Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Postfix

timothy posted more than 10 years ago | from the way-of-all-bits dept.

Software 161

honestpuck writes "After many years bashing my head against sendmail in all it's gory details I had amassed a fair amount of knowledge and documentation on handling the Mail Transfer Agent (MTA) in Linux and Mac OS X. This caused a fair amount of teeth gnashing when I discovered it had gone the way of all flesh in OS X Panther to be replaced with Postfix." To un-gnash his teeth, honestpuck used Kyle D. Dent's Postfix: The Definitive Guide (published by O'Reilly); read on for his review of the book.

Fortunately, my first needs were simple and I came to realise that Postfix was a much easier system to install and maintain. Now that my needs are more complex, I was glad when this book hit my desk at exactly the same time as I started upgrading the corporate servers from Mac OS 9 to OS X Server.

Postfix: The Definitive Guide seems to fit the bill. It is a well-written and well-constructed guide to mail systems in general and Postfix in particular. (Oh, and speaking of definitive, could someone at O'Reilly provide a definitive answer to both reviewers and their own editors as to that colon? This is the second 'Definitive Guide' I've reviewed in as many months, and they are sprinkled with instances of each book's title, sometimes including that colon, sometimes leaving it out.)

The book starts with a good overview of the underlying technology in Chapters 1 and 2. I can't blame Dent for my slight confusion in the section on addresses and headers - having RFC822 superseded by RFC2822 was just a little too much coincidence for this particular "bear of little brain." He then follows it with a chapter discussing Postfix's architecture, important since Postfix uses a much more modular approach than the sendmail monolith, with each part of the mail handling process a different executable and the single queue turned into five.

Once the background is well covered, Dent then gets onto the nitty-gritty of configuring and administering Postfix. He has certainly covered everything I needed, including spam handling, multiple domains, relaying, SASL authentication and using LDAP. Once I'd finished grokking all that, and getting it integrated into my servers, I had a corporate email system up in three sites that replaced and improved upon a couple of thousand dollars worth of proprietary dreck. Happy is an understatement.

Dent's writing is sometimes a little patchy, though never bad. The technical detail does seem overpowering in places, though, and I occasionally found myself reading a section through more than once with a configuration file open in front of me. There are certainly spots where a little more hand holding and care with the writing would have been appreciated. (If you are a little more cognizant of the interstices of mail systems then you may not have the same problem.)

I did, however, appreciate the appendices enormously. The four appendices cover configuration parameters, Postfix commands, installation, and an FAQ. My system came with Postfix compiled and installed just as I required it so I didn't get a chance to thoroughly test out Dent's installation procedure (though it looks good); the other three continue to be useful.

If you want to have a look for yourself, then the usual O'Reilly page is complete with a table of contents and index, but this time no example chapter is provided (how come, O'Reilly?). You can also get an expanded version of the FAQ in Appendix 4 from Dent's website. A better example of Dent's writing style is an excellent article on troubleshooting with Postfix logs at O'Reilly's Onlamp.com.

This is an excellent book, Dent has explained the underlying methodology and use of Postfix well, taken the reader through all aspects of this MTA system and explained both the why and the how. I would recommend this book (and, as a result Postfix) to anyone looking for an MTA and a guide to configuring and running it.


You can purchase Postfix: The Definitive Guide from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

cancel ×

161 comments

Postfix Enabler (5, Informative)

momerath2003 (606823) | more than 10 years ago | (#8401750)

Mac OS X users can find a cool, donation-ware (read: non-crippleware) GUI for the buil-in postfix server, Postfix Enabler [roadstead.com] . It allows some advanced configuration of the postfix server.

It has some handy instructions for setting up Mac OS X's Mail.app to interface with the Postfix server as well.

NO YUO (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#8401767)

Re:Postfix Enabler (-1, Flamebait)

Anonymous Coward | more than 10 years ago | (#8401794)

so fuckin' what, stupid apple zealot. Debian comes with a dead simple configuration system for postfix by default.

Re:Postfix Enabler (-1, Flamebait)

Anonymous Coward | more than 10 years ago | (#8402110)

Debian comes with a dead simple configuration system for postfix by default.

Yep, it's called Exim.

Re:Postfix Enabler (-1, Troll)

Anonymous Coward | more than 10 years ago | (#8401962)

3 people in the world who buy Apple are thrilled.

FIRST POSTFIX (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#8401772)

i failed it

Thank Apple for (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#8401779)

I have been running FreeBSD since the 3.x days. Right around this time Linux became popular but I stuck with FreeBSD for several academic reasons. At that point one was as good as the other, but as time went on this changed. Linux started gathering a huge following and it really hit its stride. The developers made leaps in bounds in hardware support. Meanwhile, FreeBSD crawled from 3.x to 4.x, which was a great improvement to be sure, but not as rapid or large as what Linux had been offering.

Being locked into FreeBSD by familiarity and investment at that point I wistfully watched the GNU community race ahead. I wish something would start a similar firestorm of FreeBSD development. I thought nothing of it when Apple bought NeXT in 1996. The Rhapsody project, which was basically just adding some Apple technology to OpenStep, didn't interest me. When Steve Jobs announced Mac OS X in 1999, however, my ears perked up at the mention of my favorite Unix. Apple was going to update the very cores of OpenStep into something new FreeBSD was going to be a huge part of that.

