtpd.conf
Isi file /etc/postfix/sasl/smtpd.conf dg baris-baris dibawah ini:
root@bajoel:~#mcedit /etc/postfix/sasl/smtpd.conf
pwcheck_method: auxprop
auxprop_plugin: sql
mech_list: plain login cram-md5 digest-md5
sql_engine: mysql
sql_hostnames: 127.0.0.1
sql_user: mailadmin
sql_passwd: passwordanda
sql_database: mail
sql_select: select password from users where email=’%u@%r’
log_level: 7

[Penting] Demi keamanan, pastikan hanya user root & postfix saja yang bisa mengakses file-file yang telah anda buat.
root@bajoel:~#chown root:postfix /etc/postfix/sasl/smtpd.conf
root@bajoel:~#chmod u=rw,g=r,o= /etc/postfix/sasl/smtpd.conf

Mengaktifkan TLS untuk meng-encrypt SMTP traffik, dg cara membuat sertifikat (certificate)
root@bajoel:~#openssl req -new -outform PEM -out /etc/postfix/smtpd.cert -newkey rsa:2048 -nodes -keyout /etc/postfix/smtpd.key -keyform PEM -days 365 -x509

[Penting] Demi keamanan, pastikan hanya user root & postfix saja yang bisa mengakses file-file yang telah anda buat.
root@bajoel:~#chown root:postfix /etc/postfix/smtpd.*
root@bajoel:~#chmod u=rw,g=r,o= /etc/postfix/smtpd.*

Step 7: Mengkonfigurasi courier sebagai server POP3 / IMAP
Edit file /etc/courier/authdaemonrc,
root@bajoel:~#mcedit /etc/courier/authdaemonrc
ubah parameter authmodulelist menjadi :
authmodulelist=”authmysql”
Lalu edit file /etc/courier/authmysqlrc,
root@bajoel:~#mcedit /etc/courier/authmysqlrc
Ubah beberapa parameter, shg menjadi seperti di bawah ini :
MYSQL_SERVER localhost
MYSQL_USERNAME mailadmin
MYSQL_PASSWORD passwordanda
MYSQL_PORT 0
MYSQL_DATABASE mail
MYSQL_USER_TABLE users
#MYSQL_CRYPT_PWFIELD (jadikan baris ini sebagai komentar)
MYSQL_CLEAR_PWFIELD password
MYSQL_UID_FIELD 5000
MYSQL_GID_FIELD 5000
MYSQL_LOGIN_FIELD email
MYSQL_HOME_FIELD “/home/mail”
MYSQL_MAILDIR_FIELD CONCAT(SUBSTRING_INDEX(email,’@’,-1),’/’,SUBSTRING_INDEX(email,’@’,1),’/’)
#MYSQL_NAME_FIELD (jadikan baris ini sebagai komentar)

[Penting] Mengedit file authmysqlrc agak sedikit susah, pastikan anda berhati-hati dan tidak membuat kesalahan (jangan memakai tanda SPASI, tetapi gunakan tombol TAB)

Testing…
Restart service courier-authdaemon, dan cobalah untuk mengakses port 110 dengan telnet
root@bajoel:~#/etc/init.d/courier-authdaemon restart
Jika tidak muncul suatu pesan kesalahan, berarti anda sukses…….
root@bajoel:~#telnet localhost 110
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
+OK Hello there.

Jika muncul pesan seperti diatas, maka berbahagialah.
Tarik napas dalam-dalam dan ucapkan hamdalah atas keberhasilan anda :)

[Penting] Anda tidak dapat membuka mailbox / maildir anda sebelum ada email yang terkirim pada mailbox anda.Pesan kesalahan akan dimunculkan. Karena itulah anda harus mengirim welcome email pada setiap user baru.

Step 8: Test hasil konfigurasi anda
Selamat, anda telah menyelesaikan poin konfigurasi. Pada bagian ini anda anda hanya akan men-testing server yang telah anda konfig sebelumnya.
Sekarang kita akan membuat database pada domain yang akan kita coba, domain inilah yang kita jadikan sebagai domain percobaan untuk mengirim dan menerima email.
Buatlah domain baru dg nama lqman.org pada tabel domains, dan buatlah juga alamat email dan password baru pada tabel users.
Untuk lebih jelasnya ikutilah syntax mysql dibawah ini.

root@bajoel:~#mysql -u mailadmin -p mail
password:
mysql>INSERT INTO domains(domain) VALUES ('lqman.org');
mysql>INSERT INTO users(email,password) VALUES ('admin@lqman.org','admin');
mysql>INSERT INTO users(email,password) VALUES ('user@lqman.org','user');

Sekarang kita sudah punya sebuah virtual domain baru dg nama “lqman.org” dan 2 orang user, yaitu “admin@lqman.org” dan “user@lqman.org” yang masing-masing user ini mempunyai password “admin” dan “user”.

Jika anda tidak mempunyai MX record pada DNS server anda, maka kami menyarankan utk menambahkan MX record spt dibawah ini:
root@bajoel:~#mcedit /etc/bind/db.lqman.org

@ IN MX 5 mail.lqman.org.
mail IN A 10.122.1.22

IP-Address 10.122.1.22 hanya sebagai contoh saja, ubahlah sesuai dg IP-Address yg anda inginkan. Kemudian untuk mencoba pengiriman email dari smtp server anda, lakukan telnet pada localhost 25

root@bajoel:~#telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.localdomain.
Escape character is '^]'.
220 mail.lqman.org ESMTP Postfix (Debian/GNU)

kemudian secara interaktif (pada mode telnet) berikan perintah spt dibawah ini:
Anda : ehlo virtual.test
Server : 250-mailtest
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH LOGIN PLAIN DIGEST-MD5 CRAM-MD5
250-AUTH=LOGIN PLAIN DIGEST-MD5 CRAM-MD5
250 8BITMIME
Anda : mail from:admin@lqman.org
Server : 250 Ok
Anda : rcpt to:user@lqman.org
Server : 250 Ok
Anda : data
Server : 354 End data with .
Anda : Subject:Just for test
This is a test email
. (tanda titik)

Server : 250 Ok: queued as ABC1D1C123
Anda : quit
Server : 221 BYE

Jika respon server seperti tulisan diatas, berarti email dari admin@lqman.org kepada user@lqman.org sudah masuk ke dalam antrian untuk segera dikirimkan oleh postfix (SMTP server).
Lihatlah pada log file yang berada pada /var/log/mail.info
root@bajoel:~#tail -f /var/log/mail/info | ccze
pasti akan kita lihat bagin seperti dibawah ini :
Jul 24 21:48:28 myserver postfix/smtpd[9119]: connect from myserver[127.0.0.1]
Jul 24 21:48:48 myserver postfix/smtpd[9119]: F2C1B47BD: client=myserver[127.0.0.1]
Jul 24 21:48:52 myserver postfix/cleanup[9144]: F2C1B47BD: message-id=
Jul 24 21:48:52 myserver postfix/qmgr[9117]: F2C1B47BD: from=, size=313, nrcpt=1 (queue active)
Jul 24 21:48:52 myserver postfix/virtual[9148]: F2C1B47BD: to=, relay=virtual, delay=10, status=sent (delivered to maildir)

Jika anda melihat “status=sent (delivered to maildir)” maka email yang anda kirimkan sudah berhasil dikirimkan ke dalam Maildir user yang bersangkutan (user@lqman.org). Jalankan perintah find untuk melihat seluruh file dan direktori yang ada dibawah direktori “/home/mail”.
root@bajoel:~#find /home/mail
/home/mail/
/home/mail/lqman.org
/home/mail/lqman.org/user
/home/mail/lqman.org/user/cur
/home/mail/lqman.org/user/new
/home/mail/lqman.org/user/new/1170803794.V805I1c1fbM98807.bajoel
/home/mail/lqman.org/user/new/1170803833.V805I1c1feM87660.bajoel
/home/mail/lqman.org/user/tmp

