Create Your Own Email Server Using Ubuntu: Postfix Installation

Postfix Installation: In the beginning, Why maintain a separate email server? You could need to send emails to users of your website or you might wish to keep your emails on your own server to maintain your privacy. However, because there are so many software components you need to install and set up correctly, creating your own email server may pain in the butt. I’m doing a tutorial series on how to set up your own email server on Ubuntu to make the process simple for you.

I am certain that this tutorial series on creating an email server from scratch on the Internet is the best and most complete one available. You’ll not only have a functional email server but also a far deeper comprehension of how email functions. There are 14 sections to this lesson series.

1. Firstly, establishing a simple Postfix SMTP server
2. Secondly, Set up the TLS encryption and Dovecot IMAP server.
3. Thirdly, With PostfixAdmin (MariaDB/MySQL, PostgreSQL), create virtual mailboxes.
4. Making SPF and DKIM records can help you avoid spam filters.
5. DMARC configuration for domain reputation protection
6. 7 Steps to Avoid Having Your Email Flagged as Spam
7. Install Roundcube Webmail (PostgreSQL, MySQL, MariaDB) on Ubuntu.
8. How to Use PostfixAdmin to Host Multiple Mail Domains
9. Spam email blocking using Postfix
10. Using SpamAssassin to stop email spam
11. Configuring ClamAV and Amavis on the Ubuntu mail server
12. How to Use a Self-Hosted VPN Server to Protect Email Servers from Hacking
13. Finally, How to Avoid Blacklists for Email (optional) Block Spambots by enabling and configuring Postscreen in Postfix

I am aware that this appears like a really difficult undertaking.

You might not need to adhere to all of them, though, depending on what you want to accomplish. If you take the time to read and implement my articles, you will have a functional email server.

Part 1 of this lesson series is this article. I’ll demonstrate how to set up a very basic Postfix SMTP server, commonly calling as an MTA, in this post (message transport agent). After reading this article, you ought to use your own email domain and email server to send and receive emails. On servers running Ubuntu 18.04, 20.04, and 22.04, this guide has been tested.

Postfix Installation: What Postfix is

A modern message transport agent (MTA), often known as an SMTP server, Postfix provides two functions.

It is in charge of moving email from a mail client/mail user agent (MUA) to a distant SMTP server.

Additionally, emails from other SMTP servers are accepted via it.

Wietse Venema, a Unix and security expert, created Postfix. It is simple to use, built with security and flexibility in mind, and each module operates with the least amount of privileges necessary to do its task. Since Unix/Linux and Postfix are so closely integrated, Postfix does not provide any features that Unix/Linux already has. It is dependable in both easy and challenging circumstances.

The initial purpose of Postfix was to replace Sendmail, the standard Unix SMTP server. In contrast, Postfix is simpler to set up and more secure. Your current scripts and applications will continue to operate without any issues if you remove Sendmail and replace it with Postfix since it is compatible with Sendmail.

You will discover how to set up Postfix for a single domain in this article.

Postfix Installation: Selecting the Best Hosting Company

Finding a VPS (Virtual Private Server) provider suited for the email hosting is a difficult undertaking. Port 25 is blocked by several hosting firms, including DigitalOcean. You will need to build up an SMTP relay to get over blocking as DigitalOcean would not open port 25, which might result in further costs. The default setting for Vultr VPS is to block port 25. If you submit a support ticket, they will unblock it; but, if they determine that your email sending behavior is not permitted, they may reblock it at any moment. In fact, if you utilize Vultr’s servers to distribute newsletters, they could re-block it.

Another issue is that spammers take use of well-known, large hosting companies like DigitalOcean and Vultr.

In order to create a mail server, Kamatera VPS is a fantastic choice because

• Port 25 is not blocked by them.
• No email blacklists contain the IP address. (In my situation, at least, this is accurate. The Dallas data center was my choice.) You definitely don’t want your name to be on the notorious SpamRats or Microsoft Outlook IP blacklist. Some blacklists completely restrict an IP range, and there is no method to remove your IP address from these blacklists.
• To increase the deliverability of emails, you can update PTR records.
• Without any hourly or daily restrictions, you are able to send newsletters to your email subscribers. Please be aware that sending spam, also known as unsolicited mass emails, is not permitted.

