A mail server consists of multiple components. A mail transfer agent (MTA) receives and sends emails via SMTP. Received and accepted emails are then passed to a mail delivery agent (MDA), which stores the mail in a mailbox (usually in mbox or Maildir format). If you want users to be able to remotely access their mail using email clients (MUA), you need to run a POP3 and/or IMAP server.
Software
Below is a table containing all Mail Servers with the features they support.
Name | Mail Transfer Agent | Mail Delivery Agent | Additional Features/Notes | |||
---|---|---|---|---|---|---|
Sending | Receiving | Sendmail | POP3 | IMAP | ||
dma | Yes | Yes with limitations, see Use Google SMTP | No | – | – | Not designed for production environments |
Exim | Yes | Yes | Yes | – | – | – |
OpenSMTPD | Yes | Yes | Yes | – | – | – |
Postfix | Yes | Yes | Yes | – | – | – |
Courier | Yes | Yes | No | Yes | Yes | Includes a web client and mailing list capabilities |
Cyrus IMAP | – | – | – | Yes | Yes | – |
Dovecot | – | – | – | Yes | Yes | – |
UW IMAP | – | – | Yes c-clientAUR has same capabilities | Yes | Yes | Project is abandoned |
msmtp | Yes | No | Yes msmtp has same capabilities | – | – | – |
Sendmail | Yes | No | Yes | – | – | Sendmail implementation is deprecated |
sSMTP | Yes | No | Yes | – | – | – |
Standalone MDAs
- fdm — A simple program for delivering and filtering mail.
- Procmail — A program for filtering, sorting and storing email (unmaintained).
- Maildrop — A mail filter/mail delivery agent used by the Courier Mail Server.
See also Wikipedia:Comparison of e-mail servers.
Ports
Purpose | Port | Protocol | Encryption |
---|---|---|---|
Accept mail from other MTAs. | 25 | SMTP | STARTTLS |
Accept submissions from MUAs. | 587 | SMTP | STARTTLS |
465 | SMTPS | implicit TLS | |
Let MUAs access mail. | 110 | POP3 | STARTTLS |
995 | POP3S | implicit TLS | |
143 | IMAP | STARTTLS | |
993 | IMAPS | implicit TLS |
MX record
Hosting a mail server requires a domain name with an MX record pointing to the domain name of your mail transfer agent. The domain name used as the value of the MX record must map to at least one address record (A, AAAA) and must not have a CNAME record to conform with RFC 2181, otherwise you may not get mail from some mail servers. Configuring DNS records is usually done from the configuration interface of your domain name registrar.
TLS
To obtain a certificate, see OpenSSL#Usage.
Authentication
There are various email authentication techniques.
Sender Policy Framework
From Wikipedia:
- Sender Policy Framework (SPF) is an email validation protocol designed to detect and block email spoofing by providing a mechanism to allow receiving mail exchangers to verify that incoming mail from a domain comes from an IP Address authorized by that domain's administrators.
To allow other mail exchangers to validate mails apparently sent from your domain, you need to set a DNS TXT record as explained in the Wikipedia article (there is also an online wizard[dead link 2022-09-21 ⓘ]). To validate incoming mail using SPF you need to configure your mail transfer agent to use a SPF implementation. There are several SPF implementations available: libspf2, perl-mail-spf and perl-mail-spf-query.
Courier | Yes, built-in |
---|---|
Postfix | Yes |
Sendmail | through Milter and spfmilter-acmeAUR |
Exim | Yes, requires libspf2 |
OpenSMTPD | No |
The following websites let you validate your SPF record:
v=spf1 -all
makes any mail server enforcing SPF reject emails from your domain name, thus preventing misuse.Sender Rewriting Scheme
The Sender Rewriting Scheme (SRS) is a secure scheme to allow forwardable bounces for server-side forwarded emails without breaking the Sender Policy Framework.
For Postfix, see Postfix#Sender Rewriting Scheme.
DKIM
DomainKeys Identified Mail (DKIM) is a domain-level email authentication method designed to detect email spoofing.
Available DKIM implementations are OpenDKIM and perl-mail-dkim.
Testing
There are several options to help you test DNS records, deliver ability, and encryption support.
Dedicated tools
Dedicated websites
There are several handy web sites that can help you testing.
- https://mxtoolbox.com/
- https://ismyemailworking.com/
- https://www.mail-tester.com/ (3 free tries only!)
- https://www.checktls.com/
- https://pingability.com/zoneinfo.jsp
Tips and tricks
Most mail servers can be configured to strip users' IP addresses and user agents from outgoing mail.
Available extras that can usually be integrated are:
- ClamAV for virus checking emails
- SpamAssassin to identify and filter spam
- Sieve – a mail filtering programming language
- webmail like Roundcube or Squirrelmail