I have a server at Eskimo North running CentOS 7, primary DNS (Bind 9), Postfix 2.10, Dovecot, Apache-2.4.34, php-7.2.8, and I have an SSL certificate from RapidSSL. I am also running rainloop.
In the ongoing effort to tighten up security, I note that I have not successfully deployed Domain Keys or DKIM. I still don't know how to do this. I have Postfix set up with submission, but how to get Rainloop to use that I'm not certain. I'm concerned that there is no obvious config file line for Rainloop to store the smtp username and smtp password and that Rainloop is using plain old port 25. Does port 25 have to be open or can I get away with just the submission port? I use fetchmail to retrieve incoming email from Eskimo North. The output and errors from postconf -n follow: [root@goose postfix]# cat postfix_config.txt alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix debug_peer_level = 2 debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5 html_directory = no inet_interfaces = all inet_protocols = ipv4 mail_owner = postfix mailbox_command = /usr/bin/procmail -a "$EXTENSION" mailbox_size_limit = 0 mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man masquerade_domains = $mydomain mydestination = localhost.$mydomain, localhost, $mydomain mydomain = robinson-west.com myhostname = goose.robinson-west.com mynetworks = 127.0.0.0/8, 204.122.17.0/24 myorigin = $mydomain newaliases_path = /usr/bin/newaliases.postfix postscreen_access_list = permit_mynetworks, cidr:/etc/postfix/postscreen_access.cidr postscreen_dnsbl_action = enforce postscreen_dnsbl_reply_map = texthash:/etc/postfix/dnsbl_reply postscreen_greet_action = enforce queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix-2.10.1/README_FILES sample_directory = /usr/share/doc/postfix-2.10.1/samples sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd smtp_sasl_security_options = smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtpd_banner = $myhostname at Eskimo North smtpd_recipient_restrictions = permit_mynetworks reject_unauth_destination check_helo_access hash:/etc/postfix/helo_access reject_unknown_helo_hostname smtpd_sasl_auth_enable = yes smtpd_sasl_authenticated_header = yes smtpd_sasl_path = private/auth smtpd_sasl_type = dovecot smtpd_sender_restrictions = reject_unknown_sender_domain smtpd_tls_auth_only = yes smtpd_tls_cert_file = /opt/etc/certs/cert/server.crt smtpd_tls_key_file = /opt/etc/certs/private/goose_robinson-west_com_RSA_private_nopass.key smtpd_tls_protocols = !SSLv2, !SSLv3 smtpd_tls_security_level = may smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtpd_use_tls = yes soft_bounce = no unknown_local_recipient_reject_code = 550 smtpd_tls_protocols = !SSLv2, !SSLv3 smtpd_tls_security_level = may smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtpd_use_tls = yes soft_bounce = no unknown_local_recipient_reject_code = 550 [root@goose postfix]# cat error-postfix-config.txt postconf: warning: /etc/postfix/main.cf: unused parameter: postfix_dnsbl_threshold=2 postconf: warning: /etc/postfix/main.cf: unused parameter: postfix_dnsbl_sites=zen.spamhaus.org*2?bl.spamcop.net*1 b.barracudacentral.org*1 postconf: warning: /etc/postfix/master.cf: unused parameter: smptd_sasl_local_domain=$myhostname _______________________________________________ PLUG mailing list PLUG@pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug