On 09/08/2014 08:13 AM, Gordan Bobic wrote:
On 2014-09-08 12:50, Robert Moskowitz wrote:
Last year I worked on a replacement for my current mailserver, but
never put it in production. I now want to go through the steps and
rebuild it with RSEL.
Basically I followed:
http://campworld.net/thewiki/pmwiki.php/LinuxServersCentOS/Cent6VirtMailServer
http://wiki.centos.org/HowTos/Amavisd
So I use:
Postfix
mysql
postfixadmin (from sourceforge)
dovecot
roundcubemail
amavisd-new
clamav
spamassassin
Those are the highlights and I hope to work on it off and on over the
next month. Meetings and Holidays will stretch out the work.
Are there any challenges with availablity of any of these components
for RSEL?
I am concerned about no selinux, as there are a lot of php scripts,
and eventhough I worked a lot on the security settings (got into some
real rows on the various lists), I still worry.
I would be willing to share my notes with anyone that wants a similar
setup, and perhaps we can work this out together...
Base Repository:
Postfix
mysql
dovecot
spamassassin
EPEL:
clamav
amavisd
You're on your own with postfixadmin and roundcube. No idea what the
former
is. If it is come kind of a web administration interface, I always
recommend
against anything of such description for security reasons, and if you
absolutely have to have it, make sure it only listens on loopback, so you
can only access it by ssh-ing into the machine with -D, then using the
ssh
session as a socks proxy to reach the admin interface.
http://sourceforge.net/projects/postfixadmin/
cd /usr/share
tar -xzvf /home/rgm/Downloads/postfixadmin-2.91.tar.gz
mv postfixadmin-2.3.6/ postfixadmin
cat <<EOF>/etc/httpd/conf.d/postfixadmin.conf || exit 1
alias /mailadmin /usr/share/postfixadmin
<Directory "/usr/share/postfixadmin">
AllowOverride AuthConfig
</Directory>
EOF
You use it for your account admin. I really need to look into running it
on another port that I limit to my local network. Its config has the
mysql password for mailserv hardcoded. That is what I really don't like;
how you have to put mysql passwords all over in various places.
IIRC RoundCube only requires PHP and MySQL, both of which are available.
It is in the EPEL 6 repo as: roundcubemail-0.9.5-1.el6.noarch.rpm
But I don't see it in the arm EPEL 6 repo. What would it take to get it
there? I don't have any records of any dependencies it needed.
The default setup for Roundcube has some major php security flaws that I
argued against on the list. The change was trivial, but the keepers
refused to make the change. I have my notes of what I did.
But Roundcube looked like the best Webmail offering at that time.
_______________________________________________
users mailing list
[email protected]
http://lists.redsleeve.org/mailman/listinfo/users