I advise using the instructions in the tutorial provided below to set up a Linux VPS server on Kamatera correctly.

How to Install Linux on a Kamatera VPS Server

A domain name is also necessary. Due to NameCheap’s inexpensive cost and free lifetime whois privacy protection, I chose them to register my domain name.

Postfix Installation: Pre-Installation Steps for Postfix

You must correctly configure your Ubuntu server for Postfix in order to improve Postfix’s performance and get the most out of it.

Postfix Installation: Choose the Proper Hostname for the Ubuntu Server

When interacting with other MTAs, Postfix by default uses your server’s hostname to identify itself. There are two types of hostnames: single words and FQDNs.

mail.linuxbabe.com

an FQDN is. linuxbabe.com is the domain name, and mail is the node name. The SMTP banner will display the FQDN. If your Postfix does not specify FQDN in the SMTP banner, some MTAs will refuse messages. To check that the FQDN in the SMTP banner corresponds to the IP of your mail server, some MTAs even do a DNS query.

To view your hostname in FQDN format, enter the command below.

hostname -f

You may use hostnamectl to create an FQDN for your Ubuntu server if it doesn’t already have one.

sudo hostnamectl set-hostname your-fqdn

Mail.yourdomain.com is a typical FQDN for a mail server. To notice this modification at the command prompt, you must log out and then log back in.

Postfix Installation: Setup Your Mail Server’s DNS Records

An MX record notifies other MTAs that your mail server is sending messages. Email delivery for your domain name is handled by yourdomain.com.

MX record    @           mail.linuxbabe.com

The MX host sometimes referring to as mail.yourdomain.com. You may establish a priority for your mail servers and specify several MX records. Higher priority indicating by a lower number.

Here, we utilize a single MX record, with the priority value set to 0. (0 – 65535).

Remember to specify @ or your apex domain name in the name box when creating the MX record, as seen below. A domain name without any sub-domains is called an apex domain name.

An entry

An IP address is assigned to an FQDN via an A record.

mail.linuxbabe.com        <IP-address>

AAAA score

It’s also a good idea to create an AAAA record for mail.yourdomain.com if your server utilizes IPv6.

mail.linuxbabe.com        <IPv6-address>

Record PTR

An FQDN is mapped from an IP address using a pointer record, or PTR record. It is used for reverse DNS (rDNS) lookup and is the A record’s equivalent.

Spam may stop by using PTR records and reverse IP address resolution. Many MTAs only accept emails from servers that are actually in charge of a certain domain. Setting a PTR record for your email server can help ensure that your emails reach the recipient’s inbox rather than their spam bin.

Use the following command to examine a PTR record for an IP address.

dig -x <IP> +short

or

host <IP>

Your domain registrar does not handle PTR record management. It is run by the company that assigns you an IP address. You must set a PTR record for your IP address in the control panel of your hosting provider as you receive your IP address from them and not from the domain registrar. The hostname of your mail server, mail.your-domain.com, should have its value. Add a PTR record for your IPv6 address if your server has one if it does.

Log into the Kamatera client area, create a support ticket, and instruct them to add a PTR record for your server IP addresses to direct the IP address to mail.your-domain.com in order to update the reverse DNS record for your Kamatera VPS. You might think it’s inconvenient, however, this is done in order to prevent spammers from using the network, giving reputable email senders like ourselves a good IP reputation.

Actually, Gmail will look for the A record for the hostname listed in the PTR record. Gmail will take your email if the hostname resolves to the same IP address. Otherwise, your email will reject.

Let’s play with Postfix after completing the aforementioned tasks.

Setting up Postfix

Run the next two commands on your Ubuntu server.

sudo apt-get update

sudo apt-get install postfix -y

You will prompt to choose a mail configuration type. In most cases, you should pick the second option: An online site.

