Build Your Own Mail Server – Pt I

There’s no doubt about it, setting up a mail server can be a daunting task. Luckily, there are plenty of options available these days that negate the need for setting up your own server, but if you want total control of your mail platform then the only way to get that control is to do it yourself.

Arguably, the easiest way to bring up your own server is to use hMailServer on a windows platform, but I’m not a Windows fan. On Linux, the easiest option is probably Zimbra, but Zimbra is a complete groupware system that has way more overhead than most folks need for a simple SOHO mail server. Zimbra also hides a lot of the mail system, which makes it hard to learn how all of the parts work together to make a whole.

In this series of posts, we’ll build a complete mail server based on Postfix as the primary MTA. We’ll start with setting up postfix as a simple sendmail replacement for use on a local server, then we’ll add SMTP Authorization to allow its use from the “outside”, support for multiple domain and user aliases, IMAP support, and finally antivirus and spam protection.

The Scenario

There are a lot of reasons one could want a mail server, but let’s start with a simple need and build on it over the next few posts. For starters, let’s assume you have a family www server powered by a CMS (e.g. WordPress, Drupal, etc) and you want to handle your own mail rather than use gmail or a service provider’s SMTP server.

Let’s use an AWS UBUNTU 12.04 LTS EC2 instance as a test server. We’ll assume that our mail server and our www server are on the same “box”.

Once we have our server up and running, let’s make sure it’s up-to-date:

sudo su
apt-get update
apt-get upgrade
Set Timezone

Now we need to ensure that our timezone is correct, otherwise all of our mail will be set to UTC time rather than our local timezone.

dpkg-reconfigure tzdata

Just choose your location from the menu. Run the date command to make sure the time matches your local time.

Install NTP Server

Next we need to make sure that the time on our server is accurate and stays accurate. To do this, we need to install NTP.

apt-get install ntp

The default settings are fine, so no configuration is necessary.

Install Postfix

The most important part of a mail server setup, is the MTA itself. In this case, we’re going to use Postfix, but another viable alternative for the Linux platform is Exim.

apt-get install postfix
Configure Postfix

To configure Postfix, we need to edit its main configuration file:

vim /etc/postfix/main.cf

Following is the default Postfix configuration file:

# See /usr/share/postfix/main.cf.dist for a commented, more complete version

# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

readme_directory = no

# TLS parameters
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

myhostname = ip-xx-xxx-xxx-xx.us-west-2.compute.internal
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = ip-xx-xxx-xxx-xx.us-west-2.compute.internal, localhost.us-west-2.compute.internal, , localhost
relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all

Since our scenario is only concerned with outgoing mail, we only need to change two parameters:

myhostname = mailserver.familysite.com
myorigin = $mydomain
Set Up DNS

In order to have a fully functional mail system, it’s imperative that you properly configure DNS. Most modern mail systems will check your MTAs HELO banner and the domain associated with the sender’s email address to ensure that they match the IP address set up in reverse DNS.

If you are using an EC2 instance, just use the name Amazon assigns to your instance such as ec2-xx-xxx-xx-xxx.us-west-2.compute.amazonaws.com for your MX record. This way you don’t have to jump through any hoops to have a custom PTR record set up.

While not an absolute must, it’s wise to also set up an SPF record. If you’re not familiar with it, SPF is an email validation system designed to prevent email spam by detecting email spoofing by verifying sender IP addresses.

Install Mutt

Last but not least, we need a mail client. We could use mail but Ubuntu Server 12.04 LTS doesn’t install it by default. I prefer Mutt, so that’s what we’ll install.

apt-get install mutt

Now we can send a test message from our server to an external mail server. If all goes well your message should send without issue.

Conclusion

That was simple, wasn’t it! Now you have your own mail server that you can use to send mail anywhere on the internet. With Postfix’s focus on security, the mail server is pre-configured to not be an open relay so you don’t have to worry about spammers using your server to send email.

Until next time – GEEK OUT!

~GT~

Leave a Comment

Your email address will not be published. Required fields are marked *