Running mailserver is hard man

alilet

For the past few days I am reading up on setting up postfix and dovecot because I like to live dangerously. Today I followed the following tutorial and setup everything. IT WAS VERY HARD MAN! even though I followed tutorial and I just had to run commands but still it was very taxing on my mind to understand what does what and I feel like my mind has been drained. There are so many things to do to run a mail server.

https://www.linode.com/docs/email/postfix/email-with-postfix-dovecot-and-mysql/

Anyway the problems I am facing are two:

1. I am able to send email BUT I have to open outgoing port 25. I know SMTP is 25 but I have enabled TLS (or may be SSL) and I assume it should be using port 587 or 465 but if I keep outgoing port 25 blocked through ufw then mail doesn't go. And when I check the email on GMail client on Android, it is showing Standard encryption (TLS) so I believe it is using TLS to send email then why do I have to keep port 25 open?

2. I am unable to receive email. Send email from GMail to my mailserver does nothing. When I used MXRoute (I have one domain there) to send email to myself, the email returned with following message:

host smtp-out.mxroute.com[xxx.xxx.xxx.xxx] said: 550
5.1.2 email1@mydomain.com: Recipient address rejected: Malformed DNS
server reply (in reply to RCPT TO command)

I don't know what this means. I even opened incoming port 25 but same result. I haven't setup any SPF, DKIM, Reverse DNS so may be this is the issue?

SirFoxy

Calculate the time spent vs paying Google $5 for incredible spam filters & delivery.

eKo

Mail-in-a-Box Should work nicely!

amsaal

try mailcow hosted or run in house server or in a VPS

OsirisBlack

Maybe do some tests using mxtoolbox dot com. Good place to start.

alilet

@SirFoxy said:
Calculate the time spent vs paying Google $5 for incredible spam filters & delivery.

Yeah but $5 > $0 and me being a true LET member so....

alilet

@eKo said:
Mail-in-a-Box Should work nicely!

this looks like a simplified one-in-all mail server solution, correct?

alilet

@amsaal said:
try mailcow hosted or run in house server or in a VPS

is mailcow easier to setup than postfix?

SirFoxy

@alilet said:

@SirFoxy said:
Calculate the time spent vs paying Google $5 for incredible spam filters & delivery.

Yeah but $5 > $0 and me being a true LET member so....

Lol I think most of LET realized mail servers aren't worth your time but hey if you enjoy it u do u fam

alilet

@OsirisBlack said:
Maybe do some tests using mxtoolbox dot com. Good place to start.

This is a good idea. I have now shutdown the VPS because I am too scared to keep it running (you know someone finding out and IP black listing and all) so will try this tomorrow.

deank

@SirFoxy said:
Lol I think most of LET realized mail servers aren't worth your time but hey if you enjoy it u do u fam

Yeah, most pay 3rd party to do mail delivery nowadays.
Seriously not worth the extra headache.

OsirisBlack

@alilet said:

@OsirisBlack said:
Maybe do some tests using mxtoolbox dot com. Good place to start.

This is a good idea. I have now shutdown the VPS because I am too scared to keep it running (you know someone finding out and IP black listing and all) so will try this tomorrow.

Hopefully will flag up where you might need to change some settings
Generally my first port of call when setting up a mail server and its not playing ball!

Good luck !

notty

Delivery is the hard part, as others have pointed out. You can still use postfix, but if you set up a smarthost for mail delivery (via SES/Mailgun/etc) your life will be much easier.

alilet

@notty said:
Delivery is the hard part, as others have pointed out. You can still use postfix, but if you set up a smarthost for mail delivery (via SES/Mailgun/etc) your life will be much easier.

This is the plan. But one thing I am unable to figure out is how do I authenticate my users and then relay that mail to another smtp (sendgrid, mailgun etc) for delivery. So for e.g.

[email protected], [email protected], [email protected] sends email via mail.mydomain.com (this is my server) which is relayed to sendgrid for delivery

[email protected], [email protected], [email protected] needs to authenticated by my server before they can send email

alilet

@deank said:

@SirFoxy said:
Lol I think most of LET realized mail servers aren't worth your time but hey if you enjoy it u do u fam

Yeah, most pay 3rd party to do mail delivery nowadays.
Seriously not worth the extra headache.

Yeah I am using MXRoute BF2018 plan which is perfectly fine for my needs. This is just for a project which I have in my mind. You are right it's really headache.

jar

alilet said: I am unable to receive email. Send email from GMail to my mailserver does nothing. When I used MXRoute (I have one domain there) to send email to myself, the email returned with following message:

Here's a look. I censored your domain:

➜ ~ dig MX {yourdomain} +short
1 \@.

Your DNS server is literally returning the value "1 \@." for the MX record. Weird.

Jarry

Instead of discouraging you I'll try to address your problems:

1. if you want to have public mail server, you have to open port 25. Not every mail-server is using smtps/465 but every one is using smtp/25 (587 is for message submission, not server2server communication).

2. error message says it all: check your dn-server for proper MX, A and PTR records

Mr_Tom

alilet said: is mailcow easier to setup than postfix?

Well, mailcow covers all other issues such as dovecot/gui/spam filtering, postfix is the an MTA.

If you're comfortable with docker, mailcow is pretty straight forward to setup.

alilet

@jar said:

alilet said: I am unable to receive email. Send email from GMail to my mailserver does nothing. When I used MXRoute (I have one domain there) to send email to myself, the email returned with following message:

Here's a look. I censored your domain:

➜ ~ dig MX {yourdomain} +short
1 \@.

