Nico -telmich- Schottelius wrote:
Jeroen Massar [Sun, Dec 24, 2006 at 02:18:18PM +0000]:
That all depends on what you are used to.
The mini-isp setup:
- Debian unstable
unstable? for production system?
Yes, why not? Unstable == newest of the newest. The only thing that can break is when you upgrade packages, thus only upgrade when you need to. Aka install debsecan and only upgrade for security issues. I only had 1 minor problem with it this year and that was an libattr upgrade which broke ls ;)
- nsd or pdns as authoritive dns
- pdns as a recursing dns
dns was not really questioned, but I would prefer djbdns (+patches, again) or bind.
Patches, patches, patches. Bind9 is fine (and actually what I usually use) but pdns&nds are simply faster, thus for scalability I would go for those, then again it depends on ones needs.
- postfix for SMTP + optional STARTTLS + Submission
Submission does what task?
Port 587. SMTP Message Submission - http://www.ietf.org/rfc/rfc2476.txt
The way that your users send mail to the rest of the world. Just in case, they are not supposed to use port 25, that is for server<->server message transfers. This also allows you to easily redirect port 25 outbound to a greylister/ratelimit if you want as they should never be using it. Of course that should be an option that one can easily turn of, some people love to run their own SMTP too ;)
- amavis + clamav & Spamassassin using milter inline in postfix
Seem both to be just 'the standard antivir and antispam' solution
There is afaik nothing better, especially in combo with:
- http://saupdates.openprotect.com/ to update SA.
nice, did not know that.
That thing ;) Which is indeed pretty sweet.
- dovecot for IMAP-SSL
yep, sounds for me as the best solution. I remember having some problems with courier and performance with Maildirs
= 100k Mails (my inbox).
Well cras (ehm Timo Sirainen ;) is simply an extremely talented and good coder thus I definitely trust his stuff.
To make it all configureable one can go for a MySQL backend or write scripts which can generate the configs. MySQL (or other SQL backend) is prolly the way to go though.
Don't know whether I really like the idea being dependent of MySQL as backend, but it is at least one possibility to do central administration.
Otherwise go for postgresql if you want a technically better DB. LDAP is always also an option but it doesn't provide the flexibility that SQL gives, especially for storing all kinds of unrelated data. Having everything (including accounting etc) in the same database with one single data model makes management a lot easier and one can also do weird queries and do statistics making $management happy.
Yet again, it all depends on what you need and what you are used to...
Well, it does not really depend on what I am used to for me (anymore).
I am currently really thinking of giving postfix a try, but it somehow "feels" like stepping backwards.
postfix is IMHO at the moment the best MTA there is.
I am really interested in some experiences of postfix admins and how they handle virtual domains and users.
"vi /etc/postfix/virtual/" but you can stick *all* of that in SQL.
There are loads of HOWTO's on how to do it: http://wiki.dovecot.org/DovecotLDAPostfixAdminMySQL http://www.howtoforge.com/virtual_postfix_mysql_quota_courier
Cool thing about Dovecot&Postfix btw: http://www.postfix.org/SASL_README.html#server_dovecot Aka you can let dovecot authenticate SMTP AUTH for submission
Or if you really want the truly virtual and complete doc: http://postfix.pentachron.net/ :)
Happy playing over X-mas with all the new toys everybody is getting :)
Greets, Jeroen