|
Ella First a lesson about mail servers. A mail server is a combination of a bunch of software working together. The two main parts are the email server itself, for which I use postfix, and the imap server (or pop server), for which I use cyrus. Postfix sends and receives mail, and cyrus sorts and stores the mail. And then there are other pieces, depending on what you want to do. I use a combination of Amavisd-new, SpamAssassin, Razor, DCC, Pyzor and ClamAV for spam/virus filtering. I use squirrelmail as a web interface to the mail server, doing basically the same thing that Outlook, Mozilla Mail, or Thunderbird do on your local machine, but it does it on the server through a web interface. Obviously, you also need a web server for that, which I am already running for our web pages. I use apache. I have also set up mailman for our mailing lists. For security, I use openldap as the authentication system, and certificates, which is a whole 'nother topic. Made a python script to rotate the spam. I am having all spam that gets a score greater than 12 + mails with banned contents or viruses sent to a special account. This account has weekly rotation set up. Mail in this account is deleted after 4 weeks. Notes from setting up new mail server.info: created a script to rotate the spam. /root/rotate-spam.py Keep 4 weeks of spam, then it is deleted. a sieve filter puts all mail in the spam user directly in the archive folder, all spam, viruses, etc. over 10 (set in /etc/amavis/amavisd.conf) going to one account. used ipurge to get rid of mail older than 20 days in test. have to use -f option, but this means it checks all folders under level requested, and if you are cleaning the inbox, this is all folders, so be careful. must do as user cyrus if doing from command line: purgetrash cmd="/usr/sbin/ipurge -f -d 14 *.Trash" at=0301 Which purges all messages older than 14 days, in all users' Trash folders and runs every morning at 3:01am. See the man pages for ipurge and cyrus.conf for more details. Procedure used to switch cyrus data to new machine: mail set up based on:
good to know:
# If you change the alias database, run newaliases *to deal with modules in apache use [@a2enmod moduleand a2dismod module
If you want to configure your system to use more instances of amavisd-new, allocate at least 60MB for each additional instance. It you wanted to double the number of child processes from 2 to 4, you would edit amavisd.conf and change: $max_servers = 2; to $max_servers = 4; Then edit master.cf and change: smtp-amavis unix - - - - 2 smtp to smtp-amavis unix - - - - 4 smtp Amavisd-new (SpamAssassin actually) will be the biggest bottleneck in the system. On a busy server you will probably want 2GB RAM so you can accommodate somewhere around 12 $max_servers. If you run sa-learn --force-expire or spamassassin --lint -D or other spamassassin commands from the root account, SpamAssassin may change the owner of the Bayes files to 'root'. If it does, amavis will no longer be able to read those files. You would need to run chown -R amavis:amavis /var/lib/amavis to regain ownership. In general, if you do any spamassassin maintenance from the command prompt as root, the best thing to do is run chown -R amavis:amavis /var/lib/amavis afterwards; just to make sure. You can avoid these problems by remembering to run spamassassin commands as the amavis user. For example su amavis -c 'sa-learn --sync --force-expire' This script does have some entries that are dependent on the version of SA. If you are not running SA 3.2.5, the script may need to be edited, and you must remember to edit this file when a new version of SA comes out: vi /usr/sbin/sa-update.sh Notice the lines that may need to be changed. Change 3.002005 if needed (3.3.0 might be 3.003000 for example): Exit (or save) the file and run the script: sa-update.sh Bind: using jail now munin: can change munin frequency in /etc/cron.d/munin, Testingtesting and how-to stuff:
This excludes much the server says back to you... server1:~# telnet 10.208.108.13 25 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. 220 server1.example.com ESMTP Postfix (Debian/GNU) ehlo localhost 250-server1.example.com 250-PIPELINING 250-SIZE 10240000 250-VRFY 250-ETRN 250-STARTTLS 250-AUTH LOGIN PLAIN 250-AUTH=LOGIN PLAIN 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN mail from:<steve@example.com> rcpt to:<john@example.com> data Hi John, just wanted to drop you a note. . quit look at log file for postfix sending. This should not involve spam filtering. spam filtering is only through mail.shadlen.org (14) not actually sure about port 25 on mail.shadlen.org check to inbox http://www200.pair.com/mecham/spam/spamfilter20090215.html#testit At the bottom of the above link are also hints about dealing with logfiles and backing up config files. spamassassin -t < message.eml to see more infos (what SA is actually doing) spamassassin -D -t < message.eml check website check squirrel mail |