Today, when you can easily get any number of free mailboxes by simply registering an account on Yandex, Mail.Ru and the like, not too many users are worried about setting up a mail server.
However, there are times when it will be useful to know at least some aspects of this issue.
When it's needed
There are not so many situations when basic knowledge of setting up mail is needed by an ordinary user. And yet any of them can happen at any time:
- If it was decided to switch from browser to dedicated to a separate program. Indeed, in many respects, such clients are preferable: they allow you to combine the mail program with an organizer, a notebook, as well as manage your address book and administer messages more flexibly.
- There was an unexpected failure in the work of the mail client, all settings “flew”. And then you just need to install a mail server. Setting it up usually does not require much time and effort, but otherwise you can be left without mail for quite a long time.
- Free mailboxes can be destroyed by the administration, and without explanation. Yes, and such a box looks in the eyes of business partners, frankly, undignified. Therefore, you will have to start a dedicated one, on the server.
- If the provider offers a separate mailbox, then why not take advantage of such an offer.
Setting up a Windows mail server
Basic e-mail parameters such as DNS, IP data and similar information are issued directly by the provider.
To start using Windows, you will need to either download a client suitable for this operating system, or use the built-in clients. To get started, you will need to create a new account. As a rule, at the same time they are also asked to enter its name, come up with a password and login to enter.
You may need to enable support for Windows Mail Services through the "Remove and Install Programs" panel under E-mail Services component installation.
To create a new mailbox, you will need to come up with a username and password.
In SMTP, you must specify the port number 25, and for the POP3 server - 110. If the provider issues other parameters, you should enter them. In the event that the mail client used does not require entering a port number, you need to leave only the address issued by the provider in the items "Server for incoming messages" (this can be either POP3 or IMAP) and "Name for the server for outgoing messages" ( usually SMTP only).
Fine-tuning the Windows mail server largely depends on the mail application you are using, but the principle of operation will be the same. The difference may be in the GUI options and in the menu items.
Switching from free mail to a dedicated client
Sometimes you want to stay on the free one but use a separate application as a client. You can show this using the example of mail settings for the Yandex service. The mail server setup will then be carried out with the following parameters.
1. IMAP settings for incoming messages:
- mail server address: imap.yandex.ru;
- in the security settings for the connection, you must specify SSL;
- the port number is 993.
2. To configure outgoing messages via the IMAP protocol:
- specify smtp.yandex.ru as the server address;
- in the connection security settings, you must also set SSL;
- port number should be set to 465.
3. Regarding the POP3 protocol for sent messages:
- specify pop.yandex.ru as the server address;
- SSL is specified as the security parameters of the connection used;
- the port number is 995.
4. For outgoing messages sent via the POP3 protocol:
- smtp.yandex.ru is specified as the mail server address;
- again, SSL is specified in the security settings for the connection used;
- port number is set to 465.
As a username, as well as an address and password, you should set existing addresses and passwords from mail on Yandex.
Setting up the Mail.Ru server
Sometimes you need to learn about the settings of the Mail.Ru mail server. In general, the setting looks exactly the same as it was described in the case of Yandex mail. But the parameters will look like this:
- full email address (in @ format, e.g. [email protected]);
- for the IMAP server, imap.mail.ru is specified;
- for the SMTP server, specify smtp.mail.ru;
- the username is the full email address from an already existing mail;
- password is the email password used;
- IMAP: number 993 (for SSL/TLS protocols);
- POP3: number 995 (for SSL/TLS protocols);
- SMTP: number 465 (for SSL/TLS protocols);
- you need to specify that you want to authorize the server of sent messages, in the authentication parameters - a simple password, without encryption.
In general, the settings are specified exactly the same as in the case of Yandex, but only with the addition of the mail prefix. For other free servers, you should set the same parameters, but with the appropriate prefixes.
As you can see, in general, there is nothing complicated in such a matter as setting up a mail server. Even a novice user can cope with this task. But you can be sure that even in the event of a critical failure, you will not have to be left without mail.
The task of setting up your own mail servers using Linux tools, Apache, SQL and the like requires a deeper knowledge in the field of information technology.
