Monday, August 26, 2013

RPi Home Mail Server Project

It has been a while since I last updated my blog. I am quite happy to write another article regarding my latest project: my own mail server based on my Raspberry Pi.

The reason is quite simple: since Google, Microsoft, or whatever provider, considers that it has the right to read my emails, the only way to "revoke" this right is by discontinuing the use of those providers' services. However, bear in mind that putting an email server into your internal network poses a great risk and you should be aware of the means how to mitigate those risks (implement DMZ, VLANs, buying firewalls, etc.). Those means cost money of course.

After a research regarding the most appropriate software for home -and RPi- use, I chose Citadel. I haven't tested it yet under extreme circumstances.

In order to configure Citadel you can use this very useful tutorial:
http://www.ducky-pond.com/posts/2012/Jul/installing-citadel-on-rpi/

Citadel offers integration with ClamAV, an open source antivirus and Spamassasin, an open source antispam software.

ClamAV

Unfortunately Citadel website offers only a high-level configuration guide for both ClamAV and SpamAssassin. As a consequence we have to dive a little bit deeper in order to make them work together.

We can install ClamAV by issuing the following commands:

> apt-get install clamav-daemon
> apt-get install clamav

Make sure you have included the following lines on /etc/clamav/clamd.conf:

TCPSocket 3310
TCPAddr 127.0.0.1


Make sure clamAV deamon is running:
/etc/init.d/clamav-daemon start

Then, add the localhost address on Citadel's administration page as mentioned on the guide.

SpamAssassin

Installing SpamAssassin by issuing the following commands:
> apt-get install spampd
> apt-get install spamassassin

Make sure you reconfigure the listening address and port for spamassassin (I have searched for a conf file but I didn't find it. So I include the following workaround.)

Edit /etc/init.d/spampd script and locate the following lines:

[ -n "${LISTENPORT}" ] && ARGS="${ARGS} --port=${LISTENPORT}"
[ -n "${LISTENHOST}" ] && ARGS="${ARGS} --host=${LISTENHOST}"


Alter them according to the following ones:

[ -n "${LISTENPORT}" ] && ARGS="${ARGS} --port=783"
[ -n "${LISTENHOST}" ] && ARGS="${ARGS} --host=127.0.0.1"

Spamassassin must listen on port 783 in order to cooperate with Citadel.

Now the only thing to do is to configure accordingly your domain name and MX records in order to send and receive emails.

Last but not least, consider implementing PGP keys in order to communicate safely. Bear in mind that the email service is plaintext, anyone suitably positioned on the Internet (ISPs, network administrators, etc.) can intercept and read your emails.

Enjoy your email service!