Difference between revisions of "Debian Wheezy"

Can make it look more professional later.

Hardware

Linux Core

Some of the stuff here could be categorized under security, but the Core stuff here does not depend on getting anything else set up yet.

1. Sysctl.conf (Wheezy)
2. Iptables (1.4)

Software Stack

1. Unbound (1.4) - While I use a DNS service for my authoritative DNS servers, having a local DNS server is extremely handy. Can speed up some website functions immensely.
2. MySQL (5.5) - Getting the database going early is often a priority.
3. Nginx (1.4) - Webserver of champions. I do have some older documentation for Apache, but at this point I cannot afford to consider switching back.
4. PHP (5.4) - FPM and the ancient fastcgi method are covered.

Mail Setup and Stack

1. MySQL must be setup first for the following configuration, and a working DNS resolver such as Unbound is highly recommended.
2. Packages used: opendkim opendkim-tools spamc libmail-dkim-perl libmail-spf-perl libio-socket-inet6-perl clamav-docs clamav-freshclam clamav-daemon clamav-milter clamav dovecot-imapd dovecot-mysql postfix postfix-mysql postfix-pcre
   1. We're setting up Postfix as a site.
3. Mail Setup (Wheezy)
4. Mail Tables (MySQL)
5. OpenDKIM (2.6)
6. Mail and DNS - Once we know what our domains are and have our DKIM key (from OpenDKIM), we can configure our DNS properly.
7. Spamassassin (3.3) - I've tried others, supposedly for the performance benefits, but honestly, with a handful of custom rules, and a solid postfix configuration, very little spam makes it through.
8. ClamAV (0.98) - Antivirus IMO should be approached from the viewpoint that it gives a chance for you to avoid the repercussions of your mistakes. Often a small one, but if not intrusive, still better than zero.
9. Postfix (2.9) - My preferred MTA of choice.
10. Dovecot (2.1)
11. Mail Reputation Management

Security