Original: Install a Complete Mail Server with Postfix and Webmail in Debian 9
Author: Matei Cezar
Publication date: October 12, 2017
Translation: A. Krivoshey
Transfer date: November 2017
This guide will show you how to install and set up a full-featured Postfix mail server on Debian 9. It also shows you how to set up account mailboxes with Dovecot to receive and create IMAP mail. Users will use the Rainloop Webmail web interface to work with mail.
Requirements
Minimum installation of Debian 9
- static IP address configured for the network interface
- local or registered public domain name.
In this tutorial, we'll use a private domain account to set up a mail server configured with only the /etc/hosts file, without any DNS server involved in DNS resolution processing.
Step 1: Preconfiguring a Postfix Mail Server on Debian
1. As a first step, log in as root and ensure that your Debian system is updated to the latest installed software packages and that all security patches are installed using the following command:
# apt-get update # apt-get upgrade
2. In the next step, install the packages that will be used for system administration:
# apt-get install curl net-tools bash-completion wget lsof nano
3. Next, open the /etc/host.conf file for editing with your favorite text editor and add the following line at the beginning of the file to allow DNS to read the hosts file first.
Order hosts, bind multi on
4. Next, set your computer's fully qualified domain name (FQDN) and add your domain name, and your system's FQDN, to the /etc/hosts file. Use your system's IP address to resolve the domain name and FQDN as shown in the screenshot below.
Change the IP address and domain. Then restart your computer so that the correct hostname is used.
# hostnamectl set-hostname mail.tecmint.com # echo "192.168.0.102 tecmint.com mail.tecmint.com" >> /etc/hosts # init 6
5. After the reboot, verify that the hostname is set correctly using the following command sequence. The hostname command should return the domain name, FQDN, hostname, and IP address of the system.
# hostname # hostname -s # hostname -f # hostname -A # hostname -i # cat /etc/hostname
6. Also, use the commands below to check if the domain is responding correctly to local queries. Keep in mind that the domain will not respond to remote queries sent by other systems on your network because we do not use a DNS server.
However, the domain should respond to other systems if you manually add the domain name to each of the /etc/hosts files. Also be aware that DNS resolution for a domain added to the /etc/hosts file will not work with the host, nslookup, or dig commands.
# getent ahosts mail.tecmint.com # ping tecmint.com # ping mail.tecmint.com
Step 2. Installing the Postfix mail server on Debian
7. The most important piece of software required for the proper functioning of a mail server is the MTA agent. MTA is a server-client software that is responsible for forwarding mail between mail servers.
In this tutorial, we will use Postfix as the mail transfer agent. To install postfix on Debian from the official repositories, run the following command.
# apt-get install postfix
8. During the Postfix installation process, you will be asked a series of questions. In the first question, select the "Internet Site" option as the general type for Postfix setup and press the key to continue, and then add your domain name to the system email name as shown in the screenshots below.
Step 3. Setting up a Postfix mail server on Debian
# cp /etc/postfix/main.cf(,.backup) # nano /etc/postfix/main.cf
Now configure Postfix in the main.cf file as shown below.
# See /usr/share/postfix/main.cf.dist for a commented, more complete version smtpd_banner = $myhostname ESMTP biff = no # appending .domain is the MUA"s job. append_dot_mydomain = no readme_directory = no # See http: //www.postfix.org/COMPATIBILITY_README.html -- default to 2 on # fresh installs.compatibility_level = 2 # TLS parameters smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem smtpd_tls_key_file=/etc/ssl/ private/ssl-cert-snakeoil.key smtpd_use_tls=yes smtpd_tls_session_cache_database = btree:$(data_directory)/smtpd_scache smtp_tls_session_cache_database = btree:$(data_directory)/smtp_scache # See /usr/share/doc/postfix/TLS_README.gz in the postfix- doc package for # information on enabling SSL in the smtp client. etc/mailname myorigin = $mydomain myd estination = $myhostname, $mydomain, localhost.$mydomain, localhost relayhost = mynetworks = 127.0.0.0/8, 192.168.1.0/24 mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = all #inet_protocols = all inet_protocols = ipv4 home_mailbox = Maildir/ # SMTP-Auth settings smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous smtpd_sasl_local_domain = $myhostname smtpd_recipient_restrictions = permit_mynetworks,permit_auth_destination,permit_sasl_authenticated
Change the variables myhostname, mydomain and mynetworks to match your settings.
