This files documents Mandrake Linux specific customizations for the Postfix package, read this file in addition to the fine documentation present in the README subdirectory. Running a mail server --------------------- By default Postfix will not accept mail from the network, this is done so on a default install you will not risk on being a prey to spammers. If you want to run a mailserver change the Postfix inet_interfaces parameter. run: postconf -e 'inet_interfaces=your.ip.add.ress' or the simplier postconf -e 'inet_interfaces=all' then restart postfix For the same reasons Postfix will not relay mail (it will not receive mail from an host and forward it to a different host). Dynamic Maps ------------ postfix supports many map formats, but not all of them are installed by default support for PCRE, LDAP, Postgres SQL, MySQL and possibly others is available by installing the related postfix-xxx package (i.e. postfix-ldap for ldap support). To see what map formats are available and install them use either rpmdrake or urpmi. Chroot ------ For security reasons, Postfix runs chroot'ed by default. That means that the mail server is running in "/var/spool/postfix", not in the usual root filesystem, "/". The mail server has no access to files outside this location. Therefore, copies of some of your configuration files are put in the chroot. Some of them may change over the time, if you modify them, or, for other reasons. The system will try to adjust for the most common changes to /etc/resolv.conf, i.e. if you own a laptop and you use dhcp to configure your network interface, or if you are a dialup user using ppp to connect to the Internet. If you want to modify this behaviour look at the scripts: /etc/ppp/ip-up.d/postfix /etc/ppp/ip-down.d/postfix /etc/sysconfig/network-scripts/ifup.d/postfix You can run "postfix check" to get usual warnings about changes between the file in the chroot and your system files. If you really feel unconfortable having postfix chrooted you can change this setting. To remove the chroot run: /usr/sbin/postfix-chroot.sh disable To set the chroot up again run: /usr/sbin/postfix-chroot.sh enable the chroot script is controlled by settings found in /etc/sysconfig/postfix CYRUS ----- read CYRUS_README in the postfix documentation directory. SMTP Authentication (SASL) -------------------------- There are some important issues you will have to note is if you want to use SMTP AUTH via SASL. To use SASL you will certainly require a sasl plugin installed. The plugin packages are called libsasl2-plug-XXX, (i.e libsasl2-plug-plain for SASL PLAIN support). To see what plugins are available and install them use either rpmdrake or urpmi. SASL database relies on file /var/lib/sasl2/sasl.db being accessible by Postfix. This means both it being visible by a chrooted postfix and it being readable by the postfix user. Saslauthd requires its socket (by default /var/lib/sasl2/mux) to be accessible by Postfix as well. When running under chroot, two solutions are available: 1) copy sasldb file under /var/spool/postfix/var/lib/sasl2 and keep it in sync. Remember to verify that user postfix is able to read the sasl database. If you are using saslauthd change the saslauthd default socket (add "-m /var/spool/postfix/var/lib/sasl2" to the SASLAUTHD_OPTS= line in /etc/sysconfig/saslauthd and restart the saslauthd service) 2) mount /var/lib/sasl2 directory under chroot with -bind option, add the following line to /etc/fstab: /var/lib/sasl2 /var/spool/postfix/var/lib/sasl2 none rw,bind 0 0 If you are using sasldb you will still have to check that the sasl database is readable by user postfix. Content filters --------------- Some provisioning for content filter setup is already in /etc/postfix/master.cf, check comments in that file as well as FILTER_README.