subject:"mail server"

On Fri, Feb 21, 2020 at 5:09 AM Tom Browder  wrote:
>
> I am preparing servers to use with OpenSMTPD and Sympa to provide mail
and mailing list service.
...

After considering all the suggestions, I have prepared a plan, using a bit
of pseudo code, to describe what I believe I need to do.

Interested parties can view at this gist:

  https://gist.github.com/tbrowder/0be832c0405d54021fa730b791629643

I appreciate all the help for, IMHO, a very complicated subject.

-Tom

Re: Choice of "mailname" for mail server: suggestions welcome

On Fri, Feb 21, 2020 at 11:04 AM Henning Follmann
 wrote:
> On Fri, Feb 21, 2020 at 08:47:36AM -0600, Tom Browder wrote:
> > On Fri, Feb 21, 2020 at 08:37 Henning Follmann 
...
> For years I operated a couple of sendmail installations. That and the
> O'Reilly Sendmail book tought me a lot.
> Today I prefer postfix. There is a german book from Peer Heinlein.
> This is an excellent source if you want to set up a multidomain
> mailserver completely driven by a LDAP directory.

That got some good reviews--sorry my old German-speaking roommate is not nearby.

Thanks, Henning.

-Tom

Re: Choice of "mailname" for mail server: suggestions welcome

2020-02-21 Thread Brian

On Fri 21 Feb 2020 at 12:36:38 -0600, Tom Browder wrote:

> On Fri, Feb 21, 2020 at 12:05 PM Brian  wrote:
> > On Fri 21 Feb 2020 at 11:22:58 -0600, Tom Browder wrote:
> >
> > > On Fri, Feb 21, 2020 at 09:36 Brian  wrote:
> ...
> > Thanks, I will read the page in detail later. Meanwhile, I did a quick
> > search on the page for "mailname" and didn't get anything. Anyway, what
> > I really wanted to know was what function *you* thought /etc/mailname
> > played in OpenSMTPD because it would determine what you chose for it.
> >
> > On Exim it is used to qualify a local part without a domain name. After
> > I installed OpenSMTPD it seems to me that this is also what OpenSMTPD
> > does. In other words, if I had mailname as gmail.com, a mail I send to
> > tombrowder (no domain name) would go to tombrow...@gmail.com.
> 
> Brian, you may be right. I cannot find anything in the man pages, but
> it may have been stated during the installation of the Debian package.
> I'll uninstall and reinstall to see if I can capture the
> instructions...

Instead, you can do 'dpkg-reconfigure opensmtpd'.

-- 
Brian.

Re: Choice of "mailname" for mail server: suggestions welcome

On Fri, Feb 21, 2020 at 12:36 PM Tom Browder  wrote:
> On Fri, Feb 21, 2020 at 12:05 PM Brian  wrote:
> > Thanks, I will read the page in detail later. Meanwhile, I did a quick
> > search on the page for "mailname" and didn't get anything. Anyway, what
> > I really wanted to know was what function *you* thought /etc/mailname
> > played in OpenSMTPD because it would determine what you chose for it.
> >
> > On Exim it is used to qualify a local part without a domain name. After
> > I installed OpenSMTPD it seems to me that this is also what OpenSMTPD
> > does. In other words, if I had mailname as gmail.com, a mail I send to
> > tombrowder (no domain name) would go to tombrow...@gmail.com.
>
> Brian, you may be right. I cannot find anything in the man pages, but
> it may have been stated during the installation of the Debian package.
> I'll uninstall and reinstall to see if I can capture the
> instructions...

Okay, here are the instructions, just as you said:

The "mail name" is used as the domain name in the email address for
messages that only have a "local part" (such as
  │  or ). It should be a fully qualified domain
name (FQDN) that you are entitled to use.
  │
  │ For instance, to allow the local host to generate mail with
addresses such as , set the
  │ system mail name to "example.org".

So, I guess I can trust opensmtpd to do the right thing if I set up
its configuration properly. And for the DNS just make every domain
have its own mail server (as long as everything eventually maps the
the correct server IP listening on port 25).

Thanks.

-Tom

Re: Choice of "mailname" for mail server: suggestions welcome

On Fri, Feb 21, 2020 at 12:05 PM Brian  wrote:
> On Fri 21 Feb 2020 at 11:22:58 -0600, Tom Browder wrote:
>
> > On Fri, Feb 21, 2020 at 09:36 Brian  wrote:
...
> Thanks, I will read the page in detail later. Meanwhile, I did a quick
> search on the page for "mailname" and didn't get anything. Anyway, what
> I really wanted to know was what function *you* thought /etc/mailname
> played in OpenSMTPD because it would determine what you chose for it.
>
> On Exim it is used to qualify a local part without a domain name. After
> I installed OpenSMTPD it seems to me that this is also what OpenSMTPD
> does. In other words, if I had mailname as gmail.com, a mail I send to
> tombrowder (no domain name) would go to tombrow...@gmail.com.

Brian, you may be right. I cannot find anything in the man pages, but
it may have been stated during the installation of the Debian package.
I'll uninstall and reinstall to see if I can capture the
instructions...

-Tom

Re: Choice of "mailname" for mail server: suggestions welcome

2020-02-21 Thread Brian

On Fri 21 Feb 2020 at 11:22:58 -0600, Tom Browder wrote:

> On Fri, Feb 21, 2020 at 09:36 Brian  wrote:
> 
> > On Fri 21 Feb 2020 at 05:09:47 -0600, Tom Browder wrote:
> >
> ...
> | > I need to settle on names to define as the "mailname" for each the two
> 
> > > servers I will designate for the DNS MX records for all my mail-enabled
> > > domains. The mailnames should be "fully qualified domain names" (FQDNs)
> > so
> >
> ...
> 
> > I wouldn't use any of those with Exim because I am aware of the function
> > of /etc/mailname in its sending of mail. What does /etc/mailname do on
> > OpenSMTPD?
> 
> 
> The source of my info is in this link:
> 
> 
> https://poolp.org/posts/2019-09-14/setting-up-a-mail-server-with-opensmtpd-dovecot-and-rspamd/?utm_source=share_medium=ios_app_name=iossmf

Thanks, I will read the page in detail later. Meanwhile, I did a quick
search on the page for "mailname" and didn't get anything. Anyway, what
I really wanted to know was what function *you* thought /etc/mailname
played in OpenSMTPD because it would determine what you chose for it.

On Exim it is used to qualify a local part without a domain name. After
I installed OpenSMTPD it seems to me that this is also what OpenSMTPD
does. In other words, if I had mailname as gmail.com, a mail I send to
tombrowder (no domain name) would go to tombrow...@gmail.com.

Apologies if I have missed the point and this is something you have
factored into your planning.

-- 
Brian.

Re: Choice of "mailname" for mail server: suggestions welcome

On Fri, Feb 21, 2020 at 09:36 Brian  wrote:

> On Fri 21 Feb 2020 at 05:09:47 -0600, Tom Browder wrote:
>
...
| > I need to settle on names to define as the "mailname" for each the two

> > servers I will designate for the DNS MX records for all my mail-enabled
> > domains. The mailnames should be "fully qualified domain names" (FQDNs)
> so
>
...

> I wouldn't use any of those with Exim because I am aware of the function
> of /etc/mailname in its sending of mail. What does /etc/mailname do on
> OpenSMTPD?


The source of my info is in this link:


https://poolp.org/posts/2019-09-14/setting-up-a-mail-server-with-opensmtpd-dovecot-and-rspamd/?utm_source=share_medium=ios_app_name=iossmf

-Tom

Re: Choice of "mailname" for mail server: suggestions welcome

2020-02-21 Thread Henning Follmann

On Fri, Feb 21, 2020 at 08:47:36AM -0600, Tom Browder wrote:
> On Fri, Feb 21, 2020 at 08:37 Henning Follmann 
> wrote:
> 
> > On Fri, Feb 21, 2020 at 12:38:45PM +0100, john doe wrote:
> 
> ...
> 
> > Don't do THAT!
> >
> > RFC2181 section 10.3 says you can't point your MX record to a CNAME
> >
> 
> Maybe that's why Namecheap has the MXE record that points to an IP.
> 
> Besides the relevant RFCs, can anyone recommend a good book that covers all
> this. I have a couple of the O'Reilly books on "Postfix" and "DNS and Bind"
> and I am going back to refresh myself, but any other recs?
>

For years I operated a couple of sendmail installations. That and the
O'Reilly Sendmail book tought me a lot.
Today I prefer postfix. There is a german book from Peer Heinlein.
This is an excellent source if you want to set up a multidomain
mailserver completely driven by a LDAP directory.

-H

-- 
Henning Follmann   | hfollm...@itcfollmann.com

Re: Choice of "mailname" for mail server: suggestions welcome

2020-02-21 Thread Brian

On Fri 21 Feb 2020 at 05:09:47 -0600, Tom Browder wrote:

> I am preparing servers to use with OpenSMTPD and Sympa to provide mail and
> mailing list service.
> 
> I need to settle on names to define as the "mailname" for each the two
> servers I will designate for the DNS MX records for all my mail-enabled
> domains. The mailnames should be "fully qualified domain names" (FQDNs) so
> they will have names like:
> 
> + mail.example.com
> + smtp.example.com
> + mx.example.com
> 
> Does anyone have strong reasons to use one over another, or any other
> choice?

I wouldn't use any of those with Exim because I am aware of the function
of /etc/mailname in its sending of mail. What does /etc/mailname do on
OpenSMTPD?

-- 
Brian.

Re: Choice of "mailname" for mail server: suggestions welcome

On Fri, Feb 21, 2020 at 08:37 Henning Follmann 
wrote:

> On Fri, Feb 21, 2020 at 12:38:45PM +0100, john doe wrote:

...

> Don't do THAT!
>
> RFC2181 section 10.3 says you can't point your MX record to a CNAME
>

Maybe that's why Namecheap has the MXE record that points to an IP.

Besides the relevant RFCs, can anyone recommend a good book that covers all
this. I have a couple of the O'Reilly books on "Postfix" and "DNS and Bind"
and I am going back to refresh myself, but any other recs?

Thanks.

-Tom

Re: Choice of "mailname" for mail server: suggestions welcome

2020-02-21 Thread Henning Follmann

On Fri, Feb 21, 2020 at 12:38:45PM +0100, john doe wrote:
> On 2/21/2020 12:09 PM, Tom Browder wrote:
> > I am preparing servers to use with OpenSMTPD and Sympa to provide mail and
> > mailing list service.
> >
> > I need to settle on names to define as the "mailname" for each the two
> > servers I will designate for the DNS MX records for all my mail-enabled
> > domains. The mailnames should be "fully qualified domain names" (FQDNs) so
> > they will have names like:
> >
> > + mail.example.com
> > + smtp.example.com
> > + mx.example.com
> >
> > Does anyone have strong reasons to use one over another, or any other
> > choice?
> >
> 
> I might be missing something here but the domain name is what you
> buy/what you get.
> 
> If your planning to use split DNS, 'internal' and 'external' could be
> one option.
> 
> For the lists, 'lists.example.com' might not be a bad idea.
> 
> You can also use cname record to point to the same thing.
> 
> --
> John Doe
>


Don't do THAT!