You can run the postconf -n command to check for possible errors, as shown in the screenshot.
# postconf -n
10. After configuration is complete, restart the Postfix daemon to apply the changes and verify that the service is running by verifying that the Postfix master service is connected to port 25 using the netstat command.
# systemctl restart postfix # systemctl status postfix # netstat -tlpn
Step 4: Testing the Postfix mail server on Debian
11. To check if postfix can handle mail, first install the mailutils package with the command:
# apt-get install mailutils
12. Then, using the mail command line utility, send an email to the root account and check if the mail was successfully transferred using the following command, which checks the mail receiving queue and lists the contents of the Maildir folder in root's home directory.
# echo "mail body"| mail -s "test mail" root # mailq # mail # ls Maildir/ # ls Maildir/new/ # cat Maildir/new/ Test Postfix by Sending Mail Test Postfix by Sending Mail
13. You can also check how the mail was processed by the postfix service by checking the contents of the mail log file with the command:
# tailf /var/log/mail.log
Step 5: Installing and configuring Dovecot IMAP on Debian
14. Dovecot IMAP is the mail delivery agent that we will use to deliver email messages to local recipient mailboxes. IMAP is a protocol that runs on ports 143 and 993 (SSL) and is responsible for reading, deleting or moving emails for multiple email users.
IMAP also provides synchronization to ensure that a copy of each message is stored on the server and allows users to create multiple directories on the server and move mail to those directories for sorting.
The above does not apply to the POP3 protocol. The POP3 protocol does not allow users to create multiple directories on the server to sort mail. You only have an inbox to manage your mail.
Installing the main Dovecot server and the Dovecot IMAP package on Debian is done using the command:
# apt install dovecot-core dovecot-imapd
15. Once Dovecot is installed on your system, edit the dovecot files. First, open the /etc/dovecot/dovecot.conf file, find and uncomment the following line:
Listen = *, ::
16. Then open /etc/dovecot/conf.d/10-auth.conf for editing, find and change the lines to look like below.
Disable_plaintext_auth = no auth_mechanisms = plain login
17. Open the /etc/dovecot/conf.d/10-mail.conf file and add the following line to use Maildir instead of Mbox format for storing emails.
Mail_location = maildir:~/Maildir
18. And the last file to edit is /etc/dovecot/conf.d/10-master.conf. Here, find the Postfix smtp-auth block and make the following changes:
# Postfix smtp-auth unix_listener /var/spool/postfix/private/auth ( mode = 0666 user = postfix group = postfix )
19. After making all the above changes, restart the Dovecot daemon to apply the changes, check its status, and make sure Dovecot is connected to port 143 using the commands:
# systemctl restart dovecot.service # systemctl status dovecot.service # netstat -tlpn
20. Check if the mail server is working properly by adding a new user account to the system, connect to the SMTP server using telnet or netcat commands, and send an email to the new user as shown below.
# adduser matie # nc localhost 25 # ehlo localhost mail from: root rcpt to: matie data subject: test Mail body . quit
21. Check if the email has arrived in the new user's mailbox:
# ls /home/test_mail/Maildir/new/
22. In addition, you can connect to the user's mailbox from the command line using the IMAP protocol, as shown below. The new mail must be in the user's Inbox folder.
# nc localhost 143 x1 LOGIN matie user_password x2 LIST "" "*" x3 SELECT Inbox x4 LOGOUT
Step 6. Installing and configuring Webmail on Debian.
23. Users will manage their email using the Rainwop Webmail client. Before installing the Rainloop mail agent, first install the Apache HTTP Server and the PHP modules required by Rainloop using the following command:
# apt install apache2 php7.0 libapache2-mod-php7.0 php7.0-curl php7.0-xml
24. After installing the Apache web server, go to the /var /www /html / directory, delete the index.html file and install Rainloop Webmail.
