Continuing on the path of getting my VPS up and running, the time has come to install the actual mail services. For this I’ll go with the standard Ubuntu choices of Postfix as MTA and basic MDA, and Dovecot as IMAP server.
Step 1 — install Postfix
Postfix is easily installed from the main Ubuntu repository by:
sudo apt-get install postfix
This launches a dialog where you need to choose what kind of mail server you intend to operate, and which domain your server will maintain the mail for. I chose Internet Site and entered my domain name (e.g. example.com). The package installer automatically sets a number of default settings, which you can override by launching another interactive dialog:
sudo dpkg-reconfigure postfix
However, dialogs are pretty annoying so I’ll edit the settings manually instead through the convenient postconf utility, and then tell Postfix to reload its config:
sudo postconf -e 'smtpd_banner = $myhostname ESMTP $mail_name' sudo postconf -e 'myhostname = mail.example.com' sudo postconf -e 'mydestination = example.com, mail.example.com, hostname.example.com, localhost.example.com, localhost' sudo postconf -e 'home_mailbox = Maildir/' sudo postconf -e 'mynetworks =' sudo postconf -e 'mynetworks_style = host' sudo /etc/init.d/postfix reload
You obviously need to replace all occurrences of example.com with your actual domain name. These settings control which domains this server is the final destination for, which networks to relay mail for (only this host), and what mailbox format to use. I like Maildir since it stores each mail in a separate file, which is both robust and convenient. See the official Postfix documentation for more configuration options.
The /etc/aliases file controls which email aliases Postfix should use when delivering mail locally on the machine. By default, it will contain a mapping for postmaster to root, but we should also add a mapping for root to the user who should read root’s mail (e.g. johndoe), and make that active for Postfix through the newaliases command:
sudo sh -c 'echo "root: johndoe" >> /etc/aliases' sudo /usr/bin/newaliases
Step 2 — create an SSL certificate
To use IMAP over SSL we need to create an SSL certificate to use with Dovecot. I’ll use a self-signed certificate since this is just my personal server with few users. First we generate a private key for the certificate and make it readable only by root, and then we create the certificate itself:
sudo openssl genrsa -out /etc/ssl/private/dovecot.key 2048 sudo chmod 400 /etc/ssl/private/dovecot.key sudo openssl req -new -x509 -key /etc/ssl/private/dovecot.key -out /etc/ssl/certs/dovecot.pem -days 1095
Make sure to provide the actual domain name of your mail server, e.g. mail.example.com, when asked about the “Common Name”. Otherwise email clients will complain every time they connect to the server. Since this is a self-signed certificate not backed by a Certification Authority clients will complain the first time anyway, but if you save the certificate subsequent connects will go through silently. You can read more about openssl here.
Step 3 — install Dovecot
Time for Dovecot. It can act both as an IMAP server and a POP3 server, but I will only use its IMAP capability. Who uses POP3 nowadays anyway? Install the package and open the main config file:
sudo apt-get install dovecot-imapd sudo vi /etc/dovecot/dovecot.conf
Change the following options to enable IMAP over SSL, tell Dovecot to use the Maildir mailbox format, and point it to the SSL key and certificate:
protocols = imaps mail_location = maildir:~/Maildir ssl_cert_file = /etc/ssl/certs/dovecot.pem ssl_key_file = /etc/ssl/private/dovecot.key
That’s all! Finally, make sure that port 993 is open in the firewall and restart Dovecot with the new config:
sudo /etc/init.d/dovecot restart