ubuntu usable, cram rm'd

This commit is contained in:
Luke Smith 2020-06-09 14:52:36 -04:00
parent dfb28af5e7
commit 037439d367
No known key found for this signature in database
GPG Key ID: 4C50B54A911F6252
2 changed files with 3 additions and 8 deletions

View File

@ -30,9 +30,9 @@ Expect it to fail and you have to do bug testing and you will be very happy when
## Requirements
- `apt purge` all your previous (failed) attempts to install and configure a mailserver. Get rid of _all_ your system settings for Postfix, Dovecot, OpenDKIM and everything else. This script builds off of a fresh install.
- A **Debian server**. I suspect the script will run on Ubuntu as well prodided there aren't huge differences in the default setup. I've tested this on a [Vultr](https://www.vultr.com/?ref=7914655-4F) Debian server and their setup works, but I suspect other VPS hosts will have similar/possibly identical default settings which will let you run this on them.
- A **Debian or Ubuntu server**. I've tested this on a [Vultr](https://www.vultr.com/?ref=7914655-4F) Debian server and their setup works, but I suspect other VPS hosts will have similar/possibly identical default settings which will let you run this on them.
- An **MX record** in your DNS settings that points to your own main domain/IP. Unless you have your own DNS server, you'll put this setting on your domain registrar's site. Look up their documentation on how to do this, but it's usually really easy.
- **SSL for your site's mail subdomain**, specifically for mail.yourdomain.tld with Let's Encrypt. The script will look to Let's Encrypt's generated configs. If you have some other SSL system, you can manually change the SSL locations in the script before running it and it should be fine.
- **SSL for your site's mail subdomain**, specifically for mail.yourdomain.tld with Let's Encrypt. The script will look to Let's Encrypt's generated configs. If you have some other SSL system, you can manually change the SSL locations in the script before running it and it should be fine. You might want to create a dummy Apache/nginx record for your mail domain as this makes running Let's Encrypt's Certbot easier.
- After the script runs, you'll have to add an *additional DNS TXT record* which involves the OpenDKIM key that it generates during the script.
## Caveats

View File

@ -125,7 +125,7 @@ ssl = required
ssl_cert = <$certdir/fullchain.pem
ssl_key = <$certdir/privkey.pem
# Plaintext login. This is safe and easy thanks to SSL.
auth_mechanisms = plain login cram-md5
auth_mechanisms = plain login
protocols = \$protocols imap
@ -133,11 +133,6 @@ protocols = \$protocols imap
userdb {
driver = passwd
}
# Use file with cram-md5 hashed passwords to find user passwords
passdb {
driver = passwd-file
args = scheme=cram-md5 /etc/cram-md5.pwd
}
#Fallback: Use plain old PAM to find user passwords
passdb {
driver = pam