RFC2181 section 10.3 says you can't point your MX record to a CNAME

-H


-- 
Henning Follmann   | hfollm...@itcfollmann.com

Re: Choice of "mailname" for mail server: suggestions welcome

2020-02-21 Thread Joe

On Fri, 21 Feb 2020 06:46:59 -0600
Tom Browder  wrote:

> On Fri, Feb 21, 2020 at 06:29 Joe  wrote:
> 
> > On Fri, 21 Feb 2020 06:00:14 -0600
> > Tom Browder  wrote:  
> 
> ...
> 
> > > As I understand it, a mail server has to use smtp to physically
> > > transfer mail between physical hosts and that requires one name
> > > that will resolve to an IP. Even if the server is hosting multiple
> > > domains, the mail for each still has to use the one "mailname" for
> > > transport.  
> >
> > Not really, you can have an A record for each domain, with the MX
> > record for each domain pointing to its 'own' A record. The only
> > common feature must be the IP address that the A records point to.
> >
> > You may well have only one PTR record for the address, although
> > multiple PTRs on one address are valid, but not many ISPs make
> > provision for that.
> >  
> 
> Interesting--I would prefer that. So with all mail stuff on one
> server, I can have each domain's MX record point to its own mail
> server. And I do have control of the PTR record. I just need to
> ensure everything resolves to the correct host IP.
> 
> So how does all that jibe with the single name required by OpenSMPTD?
> 

Don't know, I'm not familiar with that. But mail server software
shouldn't need to know anything about the DNS records used to route SMTP
mail to it. If so configured, it will look up DNS records of senders,
but not generally its own.

Exim4 has a default mailname, but to the best of my knowledge, it is
used only in the HELO/EHLO banner, and can be overridden for multiple
domains. HELO/EHLO is used to identify the server in logs, and need not
have any relationship to any email domain handled by the server, and is
often (incorrectly) configured as a bare domain name. It is best
configured to the same FQDN that the domain's primary MX record holds.

It is certainly supposed to be a FQDN, and it does need to be
resolvable in public DNS. My mail server, like most, is configured to
reject email from a sender whose HELO is not resolvable, and
particularly those whose HELO appears to be my own domain or public IP
address (yes, some malware does that). DNS servers aren't really
supposed to resolve bare domain names, but most do, aliasing to the
'www' A record, because many people are too lazy to type 'www' in what
should be a web FQDN.

-- 
Joe

Re: Choice of "mailname" for mail server: suggestions welcome

On Fri, Feb 21, 2020 at 06:29 Joe  wrote:

> On Fri, 21 Feb 2020 06:00:14 -0600
> Tom Browder  wrote:

...

> > As I understand it, a mail server has to use smtp to physically
> > transfer mail between physical hosts and that requires one name that
> > will resolve to an IP. Even if the server is hosting multiple
> > domains, the mail for each still has to use the one "mailname" for
> > transport.
>
> Not really, you can have an A record for each domain, with the MX
> record for each domain pointing to its 'own' A record. The only common
> feature must be the IP address that the A records point to.
>
> You may well have only one PTR record for the address, although
> multiple PTRs on one address are valid, but not many ISPs make provision
> for that.
>

Interesting--I would prefer that. So with all mail stuff on one server, I
can have each domain's MX record point to its own mail server. And I do
have control of the PTR record. I just need to ensure everything resolves
to the correct host IP.

So how does all that jibe with the single name required by OpenSMPTD?

Thanks, Joe.

-Tom

Re: Choice of "mailname" for mail server: suggestions welcome

2020-02-21 Thread Jonas Smedegaard

Quoting Tom Browder (2020-02-21 13:17:52)
> On Fri, Feb 21, 2020 at 06:00 Jonas Smedegaard  wrote:
> 
> > Hi tom,
> >
> ...
> 
> > > Does anyone have strong reasons to use one over another, or any other
> >
> > choice?
> >
> ...
> 
> > Depends on the purpose of the name(s).
> 
> ...
> 
> Thanks, Jonas, that makes good sense. Based on that I should use 
> "mail" and maybe "mail2" for my backup mail server.

Only if by "backup" you mean mirror of mail services generally - i.e. 
also for your users to connect to for fetching their mail when the 
primary server is down.

Otherwise, if you mean MX backup then I would use "mx2" for the backup 
host (and I would then consider naming the primary host _both_ "mail" 
and "mx1" so that I can use "mx1" and "mx2" for MX records.

> One of the reasons I asked was I know Gmail used to use something like 
> " smtp.gmail.com" for its smtp server and thought that might be 
> popular among sysadmins with such servers.

Lots of names are popular for various reasons.

Google has numerous hosts serving specifc services, likely with failover 
so that one hostname is even used for multiple hosts behind the scenes.

So if your setup is complex, then name each service, and number it too.

...but if you want simplicity, then beware that for each hostname you 
may (now or later) need to fumble with TLS certificates and/or DNSSEC 
signing keys.

...and beware that your users are not helped by hosts named by services 
but will likely find it geeky that they need to use "smpt2" to send and 
"pop3" to receive (unless of course they are all geeks, where they might 
prefer hosts named by characters in Tolkien books or Star Wars).

As Michael also mentioned, some mail clients blindly assume the world 
uses specific names for user-facing incoming and outgoing services, and 
probe those names before asking the user.  Personally I have found it 
least confusing for my users to tell them that "the server is 
mail-dot-our-domain for all user-facing services - both incoming and 
outgoing", and I then setup hints for those mail clients that wants to 
auto-configure.

 - Jonas

-- 
 * Jonas Smedegaard - idealist & Internet-arkitekt
 * Tlf.: +45 40843136  Website: http://dr.jones.dk/

 [x] quote me freely  [ ] ask before reusing  [ ] keep private

signature.asc
Description: signature

Re: Choice of "mailname" for mail server: suggestions welcome

On Fri, Feb 21, 2020 at 06:17 Michael Howard 
wrote:
...

> I don't know your use case but using 'regular' names like smtp.example.com,
> imap.example.com, pop3.example.com etc, help with the auto config
> processes used on devices, thus making it easier for users to setup
> accounts on their devices.
>

I'm not planning on anything at the moment but supporting mailing lists,
but you have a good point for any future expansion.

Thanks, Michael.

-Tom

Re: Choice of "mailname" for mail server: suggestions welcome

2020-02-21 Thread Joe

On Fri, 21 Feb 2020 06:00:14 -0600
Tom Browder  wrote:

> On Fri, Feb 21, 2020 at 05:39 john doe  wrote:
> ...
> 
> > I might be missing something here but the domain name is what you
> > buy/what you get.  
> 
> 
> Note I own (techically it's more of a rental or lease) multiple
> domains hosted across multiple servers which I also fully control (no
> sharing, full root control).
> 
> As I understand it, a mail server has to use smtp to physically
> transfer mail between physical hosts and that requires one name that
> will resolve to an IP. Even if the server is hosting multiple
> domains, the mail for each still has to use the one "mailname" for
> transport.

Not really, you can have an A record for each domain, with the MX
record for each domain pointing to its 'own' A record. The only common
feature must be the IP address that the A records point to.

You may well have only one PTR record for the address, although
multiple PTRs on one address are valid, but not many ISPs make provision
for that.

> 
> Hence my original question.
> 

I don't really see any reason either way, you can call it
fred.example.com if you wish, as long as the MX records point to it.

You may well have multiple A records for the address, anyway. An
important feature of a mail server is a complementary A-PTR pair, and
not all ISPs allow user setting of the PTR. So you may well have an
A-PTR pair on the IP address, both supplied by the ISP, which bear no
relation to any of your domain names. No problem.

If you have external account users, they will need to set up addresses
for both SMTP and IMAP/POP, and it is slightly more convenient to use
the one name for both, and 'mail' will then be more suitable. It's only
when you get fancy, with separate incoming and outgoing servers, that
you need distinct and meaningful names.

-- 
Joe

Re: Choice of "mailname" for mail server: suggestions welcome

On Fri, Feb 21, 2020 at 06:00 Jonas Smedegaard  wrote:

> Hi tom,
>
...

> > Does anyone have strong reasons to use one over another, or any other
>
> choice?
>
...

> Depends on the purpose of the name(s).

...

Thanks, Jonas, that makes good sense. Based on that I should use "mail" and
maybe "mail2" for my backup mail server.

One of the reasons I asked was I know Gmail used to use something like "
smtp.gmail.com" for its smtp server and thought that might be popular among
sysadmins with such servers.

-Tom

Re: Choice of "mailname" for mail server: suggestions welcome

2020-02-21 Thread Michael Howard


On 21/02/2020 11:09, Tom Browder wrote:
I am preparing servers to use with OpenSMTPD and Sympa to provide mail 
and mailing list service.


I need to settle on names to define as the "mailname" for each the two 
servers I will designate for the DNS MX records for all my 
mail-enabled domains. The mailnames should be "fully qualified domain 
names" (FQDNs) so they will have names like:


+ mail.example.com 
+ smtp.example.com 
+ mx.example.com 

Does anyone have strong reasons to use one over another, or any other 
choice?


Thanks for any help.

Best regards,

-Tom



I don't know your use case but using 'regular' names like 
smtp.example.com, imap.example.com, pop3.example.com etc, help with the 
auto config processes used on devices, thus making it easier for users 
to setup accounts on their devices.


--
Michael Howard

Re: Choice of "mailname" for mail server: suggestions welcome

2020-02-21 Thread Jonas Smedegaard

Hi tom,

Quoting Tom Browder (2020-02-21 12:09:47)
> I am preparing servers to use with OpenSMTPD and Sympa to provide mail 
> and mailing list service.
> 
> I need to settle on names to define as the "mailname" for each the two 
> servers I will designate for the DNS MX records for all my 
> mail-enabled domains. The mailnames should be "fully qualified domain 
> names" (FQDNs) so they will have names like:
> 
> + mail.example.com
> + smtp.example.com
> + mx.example.com
> 
> Does anyone have strong reasons to use one over another, or any other 
> choice?

Depends on the purpose of the name(s).

If you run everything on a single host, then mail.example.com.

If you need to distinguish mail routing from other tasks (e.g. when 
running a spam filter on a different host and you want to tell other 
smtp servers to deliver to that instead of directly to your main mail 
server), then mx.example.com (or mx1.example.com) for that.

