Whilst upgrading my production server, the one you’re getting these pages served by, to Lion and reinstalling all the programs on it I’ve also found time to write everything down for you to use when you upgrade to Lion. We already had the MAMP stuff teated and documented but now all the mail server components have been tested and written.

http://diymacserver.com/mail/lion/

So enjoy your new installation of Lion with these instructions.

In the coming week I will move all my stuff to the new Mini, hopefully without too much interruptions in our service.

Here is a new version of Postfix, just released and I’ve got it tested on Snow Leopard and Leopard on my test machines. It solves some small bugs as listed below:

• Performance: a high load of DSN success notification requests could slow down the queue manager. Solution: make the trace client asynchronous, just like the bounce and defer clients.
• The local(8) delivery agent ignored table lookup errors in mailbox_command_maps, mailbox_transport_maps, fallback_transport_maps and (while bouncing mail to alias) alias owner lookup.
• Workaround: dbl.spamhaus.org rejects lookups with “No IP queries” even if the name has an alphanumerical prefix. We play safe, and skip both RHSBL and RHSWL queries for names ending in a numerical suffix.
• The “sendmail -t” command reported “protocol error” instead of “file too large”, “no space left on device” etc.
• The Postfix Milter client reported a temporary error instead of “file too large” in three cases.
• Linux kernel version 3 support. Linus Torvalds has reset the counters for reasons not related to changes in code.

Howto upgrade postfix.

I’ve just installed the updates on all my test machines running Snow Leopard 10.6.7 and Leopard 10.5.8 before running it on my production server. I did a couple of tests on the machines and could not see an immediate problem on Snow Leopard. Therefore I’m happy to inform you that the Mac OS X 10.6.8 update does not introduce any problem for our setup.

The Security Update 2011-004 however does change Leopard. I’ve noticed that it replace the postfix binaries and adds Apple’s idea of a security feature to the configuration file. To correct the binaries, go to your latest postfix source directory from which you installed it last and run

sudo make install

For the changed configuration please comment out or delete the following line from ‘/etc/postfix/main.cf‘:

inet_interfaces = localhost

Restart postfix (reloading config does not work) with:

sudo postfix stop

Postfix should restart automatically (if not run “sudo postfix start”).

This is expected to be the last update before Lion and I’ve got everything lined up to test the upgrade to Lion and a new install on that same platform. I hope to be able to tell you what the results will be as soon as possible.

I’ve just installed the updates on all my test and production machines running Snow Leopard and Leopard. I did a couple of tests on the machines and could not see an immediate problem. The Security Update 2011-002 does an uncomfortable change on Leopard. I’ve noticed that it adds Apple’s idea of a security feature to the Postfix configuration file. To correct it please comment out or delete the following line from ‘/etc/postfix/main.cf‘:

inet_interfaces = localhost

Restart postfix (reloading config does not work) with:

sudo postfix stop

Postfix should restart automatically (if not run “sudo postfix start”).

By the way the postfix binary could also have been updated on Leopard, you can check that by running:

sudo postconf -m

If it has been updated you won’t see MySQL being named in the list. Re-install postfix by going into your latest source directory you’ve used the last time and run

sudo make install
sudo postfix stop

Here is a new version of Postfix, just released and I’ve got it tested on Snow Leopard and Leopard on my test machines. It solves some small bugs as listed below:

• Bugfix: postscreen DNSBL scoring error. When a client disconnected and then reconnected before all DNSBL results for the earlier session arrived, DNSBL results for the earlier session would be added to the score for the later session. This is very unlikely to have affected any legitimate mail.
• Workaround: the SMTP client did not support mail to [ipv6:ipv6addr].
• Portability: FreeBSD closefrom() was back-ported to FreeBSD 7, breaking FreeBSD 7.x support retroactively.
• Portability: the SUN compiler had trouble with a pointer expression of the form “(“text1″ “text2″) + constant” so we don’t try to be so clever.

Note:
Some people have reported problems with updating from an older version (before 2.8.x) that the TLS is no longer working. If you upgrade please add this line to your main.cf configuration file:

smtpd_tls_exclude_ciphers = SSLv2, aNULL, ADH, eNULL

and restart postfix. Everything should work as expected.

As usual you can read the instructions on how to upgrade Postfix at Upgrading Postfix.