Since Mac OS X v10.0 was released in 2001, Apple has been filtering BSD code in and out of their kernel, userland, and libraries. This code then makes its way back to FreeBSD. Apple's pattern is to sync every major Mac OS X release with the latest major FreeBSD release. For example, Mac OS X v10.1 corresponded to FreeBSD 4.4 and Mac OS X v10.2 matched up with FreeBSD 4.7. By the time Apple released Panther, their contributions back into FreeBSD had amassed into a new FreeBSD milestone, the 5.x branch. Mac OS X v10.3 contained bits of both FreeBSD 4.9 and FreeBSD 5.1.

Look at it this way, only after Apple started modifying FreeBSD 4.x and submitting their modifications did FreeBSD progress to the 5.x branch. The advanced VM and SMP code that allows Mac OS X to run so efficiently is the very same code that finally put FreeBSD on the level with Linux. I run FreeBSD 5.2 on a four-way Xeon box at work and thank Apple every day. If it weren't for the Mach micokernel from Apple we wouldn't be able to do these nice things with FreeBSD now or probably ever.

It's also kind of ironic how such a big deal was made by Wind River Systems [windriver.com] buying out both BSDI and Walnut Creek Software. (Does anyone remember this?) The plan was to merge BSD/OS into FreeBSD and sell a special enterprise edition of the operating system while still maintaining the Open Source project. Sadly this fizzled out. No one ever predicted that Apple, of all companies, would ride in with the cavalry and pick up the pieces. Apple has done much more than Wind River ever managed to.

After such a long and precarious history FreeBSD is finally going somewhere and we no longer have to worry about the latest hardware support of when the next release will be. We're firing on all pistons now, and within a couple more years there will be more FreeBSD installs than Linux or Solaris! I'm not so proud that I can't see what is behind this. Apple saved FreeBSD and I have no problem admitting or accepting that. I doubt many others who use FreeBSD do, but I just wanted to point it out.

Thank you, Apple, for saving FreeBSD.

Re:Thank Apple for (2, Offtopic)

Anonymous Coward | more than 10 years ago | (#8401880)

Actually, you're all wrong, nice speach though.

Apple has contributed very little to FreeBSD, all of the contributions have been to the userland; NONE to the kernel.
No, I'm not complaining, I'm very glad that Apple released a nice test suite that allowed us to find some rather nasty NFS bugs; but other than that, Apple has does no more than helping FreeBSD get the recognition it deserves, which is no little thing by the way.

The FreeBSD realation with Apple is technically one-sided, Apple benefits, FreeBSD doesn't. On the political side, they both benefit from the BSD push. Which is good, but it could be better, for FreeBSD at least.

Re:Thank Apple for (1, Interesting)

Anonymous Coward | more than 10 years ago | (#8402158)

Wouldnt this be a reason that GPL kernels have a longer life expectancy?

Dont get me wrong, I love BSD style licenses. They are very useful, but tend to be lacking in author compensation and stability of the platform when a commercial entity gets interested in it, i think.

IT'S SPELLED 'SPEECH' YOU INSENSITIVE GAY CLOD! (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#8402165)

*_g_o_a_t_s_e_x_*_g_o_a_t_s_e_x_*_g_o_a_t_s_e_x_*_
g_______________________________________________g_ _
o_/_____\_____________\____________/____\_______o_ _
a|_______|_____________\__________|______|______a_ _
t|_______`._____________|_________|_______:_____t_ _
s`________|_____________|________\|_______|_____s_ _
e_\_______|_/_______/__\\\___--___\\_______:____e_ _
x__\______\/____--~~__________~--__|_\_____|____x_ _
*___\______\_-~____________________~-_\____|____*_ _
g____\______\_________.--------.______\|___|____g_ _
o______\_____\______//_________(_(__>__\___|____o_ _
a_______\___.__C____)_________(_(____>__|__/____a_ _
t_______/\_|___C_____)/______\_(_____>__|_/_____t_ _
s______/_/\|___C_____)_______|__(___>___/__\____s_ _
e_____|___(____C_____)\______/__//__/_/_____\___e_ _
x_____|____\__|_____\\_________//_(__/_______|__x_ _
*____|_\____\____)___`----___--'_____________|__*_ _
g____|__\______________\_______/____________/_|_g_ _
o___|______________/____|_____|__\____________|_o_ _
a___|_____________|____/_______\__\___________|_a_ _
t___|__________/_/____|_________|__\___________|t_ _
s___|_________/_/______\__/\___/____|__________|s_ _
e__|_________/_/________|____|_______|_________|e_ _
x__|__________|_________|____|_______|_________|x_ _
*_g_o_a_t_s_e_x_*_g_o_a_t_s_e_x_*_g_o_a_t_s_e_x_*_


Important Stuff: Please try to keep posts on topic. Try to reply to other people's comments instead of starting new threads. Read other people's messages before posting your own to avoid simply duplicating what has already been said. Use a clear subject that describes what your message is about. Offtopic, Inflammatory, Inappropriate, Illegal, or Offensive comments might be moderated. (You can read everything, even moderated posts, by adjusting your threshold on the User Preferences Page) If you want replies to your comments sent to you, consider logging in or creating an account.

