Build Email Server From Scratch on Debian – Basic Postfix Setup

Why run your own email server? Perhaps you have a website, which needs to send emails to users, or maybe you want to store your emails on your own server to protect your privacy. However, building your own email server can be a pain in the butt because there are so many software components you need to install and configure properly. To make this journey easy for you, I’m creating a tutorial series on how to build your own email server on Debian.

Build An Email Server From Scratch on Debian

I’m confident to say that this is the best and most comprehensive tutorial series about building an email server from scratch on the Internet. Not only will you have a working email server, but also you will have a much better understanding of how email works. This tutorial series is divided into 16 parts.

  1. Set up a basic Postfix SMTP server
  2. Set up Dovecot IMAP server and TLS encryption
  3. Create Virtual Mailboxes with PostfixAdmin (MariaDB/MySQL, PostgreSQL)
  4. Create SPF and DKIM Records to Get Through Spam Filters
  5. Create DMARC Record to Protect Your Domain Reputation
  6. Set Up Roundcube Webmail
  7. 7 Effective Tips to Stop Your Email From Being Marked as Spam
  8. Blocking Email Spam with Postfix
  9. Set Up OpenDMARC to Block Email Spoofing
  10. Blocking Email Spam with SpamAssassin
  11. Set Up Amavis and ClamAV on Debian Mail Server to Scan Virus
  12. How to Secure Email Server Against Hacking with Self-hosted VPN Server
  13. How to Bypass Email Blacklists
  14. (optional) Enable and Configure Postscreen in Postfix to Block Spambots
  15. (optional) How to Host Multiple Mail Domains in PostfixAdmin
  16. Automatic IP and Domain Warm-up For Your Email Server

I know this seems to be a very daunting task. However, based on what you want to achieve, you might not need to follow all of them. My articles are easy to follow, so if you dedicate some time to it, you will have a working email server.

Hint: If you don’t want to build an email server from scratch, which is a long and tedious process, you can use Scalahosting managed VPS to set up a full-featured mail server quickly and easily.

This article is part 1 of this tutorial series. You will learn how to set up a very basic Postfix SMTP server, also known as an MTA (message transport agent). Once you finish this article, you should be able to send and receive emails with your own email domain on your own email server. It is tested on Debian 10 and Debian 11 server.

About Postfix SMTP Server

Postfix is a state-of-the-art message transport agent (MTA), aka SMTP server, which serves two purposes.

  • Outgoing emails: It’s responsible for transporting email messages from a mail client/mail user agent (MUA) such as Mozilla Thunderbird and Microsoft Outlook to a remote SMTP server.
  • Incoming emails: It’s also used to accept emails from other SMTP servers.

Postfix was built by Wietse Venema who is a Unix and security expert. It’s easy to use, designed with security and modularity in mind, with each module running at the lowest possible privilege level required to get the job done. Postfix integrates tightly with Unix/Linux and does not provide functionalities that Unix/Linux already provides. It’s reliable in both simple and stressful conditions.

Postfix was originally designed as a replacement for Sendmail – the old, traditional SMTP server on Unix. In comparison, Postfix is more secure and easier to configure. It is compatible with Sendmail, so if you uninstall Sendmail and replace it with Postfix, your existing scripts and programs will continue to work seamlessly.

In this tutorial, you will learn how to configure Postfix for a single domain name.

Step 1: Choose the Right Hosting Provider

It’s not an easy task to find a VPS (Virtual Private Server) provider suitable for email hosting. Many hosting companies like DigitalOcean blocks port 25. DigitalOcean would not unblock port 25, so you will need to set up SMTP relay to bypass blocking, which can cost you additional money. If you use Vultr VPS, then port 25 is blocked by default. They can unblock it if you open a support ticket, but they may block it again at any time if they decide your email sending activity is not allowed. Vultr actually may re-block it if you use their servers to send newsletters.

Another problem is that big well-known hosting providers like DigitalOcean or Vultr are abused by spammers. Often the server IP address is on several blacklists. Vultr has some entire IP ranges blacklisted.

