MT Installation

From The Network People, Inc.

Jump to: navigation, search

Contents

Hardware Recommendations

Configure our purchase hardware designed to serve as an email server. See the MT Hardware Recommendations page for a brief discussion of hardware considerations.


OS Installation

The Mail Toaster installation process assumes that you already have a server with the OS installed. If you have not yet installed FreeBSD, the FreeBSD handbook has excellent documentation for the FreeBSD Install process. Be sure to check out our Proper sizing of disk partitions as the suggestions in the handbook are general and not optimal for a mail server.

During the FreeBSD Install process, choose the follow settings:

  1. Proper sizing of disk partitions
  2. Install the 'Kern-Developer' or 'User' distribution
  3. Do not install ports
  4. do enable SSH
  5. do set your timezone

There's little reason to install sources since upgrades can be done now with freebsd-update. Installing the ports tree during the install is redundant since you will update the ports tree with portsnap when you begin building Mail Toaster.

Consider reading through the Mail Toaster FAQ. There are topics on Proper sizing of disk partitions and other considerations that affect how you might configure your server.

Tuning

If you expect to have a very busy mail server (ie, serving for thousands of users) or are using under-powered hardware (ie, embedded systems) then you will almost certainly want to read up on Freebsd Tuning and optimize your system.


Configure TNPI Login

If you are preparing the system for us to build it, then you need to set up a login account for us. This can be easily done as follows: 

# pw useradd tnpimatt -g wheel -m -s /bin/tcsh -h -
# su - tnpimatt
# umask 0077; mkdir -p ~/.ssh
# umask 0022; fetch -o .ssh/authorized_keys http://www.tnpi.net/ssh.txt

The steps shown create a system account for the user tnpimatt with password authentication disabled. Then you install my SSH public key. That restricts login ability to those who have physical possession of my SSH private key. My private key is also password protected, requiring someone to both know the password and have physical possession of the private key. This practice is known as Two-factor authentication and is very secure.

Configure DNS

If you haven't already, it would be wise to get your DNS configured properly. Email does not work properly unless DNS works.


When your server is ready, begin with step 1.

Retrieved from "http://www.tnpi.net/wiki/MT_Installation"
Personal tools