MailServer: Difference between revisions
Jump to navigation
Jump to search
| Line 116: | Line 116: | ||
seems like it could be important, leaving it for now, but may come back. | seems like it could be important, leaving it for now, but may come back. | ||
diffie does not have anything at /var/spool/postfix/private/auth, but does have other things in that directory. | |||
Revision as of 02:06, 14 June 2022
Postfix Tutorials
- RedHat: https://www.redhat.com/sysadmin/install-configure-postfix
- Linux.com: https://www.linux.com/training-tutorials/install-and-configure-postfix-mail-server/
- Postfix: http://www.postfix.org/BASIC_CONFIGURATION_README.html
- DigitalOcean: https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-postfix-on-ubuntu-20-04
- Interesting - see: sudo DEBIAN_PRIORITY=low apt install postfix
SPF DNS Entry
Traxel Settings
- IPV4: 69.10.40.10
- IPV6: fe80::d227:88ff:fe34:7999/64
- Format: v=spf1 ip4:40.113.200.201 ip6:2001:db8:85a3:8d3:1319:8a2e:370:7348 include:thirdpartydomain.com ~all
- Start with the SPF version, v=spf1.
- Indicates that this is an SPF record.
- Will always be spf1 as other SPF versions have been discontinued.
- We'll only ever need 640K of RAM.
- Next, all IP addresses that are eligible to send email on behalf of your domain.
- Space delimited
- prefix ip[n]:
- ip4:69.10.40.10 ip6:fe80::d227:88ff:fe34:7999
- Next comes the include statement, which lists every third party organization that sends email on your behalf.
- Does this mean interserver? Is this the part where reverse lookups come in?
- include:thirdpartydomain.com
- The end of the SPF record is the strictness level.
- "-all" - strictest, fail email that doesn't come from this ip list
- "~all" - accept but flag email from other servers
- "+all" - anything goes
- I'll be using "-all".
Looks like the only remaining question is the "include" tag. How do I handle the include tag and/or flag my server from the reverse lookup standpoint?
- If no include:
- v=spf1 ip4:69.10.40.10 ip6:fe80::d227:88ff:fe34:7999 -all
- This works. Problem solved. Grumble.
- If yes include:
- v=spf1 ip4:69.10.40.10 ip6:fe80::d227:88ff:fe34:7999 include:systemicbias.com -all
DeadmanDAO
IMAP Daemon
IMAP Server
apt-get install dovecot-imapd
Next should be Let's Encrypt, I think. I didn't make it to the part where I secure the service.
Cataloging Interserver v. Diffie
conf.d/10-auth.conf
$ diff interserver/dovecot/conf.d/10-auth.conf diffie/dovecot/conf.d/10-auth.conf 8a9 > # See also ssl=required setting. 99c100 < auth_mechanisms = plain login --- > auth_mechanisms = plain
adding "login" to Diffie.
conf.d/10-logging.conf
$ diff interserver/dovecot/conf.d/10-logging.conf diffie/dovecot/conf.d/10-logging.conf 24c44 < auth_verbose = yes --- > #auth_verbose = no 41c62 < mail_debug = yes --- > #mail_debug = no
Not changing this yet, but you can tell I was having just as much fun setting up Dovecot on Interserver. :D
conf.d/10-mail.conf
$ diff interserver/dovecot/conf.d/10-mail.conf diffie/dovecot/conf.d/10-mail.conf 30,31c30 < # mail_location = mbox:~/mail:INBOX=/var/mail/%u < mail_location = mbox:~/mail --- > mail_location = mbox:~/mail:INBOX=/var/mail/%u 113c114 < # mail_privileged_group = --- > mail_privileged_group = mail
Interesting, but not changing yet...
conf.d/10-master.conf
$ diff interserver/dovecot/conf.d/10-master.conf diffie/dovecot/conf.d/10-master.conf
96,98c107,109
< unix_listener /var/spool/postfix/private/auth {
< mode = 0666
< }
---
> #unix_listener /var/spool/postfix/private/auth {
> # mode = 0666
> #}
seems like it could be important, leaving it for now, but may come back.
diffie does not have anything at /var/spool/postfix/private/auth, but does have other things in that directory.