Howto: Setup a home mailserver
So the first thing is to understand the setup:
an "email server" can be made up of various bits, the bit that sends emails out it called the mail transfer agent or MTA
fetchmail gets email from your ISP and delivers to local MTA local MTA saves in /var/mail (or /home/user/Mail) dovecot serves /var/mail and /home/user/Mail via POP3 and/or IMAP roundcube web application talks IMAP to dovecot to view emails and talks to the local MTA to send emails
This mailserver was configured on Ubuntu server 6.06 with a standard LAMP setup.
This mailserver was configured on Ubuntu Edgy Eft server with a standard LAMP setup.
please add additional versions here.
Example server setup consists of the following applications
Fetchmail Postfix Dovecot Roundcube
Some of which can be installed with sudo apt-get install
Howto: Configure Fetchmail client program to fetch emails
Fetchmail is a utility or command for Linux systems used to retrieve e-mail from a remote POP3, IMAP, ETRN or ODMR mail server to the users local system.
From fetchmail site, Fetchmail is a one-stop solution to the remote mail retrieval problem for Unix machines, quite useful to anyone with an intermittent or dynamic-IP connection to a remote mailserver, SLIP or PPP dialup, or leased line when SMTP isnt desired. Fetchmail can collect mail using any variant of POP or IMAP and forwards to a the local SMTP (via TCP socket) or LMTP (via TCP or Unix socket) listener or into an MDA program, enabling all the normal forwarding/filtering/aliasing mechanisms that would apply to local mail or mail arriving via a full-time TCP/IP connection. How do I install fetchmail?
- sudo apt-get install fetchmailconf
Configuration file name
The user configuration file is stored in your home directory i.e. /home/you/.fetchmailrc
How do I configure fetchmail to retrieve mail from ISP mail server?
Create the fetchmail file,
Modify the file permissions
Open the .fetchmailrc file:
So from the console type the following
$ cd; touch .fetchmailrc
$ chmod 600 .fetchmailrc
$ sudo vi .fetchmailrc
Append following text:
poll pop3.net4india.com with proto POP3 user d12356 there with password password is vivek here
* pop3.net4india.com - <enter your POP3 server details here> * proto POP3 If you are using POP3 protocol * d12356 - POP3 username * password - POP3 password * vivek - Local user mailbox name
To fetch mail from your ISP or to run fetchmail type command:
$ fetchmail -v ## is useful to diagnose errors
If all is well you should see
$fetchmail: normal termination, status 0
If not please recheck servername, protocol type, username, password
For more information please see offical fetchmail web site. Note that the /.fetchmailrc file has passwords in plain text in it. This file should be set to mode 600 to avoid snooping eyes.
It is possible to configure fetchmail to get messages from a single ISP mailbox and distribute the results to several local mailboxes, a process known as multidrop. The fetchmail man pages contain a description of how to do this.
You could use Mutt at this time to read the emails if required, $ sudo apt-get install mutt
If you can read your emails satisfactorily it would be ideal if the mailserver checked for new mail regularly, every 15 mins for example.
Fetchmail essentially polls your ISP's POP3 server to see if there is anything worth downloading. In theory, you can run fetchmail as a daemon and have it regularly poll for incoming mail.
The simplest solution is to simply set up cron entries to check for mail at regular points. Sample crontab entries are:
/15 * * * * /usr/bin/fetchmail -s -f /home/<username>/.fetchmailrc
where <username> is your own username
This should check for new mail every 15 minutes
So send an email to the newly setup account and fetchmail should retreive it.
