112018-04-24 15:19:05ClintonEbadidns cache options, djbdns dncache is too annoying to use on stretch102018-04-24 05:54:40ClintonEbadiimap features we might be able to enable92018-04-24 05:11:24ClintonEbadicourier setup notes82018-04-24 04:04:45ClintonEbadispamd needs some additional work72018-04-24 03:02:35ClintonEbadizen.spamhaus.org is ok, but other dns blacklists are blocking requests from do nameservers62018-04-23 23:06:48ClintonEbadiget-token wasn't working, but has been fixed52018-04-23 06:07:28ClintonEbadia few things to look at before putting into production42018-04-23 05:10:27ClintonEbadifixed mailNodes_admin spam filtering, but sa doesn't regen...32018-04-23 04:37:44ClintonEbadimore exim/domtool weirdness, fixed spamd args22018-04-23 04:04:32ClintonEbadi12018-04-22 21:28:03ClintonEbadinew mail server minskyminsky.hcoop.net is a virtual machine at DigitalOcean that will become our primary mail server, and replaces ServerMcCarthy It is named after professor Marvin Minsky.

Similar issues as ServerMarsh: had to manually add "domain hcoop.net" to resolv.conf had to open puppetserver port 8140 (bootstrap problem: new server can't connect to the puppetserver to request a cert, so it can't add its ip to the whitelist...) Default /etc/hosts is no good, sets marsh to loopback, with no ipv6. Had to munge like ServerGibran to public IP and add IPv6 alias. Really need to look deeper into this before perpetuating bad practice even further.

courier ejabberd

make sure firewall allows spamd to contact external services everything is closed currently, so likely needs to be updated Not sure if sa-update works either we don't have a dns cache enabled, do we need one to avoid annoying zen.spamhaus.org ? zen has 100k message / 300k lookup per day ... something we will not hit for a long time but also upstream dns servers are blocked from URIBL so we may need one anyway check unbound or powerdns, to avoid complications with bind since we have authoritative nameservers using it too

Exim is not configured to forward mailman mail to mccarthy Exim can't lookup addresses if there are no vmail users present This makes mailNodes_admin not work. spamassassin addrs are only updated when someone toggle their status with setsa, this needs to also happen during a domtool-admin regen

/etc/pam.d/imap from ServerMcCarthy was not included, works for normal accounts so far need to test vmail accounts, IIRC that is why we had to disable pags for courier IMAP THREAD/SORT are disabled -- should we enable them? Likewise for a few other settings we intentionally disable (e.g. keywords), review if any can be / are worth enabling while server is in testing phase CategorySystemAdministration