Raspberry Pi Email Server

raspberry-pi-email-server.png

The RasPi’s small size and low power consumption make it an ideal choice for use as a home email server. After trying a couple of different pieces of software, I finally found an excellent combination: Postfix with Dovecot and Squirrelmail, plus Spamasssassin and Sieve for spam filtering.

There are many, many tutorials out there for the first trilogy of programs, but since the configuration is slightly different for each distribution I kept coming unstuck when setting mine up on the Pi. Having finally got mine configured properly, I’ve put together a set of 5 tutorials, which will take you from a vanilla Raspbian image to a fully functioning email server in no time.

When writing the tutorial I made an effort to explain what each setting does instead of just dumping commands. With a bit of luck at the end of the process you’ll not only have a working server, you’ll understand how it works… without having to wade through reams of documentation like I did!

If you follow the tutorials from start to finish, here’s what you’ll end up with:

  1. An email server that you can run 24/7/365 for under £5 of electricity per year
  2. Personalised email address like you@yourdomain.com (requires you to have registered a domain name with a registrar like namecheap.com - see my DNS basics tutorial)
  3. The ability to connect from anywhere, and read & send email, using a secure IMAP connection on your phone, tablet or computer
  4. Log in to webmail using any web browser on a secure HTTPS connection, read & send email
  5. Complete control over your personal communication. Your emails are stored on YOUR server, and nobody is scanning them to sell you adverts.
  6. Smart spam filtering with Spamassassin
  7. Customisable mail sorting with Sieve rules

Postfix, the Mail Transfer Agent

Postfix Logo
Postfix is the program that lets you send and receive email using Simple Mail Transfer Protocol (SMTP). Whilst you, the user, may connect to your email server using IMAP (on port 143 or 993), or POP (on port 110 or 995), email servers talk to each other using SMTP on port 25.

So, this is the basic core of the server. Without it, you wouldn’t be able to send or receive any emails!

I’ve covered the setup here:
Raspberry Pi Email Server Part 1: Postfix

Dovecot, the POP/IMAP Server

dovecotLogo-300x130_0.png
Dovecot is used for two things:

  1. It provides you with IMAP functionality
  2. It checks that you are who you say you are using Simple Authentication and Security Layer (SASL) before you send or fetch mail

If you’re not interested in connecting with IMAP on your devices, you still need Dovecot. Not only is it doing SASL for you, but Squirrelmail connects using IMAP in order to provide you with webmail.

I’ve covered Dovecot installation and configuration here:
Raspberry Pi Email Server Part 2: Dovecot

Squirrelmail, for Webmail

Squirrelmail Logo
Squirrelmail is handy because it allows you to check your email in any browser, from anywhere.

Of the first three, it’s probably the easiest to configure. I’ve covered it here:
Raspberry Pi Email Server Part 3: Squirrelmail

Spamassassin, for Marking Spam

Spamassassin Logo
Spamassassin is the program that we will use to audit incoming mail and decide whether or not it’s spam. Spamassassin doesn’t actually sort the mail into the spam folder, it only changes information in the headers based on the results of the scan. I’ve covered it here: Raspberry Pi Email Server Part 4: Spam Detection with Spamassassin.

LMTP & Sieve for Spam Sorting & Mailbox Organisation

After Spamassassin has checked incoming mail to see if it’s spam or not, we need another program to sort it into the right mail folder. This final step will be done with Dovecot’s Local Mail Transfer Protocol (LMTP) daemon and a Sieve plugin.