Important Stuff: Please try to keep posts on topic. Try to reply to other people's comments instead of starting new threads. Read other people's messages before posting your own to avoid simply duplicating what has already been said. Use a clear subject that describes what your message is about. Offtopic, Inflammatory, Inappropriate, Illegal, or Offensive comments might be moderated. (You can read everything, even moderated posts, by adjusting your threshold on the User Preferences Page) If you want replies to your comments sent to you, consider logging in or creating an account.

Important Stuff: Please try to keep posts on topic. Try to reply to other people's comments instead of starting new threads. Read other people's messages before posting your own to avoid simply duplicating what has already been said. Use a clear subject that describes what your message is about. Offtopic, Inflammatory, Inappropriate, Illegal, or Offensive comments might be moderated. (You can read everything, even moderated posts, by adjusting your threshold on the User Preferences Page) If you want replies to your comments sent to you, consider logging in or creating an account.

Re:IT'S SPELLED 'SPEECH' YOU INSENSITIVE GAY CLOD! (0, Funny)

Anonymous Coward | more than 10 years ago | (#8402231)

"Important Stuff: Please try to keep posts on topic."

What if it's a boring topic? Like a new mailserver or something?

Re:Thank Apple for (2, Insightful)

Gheesh (191858) | more than 10 years ago | (#8402177)

The FreeBSD realation with Apple is technically one-sided, Apple benefits, FreeBSD doesn't.

Well, I thought that was what the BSD license's for. You write code, a company comes in, takes it, does whatever suits them without any need of giving back. If you want a reciprocal relationship, license the code under the GPL.

Re:Thank Apple for (4, Informative)

jeremyp (130771) | more than 10 years ago | (#8402248)

Darwin doesn't use the FreeBSD kernel. It has its own (open source) kernel based on Mach, so it has nothing to contribute back to the FreeBSD kernel.

Re:Thank Apple for (2, Interesting)

Anonymous Coward | more than 10 years ago | (#8402380)

Actually, it does, UFS driver updates they made would be welcome. Actually, many systemcalls in the MacOS X are directly from FreeBSD, so they would be welcome to contribute back the the PPC tree.

Re:Thank Apple for (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#8401931)

This is totally offtopic but can you or anybody explain how the Mach microkernel fits in? Does it mean that every FreeBSD user who wants SMP has to use Mach? What does the microkernal have to do with advanced VM and SMP? Linux doesn't seem to need a microkernel. When I heard about that I assumed it was some kind of politicial decision within Apple.

beats the hell outta sendmail... (5, Interesting)

Chuck Bucket (142633) | more than 10 years ago | (#8401782)

after admin'ing sendmail for two years, I switched to Postfix a month ago, and wow, what a difference. recommended, and I'd think a book would only be needed for someone that was deploying this in a large organization.

CB

Re:beats the hell outta sendmail... (5, Informative)

cayenne8 (626475) | more than 10 years ago | (#8402062)

Yup...was very new to setting up an email server. I found this thread very helpful [gentoo.org] for setting up a simple home email system. Also way down in the thread is help and links for using spamassasin and other heuristic spam filters...

Re:beats the hell outta sendmail... (1, Interesting)

Anonymous Coward | more than 10 years ago | (#8402234)

I fought sendmail's bugs/exploitable holes until 1997 or so, when I gave up and moved us to qmail. Postfix was called "vmailer" back then and wasn't quite ready, but it would probably be my first choice now.

Re:beats the hell outta sendmail... (3, Informative)

pdp11e (555723) | more than 10 years ago | (#8402242)

I agree. There is a world of difference between the Postfix and Sendmail.
Many years ago I was "vi /etc/whatever" kind of guy whenever a service needed to be configured or tweaked. As I've got older I've learned to appreciate good tools for the system administration. One of the best (IMHO) is the Webmin. It has an awesome Postfix configuration module and it takes 10 minutes to have (non-trivial) mail-server up and running. But even with the Webmin Sendmail is still a bitch to configure.

Why the rest of the world hates America. (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#8401783)

I'm lovin' it! [i-am-asian.com]

Weird! (-1, Troll)

HappyCitizen (742844) | more than 10 years ago | (#8401789)

You mean you use some sort of mail program? That implies that you talk to other people! That implies that you know other people! Weird

Postfix? Ahem... (-1, Troll)

Anonymous Coward | more than 10 years ago | (#8401805)

No legal enterprise uses this open sores shit. Be honest, does your workplace use it? No. There's a reason why Exchange is the standard. Corporations are afraid of lawsuits. Using open sores exposes a business to backdoors, corporate espionage, and SCO threats. This review is a waste of time.

