Hello everyone, I have been using Postfix and Dovecot for my personal emails for years. After being tired of reinstalling my personal mail server many times, I am currently writing some Ansible scripts to do it automatically. I obviously checked the other projects, and did not found anything close to what I am looking for, so I am implementing it now. The final goal is to have a box that once online, would setup itself, by creating the certificates, the DKIM keys and update the appropriate DNS records. This is so far what I have achieved: - Automatic generation of certificates using LetsEncrypt - Automatic update of the domain entries: imap, smtp, webmail, etc. - Automatic generation of a DKIM keys - Automatic update of specific records (MX, SPF, DKIM, etc.) - LDAP server for user accounts, with or without system login. - Installation of Postfix, Dovecot and Roundcube Sending DKIM signed emails is working, and the IMAP server is configured as well, although basic. The postfix and dovecot configuration are not yet entirely finished. I am planing to add an anti spam system, and sieve, amongst other things. Although in development during my spare time, the system is normally robust and you should be able to run it multiple times without errors. If anyone is interested to use it, to have a look, or to take part, it is here: https://github.com/progmaticltd/homebox Kind regards, Andr? Rodier.
On 10/12/17 20:05, Andr? Rodier wrote:> Hello everyone, > > I have been using Postfix and Dovecot for my personal emails for years. > After being tired of reinstalling my personal mail server many times, I > am currently writing some Ansible scripts to do it automatically.Kudos, it's a good project.? Thanks for sharing it. I thought it might be useful to offer a counterpoint: I thought about automating server setup, but decided against it because I do it seldom enough (for my personal serveres) that I should expect bitrot and software evolution to make what I automate not quite work the way I expect on next setup.? Instead, I wrote up extensive notes about how I set up my servers with a few scripts to help me compare config files.? It's a work in progress, like all such things. https://github.com/JeffAbrahamson/hosts/tree/master/p27 The real point, I suppose, is that if I have to set up a new version of my server, say because I'm upgrading OS significantly, I'd like to force myself to look at what I'm doing rather than have the false confidence that comes from having perfectly scripted it some years back but not having thought through texting in light of whatever changes have happened to software since. Reasonable people may dispute these points.? It's also significant that I don't like to spend the time on devops necessary to debug these sorts of things, so there's a lot of personal taste in it. -- Jeff Abrahamson +33 6 24 40 01 57 +44 7920 594 255 http://p27.eu/jeff/
Check out https://github.com/sovereign/sovereign/blob/master/README.md Might have some of what you are looking for already done. Bruce On Dec 10, 2017 2:06 PM, Andr? Rodier <andre at rodier.me> wrote: Hello everyone, I have been using Postfix and Dovecot for my personal emails for years. After being tired of reinstalling my personal mail server many times, I am currently writing some Ansible scripts to do it automatically. I obviously checked the other projects, and did not found anything close to what I am looking for, so I am implementing it now. The final goal is to have a box that once online, would setup itself, by creating the certificates, the DKIM keys and update the appropriate DNS records. This is so far what I have achieved: - Automatic generation of certificates using LetsEncrypt - Automatic update of the domain entries: imap, smtp, webmail, etc. - Automatic generation of a DKIM keys - Automatic update of specific records (MX, SPF, DKIM, etc.) - LDAP server for user accounts, with or without system login. - Installation of Postfix, Dovecot and Roundcube Sending DKIM signed emails is working, and the IMAP server is configured as well, although basic. The postfix and dovecot configuration are not yet entirely finished. I am planing to add an anti spam system, and sieve, amongst other things. Although in development during my spare time, the system is normally robust and you should be able to run it multiple times without errors. If anyone is interested to use it, to have a look, or to take part, it is here: https://github.com/progmaticltd/homebox Kind regards, Andr? Rodier.
--On Sunday, December 10, 2017 7:05 PM +0000 Andr? Rodier <andre at rodier.me> wrote:> This is so far what I have achieved:How about MIMEDefang, ClamAV, and SpamAssassin? I'm currently running MD+Clam from sendmail and SA from procmail, but I'm open to seeing the equivalent solution with Postfix and the Dovecot LDA. (One thing that keeps me from switching to Postfix is the need to accept "plussed" addresses using both the plus sign and the dot (for websites that refuse "+" in an email address).)
Thank you, I remember to had a look at this project, and I found it huge. I started mine because I want LDAP authentication. I also wanted less features / programs, less obtrusive, and better attention to small details, like automatic DKIM generation and DNS updates. I hope not to end up with something as huge. Andr? On 10/12/17 19:19, bruce at secryption.com wrote:> Check out https://github.com/sovereign/sovereign/blob/master/README.md > > > Might have some of what you are looking for already done. > > > Bruce > > > On Dec 10, 2017 2:06 PM, Andr? Rodier <andre at rodier.me> wrote: > > Hello everyone, > > I have been using Postfix and Dovecot for my personal emails for years. > After being tired of reinstalling my personal mail server many times, I > am currently writing some Ansible scripts to do it automatically. > > I obviously checked the other projects, and did not found anything close > to what I am looking for, so I am implementing it now. > > The final goal is to have a box that once online, would setup itself, by > creating the certificates, the DKIM keys and update the appropriate DNS > records. > > This is so far what I have achieved: > - Automatic generation of certificates using LetsEncrypt > - Automatic update of the domain entries: imap, smtp, webmail, etc. > - Automatic generation of a DKIM keys > - Automatic update of specific records (MX, SPF, DKIM, etc.) > - LDAP server for user accounts, with or without system login. > - Installation of Postfix, Dovecot and Roundcube > > Sending DKIM signed emails is working, and the IMAP server is configured > as well, although basic. > > The postfix and dovecot configuration are not yet entirely finished. I > am planing to add an anti spam system, and sieve, amongst other things. > > Although in development during my spare time, the system is normally > robust and you should be able to run it multiple times without errors. > > If anyone is interested to use it, to have a look, or to take part, it > is here: https://github.com/progmaticltd/homebox > > Kind regards, > Andr? Rodier. >
On Sun, Dec 10, 2017 at 11:23:34AM -0800, Kenneth Porter wrote:>--On Sunday, December 10, 2017 7:05 PM +0000 Andr? Rodier ><andre at rodier.me> wrote: > >>This is so far what I have achieved: > >How about MIMEDefang, ClamAV, and SpamAssassin? I'm currently running >MD+Clam from sendmail and SA from procmail, but I'm open to seeing the >equivalent solution with Postfix and the Dovecot LDA. > >(One thing that keeps me from switching to Postfix is the need to >accept "plussed" addresses using both the plus sign and the dot (for >websites that refuse "+" in an email address).)That's relatively easy. I use the following: In main.cf: recipient_delimiter = + canonical_maps = pcre:/etc/postfix/canonical In /etc/postfix/canonical: /^([^\.]+)\.([^\.]+)@(darac\.org\.uk)$/ ${1}+${2}@${3} The regex can probably be simplified a lot, but to me that's clear that foo.bar at darac.org.uk gets mapped to foo+bar at darac.org.uk. That means that I can use plus addressing where it's supported and dot addressing where it isn't. From the server's point of view, it's all plus-addressed, but I've not yet come across a domain that doesn't like (SMTP) mail with a + in the from field (it's usually just the web forms that complain). -- For more information, please reread. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 906 bytes Desc: not available URL: <https://dovecot.org/pipermail/dovecot/attachments/20171211/728f40b1/attachment.sig>