Task #2257

Updated by Florian Effenberger 7 months ago

This issue is about refactoring the main mail server. Possible improvements include:

Base system: Dovecot (IMAP):
* Upgrade -Use the "passwd-file" driver for passdb and userdb to Debian 10

Dovecot (IMAP):
avoid using PAM or the passwd(5)/shadow(5) database-
* -Replace the LDA with an LMTP server to receive mails from Postfix-
Change mail storage format from maildir to mdbox, possibly compressed

Postfix (SMTP):
* Replace -Use virtual users-
* -Set @smtpd_sasl_type=dovecot@ (instead of @cyrus@)-
* Move
amavis to a milter or an after-queue content filter
* -replace postgrey
by rspamd a tighter postscreen(8)-

* consider setting Postfix' @notify_classes@ to empty
* switch to Milter
* -set @-o smtpd_proxy_options=speed_adjust@ as default-
Guilhem proposed to use systemd
Assuming you're using systemd as PID 1, a
quick and dirty fix would be to tell it to auto restart the service.
Rather than editing the unit file shipped by the package (which would be
overridden by the next amavis update), I'd go for an override
systemd.unit(5) file instead:

$ mkdir /etc/systemd/system/amavis.service.d
$ tee /etc/systemd/system/amavis.service.d/override.conf <<- EOF
#Restart=on-abnormal might be more appropriate, see
#systemd.service(5) for details
$ systemctl daemon-reload
$ systemctl restart amavis

You can see if the override systemd.unit(5) file is taken into account
with `sudo systemctl show amavis.service | grep ^Restart`.

hostmaster alias
* consider switching to local mailbox only in case of too many notifications

* switch to DNSSEC and TLSA records if feasible

* consider rspamd, incl. ARC signing