Introduction

There are very good reasons to want your own e-mail server. I’ve tried several setups and found the Courier-mailserver the simplest to work with. Here’s a tutorial on how to set it up.

This should take about 15 - 30 minutes.

Expected end-result

Here’s what you will have in the end:

• Own email server where you can configure an unlimited number of email addresses with an unlimited number of domain-names. However, in this setup each address is bound to a user on the Linux system.
• SMTP and IMAP with encryption. Even though email may travel unencrypted to it’s destination, the link between your mail client and your mail server should be encrypted.

Requirements

Here’s what you need:

• An Ubuntu 13.10 server in the cloud (other Ubuntu version should work). You can get those for 5 euros a month or so. (Because a virtual server is just fine for this task. You don’t need 32 Gigs of RAM and 8 cores..)
• A domain-name where you can configure DNS. Specifically: You want to change the MX-record.
• Some basic knowledge of Linux.

Step-by-step gudie

Ok, I will explain to you now how to install the Courier mail suite. I know there are several popular other ones, but this just happens to be a guide about Courier.

If you get stuck or have special config needs, then please also refer to the end of the article where I list a few helpful links.

Installation

First, connect to your email-server using SSH. Make sure you can execute commands with sudo. Start with

sudo apt-get update

to update your packet sources.

Installation time:

sudo apt-get install courier-imap courier-imap-ssl courier-mta courier-authdaemon courier-mta-ssl courier-maildrop telnet

telnet is in there for testing. You can remove it if you you want, but telnet is nice to check if SMTP works and what its configuration is.

Configuration - Part 1

Enter your domain in /etc/courier/locals. Do the same in /etc/courier/esmtpacceptmailfor.dir/domains.

Run sudo makeacceptmailfor to have these changes accepted.

Create a user, let’s say “suntke” (I think that’s a Frisian first name..).

sudo useradd -d /home/suntke -m suntke

And create a password for him.

sudo passwd suntke

This user can login to your linux-box now using the password you specified. Now, let’s create a maildir for him.

cd /home/suntke
maildirmake Maildir
maildirmake -q 1000000000S Maildir
chown -R suntke:suntke Maildir

(prefix with sudo as needed. The -q flag sets a quota. Just use some high number..)

So, let’s say the domain-name was “example.com”, then this means you have just created the email-address “suntke@example.com”. Incoming email will be stored in /home/suntke/Maildir.

You can add as many users and domains as you like.

You can now go ahead and send and receive emails. However, I suggest you add some extra security through encryption.

Configuration - Part 2

In /etc/courier/esmtpd-ssl set AUTH_REQUIRED to 1. This forces authentication. In /etc/courier/esmtpd set ESMTPAUTH=”LOGIN PLAIN”.

/etc/courier/esmtpd.pem should exist and be not world-readable. This should automatically enable ESMTP STARTTLS, encrypted SMTP.

When you are done, you can restart everything: (added newlines for readabilty)

/etc/init.d/courier-authdaemon restart && 
/etc/init.d/courier-imap restart && 
/etc/init.d/courier-mta restart && 
/etc/init.d/courier-mta-ssl restart && 
/etc/init.d/courier-imap-ssl restart

Configuration - Part 3, Client-side, Incoming

So, this was the server-side. Let’s go ahead and configure a mail-client. I will jsut go ahead and use the fictional user/address suntke@example.com here, as well.

Here’s the settings in Mail on OSX. It’s pretty much analogous with Thunderbird etc.

For Accounts/Account Information:

Account Type: IMAP
Description: Example.com
Email Address: suntke@example.com
Full Name: Suntke Svensson ;)

Incoming Mail Server: example.com
User Name: suntke
Password: *******

Outgoing Mail Server (SMTP): example.com, configured below.

TLS Certificate: None

Advanced-Tab

IMAP Path Prefix: INBOX
Port: 993 with Use SSL checked.
Authentication: Password

Configuration - Part 4, Client-side, Outgoing

Description: example.com
Server Name: example.com

TLS Certificate: None

Advanced-Tab

Use default ports (25, 465, 587) checked.

Use Secure Sockets Layer (SSL) checked

Authentication: Password
User Name: test
Password: *******

Configuration - Part 5, DNS

Use your domain registrar’s console (or do it yourself) to set the MX record. In this case you’d just set example.com, because you didn’t configure any subdomains such as mail.example.com.

SSL Warnings

Your Mail-program or OS will probably complain about the certificates not being signed. You can decide if you want to have them signed. It doesn’t make much sense if it’s just for yourself. Mark the certificate as “trusted” or add them to your “trusted certs” collection in your keychain.

If it doesn’t work

Try restarting both the server processas as well as your mail-client. Make sure your system trusts the certificates. Double-check your passwords.

As I was trying to verify this tutorial on a testing server it wouldn’t work at first, but restarting the client and accepting the certs permanently did the trick.

What’s next?

That’s it, congratulations. You have your own email-webserver. Here’s a few ideas on what you could do next:

• install spamassassin. It’s not difficult and I’m sure you can google it. Or I can write a short post about it in the future.
• install GPGTools so you can encrypt your email end-to-end. (this is for Mac, similar software is available for every major OS though.)
• install squirrel-webmail if you need/want a web-frontend. Not my kind of thing but I thought I’d mention it.
• use a database to manage users.
• write filters for courier to automate things.
• install the whole thing on a tiny computer like the Raspberry Pi, use a dynamic-DNS vendor that support updating of MX records, configure your router to forward mail to your Pi, and host the whole thing at home. ;)

Links

Here are some links that might help you with Courier:

• courier-mta.org
• Crazy Squirrel Tutorial
• Courier Mail Server Setup

Comments, suggestions, bugs?

If you have something to add or correct, please let me know so I can update this guide. Let’s spare others extra work and frustration..

Update (April 16th, 2014)

In case you mess up along the way and then get errors like “Mailbox unavailable” (but you have already solved the underlying problem), you can reset a mailbox like this:

$ courier clear suntke@example.com 

I needed this recently when I could not figure out what the problem is. Turns out, I solved the problem earlier but didn’t clear the “broken mailbox flag”.