Creating your own Mail Server (Amazon ec2, Postfix, Dovecot, Postgresql, Amavis, Spamassassin, Apache, and Squirrelmail) PART 2

<< Go back to Part 1 (If you haven’t already read it)

Wait- the rest is easy?

So you’ve got your very own server, a domain that points to it, and a way to connect! We’re almost done believe it or not. Instead of telling you how to configure every little piece yourself, I’m going to provide you with a bash script that will do it all for you. Essentially you just have to download the script, and then it will build the amazon ec2 mail server after you change a couple of important variables.

IMPORTANT* If you are an experienced user and wish to suggest changes to the script on github, feel free to do so;

https://github.com/Avix101/Mail-Server-Script

My goal is to keep the script functional and also improve the integrity of the setup it provides whenever possible. If you don’t want to make the changes yourself but wish to point out something, you can comment below this post- I will read and respond to as much as I can and also work on making fixes. A note of honesty from me- it will be quicker to implement fixes / changes if I can just review them and commit versus writing them myself.

Now that you know how to help me help you, let’s continue!

Step 1: Preliminary Server Setup

If you haven’t already switched over to your server, login via ssh.

 ssh nameOfServer 

Currently you will be a user named ec2-user. We need to upgrade your privileges before continuing. To become the root user, type the following command;

 sudo su 

Now let’s install emacs, a powerful text editor and git, the tool we’ll use to grab the script. Then, make a directory to store the mail script in and download it.

 yum install emacs git -y

git clone https://github.com/Avix101/Mail-Server-Script.git

cd Mail-Server-Script

ls (to display contents)

 

Now that you have the script, we have to adjust a couple of variables before running it. If you only have one domain that you want to receive mail for, only put one between the quotes of virtual_mailbox_domains. If you have multiple, add them all delimted by a single space, and make sure the one you want to use to connect via http and https is the first domain.

emacs super.sh

#### In this file change
virtual_mailbox_domains="yourdomain.com secondDomainIfYouHaveOne.com ..." (Only enter one if you only have one)
default_password="whateverYouChoose"
 

Step 2: Running the Script

Once done, type ctrl+x -> ctrl+s to save, and ctrl+x -> ctrl+c to exit. At this point everything should be ready to go. Just type the following command, sit back, and watch the magic. The script usually takes about 3-4 minutes to complete if you have a stable internet connection.

 ./super.sh 

Once done (assuming no error messages popped up) the server should be completely configured! You should be able to log into https://yourdomain/mail (you won’t have valid certs installed at this point, so expect the browser to say it’s an untrusted connection) with the default account: user=admin@yourdomain.com pass=default_password

Step 3: Tell Amazon to lift Email Sending Limitations

In order to send email from an Amazon ec2 instance, you’ll have to fill out a request to have the email sending limitations removed from your aws account. The form can be found here. Type in your email (not the one you just setup), and tell them why you want to have the limitations removed. Explain that you are trying to build a personal mail server with packages like Postfix and Dovecot. Then, supply them with the elastic IP address that you are using for your server. Where it asks for a Reverse DNS Record, type mail.yourdomain.com. If you want to clarify, in the case description explain that your domain is yourdomain.com and mail that you send is being flagged as spam, so you would like to setup a reverse DNS record for mail.yourdomain.com. This process will take some time, but upon completion you should be all set to go. The only additional thing you may want to look into is obtaining certificates for your site. If you are interested in doing that and need help, keep an eye out for part 3 of this series, or tell me that you need help with it, in which case I’ll write part 3 faster.

*IMPORTANT NOTICE (9/21/16):

DO NOT USE THIS SCRIPT FOR ANYTHING BUT A NEW INSTANCE. Or just be warned of the risks. Use snapshots to ensure the safety of your content.

UPDATE: I have been able to successfully install the script on a new instance after making a few fixes. We are back on a stable release. The script should complete successfully if all instructions are followed.

