|
@@ -1,6 +1,6 @@ |
|
|
# Email server setup script |
|
|
# Email server setup script |
|
|
|
|
|
|
|
|
I wrote this script during the gruelling process of installing and setting up |
|
|
|
|
|
|
|
|
I wrote this script during the grueling process of installing and setting up |
|
|
an email server. It perfectly reproduces my successful steps to ensure the |
|
|
an email server. It perfectly reproduces my successful steps to ensure the |
|
|
same setup time and time again. |
|
|
same setup time and time again. |
|
|
|
|
|
|
|
@@ -14,14 +14,10 @@ curl -LO lukesmith.xyz/emailwiz.sh |
|
|
When prompted by a dialog menu at the beginning, select "Internet Site", then |
|
|
When prompted by a dialog menu at the beginning, select "Internet Site", then |
|
|
give your full domain without any subdomain, i.e. `lukesmith.xyz`. |
|
|
give your full domain without any subdomain, i.e. `lukesmith.xyz`. |
|
|
|
|
|
|
|
|
Read this readme and peruse the script's comments before running it. Expect it |
|
|
|
|
|
to fail and you have to do bug testing and you will be very happy when it |
|
|
|
|
|
actually works perfectly. |
|
|
|
|
|
|
|
|
|
|
|
## This script installs |
|
|
## This script installs |
|
|
|
|
|
|
|
|
- **Postfix** to send and receive mail. |
|
|
- **Postfix** to send and receive mail. |
|
|
- **Dovecot** to get mail to your email client (mutt, Thunderbird, etc). |
|
|
|
|
|
|
|
|
- **Dovecot** to get mail to your email client (mutt, Thunderbird, etc.). |
|
|
- Config files that unique the two above securely with native log-ins. |
|
|
- Config files that unique the two above securely with native log-ins. |
|
|
- **Spamassassin** to prevent spam and allow you to make custom filters. |
|
|
- **Spamassassin** to prevent spam and allow you to make custom filters. |
|
|
- **OpenDKIM** to validate you so you can send to Gmail and other big sites. |
|
|
- **OpenDKIM** to validate you so you can send to Gmail and other big sites. |
|
@@ -50,19 +46,19 @@ actually works perfectly. |
|
|
server: (1) an **MX record** pointing to your own main domain/IP and (2) a |
|
|
server: (1) an **MX record** pointing to your own main domain/IP and (2) a |
|
|
**CNAME record** for your `mail.` subdomain. |
|
|
**CNAME record** for your `mail.` subdomain. |
|
|
4. **A Reverse DNS entry for your site.** Go to your VPS settings and add an |
|
|
4. **A Reverse DNS entry for your site.** Go to your VPS settings and add an |
|
|
entry for your IPV4 Reverse DNS that goes from your IP address to |
|
|
|
|
|
`<yourdomain.com>` (not mail subdomain). If you would like IPV6, you can do |
|
|
|
|
|
|
|
|
entry for your IPv4 Reverse DNS that goes from your IP address to |
|
|
|
|
|
`<yourdomain.com>` (not mail subdomain). If you would like IPv6, you can do |
|
|
the same for that. This has been tested on Vultr, and all decent VPS hosts |
|
|
the same for that. This has been tested on Vultr, and all decent VPS hosts |
|
|
will have a section on their instance settings page to add a reverse DNS PTR |
|
|
|
|
|
|
|
|
will have a section on their instance settings page to add a reverse DNS PTR |
|
|
entry. |
|
|
entry. |
|
|
You can use the 'Test Email Server' or ':smtp' tool on |
|
|
You can use the 'Test Email Server' or ':smtp' tool on |
|
|
[mxtoolbox](https://mxtoolbox.com/SuperTool.aspx) to test if you set up |
|
|
[mxtoolbox](https://mxtoolbox.com/SuperTool.aspx) to test if you set up |
|
|
a reverse DNS correctly. This step is not required for everyone, but some |
|
|
a reverse DNS correctly. This step is not required for everyone, but some |
|
|
big email services like gmail will stop emails coming from mail servers |
