Solved The simplest mail server

Emrion

Emrion

Hi,

Time has come... Well, should come. Exasperated by my ISP's mood swings regarding email delivery via SMTP, I would like to create my own mail server.

The problem is I know almost nothing in this field and, as I feared, my first research confirm it's really complex.

Looking on the web, I found a ton of tutorials for setting a secure server on the internet. That's not my goal. I just want to have a basic mail server on my local network without security (I will add some tls/ssl later). Just an account with a password. The server accepts smtp delivery of mails from my local network without discussion and I get mails from pop3.

Have you some tutorials (please not video, I hate that), articles, suggestion of softwares utmost simple to configure?
 
First off, it's not a set and forget thing. You will need to monitor it and if you're doing this on a non business connection expect a lot of mails to be dropped by spam filters etc.
Stalwart (PR submitted, https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=286326) and maddy (https://github.com/foxcpp/maddy) looks like interesting projects and seems to be a bit easier to get a grip on compared to older projects which requires a lot more components and "middleware".
 
Ok, I clarify my question: NO CONNECTION OF THE SERVER TO INTERNET.
All the smtp and pop3 requests come from machines ONLY on my local network. So, no spam, no ISP, no reverse dns, nothing. Just smtp and pop3.

I would like a software that runs on freebsd not a docker thing. Something in ports or base system, I mean.
 
You want a mail server... but as Dr. Howard already said above me: there's one build in ("DMA"). It's ideal for local e-mails. But you want more....

Well, since I'm in the right mood for this: let's take this from the top, shall we?

EMail
First things first... e-mail processing actually consists of 3 parts: sending ("transportation") of e-mail, which is done using a so called SMTP server ("Simple Mail Transfer Protocol"). Retrieving; which is always a separate process and done using either a POP3 or IMAP server. And finally: storing. This isn't always specifically mentioned (because the SMTP server usually takes care of it) but nevertheless it is an important process.

Storage can be done using mbox ("all e-mails dumped in one huge file"), Maildir (just like it says: all e-mail gets 'dumped' into a dedicated (personal) folder for mail) and finally... you can even set up a dedicated storage system (here's looking at Cyrus).

SMTP
There are many good servers. DMA, as mentioned before, but plenty of others as well like Sendmail, Exim, QMail... and my personal favorite: Postfix. Postfix may look a bit intimidating at first but is actually quite easy once you narrow things down a bit. The best part: while Postfix will allow you to shoot yourself in the foot it comes with more than sane default settings. Meaning? It actually takes effort to set up the dreaded "open relay" which is the bane of e-mail servers.

Open relay: a mail ("SMTP") -server that allows (all) external sources to send e-mail to whatever destination. Spam factories love this one!

Retrieval
Done using a completely different process, as mentioned: POP3 & IMAP are commonly used protocols. Common names here are Dovecot, Courier and my personal favorite: Cyrus IMAPd (despite its name it can handle more than just IMAP). As you may guess: the trick is to make sure that both processes "understand" each other. That's the theory at least, in reality it usually boils down to both services supporting the same storage methods.

Local transfer
A very important name within all this is Procmail. Procmail is a so called Mail Transfer Agent ("MTA") and it's used for exactly that... If your SMTP server doesn't support a certain storage method (for example: Sendmai doesn't support the Maildir format) ... then you can still make that work using an MTA like Procmail. Instead of having your SMTP server store the mail directly you can tell it to 'send' it to Procmail which will then take care of the storage.

Or... you could use a dedicated MTA. As mentioned earlier: something like Courier or Cyrus.

I don't think you can wrong with all this, as long as you make sure that you understand what is going on and use the right software.

This is a bit brief, but I hope it can give you some ideas!
 
Emrion said:
Ok, I clarify my question: NO CONNECTION OF THE SERVER TO INTERNET.
All the smtp and pop3 requests come from machines ONLY on my local network. So, no spam, no ISP, no reverse dns, nothing. Just smtp and pop3.
Click to expand...

What's the point of a mail server that has no connection to the internet?
 
I'm testing mox, not without difficulties, but I managed to get this works with MTA like ssmtp and MUA like thunderbird or outlook. I'm looking how to set some options like to forbid to send a mail outside my domain (local network), just to avoid to accidentally annoy some smtp servers on the web (as the mail is refused anyway and that's not the point).

There are a ton of protocols and options. It's really not easy, but I made some good progress. I use SSL encrypted connections with my own certificate signed by my own CA.

bob2112 said:
What's the point of a mail server that has no connection to the internet?
Click to expand...
Well... I have several servers at home that send daily email containing periodic(8) reports (FreeBSD), reports of automatic updates and some others things (debian). Up to now, I use my personal email address and smtp of my ISP. Problem is that periodically, there are some new settings which block my outgoing mails. See here: https://forums.freebsd.org/threads/one-more-problem-with-the-smtp-of-my-isp.94583/

Last finding of my ISP: a valid certificate for its smtp server, but with the wrong name. smtp.xxx.yy is the functioning server and the name of its certificate is smtp-in.xxx.yy. I found a workaround, but I'm at the end of the rope. I have other things to do than playing with my ISP.

