The RasPi’s small size and low power consumption make it an ideal choice for use as a home email server. After trying a couple of different pieces of software, I finally found an excellent combination: Postfix with Dovecot and Squirrelmail, plus Spamasssassin and Sieve for spam filtering. There are many, many tutorials out there for the first trilogy of programs, but since the configuration is slightly different for each distribution I kept coming unstuck when setting mine up on the Pi. Having finally got mine configured properly, I’ve put together a set of 5 tutorials, which will take you from a vanilla Raspbian image to a fully functioning email server in no time. When writing the tutorial I made an effort to explain what each setting does instead of just dumping commands. With a bit of luck at the end of the process you’ll not only have a working server, you’ll understand how it works… without having to wade through reams of documentation like I did! If you follow the tutorials from start to finish, here’s what you’ll end up with:
- An email server that you can run 24/7/365 for under £5 of electricity per year
- Personalised email address like email@example.com (requires you to have registered a domain name with a registrar like namecheap.com - see my DNS basics tutorial)
- The ability to connect from anywhere, and read & send email, using a secure IMAP connection on your phone, tablet or computer
- Log in to webmail using any web browser on a secure HTTPS connection, read & send email
- Complete control over your personal communication. Your emails are stored on YOUR server, and nobody is scanning them to sell you adverts.
- Smart spam filtering with Spamassassin
- Customisable mail sorting with Sieve rules
Postfix, the Mail Transfer Agent
Postfix is the program that lets you send and receive email using Simple Mail Transfer Protocol (SMTP). Whilst you, the user, may connect to your email server using IMAP (on port 143 or 993), or POP (on port 110 or 995), email servers talk to each other using SMTP on port 25. So, this is the basic core of the server. Without it, you wouldn’t be able to send or receive any emails! I’ve covered the setup here: Raspberry Pi Email Server Part 1: Postfix
Dovecot, the POP/IMAP Server
Dovecot is used for two things:
- It provides you with IMAP functionality
- It checks that you are who you say you are using Simple Authentication and Security Layer (SASL) before you send or fetch mail
If you’re not interested in connecting with IMAP on your devices, you still need Dovecot. Not only is it doing SASL for you, but Squirrelmail connects using IMAP in order to provide you with webmail. I’ve covered Dovecot installation and configuration here: Raspberry Pi Email Server Part 2: Dovecot
Squirrelmail, for Webmail
Squirrelmail is handy because it allows you to check your email in any browser, from anywhere. Of the first three, it’s probably the easiest to configure. I’ve covered it here: Raspberry Pi Email Server Part 3: Squirrelmail
Spamassassin, for Marking Spam
Spamassassin is the program that we will use to audit incoming mail and decide whether or not it’s spam. Spamassassin doesn’t actually sort the mail into the spam folder, it only changes information in the headers based on the results of the scan. I’ve covered it here: Raspberry Pi Email Server Part 4: Spam Detection with Spamassassin.
LMTP & Sieve for Spam Sorting & Mailbox Organisation
After Spamassassin has checked incoming mail to see if it’s spam or not, we need another program to sort it into the right mail folder. This final step will be done with Dovecot’s Local Mail Transfer Protocol (LMTP) daemon and a Sieve plugin. Sieve is a simple programming language that allows users to define what to do with incoming email based on a predefined set of rules – think “if the header contains this flag, put it in the spam folder” kind of thing and you’ll get the gist. Aside from spam filtering, Sieve can be used to automatically sort & de-clutter your inbox. These steps are covered in the final tutorial: Raspberry Pi Email Server Part 5: Spam Sorting with LMTP & Sieve Enjoy! I’d love to hear how you get on, so leave a comment below :)
Ok I'm now to the point of setting up IMAP in Thunderbird and I'm at:
Select an IMAP connection
Your login is your username only (omit @yourdomain.com), and your password is…your password!
I remember setting up a password for testmail.
For my "real" email is my username the pi account username (/home/username)? And what is the password? Is the password my pi account password that corresponds to my /home/username? If so, this sounds dangerous.
