IST346: Lab Last Update: 11/9/2010 9:11 PM

LAB 12 – EMAIL SERVICES

OVERVIEW

The Fauxco.com organization desperately needs email service, and you’ve been appointed as the person responsible for setting it up on their network. In this exercise you will install the free email server hMail (http://www.hmailserver.com/) on your win2008 virtual machine. You will then install a web-based email manager called SquirrelMail (http://squirrelmail.org/) on your centos5 virtual machine so the users of Fauxco.com can read and send their email using a web browser (like Gmail). Our Fauxco.com email system will use the IMAP protocol for email Retrieval (the Access Agent , or “AA”), and the SMTP protocol for email distribution (the delivery agent, or “DA”). I strongly encourage you to learn more about these protocols on your own time. A good place to start is Wikipedia: http://en.wikipedia.org/wiki/Internet_Message_Access_Protocol and http://en.wikipedia.org/wiki/Simple_Mail_Transfer_Protocol .

REQUIREMENTS

Before you start this exercise you will need:

1. To make sure you have completed all the labs in the course. This lab uses the virtual machines from previous labs.

2. Become familiar with the IMAP and SMTP email protocols by researching them on Wikipedia.3. These virtual machines:

a. Win2008 (Logged on as Administrator)b. Centos5 (Logged on as root) c. Win7 (Windows 7) – this will be your domain-bound workstation. You will use this workstation

to test email from the client’s end, and log on as a bunch of different users.

PART 1 – SETTING UP DNS RECORDS

The following is a rough outline of the process you need to follow to setup the email and webmail services for Fauxco.com. These are not specific steps and you will be expected to apply what you have learned so far in this course to “fill in the gaps” between the instructions you see here and the actual tasks you need to perform to get things configured properly.

1. Add some DNS entries to the Win2008 DNS service on the domain controller:

Name DNS Record Type Datamail Alias (CNAME) win2008.ad.fauxco.comwebmail Alias (CNAME) centos5.ad.fauxco.com

Page 1

IST346: Lab Last Update: 11/9/2010 9:11 PM

a. To do this you should use the DNS utility in the Server Manager application. Here’s a screenshot of me adding the first CNAME:

b. When you’re done you should see this in DNS :

c. Before you continue with the next step: Make sure these names resolve from a computer other than Win2008 . For example from Win7

use ping or nslookup to make sure the CNAMES resolve to the proper IP addresses:

Page 2

IST346: Lab Last Update: 11/9/2010 9:11 PM

PART 2 – INSTALLING HMAIL SERVER

Now you’re ready to install the email server software which will support our email service. Our product of choice for this is hMail Server (http://www.hmailserver.com/ . ) We’ll use this product because: (1) it’s free and (2) it’s easy to setup.

1. Logon to Win2008 as Administrator2. Go to http://www.hmailserver.com and click on Download to access the download of the product. Click

on the latest version of hMailServer, which at the time of this lab is 5.3.3.

3. Follow these steps to install the product http://www.hmailserver.com/documentation/latest/?page=howto_install, keeping in mind:

a. You must be logged in as the domain Administrator on win2008 to install the software.b. Accept all default locations for the install location which should put the mail server in the C:\

Program Files\hMailServer folder.c. Perform a Full installation,d. Use the Built in database for the mail message store.e. Use the password SU2orange! For the email administrator password.

If you forget this password, you’ll have to start over with new virtual machines!f. Don’t worry about the MX DNS record. We don’t want or need our email to route outside of

ad.fauxco.com, so a MX record is not required.

Page 3

IST346: Lab Last Update: 11/9/2010 9:11 PM

g. Launch hMail after the install and connect to the server:

4. You will now be ready to configure the hMail Server, follow these steps here: http://www.hmailserver.com/documentation/latest/index.php?page=basic_configuration

a. The name of the domain you should add is ad.fauxco.com b. Add accounts for our 4 Fauxco.com Active Directory users: benweave, odatasgo, sbellum, and

titupp, and make sure to connect each email account to its active directory account, so there will be no need to provide a password for the email account. You can do this by Right clicking on Accounts and selecting Add AD Account, then selecting the domain and the account. When you’re finished you should see this:

c. Set the public (local) host name to mail.ad.fauxco.com.From the tree select Settings Protocols SMTP and then click on the Delivery of Email tab as seen here

Page 4

IST346: Lab Last Update: 11/9/2010 9:11 PM

You do not need to enter a Remote host name under SMTP Relayer, once again because we cannot and do not want our email to route to the internet.

d. Next let’s enable logging. And I reiterate: If you’re not logging then you don’t know what’s happening. If you don’t know what’s happening, then you cannot provide good service! Logging will allow the lab check script to verify the service is working and has been used by email MUA’s (clients). Logging can be found under Settings Logging and configure it as follows:

This will place your logs folder at C:\Program Files\hMailServer\Logs e. Finally, Disable the “auto-ban” feature under “Advanced” this will make sure if you logon

incorrectly to the email server you don’t get your account disabled.

Page 5

IST346: Lab Last Update: 11/9/2010 9:11 PM

While disabling this is a NOT good security practice, it helps when you’re trying to setup and configure the service for the first time!

At this point your Email server is setup. You can use SMTP protocol to send mail (MTA) and the IMAP protocol to receive mail. Time to configure a client and give it a test.

PART 3 – CONFIGURE AN EMAIL CLIENT (MUA)

Our email setup will be quite simple and straightforward when compared to a typical enterprise email setup. This is because inbound and outbound mail flow through the same host.

