.....Hash: SHA1 Luca Olivetti wrote:En/na Buchan Milne ha escrit:While on the subject of postfix, there is a small change that should be made to the cyrus transport to work out-the-box (gc?):
Neither the first nor the latter. Read my README.RPM (executive summary: don't use deliver, which is just a wrapper arounf lmtp, postfix speaks lmtp nativey).
Sure, but no reason to have a bad entry in the config file, either it should be removed totally, or fixed ... and the "old-cyrus" one can probably be removed too ...
Also, and example config in the main.cf for cyrus via lmtp would be an idea ... (there is already an example using the cyrus transport), so maybe:
#mailbox_transport = lmtp:unix:/file/name #mailbox_transport = cyrus # cyrus also speaks lmtp, which will be more efficient: #mailbox_transport = lmtp:unix:/var/lib/imap/socket/lmtp
Is there any feasible way of reducing the number of steps for cyrus? Such as adding postfix to the group mail?
well, i really DO prefer if postfix and cyrus were configured to run lmtp over tcp, might be longer to configure, but it is more secure, I do not want to see postfix in group mail or services dechrooted. Tcp also allows to have cyrus and postfix on two different hosts on in a failover setup.
Luca could you also add those steps to README.RPM?
add this line to /etc/services (should be in the default mdk services file, and should not be redefined as 2003 in cyrus rpm. IANA does not define lmtp, but does reserve port 24 for "any private mail system", and postfix uses 24 by default) lmtp 24/tcp # local mail transfer protocol
add this to postfix postconf -e "mailbox_transport = lmtp:<host where cyrus is running>"
in /etc/cyrus.conf comment the line: lmtpunix cmd="lmtpd" listen="/var/lib/cyrus/socket/lmtp" prefork=1
uncomment: lmtp cmd="lmtpd" listen="lmtp" prefork=0
and change it to look like: lmtp cmd="lmtpd" listen="lmtp" prefork=2
if postfix is running on the same host as cyrus, and no user has a shell there you can skip the next steps changing the above line to: lmtp cmd="lmtpd -a" listen="localhost:lmtp" prefork=2
else create user cyruslmtp with a valid password # /usr/sbin/useradd -c "Cyrus LMTP User" -d /var/lib/cyrus -s /sbin/nologin -r cyruslmtp # passwd cyruslmtp
add this line to /etc/cyrus.conf lmtp_admins: cyruslmtp
restart cyrus (we could add this user creation to cyrus rpm)
create the file /etc/postfix/lmtp_sasl_pass (owned by root and with mode 600) containing the line <host where cyrus is running><TAB>cyruslmtp:<password for cyruslmtp>
run: # postmap /etc/postfix/lmtp_sasl_pass # postconf -e "lmtp_sasl_auth_enable = yes" # postconf -e "lmtp_sasl_password_maps = hash:/etc/postfix/lmtp_sasl_pass" # postconf -e "lmtp_sasl_security_options = noanonymous"
ALL set.
oh, we could also replace the cyrus entries in master.cf with cyrus unix - - y - 2 lmtp -o lmtp_sasl_auth_enable = yes -o lmtp_sasl_password_maps = hash:/etc/postfix/lmtp_sasl_pass_cyrus -o lmtp_sasl_security_options = noanonymous
and create the user and map file in the rpm postinstall script.
the luser would only have to set
postconf -e "mailbox_transport = cyrus:localhost"
(i tought about this after writing the lot above)
agreed!Finally, while discussing changes to config files, I prefer not having version numbers (actually, we use "smtpd_banner = $myhostname ESMTP")
regards, L.
--
Luca Berra -- [EMAIL PROTECTED]
Communication Media & Services S.r.l.
/"\
\ / ASCII RIBBON CAMPAIGN
X AGAINST HTML MAIL
/ \