From Debian Clusters

This tutorial will walk you through setting up Exim, mutt (optionally), and Dovecot.

Exim

The first thing that needs to be installed is a Mail Transfer Agent (MTA). The MTA does all the behind the scenes work in delivering and receiving e-mail, bringing it from other computers to your mail server. We'll use exim, the current version of which is exim4.

• First,

apt-get install exim4-config

• This won't automatically configure the package as it's installed, so after it's finished, execute

dpkg-reconfigure exim4-config

• At the "General type of mail configuration" prompt, choose internet site; mail is sent and received directly using SMTP.
• The "System mail name" should be the same domain name as will be used in the DNS MX record. Basically, it should be the something.something in someone@something.something.
• "IP-addresses to listen on for incoming SMTP connections" should be the external interface (network card) that machine connects to the internet through. If you're setting this up behind a firewall on one of the services nodes, you'll want that internal address. (Then you can configure your firewall to forward any POP3 or IMAP - the two common mail services - traffic to this particular IP address.) If you have multiple interfaces, it's more secure to set up the MTA to listen on only one of them.
• Local domains refer to any internal domains you might have set up (I've been using raptor.loc in my examples). You can have mail forwarded around internally this way, though it won't go out to the internet. Alternatively, you can also list external aliases here, though each one of them must be registered with DNS and have an MX record. For instance, notice that www.debianclusters.com, www.debianclusters.net, and www.debianclusters.org all bring you to this website. Similarly, I wanted example@debianclusters.org and example@debianclusters.net to also go to example@debianclusters.com, so I added debianclusters.net and debianclusters.org. These must be semicolon separated.
• Any addresses entered in the previous step that were not local should also be added to the "domains to relay mail for".
• We're not using this machine as a smarthost, so there are no "machines to relay mail for".
• The "delivery method for local mail" varies depending on what you want to use the mail server for. Since I'm setting this up for pop3 and eventually imap, I had an easier time using the Maildir format, where mail is stored in a user's home directory. When I tried the mbox format with mutt, read mail would be moved to the home directory, but my pop3 configuration wouldn't take the mail from /var/mail. I'm sure there's a way to do this with mbox; I just haven't figured it out yet.

/etc/aliases

This is where aliases for different accounts can be set up. By default, you should have a long list of e-mail addresses used by the system:

# /etc/aliases
mailer-daemon: postmaster
postmaster: root
nobody: root
hostmaster: root
usenet: root
news: root
webmaster: root
www: root
ftp: root
abuse: root
noc: root
security: root

Notice that with the exception of mailer-daemon, everything floats down to root. If you'd like the root e-mail to be sent to an account other than root, you can add this line to the bottom:

root: otheraccount

DNS MX Records

If we want the mail server to be known to the outside world, we have to register it with DNS. Specifically, we need a Mail eXchange (MX) record for each non-local domain. If you're running your own outside DNS server, not just one for the internal network, and you manage your own domain name records, you can add this yourself. The line looks like this:

IN MX 10 mail.yourdomain.com

Notice the period ending the domain. Since this line references mail.yourdomain.com, you also need to add that line. Something like this:

mail A X.X.X.X

where X.X.X.X is your IP address (the external IP address of your firewall, if you're running this mail server behind it).

As mentioned previously, if you're running this mail server for multiple domains, you'll need to add an MX record for each one of them. (In my case, I needed one for debianclusters.com, debianclusters.net, and debianclusters.org.) Make sure to increment the serial number in any DNS files you update. When all the changes are complete, restart the DNS server with

/etc/init.d/bind9 restart

You can test if your MX record is working with a host lookup specific to MX:

host -t MX yourdomainhere.com

You should see something returned like this:

debianclusters.org MX 10 mail.debianclusters.org

Mutt

This step is optional. Mutt is a Mail User Agent (MUA) - it allows users on the box to check their mail. Setting it up at least for one account is a good way to test if the system so far is working. See Setting up Mutt for details.

Dovecot

At this point, if you've set up mutt, your users can ssh into your mail server and read their e-mail. However, they won't be able to read their e-mail using a program like Thunderbird or Outlook. To enable this, you need to install an IMAP/POP server. I'm going to use Dovecot.

If you want to run an IMAP server, you'll want to apt-get install dovecot-imapd; for POP, apt-get install dovecot-pop3d. If you want to run both services, you'll want to apt-get install both of these.

Note about IMAP and POP: The main difference between IMAP and POP is where the e-mail is stored. With IMAP, the mail is stored on the mail server, whereas with POP, the mail is "popped" from the mail server onto the machine that a user accesses it from and then stored on their local machine. IMAP allows users to access the same e-mail from wherever; however, it also requires more storage space on the server. Installing both enables users to make their own choice about which they prefer.

dovecot-common, the horsepower behind Dovecot, will also be installed as part of these packages.

/etc/dovecot/dovecot.conf

After it's installed, configure Dovecot by editing /etc/dovecot/dovecot.conf. Look for a line like this:

# Protocols we want to be serving: imap imaps pop3 pop3s
# If you only want to use dovecot-auth, you can set this to "none".
#protocols = imap imaps

Uncomment the #protocols line and add the services it should support. The s in imaps and pop3s refers to "secure"; it is a very good idea to run IMAP and POP using secure protocols! Otherwise, passwords will be passed in plain text. (If you're enabling IMAP or IMAPS here, make sure you installed dovecot-imapd; similarly, for POP3 or POP3S, you must have installed dovecot-pop3d.)

You should now be ready to restart Dovecot. Do this with /etc/init.d/dovecot restart.

Troubleshooting

At this point, in the happy day scenario, your mail server should be up and running, and your users should be able to send and receive e-mail. However, if that's not happening, there are a few places you can turn to for more information about what's going on.

mailq

Running mailq will show all the e-mails that Exim has currently waiting to be delivered. Sometimes you might catch a bottleneck or problem here.

/var/log/exim4/mainlog

This is where all successful and failed mail deliveries get noted. (/var/log/exim4/rejectlog will show just those that didn't go through.) Sometimes it's helpful to run tail -f /var/log/exim4/mailog and try sending or receiving mail. The -f will show new changes to the screen as they are written to the file.

Most errors are due to misconfiguration. For instance, an error about "lowest numbered MX record points to local host" indicates a problem with DNS.

Links

• Exim4 + Maildir + mutt on Debian etch mini-HOWTO
• http://koivi.com/exim4-config/
• http://www.qmail.org/man/man5/maildir.html