Kamatera VPS is a very good option to run a mail server because

  • They don’t block port 25.
  • The IP address isn’t on any email blacklist. (At least this is true in my case. I chose the Dallas data center.) You definitely don’t want to be listed on the dreaded Microsoft Outlook IP blacklist or the SpamRats blacklist. Some blacklists block an entire IP range and you have no way to delist your IP address from this kind of blacklists.
  • You can edit PTR record to improve email deliverability.
  • They allow you to send newsletters to your email subscribers with no hourly limits or daily limit, whatsoever. Note that you are not allowed to send spam, also known as unsolicited bulk email. If the recipient doesn’t explicitly give you permission to send emails, and you send emails to them, that’s unsolicited email.
  • You can order multiple IP addresses for a single server. This is very useful for folks who need to send a large volume of emails. You can spread email traffic on multiple IP addresses to achieve better email deliverability.

I recommend following the tutorial linked below to properly set up a Linux VPS server on Kamatera.

You also need a domain name. I registered my domain name from NameCheap because the price is low and they give you whois privacy protection free for life.

Step 2: Configure Mail Server Hostname

I assume you have a sudo user on your Debian server.  Run the following commands on the server as root to install sudo.

apt install sudo

Then create a new user and add it to the sudo group.

adduser username 
adduser username sudo

Next, switch to the new user.

su - username

By default, Postfix uses your server’s hostname to identify itself when communicating with other MTAs. The hostname can have two forms:

  • A single word
  • FQDN (Fully Qualified Domain Name)

The single word form is used mostly on personal computers. Your Linux laptop might be named linux, debian, ubuntu etc.

FQDN (Fully Qualified Domain Name) is commonly used on Internet-facing servers and we should use FQDN on our mail servers. It consists of two parts: a node name and a domain name. For example, mail.linuxbabe.com is an FQDN. mail is the node name, linuxbabe.com is the domain name. FQDN will appear in the smtpd banner. Some MTAs reject messages if your Postfix does not provide FQDN in the smtpd banner. Some MTAs even query DNS to see if FQDN in the smtpd banner resolves to the IP of your mail server.

Log into your server via SSH and enter the following command to see the FQDN form of your server hostname.

hostname -f

If your Debian server doesn’t have an FQDN yet, you can use hostnamectl to set one.

sudo hostnamectl set-hostname your-fqdn

A common FQDN for mail server is mail.example.com. You need to replace example.com with your real domain name. Then log out and log back in to see this change at the command prompt. To log out of your server, run the exit command.

exit

Step 3: Create DNS Records for Your Mail Server

You need to go to your DNS hosting service (usually your domain registrar like NameCheap) to set up DNS records.

In this tutorial, we are creating 3 DNS records for the mail server.

  • MX record:    Mail Exchanger record
  • A record (and AAAA record):   Address record
  • PTR record:    Pointer record

There are also other DNS records for a complete mail server setup. We will discuss them in later parts of this tutorial series.

MX record

An MX record tells other MTAs that your mail server mail.example.com accepts emails for your domain name.

Record Type     Name        Mail Server            Priority
MX              @           mail.linuxbabe.com     0

A common name for the MX host is mail.yourdomain.com. You can specify more than one MX record and set priority for your mail servers. A lower number means higher priority in email delivery. Here we only use one MX record and set 0 as the priority value (0 ~ 65535).

Note that when you create the MX record, you should enter @ or your apex domain name (example.com) in the Name field like below. An apex domain name is a domain name without any sub-domain.

email server MX record

A record

An A record maps an FQDN to an IP address. You need to create A record so other SMTP servers can resolve your mail server’s hostame (mail.example.com) to an IP address.

Record Type        Name        value
A                  mail        <IP-address>

AAAA record

If your server has a public IPv6 address, you also need to add AAAA record for mail.example.com.

Record Type       Name        value
AAAA              mail        <IPv6-address>

Hint: If you use Cloudflare DNS service, you should not enable the CDN (proxy) feature when creating A and AAAA record for mail.example.com. Cloudflare does not support SMTP or IMAP proxy.

PTR record

A pointer record, or PTR record, maps an IP address to an FQDN. It’s the counterpart to the A record and is used for reverse DNS (rDNS) lookup. It tells other MTAs that you really is the owner or manager of this IP address.

Reverse DNS resolution of IP address with PTR record can help with blocking spammers. Many MTAs reject emails if your IP address doesn’t have a PTR record. Even if they don’t reject the email, you still should set a PTR record for your email server so your emails have a better chance of landing in the recipient’s inbox instead of the spam folder.

