Pictures got bumped from the blog move. Sorry.
Mar 2012
You might want to have your own email server because your paranoid, can’t stand the fact that free web email posts ads based on the contents of your email, or curiosity. For what ever your reasons this is how I made mine.
Things you’ll need prior.
- Purchase a domain of your choosing
- Static home IP
- Install Ubuntu 11.10 Server
Within your domain host you should locate where you can make edits to the DNS.
After locating this area we need to add a subdomain.
The subdomain should be mail.example.com. Obviously select your domain name.
Edit the mail.example.com subdomain DNS.
Make the DNS A record point to the static IP of you email server. Make the MX (mail exchange) record point to mail.example.com with a value of 10.
This could take some time to populate throughout their servers.
INSTALL UBUNTU SERVER
For the most part the install of Ubuntu Server was default and selecting the packages differed. I only installed OpenSSH and LAMP.
If you install the mail server it uses dovecot and I perfer courier.
After installing ubuntu server I then installed ubuntu-dekstop:
sudo apt-get install -y ubuntu-desktop
Its much easier to install the configuration files and follow along in the GUI.
After installing the ubuntu-desktop reboot and follow this walk through: http://www.pixelinx.com/2010/10/creating-a-mail-server-on-ubuntu-using-postfix-courier-ssltls-spamassassin-clamav-and-amavis
***TYPO*** When you get to 15-content-filter-mode its actually 15-content_filter_mode
After your completed there are some additional changes and additions to be made.
I added to the following lines to /etc/postfix/main.cf.
Locate the relayhost. The reason for this is to use an existing email account on your domain to send email out.
relayhost = [smtp.1and1.com]:587
Locate the #Encrypted authentication (SASL) and add the following:
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_sasl_tls_security_options = noanonymous
Save /etc/postfix/main.cf
We need to add the relayhost login and password so that we can send mail through a SMTP server. The reason for using a host is that often home email servers get placed on an email blacklist and your email are lost. Its the host problem to ensure there email server dont end up on those lists. Change to your domain and port. The email address is normally used to authenticate through the relay. This email address and password can be set up through your domain.
echo [smtp.1and1.com]:587 mail@example.com:password” > /etc/postfix/sasl_passwdpostmap /etc/postfix/sasl_passwdAfter this I added an additional user to the mysql database mail.
Login to MySQL.
mysql -u root -pUSE mail;INSERT INTO `user` (`email`, `password`, `name`, `quota`, `enabled`) VALUES ('USER@example.com‘, ENCRYPT(’changeme‘), ‘Administrator‘, NULL, 1);exit;Send this USER email from another source. This will populate the folders required to login.
INSTALL SQUIRRELMAIL
apt-get install -y squirrelmail squirrelmail-locales php-pear php5-cliSETUP APACHE
cp /etc/squirrelmail/apache.conf /etc/apache2/sites-available/squirrelmailln -s /etc/apache2/sites-available/squirrelmail /etc/apache2/sites-enabled/500-squirrelmaila2ensite squirrelmailapache2ctl -t/etc/init.d/amavis startSETUP SSL FOR APACHE (http://www.tc.umn.edu/~brams006/selfsign.html) and (http://www.tc.umn.edu/~brams006/selfsign_ubuntu.html)
openssl genrsa -des3 -out /etc/ssl/server.key 4096openssl req -new -key /etc/ssl/server.key -out /etc/ssl/server.csropenssl x509 -req -days 3650 -in /etc/ssl/server.csr -signkey /etc/ssl/server.key -out /etc/ssl/server.crtopenssl rsa -in /etc/ssl/server.key -out /etc/ssl/server.key.insecuremv /etc/ssl/server.key /etc/ssl/server.key.securemv /etc/ssl/server.key.insecure /etc/ssl/server.keymkdir /etc/apache2/sslcp /etc/ssl/server.key /etc/apache2/sslcp /etc/ssl/server.crt /etc/apache2/ssla2enmod sslln -s /etc/apache2/sites-available/default-ssl /etc/apache2/sites-enabled/000-default-sslecho "ServerName localhost" >> /etc/apache2/apache2.conf/etc/init.d/apache2 restartEDIT HOSTS
nano /etc/host127.0.0.1 localhost localhost.localdomain mail
127.0.1.1 mail
173.72.XXX.XXX mail.example.comSQUIRRELMAIL
cd /usr/share/squirrelmail/plugins/wget "http://www.squirrelmail.org/plugins/secure_login-1.4-1.2.8.tar.gz"tar xzvf secure_login-1.4-1.2.8.tar.gzcd secure_login/cp config.sample.php config.phpnano config.phpmodify;
$change_back_to_http_after_login = 1;to;
$change_back_to_http_after_login = 0;EDIT SQUIRRELMAIL
squirrelmail-configureDcourier8Locate secure_login and enter the number to enable.
SQAPACHE EDITS (https://help.ubuntu.com/community/EnablingUseOfApacheHtaccessFiles)
nano /vetc/apache2/sites-available/defaultFind;
<Directory /var/www/> Options Indexes FollowSymLinks MultiViews AllowOverride NoneModify;
AllowOverride AllSame for:
nano /vetc/apache2/sites-available/default-sslcd /var/wwwnano .htaccessADD:
# This allows you to redirect index.html to a specific subfolderRedirect /index.html https://mail.example.com/squirrelmail/Try logging into your email server:
http://mail.example.com
You should see the cert error and must accept the cert.
After that you should be able to login.
Might be able to add some additional configuration from here. http://flurdy.com/docs/postfix/
UPDATE 120319;
Recenting added the change_sqlpass plugin and that took and little figuring out. The screen will go blank and forces you to re-login with new password.
The config.php should have the following settings:
$csp_dsn = 'mysql://root:password@localhost/mail’;
$lookup_password_query = ‘SELECT count(*) FROM user WHERE email = “%1″ AND password = %4′;
$password_update_queries = array(’UPDATE user SET password = %4 WHERE email = “%1″‘);
$force_change_password_check_query = ”;
$password_encryption = ‘MYSQLENCRYPT’;
$csp_salt_static = ‘LEFT(password, 2)’;
$csp_secure_port = 0;
$csp_non_standard_http_port = 0;
$min_password_length = 8;
$max_password_length = 0;
$include_digit_in_password = 1;
$include_uppercase_letter_in_password = 1;
$include_lowercase_letter_in_password = 1;
$include_nonalphanumeric_in_password = 0;
$csp_delimiter = ‘@’;
$csp_debug = 0;
