Linux Mail Server: Overview and Configuration

E-mail for most users looks like a regular website with a user-friendly interface, where you can comfortably type text, attach pictures and send messages to friends. However, in fact, everything is much more complicated. For data transfer, mail servers on Linux are used. They are engaged in processing, delivery and routing of messages. This article will discuss the most popular mail servers on Linux, as well as how to configure some of them.

Overview of solutions for creating systems for sending and receiving messages

Using a mail server on Linux, you can quickly and conveniently deploy your own mechanism for receiving and sending messages. The web has a lot of ready-made solutions, which only need to be installed and a little "dopilit." Among them, of course, there are also more complex in the configuration of systems, the configuration of which will be shown later on the example of Postfix.

SendMail - popular and fast

SendMail can be called a pioneer among mail servers on Linux. The first version was released in 1983. Since then, SendMail has mastered many stations and nodes. Actively used to this day. A fast and optimized server, but does not meet modern security requirements and is quite difficult to configure.

Postfix - flexible, powerful and reliable

Originally developed for the internal needs of the IBM research center. Many functions and features are borrowed from SendMail. However, it is much faster, safer, and setting takes less time and effort. Can be used as a mail server on Linux, MacOS, Solaris.

IredMail

This server is essentially a large set of scripts and configuration files. With their help, you can quickly raise the mail server on Linux with the Web-interface and without. It supports SMTP, POP3 and IMAP protocols. Installation procedure in general will not take more than 10 minutes, depending on the skill of the administrator.

In the process of setting up the iRedMail mail server , anti-virus and spam tools will be automatically installed. In addition to them can be added mechanisms for password protection, various analyzers and so on. An excellent version of the finished Linux mail server.

IndiMail

It combines several well-known protocols and technologies for the implementation of the transmission of e-mail messages. The system integrates the ability to create channels between nodes of the same network, for example, to organize a common mail resource for different branches of the company. The system has a very flexible configuration mechanism. It is implemented through the redefinition of variables, of which there are about 200 in the server. At the same time, several threads of IndiMail work can be created in parallel.

Rumble

A Linux mail server written in C ++. There is a built-in API for managing and creating scripts. It has a lot of functions and possibilities out of the box. Several known versions of the DBMS are supported. If you want or reconfiguration, you can quickly move from one to another. Server interfaces are divided by rights to their specific zones - users, domain administrators and servers.

Zentyal

Probably the easiest and most convenient ready-to-use Linux mail server. In it, almost all the instructions and settings are executed in a special graphical interface. This mail server is based on Linux Ubuntu. Adding features or features is done by installing new modules. With its help, you can organize both a separate mail server, and a certain router or mediation node between the main highways.

Axigen

Free, powerful and feature-rich mail server. Can use both through its own web interface, and through any email client. Can collect mail from external mailboxes, automatically respond to messages, filter them, and also conveniently import in CSV format.

For configuration and administration, there is its own web interface. For lovers of the classical model of control - it is possible to set commands through the console.

The server supports a large number of operating systems, including the Windows line. The process of interaction is very well documented and explained by numerous examples on the developer's site.

CommuniGate Pro

Cross-platform server, capable of working with e-mail and voice messages. It is possible to connect to it using e-mail clients or a centralized web interface. There is an implementation of differentiating the access rights of one account for several people. Plug-ins can help in the integration of various anti-virus systems and solutions.

Setting up an example of one system

After reviewing the mail servers on Linux, you should consider setting up one of them in more detail.

For example, you can show how to install and configure Postfix on Ubuntu. It is assumed that the hardware already has this operating system and updated to the latest version.

The first thing to do is download the server itself. It is available in Ubuntu repositories, so you need to type in the terminal:

During the installation process, the system will ask you to specify a new password for the database user under the root account. Then it must be repeated for confirmation. Then you can ask what type of installation you are interested in. Then the system mail name, in which you can specify - some.server.ru.

Now you need to create a database for the server. You can do this with the command:

Mysqladmin -u root -p create mail.

It is here that you will need the password previously specified for the database.

Now you can go into the MySQL shell using the command:

Mysql -u root. The system again asks for the password to be entered.

Next is a set of commands that will help create a new user with privileges:

You will also need tables in the main database, you can create them in the following way:

Now the mysql console is no longer needed and you can exit it.

Postfix configuration

First, you need to show the server how to access the database, how to search for the required values there. Several files will be created for this purpose. They can be located in the / etc / postfix directory. Here are their names:

They should contain the following contents, among which the query string for each file will be unique:

User = the name of the admin specified when the table was created;

Password = ;

Dbname = the name of the database created;

Query = query, its own for each file;

Hosts = 127.0.01.

