An Openismus client demanded that all email communication with them should be over TLS tunnelling, with the mail server being on-site, so my regular hosted mail accounts won’t do, and even a hosted server wouldn’t be enough. Frankly, I’d rather not have the trouble and expense of maintaining my own servers, but it’s a nice client so to please them I set up a mail server like so:
- Buy a quiet (no fan) low-power PC. I chose an ichbinleise PC LL10. It’s not very pretty or powerful or small, but it’s enough for a mail server. Ichbinleise (MR Computertechnik), seem to use cases and parts from Silverstone.
- The new AMD Geode-based PCs are cheaper and require much less power, but pre-built systems don’t seem to be properly on the market yet.
- This list of mini PCs is interesting.
- It’s not low-power and fanless, I think, but the A-Open Mini PC is pleasantly Mac Mini-like, though I suppose the new intel Mac Minis will support Linux distros some time soon.
- Get a new DSL broadband login from Via, so I can have a static IP Address. The contrast between their web site (simple, what you need) and service (simple, quick) and that of T-Online/Deutsche-Telekom (insanely complex, obscure, beaurocratic, inflexible, expensive) is vast.
- Get an extra domain name just for this email account. I’m not going to risk putting my regular email through this experimental system.
- The domain registrar doesn’t let me enter IP addresses for the DNS name server, so I can’t set up my own DNS server that specifies which of the PCs on my network is the mail server, and of course I can’t create a ns.something.com without having a DNS server. This is probably normal – I wonder how this chicken and egg problem is normally solved. So, I used EasyDNS to get a DNS server, and told the domain registrar to use that name server. Then my DNS entries at EasyDNS specify my static IP address.
- I set up port-forwarding rules on my router (a cheap wireless/DSL thing that I got from Deutsche Telekom), telling it to direct traffic on the POP and IMAP ports to the mail server PC.
- Instead of using port forwarding, I suspect I could have a local DNS server (which would know about the IP addresses on my local subnet) in addition to the EasyDNS server (which can’t use my local IP addresses because they aren’t really assigned, being behind a NAT), but I’m not sure how that would work.
Now to install the mail server software:
- I tried Ubuntu Breezy (I have one thousand CDs, so it’s easy to find one, and was too lazy to download Dapper), but installation failed half-way saying there was a problem with the CD drive.
- Ubuntu Dapper installed perfectly.
- Thanks to a reply to my previous blog about mail servers, I found a great page about installing an email server on Ubuntu. It explained what the point of the different parts is, and told me exactly what to do to install postfix and dovecot with support for IMAP and SMTP using TLS. There’s a scary series of commands that it tells me to type in, but if I have to do that then I’d rather not have to figure it out by myself.
- I found it odd that the email account is defined by the linux shell account, with the same password, so I’d have to add a new shell account just to add a new email account. Those wiki documents mention something about virtual mail hosts, but they seem to be about serving mail for multiple domains. Maybe that’s also how you separate email accounts from shell accounts.