Email Server For CentOS 7

Home » CentOS » Email Server For CentOS 7
CentOS 14 Comments

Hi folks.

I’m looking for an email server. I have a C7 box already with nginx, PostgreSQL, Sinatra and Ruby. So I don’t want to install PHP, Apache, MySQL, etc.

Are there any ways/tutorials to set up a mail server under those restrictions? It would serve multiple domains.

Cheers, Bee

14 thoughts on - Email Server For CentOS 7

  • Read up on Postfix (SMTP) and Dovecot (POP3 and IMAP). (Sendmail is available as an alternative to Postfix.)

    Additional services you’ll want include MIMEDefang (general filter management), SpamAssassin (anti-spam), and ClamAV (anti-virus scanning).

    Other useful services include OpenDKIM (validates that mail really came from the domain it claims to have come from), Roundcube (web-based email client), and Certbot (acquire a LetsEncrypt cert for your mail servers). You might want openLDAP for authentication, identity management, and address books. Fail2ban can help keep the script kiddies out of your services.

    Running a mail server requires knowledge of many different services and awareness of many security issues. You have your work cut out for you.

  • Save yourself the effort, time, headaches and eventual bloody tears of impotent rage and just go with Google or some other provider. Running a mail server properly is one of the more difficult tasks and quite often not worth the time and trouble, especially if one is asking about it on a list such as this.

    John

  • Have a look at this tutorial: ‘How to set up a mail server on a GNU /
    Linux system’ < http://flurdy.com/docs/postfix/ >

    It focuses on Ubuntu but much should apply to CentOS too. (By the way, does anyone know of a CentOS-centric tutorial covering the same subject?).

    As others have said, running a mail server is not easy today (major issues are (a) preventing spam distribution and, increasingly, (b)
    deliverability to major email providers even if you have done nothing wrong) but this is a technical mailing list for people who have deliberately chosen to run CentOS. We all have to start somewhere and this is as good a place as anywhere. But be aware that running a mail server is a big commitment to time and maintenance.


    Mark Rousell

  • try “free” linux groupware like Kolab, Citadel or Zimbra. they will give you easy installation and easy user/mailbox management.

  • Hello, For last several years I used SurgeMail server. For I think three or five accounts it is free. Works very good. I had only one problem – it was down for two month because of screwed CentOS update. After couple of updates it went back working. Configuration is web GUI and is pretty good.

    Mikhail Utin

  • Just to add. SurgeMail if available is very easy to install and run. I had the problem to get a server without going to complex configuration for my small company and it is possibly the best and reliable.

    Mikhail Utin

  • I fully agree with most of the former, except for the Google part. Google is to privacy what a shark pool is to a carp. If possible, avoid Google at all cost, and particularly for E-Mail. There are services around that cost a very small amount of money (e.g. mailbox.org or posteo.de), provide a very reasonable service and do *not* peek into your mail for advertisement targets and sell your data to their customers.

    If you want to run your own mail server (there are good reasons to do so, I’ve been running my own services for many years now) be prepared for a learning curve, as mail is not as simple and straightforward as it looks. You should also run your own DNS in that case, as many modern features of secure mail services are tightly linked to DNS (e.g. SPF, DKIM, DMARC etc.). DNSsec is preferred.

    There are some good books around (e.g. the Postfix/Dovecot books by Peer Heinlein, who incidentally is the owner of the mailbox.org service, but the Postfix book only seems to be available in German). Without a good foundation on running mail servers and/or some help from experienced mail server operators you’re almost certain to screw up big time, which in most cases means ending up on some blacklists or having mail delivered very unreliably.

    As for the software question, I recommend the Postfix/Dovecot setup, enriched with some additional components to support graylisting, virus checking, spam filtering, DKIM, DMARC and SPF.

    Pete.

  • –Fastmail looks attractive to me as it’s IMAP-friendly. I run my own server but I’m recommending to my family that they move their accounts there if I
    “get hit by a bus”.

    <https://en.wikipedia.org/wiki/FastMail>

    I mostly run my own server because it’s easy to create an infinite number of disposable “plussed” addresses as website login names. I’ve got a sendmail rule that lets me use a dot instead of a plus sign in such addresses to get around the websites that refuse a plus sign in an address.

    <http://mozilla.wikia.com/wiki/User:Me_at_work/plushaters>

    This can be split. I let my hosting provider host my public domain name on their DNS servers. But I run a caching nameserver on my mail server to do the various lookups it requires. A forwarding nameserver for blacklist lookups is NOT recommended because of the way the various DNS-based blacklisting databases license their service.

  • Thank you for the input. And to the others as well. I hate this type of chase where it seems never-ending, for a technology I can’t stand. Managing my current solution has been a problem for ages. I’m not getting any younger. Maybe hosting is the best solution, and I do agree with you about Google. I don’t trust them as far as I can spit.

    Cheers, Bee

  • I run my own mail-server on FreeBSD and qmail (setup mostly using a script from Matt Simerson: https://github.com/msimerson/Mail-Toaster-6). I need to re-do it at some point.

    I’m always debating moving to Zimbra (OpenSource Edition, or Zimbra Suite).

    If I wouldn’t run my own, I’d probably switch to Protonmail. Fastmail is also an option.

    DNS (authority) is best run at your hosting-provider or even at a specialized DNS provider, depending on requirements.

    Everything else is just asking for trouble.