Guide to a FreeBSD mail server

I use a Vultr.com 512MB/20G SSD/1vCore ($US 2.50/month) plus 10G SSD block storage ($US 1/month) for a low volume mail server (replete with milters), web server, web proxy server and backup server (the 10G block storage addon is used for hourly backups of my main home server). 512M swap file of which currently 14M used.
 
Scaleway.com looks enticing with their very many options - ARM deals inclusive. W.r.t. system requirements, you should pay a closer attention to the RAM. If you intend running a standard mailserver with an antivirus like CLAM,you would need a min. of 4GB of RAM.
 
Ahh, vultr.com... Home to many a blocked spam email and filtered script kiddie attack. :) I now know why: a $2.50/month VPS is more than enough to spam and scan. At that rate, those are practically throwaway instances.
 
You should start with the Purplehat tutorial, which most FreeBSD users also referenced - https://forums.freebsd.org/search/29961/?q=purplehat+postfix&o=date.

Here is the guide. It will get you started but you need some additional resources to get a close to standard mailserver for the Internet. I can point you at some other resources - for dkim, mailscanner, etc
It still blows my mind how many people use my guide but I wanted to say thanks for still recommending it (even though it's older than dirt). Fact is, the main project itself (Maia-Mailguard) had fallen into the unmaintained category until somewhat recently when Joshua Small (huge thanks to him!) decided to keep moving forward with it. This, in turn, allowed me to update the port (which is now available) and just in time for PHP7 and a bunch of bugs have been fixed. This has also allowed me to update the Purplehat guide/how-to as well. So, if anyone is looking to use it for reference points (or the full install), it has been updated (for the most part) and I'll continue to do so! I'll be adding some additional things to it here and there as I get feedback (I'd also like to add SPF, DKIM, DMARC, etc... at some point). Anyhow, thanks again and I'm glad the guide has been helpful to some!

Regards,
Janky Jay, III
 
It still blows my mind how many people use my guide but I wanted to say thanks for still recommending it (even though it's older than dirt). Fact is, the main project itself (Maia-Mailguard) had fallen into the unmaintained category until somewhat recently when Joshua Small (huge thanks to him!) decided to keep moving forward with it. This, in turn, allowed me to update the port (which is now available) and just in time for PHP7 and a bunch of bugs have been fixed. This has also allowed me to update the Purplehat guide/how-to as well. So, if anyone is looking to use it for reference points (or the full install), it has been updated (for the most part) and I'll continue to do so! I'll be adding some additional things to it here and there as I get feedback (I'd also like to add SPF, DKIM, DMARC, etc... at some point). Anyhow, thanks again and I'm glad the guide has been helpful to some!

Regards,
Janky Jay, III
ek: If purplehat is yours, you must be an admin or a member with tonnes of thanks/reactions. How did they get reset to three in number? And why become a new member? :):)
 
ek: If purplehat is yours, you must be an admin or a member with tonnes of thanks/reactions. How did they get reset to three in number? And why become a new member? :):)
Honestly, it's been so long since I've logged into these forums that I'm not sure how to answer that. I'm certainly not a "New Member", though. My guess is the amount of message posts is what quantifies that. And, as most guide and port maintainers know, there really isn't a lot of thanks for things like this (not on the forums anyhow). It's not like I support the guide via the FBSD Forums or anything. So, I haven't had the need for much interaction here. I just happened across this thread because one of the guide users had pointed me to it while looking for some help and thought I'd post MY thanks for recommending the guide (even though it was super outdated). Anyhow, yes, purplehat.org belongs to me. :)
 
ek: Thanks for your work on an updated Maia Mailguard port. However, after upgrading from the previous version, I just get a

Code:
MDB2 Error: not found

error when trying to open Maia in a browser window.

/var/log/httpd-error.log has the following to say about it:

Code:
[Sun Apr 07 16:46:54.986392 2019] [php7:warn] [pid 38069] [client 134.101.146.253:55338] PHP Warning:  count(): Parameter must be an array or an object that implements Countable in /usr/local/share/pear/MDB2.php on line 826
[Sun Apr 07 16:46:54.990431 2019] [php7:notice] [pid 38069] [client 134.101.146.253:55338] PHP Notice:  Undefined variable: lang in /usr/local/www/maia/maia_db.php on line 95

I'm not particularly well versed in PHP and especially not Pear. Any idea what is wrong here? From looking at the code, MDB2 does appear to load fine but throws the error above when run.
 
Hi herrbischoff,

Looks like you might need to change the config.php file for Maia to use "mysqli" as the DSN driver instead of just "mysql".
 
ek: Fantastic, that did the trick.