If this is working its time to go to the next step
Step two Howto: Mailserver Postfix
sudo apt-get install postfix
1. Introduction 2. Installation 3. Configuration 4. Authentication 5. Testing 6. Other Postfix Guides
Postfix is a Mail Transfer Agent (MTA) which is the default MTA for Ubuntu. It is in Ubuntu's main repository, which means that it receives security updates. This guide explains how to install and configure postfix and set it up as an SMTP server using a secure connection. Installation
In order to install Postfix with SMTP-AUTH and TLS do the following steps:
apt-get install postfix libsasl2 sasl2-bin libsasl2-modules libdb3-util procmail
Insert the following details when asked (replacing server1.example.com with your domain name if you have one):
Then run the following commands:
Configure Postfix to do SMTP AUTH using SASL (saslauthd)
sudo postconf -e 'smtpd_sasl_local_domain ='
sudo postconf -e 'smtpd_sasl_auth_enable = yes'
sudo postconf -e 'smtpd_sasl_security_options = noanonymous'
sudo postconf -e 'broken_sasl_auth_clients = yes'
sudo postconf -e 'smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination'
sudo postconf -e 'inet_interfaces = all'
sudo echo 'pwcheck_method: saslauthd' /etc/postfix/sasl/smtpd.conf
sudo echo 'mech_list: plain login' /etc/postfix/sasl/smtpd.conf
Generate certificates to be used for TLS encryption and/or certificate Authentication
sudo mkdir /etc/postfix/ssl
sudo openssl genrsa -des3 -rand /etc/hosts -out smtpd.key 1024
245 semi-random bytes loaded<<BR>> Generating RSA private key, 1024 bit long modulus ......++++++ .++++++ e is 65537 (0x10001) Enter pass phrase for smtpd.key: <password here Verifying - Enter pass phrase for smtpd.key: <password here
sudo chmod 600 smtpd.key sudo openssl req -new -key smtpd.key -out smtpd.csr
Enter pass phrase for smtpd.key: You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank.
Country Name (2 letter code) [AU]:en State or Province Name (full name) [Some-State]: Locality Name (eg, city) :Gosport Organization Name (eg, company) Widgits Pty Ltd: Organizational Unit Name (eg, section) : Common Name (eg, YOUR name) : Email Address :d123456net4india.com
Please enter the following 'extra' attributes to be sent with your certificate request A challenge password :password An optional company name :
Restart the postfix daemon like this:
$ sudo /etc/init.d/postfix reload
To see if SMTP-AUTH and TLS work properly now run the following command:
telnet localhost 25
After you have established the connection to your postfix mail server type
If you see the lines
Escape character is '^]'. 220 raytracer ESMTP Postfix (Ubuntu)
$ ^] $ telnet> quit Connection closed.
sudo apt-get update
sudo apt-get install dovecot
sudo apt-get install dovecot-common
Note: dovecot is not started by default on our servers. So you will need to take this step.
start Dovecot with
$ sudo /etc/init.d/dovecot start
how do i check its running $ netstat -pant
and look for something on 143 or 993 (143=imap, 993=imaps) if you see this $ netstat -pant (No info could be read for "-p": geteuid()=1000 but you should be root.) Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN - tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN - tcp6 0 0 :::80 :::* LISTEN - tcp6 0 0 :::22 :::* LISTEN - tcp6 0 0 ::1:25 :::* LISTEN - tcp6 0 52 ::ffff:192.168.1.162:22 ::ffff:192.168.1.1:1094 ESTABLISHED-
its not listening so on to the next step
alternatively check if dovecot was listening for anyone requesting IMAP information.
$ netstat -pant |grep 143
$ netstat -pant |grep 993
repeating with 993 (secure IMAP - aka IMAPS)
Retry starting dovecot
$ sudo /etc/init.d/dovecot start
If nothing, then its time to debug it
$ sudo bash -x /etc/init.d/dovecot
This showed that it was doing a grep protocols /etc/dovecot/dovecot.conf"
The next step is to look at $ /etc/init.d/dovecot
to read the code and see it was looking for pop3 or imap.
Edit dovecot.conf $sudo vi /etc/dovecot/dovecot.conf
to uncomment "protocols = imap imaps" and comment out "protocols ="
Retry starting dovecot
If the debug is looking for
/usr/lib/dovecot/imap which didn't exist.
