I guess that most people use amavisd-new together with spamassassin and for example ClamAV. Probably a few more use features like DKIM verification and signing with amavis. However, there are some features which aren’t found in the usual howtos. Here are some of them.
Continue reading Amavis’ cool featuresYear: 2021
systemd multi-instance Redis
Instead of working with one redis server instance I would like to use multiple instances of redis because that way I can limit memory and do additional tuning for the instances. systemd can help on this. I will create an instance for amavisd-new in this guide.
Continue reading systemd multi-instance RedisHow I configure my sites in NGINX
Tuning / Improving your security using external online tools would be another possible headline for this article. There are a few pages I regularly use to optimize my configuration. Here’s a small guide.
Continue reading How I configure my sites in NGINXSetting up amavisd-new and amavisd-milter
Amavis is not a new tool, in fact AMaViS started as a shell program back in 1997. Imagine, at that time I was 12 and kept annoying people on IRC. Anyway. In this article I’ll show you how to set it up, with a milter and policy banks. I also tell you about after- and before-queue filtering with Postfix and show you how to use both.
Continue reading Setting up amavisd-new and amavisd-milterAmavisd-new and DKIM
Currently I’m playing around with amavisd-new and amavis-milter. Trying to analyse a maybe-bug I temporarily disabled DKIM signing. Then I had the glory idea to send an E-Mail to the amavis maillinglist. It sort of caused some mail reporting storm back to me. In this article I’ll show you, how you can configure amavisd-new to do DKIM verification and DKIM signing. But first, here’s one of those reports:
Continue reading Amavisd-new and DKIMSetup MTA-STS and TLSRPT
What is MTA-STS (MTA Strict Transport Security) about?
MTA-STS basically enforces TLS for your mail communication, similar to HTTP Strict Transport Security (HSTS) for HTTP/HTTPS traffic. By telling the sender that TLS has to be used one can reduce / stop Man-in-the-Middle (MITM) attacks. A probably better explanation is found in the abstract of the RFC:
Continue reading Setup MTA-STS and TLSRPT