Firewall, IDS, Cloud, Mail (and whatever goes out) in your home

Hi. As is common in my posts, today we are going to talk about servers, networks and other things.

linux server

To begin, I want to tell you that I have decided to make a small manual on how to install a server in your home, in a homemade but very efficient way (In my case I use a Pentium 4 with 1GB of RAM). On our server we are going to install and configure some programs and services that I think can help you study, learn and maybe you can use them in your day to day life. These programs / services are:

  • Firewall (iptables): We will use our equipment as a gateway to our network, and we will configure some basic traffic rules.
  • IDs: We will use software called SNORT to detect possible intruders and attacks, both to our network and to the server.
  • MAIL: We will have our own mail server.
  • Cloud: We will also use a tool called OwnCloud to have our files and documents in the cloud (Our server).

Along the way, we'll also learn some cool tips and tricks that anyone who reads it can use. But hey, let's get to it.

Email

I wanted to start with this service, because in order to have it installed and working correctly, we must first make some adjustments that will help us a lot. To install this server, I have installed a linux (Debian 8.5) on an old machine. (Pentium 4 - 1GB RAM).

NOTE: It is important to know how to configure your router and create a DMZ to the server's ip.

As everyone knows, a mail server is used to send and receive emails, but if we want to use it to do it with any service (Gmail, Hotmail, Yahoo .. Etc). We need our own domain, but this is worth money, so I have decided to use the "No-IP" service, which lets us create a host that redirects to our IP, (It does not matter if it is dynamic or static). I do not want to go into much detail with this, but you should only go into: https://www.noip.com/ and create an account. when they enter, your panel will appear something like this:

noip panel

They should only enter «Add a Host ». There they will only have to choose a name for their host (which will act as the domain.) Then, if their Public IP is dynamic, they must install the client on their server so that this IP automatically updates.

For this, no-ip has its own manual at this link: http://www.noip.com/support/knowledgebase/installing-the-linux-dynamic-update-client/

When they install the program and are configuring it (make and make install). The program will ask for your authentication data at no-ip.com

noip1

NOTE: : After you enter your account information. It will ask you some questions, you just have to use the default options (ENTER).

When they have this, their emails will be user @domain.no-ip.net (For example).

Now to install the mail server. We are going to use a very powerful tool that I always like to use in these cases where we want to be fast and efficient. Its name is IredMail and it is a package (Script) that basically installs everything automatically and only asks you for some information to do it.

To do this, we are going to go to its official page and download the script.  http://www.iredmail.org/download.html

iredmail

We can use the wget command to download the package, and after unzipping it, we enter the folder where it is located.

We just run the script "IRedMail.sh"

ired1

First you will get a welcome message where you just have to press ENTER. Then the first question he asks you is where do you want your emails to be stored.

ired2

By default, they will save to / var / vmail. you can leave it there or choose any other place or record. In my particular case, I have another disk that is mounted on / data. and I will leave my emails in / data / vmail.

The next question is whether you want to use Apache or Nginx as a web server.

ired3

Everyone disagrees which service is better, but in my case I will use Apache.

Then it will ask which database server you want to use.

ired4

For simplicity, since we won't be using LDAP or anything like that, we will use Mysql even though I sometimes use MariaDB.

The next question is about which domain you are going to use, there you will have to put the same one that you did a while ago in no-ip.

ired5

After this, it tells you that it will create a default administrator account called postmaster@domain.no-ip.net and asks you what password you want to put it.

ired7

Then, it asks you which tools you want to install (and it gives you a description of each one).

ired8

You can choose the ones you want or leave it as is. And it will predict you to confirm the data you just entered and that's it. The installation will begin. We just have to wait a while.

NOTE: It is possible that during the installation it will ask you for information such as the password you want to set to Mysql (If you did not have it installed).

When he's finished, he will give you some additional directions. and I recommend you restart the server. and to check that everything works, you must enter https: // IP. this IP should be the LAN IP of your server, you can check it using ifconfig. 

ired9

Then Roundcube should come out, which is our Webmail. And for testing you can use the Postmaster account (which they created before). and your mail should go out.

ired10

IMPORTANT NOTE: During this process, as it was the first time I tried it from home, I had the following problem: It turns out that due to security policies, service providers like Gmail and Outlook block emails that come from dynamic IP ranges. and although your ip never changes, it is likely that it is blocked because it is still labeled as a residential ip. You will most likely have to check with your ISP if you can access a business static IP. 

IMPORTANT NOTE 2: It is also likely that your ISP does not allow you to use port 25, since it is the port used by the other providers to send you emails, you must contact your ISP.

Now, to control your mail server (create accounts ... etc) You must enter https://IP/iredadmin. Login with your username postmaster@domain.no-ip.net.

ired11

The panel is quite intuitive, it is used to add and modify email accounts, and also new domains.

By this time you should already have a functional mail server. In a next post we will begin to create our Firewall and configure our network.

Trick: In the folder where we downloaded the script, there is a file called iRedMail.tips where you will find a lot of information, such as configuration files and installation data.

Regards.!


2 comments, leave yours

Leave a Comment

Your email address will not be published. Required fields are marked with *

*

*

  1. Responsible for the data: Miguel Ángel Gatón
  2. Purpose of the data: Control SPAM, comment management.
  3. Legitimation: Your consent
  4. Communication of the data: The data will not be communicated to third parties except by legal obligation.
  5. Data storage: Database hosted by Occentus Networks (EU)
  6. Rights: At any time you can limit, recover and delete your information.

  1.   Leonardo said

    Very good!!!!! I am waiting for the OwnCloud one that I have been wanting to build on my Raspberry Pi for a while and I can't do it with the tutorials I found on the web.

  2.   sebastianbianchini said

    Very good!
    Congratulations