Raspberry Pi for auto host his email server

Warning : This article has been automatically translated by Google Translate


Danger : This article has been automatically translated by Google Translate


Our tutorial series continues with a new stage in our independence : our own email hosted at home server.

Raspberry Pi Home Server : auto héberger son serveur d'email

Then I have to recognize that the tutorial that follows has nothing to do with the planned. I wanted to install and configure Citadel which is kinda the Swiss army knife of mail server. Unfortunately, Once installed the configuration turns out galley (for me) and not much help on the Internet. It will therefore be for later.

In short I am returned to the origins, with a good old server postfix !

  1. The classic update the Raspberry
    apt-get update && apt-get upgrade -y
  2. Other things that are important : port openings. Be sure that from the outside, TCP ports 25, 143, 993, 110 and 995 are readily accessible. Here I will not help you because it's going to depend on your box or the configuration of your ISP.
  3. To go further need you a domain name. I advise you to go through noip.com with the tutorial here. It allows you to have a domain name and an ip “fixed” Thanks to the client that will be installed on your machine.
  4. In the noip for your domain configuration interface, go downstairs in the MX box and add the value <your domain name>. It allows you to redirect queries concerning the management of the emails to your machine.
  5. Install the package bind9-host
     apt - get install bind9-host
  6. Test that the redirection is fine work
     host t MX <your domain name>
    
     <your domain name> mail is handled by 10 <your domain name>.

    CA is good news. Without it, no chance to run our server.

  7. Change the/etc/hosts file
    127.0.0.1      <your domain name>
  8. Change the file/etc/hostname
    <your domain name>
  9. Restart Raspberry Pi
    reboot
  10. Install postfix
    apt - get install postfix

    During the installation you choose “Internet Site” in the configuration screen. Then your domain name.

  11. To make our tests, It is necessary to
    1. Mail from command line tools that are already installed. In the event that :
      apt - get install mailutils
    2. A test user. At home I have root for facilities and a user pi for testing. If necessary you can create a new one.adduser pi
  12. You can from the root user, send a mail to the user pi
    echo "I'm talking about blah blah blah" | mail-s "Mail subject : blah blah" PI @.<your domain>.no - ip.org

    You'll get the result by connecting to the raspberry with the pi user (a single message you !) :

    Raspberry Pi Home Server : auto héberger son serveur d'email

    The command to view the incoming emails

  13. For the reception, We will install the POP3 and IMAP
    apt - get install dovecot-pop3d dovecot-imapd

    Thanks to them you can now read (After Odinga for sending) the emails that are received on the Raspberry Pi. Automatic configuration of Thunderbird should give you something like that :

    Raspberry Pi Home Server : auto héberger son serveur d'email

    Automatic configuration of Thunderbird should detect the IMAP, the POP3 and SMTP through your email

    On the other hand, listed security, It can bitching. My certificate was generated with the old name of the machine and not the domain created under noip.

    Raspberry Pi Home Server : auto héberger son serveur d'email

    Our mail in Thunderbird

Receive is done. Next step, send ! For this, It is necessary that our SMTP service is accessible and that he might send over the Internet. We have 4 opportunities :

  1. Use the Postfix SMTP. Only problem, It may be blocked by the different services of the mail (Yahoo, Hotmail for example) might consider a spammer because it is not “known”.
  2. Use the Postfix SMTP but with exceptions for certain email addresses so your emails do not leave in spam.
  3. Use your ISP's SMTP (or ISP for our English-speaking friends). If change you the provider, you need to update your configuration
  4. Use a third-party as SMTP for example that of gmail if you have an account.

The simplest solution : the SMTP of your ISP.

  1. Edit the /etc/postfix/main.cf Postfix configuration file and change the line
    relayhost =

    with

    relayhost = <name of the SMTP>

    For example for free it is smtp.free.fr, Orange smtp.orange.fr, etc. You can find a complete list (I hope to update) here for French services.

  2. Reload the configuration of the service
    Service postfix reload
  3. Remains to be tested

    Raspberry Pi Home Server : auto héberger son serveur d'emailAnd on the server :

    Raspberry Pi Home Server : auto héberger son serveur d'email

    The mail sent from Thunderbird seen on the hosted email auto Server

Voilà. If you want an email box “private” (items only to recipients in your domain) without any intermediary, you've found I hope your happiness.

Where things can get complicated if you want to send emails to people outside your domain (Gmail, Yahoo or other). If you don't put authentication on your SMTP server you will be considered an open relay that will be prey for spammers that you will use to flood our boxes. You will be so identified and blacklisted. Not too the purpose intended I think.

By default, Postfix installs with a TLS layer to encrypt exchanges and passwords. From this side nothing to do so, Here is what you need :

# TLS parameters smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key smtpd_use_tls = yes smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

smtpd_tls_auth_only = yes

I added the red line to ensure that authentication cannot be done without going through the TLS layer. Each client should be configured to use.

We will then implement the famous SASL authentication. No need for an additional server, Dovecot we installed for managing POP3 and IMAP can do so we will not overload the machine !

  1. Edit the file /etc/Dovecot/dovecot.conf and add at the end of file :
    auth default {
    
     Socket listen {
    
     client {
    
     path = / var/spool/postfix/private/auth group = postfix mode = 0660
    
     }
    
    }

    We now have the link between Dovecot and Postfix. Remains to give also to Postfix

  2. Modifier le fichier /etc/postfix/postfix.cf et y ajouter les lignes suivantes (pour plus de détail sur les lignes ajoutées, vous pouvez regarder here) :
    smtpd_sasl_auth_enable = yes  smtpd_sasl_type = dovecot  smtpd_sasl_path = private/auth  smtpd_sasl_authenticated_header = yes  smtpd_client_restrictions =   permit_mynetworks, permit_sasl_authenticated,
    
     sleep 1, reject_unauth_pipelining  smtpd_helo_restrictions = reject_invalid_helo_hostname  smtpd_sender_restrictions =   reject_unlisted_sender, reject_unknown_sender_domain,
    
     permit_mynetworks, permit_sasl_authenticated,
    
     reject_non_fqdn_sender smtpd_recipient_restrictions = reject_unlisted_recipient, reject_unknown_recipient_domain,
    
     permit_mynetworks, permit_sasl_authenticated,
    
     reject_non_fqdn_recipient,
    
     reject_unauth_destination
  3. Rest to restart Dovecot and Postfix
    Service dovecot restart service postfix restart
  4. You should now be able to send where you want and who you want.

In the case here is my Thunderbird and Postfix configurations

Raspberry Pi Home Server : auto héberger son serveur d'email

Postfix configuration

Raspberry Pi Home Server : auto héberger son serveur d'email

Reception under Thunderbird IMAP configuration

Raspberry Pi Home Server : auto héberger son serveur d'email

Configuring SMTP in Thunderbird

I am not the great specialist in Postfix so feel free to share your comments or experiences in the comments.

Sources : Google, raspberrypi.org, Alsacréations, State-of - mind.by and especially isalo.org who has a great article on the subject

Like this article ? Bear with me on patreon!

You may also like...