On Sun, Apr 08, 2012 at 07:42:29PM -0400, Mike Jones! wrote: me: > > The common thing I'm seeing is a poor description of the problem > > and goal. :) Try to clarify, in non-technical terms, what you > > want. > > Thanks for the reply. Here goes for the non-technical description: > > For sending, I want to be able to send email through my server over > an encrypted channel using Mozilla Thunderbird. A few different > domains are hosted on my server for friends, and they want to use > email for their domains as well. I want any person with an email > account on the server to be able to send email to any email address > on the internet; but I do not want anybody else to be able to send > email through my server.
You want server SASL. You misunderstood about Dovecot not being able to provide this. > I also want a catch-all address for my > domain (doesn't seem too hard in postfix). Ewww. Bad idea. You'll find out why as soon as a spammer hits your domain with a dictionary attack, or uses your domain as senders in a spam run and you are buried in backscatter. Most times recipient_delimiter provides a clean and safe way to give all users a nearly infinite namespace under each address. http://www.postfix.org/postconf.5.html#recipient_delimiter (Documentation shows the use of the Sendmail MTA default, "+", which is what makes the most sense. But many web sites use software written by someone who did not read RFC 821/2321/5321, and these sites will reject addresses which contain "+". Other choices include qmail's default, "-", or "_" or ".") > For receiving, I want to be able to receive and store email through > my server over an encrypted channel, and retrieve that email using > Mozilla Thunderbird. Standard dovecottage. > Virtual users were my preference since the server hosts a few > domains and not all of the domain owners have shell access. There is no requirement to grant shell access to mail users. There are dozens of ways to inhibit shell access for system accounts. > Some of them have no Linux experience, and others only have simple > websites, so they do not need system accounts. Granted, there is no need for system accounts; my point was that it is easier to set up mail with system accounts. And those who DO have and use shell access might appreciate the features of local(8). (I sort all my mail using recipient_delimiter and .forward files, for example. Shell users also can run commands on receipt of mail, but as you can imagine, there can be risk involved in that.) > For now, I am going back through documentation and just setting up > a very simple install then building up from there. Did this clear up anything? (Other than muddying the choice of virtual-v.-local, I mean.) Yes, your needs are typical, and you have numerous ways to fill them. -- http://rob0.nodns4.us/ -- system administration and consulting Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:
