• found Postfix binary RPMs here: http://postfix.wl0.org/en/available-packages/
• some really great notes here
• terrific spamassassin + postfix notes here
• more spamassassin notes: here
• Make sure the /etc/resolve.conf has the nameserver as the first line (not 'search')
• (duh) sudo rpm -i postfix-2.4.5-2.rhel4.i386.rpm
• remove sendmail else it fights to send mail with postfix: yum remove sendmail
• postfix changes: (see this in /etc/postfix/main.cf
  • set myhostname = boxaroo.com
  • set notify_classes = resource, software, bounce, policy, protocol
  • add virtual_alias_maps = hash:/etc/postfix/virtual

• to have mail forwarded, put entries like these in /etc/postfix/virtual, and then after each change run postmap virtual to make changes take place
  • matt walshes@gmail.com
  • @boxaroo.com walshes@gmail.com

• for chroot operation
  • in /etc/sysconfig/syslog append -a /var/spool/postfix/dev/log to SYSLOGD_OPTIONS
  • execute the LINUX2 script in /etc/postfix/examples/chroot-setup
  • see this for some detailed info like on how to edit /etc/postfix/master.cf

• maintenance
  • run postfix check to check for perm problems
  • run egrep '(reject|warning|error|fatal|panic):' /var/log/maillog
  • run postmap /etc/postfix/virtual to update any virtual addresses

• install spamassassin
  • yum install spamassassin
  • Have SA update itself nightly in cront 0 0 * * * sa-update && service spamassassin restart
  • chkconfig --level 345 spamassassin on
  • auto-setting rules here? http://saupdates.openprotect.com/
  • add a spamuser in /etc/passwd ( spamuser:x:99:99:SpamUser:/home/spamuser:/sbin/nologin )
  • adduser spamuser
  • chown spamuser:spamuser /home/spamuser
  • add these lines to master.cf

smtp      inet  n       -       y       -       -       smtpd -o content_filter=spamassassin
spamassassin unix  -       n       n       -       -       pipe user=spamuser argv=/usr/bin/spamc -f -e /usr/sbin/sendmail.postfix -oi -f ${sender} ${recipient}

• Installing milter and sender ID/domainkeys
  • =wget ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.14.1.tar.gz=
  • tar xvfz sendmail.8.14.1.tar.gz
  • cd sendmail-8.14.1/libmilter/
  • some good info on this thread

DomainKeys / DKIM

Setting up DKIM (some tidbits here)

• Nice info on DKIM here
• get dk-milter here
• unpack, change to dir
• in devtools/OS/Linux fix the man page thing define(`confMANROOT', `/usr/share/man/man')
• sh ./Build
• sudo sh ./Build install
• mkdir /etc/scripts/dkim_keep
• sudo chown -R spamuser:spamuser /etc/scripts/dkim_keep/
• cd /etc/scripts/dkim_keep
• dkim-genkey -d boxaroo.com
• launch with dkim-filter -l -p inet:8891 -d boxaroo.com -k /etc/dkim_keep/default.private -s default -u spamuser

--+++ Setting up DomainKeys

• dk-filter -l -p inet:8892 -d boxaroo.com -s /etc/dkim_keep/default.private -S default -u spamuser

Changes to postfix

• Add this to /etc/postfix/main.cf
  • non_smtpd_milters = inet:localhost:8891,inet:localhost:8892

DKIM tests

• Send mail to sa-test@sendmail.net for a nice debug
• *I seem to have a problem with Domain Keys (not DKIM). I get dk_eom(): resource unavailable: d2i_PUBKEY_bio() failed *

Configuring clients

• you can just leave sendmail going (checking the daemon runlevels of course) but set up this in /etc/mail/sendmail.mc

-- MattWalsh - 28 Sep 2007