On Mon, 2005-05-30 at 11:42 +0200, Maciej Żenczykowski wrote:
Hello,
I'd like to thank you very much for this guide (I followed it to install my own system two or three weeks back and am still fooling with it).
However there's a few pointers :)
a) PostFix can be run with only one instance in 'hold all' mode (found references to this on some mailscanner installation site by accident). although I haven't yet figured out how to do this without having to remove postfix-autostart from the /etc/init.d/MailScanner script (although that's trivial and makes the startup script very normal)
The new guide for CentOS-4 uses that method ... which is much easier. Even with the postfix-autostart, it only starts one version of postfix (although it says incoming and outgoing).
I am changing the original CentOS-3 guide to do this too ... and working out a way to convert the old way to the new way :)
b) enabling smtps is useful
As is POP3s and IMAPs ... one of these days, after the basic cyrus-imapd guide is done, I need to do a guide on generating the required certificates and enabling smtps, pop3s, imaps.
c) check_relay_domains is outdated (should be reject_unauth_destination)
I am trying this right now, thanks. I'll update both the CentOS-3 and CentOS-4 guides to do it this way.
and indeed more stuff could be placed in smtpd_recipient_restrictions
I tend to use the least amount of things (while still controlling to not spam) ... but I could include a discussion on what is available. What other items do you (or others) find useful for smtpd_recipient_restrictions in postfix.
d) I've added a whitelist, spf log-only (I'm pretty much convinced spf is stupid, but loggin it is informative) and greylisting to mine, these could also probably be mentioned in the quide?
e) Some of the perl stuff which is needed (and thus taken from perl-CPAN) is also available on base/update/dag/dries in RPM form. These are obviously preferred, so it would be nice if as many as possible perl packets which will later be needed could be installed beforehand (still working on this part and minimizing packages take from perl-CPAN, is there an auto perl-CPAN to rpm tool?)
The thing that I currently use CPAN for is the latest clamavmodule ... (and it currently has 2 dependancies).
I am going to look at using cpanflute2 (thanks to Ivo Panacek for recommending it) to build those 3 perl modules.
I'm sure there's more... Would more info on any of the above interest you (or for that matter anyone else)?
Yes, I want the guides to be as good as they can be. Thank you very much.
I am seriously considering making an autobuilder for MailScanner (and also clamavmodule (and it's 2 dependant perl modules) and putting them in CentOS Plus for x86_64 and i386.
Johnny Hughes