# cd /var/www/html/ # rm index.html # curl -sL https://repository.rainloop.net/installer.php | php
25. After installing the Rainwoo Webmail client, navigate to your domain IP address and log in to the Rainloop Admin web interface with the default credentials:
Http://192.168.0.102/?admin User: admin Password: 12345
26. Go to the "Domains" menu, click the "Add Domain" button and add the domain name settings as shown in the following screenshot.
After successfully logging into your Rainloop email, you should see the message sent from the command line earlier in your Inbox folder.
Http://192.168.0.102 User: [email protected] Pass: matie password
27. When adding a new user, use the useradd command with the -m flag to create the user's home directory. But first, make sure you set up the per-user Maildir path variable with the command below.
# echo "export MAIL=$HOME/Maildir" >> /etc/profile # useradd -m user3 # passwd user3
28. If you want to redirect all emails destined for root to a given local email account from the system, run the commands below. All emails destined for the root account will be forwarded to your user, as shown in the image below.
# echo "root: test_mail" >> /etc/aliases # newaliases
This is all! You have successfully installed and configured a mail server on your system so that local users can communicate via email. However, this mail configuration is not well protected and is recommended to be deployed only for small networks under your full control.
June 12, 2010 at 08:58 pmOverview and installation of the iRedMail mail server
- Linux setup
Good day!
I present to your attention an overview, installation and configuration of the wonderful iRedMail package based on Debian Lenny.
iRedMail- this:
1) A full-fledged mail server.
2) Runs Red Hat® Enterprise Linux (5.x), CentOS (5.x), Debian(5.0.x), Ubuntu (8.04, 9.04, 9.10), FreeBSD (7.x, 8.0).
3) Works both on a regular system and under the control of a virtual machine: eg VMware, OpenVZ, Xen.
4) Support for i386 and x86_64 architectures.
5) Uses compatible components for installation and configuration, such as Postfix, Dovecot, SpamAssassin, etc.
6) When installing, it uses binary packages from your distribution.
7) An open source project distributed under the GPL v2 license.
8) Support for two backends for storing virtual domains and users: OpenLDAP and MySQL.
9) Unlimited support for domains, users, mail aliases.
10) Support for two Web Interfaces (RoundCube and SquirrelMail).
This package is very easy to set up and install.
1) This package is convenient in that:
but. You don't need a lot of knowledge, i.e. The installation and configuration process is not complicated at all.
b. Requires a minimum of time to turn corporate mail. I spent literally 20 minutes installing this build.
in. The kit includes all the necessary software for the mail server. (Antivirus, Antispam, 2 Web-Interfaces (optional)
2) There are no analogues of this package.
How iRedMail works:
Anti-Spam and Anti-Virus.
2 popular packages act as antispam and antivirus, these are SpamAssassin and ClamAV
What does iRedMail support for email security:
1. SPF (Sender Policy Framework) support.
2. Support for DKIM (DomainKeys Identified Mail).
3. Greylist support.
4. Whitelist support (based on DNS name and IP address)
5. Support for "Blacklists" (based on DNS name and IP address)
6. Support for "Blacklist" HELO requests.
7. Support HPR(HELO Randomization Prevention)
8. Spamtrap support.
9. SpamAssassin Integration
10. ClamAV integration, auto-updating of virus databases.
Email client support:
Email clients supporting POP3/POP3S and IMAP/IMAPS. For example: Mozilla Thunderbird, Microsoft Outlook, Sylpheed.
iRedmail installation.
I chose iRedMail as the mail server. This assembly is Postfix+LDAP(MySQL)+SpamAssassin+ClamAV+AmaViS+Dovecot+RoundCube (SquirrelMail) etc. In this article, we will consider setting up this wonderful server based on OpenLDAP.
Attention! Don't forget to change example.com to your domain name.
Let's tweak our hostname a bit:
vi /etc/hosts
127.0.0.1 mail.example.com localhost localhost.localdomain
Vi /etc/hostname
mail.example.com
Save the changes with the command:
/etc/init.d/hostname.sh start
Check the FQDN of the hostname:
hostname -f
All installation is carried out under the root user!
