From owner-freebsd-questions@FreeBSD.ORG Fri Sep 19 14:12:42 2014 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E9564522; Fri, 19 Sep 2014 14:12:41 +0000 (UTC) Received: from idcmail-mo1so.shaw.ca (idcmail-mo1so.shaw.ca [24.71.223.10]) by mx1.freebsd.org (Postfix) with ESMTP id ABFC399C; Fri, 19 Sep 2014 14:12:41 +0000 (UTC) Received: from pd3mr1so-ssvc.prod.shaw.ca ([10.0.141.177]) by pd3mo1so-svcs.prod.shaw.ca with ESMTP; 19 Sep 2014 08:12:34 -0600 X-Cloudmark-SP-Filtered: true X-Cloudmark-SP-Result: v=1.1 cv=f4k+QOQAUVVyUsimtis07Gw713bD4Z1Za/89m//jKIc= c=1 sm=1 a=FKkrIqjQGGEA:10 a=EZcv4ilsBBkA:10 a=vyJAdnRk0OcA:10 a=BLceEmwcHowA:10 a=kj9zAlcOel0A:10 a=hh-AbDVbAAAA:8 a=6Rl5958_U6lf-uVtYqsA:9 a=CjuIK1q_8ugA:10 a=rtZ51jQm6NYA:10 a=9_rMVyaSODHYqI1_:21 a=WIgJ3FVlqr1jMr39:21 a=HpAAvcLHHh0Zw7uRqdWCyQ==:117 Received: from unknown (HELO cds005.dcs.int.inet) ([10.0.141.22]) by pd3mr1so-svcs.prod.shaw.ca with ESMTP; 19 Sep 2014 08:12:33 -0600 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable Subject: Re: is pkg saying courier and postfix are incompatible? References: <005201cfd2bd$d8ac34d0$8a049e70$@shaw.ca> <9745AE56F096E150A334CBD1@[192.168.1.50]> <541A7518.7030603@FreeBSD.org> <009601cfd398$51ca0ec0$f55e2c40$@shaw.ca> <541BD0C1.6080509@FreeBSD.org> <541BDA6D.3060702@qeng-ho.org> From: Dale Scott MIME-Version: 1.0 In-Reply-To: <541BDA6D.3060702@qeng-ho.org> Message-Id: Date: Fri, 19 Sep 2014 08:12:33 -0600 (MDT) To: Arthur Chance X-Mailer: Zimbra 7.1.4_GA_2567 (MobileSync - Apple-iPad2C5/1104.257) Cc: Matthew Seaman , "freebsd-questions@freebsd.org" X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 19 Sep 2014 14:12:42 -0000 > On Sep 19, 2014, at 1:25 AM, Arthur Chance wrote: >=20 >> On 19/09/2014 07:44, Matthew Seaman wrote: >>> On 19/09/2014 00:28, Dale Scott wrote: >>> I installed postfix-2.11.1_4,1 as a pkg and just noticed "pkg info >>> postfix" reports DOVECOT and OPENLDAP options are off. Do I need >>> these in my scenarios? I didn't put a ports tree on this system to >>> see if it was possible to build a system from packages only, but am >>> also not averse to recognizing it was pipe dream (and remember how to >>> use portmaster again). >>=20 >> You can use postfix with dovecot without having to enable the DOVECOT >> option -- as I recall, that's something to do with postfix using the >> dovecot authentication mechanisms. >=20 > That's correct, it's to enable postfix to use dovecot's SASL interface to= authorise users when postfix requires authorisation for mail submission. M= uch nicer to have one mechanism rather than two that might get out of sync.= However, if authorisation is enforced via /etc/passwd or LDAP, you've alre= ady got your mechanism so don't need dovecot's. >=20 >> You only need OPENLDAP turned on for postfix if you want to use ldap >> lookups. (Well Duh!) For a stand-alone system without many users, ldap >> is overkill, and you would generally be better off using lmdb or bdb >> files instead (I prefer lmdb -- seems simpler and to have fewer overhead= s). >=20 > And it's fast, if you have a lot of mail to process. >=20 >>> Is there anything special needed in Dovecot? >>=20 >> No. Either you configure postfix to use dovecot's delivery agent, or >> you make postfix speak LMTP to dovecot: from dovecot's perspective it >> doesn't need to know anything about or do anything differently depending >> on what MTA you're using. >=20 > LMTP has the advantage that postfix and dovecot can be in separate jails = for extra security. Thanks for all the help. I'm building a fully *self-contained* proof-of-con= cept business system with MantisBT as an ISO9000 issue tracker, Tryton for = managing equipment and material loaned to client jobs and returned, OpenLDA= P for single point of authentication (enterprise is MS AD), and mail workin= g between users, Mantis and Tryton. I'll use Mutt in the first round of dem= os, but will provide RoundCube for demo users to access mail themselves (on= ce virtual mail users are working). I'm ignoring security for now, too much= to learn, create keys and configure, and the IT group will have their own = ideas anyway if the POC proceeds to production. Hopefully it won't look too= disjointed, the alternative is maybe funding in 2016 for the IT team to bu= ild the same thing but with better icons (and by clicking through MS wizard= s ;-)) It could be a nice bonus if I could use my desktop Outlook client to retrie= ve all the mail from Dovecot via pop3 and forward it into the enterprise sy= stem so demo users could really experience the POC, but the POC can't conne= ct directly to any enterprise services (e.g mail) for now. Any comments on = this approach? Dale