Jul 28, '02 10:53:43AM • Contributed by: fivefifty
Read the rest of the artcile for the detailed how-to...
- Sign up for dynamic IP service: This service takes care of DNS and allows one to use a fixed domain name with a dynamic IP. Go to dyndns.org. You have two options, either get a free domain that's restricted to being a sub-domain of a huge list of possibilities (for example, you could get yourdomain.homeftp.org where yourdomain is anything), or sign up for custom DNS to use any domain (for example yourdomain.com where yourdomain is anything), which costs a $30 "donation" to dyndns.org. Make sure to download an OS X compatible program to keep dyndns.org updated with the correct IP. I use DNSUpdate.app. If you use one of the free domain names skip the next step.
- Sign up for a domain name: This is the actual named address to access your box. You need to sign up at one of the places to register a domain. dyndns.org recommends dotster.com, which is what I use. Make sure you pass in the dyndns.org DNS servers, and also make sure to register your domain with dyndns.org. Within 48 hours, your domain should point to your computer.
- Set up router/firewall: This step is only needed if you have a router or firewall. Basically, you need to let information related to mail and web through to your server. Only allow the ports to services you actually use. The important ports that should be known about are:
Port Service
You might notice that FTP is missing. This is because the FTP server is often used for a Denial of Service attack, something that can drastically slow down your connection. Since I do not know how to defend against this, I figure it's better to just leave it off. I also leave SSH blocked by my router, as leaving it on can give complete access to a machine through hacking a password. By now SSH and afpovertcp should already work with your domain.
22 ssh (remote login)
25 smtp and mail (mail server)
80 http (web server)
143 imap (used for remote access of mail)
548 afpovertcp (Apple File Server, for remote access of files)
- Set up the server to use your domain: The remaining steps require the use of Terminal.app and sudo. I can not guarantee you won't mess up your system, so please only precede if you know what you is going on. Here we have to let the server know what it's domain name is. We will start with the unix side. Open Terminal.app. Go into the /etc directory (sort of the "Preferences" folder for unix):
% cd /etc
Now edit the file "hostconfig", using sudo so that we can save: % sudo hostconfigThis should open up an editor window with this file. Find the line "HOSTNAME=-AUTOMATIC-" and replace "-AUTOMATIC-" with "yourdomain.com". Now we need to turn on what services this server provides. Turn all "-NO-" to "-YES-" for each service. For example:MAILSERVER=-YES-
Save the file (type Control-x Control-s) and exit emacs (Control-x Control-c). Now we need to take care of the OS X side of things. Open "NetInfo Manger.app" in the Utilities folder. Authenticate. Browse to /machines/localhost. Edit the "name" property, so that it is a list with "yourdomain.com" first and "localhost" second.
SSHSERVER=-YES-
WEBSERVER=-YES-
- Set Up Web Server: The Apache web server uses the traditional unix file system to store it's files. Therefore its configuration file is in /etc. Go to its configuration directory:
% cd /etc/httpd/
This directory holds the Apache config files. Open httpd.conf in emacs:% sudo emacs httpd.conf
Search for the line with a commented out "ServerName", or in other words hit Control-s, type "ServerName", and hit return. The cursor should be in the correct place. Uncomment the line and replace "fisheye" with "www.yourdomain.com". There are several other configuration details you may wish to do, so just look through this file and read the comments. Finally we need to turn on the web server. Simply open "System Preferences", go to "Sharing", and click the button to turn on "Web Sharing". That should be it. Your web documents should be placed in in "~/Sites", or "/Library/WebServer/Documents".
