I'm setting up a server and trying to make it *very* secure. Before I configured my web stack, I was about to install some security packages, Tiger and Samhain, but these packages wanted to install sendmail so that they can send outgoing notifications. From the reading I've been doing, I believe I want postfix instead of sendmail. It is my (perhaps mistaken) belief that installing postfix first will prevent them from installing this sendmail I do not want.
I want to install postfix with the following goals in mind:
* let PHP scripts send mail using the mail
* various system notification functions (cron, etc.) will be able to send their emails
* emails destined for root@localhost will be redirected to firstname.lastname@example.org
* let tiger and/or samhain send their notification emails
* NO INCOMING OR LOCAL MAIL IS PERMITTED. Because mail for my domain is handled by google apps, nobody will be checking mail on this server. Also, this server has very limited disk space. It is therefore very important that we don't have mail accumulating in boxes that will never be checked.
* no unnecessary ports, services, or cron jobs are running.
I've been reading a variety of pages
that describe postfix setup on Ubuntu but these articles are imprecise, incomplete, and describe installation of things I don't want like POP/IMAP/etc.
There's also one final wrinkle. I will be setting up postfix to send via Amazon SES
If anyone can help me sort this, I'd very much like any tips or suggestions you may have.