My plan is to deliver these emails on a local mail server (a jail on my FreeBSD router). I will use locally standard MUA to get them and will create a secure access to read them from internet, just read, no possibility of sending.

As I'm there, I would like to thanks all the people that answered to this thread. It helped me.
 
bob2112 said:
What's the point of a mail server that has no connection to the internet?
Click to expand...
Sendmail used to function as a LAN logging service back in the day. Some shops used sendmail like that. Daemons armed with Perl scrips to read those mailboxes were pretty complex and finicky animals.
 
Some people says, that OpenSMTPD is one of the simpliest. Lets see. Test config, just receiving from lan, no encryption:

Bash: 
table aliases file:/etc/aliases

listen on 0.0.0.0
listen on ::

action "local" maildir alias <aliases>
action "relay" relay

match for local action "local"
match from any for domain myserver.localdomain.lan action "local"
match from local for domain regex { '.*\.localdomain\.lan' } action "relay"

With this I could send mail from FreeBSD machine with DMA (Dragonfly Mail Agent) to Linux Mint machine with OpenSMTPD ("mail server") and read it with Mutt.
Last string is necessary for sending to other machines on lan, but this thing I didnt test.
 
Emrion said:
There are a ton of protocols and options. It's really not easy, but I made some good progress.
Click to expand...
Indeed. And that mox offer all these protocols in one pack makes it interesting, if it is really so simple to install and maintain.

I have a debian server running sendmail, it was a lot of work. I tried with other MTAs and gave up.

Sendmail, being so old and used, has the advantage that you get a lot of info with google.
 
RypPn said:
Unless you have a static ip and an ISP that knows how to do RDNS on it and doesn't block port 25, forget it.
Click to expand...
I've had dyanamic IPs for 25 years and I've had almost no problems.

The keyword is almost. Your registrar and DNS provider must provide you an interface to update your DNS records, somehow. My registrar uses a web interface to manage DNS records. Until recently I used their DNS services until last November when I set my NS records to point to Cloudflare. Now I use their web interface because of a feature I discovered that November. I don't use Cloudflare's proxy service as I want my IP on the raw internet to exercise ipfilter (which I maintain).

If you're ok with the odd disruption of an hour or two as you register a new IP, you will be fine. Of course this depends on your ISP. My ISP reassigns IP addresses once or twice a year, many times I maintain the same IP for a couple of years, until they do some work on their network necessitating a change in IP address.

One can't say a blanket "no" but a maybe. Do your research. Maybe even register a domain with a registrar who will provide you with some interface to manage your own records and try it. Domain names are cheap.
 
hruodr said:
Indeed. And that mox offer all these protocols in one pack makes it interesting, if it is really so simple to install and maintain.
Click to expand...
It's indeed interesting, but I worry about so much packed into a big glob of Go. It also seems to be mainly a one person project, and is very new, as you note.

The way I like to think about adopting a particular platform is to think of it as a lifeboat. There might be a really nice lifeboat, but with only a few people on it to man the oars. Then there's that leaky old lifeboat that has three shifts of oarsmen. Life might be a lot more pleasant on the new lifeboat, but if everybody leaves, I'm screwed.

I also worry about how much work it would be to replace something that does so much. My current setup is Dovecot + Postfix + Opendmarc + Spamd. Migrating from Sendmail to Postfix was a pain, but at least I didn't have to touch my mail store. Migrating from UW-IMAP to Dovecot was also a pain, but mitigated because I didn't have to touch my MTAs. I expect a similar experience when I replace Opendmarc and Spamd with Rspamd. If mox suddenly goes unsupported, or takes a turn I don't like, I'd have to do a big bang migration which would probably take a lot of time and effort, and which probably won't go smoothly.
 
Last edited:
for his very limited use case he can just use the default mta and mutt (use via ssh). for text only mail mutt is good enough, fast enough. can't use it from a phone (you can but it sucks ).mbox format is also good enough (and easier to grep :)) you don't need maildir or whatever.
 
Jose said:
It's indeed interesting, but I worry about so much packed into a big glob of Go. It also seems to be mainly a one person project, and is very new, as you note.
Click to expand...
Yes, I noted that. I hope it is what it promises and more people join.

I follow your argument and also like separate programs for everything.

But something to easily substitute MS exchange server would be very good.
 
covacat said:
for his very limited use case he can just use the default mta and mutt (use via ssh). for text only mail mutt is good enough, fast enough. can't use it from a phone (you can but it sucks ).mbox format is also good enough (and easier to grep :)) you don't need maildir or whatever.
Click to expand...
Nope. He needs mail from multiple servers.
dma is not intended as a replacement for real, big MTAs like
sendmail(8) or postfix(1). Consequently, dma does not listen on port
25 for incoming connections.
Click to expand...
dma(8)
 
i was not aware that dma is missing the smtp server stuff.
but sendmail seems to still be part of base, just not enabled by default.
 
You must log in or register to reply here.
Back
Top