> So, I’m back to my (slow) migration of an existing macOS High Sierra +
> Server.app Apple-’supported’ mail server to one based on macOS Mojave +
> Server.app + macports. Server.app is running. DNS is running. Users are in
> OpenDirectory. Their backup home directories (synced with clients) are
> available. Now it’s time to migrate the mail server. That is (as on High
> Sierra): postfix + dovecot + spamassasin + clamav + greylisting. But while
> I’m at it I’d like to enable DMARC at least. I’m used to managing the
> configuration by editing files (such as main.cf and master.cf, whitelists,
> etc.) at the unix level.
Yes, that’s exactly the scenario the port mail-server was designed for. It
provides configuration of MacPorts ports that performs integrated
smtp+imap+av+DMARC+dkim+search and other stuff. Its configuration is based in
part on the old macOS Server.app version 5.7 Mail server, but updates this with
a lot of newer capabilities. Bottom line: rspamd in, spamassassin out. I’m
using it right now and it performs much better than the old macOS Server.app
Mail server. The one thing it’s missing is fine-grain, managed acl’s. You’ll
need to evaluate the security model for your own situation yourself and make
adjustments, and please provide feedback if you have any concerns.
> A user-friendly way to manage sieve filtering by end-users would be nice (I
> had roundcube once, have been editing the sieve file by hand since then on
> the server).
Dovecot-sieve with specific user space sieve directories is part of this
configuration.
> I have a few questions that arose during preparation (mostly because I was
> unable to find documentation for the port): I was looking at available
> documentation. There is a mail-server ‘aggregate’, but it wants X11. Why? How
> do I find out what variants I need.
I don’t know which dependency wants X11. The port dependencies are all
independent MacPorts ports, so defer to their design.
> Definitely pure, but for instance do I need a variant that can use the local
> Open Directory for authentication (postfix and dovecot) and if so, how do I
> find out?
The old macOS Server.app had a modified dovecot that provides OD
authentication. It has some nice features like using UUIDs for user
directories. This isn’t available now. But the code is open source if anyone
wanted to patch it in. My expectation is that this would be a major project and
unnecessary.
> Why does the dovecot port add users/group that already exist on macOS
> (_dovecot, _dovenull)?
You want to keep MacPorts-managed users/groups separate from OS-managed ones.
Also, I’m not certain/doubt that those exist on a non-Server.app macOS.
However, user postfix does, and you definitely don’t want to cross over into
native postfix space.
> Why would I add lucene etc. if all searching and indexing happens on the
> client side (Mail.app, spotlight)?
Because solr searches from mobile devices are lightning fast and awesome. Night
and day difference from the old macOS Server.app configuration.
> I looked at installs for postfix and I noticed in the last year it has been
> installed only once. Is that right? dovecot2 has 2. dovecot2 has no
> maintainer. I find wiki pages, but then they are often unfinished/incomplete.
> Makes me wonder: is there any volume in this community or will I be
> effectively be the only one?
No. That mainly a function of macOS Server.app providing a Mail server. It was
completely unnecessary to use open source mail server tools on macOS so long as
Server.app supported it. But it doesn’t anymore, so we’re have a mail-server
port that provides a configuration for this capability. Also, those numbers are
from mpstats users that volunteer usage statistics—that’s not all users.
