Mail-Server Setup&Administration m(

29. October 2012. Tagged work, mail, administration.

This weekend I had to set up an email server. One who does not know better, might consider this an easy task. But it is not by far. I had a whole bunch of problems, and a few questions arised while I did it.

Why so many different softwares?

Okay, first: for a user there is just the mail server. Many people are probably used to services as google mail and will think what they see is a mail server. It is not. It is actually just a software that makes use of the mail server. And again: to make use of the mail server sounds like there is actually the mail server, but it still is not. You need an IMAP/POP-server to save emails and distribute them to the users or the webmailer, you need an smtp server to receive incoming emails (which also includes emails you send (yes, really)) and additional stuff, like a provider for authentication or spam filtering and so on.

So in the end, I had to setup all this:

  • Postfix

    A SMTP server, that you can use to send and receive mails

  • Dovecot

    An IMAP/POP-Server that handles mail storage and management. It also enables your local app, like sparrow, outlook or similar to access your mail. IMAP is also very helpful if you want to have your mails synced via multiple devices.

  • MySQL with Postfix-Admin

    This way you do not need to have all mail users as system users. All users, domains, forwards and so on are stored in the database and can be administrated via a web interface.

  • Roundcubemail

    A webmailer. This way your users can access their mail in any broswer from around the world, without having to rely on a client or their personal computer.

  • Nginx

    Or any other webserver. Without it the webmailer and the postfix admin interface would not be available. You can use any other webserver you want, of course. As long as it supports PHP which is required by both web interfaces listed.

So as you can see, there is a whole bunch of services and components involved to get the mail server, as it is seen by the user, up and running.

Why is it so difficult to configure and bring them together?

The most difficult thing here is not setting up the components themselves, but bringing them all together. Finding the configuration settings to make them all work together is an even bigger pain. Especially postfix is a mess to configure. The configuration file is so big and postfix does not forgive easily. Even worse: You might configure postfix to be an open relay or insecure in an other way, which will enable spammers to use it.

So you need different mysql configuration options and a bunch of other options to get them together, that is not that easy.

Especially postfix with it’s usually multiple configuration files ( and is confusing. There are so many services you need to enable and configure in the you probably did not even know of, that it can easily make you cry.

Why is it that complicated at all?

Even with a whole bunch of howtos and tutorials and the knowledge that I did set up a simple mail server already, it took me 5 hours to do it. Setting up the whole rest of the server with sql, web, firewall, os, users and other stuff did not take that long, just to give you an orientation.

So my question is: why does it have to be so complicated? In my opinion it does not have to be that way. A mail server (in my opinion) should at least be able to be (and I say be able to because I see that a lot of flexibility is often necessary, for other setups) all in one and easily configurable. It should be as the user sees it. One server that handles IMAP & SMTP, that offers a webmailer and an administration interface. That is easy to configure and to administer and that comes with a flexible configuration, that is secure by default.

So this would be the utopia. If you do think about setting a mailserver up, consider this very helpful and short list for a first orientation:

  1. If you do have the choice, leave this to an expert or use external providers (like google apps or similar)
  2. If you do not, find a good tutorial and follow it through. It might work quite well, even if the OS is not the same (at least it did that for me).
  3. If there is any way at all, do 1 instead of 2.