Raspberry Pi Email Server Part 1: Postfix

Postfix Logo

This is the first part of a five part tutorial that will show you how to install a full featured email server on your Raspberry Pi. This tutorial covers Postfix, the Mail Transfer Agent.

The parts are:
The Introduction & Contents Page (read first)
Raspberry Pi Email Server Part 1: Postfix
Raspberry Pi Email Server Part 2: Dovecot
Raspberry Pi Email Server Part 3: Squirrelmail
Raspberry Pi Email Server Part 4: Spam Detection with Spamassassin
Raspberry Pi Email Server Part 5: Spam Sorting with LMTP & Sieve

Installing Postfix

Note: While you are setting up the mail server on the Pi, it’s a good idea to turn off port forwarding rules for email to the Pi in your router’s firewall. If you don’t have any port forwarding rules now, that’s great, don’t worry – I’ll prompt you to set them up later.

First, log into your Pi with a SSH session and install postfix:

sudo apt-get update
sudo apt-get install postfix

You will see a menu with some choices. Select “Internet Site” and then set the mail name to your domain name, not including www. (e.g. samhobbs.co.uk).

The setup script will then do some automatic configuration for you. The output will look something like this:

Selecting previously unselected package postfix.                                              
(Reading database ... 67653 files and directories currently installed.)                       
Unpacking postfix (from .../postfix_2.9.6-2_armhf.deb) ...                                    
Processing triggers for man-db ...
Setting up postfix (2.9.6-2) ...
Adding group `postfix' (GID XXX) ...
Done.
Adding system user `postfix' (UID XXX) ...
Adding new user `postfix' (UID XXX) with group `postfix' ...
Not creating home directory `/var/spool/postfix'.
Creating /etc/postfix/dynamicmaps.cf
Adding tcp map entry to /etc/postfix/dynamicmaps.cf
Adding sqlite map entry to /etc/postfix/dynamicmaps.cf
Adding group `postdrop' (GID XXX) ...
Done.
setting myhostname: samhobbs
setting alias maps
setting alias database
changing /etc/mailname to samhobbs.co.uk
setting myorigin
setting destinations: samhobbs.co.uk, samhobbs, localhost.localdomain, localhost
setting relayhost: 
setting mynetworks: 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
setting mailbox_size_limit: 0
setting recipient_delimiter: +
setting inet_interfaces: all
/etc/aliases does not exist, creating it.
WARNING: /etc/aliases exists, but does not have a root alias.

You can edit all of this later.

You may also get some warnings like this:

postmulti: warning: inet_protocols: disabling IPv6 name/address support: Address family not supported by protocol

IPv6 is a new type of IP address that was introduced because we’re running out of the “old” IPv4 addresses. Not many ISPs support IPv6 yet, so you probably don’t need it. Unless you fix the warning, you’ll see it every time.

Change directory into the postfix configuration folder:

cd /etc/postfix/

Edit /etc/postfix/main.cf with your favourite command line text editor (e.g. sudo nano main.cf) and add inet_protocols = ipv4 to the end of the file.

Now is also a good time to check that your hostname is specified properly in /etc/postfix/main.cf. The setup script takes the hostname of the server and uses that, but it may not be in the right format, i.e. “samhobbs” instead of “samhobbs.co.uk”. Find the line that begins myhostname = and make sure it is your fully qualified domain name. This is important because your server will use this to talk to other mail servers, and some will reject your emails if you don’t use a fully qualified domain name to say hi! This is covered in more detail in the helo access restrictions later.

Restart postfix and you shouldn’t see the warnings any more:

sudo service postfix restart

Testing and Configuration

Before you start, it’s probably worth backing up the configuration files in their current state. This way, you’ll have something to compare to if you’re ever trying to work out which bits were defaults and which bits you changed yourself:

cd /etc/postfix
sudo cp main.cf main.cf.BAK
sudo cp master.cf master.cf.BAK

Mailbox Setup

There are a couple of different types of mailbox you can use, I’ve chosen to use a “Maildir” rather than “mbox” configuration. For users with “real” UNIX accounts on the system (like the one you’re using to log in), Maildir creates a folder in the user’s home directory and places emails inside it, one file for each email.

