Du kannst nicht mehr als 25 Themen auswählen Themen müssen entweder mit einem Buchstaben oder einer Ziffer beginnen. Sie können Bindestriche („-“) enthalten und bis zu 35 Zeichen lang sein.

vor 5 Jahren
vor 4 Jahren
vor 5 Jahren
vor 5 Jahren
vor 5 Jahren
vor 5 Jahren
vor 5 Jahren
vor 5 Jahren
vor 5 Jahren
vor 5 Jahren
vor 4 Jahren
vor 4 Jahren
vor 5 Jahren
vor 5 Jahren
vor 4 Jahren
vor 5 Jahren
vor 5 Jahren
vor 5 Jahren
vor 4 Jahren
vor 4 Jahren
vor 4 Jahren
vor 5 Jahren
vor 4 Jahren
vor 4 Jahren
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148
  1. # Email server setup script
  2. I wrote this script during the grueling process of installing and setting up
  3. an email server. It perfectly reproduces my successful steps to ensure the
  4. same setup time and time again, now with many improvements.
  5. I'm glad to say that dozens, hundreds of people have now used it and there is a
  6. sizeable network of people with email servers thanks to this script.
  7. I've linked this file on Github to a shorter, more memorable address on my
  8. website so you can get it on your machine with this short command:
  9. ```sh
  10. curl -LO lukesmith.xyz/emailwiz.sh
  11. ```
  12. When prompted by a dialog menu at the beginning, select "Internet Site", then
  13. give your full domain without any subdomain, i.e. `lukesmith.xyz`.
  14. ## This script installs
  15. - **Postfix** to send and receive mail.
  16. - **Dovecot** to get mail to your email client (mutt, Thunderbird, etc.).
  17. - Config files that link the two above securely with native log-ins.
  18. - **Spamassassin** to prevent spam and allow you to make custom filters.
  19. - **OpenDKIM** to validate you so you can send to Gmail and other big sites.
  20. ## This script does _not_
  21. - use a SQL database or anything like that.
  22. - set up a graphical interface for mail like Roundcube or Squirrel Mail. If you
  23. want that, you'll have to install it yourself. I just use
  24. [isync/msmtp/mutt-wizard](https://github.com/lukesmithxyz/mutt-wizard) to
  25. have an offline mirror of my email setup and I recommend the same. There are
  26. other ways of doing it though, like Thunderbird, etc.
  27. ## Requirements
  28. 1. A **Debian or Ubuntu server**. I've tested this on a
  29. [Vultr](https://www.vultr.com/?ref=8384069-6G) Debian server and one running
  30. Ubuntu and their setup works, but I suspect other VPS hosts will have
  31. similar/possibly identical default settings which will let you run this on
  32. them. Note that the affiliate link there to Vultr gives you a $100 credit
  33. for the first month to play around.
  34. 2. **A Let's Encrypt SSL certificate for your site's `mail.` subdomain**.
  35. 3. You need two little DNS records set on your domain registrar's site/DNS
  36. server: (1) an **MX record** pointing to your own main domain/IP and (2) a
  37. **CNAME record** for your `mail.` subdomain. NOTE: You can't point an MX
  38. Record to a CNAME or Alias BUT you can create a second A record for
  39. subdomain.domain.tld (e.g. mail.lukesmith.xyz) and refer it to the IP address
  40. of your incoming mail server.
  41. 4. **A Reverse DNS entry for your site.** Go to your VPS settings and add an
  42. entry for your IPv4 Reverse DNS that goes from your IP address to
  43. `<yourdomain.com>` (not mail subdomain). If you would like IPv6, you can do
  44. the same for that. This has been tested on Vultr, and all decent VPS hosts
  45. will have a section on their instance settings page to add a reverse DNS PTR
  46. entry. NOTE: If you host both your email and website on the same server
  47. (e.g. Postfix and NGINX), your Reverse DNS entry will need to go from your IP
  48. address to your mail subdomain (i.e. mail.lukesmith.xyz) and not to `<yourdomain.com>`
  49. (i.e. lukesmith.xyz).
