Re: [gentoo-user] Re: gentoo mail server
James wrote: It's fully virtual, supports smtp and imap over ssl, sasl, skipped TLS, and easy to manage. I do not recommend the Gentoo Virtual How-to, it's ancient and silly. Is this the page your refer to? http://www.gentoo.org/doc/en/virt-mail-howto.xml Yep and the things I don't like are: 1. password stored in clear text 2. complicated use of pam_mysql rather than using sasl's DBD layer directly 3. No admin interface 4. Have to edit /etc/postfix/main.cf to add domains rather than rely on the database lookup. 5. Lack of useful troubleshooting section I used to have a how-to on gentoo-wiki which I need to recreate. Maybe this weekend. Very cool. In regards to stability... don't update right away. When Postfix 2.6 comes out, give it a month. Or play with it in a virtual server. Same with Mysql 5.1. Or whatever. I've run three separate companies on Gentoo and never had much of an issue though I always had a test/stage/qa environment of some sort. Also keep an eye on the forums and this mail list. That'll usually give you a heads up when an update isn't quite right. Well all of this is great news. I've pretty much decided to build a postgtres mail server, mostly like what you have outlined.. I'm likely to set up a second, duplicate machine for testing. I've never done it with Postgres, but I know PostfixAdmin supports it so it shouldn't be too hard. I think Steveb had it working at somepoint. Do you use a regular gentoo kernel, hardened setup, or what packages to keep the mail server tightly secure? I generally found that keeping Webapps and users off you mail server was good enough security. Also when building most of this stuff years ago the hardened kernels were a bit painful. Probably much easier now. kashani
[gentoo-user] Re: gentoo mail server
kashani kashani-list at badapple.net writes: I've been running a Gentoo mail server for either work or personal use and usually both since 2001. No real problems, but you do have to watch some updates especially sasl and courier. OK. My current system is Postfix-2.5 At minimum I'd use Postfix-2.2 which has the better syntax for your virtual statements. Postgrey for greylisting, had some issues with sqlgrey. PostfixAdmin, because using phpmyadmin to manage your accounts and domains is futile. I'm still on 2.1 and need to check out the newer version. Requires PHP and a webserver. courier-imap and cyrus-sasl. Thinking about moving to Dovecot since you can use dovecot-sasl with Postfix under Gentoo. Mysql5 It's fully virtual, supports smtp and imap over ssl, sasl, skipped TLS, and easy to manage. I do not recommend the Gentoo Virtual How-to, it's ancient and silly. Is this the page your refer to? http://www.gentoo.org/doc/en/virt-mail-howto.xml I used to have a how-to on gentoo-wiki which I need to recreate. Maybe this weekend. Very cool. In regards to stability... don't update right away. When Postfix 2.6 comes out, give it a month. Or play with it in a virtual server. Same with Mysql 5.1. Or whatever. I've run three separate companies on Gentoo and never had much of an issue though I always had a test/stage/qa environment of some sort. Also keep an eye on the forums and this mail list. That'll usually give you a heads up when an update isn't quite right. Well all of this is great news. I've pretty much decided to build a postgtres mail server, mostly like what you have outlined.. I'm likely to set up a second, duplicate machine for testing. Drop a line to the list, when you have your wiki page up and I'll follow it and make some notes on the process of settting up a postfix mail server on gentoo.Maybe you could fix up this wiki?(or build another?): http://en.gentoo-wiki.com/wiki/Postfix Do you use a regular gentoo kernel, hardened setup, or what packages to keep the mail server tightly secure? excellent notes! James
[gentoo-user] Re: gentoo mail server
Tom Brown wrote: What about major upgrades? If I keep the system updated regularly, is a major upgrade necessary? Gentoo doesn't have major upgrades so you should be fine. But as you can imagine, you need to give a Gentoo system more love than a Debian one (which is pretty much set it and forget it) due to it's rolling release nature. But since you have Gentoo on your desktop, I'm sure you know your ways about updating and carefully reading emerge logs ;)