Hello,
I am hoping you folks on the list could advise me on this...
Can anyone point me towards a HOW-TO that describes how to transform a normal CentOS install into a very basic POP3/IMAP/SMTP email server?
Our current ISP where we host ~15 domains and ~25+ email accounts has a mandatory incoming "auto-discard" spam filter that is far too strict to continue using.
Unfortunately, switching ISPs is not an option right now.
I am looking at signing up for a basic low-memory CentOS "Virtual Dedicated Server" to handle our own incoming (& outgoing) mail.
There will not be a full-time IT person to maintain the server, so simplicity is a must.
I am perfectly fine with leaving out complex server-side spam filtering, though I suspect that some basic blacklist usage would be a good idea.
Most specifically, I don't want to add the security liability and maintenance requirements of a typical "default" server. (Apache, PHP, MySQL, Bind, etc.)
Basically, I want an ultra-basic server that I can set for automatic updates and let it continue running "hands-off" until CentOS 4 is no longer supported with security patches.
Does such a HOW-TO exist?
If not, and there are experts here willing to help out, I would be happy to write up my experience.
Thank you for reading, David
____________________________________________________________________________________ Expecting? Get great news right away with email Auto-Check. Try the Yahoo! Mail Beta. http://advision.webevents.yahoo.com/mailbeta/newmail_tools.html
I am hoping you folks on the list could advise me on this...
Can anyone point me towards a HOW-TO that describes how to transform a normal CentOS install into a very basic POP3/IMAP/SMTP email server?
Our current ISP where we host ~15 domains and ~25+ email accounts has a mandatory incoming "auto-discard" spam filter that is far too strict to continue using.
Unfortunately, switching ISPs is not an option right now.
I am looking at signing up for a basic low-memory CentOS "Virtual Dedicated Server" to handle our own incoming (& outgoing) mail.
There will not be a full-time IT person to maintain the server, so simplicity is a must.
I am perfectly fine with leaving out complex server-side spam filtering, though I suspect that some basic blacklist usage would be a good idea.
Hi
I do not know of a simple howto for this, but have a email server farm to process email for my friends/family and can process your emails and forward them to your existing ISP, you would just need to change your MX records.
I do not make a charge, but paypal donations welcome.
If you want to know more, please email me off list.
Regards
Denis
Dave wrote:
Hello,
I am hoping you folks on the list could advise me on this...
Can anyone point me towards a HOW-TO that describes how to transform a normal CentOS install into a very basic POP3/IMAP/SMTP email server?
Our current ISP where we host ~15 domains and ~25+ email accounts has a mandatory incoming "auto-discard" spam filter that is far too strict to continue using.
Unfortunately, switching ISPs is not an option right now.
I am looking at signing up for a basic low-memory CentOS "Virtual Dedicated Server" to handle our own incoming (& outgoing) mail.
There will not be a full-time IT person to maintain the server, so simplicity is a must.
I am perfectly fine with leaving out complex server-side spam filtering, though I suspect that some basic blacklist usage would be a good idea.
Most specifically, I don't want to add the security liability and m caintenance requirements of a typical "default" server. (Apache, PHP, MySQL, Bind, etc.)
Basically, I want an ultra-basic server that I can set for automatic updates and let it continue running "hands-off" until CentOS 4 is no longer supported with security patches.
Does such a HOW-TO exist?
If not, and there are experts here willing to help out, I would be happy to write up my experience.
Thank you for reading, David
If you don't want to manage the server yourself you could purchase an account with any web host and point your DNS or just the MX to that host. I don't want to turn this into an ad so send me a message off list or check out our web site if interested.
I am perfectly fine with leaving out complex server-side spam filtering, though I suspect that some basic blacklist usage would be a good idea. Most specifically, I don't want to add the security liability and m caintenance requirements of a typical "default" server. (Apache, PHP, MySQL, Bind, etc.)
Basically, I want an ultra-basic server that I can set for automatic updates and let it continue running "hands-off" until CentOS 4 is no longer supported with security patches.
Have you looked at ASSP? http://assp.sourceforge.net ??? It does all kinds of protection and sits in front of your mail server.
Barry
Dave wrote:
Hello,
<SNIP>
Does such a HOW-TO exist?
If not, and there are experts here willing to help out, I would be happy to write up my experience.
Thank you for reading, David
Try Johnny's Postfix w/dovecot install guides @ http://www.hughesjr.com/content/category/4/15/29/.