Now that everything is working again (well, Postfixadmin changed its internal folder layout, so I will have to adjust that), let me explicitly thank you for putting in the time to update everything Maia for the future. Thanks to your tutorial I'm running a FreeBSD email server for years now, which made me learn a lot more about the whole email ecosystem. I got so fed up of trying to adjust Linux-based guides for FreeBSD. So really: thanks.
 
herrbischoff Great! I'm glad everything is all sorted out and thank you very much for the kind words. I've literally written this guide for the exact reason you'd described. There certainly aren't as many FBSD guides for things like this (especially the many years ago when I began writing it). So, I'm very glad this is helpful to you and others. :)

As for the preferred method of support, the mailing list is usually best as others can chime in if they've experienced similar issues and issues usually get resolved quickly. Not to mention the issues (and hopefully resolution) are archived for anyone to access later via searching for errors and such so it can help them before they even need to ask the same question. There is an IRC server as well (mentioned in the guide) for "real-time support" if anyone is around. There's also light banter as it's a general FBSD channel but there's usually a lot of helpful information transpiring there as opposed to focusing on a single question at a time... if that makes sense?

Again, I'm glad you're up and running and please free to subscribe to the mailing list or join the IRC channel in the future if you ever feel the need (or are just bored).
 
ek: This makes total sense. Thanks for the pointers. Mailing list is subscribed, IRC is next. I wish there was better documentation regarding Maia — it's very much out of date. The project could use a bit of new life. If there's interest in overhauling the web site, documentation or web interface, I'd probably give it a go.
 
herrbischoff Great! I'm glad everything is all sorted out and thank you very much for the kind words. I've literally written this guide for the exact reason you'd described. There certainly aren't as many FBSD guides for things like this (especially the many years ago when I began writing it). So, I'm very glad this is helpful to you and others. :)

As for the preferred method of support, the mailing list is usually best as others can chime in if they've experienced similar issues and issues usually get resolved quickly. Not to mention the issues (and hopefully resolution) are archived for anyone to access later via searching for errors and such so it can help them before they even need to ask the same question. There is an IRC server as well (mentioned in the guide) for "real-time support" if anyone is around. There's also light banter as it's a general FBSD channel but there's usually a lot of helpful information transpiring there as opposed to focusing on a single question at a time... if that makes sense?

Again, I'm glad you're up and running and please free to subscribe to the mailing list or join the IRC channel in the future if you ever feel the need (or are just bored).
I won't mind giving Maia a go again. Mailwatch with Mailscanner has been of little or no use to date.

At the time I tried using Maia, it won't work in a jail as its port -10035 - for receiving emails conflicts with the SMTP's internal port at the same number. Switching to 10036 won't help. That was for receiving emails. The way Maia works is proactive. It interacts with postfix/dovecot and first receives both incoming & outgoing emails before the MTA & MDA process them.

I would like to use the web UI that comes with it. For Mailwatch/Mailscanner, it's nearly impossible to use in FreeBSD.

One other difficulty with Maia was that I had to login to it and release received emails for their final destinations if they are not spams. I know one can directly let all emails through with it though.

I like its tonnes of options. It would make setting up a mail server easier that way than individually configuring dkim, SPF, etc. It comes with an encrypt option too. I like!
 
herrbischoff: I'm not sure about updating the actual www.maiamailguard.com website. I'm not even sure how it's still up and running, honestly. However, if you'd like to get in touch with the owner, there is contact information for David Morton who was previously maintaining Maia as well as the website. I can't guarantee a response or anything, but it's certainly worth a shot. Aside from that, the actual Maia code is now being maintained by Joshua Small on GitHub (https://github.com/technion/maia_mailguard). So, I'm not sure if he's interested in any website or whatnot. I do agree with you about more up-to-date documentation, though. Would be nice to see anywhere, really.

Lamia: Maia should actually be attaching to port 10024 which shouldn't interfere with anything (as far as Postfix, Dovecot, SPF, DKIM, etc...). I'm not sure if there was maybe some specific reason you changed the port but it shouldn't be needed. Just attach to jail's IP on port 10024 and you should be all good. Many people are running this configuration right now. If you'd like to give it another try, I'd love to get your feedback regarding the current guide. Any and all feedback is appreciated.
 
herrbischoff: I'm not sure about updating the actual www.maiamailguard.com website. I'm not even sure how it's still up and running, honestly. However, if you'd like to get in touch with the owner, there is contact information for David Morton who was previously maintaining Maia as well as the website. I can't guarantee a response or anything, but it's certainly worth a shot. Aside from that, the actual Maia code is now being maintained by Joshua Small on GitHub (https://github.com/technion/maia_mailguard). So, I'm not sure if he's interested in any website or whatnot. I do agree with you about more up-to-date documentation, though. Would be nice to see anywhere, really.

Lamia: Maia should actually be attaching to port 10024 which shouldn't interfere with anything (as far as Postfix, Dovecot, SPF, DKIM, etc...). I'm not sure if there was maybe some specific reason you changed the port but it shouldn't be needed. Just attach to jail's IP on port 10024 and you should be all good. Many people are running this configuration right now. If you'd like to give it another try, I'd love to get your feedback regarding the current guide. Any and all feedback is appreciated.
Thanks ek, I was going to write 10024, when I wrote 10025.

It is worth trying again. I am however thinking I would need stop the manually configured filters and so on. I should include the task in my to-do list.
 
Lamia: Sure. Makes sense. Depending on how you've integrated your current filters, it might be as easy as just commenting out and adding new "content_filter" lines to your Postfix's main.cf. There is, of course, plenty of other ways but I've found this to be the easiest way to maintain and/or migrate between Postfix "addons" if it's an option.
 
Back
Top