What this Document is About
This document covers how I have set up my Linux box to work as a Mail Server. The details will be specific to Arch Linux, but it will be be general enough for any *nix distribution if you have a knowledge of installing software packages, finding the location of configuration files, and starting/stoping services..
My goals in creating this mail system are to have all of my mail, from various email accounts, stored locally on my machine so I can access it anytime via SSH, the web, or imap. I wanted all of my mail delivered to my local user account and I wanted the spam to be sucked out and launched into space.
The backbone of the mail system is the Mail Transport Agent (MTA). It will handle receiving mail addressed directly to your machine, sending it to the correct users mail box, and sending mail out from the machine. I determined Postfix to be the best choice for my MTA and after some reading found Procmail for sorting mail, SpamBayes for detecting spam, and Fetchmail for grabbing mail from my pop mailboxes.
Bellow is a flow diagram for mail moving through the system:
The SpamAssassin and sa-learn can be ignored. I will describe how to use it with SpamBayes since I was not happy with Spam Assassin's performance and had made the diagram when I was still using it.
Software Used
* Arch Linux
* Postfix 2.1.5
Secure, fast, easy to administer drop in replacement for Sendmail. (MTA) Provides smtp-server.
(Requires sasl installed and support for sasl compiled into Postfix if sending mail through an intermediary as you may need to do if you have a domain name pointing to a dynamic IP address.)
* Cyrus SASL 2.1.21
SASL authentication daemon.
* Procmail 3.22
Highly configurable auto mail processing.
* Fetchmail 6.25
A remote-mail retrieval utility.
* SpamBayes 1.1a1
a Bayesian anti-spam filter, initially based on the work of Paul Graham. The major difference between this and other, similar projects is the emphasis on testing newer approaches to scoring messages.
* Mutt 1.4.2.1
A small but very powerful text-based mail client
* Courier-imap 4.0.4
IMAP / POP3 Server
* Courier-authlib 0.57
Authentication library for the courier mailserver.
* SquirrelMail cvs 1.5.1
For checking mail via the web.
(requires imap-server, perl, and php)
* Pop-before-smtp 1.38
A simple daemon written in Perl, to allow email relay control based on successful POP or IMAP logins.
Installing the Software
Installing Postfix
A note for those with dynamic IP addresses: Before installing Postfix we must first consider if it will need to make use of Simple Authentication and Security Layer (SASL). If you have a dynamic IP address and are using a service like dyndns.org you will need to have Postfix send your mail through your ISP's mail server (with authentication) making use of SASL for the connection. This is because many domains that you will send email to will recognize your hostname as pointing to a dynamic IP address and send the mail back. Check if your distributions Postfix package was built with SASL support or if you are compiling Postfix from scratch add SASL with a ./configure option.
If you've determined you do not need SASL support in postfix:
$ pacman -Sy postfix
If you do need SASL support we need to install cyrus-sasl and use the Arch Build System (abs) utility for building Postfix. Follow the instructions bellow or follow these Arch Wiki instructions: http://wiki.archlinux.org/index.php/PostFix_Howto_With_SASL
$ pacman -Sy cyrus-sasl
$ abs
$ cd /var/abs
$ mkdir -p local/postfix
$ cp -v extra/daemons/postfix/* local/postfix
Now edit /var/abs/local/postfix/PKGBUILD. Under the build() section change:
make OPT="${CFLAGS}" || return 1
to:
make OPT="${CFLAGS}" \
CCARGS="-DUSE_SASL_AUTH -I/usr/include/sasl/" \
AUXLIBS="-L/usr/lib/sasl2 -lsasl2" || return 1
Now run:
$ makepkg
$ pacman -A postfix-*.pkg.tar.gz
I like to then copy the package into a directory under /var/lib/pacman so I have access to all of my abs built packages later:
$ mkdir /var/lib/pacman/abs_built
$ cp postfix-*.pkg.tar.gz /var/lib/pacman/abs_built
Installing Fetchmail
$ pacman -S fetchmail
Installing Procmail
$ pacman -S procmail
Installing SpamBayes
SpamBayes is not yet in the pacman repository. Download it, extract, and install (substitute version numbers with most current):
$ wget http://dl.sourceforge.net/sourceforge\
/spambayes/spambayes-1.1a1.tar.gz
$ tar zxvf spambayes-1.1a1.tar.gz
$ cd spambayes-1.1a1
$ python setup.py install
Installing Mutt
$ pacman -S mutt
Installing courier-imap and courier-authlib
SquirrelMail as well as other mail clients (evolution, outlook, cell phone, etc.) will use this to connect to the mail box. Courier-imap also depends on courier-authlib, so this command will install that as well.
