Mailing List Archive

Support open source code!


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [tlug] OSX BSD mail server



Well, I was thinking that it would be a terribly large and complex thing,
but it seems like it is much messier than that.

Micheal

----- Original Message -----
From: "Stephen J. Turnbull" <stephen@example.com>
To: <tlug@example.com>
Sent: Wednesday, April 24, 2002 12:38 PM
Subject: Re: [tlug] OSX BSD mail server


> >>>>> "Micheal" == Micheal E Cooper <Micheal> writes:
>
>     Micheal> Some of the profs think it is high time they have e-mail
>     Micheal> for the students,
>
> No kidding!
>
>     Micheal> and I don't think it can be so difficult to install a
>     Micheal> mail server on OSX. Does anyone know of a good how-to or
>     Micheal> web site with these kinds of resources?
>
> I'd say just go through the Linux HOWTOs for mail at this point.  The
> MTAs, MDA/servers (procmail, POP, IMAP) all come with pretty good docs
> (I thought so, anyway).  BSD is not going to be terribly different
> from Linux, except for boot setup etc.---you're probably already
> familiar with that, though.  The config (reliability, security) issues
> are the same cross-platform.  The web sites of the developers
> (sendmail, exim, postfix, even qmail) are all pretty good.  Many of
> the MTA distros and MDA/servers provide sample configs for different
> setups.
>
> It's basically FreeBSD IIRC, so (1) sendmail is probably distributed
> with it and (2) any of the usual suspects will probably install
> properly with
>
> gzip -dc tarbaby.tar.gz | tar xvf - ; configure; make; make test; make
install
>
> However, the most important resource is you being alert.  A multiuser
> server is a whole 'nother smoke.  Backup is _absolutely_ necessary---
> who's going to manage the tapes?  And proper security can be hard to
> get right in a situation where you're basically giving anonymous
> potential hostiles (spelled "gakusei" in this context) access to
> complex programs running as root.
>
> Depending on the clients (MUAs) being used, you may need to provide
> X-Auto-MIME-Bletcherization and the like.
>
> Definitely virus filtering is de rigeur (ObBOFH: although I'd put it
> on outgoing, and simply permanently disable accounts that seem to be
> infected---no exceptions, not even for the head of the Doctoral
> Program in Computer Science).  Failing to assume that your users are
> going to be approximately as healthy as the patrons of a Bangkok
> brothel is simply unacceptably irresponsible these days.
>
> Spam filtering, you should just say no, but probably can't.
>
> Don't forget DNS.  You'll need MX records in the right places.
>
> Interaction with firewalls (which you may not have yet if you don't
> have email, but surely will soon :-( ) is also complex.  If the local
> dinosaur-brains, shitsurei shimashita, network policy committee are
> like many in Japan, they'll prohibit ICMP, which (at the "MIT of
> Japan") leads to nasty behavior like bouncing my mother's mail and
> making it impossible to deliver directly to hotmail.com from some TCP
> stacks (in particular, Linux 2.2.20).  Without ICMP (or an account on
> the firewall machine) these can be impossibly difficult to debug....
>
> In sum, sounds like fun, but (1) you are almost sure to get blamed for
> failures due to (more or less) unintentional DoS attacks by your own
> staff and (2) it's probably trivial to get "something" running, but
> implementing a reliable secure system may give you more experience
> than you're bargaining for.
>
> As the Chinese curse says, you're gonna be living in interesting times.
> I recommend you go ahead and do it, just be aware.
>
> --
> Institute of Policy and Planning Sciences
http://turnbull.sk.tsukuba.ac.jp
> University of Tsukuba                    Tennodai 1-1-1 Tsukuba 305-8573
JAPAN
>               Don't ask how you can "do" free software business;
>               ask what your business can "do for" free software.
>


Home | Main Index | Thread Index

Home Page Mailing List Linux and Japan TLUG Members Links