pantz.org banner
The SheevaPlug backup mail server
Posted on 06-26-2009 02:35:28 UTC | Updated on 06-26-2009 02:51:39 UTC
Section: /hardware/plugcomputer/ | Permanent Link

What is a SheevaPlug? It is a network appliance that is fully enclosed in an AC power plug or AC adapter. It has a gigabit Ethernet port, SD memory slot, usb port, and mini-usbport. You can plug it right into the wall just like an ac adapter. All for $99.

It comes with 512 Meg ram and 512 Meg of flash based disk space. It runs a ARM processor and comes with Ubuntu Linux installed.

More info about the SheevaPlug can be found here.

I used this little plug computer to setup a backup mail server. You could use it for just about anything you like since it runs a full Linux distribution. Here is the basic setup I used to get everything going.

Connect to the SheevaPlug from a linux box using the usb cable that came in the box. This connection will be your serial console (USBtoSerial). To get the usb serial thing going I had to insert a few modules on my Linux box. Everything worked fine after that. I have also read that you can just plug it in and it will get a DHCP address off the network if you have a DHCP server. Then you can just ssh in from there.

sudo modprobe usbserial
sudo modprobe ftdi_sio vendor=0x9e88 product=0x9e8f

Install the simple call up (cu) program to connect to the emulated serial port ttyUSB1. Then connect.

sudo apt-get install cu
cu -s 115200 -l /dev/ttyUSB1

Login as root with the default password.

Login: root
Pass: nosoup4u

Change your root password

passwd

Add a new user.

adduser newuser

Use visudo and insert the line below to give your new user full sudo privs.

# add user in visudo
newuser    ALL=(ALL) ALL

Then turn on the setuid bit on the sudo program so you can actually use sudo. Sudo will not let you sudo to root if you don't do this.

chmod u+s /usr/bin/sudo

Edit /etc/network/interfaces. Comment out DHCP line. Put in static ip info.

# iface eth0 inet dhcp
auto eth0
iface eth0 inet static
address 192.168.1.60
netmask 255.255.255.0
network 192.168.1.0
broadcast 192.168.1.255
gateway 192.168.1.1

Restart networking.

/etc/init.d/networking restart

Edit /etc/resolv.conf and put in your ISP's DNS servers

domain yourdomain.org
search yourdomain.org
nameserver 192.168.1.1

The Ubuntu 9.04 that comes with the plug computer puts it's apt-get cache dir on a temporary file system. It's missing a dir so apt-get will not work until you make the dir. This line is in the /etc/rc.local file but it does not seem to execute on boot for some reason.

mkdir -p /var/cache/apt/archives/partial/

Install the Postfix SMTP server. This is the main reason for this box. You will have to put in your Posfix configs here. If you need examples see the menu on this site in the Postfix section. You can also search this site for the word Postfix.

apt-get install postfix
apt-get clean all
# put in your config files
/etc/init.d/postfix start

I use procmail as my MDA so I'll install it.

apt-get install procmail
apt-get clean all

Install ddclient so we can update the dynamically changing ip of our server.

apt-get install ddclient
apt-get clean all

Edit /etc/default/ddclient file. Change run_daemon to true and daemon interval to what you want.

run_daemon="true"
daemon_interval="1800"

Then copy over your /etc/ddclient.conf file. An example one is below. This example uses a custom domain in the example. The backup mail server.

daemon=1800                     # check every 600 seconds
syslog=yes                      # log update msgs to syslog
mail=root                       # mail all msgs to root
mail-failure=root               # mail failed update msgs to root
pid=/var/run/ddclient.pid       # record PID in file.
cache=/var/run/ddclient.cache   # Cache file
ssl=yes                         # use ssl-support.
use=web
login=dynloginname              # default login
password=xxxxxx                 # default password
protocol=dyndns2
server=members.dyndns.org
custom=yes, backupmail.yourdomain.org

Install OpenNTPd. For some reason OpenNTPd needs a date near the real date to work. So we will set one close to the real date. Then update the hardware clock.

date 012618002009
hwclock -w
apt-get install openntpd

Edit the /etc/default/openntpd file and put in the -s option. This is so OpenNTPd will set the time on start.

