My email Server Setup

Mar 11, 2015

Wanting to have more control over my email, I decided to setup my own mail server. I thought I had a pretty good understanding of how mail works, considering my mutt/offlineimap/imapfilter setup, but I must say I was pleasantly surprised while setting everything up.

For my setup I decided to go with a typical postfix/dovecot installation. I used a Debian KVM machine from Prometeus, which is based in Italy and, as far as I understand, is under the Italian jurisdiction, with 512MB RAM and a 25GB SSD which ought to be enough for my needs.

I use postfix as my MTA with virtual mailboxes and accounts and of course TLS (self-signed cert) where applicable. Dovecot is used as an IMAP server, I don't like POP3, and it's what postfix uses to authenticate users that want to send an email. Postfix forwards incoming mail to dovecot, dovecot filters the mail using Sieve and stores it on the corresponding mailbox. I'm using the Maildir format to store the emails.

On outgoing mails, postfix uses pcre to block/hide/modify headers that are leaking information about the sender.

I didn't know about the existence of SPF or DKIM initially, but after a bit of reading, I decided to only implement SPF due to its simplicity. I've currently set it to ~all. If the need arises, I'll take another look on DKIM.

The server has been running for a couple of days without any problems. I haven't received any spam mail so far and fail2ban has only blocked a couple of IPs. If I start getting spam, I'll look into setting up spam-assassin.

All in all, it's been fun and a great learning experience so far. I suggest you give it a try.

PS: This whole post is a big OPSEC fail.

Tags: software workflow mail