Hi,
Meybe there is another solution.
Initaly I didn't want to generate private/public keys, because I was
planning to use the root account.
But, to solve this security issue, I create a user account with user rights,
and generate ssh private/public keys (less dangerous that root account)
I add c
Le 01/03/2011 10:51, aa a écrit :
> And what about using a shared disk space on a single machine that contains
> configuration file of every mail server.
> Every machine that has postfix can access these configuration files using
> samba or NFS...a kind of shared folder that can be contained on a p
Le 01/03/2011 06:37, Luis Esteves a écrit :
>
> Hi,
>
> Good idea.
>
> I'll soon install a centralized logs server (with rsync) for logs retention
> an alalysis, maybe I will use this server to update Postfix files. It will
> be in the trusted network, so, I will generate SSH Keys. The private K
My proposal of using a machine that contains samba/nfs shared file is
likely to create a critical node inthe architecture...
I appreciate Harald's idea of using mysql server with replication
clientsif I've understood well every postfix installation reads config
informations from its own mysql
i would use mysql for some reasons
* one master where write changes
* every machine can run a replication slave
* no single-point-of-failure
* postfix needs only read-permissions so there nerver writes on any slave
* you can even define each mysqld in each postfix server for failover
samba/nfs is
And what about using a shared disk space on a single machine that contains
configuration file of every mail server.
Every machine that has postfix can access these configuration files using
samba or NFS...a kind of shared folder that can be contained on a postfix
server machine too without using a
Hi,
I'll have a look to this tools, I'm curious...
Thanks a lot,
Luis
Victor Duchovni wrote:
>
> On Thu, Feb 24, 2011 at 02:52:17PM -0800, Luis Esteves wrote:
>
>>
>> Many Thanks Victor for the answer.
>
> An answer anyway, there are a few ways to address this... Some people
> would use to
Hi,
Good idea.
I'll soon install a centralized logs server (with rsync) for logs retention
an alalysis, maybe I will use this server to update Postfix files. It will
be in the trusted network, so, I will generate SSH Keys. The private Key
will be stored in the trusted network, and the public Key
Le 26/02/2011 08:46, Luis Esteves a écrit :
>
> Yes, relay_domains, sender_access, and more.
>
> Maybe the easier solution is to use the ssh/keys, but is it not dangerous to
> store private keys on a DMZ ?
>
Use a trusted host in a trusted place to push the configuration to all
your servers
Yes, relay_domains, sender_access, and more.
Maybe the easier solution is to use the ssh/keys, but is it not dangerous to
store private keys on a DMZ ?
Luis
/dev/rob0 wrote:
>
> On Thu, Feb 24, 2011 at 02:18:07PM -0800, Luis Esteves wrote:
>> In our organisation we have 4 postfix servers
On Thu, Feb 24, 2011 at 02:18:07PM -0800, Luis Esteves wrote:
> In our organisation we have 4 postfix servers.
> Each time i need to add a new configuration to the transport
> file (for a new domain), i need to update the transport file on
> each server. This is cumbersome. Connect on each server
Hello,
Le 24 févr. 2011 à 23:18, Luis Esteves a écrit :
>
> Hi everybody,
>
> In our organisation we have 4 postfix servers.
> Each time i need to add a new configuration to the transport file (for a new
> domain), i need to update the transport file on each server.
> This is cumbersome. Co
On Thu, Feb 24, 2011 at 02:52:17PM -0800, Luis Esteves wrote:
>
> Many Thanks Victor for the answer.
An answer anyway, there are a few ways to address this... Some people
would use tools like "cfengine" or similar. Basically, anything that
lets you manage configuration files on multiple Unix hos
Many Thanks Victor for the answer.
Luis
Victor Duchovni wrote:
>
> On Thu, Feb 24, 2011 at 02:18:07PM -0800, Luis Esteves wrote:
>
>> In our organisation we have 4 postfix servers.
>>
>> Each time i need to add a new configuration to the transport file (for a
>> new
>> domain), i need to upd
On Thu, Feb 24, 2011 at 02:18:07PM -0800, Luis Esteves wrote:
> In our organisation we have 4 postfix servers.
>
> Each time i need to add a new configuration to the transport file (for a new
> domain), i need to update the transport file on each server.
> This is cumbersome. Connect on each se
15 matches
Mail list logo