Test Parameters (9/22/16):

Script runs on a brand new Amazon Linux instance Passed
Script runs without throwing errors Passed
Script runs without throwing warnings – (Some inconsequential Dovecot semantics)
No extra steps required outside of the guide Passed
Apache starts and /mail is accessible Passed
Sent and received email from a Google account to new server Passed
Detected default spam flag and placed in junk folder Passed

Please enjoy, and continue to update me on issues as they arise.

Creating your own Mail Server (Amazon ec2, Postfix, Dovecot, Postgresql, Amavis, Spamassassin, Apache, and Squirrelmail) PART 1

Preface

Have you ever wanted to host your own mail server? Have you ever tried to do so and realized that there are a lot of messy moving parts that are difficult to configure? Maybe you’ve scoured the internet for a comprehensive guide that gets you right from point A to point B only to realize everything you find is a little bit wrong or differs slightly from your desired configuration- enough to ruin the entire setup. If that sounds like you, then I can relate to your struggles. My goal is to provide you with an easy guide to get your own mail server up and running in less than an hour. Yes, in less than an hour- because who wants to spend more than an hour being frustrated and confused? A normal human being doesn’t, so I’ll cater my sentiments to the perspective of a normal human being. If you are new to all of this and thinking, “I really just don’t know where to begin!”, then please look no further, you will be happy with what you find here. If you are a veteran of configuring mail servers, then I should still be able to help you get a good jump start with Amazon EC2. You will of course need to eventually understand how everything fits together, especially if you want to make further adjustments to your server later in time, but it’s nice to have something that works first, so you can have a V 1.0 to fall back on.

Important notes about the setup I’ll be providing you;

The system uses:

-Postfix as the smtp agent

-Dovecot as the client-side connect and mailbox manager

-Postgresql database to handle mail users, mail transports and the Spamassassin database

-Amavis (w/ Clamav & Spamassassin) for protection against viruses sent through email, and to facilitate an adaptive spam detection system that learns and corrects its behavior for each individual user

-Spamassassin as the spam filter and bayes to learn spam from ham and ham from spam

-Apache as the web setup, enables http & https connections to your site

-Squirrelmail as the default webmail. After the server is setup you will be able to check your email on yourdomain.com/mail from any browser on any device

The system supports:

-Multiple transports for different domain

Enough blabbering on my part… let’s get to the actual setup. I’m going to write this guide for a beginner so I apologize if my explanations are too lengthy/ specific for your tastes. Feel free to skip over parts you deem irrelevant to you.

Step 1: Getting your own FQDN (Fully Qualified Domain Name)

Unfortunately it is literally impossible to receive mail with your own server if you do not have control over a domain name. Luckily however, it is not hard to get one without emptying your pockets. Since we’ll be using Amazon Web Services (AWS) for just about everything server related, let’s get our domain from them too (Click me). You will need to go through the process of signing up for an AWS account. Even if you already have a domain you will need to do this. It is important to note that they require credit card information and a valid email address. Upon signing up they will bill your credit card $1.00- But the charge will fall off in a matter of days! They do that just to make sure your credit card is actually billable.  Once you have a valid AWS account you’re ready to get started. Log into your developer console and go to Route 53.

route53

Then click on Registered Domains.

Registered Domains

Finally click on Register Domain, and go through the process of grabbing a name that points to you on the internet! You can type in various names and change the site extension as you check which names are available. Note that the site extensions vary greatly in price, so if cost is a concern, it may be best to stick with a .com. Once you have selected your name, give Amazon your contact information. After you have done that and paid for your shiny new domain name, that’s it! Now it’s time to start a server for your domain to point to.

Step 2: Getting your server up and running

Open a new tab back to the AWS Management console, and go to EC2.

EC2-icon

 

Once in that menu, go to Instances and then Launch Instance. When asked to choose an AMI, choose “Amazon Linux”. This part is imperative. If you choose a different AMI, this guide won’t be able to help you.

