This files documents Mandrake Linux specific customizations for the Postfix package, 
read this file in addition to the fine documentation present in the README
subdirectory.

Running a mail server
---------------------
By default Postfix will not accept mail from the network, this is done so on a
default install you will not risk on being a prey to spammers.
If you want to run a mailserver change the Postfix inet_interfaces parameter.
run:
	postconf -e 'inet_interfaces=your.ip.add.ress'
or the simplier
	postconf -e 'inet_interfaces=all'
then restart postfix

For the same reasons Postfix will not relay mail (it will not receive mail from
an host and forward it to a different host).

Dynamic Maps
------------
postfix supports many map formats, but not all of them are installed by default
support for PCRE, LDAP, Postgres SQL, MySQL and possibly others is available by
installing the related postfix-xxx package (i.e. postfix-ldap for ldap support).
To see what map formats are available and install them use either rpmdrake or
urpmi.

Chroot
------
For security reasons, Postfix runs chroot'ed by default. That means that the
mail server is running in "/var/spool/postfix", not in the usual root
filesystem, "/". The mail server has no access to files outside this location.

Therefore, copies of some of your configuration files are put in the chroot.
Some of them may change over the time, if you modify them, or, for other
reasons.

The system will try to adjust for the most common changes to /etc/resolv.conf,
i.e. if you own a laptop and you use dhcp to configure your network interface,
or if you are a dialup user using ppp to connect to the Internet. If you want
to modify this behaviour look at the scripts:
	/etc/ppp/ip-up.d/postfix
	/etc/ppp/ip-down.d/postfix
	/etc/sysconfig/network-scripts/ifup.d/postfix

You can run "postfix check" to get usual warnings about changes between
the file in the chroot and your system files.

If you really feel unconfortable having postfix chrooted you can change this
setting.
To remove the chroot run:
	/usr/sbin/postfix-chroot.sh disable
To set the chroot up again run:
	/usr/sbin/postfix-chroot.sh enable

the chroot script is controlled by settings found in /etc/sysconfig/postfix

CYRUS
-----
read CYRUS_README in the postfix documentation directory.

SMTP Authentication (SASL)
--------------------------
There are some important issues you will have to note is if you want to use
SMTP AUTH via SASL.

To use SASL you will certainly require a sasl plugin installed. The plugin
packages are called libsasl2-plug-XXX, (i.e libsasl2-plug-plain for SASL PLAIN
support). To see what plugins are available and install them use either
rpmdrake or urpmi.

SASL database relies on file /var/lib/sasl2/sasl.db being accessible by
Postfix. This means both it being visible by a chrooted postfix and it being
readable by the postfix user.

Saslauthd requires its socket (by default /var/lib/sasl2/mux) to be accessible
by Postfix as well.

When running under chroot, two solutions are available:
1) copy sasldb file under /var/spool/postfix/var/lib/sasl2 and keep it in sync.
   Remember to verify that user postfix is able to read the sasl database. If
   you are using saslauthd change the saslauthd default socket (add "-m
   /var/spool/postfix/var/lib/sasl2" to the SASLAUTHD_OPTS= line in
   /etc/sysconfig/saslauthd and restart the saslauthd service)

2) mount /var/lib/sasl2 directory under chroot with -bind option, add the
   following line to /etc/fstab:
		/var/lib/sasl2 /var/spool/postfix/var/lib/sasl2 none rw,bind 0 0
   If you are using sasldb you will still have to check that the sasl database
   is readable by user postfix.

Content filters
---------------
Some provisioning for content filter setup is already in /etc/postfix/master.cf,
check comments in that file as well as FILTER_README.