I'm not trolling, really... (4, Interesting)

SharpFang (651121) | more than 10 years ago | (#8401835)

...but comparing how complex sendmail configuration is, and how simple is it to configure Postfix, does a guy who ate his teeth on Sendmail really need -a book- to learn something SO much easier?
(while Sendmail config file reminds raw binary, Postfix is all easy, understandable and well commented options)

Re:I'm not trolling, really... (2, Insightful)

pe1chl (90186) | more than 10 years ago | (#8401912)

Does anybody edit sendmail.cf directly?

Re:I'm not trolling, really... (1, Interesting)

Anonymous Coward | more than 10 years ago | (#8401994)

Yes. I do.

I tend to make a ridiculous number of changes to the .mc file, but inevitably I find one or two things that are just easier to change in .cf.

Re:I'm not trolling, really... (-1, Troll)

Anonymous Coward | more than 10 years ago | (#8402040)

Yes, morons who are too stupid to learn the tools they are using, and instead like to whine about how hard they are to configure.

Re:I'm not trolling, really... (5, Funny)

zulux (112259) | more than 10 years ago | (#8402086)

Configuring sendmail is easy!

dd if=/dev/random of=./sendmail.cf

then hit Ctrl-C when you think you have enough configuring done. Small installs need about 30 seconds, enterprise installs need a few minuites.

Re:I'm not trolling, really... (1, Interesting)

Anonymous Coward | more than 10 years ago | (#8402107)

For our internal clients I have a hand written sendmail.cf files that does some simple checks and then forwards it to our central server.

I do. (1)

vyrus128 (747164) | more than 10 years ago | (#8402109)

Is that so hard to believe? :-) Note: that was before I switched to Qmail.

it took you this long to switch from sendmail? (4, Insightful)

Vellmont (569020) | more than 10 years ago | (#8401839)

I thought everyone without a huge legacy setup had switched from the archaic sendmail to something decent like postfix, or qmail long ago.

A few years ago I simply wanted to re-write my host.domain.tld address on outgoing email to be simply host.tld. I bawked at the stupidities of learning a crappy sendmail language, then re-compiling it into yet another crappy language just to do this. A friend told me about postfix, and I've never looked back. I think only the massochistic, or those hopelessly lost in a legacy sendmail mess use sendmail these days.

Re:it took you this long to switch from sendmail? (4, Insightful)

chef_raekwon (411401) | more than 10 years ago | (#8401895)

I thought everyone without a huge legacy setup had switched from the archaic sendmail to something decent like postfix, or qmail long ago.

am i the only dork that decided to learn sendmail, and now have no issue with its configuration??
sheesh. i didnt think it was that hard -- ofcourse, i can see its complexity with a huge organization...but once its setup up, count on never having to touch it until an exploit is found (and these days, it seems rare for sendmail).
oh well....
back to that cf file.

Re:it took you this long to switch from sendmail? (3, Interesting)

[tsa] (183282) | more than 10 years ago | (#8401955)

> am i the only dork that decided to learn sendmail, > and now have no issue with its configuration??

No, you aren't. sendmail just works. Oh, and I
badly failed trying to configure postfix.

Re:it took you this long to switch from sendmail? (1)

GNUguy (55665) | more than 10 years ago | (#8402108)

Nope, I use sendmail, and am quite happy with it. Been using it for about 10 years or so now.

-G

Re:it took you this long to switch from sendmail? (4, Insightful)

silas_moeckel (234313) | more than 10 years ago | (#8402116)

Nope learned it loved it and if you want a nice GUI buy it. Will people never learn if they want a nice happy easy sendmail you can buy it. The guys that write it sell a nice administration front end. It even handles multiple instances on various boxen so it scales ok to enterprise and ISP settings. Why does everybody bitch that sendmail is hard to setup does everybody just dred the idea of forking out a hundred bucks for a nice front end to a mail server thats been around the block and is about as defacto a standard as they come?

OK I may just be jaded because sendmail has gotten me though some tough times and nasty issues at a time when uucp was still common.

Re:it took you this long to switch from sendmail? (-1, Troll)

Sevn (12012) | more than 10 years ago | (#8402268)

Oh oh oh, you said BOXEN! The boxen police here on slashdot are going to tell you how lame you are now. The boxen police are friends with the spelling nazi police and the self word-wrap police.

Re:it took you this long to switch from sendmail? (1)

silas_moeckel (234313) | more than 10 years ago | (#8402341)

It's ok, I'm to old to care about the boxen police and the spelling nazi's allready hate me. The self word wrap people well I havent seen them around nor do I care about them :) Though if the entry box width was customizable it would be nice (if it is no I havent realy looked that hard I dont suffer from customitis that disease where you seak to look cool and elite via anime slashdot backgrounds and redone css)

You would wonder how many people on slashdot are just to young to remember the old slang terms that some of us grew up with.

Re:it took you this long to switch from sendmail? (1)

ted_nugent (226799) | more than 10 years ago | (#8402489)

Could be worse. At least he didn't say "UUCP anyone?"