Best Regards, Camron
Camron W. Fox Hilo Office High Performance Computing Group Fujitsu America, INC. E-mail: cwfox@us.fujitsu.com
Although not to most simple to install I thought I would add another one to the mix qmailrocks is a great how to. Once it is setup it is a super easy server to maintain.
the site is www.qmailrocks.com
The one below looks like a great one too.
Dave wrote:
Hello,
<SNIP> > > Does such a HOW-TO exist? > > If not, and there are experts here willing to help > out, I would be happy to write up my experience. > > Thank you for reading, > David >
Try Johnny's Postfix w/dovecot install guides @ http://www.hughesjr.com/content/category/4/15/29/.
Best Regards, Camron
Camron W. Fox Hilo Office High Performance Computing Group Fujitsu America, INC. E-mail: cwfox@us.fujitsu.com
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
On 21/01/07, Brent brent@regrafix.com wrote:
Although not to most simple to install I thought I would add another one to the mix qmailrocks is a great how to. Once it is setup it is a super easy server to maintain.
the site is www.qmailrocks.com
For people going the Qmail route can I also point out Qmailtoaster? You get a very similar result functionally as you would with Qmailrocks, but properly RPM packaged.
The Qmailtoaster build process from SRPM is a mild PITA but then, a Qmailrocks build can be the same and you have more accountability with the end result. I have some documentation for a CentOS 4.4 install if anyone's interested.
Will.
The qmailrocks setup leaves you with broken qmail. Ask on the qmail list if you really want to know the gory details.
If you're really interested in running qmail properly, I'd highly recommend following www.lifewithqmail.org or Matt Simpson's qmail-toaster scripts.
Peter
Brent wrote:
Although not to most simple to install I thought I would add another one to the mix qmailrocks is a great how to. Once it is setup it is a super easy server to maintain.
the site is www.qmailrocks.com
The one below looks like a great one too.
Dave wrote:
Hello,
<SNIP>
Does such a HOW-TO exist?
If not, and there are experts here willing to help out, I would be happy to write up my experience.
Thank you for reading, David
Try Johnny's Postfix w/dovecot install guides @ http://www.hughesjr.com/content/category/4/15/29/.
Best Regards, Camron
Camron W. Fox Hilo Office High Performance Computing Group Fujitsu America, INC. E-mail: cwfox@us.fujitsu.com
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Plain FUD Qmailrocks works just fine. Only a complete Newbie can't install it. The instructions are the easiest I ever seen for a complete mail server. You need to have the right libaries for it to work but really that is basic stuff.
I've installed about tons of installs of it and never had a problem.
The qmailrocks setup leaves you with broken qmail. Ask on the qmail list if you really want to know the gory details.
If you're really interested in running qmail properly, I'd highly recommend following www.lifewithqmail.org or Matt Simpson's qmail-toaster scripts.
Peter
Brent wrote:
Although not to most simple to install I thought I would add another one to the mix qmailrocks is a great how to. Once it is setup it is a super easy server to maintain.
the site is www.qmailrocks.com
The one below looks like a great one too.
Dave wrote:
Hello,
<SNIP>
Does such a HOW-TO exist?
If not, and there are experts here willing to help out, I would be happy to write up my experience.
Thank you for reading, David
Try Johnny's Postfix w/dovecot install guides @ http://www.hughesjr.com/content/category/4/15/29/.
Best Regards, Camron
Camron W. Fox Hilo Office High Performance Computing Group Fujitsu America, INC. E-mail: cwfox@us.fujitsu.com
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
-- Peter Serwe <peter at infostreet dot com>
"The only true sports are bullfighting, mountain climbing and auto racing." -Earnest Hemingway
"Because everything else requires only one ball." -Unknown
"Do you wanna go fast or suck?" -Mike Kojima
"There are two things no man will admit he cannot do well: drive and make love." -Sir Stirling Moss
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Brent wrote:
Plain FUD Qmailrocks works just fine. Only a complete Newbie can't install
Hmm, I note that while Qmailrocks points to the source of qmail, the qmail pages recommends lifewithqmail but does not mention qmailrocks.
it. The instructions are the easiest I ever seen for a complete mail server. You need to have the right libaries for it to work but really that is basic stuff.
I've installed about tons of installs of it and never had a problem.
You may never have perceived a problem, but that's not the same as not having a problem.