I prefer this to the alternatives, because it’s easier to see and understand: you can rummage around in your home folder and see all your emails as individual files.

To tell Postfix to use the Maildir format, add the following lines to /etc/postfix/main.cf:

home_mailbox = Maildir/
mailbox_command =

If there's already a line with mailbox_command, comment it out by adding a # at the start of the line.

We also need to create the mail directory and its subfolders for existing users, and add some things to /etc/skel (the template for new users) so that if you create a new account this will be done automatically.

These commands are part of Dovecot, so first we need to install it:

sudo apt-get update
sudo apt-get install dovecot-common dovecot-imapd

You will get a lot of output: some other dovecot packages will automatically be installed and the config files will be created. You will also see some errors – don’t worry about those for now, I’ll explain how to deal with them in part 2, later.

Now we can create those mail folders. Run the following commands to create the template files:

sudo maildirmake.dovecot /etc/skel/Maildir
sudo maildirmake.dovecot /etc/skel/Maildir/.Drafts
sudo maildirmake.dovecot /etc/skel/Maildir/.Sent
sudo maildirmake.dovecot /etc/skel/Maildir/.Spam
sudo maildirmake.dovecot /etc/skel/Maildir/.Trash
sudo maildirmake.dovecot /etc/skel/Maildir/.Templates

Next, copy the files over to existing users’ home directories, and change the ownership and permissions for privacy (replace USER with the username you are doing this for, and repeat for all existing usernames):

sudo cp -r /etc/skel/Maildir /home/USER/
sudo chown -R USER:USER /home/USER/Maildir
sudo chmod -R 700 /home/USER/Maildir

Initial Testing

Now, the best way to test Postfix during configuration is to use Telnet, because it is such a simple way of communicating between programs and there’s less to go wrong and get confused about.

First, install telnet:

sudo apt-get install telnet

Now, still inside the SSH session to your pi, type this command. It will connect you to port 25 on the Pi:

telnet localhost 25

You can now test sending an email using SMTP. Here are the steps:

  1. send an ehlo command to tell the server who you are, and it will tell you its capabilities
  2. use the mail from command to say who the email is from. If you are sending it from an address that exists on the server, you needn’t include the domain name (i.e. user instead of user@yourdomain.com)
  3. use the rcpt to command to tell the server where to send the email
  4. Use the data command to tell the server that you’re about to start giving it the message you want to send
  5. Type Subject: YOUR SUBJECT then enter to set a subject
  6. Type the body of your email. Once you’re done, press ENTER, then ., then ENTER again.
  7. Type quit to exit

Here’s an example:

telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 samhobbs.co.uk ESMTP Postfix (Debian/GNU)
ehlo foobar
250-samhobbs.co.uk
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
mail from: me        
250 2.1.0 Ok
rcpt to: me@outsideemail.com
250 2.1.5 Ok
data
354 End data with <CR><LF>.<CR><LF>
Subject: test
This is a test email
.
250 2.0.0 Ok: queued as A639C3EE6D
quit 
221 2.0.0 Bye

Some Access Restrictions

Add the following to /etc/postfix/main.cf to restrict who can send emails to external mail servers:

smtpd_recipient_restrictions =
        permit_sasl_authenticated,
        permit_mynetworks,
        reject_unauth_destination

Reload postfix:

sudo service postfix reload
  • Line 1 begins the list of restrictions.
  • Line 2 permits users who have authenticated with Simple Authentication and Security Layer (SASL) to send email to any destination (this is part of the Dovecot config in Part 2, later).
  • Line 3 will let users send emails to any destination if they have connected from an IP address defined in mynetworks.
  • Line 4 will reject the email if none of the above conditions have been met unless the “rcpt to” address is one of the addresses that your server is accepting email to (as defined in main.cf with the mydestination parameter).

In its present state, the email server will allow you to send external emails because the connection is originating from the Pi itself (you are logged in via SSH) and not an unknown computer. Addresses of “trusted” computers are listed under the mynetworks setting in main.cf, e.g.

mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128

Try sending an external email again, using telnet as before. You should be able to do so without any issues.

Now we want to see what kind of response someone would get if they were connecting from outside of the IP range defined in mynetworks, to make sure Pi won’t allow everyone to send outgoing emails from your server. To simulate this we can comment out permit_mynetworks under smtpd_recipient_restrictions:

smtpd_recipient_restrictions =
        permit_sasl_authenticated,
#       permit_mynetworks,
        reject_unauth_destination

Now reload the postfix configuration:

sudo service postfix reload

This will let you see what kind of response you would get if you weren’t sending the email from mynetworks. Try sending again, and you should receive an error “554: Relay access denied“:

admin@samhobbs /etc/postfix $ telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 samhobbs.co.uk ESMTP Postfix (Debian/GNU)
ehlo samhobbs.co.uk
250-samhobbs
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
mail from: USER
250 2.1.0 Ok
rcpt to: me@externalemail.com
554 5.7.1 <me@externalemail.com>: Relay access denied
quit
221 2.0.0 Bye
Connection closed by foreign host.

Perfect. Leave permit_mynetworks commented out in your smtpd_recipient_restrictions (you'll see why in part 2).

Helo access restrictions

Helo access restrictions can be a very useful way of blocking spam.

Note that we’re not talking about unauthorised people being able to send email outside your network any more (that’s taken care of with the smtpd_recipient_restrictions); we’re now talking about stopping spammers from sending incoming mail to your email address.

Spammers try to conceal their identity so that they don’t end up on block lists, so they rarely use helo hostnames that could identify them – these hostnames are written to the mail log files. As a result, they often make up a random string or use an IP address instead of a domain name.

Luckily, these are easily taken care of.

Add the following to /etc/postfix/main.cf:

smtpd_helo_required = yes
smtpd_helo_restrictions =
        permit_mynetworks,
        permit_sasl_authenticated,
        reject_invalid_helo_hostname,
        reject_non_fqdn_helo_hostname,
        reject_unknown_helo_hostname
  • Line 1 requires people and programs to identify themselves when they send email, using the helo or ehlo commands I mentioned earlier.
  • Line 2 starts the list of restrictions.
  • Line 3 accepts any old rubbish in the ehlo if it comes from an IP address defined in mynetworks. If the connection isn’t connecting from an IP address in mynetworks, then the helo hostname is checked against the rest of the list.
  • Line 4 accepts any helo hostname if the client is authenticated with SASL (I added this to the tutorial recently after troubleshooting problems some people had in the comments – it allows you to connect from any network and still send messages through your Pi. Mobiles will usually work without this because most providers pass mail through their own proxies, so your Pi receives a connection from the proxy – which has a valid hostname – and not from the mobile, which may be called something like “android-b627cfe2efea7e67″).
  • Line 5 rejects connection attempts when the HELO hostname syntax is invalid.
  • Line 6 rejects non-fully qualified domain names (for example, foobar instead of foobar.com). This will also block those random strings, e.g. “kjhrsbvks”.
  • Line 7 rejects the helo hostname if it that domain doesn’t have a valid DNS A or MX record. For example, someone spamming you could make up a domain like theflyingspaghettimonster.com. If that domain doesn’t actually exist and have the right records, then your server won’t accept it as a hostname, and the email will be rejected.

If the helo hostname gets past line 7 and hasn’t been denied, it is accepted. You’d be surprised how much spam these helo access restrictions will block on their own (looking through my log files, I can see numerous spam scripts that have attempted to ehlo with my IP address), but there’s an extra step we can add in here to help:

Blocking people claiming to be your domain name

Many spammers try to send email to you after helo’ing with your own domain name. Since postfix doesn’t check whether or not they’re lying about their helo hostname, this will usually work.

But, since we’ve put permit_mynetworks at the top of the list, anyone actually sending an email from your domain will be accepted already. Anyone using your hostname who isn’t in mynetworks is an imposter.

So, add one more line to the end of the restrictions list:

smtpd_helo_restrictions =
        permit_mynetworks,
        permit_sasl_authenticated,
        reject_invalid_helo_hostname,
        reject_non_fqdn_helo_hostname,
        reject_unknown_helo_hostname,
        check_helo_access hash:/etc/postfix/helo_access

That last line checks a file for custom rules you’ve built in. Create the file:

sudo nano /etc/postfix/helo_access

Add the following lines, edited for your domain:

samhobbs.co.uk          REJECT          Get lost - you're lying about who you are
mail.samhobbs.co.uk      REJECT          Get lost - you're lying about who you are

Now tell postfix to map the file, and restart postfix:

sudo postmap /etc/postfix/helo_access
sudo service postfix restart

Now anyone who tries to ehlo with one of the hostnames you defined in that file gets rejected, and sees the “get lost” message. Your legitimate servers won’t have that problem, because they will already have been accepted higher up the list.