To check the PTR record for an IP address, you can use the following command. (On Debian server, you can install the dig utility with sudo apt install bind9-utils).

dig -x IP_Address +short

or

host IP_Address

PTR record isn’t managed by your domain registrar. It’s managed by the organization that gives you an IP address. You get IP address from your hosting provider, not from your domain registrar, so you must set PTR record for your IP address in your hosting provider’s control panel. Its value should be your mail server’s hostname: mail.example.com. If your server has a public IPv6 address, then add a PTR record for your IPv6 address as well.

To edit the reverse DNS record for your Kamatera VPS, log into the Kamatera client area, then open a support ticket and tell them to add PTR record for your server IP addresss to point the IP address to mail.your-domain.com. It’s not convenient, you might think, but this is to keep spammers away from the platform, so legitimate email senders like us will have a great IP reputation.

Note: Gmail will actually check the A record of the hostname specified in the PTR record. If the hostname resolves to the same IP address, Gmail will accept your email. Otherwise, it will reject your email.

Step 4: Install Postfix SMTP Server on Debian Server

On your Debian server, run the following two commands.

sudo apt-get update

sudo apt-get install postfix -y

You will be asked to select a type for mail configuration. Normally, you will want to select the second type: Internet Site.

postfix general type of mail configuration debian

  • No configuration means the installation process will not configure any parameters in the /etc/postfix/main.cf file.
  • Internet Site means using Postfix for sending emails to other MTAs and receiving emails from other MTAs.
  • Internet with smarthost means using postfix to receive email from other MTAs, but using another smart host to relay emails to the recipient.
  • Satellite system means using a smart host for sending and receiving emails.
  • Local only means emails are transmitted between local user accounts only.

Next, enter your domain name for the system mail name, i.e. the domain name after @ symbol. For example, my email address is [email protected], so I entered linuxbabe.com for the system mail name. This domain name will be appended to addresses that don’t have a domain name specified. Note that if you enter a sub-domain like mail.example.com, you will be able to receive emails destined for @mail.example.com addresses, but not be able to receive emails destined for @example.com addresses.

debian postfix configuraiton system mail name

Once installed, Postfix will be automatically started and a /etc/postfix/main.cf file will be generated. Now we can check Postfix version with this command:

sudo postconf mail_version

On Debian 11 bullseye, the Postfix version is 3.5.6.

mail_version = 3.5.6

The ss (Socket Statistics) utility tells us that the Postfix master process is listening on TCP port 25.

sudo ss -lnpt | grep master

debian-postfix-TCP-port-25

Postfix ships with many binaries under the /usr/sbin/ directory, as can be seen with the following command.

dpkg -L postfix | grep /usr/sbin/

Output:

/usr/sbin/postalias
/usr/sbin/postcat
/usr/sbin/postconf
/usr/sbin/postdrop
/usr/sbin/postfix
/usr/sbin/postfix-add-filter
/usr/sbin/postfix-add-policy
/usr/sbin/postkick
/usr/sbin/postlock
/usr/sbin/postlog
/usr/sbin/postmap
/usr/sbin/postmulti
/usr/sbin/postqueue
/usr/sbin/postsuper
/usr/sbin/posttls-finger
/usr/sbin/qmqp-sink
/usr/sbin/qmqp-source
/usr/sbin/qshape
/usr/sbin/rmail
/usr/sbin/sendmail
/usr/sbin/smtp-sink
/usr/sbin/smtp-source

Step 5: Open TCP Port 25 (inbound) in Firewall

The inbound TCP port 25 needs to be open, so Postfix can receive emails from other SMTP servers. Debian doesn’t enable a firewall by default. Run the following command to install the UFW firewall.

sudo apt install ufw

Then allow SSH traffic with the following command.

sudo ufw allow 22/tcp

If your SSH server is using another port such 6543, then run the following command to allow SSH traffic in the firewall.

sudo ufw allow 6543/tcp

Next, enable the UFW firewall.

sudo ufw enable

Now we can open TCP port 25 (inbound) with the following command.

sudo ufw allow 25/tcp

Then scan open ports on the mail server with an online port scanner. Enter your mail server’s public IP address and select scan all common ports.

debian open TCP port 25 inbound in firewall

You can see from the above screenshot that TCP port 25 is open on my mail server.

