[CentOS] Postfix setup

Mon Mar 11 03:43:47 UTC 2013
Robert Moskowitz <rgm at htt-consult.com>

On 03/10/2013 10:54 PM, Austin Einter wrote:
> Dear All
> I am planning to setup mail server for my domain.
>
> Which one is preferred postfix or sendmail.

I switched to postfix 3 years ago, and never looked back.

> I came across a link *
> http://ostechnix.wordpress.com/2013/02/08/setup-mail-server-using-postfixdovecotsquirrelmail-in-centosrhelscientific-linux-6-3-step-by-step/
> * for postfix mail setup.

Here are two very good links:

http://campworld.net/thewiki/pmwiki.php/LinuxServersCentOS/Cent6VirtMailServer
http://wiki.centos.org/HowTos/Amavisd

I have used both as guideposts, and found problems with both, as people 
here and on related lists will attest to be the questions resulting by 
following other's instructions lead to strangeness.  I really suggest 
that you step slowly into this.  There is a lot to do to get all the 
pieces together.  A lot you need to understand with each package.  And 
then things not even covered, but you are expected to know when setting 
up a server.  Like php.conf, you need to set your timezone.  None of the 
tutorials for things like roundcube tell you this; you are expected to 
know about using php.


> It says,
> Prerequisites:
>
>     - The mail server should contain a valid MX record in the DNS server.
>     Navigate to this link how to setup DNS
> server<http://ostechnix.wordpress.com/2013/01/25/setup-dns-server-step-by-step-in-centos-6-3-rhel-6-3-scientific-linux-6-3-3/>
>     .
>     - Firewall and SELinux should be disabled.

You should never disable the server firewall. It is easy to figure out 
what ports are necessary and open only those.  As far as selunix, this 
is hard.  I have been given a set of scripts to work out what to enable 
for selinux, and this is still a work in progress for me.

> I have disabled iptables as my m/c is behind the firewall.

So what?  Read the press about "Advance Persistant Threats".  Only open 
what is necessary.

> It says I need to disable firewall. Is it really required. Kindly let me
> know.

Figure out the ports you need.  This is not hard.  It is easy compared 
to the rest you will have to learn.

I have the wounds, even with my kevlar suit.  :)

BTW, I am putting together my own blog on what I am doing.  I have to 
work out a few pieces to get my mysql passwords out of the scripts I 
use, but I have learned a lot over the past few months, and really 
should share.  some.