my own mail server

Place to discuss Fedora and/or Red Hat
Post Reply
byrdman
administrator
administrator
Posts: 225
Joined: Thu May 08, 2003 1:59 pm
Location: In the cloud

my own mail server

Post by byrdman » Sat Nov 12, 2005 10:20 pm

I am trying to get my own mail server up and running. I have a fresh updated install of FC4 and sendmail is working good cause it can send out mail to an outside mail accound. I downloaded Dovecot and got IMAP working but havn't changed any of the configs. Doing a netstat, I can see that I am listening on 0.0.0.0:143 for IMAP. My firewall has a policy that is allowing 143 in and iptables is off, along with selinux. I was wondering if anyone knows of how to config IMAP so I can have people connect to my mail server and send/recieve mail. Another issue which boggles me is that I can not telnet to port 143 or 25 but can telnet to port 80, which my webserver is at. The policies are exactly the same, so I am not so sure it is a firewall issue. But on the same lines as that, I can telnet to these ports using the "localhost" but not the FQDN of the dyndns name...any help would be great. Thanks

ZiaTioN
administrator
administrator
Posts: 460
Joined: Tue Apr 08, 2003 3:28 pm
Contact:

Post by ZiaTioN » Sat Nov 12, 2005 11:11 pm

Couple of things:

Me personally, I would go with Postfix over sendmail. Seems to be a little more robust than sendmail with all the functionality of sendmail. Next if you want an actual email environemnt that users can login into and get and send email I would use SquirrelMail. It is a PHP based webmail application.

Second 0.0.0.0 is not a valid listening address to accept any socket connections. You need to configure your mail server, which ever one you choose, to listen on your interface that connects to the internet (more than likely eth0). Then verify your iptable rules again to make sure your firewall is not blocking. Also who is resolving your domain name? I assume you have a registered domain name that is also resolving your mail server? If you run your own DNS server you will have to add an entry to your zone file for your specific domain name that tells your mail traffic where to go. If you do not resolve your own domain name your host will have to allow for mail forwarding and configure this for you.

Sending mail with a default install of sendmail is somewhat trivial but to setup a full blown email server that has send, receive and forward capabilities envolves a few steps. I currently have a postfix server running and forwarding mail on multiple domains so if this is the route you choose I may be able to help further. I also host my own DNS server though so this makes it easy for me.

byrdman
administrator
administrator
Posts: 225
Joined: Thu May 08, 2003 1:59 pm
Location: In the cloud

Post by byrdman » Sun Nov 13, 2005 12:12 am

Well, yes, I pretty much have the default setup of Sendmail. I edited the sendmail config file so my domain ( which is through dyndns) is sending correctly. When I send mail out by logging in to the FC box as a user and piping a command to a mail (ls -al | mail -s test outsideuser@outsideserver.com) it goes and everything, including the header seem right, as far as showing my correct dyndns name. But when trying to config Evolution, Outlook Express, etc to try to connect to the IMAP server or even the POP3, I cannot connect. As I have been looking around tonight, I am starting to wonder if it is a firewall rule. Like I said, I have a Juniper/Netscreen firewall/VPN device at my house with a cable modem and dyndns resolving my dns name. I have three inbound rules on my firewall. One for port 80, one for 143, and one for 110. I can telnet to 80 but nothing else. I even removed the port 80 but still the same.

Is Postfix easy to config? This really is just to host my own server. Void, I think you know what I am trying to do, because I asked for the homeip domain from you. So it is really not more then gaining expierence in setting up my own servers. By the way Void, I have some old Optiplexes if you need any...:)

User avatar
Void Main
Site Admin
Site Admin
Posts: 5716
Joined: Wed Jan 08, 2003 5:24 am
Location: Tuxville, USA
Contact:

Post by Void Main » Sun Nov 13, 2005 8:41 am

I run sendmail with excellent results. I also have spamassasin and clamav hooked in and I've only had 1 spam message make it into my inbox since getting it tweeked to my liking months ago. I also run squirrelmail for web based mail access. The nice thing about all of this is it's extremely easy to get everything to work and it's mostly default setups and just a couple of "apt-get install xxx" commands away.

Regarding not being able to telnet to port 25 you need to set sendmail to listen on your network interfaces. It comes default set to listen on localhost only (security). To do this just comment out the line in your /etc/mail/sendmail.mc (the only config file you need to mess with) that contains "127.0.0.1". To comment a line in this file start it out with "dnl". If you want to configure spamassassin and clamav you'll need to also add a config line for each of these in the sendmail.mc. After making changes to the sendmail.mc you need to restart it:

# service sendmail restart

You don't really want to change the sendmail config (sendmail.cf) because this file is automatically generated and will get overwritten if you restart sendmail after making a change to "sendmail.mc".

For imapd, make sure the dovecot service is started:

# chkconfig dovecot on
# service dovecot start

Make sure you aren't blocking the imap ports with iptables. If you want help getting spamassassin and clamav going I can help with that too.

User avatar
Void Main
Site Admin
Site Admin
Posts: 5716
Joined: Wed Jan 08, 2003 5:24 am
Location: Tuxville, USA
Contact:

Post by Void Main » Sun Nov 13, 2005 8:44 am

ZiaTioN wrote:Second 0.0.0.0 is not a valid listening address to accept any socket connections.
Actually that's how netstat displays it if listening on all interfaces. Do a "netstat -an".

User avatar
Void Main
Site Admin
Site Admin
Posts: 5716
Joined: Wed Jan 08, 2003 5:24 am
Location: Tuxville, USA
Contact:

Post by Void Main » Sun Nov 13, 2005 8:55 am

byrdman wrote:By the way Void, I have some old Optiplexes if you need any...:)
Really, how old? I still have a couple P100s running certain things in my house that could use an upgrade. Doesn't hurt to have a spare lying around. I actually finally replaced my main firewall (which was a P100) with a WRT54G. Those little boxes are amazing (when running OpenWrt), and right in my price range at a little over 40 bucks.

ZiaTioN
administrator
administrator
Posts: 460
Joined: Tue Apr 08, 2003 3:28 pm
Contact:

Post by ZiaTioN » Sun Nov 13, 2005 9:18 am

Void Main wrote:
ZiaTioN wrote:Second 0.0.0.0 is not a valid listening address to accept any socket connections.
Actually that's how netstat displays it if listening on all interfaces. Do a "netstat -an".
Ahh yes. I misread netstat for nmap for some reason. Probably because this is how I usually check what is listening where. However if this is the case then it should already be listening on the right interface for him.

byrdman
administrator
administrator
Posts: 225
Joined: Thu May 08, 2003 1:59 pm
Location: In the cloud

Post by byrdman » Sun Nov 13, 2005 12:02 pm

The optiplexes are pretty old. PIII's with only about 128MB of ram. I think they have between 6 and 10 GB drives.

As far as my sendmail config, I first changed the address in that line to my eth0 address, then I took the address part out of it completely. I am starting to think that it has to be a firewall issue if only 80 can be connected to...

User avatar
Void Main
Site Admin
Site Admin
Posts: 5716
Joined: Wed Jan 08, 2003 5:24 am
Location: Tuxville, USA
Contact:

Post by Void Main » Sun Nov 13, 2005 12:31 pm

# system-config-securitylevel

A PIII is better than a PI. 128MB is better than 96MB of RAM. 6GB is better than 1GB of disk. :)

byrdman
administrator
administrator
Posts: 225
Joined: Thu May 08, 2003 1:59 pm
Location: In the cloud

Post by byrdman » Sun Nov 13, 2005 3:03 pm

It was the Netscreen Firewall. Thanks Void and ZiaTioN

Post Reply