Step 6: Checking If TCP Port 25 (outbound) is blocked

The outbound TCP port 25 needs to be open, so Postfix can send emails to other SMTP servers. The outbound TCP port 25 is controlled by your hosting provider, we can install the telnet utility to check if it’s open or blocked.

sudo apt install telnet

Run the following command on your mail server.

telnet gmail-smtp-in.l.google.com 25

If it’s not blocked, you would see messages like below, which indicates an SMTP connection is successfully established to Gmail. (Hint: Type in quit and press Enter to close the connection.)

Trying 74.125.68.26...
Connected to gmail-smtp-in.l.google.com.
Escape character is '^]'.
220 mx.google.com ESMTP y22si1641751pll.208 - gsmtp

If port 25 (outbound) is blocked, you would see something like below, which indicates an SMTP connection can not be established.

Trying 2607:f8b0:400e:c06::1a...
Trying 74.125.195.27...
telnet: Unable to connect to remote host: Connection timed out

In this case, your Postfix can’t send emails to other SMTP servers. Ask your ISP/hosting provider to open the outbound port 25 for you. If they refuse your request, you need to set up SMTP relay to bypass port 25 blocking or use a VPS like Kamatera that doesn’t block port 25.

Some folks might be asking, “Can I change port 25 to another port to bypass blocking”? The answer is no. Changing the port works only when you control both the server-side and client-side. When Postfix sends emails, it acts as the SMTP client. The recipient’s mail server acts as the SMTP server. You don’t have control over the receiving SMTP server. SMTP servers are listening on port 25 to receive emails. They expect SMTP clients to hit port 25. There’s no other port for receiving emails. If your Postfix don’t connect to port 25 of the receiving SMTP server, you won’t be able to send emails.

Step 7: Sending Test Email

As a matter of fact, we can now send and receive email from the command line. If your Debian server has a user account called user1, then the email address for this user is [email protected]. You can send an email to root user [email protected]. You can also send emails to Gmail, Yahoo Mail, or any other email service.

When installing Postfix, a sendmail binary is placed at /usr/sbin/sendmail, which is compatible with the traditional Sendmail SMTP server. You can use Postfix’s sendmail binary to send a test email to your Gmail account like this:

echo "test email" | sendmail [email protected]

In this simple command, sendmail reads a message from standard input and make “test email” as the message body, then send this message to your Gmail account. You should be able to receive this test email in your Gmail inbox (or spam folder). You can see that although we didn’t specify the from address, Postfix automatically append a domain name for the from address. That’s because we added our domain name in system mail name when installing Postfix.

Note: The From: domain name is determined by the myorigin parameter (aka system mail name) in Postfix, not by the myhostname parameter.

You can try to reply to this test email to see if Postfix can receive email messages. It’s likely that emails sent from your domain are labeled as spam. Don’t worry about it now. We will solve this problem in later parts of this tutorial series.

The inbox for each user is located at /var/spool/mail/<username> or /var/mail/<username> file. If you are unsure where to look for the inbox, use this command.

sudo postconf mail_spool_directory

The Postfix mail log is stored at /var/log/mail.log.

Still Can’t Send Email?

If port 25 (outbound) is not blocked, but you still can’t send emails from your own mail server to your other email address like Gmail, then you can check the mail log (/var/log/mail.log) with the following command.

sudo tail -n 20 /var/log/mail.log

This tells tails to output the last 20 lines of the mail.log file. You can change 20 to 40 if you like.

For example, some folks might see the following lines from the mail.log file.

host gmail-smtp-in.l.google.com[2404:6800:4003:c03::1b] said: 550-5.7.1 [2a0d:7c40:3000:b8b::2] Our system has detected that 550-5.7.1 this message does not meet IPv6 sending guidelines regarding PTR 550-5.7.1 records and authentication. Please review 550-5.7.1 https://support.google.com/mail/?p=IPv6AuthError for more information

This means your mail server is using IPv6 to send the email, but you didn’t set up IPv6 records. You should go to your DNS manager, set AAAA record for mail.example.com, then you should also set PTR record for your IPv6 address. (PTR record is managed by the organization that gives you an IP address.)

