User Tools

Site Tools


sysadmin:training

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision
Previous revision
sysadmin:training [2015/01/12 12:01] – [Mail] tapionsysadmin:training [2021/02/03 17:42] (current) – fatti i test feroda
Line 1: Line 1:
-====== Training for Ops ====== +====== Training per sysadmin ======
-===== DevOps =====+
  
-  * http://www.devopsbookmarks.com/+===== Verifica raggiungibilità host ===== 
 + 
 +Prima di tutto si deve verificare se si raggiunge il sistema remoto.  
 +Si può fare con il programma `ping <nome host o indirizzo IP>` 
 + 
 +Il ping può essere utile per verificare anche la latenza di rete 
 + 
 + 
 +===== Verifica raggiungibilità di un servizio ===== 
 + 
 + 
 +==== Esempio HTTP ==== 
 + 
 +TODO Costin 
 + 
 +==== Esempio SSH ==== 
 + 
 +TODO Costin 
 + 
 +==== Esempio SMTP (invio email) ==== 
 + 
 +TODO Costin 
 + 
 + 
 +===== SMTP (avanzato) ===== 
 + 
 +Da non leggere se non si è già amministratori di un server email. 
 + 
 +==== SMTP configuration ==== 
 + 
 +In order to have a working SMTP server we have to take care of "some" ;) points: 
 + 
 +  PTR reverse DNS record: ''dig +short ptr <reverse IP>.in-addr.arpa'' must give an hostname which DNS A record points to the <IP address> of your server. 
 +  * DNS: 
 +    * MX -> who exchange the mail for the domain? 
 +    * SPF -> which addresses can be originated from the MX? 
 +    * DKIM -> how are signed messages outgoing from the MX? 
 +    * DMARC -> what actions do you suggest to mail receivers' providers regarding the conf of SPF/DKIM and where you would like to receive reports from them to tune your mail settings? 
 + 
 +  * Furthermore we need working antispam and antivirus 
 +  * And of course SMTP server only relay local or TLS + authenticated connections 
 +  * Need to add DNS entries to the host that receives DMARC reports if domain is different from the one of the DMARC itself 
 + 
 +=== References === 
 + 
 +  * https://wiki.zimbra.com/wiki/Best_Practices_on_Email_Protection:_SPF,_DKIM_and_DMARC 
 +  * https://workaround.org/ispmail/jessie 
 +  * https://workaround.org/ispmail/wheezy/smtpd-restrictions-spf-dkim-and-greylisting 
 +  * DKIM on STMP RELAY server (trust hosts...) http://www.stevejenkins.com/blog/2011/08/installing-opendkim-rpm-via-yum-with-postfix-or-sendmail-for-rhel-centos-fedora/ 
 + 
 +  * Very useful thread for MS hotmail and outlook problems https://www.hmailserver.com/forum/viewtopic.php?t=27930 
 +  *  
 +=== SMTP/IMAPs tests === 
 + 
 +  * Fantastic and happy! http://www.mail-tester.com/web-us64b 
 +  * MX Toolbox non ha bisogno di presentazioni, molti test: https://mxtoolbox.com/ 
 +  * Documentazione DNS MailCow: https://mailcow.github.io/mailcow-dockerized-docs/prerequisite-dns/ 
 +  * SPF: http://tools.wordtothewise.com/spf/check/ 
 +  * SPF, DKIM, Antispam: http://dkimvalidator.com send an email to the given address and view results 
 +  * DMARC: https://dmarcian.com/ 
 +  * IMAPs: http://wiki.dovecot.org/TestInstallation 
 +  * SMTP: https://www.ndchost.com/wiki/mail/test-smtp-auth-telnet 
 +  * SMTPs: https://www.saotn.org/tls-test-smtp-auth-plain-authentication-and-verify-starttls-connections/ 
 + 
 +==== Migrazione di un sistema di posta con soli alias verso Mailcow ==== 
 + 
 +  - [X] Backup e aggiornamento Mailcow 
 +  - [X] Configurazione Mailcow -> aggiungere dominio 
 +  - [X] Creare un utente admin specifico per il dominio 
 +  - [X] Trasferire alias (copia da ''/etc/postfix/virtual_pdp''
 +  - [X] Visualizzare tutte le impostazioni necessarie del DNS e si aggiornano i record DNS 
 +  - [X] Effettuare il test: tra tutti mail-tester e mxtoolbox 
 + 
 +=== Backup e aggiornamento === 
 + 
 +  cd /opt/mailcow-dockerized 
 +  helper-scripts/backup_and_restore.sh backup all 
 +  ./upgrade.sh 
 +  ./upgrade.sh 
 +   
 +Per il changelog v. canale Telegram, oppure ''git log''
  
-===== Mail ===== 
  
-  * https://workaround.org/ispmail 
-  * OpenDKIM: 
-    * http://www.opendkim.org/opendkim-README 
-    * https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-dkim-with-postfix-on-debian-wheezy 
-    * http://www.port25.com/support/authentication-center/email-verification/ 
-    * http://www.port25.com/support/domainkeysdkim-wizard/ 
sysadmin/training.txt · Last modified: 2021/02/03 17:42 by feroda