Download this file to the /tmp directory:
cd /tmp && wget iredmail.googlecode.com/files/iRedMail-0.6.0.tar.bz2
Install the archiver:
apt-get install bzip2
You need to unpack this archive:
tar -xvjf iRedMail-0.6.0.tar.bz2
Go to the directory /tmp/iRedMail-0.6.0/pkgs/ and run the installation script:
bash get_all.sh
The required packages will be downloaded.
For dovecot to work, you need to install the Candidate version of the package. The other one won't work!
apt-cache policy dovecot-common dovecot-pop3d dovecot-imapd | grep "Candidate"
The command will return an empty result.
Change to the installation script directory:
cd /tmp/iRedMail-0.6.0/
Run the installation script:
bash iRedMail.sh
The installer window will appear: 
We choose the path where all our mail will be stored: 
Selecting a backend for our server. MySQL and OpenLDAP are supported. We will choose OpenLDAP: 
The LDAP suffix for our server is added like this: dc=example,dc=com 
Enter the password for the LDAP server administrator. The default administrator account is in /etc/ldap/slapd.conf. Usually this is: cn=Manager,dc=example,dc=com 
Enter our domain name:
Enter the administrator password (postmaster): 
The first user to be created is the user: [email protected] We need to come up with a password for it: 
Enable SPF check and DKIM check function: 
We put extra Components: 
Let's make an alias for the root user: 
Configuration completed.
The message appears:
configuration completed.
************************** WARNNING ********************* **************
*************************************************************************
* *
* Please do remember to *REMOVE* configuration file after installation *
* successfully completed. *
* *
* * /root/iRedMail-x.y.z/config
* *
*************************************************************************
<<>> continue? #<- Type "Y" or "y" here, and press "Enter" to continue
Press Y and wait for the installation to complete.
User creation takes place on the page: example.com/postfixadmin
Login to postfixadmin user [email protected] and select “Create Box” from the menu 
User created!
Also PostfixAdmin allows you to:
1. Add a new administrator.
2. Add a domain.
3. Create a mailbox.
4. Create an alias.
5. Change the administrator password.
6. View the activity log for the domain.
7. Set and manage user quotas.
Component access list: 
The server is up and running!
UPD: For the mail server to work correctly, you need an MX record on the DNS server that your domain is linked to!
Links to projects:Debian
iRedMail
Posftix
OpenLDAP
MySQL
Spamassassin
ClamAV
AMaViS
Dovecot
Round Cube
SquirrelMail
Awstats
phpLDAPAdmin
phpMyAdmin
For the mail server to work properly, it is important to have a properly configured DNS zone. We have already touched on some aspects related to the DNS system, today we will dwell on this issue in more detail. Setting up the DNS zone refers to the preparatory operations before deploying the mail server and the health of the e-mail system directly depends on it.
Incorrect settings can cause mail to be undeliverable to your mail server or recipient servers to reject your mail. Indeed, if your zone records do not contain information about the mail server, where should mail be sent? To the grandfather's village? You can, of course, ask your provider to configure the DNS zone, but it's better to do it yourself.
What do we need? A dedicated IP address (let's say 11.22.33.44) that you must obtain from your ISP. Domain name (for example example.com), it can be registered with any registrar or their partner. When registering with a partner, check whether it provides access to DNS zone management, otherwise you will have to spend additional time, nerves and money transferring the domain to the registrar.
If you already have a domain and, most likely, a site is functioning on it, check if it is possible to manage the DNS zone from the hosting provider's panel, otherwise it is better to transfer the domain to the registrar, for this contact the provider's support.
So, we have a domain. What records does its DNS zone contain? First, it is a SOA record - a description of the zone. We will not analyze all the entries in detail, this is beyond the scope of our article, but it is necessary to have a general idea of them. There should also be two NS records pointing to the name servers (DNS servers) serving this domain, these will be the registrar's servers or the hosting provider.
The first entry you need to add will be the A entry, or name entry. It should point to the IP address of your server if you decide to serve all requests to the domain on your own or to the IP address of the hosting provider if you decide to host your site. When placing a site with a hoster, the domain is usually delegated to its DNS servers (corresponding NS records are registered) and an A record will be made automatically when the domain is parked.
