F1Linux Mail Image Leasing:
The F1Linux containerized email solution has been extensively tested and improved over the last 5 years and now available to clients.
It routes mail for one or more domains with Anti-Spam (SPF), Anti-Spoofing (DKIM), TLS Transit Encryption & TLS Client authentication to access mail
As new versions of Postifx are released, containers will be rebuilt and tested with the newer version and released to the client ensuring they are using the latest, security patched versions in production. As data is disaggregated from the the docker image by mounting local iSCSI storage inside as a persistent Docker Volume, the data becomes immediately available in the new Postfix version of the container.
- Client Provides:
- iSCSI Storage to auto-mount into Docker container for data persistence
- (1) networked host to use run the container- F1Linux can
- Public IP for the container
- Keys/logins to their DNS, Docker host, storage & network devices
- DNS Access:
- New Installs: to be provided at least (2) days prior to allow for propagation of records
- Migrations: at least (30) days prior access to drop the TTLS down low to expire the DNS records before the flip
- F1Linux Provides: A correct, fully tested containerized mail server comprised of the following configuration
- Docker Config
- Docker Image: Alpine Linux
- Multi-Arch Build Options: amd64, arm32v5, arm32v6, arm32v7, arm64v8
- Current release versions of Postfix, Dovecot, OpenDKIM & dependent apps & libraries installed & configured
- compose.yml config to raise container from image tailored to local networking & storage
- NOTE: Configs are not immutable- they can be modified as required when container is in prod.
- TLS Server Config: Encrypt mail in transit between sending & receiving mail servers
- Let’s Encrypt Certs used; certs rewed every three months
- NOTE: Mail to domains routed by the mail server are delivered locally and never leaves host
- TLS Client Config:
- Access to mail store is via TLS Client Cert; much more secure than password access
- Let’s Encrypt discontinued TLS Client Certs, so these must now be purchased from a cert vendor
- DNS Records Creation/Modification: (1) or more mail domains
- MX (Mail Exchange) Records
- PTR (Reverse DNS) Records
- DKIM (Anti-Spoofing) Records
- SPF (Anti-Spam) Records
- IPv4/6 Networking: Host networking as well as dependent switches & routers
- Firewalling
- IPv4 DNAT’ing
- Routing
- Persistent Network Storage: Mail folders, TLS certs, backups & maillogs
- iSCSI LUN Creation & Config
- Auto-mounting config on Docker Host to use as a Docker Volume
- Optional Services:
- IMAP configuration with TLS cert auth
- Storage configuration
- New Server Hardware install, networking & config
- Data Migration
Case Study, Mail Services Migration: FROM hosted service TO in-house service
NOTE: Although the below was a non-containerized mailserver migration, it is evidence of deep & wide comptency implementing & migrating mailservers for a large global organization and supported by endorsements at the bottom of this page.
When one of the world’s largest AgriTech businesses Syngenta decided to migrate their Postfix infrastructure from a third-party hosted & managed solution back in-house, after a global search they choose F1Linux.com based on their extensive experience with Postfix dating back to 2002. Because their mail system is integrated into other IT gears, any disruption caused by the migration could result in £millions of pounds of losses. F1Linux.com delivered the project on time, within budget and even trained the client’s (10) staff in Pune India to operate their shiny new Postfix gears.
– Provided the Linux & Networking expertise to a large project this elite IT consultancy was operating for one of the world’s largest agricultural businesses.
– Migrated the Postfix services back INhouse to a loadbalanced configuration across (2) data centers in France. NAT’ing was breaking things, but as I’m a network engineer I liaised with the network team and agreed a solution.
– Provided Performance Oriented Training in both Linux Systems Administration and the application itself to staff in India to maintain & support the system.
The application was tightly integrated with all Client’s key business processes, including payments and ERM systems; there could be no downtime or failure. The £3 million liability cover they required reflected the risks related to the project.
A large performance bonus was awarded for delivery exceeding requirements
“I engaged Terrence [Houlahan] as the Linux Subject Matter Expert on a global client’s major email service insourcing programme, to deliver new platforms and train client teams. The programme was large and complex, with significant dependencies on new Linux services that Terrence was responsible for delivering. Success in the role not only hinged on excellent Linux skills but also cross-cultural competencies working as an embedded expert in a global team, training and helping them to adopt the new systems.
Terrence’s exceptional Linux knowledge and his ability to both anticipate requirements and react to scope changes was key to the successful delivery. His outstanding Linux experience was clearly demonstrated by both his hands-on delivery and technical training of a team who, for the most part, had no prior experience in Linux. Most importantly, Terrence’s technical capability combined with his friendly nature and ability to elicit cooperation across global teams resulted in outstanding reviews from the client’s senior managers.
Terrence was key to the success of the overall project: delivering new Linux services and enabling a client team with no Linux experience to become self-sufficient in administering a complex environment of new platforms in a very short timescale. Any future requirements requiring Linux Engineers, I’ll be calling Terrence, and I wholeheartedly recommend him.”
– Ian Kayne, Mason Advisory: Syngenta Project Lead, Mason Advisory (2018)
The ultimate endorsement of the work though was a large- and completely unsolicited– bonus payment for exceeding their delivery expectations and getting ALL positive reviews from the Client and their staff.