Similar for other names: Use protocol or other special name to emphasize 
that service, otherwise it is more confusing than helping.

 - Jonas

-- 
 * Jonas Smedegaard - idealist & Internet-arkitekt
 * Tlf.: +45 40843136  Website: http://dr.jones.dk/

 [x] quote me freely  [ ] ask before reusing  [ ] keep private

signature.asc
Description: signature

Re: Choice of "mailname" for mail server: suggestions welcome

On Fri, Feb 21, 2020 at 05:39 john doe  wrote:
...

> I might be missing something here but the domain name is what you
> buy/what you get.

Note I own (techically it's more of a rental or lease) multiple domains
hosted across multiple servers which I also fully control (no sharing, full
root control).

As I understand it, a mail server has to use smtp to physically transfer
mail between physical hosts and that requires one name that will resolve to
an IP. Even if the server is hosting multiple domains, the mail for each
still has to use the one "mailname" for transport.

Hence my original question.

-Tom

Re: Choice of "mailname" for mail server: suggestions welcome

2020-02-21 Thread john doe

On 2/21/2020 12:09 PM, Tom Browder wrote:
> I am preparing servers to use with OpenSMTPD and Sympa to provide mail and
> mailing list service.
>
> I need to settle on names to define as the "mailname" for each the two
> servers I will designate for the DNS MX records for all my mail-enabled
> domains. The mailnames should be "fully qualified domain names" (FQDNs) so
> they will have names like:
>
> + mail.example.com
> + smtp.example.com
> + mx.example.com
>
> Does anyone have strong reasons to use one over another, or any other
> choice?
>

I might be missing something here but the domain name is what you
buy/what you get.

If your planning to use split DNS, 'internal' and 'external' could be
one option.

For the lists, 'lists.example.com' might not be a bad idea.

You can also use cname record to point to the same thing.

--
John Doe

Choice of "mailname" for mail server: suggestions welcome

I am preparing servers to use with OpenSMTPD and Sympa to provide mail and
mailing list service.

I need to settle on names to define as the "mailname" for each the two
servers I will designate for the DNS MX records for all my mail-enabled
domains. The mailnames should be "fully qualified domain names" (FQDNs) so
they will have names like:

+ mail.example.com
+ smtp.example.com
+ mx.example.com

Does anyone have strong reasons to use one over another, or any other
choice?

Thanks for any help.

Best regards,

-Tom

Re: blocking 465 connections to mail server for specific IP address without using fail2ban

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

The script needs more work it is not exim4-exploiters, it is for
repeated failed logins.

As it is now, it will treat any single failure as one to ban and that
is only going to cause trouble.  Although users should be logged in
normally and will likely have passwords saved in their clients so when
they try to send emails, they can only do so as authenticated and they
will be properly authenticated every time unless they are manually
logging in to simple do an smtp auth send so it might not be so
bad, I may just need to rename the ipsets, but I'll think about it
some more.

Anyway, it's a good start.

Cheers
A.
-BEGIN PGP SIGNATURE-

iHUEAREIAB0WIQTJAoMHtC6YydLfjUOoFmvLt+/i+wUCXQ6lgwAKCRCoFmvLt+/i
+0d1AP9tNbfrC62Ts/dWoDFaGH18qa05IvvUyiZnIb82zZtN4gEAoKNToikHpnaW
DQuxWFxLjruS3NWgMIKv/H3xiXZsqRE=
=JJ18
-END PGP SIGNATURE-

Re: blocking 465 connections to mail server for specific IP address without using fail2ban

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Slightly improved shell script, uses iprange once and conflates both
lists together.


#!/bin/bash

declare -a tcp25_set tcp465_set tcp_25_465_set

banned_ports_list=25,465,993,995

logwatch_file=/var/log/exim4/logwatch-email-20190622a.eml


# NB iprange will cleanup and uniquely sort the ip addresses list
#  - this /may/ also conflate plain ip entries to CIDR entries

tcp25_set=(
$(
grep 'login_saslauthd authenticator failed for.*:25:' \
 "${logwatch_file}" | sed \
-e 's/^.*login_saslauthd authenticator failed for //' \
-e 's/^(.*) //' -e 's/:.*$//'|tr -d '\[\]'|sort -u
)
)

tcp465_set=(
$(
grep 'login_saslauthd authenticator failed for.*:465:' \
 "${logwatch_file}" | sed \
-e 's/^.*login_saslauthd authenticator failed for //' \
-e 's/^(.*) //' -e 's/:.*$//'|tr -d '\[\]'|sort -u
)
)

# create sorted & unique ip set tcp_25_465_set
tcp_25_465_set=(
$(
(
printf "%s\n" "${tcp25_set[@]}"
printf "%s\n" "${tcp465_set[@]}"
) |iprange
)
)

# delete iptables rules if they exist
iptables -D INPUT -p tcp -m multiport --dports "${banned_ports_list}" \
-m set --match-set bad-exim4-exploiters-net src -j DROP

iptables -D INPUT -p tcp -m multiport --dports "${banned_ports_list}" \
-m set --match-set bad-exim4-exploiters-ip  src -j DROP

# destroy ipset bad-exim4-exploiters lists (if they exist)
ipset destroy bad-exim4-exploiters-net
ipset destroy bad-exim4-exploiters-ip

# create new ipset lists
ipset create  bad-exim4-exploiters-net  hash:net
ipset create  bad-exim4-exploiters-ip   hash:ip

# add entries for ipset bad-exim4-exploiters lists
for badip in "${tcp_25_465_set[@]}"
do
# only add entries if they are not already existing
if [[ -z "${badip##*\/*}" ]]
then
ipset add bad-exim4-exploiters-net "${badip}" -exist
else
ipset add bad-exim4-exploiters-ip  "${badip}" -exist
fi
done

# add iptables rules to use ipsets
iptables -I INPUT -p tcp -m multiport --dports "${banned_ports_list}" \
-m set --match-set bad-exim4-exploiters-net src -j DROP

iptables -I INPUT -p tcp -m multiport --dports "${banned_ports_list}" \
-m set --match-set bad-exim4-exploiters-ip  src -j DROP


-BEGIN PGP SIGNATURE-

iHUEAREIAB0WIQTJAoMHtC6YydLfjUOoFmvLt+/i+wUCXQ49YAAKCRCoFmvLt+/i
+2PwAP0eneL250uCwwz2Mb1yZlgNJjwWIrzgWXirvSCthM8JJAD+Kzioc/WgCtnA
YG89Zzv/AxgiLPlJJZ3INQ3eGLlFKiQ=
=vGhQ
-END PGP SIGNATURE-

Re: blocking 465 connections to mail server for specific IP address without using fail2ban

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Hi,

On 22/6/19 6:24 pm, john doe wrote:
>> I've blacklisted quite a number of IP addresses and CIDR blocks
>> from delivering email to my server with entries in the 
>> /etc/exim4/local_host_blacklist file.
>> 
>> Is there any config file that I can easily use to block 465
>> login attempts from bad IP addresses and CIDR blocks?
>> 
>> If there is no simple config file, what can I do without
>> resorting to use of fail2ban so that I can use a curated list of
>> blocked IP addresses.  I'm not sure I want to use iptables for
>> this either.
>> 
>> I /may/ end up blocking the IPs at the firewall (OPN Sense) level
>> yet.
> 
> Instead of files, I probably would use 'ipset', that way, you can
> use the ipset in exim iptables ...


Thanks!

Okay this might help someone else, here are the details of my
solution, it requires the iprange package and a logwatch email to do
the job.

Cheers
A.


References:

http://ipset.netfilter.org/
https://wiki.archlinux.org/index.php/Ipset

https://unix.stackexchange.com/questions/67738/ip-set-to-block-access-to
- -exim-and-dovecot



other possible useful references:
https://firewalld.org/documentation/



#!/bin/bash

declare -a tcp25_set tcp465_set

banned_ports_list=25,465,993,995

logwatch_file=/var/log/exim4/logwatch-email-20190622a.eml


# NB iprange will cleanup and uniquely sort the ip addresses list
#  - this /may/ also conflate plain ip entries to CIDR entries

tcp25_set=(
$(
grep 'login_saslauthd authenticator failed for.*:25:' \
"${logwatch_file}" | sed \
-e 's/^.*login_saslauthd authenticator failed for //' \
-e 's/^(.*) //' -e 's/:.*$//'|tr -d '\[\]'|iprange
)
)

tcp465_set=(
$(
grep 'login_saslauthd authenticator failed for.*:465:' \
"${logwatch_file}" | sed \
-e 's/^.*login_saslauthd authenticator failed for //' \
-e 's/^(.*) //' -e 's/:.*$//'|tr -d '\[\]'|iprange
)
)

# delete iptables rules if they exist
iptables -D INPUT -p tcp -m multiport --dports "${banned_ports_list}" \
-m set --match-set bad-exim4-exploiters-net src -j DROP

iptables -D INPUT -p tcp -m multiport --dports "${banned_ports_list}" \
-m set --match-set bad-exim4-exploiters-ip  src -j DROP

# destroy ipset bad-exim4-exploiters lists (if they exist)
ipset destroy bad-exim4-exploiters-net
ipset destroy bad-exim4-exploiters-ip

# create new ipset lists
ipset create  bad-exim4-exploiters-net  hash:net
ipset create  bad-exim4-exploiters-ip   hash:ip

# add entries for ipset bad-exim4-exploiters lists
for badip in "${tcp25_set[@]}" "${tcp465_set[@]}"
do
# only add entries if they are not already existing
if [[ -z "${badip##*\/*}" ]]
then
ipset add bad-exim4-exploiters-net "${badip}" -exist
else
ipset add bad-exim4-exploiters-ip  "${badip}" -exist
fi
done

# add iptables rules to use ipsets
iptables -I INPUT -p tcp -m multiport --dports "${banned_ports_list}" \
-m set --match-set bad-exim4-exploiters-net src -j DROP

iptables -I INPUT -p tcp -m multiport --dports "${banned_ports_list}" \
-m set --match-set bad-exim4-exploiters-ip  src -j DROP

-BEGIN PGP SIGNATURE-

iHUEAREIAB0WIQTJAoMHtC6YydLfjUOoFmvLt+/i+wUCXQ44bQAKCRCoFmvLt+/i
+091AP0RiZcP/+O2R8tzXZ0OwpSiRjmUDYGbJXo47nkJDD2WUQD/W8AZR/DRQuon
OY7rgvU6fPEz3M7mdWUppSxSqaiLHUc=
=8AnG
-END PGP SIGNATURE-

Re: blocking 465 connections to mail server for specific IP address without using fail2ban

2019-06-22 Thread john doe

> Hi,
>
> I've blacklisted quite a number of IP addresses and CIDR blocks from
> delivering email to my server with entries in the
> /etc/exim4/local_host_blacklist file.
>
> Is there any config file that I can easily use to block 465 login
> attempts from bad IP addresses and CIDR blocks?
>
> If there is no simple config file, what can I do without resorting to
> use of fail2ban so that I can use a curated list of blocked IP
> addresses.  I'm not sure I want to use iptables for this either.
>
> I /may/ end up blocking the IPs at the firewall (OPN Sense) level yet.
>
>

Instead of files, I probably would use 'ipset', that way, you can use
the ipset in exim iptables ...