M4 actually has some benefits (2, Interesting)

Anonymous Coward | more than 10 years ago | (#8402124)

If you have a complex setup, it is easier to modify a file with your specific settings, and use M4 to push those settings into the "real" config file. This is fairly future-proof.
I'm not saying it is the best way, but there was a reason.

honestpuck (5, Funny)

Anonymous Coward | more than 10 years ago | (#8401854)

I had always wondered how he managed to have so much time to read all these different books, and then on top of reading them, writing a pretty nice review of it.. the following line explains it all to me:

I was glad when this book hit my desk at exactly the same time as I started upgrading the corporate servers from Mac OS 9 to OS X Server

And I'm posting this anonymously because I know there are many of you who wondered the very same thing.. ;)

Re:honestpuck (0)

Anonymous Coward | more than 10 years ago | (#8401905)

Sure, the book just "hit his desk", he didn't go out seeking it.

You surprised that he's nothing more than a paid shill?

Before you mod me down, post a link to a critical review he's submitted.

Re:honestpuck (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#8401934)

I'll do you one better, I'll link to your critical reviews below....



And that's just for starters...

Re:honestpuck (2, Funny)

Anonymous Coward | more than 10 years ago | (#8402024)

post a link to a critical review he's submitted

Well, this book got an "8". Since on slashdot, the average review is a "9", this review could be considered critical.

Hey! (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#8401859)

Come on guys, we haven't slashdotted these webpages yet. Let's make it 3 successful slashdottings in one day! Come on, we've got two under our belts already. I didn't miss one did I?

Is it just me.. (-1, Troll)

msimm (580077) | more than 10 years ago | (#8401869)

Or does that headline read like its been sent through babelfish?

Re:Is it just me.. (1)

Nahor (41537) | more than 10 years ago | (#8401968)

You didn't look very hard did you? This was in the default main.cf!

mailbox_command = /usr/bin/procmail

Re:Is it just me.. (1)

rsidd (6328) | more than 10 years ago | (#8401983)

does that headline read like its been sent through babelfish?

The headline is just one word, Postfix, so how could you tell?

Postfix shortcomings (3, Interesting)

Lxy (80823) | more than 10 years ago | (#8401887)

I have also read this book, reviewed it, and submitted it. Obviously honestpuck is more interesting than me, and I can accept that :-).

Good book, but even with Kyle's help I still can't get procmail working with postfix. Postfix has its own filtering mechanism, including spam filtering. It doesn't seem to allow 3rd party apps like procmail and spamassassin to play with it, though. I can't find info on Gogole either. Is anyone using procmail or spamassassin with postfix?

Re:Postfix shortcomings (2, Informative)

Anonymous Coward | more than 10 years ago | (#8401930)

Check out this article....

http://techie.org/Projects/TNMailServer-Full.asp x

Re:Postfix shortcomings (5, Informative)

boobsea (728173) | more than 10 years ago | (#8401945)

Didn't google very well did you?

here you go:

http://www.geekly.com/entries/archives/00000155.ht m [geekly.com]

Good luck.

Re:Postfix shortcomings (0)

Anonymous Coward | more than 10 years ago | (#8402119)

Didn't google very well did you?

I'd say the problem is that he says he tried Gogole, but that seems to just redirect to Google. Perhaps he meant Gogol? Did he find information on fantastical Russian novels?

Re:Postfix shortcomings (3, Informative)

kaisyain (15013) | more than 10 years ago | (#8401964)

master.cf:
mailbox_command = /usr/bin/procmail -p

main.cf:
smtp inet n - n - - smtpd -o content_filter=spamfilter
spamfilter unix - n n - - pipe flags=Rq user=spam argv=/usr/local/sbin/spamfilter.sh -f ${sender} -- ${recipient}

Both of which are documented in files linked to from http://www.postfix.org/docs.html

Re:Postfix shortcomings (3, Informative)

Howard Beale (92386) | more than 10 years ago | (#8401997)

I used this article as the basis for my smtp gateway and it works fairly well:

http://lawmonkey.org/anti-spam.html

Re:Postfix shortcomings (1)

Dillusionary (675442) | more than 10 years ago | (#8402043)

Trust me spamass and procmail and anything else you can write will work with postfix, this is an awesome MTA and comes with builtin chroot support. Look into the main.cf file, there lays all your answers concerning procmail and spamass.

Re:Postfix shortcomings (4, Informative)

jtosburn (63943) | more than 10 years ago | (#8402045)

Postfix is both well documented, and well supported. From the well commented main.cf :
# The mailbox_command parameter specifies the optional external

# command to use instead of mailbox delivery.
[some snipping]
#mailbox_command = /some/where/procmail
#mailbox_command = /some/where/procmail -a "$EXTENSION"

So not enabled by default, but easily remedied if you absolutely MUST have procmail. You can also enable it on a per-user basis by leaving those lines commented, and then using a .forward file in your home directory that calls procmail.

As for playing with spamassassin or other 3rd party programs, no problem. A quick check of the Documentation page [postfix.org] at www.postfix.org reveals all kinds of good info. The consensus on postfix-users is to use amavisd-new, and then call antivirus and/or spam filters from there.

Good luck!

