[Flounder] Email server follow-up

DL Neil nzlug at etelligence.info
Mon Jun 20 10:22:33 AEST 2022 

Spent most of yesterday catching-up with improvements to my personal
email server - following-on from Russell's presentations at recent
meetings.

Came across a series of articles: "Let’s do Postfix slowly and
properly", which is interspersed with a companion series "Let’s do
Dovecot slowly and properly". The first post is dated Oct 2015, but that
didn't worry me particularly - given that my CentOS-based VPS is running
'old' versions anyway. The most recent additions are dated August 2020.

The author starts from 'zero', implementing a Postfix which will only
talk to in-house machines, and gradually builds-up to add sending and
receiving from 'anywhere'. The basis for recommendation is that
choices/settings are explained - rather than the usual 'copy me,
clickety-click we're done', blasé, one-size-fits-all, approach. Also, he
clearly identifies me/small-scale 'home users' as the target audience,
and thus his rationale isn't to merely imitate 'the big boys' and tries
to be realistic, eg load/size.

Here's hoping that you will also find the series, or particular posts,
helpful... Start at
https://brokkr.net/2015/10/15/lets-do-postfix-again-but-slowly-and-properly-this-time-part-1-a-simple-local-mail-receiving-server/

1: A simple local mail receiving server
2: Address manipulation
3: Opening up to the outside
4: Virtual domains
5: Relaying from the local network
1: PLAIN as day
2 – Proper authentication
6: Relay authenticating with SASL
3: LMTP
4: Filtering with Sieve
7: Encryption
8: PTR and SPF records
9: Using Rspamd as a spam milter
10: Restricting access
11: pflogsumm


PS/small confession:
I haven't implemented Rspamd yet - only got as far as clearing-out
SpamAssassin as preparation to see if the former is any less
overwhelming. As it happens, before sending this, I waited for midnight
UTC and my server's daily pflogsumm report. There's no noticeable
difference in that report* compared to 'the usual', nor in the messages
arriving in Thunderbird. Makes me wonder. Overkill? Over-sell? Fluke?

* the Postfix restrictions don't need any extra help to keep out
rat-bags in Poland and Vietnam attempting to use 'dead addresses' which
presumably appear on various dark-lists after various purveyors and
operators have been 'cracked'. (I tend to give each supplier a unique
email address on one of my domains - which makes it really easy to
identify who doesn't respect/protect my privacy, and to take steps
against the would-be spammers)
-- 
Regards,
=dn

More information about the Flounder mailing list