|
|
|
|
|
|
|
|
big email services like Gmail will stop emails coming from mail servers |
|
|
with no/invalid rDNS lookups. This means your email will fail to even |
|
|
with no/invalid rDNS lookups. This means your email will fail to even |
|
|
make it to the receipients spam folder; it will never make it to them. |
|
|
|
|
|
|
|
|
make it to the recipients spam folder; it will never make it to them. |
|
|
5. `apt purge` all your previous (failed) attempts to install and configure a |
|
|
5. `apt purge` all your previous (failed) attempts to install and configure a |
|
|
mailserver. Get rid of _all_ your system settings for Postfix, Dovecot, |
|
|
|
|
|
|
|
|
mail server. Get rid of _all_ your system settings for Postfix, Dovecot, |
|
|
OpenDKIM and everything else. This script builds off of a fresh install. |
|
|
OpenDKIM and everything else. This script builds off of a fresh install. |
|
|
6. Some VPS providers block port 25 (used to send mail). You may need to |
|
|
6. Some VPS providers block port 25 (used to send mail). You may need to |
|
|
request that this port be opened to send mail successfully. Although I have |
|
|
request that this port be opened to send mail successfully. Although I have |
|
@@ -105,27 +101,23 @@ email program. For my domain, the server information will be as follows: |
|
|
- SMTP port: 587 |
|
|
- SMTP port: 587 |
|
|
- IMAP server: `mail.lukesmith.xyz` |
|
|
- IMAP server: `mail.lukesmith.xyz` |
|
|
- IMAP port: 993 |
|
|
- IMAP port: 993 |
|
|
- Username `luke` (I.e. *not* `luke@lukesmith.xyz`) |
|
|
|
|
|
|
|
|
|
|
|
The last point is important. Many email systems use a full email address on |
|
|
|
|
|
login. Since we just simply use local PAM logins, only the user's name is used |
|
|
|
|
|
(this makes a difference if you're using my |
|
|
|
|
|
[mutt-wizard](https://github.com/lukesmithxyz/mutt-wizard), etc.). |
|
|
|
|
|
|
|
|
|
|
|
## Tweaking things |
|
|
|
|
|
|
|
|
|
|
|
You're a big boy now if you have your own mail server! |
|
|
|
|
|
|
|
|
|
|
|
You can tweak Postfix (sending mail |
|
|
|
|
|
|
|
|
In previous versions of emailwiz, you also had to log on with *only* your |
|
|
|
|
|
username (i.e. `luke`) rather than your whole email address (i.e. |
|
|
|
|
|
`luke@lukesmith.xyz`), which caused some confusion. This is no longer the |
|
|
|
|
|
case. |
|
|
|
|
|
|
|
|
## Benefited from this? |
|
|
## Benefited from this? |
|
|
|
|
|
|
|
|
If this script or documentation has saved you some frustration, you can donate |
|
|
|
|
|
to support me at [lukesmith.xyz/donate](https://lukesmith.xyz/donate.html). |
|
|
|
|
|
|
|
|
I am always glad to hear this script is still making life easy for people! If |
|
|
|
|
|
this script or documentation has saved you some frustration, you can donate to |
|
|
|
|
|
support me at [lukesmith.xyz/donate](https://lukesmith.xyz/donate.html). |
|
|
|
|
|
|
|
|
## Troubleshooting -- Can't send mail? |
|
|
## Troubleshooting -- Can't send mail? |
|
|
|
|
|
|
|
|
- Always check `journalctl -xe` to see the specific problem. |
|
|
- Always check `journalctl -xe` to see the specific problem. |
|
|
|
|
|
- Check with your VPS host and ask them to enable mail ports. Some providers |
|
|
|
|
|
disable them by default. It shouldn't take any time. |
|
|
- Go to [this site](https://appmaildev.com/en/dkim) to test your TXT records. |
|
|
- Go to [this site](https://appmaildev.com/en/dkim) to test your TXT records. |
|
|
If your DKIM, SPF or DMARC tests fail you probably copied in the TXT records |
|
|
If your DKIM, SPF or DMARC tests fail you probably copied in the TXT records |
|
|
incorrectly. |
|
|
incorrectly. |
|
|