home   articles   archive   forum   masthead  
Published at 11.7.02
Author: Thomas Grotevent
Translator: Michael Clemens
Languages: de
Printer printer-version
Support Us!
  Warning: This article needs a proof reader.

Wollmilchsau Server: 1. Einleitung

Kapitelübersicht:
1. Einleitung
2. Basisinstallation
3. LAMP
4. Mailserver
5. SIEVE (Websieve 0.61 / Easysieve 1.1)
6. Hylafax: Fax & Fax/Mail-Integration
7. Squirrelmail
8. Horde PHP Framework
9. Horde IMP - Webmail mit Komfort
10. Horde Turba: Kontaktmanagement
11. VBOX - Anrufbeantworter im Server
12. WebMin


1.0. Why?

A test system should be provided which contains all common and some additional nice-to-have services as far as possible. Efficiency, cheapness and marginal time exposure are the most important factors.

1.1. Why

The realization of this system as two reasons: First of all, a windows based job-related environment and the interest in testing an alternative solution. The other lies in my interest in Linux and the test how much such a little server can stand without prostrating.

Another reason was that my current server had an hardrive crash with the upcoming question: How did I do that at that time....? and the conclusion that most of it wasn't documented or that it was obsoleted

1.2. The inevitable....

The author was anxious creating this text in all conscience. All procedures and methods are not guaranteed to work, to be safe etc. The document is provided "as is" without guarantee.

1.3. What not?

It will not be an perfect sophisticated system. Required was a system that is constructed as an test system to check things out under Linux. Preferred is a fast configurability with the most small time exposure.

This has immediate srquences to the system's security:

1.4. SECURITY ADVICE

The system isn't safe! It's thought to be used as an internal test system and shouldn't be used as an internet server. Also it has to be reconfigured if you want to use it as a server in an production environment even without internet access.

It shouldn't be deployed as an Firewall / Gateway in no case.

It's very difficult to harden a system with so many services like this. The protection of a Firewall / Gateway on the same system would be damn hard or nearly impossible to realize.

Known security holes of this system are marked in this document with advices or warnings

1.5. What does it include?

  • Mailsystem to send or fetch mails. (Postfix/Fetchmail)
  • IMAP-Mailer to achieve a comfortable administration of mail boxes (Cyrus)
  • Mail-Virus scanner (AMaViS, H+B AntiVir or an other scanner)
  • WebSIEVE and EasySieve, Sieve-Mailfilter administrated via browser
  • Fax via ISDN / Mailanbindung (HylaFAX, AVM-CAPI-Software, Mailanbindung)
  • Answering machine with notificationmails an WAV-attachment (VBOX)
  • Database (MySQL)
  • Webserver (Apache)
  • optional SSL-encryption of the webserver(mod_ssl)
  • PHP (programming language for dynamic websites with database access)
  • Webmail easy an fast: (Squirrel Mail)
  • Webmail confortable (Horde/IMP/Turba)
  • WebMin (browser-bases system administration)

The installation of some services depends on each other. Webmail e.g. depends on a working webserver and an IMAP-Server is needed by mail via browser. The Webmailer IMP requires a database (preferably MySQL) if it is configured to use it and so on...

1.6. Hardware

To lower costs, I decided to build a system with used parts, some of them from my own stock of used parts, some from online auctions. The RAM modules were the only parts that have been bought. Because of the needed reliability some expensive high quality modules were chosen.

Thereby this server arose:

Hardware list
Mini-Servertower incl. PS 350W      
(Ebay) 
 60,-- EUR
Mainboard Abit, CPU P2-350	     
(Ebay) 
 85,-- EUR
Memory 2 x 256 MB Infineon	     
(Neu)  
125,-- EUR
Harddrive 40 GB IDE		     
(Ebay) 
 95,-- EUR
CD-ROM Toshiba 24fach		     
(in stock)
 50,-- EUR
Floppy TEAC 	     		     
(in stock)
 12,-- EUR
Grafic card Vodoo 16 MB	     
(in stock)
 50,-- EUR
Network adater NN/Realtek-Chip 10/100
(in stock)
 12,-- EUR
ExaByte Eliant Streamer      7/14 GB
(Ebay) 
 90,-- EUR
SCSI-Controller Buslogic ISA	     
(in stock)
 60,-- EUR
Summ				     
639,-- EUR


plus ca. 2 - 3 hours of assembly.

The minimum requirements are thereby already transcended.

To achieve the minimum, 256 MB of memory, a small harddrive and a P2-300 would already do it. Also the streamer isn't mandatory but if the system crashes it would be of advantage to be able to restore the lost data from tape.

Bild der Rechner

The one who is able to invest more money has more availibilities. The more, the better (I'd like to have an 4-way P4 2000, 2GB of RAM/CPU, an U160-SCSI-RAID with 6 to 8 36GB 10000/min HDs, DLT tape, an own 2 gig dedicated line etc. Only the donator is missing :) )

If the system should be used as an productive system, some components should be chosen in a different way. An allocation over multiple hard drives (e.g. system, mail data, SQL files or an even smaller allocation) would speed it up because of having disc acces spreaded over multiple physical drives (I mean drives, not partitions!). If using multiple drives, it would make sense to choose SCSI because disc acces is better organized here then it is done by ATAPI systems.

Choosing an better network adapter then the very CPU intensive Realteck would improve performance, too.

1.7. Software:

  • SuSE 7.3 Professional. Other distributions would also do fine, off course you have to adapt distribution specific attributes like paths etc.

  • Bugfixing and updating the distribution.

  • Sourcecodes of some programs:

  • packages:

It is recommended to burn a CD containing the latest stable version of each program and all updates and bugfixes downloaded from the SuSE homepage. This simplifies the handling. Especially the virii scanner should be handled like this because the one on the SuSE cd set is in every case out-dated. These days it is obligatory to update virii scanners daily.

1.8. Brainware ;-)

Because of being so extensive, the server requires fundamental knowledge. Topics like TCP/IP, domain names, FQDN, IP adresses, ports and most protocols should be already known. This document will not go into these basics.

If you never installed Linux before, you shouldn't dare this project.

Absolute beginners are adviced to play around with some test installations. Before starting such a big project, one should have already installed and configured a complete desktop system including samba, X and printers. (Otherwise you should have plenty of time...)

1.9. SuSE 8.x

SuSE made significant changes to their system since version 8.
One big difference is the new version of HylaFAX. The conversion of facsimiles to mails isn't done with scripts like described in this document.
Please use the "FaxDispatch"-file the way like descriped at the end of the article or a more comfortable variant of it.
(The package "metamail" has to be installed!)

The second difference are the install-scripts. They are completly rewritten, so the transfer of the WMS to SuSE 8.x will bring up some difficulties.



Talkback Area




Enter Own Comment