This option is most common, but if necessary, you can always create an A record yourself. This record looks like
example.com. IN A 22.11.33.44
In our example, 22.11.33.44 is the address of our hosting provider, where the site is located. Pay attention to the dot at the end of the name, this indicates that the name is absolute, if there is no dot, the name is considered relative and the domain name from SOA is added to it. You can check the entry with the command nslookup.
For the mail server to work, you need to create an MX record, which should point to our mail server. Let's create an entry for this:
example.com. IN MX 10 mail.example.com.
You can also just write:
example.com. IN MX 10 mail
To this name (without a dot at the end) example.com will be added automatically. The number 10 determines the priority of the server, the lower it is, the higher the priority. By the way, the DNS zone may already contain an MX record of the form:
example.com. IN MX 0 example.com.
Usually this entry is automatically created by the hosting provider when hosting the site, it must be removed.
Now let's create an A record for mail.example.com
Mail.example.com. IN A 11.22.33.44
Now all mail for the example.com domain will be directed to the mail host with the address 11.22.33.44, i.e. your mail server, while the site example.com will continue to work on the provider's server at 22.11.33.44.
The question may arise, why can't you immediately specify the IP address of the mail server in the MX record? In principle, it is possible, some do, but it does not comply with the DNS specifications.
You can also make aliases for the mail server like pop.example.ru And smtp.example.ru. Why is it necessary? This will allow the client not to depend on the features of your infrastructure, once setting the settings. Let's say that your company has grown and allocated a separate mail server to serve external clients. mail1, all you need to do is change two DNS records, clients will not notice that they are working with a new server. To create aliases, CNAME type records are used:
Pop IN CNAME mail.example.com.
smtp IN CNAME mail.example.com.
At this point, the forward DNS zone setup can be considered complete, the most interesting thing remains - the reverse zone. The reverse zone is managed by the provider that issued you the IP address and you cannot manage it yourself (unless you are the owner of the block of IP addresses). But you must add at least one record to the reverse zone. As we wrote in the last article, many mail servers check PTR records (reverse zone records) for the sending server, and if they are absent or do not match the sender's domain, such a letter will be rejected. So ask your provider to add an entry like this for you:
44.33.22.11.in-addr.arpa. IN PTR mail.example.com.
A bit strange looking, isn't it? Let's analyze the structure of the PTR record in more detail. For reverse name resolution, a special top-level domain in-addr.arpa is used. This is done in order to use the same programming mechanisms for forward and reverse name resolution. The fact is that mnemonic names are written from left to right, and IP addresses are written from right to left. So mail.example.com. means that the host mail is in the example domain, which is in the top-level domain com. backwards" completed with a top-level domain in-addr.arpa.
You can also check MX and PTR records with the command nslookup using additional parameter -type=MX or -type=PTR
And of course, you should not forget that any changes in DNS zones do not occur instantly, but within a few hours or even days, necessary for the distribution of changes in the global DNS system. This means that despite the fact that your mail server will start working 2 hours after the changes are made, your partner may not send mail to you for a longer time.
A series of notes on setting up the mail system in a particular case (based on postfix, Dovecot+ miscellaneous). This is the main, "parent" page containing links to the entire list of notes (with a brief description).
Mail in this format - "from scratch", set up for the first time. Previously, we had to deal with this only sporadically, "on a tangent." The choice in favor of a certain configuration was made after re-reading a lot of documentation, articles and forums. Taking into account the task - to raise the mail system for fast and trouble-free operation of a small number of mailboxes - the following assembly was chosen:
postfix + Dovecot 2 + MySQL + PostfixAdmin + postgrey + Postscreen + ClamAV + DKIM + Sieve + Round Cube(+ plugins for RoundCube, including a couple of their experimental ones written right there, "on the fly"). OC- Debian.
List of all packages to install in Debian. An example of setting up all the main configs of all elements of the mail system considered here. This example is just a special case for certain specific tasks.
There is an opportunity to get configs customized for you (you can specify your data and the configs will be automatically rebuilt for them).
