My VPS is running Ubuntu, and I'd like to be able to receive email to my domain.
How do I easily set up a mail server to do this?
This is how I've setup mail on our production machines. These are the criteria that we needed:
First, I want to address what would appear to be the easiest solution.
sudo tasksel install mail-server
Several issues with this occurred when we tried this: First it installs Dovecot, which is fine for most, but we've deemed Courier to be the better of the two for our needs. Second, it utilizes Postfix which is great but we also need Exim as it's a more powerful MTA/SMTP server. Third, it installs MySQL - in the configuration I utilize we prefer flat files for configuration as it's one less breaking point. Think what would happen if MySQL crashed for some unknown reason. Otherwise the rest of the packages is pretty straight forward and easy to maintain for a small mail service (think 1-2 email domains total).
We stray slightly outside the path of normal configurations but it makes for easier management.
All of our mail is stored in /var/mail/virtual/<domain>/<user>/mail So for future examples I'll be using [email protected], [email protected], [email protected] to represent an email address, a forwarder to go to [email protected], and a bad address respectively. In the above example it would be /var/mail/virtual/example.com/email/mail.
I also maintain a list of all the domains on the server in /etc/valiases but more about that later.
This is more or less the easy part of the setup. Just install the postfix package.
Install Exim with apt-get install exim4 exim4-base exim4-config exim4-daemon-heavy Once installed you'll need to edit the exim default configuration to replace or add the following values:
domainlist local_domains = @:localhost:dsearch;/etc/valiases:dsearch;/var/mail/virtual
daemon_smtp_ports = smtp : 587 : 465
MAIN_TLS_ENABLE = yes
(These lines will appear in different parts of the file, replace each accordingly)
Once that's complete rebuild the exim configuration with update-exim4.conf This concludes the changes required for Exim
Install Courier with courier-base this should install courier-authdaemon, courier-authlib*, courier-imap*, courier-pop*, courieruserinfo, courier-ssl
There honestly isn't much configuration outside the standard. You'll just need to create a user database.
Exim and Courier check a few places to see if a login or an incoming email are valid. Exim checks if the domain is listed as a local hostname, or if the domain is in /var/mail/virtual or if the domain is in /etc/valiases.
I eventually created several tools to streamline this process - but adding a new user goes to the tune of:
mkdir -p /var/mail/virtual/example.com/email
chown -R mail.mail /var/mail/virtual/example.com/
maildirmake /var/mail/virtual/example.com/email/mail
chown -R mail.mail /var/mail/virtual/example.com/
Then add the address to courier userdb - so they can log in
userdb [email protected] set uid=8 gid=8 home=/var/mail/virtual/example.com/email mail=/var/mail/virtual/example.com/email/mail
Make sure to replace the values where appropriate. Also - uid and gid need to be the numerical user/group ids for the mail user.
userdbpw -md5 | userdb [email protected] set systempw
This will prompt you for a password, enter the one you wish to use for the account.
makeuserdb
Finally, generate the userdb hash/shadow files. Restart Courier and test if your changes work:
authtest [email protected]
Should produce something similar to
Authentication succeeded.
Authenticated: [email protected] (uid 8, gid 8)
Home Directory: /var/mail/virtual/example.com/email
Maildir: /var/mail/virtual/example.com/email/mail
Quota: (none)
Encrypted Password: $1$LOLCATS$THISWILLBEAHASH.
Cleartext Password: (none)
Options: (none)
If you see "Authentication FAILED: Operation not permitted" instead edit /etc/courier/authdaemonrc and add authuserdb to the authmodulelist line.
After all tests have been confirmed, restart the various services involved (courier-authdaemon, exim4), open the ports 143, 25, 586, 495, 110 and setup the accounts in your favorite mail client.
For each domain you should create a file in /etc/valiases (create if it doesn't exist) with at least the following line:
*: :fail: No user at this address.
What this says: If the incoming mail doesn't match any email account I have on file - then the mail should be failed and bounced with a message: "No user at this address". So all mail sent to say: [email protected] would be bounced as a failure.
However, we have a few email address we wish to maintain elsewhere - say [email protected] - in order to do so we need to create /etc/valiases/example.com and the contents of the file should be as follows:
fwd: [email protected]
*: :fail: No user at this address.
That way, even though [email protected] doesn't match any email accounts on the server, it matches in the /etc/valiases file and the mail will be forwarded to [email protected] - However, [email protected] will still fail with a "No user at this address" message.
