amber_build
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision Last revision Both sides next revision | ||
|
amber_build [2011/05/31 12:52] SLUUG Administration [Postfixadmin] |
amber_build [2018/07/12 15:14] SLUUG Administration [Base OS Config] |
||
|---|---|---|---|
| Line 12: | Line 12: | ||
| selinux is disabled by 'echo 0 > /selinux/enforce' | selinux is disabled by 'echo 0 > /selinux/enforce' | ||
| - | FIXME There is an admin panel to access the VM. We need to document it. | + | Admin control is not publically available; contact the BatCave crew for questions (Lee, Chuck, Steve, Don). |
| ===== Apache ===== | ===== Apache ===== | ||
| Line 47: | Line 47: | ||
| In /etc/httpd/conf.d/ssl.conf, we set the following two values: | In /etc/httpd/conf.d/ssl.conf, we set the following two values: | ||
| - | ''SSLCertificateFile /etc/pki/tls/certs/apache.pem'' | + | ''SSLCertificateFile /etc/pki/tls/certs/sluug.pem'' |
| - | ''SSLCertificateKeyFile /etc/pki/tls/certs/apache.pem'' | + | ''SSLCertificateKeyFile /etc/pki/tls/certs/sluug.pem'' |
| And then changed: | And then changed: | ||
| Line 72: | Line 72: | ||
| ''# yum install mysql mysql-server'' | ''# yum install mysql mysql-server'' | ||
| + | |||
| ''# mysql_secure_installation'' | ''# mysql_secure_installation'' | ||
| Line 269: | Line 270: | ||
| virtual_transport = virtual | virtual_transport = virtual | ||
| </code> | </code> | ||
| + | |||
| + | Also in /etc/postfix/main.cf, add or uncomment line "recipient_delimiter = +". This specifies the separator between user names and address extensions (user+foo). | ||
| + | |||
| + | Also in /etc/postfix/main.cf, add "disable_vrfy_command=yes". Disable VRFY....From Jeff's presentation. | ||
| Now, edit the mapping files. **IMPORTANT: These files contain database passwords! They need to be root:postfix 640!** | Now, edit the mapping files. **IMPORTANT: These files contain database passwords! They need to be root:postfix 640!** | ||
| Line 340: | Line 345: | ||
| * Set $mydomain, $myhostname in /etc/amavisd.conf | * Set $mydomain, $myhostname in /etc/amavisd.conf | ||
| * Uncomment $MYHOME,$helpers_home,$lock_file,$pid_file | * Uncomment $MYHOME,$helpers_home,$lock_file,$pid_file | ||
| - | * Uncomment the clamav block in amavisd.conf. Make sure the patch to the socket | + | * Uncomment the clamav block in amavisd.conf. Make sure the path to the socket is /var/run/clamav/clamd.sock (must match the LocalSocket setting in clamd.conf) |
| - | is /var/run/clamav/clamd.sock (must match the LocalSocket setting in clamd.conf) | + | * Change setting $sa_tag_level_deflt to -9999 instead of 2.0. This means the SpamAssassin score headers are added to all mail. |
| + | * Uncomment the sample $final_spam_destiny line and change the value from D_PASS to D_DISCARD. Due to the default changing from bounce to pass. | ||
| + | * Try to be a little more lenient on mail relayed by our users. Add "spam_kill_level_maps => [10.0]," to the "$policy_bank{'ORIGINATING'}" section. | ||
| Append the following to /etc/postfix/master.cf: | Append the following to /etc/postfix/master.cf: | ||
| Line 399: | Line 405: | ||
| * courier-authlib-devel | * courier-authlib-devel | ||
| - | As an unprivilged user, do: | + | As an unprivileged user, do: |
| <code> | <code> | ||
| mkdir $HOME/rpm | mkdir $HOME/rpm | ||
| Line 471: | Line 477: | ||
| Mailman wouldn't start because the mailman list was missing. | Mailman wouldn't start because the mailman list was missing. | ||
| - | FIXME Did someone rsync over lists from bud? What happened in this step? | + | FIXME Did someone rsync over lists from bud? What happened in this step? It should have been lists/, data/, archives/, followed by /usr/local/mailman/bin/genaliases. |
| + | See [[build:lists|MailMan]] for configuration files and options, | ||
| + | including Apache. | ||
| ===== Webmail===== | ===== Webmail===== | ||
| + | We have installed roundcube as our [[build:webmail|Webmail]] tool. | ||
amber_build.txt · Last modified: 2018/07/12 15:16 by SLUUG Administration
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