Variable query for files:

These files will have a password for entering the database, so you need to somehow limit them. For example, to set rights, these are limiting.

Now there are a few more settings to add to Postfix. It is worth noting that in the lines below, you need to replace some.server.ru with a real domain.

Safety Certificates

First, you need to create your own certification authority, which will confirm the reliability of all certificates.

A repository for files is created:

Mkdir ~ / CA_new

And the configuration file. It contains the following code:

A short explanation to it:

• Variable C - here you need to specify the country in a two-letter format, for example, for Russia - RU;
• ST - means a specific region or region;
• L - city;
• O - name of the enterprise;
• CN - here you need to specify the domain to which the key is intended;
• E-mail address.

Then the key itself is created:

Sudo openssl genrsa -des3 -out ca.key 4096

The system will prompt you for a password for this key, which in no case should be forgotten.

Now you need an open version of the key:

Openssl req -new -x509 -nodes -sha1 -days 3650 -key ca.key -out ca.crt -config ca.conf

Here you will need to enter the previously created password for the private key.

Now the certificate:

Openssl pkcs12 -export -in ca.cer -inkey ca.key -out ca.pfx

Next, you need to create a directory where all the generated keys will be stored. Each server has its own folder.

Mkdir SERV

Mkdir SERV / some.domain.com

And it creates its own configuration:

Nano SERV / some.domain.com/s openssl.conf

Inside it should be the settings shown below. They are similar to those that have already been created.

To generate the keys, use the command:

Sudo openssl genrsa -passout pass: 1234 -des3 -out SERV / some.server.ru / server.key.1 2048

This line uses the password 1234. It is needed for a while.

Now the password from the team is removed:

Openssl rsa -passin pass: 1234 -in SERV / some.server.ru / server.key.1 -out SERV / some.server.ru/server.key

Now you need to sign the key:

SERV /some.server.ru/ openssl.conf -new -key SERV /some.server.ru/ server.key -out SERV /some.server.ru/ server.csr Openssl req -config SERV /some.server.ru/ openssl.conf -new -key SERV /some.server.ru/ server.key -out SERV /some.server.ru/ server.csr

rm -f SERV/ some.server.ru/server.key.1 And delete the temporary: rm -f SERV / some.server.ru/server.key.1

With the help of the manipulations, there will be a mail server that can simply receive and send messages. In addition to the main ones, there are additional modules that can be installed to expand the functionality. This will create a full-fledged mail server on Linux for the enterprise.

Additional functions

The following modules can be used to extend the capabilities of the mail server, for example, "Antispam" or a distribution service.

• Horde. Very convenient web interface for mail. In addition to its main task has an integrated calendar, scheduler and contacts. Has a convenient configuration and configuration.
• Amavisd-new. It serves as a gateway and is used mainly for docking various technologies. Amavisd-new receives a message, filters it, finds out if it can be dangerous, and connects the additional functions of other modules for verification.
• SpamAssassin. As the name implies, the module filters messages according to certain rules, calculating spam. Can be used both separately and as part of various demons.
• ClamAV. Popular in Linux-based antivirus. Is free software. Can work with many different mail servers, scan files and messages on the fly.
• Razor. ostfix. This module stores checksums of spam emails and directly interacts with P ostfix.
• Pyzor is another tool for detecting messages that contain malicious or useless code for the user.
• Fail2ban. A tool that protects user accounts from brute-force password cracking. After a certain number of attempts, the specific IP address is blocked for a while.
• Mailman. A convenient tool for creating mailings through the web interface.
• Munin. A tool for monitoring the operation of the server. Has a large number of ready-made plug-ins that extend its capabilities. Network protocols can be monitored on convenient graphs.

Conclusion

As you can see from the article, installing and configuring a full-fledged mail server manually is a long and difficult task. However, this approach will allow us to understand in general how the system works, and to know its vulnerable and strong places. In case of problems, the trained administrator can quickly localize and fix the problem. It will be especially relevant for large companies whose work is completely dependent on the promptness of receiving and sending messages to customers or partners. For smaller networks, the "out of the box" solution is also quite suitable, which can be quickly deployed using a user-friendly interface.

However, in the event of a server failure, you will have to dig a long time and understand the system's device. The article, using Postfix mail server as an example, showed the basic methods and methods of setting for primary work. Together with a large number of modules, plug-ins and add-ons, this will create a powerful and reliable tool for sending and receiving messages.