August 2009


Short notice

I know a lot of you are awaiting news on Snow Leopard! The early release has put me into a tight spot as I’m on holiday now (I’m typing this in an internet cafe paying a ridiculus rate per hour). Snow Leopard is lying in my mailbox at home and I didn’t bring any Mac with me. So bear with me untill the next weekend when I’ll be back home and will post updates.

Postfix has released a new version 2.6.5 as well. Usually they are installable without problems so feel free to update and I will test is soon!

Sorry about this!

Compiling 64 bits on a PowerPC on Leopard

Recently I got some remarks from a user who asked why he was not able to compile 64 bits on the PowerPC platform. My notes and instructions did not mention this and I must confess that I had forgotten this as I could not see a PowerMac or iMac G5 as your basic mailserver.

But I’m wrong, as my basic goal was to provide you with a complete mailserver solution, I have to acknowledge that the most polular pages are on installing Apache, PHP and third MySQL. The popularity of the mailserver instructions comes way lower then these three subjects.

So therefore I’ve updated all the 64 bit instructions with how to compile on a 64 bit PowerPC platform. You have to forgive me for not being able to test this (no G5 at my place!) I’m using the input of someone else who told me this. It was a very simple change as you only need to change the ‘x86_64‘ bit into ‘ppc64‘ and that’s it.

If someone else could verify that this works it would be grand!

Dovecot updated to 1.2.4

There is already a new version of the Dovecot IMAP and POP3 server released. It’s a bug fix release that where discoverd since the last release a short time ago. I’ve updated all my test servers without any issue. Here is a list of issues fixed:

  • acl: When looking up ACL defaults, use global/local default files if they exist. So it’s now possible to set default ACLs by creating dovecot-acl file to the mail root directory.
  • imap/pop3 proxy: If proxy destination is known to be down, fail connections to it immediately.
  • imap/pop3 proxy: Added proxy_timeout passdb extra field to specify proxy’s connect timeout.
  • Fixed a crash in index file handling.
  • Fixed a crash in saving messages where message contained a CR character that wasn’t followed by LF (and the CR happened to be the last character in an internal buffer).
  • v1.2.3 crashed when listing shared namespace prefix.
  • listescape plugin: Several fixes.
  • autocreate plugin: Fixed autosubscribing to mailboxes in subscriptions=no namespaces.

Opening up a second port for SMTP

Sometimes it’s difficult to send email as some providers block port 25. They will force you to use their mailserver for outgoing mail. I recently encountered this phenomenon when I spend some time in a hotel for work. Their setup blocked port 25 and there was no way around it sending email directly. I was forced to use my webmail solution (Roundcube) for sending mail. Which is a bit awkward as I was able to read and receive mail using Mail.app.

I started digging around for a solution that might work and I found the most simple and elegant solution that was already available in Postfix. It was called submission (port 587) which only allowes access by authenticated users.

To enable this ready made configuration in Postfix you will need to edit the ‘master.cf‘ file in ‘/etc/postfix/‘. You need to uncomment the following lines and save the changes.

submission inet n – n – – smtpd
  -o smtpd_enforce_tls=yes
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_client_restrictions=permit_sasl_authenticated,reject

Then reload the changed configuration files into postfix with the command:

sudo postfix reload

Most mail clients like Mail.app and Thunderbird are able to use this port without any extra configuration. The only thing you will notice that you are able to send email which would otherwise be blocked.

Hope this will work as well for you as it did for me. I’ve also updated the regular documentation set to include this setting. Also don’t forget to open up this port in your firewall/router configuration.

Mac OS X Security Update 2009-004

I’ve just finished updating all my servers with Security update 2009-004. Experience from the last updates made me check the postfix config for changes and no it looks like they are leaving the postfix configuration alone. Maybe because this update patches a single vulnerability affecting the BIND DNS server only.

If you want to read more on what is affected in the updates I would suggest reading the Apple support site for the 2009-004 security update.

In case of doubt, please make a full bootable disk image backup with Cabon Copy Cloner before you start.

Next Page »