Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I recently moved off of Gmail and now run my own personal/family E-mail server, and I have to say so far it has been pretty pain free. I probably just haven't been doing it for long enough to run into trouble yet. Bog standard Debian install, Exim4 + dovecot + SpamAssassin. TLS, SPF, DKIM, and other acronyms all set up and working. The initial setup was a few days config file tweaking (why don't these things come working and secured out of the box?), but since then no issues--knock on wood. My only complaint is the spam filtering so far is not as good as Gmail's was, but I probably just need to better configure things. Bookmarking this guide for later!


Having run both Exim and Postfix, I would highly recommend you run Postfix, if not for the security for the configuration.

If you can't run Postfix, run Exim in a container.


Could you expand on this? What security vulnerabilities does Exim4 have that you'd avoid just by choosing Postfix as an alternative?


Postfix has a very clear separation of concerns and least privledge in the use of lots of helper daemons. Exim4 doesn't not have this architecture and is less secure because of it.

http://www.postfix.org/OVERVIEW.html




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: