July 2009
A little vacation project: we need this small time (one or two users) IMAP server.
It is going to receive mail via FetchMail
only, and send through a smarthost.
Oh, and we need webpages to be served from it, too.
apt-get install apache2 emacs
(Emacs doesn't have anything to do with Apache, it's just that I use it for editing.)
Edit /etc/apache2/sites-available/default
and append (well, nearly append):
Include /etc/apache2/mods-available/userdir.conf UserDir disabled UserDir enable jurjen folmer UserDir http </VirtualHost>
cd /etc/apache/mods-enabled
sudo ln -s ../mods-available/userdir.load ./
Well, for good measure, we restart Apache:
/etc/init.d/apache2 restart
As mentioned above, we want to receive mail through Fetchmail
, we want to send outgoing mail to a smarthost, and we want to serve IMAP
.
sudo apt-get install postfix dovecot-imapd fetchmail
In /etc/postfix/main.cf
,
set mydestination
to only the names of the local host,
set relay_domains
to the empty string
set relayhost
to the local SMTP server and
set mynetworks
to only the loopback
Oh, and set mail_spool_directory
to /var/spool/mail/
, and don't forget the trailing slash: we want maildir
-style mailboxes.
Configure DoveCot: in /etc/dovecot/dovecot.conf
, set
protocols=imaps
,
disable_plaintext_auth=no
, and
mail_location = maildir:/var/spool/mail/%u:LAYOUT=fs
The rest is default settings.
Create a ~/.fetchmailrc
that says something like:
poll your.imapserver.com protocol imap port 993 user "usermail@your.imapserver.com" with password "blah(versysecr3t)" is "johndoe" here ssl;
Run fetchmail once manually, because fetching a lot of mail from a busy server may take a lot more than one minute.
Then, as the appropriate user, with crontab -e, create a cron job that says:
* * * * * fetchmail >>~/fetchmail.log 2>>~/fetchmail.err
If you drive the mail admin mad with every-minute IMAP sessions, consider reducing the frequency.
With an AllowUsers
line in /etc/ssh/sshd_config
, disallow most users to connect via SSH.
Create a decent firewall config that allows SSH from some hosts, IMAP from any, and that's it. If the machines allowed SSH change a lot, consider tarpitting.