![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
elfsIt never ceases to amaze me just how goddamned esoteric configuring a mail transport agent is. I wasted all goddamned day trying to get postfix to work, only to realize that I'd probably blown two setting up a virtual server system I didn't need, and is probably not as secure as I'd like.
I mean, why isn't there a simple email server setup with some reasonable spam filtering for Unix? Is it really that difficult? I can feel my brain leaking out my ears and I'm stressed to the max.
It is time for some herbal tea.
I mean, why isn't there a simple email server setup with some reasonable spam filtering for Unix? Is it really that difficult? I can feel my brain leaking out my ears and I'm stressed to the max.
It is time for some herbal tea.
![[identity profile]](https://www.dreamwidth.org/img/silk/identity/openid.png){kind=small}
no subject
Date: 2009-01-26 06:13 am (UTC)no subject
Date: 2009-01-26 06:44 am (UTC)And I'm responsible for 5,000 email accounts!
no subject
Date: 2009-01-26 06:58 am (UTC)no subject
Date: 2009-01-26 01:15 pm (UTC)"DJB is a nutcase" is not a good reason.
Qmail is so simple, it's hard to believe.
no subject
Date: 2009-01-26 01:27 pm (UTC)Use exim. As solarbird said, it's the easiest to configure.
no subject
Date: 2009-01-26 02:50 pm (UTC)On Debian, debconf puts Postfix in a sane initial state, to which I add about a screenful of lines, half of which are personal blacklists I've built up over time, and half of which are general protocol things which catch a surprising number of spammers out.... add greylisting on top of that, and bogofilter in the backend for per-user context filtering, and I'm done. Now, if you've got some serious volume going on, putting a stripped-down spamassassin in as a milter is a good idea, since the more you can reject in the front end (while the SMTP session is going on) the more they'll get a bad taste in their mouth and won't come bug you anymore. (Why stripped-down? Because full-house S/A is a PIG, and really isn't worth it for other than URL checking and Bayesian filtering.)
If you're trying to do this on Red Hat? I'd say pop yourself an Ubuntu server VM, apt-get install postfix, grab main.cf out of /etc/postfix, and start from there. The initial config from Red Hat is just *nuts*. No idea if you're doing Gentoo, see previous suggestion.
no subject
Date: 2009-01-26 05:59 pm (UTC)I followed a recipe to get rid of most of the problems (e.g. insisting on decent HELOs) and postgrey doing greylisting gets rid of most of the spam. Anything that gets through is left to Thunderbird or POPMail or Gmail to spam filter, depending on where it ends up. (I never found SpamAssassin worth the resources it takes.)
no subject
Date: 2009-01-27 02:10 am (UTC)To answer your "why is it hard" question...you pretty much have to make a choice: Do you want easy to install, or easy to maintain? Exim is a good balance, but it's still not as easy as, say, exchange. Of course, it's mountains easier to maintain.
no subject
Date: 2009-01-27 07:25 am (UTC)"You are in a twisty maze of kernel patches, all ever-so-slightly different."
no subject
Date: 2009-01-27 07:32 am (UTC)Yes, backscatter can be configured away, but with the license restrictions DJB put on it (it's perfect at version 1.03 damn you! Noone will ever touch my perfect code!), applying patches to code isn't really what I call "configuring".
Yes, "DJB is a nutcase" is in fact a good reason not to use Qmail. If it were worth the trouble of converting everything to Postfix, I would in a heartbeat, but it's not (and it sure as hell would take longer than a heartbeat - our site is Not Small).