shithub: sirjofri_de

ref: 5d3e0b627b5d4f220ce20949230e70f1ea5ac378
dir: /changeblog/1594881674.txt/

View raw version
Mail Server Configuration

Recently I installed my mail server on 9front. Most of the time I followed the guide in the FQA, but still there are things to explain. In this document I'll go through the section of the FQA and annotate things.

Right at the beginning the FQA mentions how the executing user needs write permissions for the mailboxes. This is
‥very important‥!
If upas can't write the mailboxes the mail server will ‥not‥ accept incoming mail!

In my setup I can skip all DNS stuff, because I have my DNS hosted somewhere else. Make sure to add proper MX records as well as (at least) an SPF record.

### /mail/lib/smtpd.conf

To make things short, here are the necessary lines in my setup. The server handles authenticated incoming mail for sending to other providers as well as incoming mail for local accounts.

[[[ms
.P1
defaultdomain    sirjofri.de
norelay          on
verifysenderdom  on
saveblockedmsg   off
ourdomains       sirjofri.de
.P2
]]]
[[[ebook
<code><pre>
defaultdomain    sirjofri.de
norelay          on
verifysenderdom  on
saveblockedmsg   off
ourdomains       sirjofri.de
</pre></code>
]]]

Note that the server is no relay for unauthenticated/untrusted requests, it will still relay if you authenticate.

At this point it might be a good idea to check your user password.
Use
[[[ms
.CW auth/changeuser
]]]
[[[ebook
<code>auth/changeuser</code>
]]]
to add ‥Inferno/POP secrets‥ to your user accounts. Use these passwords to authenticate to the smtp server.

### /mail/lib/rewrite

The program that handles sending mail uses this file to rewrite mail addresses. This file is responsible for filtering out local mail as well as sending other mails to the mailer.

In my setup I added three aliases:
[[[ms
.P1
pOsTmAsTeR    alias postmaster
aBuSe         alias abuse
wEbMaStEr     alias webmaster
.P2
]]]
[[[ebook
<code><pre>
pOsTmAsTeR    alias postmaster
aBuSe         alias abuse
wEbMaStEr     alias webmaster
</pre></code>
]]]

Use regular expressions to define your domain:
[[[ms
.P1
\\l!(.*)                alias \\1
\\l\\.sirjofri\.de!(.*)   alias \\1
sirjofri.de!(.*)       alias \\1
.P2
]]]
[[[ebook
<code><pre>
\\l!(.*)                alias \\1
\\l\\.sirjofri\.de!(.*)   alias \\1
sirjofri.de!(.*)       alias \\1
</pre></code>
]]]

For translating mails I added one more rule for mail address ‥tags‥. These tags are in the form of ‥user+tag@example.com‥. Official specifications say that everything behind that “+” must be ignored, but it can be used to automatically sort incoming mail into folders. I do this, by the way, so I describe here, how.

We need rules for those plus signs:
[[[ms
.P1
\\"(.+)\\+(.*)\\"  translate "echo `{/bin/upas/aliasmail '\\1'}^'+\\2'"
# The other translate rules are default
.P2
]]]
[[[ebook
<code><pre>
\\"(.+)\\+(.*)\\"  translate "echo `{/bin/upas/aliasmail '\\1'}^'+\\2'"
# The other translate rules are default
</pre></code>
]]]

For delivering local mails, I added extra rules:
[[[ms
.P1
local!(.+)\\+(.+)  |  "/bin/test -d /mail/box/\\1/\\2 \\&\\& /bin/upas/mbappend /mail/box/\\1/\\2 || /bin/upas/mbappend /mail/box/\\1/mbox"
local!"(.+)\+(.+)  |  "/bin/test -d /mail/box/\\1/\\2 \\&\\& /bin/upas/mbappend /mail/box/\\1/\\2 || /bin/upas/mbappend /mail/box/\\1/mbox"
# leave the other rules untouched.
.P2
]]]
[[[ebook
<code><pre>
local!(.+)\\+(.+)  |  "/bin/test -d /mail/box/\\1/\\2 \\&\\& /bin/upas/mbappend /mail/box/\\1/\\2 || /bin/upas/mbappend /mail/box/\\1/mbox"
local!"(.+)\+(.+)  |  "/bin/test -d /mail/box/\\1/\\2 \\&\\& /bin/upas/mbappend /mail/box/\\1/\\2 || /bin/upas/mbappend /mail/box/\\1/mbox"
# leave the other rules untouched.
</pre></code>
]]]

With this settings, mails to user+‥tag‥ will be checked. If a mailbox folder for ‥tag‥ exists, mail is sent to this folder. Otherwise it is sent to the user's default inbox.
‥‥Note:‥‥
I tested, but this ‥does not work‥ with aliased mail. If my aliasmail changes ‥userA‥ to ‥userB‥, mails to ‥userA+tag‥ will be rejected! If you know how I can make this work, feel free to send me a mail.

### /mail/lib/names.local

This file is pretty easy. Just add your alias mail addresses:
[[[ms
.P1
postmaster  sirjofri
webmaster   sirjofri
abuse       sirjofri
.P2
]]]
[[[ebook
<code><pre>
postmaster  sirjofri
webmaster   sirjofri
abuse       sirjofri
</pre></code>
]]]

### /mail/lib/remotemail

[[[ms
.P1
#!/bin/rc
shift
sender=$1
shift
addr=$1
shift
fd=`{/bin/upas/aliasmail -f $sender}
switch($fd){
case *.*
    ;
case *
    fd=sirjofri.de
}
exec /bin/upas/smtp -h $fd $addr $sender $*
.P2
]]]
[[[ebook
<code></pre>
#!/bin/rc
shift
sender=$1
shift
addr=$1
shift
fd=`{/bin/upas/aliasmail -f $sender}
switch($fd){
case *.*
    ;
case *
    fd=sirjofri.de
}
exec /bin/upas/smtp -h $fd $addr $sender $*
</pre></code>
]]]

### SMTP over TLS

I don't use port 587. I use 25 for this. Mail servers relay mails to this port by default, so it makes sense.

[[[ms
/rc/bin/service/tcp25
.P1
#!/bin/rc
user=`{cat /dev/user}
exec /bin/upas/smtpd -f -E -r -c /sys/lib/tls/cert -n $3
.P2
]]]
[[[ebook
<code>/rc/bin/service/tcp25</code>
<code><pre>
#!/bin/rc
user=`{cat /dev/user}
exec /bin/upas/smtpd -f -E -r -c /sys/lib/tls/cert -n $3
</pre></code>
]]]

Don't forget to create your TLS certificate!

### IMAP4 over TLS

I did this exactly like the FQA. See there.

### No.

At this point I stopped. I did not configure ratfs and have no spam handling right now. It doesn't really matter for me, because nobody knows me and I don't use that mail address to register anywhere.

Links:
[[[ms
.IP →
https://fqa.9front.org/fqa7.html#7.7
]]]
[[[ebook
<ul>
<li><a href="https://fqa.9front.org/fqa7.html#7.7">FQA 7.7</a></li>
</ul>
]]]