Raspberry Pi mail server: using Raspberry Pi to manage e-mails

Before you begin setting up the Raspberry Pi mail server, you should be aware of the following: an in­de­pend­ent e-mail server is not generally an equi­val­ent sub­sti­tute for one from a com­mer­cial e-mail provider. This is mainly due to the fact that most internet con­nec­tions do not use a static IP address. For a mail server to be able to operate, it must of course be connected to the internet. A pro­fes­sion­al e-mail server uses an internet con­nec­tion that has at least one static (fixed) IP address. This non-changing address for internet access ensures that the server is per­man­ently ad­dress­able and ac­cess­ible. However, most internet con­nec­tions only have a dynamic IP address, which means that the address is con­stantly changing (usually after 24 hours at the latest). This heavily limits sending messages via your own mail server: the recipient’s e-mail server often views messages as spam mails if they are sent via an internet con­nec­tion with a dynamic IP address. This is due to the fact that spammers often use dynamic IP addresses to send their annoying messaged since the con­stantly-changing address prevents them from being easily located. In addition, e-mails sent directly from computers and their dynamic IP addresses often don’t come from the computer itself, but rather from Malware, which has managed to in­filt­rate the system.  Many spam filters used by e-mail servers generally regard changing IP addresses as un­trust­worthy due to the above mentioned reasons. An internet con­nec­tion with a dynamic IP address is only partially suitable for sending messages via a mail server. Even the e-mail server presented in this tutorial does not con­sti­tute a full-fledged mail server in this respect. However, with some re­struc­tur­ing and/or monthly costs, this e-mail server can be upgraded to a con­ven­tion­al e-mail server.

The dif­fi­culties faced with using a dynamic IP address is the biggest dis­ad­vant­age of having a private mail server. It’s therefore not advisable to use this kind of server as an everyday e-mail server since most of your messages will end up in the recipient’s spam folder. But even if its aim isn’t to replace your existing e-mail service, a separate mail server can be worth it.

If you are primarily in­ter­ested in studying the con­fig­ur­a­tion and ad­min­is­tra­tion of an e-mail server, it is really worth setting up your own e-mail server. For this purpose, there is hardly a better and more cost-effective learning en­vir­on­ment than Raspberry Pi. You can also use your own mail server if you want to have absolute data integrity over your e-mails on an internal network (for example, within a company or an or­gan­isa­tion). A mail server on a local network ensures that that exchanged in­form­a­tion is stored solely on the hard drive of the sender, recipient, and their mail servers.

In a time where data pro­tec­tion is a hot topic, a dedicated internal mail server provides a secure way to store your messages. This is because only network ad­min­is­trat­ors have access to the complete e-mail archive rather than an e-mail service provider whose mail server is used for pro­cessing the message dispatch. The following is a detailed list of the pros and cons of a Raspberry Pi e-mail server:

• Within an internal network, you are the only one that has access to the complete e-mail archive. Messages are left on the server and others can only read them if you give them consent.

• Even aside from an internal network it is possible to prevent others from reading your e-mails: for this purpose, however, senders and re­cip­i­ents need a private mail server. Provided that the recipient of your mails also has a self-managed e-mail server without con­nec­tion to an e-mail provider, all exchanged data will be stored ex­clus­ively on the two private mail servers.

• The use of e-mail en­cryp­tion is re­com­men­ded for pro­tect­ing your data when it’s being sent between two private mail servers. With regards to data security, a self-hosted mail server offers another advantage: if the mail traffic runs through the server from one or more e-mail service providers, the provider can still read the header data as­so­ci­ated with the messages. This is despite the sender and recipient using PGP en­cryp­tion since this data is always open with PGP. If both sides use their own e-mail server, you and your com­mu­nic­a­tion partner avoid this data pro­tec­tion gap – your message exchange remains private and un­au­thor­ised people cannot read it.

• You control the mail system yourself without exception and can, therefore, customize the settings of the mail server software. In addition, there are barely any re­stric­tions on the size of the file at­tach­ments or on the general storage volume of your e-mail accounts (as long as you have enough disk space so that you can connect to the mail server computer).

• You can syn­chron­ise your data (such as e-mails via IMAP, contacts via CardDAV, or calendars via CalDAV) so that all devices, which have access to the mail server, have the same file sets.

• For domains linked to the mail server, you can create various e-mail addresses if desired.

• You don’t receive any ads from your e-mail provider.

• A separate server means putting in more effort where security is concerned. In this respect, a mail server is no exception since it’s per­man­ently online and can be attacked. You need to ensure that the software is updated and that you monitor safety programs to make sure hackers cannot access your server (and then use it to send spam e-mails). When managing a publicly ac­cess­ible e-mail server, you must therefore be familiar with security standards and keep broad­en­ing your knowledge.