Brief description of the experimental configuration. List of ports and interfaces.
Examples of the passage of a letter along the entire chain within the system:
- What happens to a letter when mail from outside arrives at the server. All his "adventures" inside the mail system.
- Sending letters - general information in the context of the configuration in question.
- etc.
Sent emails are automatically saved by the MUA client to "Sent". But not all emails are sent using MUAs. Thus, part of the sent is lost. The problem can be solved by including forced BCC (blind copies) of all sent, which Postfix can automatically forward to given mailboxes ...
A free translation of selected parts of the official Postfix documentation. Some working mechanisms are analyzed, a list of command line tools is given, settings parameters (selectively) of configuration files are considered, etc.
Postfix - Milter, free translation of some parts of the official documentation + gag. Filtering messages before entering the message queue, at the SMTP session stage, SMTP emulation for non-SMTP mail, etc.
Filtering in Postfix after the message has entered the queue. Free translation of some parts of the official documentation + gag. Simple and complex examples, different filters for different domains, etc.
Using Postfix's latest development, the Postscreen zombie blocker. Emulation of an SMTP session for bots instead of a real connection with smtpd. Free translation of some parts of the official documentation + gag.
Description of key configuration parameters, Dovecot composition, terminology, configuration, etc. How authentication works, collaboration with Postfix, PostfixAdmin SQL database, etc. Free translation of some selective parts of the official documentation + gag.
My New User Autosubscribe plugin. Automatic binding of IMAP folders for a new user. The plugin allows you to immediately associate a new user with his IMAP folders, without additional manipulations with the settings. The plugin also allows you to set the folder order (for example, "Sent" after "Inbox", instead of "Drafts", as is usually set by default).
My View Username plugin. Shows the current user name (address) next to the logo. The Roundcube interface by default does not display the current user. If there are several boxes, it is difficult to understand which one is open now. The plugin displays the username (address) on the main page.
Overview of several autoresponders (including third-party, including paid products). Customization features, pros and cons of different options, configuration difficulties, and implementation mechanisms.
Important definitions
This section contains key definitions that it is desirable to understand and remember.
MTA(Mail Transfer Agent) - a mail server responsible for mail forwarding. Communicates with the outside world, receiving and sending mail the same as himself throughout the global network. "In the rear" with him, within the limits of his native domains, MDA works. MDA(Mail Delivery Agent) - puts mail in boxes, usually inside a specific physical server - in directories (folders) of the file system, specified by the settings for this purpose. Storekeeper, packer and loader tied to one "warehouse". In addition, in the configuration described here, it acts as a watchman (checks the password and gives the go-ahead or prohibits the delivery of mail). MUA(Mail User Agent) - the ultimate mailbox viewer and mail management for users. For example Outlook, Bat, Gmail, or its relative - RoundCube.
MSA(Mail Submission Agent) - a "piece" of the MTA that takes away from it the function of accepting authorized SMTP connections before sending mail.
The MUA client connects to MSA port 587, goes through authentication and all the necessary steps (TLS, etc.), and sends all outgoing mail to its MTA. This segregation of duties between ports 25 and 587 improves reliability by leaving only "pure" MTA functions on port 25.
SMTPd- Server running on SMTP protocol. Here is part of the MTA. The main purpose is to receive mail. It accepts it only in order to immediately transfer it to other internal services, usually only briefly holding it in a temporary internal "sump" - in a queue (in a special folder on the disk).
LMTPd- Same as SMTPd, but "L" is local. Server running on LMTP protocol. Here - part of the MDA (+ client in the MTA), - the middle link in the chain between the message queue manager in Postfix-MTA and the mail handler in Dovecot-MDA/LDA. Here - works on a unix socket (the full path to the "exchange file" is indicated; in practice, in Postfix, the lmtp client setting may look like this: "lmtp:unix:/path/to/sock-file"). In some tasks - a competitor to LDA.
IMAPd- Server running on IMAP protocol. Here is part of MDA. Used for MUA access to mailbox folders. It allows you not to store mail on the client, but to work with the server in online mode (this is its plus, sometimes it is a minus).