Semuanya berjalan Lancar? Bagus.. :) Sebagai langkah terakhir, anda harus mencoba login pada email baru nada melalui tampilan web yg telah disediakan oleh squirrelmail. Pada percobaan ini, username yang bisa digunakan adalah “user@lqman.org” dengan password “user”

Step 9: Menambahkan User Baru pada Mail-Server
Pada step yang terakhir ini anda tinggal memasukkan / menambahkan pada database setiap username dan password user baru pada mailserver anda.
Untuk setiap virtual-domain baru, Tambahkan nama virtual-domain tsb pada tabel ‘domains’
Untuk setiap user baru, Tambahkan username (email address) dan password (plain text) pada tabel ‘users’
Untuk setiap forwarding, Tambahkan source dan destination mail address pada tabel ‘forwardings’, jika anda punya banyak destination, pisahkan dengan koma. Tabel ini digunakan untuk me-redirect setiap email pada system anda, termasuk juga anda bisa me-redirect local mail-address.

Contoh :
source destination Effect
test@my.domain philip@my.domain me-redirect emails untuk postmaster kepada philip.
@my.domain @another.domain Ini adalah re-direction thd seluruh domain. Setiap email yang dialamatkan
kpd suatu user pada domain ‘my.domain’ akan di-forward kepada user
yang sama pada domain ‘another.domain’.
Jadi mail kpd lqman@my.domain akan di-redirect kepada
lqman@another.domain.
jesper@my.domain dilbert@my.domain,dilbert@gmail.com mem-forward email yg dialamatkan untuk jesper@my.domain kepada
dilbert@my.domain dan dilbert@gmail.com

Step 10: Interface WebMail dg squirrelmail
Untuk mempermudah user anda dalam menggunakan mailserver yg sdh anda buat, maka tampilan web merupakan interface yang paling mudah. Oleh karena itu paket squirrelmail yang sudah kita install pada step pertama harus dikonfigurasi sesuai dg mailserver yg sdh kita buat.
Untuk menyesuaikan dg konfigurasi mailserver ini, cukup lakukan perintah squirrelmail-configure
root@bajoel:~#squirrelmail-configure
lalu lakukan sesuai dg langkah-langkah yang sudah tersedia. Langkah yang paling penting disini adalah saat menentukan “Server Settings” saja, selain itu tidak ada yang terlalu penting.
Pada saat menentukan “Server Settings”, lakukan perubahan spt dibawah ini

Secure IMAP (TLS) : false
Server software : courier

kemudian save opsi tersebut dg cara menekan tombol “s”, lalu keluar dari configurasi dg menekan tombol “q”.
Step 11: Menjadikan webmail kita sebagai VirtualHost baru
Buatlah file baru pada konfigurasi webserver anda (pada tutorial ini dipakai webserver apache2)
root@bajoel:~#touch /etc/apache2/sites/available/squirrelmail
kemudian tambahkan baris-baris dibawah ini :
NameVirtualHost 10.122.1.22:80

ServerAdmin admin@lqman.org
ServerName mail.lqman.org
DocumentRoot /usr/share/squirrelmail

Options FollowSymLinks
AllowOverride None

Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all

setelah itu, buatlah symbolic link ke direktori /etc/apache2/sites-enable/ dengan cara
root@bajoel:~#ln -s /etc/apache2/sites-available/squirrelmail.conf /etc/apache/sites-enable/001squirrelmail.conf
lalu cek konfigurasi apache2 dg syntax :
root@bajoel:~#apache2ctl configtest
dan jika muncul tulisan Syntax OK, maka restart-lah apache2 dg :
root@bajoel:~#apache2ctl restart


endian

Juni 22, 2010

http://beni-santoso.blogspot.com/2008_03_01_archive.html


monitoring zimbra menggunakan mailgraph dan thttpd

Juni 22, 2010
Post Pic

Monitoring Traffik Email di Zimbra dengan Mailgraph

Pada 15 Jul 2009, di Seri Tutorial, oleh Cecep Mahbub

Monitoring traffik email keluar masuk dari zimbra menggunakan mailgraph. Selain traffik email keluar masuk, Anda juga bisa melihat traffik spam dan virus yang berhasil di tangani oleh zimbra.