You can also open the mail log (/var/log/mail.log) with a command-line text editor, such as VIM, which can be installed by

sudo apt install vim

Then open the mail.log in VIM.

sudo vim /var/log/mail.log

To go to the bottom of this file, press the Caps Lock, then press G. To exit the file, press the Caps Lock to switch back to lower letter mode, then enter :q and press Enter.

Step 8: Using the mail program to Send and Read Email

Now let’s install a command-line MUA (mail user agent).

sudo apt-get install mailutils

To send email, type

mail -a FROM:your-account@example.com [email protected]
user@mail:~$ mail -a FROM:[email protected] [email protected]
Cc: 
Subject: 2nd test email
I'm sending this email using the mail program.

Enter the subject line and the body text. To tell mail that you have finished writing, press Ctrl+D and mail will send this email message for you.

To read incoming emails, just type mail.

mail

Here’s how to use the mail program to manage your mailbox.

  • To read the first email message, type 1. If only parts of the message is displayed, press Enter to show the remaining part of the message.
  • To display message headers starting from message 1, type h.
  • To show the last screenful of messages, type h$ or z.
  • To read the next email message, type n.
  • To delete message 1, type d 1.
  • To delete message 1, 2 and 3, type d 1 2 3.
  • To delete messages from 1 to 10, type d 1-10.
  • To replay to message 1, type reply 1.
  • To exit out of mail, type q.

Messages that have been opened will be moved from /var/mail/<username> to /home/<username>/mbox file. That means other mail clients can’t read those messages. To prevent this from happening, type x instead of q to exit out of the mail.

Step 8: How To Increase Attachment Size Limit

By default, the attachment cannot be larger than 10MB, which is indicated by the message_size_limit parameter.

sudo postconf | grep message_size_limit

Output:

message_size_limit = 10240000

This parameter defines the size limit for emails originating from your own mail server and for emails coming to your mail server.

To allow attachment of 50MB in size, run the following command.

sudo postconf -e message_size_limit=52428800

When postconf command is invoked with the -e (edit) option, it will try to find the parameter (message_size_limit) in the Postfix main configuration file (/etc/postfix/main.cf) and change the value. If the parameter can’t be found, then it adds the parameter at the end of the file.

Note that the message_size_limit should not be larger than the mailbox_size_limit, otherwise Postfix might not be able to receive emails. The default value of mailbox_size_limit is 51200000 bytes (about 48MB) in the upstream Postfix package. On Debian, the default value is set to 0, as can be seen with

sudo postconf | grep mailbox_size_limit

Output:

mailbox_size_limit = 0

This means that the mailbox has no size limit, which is great.

Restart Postfix for the changes to take effect.

sudo systemctl restart postfix

When sending an email with large attachments from your mail server, you should also beware of the receiving server’s attachment size limit. For example, You can not send an attachment larger than 25MB to a Gmail address.

Step 9: Setting the Postfix Hostname

By default, Postfix SMTP server uses the OS’s hostname. However, the OS hostname might change, so it’s a good practice to set the hostname directly in Postfix configuration file. Open the Postfix main configuration file with a command-line text editor, such as Nano.

sudo nano /etc/postfix/main.cf

Find the myhostname parameter and set mail.example.com as the value. It’s not recommended to use the apex domain example.com as myhostname. Technically you can use the apex domain, but it will create problems in later parts of this tutorial series.

myhostname = mail.example.com

Save and close the file. (To save a file in Nano text editor, press Ctrl+O, then press Enter to confirm. To exit, press Ctrl+X.) Restart Postfix for the change to take effect.

sudo systemctl restart postfix

Once you have set myhostname in Postfix, the OS hostname doesn’t matter anymore. You can change the OS hostname to any hostname you like.

Step 10: Creating Email Alias

There are certain required aliases that you should configure when operating your mail server in a production environment. You can add email alias in the /etc/aliases file, which is a special Postfix lookup table file using a Sendmail-compatible format.

sudo nano /etc/aliases

By default, there are only two lines in this file.

# See man 5 aliases for format
postmaster: root

The first line is a comment. The second line is the only definition of an alias in this file. The left-hand side is the alias name. The right-hand side is the final destination of the email message. So emails for [email protected] will be delivered to [email protected]. The postmaster email address is required by RFC 2142.

