After many years running sendmail (and spamassassin, and clamav) I had the "opportunity" to move to the more modern, more modular, and all around more better postfix platform. This is my story.

Phase 1 - finding the recipies

This went reasonably well. Google is your friend and mine, and googling around for ubuntu postfix clamav spam found a healthy set of pages to read and follow along. After not too much trial and a bit of error, I was on my way.

Phase 2 - false hope

You know it well. You've followed someone else's steps, you're pretty sure you've done it right (after all, you're not a newbie!) and then you flip the switches... and it seems to work!

Mail flows in. After some unexpected error logs, you find the permissions step you somehow skipped, and clamav starts getting into the mix. You're feeling good, feeling strong. Why did you put off going to postfix for so long?

Phase 3 - wait a second...

You probably know this feeling as well. Horrible sinking, sadness, anger, confusion. Why, oh why did I ever leave my old friend sendmail? She never hurt me like this postfix. We hates the postfix, It's false! It's Tricksy! My sendmail, my precious....

Ok, that may be overstating it just a wee bit. Suffice it to say, after the initial blush of success, I found a few missing bits. It turns out procmail processing for users really doesn't work well until you install procmail. Also, some additional troubling error messages lead to a few more user/group/permissions changes (all CLEARLY documented in that recipe I was, er, following.) Tighten some screws, nail up some boards, cross fingers, and the monkey throws the switch...

Phase 4 - go for the moon

And we're live. It's all good. Joy in the land. And yet, you can't help feeling you've forgotten something. Check all the dials and gauges... You're getting email from outside. Spam is being identified. Virus emails get picked off. You can send email out. You've got dovecot humming along, SSL works, you send email from all the internal clients, using all the supported methods. "It won't die. My God, Jim, I'm beginning to think I can cure a rainy day." And yet... there is that nagging feeling you've forgotten something.

Phase 5 - I can’t hold her; she’s breaking up!

Ah yes... I've forgotten to test sending email from outside... You know, out there. My clients are all configured to use SSL. This should be a breeze. Checking email via IMAP... check. Sending email vi SMTP... relaying DENYIED? Wha? Dig dig dig.... google google google. Oh, hey... did I ever do that saslauth step? Uh. Well. I meant to do it. Sigh. Back to the cookbooks, where indeed it seems I missed that step. After doing that, its all good.

Phase 6 - Bad Spamma Jamma

Cool, so its humming along. One of the reasons for moving to postfix, and to a modern disto, is/was to get a handle on the buckets of spam landing on my door every day... enabling the old stuff I used before (clamav+spamassassin) yielded the same results - lots of spam, neatly classified and tossed into a spam folder. Yeesh. A chance google popped up several pages on implementing SPF checking and this crazy thing called postgrey, for doing automatic grey listing. Wow did that look like the ticket. After running it for a day, I have to say it really does work.

Here we are then. A long, somewhat painful trip, but in the end not as bad as a dental implant. Those really hurt.