- How to Setup a Courier E-mail Server With Ubuntu Linux
- Expected end-result
- Requirements
- Step-by-step gudie
- Installation
- Configuration — Part 1
- Configuration — Part 2
- Configuration — Part 3, Client-side, Incoming
- For Accounts/Account Information:
- Advanced-Tab
- Configuration — Part 4, Client-side, Outgoing
- Advanced-Tab
- Configuration — Part 5, DNS
- SSL Warnings
- If it doesn’t work
- What’s next?
- Links
- Comments, suggestions, bugs?
- Update (April 16th, 2014)
- Courier Mail Server — latest releases
- Package: Courier
- Package: Courier authentication library
- Package: Courier Unicode Library
- Package: Courier-analog
- Package: Courier-IMAP
- Package: SqWebMail
- Package: maildrop
- Package: courier-sox
- Package: Cone
- Package: sysconftool
How to Setup a Courier E-mail Server With Ubuntu Linux
There are very good reasons to want your own e-mail server. I’ve tried several setups and found the Courier-mailserver the simplest to work with. Here’s a tutorial on how to set it up.
This should take about 15 — 30 minutes.
Expected end-result
Here’s what you will have in the end:
- Own email server where you can configure an unlimited number of email addresses with an unlimited number of domain-names. However, in this setup each address is bound to a user on the Linux system.
- SMTP and IMAP with encryption. Even though email may travel unencrypted to it’s destination, the link between your mail client and your mail server should be encrypted.
Requirements
- An Ubuntu 13.10 server in the cloud (other Ubuntu version should work). You can get those for 5 euros a month or so. (Because a virtual server is just fine for this task. You don’t need 32 Gigs of RAM and 8 cores..)
- A domain-name where you can configure DNS. Specifically: You want to change the MX-record.
- Some basic knowledge of Linux.
Step-by-step gudie
Ok, I will explain to you now how to install the Courier mail suite. I know there are several popular other ones, but this just happens to be a guide about Courier.
If you get stuck or have special config needs, then please also refer to the end of the article where I list a few helpful links.
Installation
First, connect to your email-server using SSH. Make sure you can execute commands with sudo. Start with
to update your packet sources.
sudo apt-get install courier-imap courier-imap-ssl courier-mta courier-authdaemon courier-mta-ssl courier-maildrop telnet
telnet is in there for testing. You can remove it if you you want, but telnet is nice to check if SMTP works and what its configuration is.
Configuration — Part 1
Enter your domain in /etc/courier/locals. Do the same in /etc/courier/esmtpacceptmailfor.dir/domains.
Run sudo makeacceptmailfor to have these changes accepted.
Create a user, let’s say “suntke” (I think that’s a Frisian first name..).
sudo useradd -d /home/suntke -m suntke
And create a password for him.
This user can login to your linux-box now using the password you specified. Now, let’s create a maildir for him.
cd /home/suntke maildirmake Maildir maildirmake -q 1000000000S Maildir chown -R suntke:suntke Maildir
(prefix with sudo as needed. The -q flag sets a quota. Just use some high number..)
So, let’s say the domain-name was “example.com”, then this means you have just created the email-address “suntke@example.com”. Incoming email will be stored in /home/suntke/Maildir.
You can add as many users and domains as you like.
You can now go ahead and send and receive emails. However, I suggest you add some extra security through encryption.
Configuration — Part 2
In /etc/courier/esmtpd-ssl set AUTH_REQUIRED to 1. This forces authentication. In /etc/courier/esmtpd set ESMTPAUTH=”LOGIN PLAIN”.
/etc/courier/esmtpd.pem should exist and be not world-readable. This should automatically enable ESMTP STARTTLS, encrypted SMTP.
When you are done, you can restart everything: (added newlines for readabilty)
/etc/init.d/courier-authdaemon restart && /etc/init.d/courier-imap restart && /etc/init.d/courier-mta restart && /etc/init.d/courier-mta-ssl restart && /etc/init.d/courier-imap-ssl restart
Configuration — Part 3, Client-side, Incoming
So, this was the server-side. Let’s go ahead and configure a mail-client. I will jsut go ahead and use the fictional user/address suntke@example.com here, as well.
Here’s the settings in Mail on OSX. It’s pretty much analogous with Thunderbird etc.