I note that qmail is not free software as defined by the FSF. I cannot even ungzip the tarball and bzip2 it without Dan (the author's approval) so as to save space when I distribute it. See http://cr.yp.to/qmail/dist.html
If you don't want to build from source you should be using a different package.
I have heard Bad Thing in the past about qmail, so googled for "the problem with qmail." Some hits, not a lot. This is rather old, and the author's fond of postfix (as am I) (but he was expert in qmail): It speaks of licence, the author's attitude, problemss working with other software such as smartlist. http://lists.debian.org/debian-devel/1999/06/msg02053.html
This is more recent:
The problem with qmail is that you need either a big patchset or a once patched setup and reuse that. Plus qmail really has some not-so-nice bugs.
http://www.mail-archive.com/swinog@lists.swinog.ch/msg01601.html
Oh, shhh sugar! This was written for RHL 6.x. I says, "PROCESS
1. download qmail 1.03 (or latest - but it hasn't changed in a *long* time):" http://jason.mindsocket.com.au/articles/qmail/setup-README
He's right. 1.03 is the latest listed at http://cr.yp.to/qmail/dist.html and http://cr.yp.to/qmail.html Version 1.0, the first general release, was announced on February, 20, 1997. The current version, 1.03, was released on June, 15, 1998. http://www.lifewithqmail.com/lwq.html#history
It looks to me that qmail is high-maintenance; www.qmail.org is one site that attempts to make it usable, but if DJB ever releases a newer version then what to do with all those patches?
It's like mixing and matching kernel patches.
I don't see any patches to fix security problems, but I am not prepared to believe there are no security problems. There are patches to fix standards non-compliance (eg RFC 1870 and RFC 2821) and nobody can distribute source with them preapplied. Instead, they must distribute patch alone or source-plus-patch.
The qmailrocks setup leaves you with broken qmail. Ask on the qmail list if you really want to know the gory details.
If you're really interested in running qmail properly, I'd highly recommend following www.lifewithqmail.org or Matt Simpson's qmail-toaster scripts.
Peter
Brent wrote:
Although not to most simple to install I thought I would add another one to the mix qmailrocks is a great how to. Once it is setup it is a super easy server to maintain.
the site is www.qmailrocks.com
The one below looks like a great one too.
Dave wrote:
Hello,
<SNIP>
Does such a HOW-TO exist?
If not, and there are experts here willing to help out, I would be happy to write up my experience.
Thank you for reading, David
Try Johnny's Postfix w/dovecot install guides @ http://www.hughesjr.com/content/category/4/15/29/.
Best Regards, Camron
Camron W. Fox Hilo Office High Performance Computing Group Fujitsu America, INC. E-mail: cwfox@us.fujitsu.com
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
-- Peter Serwe <peter at infostreet dot com>
"The only true sports are bullfighting, mountain climbing and auto racing." -Earnest Hemingway
"Because everything else requires only one ball." -Unknown
"Do you wanna go fast or suck?" -Mike Kojima
"There are two things no man will admit he cannot do well: drive and make love." -Sir Stirling Moss
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
John Summerfield wrote:
Hmm, I note that while Qmailrocks points to the source of qmail, the qmail pages recommends lifewithqmail but does not mention qmailrocks.
That would be correct, it doesn't for reasons discussed on the ever-controversial (but not on the subject of qmail knowledge) qmail list.
You may never have perceived a problem, but that's not the same as not having a problem.
In fact, mail problems are somewhat tricky to perceive. Starting with the fact that logging mail properly is non-trivial, and following the instructions that do exist precisely can be semi-arduous.
I've found mail problems on servers that have been running mail for over 8 years, and nobody ever noticed it. It's the whole one-to-many and many-to-one thing. It gets overwhelming to verify each and every one, and most people figure it if seems to work, f--- it.
I note that qmail is not free software as defined by the FSF. I cannot even ungzip the tarball and bzip2 it without Dan (the author's approval) so as to save space when I distribute it. See http://cr.yp.to/qmail/dist.html
True though that may be, it's an endearing quirk along with a few other endearing quirks DJB has that make qmail all the more interesting. :D And these days, with the price of storage and bandwidth availability, who really needs to change out that .tar.gz for a .tar.bz2, anyway?
If you don't want to build from source you should be using a different package.
Seriously, qmail is a mandatory, unpack, patch, and build from source. I happen to use an rpm, but pretty much just unpacks, patches, and builds from source in a nicely repeatable fashion for any Linux I care to drop it on. I decide I want other patches, I just edit the .spec file and put them where they need to be. Build it, take the new src.rpm, and put that where it needs to go so I can push it wherever I need to.
I have heard Bad Thing in the past about qmail, so googled for "the problem with qmail." Some hits, not a lot. This is rather old, and the author's fond of postfix (as am I) (but he was expert in qmail): It speaks of licence, the author's attitude, problemss working with other software such as smartlist. http://lists.debian.org/debian-devel/1999/06/msg02053.html
Hey, I've heard postfix is a decent MTA, I just wouldn't know from personal experience. I do have friends that run it though. :D
This is more recent:
The problem with qmail is that you need either a big patchset or a once patched setup and reuse that. Plus qmail really has some not-so-nice bugs.
http://www.mail-archive.com/swinog@lists.swinog.ch/msg01601.html
Not so nice bugs? Ahh, it's not so bad. 'patch -p0 blah blah blah'
Oh, shhh sugar! This was written for RHL 6.x. I says, "PROCESS
- download qmail 1.03 (or latest - but it hasn't changed in a *long*
time):" http://jason.mindsocket.com.au/articles/qmail/setup-README
He's right. 1.03 is the latest listed at http://cr.yp.to/qmail/dist.html and http://cr.yp.to/qmail.html Version 1.0, the first general release, was announced on February, 20, 1997. The current version, 1.03, was released on June, 15, 1998. http://www.lifewithqmail.com/lwq.html#history
Funny thing is that, there hasn't been a reason to change qmail's source code.
Also, if you really want a prepatched version that takes care of a lot of the major issues, netqmail-1.05 goes a long ways towards that. Adding a couple of mild feature enhancements by way of patching pretty much makes building qmail a 4-minute process. RTFM'ing the first time takes about 2 hours, if you read slow. The documentation is pretty terse and to the point.
It looks to me that qmail is high-maintenance; www.qmail.org is one site that attempts to make it usable, but if DJB ever releases a newer version then what to do with all those patches?
Honestly? For the trivial complexity of the initial setup, qmail is one of the most low maintenance applications I have ever run on any platform. Basically, if you don't screw anything up, it just works. People have not touched a qmail configuration for 8 years, and never had a reason to. Spending a few minutes to know what you're doing on the front side pays dividends for years, even if for some reason, you end up choosing to use another MTA. I learned about the protocols from reading qmail documentation or referenced documentation.
It's like mixing and matching kernel patches.
What is? Patching qmail is nothing like patching a kernel. It's not nearly as complicated, the scope is far narrower, and the net effect of a success/fail is far easier to react to. I'd recommend anybody play with patching/building qmail, whereas, I can't even get a vanilla CentOS 4.4 kernel to build when I run 'make menuconfig' and then 'make'. I'm sure when I'm ready to find out why, I will though. :P
I don't see any patches to fix security problems, but I am not prepared to believe there are no security problems. There are patches to fix standards non-compliance (eg RFC 1870 and RFC 2821) and nobody can distribute source with them preapplied. Instead, they must distribute patch alone or source-plus-patch.
Well, ya know it's kinda funny. The author has had a cash prize for anybody to find a security hole in qmail for the better part of a decade, and as much as a lot of people have gotten really intimate with the qmail source code (as evidenced by the sheer number of patches), nobody has EVER been able to find one and claim the prize. I think that's as close to being able to believe there aren't any issues as any software I've ever seen. Certainly Bill Gates would be substantially poorer had he ever made that claim, and backed it with cash over the same time period.
</rant> :D
Peter
Peter Serwe wrote:
I don't see any patches to fix security problems, but I am not prepared to believe there are no security problems. There are patches to fix standards non-compliance (eg RFC 1870 and RFC 2821) and nobody can distribute source with them preapplied. Instead, they must distribute patch alone or source-plus-patch.
Well, ya know it's kinda funny. The author has had a cash prize for anybody to find a security hole in qmail for the better part of a decade, and as much as a lot of people have gotten really intimate with the qmail source code (as evidenced by the sheer number of patches), nobody has EVER been able to find one and claim the prize. I think that's as close to being able to believe there aren't any issues as any software I've ever seen.
I saw that. Who's the judge of what constitutes a security bug? You and I are very likely to disagree in some cases, even where we agree on a definition.
I do value standards compliance, and I think that something like: yum install postfix spamassassin dovecote beats downloading the source, patching, installing binaries (in /var? really!) and taking it on myself to verify it all fits together.
_I_ don't want development tools on my mail gateway, and if I really wanted to build from source I'd probably be using gentoo. or building RHEL myself.
Actually, I do, sort of, on one box:-) Both.
Certainly Bill Gates would be substantially poorer had he ever made that claim, and backed it with cash over the same time period.
</rant> :D
I also saw his comments re the author of postfix. OTOH, at www.postfix.org I could find nothing bad about qmail or its author. If Dan didn't propagate the alleged slanders, hardly anyone would know about them.
I also saw his comments re the future of qmail: http://cr.yp.to/qmail/future.html
There is also project Gamera (Qmail based) over at the ART repository: http://www.atomicrocketturtle.com/Joomla/content/view/77/32/
-Andy
On Mon, 2007-01-22 at 14:24 -0800, Peter Serwe wrote:
The qmailrocks setup leaves you with broken qmail. Ask on the qmail list if you really want to know the gory details.
If you're really interested in running qmail properly, I'd highly recommend following www.lifewithqmail.org or Matt Simpson's qmail-toaster scripts.
Peter
Camron W. Fox wrote:
Dave wrote:
Hello,
<SNIP> > > Does such a HOW-TO exist? > > If not, and there are experts here willing to help > out, I would be happy to write up my experience. > Thank you for reading, > David >
Try Johnny's Postfix w/dovecot install guides @
I've not looked at the document, but the software selection's what I'd recommend.
I use postfix plus cyrus; postfix is fairly simple to set up, but cyrus is probably overkill.
I use some block lists - I think the list originated in ipcop or spamcop or something - I got it from a mate - and I also run it through spamassassin (spamd) on the server to markup incoming email, and when I create an account I create some standard folders, including one for suspected spam, one for email containing possibly executable content.
On Wednesday 17 January 2007 07:19, Dave wrote:
Can anyone point me towards a HOW-TO that describes how to transform a normal CentOS install into a very basic POP3/IMAP/SMTP email server?
CentOS is prebuilt to be a nice, low-maintenance mail server. I've got several of them that I maintain, if by 'maintain', you really mean 'leave plugged in'. Yum is your friend, and so are the other people on this list.
There will not be a full-time IT person to maintain the server, so simplicity is a must.
Simplicity. Check
I am perfectly fine with leaving out complex server-side spam filtering, though I suspect that some basic blacklist usage would be a good idea.
Not complex. Check
Most specifically, I don't want to add the security liability and maintenance requirements of a typical "default" server. (Apache, PHP, MySQL, Bind, etc.)
Don't install all that other stuff. Check
Basically, I want an ultra-basic server that I can set for automatic updates and let it continue running "hands-off" until CentOS 4 is no longer supported with security patches.
Automatic. Check
Does such a HOW-TO exist?
(Scratches head) Dunno. Wanna make one?
1) Install packages
# yum -y install dovecot sendmail sendmail-cf;
2) Basic config: # chkconfig dovecot on; # chkconfig sendmail on;
3) Edit sendmail.mc: Change this line DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl so that it says: DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl Add this line at/near the bottom: FEATURE(dnsbl,`sbl-xbl.spamhaus.org')dnl save file, and then run m4 < sendmail.mc > sendmail.cf;
4) Other sendmail configs, google up local-host-names : list of server names you're receiving for virtusertable : email addresses and where you want them to go.
5) Start the services! service start sendmail; service start dovecot;
6) Open up the iptables firewall to allow inbound on ports 25, 143, and 110. (I usually edit /etc/sysconfig/iptables directly, but that can be problematic if you ever use a GUI to edit firewall rules, which I don't)
7) Update your DNS records so that the STATIC ip of the server you've just put together is your first (lowest numbered) MX record.
There's more that you can do, but for getting started, that should pretty much do it. No, it's not really all that difficult!
-Ben
If not, and there are experts here willing to help out, I would be happy to write up my experience.
Thank you for reading, David
____________________________________________________________________________________
Expecting? Get great news right away with email Auto-Check. Try the Yahoo! Mail Beta. http://advision.webevents.yahoo.com/mailbeta/newmail_tools.html _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
-- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
-
Andy Sutton -
Barry Brimer -
Benjamin Smith -
Brent -
Camron W. Fox -
Dave -
Denis Croombs -
John Summerfield -
Michael Watters -
Paul Krash -
Peter Serwe -
Will McDonald