Re:Postfix shortcomings (3, Informative)

outcast36 (696132) | more than 10 years ago | (#8402072)

You can also use amavisd. In addition to running your mail through spamassassin, this approach also lets you throw a virus scanner into the mix.

here's a link [khoosys.net]

Re:Postfix shortcomings (1, Informative)

Anonymous Coward | more than 10 years ago | (#8402111)

in master.cf:

# add at beginning
smtp inet n - n - - smtpd
-o content_filter=filter:dummy

# add at end
filter unix - n n - - pipe
flags=R user=filter argv=/usr/local/bin/postfix-filter.sh -f ${sender} -- ${recipient}

#
# filter shell looks somthing like:
FILTER=yourfilter
cat > inp.$$ $FILTER < inp.$$ > msg.$$
exec $POSTFIX "$@" <

Re:Postfix shortcomings (3, Interesting)

Hayzeus (596826) | more than 10 years ago | (#8402266)

To avoid duplicating the zillion responses you shall receive pointing out that you can use procmail directly as the delivery agent (google or just check main.cf), I'll just point out postfix also honors sendmail .forward files as well, allowing procmail to be invoked that way as well. If you were invoking procmail this way using sendmail, you should have to make 0 changes when you switch to postfix. The only thing I've seen it break so far is the majordomo approval function, and this is covered in the faq.

i stopped reading after i ran into this... (2, Funny)

ltwally (313043) | more than 10 years ago | (#8401899)

"...upgrading the corporate servers from Mac OS 9 to..."

yeah.. that was about where I gave up on this review. Anyone that runs MacOS 9 as a server ... not someone I think I'd be taking advice from for my network.

Re:i stopped reading after i ran into this... (2, Insightful)

Dynedain (141758) | more than 10 years ago | (#8401973)

dont blame the tech for what bones management decided to throw at him

our servers are mostly OS9 as well because the old computers migrate into servers and our office is mostly mac-based (blame the person who's name is on the company for making that decision 15 years ago)

I'd rather hear from someone who has a tough situation and how they figured a way out of it than from someone who has all the resources they want

Re:i stopped reading after i ran into this... (4, Insightful)

Otter (3800) | more than 10 years ago | (#8402162)

Classic MacOS systems aren't bad servers for low intensity use. They're extremely secure, for one thing, and the available server software packages were pretty good and very straightforward to use. Quite a few places ran their DNS and mailserver off an old Mac SE for well into the Internet age.

Anyway, who better to write a review of an introductory Postfix book than an admin just switching to Unix?

Re:i stopped reading after i ran into this... (2, Interesting)

ScottSpeaks! (707844) | more than 10 years ago | (#8402326)

our office is mostly mac-based (blame the person who's name is on the company for making that decision 15 years ago)

I'd file that under "You all thought I was crazy, but who's laughing now?" I'm at the tail end of a migration of my own business from mostly Windows with one Mac and one Linux box, to a mix of OS X and Linux and a legacy Windows box... and lovin' it.

On the topic of Postfix, I switched from Sendmail (which I'd been tinkering with for a few years) to Postfix when I switched from RedHat to Mandrake, and found it mostly painless. The only problem was that Mandrake's default install of Apache and Postfix apparently left an open proxy (not relay) exploit enabled, and I was briefly sending out spam for some low-life.

Re:i stopped reading after i ran into this... (4, Funny)

Anonymous Coward | more than 10 years ago | (#8402009)

I was in the middle of upgrading my corporate database server to Access 2000, but had to stop and type this post to wholeheartedly agree with you.

Re:i stopped reading after i ran into this... (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#8402012)

Will someone please mod this guy up to +5 funny, then -1 troll?

Re:i stopped reading after i ran into this... (2, Interesting)

Zapman (2662) | more than 10 years ago | (#8402020)

I can think of several reasons that MacOS might be needed as a server... Largeish publishing house using Quark Express comes to mind... it was only released for OSX, what, 6 months ago? For most corperations of any size, that's moving pretty quick.

Besides, remember that even those you consider to be stupid often have good advice. This is one of those instances. Postfix is wonderful. Simple, secure, fast, powerful, extensible... Weitze did an amazing job writing it. He was the guy who wrote TCPWrappers (back in the days before xinetd put some resonable security into inetd) and the origional network analysis tool Satan, so you know it's written with security in mind.

I've got it pushing 6-8 gigs of email a day in one install using pretty lame hardware (uniproc, 2 SCSI drives at RAID 1). We've loved it, and had some great success with it.

Re:i stopped reading after i ran into this... (1)

misleb (129952) | more than 10 years ago | (#8402170)

I can think of several reasons that MacOS might be needed as a server... Largeish publishing house using Quark Express comes to mind... it was only released for OSX, what, 6 months ago? For most corperations of any size, that's moving pretty quick.

As if using MacOS 9 for a server wasn't bad enough, now you are suggesting that someone might want to run Quark on it (the server)???? That's no way to run a network.

-matthew

Re:i stopped reading after i ran into this... (4, Interesting)

CharAznable (702598) | more than 10 years ago | (#8402032)

You'd be surprised.. OS 9 is a very secure OS.. there is no root shell to spawn after smashing the stack, for instance.

