Postfix + Courier: Why?

Dr. Frankenbox · Posted: Fri Mar 05, 2010 6:14 pm Post subject: Postfix + Courier: Why?

I don't have a specific problem, but I have just started running an email server with postfix and courier, and I am really unimpressed with it. I don't know where postfix ends and courier begins.

Just recently, after I migrated maildirs from an old server (on which I didn't run the email service), I started getting a vague "permission denied" error from IMAP when anybody tried to log in. It took me hours of digging around and searching for config files to determine that courier-imap was compalining because postfix didn't have read permissions on the maildirs (they still had their invalid uid/gid from the old server). In this and other such situations, the split nature of this setup makes it a giant headache to administer.

Is there other email server software out there that comes together in one unified package? It just doesn't make sense to me that an email server should be pieced and patched together like this, unlike Apache or pretty much any other server software I've worked with.

AllenJB · Veteran Joined: 02 Sep 2005 Posts: 1285

Email servers are complex. There's no avoiding it. A typical email server might be asked to serve up to 3 mail protocols (SMTP, POP3, IMAP) alongside server-side mail filtering, possibly with another network protocol for administering the rules (Sieve). Then on top of that you might be running spam filtering, including but not limited to grey listing, black listing, white listing and content inspecting. Then it has to actually store and retrieve mail as well.

The unix philosophy for dealing with complexity is "divide and conquer". You divide the system up into smaller systems, each fo which deals with a specific (set of) task(s).

Correctly setup, each of the components of the overall mail server setup will have clearly defined responsabilities.

The problem is not the software. It's you.

You obviously haven't taken the time to read up on the software you're using. You've, at worst, installed the packages and followed a short guide, which probably had very little in the way of explanation of how it was setting up the server. You've then gone on to blame everything wrong with the setup on the software. But that's OK because you don't know any better. Why should you? You've probably never even visited the website for the software you're using, nevermind even attempted to read the official documentation. You've probably never read a single book on administering a mail server.

Once you've actually read some documentation and understand what the software you're using is capable of, you can look at your current setup and write down which responsabilities are currently being handled by which peice of software.

As an example, my mail server runs Postfix + Dovecot + PostfixAdmin + MySQL + Amavisd-new + SpamAssassin + SQLGrey + Roundcube. There's some crossover in what Postfix and Dovecot can handle, but my setup has the responsabilities setup like this:
Dovecot: POP3 + IMAP; Mailbox storage and retrieval (including quotas); Server-side rule-based mail filtering w/Sieve
Postfix: Authentication; SMTP; Incoming, content-based mail filtering (handoffs to SQLgrey and Amavisd-new); Incoming, blacklist based mail filtering via several hand-picked DNSRBLs
SQLgrey: Grey listing
Amavisd-new: Incoming, content-based mail filtering with the help of SpamAssassin
MySQL: Account details and authentication storage + Roundcube settings storage
PostfixAdmin: High level administration (account management)

I spent 2 months pouring over documentation during weekends and some evenings to create this setup. Much longer than strictly necessary, but it's paid off. I have an easy to manage setup where each application has clearly defined responsabilities and I know exactly which peice of software handles each stage of the process.

Rant over, here are your options:

1) You could actually spend this weekend reading through some documentation - I would recommend either the official documentation, or a book to start off with - and actually try to understand what each peice of software is capable of, what it's currently configured to do on your setup, and whether you'd like to change it.

2) Realise that mail servers are not trivial systems and you haven't got the time/resources/motivation to learn how to do it properly. Outsource to someone who has (it's not like there's a shortage of both free and paid mail server services out there)

Dr. Frankenbox · Posted: Fri Mar 12, 2010 6:24 pm Post subject:

You don't have to be rude. You're absolutely right that I didn't read as much documentation as I should have, but if you had phrased that in a way that didn't viciously attack my character, I might have read your entire post. I even tried skimming to the bit after you said "rant over," but then I discovered that the rant wasn't, in fact, over. I'm not even going to bother continuing to discuss this subject here if all I'm going to get is a flamewar.

cwr · Veteran Joined: 17 Dec 2005 Posts: 1969

Mail's a pig; for historical reasons you have whole sets of MTAs and MUAs
and MDAs and LMAs. I've set them up in the past, and they are never fun;
nor do I understand why so many different protocols have become established.

The best bet seems to be to leave the problem to someone else, and use
standard internet mail accounts and local mail readers. I don't think
there _is_ a "standard" single mail package, so if you have to set one
up then there's no way but to start digging into the (limited, confusing)
documentation, I'm afraid.

Good luck - Will

Dr. Frankenbox · Posted: Mon Mar 15, 2010 3:17 am Post subject:

Thank you for your civil post, cwr. I'll just deal with the annoyances and do my best to learn from them. Outsourcing isn't really an option for me at this point, and it goes against my grain anyway.