Back in 2015 I embarked on an ambitious plan to blog my entire way through setting up my own selfhosted email server. I got a fair bit in (5 posts) before the setting up got ahead of the blogging and I lost track of scribbled notes and halfwritten posts. Moving to a fresh Ubuntu 18.04 install I decided to move as many services as possible to containers, including my email setup and so, rather than just copy paste my old config files I dug into the basics of email setup again.
When running your own SMTP the real spam challenge is not to avoid getting targeted by spammers – it is is to avoid getting used by spammers.
Mind you, you don’t want spam in your inbox but a) that’s what filters are for and b) spammers (mostly) use confirmed lists of recipients, they don’t probe domains for addresses. When they do probe, they probe for access to relay, to use your server to distribute their junk. If they’re successful you’ll have far bigger problems than having to delete a couple emails a day (i.e. your IP and domain winding up on blacklists; also your ISP may disapprove). That is the reason I have saved relaying until now. Opening yourself up to receiving unwanted mail is at lot less problematic than opening yourself up to having your server hijacked by spammers. Postfix is by default set to be rather restrictive in who it lets send out mail so while we have been messing about with receiving mail, the mail sending settings have stayed default and safe.
This will be a short post, as we will only get to know how to relay mail based on the
mynetworks setting. ‘Relay’ is fairly synonynous with ‘sending’ but AFAICT it only refers to sending between SMTP servers. A user sends an email. An SMTP server relays it to another SMTP server. This post is about relaying from a local network.
To reiterate what I said in the first post in our Postfix series, a virtual setup is one in which email accounts are independent of system accounts. We therefore have to tell Postfix what accounts we have on any given domain, where to put email for an account etc. in contrast to local delivery where users are defined by the system and delivery is by default to a file in
/var/mail. In order to create this kind of setup we will have to jettison most of the settings we have worked on so far. On the plus side it will still feel very familiar as virtual and local settings often follow the same basic pattern and nomenclature. In addition, as I have said before, having familiarized ourselves with a local setup helps us understand how to properly distinguish between the two kinds of setup.
I promised that in this third part of the series we would finally get to make our SMTP server accessible from the outside, gettting a bit closer to something that actually resembles a real mail server. I am going to make good on that promise.
There are three aspects to this change. First, we will need to set up our router so that our SMTP server can communicate with the outside world. Secondly, we will need to create a listing for our SMTP server so that other SMTP servers know where to look when they have email for our domain (the MX host setting). Finally we will of course have to adjust our Postfix configuration.(more…)
In the last post in my Postfix series we went through the basics of configuring Postfix to accept mail. This second part will be a somewhat short addendum in which we cover a few extra settings related to how Postfix finds the right user to deliver mail to. Then in the third post we will finally move on to receiving real mail (as opposed to telnet fakery).
Postfix has an impressive amount of settings that can manipulate where email ends up. I’m only going to cover two and then quickly list some of the others.(more…)
About a year ago I wrote a scathing comment about Ars Technica’s too-slow guide to self-hosted email. I wanted it now-now-now and not over the course of four weeks. Well, I guess it’s time to eat humble pie because my setup didn’t survive transfer to the new machine. Seeing as I hadn’t acquired any deep understanding of the setup apart from a purely abstract grasp of email fundamentals I didn’t have any way to fix it.
In short, I’m going to go in the complete opposite direction and take it slow this time. We are going to setup an MTA that will accept email and that we can use to send email. Only when we thoroughly understand that will we move on to Dovecot and the like. We are going to take it step-by-step, making sure that we understand what we’re doing and why we’re doing it and sometimes even what we’re not doing.
In the course of this first piece in a series, we will get some sort of email up and running – and get that warm feeling that we have accomplished something – but consider it more of a proof-of-concept or a learning experience than anything like the final thing.(more…)