Instal paket mailgraph dan thttpd (web server ringan, bisa juga diganti dengan apache jika Anda mau).

sudo apt-get install mailgraph thttpd

Mengkonfigurasi thttpd

Sunting berkas /etc/thttpd/thttpd.conf

# /etc/thttpd/thttpd.conf: thttpd configuration file
 
port=8888
dir=/var/www
nochroot
 
user=www-data
cgipat=/cgi-bin/*
 
throttles=/etc/thttpd/throttle.conf
logfile=/var/log/thttpd.log

Bisa Anda lihat di konfigurasi berkas di atas, port diganti ke port 8888, karena port 80 seharusnya sudah digunakan oleh webmail zimbra. Setelah itu, Anda restart thttpd.

sudo /etc/init.d/thttpd restart

Mengkonfigurasi Mailgraph

Sunting berkas /etc/default/mailgraph, pastikan isinya seperti yang saya tulis di bawah.

BOOT_START=
MAIL_LOG=/var/log/zimbra.log
IGNORE_LOCALHOST=true

Setelah itu, jangan lupa untuk merestart mailgraph.

sudo /etc/init.d/mailgraph restart

Langkah selanjutnya, saya tinggal menyalin berkas mailgraph.cgi ke lokasi cgi-bin di thttpd.

sudo mkdir /var/www/cgi-bin
sudo cp /usr/lib/cgi-bin/mailgraph.cgi /var/www/cgi-bin/

Sekarang Anda bisa melihat hasil monitoring di web, melalui alamat.

http://nama.atau.ip.server.zimbra.anda:8888/cgi-bin/mailgraph.cgi

queue trap di cacti untuk mikrotik

Juni 12, 2010

Graphing Mikrotik Queue Simple and Queue Tree with Cacti

It’s not the first time tutorial about graphing mikrotik queue simple with cacti, you can saw many tutorial about it.  I just republish, howto we use this on your cacti server monitoring. before, I was read that tutorial at forum.cacti.net, and they publish some script cacti for graphing mikrotik queue.

A. Graphing Mikrotik Queue Simple/Tree with Cacti

- if using Queue Simple, you have to download this files :

cacti-mikrotik-queue-simple.zip

- if using Queue Tree, you have to download this files : cacti-mikrotik-queue-tree.zip

- you will see this files in your extract directory :

cacti_data_query_mikrotik_simple_queue.xml
cacti_data_template_mikrotik_simple_queue.xml
cacti_graph_template_mikrotik_simple_queue.xml
cacti_host_template_mikrotik_queue.xml
ipacmikro.xml

B. Installation

  • Import cacti_data_query_mikrotik_simple_queue.xml (login cacti as administrator)
  • Import cacti_data_template_mikrotik_simple_queue.xml
  • Import cacti_graph_template_mikrotik_simple_queue.xml
  • Import cacti_host_template_mikrotik_queue.xml
  • Copy ipacmikro.xml to /path/to cacti/resource/snmp_queries/ on the Cacti server.

C. Graphing on Cacti

- login cacti as administrator
- add device and choose Mikrotik Queue on Host Template

- Create Graphs for this Host  and choose data query for graphing.

-Done.

D. Example Graphing Result.

source:http://www.nixnux.or.id/2008/11/15/graphing-mikrotik-queue-simple-and-queue-tree-with-cacti/


Ikuti

Get every new post delivered to your Inbox.