--
John Doe

blocking 465 connections to mail server for specific IP address without using fail2ban

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Hi,

I've blacklisted quite a number of IP addresses and CIDR blocks from
delivering email to my server with entries in the
/etc/exim4/local_host_blacklist file.

Is there any config file that I can easily use to block 465 login
attempts from bad IP addresses and CIDR blocks?

If there is no simple config file, what can I do without resorting to
use of fail2ban so that I can use a curated list of blocked IP
addresses.  I'm not sure I want to use iptables for this either.

I /may/ end up blocking the IPs at the firewall (OPN Sense) level yet.

- -- 
Kind Regards
AndrewM

Andrew McGlashan
-BEGIN PGP SIGNATURE-

iHUEAREIAB0WIQTJAoMHtC6YydLfjUOoFmvLt+/i+wUCXQ3XpwAKCRCoFmvLt+/i
+1m2AQC3UI8NrRBM/Z1zoRWA4i6zQbyLbt0dGRsILlPHTTQp+wEAjN4S3rSewR3G
BdfMh0Uzir8r4IRtMuLKPAQ42mAEAHc=
=T3vu
-END PGP SIGNATURE-

Re: SMTP error from remote mail server after RCPT TO:<debian-user@lists.debian.org>

2018-02-19 Thread Curt

On 2018-02-19, Liam O'Toole <liam.p.oto...@gmail.com> wrote:
> On 2018-02-19, Curt <cu...@free.fr> wrote:
>> On 2018-02-18, Karol Augustin <ka...@augustin.pl> wrote:
>>>> 
>>>>  A message that you sent could not be delivered to one or more of its
>>>>  recipients. This is a permanent error. The following address(es) failed:
>>>> 
>>>>debian-user@lists.debian.org
>>>>  SMTP error from remote mail server after RCPT
>>>> TO:<debian-user@lists.debian.org>:
>>>>  host bendel.debian.org [82.195.75.100]: 554 5.1.8
>>>> <gldu-debian-use...@m.gmane.org>:
>>>>  Sender address rejected: Domain not found
>>>> 
>>>> Domain not found. This is quite sudden; it worked, now it ain't
>>>> working. 'gmane.org' is
>>>> the domain that is not currently being found? This all seems outside
>>>> of my purview (beyond
>>>> abandoning gmane, I suppose).
>>>
>>> There is no MX, A or  record for m.gmane.org, so it is not possible
>>> to send you mail to address gldu-debian-use...@m.gmane.org and that is
>>> why the mail is rejected.
>>
>>
>> Well, I've been posting in exactly same manner for the totality of my
>> presence here (through the gmane news to mail gateway--or mail to news
>> gateway--or whatever the hell it is or was).
>
> Same here, but using the server news.gmane.org.
>

Me too, me too, news.gmane.org is (was) my server.

 From your headers up there yonder:
 Old-Return-Path: <gldu-debian-use...@m.gmane.org>
   **

I don't know what happened exactly (perhaps just a temporary anomaly or
glitch of some kind, or something to do with the vast international conspiracy
against the Gallic nation), but I switched to 
http://lists.bofh.it/listinfo/linux-gate 
painlessly this morning.

Thank you.



-- 
New York was no mere city. It was instead an infinitely romantic notion, the
mysterious nexus of all love and money and power, the shining and the
perishable dream itself. To think of 'living' there was to reduce the
miraculous to the mundane; one does not 'live' at Xanadu. --Joan Didion

Re: SMTP error from remote mail server after RCPT TO:<debian-user@lists.debian.org>

2018-02-19 Thread Liam O'Toole

On 2018-02-19, Curt <cu...@free.fr> wrote:
> On 2018-02-18, Karol Augustin <ka...@augustin.pl> wrote:
>>> 
>>>  A message that you sent could not be delivered to one or more of its
>>>  recipients. This is a permanent error. The following address(es) failed:
>>> 
>>>debian-user@lists.debian.org
>>>  SMTP error from remote mail server after RCPT
>>> TO:<debian-user@lists.debian.org>:
>>>  host bendel.debian.org [82.195.75.100]: 554 5.1.8
>>> <gldu-debian-use...@m.gmane.org>:
>>>  Sender address rejected: Domain not found
>>> 
>>> Domain not found. This is quite sudden; it worked, now it ain't
>>> working. 'gmane.org' is
>>> the domain that is not currently being found? This all seems outside
>>> of my purview (beyond
>>> abandoning gmane, I suppose).
>>
>> There is no MX, A or  record for m.gmane.org, so it is not possible
>> to send you mail to address gldu-debian-use...@m.gmane.org and that is
>> why the mail is rejected.
>
>
> Well, I've been posting in exactly same manner for the totality of my
> presence here (through the gmane news to mail gateway--or mail to news
> gateway--or whatever the hell it is or was).

Same here, but using the server news.gmane.org.

-- 

Liam

Re: SMTP error from remote mail server after RCPT TO:<debian-user@lists.debian.org>

2018-02-19 Thread Curt

On 2018-02-18, Karol Augustin <ka...@augustin.pl> wrote:
>> 
>>  A message that you sent could not be delivered to one or more of its
>>  recipients. This is a permanent error. The following address(es) failed:
>> 
>>debian-user@lists.debian.org
>>  SMTP error from remote mail server after RCPT
>> TO:<debian-user@lists.debian.org>:
>>  host bendel.debian.org [82.195.75.100]: 554 5.1.8
>> <gldu-debian-use...@m.gmane.org>:
>>  Sender address rejected: Domain not found
>> 
>> Domain not found. This is quite sudden; it worked, now it ain't
>> working. 'gmane.org' is
>> the domain that is not currently being found? This all seems outside
>> of my purview (beyond
>> abandoning gmane, I suppose).
>
> There is no MX, A or  record for m.gmane.org, so it is not possible
> to send you mail to address gldu-debian-use...@m.gmane.org and that is
> why the mail is rejected.


Well, I've been posting in exactly same manner for the totality of my
presence here (through the gmane news to mail gateway--or mail to news
gateway--or whatever the hell it is or was).

But if this post gets through that demonstrates that I never really
needed that particular service in the first place (or that a cat
can be skinned in multiple ways).

>
> k.
>
>


-- 
New York was no mere city. It was instead an infinitely romantic notion, the
mysterious nexus of all love and money and power, the shining and the
perishable dream itself. To think of 'living' there was to reduce the
miraculous to the mundane; one does not 'live' at Xanadu. --Joan Didion

Re: SMTP error from remote mail server after RCPT TO:<debian-user@lists.debian.org>

2018-02-18 Thread Karol Augustin

On 2018-02-18 10:19, Curt Saltzman wrote:
> The last two messages I sent through gmane.org have bounced back to me.
> 
>  This message was created automatically by mail delivery software.
> 
>  A message that you sent could not be delivered to one or more of its
>  recipients. This is a permanent error. The following address(es) failed:
> 
>debian-user@lists.debian.org
>  SMTP error from remote mail server after RCPT
> TO:<debian-user@lists.debian.org>:
>  host bendel.debian.org [82.195.75.100]: 554 5.1.8
> <gldu-debian-use...@m.gmane.org>:
>  Sender address rejected: Domain not found
> 
> Domain not found. This is quite sudden; it worked, now it ain't
> working. 'gmane.org' is
> the domain that is not currently being found? This all seems outside
> of my purview (beyond
> abandoning gmane, I suppose).

There is no MX, A or  record for m.gmane.org, so it is not possible
to send you mail to address gldu-debian-use...@m.gmane.org and that is
why the mail is rejected.


k.


-- 
Karol Augustin
ka...@augustin.pl
http://karolaugustin.pl/
+353 85 775 5312

SMTP error from remote mail server after RCPT TO:<debian-user@lists.debian.org>

2018-02-18 Thread Curt Saltzman



The last two messages I sent through gmane.org have bounced back to me.

 This message was created automatically by mail delivery software.

 A message that you sent could not be delivered to one or more of its
 recipients. This is a permanent error. The following address(es) failed:

   debian-user@lists.debian.org
 SMTP error from remote mail server after RCPT 
TO:<debian-user@lists.debian.org>:
 host bendel.debian.org [82.195.75.100]: 554 5.1.8 
<gldu-debian-use...@m.gmane.org>:
 Sender address rejected: Domain not found

Domain not found. This is quite sudden; it worked, now it ain't working. 
'gmane.org' is
the domain that is not currently being found? This all seems outside of my 
purview (beyond
abandoning gmane, I suppose).

Mail server needs upgrade

2014-03-03 Thread Arnold Bird

My mail was duplicated 4 times due to random timings of mail.
Sometimes they would go right away, some would lag for 60 min!

Sorry for the duplicates.

_
Free e-mail, simple, clean and easy to use. Visit CosmicEmail.com for your 
instant free account.


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20140303160356.529de...@m0005296.ppops.net

mail server ayarları

2012-09-24 Thread Mehmet Ak

Merhaba arkadaşlar. Bir acentenin mail server işi için teklif vermem lazım.
2 milyon email adresi var.

Spama takılmadan mail gönderebilrmesi için nasıl bir sistem kurmalıyım .
Yardımlarınız için şimdiden teşekkürler.

Re: mail server

2012-07-31 Thread Muhammad Yousuf Khan

On Mon, Jul 30, 2012 at 7:58 PM, Camaleón noela...@gmail.com wrote:
On Sun, 29 Jul 2012 20:21:53 +0500, Muhammad Yousuf Khan wrote:

On Sun, Jul 29, 2012 at 6:44 PM, Camaleón noela...@gmail.com wrote:

(...)

since we fetch the email via pop and sent via smtp the problem is i
need to make backup of individual PST.

What? I don't get this... you mean you need to migrate the e-mails and
other stuff from Outlook clients to the new e-mailing service?

ok our 20 users fetching their emails from our hosted server. which is
maintained by our service provider. and we are keeping 3 months of
emails on our mail server and in case of email lost we can not recover
it since we have no backup. so my proposal to my management is if we
place a centralized mail server we can make backup of users email from
our mail server and old mail can also be restored. you can call it
migrating or shifting :). but the purpose of the whole idea is to
backup all emails and to provide more options to the users like web
access and our users will be independent from our service provider and
will be coordinating directly with me in any problem..

