Dear All I am planning to setup mail server for my domain. Which one is preferred postfix or sendmail. I came across a link * http://ostechnix.wordpress.com/2013/02/08/setup-mail-server-using-postfixdovecotsquirrelmail-in-centosrhelscientific-linux-6-3-step-by-step/ * for postfix mail setup. It says, Prerequisites: - The mail server should contain a valid MX record in the DNS server. Navigate to this link how to setup DNS server<http://ostechnix.wordpress.com/2013/01/25/setup-dns-server-step-by-step-in-centos-6-3-rhel-6-3-scientific-linux-6-3-3/> . - Firewall and SELinux should be disabled. I have disabled iptables as my m/c is behind the firewall. It says I need to disable firewall. Is it really required. Kindly let me know. Best Regards Austin
On 2013-03-11, Austin Einter <austin.einter at gmail.com> wrote:> > Which one is preferred postfix or sendmail.I suspect this is mostly personal preference. I prefer postfix because the configuration files are easier to read and write.> It says I need to disable firewall. Is it really required. Kindly let me > know.No, it is not required. But you do need to accept TCP traffic on port 25 to your SMTP host. Because you need to do this, you should make sure your SMTP server can not be used as an open relay, or you will find yourself on many blacklists. Here's a reasonable tester I found: http://www.rbl.jp/svcheck.php --keith -- kkeller at wombat.san-francisco.ca.us
On 03/10/2013 10:54 PM, Austin Einter wrote:> Dear All > I am planning to setup mail server for my domain. > > Which one is preferred postfix or sendmail.I switched to postfix 3 years ago, and never looked back.> I came across a link * > http://ostechnix.wordpress.com/2013/02/08/setup-mail-server-using-postfixdovecotsquirrelmail-in-centosrhelscientific-linux-6-3-step-by-step/ > * for postfix mail setup.Here are two very good links: http://campworld.net/thewiki/pmwiki.php/LinuxServersCentOS/Cent6VirtMailServer http://wiki.centos.org/HowTos/Amavisd I have used both as guideposts, and found problems with both, as people here and on related lists will attest to be the questions resulting by following other's instructions lead to strangeness. I really suggest that you step slowly into this. There is a lot to do to get all the pieces together. A lot you need to understand with each package. And then things not even covered, but you are expected to know when setting up a server. Like php.conf, you need to set your timezone. None of the tutorials for things like roundcube tell you this; you are expected to know about using php.> It says, > Prerequisites: > > - The mail server should contain a valid MX record in the DNS server. > Navigate to this link how to setup DNS > server<http://ostechnix.wordpress.com/2013/01/25/setup-dns-server-step-by-step-in-centos-6-3-rhel-6-3-scientific-linux-6-3-3/> > . > - Firewall and SELinux should be disabled.You should never disable the server firewall. It is easy to figure out what ports are necessary and open only those. As far as selunix, this is hard. I have been given a set of scripts to work out what to enable for selinux, and this is still a work in progress for me.> I have disabled iptables as my m/c is behind the firewall.So what? Read the press about "Advance Persistant Threats". Only open what is necessary.> It says I need to disable firewall. Is it really required. Kindly let me > know.Figure out the ports you need. This is not hard. It is easy compared to the rest you will have to learn. I have the wounds, even with my kevlar suit. :) BTW, I am putting together my own blog on what I am doing. I have to work out a few pieces to get my mysql passwords out of the scripts I use, but I have learned a lot over the past few months, and really should share. some.
Am 11.03.2013 03:54, schrieb Austin Einter:> Dear All > I am planning to setup mail server for my domain. > > Which one is preferred postfix or sendmail.Choose the one you understand best.> I came across a link * > http://ostechnix.wordpress.com/2013/02/08/setup-mail-server-using-postfixdovecotsquirrelmail-in-centosrhelscientific-linux-6-3-step-by-step/ > * for postfix mail setup.Don't follow tutorials. Period. They don't really teach you how to do things. Look at the one you refered to: it explains nothing. It keeps you dumb and in case something goes wrong - and be assured, things will go mad running a mailserver - you have not the slightest clue how to debug or how to fix it. So please, read the original documentation of the MTA of choice. And don't expect to be able to configure your first MTA properly right from the beginning. So don't start with a public one but train in a closed area like a protected LAN.> It says, > Prerequisites: > > - The mail server should contain a valid MX record in the DNS server. > Navigate to this link how to setup DNS > server<http://ostechnix.wordpress.com/2013/01/25/setup-dns-server-step-by-step-in-centos-6-3-rhel-6-3-scientific-linux-6-3-3/> > . > - Firewall and SELinux should be disabled.Any tutorial or page that instructs you to turn off the firewall and/or SELinux is going plainly wrong right from the start. I have no words about that nonsense.> I have disabled iptables as my m/c is behind the firewall. > > It says I need to disable firewall. Is it really required. Kindly let me > know.It is required to configure the iptables based firewall, but it is not required to completely shut it off.> Best Regards > AustinRegards Alexander
