Saturday, December 10, 2016

Creating a Home Email Server

Creating a Home Email Server


Dec 2012

Pictures got bumped from the blog move. Sorry.

Mar 2012

You might want to have your own email server because your paranoid, can’t stand the fact that free web email posts ads based on the contents of your email, or curiosity.  For what ever your reasons this is how I made mine.
Things you’ll need prior.
  1. Purchase a domain of your choosing
  2. Static home IP
  3. Install Ubuntu 11.10 Server
DOMAIN
Within your domain host you should locate where you can make edits to the DNS.


After locating this area we need to add a subdomain.


The subdomain should be mail.example.com. Obviously select your domain name.



Edit the mail.example.com subdomain DNS.


Make the DNS A record point to the static IP of you email server.  Make the MX (mail exchange) record point to mail.example.com with a value of 10.


This could take some time to populate throughout their servers.

INSTALL UBUNTU SERVER

For the most part the install of Ubuntu Server was default and selecting the packages differed.  I only installed OpenSSH and LAMP.

If you install the mail server it uses dovecot and I perfer courier.

After installing ubuntu server I then installed ubuntu-dekstop:
sudo apt-get install -y ubuntu-desktop

Its much easier to install the configuration files and follow along in the GUI.

After installing the ubuntu-desktop reboot and follow this walk through:  http://www.pixelinx.com/2010/10/creating-a-mail-server-on-ubuntu-using-postfix-courier-ssltls-spamassassin-clamav-and-amavis
***TYPO*** When you get to 15-content-filter-mode its actually 15-content_filter_mode

After your completed there are some additional changes and additions to be made.

I added to the following lines to /etc/postfix/main.cf.

Locate the relayhost.  The reason for this is to use an existing email account on your domain to send email out.
 
relayhost = [smtp.1and1.com]:587

Locate the #Encrypted authentication (SASL) and add the following:
 
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_sasl_tls_security_options = noanonymous

Save /etc/postfix/main.cf

We need to add the relayhost login and password so that we can send mail through a SMTP server.  The reason for using a host is that often home email servers get placed on an email blacklist and your email are lost.  Its the host problem to ensure there email server dont end up on those lists.  Change to your domain and port.  The email address is normally used to authenticate through the relay.  This email address and password can be set up through your domain.


echo [smtp.1and1.com]:587 mail@example.com:password” > /etc/postfix/sasl_passwd
postmap /etc/postfix/sasl_passwd

After this I added an additional user to the mysql database mail.

Login to MySQL.

mysql -u root -p

USE mail;
INSERT INTO `user` (`email`, `password`, `name`, `quota`, `enabled`) VALUES (USER@example.com‘, ENCRYPT(’changeme‘), ‘Administrator‘, NULL, 1);
exit;

Send this USER email from another source.  This will populate the folders required to login.

INSTALL SQUIRRELMAIL

apt-get install -y squirrelmail squirrelmail-locales php-pear php5-cli

SETUP APACHE

cp /etc/squirrelmail/apache.conf /etc/apache2/sites-available/squirrelmail
ln -s /etc/apache2/sites-available/squirrelmail /etc/apache2/sites-enabled/500-squirrelmail

a2ensite squirrelmail

apache2ctl -t

/etc/init.d/amavis start

SETUP SSL FOR APACHE (http://www.tc.umn.edu/~brams006/selfsign.html) and (http://www.tc.umn.edu/~brams006/selfsign_ubuntu.html)

openssl genrsa -des3 -out /etc/ssl/server.key 4096

openssl req -new -key /etc/ssl/server.key -out /etc/ssl/server.csr

openssl x509 -req -days 3650 -in /etc/ssl/server.csr -signkey /etc/ssl/server.key -out /etc/ssl/server.crt

openssl rsa -in /etc/ssl/server.key -out /etc/ssl/server.key.insecure

mv /etc/ssl/server.key /etc/ssl/server.key.secure

mv /etc/ssl/server.key.insecure /etc/ssl/server.key

mkdir /etc/apache2/ssl

cp /etc/ssl/server.key /etc/apache2/ssl

cp /etc/ssl/server.crt /etc/apache2/ssl

a2enmod ssl

ln -s /etc/apache2/sites-available/default-ssl /etc/apache2/sites-enabled/000-default-ssl

echo "ServerName localhost" >> /etc/apache2/apache2.conf

/etc/init.d/apache2 restart

EDIT HOSTS

nano /etc/host

127.0.0.1    localhost localhost.localdomain mail
127.0.1.1    mail
173.72.XXX.XXX    mail.example.com

SQUIRRELMAIL

cd /usr/share/squirrelmail/plugins/

wget "http://www.squirrelmail.org/plugins/secure_login-1.4-1.2.8.tar.gz"

tar xzvf secure_login-1.4-1.2.8.tar.gz

cd secure_login/

cp config.sample.php config.php

nano config.php

modify; $change_back_to_http_after_login = 1;
to; $change_back_to_http_after_login = 0;

EDIT SQUIRRELMAIL

squirrelmail-configure

D

courier

8

Locate secure_login and enter the number to enable.

S

Q

APACHE EDITS (https://help.ubuntu.com/community/EnablingUseOfApacheHtaccessFiles)

nano /vetc/apache2/sites-available/default

Find;

<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None

Modify;

AllowOverride All

Same for:

nano /vetc/apache2/sites-available/default-ssl

cd /var/www

nano .htaccess

ADD:

# This allows you to redirect index.html to a specific subfolder
Redirect /index.html https://mail.example.com/squirrelmail/

Try logging into your email server:

http://mail.example.com

You should see the cert error and must accept the cert.

After that you should be able to login.

Might be able to add some additional configuration from here. http://flurdy.com/docs/postfix/

UPDATE 120319;

Recenting added the change_sqlpass plugin and that took and little figuring out.  The screen will go blank and forces you to re-login with new password.

The config.php should have the following settings:

$csp_dsn = mysql://root:password@localhost/mail’;
$lookup_password_query = ‘SELECT count(*) FROM user WHERE email = “%1? AND password = %4?;
$password_update_queries = array(’UPDATE user SET password = %4 WHERE email = “%1?‘);
$force_change_password_check_query = ”;
$password_encryption = ‘MYSQLENCRYPT’;
$csp_salt_static = ‘LEFT(password, 2)’;
$csp_secure_port = 0;
$csp_non_standard_http_port = 0;
$min_password_length = 8;
$max_password_length = 0;
$include_digit_in_password = 1;
$include_uppercase_letter_in_password = 1;
$include_lowercase_letter_in_password = 1;
$include_nonalphanumeric_in_password = 0;
$csp_delimiter = ‘@’;
$csp_debug = 0;

Available link for download

Posted by at
Labels: , , , ,