The first step is we need an email client, or message user agent (MUA). The email client we will configure is called Thunderbird

1. Logon to Win7 as Tally Itupp (titupp).2. Download windows live mail. Open Internet explorer and visit:

http://www.mozillamessaging.com then click the Download Thunderbird button. Click Run to start the setup.

Page 6

IST346: Lab Last Update: 11/9/2010 9:11 PM

3. Since you are not logged on as Administrator user account control will prompt for the admin credentials.

Enter your Administrator account and password SU2orange!4. The install process will begin. Click Next through the prompts and don’t change any defaults. Launch

thunderbird on finish.5. Thunderbird will ask you to setup a mail account. Since this it Tally Itupp, we enter:

Remember the password is SU2orange! and then click Continue.6. Next Thunderbird will configure your account by checking for your Incoming and outgoing mail servers.

When you see this screen, click the Create Account button. 7. Wow! Scary warning. This screen is let you know the username and password are sent in the clear.

Probably not how you want things in real life, but it’s sufficient for this lab.

Page 7

IST346: Lab Last Update: 11/9/2010 9:11 PM

Check I understand the risks and click Create Account.8. Congratulations! You’ve setup the MUA! Now try to compose an email to yourself.

a. Click Write to compose a new message.b. Send a message to yourself. Type exactly what you see here:

And press Send when you’re ready.

Page 8

IST346: Lab Last Update: 11/9/2010 9:11 PM

c. In a few seconds, your test message will arrive.

You can expedite this process with the Get Mail button.

If everything works, then it’s time to check logs on the server! Yay!

PART 4 – CHECKING ACTIVITY AND SMTP LOGS

In this step we will verify the email service is working properly from the server’s point of view. This is important to verify because this is how your check script will determine whether you configured the mail server correctly.

1. Logon to Win2008 as Administrator2. Let’s look for the email message we sent on the server. Open the C:\Program Files\hMailServer\Data\

ad.fauxco.com\titupp folder, you should see two folders inside this folder, representing the sent (and received) email. Please note your folder names will vary. For example:

a. If you do not see folders then you did not send mail through the server in the previous step – check your setup and retry.

b. If you open a folder, inside you will see an EML file. If you open this file with notepad you will see the contents of the mail message, along with the mail headers, for example:

Page 9

IST346: Lab Last Update: 11/9/2010 9:11 PM

I’ve highlighted tally’s logon and the computer IP address to show you this is the actual message that was composed on the Win7 workstation.

c. Let’s check the log files. Open the C:\Program Files\hMailServer\Logs folder. Inside you should see a log file with today’s date on it.

d. If you do not see this file, you did not configure logging on the server. If logging is disabled you will lose points on the check script.

e. If you open the log file you should be able find the SMTP traffic that sent the message:

f. If you cannot find it, make sure you’ve enabled SMTP logging, and try to send a test message again.

PART 5 – SQUIRREL MAIL WEB MAIL SERVER

5. At this point you have a working mail server up and running. It’s time for the bonus round…. Getting webmail working on Centos5.

g. Use yum package manager to install squirrelmail. (yum install squirrelmail)

Page 10

IST346: Lab Last Update: 11/9/2010 9:11 PM

h. Squirrel mail is a website that connects to your mail.ad.fauxco.com server, so it needs a web server to run.Start the httpd service (service httpd start) and then use chkconfig to configure httpd to run at startup (chkconfig httpd on).

6. Run this script from a terminal window to configure squirrel mail /usr/share/squirrelmail/config/conf.pl and you will see the following configurator:

7. Change these Settings:i. Turn Color off (The terminal window has a white background with color on it is difficult to see, if

you turn color off you will see what you type.). Press “C” to toggle this settings.j. In organization preferences, set Organization Name to Fauxco.comk. In Server settings set the domain to ad.fauxco.com and set Sendmail or SMTP to SMTP.l. Update IMAP settings

i. to use mail.ad.fauxco.com as the server ii. with authentication type login

iii. and server software hmailServerm. Update SMTP settings

i. to use mail.ad.fauxco.com as the server ii. with SMTP authentication type login

n. When done, your Server settings should look like this:

Page 11

IST346: Lab Last Update: 11/9/2010 9:11 PM

o. Save your settings and then quit the configuration utility. p. Verify Squirrel Mail is running open up a web browser on win7and type

http://webmail.ad.fauxco.com/webmail/ you should see the Squirrel Mail login screen. Try to logon as Tally Itupp.

q. If you can log on and compose and send mail then you’ve got it working correctly.

(NOTE: If you get an error message saying you cannot connect to the server you may need to start the httpd service again)

F INAL THINGS YOU SHOULD TEST, SO YOU KNOW IT’S ALL WORKING PROPERLY

If you made it this far, there’s a very good chance you’ve got everything working properly. There are a few more things you should do to ensure smooth sailing…

Logon as each of the 4 users and try to send and receive email. This is the only way you know for certain that you have configured email properly for everyone. You can logon as each user though Squirrel mail or via Win7. If you use Win7you will need to configure the mail client for each user the first time you logon as that

user. If you use webmail, you can just logon to the website. You should make sure it works with all 4 users so it’s a good idea to send email from each person.

The lab script checks to make sure each of the 4 users has SENT AN EMAIL. The Logs are by date so you must check the script on the same day that you send the 4 emails!

LAB SCRIPT

This lab will be checked/ graded with a lab-checker script. You will download this script to your win2008 virtual machine and then run it. It will verify you have performed the steps outlined in the lab

1. Make sure you are logged on to Win2008 as Administrator2. Next, download the lab checker script from the course website to your Documents folder.3. Run the script from the Powershell prompt by typing

cd documents and press ENTER then type:.\L06.ps1Or you can path it as follows:.\Documents\L06.ps1

Page 12