Sieve is a simple programming language that allows users to define what to do with incoming email based on a predefined set of rules – think “if the header contains this flag, put it in the spam folder” kind of thing and you’ll get the gist. Aside from spam filtering, Sieve can be used to automatically sort & de-clutter your inbox. These steps are covered in the final tutorial: Raspberry Pi Email Server Part 5: Spam Sorting with LMTP & Sieve

Enjoy! I’d love to hear how you get on, so leave a comment below :)

Type: 

Comments

Hi Sam - I followed your excellent articles some years ago, and have had a home email server running on a Pi very satisfactorily since then. I use Thunderbird to read and write email on a Win10 laptop and that too has been great. Then, all of a sudden, I can't read any mail. In addition, if I try to send mail I get a dialog "Sending of the message failed. Certificate type not approved for application. The configuration related to must be corrected." If I open the mail directories on the Pi directly, I can see the mail is being both received and sent ie For example, I can send using telnet as per instructions and see a reply from a webmail account. I just can't use Thunderbird all of a sudden! I've spent a few hours trying to find the problem - checked certificates etc and configurations of Postfix and Dovecote and all seems to be OK. Do you have any clues as to what it might be? (I can see in my log I've had someone from Russia (and I'm in Australia) trying to access the system, but it also shows they haven't had any success - thanks to your advice!) Thanks in advance! - Mike

Hi mike,

Sorry for the very late reply. I have a hunch it's something to do with certain versions of TLS being deprecated, thunderbird may not support the newer versions (which may be the only ones offered on port 993 for example). Where do you get your version of thunderbird from? I think it only receives maintenance updates these days (not new features).

A different client should work fine, but i expect you would like to stick with thunderbird if you're used to it!

The other option is to amend the dovecot config to do STARTTLS on port 143 and change your connection settings in thunderbird.

Sam

Thanks, Sam! Don't apologise - I'm as much to blame as your reply went to my Junk folder, and I've only just seen it. I have more information that may help others. I used CA certificates, as you suggested. However, there was a problem with the CA infrastructure, and the admins couldn't fix it due to covid19 restrictions. So, as I'd really worked out that my problem was a 'certificate' issue, I did some research and used 'Let's Encrypt' instead. I will happily tell you what I did if you wish - it took a few attempts and a bit of messing around to get the certificates, but when I did, after modifying the Postfix 'main.cf' and the Dovecot '10-ssl.conf' files, to point to the Let's Encrypt (LE) certificate and key, it all worked. It's very topical as I have just, in the last two days, had to rebuild my email server on a different system. Now that the CA infrastructure is working again, I used their updated certificates for my domain - and they didn't work!! So, back to LE; again making sure to modify the pointers to those cert and key files in the Postfix and Dovecot config files, and everything works. With Thunderbird! (which I must admit to rather liking..... :-) ) I must say that printing the pages of explanation all those years ago on how to build the server may have been one of my better moves!! If this is still a 'current' explanation, it might be worth adding a section on using Let's Encrypt rather than using CA Cert? I have a friend here in Perth who is a CA Cert 'assurer' and he tells me he really hasn't seen much action for a few years now?

I'm actually using LE myself now for lots of different things (this site, another site, email, prosody IM server) and I think it's great! Had a bit of a faff when my configuration stopped working after I upgraded to a new release of Ubuntu (what actually happened is I upgraded, didn't notice the old config wasn't working any more, and then had a panic when they sent me an email reminder that the cert was about to expire!). My fault.

If I get the chance I will write a guide, although I found the docs for certbot are pretty good. I've been meaning to do a complete refresh of my email server guide since it has been so long and the default config files have changed a bit... life gets in the way though!

I'm not surprised CAcert are quiet nowadays, LE kind of ate their lunch...

Sam

Is it possible to use Sendmail instead of Postfix in your tutorial and how would one go about that?

https://samhobbs.co.uk/raspberry-pi-email-server

I'm looking to setup a "clone", if you will, to do some email testing before doing the actual changes on our actual email server which is on CentOS 7 and not Ubuntu. Since both are Linux, I didn't think the OS would/should matter too much however I would like to use Sendmail instead of Postfix.

There's no reason why you can't use sendmail as MTA but it will affect the config in quite a few different parts of the tutorial.

Is there a reason you want to use sendmail? My boss said he used to use it and configuration was a pig.

Sam

Pages

Add new comment