Am 11.03.2013 03:54, schrieb Austin Einter:> I am planning to setup mail server for my domain. > > Which one is preferred postfix or sendmail.Choose the one your most familiar with. If you aren't familiar with either, find someone who is. Setting up a mail server in today's hostile Internet is not a task to be taken lightly.> I came across a link * > http://ostechnix.wordpress.com/2013/02/08/setup-mail-server-using-postfixdovecotsquirrelmail-in-centosrhelscientific-linux-6-3-step-by-step/ > * for postfix mail setup.That page does not give good advice. Surely there must be better resources than that?> It says, > Prerequisites: > > - The mail server should contain a valid MX record in the DNS server.Strange wording, but I guess they mean the right thing: your DNS zone should contain an MX RR pointing to the mail server, but only *after* your mail server is up and running.> Navigate to this link how to setup DNS > server<http://ostechnix.wordpress.com/2013/01/25/setup-dns-server-step-by-step-in-centos-6-3-rhel-6-3-scientific-linux-6-3-3/>That page contains the blatant DNS configuration errors we sorted out in your other thread. Don't use it. While we're at it, consider not setting up your own nameserver at all but using your registrar's nameservice instead. It may save you some hassle.> - Firewall and SELinux should be disabled.Bad advice.> I have disabled iptables as my m/c is behind the firewall. > > It says I need to disable firewall. Is it really required. Kindly let me > know.No, you don't need to, and you shouldn't. HTH T. -- Tilman Schmidt Phoenix Software GmbH Bonn, Germany -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 261 bytes Desc: OpenPGP digital signature URL: <http://lists.centos.org/pipermail/centos/attachments/20130311/5d48dfc9/attachment-0002.sig>
On 03/11/2013 04:52 AM, Tilman Schmidt wrote:> Am 11.03.2013 03:54, schrieb Austin Einter: >> I am planning to setup mail server for my domain. >> >> Which one is preferred postfix or sendmail. > Choose the one your most familiar with. > If you aren't familiar with either, find someone who is. > Setting up a mail server in today's hostile Internet is not a task to be > taken lightly. > >> I came across a link * >> http://ostechnix.wordpress.com/2013/02/08/setup-mail-server-using-postfixdovecotsquirrelmail-in-centosrhelscientific-linux-6-3-step-by-step/ >> * for postfix mail setup. > That page does not give good advice. > Surely there must be better resources than that? > >> It says, >> Prerequisites: >> >> - The mail server should contain a valid MX record in the DNS server. > Strange wording, but I guess they mean the right thing: > your DNS zone should contain an MX RR pointing to the mail server, > but only *after* your mail server is up and running.The OP should set up and DNS internal view to work with the MX record if a test mode. Then replicate it to the external view after everything has been tested to work. Especially the anti-spam/virus portions. Since the OP's named.conf has not explicit views, he first needs to learn more on setting up DNS for safe development before tackling the bigger email challenge.> >> Navigate to this link how to setup DNS >> server<http://ostechnix.wordpress.com/2013/01/25/setup-dns-server-step-by-step-in-centos-6-3-rhel-6-3-scientific-linux-6-3-3/> > That page contains the blatant DNS configuration errors we sorted > out in your other thread. Don't use it. While we're at it, consider > not setting up your own nameserver at all but using your registrar's > nameservice instead. It may save you some hassle. > >> - Firewall and SELinux should be disabled. > Bad advice. > >> I have disabled iptables as my m/c is behind the firewall. >> >> It says I need to disable firewall. Is it really required. Kindly let me >> know. > No, you don't need to, and you shouldn't. > > HTH > T. > > > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos
>> - Firewall and SELinux should be disabled. > > Bad advice.this page also configures unsafe imap and pop settings. People should always enable only ssl-enabled versions of imap and pop only. -- Eero
On Mon, March 11, 2013 04:52, Tilman Schmidt wrote:> Am 11.03.2013 03:54, schrieb Austin Einter: >> I am planning to setup mail server for my domain. >> >> Which one is preferred postfix or sendmail. >Postfix. I have been running Sendmail from version 8.6 in 1995 on HP-UX 9.02 to 8.13 at the present on CentOS-5.9 as these were the default MTA's shipped by the vendor. When RHEL-6 switched from Sendmail to Postfix I decided to bite the bullet and change my public MX servers to Postfix as and when I upgraded them to CentOS-6. This was not without difficulty and unhappiness, for I miss the command line email trace facility that Sendmail provides out of the box, but it was not traumatic either. The main benefit to using Postfix over Sendmail is that Postfix definitely places a lower intellectual load on its administrators. For that reason alone I would recommend it over Sendmail. While M4 macros take most of the arcana out of Sendmail's configuration files they are no where near as easy to understand as Postfix's simple config files. The only 'rule' I have to suggest is: The mail server host and all of its MX records must resolve to a DNS 'A" or 'AAAA' record. Do not use CNAME records with any MX host or you will learn why not to do this the hard way. -- *** E-Mail is NOT a SECURE channel *** James B. Byrne mailto:ByrneJB at Harte-Lyne.ca Harte & Lyne Limited http://www.harte-lyne.ca 9 Brockley Drive vox: +1 905 561 1241 Hamilton, Ontario fax: +1 905 561 0757 Canada L8E 3C3
