Haack's Wiki

User Tools

Site Tools

Trace: nanolove
computing:mailserver-trixie

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
computing:mailserver-trixie [2025/05/31 18:39] oemb1905computing:mailserver-trixie [2025/10/25 19:13] (current) oemb1905
Line 28: Line 28:
   sudo nano /etc/dovecot/conf.d/10-ssl.conf   sudo nano /etc/dovecot/conf.d/10-ssl.conf
   #new format for cert and key, longer name, removes the classic “<” character   #new format for cert and key, longer name, removes the classic “<” character
-  ssl_server_cert_file = /etc/letsencrypt/live/mail.outsidebox.club/fullchain.pem +  ssl_server_cert_file = /etc/letsencrypt/live/mail.domain.com/fullchain.pem 
-  ssl_server_key_file = /etc/letsencrypt/live/mail.outsidebox.club/privkey.pem+  ssl_server_key_file = /etc/letsencrypt/live/mail.domain.com/privkey.pem 
 +  #ssl_prefer_server_ciphers = yes
   #comment out diffy helman, now deprecated   #comment out diffy helman, now deprecated
   #ssl_server_dh_file = /etc/dovecot/dh.pem   #ssl_server_dh_file = /etc/dovecot/dh.pem
Line 53: Line 54:
   #  quota = file:/var/lib/dovecot/quota   #  quota = file:/var/lib/dovecot/quota
   #}   #}
 +
 +In May 2025, the Validity RBL switched to a locked model, so you need to disable queries to it in spamassassin by editing ''sudo nano /etc/spamassassin/local.cf'' and putting the following restrictions underneath ''dns_server 127.0.0.1'' and then comment out the VALIDITY scoring rule.
 +
 +  dns_query_restriction deny bl.score.senderscore.com
 +  dns_query_restriction deny sa-accredit.habeas.com
 +  dns_query_restriction deny sa-trusted.bondedsender.org
 +  #score RCVD_IN_VALIDITY_RPBL             5.0
  
 Over the weeks and months ahead, I will merge the changes documented above into the body of the tutorial below. It will be some months before I merge, however, since Trixie is not yet stable and there will likely be more changes on the server I am testing in production. Below, please find the Bookworm tutorial:  Over the weeks and months ahead, I will merge the changes documented above into the body of the tutorial below. It will be some months before I merge, however, since Trixie is not yet stable and there will likely be more changes on the server I am testing in production. Below, please find the Bookworm tutorial: 
 +
 +-- -- Original -- --
  
 This tutorial assumes you know how to set up A, AAAA, SPF, DKIM, DMARC, MX, and PTR records. Set an A record for example.org and mail.example.org and make sure you or your ISP has set a PTR record to mail.example.org for the IPv4 and IPv6 addresses. If you don't know how, then learn up, and do not proceed. //Thanks to LinuxBabe for a great jumping off point//. Let's begin by editing our hosts file ''sudo nano /etc/hosts'' as follows: This tutorial assumes you know how to set up A, AAAA, SPF, DKIM, DMARC, MX, and PTR records. Set an A record for example.org and mail.example.org and make sure you or your ISP has set a PTR record to mail.example.org for the IPv4 and IPv6 addresses. If you don't know how, then learn up, and do not proceed. //Thanks to LinuxBabe for a great jumping off point//. Let's begin by editing our hosts file ''sudo nano /etc/hosts'' as follows:
Line 618: Line 628:
 These tools prove helpful if/when emails get stuck, etc. These tools prove helpful if/when emails get stuck, etc.
  
- --- //[[alerts@haacksnetworking.org|oemb1905]] 2025/05/31 18:33//+ --- //[[alerts@haacksnetworking.org|oemb1905]] 2025/06/05 19:02//
computing/mailserver-trixie.1748716792.txt.gz · Last modified: by oemb1905

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: GNU Free Documentation License 1.3
GNU Free Documentation License 1.3 Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki