Linux Mail Server: Exim4

From RHS Wiki
Jump to navigation Jump to search

Whispers Mail Server

Stack

  • Web server (Apache)
  • Database server (MySQL)
  • Email server (MTA) (Exim4)
  • IMAP server (Dovecot)
  • Webmail server (Roundcube)

Install

  • apt-get install apache2-mpm-prefork
    • (Some of these email servers require PHP; PHP is crappy and requires mpm-prefork (the ‘slow’ version of Apache))
  • apt-get install mysql-client
    • (should auto-install something like: mysql-common + mysql-client-5.5)
  • apt-get install mysql-server
    • (should auto-install something like: mysql-server-5.5 + mysql-server-core-5.5)
  • apt-get install exim4
  • apt-get install exim4-base
  • apt-get install exim4-config
  • apt-get install exim4-daemon-heavy
    • (there’s an “exim4-mysql” that might be sufficient to replace this, but I gave up: there are way too many exim4 packages, and no help for installing the “correct” set, so … just pick this and get the lot!)
  • apt-get install dovecot-core
  • apt-get install dovecot-imapd
  • apt-get install dovecot-mysql
  • apt-get install roundcube
  • apt-get install roundcube-core
  • apt-get install roundcube-mysql

Setup

DNS

You should know about this already: you need an “MX” record on your DNS server, and it needs to point to your main server where you’ll run your email, web, etc.

Apache

/etc/apache2/sites-available/webmail.conf 

<VirtualHost *:80>
    ServerAdmin rafael@herrerosolis.com
    Redirect permanent / https://webmail.herrerosolis.com/
#    DocumentRoot /var/www/rafael
    ServerName webmail.herrerosolis.com
    ServerAlias webmail.herrerosolis.com
    ErrorLog /var/log/apache2/webmail/error.log

    # Posible values include: debug, info, notice, warn, error, crit.
    # alert, emerg.

    CustomLog /var/log/apache2/webmail/access.log combined
</virtualHost>

<VirtualHost *:443>
    ServerAdmin rafael@herrerosolis.com
    DocumentRoot /var/lib/roundcube
    ServerName webmail.herrerosolis.com
    ServerAlias webmail.herrerosolis.com

    ErrorLog /var/log/apache2/webmail/error.log

    # Posible values include: debug, info, notice, warn, error, crit.
    # alert, emerg.
    CustomLog /var/log/apache2/webmail/access.log combined
    SSLEngine on
    SSLCertificateFile /etc/ssl/certs/herrerosolis.crt
    SSLCertificateKeyFile /etc/ssl/private/herrerosolis.key
</virtualHost>

OPTIONAL: Remove TinyMCE

TinyMCE is a WYSIWYG text-editor for HTML emails. I hate it. It had a long history of being insecure, buggy, slow, and hard to use. So I disable it:

Edit /etc/roundcube/apache.conf: 

Comment out these lines:
	#<Directory "/usr/share/tinymce/www/">
	#      Options Indexes MultiViews FollowSymLinks
	#      AllowOverride None
	#      Order allow,deny
	#      allow from all
	#</Directory>

Create Databases

mysql -u root -p

CREATE DATABASE email_accounts;

USE email_accounts;

CREATE TABLE mailboxes (
    id INT(10) NOT NULL AUTO_INCREMENT PRIMARY KEY,
    domain_id INT(10) NOT NULL,
    local_part VARCHAR(250) NOT NULL,
    password VARCHAR(100) NULL,
    description VARCHAR(250) NULL,
    active TINYINT(1) NOT NULL DEFAULT 0,
    created TIMESTAMP NOT NULL DEFAULT NOW(),
    modified TIMESTAMP NULL
);
CREATE TABLE aliases (
    id INT(10) NOT NULL AUTO_INCREMENT PRIMARY KEY,
    domain_id INT(10) NOT NULL,
    local_part VARCHAR(250) NOT NULL,
    goto VARCHAR(250) NOT NULL,
    description VARCHAR(250) NULL,
    active TINYINT(1) NOT NULL DEFAULT 0,
    created TIMESTAMP NOT NULL DEFAULT NOW(),
    modified TIMESTAMP NULL
);
CREATE TABLE vacations (
    id INT(10) NOT NULL AUTO_INCREMENT PRIMARY KEY,
    mailbox_id INT(10) NOT NULL,
    subject VARCHAR(250) NOT NULL,
    body TEXT NOT NULL,
    description VARCHAR(250) NULL,
    active TINYINT(1) NOT NULL DEFAULT 0,
    created TIMESTAMP NOT NULL DEFAULT NOW(),
    modified TIMESTAMP NULL
);

CREATE TABLE domains (
    id INT(10) NOT NULL AUTO_INCREMENT PRIMARY KEY,
    fqdn VARCHAR(250) NOT NULL,
    type ENUM('local','relay') NOT NULL DEFAULT 'local',
    description VARCHAR(250) NULL,
    active TINYINT(1) NOT NULL DEFAULT 0,
    created TIMESTAMP NOT NULL DEFAULT NOW(),
    modified TIMESTAMP NULL
);

Create your first email account and domain

Domain

INSERT INTO domains VALUES(NULL,'herrerosolis.com','local','My personal domain',1,NOW(),NOW());

User

INSERT INTO mailboxes VALUES(NULL,1,'joe',MD5('password - choose a good one'),'My account for joe@herrerosolis.com',1,NOW(),NOW());

Alias

insert into aliases values (null, 1, 'support', 'ceo@mydomain.com', 'Redirecting support@ to the CEO. It will be a good experience', 1, NOW(), NOW() );

Create a database-account to access the database

grant ALL on email_accounts.* to 'email'@'localhost' identified by 'password';
flush privileges;

http://bradthemad.org/tech/notes/exim_cheatsheet.php

STARTTLS

https://wiki.debian.org/Exim

Troubleshooting

exim4 -bP | grep tls_

test with: 

sudo apt-get install swaks
swaks -a -tls -q HELO -s gollum.redactate.com -au test -ap '<>'
  1. Choose internet site
  2. Choose domain

configuration (mp4)

Resources

http://t-machine.org/index.php/2014/06/27/webmail-on-your-debian-server-exim4-dovecot-roundcube/

Retrieved from "https://wiki.herrerosolis.com/index.php?title=Linux_Mail_Server:_Exim4&oldid=1031"