- Set Up Mail Server: Now comes what is probably the most difficult portion of the process, setting up the mail server. We will use the unix program "sendmail", which comes with OS X. I figured this out through various hints at macosxhints.com, especially with the article "Update to Mac OS X Terminal, Part 3" at macdevcenter.com. We need to generate the sendmail configuration file. Go to the directory with the default conf file and copy it for editing:
% cd /usr/share/sendmail/conf/cf
The default should work as is. So we need to compile it and put it in the correct place, but first backup the original configuration file:
% sudo cp generic-darwin.mc yourdomain.mc% sudo cp /etc/mail/sendmail.cf /etc/mail/sendmail.cf.orig
We also need to tell NetInfo where to look for the configuration file:
% m4 ../m4/cf.m4 yourdomain.mc > /tmp/sendmail.cf
% sudo cp /tmp/sendmail.cf /etc/mail/% sudo niutil -create . /locations/sendmail
This is the command line version of "NetInfo Manager.app". Now do some other miscellaneous things that sendmail requires to work properly:
% sudo niutil -createprop . /locations/sendmail sendmail.cf /etc/mail/sendmail.cf% sudo chgrp smmsp /var/spool/clientmqueue
The last line will make the root directory uneditable. This is a security measure, though if this really is a problem, it is possible to get around it. Look at the various other sendmail articles to see how.
% sudo chmod g-w /
Finally, we need to make sendmail start when the computer is turned on. This is done by fixing the corresponding System StartupItem file. Open the shell script that gets run at startup:% sudo emacs /System/Library/StartupItems/Sendmail/Sendmail
Directly below the line "/usr/sbin/sendmail -bd -q1h", which is near the bottom, add the line:/usr/sbin/sendmail -C /etc/mail/submit.cf -q1h
Restart. Now sendmail (which incidently also receives mail) should be working find. Try it out:% mail any@emailaddress.com
You can use any email address, and to finish the email type a line with a single '.' You should also be able to receive mail now. Try sending an email to username@yourdomain.com, where username is the short name to any OS X User on the server computer. To read the email on the command line type:% mail
A list of new emails will show up, and just type a number to read the corresponding email.
- Set Up "Mail.app" to read your unix account: Unfortunately, "Mail.app" has a bad bug that makes setting it up to read your UNIX mail unnecessarily difficult. I found this tip at macosxhints.com as well. This step must be done for each user that wants to check unix mail with Mail.app. We need to create a folder for Mail.app to use for the unix account:
% cd ~/Library/Mail
Now we need to setup Mail.app. Open the preferences window. Click "Create Account". Choose Account Type: "UNIX Account". Fill out the remaining information using "localhost" for SMTP Server. Now go to the "Account Options" tab. Set "Account Directory: " to "~/Library/Mail/UNIX:username@yourdomain.com". This will add "Inbox" to your personal mailboxes, which should show all your unix mail.
% mkdir UNIX:username@yourdomain.com
% chmod 700 UNIX:username@yourdomain.com
- Set Up imap: I used this imap how-to site. imap is a protocol that allows you to access your mail remotely. Unfortunately, it is not included in OS X, so you need to download it first. imapd is a strange program in that it does not have a configuration file; all configuration is done in the actual source code. Luckily, this is pretty much taken care of for us. Now go to the place where you unzipped the tar.Z package, into the subfolder "imap-2002.RC2", and type "make osx" in Terminal.app. Once it is finished, we need to place the newly compiled "imapd" into the correct directory, making sure "username" is your username:
% mkdir -p /usr/local/libexec
Finally, we need to setup imapd so it runs at startup. Open "/etc/inetd.conf" in emacs:
% sudo cp imapd/imapd /usr/local/libexec
% sudo ./imap.sh
% sudo ./mailbox.sh username% sudo emacs /etc/inetd.conf
Uncomment (remove all # signs) the line:##imap4 stream tcp nowait root /usr/libexec/tcpd /usr/local/libexec/imapd
Restart. Imap should now work.
[Editor's note: Please heed the warnings - if you don't understand the Terminal very well, you could potentially do some "Really Bad Things" to your machine with this hint, so proceed with caution! Also note that many ISPs, mine included, block server access on lower ports to prevent people from running their own servers. If this applies to you, you'll have to figure out how to remap your services onto higher port numbers; this hint should get you started...]
