>  fo
>  r me, the thing has to be easy to set up and maintain, rather than worry
> too much about eavesdropping/MITM. Thanks for any advice. Manish Jain

	I found it simplest to set up two MTAs (in jails) one for outgoing
mail (allows relay from inside the LAN only, uses my ISPs SMTP server as a
smarthost) running exim (I found it easy to configure) and one for incoming
mail (sendmail delivering via procmail and spamassassin to dovecot for

	Separating the two directions made it very easy to think about the
security of the configuration.

	For DNS there are many alternatives,  but for simplicity there's
little to beat dnsmasq (perhaps not the most performant but good enough
for a smallish network). I had unbound and nsd running for my DNS for a
while, it was a *nightmare* that I never got working smoothly.

