[CentOS] Replacing my Scalix mail server

Tue Mar 31 16:21:07 UTC 2009
Les Mikesell <lesmikesell at gmail.com>

Robert Moskowitz wrote:
> Les Mikesell wrote:
>> Robert Moskowitz wrote:
>>   
>>>>      Qmail is fantastic, have sued for years, but for workgroup, 
>>>> calendaring feaures, Zimbra is the way.
>>>>   
>>>>       
>>> I have decided to give SME a go. It provides Qmail on Centos 4.7, with 
>>> Centos 5.2 in beta.
>>>
>>> I chose SME because I also have to replace an NT server here as well, so 
>>> it makes a good fit.
>>>
>>> I have a test system working and building the mailserver replacement 
>>> system now. Then I will build the NT server replacement.
>>>     
>> Depending on the number of users, a single machine might easily serve 
>> both roles (and your internet gateway/firewall too, if you need one).
> 
> Not many users, but there are security/privacy issues for the separation.
> 
> Also I would NEVER consider running SMB services on a gateway/firewall 
> and I need IPv6 support anyway on the gateway/firewall. So far I have 
> used Astaro with roll-your-own (Astaro predates the IPv6 /48 
> allocation), and I am getting a 'nice' box from a vendor I work with...

Agreed that separation is theoretically safer, but the scripted 
configuration on SME takes care of most of the things you would be 
likely to forget if you did it by hand (setting up iptables firewalling, 
hosts.allow, binding services only to the appropriate interface, adding 
ip range restrictions within the app configs, etc.).

The down side of two machines is that stock SME doesn't use LDAP network 
authentication and it does some handy tricks with groups that span both 
email and file permission/sharing concepts.

-- 
   Les Mikesell
     lesmikesell at gmail.com