DAEMON_OPTS="-s"

Restart OpenNTPd.

/etc/init.d/openntpd restart

Install pflogsumm because I like mail stats. Install mailx because the mail package is to big and mailx does what we need. This will make a symlink to mail.

apt-get install pflogsumm mailx

Run crontab -e and put this line in cron for pflogsum to run stats each night.

# crontab -e
15 0 * * * /usr/sbin/pflogsumm -d yesterday /var/log/mail.log 2>&1 |/usr/bin/mail -s "`uname -n` daily mail stats" root

The Linux build for the SheevaPlug does not have iptables by default. You could put an updated kernel in if you want it but let's keep this simple. We just want to filter hosts that connect to sshd. So we can do it with tcp wrappers. We will allow only hosts who's DNS PTR records (reverse look up) resolve to my.isp.org. Edit the /etc/hosts.allow file and put this in changing it for your ISP. Remember to allow your local hosts to connect ot sshd also.

sshd : .my.isp.org : allow
sshd : 192.168.1. : allow
sshd : localhost : allow
sshd : ALL : deny

Last but not least. Remember to forward port 22 and 25 on your ISP's router to the internal static ip you gave your SheevaPlug.

Just reboot and test. I can say it works great for me. Cheap, silent, very low power, Linux. What more could you ask for?

Del.icio.us! | Digg Me! | Reddit!

Related stories


RSS Feed RSS feed logo
About


3com
3ware
alsa
alsactl
alsamixer
amd
android
apache
areca
arm
ati
auditd
awk
badblocks
bash
bind
bios
bonnie
cable
carp
cat5
cdrom
cellphone
centos
chart
chrome
cifs
cisco
cloudera
comcast
commands
comodo
compiz-fusion
corsair
cpufreq
cpufrequtils
cpuspeed
cron
crontab
crossover
cu
cups
cvs
database
dbus
dd
dd_rescue
ddclient
debian
decimal
dhclient
dhcp
diagnostic
diskexplorer
disks
dkim
dns
dos
dovecot
drac
dsniff
dvdauthor
e-mail
echo
editor
emerald
ethernet
expect
ext3
ext4
fat32
fedora
fetchmail
fiber
filesystems
firefox
firewall
flac
flexlm
floppy
flowtools
fonts
format
freebsd
ftp
gdm
gmail
gnome
greasemonkey
greylisting
growisofs
grub
hacking
hadoop
harddrive
hba
hex
hfsc
html
html5
http
https
idl
ie
ilo
intel
ios
iperf
ipmi
iptables
ipv6
irix
javascript
kde
kernel
kickstart
kmail
kprinter
krecord
kubuntu
kvm
lame
ldap
linux
logfile
lp
lpq
lpr
maradns
matlab
memory
mencoder
mhdd
mkinitrd
mkisofs
moinmoin
motherboard
mouse
movemail
mplayer
multitail
mutt
myodbc
mysql
mythtv
nagios
nameserver
netflix
netflow
nginx
nic
ntfs
ntp
nvidia
odbc
openbsd
openntpd
openoffice
openssh
openssl
openvpn
opteron
parted
partimage
patch
perl
pf
pfflowd
pfsync
photorec
php
pop3
pop3s
ports
postfix
power
procmail
proftpd
proxy
pulseaudio
putty
pxe
python
qemu
r-studio
raid
recovery
redhat
router
rpc
rsync
ruby
saltstack
samba
schedule
screen
scsi
seagate
seatools
sed
sendmail
sgi
shell
siw
smtp
snort
solaris
soundcard
sox
spam
spamd
spf
sql
sqlite
squid
srs
ssh
ssh.com
ssl
su
subnet
subversion
sudo
sun
supermicro
switches
symbols
syslinux
syslog
systemrescuecd
t1
tcpip
tcpwrappers
telnet
terminal
testdisk
tftp
thttpd
thunderbird
timezone
ting
tls
tools
tr
trac
tuning
tunnel
ubuntu
unbound
vi
vpn
wget
wiki
windows
windowsxp
wireless
wpa_supplicant
x
xauth
xfree86
xfs
xinearama
xmms
youtube
zdump
zeromq
zic
zlib