It’s just data

Mail Milestone

Continuing my explorations that started last year at this time.  My goal is to continue to self host my mail archive, while adding allow concurrent access and offline replication on a number of machines.

Following are the components I have installed and configured, with notes of issues I have encountered and resolved along the way.  Everything below is based on Ubuntu 10.04.1 LTS.

Dovecot

Dovecot was not happy with the postmaster listed. Fix was to ensure that the postmaster specified in etc/dovecot/conf.d/01-dovecot-postfix.conf has localhost as the hostname.

user postfix needs to have read access to the SSL pem and key files.  Placed them (mod 0400 owner=dovecot) in /etc/dovecot

Useful command for debugging:

sudo -u dovecot dovecot -a

Postfix

Enabled smtps by uncommenting three lines in /etc/postfix/master.cf

smtps     inet  n       -       -       -       -       smtpd
  -o smtpd_tls_wrappermode=yes
  -o smtpd_sasl_auth_enable=yes

Fetchmail

Add the following to .fetchmailrc:

mda /usr/bin/procmail

Very useful .fetchmailrc keywords for initial testing: uidl and keep

ProcMail

Procmail was not happy with the IPv6 entry for localhost; deleted it from /etc/hosts

Example procmail recipe:

DELIVER="/usr/lib/dovecot/deliver"
:0 w
| $DELIVER

Thunderbird

A number of usability issues, examples:

Worhtwhile add-on: Custom Buttons

Example button:

var file = Components.classes["@mozilla.org/file/local;1"]
          .createInstance(Components.interfaces.nsILocalFile);
file.initWithPath('/usr/bin/ssh');

// create an nsIProcess
var process = Components.classes["@mozilla.org/process/util;1"]
          .createInstance(Components.interfaces.nsIProcess);
process.init(file);

// Run the process.
// If first param is true, calling thread will be blocked until
// called process terminates.
// Params are used to pass command-line arguments
// to the process
// process.run(block, args, args.length);
process.run(false, ['rubix', 'fetchmail'], 2);

For best results, use an 32x32 icon with a transparent background

SpamAssassin

Edit /etd/default/spamassassin:

ENABLED=1

Edit /etc/spamassassin/local.cf:

report_safe 0

Procmail recipe:

# SpamAssassin
:0fw: spamassassin.lock
* < 256000
| spamassassin
:0
* ^X-Spam-Status: Yes
| $DELIVER -m Spam

I was curious if you are fetching mail from more than one server? I tried getting fetchmail/dovecot working in the past but the fetchmail aspect never seemed to work with the exchange server at work. My solution then was to just use offlineimap which seems to do the same thing for the most part and saves mail in the Maildir format. It also seemed to reduce the need for running something like postfix and dovecot since changes get synced via offlineimap. Since all my accounts have spam protection already on the server, setting things up such as spam assassin also wasn’t really necessary. The one gotcha I could see is the smtp side of things. Again, I end up using my work/gmail smtp servers, so I’d be interested in knowing what the benefits are running your own.

Thanks for logging your work.

Posted by Eric Larson at

What? No clamav?

Posted by Jacques Distler at

Eric: yes, I am fetching mail from more than one server — and I split the mail out later using procmail.  I don’t use Microsoft exchange.  As to benefits: I am simply exploring, so I don’t know just yet.  I hadn’t heard of offlineimap, and that does sound interesting.

Jacques, I had never heard of clamav either.  I’ll definitely look into that.

Posted by Sam Ruby at

I’d advise you take a look at fdm: it’s not dissimilar to what you’d get if you combined feetchmail and procmail into a single program. It’s rc file syntax is quite similar to that of fetchmail, but it’s much nicer than procmail. I find it’s worth it even if you’re just passing the buck when it comes to delivery to Dovecot’s LDA, and in my own .fdm.conf file, I’ve a special archival account that archives older mailing list mail more than 90 days old to gzipped mbox files. I also use it for pulling in mail from a few other sources.

Posted by Keith Gaughan at

My first concern with fdm is that I don’t see enough example configuration files posted on the web.  Just as an example, compare fetchmailrc+spamc vs fdm.conf+spamc.

Posted by Sam Ruby at

fdm itself it supplied with a plethora of example configuration files, but here’s my fdm.conf file as it’s rather straightforward: https://gist.github.com/759186

I don’t do any spam filtering on my server yet, but it’s actually quite simple. I was advised by a friend of mine who knows far more about mailserver administration than I ever will that if I set up Spam Assassin to set it up as a Postfix content filter, along these lines: http://howto.gumph.org/content/run-spamassassin-with-postfix/

That has the benefit that it’s ran for all incoming mail. It also simplifies filtering later. In my fdm.conf file, I’d add the following rules before the rules for stripping experimental headers:

match "^X-Spam-Status:[ \t]Yes" in headers action "spam"

I’ve been tempted to use bmf to do a second pass on any incoming mail (its produces headers like SA), so I’d do this instead:

$spam_filter_command = "/usr/local/bin/bmf -p"
$spam_header_pattern = "^X-Spam-Status:[ \t]Yes"
# For piping incoming mail to bmf to rewrite based on it's spamminess.
action "spam-filter" rewrite "${spam_filter_command}"
match not "${spam_header_pattern}" in headers action "spam-filter" continue
match "${spam_header_pattern}" in headers actions { "crap" "spam" }

In your case, as you’d be using spamc on Linux rather than bmf on FreeBSD, you’d replace “/usr/local/bin/bmf -p” with “/usr/bin/spamc” or something along those lines.

Posted by Keith Gaughan at

Add your comment