Then I guess the recipe I provided before it suits your needs.

To migrate the current messages to your new-owned system you can use a
dummy IMAP account to copy/paste (or simply move) the e-mails between
the remote server and your which will work regardless the MUA in use.

Once all of the accounts are created in your own e-mail server and
working you can start polling the new messages from your remote server
using fetchmail/getmail and configure your users e-mail clients to
contact your e-mail server (via imap/pop3) instead your hosted one.

Thanks, its been very helpful.

Greetings,

--
Camaleón

--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/jv67f3$ltk$7...@dough.gmane.org

--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive:
http://lists.debian.org/cagwvfmk0fry6hcphxb+76sokke0o0amcsuddcdjwyogszy3...@mail.gmail.com

Re: mail server

2012-07-30 Thread Camaleón

On Sun, 29 Jul 2012 20:21:53 +0500, Muhammad Yousuf Khan wrote:

 On Sun, Jul 29, 2012 at 6:44 PM, Camaleón noela...@gmail.com wrote:

(...)

 since we fetch the email via pop and sent via smtp the problem is i
 need to make backup of individual PST.

 What? I don't get this... you mean you need to migrate the e-mails and
 other stuff from Outlook clients to the new e-mailing service?
 
 ok our 20 users fetching their emails from our hosted server. which is
 maintained by our service provider. and we are keeping 3 months of
 emails on our mail server and in case of email lost we can not recover
 it since we have no backup. so my proposal to my management is if we
 place a centralized mail server we can make backup of users email from
 our mail server and old mail can also be restored. you can call it
 migrating or shifting :). but the purpose of the whole idea is to
 backup all emails and to provide more options to the users like web
 access and our users will be independent from our service provider and
 will be coordinating directly with me in any problem..

Then I guess the recipe I provided before it suits your needs.

To migrate the current messages to your new-owned system you can use a 
dummy IMAP account to copy/paste (or simply move) the e-mails between 
the remote server and your which will work regardless the MUA in use.

Once all of the accounts are created in your own e-mail server and 
working you can start polling the new messages from your remote server 
using fetchmail/getmail and configure your users e-mail clients to 
contact your e-mail server (via imap/pop3) instead your hosted one.

Greetings,

-- 
Camaleón


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/jv67f3$ltk$7...@dough.gmane.org

Re: mail server

2012-07-29 Thread Camaleón

On Sun, 29 Jul 2012 00:52:48 +0500, Muhammad Yousuf Khan wrote:

 On Sat, Jul 28, 2012 at 6:51 PM, Camaleón noela...@gmail.com wrote:
 On Sat, 28 Jul 2012 18:01:09 +0500, Muhammad Yousuf Khan wrote:

 actually i have spent 3 years working with Mailer daemon v7.0 so when
 ever some one say a name mail server unintentionally mailer daemon
 comes in my mind. this is my first time that i am implementing MTA on
 linux.since i have just started to shift from Microsoft to Linux.
 there is lot to learn.

 I first switched -time ago- from MDaemon (v3.2) when I installed a
 Linux system and had to select a good replacement for it.

 Hint: write down in a paper what's your current mail system data flow
 (user's mailboxes, incoming/outgoing messages, filter needings,
 anti-spam/ malware needings, local/remote connections...), what are
 your current requirements and what are the tasks that MDaemon is doing
 right now. This will help you to get the big picture for a better
 understanding.

 sorry i think i explain a bit wrong. i was using Mdeamon in my last
 company my current company is fetching emails from mail server from our
 service provider.

Ah, okay :-)

 since we fetch the email via pop and sent via smtp the problem is i need
 to make backup of individual PST. 

What? I don't get this... you mean you need to migrate the e-mails and 
other stuff from Outlook clients to the new e-mailing service?

 therefore i presented the idea to management for IMAP. 

Well, yes, IMAP is good for migrating messages but can be slow if there 
are thousand messages to move or copy and/or if the IMAP server is 
accessed over Internet (I mean, not locally).

 so i think my basic need are. POP emails from hosted server. 

If you mean to fecth POP e-mails from your server to place them in your 
own server, Fetchmail or Getmail can do the jobs as I already told you.

Once the messages are in your server, they can be accessed locally via 
POP, IMAP or directly put into the user's home.

 IMAP for local users, 

Good.

 ldap for AddressBook/contents update. 

OpenLDAP can hold this but it can take you some time to configure it. For 
a bunch of users maybe you should reconsider it.

 spam filter and antivirus scan.

Antispam is necessary, the AV only when supporting windows clients.

 and obviously Web access for clients. 

Then you have to add a web server and a webmail service :-)

 and i dont know if SQL database is better then local mail folders. 
 because mdeamon use to store data in a folder. but i think SQL is much
 more better then that.

A SQL datadase for storing 20 users is a bit overwhelming, IMO. It will 
require an extra component (MySQL, PostgresSQL or SQLite) and the benefit 
of having a database for that small amount of users can be unnoticed.

Greetings,

-- 
Camaleón


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/jv3eni$vb5$5...@dough.gmane.org

Re: mail server

2012-07-29 Thread Muhammad Yousuf Khan

On Sun, Jul 29, 2012 at 6:44 PM, Camaleón noela...@gmail.com wrote:
On Sun, 29 Jul 2012 00:52:48 +0500, Muhammad Yousuf Khan wrote:

On Sat, Jul 28, 2012 at 6:51 PM, Camaleón noela...@gmail.com wrote:
On Sat, 28 Jul 2012 18:01:09 +0500, Muhammad Yousuf Khan wrote:

actually i have spent 3 years working with Mailer daemon v7.0 so when
ever some one say a name mail server unintentionally mailer daemon
comes in my mind. this is my first time that i am implementing MTA on
linux.since i have just started to shift from Microsoft to Linux.
there is lot to learn.

I first switched -time ago- from MDaemon (v3.2) when I installed a
Linux system and had to select a good replacement for it.

Hint: write down in a paper what's your current mail system data flow
(user's mailboxes, incoming/outgoing messages, filter needings,
anti-spam/ malware needings, local/remote connections...), what are
your current requirements and what are the tasks that MDaemon is doing
right now. This will help you to get the big picture for a better
understanding.

sorry i think i explain a bit wrong. i was using Mdeamon in my last
company my current company is fetching emails from mail server from our
service provider.

Ah, okay :-)

since we fetch the email via pop and sent via smtp the problem is i need
to make backup of individual PST.

What? I don't get this... you mean you need to migrate the e-mails and
other stuff from Outlook clients to the new e-mailing service?

ok our 20 users fetching their emails from our hosted server. which is
maintained by our service provider. and we are keeping 3 months of
emails on our mail server and in case of email lost we can not recover
it since we have no backup. so my proposal to my management is if we
place a centralized mail server we can make backup of users email from
our mail server and old mail can also be restored. you can call it
migrating or shifting :). but the purpose of the whole idea is to
backup all emails and to provide more options to the users like web
access and our users will be independent from our service provider
and will be coordinating directly with me in any problem..

therefore i presented the idea to management for IMAP.

Well, yes, IMAP is good for migrating messages but can be slow if there
are thousand messages to move or copy and/or if the IMAP server is
accessed over Internet (I mean, not locally).

so i think my basic need are. POP emails from hosted server.

If you mean to fecth POP e-mails from your server to place them in your
own server, Fetchmail or Getmail can do the jobs as I already told you.

Once the messages are in your server, they can be accessed locally via
POP, IMAP or directly put into the user's home.

IMAP for local users,

Good.

ldap for AddressBook/contents update.

OpenLDAP can hold this but it can take you some time to configure it. For
a bunch of users maybe you should reconsider it.

spam filter and antivirus scan.

Antispam is necessary, the AV only when supporting windows clients.

and obviously Web access for clients.

Then you have to add a web server and a webmail service :-)

and i dont know if SQL database is better then local mail folders.
because mdeamon use to store data in a folder. but i think SQL is much
more better then that.

A SQL datadase for storing 20 users is a bit overwhelming, IMO. It will
require an extra component (MySQL, PostgresSQL or SQLite) and the benefit
of having a database for that small amount of users can be unnoticed.

Greetings,

--
Camaleón

--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive:
http://lists.debian.org/cagwvfmnpebjy4dj1_gyn77+sb+1bbg6dtqjngmnhl7ywnxo...@mail.gmail.com

Re: mail server

2012-07-29 Thread Joe

On Sun, 29 Jul 2012 20:21:53 +0500
Muhammad Yousuf Khan sir...@gmail.com wrote:

 
 ok our 20 users fetching their emails from our hosted server. which is
 maintained by our service provider. and we are keeping 3 months of
 emails on our mail server and in case of email lost we can not recover
 it since we have no backup. so my proposal to my management is if we
 place a centralized mail server we can make backup of users email from
 our mail server and old mail can also be restored. you can call it
 migrating or shifting :). but the purpose of the whole idea is to
 backup all emails and to provide more options to the users like web
 access  and our users will be independent from our service provider
 and will be coordinating directly with me in any problem..

Under normal circumstances, the receiving MTA deposits email in files
or folders in the user's home directory on the server, as plain text.
The user would normally access this mail by webmail, POP or IMAP,
though he can open the emails with a text editor from within the home
folder.

This makes it difficult to lose many emails at one time, a single email
corrupted by a bad file transfer will not affect any others. If you use
an SQL server to store emails, as Microsoft Exchange does, there is the
possibility of a large number of emails being lost in the case of a
file corruption. If, in addition, you encrypt the database for
security, you can pretty much throw it away if it gets corrupted, there
will be little chance of recovery of any of it. You gain a lot in
security and centralised backup, but problems can be much more serious.

If you decide to go with simple text email storage in IMAP folders
mapped to real directories, you can configure the MTA to deliver
everyones' emails to individual folders but in a central location
instead of their home directories, for ease of single backup.
 
 
 
  therefore i presented the idea to management for IMAP.
 
  Well, yes, IMAP is good for migrating messages but can be slow if
  there are thousand messages to move or copy and/or if the IMAP
  server is accessed over Internet (I mean, not locally).
 
  so i think my basic need are. POP emails from hosted server.
 
  If you mean to fecth POP e-mails from your server to place them in
  your own server, Fetchmail or Getmail can do the jobs as I already
  told you.
 
  Once the messages are in your server, they can be accessed locally
  via POP, IMAP or directly put into the user's home.
 
  IMAP for local users,
 
  Good.
 
  ldap for AddressBook/contents update.
 
  OpenLDAP can hold this but it can take you some time to configure
  it. For a bunch of users maybe you should reconsider it.
 