Neat, right? I found that little nugget of wisdom at unixwiz.net.

Moving on…

We’re almost done with Postfix now, athough there are a few bits of configuration that we’ll want to do once we’ve set up SASL with Dovecot, which I’ve chosen to lump in with the Dovecot tutorial.

In Raspberry Pi Email Server Part 2: Dovecot, we’ll set up Dovecot to provide SASL authentication and IMAP capability.

Please leave a comment if you’re having trouble with anything in this tutorial, and I’ll try and help you out!

Type: 

Comments

Hi
I was just wondering which of the Pi is best for this? I guess one, fairly large, hard drive would be good..?

All of them should all be fine for a server with a few users, and the storage requirements for email are quite small (for me anyway! I don't know how many emails you send). The place you will notice the difference most is webmail, the pi 3 is quite a big improvement over the previous models.

Sam

Hello Sam,
I have gotten as far as testing sending an email then I get a 451 rejected error. From what I can google, it looks like my relay is trying to ehlo me back before it will send email. I am not sure how to remedy this, is it perhaps a firewall setting?

relay=smtp.isdsl.net[196.23.28.232]:25, delay=209, delays=51/0.11/82/75, dsn=4.0.0, status=deferred (host smtp.isdsl.net[196.23.28.232] said: 451-Rejected after DATA: could not verify "From:" header address 451-pi@XXXX.com: Could not complete sender verify callout: 451 XXXX.com [196.215.71.XX] : could not connect: Operation timed out (in reply to end of DATA command))

Cheers

Hi Andrew,

Sorry for the late reply. Not sure I can help you with this as I don't know the details of your relay (both your configuration and theirs), and even if I did I'm not sure I'd know enough to help you because I haven't used one myself.

Hope you can find a solution!

Sam

Hi Sam,
Somewhere along the line I’ve broken my email and I’m at a loss as to what’s gone wrong. I can receive emails perfectly well, but can’t send any at all. They simply get stuck in the queue with a message along the lines of Lost connection with [mail server address] while receiving the initial server greeting.

Usual suspects are:

  • mydestination=mail.sutton.cloud, local host.sutton.cloud, , localhost
  • mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
  • Would changing the name servers to OpenDNS servers have an impact?

    Thanks,
    Nick

Hey Sam,
Thanks for the quick reply. I noticed I am on the Spamhaus ZEN block list. Would this prevent all outbound emails completely? I’m not even getting a postmaster bounce back to say that’s what’s blocked the delivery attempt. Also, since the emails are sitting in the Postfix queue quoting some sort of connectivity problem, I think my woes are prior to the blacklist (although the blacklist may well be an obstacle further down the line!)

Any other thoughts? Cheers

Try and send me an email - my server shouldn't block you just for being on a list, although it may send your message to spam. Let me know in the comments when you've sent the message and I'll look for it.

Sam

Hey Sam, I tried this and thought I’d replied. Sorry.
Anyways, went for a reinstall this morning and currently getting stuck with minimal sset up and sending to external email from telnet localhost 25. Similar problem to previous ‘Lost connection with..... Status=deferred. I’m having problems testing before and after the smtpd_recipient_restrictions parameter.

I’m with PlusNet and so I’m fairly sure there is no blocking on port 25.
my host name - Sutton.cloud
And mydestination, and mynetworks are as default.

Nothing of note in /var/logs/mail.err

At a total loss!! Please help

That does sounds like outbound port blocking... is there anything on your network that could be doing that? Strange router config etc?

Have you checked your plusnet firewall settings on the plusnet web portal?