"aptitude search dovecot" showed that dovecot-common was installed, but not dovecot-imapd,
obviously we need to install dovecot-imapd
$ sudo apt-get install dovecot-imapd
so recheck if its listening
$ netstat -pant (No info could be read for "-p": geteuid()=1000 but you should be root.) Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:993 0.0.0.0:* LISTEN - tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN - tcp 0 0 0.0.0.0:143 0.0.0.0:* LISTEN - tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN - tcp6 0 0 :::80 :::* LISTEN - tcp6 0 0 :::22 :::* LISTEN - tcp6 0 0 ::1:25 :::* LISTEN - tcp6 0 52 ::ffff:192.168.1.162:22 ::ffff:192.168.1.1:1094 ESTABLISHED-
so we've installed that and hey presto - ports 143
and 993 are now being listened on.
We then did a quick imap test by hand (I've marked typed stuff with ###):
###telnet localhost 143 4 * OK Dovecot ready. ###1 login username password 1 OK Logged in. ###1 list * * * LIST (\Unmarked) "/" "INBOX" 1 OK List completed. ###banana select INBOX * FLAGS (\Answered \Flagged \Deleted \Seen \Draft) * OK [[PERMANENTFLAGS|(\Answered \Flagged \Deleted \Seen \Draft \*)]] Flags permitted. * 9 EXISTS * 0 RECENT * OK [[UIDVALIDITY|1158264619]] UIDs valid * OK [[UIDNEXT|13]] Predicted next UID banana OK [READ-WRITE] Select completed. ###1 logout * BYE Logging out 1 OK Logout completed.
The "9 exists" shows that it can see 9 emails which is good.
Step Four RoundCube Webmail
is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. [[RoundCube]] Webmail is written in PHP and requires the [[MySQL]] database. The user interface is fully skinnable using XHTML and CSS 2.
Download Roundcube from http://www.roundcube.net/?p=downloads
Installation instructions here
login with username = d12356 password = password
theres a file in the roundcube file you downlaoded which has the extension .SQL this has to be inserted into your databse via phpmyadmin found in cpanel in the mysql databses section at the bottom. When your there select the database you want roundcube to use from the drop down menu. when thats all loaded to the right click the SQL tab at the top. then copy the content of mysql_inital.sql into the box provided and click ok. If all goes to plan it should say its successful.
roundcube wouldn't send any emails, looking at /var/log/mail.log there
were SASL (email authentication) errors. Since we are only talking locally, I made the security decision to turn off sasl and commented out all the bits in /etc/postfix/main.cf (and reloaded postfix). Still no joy. After alot of hunting around and reading code, it turned out that we had to comment out from roundcube's main.inc.php the "smtp_user" and "smtp_pass" lines.
Finally we had to setup postfix to rewrite the sender as otherwise emails would be sent from "firstname.lastname@example.org - a bad address.
I edited /etc/postfix/main.cf and added: # send all email as email@example.com sender_canonical_maps=regexp:/etc/postfix/canonical
Then created /etc/postfix/canonical: /.*@net4india.com/ firstname.lastname@example.org /.*@localhost/ email@example.com
and reloaded postfix.
NB: originally I just rewrote .*@net4india.com, but some emails were being sent at @localhost so I added the second line.
Really, I should write a guide on howto setup postfix properly: - with SASL/TLS authentication - with proper rewriting - for multiple users for example - and with fetchmail for multiple people - with anti-spam....
SERVICE CURRENTLY NOT AVAILABLE!
Set the Debug-Level in the main.inc.php to 4
$rcmail_config['debug_level'] = 4;
If you get an error like "could not connect to database" (i don't remember it exactly), try to login to the db on the commandline
eg. mysql -u rc_user -p rc_db
with your password. if that fails, you should give the following a try
log into the db as root or a privileged user
and do a
DB Error in /home/riponcom/public_html/mail/program/include/rcube_db.inc (105): DB Error: connect failed SERVICE CURRENTLY NOT AVAILABLE! DB Error: connect failed
It hasn't seem to have logged the error in the logs. I ran a SQL query on the database? I wasn't sure if that's what I was supposed to do. I recieved this error
FLUSH PRIVILEGES ;
#1227 - Access denied; you need the RELOAD privilege for this operation "
I logged presumably into phpMyAdmin as root.
IMAP Error: Could not connect to imap.domain.com at port 143:
Warning: Cannot modify header information - headers already sent in /var/www/roundcubemail-0.1beta2/program/include/rcube_shared.inc on line 132