emailwiz

Script for setting up an email server automatically
Log | Files | Refs | README

README.md (6419B)

      1 # Email server setup script
      2 
      3 I wrote this script during the grueling process of installing and setting up
      4 an email server. It perfectly reproduces my successful steps to ensure the
      5 same setup time and time again, now with many improvements.
      6 
      7 I'm glad to say that dozens, hundreds of people have now used it and there is a
      8 sizeable network of people with email servers thanks to this script.
      9 
     10 I've linked this file on Github to a shorter, more memorable address on my
     11 website so you can get it on your machine with this short command:
     12 
     13 ```sh
     14 curl -LO lukesmith.xyz/emailwiz.sh
     15 ```
     16 
     17 When prompted by a dialog menu at the beginning, select "Internet Site", then
     18 give your full domain without any subdomain, i.e. `lukesmith.xyz`.
     19 
     20 ## This script installs
     21 
     22 - **Postfix** to send and receive mail.
     23 - **Dovecot** to get mail to your email client (mutt, Thunderbird, etc.).
     24 - Config files that link the two above securely with native log-ins.
     25 - **Spamassassin** to prevent spam and allow you to make custom filters.
     26 - **OpenDKIM** to validate you so you can send to Gmail and other big sites.
     27 
     28 ## This script does _not_
     29 
     30 - use a SQL database or anything like that.
     31 - set up a graphical interface for mail like Roundcube or Squirrel Mail. If you
     32   want that, you'll have to install it yourself. I just use
     33   [isync/msmtp/mutt-wizard](https://github.com/lukesmithxyz/mutt-wizard) to
     34   have an offline mirror of my email setup and I recommend the same. There are
     35   other ways of doing it though, like Thunderbird, etc.
     36 
     37 ## Requirements
     38 
     39 1. A **Debian or Ubuntu server**. I've tested this on a
     40    [Vultr](https://www.vultr.com/?ref=8384069-6G) Debian server and one running
     41    Ubuntu and their setup works, but I suspect other VPS hosts will have
     42    similar/possibly identical default settings which will let you run this on
     43    them. Note that the affiliate link there to Vultr gives you a $100 credit
     44    for the first month to play around.
     45 2. **A Let's Encrypt SSL certificate for your site's `mail.` subdomain**.
     46 3. You need two little DNS records set on your domain registrar's site/DNS
     47    server: (1) an **MX record** pointing to your own main domain/IP and (2) a
     48    **CNAME record** for your `mail.` subdomain.
     49 4. **A Reverse DNS entry for your site.** Go to your VPS settings and add an
     50    entry for your IPv4 Reverse DNS that goes from your IP address to
     51    `<yourdomain.com>` (not mail subdomain). If you would like IPv6, you can do
     52    the same for that. This has been tested on Vultr, and all decent VPS hosts
     53    will have a section on their instance settings page to add a reverse DNS PTR
     54    entry.
     55    You can use the 'Test Email Server' or ':smtp' tool on
     56    [mxtoolbox](https://mxtoolbox.com/SuperTool.aspx) to test if you set up
     57    a reverse DNS correctly. This step is not required for everyone, but some
     58    big email services like Gmail will stop emails coming from mail servers
     59    with no/invalid rDNS lookups. This means your email will fail to even
     60    make it to the recipients spam folder; it will never make it to them.
     61 5. `apt purge` all your previous (failed) attempts to install and configure a
     62    mail server. Get rid of _all_ your system settings for Postfix, Dovecot,
     63    OpenDKIM and everything else. This script builds off of a fresh install.
     64 6. Some VPS providers block mail port numbers like 25, 933 or 587 by default.
     65    You may need to request these ports be opened to send mail successfully.
     66    Vultr and most other VPS providers will respond immediately and open the
     67    ports for you if you open a support ticket.
     68 
     69 ## Post-install requirement!
     70 
     71 - After the script runs, you'll have to add additional DNS TXT records which
     72   are displayed at the end when the script is complete. They will help ensure
     73   your mail is validated and secure.
     74 
     75 ## Making new users/mail accounts
     76 
     77 Let's say we want to add a user Billy and let him receive mail, run this:
     78 
     79 ```
     80 useradd -m -G mail billy
     81 passwd billy
     82 ```
     83 
     84 Any user added to the `mail` group will be able to receive mail. Suppose a user
     85 Cassie already exists and we want to let her receive mail too. Just run:
     86 
     87 ```
     88 usermod -a -G mail cassie
     89 ```
     90 
     91 A user's mail will appear in `~/Mail/`. If you want to see your mail while ssh'd
     92 in the server, you could just install mutt, add `set spoolfile="+Inbox"` to
     93 your `~/.muttrc` and use mutt to view and reply to mail. You'll probably want
     94 to log in remotely though:
     95 
     96 ## Logging in from Thunderbird or mutt (and others) remotely
     97 
     98 Let's say you want to access your mail with Thunderbird or mutt or another
     99 email program. For my domain, the server information will be as follows:
    100 
    101 - SMTP server: `mail.lukesmith.xyz`
    102 - SMTP port: 587
    103 - IMAP server: `mail.lukesmith.xyz`
    104 - IMAP port: 993
    105 
    106 In previous versions of emailwiz, you also had to log on with *only* your
    107 username (i.e. `luke`) rather than your whole email address (i.e.
    108 `luke@lukesmith.xyz`), which caused some confusion. This is no longer the
    109 case.
    110 
    111 ## Benefited from this?
    112 
    113 I am always glad to hear this script is still making life easy for people!  If
    114 this script or documentation has saved you some frustration, you can donate to
    115 support me at [lukesmith.xyz/donate](https://lukesmith.xyz/donate.html).
    116 
    117 ## Troubleshooting -- Can't send mail?
    118 
    119 - Always check `journalctl -xe` to see the specific problem.
    120 - Check with your VPS host and ask them to enable mail ports. Some providers
    121   disable them by default. It shouldn't take any time.
    122 - Go to [this site](https://appmaildev.com/en/dkim) to test your TXT records.
    123   If your DKIM, SPF or DMARC tests fail you probably copied in the TXT records
    124   incorrectly.
    125 - If everything looks good and you *can* send mail, but it still goes to Gmail
    126   or another big provider's spam directory, your domain (especially if it's a
    127   new one) might be on a public spam list.  Check
    128   [this site](https://mxtoolbox.com/blacklists.aspx) to see if it is. Don't
    129   worry if you are: sometimes especially new domains are automatically assumed
    130   to be spam temporarily. If you are blacklisted by one of these, look into it
    131   and it will explain why and how to remove yourself.
    132 - Check your DNS settings using [this site](https://intodns.com/), it'll report
    133   any issues with your MX records
    134 - Ensure that port 25 is open on your server.
    135   [Vultr](https://www.vultr.com/docs/what-ports-are-blocked) for instance
    136   blocks this by default, you need to open a support ticket with them to open
    137   it. You can't send mail if 25 is blocked