At the moment, email clients seem only to be able to access remote
email directories using LDAP. If you want a central, shared address
book, LDAP appears to be the only option. I run OpenLDAP on my server
solely to provide about forty email addresses to a mixture of clients
and operating systems on three or four machines. I'd quite like to use
an SQL server, which I do use for many other things, but email clients
haven't quite got around to dealing with SQL servers yet. I've yet to
see one capable of actually saving new contacts to an LDAP server, I
have a web application to add new entries, which cannot be integrated
with any email client. But it's the only game in town...

Every now and then, I look around to see if there is a simple LDAP-SQL
gateway (LDAP queries for address books are fairly simple, and map
easily to SQL) but I haven't found one yet, and I don't have the time
to write one.

  spam filter and antivirus scan.
 
  Antispam is necessary, the AV only when supporting windows clients.
 
  and obviously Web access for clients.
 
  Then you have to add a web server and a webmail service :-)

Difficult to imagine a server that does not do web serving.
 
  and i dont know if SQL database is better then local mail folders.
  because mdeamon use to store data in a folder. but i think SQL is
  much more better then that.

Better in some ways, worse in others. Google for exchange mailbox
recovery. Of course, you don't have to make the same mistakes as
Microsoft...

 
  A SQL datadase for storing 20 users is a bit overwhelming, IMO. It
  will require an extra component (MySQL, PostgresSQL or SQLite) and
  the benefit of having a database for that small amount of users can
  be unnoticed.

If you need that level of security, search and backup convenience, you
need it, no matter how many users. A lot of professions in the USA are
required to use a specified level of security in their IT systems, so
it is only a matter of time before an EU directive forbids the use of
plain text files to store email...

-- 
Joe


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20120729193056.62a48...@jretrading.com

Re: mail server

On Sat, Jul 28, 2012 at 8:34 AM, Brad Alexander stor...@gmail.com wrote:
On Wed, Jul 25, 2012 at 8:20 AM, J. B baksh...@gmail.com wrote:
On Wed, 25 Jul 2012 19:58:39 +0800
Umarzuki Mochlis umarz...@gmail.com wrote:

2012/7/25 Muhammad Yousuf Khan sir...@gmail.com:
need suggestions, i know there are few populer mail servers like
postfix, sandmail etc out there.

here is some details about my office.

1. 20 users.
2. pop from main server
3. send via SMTP
4. local mail distribution IMAP

i am not looking in to easy or hard mail server. what i am looking is
it should be good for my carrier and for my office too.
secure, stable, web base console etc.

btw, i have heard that there is a mailserver called zimbra. but i
think debian is not natively supporting it.

any help would be appreciable.

check iredmail. Easy to install.

zimbra mail server
ispmail server

I wouldn't run zimbra unless you have pretty powerful hardware. I ran
zimbra on a p4 with 1.5gb of ram and was rebooting it weekly. The java
processes would deplete memory in that time.

I have since replaced it with a much lighter vm running postfix +
dovecot (imap/pop server) + roundcube (webmail).

--b

is there any good howto on Debian Squeeze on following tools

-postfidx
-dovecot
-postfixadmin (web interface)
-roundcube
-spamassassin
-clamv

btw i have a question in my mind . postfix is mail server. but the
question raising in my mind if postfix is the complete server then why
we have to add several other tools like mentioned above
(dovecot,spamassassin etc) ?

--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive:
http://lists.debian.org/cakmzw+btd1noagkdi30mhrns2cypamrgcugap8ggeqmsz9n...@mail.gmail.com

--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive:
http://lists.debian.org/CAGWVfM=3-994=ybp1tbhvk3zy7qb3pjna34y_jvgc+nk25l...@mail.gmail.com

Re: mail server

2012-07-28 Thread Andrei POPESCU

On Sb, 28 iul 12, 12:53:19, Muhammad Yousuf Khan wrote:
 
 is there any good howto on Debian Squeeze on following tools
 
 -postfidx
 -dovecot
 -postfixadmin (web interface)
 -roundcube
 -spamassassin
 -clamv
 
 btw i have a question in my mind . postfix is mail server. but the
 question raising in my mind if postfix is the complete server then why
 we have to add several other tools like mentioned above
 (dovecot,spamassassin etc) ?

Depends on what you consider a complete server. Mail is being 
sent/received only via SMTP, which is handled entirely by postfix. This 
means it is quite possible to run a mail server with postfix alone.

However, you probably want users to be able to access the received mail 
without logging in on the mail server (as a matter of policy or 
convenience or both). Because of this you need dovecot and roundcube.

Spamassasin and clamav are needed for spam and virus filtering, which 
would not make sense to integrate in a mail transport agent.

Postfixadmin is just for your convenience.

Kind regards,
Andrei
-- 
Offtopic discussions among Debian users and developers:
http://lists.alioth.debian.org/mailman/listinfo/d-community-offtopic


signature.asc
Description: Digital signature

Re: mail server

2012-07-28 Thread Jochen Spieker

Muhammad Yousuf Khan:
 
 btw i have a question in my mind . postfix is mail server. but the
 question raising in my mind if postfix is the complete server then why
 we have to add several other tools like mentioned above
 (dovecot,spamassassin etc) ?

When Unix/Linux people talk about mail servers, they usually mean MTAs
(mail transport agents). That's the software that talks SMTP and moves
mail between systems, e.g. from your mail host to the mail server of
your recipient and vice versa. Postfix is a quite popular MTA, even
though Debian defaults to Exim.

Dovecot is an IMAP and POP3 server. Its purpose is to make mail
accessible to your users in case they use a mail user agent (Outlook,
Thunderbird/Iceweasel, mutt etc.).

Roundcube does the same, but by using a web interface instead of using
IMAP/POP. You can always offer both because Roundcube needs an IMAP
server in the background anyway.

Spamassassin is a mail filtering tool that your MTA can use in order to
decide to reject or silently delete unwanted mail. There are other
programs with a similar functionality.

The Unix philosophy is still one job, one tool. And for each job you
can pick the tool most suitable to you from a variety of alternatives.

The downside is that you have to learn all those tools and how to plug
them together. The upside is that you learn all those tools. :) That
helps to diagnose problems and solve specific requirements in your
environment.

The all-in-one approach is probably ok for closed systems, maybe without
a dedicated administrator. In case of Zimbra you get additional
groupware functionality , like a calendar service. For external mail
routing, personally I would always pick one of the standard MTAs. For
office environments, people mix both approaches by using a standard MTA
for external communication and use some kind of groupware internally.

J.
-- 
I lust after strangers but only date people from the office.
[Agree]   [Disagree]
 http://www.slowlydownward.com/NODATA/data_enter2.html


signature.asc
Description: Digital signature

Re: mail server

2012-07-28 Thread Brad Alexander

On Sat, Jul 28, 2012 at 3:53 AM, Muhammad Yousuf Khan sir...@gmail.com wrote:

 -postfidx
 -dovecot
 -postfixadmin (web interface)
 -roundcube
 -spamassassin
 -clamv

 btw i have a question in my mind . postfix is mail server. but the
 question raising in my mind if postfix is the complete server then why
 we have to add several other tools like mentioned above
 (dovecot,spamassassin etc) ?

Postfix (and sendmail and it's ilk) are actually known as Mail
Tranport Agents (MTAs). They are responsible for getting the mail from
point A to point B. The other pieces are responsible for routing the
mail locally (the mail user agent -- MUA), classifying and eliminating
SPAM, etc. Think of the MTA as the airport. The MTA's responsibility
is only to get you from one airport to the other, you (or the MUA) are
responsible for getting from home (composing the message) to the
originating airport, and from the destination airport to your final
destination.

Make more sense?
--b


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/cakmzw+y17gyzeffghrbzx8mokfy0s5wtd1fkxpidymmpmnu...@mail.gmail.com

Re: mail server

but your individual help i have learn alot.

Thanks,

On Sat, Jul 28, 2012 at 4:55 PM, Brad Alexander stor...@gmail.com wrote:
On Sat, Jul 28, 2012 at 3:53 AM, Muhammad Yousuf Khan sir...@gmail.com
wrote:

-postfidx
-dovecot
-postfixadmin (web interface)
-roundcube
-spamassassin
-clamv

Postfix (and sendmail and it's ilk) are actually known as Mail
Tranport Agents (MTAs). They are responsible for getting the mail from
point A to point B. The other pieces are responsible for routing the
mail locally (the mail user agent -- MUA), classifying and eliminating
SPAM, etc. Think of the MTA as the airport. The MTA's responsibility
is only to get you from one airport to the other, you (or the MUA) are
responsible for getting from home (composing the message) to the
originating airport, and from the destination airport to your final
destination.

Make more sense?
--b

--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive:
http://lists.debian.org/CAGWVfMn9OzFBpwrOByvFqiAaB6Sy0aOL97H-KcfWLbpKkh=e...@mail.gmail.com

Re: mail server

On Sat, Jul 28, 2012 at 4:55 PM, Brad Alexander stor...@gmail.com wrote:
On Sat, Jul 28, 2012 at 3:53 AM, Muhammad Yousuf Khan sir...@gmail.com
wrote:

-postfidx
-dovecot
-postfixadmin (web interface)
-roundcube
-spamassassin
-clamv

Make more sense?

thanks, good example. if i say ISPs which provide SMTP relay. are
using MTA where they dont want to store emails (unlike i have to do in
office) rather just relay all the messages to destination. Correct?

--b

--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive:
http://lists.debian.org/CAGWVfMmRjY6spQCK3j_6GmQNXKPTztc9gB=9sjcsucoypbn...@mail.gmail.com

Re: mail server

2012-07-28 Thread Brad Alexander

On Sat, Jul 28, 2012 at 9:09 AM, Muhammad Yousuf Khan sir...@gmail.com wrote:

 thanks, good example. if i say ISPs which provide SMTP relay. are
 using MTA where they dont want to store emails (unlike i have to do in
 office) rather just relay all the messages to destination. Correct?

Generally correct, though it could be done a couple of ways. ISP
machines could have local messages that they have to process, e.g.
system messages such as cron output and the like, so they may still
have some manner of MUA...or they may route that type of message to a
different machine. This can be done using aliases, such as in
/etc/aliases.

--b


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/cakmzw+bsxfvt9pmfx5keorlxaorsks5nmxqxw6d3vo6n20o...@mail.gmail.com

Re: mail server

2012-07-28 Thread Camaleón

On Sat, 28 Jul 2012 18:01:09 +0500, Muhammad Yousuf Khan wrote:

 actually i have spent 3 years working with Mailer daemon v7.0 so when
 ever some one say a name mail server unintentionally mailer daemon
 comes in my mind. this is my first time that i am implementing MTA on
 linux.since i have just started to shift from Microsoft to Linux. there
 is lot to learn.