Re:i stopped reading after i ran into this... (0)

Anonymous Coward | more than 10 years ago | (#8402104)

yeah, and it has itunes

Re:i stopped reading after i ran into this... (4, Insightful)

Shisha (145964) | more than 10 years ago | (#8402101)

Somehow, I have the feeling that you have never been in charge of anything than your home network.

Sorry that's just my impression, but a matter of fact is that IT managers don't allow willy/nilly upgrades. In fact the chances are that in real life, you're managing something that was not designed by you. So you have to put up with whatever is there. And if it works... sort of ... then you'll find it hard to persuade anyone to bless an upgrade.

Same goes for coding; you take over project someone else has started and it might well be that you'll find yourself learning COBOL. You think that writing a CPU simulator in Java is stupid and inefficient; who cares we want it to run faster and you do whatever is needed to make that happen. That's life.

Ever seen an S390? Do you know how much IBM charges for fixing these? Do you have an idea how slow they are? But just taking the risk of upgrading to something new usually isn't worth it in real life.

Btw. he wasn't giving any advice on running a network, just a book review.

Re:i stopped reading after i ran into this... (1)

ltwally (313043) | more than 10 years ago | (#8402343)

Ah... the 390. Brings back memories... We got to write assembler for them back in college. real pieces of shit. They had some freakish 24-bit memory model and 16 GPR's (i think it was 16 of them) that weren't really GPR's 'cause they had assigned roles. God... if anyone other than IBM had created that monstrosity it would have sank...

Anyhoo.. back to my reply: I was merely make a pun at the expensive of MacOS 9. IMHO OSX is the only decent MacOS ever. All the others were terrible; cooperative multitasking, a VM that makes MS-DOS shine, crashability like only Windows could compete with, etc etc.

So don't take it all personal -- It was a joke!!

Why? (3, Interesting)

EvilStein (414640) | more than 10 years ago | (#8402502)

There are still quite a few Mac OS 9 servers - running Webstar or AppleShare IP, or maybe even Eudora Internet Mail Server.

It's actually not a bad platform at all and can be quite reliable.

I Ran (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#8401909)

I walked along the avenue.
I never thought I'd meet a girl like you;
Meet a girl like you.
With auburn hair and tawny eyes;
The kind of eyes that hypnotize me through;
Hypnotize me through.

And I ran, I ran so far away.
I just ran, I ran all night and day.
I couldn't get away.

A cloud appears above your head;
A beam of light comes shining down on you,
Shining down on you.
The cloud is moving nearer still.
Aurora borealis comes in view;
Aurora comes in view.

And I ran, I ran so far away.
I just ran, I ran all night and day.
I couldn't get away.

Reached out a hand to touch your face;
You're slowly disappearing from my view;
Disappearing from my view.
Reached out a hand to try again;
I'm floating in a beam of light with you;
A beam of light with you.

And I ran, I ran so far away.
I just ran, I ran all night and day.
I couldn't get away.

Postfix? (5, Funny)

Anonymous Coward | more than 10 years ago | (#8401932)

p
/ | \
m / u
/ \
t s
/ \ / \
o d h i

Re:Postfix? (0, Offtopic)

36526542DD (456961) | more than 10 years ago | (#8402022)

I don't know what that is supposed to be.

Apparently you posted that article "POST FIX", as in "after your last fix of meth".

Re:Postfix? (0)

Anonymous Coward | more than 10 years ago | (#8402028)

> I don't know what that is supposed to be.

Obviously you've never taken a CS course then.

Re:Postfix? (1)

36526542DD (456961) | more than 10 years ago | (#8402301)

No, I haven't. Another post explained it.

I guess I need to...

Re:Postfix? (4, Informative)

ScottSpeaks! (707844) | more than 10 years ago | (#8402267)

It says "mod this up" in tree format. At every fork, process the left branch, then the right, then the node at the fork itself. When you reach a leaf, use that letter. Later, rinse, recurse.

Re:Postfix? (0)

Anonymous Coward | more than 10 years ago | (#8402050)

Hehe, I didn't recognize that as a tree at first.

Re:Postfix? (0)

Anonymous Coward | more than 10 years ago | (#8402083)

Neither did the Slashdot moderators, apparently.

An explanation (4, Informative)

jared_hanson (514797) | more than 10 years ago | (#8402277)

Performing post order tree traversal on this tree yeilds:

modthisup

For those of you too long out out CS class, just remember: left, right, root.

Re:Postfix? (1)

blueskies (525815) | more than 10 years ago | (#8402629)

i got: ihsudotmp

Begun now (3, Funny)

LittleLebowskiUrbanA (619114) | more than 10 years ago | (#8401939)

the great Qmail/Postfix flame war has.

Re:Begun now (1)

Tumbleweed (3706) | more than 10 years ago | (#8402278)

"Around the mail servers a firewall create."

Re:Begun now (1)

mihalis (28146) | more than 10 years ago | (#8402289)

the great Qmail/Postfix flame war has.

No flaming, just use Exim!

At least thats my opinion, and that of my ISP (Speakeasy [speakeasy.net] )

Postfix doesn't require a book (3, Informative)

hey (83763) | more than 10 years ago | (#8401942)

It has no impossible-to-understand langauge, the options have reasonable names, they do what they suggest... it just works.

