Thanks to all for suggestions. A few things I learnt, don't rely on old config files between upgrades, I didn't know about SOURCE_ADDRESS and it does work on an older Debian 6 (stable) version 0.65.0, and it should have been obvious but outgoing connections to other mailservers does not rely on an open port 25. Oh, and SSL is/was only needed for older Outlook clients (I've never used windows so I wouldn't know).
So I have this working on a small 128Mb VPS (currently using 40Mb ram) where I only have port 22 for SSH and port 587 visible and TLS is enforced so clients have to use port 587/TLS with authentication. Cool. These are the only packages installed (Ubuntu 13.04 in this case)... courier-authdaemon 0.63.0-6 courier-authlib 0.63.0-6 courier-authlib-mysql 0.63.0-6 courier-authlib-userdb 0.63.0-6 courier-base 0.68.2-1ubuntu1 courier-mta 0.68.2-1ubuntu1 courier-ssl 0.68.2-1ubuntu1 and in the end these were the 2 main settings I had to change from default, other than provide the right SSL certificate... /etc/courier/esmtpd ESMTP_TLS_REQUIRED=1 ESMTPDSTART=NO The only other little bit of a "trick" was using a SSH tunnel back to MySQL on our main mailserver to avoid blowing the ram on this small VPS. Most of the instructions for how to do this I got from this page... http://linuxaria.com/howto/permanent-ssh-tunnels-with-autossh where the critical settings in /etc/courier/authmysqlrc are... MYSQL_PORT 3306 MYSQL_SERVER 127.0.0.1 #MYSQL_SOCKET /var/run/mysqld/mysqld.sock The main reason for doing the above was a) I did not want t expose port 3306 on our main server and b) I couldn't be bothered setting up a VPN for just this case when a simple SSH tunnel is all I need. ------------------------------------------------------------------------------ Minimize network downtime and maximize team effectiveness. Reduce network management and security costs.Learn how to hire the most talented Cisco Certified professionals. Visit the Employer Resources Portal http://www.cisco.com/web/learning/employer_resources/index.html _______________________________________________ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
