Mail Server


One of the nice things about a VPS is that you’ll likely not have any ports blocked so unlike your home ISP outgoing port 25 won’t be blocked and you can host a full fledged mail server. I choose Exim, you’ll eventually want to install a spam filter like spamassassin or you’ll be overrun with SPAM. For this VPS I’ve chosen to access mail via webmail (Squirrelmail) which also requires an IMAP server (Dovecot), to make life easier with Dovecot and Squirrelmail install Exim to use Maildir format instead of mbox.

I wanted to make sure that my mail server support TLS, I like knowing mail transfer is encrypted.

edit exim4.conf.template and add the following line:

MAIN_TLS_ENABLE = yes

A certificate also needs to be created:

openssl req -x509 -newkey rsa:1024 -keyout exim.key -out exim.crt -days 3650 -nodes

You may want to configure Exim to be your main outgoing SMTP relay, this can be acheived in a couple of ways. First you can enable relay from a specific IP or subnet:

edit /etc/exim4/update-exim4.conf.conf and configure dc_relay_nets

Another way would be to allow relay on authentication. Simply uncomment the following in /etc/exim4/exim4.conf.template:

 login_server:
   driver = plaintext
   public_name = LOGIN
   server_prompts = "Username:: : Password::"
   server_condition = "${if crypteq{$auth2}{${extract{1}{:}{${lookup{$auth1}lsearch{CONFDIR/passwd}{$value}{*:*}}}}}{1}{0}}"
   server_set_id = $auth1
   .ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS
   server_advertise_condition = ${if eq{$tls_cipher}{}{}{*}}
   .endif

Next the password file needs to be created for authentication to succeed, create your hashed password:

htpasswd -nd username

Copy the output into /etc/exim4/passwd

Leave a Reply