• Firstly, No configuration indicates that no parameters will be configured during installation.
• Internet Site refers to the process of utilizing Postfix to send and receive emails from different MTAs.
• Utilizing a smart host over the internet entails using postfix to accept emails from other MTAs and a different smart host to forwarding emails to the receiver.
• Using a satellite system entails sending and receiving emails through a smart host.
• Email transmission is local only if it happens solely between local user accounts.
• Nextly, input your domain name—that is, the domain name following the @ symbol—for the system mail name. For instance, I entered linuxbabe.com for the system mail name because my email address is [email protected]. Addresses without a domain name will have this domain name apply to them.

After installation, Postfix will launch immediately and produce a /etc/postfix/main.cf file. With this command, we can now determine the Postfix version:

postconf mail_version

Ubuntu 20.04 ships with version 3.4.10 of Postfix, whereas Ubuntu 22.04 delivers with version 3.6.4.

mail_version = 3.6.4

The Postfix master process is listening on TCP port 25 according to the socket statistics tool ss.

sudo ss -lnpt | grep master

The command below will display all of the binaries that are shipping with Postfix and located in the /usr/sbin/ directory.

dpkg -L postfix | grep /usr/sbin/

Output:

/usr/sbin/postalias
/usr/sbin/postcat
/usr/sbin/postconf
/usr/sbin/postdrop
/usr/sbin/postfix
/usr/sbin/postfix-add-filter
/usr/sbin/postfix-add-policy
/usr/sbin/postkick
/usr/sbin/postlock
/usr/sbin/postlog
/usr/sbin/postmap
/usr/sbin/postmulti
/usr/sbin/postqueue
/usr/sbin/postsuper
/usr/sbin/posttls-finger
/usr/sbin/qmqp-sink
/usr/sbin/qmqp-source
/usr/sbin/qshape
/usr/sbin/rmail
/usr/sbin/sendmail
/usr/sbin/smtp-sink
/usr/sbin/smtp-source

Firewall: Allow TCP Port 25 (Inbound)

To receive emails from other SMTP servers, Postfix requires the incoming TCP port 25 to be accessible. A firewall does not enable by default in Ubuntu. The following command must use to open port 25 (inbound) if the UFW firewall has been configured.

sudo ufw allow 25/tcp

The mail server’s open ports can then scan using an Internet port scanner. Select “Scan all popular ports” and enter the public IP address of your mail server.

Testing for blockage of TCP Port 25 (outbound)

Also, To transmit emails to other SMTP servers, Postfix needs the outgoing TCP port 25 to access. Your hosting company manages the outgoing TCP port 25, and we may install the telnet tool to see if it’s open or banned.

sudo apt install telnet

On your mail server, use the following command.

telnet gmail-smtp-in.l.google.com 25

So, You would receive notifications similar to the ones below, which show that a connection was properly created if it wasn’t banned. (Tip: To end the connection, type quit and press Enter.)

Trying 74.125.68.26...
Connected to gmail-smtp-in.l.google.com.
Escape character is '^]'.
220 mx.google.com ESMTP y22si1641751pll.208 - gsmtp

You would see something like this if port 25 (outbound) was blocking:

Trying 2607:f8b0:400e:c06::1a...
Trying 74.125.195.27...
telnet: Unable to connect to remote host: Connection timed out

Your Postfix is unable to send emails to other SMTP servers in this situation. Request that the outgoing port 25 open your ISP or hosting company. If they reject your request, you must set up an SMTP relay to get around the VPS’s banning on port 25 or use one that doesn’t, like Kamatera.

Also, Can I change port 25 to another port to get around blocking, may some people ask? No, is the response. Only when you have control over both the server-side and client-side can you change the port. Postfix serves as the SMTP client while sending emails. The SMTP server is the recipient’s mail server. The SMTP server that receives messages is not within your control. Emails can receive on port 25 via SMTP servers.