Complete Virtual Mail Server

From Gentoo Wiki
Jump to: navigation, search
Article status
IconClipboardTask.png This article has some todo items:

The purpose of this guide is to establish a virtual mail system that can handle multiple domains with a variety of different interface options. This is not intended to be used by the average user who is looking for a mail client, this is a full-scale Mail Transfer Agent (MTA) intended for individuals who are hosting their own domains and/or need to provide support for virtual domains.

By the end of this guide, you will have an easy method to manage a mail server that supports:

  • Web based system administration
  • Unlimited number of domains
  • Virtual mail users without the need for shell accounts
  • Domain (specific) user names
  • Mailbox quotas
  • Web access to email accounts
  • IMAP and (very optional)POP3 support
  • SMTP Authentication for secure relaying
  • SSL for transport layer security
  • Strong SPAM filtering
  • Anti-Virus filtering
  • Log Analysis

The real plus is that all of this is managed by a single database.

Getting Started

System Setup and Packages

This section outlines a system setup (a multi-server implementation) as well as the core packages that were used. This is a MUST READ before reading on any further (don't worry, it's short).

Basic Setup

Verify that you have not installed any other MTA, such as ssmtp, exim, or netqmail, or you will surely have BIG problems.

After postfix is installed, it's time to configure it. Change the following options in /etc/postfix/main.cf . Remember to replace $variables with your own names.

FILE /etc/postfix/main.cf
myhostname = $host.domain.name
mydomain = $domain.name
inet_interfaces = all
mydestination = $myhostname, localhost.$mydomain $mydomain
mynetworks = my.ip.net.work/24, 127.0.0.0/8
home_mailbox = .maildir/
local_destination_concurrency_limit = 2
default_destination_concurrency_limit = 20
message_size_limit = 20971520
unknown_local_recipient_reject_code = 450

Next change the following in /etc/postfix/master.cf . This will turn on verbose output for debugging:


FILE /etc/postfix/master.cf
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (yes)   (never) (50)
#
==========================================================================
## (Just add the "-v" after the smtpd in the following line)
smtp      inet  n       -       n       -       -       smtpd -v

Next, edit /etc/mail/aliases to add your local aliases. There should at least be an alias for root like: root: your@email.address .

CODE Starting postfix for the first time
# /usr/bin/newaliases
## (This will install the new aliases. You only need to do this
when you update or install aliases.)

Linux 'vmail' user

Mailboxes are stored on a normal filesystem and thus needs a user and group for security.

Admin Support Systems

www-apps/postfixadmin and www-servers/apache were key tools in getting through testing and getting this to hang together. While the details of an Apache/PHP setup are not here, there is good information in here all the same.

Postfix to databasebackend

mail-mta/postfix will be coupled to a database backend allowing virtual users on multiple domains.

Linking Courier-imap to databasebackend

net-mail/courier-imap will be coupled to the same database.

Enhanced Setup

SMTP Authentication

Hainv a mailserver that relay's local mail good enough for most, being able to relay mail after authentication is extremly handy.

Web Access

Now that a basic mailserver has been setup, web-access can be both useful and helpful during testing.

SSL Certificates

Securing the mail server with SSL certificates.

Refining the Setup

Using default Postfix configuration options, the server gets some performance tweaks and security settings.

Anti-Spam Measures

Amavisd, Spam-Assassin and ClamAV

Defending against spam using Amavis, Spam-assassin and ClamAV for virus protection.

Log Analyzer

Logging mail traffic with AWStats

Always important is monitoring. To do so AWStats is used to get a useful overview of passed messages.