  50. You can use the 'Test Email Server' or ':smtp' tool on
  51. [mxtoolbox](https://mxtoolbox.com/SuperTool.aspx) to test if you set up
  52. a reverse DNS correctly. This step is not required for everyone, but some
  53. big email services like Gmail will stop emails coming from mail servers
  54. with no/invalid rDNS lookups. This means your email will fail to even
  55. make it to the recipients spam folder; it will never make it to them.
  56. 5. `apt purge` all your previous (failed) attempts to install and configure a
  57. mail server. Get rid of _all_ your system settings for Postfix, Dovecot,
  58. OpenDKIM and everything else. This script builds off of a fresh install.
  59. 6. Some VPS providers block mail port numbers like 25, 933 or 587 by default.
  60. You may need to request these ports be opened to send mail successfully.
  61. Vultr and most other VPS providers will respond immediately and open the
  62. ports for you if you open a support ticket.
  63. ## Post-install requirement!
  64. - After the script runs, you'll have to add additional DNS TXT records which
  65. are displayed at the end when the script is complete. They will help ensure
  66. your mail is validated and secure.
  67. ## Making new users/mail accounts
  68. Let's say we want to add a user Billy and let him receive mail, run this:
  69. ```
  70. useradd -m -G mail billy
  71. passwd billy
  72. ```
  73. Any user added to the `mail` group will be able to receive mail. Suppose a user
  74. Cassie already exists and we want to let her receive mail too. Just run:
  75. ```
  76. usermod -a -G mail cassie
  77. ```
  78. A user's mail will appear in `~/Mail/`. If you want to see your mail while ssh'd
  79. in the server, you could just install mutt, add `set spoolfile="+Inbox"` to
  80. your `~/.muttrc` and use mutt to view and reply to mail. You'll probably want
  81. to log in remotely though:
  82. ## Logging in from Thunderbird or mutt (and others) remotely
  83. Let's say you want to access your mail with Thunderbird or mutt or another
  84. email program. For my domain, the server information will be as follows:
  85. - SMTP server: `mail.lukesmith.xyz`
  86. - SMTP port: 587
  87. - IMAP server: `mail.lukesmith.xyz`
  88. - IMAP port: 993
  89. In previous versions of emailwiz, you also had to log on with *only* your
  90. username (i.e. `luke`) rather than your whole email address (i.e.
  91. `luke@lukesmith.xyz`), which caused some confusion. This is no longer the
  92. case.
  93. ## Benefited from this?
  94. I am always glad to hear this script is still making life easy for people! If
  95. this script or documentation has saved you some frustration, you can donate to
  96. support me at [lukesmith.xyz/donate](https://lukesmith.xyz/donate.html).
  97. ## Troubleshooting -- Can't send mail?
  98. - Always check `journalctl -xe` to see the specific problem.
  99. - Check with your VPS host and ask them to enable mail ports. Some providers
  100. disable them by default. It shouldn't take any time.
  101. - Go to [this site](https://appmaildev.com/en/dkim) to test your TXT records.
  102. If your DKIM, SPF or DMARC tests fail you probably copied in the TXT records
  103. incorrectly.
  104. - If everything looks good and you *can* send mail, but it still goes to Gmail
  105. or another big provider's spam directory, your domain (especially if it's a
  106. new one) might be on a public spam list. Check
  107. [this site](https://mxtoolbox.com/blacklists.aspx) to see if it is. Don't
  108. worry if you are: sometimes especially new domains are automatically assumed
  109. to be spam temporarily. If you are blacklisted by one of these, look into it
  110. and it will explain why and how to remove yourself.
  111. - Check your DNS settings using [this site](https://intodns.com/), it'll report
  112. any issues with your MX records
  113. - Ensure that port 25 is open on your server.
  114. [Vultr](https://www.vultr.com/docs/what-ports-are-blocked) for instance
  115. blocks this by default, you need to open a support ticket with them to open
  116. it. You can't send mail if 25 is blocked
  117. - Keep in mind that .xyz domains are considered "NTLD" or NEW Top Level Domains
  118. and Spam Assassin and other spam blockers (especially corporate/enterprise spam blockers)
  119. will block these NTLD's purely based on this fact alone. Some corporate and/or enterprise
  120. email filters are much more agressive than Gmail's. Keep this in mind when you try to send
  121. an email to a friend who works at a large company and they never receive your email.