Running Your Own Mail Server

The Benefits, Drawbacks, and Guide to running your own Mail Server

Blue Light Tech

This guide is put together to help you make an informed decision in regards to running your own mailing service and how it is handled.

Running a mail server isn’t necessarily the best decision for everyone, and can be a demanding process, so in this article we go through the pros and cons, as well as the basic steps involved and components of a running mail server.

  1. Benefits
  2. Drawbacks
  3. How Mail Servers Work
  4. Mail Transfer Agents
  5. Mail Delivery Agents
  6. IMAP And POP3 Servers
  7. Creating Your Mail Server

Benefits.

Here are the benefits of running your own mail server:

  • You have FULL control over your server and emails. No third-party involvement.
  • You have the option of picking an application that suits your needs, fine-tuning it to your specific use case. This may make configuration a much more complex process but it gives you the power to choose what works, discard what doesn't and keep tweaking until you get the right result that suits you.
  • You can view authorization attempts, connection logs and know when your server is being breached or compromised.
  • Your mail is sent free-of-charge, except of course, the price of the server itself.

 

Drawbacks.

Now here are the reasons why you running your own mail server may not be right for you.

  • Configuration of a mail server can be very complicated. There are many paths to chart, options and various interconnecting issues.
  • As a result of the above, trying to troubleshoot can be extremely difficult.
  • Any errors you create can cause downtime, and downtime of a mail server means lost mail.
  • Spam and Filtering needs to be configured and tuned by you, in order to block unwanted emails but allow the correct ones through.
  • If a spammer or hacker discovers a gap in your config or server, they could use your IP and server to send unwanted, spam messages from your account without your consent. This will ultimately lead to your server becoming slow or unresponsive, plus your IP being blacklisted by major mails servers.

How Mail Servers Work

There are three components involved in the running of a mail server. A Mail Transfer Agent (MTA), Mail Delivery Agent (MDA) and an IMAP/POP3 server. MTAs handle incoming and outgoing mails by adding them to a queue on the server and also see to the delivery of mails whether to an outside mail or from among your users. They deal between you and the outside world. MDAs on the other hand, deal directly with the MTAs. They take mails from the queue and deliver them to your user mail boxes. While IMAP/POP3 servers stay in the middle, between your Blue Light Host Server and your users'  local mail client.

In essence, an incoming message passes through the DNS to your server, received by the MTA and processed by the MDA. While IMAP/POP3 provides the connection between the local mail client and the server.

Mail Transfer Agents (MTAs)

As stated above, MTAs provide the direct link between your mails and the outside world. They handle SMTP connections between your server and the outside world or from within your own users. MTAs are given rules which help determine what to do with your mails. Among other things:

  • They can deliver a message locally if it is meant for a local user on your server.
  • They can send messages to outside servers if from authorized users.
  • And they can also be instructed to discard any message that is not to or from any user on your server.

 

The popular ones are:

  • Courier Mail Server: Simpler than most but limited.
  • Exim: Modern and flexible. Highly customizable but complex and not as security-oriented as Postfix.
  • Postifix: Highly recommended. Modern, security-oriented, not as flexible as Exim but simpler to configure and set up.
  • Qmail: Older and no longer supported.
  • Sendmail: Old legacy, widely followed and supported. No modern options and security features.
  • Zimbra: One-Stop-Shop for everything mail. Simpler to install but not easily customizable.

Mail Delivery Agents (MDAs)

While MTAs receive mails from the outside and inside world and queue them up for delivery, MDAs communicate directly with them to deliver the queued emails to their individual mailboxes. They work internally and serve as a linkage between your mailboxes and the MTAs, hence they are also called 'Local Delivery Agents'. MDAs are usually shipped together with other mail related software. This explains why many of the popular MTAs have their own in-house MDAs. Here are the popular ones:

  • Deliver: Simple and highly configurable. Comes with lmapd settings files by default.
  • Cyrus MDAs: Compiled with Cyrus IMAP/POP3 server. Modern and security-oriented.
  • Maildrop: This comes with the Couriers MDA, Courier being an all-in-one mail server.
  • Postfix's MDA: Part of the Postfix MTA software suite. Modern, flexible and security-oriented.
  • Sendmail's MDA: Part of Sendmail MTA software. Old but still popular.

IMAP and POP3 Servers

These servers provide connectivity and manage access to the clients mailboxes, making the raw mail files easy to read and user-friendly. POP3 is an older protocol which connects at periodical intervals to the server, downloading all user's messages without leaving a copy on the server. It was developed when there was usually one person accessing emails from just one device at a time. IMAP on the other hand is modern and fixes the limitations of POP3. IMAP clients stay constantly connected to the server and mirrors the mailboxes on the server, thereby making it available to more than one connection at the same time.

Creating Your Mail Server

If you have not made up your mind concerning which configurations to use, just use the recommended ones: Postfix as the MDA, Dovecot as the MTA and IMAP/POP3. Here are the steps to follow:

  1. Obtain and install an SSL certificate. This provides encrypted security for your mails as they move from one place to other. It stops them from being tampered with or compromised along the way. You can either purchase one or use a free self-signed certificate if you don't mind the warnings it generates.
  2. Install your preferred software: You can now choose and download the servers you prefer. You might also want to install a database, either MySQL or PostgreSQL to manage the domains, email addresses, aliases and user credentials.

    While it is beyond the scope of this article to provide step by step instructions for each of the mail servers out there, you can read up our guidelines on MySQL(here).

  3. Set up your DNS Records: Setting up your DNS correctly will help emails reach your server and also tells other servers that emails coming from you are legitimate. Here are the records to set and how to set them:
    • MX Records: These records shows where to send mails that are meant for your domain. For instance, when a mail is sent to a domain hosted on your server: user@sample.com, the outgoing server will first look at the DNS settings for com. When it locates the MX records for that domain, it then delivers the mail to your server. Therefore, you are going to need a separate MX record for each of the domains being hosted on your server.

      This is how a typical MX Record looks:

      example.com 86400 MX 10 example.com
      example.com 86400 MX 20 11.11.11.11
      mail.example.com 86400 MX 30 11.11.11.11
    • SPF Records: This adds legitimacy to all your outgoing mails. By reducing spoofing (someone faking the header of your mail, making it look it’s coming from you) SPF records reduces the likelihood of ending up in spam. Example of SPF record is given below:
      example.com IN TXT 'v=spf1 a ~all'

      You can visit openspf.org to learn how SPF record works and how to set one for your configuration.

    • Reverse DNS: It is extremely important, for the sake of your server to set your reverse DNS before going any further. If you do not, your emails will bounce off and be rejected.
  4. Spam and Virus Protection: Spam is bad news for everyone involved. If your server is even slightly compromised and spam mails are being sent, it annoys recipients, slows down the effectiveness of your server and gives your IP a bad reputation. If this goes unchecked, your IP gets blacklisted and no mail coming from there gets delivered to inboxes.

    One of the ways to prevent this ordeal is to ensure that your server is not used as an 'Open Relay' server, which gives access to anyone to send messages from your server. To do this, make a list of all allowed domains and users for your MTAs and ensure it rejects anything and everything else.

    You can also install some AntiSpam and Antivirus mail programs such as Amavis, Clam Antivirus and SpamAssassin.

  5. Mail Clients: These are the integral part of the mailing experience. There are examples such as Microsoft Outlook, Apple Mail, Mozilla Thunderbird, etc Just find a mail client that suits your mail server and configure accordingly. Here are some configurations to consider:
    • Protocols: You can choose SMTP for sending and IMAP or POP3 for receiving.
    • Encryption: You ought to make everyone use encryption for mails and choose either SSL and or TLS connection.
    • Authentication: All you need to do here is ensure that the login credentials entered into by clients matches the one being expected by the server.
    • Mailbox Format: Your users should be able to read, create and use any kind of folders they like.
    • Ports: Your mail client and server must be using the same port, also your ISP has to allow them.
  6. WebMails: Finally, if you are running a Mail Server, then you should install a WebMail program. This provides an interface for your users and their mails. Webmail makes it possible for users to interact with their emails in a user-friendly manner, providing features like Compose, Read, Save as Draft, Attachment, etc.

    As there are many Mail Servers, so also there are many webmails that work with them. Here are the most popular choices:

    • Citadel: All in one, providing services such a mail, calendar, mailing lists, instant messaging, etc
    • Horde Webmail: Open source and IMAP client paired.
    • RoundCube: IMAP client with sleek functionality and modern layout.
    • SquirrelMail: Solid but old.
    • Zimbra: All in one services, simpler but less customizable.

1 Comment


John - 02/11/2015 14:35:01

Bookmarked! Planning on starting up a mail server soon and this looks handy.