Sam

Hi Sam,
I followed your directions and was able to connect postfix to amazon SES without to much trouble. I strictly want outbound messaging only. My question is about the mydomain, and myhostname. The only way I was able to get one of my devices to connect(IP Camera) to the postfix server was to use the physical address of the pi and not the myhostname. Amazon SES for outbound messaging only allows authenticated addresses to sent if you choose so, and because I use it strictly for my IP camera having just one email address works. The reason I needed postfix was the 32 character max in the password field of the camera itself.

Do you have an idea as to why my device coudn't resolve to the written domain name in lieu of the internal ip address? In fact I couldn't even see attempts when reviewing the logs until I used the ip address.

Thanks

Have you read the DNS basics tutorial? If you make the query manually with dig, do you get the result you expect?

Sam

Dear Sam,

Thank you very much for this amazing tutorial.

I have followed the tutorial and everything works fine. I have assembled the Thunderbird and I can send the mails, but cant receive it. The mails that I send to yahoo.com, ends p in spam and I am not able to receive any mails that I send to my address.

What could be the problem?

Thanks in advance :)

Hi Sam,

Thanks for your answer.

I checked dns with dig and it points to my domain. I use dynamic dns by afraid.org and all MX are forwarded to my domain (shomitheitguy.com) and to my public address.

New update. I am able to send myself e-mail, and I am able to get it on my mail client, which means that mail server are working fine. But still when I try to send mail from yahoo or any other external mail server, the mail is not delivered. I assume that it is something with those DNS servers.

any suggestion?

So here is what I get from dig. If 91.115.175.131 is your current IP address, then that's all fine.

; <<>> DiG 9.10.3-P4-Ubuntu <<>> shomitheitguy.com mx
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24868
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 2

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;shomitheitguy.com.             IN      MX

;; ANSWER SECTION:
shomitheitguy.com.      3600    IN      MX      10 shomitheitguy.com.

;; AUTHORITY SECTION:
shomitheitguy.com.      3600    IN      NS      ns2.afraid.org.
shomitheitguy.com.      3600    IN      NS      ns4.afraid.org.
shomitheitguy.com.      3600    IN      NS      ns3.afraid.org.
shomitheitguy.com.      3600    IN      NS      ns1.afraid.org.

;; ADDITIONAL SECTION:
shomitheitguy.com.      60      IN      A       91.115.175.131

;; Query time: 176 msec
;; SERVER: 127.0.1.1#53(127.0.1.1)
;; WHEN: Tue Mar 20 23:27:49 GMT 2018
;; MSG SIZE  rcvd: 160

When I try and connect to your IP address using telnet or openssl on port 25, the connection times out. If I try with openssl on port 993 or 465, I can connect successfully.

Some possibilities:

  • Port forwarding is correct for the other ports but not for port 25
  • Your ISP is interfering with incoming traffic on port 25 (quite common to block outbound traffic on port 25, but it would be rare for them to do it with incoming traffic and not outgoing traffic)
  • You have a problem with postfix that stops it listening on port 25 but not the other ports - are there any other MTAs on your system that could have bound to port 25 already? Check the mail log to see if you can see anything that looks relevant.

Let me know if you find anything.

Sam

Dear Sam,

Thank you very much for your answer.

Those dig data are correct. I did telnet 25 on server unit and on PC in same network and it works fine.

In the mean time I found out that it is a possibility that my ISP are blocking port 25, some stupid anti-spam policy or something. Is there any possibility to avoid port 25? Or I need to deal with my ISP?

Best to talk to your ISP, see if they can unblock port 25 if you get a static IP address. Sometimes they will charge you an arm and a leg for this, sometimes it's a relatively small charge (like with PlusNet, it was a one-off £5 admin fee).

Sam

Dear Sam,

Thank you for your answer.

I spoke with my ISP and they have opened port 25. But still I have the same problem. I am able to telnet port 25 from my sever unit and from PC on local network. I am also able to send myself e-mail and to receive it on my mail client, so I assume that posrfix works fine. I really dont know what else to do.

Your IP address has changed since the last test I made, so did they also move you to a static IP address? I don't see how they could have opened the port without doing that as it would mean someone else could be reassigned that IP address and it would have the port open, and your new IP address wouldn't.

; <<>> DiG 9.10.3-P4-Ubuntu <<>> shomitheitguy.com mx
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 8119
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 2

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;shomitheitguy.com.             IN      MX

;; ANSWER SECTION:
shomitheitguy.com.      3600    IN      MX      10 shomitheitguy.com.

