Dear friends, I have been using Postfix for sometime now for a single domain and it has been running smoothly with Dovecot. I use milters for Spamassasin, Clamav, Dkim, Dmarc & SPF. Postgrey has also been configured (although I think it could be removed in the long run). I have Postscreen enabled. TLS support has been enabled with self-signed certificates.
Now, I have to migrate to a new server that is running FreeBSD 11. I need to support 4 domains on this single server with each domain having its own Trusted CA certified SSL digital certificate. I can think of three ways to accomplish this and I am looking for some guidance based on your knowledge/experience with Postfix. Method 1] Use virtual domains on a single Postfix instance and override master.cf to take care of the individual SSL certificate for each domain using a separate IP in each case. Based on my research, I believe this could get complicated with Postscreen and other milters enabled. So I am not too keen on going this path. Correct me if I am wrong... Method 2] Use postmulti and create a separate instance for each domain. In this case, I am not sure how complex it might get if I want to create further instances for each domain to handle outgoing, incoming and null-client scenarios. Method 3] Use FreeBSD jails for each domain and a common jail for all the spam/virus protection services and use a proxy + NAT on the main host. This could also help me use postmulti in each jail in case I need to have multiple instances based on functions. So based on your experience/expertise, which method would you recommend? Further, do you think I can stop using Postgrey as I also have Postscreen enabled? I look forward to your responses. Warm regards, Nitin
