I've inherited 3 legacy shared servers all running CentOS. We no longer offer any email subscriptions from our servers and have migrated everyone to cloud services. These servers host about 60 WordPress sites each.
Across the 3 servers I have the following services still running;
- Postfix (SMTP)
- Courier (POP3 & IMAP)
- Dovecot (POP3 & IMAP)
- SpamAssassin
- Plesk Milter
These are all production servers.
Can I safely remove these services permanently now? Are there any other considerations?
It's quite likely you will need some kind of MTA, as many packages depend on the presence of the "MTA" virtual package/capability, but that can often be replaced e.g. with
ssmtp
or similar minimal servers and you don't need fullpostfix
for this.The rest can be safely uninstalled if you don't need it.
I'd advise turning them down, one at a time. Just stop one service. Then watch your logs for an hour, and test the other services. If you start seeing errors, you know something is configured to use the mail service you turned down. Check logs frequently for a day or a week. If none of your services complains, you can disable the service. When you're ready to uninstall, be sure to capture the configurations for the service, in case you need to restore it.
Repeat the full cycle for each mail service. It is important to only stop one at a time. Also, keep in mind that any problem that shows is most likely caused by the latest one you stopped, but it's possible that it was caused by an earlier service shutdown.
Also, before you start turning down services, grep through the config files for all services and cron jobs, core OS and non-core, looking for the mail services by hostname and IP address. (Actually, this may not be productive. Since you are not talking about a dedicated mail server, the server names will be there for other services.) Read through the installation and configuration instructions for the non-core services you're running, with an eye toward the configuration steps that deal with MTAs.
The only consideration is whether you are using these services or not on your servers. It is even considered a better security practice to remove or disable unused services.
Doing so will also reduce resources usage to be used for some other service.