Your DNS server is literally returning the value "1 \@." for the MX record. Weird.

I am using CloudFlare and here are my entries:

Type        Name                  Content                  Priority
A           mydomain.com          xxx.xxx.xxx.xxx
CNAME       www                   mydomain.com
MX          mail                  @                           1
MX          mydomain.com          @                           1

I believe instead of @ I should be using IP of my VPS. Surprisingly I am able to send email to GMail, MXRoute and it goes directly into inbox and not spam.

alilet

@Jarry said:
Instead of discouraging you I'll try to address your problems:

1. if you want to have public mail server, you have to open port 25. Not every mail-server is using smtps/465 but every one is using smtp/25 (587 is for message submission, not server2server communication).

2. error message says it all: check your dn-server for proper MX, A and PTR records

Can you please elaborate a more on port 587 message submission vs server2server communication part?

SirFoxy

First issue I see is no SPF, it's very important. Even with hosted mail.

manish

What is your score at http://mail-tester.com?

AlwaysSkint

Running mailserver is hard man

Sounds like a newspaper headline about Jason Statham quickly delivering post. :-|

alilet

@manish said:
What is your score at http://mail-tester.com?

No idea. Will check tomorrow.

raindog308

AlwaysSkint said: Sounds like a newspaper headline about Jason Statham quickly delivering post. :-|

Time for a remake?

jar

alilet said: I believe instead of @ I should be using IP of my VPS. Surprisingly I am able to send email to GMail, MXRoute and it goes directly into inbox and not spam.

Can't use an IP as an MX, but you can make an A record for the VPS like "mail.mydomain.com" and then set the MX record to "mail.mydomain.com" instead.

amsaal

@alilet said:

@amsaal said:
try mailcow hosted or run in house server or in a VPS

is mailcow easier to setup than postfix?

yes one of the easiest docker mail setup you can find on the internet. If you google mailcow dockerized you will get lots of tutorial for your OS Linux

FrankZ

alilet said: Can you please elaborate a more on port 587 message submission vs server2server communication part?

port 587 would be used for your users to authenticate their local client at your mail server to send mail, or for your mail server to authenticate so as to relay mail through mxroute ( or other mail relay service).
This is an example of a sendmail argument to relay all out going mail through mxroute using port 587.

define(`SMART_HOST',`mailhost.mxlogin.com')dnl  
define(`RELAY_MAILER_ARGS',`TCP $h 587')    
define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl     
FEATURE(`authinfo',`hash /etc/mail/authinfo')dnl

Inbound mail servers are not that hard AFTER you get it all set up.
Outbound is always changing and why after many years of running mail servers I decided that I'll let mxroute handle outbound delivery.

EDIT: mxroute login details, username, and password are stored in /etc/mail/authinfo in the above example.

yongsiklee

@alilet said:
For the past few days I am reading up on setting up postfix and dovecot because I like to live dangerously. Today I followed the following tutorial and setup everything. IT WAS VERY HARD MAN! even though I followed tutorial and I just had to run commands but still it was very taxing on my mind to understand what does what and I feel like my mind has been drained. There are so many things to do to run a mail server.

https://www.linode.com/docs/email/postfix/email-with-postfix-dovecot-and-mysql/

Anyway the problems I am facing are two:

1. I am able to send email BUT I have to open outgoing port 25. I know SMTP is 25 but I have enabled TLS (or may be SSL) and I assume it should be using port 587 or 465 but if I keep outgoing port 25 blocked through ufw then mail doesn't go. And when I check the email on GMail client on Android, it is showing Standard encryption (TLS) so I believe it is using TLS to send email then why do I have to keep port 25 open?

2. I am unable to receive email. Send email from GMail to my mailserver does nothing. When I used MXRoute (I have one domain there) to send email to myself, the email returned with following message:

host smtp-out.mxroute.com[xxx.xxx.xxx.xxx] said: 550
5.1.2 email1@mydomain.com: Recipient address rejected: Malformed DNS
server reply (in reply to RCPT TO command)

I don't know what this means. I even opened incoming port 25 but same result. I haven't setup any SPF, DKIM, Reverse DNS so may be this is the issue?

Unless you want to make living on hosting mail server, just leave it to those who know what they are doing. Running a mail server no more have to do with just configuring your box. It now involves a whole lot of other stuff including Artificial Intelligence.

sanvit

@alilet said:

@jar said:

alilet said: I am unable to receive email. Send email from GMail to my mailserver does nothing. When I used MXRoute (I have one domain there) to send email to myself, the email returned with following message:

Here's a look. I censored your domain:

➜ ~ dig MX {yourdomain} +short
1 \@.

Your DNS server is literally returning the value "1 \@." for the MX record. Weird.

I am using CloudFlare and here are my entries:

Type        Name                  Content                  Priority
A           mydomain.com          xxx.xxx.xxx.xxx
CNAME       www                   mydomain.com
MX          mail                  @                           1
MX          mydomain.com          @                           1

I believe instead of @ I should be using IP of my VPS. Surprisingly I am able to send email to GMail, MXRoute and it goes directly into inbox and not spam.

You don't need an MX record for mail, and set the MX record for mydomain.com to a domain pointing to your mailserver, and set the SSL key on postfix (if you want to enable SMTPS). AFAIK pointing MX record to an IP address should technically work, but never done it.

IMO the best way is using mail-in-a-box or Mailcow (what I'm currently using)

xyphos10

@alilet, use mailcow, it is easy to setup using the documentation, it is actively being developed/updated and the developer usually answers github issues quickly.

https://mailcow.github.io/mailcow-dockerized-docs/