Set up a mail server

From Linuxintro
Revision as of 13:09, 20 September 2008 by imported>WikiSysop (→‎Web calendar)

Understand what you are doing

To set up a mail server, you must first be clear about

  • what an MTA is
  • what a MUA is
  • what imap is
  • what pop is
  • what smtp is
  • what an MX record is
  • what sendmail is

To explain all this, here is a little story how a send and a receive of mail could take place: Alice wants to write a mail to Bob. Alice uses kmail as mail program. kmail is her mail user agent, her MUA. She writes to Bob whose address is Of course, the content of her mail is secret so we won't tell it here. After she clicks "send", her MUA transmits the mail to Alice's outgoing mail server. This server has a little program on it called sendmail. This program looks up's MX record. You can do this on your own using the command

dig -t mx

It uses the IP address that it gets and, using the IP protocol, sends Alice's mail there.

Ok, and at this IP address, the message transfer agent of can be reached. This is a server that "speaks" the simple mail transfer protocol SMTP. It can receive mails, and also send them. It has also run on Alice's outgoing mail server. The smtp server receives the mail for Bob and puts it into his mailbox. Bob is asleep at the moment.

The next morning, Bob wakes up and uses his kmail to check his mail. kmail must know how it gets Bob's mailbox. There are two possibilities for that. Either Bob has a pop service running on his server where his mailbox is. In this case, kmail just fetches all mails from the mailbox and (optionally) deletes them. Or Bob has an imap service running there. In this case, Bob gets all mails displayed in his kmail, but they remain on the server. First when Bob presses "delete" in his mail program, the mails are deleted from the mailbox.

Bob can also collect his mails from his various mail accounts around the net. This is where fetchmail comes into the game.

Know your options

  • Well-known MTAs are postfix and sendmail (both use the command sendmail to send mail)
  • Well-known MUAs include kmail and thunderbird
  • imap and pop can be done by courier and cyrus

In this tutorial we use

  • postfix as MTA
  • courier as imap server
  • kmail as MUA

Set up your mail server

To setup your MTA, install postfix:

yast -i postfix

Should it already be installed, no matter. Now run it:

/etc/init.d/postfix start

As a test, send yourself a mail:

sendmail -t root@ << EOF
this is test mail number 1

See if the mail has arrived:

cat /var/spool/mail/root
Content-Description: Undelivered Message
Content-Type: message/rfc822

Received: by (Postfix, from userid 0)
        id 09AAC18BAC06A; Tue,  5 Aug 2008 22:09:03 +0200 (CEST)
Message-Id: <>
Date: Tue,  5 Aug 2008 22:09:03 +0200 (CEST)
From: (root)
To: undisclosed-recipients:;

this is test mail number 1


To see if this has really changed something, we stop postfix now and see if it still works:

/etc/init.d/postfix stop
cat /var/spool/mail/root

It has not arrived. To see that the mail is still in the mail queue, issue the command mailq and see the result:

tweedleburg:~ # mailq
postqueue: warning: Mail system is down -- accessing queue directly
-Queue ID- --Size-- ----Arrival Time---- -Sender/Recipient-------
8BD931648935       88 Mon Aug  4 21:14:48  root

-- 0 Kbytes in 1 Request.

As you see, the mail is still in the mail queue and you get a warning "Mail system is down".

A server is a background program listening on a network port. What was smtp's port again?

tweedleburg:~ # cat /etc/services | grep smtp
smtp             25/tcp    mail         # Simple Mail Transfer

It was 25. Let's see if postfix listens there, first install nmap:

yast -i nmap
nmap localhost

no port 25. Start postfix again:

/etc/init.d/postfix start

And see:

tweedleburg:~ # nmap localhost

Starting Nmap 4.20 ( ) at 2008-08-05 06:19 CEST
Interesting ports on localhost (
Not shown: 1689 closed ports
22/tcp   open  ssh
25/tcp   open  smtp

Set up Maildirs

We want to use Maildirs as special mailboxes. This is because courier can only handle those. So, change /etc/postfix/, replace

#home_mailbox = Maildir/


home_mailbox = Maildir/

and restart postfix:

/etc/init.d/postfix restart

Now look that you can receive mails:

sendmail -t testuser@localhost << EOF
This is the 2nd test mail.
cat /home/testuser/Maildir/new/*
This is the 2nd test mail.