For Accounts/Account Information:
Account Type: IMAP Description: Example.com Email Address: suntke@example.com Full Name: Suntke Svensson ;) Incoming Mail Server: example.com User Name: suntke Password: ******* Outgoing Mail Server (SMTP): example.com, configured below. TLS Certificate: None
Advanced-Tab
IMAP Path Prefix: INBOX Port: 993 with Use SSL checked. Authentication: Password
Configuration — Part 4, Client-side, Outgoing
Description: example.com Server Name: example.com TLS Certificate: None
Advanced-Tab
Use default ports (25, 465, 587) checked. Use Secure Sockets Layer (SSL) checked Authentication: Password User Name: test Password: *******
Configuration — Part 5, DNS
Use your domain registrar’s console (or do it yourself) to set the MX record. In this case you’d just set example.com, because you didn’t configure any subdomains such as mail.example.com.
SSL Warnings
Your Mail-program or OS will probably complain about the certificates not being signed. You can decide if you want to have them signed. It doesn’t make much sense if it’s just for yourself. Mark the certificate as “trusted” or add them to your “trusted certs” collection in your keychain.
If it doesn’t work
Try restarting both the server processas as well as your mail-client. Make sure your system trusts the certificates. Double-check your passwords.
As I was trying to verify this tutorial on a testing server it wouldn’t work at first, but restarting the client and accepting the certs permanently did the trick.
What’s next?
That’s it, congratulations. You have your own email-webserver. Here’s a few ideas on what you could do next:
- install spamassassin. It’s not difficult and I’m sure you can google it. Or I can write a short post about it in the future.
- install GPGTools so you can encrypt your email end-to-end. (this is for Mac, similar software is available for every major OS though.)
- install squirrel-webmail if you need/want a web-frontend. Not my kind of thing but I thought I’d mention it.
- use a database to manage users.
- write filters for courier to automate things.
- install the whole thing on a tiny computer like the Raspberry Pi, use a dynamic-DNS vendor that support updating of MX records, configure your router to forward mail to your Pi, and host the whole thing at home. 😉
Links
Here are some links that might help you with Courier:
Comments, suggestions, bugs?
If you have something to add or correct, please let me know so I can update this guide. Let’s spare others extra work and frustration..
Update (April 16th, 2014)
In case you mess up along the way and then get errors like “Mailbox unavailable” (but you have already solved the underlying problem), you can reset a mailbox like this:
$ courier clear suntke@example.com
I needed this recently when I could not figure out what the problem is. Turns out, I solved the problem earlier but didn’t clear the “broken mailbox flag”.
Courier Mail Server — latest releases
Public Github repository with miscellaneous scripts and tools.
Package: Courier
This package includes the entire source code for the Courier mail server — the mail server, IMAP server, webmail server, and the maildrop mail filter. You do not need to install those individual packages if you download this package.
Package: Courier authentication library
The Courier Authentication Library is a generic authentication API that encapsulates the process of validating account passwords. In addition to reading the traditional account passwords from /etc/passwd , the account information can alternatively be obtained from an LDAP directory; a MySQL or a PostgreSQL database; or a GDBM or a DB file. The Courier authentication library must be installed before building any Courier packages that needs direct access to mailboxes (in other words, all packages except for courier-sox, courier-analog, and courier-unicode).
Package: Courier Unicode Library
The Courier Unicode Library is used by most other Courier packages, and needs to be installed in order to use them or build them.
Package: Courier-analog
This is an optional package, the Courier log analyzer. Courier-analog generates log summaries for incoming and outgoing SMTP connections, and IMAP and POP3 activity. courier-analog can generate output in text or HTML format.
Package: Courier-IMAP
This package contains the standalone Courier IMAP server, which is used to provide IMAP access to local mailboxes. Courier-IMAP is provided here as a separate package that can be used with other mail servers as well.
Package: SqWebMail
This package contains the SqWebMail webmail CGI. This CGI is used by the Courier mail server to provide webmail access to local mailboxes. SqWebMail is provided here as a separate package that can be used with other mail servers as well.
Package: maildrop
This package contains the maildrop delivery agent/mail filter. This mail filter module is included in the Courier mail server, which uses it to filter incoming mail. Maildrop is provided here as a separate package that can be used with other mail servers as well.
Package: courier-sox
This package contains the Courier Socks 5 Proxy client library, which allows Courier to send outgoing mail using a Socks 5 proxy. You will need to install this package before building Courier in order to use a Socks proxy to send outgoing mail.
Package: Cone
This package contains Cone , a text-based mail client based, in part, on Courier libraries.
Package: sysconftool
The sysconftool utility contains an additional autoconf macro used by Courier to install configuration files. You only need to install sysconftool if you intend to check out Courier from Git. You do not need to install sysconftool in order to compile and install tarballed releases.