[Sysadmin] setting up qmail

Dean Mah dean.mah at gmail.com
Sat Nov 15 08:32:08 CST 2008 

On Fri, Nov 14, 2008 at 10:42 PM, John Handelaar <john at userfrenzy.com> wrote:
> 2008/11/15 David Kaufman <david at gigawatt.com>:
>> So last time, on tempest, we installed qmail from source iirc.  But I've
>> been running qmail on debian, using the "unofficial" deb packages from
>> here:
>>
>>  http://smarden.sunsite.dk/pape/Debian/
>>
>> ever since *woody* ...so I wonder if anyone objects to my adding that repo
>> to the apt sources list, and letting the package management system install
>> and manage qmail.  I'd also prefer to run djbdns than bind, and would
>> volunteer to be responsible for its administration.
>>
>> What do you guys think?  Strong feelings one way or 'tuther?  Pros?  Cons?
>
> Con.
>
> I put it in.  It exists outside of apt (which sucks) and the
> qmail-haters aren't wrong inasmuch as nobody actually understands
> enough about patched versions in circulation to know whether there are
> vulnerabilities, and there's no ongoing security 'coverage'.
>
> I put it in because (for the record) we got vpopmail and qmailrocks
> provided a nice bundle of spam and virus coverage, multihoming and
> web-based admin.  Plus the raw speed of qmail.
>
> From here, on balance, I'm not sure we shouldn't go with exim4 this
> time.  I'm told the speed is much the same or better (and frankly it's
> not like LEO is exactly nippy these days), it's security-covered and
> one assumes that mailman and clamav and spamd integrate rather more
> easily.
>
> I'm happy to be told otherwise since Dean's actually been running the
> thing and adding shims and sticky tape to ameliorate some of our
> current MTA's horrors for the last few years on his own.
>
> Remember:  mail-wise, we don't just run LEO and EO, but also
> css-discuss.org/ and lists.c-d.o for Eric.

I still don't have a preference.  As long as we can setup dedicated
outgoing and incoming smtp servers and handle the multiple domains,
that gets us a long way.  I've been inside the code of the old
postfix, so I am familiar with the architecture and code base (not
that I anticipate having to hack the source again).  I can learn exim.


> And we'll probably want to update our install of mailman.  Though I'm
> hoping nobody will have to manually work through years of
> crappily-maintained mailbox files and regenerate the archives from
> scratch like I did last time.

We're only a couple point revisions behind.  I updated mailman awhile
ago and didn't have to mess with the archives.  If we have an orderly
cut-over, I don't think that we'll need to regenerate the archives.
We should probably decide which lists we want to finally drop.


> And (last time I'll be raining on this parade for some hours) -- we
> need a sensible plan for rolling the mail over from one host to the
> other.

I think that the easiest thing is to pick a weekend, let everyone know
that they shouldn't be sending anything to the lists for a day or so,
and then move it.  Lists traffic on the weekend is pretty low.  Worst
case, I can manually re-inject message sent to tempest into tron so
that the archives are correct.

Dean

More information about the Sysadmin mailing list