Transport security with Postfix

I had a “Face: Meet Palm” moment today, and as usual when that happens, I learned something new:

What happened was that I noticed that mail from a Postfix server I use for sending mail from a couple of domains was marked with the red “no encryption” label rather than the expected grey “standard encryption” icon when I looked at the message details in Gmail. I was sure that I had set the server to use what they call “opportunistic TLS”; that is: Attempt to use TLS but fall back to no encryption if that’s unavailable.

Reading the Postfix documentation, however, I saw the problem: there are two sets of TLS rules in the main.cf configuration file: those starting with “smtpd_“, which deal with how the server responds to its clients, and those who start with “smtp_“, which deal with how Postfix acts when working in client mode towards other servers.

So now I have the following two lines in my /etc/postfix/main.cf:

Resizing the system volume on a Linux VM

Background

With LVM, the preferred way of adding storage space to a computer running a Linux-based operating system seems to be to add disks, judging by my search results. Naturally, this is a great way of minimizing disruption in a physical machine, but what if you’re running your machines virtually? Adding virtual disks tends to get messy after a while, and hypervisors allow you to simply grow the vdisk, so why not do that?

Problem is, the old way I used to do it (using partprobe after growing the partition) required a system reboot to see the entire available new space if I attempted it on the system volume. Documented below is a better way.

The process

Start by confirming the current disk size so we know our baseline.

OK, so we have slightly less than 27 GB of disk space. Let’s grow the disk image in the hypervisor, and then re-scan the device.

Now we have the disk space available, let’s perform the steps to grow our file system.

The above statement is followed by what used to be a problem:

Partprobe won’t help us here, and kpartx for some reason doesn’t consistently catch the entire new disk size. The correct way, then, is the following:

The result?

Now let’s finish extending everything up to the actual file system:

And finally let’s check that everything worked out as we expected:

Conclusion

The Windows family of operating systems has had the ability to grow any volume on the fly since Server 2008. I couldn’t imagine that Linux would lack this ability, but I didn’t know how to do it the right way. Now I do.