Mail Server on Ubuntu 16.04 Part 1

Introduction

Welcome to Mail Server on Ubuntu 16.04 Part 1. This is the first part of a series of blog posts. It will use Postfix, dovecot and amavis. Setting up a mail server is a complex project it is one of the most difficult and complex servers to setup. There are many different tools/packages that have to come together before it is working. There are many more packages that can be installed before you have something that is usable in the real world with all the hackers and spammers around.

*Do not follow this blog post on a production server unless you are
 [crazy|dumb|mad|nutz|stupid] and want to be unemployed!

Why I wrote this.

I wrote this HOWTO, Mail Server on Ubuntu 16.04, as record of what I did to get my own mail server up and running. I can now and in the future follow these steps again and rebuild my own mail server. I hope it is of use to others.

For this HOWTO I am building using the following posts.
my test networking lab, Setup a Test Networking Lab with VirtualBox.
A minimal Ubuntu server running 16.04.

We will run through the setup of this one step at a time, hopefully not making any huge leaps. You will be able to test the parts installed as we go, no huge big bangs. All this as we move gently towards our goal of a Mail Server on Ubuntu 16.04.

There are some holes in the security of this server. e.g No firewall. So not just holes but open doors with neon signs!

Note: You are strongly recommended to take backup copies of your system and all files before you start and as we progress through the blog post.

When I install Ubuntu Linux on test machines I create a default common user called localadmin. I will use localadmin as the default local Linux user for this post. You can use any name you like just remember to change it where necessary.

The Mail Server on Ubuntu 16.04 which this post will be building is called mailserver and will be running Ubuntu Server edition. mailserver will run as a Virtual Box guest which allows for simple backups if nothing else. mailserver will be part of the dragon.lab domain.

mailserver.dragon.lab local IP 10.1.200.7

Services provided on mailserver

The server called mailserver will end up running the following servers and services.

  • Postfix mail server.
    • Delivering email to one or more local users.
    • Email recipients will not have to have a local Linux account.
    • Forwarding mail to remote users, from a lookup list only
    • Relaying emails to the outside world
    • Authentication and encryption TLS/SSL
    • Encrypted passwords
  • MySQL Database, holds user names, email addresses and alias addresses.

Install Ubuntu Server Edition.

We are starting from a minimal install of Ubuntu Server with no other software installed. During the installation process there will be a menu asking what other servers should be installed. I only install openssh here. ssh will allow you to ssh into your new server mailserver. This will make copy and paste operations easier and you can hae more than one terminal open and they will be bigger. The bigger and more numerous terminals makes editing much easier.

After the install is done make sure it is all up to date with the latest patches and security updates.

sudo apt-get update
sudo apt-get dist-upgrade

I usually take a snapshot of the virtual machine at this point. When I trash the install I can just roll back the snapshot and try again from a known clean starting point. If at first you don’t succeed, go and have another beer.

Network Config

Network interface. Get this sorted out so mailserver has a static IP address.

sudo nano /etc/network/interfaces

It should look something like this

# The loopback network interface
auto lo
iface lo inet loopback
 
# The primary network interface
auto eth0
#iface eth0 inet dhcp
iface eth0 inet static
   address 10.1.200.7
   gateway 10.1.200.1
   netmask 255.255.255.0
   dns-nameservers 10.1.200.1
   dns-search dragon.lab

Make sure that the fully qualified domain name is setup and displayed correctly.

hostname --fqdn

The command above should be displaying the following for mailserver.

mailserver.dragon.lab

It is does not the problem can be solved by editing the hosts file as follows.

sudo nano /etc/hosts
10.1.200.7 mailserver.dragon.lab mailserver
Note: The system finds the domain from the first FQDN in the /etc/hosts file.
This would be a good backup point!
You can always restore back to this point if you mess up on the way.

Postfix, MySQL and Dovecot

We will start off by installing Postfix, Dovecot and a simple mail client. These will be installed with the following command.

sudo apt-get install mail-stack-delivery mailutils

A lot more packages get pulled in than the ones listed on the command line due to dependencies.

When installing postfix, two questions were asked.

  • General type of mail configuration: Internet Site
  • System mail name: mailserver.dragon.lab

There should now be a very basic and insecure mailserver running on your test server. It will only accept email for local users. That is users which have a local Linux account.

If you make a mistake you can reconfigure these setting and a few other basic settings with the following command. Any values already entered before with become the default values.

sudo dpkg-reconfigure postfix

We need to tell postfix to use the Maildir format.

sudo postconf -e 'home_mailbox = Maildir/'

We also, need to set the MAIL environment variable for our localadmin user while we test this part.

export MAIL=~/Maildir

We should now be able to send a test email to our localadmin account. We have already installed a simple mail client and some other email tools.

Since this is a new mailserver and we it is unlikely that you are replacing an existing mailserver we can turn off the backwards compatibility mode on Postfix.

sudo postconf -e 'compatibility_level=2'

Restart Postfix to take all those changes into use.

sudo service postfix restart

Remember to check the log files for any errors and warnings, there should not be any at all.

This would be a good point to make a backup

Sending Your First Email

Now it’s time to send our first email 🙂 Are you sitting down, this is a momentous occasion after all!

To send our first email we will use the command line

echo 'This is the body of our first email to localadmin.' | mail -s 'Initial email subject' localadmin

To read your emails and especially your very first email 🙂 When logged in as localadmin

mail
"/home/localadmin/Maildir": 1 message 1 new
>N   1 root                                 13/581   Initial email subject
?

To read the email, at the question mark prompt, type the number at the start of the line, in this case 1 (one).

Return-Path: <root@mailserver.dragon.lab>
X-Original-To: localadmin@mailserver.dragon.lab
Delivered-To: localadmin@mailserver.dragon.lab
Received: by mailserver.dragon.lab (Postfix, from userid 0)
	id 675E5120534; Sun, 20 Nov 2016 11:21:34 +0000 (GMT)
Subject: Initial email subject
To: <localadmin@mailserver.dragon.lab>
X-Mailer: mail (GNU Mailutils 2.99.99)
Message-Id: <20161120112134.675E5120534@mailserver.dragon.lab>
Date: Sun, 20 Nov 2016 11:21:34 +0000 (GMT)
From: root@mailserver.dragon.lab (root)
 
This is the body of our first email to localadmin.

I sent this email while logged in as root as you can see from the headers. To delete this email type the email message number, again that would be 1 (one). Type help at the prompt to get a list of all the commands available.

There you go the first step is complete, a very simple mailserver. By the way, that was the easy part.

This would be a good backup point!

Testing with Telnet

For testing out the mailserver you can also use telnet. Using these commands is a little more complex but means you do not need to install the mail utilities. See these blog posts:

Mail Server on Ubuntu 16.04 Part2 of this series will take us through allowing virtual users. That is you the Administrator will not have to create a local Linux user account for all the email users.

* I am amazed at the number of people who have sent in comments saying, They tried this and other posts I have written on a production server and they broke their server.” All I can say is How dumb are these people? Never, ever follow any blog or HOWTO on a production server. Always try new software on test hardware or virtual machines. If your company or boss will not provide the necessary test environment, ask them what would be cheaper a few hundred GBP to buy some new hardware to run virtual machines or the loss of your server until you rebuild it. Just in case you missed the message: Never follow any blog post or HOWTO on a production server.

Leave a Reply

Your email address will not be published. Required fields are marked *