DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD General

OpenBSD General Other questions regarding OpenBSD which do not fit in any of the categories below.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 2nd July 2008
Zmyrgel Zmyrgel is offline
Port Guard
 
Join Date: May 2008
Posts: 30
Default Mail server questions

I'm planning to make my first mail server but before I try it (besides waiting my parts to arrive) I want to clear up few details.

I have setup so that my connection from internet hit my soekris firewall which NAT's and allows specified services to my LAN. In my LAN I have my server, desktop and my laptop.

My first question would be about the spamd. I haven't read much how it works, just some details to get the general idea. Anyway, should I run the spamd on my firewall or on my server? The soekris isn't a powerfull computer and is running on CF disk so I'd avoid doing stuff with it.

If I choose to but run the spamd on my server what should I do with the firewall? Forward all ports incoming to smtp to my servers spamd port?


Then about the mail server itself,
I want to download messages from multiple hosts like mails sent directly to my server, mails on my gmail accond etc to my mail server. I want to be able to access these mails from remote locations but so that they stay on my server too. This to avoid things like using mail client on laptop to check messages and then going home and checking messages with desktop only to notice that messages checked out with laptop aren't listed.

I'd like to know few tips on how the above can be made.

Also I want to order the mails based on source and subject but I think procmail handles this.

I still haven't decided on which MTA to use.

But currently I can't think of other questions but I'm sure I'll have some once I get my server up and running and try to make this working.
Reply With Quote
  #2   (View Single Post)  
Old 2nd July 2008
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 7,975
Default

spamd(8):

The spamd daemon is designed to operate with a PF ruleset. It uses few resources, so I believe that unless you are managing hundreds of thousands of users, your Soekris box is likely a good candidate. If you are concerned about it at all, you could also run spamd on the same OS as your MTA.

See this 2005 presentation from Bob Beck: http://www.openbsd.org/papers/bsdcan05-spamd/

Mail Transfer Agents (e-mail servers):

I use sendmail for my MTA, but that's because I'm lazy. Many people have their favorites. Sendmail isn't anyone's favorite, but it is built-in.

For Mail User Agents (e-mail clients), you can use anything you want. From a shell, I like mutt, as it manages threads wonderfully. Note that mutt is is console based so it doesn't do html. (You can save html components of e-mail if you need to view it.) You can set up your MTA to provide (or integrate with) IMAP or POP, so you could use any client you wanted ... even MS Outlook if you desired.

For browser-based mail I use openwebmail, but again, you can pick and choose anything you want there, assuming there's a port/package for it.
Reply With Quote
  #3   (View Single Post)  
Old 2nd July 2008
scottro's Avatar
scottro scottro is offline
Real Name: Scott Robbins
ISO Quartermaster
 
Join Date: Apr 2008
Location: NYC
Posts: 652
Default

As for mutt, it can now even view html mail in most cases. You add something like

text/html; w3m -T text/html -dump %s; copiousoutput

You can even view Word documents.

application/msword; catdoc %s; copiousoutput

(These lines would go into $HOME/.mailcap)
Reply With Quote
  #4   (View Single Post)  
Old 2nd July 2008
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 7,975
Default

Thanks, Scott!
Reply With Quote
  #5   (View Single Post)  
Old 2nd July 2008
scottro's Avatar
scottro scottro is offline
Real Name: Scott Robbins
ISO Quartermaster
 
Join Date: Apr 2008
Location: NYC
Posts: 652
Default

I have page with various other tricks. (Towards the bottom, the first part is for the mutt novice)
http://home.nyc.rr.com/computertaijutsu/mutt.html
Reply With Quote
  #6   (View Single Post)  
Old 2nd July 2008
Oko's Avatar
Oko Oko is offline
Rc.conf Instructor
 
Join Date: May 2008
Location: Kosovo, Serbia
Posts: 1,102
Default

Quote:
Originally Posted by Zmyrgel View Post
I'm planning to make my first mail server but before I try it (besides waiting my parts to arrive) I want to clear up few details.

.
Do you have static IP address, MX record, and reverse DNS?

Last edited by Oko; 2nd July 2008 at 11:22 PM.
Reply With Quote
  #7   (View Single Post)  
Old 3rd July 2008
Zmyrgel Zmyrgel is offline
Port Guard
 
Join Date: May 2008
Posts: 30
Default

Quote:
Originally Posted by Oko View Post
Do you have static IP address, MX record, and reverse DNS?
I have dynamic IP address and no idea what the rest of those are... [looked up from wikipedia]

Well, actually I have a domain name but that maps only to an IP-address. Then I have it to map to my no-ip.com domain name which I can update to point to my IP-address. It's ugly but it works.

jggimi, thanks for the spamd info. I think I'll run the spamd on my soekris. I will probably run spamassassin on my mail server too to be on the safe side.

Last edited by Zmyrgel; 3rd July 2008 at 05:46 AM.
Reply With Quote
  #8   (View Single Post)  
Old 3rd July 2008
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,125
Default

If you have a dynamic address, without a reverse address then you will have a problem delivering mail to other sites on the internet.
As an anti-spam measure, many mail servers are configured not to accept mail from such addresses.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
  #9   (View Single Post)  
Old 3rd July 2008
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 7,975
Default

Many won't accept mail from specific ISPs, certain countries, sometimes even certain continents. You can route outgoing mail through your ISP's mail service or a 3rd party mail service, the technique is called "smarthosting." Incoming mail may need a forwarding service, also, depending on your ISP and their policies / restrictions.

