Local Mail Server Setup

[petersfreeman]

Background

We now live in an area where our link to the internet is an expensive wireless connection using the cellular system.

Members of our family email each other a lot, with large attachments such as videos, pictures, etc.

Goal

I want to set-up a LAN mail server that we can use for family members where the mail just stays within the LAN and does not go out onto the Internet.

Progress

I installed Ubuntu 12.04 LTS Server 64 bit on a spare machine following the guide at this web site:

The Perfect Server - Ubuntu 12.04 LTS (Apache2, BIND, Dovecot, ISPConfig 3)

I registered the domain musgravelanding.net with hover and you can see the results at:

http://pingability.com/zoneinfo.jsp?...avelanding.net

Results

Here is my /etc/hosts file:

Code:

127.0.0.1       localhost.localdomain   localhost
192.168.241.80  server.musgravelanding.net      server

# The following lines are desirable for IPv6 capable hosts
::1     ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters

And here is my /etc/hostname file:

Code:

server.musgravelanding.net

My /etc/postfix/main.cf is:

Code:

# See /usr/share/postfix/main.cf.dist for a commented, more complete version


# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

readme_directory = /usr/share/doc/postfix

# TLS parameters
smtpd_tls_cert_file = /etc/postfix/smtpd.cert
smtpd_tls_key_file = /etc/postfix/smtpd.key
smtpd_use_tls = yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

myhostname = server.musgravelanding.net
alias_maps = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
alias_database = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
myorigin = /etc/mailname
mydestination = server.musgravelanding.net, localhost, localhost.localdomain
relayhost =
mynetworks = 127.0.0.0/8 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
html_directory = /usr/share/doc/postfix/html
virtual_alias_domains =
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, proxy:mysql:/etc/postfix/mysql-virtual_email2email.cf, hash:/var/lib/mailman/data/virtual-mailman
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
virtual_mailbox_base = /var/vmail
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_sasl_authenticated_header = yes
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, check_recipient_access mysql:/etc/postfix/mysql-virtual_recipient.cf, reject_unauth_destination
smtpd_tls_security_level = may
transport_maps = proxy:mysql:/etc/postfix/mysql-virtual_transports.cf
relay_domains = mysql:/etc/postfix/mysql-virtual_relaydomains.cf
relay_recipient_maps = mysql:/etc/postfix/mysql-virtual_relayrecipientmaps.cf
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps
smtpd_sender_restrictions = check_sender_access mysql:/etc/postfix/mysql-virtual_sender.cf
smtpd_client_restrictions = check_client_access mysql:/etc/postfix/mysql-virtual_client.cf
smtpd_client_message_rate_limit = 100
maildrop_destination_concurrency_limit = 1
maildrop_destination_recipient_limit = 1
virtual_transport = dovecot
header_checks = regexp:/etc/postfix/header_checks
mime_header_checks = regexp:/etc/postfix/mime_header_checks
nested_header_checks = regexp:/etc/postfix/nested_header_checks
body_checks = regexp:/etc/postfix/body_checks
owner_request_special = no
dovecot_destination_recipient_limit = 1
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
content_filter = amavis:[127.0.0.1]:10024
receive_override_options = no_address_mappings

The result of a test send is:

Code:

echo "Subject: Test" | /usr/lib/sendmail -v peter@musgravelanding.net
Mail Delivery Status Report will be mailed to <peter>.

Testing with netstat reveals:

Code:

peter@server:~$ netstat -an | grep tcp | grep 25
tcp        0      0 127.0.0.1:10025         0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:25              0.0.0.0:*               LISTEN
tcp        0      0 127.0.0.1:3306          127.0.0.1:41625         ESTABLISHED
tcp        0      0 127.0.0.1:41625         127.0.0.1:3306          ESTABLISHED
tcp6       0      0 :::25                   :::*                    LISTEN
You have new mail in /var/mail/peter

And iptables:

Code:

peter@server:~$ sudo iptables -nvL
[sudo] password for peter:
Chain INPUT (policy ACCEPT 34799 packets, 42M bytes)
 pkts bytes target     prot opt in     out     source               destination
  824 67412 fail2ban-dovecot-pop3imap  tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            multiport dports 110,995,143,993
  263 14292 fail2ban-pureftpd  tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            multiport dports 21
 2202  187K fail2ban-ssh  tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            multiport dports 22

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination

Chain OUTPUT (policy ACCEPT 21919 packets, 1686K bytes)
 pkts bytes target     prot opt in     out     source               destination

Chain fail2ban-dovecot-pop3imap (1 references)
 pkts bytes target     prot opt in     out     source               destination
  818 67052 RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0

Chain fail2ban-pureftpd (1 references)
 pkts bytes target     prot opt in     out     source               destination
  263 14292 RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0

Chain fail2ban-ssh (1 references)
 pkts bytes target     prot opt in     out     source               destination
 2202  187K RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0
peter@server:~$

Checking with Telnet reveals:

Code:

peter@server:~$ telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.localdomain.
Escape character is '^]'.
220 server.musgravelanding.net ESMTP Postfix (Ubuntu)
ehlo server
250-server.musgravelanding.net
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
quit
221 2.0.0 Bye
Connection closed by foreign host.
peter@server:~$

And a look at the logs:

Code:

peter@server:~$ tail /var/log/mail.log
Jun 18 14:49:36 server postfix/smtpd[8749]: disconnect from localhost.localdomain[127.0.0.1]
Jun 18 14:49:40 server postfix/smtpd[8749]: connect from localhost.localdomain[127.0.0.1]
Jun 18 14:50:01 server postfix/smtpd[8823]: connect from localhost.localdomain[127.0.0.1]
Jun 18 14:50:01 server postfix/smtpd[8823]: lost connection after CONNECT from localhost.localdomain[127.0.0.1]
Jun 18 14:50:01 server postfix/smtpd[8823]: disconnect from localhost.localdomain[127.0.0.1]
Jun 18 14:50:01 server dovecot: imap-login: Disconnected (no auth attempts): rip=127.0.0.1, lip=127.0.0.1, secured
Jun 18 14:50:01 server dovecot: pop3-login: Disconnected (no auth attempts): rip=127.0.0.1, lip=127.0.0.1, secured
Jun 18 14:50:17 server postfix/smtpd[8749]: disconnect from localhost.localdomain[127.0.0.1]
Jun 18 14:50:21 server postfix/smtpd[8823]: connect from localhost.localdomain[127.0.0.1]
Jun 18 14:50:28 server postfix/smtpd[8823]: disconnect from localhost.localdomain[127.0.0.1]
peter@server:~$

At this point /var/log/mail.err is empty

From my wife's computer using Thunderbird, she tried to send me a test email, but it gives a SMTP error when Thunderbird is set up as smtp.musgravelanding.net. When I change the settings in Thunderbird to give the server the explicit ipaddress 192.168.241.80 the mail is sent.



Questions

1. What do I need to do to get this working?
2. I don't understand how to set the MX record if that is appropriate?
3. Can you recommend links to further advice on this topic?

Thank you,

Peter

[petersfreeman]

It appears that the mail system is working perfectly as my wife and I are able to send emails back and forth using Squirrel Mail. The problem seems to be how to set up Thunderbird with the right settings. I've already experimented at random with no success, so now I'll go in and approach it more systematically.

Peter

[petersfreeman]

I found the solution to my problem. In Thunderbird, I needed to specify the username as peter@musgravelanding.net instead of just peter

My next project is to see if I can get it so I can use Squirrel Mail from outside of my LAN to access my mail.

Cheers,

Peter