On Mon, March 11, 2013 14:01, Les Mikesell wrote:> > On the other hand, if you do 'normal' things with sendmail, all you > have to do is tweak a few values in the provided sendmail.mc and > restart to rebuild the configs, and if you do anything unusual you can > drop in MimeDefang as a milter and gain complete control of all of the > internal steps in a small snippet of perl.Could not be any simpler then the way you put it. Which is why I suggest starting out with Postfix for first time MTA admins. -- *** E-Mail is NOT a SECURE channel *** James B. Byrne mailto:ByrneJB at Harte-Lyne.ca Harte & Lyne Limited http://www.harte-lyne.ca 9 Brockley Drive vox: +1 905 561 1241 Hamilton, Ontario fax: +1 905 561 0757 Canada L8E 3C3
On Mon, March 11, 2013 16:56, Craig White wrote:> > ---- > develop good, consistent habitspostfix or whatever config files you> edit, backup the distribution's version of the config file first > before you ever edit> > cp main.cf main.cf-dist >Alternatively: yum install postfix yum install git cd /etc/posfix git init git add ./ git commit -m"Postfix config file initial commit" Now all the default config files are stored as hashed blobs in /etc/postfix/.git and you can modify them in place. Once you are satisfied with your latest set of changes do this (always issue git commands from the repository root, in this case /etc/postfix): git add ./ or git add <filename> git commit -m"explanation of why the changes were made" If you screw up and need to get back what was there originally do this: git checkout <filename> If you want to see what was different between this config and the previous version do this: git diff <filename> You can compare any previous version of any tracked file with any other version of the same file by specifying the commit ids. git diff <commit1_sha>..<commit2_sha> -- <filename> Git also provides a blow by blow history of all changes applied to a file and what logon id made them. git blame <commit1_sha>..<commit2_sha> -- <filename> See http://git-scm.com/ for details on what git is and how to use it. I use git for version control of system config files on all my uptime sensitive servers. It makes getting back to a working config trivial when things turn ugly following a change. -- *** E-Mail is NOT a SECURE channel *** James B. Byrne mailto:ByrneJB at Harte-Lyne.ca Harte & Lyne Limited http://www.harte-lyne.ca 9 Brockley Drive vox: +1 905 561 1241 Hamilton, Ontario fax: +1 905 561 0757 Canada L8E 3C3
Dear All I am able to send receive mail properly with use of roundcube. Thanks a lot for all your support. The last thing I did was started dovecot service, then roundcuble was able to work properly. Next, I will look into security aspect, spam filtering etc etc. Will start a new thread for that. Many thanks for great tips to me. Best Regards Austin On Mon, Mar 11, 2013 at 8:24 AM, Austin Einter <austin.einter at gmail.com>wrote:> Dear All > I am planning to setup mail server for my domain. > > Which one is preferred postfix or sendmail. > > > I came across a link * > http://ostechnix.wordpress.com/2013/02/08/setup-mail-server-using-postfixdovecotsquirrelmail-in-centosrhelscientific-linux-6-3-step-by-step/ > * for postfix mail setup. > > It says, > Prerequisites: > > - The mail server should contain a valid MX record in the DNS server. > Navigate to this link how to setup DNS server<http://ostechnix.wordpress.com/2013/01/25/setup-dns-server-step-by-step-in-centos-6-3-rhel-6-3-scientific-linux-6-3-3/> > . > - Firewall and SELinux should be disabled. > > > I have disabled iptables as my m/c is behind the firewall. > > It says I need to disable firewall. Is it really required. Kindly let me > know. > > Best Regards > Austin > > > > >
Am 13.03.2013 04:24, schrieb Austin Einter:> Dear All > I am able to send receive mail properly with use of roundcube. > > Thanks a lot for all your support. > > The last thing I did was started dovecot service, then roundcuble was able > to work properly. > > Next, I will look into security aspect, spam filtering etc etc. Will start > a new thread for that.Hello Austin, please consider to address such kind of questions to a mailing list or forum dedicated to these topics or the software you will use. This list is hardly the properly place to ask questions like "how do I filter spam using software X?". Thanks.> Many thanks for great tips to me. > > Best Regards > AustinRegards Alexander
Les Mikesell
2013-Mar-14 19:20 UTC
[CentOS] Vhost.conf file and info. re: partitions and physical drives
On Thu, Mar 14, 2013 at 2:00 PM, <m.roth at 5-cent.us> wrote:> Oh, yes - what are the permissions on /etc/httpd/conf and /etc/httpd/conf.d? >And if selinux is enabled, do you see denials in /var/log/audit/audit.log for the files in question? -- Les Mikesell lesmikesell at gmail.com