Now you can use kmail to read your mails.


postfix dies

If you call

/etc/init.d/postfix status 

and get the message "dead", see /var/log/mail.err what happened. If you see something like

postfix/master[5573]: fatal: bind port 25: Address already in use


lsof -i 

to find out what process is blocking the smtp port and kill this process using the command kill.

Set your MX record

If you want to receive mail that goes to the address, you need to set the MX record of The MX record must be the ip address of the server where the MTA is running. To find out your current MX record, use dig:

tweedleburg:~ # dig -t mx

; <<>> DiG 9.4.2-P1 <<>> -t mx
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 9367
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;                        IN      MX

;; ANSWER SECTION:         86400   IN      MX      50

;; ADDITIONAL SECTION:     86400   IN      A

;; Query time: 59 msec
;; WHEN: Sat Sep 20 14:43:23 2008
;; MSG SIZE  rcvd: 68

In this case, the MX record points to whose ip address is

imap server

set it up

To set up your imap server, use

yast -i courier-imap

configure it



to /etc/courier/imapd. This makes that imap users can authenticate as the local users in /etc/passwd.

start it

/etc/init.d/saslauthd start
/etc/init.d/courier-imap start

verify it is running

tweedleburg:/mnt/loop/suse/x86_64 # nmap localhost

Starting Nmap 4.20 ( ) at 2008-08-05 06:30 CEST
Interesting ports on localhost (
Not shown: 1688 closed ports
22/tcp   open  ssh
25/tcp   open  smtp
111/tcp  open  rpcbind
143/tcp  open  imap

verify you can login

Create a test user to see if you can login to your imap server:

useradd -m testuser

Set password as test password using the command

passwd testuser

Use telnet to connect directly to port 143, the imap-port:

telnet localhost 143
Connected to localhost.
Escape character is '^]'.

Type the imap-command for logging in

1 LOGIN testuser password
* BYE [ALERT] Fatal error: Maildir: No such file or directory
Connection closed by foreign host.

Now do a

mkdir /home/testuser/Maildir
chown testuser:users /home/testuser/Maildir


If you get

The connection to the server was unexpectedly closed or timed out. It will be re-established automatically if possible

Make sure your user has a folder Maildir in his home directory, and mail gets delivered there.

Sender verification

Now you do not want anyone to be able to use your mail server as spam-catapult. So you need sender verification in your postfix service.

Make sure your authentication service is running:

/etc/init.d/saslauthd status 

has to deliver


In /etc/postfix/, set

smtp_sasl_auth_enable = yes
smtpd_sasl_auth_enable = yes

Restart Postfix

/etc/init.d/postfix restart

Start kmail, setup localhost as incoming and outgoing mail server. In kmail, change the sending account's authentication method to "LOGIN". Send a mail to testuser@localhost.


If you get

Sending failed: Your SMTP server does not support authentication. The server responded: "5.5.1 Error: authentication not enabled"

You will need to modify /etc/postfix/, set

smtp_sasl_auth_enable = yes
smtpd_sasl_auth_enable = yes

and restart postfix:

/etc/init.d/postfix restart

If you get

Sending failed. Most likely the password is wrong. The server responded: "5.7.8 Error: authentication failed: generic failure"

You need to make sure your authentication service has been started:

/etc/init.d/saslauthd status

has to deliver


If you get

Sending failed: Your SMTP server does not support The server responded: "5.7.8 Error: authentication failed: no mechanism available"

You may have

  • plain
  • digest-md5
  • cram-md5

as authentication method in kmail. Change this to Login.

If you get

Sending failed: An error occurred during authentication: SASL(-4):no mechanism available: No worthy mechs found

You may have


as authentication method in kmail. Change this to Login.

If nothing happens and no mail is sent, you may have

  • NTLM

as authentication method in kmail. Change this to Login.


Download SquirrelMail from Unpack it:

tar xvzf squirrelmail-1.4.15.tar.gz

Configure it:

cd squirrelmail-1.4.15

Install it:

mv squirrelmail* /srv/www/htdocs/mail

Web calendar

Download from, then

tar xvzf calendar_file_backend-1.0-2.0.tar.gz
cd calendar_file_backend

Read the file README. Then configure the calendar plugin:

cd /srv/www/htdocs/mail/plugins

choose Plugins -> Calendars, then save and quit.