$ pacman -S courier-imap
Installing SquirrelMail
$ pacman -S squirrelmail
Installing pop-before-smtp
You are going to want to consider using Postfix/TLS or pop-before-smtp if you are interested in users connected via IMAP being able to send mail (using your mail server as a SMTP relay). I recommend using Postfix/TLS but will not cover how to install/configure it in this document.
Pop-before-smtp is not in pacman repositories. Substitute version numbers with the most current.
$ wget http://dl.sourceforge.net/sourceforge/popbsmtp/pop-before-smtp-1.38.tar.gz
$ tar zxvf pop-before-smtp-*.tar.gz
$ cd pop-before-smtp-*
Read the README in this directory and then read README.QUICKSTART in the contrib directory for where to copy the necessary files to.
Postfix Configuration
main.cf
Now change to the '/etc/postfix' directory and open up main.cf for editing.
The domain name for my machine is through dyndns.org. Set your myhostname and my domain to something like this:
myhostname = example.com mydomain = example.com
Next we are going to want to set Postfix up for using qmail-style delivery with Maildir (where each email is stored in its own file). This is for courier-imap which SquirrelMail will be using to access the mail and will have other advantages. Don't forget the ending forward slash.
home_mailbox = Maildir/
Set it up so that incoming mail is sent through procmail and so we can alias names/users to mailboxes.
mailbox_command = /usr/bin/procmail -a "$DOMAIN"
alias_maps = hash:/etc/postfix/aliases
If you have a dynamic IP or have trouble with mail being returned from large ISP's or mail systems you are going to have to take a few extra steps. We will set it up so that mail will go through a relay host. In this example I will use my ISP's (SBC) smtp server as an example. Make these additional changes to main.cf
relayhost = [smtp.sbcglobal.yahoo.com]
# authentication for sbc yahoo
smtp_sasl_auth_enable = yes
smtp_sasl_security_options = noanonymous
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
That wraps up our changes to main.cf. We just need to create the hash aliases databases that we defined above. Add these lines to the top of /etc/postfix/aliases (replacing hypexr with your user account of course):
root: hypexr
spam: hypexr
ham: hypexr
Generate the database. From /etc/postfix dir:
$ postalias aliases
Set up smtp server and authentication for SBC mail relay. sasl_passwd:
smtp.sbc.mail.yahoo4.akadns.net my_username@sbcglobal.net:my_passw
Note: Server name can change from time to time. There is a CNAME that points to this name but CNAMEs do not work here.
Generate the database:
$ ./postmap sasl_passwd
Start the postfix server and we are done with postfix!!!!
$ /etc/rc.d/postfix start
Having problems getting it to start? Check out the Postfix log file usually in /var/log/mail or /var/log/maillog.
Fetchmail Configuration
We are going to run our fetchmail daemon from user root. So create the file /root/.fetchmailrc:
set postmaster "postmaster"
set bouncemail
set no spambounce
set properties ""
set daemon 60
poll pop.example.com with proto POP3
user 'user_name' there with password 'my_password' is 'local_user_to_deliver_to' here options flush
poll pop.gmail.com with proto POP3 port 995
user 'my_gmail_un@gmail.com' there with ssl with password 'my_password' is 'hypexr' here options keep
This tells fetchmail to check every minute for mail at pop.mypop.com and also at my gmail account. The flush option at the end of the mypop entry tells it to remove the mail after it is downloaded. I do not want the mail removed from my Gmail account so I use the keep option. Google also uses ssl, hence the "with ssl". Fetchmail comes with its configuration utility fetchmailconf which makes setting up your .fetchmailrc file easy.
I don't believe that Arch Linux has a rc script for fetchmail. The one that I made (/etc/rc.d/fetchmail) looks like this (stat_busy, stat_fail, stat_done are specific to Arch Linux. You could take these out):
#!/bin/sh
. /etc/rc.conf
. /etc/rc.d/functions