Re:Postfix doesn't require a book (4, Insightful)

misleb (129952) | more than 10 years ago | (#8402055)

A book can't hurt. Postfix can do a lot more than what a stock main.cf suggests.

The sooner sendmail is consigned... (4, Funny)

myowntrueself (607117) | more than 10 years ago | (#8401984)

to the dustbin of history the better.

Q. Why does the 'sendmail book' have a bat on the cover?

A. The diet of the North American brown bat is principally composed of bugs. Sendmail is a software package principally composed of bugs.

or;

A. Bat guano is a source of ammonium nitrate, a principal ingredient of things that blow up in your face, like sendmail.

(And many others, courtesy of 'the unix haters handbook' (worth a read)).

Obviously, the people who designed the sendmail configuration file system can't have been smoking crack, it wasn't invented back then.

So what was it that they were on? LSD?

Re:The sooner sendmail is consigned... (0)

Anonymous Coward | more than 10 years ago | (#8402064)

I thought it was because like the bat, sendmail sucks blood.

Re:The sooner sendmail is consigned... (1, Funny)

Kphrak (230261) | more than 10 years ago | (#8402287)

It's widely been a subject of suspicious conjecture that Sendmail was written at the University of Berkeley shortly after LSD was invented in the same university.

I have Postfix on a box at my work here, and am loving it...too bad Sendmail on the production systems, its sendmail.cf hacked by dozens of admins before me, will never go away. If you wonder why, try working for a federal government bureaucracy and making any change whatsoever to the status quo.

mod dowN (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#8402001)

conti.nues in a [goat.cx]

cock (-1, Troll)

Anonymous Coward | more than 10 years ago | (#8402047)

cock

Re:cock (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#8402091)

you can't say that on slashdot

Next book to buy (2, Interesting)

dimss (457848) | more than 10 years ago | (#8402115)

This is next book to buy. I like postfix. Five years (or so) ago it was unknown rpm that came with fetchmail in Mandrake. Now I use it on all of my mail servers. And I use it for free.

This book is great... (4, Informative)

Mysticalfruit (533341) | more than 10 years ago | (#8402122)

I recently bought it from BookPool.com [bookpool.com] and it was cheap!

Disclaimer: My buddy works at bookpool (but their prices really are great!)

I've been using this book to migrate our existing sendmail gobbilygook mailsystem to a sane well documented postfix system and I've found the book to be a great help as I've had to do a one to one comparision between sendmail and postfix for configuration stuff.

Plus Dent's writing style is excellent and the book is well laid out.

Here's a cut'n'paste of the entire book. (4, Funny)

Bender Unit 22 (216955) | more than 10 years ago | (#8402152)

---[snip]---
Postfix, it just works!
---[snip]---

Sendmail under Panther (2, Insightful)

b1t r0t (216468) | more than 10 years ago | (#8402154)

I already had a nice M4 file with a working configuration, and wanted to move from Linux to Panther. It was simple. Just compile it on a 10.2 box.

Sendmail was incompatible with xcode, probably because of the latest version of GCC. I just checked, and it seems to have been fixed in 8.12.11. At the time it was easier to find a 10.2 box than to dig up the compiler switch command and remember to switch it back afterwards.

I've been asking this over and over... (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#8402270)

...and have yet to get a response from anyone. What the FUCK does Honstepuck mean? It sounds horrible, like some kind of German fetish or something. I mean what kind of a name is that for a self-respecting geek anyway?

HON-STEH-PUK

???WTF???!

Is honstepuck a verb or a noun? Do you actually participate in honstepucking, or do you grab onto someone's honstepuck?

What puzzles me even more is why so many people seem to just ignore my plea for more information. ISN'T ANYONE else curious about this disturbing and mysterious name???!!! Come on people! Wake the fuck up to what is happening here!!

Learn to spell (-1, Redundant)

Anonymous Coward | more than 10 years ago | (#8402313)

Another poor slob who can't spell "its"...

Postfix rocks it (1, Interesting)

Mr804 (12397) | more than 10 years ago | (#8402497)

Postfix is really great. I converted all our mail servers to it a while back. cpu usage is way down. The config file is very simple too.

Another Postfix book is coming soon (4, Informative)

EvilStein (414640) | more than 10 years ago | (#8402532)

Richard Blum wrote one - it's now quite outdated.

Ralf Hildebrandt & someone else (sorry, forgot who) are working on another very current Postfix book as well. Keep an eye on Amazon.com for it.

I've also read the O'Reilly Postfix book and found it to contain a lot of information. It's nice to have around.

postfix instead of sendmail - that's a good thing (3, Interesting)

fanatic (86657) | more than 10 years ago | (#8402550)

This caused a fair amount of teeth gnashing when I discovered it had gone the way of all flesh in OS X Panther to be replaced with Postfix

I replaced sendmail wwith postfix on all my non-isiolated machines last year after the sendmail vulnerability-of-the-week treadmill got very old.

it was *really* simple to do.

postfix: the ultimate sendmail patch.

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...