 

Amazon Linux AMI

 

When it comes to choosing an instance type I recommend going with t2.micro at least to start with. It will likely not cost you more than a dollar a month for the first year of operation if you just signed up for your AWS account. So again if money is something you’re watching right now, go with the micro. It has enough power to run a mail server efficiently. If you want to run a website on top of that, you may require a t2.small but you can easily switch later so I still recommend grabbing a micro before you know how much power your need. If you opt to grab a bigger machine be wary, you will not be covered by the free tier and costs will begin to accumulate. (If you are curious about Amazon Instance pricing -> Click Me ) From personal experience running a t2.small will cost around $200 per year if it’s running every hour of every day.

Unless you know what you are doing it would probably be best to skip configuring the instance and adding storage. When it gives you a chance to tag the instance, you can name it by typing something in the box next to “Name”.

For security groups I would add a new one, and add the following rules: SSH, HTTP, HTTPS, SMTP, SMTPS, IMAP, IMAPS, PostgreSQL, Custom TCP Rule (Port: 587). For each of those rules the set the Source to “Anywhere”. Next, review and launch the instance!

When launching, Amazon will ask you to create or use an existing key pair. If you’re creating one for the first time, give it a suitable name and download the file.

Next, open a terminal window (ctrl+alt+T) (ctrl+meta+T)

mv /path/to/downloaded/key ~/.ssh/name_of_key

Then open up the file located at ~/.ssh/config and add the following entry:


Host nameOfServer (Arbitrary)
   User ec2-user
   HostName serverName (example.com)
   IdentityFile /Path/To/Keyfile

After the next step, you should be able to ssh into your new server by just typing in the terminal;

ssh nameOfServer

You can always start, stop, reboot, terminate, and generate new instances from the amazon console, so don’t worry if you didn’t get something quite right. There will be plenty of chances to fix the settings or launch a new server. As long as you’re smart about how many instances you have running at once you probably won’t incur any charges. When I was experimenting with AWS I launched and terminated at least 30 instances before getting it right, and they didn’t charge me a penny.

Once you have at least one instance running you can begin step 3.

Step 3: Configuring your domain to have an IP address and relevant records

Okay, so now your very own domain, server, and a way to log in. The next step is to connect all of these pieces and have them work in tandem! The first thing to do is go back into Amazon’s EC2 menu, and select the Elastic IPs tab. Once everything loads you will see a button Allocate New Address, go ahead and grab a new IP. Once you have it, select the IP and go to the Actions menu and select Associate Address. Click on the Instance window and select the Amazon EC2 instance you would like to use as your server. Note that you can re-associate the elastic IP if you need to switch to a new or different server in the future, it’s easy and free (for the first 100 switches each month). Awesome! You’ve just put a big name tag on your server for the whole internet to see, now we need to make it one that humans will like using.

Copy the Elastic IP address one way or another (write it down, highlight and copy… whatever you’d like). After doing that return to Route 53 on the Amazon Console. Once there, select Hosted Zones. Amazon most likely created a hosted zone for your domain when you bought it from them, but if they didn’t, go ahead and create a new one.

You will need to create 4 new records for your domain:

1. no name; A – IPv4; Alias NO; TTL 60 secs; Value PASTE ELASTIC IP HERE

2. no name; MX – Mail Exchange; Alias NO; TTL 60 secs; Value 10 mail.yourdomain.com

3. name *; A – IPv4; Alias NO; TTL 60 secs; Value PASTE ELASTIC IP HERE 

4. name mail; A -IPv4; Alias NO; TTL 60 secs; Value PASTE ELASTIC IP HERE

After these records have been set, your domain name should point to the elastic IP address, which in turn points to your Amazon EC2 server. This makes switching servers easy- all you have to do is re-associate the elastic IP and within a minute your domain should be pointing to your selected server.

You’ve done it! You have your very own domain, and a server that it points to. Try to ssh into your server and make sure you can connect. As long as you can, you’re ready to build your mail server!

Continue to PART 2 >>