Postfix, DNS and general Linux system administration and consulting

Email is complex. Getting it right can be very difficult. I can help you with the mail-specific expertise in setting up a general purpose or specialized mail server, including all the peripheral software it requires.

I have almost 20 years of experience in the modern, full-featured, and actively maintained Postfix MTA, as of mid-2019. I am also experienced in qmail; I have migrated former qmail systems to Postfix.

Filtering of inbound spam has been a major focus for me. I am known in some anti-spam circles, and I am a founder and listmod at the SDLU (spammers.dontlike.us) anti-spam mailing list. In June 2011, I gave a presentation on stopping spam in Postfix at the third annual Southeast LinuxFest in Spartanburg, South Carolina.

I was also at SELF 2012 through 2017 in Charlotte, North Carolina. Too busy, I missed 2018 and 2019.

In addition to Postfix, I am proficient in ISC BIND named, OpenVPN, Linux Netfilter (iptables) firewalling, and most general networking issues. I use Slackware Linux for my own systems, but I can work with your choice of Linux distribution or Unix operating system. I have hands-on experience with Debian, Ubuntu, and RedHat/CentOS Linux distributions, as well as FreeBSD, NetBSD and Solaris, and general familiarity with others.

My rates can vary per project, so it's impossible to quote a price here. But there is never a charge for an initial inquiry, so don't hesitate to contact me. I’m USA-based (but I can SSH anywhere) and available for engagements of varying length. Retainer arrangements can be made whereby I'll be your organization's email support and postmaster on an ongoing basis.

References and resumé are available upon request. I have provided help and assistance for many years on the postfix-users mailing list, so self references are available at this search link. If you want to do your own searches, I have posted on mailing lists and Usenet newsgroups under the address "rob0@gmx.co.uk" for many years. But please use rob0-jobs@nodns4.us for inquiries. No address munging here; I’m not afraid of spammers!

Stuff of Interest

(Interesting to me, anyway.)

My personal postscreen spam control settings can be found here. I plan to maintain this document as an example of what can be done in the real world with postscreen and DNSBL/DNSWL scoring. From experience watching the postfix-users mailing list and my own httpd logs, I see that this is a very popular page, and it has formed the basis for spam control for many sites.

A Postfix + Dovecot + SQLite howto, with emphasis on the schema and the reasoning behind it. It's not a complete "follow this and become an Instant Gmail" tutorial, but it aims to be instructive in creative implementation of Postfix features. If you are, or want to be, a Postfix expert, I think you will find this howto interesting.

Update! The rewrite is complete! But it is still in text format only. HTML coming soon, I promise!

I found this old little document about Linux ipip tunnels (IPv4 encapsulated in IPv4, RFC 2003), sort of a virtually private virtual private network. But it's easy, and it can be useful to pass more than one IP address through a VPN, so I decided to post the link here.

This is also in text format only. I figure if you are interested in it, you probably don't care too much if it's not in clickable HTML. :)

New/old! So, here's a thing I wrote nearly 7 years ago as of June 2019, about DNS in OpenVPN using dnsmasq for authoritative DNS names. For some reason (forgot?) I never linked it here, but today I was looking for it, so I fixed that problem. :)

I wrote a simple OpenSSL certificate authority frontend called "PicKI". The purpose is for a private CA for OpenVPN.