I first switched -time ago- from MDaemon (v3.2) when I installed a Linux 
system and had to select a good replacement for it. 

Hint: write down in a paper what's your current mail system data flow 
(user's mailboxes, incoming/outgoing messages, filter needings, anti-spam/
malware needings, local/remote connections...), what are your current 
requirements and what are the tasks that MDaemon is doing right now. This 
will help you to get the big picture for a better understanding.

Zimbra can be seen as a tool more in the line of what MDaemon is (an all 
in one solution providing pop3/imap/smtp/webmail/AV/filtering/
multipop...) but that can be an advantage only for the first days when 
you setup but as time passes, it will reveal that using separate tools 
for each task has more benefits that relying in just one service for the 
mail system.

Greetings,

-- 
Camaleón


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/jv0qp9$108$1...@dough.gmane.org

Re: mail server

On Sat, Jul 28, 2012 at 6:51 PM, Camaleón noela...@gmail.com wrote:
On Sat, 28 Jul 2012 18:01:09 +0500, Muhammad Yousuf Khan wrote:

I first switched -time ago- from MDaemon (v3.2) when I installed a Linux
system and had to select a good replacement for it.

Hint: write down in a paper what's your current mail system data flow
(user's mailboxes, incoming/outgoing messages, filter needings, anti-spam/
malware needings, local/remote connections...), what are your current
requirements and what are the tasks that MDaemon is doing right now. This
will help you to get the big picture for a better understanding.

sorry i think i explain a bit wrong. i was using Mdeamon in my last
company my current company is fetching emails from mail server from
our service provider.

since we fetch the email via pop and sent via smtp the problem is i
need to make backup of individual PST. therefore i presented the idea
to management for IMAP. so i think my basic need are. POP emails from
hosted server. IMAP for local users, ldap for AddressBook/contents
update. spam filter and antivirus scan. and obviously Web access for
clients. and i dont know if SQL database is better then local mail
folders. because mdeamon use to store data in a folder. but i think
SQL is much more better then that.

Zimbra can be seen as a tool more in the line of what MDaemon is (an all
in one solution providing pop3/imap/smtp/webmail/AV/filtering/
multipop...) but that can be an advantage only for the first days when
you setup but as time passes, it will reveal that using separate tools
for each task has more benefits that relying in just one service for the
mail system.

Greetings,

--
Camaleón

--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive:
http://lists.debian.org/cagwvfmmvbh2ex5jdxuxce9j6xhdxnnpfcwhpn9feyonhpey...@mail.gmail.com

Re: Re: mail server

2012-07-28 Thread Clive Standbridge

 
 is there any good howto on Debian Squeeze on following tools
 
 -postfidx
 -dovecot
 -postfixadmin (web interface)
 -roundcube
 -spamassassin
 -clamv

Most of that list is covered by the tutorials at
http://workaround.org/ispmail/

I have used the tutorial for Debian Lenny and found it very helpful;
it both tells you what to do and explains things.

The tutorial has since been updated for Squeeze although I haven't
looked at that version.

-- 
Cheers,
Clive


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20120728213205.GA3480@lister.localdomain

Re: mail server

2012-07-28 Thread Chris Bannister

[Please trim your posts.]

On Sat, Jul 28, 2012 at 12:53:19PM +0500, Muhammad Yousuf Khan wrote:
 is there any good howto on Debian Squeeze on following tools

Google is your friend. It also corrects spelling mistakes. :)

 -postfidx

Web Results 1 - 10 of about 276,000 for +squeeze +postfidx +howto. (0.34 
seconds)

 -dovecot

Web Results 1 - 10 of about 65,300 for +squeeze +dovecot +howto. (0.34 seconds)

 -postfixadmin (web interface)

Web Results 1 - 10 of about 36,000 for +squeeze +postfixadmin +howto. (0.41 
seconds)

 -roundcube

Web Results 1 - 10 of about 27,200 for +squeeze +roundcube +howto. (0.31 
seconds)

 -spamassassin

Web Results 1 - 1 of about 1 for +squeeze +spamassassin +how to. (0.16 seconds)
Showing results for +squeeze +spamassassin +how to. Search instead for +squeeze 
+spamassassin +howto

 -clamv

Web Results 1 - 10 of about 24,800,000 for +squeeze +clamv +howto. (0.41 
seconds)
Did you mean: +squeeze +clamav +howto

-- 
If you're not careful, the newspapers will have you hating the people
who are being oppressed, and loving the people who are doing the 
oppressing. --- Malcolm X


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20120729044808.GA1884@tal

Re: mail server

2012-07-27 Thread Brad Alexander

On Wed, Jul 25, 2012 at 8:20 AM, J. B baksh...@gmail.com wrote:
 On Wed, 25 Jul 2012 19:58:39 +0800
 Umarzuki Mochlis umarz...@gmail.com wrote:

 2012/7/25 Muhammad Yousuf Khan sir...@gmail.com:
  need suggestions, i know there are few populer mail servers like
  postfix, sandmail etc out there.
 
  here is some details about my office.
 
  1. 20 users.
  2. pop from main server
  3. send via SMTP
  4. local mail distribution IMAP
 
  i am not looking in to easy or hard mail server. what i am looking is
  it should be good for my carrier and  for my office too.
  secure, stable, web base console etc.
 
  btw, i have heard that there is a mailserver called zimbra. but i
  think debian is not natively supporting it.
 
  any help would be appreciable.
 

 check iredmail. Easy to install.


 zimbra mail server
 ispmail server

I wouldn't run zimbra unless you have pretty powerful hardware. I ran
zimbra on a p4 with 1.5gb of ram and was rebooting it weekly. The java
processes would deplete memory in that time.

I have since replaced it with a much lighter vm running postfix +
dovecot (imap/pop server) + roundcube (webmail).

--b


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/cakmzw+btd1noagkdi30mhrns2cypamrgcugap8ggeqmsz9n...@mail.gmail.com

Re: mail server

2012-07-26 Thread Denis Witt


On 25.07.2012 22:14, Muhammad Yousuf Khan wrote:


Thanks for letting me know these matters but i am not using it
publicly i will be downloading my emails from my hosted mail server.


Then you will have to add a tool like fetchmail to your list to 
download the mails and put them into the local mailboxes.


webmin can handle this quite well, too.

Bye.


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Archive: http://lists.debian.org/5010fd22.7050...@concepts-and-training.de

Re: mail server

2012-07-26 Thread Denis Witt


On 25.07.2012 22:17, Muhammad Yousuf Khan wrote:


how you perform basic tasks like mail-ques checking, logs, mail box
create, delete, mail restriction .etc.?


With postfix there is the command postqueue which will show you the 
current queue. With the postsuper command you can delete Mails from 
the queue.


Mail restrictions are handled in the postfix-Config directly. See 
http://www.postfix.org/RESTRICTION_CLASS_README.html for Details. Other 
rules are possible with virtual_alias and other functions, see 
http://www.postfix.org/VIRTUAL_README.html#virtual_alias.


Dovecot also support Sieve filter, http://wiki.dovecot.org/LDA/Sieve/.

Bye.


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Archive: http://lists.debian.org/50110cc6.8080...@concepts-and-training.de

Re: mail server

2012-07-26 Thread Camaleón

On Thu, 26 Jul 2012 01:17:15 +0500, Muhammad Yousuf Khan wrote:

 On Wed, Jul 25, 2012 at 7:57 PM, Camaleón noela...@gmail.com wrote:
 On Wed, 25 Jul 2012 16:52:25 +0500, Muhammad Yousuf Khan wrote:

 need suggestions, i know there are few populer mail servers like
 postfix, sandmail etc out there.

(...)

 My ingredients for the recipe:

 - Fetchmail (or getmail) for polling e-mails form your remote provider
 - Postfix (for local/remote lmtp/smtp services) - Cyrus (for
 local/remote pop/imap services) - Spamassassin (anti-spam)
 - ClamAV (antivirus if using windows stations) - Amavisd-new (I call it
 the glue because I use it to join all the pieces)

 I have no webmail (forbidden), e-mail users are stored in a separate
 database (sasl2db) and are not system users which means no login shell.


 how you perform basic tasks like mail-ques checking, logs, mail box
 create, delete, mail restriction .etc.?

IIRC, last time I checked years ago, there were some GUI based frontends 
to perform the usual operations with Cyrus and Postfix (and also webmin 
has to provide a couple of modules to manage these services) but I still 
prefer to do it manually -using the command line- because I find it to be 
more secure and less prone to errors or missconfigurations. Of course, 
this cannot be suitable for a thousand users configuration but still a 
valid option for managing a bunch of accounts.

Greetings,

-- 
Camaleón


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/jurk0a$tcf$6...@dough.gmane.org

Re: mail server

2012-07-26 Thread Denis Witt


On 26.07.2012 16:25, Camaleón wrote:


how you perform basic tasks like mail-ques checking, logs, mail box
create, delete, mail restriction .etc.?



IIRC, last time I checked years ago, there were some GUI based frontends
to perform the usual operations with Cyrus and Postfix (and also webmin
has to provide a couple of modules to manage these services) but I still
prefer to do it manually -using the command line- because I find it to be
more secure and less prone to errors or missconfigurations. Of course,


I second that.


this cannot be suitable for a thousand users configuration but still a
valid option for managing a bunch of accounts.


BTW: With Wheezy it has become very easy to set up an LDAP-Server. 
Together with LAM (LDAP Account Manager) it's very easy to maintain even 
a quite large number of users and their Mailaccounts.


But for Muhammads case (20 people) I think I would simple use system 
users with --shell=/bin/false


Bye.


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Archive: http://lists.debian.org/50115cc4.6020...@concepts-and-training.de

Re: mail server

2012-07-26 Thread Andrei POPESCU

On Jo, 26 iul 12, 10:17:38, Denis Witt wrote:
 On 25.07.2012 22:14, Muhammad Yousuf Khan wrote:
 
 Thanks for letting me know these matters but i am not using it
 publicly i will be downloading my emails from my hosted mail server.
 
 Then you will have to add a tool like fetchmail to your list to
 download the mails and put them into the local mailboxes.

getmail is nice.

 webmin can handle this quite well, too.

Do you mean for administration?

Kind regards,
Andrei
-- 
Offtopic discussions among Debian users and developers:
http://lists.alioth.debian.org/mailman/listinfo/d-community-offtopic


signature.asc
Description: Digital signature

mail server

need suggestions, i know there are few populer mail servers like
postfix, sandmail etc out there.

here is some details about my office.

1. 20 users.
2. pop from main server
3. send via SMTP
4. local mail distribution IMAP

i am not looking in to easy or hard mail server. what i am looking is
it should be good for my carrier and  for my office too.
secure, stable, web base console etc.

btw, i have heard that there is a mailserver called zimbra. but i
think debian is not natively supporting it.

any help would be appreciable.



Thanks,


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/cagwvfmk21bvtuvzbxgzvtjgpu-1tscegl-uzgluuupktban...@mail.gmail.com

Re: mail server

2012-07-25 Thread Umarzuki Mochlis

2012/7/25 Muhammad Yousuf Khan sir...@gmail.com:
 need suggestions, i know there are few populer mail servers like
 postfix, sandmail etc out there.

 here is some details about my office.

 1. 20 users.
 2. pop from main server
 3. send via SMTP
 4. local mail distribution IMAP

 i am not looking in to easy or hard mail server. what i am looking is
 it should be good for my carrier and  for my office too.
 secure, stable, web base console etc.

 btw, i have heard that there is a mailserver called zimbra. but i
 think debian is not natively supporting it.

 any help would be appreciable.


check iredmail. Easy to install.

-- 
Regards,

Umarzuki Mochlis
http://debmal.my


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/CAHW9mbx3hMuBRqx8YrSCnum8Y=z8yt_g9sw7+7si2lto7ux...@mail.gmail.com

Re: mail server

2012-07-25 Thread J. B

On Wed, 25 Jul 2012 19:58:39 +0800
Umarzuki Mochlis umarz...@gmail.com wrote:

 2012/7/25 Muhammad Yousuf Khan sir...@gmail.com:
  need suggestions, i know there are few populer mail servers like
  postfix, sandmail etc out there.
 
  here is some details about my office.
 
  1. 20 users.
  2. pop from main server
  3. send via SMTP
  4. local mail distribution IMAP
 
  i am not looking in to easy or hard mail server. what i am looking is
  it should be good for my carrier and  for my office too.
  secure, stable, web base console etc.
 
  btw, i have heard that there is a mailserver called zimbra. but i
  think debian is not natively supporting it.
 
  any help would be appreciable.
 
 
 check iredmail. Easy to install.
 

zimbra mail server
ispmail server


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20120725175006.6b770...@shiva.selfip.org

Re: mail server

2012-07-25 Thread ew


On Jul 25, 2012, at 7:52 AM, Muhammad Yousuf Khan wrote:

 need suggestions, i know there are few populer mail servers like
 postfix, sandmail etc out there.
 
 here is some details about my office.
 
 1. 20 users.
 2. pop from main server
 3. send via SMTP
 4. local mail distribution IMAP
 
 i am not looking in to easy or hard mail server. what i am looking is
 it should be good for my carrier and  for my office too.
 secure, stable, web base console etc.
 
 btw, i have heard that there is a mailserver called zimbra. but i
 think debian is not natively supporting it.
 
 any help would be appreciable.
 
 
 
 Thanks,
 
 




For a simple feature rich mail server check out citadel.
There are packages in Debian.  I will easily meet all your needs.

It is lighter weight compared to Zimbra with many of the same features.
I'm able to run Citadel on a very modest VPS (384MB RAM) along with
several hosted websites/email domains.

Good Luck,


Eric









 -- 
 To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
 with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
 Archive: 
 http://lists.debian.org/cagwvfmk21bvtuvzbxgzvtjgpu-1tscegl-uzgluuupktban...@mail.gmail.com
 


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/f1ff7563-ec35-4888-b0b9-b8555ca83...@carry-her.com

Re: mail server

2012-07-25 Thread Denis Witt


On 25.07.2012 13:52, Muhammad Yousuf Khan wrote:


here is some details about my office.



1. 20 users.
2. pop from main server
3. send via SMTP
4. local mail distribution IMAP



i am not looking in to easy or hard mail server. what i am looking is
it should be good for my carrier and  for my office too.
secure, stable, web base console etc.



btw, i have heard that there is a mailserver called zimbra. but i
think debian is not natively supporting it.


Hi,

you will need at least two things, an SMTP Server (like postfix) and an 
IMAP/POP3 Server (like dovecot).


Over the years I have used many different programs for that, starting 
with Exim. But now I always use Postfix and Dovecot together with LDAP, 
Amavis (Spamassassin, ClamAV) and Postgrey.


Dovecot is quite easy to set up. Postfix might be a bit trickier, but it 
is very well documented (and the mailing list is very responsive).


Anyway, regardless which server you will choose, please do a lot of 
research before you launch the server for public use. It is rather easy 
to set up an open relay anybody could use for sending SPAM. Your IP will 
be show up on Blacklists and you will have a lot of trouble removing 
them from those lists.


Also it is important not to use a dailup IP, instead you will need a 
proper static IP with correct rDNS settings. If you don't have that in 
your office you will have to use a relay server to send mails (external).


To have a web based access to your mails I would recommend roundcube. 
Which is very easy to set up and not too bloated so your users will be 
fine with that very quickly.


If you want a web based console for all the Admin stuff you can use 
webmin, but usually there is no need for that once the server is up 
and running.


The advance setting up your mail server by hand is that you will get a 
deeper understanding of what happens in case of problems. Zimbra is more 
like a black box doing some magic stuff inside. (As fas as I know Zimbra 
is based on Postfix.) Zimbra is also much more than just an Mailserver, 
it's more like a collaboration tool like Microsoft Exchange/Outlook.


Bye.


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Archive: http://lists.debian.org/500fe8a9.5000...@concepts-and-training.de

Re: mail server

2012-07-25 Thread Camaleón

On Wed, 25 Jul 2012 16:52:25 +0500, Muhammad Yousuf Khan wrote:

 need suggestions, i know there are few populer mail servers like
 postfix, sandmail etc out there.

 here is some details about my office.
 
 1. 20 users.
 2. pop from main server
 3. send via SMTP
 4. local mail distribution IMAP
 
 i am not looking in to easy or hard mail server. what i am looking is it
 should be good for my carrier and  for my office too. secure, stable,
 web base console etc.
 
 btw, i have heard that there is a mailserver called zimbra. but i think
 debian is not natively supporting it.

Ugh... I would avoid Zimbra as much as I can (nothing against it, is just 
I don't like all-in-one solutions for mail services I prefer small pieces 
of software performing a brilliantly work) :-)

 any help would be appreciable.

My ingredients for the recipe:

- Fetchmail (or getmail) for polling e-mails form your remote provider
- Postfix (for local/remote lmtp/smtp services)
- Cyrus (for local/remote pop/imap services)
- Spamassassin (anti-spam)
- ClamAV (antivirus if using windows stations)
- Amavisd-new (I call it the glue because I use it to join all the 
pieces)

I have no webmail (forbidden), e-mail users are stored in a separate 
database (sasl2db) and are not system users which means no login shell. 

This setup has been serving me very well during many years and is very 
flexible and powerful (though not easy to setup) because as it can be 
expanded to support more users and a different user database backend 
(e.g., SQL, PAM...).

Greetings,

-- 
Camaleón


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/jup1ga$ot7$9...@dough.gmane.org

Re: mail server

On Wed, Jul 25, 2012 at 5:21 PM, ew e...@carry-her.com wrote:

On Jul 25, 2012, at 7:52 AM, Muhammad Yousuf Khan wrote:

need suggestions, i know there are few populer mail servers like
postfix, sandmail etc out there.

here is some details about my office.

1. 20 users.
2. pop from main server
3. send via SMTP
4. local mail distribution IMAP

i am not looking in to easy or hard mail server. what i am looking is
it should be good for my carrier and for my office too.
secure, stable, web base console etc.

btw, i have heard that there is a mailserver called zimbra. but i
think debian is not natively supporting it.

any help would be appreciable.

Thanks,

For a simple feature rich mail server check out citadel.
There are packages in Debian. I will easily meet all your needs.

It is lighter weight compared to Zimbra with many of the same features.
I'm able to run Citadel on a very modest VPS (384MB RAM) along with
several hosted websites/email domains.

what is the perpuse of this package are you using it for local office
or as a service provider? for how many users you are using this
package. if VPS then how you cater the security issues. like open smtp
relay. spam control and other security related matters.

Good Luck,

Eric

--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive:
http://lists.debian.org/cagwvfmk21bvtuvzbxgzvtjgpu-1tscegl-uzgluuupktban...@mail.gmail.com

--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive:
http://lists.debian.org/f1ff7563-ec35-4888-b0b9-b8555ca83...@carry-her.com

--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive:
http://lists.debian.org/cagwvfmm7+-gu3lqcvcnbkb1sl633fh8qz9rxckmg7w3ynrj...@mail.gmail.com

Re: mail server

On Wed, Jul 25, 2012 at 5:38 PM, Denis Witt
denis.w...@concepts-and-training.de wrote:
On 25.07.2012 13:52, Muhammad Yousuf Khan wrote:

here is some details about my office.

1. 20 users.
2. pop from main server
3. send via SMTP
4. local mail distribution IMAP

i am not looking in to easy or hard mail server. what i am looking is
it should be good for my carrier and for my office too.
secure, stable, web base console etc.

btw, i have heard that there is a mailserver called zimbra. but i
think debian is not natively supporting it.

Hi,

you will need at least two things, an SMTP Server (like postfix) and an
IMAP/POP3 Server (like dovecot).

Over the years I have used many different programs for that, starting with
Exim. But now I always use Postfix and Dovecot together with LDAP, Amavis
(Spamassassin, ClamAV) and Postgrey.

Dovecot is quite easy to set up. Postfix might be a bit trickier, but it is
very well documented (and the mailing list is very responsive).

Anyway, regardless which server you will choose, please do a lot of research
before you launch the server for public use. It is rather easy to set up an
open relay anybody could use for sending SPAM. Your IP will be show up on
Blacklists and you will have a lot of trouble removing them from those
lists.

Also it is important not to use a dailup IP, instead you will need a proper
static IP with correct rDNS settings. If you don't have that in your office
you will have to use a relay server to send mails (external).

Thanks for letting me know these matters but i am not using it
publicly i will be downloading my emails from my hosted mail server.

To have a web based access to your mails I would recommend roundcube.
Which is very easy to set up and not too bloated so your users will be fine
with that very quickly.

If you want a web based console for all the Admin stuff you can use
webmin, but usually there is no need for that once the server is up and
running.

The advance setting up your mail server by hand is that you will get a
deeper understanding of what happens in case of problems. Zimbra is more
like a black box doing some magic stuff inside. (As fas as I know Zimbra is
based on Postfix.) Zimbra is also much more than just an Mailserver, it's
more like a collaboration tool like Microsoft Exchange/Outlook.

Bye.

--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject
of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/500fe8a9.5000...@concepts-and-training.de

--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive:
http://lists.debian.org/CAGWVfMnCnU=J=7t2XNdePF9LZG=jq7pdkdphdmvq0dxnwef...@mail.gmail.com

Re: mail server