Well, sending a pw over the internet is dangerous. But, as long as it's done through a secure connection, I guess it will be ok. I just need to make sure that the connection is secure?
My many, many, many passwords are so complicated that it would take me a long time to type in and get right (I use a password manager). I try to protect against all those dishonest people out there.
When it comes to communications, I use GPG as much as I can.
Thanks for responding to all my questions.
Your spam trigger has been giving me a lot a problems. I had to change several messages so that they will go through. Sometimes just copying and pasting to a new message works (I just did that here).
I'm up to getting Thunderbird to work. I put in settings according to the tutorial (I had to remove a period also) and get "Thunderbird failed to find settings for you email account."
I have ports 25, 465, 993 open on my router and forwarded to the pi email server. Do I need to open 143?
You say "If you are having problems, be sure to check you’ve set up an mx record as well as your DNS records."
I've been searching for how to do this and what it means. How do I set up an mx record and DNS record?
I keep getting "Your submission has triggered the spam filter and will not be accepted" when I try to reply.
I had to edit this several time to get it past your spam filter. I can't put in a complete message!
I checked that I had the proper keys and in the right place. Then I went to namecheap and set the following under Modify Domain/All Host Records:
And then I checked box "User (Mail Server's Host Name Required)"
Sending to firstname.lastname@example.org gives a "Delivery Status Notification (Failure)" in Thunderbird. "Google tried to deliver your message, but it was rejected by the server for the recipient domain mydomain.com by mydomain.com. [myIP]. This is probably because pi is the username on the pi and not joe.
Trying to send from email@example.com to firstname.lastname@example.org in Thunderbird brings up a "Send Message Error: Sending of message failed. The message could not be sent using SMTP server mydomain.com for an unknown reason. Please verify that your SMTP server settings are correct and try again, or contact your network administrator."
Then a window pops up to "Add Security Exception" Server/Location: mydomain.com:465. Certificate Status: This site attempts to identify itself with invalid information. Unknown Identity: Certificate is not trusted, because it hasn't been verified by a recognized authority using a secure signature.
So it looks like I'm halfway there. Not sure what to do about the Send Message Error. Does this have something to do with my CACert key which I got, a while ago, for the ownCloud setup?
sudo adduser joeTo get rid of that error message, you'll have to import the CAcert root certificate into Thunderbird so it is seen as a trusted CA that can sign valid certs. Screenshots look old but the principle will still be the same. What is Thunderbird running on? Windows, Mac or Linux? Sam
I've been able to send/receive email using Thunderbird with my pi email server.
Only problem I had is with AOL rejection.
Remote-MTA: dns; mailin-01.mx.aol.com
Diagnostic-Code: smtp; 521 5.2.1 : (CON:B1)
Thanks again for all your help!
The last few replies I tried to send were rejected by mollum.
Thanks Sam - I have everything working now with multiple email accounts. Your tutorial and replies to questions have been very helpful!
Now the backup issue. I want to back up all email, and email server settings.
Everyone of my 11 pi's run cron jobs and back themselves up to (several times per hour) to a backup pi, which crons a backup to my main computer which gets backed up to my onsite/offsite backup devices.
This is a bash script which is run as a cron job on my email server. As you can see, I'm backing up the home directory, the Maildir, /etc/postfix/ and some of /etc/dovecot to my backup pi@myip:....
I have one of these scripts for each account on the pi email server run as cron jobs.
# this shell script syncs emailserver directories to homepibackup
rsync --delete-before -avh -e 'ssh -p 3122' /home/pi/ pi@myip:/home/pi/PiBackups/emailserver/home/pi
rsync --delete-before -avh -e 'ssh -p 3122' /home/pi/Maildir/ pi@myip:/home/pi/PiBackups/emailserver/home/pi/Maildir
rsync --delete-before -avh -e 'ssh -p 3122' /etc/postfix/ pi@myip:/home/pi/PiBackups/emailserver/etc/postfix
rsync --delete-before -avh -e 'ssh -p 3122' --exclude "*.ext" /etc/dovecot/*.* pi@myip:/home/pi/PiBackups/emailserver/etc/dovecot
rsync --delete-before -avh -e 'ssh -p 3122' /etc/dovecot/conf.d/ pi@myip:/home/pi/PiBackups/emailserver/etc/dovecot/conf.d
Can you tell me what other directories need to be backed up? Thanks.