SASL is a framework (a set of rules and mechanisms) for authentication. Works UNDER the protocol (eg LMTP), OVER the connection. In the described configuration, it is used in the mechanism for transferring data via unix sockets.
TLS/SSL- data encryption protocols. In the configuration described here, their use is mandatory for external MUA connections.
MX- Direct entry for the mail server (created, for example, on the domain registrar's DNS). Something like this: mail.domain.tld -> IP.IP.IP.IP
PTR- Writeback for the server (configured from the side of the subnet which the server's IP belongs to). Allows you to determine the associated domain name by IP. Important for spam filters. Something like this: IP.IP.IP.IP -> mail.domain.tld
SPF- A DNS entry listing servers that are allowed to send mail from your domain.
postfix- MTA + additions. They say that it is so cool that the author offers a reward for breaking it. Fast, reliable, easy to set up compared to Exim, but not as flexible as Exim. Linking with Dovecot has become almost standard. Good for small mail systems (although recently I caught my eye on the headline of an article that - Microsoft chooses Postfix :)). Duplicates some Dovecot functions (which of course you can not use).
Includes (not all listed):
PostfixAdmin- Web interface to Postfix. It is impossible to configure Postfix on it, but creating domains/boxes and editing their properties is just his job. Stores information in a SQL database, which is used by its "father" - Postfix, and even Dovecot. Allows you to create partial post-event automation of adding/removing/editing mailboxes/domains, which is limited by the capabilities of the standard Apache user rights (although there are options here as well). There are two inputs: for the superadmin interface - domain.tld/postfixadmin, and for users (for example, to edit their autoresponders) - domain.tld/postfixadmin/users. However, the latter may be unsafe for the system as a whole.
ViMbAdmin- Alternative to PostfixAdmin. What I didn't like about it is that it requires Zend Framework, Doctrine, Smarty to work - and all these are necessarily outdated versions! Those. By installing the latest versions, you run the risk of running into glitches in its work.
Dovecot- MDA + additions. Flexible, has high speed. The emphasis in development was on safety. Hacking also has a reward from the author. :) Duplicates some Postfix features.
Consists and supports (not all are listed):
Milter(Mail Filter) - mail filter. Here is part of Postfix. Implemented as support for the Sendmail 8 Milter protocol, and allows you to process SMTP events (CONNECT, DISCONNECT), SMTP commands (HELO, MAIL FROM, etc.), as well as mail content (headers, body), - before getting a letter into the queue. It is present in two forms - for smtpd and for non-smtp mail.
See note
ACL(Access Confol List) - access control list. Part of Dovecot. Allows for virtual users (yet only virtual) set permissions in the style of system Unix users on IMAP folders. It is convenient for blocking rights to some folders of mailboxes for ordinary users, and vice versa - for extending rights to mailboxes to the master user. There are two types of ACLs: ACLs and IMAP-ACLs. ACL - created and maintained by the administrator. IMAP-ACL - Created and maintained by users when using IMAP.
See note
Sieve- a language for writing rules for preliminary analysis of mail before saving it, and managing the further fate of messages. Works as part of Dovecot. Allows you to set global rules, as well as custom rules (ManageSieve), assigned by the user himself.
See note
postgrey- Screens out incoming mail by checking the persistence nature of the sending MTAs. Not persistent - discarded. Those who passed the test are whitelisted for some long time (for example, a month). During the exam, records are kept in the "grey list", after which the fate of the "examined" is determined.
See note.
DKIM- digital signature for outgoing mail. Not required, but desirable element of the mail system. Theoretically, - allows not only to confirm the sender's connection with his domain (through a public key available directly in the DNS), but also that the letter was not subjected to changes during the delivery process.
See note.
ClamAV- antivirus that checks the content of incoming emails for the presence of malicious code. Its anti-virus databases need to be constantly replenished.
See note.
Spamassassin- spam threat "estimator". A program that assigns scores (points) to each letter based on a set of criteria, by which it is possible to determine the probability of whether the letter is spam. The evaluation is still done in Postfix, and the decision can already be made by Dovecot, for example, using Sieve, moving letters with a high spam probability score to the appropriate folder.