;; AUTHORITY SECTION:
shomitheitguy.com.      3600    IN      NS      ns2.afraid.org.
shomitheitguy.com.      3600    IN      NS      ns4.afraid.org.
shomitheitguy.com.      3600    IN      NS      ns3.afraid.org.
shomitheitguy.com.      3600    IN      NS      ns1.afraid.org.

;; ADDITIONAL SECTION:
shomitheitguy.com.      60      IN      A       91.115.173.231

;; Query time: 93 msec
;; SERVER: 127.0.1.1#53(127.0.1.1)
;; WHEN: Sat Mar 24 18:54:29 GMT 2018
;; MSG SIZE  rcvd: 160

Sam

Actually, I am not sure what they did. I am still on dynamic IP, and they told me that there is no blocking on any ports from their side.

Certainly looks like it's being blocked somewhere!

Maybe double check everything on your LAN, and then go back and ask them again?

Sam

Hi, I know this is a very old tutorial but I am having some trouble and am unable to find a solution on the internet. Trying telnet localhost 25 say's connection refused. I have check the listening ports and port 25 is not listening. Postfix is running and I am unable to solve the issue. Any help is greatly appreciated. Thanks

Thanks for the reply! I had a look at the logs and there was a warning about some whitespace in the master.conf file which I fixed. I also turned off chroot and it is now working.

Hello Sam,

First, great job man, it is a wonderfull tutorial. iam having some issues trying to connet trough telnet, basicly my 25 door is closed

"
Trying 127.0.0.1...
telnet: Unable to connect to remote host: Connection refused
"

i got into master.cf and added the line you mentioned but still the same, and i found no concrete answer to this question. Can you help me ?

Best Regards

Postfix is probably stopped due to a syntax error or something. Check the mail log, there's usually a decent description of the error in there.

Sam

Hey Sam, ty for the repply here are the tail log
mail.err

Apr 2 21:40:09 base postfix/master[31251]: fatal: daemon initialization failure
Apr 2 21:40:10 base postfix/postfix-script[31256]: fatal: mail system startup failed
Apr 2 21:45:21 base postfix/master[31652]: fatal: 127.0.0.1:smpt: Servname not supported for ai_socktype
Apr 2 21:45:22 base postfix/master[31651]: fatal: daemon initialization failure
Apr 2 21:45:23 base postfix/postfix-script[31655]: fatal: mail system startup failed
Apr 2 21:47:53 base postfix/master[31982]: fatal: 127.0.0.1:smpt: Servname not supported for ai_socktype
Apr 2 21:47:54 base postfix/master[31981]: fatal: daemon initialization failure
Apr 2 21:47:55 base postfix/postfix-script[31986]: fatal: mail system startup failed

Mail.log:

Apr 2 21:47:53 base postfix/postfix-script[31980]: starting the Postfix mail system
Apr 2 21:47:53 base postfix/master[31982]: fatal: 127.0.0.1:smpt: Servname not supported for ai_socktype
Apr 2 21:47:54 base postfix/master[31981]: fatal: daemon initialization failure
Apr 2 21:47:55 base postfix/postfix-script[31986]: fatal: mail system startup failed
Apr 2 21:52:49 base dovecot: imap-login: Login: user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=32206, secured, session=
Apr 2 21:53:05 base dovecot: imap(testmail): Error: open(/var/mail/testmail) failed: Permission denied (euid=1005(testmail) egid=1005(testmail) missing +w perm: /var/mail, we're not in group 8(mail), dir owned by 0:8 mode=0775)

hope you could sheed some light on this matter, because iam clueless

Ty for the help m8

Followed the installation procedure as per the tutorial. Everything went smoothly. However, on finally attempting to use my mail client to retrieve email, nothing appears. This is what is reported in my mail.log:-

Mar 31 17:13:57 raspberrypi dovecot: imap-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=121.18.238.115, lip=192.168.1.2, TLS handshaking: SSL_accept() failed: error:1408F10B:SSL routines:ssl3_get_record:wrong version number, session=vdDepLdoILB5Eu5z>

Using latest build of Raspian (Stretch). Any advice appreciated.

Pages

Add new comment