The last post: Building your own mail server, part 1

Know your writes – and your boxen

Software choices

Some mail systems combine all or parts of this, others rely on different modules and helpers. The big first choice is the MTA, which will typically offer an SMTP server, and handle delivery to local mailboxes. There are quite a few of these around; in my innocent youth, I even once wrote a sendmail.cf file. My perversions are more refined now, and having dabbled for a while with MMDF, I've ended up picking Postfix.

Email Client Config

With a DIY server, you can be as secure as you like, with IMAP via SSL or even an encrypted message store

There are alternatives – Qmail is popular with some, for example. But I always feel as if I'm stuck in a twisty little maze of directories, all looking very similar. Postfix generally keeps all its options in one place, and plays nicely with others, too. Another option would have been OpenSMTPD, which is from OpenBSD, but having figured out Postfix a few years ago, I'm not yet ready to change.

Postfix can be set up very easily to work with other pieces of software to help filter messages. One of those is called Amavisd-new, and I'm indebted to a long-ago how-to by Scott Vintinner that is sadly no longer online, but explains how to use it with Postfix, to run ClamAV and Spamassassin to check incoming mail. That can all be done, for extra security, in a chroot environment (much of Postfix can also run chroot, too).

I'm also using a greylist filter, called PostGrey, which learns regular correspondents and lets their messages through swiftly, but rejects most incoming mail with a temporary error, unless the combination of sender, recipient and IP address has been seen already. It's surprisingly effective at stopping spammers who, by and large, move on to the next address if they get anything other than an 'OK' from your mail server.

Mail Server Block Diagram

How the different parts of the mail system fit together

That takes care of receiving email, but what about accessing it? Postfix delivers messages to Maildir format folders,though it also supports other formats. Those can be read by a variety of IMAP and POP3 servers, including Courier and Dovecot. Since Dovecot can also plug into Postfix to provide authentication for SMTP, which in turn allows me to send through my server from anywhere, I've gone with Dovecot.

Those who are very security conscious, incidentally, can even set up Dovecot to encrypt the mail on the server. In combination with IMAP or POP over SSL, you'd then ensure that once messages arrive on your system, they'll never be seen in plaintext again.

Most of my email is accessed by IMAP, keeping all the folders on the server, with system accounts that receive log files using POP3, as I don't tend to keep those for long. If you don't have a fixed IP address, you might also want to use a tool like Fetchmail to grab messages from accounts elsewhere, and inject them into Postfix.

How much mail?

It's pretty clear that vast proportions of email on the internet are spam, and it's dealing with that that puts most people off running their own server these days. Looking at the flow of messages through the server – for me, a client whose email I route for them, and a handful of friends – I see around 850 messages accepted each day, and more than 5100 connections to the server. That represents about 17 per cent ham.

OpenBSD System Load

Even with a few email clients connected, this small system can cope easily with the mail load

That's not too bad, all things considered – and it's quite within the capabilities of the old system I was using, with just 2GB of memory and a 1GHz processor. The Revo One has a faster 1.4GHz Celeron CPU and twice as much memory, so can handle the load easily – in normal use, the load average is around 1.1.

Next weekend, I'll get more hands-on with details of exactly how you can build your own mail system on a small PC, and take back control of your email. ®

Sponsored: Detecting cyber attacks as a small to medium business

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER


Biting the hand that feeds IT © 1998–2020