Date: Thu, 23 May 2002 01:25:32 -0400 (EDT) From: Jason Hunt <jhunt@lynden.on.ca> To: freebsd-isp@FreeBSD.ORG Cc: Jeremy Buckner <jeremy@cableaz.com> Subject: Re: need suggestions Message-ID: <20020523005049.W60899-100000@lethargic.dyndns.org> In-Reply-To: <002001c20147$7df047c0$fef0da42@caz>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 21 May 2002, Jeremy Buckner wrote: > We just recently decided to start offering our Internet services to > businesses and not just to the usual single end-user. That being said I > need some advice in the way of services and a box to put them on. We plan > to offer domain hosting to include mail, web and all that sort of thing. > Bottom line is that I need to build a box that can handle all of my needs. > I would say that this server will never host more than 50 domains as we are > restricted by our cable plant in terms of adding business customers. I have > played with virtual domains in apache so I feel ok in that department, but > I have never hosted multiple mail domains. I need to learn how to do that > in whatever mail prog is best qmail, sendmail...whatever. I need to know > how to make bob@domain1 to be different from bob@domain2 and so on. I am > assuming that each business will have their own IT guy/gal who will want > some sort of control as far as uploading web pages and the like but how can > they build email addys and not bother or see the other domains on the > server? Forgive me my ignorance, but I have never had to do this before. > Thanks in advance. > > JB > If you do not plan to have "very many" domains, I'll explain how my previous employer had the linux servers setup. Now this all works, but it's not as "clean" as it should be. If you are looking for something quick and simple, then the following might be a solution. Now all of this starts to tie into each other and can get confusing, but the overall picture should make sense. Generally a persons "username" on the system would be their domain name without the TLD (ie: domain.com was "domain", somethingelse.org was "somethingelse") This is also what their "account name" was for the billing system (we didn't use numbers, BAD IDEA, more on this later) This method isn't very scalable, but it generally worked. This username was created on the system (useradd, etc). They have their home directory in /home/www with numerous subdirectories, including 'www', 'cgi-bin', 'data' and 'logs'. We used Apache, with add-ons' like PHP+MySQL, FrontPage, etc etc, which I won't get into. Their <VirtualHost> tag in httpd.conf was setup to go their respective www subdirectory. There was also a /cgi-bin alias that went to their subdirectory for cgi's as well. Finally their logging was setup to go to their logs subdriectory. Refer to http://httpd.apache.org/docs/mod/core.html#virtualhost for more info. We used ProFTPD for FTP access. This would just look up their username and password in /etc/passwd much like any other ftp daemon. We used ProFTPD because we could lock them into their home directory. Many other ftpd's let you do this as well. We used BIND 8 for DNS. Every domain had the same DNS servers in their WHOIS records. These two DNS servers pointed all the domains to the same IP for the web server. This should be fairly straight forward. Refer to www.isc.org for info on BIND. Sendmail was our SMTP server. Take a look at http://www.sendmail.org/virtual-hosting.html for information on this. This is where lots of users got created on the system, just for the purpose for e-mail. Usernames get to be a problem here. bob@domain1.com might be lucky and have the username "bob" on the system. bob@domain2.org could sign up a few months later and we would have to give him something else. Usually we just went for "bob2" or whatever they wanted. A lot of people wanted info@ and sales@ for their domains. We would use things like "sales-domain1", "sales-domain2" and whatnot. We also generally had catchalls for every domains, ie: "@domain1.com" went to user "domain1". Quite often people would just have a catchall and thats it. Larger hosting customers could have upwards for ten to fourty e-mail accounts, so this wasn't an option. You just have to make sure that a username is available on the system before giving it to someone, and if it is not then pick an alternative. Cucipop was used for POP3. This was straightforward. Whatever username their mail was going to in the /etc/virtusertable for sendmail was their username for pop3 and that password. Webalizer was used for generating web statistics. Unfortunatly this was probably our only way of telling if a customer went over their monthly bandwidth limit. There was a config file for each domain that would look and their logs subdirectory and store data in a "data" subdirectory for that domain. The HTML that is generates was put into their www subdirectory, under another subdirectory named "usage". This was usually protected with a .htaccess file. Now I will be the first to admit that can be A LOT of problems with this type of setup on a large-scale basis. That is where you would start looking into things such as SQL- or LDAP-based authentication for each different service (POP3, FTP, etc). This would make them use their full e-mail address for POP3. There would not really be any real users on the system. These types of authentication systems also let you keep track of your billing a bit better. You can give each customer a number. Then all the accounts for e-mail and hosting are linked to that number. I'm not about to get into this though. :) I'm not sure how much sense this will all make, as it's about 1:30 in the morning. Ask me if there's anything you don't understand about what I said. Just remember not to go this route if you plan on getting hundreds upon thousands of hosting customers spanning multiple servers. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020523005049.W60899-100000>