Setting up an MTA to send and receive mail on the Internet isn't necessarily difficult. But ... managing an MTA properly, and being a good network citizen takes effort. That discussion, however, is well beyond the scope of a BSD forum.
Reply With Quote
Old 3rd July 2008
Zmyrgel Zmyrgel is offline
Port Guard
 
Join Date: May 2008
Posts: 30
Default

Quote:
Originally Posted by jggimi View Post
Many won't accept mail from specific ISPs, certain countries, sometimes even certain continents. You can route outgoing mail through your ISP's mail service or a 3rd party mail service, the technique is called "smarthosting." Incoming mail may need a forwarding service, also, depending on your ISP and their policies / restrictions.
Yeah, my ISP blocks all outgoing traffic from port 25 unless you route it through them. There shouldn't be any blocking on incoming.

Shouldn't the emails work if I get my domain working properly and use the domain name on the configuration?
Reply With Quote
Old 3rd July 2008
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 7,975
Default

Outgoing:
Your ISP's servers may still be blocked by some recipient mail servers, depending on how much of a spam pump they've been over the last decade or more.

If you're routing your outbound e-mail from MUAs through your ISP now, then that shouldn't change.
Incoming:
An MX record in your Internet DNS entry is required.
Reply With Quote
Old 4th July 2008
Oko's Avatar
Oko Oko is offline
Rc.conf Instructor
 
Join Date: May 2008
Location: Kosovo, Serbia
Posts: 1,102
Default

Quote:
Originally Posted by Zmyrgel View Post
Yeah, my ISP blocks all outgoing traffic from port 25 unless you route it through them. There shouldn't be any blocking on incoming.

Shouldn't the emails work if I get my domain working properly and use the domain name on the configuration?
No it will not work. I think that you have to go back to square one and rethink whole idea of running your email server.
You need static IP, reverse DNS and MX record to begin with. For all I know your internet provider might be unwilling even to provide you with those because he/she will be in trouble if your "mail server" becomes spam
zombie due to your incompetence to run mail server. DNS/Cable internet provider in US charge anywhere from $20 to upward of $60. No company will give you that price for essentially business account. You are looking at the best $40 more likely something around $100 in internet cost.


Unless you are providing email services to a small office or a group of people there is absolutely no reason for you to run real mail server just for the sake of doing it. You Internet provider will probably more than happy to provide you with couple email accounts that can be accessed via IMAP client and configured to send email via SMTP. Get your self a good email client and you will be happy camper.

Lots of people on this forum like Mutt and if you need real GUI interface on your email account sylpheed, clows, thunderbird, kmail or evolution are choices.

I personally like Nail. If I use GUI I use thunderbird.

Best,
OKO

Last edited by Oko; 4th July 2008 at 02:04 AM.
Reply With Quote
Old 4th July 2008
Zmyrgel Zmyrgel is offline
Port Guard
 
Join Date: May 2008
Posts: 30
Default

Quote:
Originally Posted by Oko View Post
No it will not work. I think that you have to go back to square one and rethink whole idea of running your email server.
You need static IP, reverse DNS and MX record to begin with. For all I know your internet provider might be unwilling even to provide you with those because he/she will be in trouble if your "mail server" becomes spam
zombie due to your incompetence to run mail server. DNS/Cable internet provider in US charge anywhere from $20 to upward of $60. No company will give you that price for essentially business account. You are looking at the best $40 more likely something around $100 in internet cost.
Well, I most likely change my ISP once I move. Theres one server-friendly ISP which gives static IP and reverse DNS. No idea about the MX, though. Also, they don't block any traffic and allow the use of servers with it. An this is consumer line.

Quote:
Originally Posted by Oko View Post
Unless you are providing email services to a small office or a group of people there is absolutely no reason for you to run real mail server just for the sake of doing it. You Internet provider will probably more than happy to provide you with couple email accounts that can be accessed via IMAP client and configured to send email via SMTP. Get your self a good email client and you will be happy camper.
That's true but I still wouldn't know anything about email servers. Setting up a client is the easy thing. I will look into the email server thing more closely before trying it. Can I test email server with Qemu? Use multiple quest OS's, one to provide DNS, one email etc?

As other 'main' services are somewhat familiar to me I thought to try out an email server. You can't learn anything properly by just reading a book. Hands-on experience teaches better.
Reply With Quote
Old 4th July 2008
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 7,975
Default

Quote:
Can I test email server with Qemu?
yes.
Quote:
Hands-on experience teaches better.
Most of the time; but not necessarily when e-mail services are involved. E-mail involves the entire planet; reputation by IP address and CIDR directly effects an ISP's ability to conduct business.

You'll need to spend time investigating these, if you want to be a responsible MTA administrator. There is no complete list, this short will just get you started. In no particular order:
http://www.spamhaus.org/
http://www.trustedsource.org/
http://www.spamcop.net/
http://www.senderbase.org/
http://abuse.net/
http://en.wikipedia.org/wiki/DNSBL
http://www.rfc-ignorant.org/
Reply With Quote
Reply

Tags
mail server, mta, mutt, spamd

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
pf blocking php mail ijk FreeBSD Security 7 30th October 2008 08:33 PM
Sun Java System Web Server - Active Server Pages (yes ASP) hopla FreeBSD General 0 26th September 2008 08:22 AM
Few questions about server(openSSH, apache ,) latorion FreeBSD General 10 11th August 2008 06:59 PM
More mail/groupware questions (Zimbra and Communigate) scottro General software and network 4 9th August 2008 04:08 PM
root mail sheriff26 FreeBSD General 5 2nd July 2008 04:56 PM


All times are GMT. The time now is 08:33 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick