> From: owner-postfix-us...@postfix.org [mailto:owner-postfix- > us...@postfix.org] On Behalf Of jeremy.als...@imap-mail.com > Hi Victor. > > On Fri, 08 Apr 2011 00:59 -0400, "Victor Duchovni" > <victor.ducho...@morganstanley.com> wrote: > > Start simple, and add features gradually. There is a steep learning > > curve for a novice to deploy a complex production system with no > prior > > experience. > > It sure feels pretty steep already. I guess I'm glad I'm not just > imagining things. > > I'm pretty sure I want to stick with the single Instance setup. Like > you said, for now at the least. > > I found a pretty good example, Spamassassin + ClamAV + Postfix > WITHOUT Amavis (Debian) > http://www.xtarutaru.com/2009/04/16/spamassassin-clamav-postfix- > without-amavis-debian/ > that along with Daniel's comments that's helping me to make sense of > this a bit better.
There's a ton of howtos out there - I'm sure you can find one that suits all your needs. The nice thing about this one is that it'll keep you on the track you've been advised on - i.e. keeping things simple and adding features as you go. I would recommend using amavis for your spam and virus checking though. The Howto you're looking at specifically doesn't use it because of resource constraints on the host. However, it sounds like you don't have that constraint. > I'm still going to read through some more of those Multiple Instance > examples so maybe I can get some idea which road to point myself down > for later. > > If I do any of the Multiple Instance setup is there a good Document > that tells what configuration goes into what file? Does > configuration flow down from the 1st one you setup ? So that > PostScreen configuration, which looks to do some of the work I want > done, goes into which config file? Personally, I don't think you need multiple instances. If the book you got was The Book of Postfix, then it was written by contributors to this list - and you can't go wrong. Setting up my own mail server to handle mail for multiple domains with spam and virus checking is one of the most worthwhile and fun things I've ever done. I really want to encourage you to stay on the learning curve you've chosen. I've been successfully blocking up to 98% of traffic (when the Rustock botnet was running) using a very simple set up but my false negatives are almost non-existent and my false positives are very low. I'm sure there are more valid opinions but my advice for what it's worth is: . Set up postfix to receive and send mail securely (i.e. don't be an open-relay!) . Get your delivery agent set up (Courier/Dovecot) and working . Implement some sort of sender authentication e.g. SASL - though it will depend on your choices above) even if your users will only send mail to the server from inside the network . Some sort of log reporting (pflogsumm/postfix-logwatch) working . Add in the postfix's native spam controls, limiting and checks . Then look at content filtering (spam, virus and other objectionable content) - as you've already learnt this can be handed off to a different server/service, even if they're on the same host . Then look at more advanced controls like grey-listing and postscreen If in doubt, ask and remember that most defaults are there for a reason. Consider the implications before changing them (but some will need to be changed to suit your set-up). Have fun.
