MailServer: Difference between revisions
Jump to navigation
Jump to search
| Line 54: | Line 54: | ||
Next should be Let's Encrypt, I think. I didn't make it to the part where I secure the service. | Next should be Let's Encrypt, I think. I didn't make it to the part where I secure the service. | ||
== Cataloging Interserver v. Diffie == | |||
<pre> | |||
$ diff interserver/dovecot/conf.d/10-auth.conf diffie/dovecot/conf.d/10-auth.conf | |||
8a9 | |||
> # See also ssl=required setting. | |||
99c100 | |||
< auth_mechanisms = plain login | |||
--- | |||
> auth_mechanisms = plain | |||
</pre> | |||
adding "login" to Diffie. | |||
Revision as of 01:49, 14 June 2022
Postfix Tutorials
- RedHat: https://www.redhat.com/sysadmin/install-configure-postfix
- Linux.com: https://www.linux.com/training-tutorials/install-and-configure-postfix-mail-server/
- Postfix: http://www.postfix.org/BASIC_CONFIGURATION_README.html
- DigitalOcean: https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-postfix-on-ubuntu-20-04
- Interesting - see: sudo DEBIAN_PRIORITY=low apt install postfix
SPF DNS Entry
Traxel Settings
- IPV4: 69.10.40.10
- IPV6: fe80::d227:88ff:fe34:7999/64
- Format: v=spf1 ip4:40.113.200.201 ip6:2001:db8:85a3:8d3:1319:8a2e:370:7348 include:thirdpartydomain.com ~all
- Start with the SPF version, v=spf1.
- Indicates that this is an SPF record.
- Will always be spf1 as other SPF versions have been discontinued.
- We'll only ever need 640K of RAM.
- Next, all IP addresses that are eligible to send email on behalf of your domain.
- Space delimited
- prefix ip[n]:
- ip4:69.10.40.10 ip6:fe80::d227:88ff:fe34:7999
- Next comes the include statement, which lists every third party organization that sends email on your behalf.
- Does this mean interserver? Is this the part where reverse lookups come in?
- include:thirdpartydomain.com
- The end of the SPF record is the strictness level.
- "-all" - strictest, fail email that doesn't come from this ip list
- "~all" - accept but flag email from other servers
- "+all" - anything goes
- I'll be using "-all".
Looks like the only remaining question is the "include" tag. How do I handle the include tag and/or flag my server from the reverse lookup standpoint?
- If no include:
- v=spf1 ip4:69.10.40.10 ip6:fe80::d227:88ff:fe34:7999 -all
- This works. Problem solved. Grumble.
- If yes include:
- v=spf1 ip4:69.10.40.10 ip6:fe80::d227:88ff:fe34:7999 include:systemicbias.com -all
DeadmanDAO
IMAP Daemon
IMAP Server
apt-get install dovecot-imapd
Next should be Let's Encrypt, I think. I didn't make it to the part where I secure the service.
Cataloging Interserver v. Diffie
$ diff interserver/dovecot/conf.d/10-auth.conf diffie/dovecot/conf.d/10-auth.conf 8a9 > # See also ssl=required setting. 99c100 < auth_mechanisms = plain login --- > auth_mechanisms = plain
adding "login" to Diffie.