Hello all,
Just finished setting up my shiny new OpenBSD-based IMAP server.
Long time OpenBSD user, but finally got myself a nice reliable OpenBSD
box (Something with a static IP on a network with a proper level of
uptime) that I can use for e-mail.
I followed the instructions in the FAQ to set my server up, everything
went flawlessly except two little bits that might be worth adding:
* dovecot.conf needed mail_location to be set, I ended up using:
"mail_location = maildir:/mail/%d/%n:LAYOUT=fs"
(I have a 1 TB disk mounted to /mail, the rest is on a 20 GB SSD)
* I also had to bump up the number of open files in login.conf,
specifically:
daemon:\
:ignorenologin:\
:datasize=infinity:\
:maxproc=infinity:\
-- :openfiles-cur=128:
++ :openfiles-cur=1024:\
:stacksize-cur=8M:\
:localcipher=blowfish,9:\
:tc=default:
Otherwise the documentation was very helpful and simple enough to
follow, but not too simple. I went from a fresh OpenBSD 5.9 box to
working, and fully secured, IMAP server in a few hours with TLS
everywhere and fully trusted certs and spam / virus protection. I used
to be a corporate email admin and this was the simplest, yet most secure
and robust install I've ever done. Plus everything is encrypted except
on machines I don't control, it's been too long since I've had that.
I would suggest adding in a part on using 'encrypt -p -b 8' to produce
the passwords for /etc/mail/passwd. And perhaps a section added to
STARTTLS on the certificate format it uses (i.e. take the CA
certificate, append the intermediate certificate, then attach the server
cert. All in the same file, all in pem format.)
-Christopher Ahrens
--
You received this mail because you are subscribed to [email protected]
To unsubscribe, send a mail to: [email protected]
