Hello All, I need to set up a new mail server to replace an aging CentOS 6.3 mail server. I was wondering what were some of the best guides on the web for Postfix (Maildir), Spamassassin, ClamAV, Dovecot? Regards, Ben Archuleta
On Fri, Mar 1, 2019 at 11:53 AM Ben Archuleta <barchu02 at unm.edu> wrote:> I need to set up a new mail server to replace an aging CentOS 6.3 mail > server. I was wondering what were some of the best guides on the web for > Postfix (Maildir), Spamassassin, ClamAV, Dovecot? >The one I've seen as a long time recommendation is the ISPMail Guide at https://workaround.org/ispmail It is Debian centric, but can be adapted to CentOS.
On 3/1/19 9:53 AM, Ben Archuleta wrote:> Hello All, > > > I need to set up a new mail server to replace an aging CentOS 6.3 mail server. I was wondering what were some of the best guides on the web for Postfix (Maildir), Spamassassin, ClamAV, Dovecot? >Probably not what you are looking for and it still has bugs, but I just (within last five days) started this project for securing outbound SMTP from a Postfix server, taking DANE, MTA-STS, and STARTTLS Everywhere policies into consideration. One thing I will note, don't use the Postfix that ships with CentOS 7.x. It was fine when 7.0 shipped, but you really want to be using 3.2 or newer now.
Sorry, here's the guide I just started. https://gitlab.com/Pipfrosch/smtp-secure-relay-policy Why from a different e-mail address? That's something the list admins need to look into, it seems every time I post to this list within seconds I end up on Spamhaus blacklist. Doesn't happen elsewhere, just this list, and it's annoying as hell. On Fri, Mar 1, 2019 at 10:09 AM Alice Wonder <alice at domblogger.net> wrote:> On 3/1/19 9:53 AM, Ben Archuleta wrote: > > Hello All, > > > > > > I need to set up a new mail server to replace an aging CentOS 6.3 mail > server. I was wondering what were some of the best guides on the web for > Postfix (Maildir), Spamassassin, ClamAV, Dovecot? > > > > Probably not what you are looking for and it still has bugs, but I just > (within last five days) started this project for securing outbound SMTP > from a Postfix server, taking DANE, MTA-STS, and STARTTLS Everywhere > policies into consideration. > > One thing I will note, don't use the Postfix that ships with CentOS 7.x. > It was fine when 7.0 shipped, but you really want to be using 3.2 or > newer now. > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > https://lists.centos.org/mailman/listinfo/centos >-- *Notice*: Gmail is owned by Google, a company that made its fortune in content indexing and user tracking. It is logical therefore to assume that Google and quite possibly the government has access to any correspondence made with this account. Do not use correspondence with this account for sensitive information.
HI, Am 01.03.19 um 18:53 schrieb Ben Archuleta:> I need to set up a new mail server to replace an aging CentOS 6.3 mail server. I was wondering what were some of the best guides on the web for Postfix (Maildir), Spamassassin, ClamAV, Dovecot?I use this one here: https://dokuwiki.nausch.org/doku.php/centos:mail_c7:start Baybe ist helps alittle bit ... cu Django
On 3/1/19 12:53 PM, Ben Archuleta wrote:> Hello All, > > > I need to set up a new mail server to replace an aging CentOS 6.3 mail server. I was wondering what were some of the best guides on the web for Postfix (Maildir), Spamassassin, ClamAV, Dovecot?I am close to upgrading my mailserver.? My current instructions are at: http://www.htt-consult.com/Centos7-mailserver.html I need to finish: SHA256 or SHA512 instead of MD5 for the password (Just need to finish up the roundcube password change script) dovecotadm backup for the mail and something to backup the mysql Otherwise my testing has been good. Of course adding stuff like DKIM, DANE, etc.? would be nice. I am running my mailserver on an Odroid HC1.? Nice little system....
On 3/4/19 5:40 AM, Robert Moskowitz wrote:> > > On 3/1/19 12:53 PM, Ben Archuleta wrote: >> Hello All, >> >> >> I need to set up a new mail server to replace an aging CentOS 6.3 mail >> server. I was wondering what were some of the best guides on the web >> for Postfix (Maildir), Spamassassin, ClamAV, Dovecot? > > I am close to upgrading my mailserver.? My current instructions are at: > > http://www.htt-consult.com/Centos7-mailserver.html > > I need to finish: > > SHA256 or SHA512 instead of MD5 for the password (Just need to finish up > the roundcube password change script) > dovecotadm backup for the mail > and something to backup the mysql > > Otherwise my testing has been good. > > Of course adding stuff like DKIM, DANE, etc.? would be nice.Note with DKIM - OpenDKIM defaults to 1024-bit RSA but that is no longer recommended and some services no longer consider it valid. 2048-bit RSA is the current recommended. The problem is that since DKIM keys do not expire, sysadmins got lazy and never bothered to periodically generate new ones, making 1024-bit RSA unsuitable. Ed25519 is also now available but support for it is not wide-spread yet.