I was about to do the usual dance of setting up a mail system comprising of:
- Postfix (outbound)
- Dovecot (inbound – pop and imap)
- MySQL (MariaDB for mailboxes etc.)
- SpamAssassin (anti-spam)
- ClamAV (anti-virus)
- Roundcube (webmail)
- Nginx (for the webmail)
- SSL keys for everything
- DNS – DKIM/SPF/etc
- IPTables firewall additions
It’s pretty intense setting all this up, so it’s recommended that you build using a configuration management tool like Ansible.
I took a look to see if there was a more modern way to do all this..
iRedmail is an open source package that installs/configures all of the above and an administration panel iRedAdmin! The panel allows for user and domain administration but the pro version is what handles aliases and so on. It’s very expensive an unnecessary. You can make the same changes via the DB with one liners. If you have a server like Jenkins, you could easily push-button automate this. If/when I do, I’ll update this post.
You still need to add all the DNS entries (SPF, DKIM, etc) and sort out your SSL certs, plus integration with a smarthost (like Sendgrid).
Go here: http://www.iredmail.org/ and follow the instructions for your OS. It’s really *that* easy. It will even install the database server for you. 🙂
Add SendGrid (or another smart host / relay service) support
However, the local AV instance expects an unencrypted connection, so you need to account for this. Remember to restart the service after the config change with (debian/ubuntu) /etc/init.d/postfix restart.
# Sendgrid smarthost
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = static:USERNAME:PASSWORD
smtp_sasl_security_options = noanonymous
smtp_tls_security_level = encrypt
header_size_limit = 4096000
relayhost = [smtp.sendgrid.net]:587
smtp-amavis unix – – – – 2 smtp
127.0.0.1:10025 inet n – – – – smtpd
< snip >