Debian Standard Packages to install afterwards: Difference between revisions
No edit summary |
No edit summary |
||
Line 8: | Line 8: | ||
<pre> | <pre> | ||
postfix openssh-server zip unzip bzip2 arj ncftp | postfix openssh-server zip unzip bzip2 arj ncftp rsync sshfs | ||
</pre> | </pre> | ||
Revision as of 07:23, 14 June 2019
After a standard install of debian, these packages still need installing.
apt-get install vim mc iproute hal atsar sysstat systune snmpd ncftp fail2ban nscd needrestart ntpdate ntp mlocate mutt postfix
maybe need installing
postfix openssh-server zip unzip bzip2 arj ncftp rsync sshfs
possible to need to do
dpkg-reconfigure postfix
Make sure it is set as a satellite host (because ziggo blocks port 25, but allows port 587 traffic) for mail.edgarbv.com.
Then on the mail.edgarbv.com server add the domain name to
/etc/postfix/sender_whitelist
and
postmap sender_whitelist postfix reload
/etc/postfix/main.cf on the satellite server should have the following line in it
relayhost = mail.edgarbv.com:587 inet_protocols = ipv4
Notes: Choose between nscd or pdnsd for DNS caching. nscd can be buggy, pdnsd needs resolvconf
vim-tiny is installed by debian by default. This is horrible, and which is why we install vim first!
/etc/default/sysstat: turn ENABLED="true"
/etc/default/snmpd: get rid of 127.0.0.1 from SNMPDOPTS
vi /etc/snmp/snmpd.conf: change the community names
nscd is only usefull for servers not running bind themselves
fail2ban
vi /etc/fail2ban/jail.local
[DEFAULT] ignoreip = 127.0.0.1/8 92.109.193.251 bantime = 6000 [proftpd] enabled = true [dovecot] enabled = true logpath = /var/log/auth.log [postfix] enabled = true logpath = /var/log/mail/mail.log
maybe destemail too
NB don't edit jail.conf
might need apt-get install resolvconf but I don't like it much
obsolete
vi /etc/denyhosts.com
set PURGE_DENY = 1w and ADMIN_EMAIL = red@email.com and SMTP_FROM = Denyhosts $machinename <nobody@localhost>
Also, if a host keeps getting denied, you can stop it from going in the /etc/hosts.deny file by putting the IP address into a line in /var/lib/denyhosts/allowed-hosts