On Sun, Aug 09, 2020 at 06:44:55PM -0400, cfs_post...@insec.lofcom.com wrote:
> > and (avoiding HTML formatting) post "postconf -nf" and "postconf > > -Mf" output (the latter if master.cf is pertinent). > > One question; this will absolutely expose real domains, machine > names, and such. I wouldn't normally do that on a web forum, and > might on a mailing list, except for all of the web archives this > list feeds. Is there *any* future downside to exposing that > real-world information? Or is this common practice here and I am > being paranoid? When not material (i.e. not resolving a problem with a particular domain), you can choose to consitently lightly obfuscate domain names and email addresses, in a consistent manner, a=>a, b=>b, ... However, with issues pertaining to DNS, TLS, ... it is often a good to name a problem server that others can connect to and see whether they expand on your observations. > > http://www.postfix.org/BASIC_CONFIGURATION_README.html > > http://www.postfix.org/STANDARD_CONFIGURATION_README.html > > I had skimmed these, and know I need to scan them properly (on the > list for tomorrow morning), but they tend to make the assumption > that one is setting up a fresh new mail server. Well that's one take, but another is that they illustrate fragments of more complex use-cases in a simplified context. The reader is then expected to put the pieces of the puzzle together. For a deper exposition of concepts, you could either of the two books (O'Reilly or No Starch). > I would have thought there would be many web pages dealing with the > migration from sendmail to postfix, but I basically found ONE so > far ( http://www.nmmm.nu/postfix.htm ) that details using various > pre-existing sendmail config files in postfix, and I suspect that > one is out-of-date enough to be causing (or at least not solving) > my first "simple" problem. Postfix has a strong backwards-compatibility record. Good guides tend remain valid for decades. The main difference from Sendmail is some fine details of the behaviour of local delivery with respect to recursive aliases, ... My advice is to: - Run not walk away from using the legacy /etc/aliases file. Use it ONLY for: - Mail to managed lists with an owner-alias - Mail to pipes - Mail to :include:/some/file lists. - Otherwise, move all address-to-address rewriting to virtual(5). Once you do that, you'll avoid almost all the minor compatibility glitches. Take time to understand Postfix address classes, and VIRTUAL_README. -- Viktor.