• As pre­vi­ously mentioned, outbound e-mails sent via an internet con­nec­tion with a dynamic IP address will most probably be seen as spam by the recipient’s mail server and will end up in the spam folder. There are two ways to prevent this from happening:

  1. You rely on another (com­mer­cial) mail server, for which you already have an e-mail address, to send e-mails. If you have already set up your own mail server, you can use an e-mail program that is connected to it so that another e-mail provider’s server is re­spons­ible for sending e-mails instead of your own server.

     Dis­ad­vant­age: this procedure is at the expense of your data privacy. This is because the e-mail provider’s service in­ter­venes by storing outbound messages on its server, which can then be read by others

  2. You request a static IP address for your internet access. This is so that your private mail server looks similar to a pro­fes­sion­al one – even though it’s possible that your static address first has to acquire a certain repu­ta­tion with other servers. Many mail servers are initially skeptical about new e-mail servers that send them messages: you must first prove that your server isn’t being used to send spam.

     In order to be able to operate a fully-fledged e-mail server, you need at least one static IP address for your internet access:

     • A mail exchange resource record (ab­bre­vi­ated to MX record) for the domain in use. This is an entry in the Domain Name System (DNS), which iden­ti­fies your mail server as the server re­spons­ible for receiving e-mails on a par­tic­u­lar domain.

     • A PTR resource record (PTR record), where an IP address is resolved to the cor­res­pond­ing name via the 'reverse lookup' in the DNS.
     
     However, an internet con­nec­tion with a static IP address is not always easy to maintain – it often requires much higher costs for con­nect­ing to the internet

•  The spam filters of private mail servers are less effective than those of es­tab­lished e-mail providers, whose filtering system is better developed and can identify and sort spam more easily. However, you can use these programs to improve the spam pro­tec­tion of your own mail server.

In the following step, you should set up the mail server on the Raspberry Pi. For this, we use the groupware Citadel/UX that supports SMTP as a mail server, as well as contains an IMAP and POP3 server. Citadel ad­di­tion­ally offers a calendar, address book, and task functions, as well as this WebMail interface. Perform the set up in the terminal and update all installed packages with the following command lines:

Now start Citadel in the terminal using this command:

In order to make the Raspberry Pi mail server per­man­ently ac­cess­ible via an address online, log onto a DDNS service, register a cor­res­pond­ing domain name and finally connect it with Citadel. You must register the domain name as 'DNS Host (A)' with your current IP address, which your provider assigned to you. You can find this IP address, for example, from www.whatsmyip.org or similar online services. If you enter the re­gistered domain name into your browser, the Citadel mail server page will open. Now you just have to go to the 'Ad­min­is­tra­tion' menu and select 'Domain names and Internet mail con­fig­ur­a­tion'. Enter the domain name under 'Aliases for this machine', then finally go to 'Edit system pref­er­ences' via 'Ad­min­is­tra­tion'. When here, delete the node name and instead enter your domain name under 'Fully qualified domain name'. Once you have saved the settings, click on 'Ad­min­is­tra­tion' again to re-start the Citadel mail server. Now you’ve finally made it: your private mail server is ready for use and can be operated via the installed web mailer. You can, of course, use it with another e-mail program (Thun­der­bird, Outlook, etc.) and expand Citadel’s range of functions.

If you use the Raspberry Pi as a mail server in com­bin­a­tion with an internet con­nec­tion that has a static IP address, you come as close as possible to a pro­fes­sion­al mail server. In this case, it is advisable to enter not only the above-mentioned mandatory entries (PTR and MX record), but also an SPF resource record and DKIM (Do­main­Keys Iden­ti­fied Mail). This reduces the like­li­hood of your Raspberry Pi e-mail server deciding that e-mails from other mail servers are spam. However, as mentioned above, a mail server first needs to build up a repu­ta­tion so that messages it sends will be less likely to be con­sidered as spam, which is difficult to achieve on private servers with com­par­at­ively low activity.

If your internet con­nec­tion only has a dynamic IP address, you can set up the Raspberry Pi mail server via DDNS, at least with the basic functions – even if your mails are likely to fre­quently end up in the recipient’s spam folder. Therefore, it is important to let the recipient know that they should configure their spam filter so that your e-mails don’t end up in the spam folder. This is usually only worth it if a man­age­able group of people (such as within a company, work group, etc.) is to be reached via the mail server. However, if all re­cip­i­ents are connected to the same local network, creating an internal mail server es­pe­cially pays off.

One of the biggest ad­vant­ages of your own e-mail server not being connected to an e-mail provider is complete data integrity. If it’s not that important for you to set up and operate your own e-mail server, the effort and cost of managing and updating the server isn’t worth it. In this case, using a larger mail provider for e-mail traffic is usually the better option. Otherwise, tech­no­logy en­thu­si­asts and those curious to learn could benefit from a private mail server if they want to un­der­stand the tech­no­logy behind an e-mail server with Raspberry Pi.