If you haven't used rsync before, explore it - it's a great tool!
I've found a solution to keep track of email server settings changes: postfix, dovecot, spamassassin, etc (hey yeah ETC!). :)
I installed etckeeper on the pi email server and created a git repository for /etc. Then I modified my cron rsync script to backup the /etc/.git directory to my backup pi. Now I can keep track of all my changes to settings and can add folders that I don't want to track to the .gitignore file under etc.
I wish that I had installed etckeeper before I built the owncloud server and email servers :(
Here it is on github https://github.com/joeyh/etckeeper
But be sure to read the Security Warnings https://github.com/joeyh/etckeeper#security-warnings.
And if the /etc/.git file is "backed up", be sure to check permissions on the backup.
Is an image available? I've spent a lot of neurons trying to get a mail server going and the only thing I got working really well was a fobia. ha..
After reading most of the comments, my best guess for cause of my failures would be isp port blocked, and trying to use ip address for mail server. The read has been very educational. Thanks for all your detailed work and most of all, your patience!
My pi email server has been sending email to email@example.com at 6:26AM each morning that says the following:
From: Cron Daemon
Subject: Cron test -x /usr/sbin/anacron || (cd / && run-parts -- report /etc/cron.daily)
/etc/cron.daily/spamassassin-learn: line 2: $'\302\240': command not found
/etc/cron.daily/spamassassin-learn: line 4: $'\302\240': command not found
/etc/cron.daily/spamassassin-learn: line 7: $'\302\240': command not found
/etc/cron.daily/spamassassin-learn: line 9: $'\302\240': command not found
/etc/cron.daily/spamassassin-learn: line 14: $'\302\240': command not found
/etc/cron.daily/spamassassin-learn: line 18: $'\302\240': command not found
/etc/cron.daily/spamassassin-learn: line 22: $'\302\240': command not found
I don't understand the message?
/etc/cron.daily/spamassassin-learn. Which editor did you use? Were you on a windows machine at the time? Open the file and make sure there are no expected characters and delete and recreate the newlines if necessary. Related: raspi forum unix format vs dos format copy-paste issues. Sam
I was on a Linux machine (I rarely use Windoze) with ssh in Konsole. Opened nano in console and copied from kate editor on Linux machine and paste to nano in Konsole.
I'll check out your "Related" link and try and get to the bottom of this.
Thanks for the direction.
The related links helped me solved the problem.
I used vi on pi (hey that rhymes) and didn't get the error email this morning.
You sure are a great teacher! Thanks for being so patient with a newbie.
Yep, the /var/log/spamassassin.log file is growing with entries for each day. It looks clean.
Now, I'll add the log file as one of the files that the email server pi backs up (with rsync) to my backup pi. My main Linux box gets and examines the backups of all the pi's and shows me status in a conky monitor window for the main box.
For example I can see all 13 devices (currently) "on line" at home and all 7 devices that are "on line" at a remote location. I use 3-24" Monitors, so I have lots of space. The conky monitor also shows me my home land line phone calls and the weather and furnace running status at the remote location. Conky is a great tool!
All of my local and remote pi's (not email server - yet) send me informational text and email messages, with and without attachments, of their status. For example, my furnace controller / weather station pi sends me furnace status and run information, weather data, reboot times, if ip changes, arpwatch data, cpu temperature, etc. Some of this data is then displayed on my main Linux box conky status monitor.
I do this using other tutorials (I can't put links in here - spam filter prevents it)
How can I send email, with and without attachments, from bash scripts within my email server pi?
Ok, I see now from your link. The key is to use mutt. I've used mutt before on pi.
In addition to mutt, here are some other options for sending and receiving email from command line on pi email server.
mail, mailutils, heirloom-mailx, mpack