My mail setup: Postifx, Dovecot, PostgreSQL, SASL, TLS, Amavis, SpamAssassin, and Postgrey on UbuntuPosted: December 23rd, 2006 | Author: Matt Croydon | Filed under: Web Services | 4 Comments »
Part of moving from several various hosting locations to one was figuring out my mail setup. I had originally planned to manage mail with a control panel provided by my VPS provider. The 1U server that I had co-located in Maryland for several years is still sitting in the middle of the den so I figured that the easier mail was to manage the more likely I would be to get off my butt and manage it. It turns out that there were some bugs with Ubuntu and the version of the control panel I was using, so I asked the VPS provider to reinstall a fresh clean copy of Ubuntu Server and I’d take it from there.
I have to say that I’ve been doing this Linux thing for some time now (remember downloading A, AP, D, K, etc disk sets?) and it seems like setting up a good mail server still one of the most tedious things to do, but boy does it feel good when you’re done. After quite a bit of research I settled on a virtual mailbox stack built on Postfix and Dovecot.
I’ve found that setting up a mail server is best done in pieces. Configure something, test to make sure that it works, add another piece, break it, fix it, test it again. I started out my setup with a basic Postfix installation as described on the Ubuntu wiki. Once that was working I moved to a virtual mailbox setup with flatfiles but eventually ditched that for a PostgreSQL setup as described at L’Xtreme after trying to get PAM and SASL authentication working with my flatfile setup. If you’re looking to start from scratch with a postfix setup using virtual mailboxes I would highly recommend the L’Xtreme setup.
The only snag I ran in to with the L’Xtreme instructions was generating CRYPTed passwords. I ended up using htpasswd from the apache2-utils package in Dapper Drake. Setting both
auth_debug = yes and
auth_debug_passwords = yes in
/etc/dovecot/dovecot.conf helped me figure out the password mismatch that was going on.
Once I had the basic setup working with TLS and SASL authentication via pam authenticating to Postgres, I set out to lock down the system against spam. The first thing I did was to set up Amavisd-new running it through SpamAssassin and several plugins. That did a pretty good job but spam dropped to near zero as soon as I installed Postgrey. I used these instructions from Debian/Ubuntu tips and tricks. I tweaked the config files to whitelist quicker and reduced the greylist to 60 seconds from the default 5 minutes (to be a little nicer to legit mail servers). I’ve also been using pflogsumm.pl to keep an eye on stats.
Like I said, setting up a mail server can be quite frustrating, but it sure is satisfying once it’s humming along.