Everyone has an email address—they’re essential to function in the interconnected world of the mid 21st century. Most people have their email addresses either through their employer or through one of the tech giants such as Google or Microsoft. But you can run your own email server with your own domain name from a simple computer such as a Raspberry Pi.
Why Run an Email Server on Your Raspberry Pi?
Emails are the modern equivalent of a letter—they’re private communications, but by using a free provider such as Gmail, you’re giving a predatory advertising and tracking company license to rifle through your life, your appointments, personal contacts, travel plans, and reservations. Google sells these intrusions as features, but to some, it’s an uncomfortable level of snooping.
By running your own email server, your data is in your own hands and on your own hardware, with no oversight from shadowy corporate entities. And if you really need to lose an email in a hurry, you can always just swallow the microSD card (don’t actually do this).
A Raspberry Pi is perfect for this project due to its low power draw—an email server will need to be powered on 24/7, so anything more powerful is money wasted. Email as a technology has been around since the 1970s and could be used on the computers of the time. Anything more powerful than a Raspberry Pi is overkill.
Is It Difficult to Create a Raspberry Pi Email Server?
Configuring an email server from scratch can be complicated: it involves installing and configuring multiple components, including Postfix, Dovecot, openDKIM, SpamAssassin, and Sieve. It will take up a significant amount of your day, and is a process fraught with peril, and one in which it is easy to make mistakes.
Fortunately, there are scripts which can make it easy to install an email server on your Raspberry Pi, which means that you can have your email server up and running in under an hour!
What You Will Need for Your Email Server
To complete this project, you will need:
- A Raspberry Pi (any model will do)
- An Ethernet cable
- A static IP address
- A domain name—if you don’t already have one, here are some useful tips on choosing a domain name
- Knowledge of your Pi’s local IP address
- Another PC
Setting Records and Opening Ports
Navigate to the Advanced DNS section of your registrar and delete any records already in existence. Click Add New Record. For the type, select A record, for the host, set @, and in the value field, set your public IP address. Save, and then click Add New Record again.
In this record, for the type, select A record; for the host, set *; and in the value field, set your public IP address. Finally, add a new MX record, with @ as the host, mail.your-domain.tld as the value, and set the priority to 10. Save the new DNS records.
Open up your router admin menu. This is usually done by typing 192.168.1.1 into a browser. If this doesn’t work for you, consult your router manual. Locate a section titled either Port Forwarding, Port Mapping, or Port Management, then create four new entries:
- The first is for HTTP requests. Set both the local and public port to 80, and the local IP address to the IP address of your Pi.
- The second is for HTTPS requests. Set both the local and public port to 443, and again, the local IP address to the IP address of your Pi.
- The third is for IMAP requests. Set both the local and public port to 993, and again, the local IP address to the IP address of your Pi.
- The fourth is for SMTP requests. Set both the local and public port to 587, and again, the local IP address to the IP address of your Pi.
Prepare Your Pi!
After installing a Debian-based operating system on your Raspberry Pi (Raspberry Pi OS will do just fine), connect it to your router with an Ethernet cable.
- Log into the Raspberry Pi using Secure Shell (SSH) either via a terminal if you’re using Linux or macOS, or with PuTTY if on Windows.
- Update and upgrade any packages:
sudo apt update
sudo apt upgrade
- You will be using Apache as a reverse proxy for your mail subdomain, and Certbot to obtain security certificates. Install Apache with:
sudo apt install apache2
- Add the Certbot repository, then update and install Certbot:
sudo add-apt-repository ppa:certbot/certbot
sudo apt update
sudo apt-get install python3-certbot-apache
- Change directory:
- Use nano to create a new conf file for your mail subdomain:
sudo nano mail.conf
Save and exit nano with Ctrl + O, then Ctrl + X
- Change directory and copy the default Apache configuration file to the name of your new domain and a further copy to the name of your subdomain:
sudo cp 000-default.conf your-domain.conf
sudo cp 000-default.conf mail.conf
- Edit your-domain.conf with nano:
sudo nano your-domain.conf
And, under the line <VirtualHost *:80>, add another line:
- Save and exit nano with Ctrl + O, then Ctrl + X. And repeat the process for mail.conf.
- Enable both conf files with:
sudo a2ensite your-domain.conf
sudo a2ensite mail.conf
- Restart Apache:
sudo service apache2 restart
- Run Certbot to obtain security certificates and keys for both your main domain and mail subdomain.
You will be asked for your email address, for confirmation that you agree to the Terms of Service, whether you would be willing to share your email address with the EFF, and finally, which names would you like to activate HTTPS for. Press Return to select all domains, and when asked whether or not to redirect HTTP traffic to HTTPS, choose 2 to redirect.
Install the Email Server Software
Follow these steps to install the email software.
- Move to your home directory and download the emailwiz installation script:
curl -LO lukesmith.xyz/emailwiz.sh
- It’s always good practice to know what a script does before running on your Raspberry Pi, so:
…to check for any nasties.
- Make the script executable and then run the script:
sudo chmod +x emailwiz.sh
- The script will download and install Postfix, Dovecot, openDKIM, and SpamAssasin, and you will be required to interact with the installation at various stages.
- The installation wizard will ask you to choose a mail server configuration type. Use the arrow keys on your keyboard to select Internet site, then press the Tab key so that OK is highlighted and hit Enter.
- Next, you will be asked to supply your Fully Qualified Domain Name. Don’t add www or http to the domain name—just enter the domain name itself.
- Once the installation has completed, you will be presented with three text records highlighted in green, along with the host and values.
- Open a browser again, head to your registrar’s Advanced DNS page, and create three new TXT records, and paste each record into the corresponding field. These will ensure that your email stays out of other people’s spam box.
- Any user added to the mail group will be given an email account with their Pi username and password. Add your Pi user to the mail group:
sudo usermod -G mail -m
It’s as simple as that!
Connect to Your Email Server With a Client on Mobile or Desktop
Your email server is fully functional and ready to go. It’s protected against intruders and any user account on your Pi can use it. It’s time to connect to it with an email client—although at this point, any emails sent are likely to land in the recipient’s spam box. We’re using Thunderbird email for this, although the procedure will be similar for any mobile or desktop email client.
In your email client, click on Add Account, and you will be invited to Set Up Your Existing Email Address. Enter your name, your email address, and your password. Your email address is your username on the Pi plus the domain name; e.g., [email protected]. Your password will be the password your user employs to log into the Pi.
Instead of clicking the Continue button, instead click on the Configure manually link. You will need to fill in details for both the incoming and outgoing server. For these, the hostname or server name is mail.your-domain-name.tld, the login name is your full email address, and the password is… your password. Set the IMAP port to 993 and the SMTP port to 587. Connection security should be set to STARTTLS and the authentication method to normal password.
You Can Now Send and Receive Email Through Your Raspberry Pi Email Server!
Running your own email service means that you don’t need to rely on anybody else. You are completely self-sufficient and out from the purview of tech giants. Even so, if you use your email server for evil purposes—such as bulk emails or spam, you will find yourself blacklisted by other providers. So be careful.
Read the full article here