Normally we don’t use the root email address. Instead, the postmaster can use a normal login name to access emails. So you can add the following line. Replace username with your real username.

root:   username

Ubuntu Postfix email alias

This way, emails for [email protected] and [email protected] will be delivered to [email protected]. Now you can save and close the file. Then rebuild the alias database with the newaliases command

sudo newaliases

Using IPv4 Only

By default, Postfix uses both IPv4 and IPv6 protocols, as can been seen with:

sudo postconf inet_protocols

Output:

inet_protocols = all

If your mail server doesn’t have a public IPv6 address, it’s better to disable IPv6 in Postfix to prevent unnecessary IPv6 connections. Simply run the following command to disable IPv6 in Postfix.

sudo postconf -e "inet_protocols = ipv4"

Then restart Postfix.

sudo systemctl restart postfix

If you don’t know whether your server has public IPv6 address, simply run the following command.

ping 2607:f8b0:4005:808::2005

This command tries to ping Gmail’s IPv6 address. If the ping is successful, then your server can use IPv6. If the ping is unsuccessful, then your server can’t use IPv6. Press Ctrl+C to stop ping.

Upgrading Postfix

If you run sudo apt update command then sudo apt upgrade in the future, and the system is going to upgrade Postfix, you might be prompted to choose a configuration type for Postfix again. This time you should choose No configuration to leave your current configuration file untouched.

postfix no configuration

Next Step

Congrats! Now you have a basic Postfix email server up and running. You can send plain text emails and read incoming emails using the command line. In the next part of this tutorial series, we will learn how to install Dovecot IMAP server and enable TLS encryption, which will allow us to use a desktop mail client like Mozilla Thunderbird to send and receive emails.

As always, if you found this post useful, subscribe to our newsletter to get more tips and tricks. Take care 🙂

Rate this tutorial
[Total: 23 Average: 4.9]

38 Responses to “Build Email Server From Scratch on Debian – Basic Postfix Setup

  • Fabulous instructions! Literally the best I’ve come across in many, many years!

  • Juan Ávila
    2 years ago

    Great tutorial. A hard task made easy. It worked fine on my server. Very clear explanations for rookie sysadmins like me.

  • Just starting on your tutorial and already I have a question. I’m working on the Raspberry Pi-4 with Linux 10 (Buster) as the OS.

    When I change the initial hostname (My-Mail) to the fqdn (mail.mydomain.com) and reboot, the resulting command line prompt is now “mail”. Looking into the rules for hostname in Buster, I find that a-z, A-Z, 0-9 and the hyphen (-) are the only characters allowed, so evidently the OS has truncated the name to the first segment. Is this going to be a problem?

    Have I done something wrong?…

    • Xiao Guoan (Admin)
      2 years ago

      The command line prompt shows you only the first part of the fqdn. That’s the default behavior. It doesn’t mean there’s anything wrong.

      • We have a special system for naming Pi’s. Is it critical that the host name be mail.mydomain.com? Thanks

    • Xiao Guoan (Admin)
      2 years ago

      No. You can use whatever hostname you like. Just make sure you use it consistently throughout this tutorial series.

      • I have completed Part 1 of this tutorial. I can send emails ok, but can not receive them. Hotmail and gmail both throw an error and do not send it. Here is the error message I get from gmail
        “The response from the remote server was:
        550 not local host mydomain.com, not a gateway”

        Any ideas what I did wrong?

    • Xiao Guoan (Admin)
      2 years ago

      Can you tell me the domain name and IP address of the email server? Without this information, I can’t diagnose this problem.

      If you don’t want to post this information on the open web. Send to my email address: [email protected]

    • Xiao Guoan (Admin)
      2 years ago

      Your MX record is wrong. Please point MX record to the correct hostname.

  • Mo.Khateeb
    2 years ago

    Can I use these steps by Ubuntu 20.04 LTS?
    I appreciate your precious value

  • Mo.Khateeb
    2 years ago

    Can I Build My WordPress website in parallel with Building my Own Email Server in the same VPS?

    • Xiao Guoan (Admin)
      2 years ago

      Yes, you can.

      • Mo.Khateeb
        2 years ago

        I need your supervision of my work what’s the price for?

    • Xiao Guoan (Admin)
      2 years ago

      I rarely accept freelance work nowadays. If you really want me to manage your server, the price is 40 USD/hour.

    • Xiao Guoan (Admin)
      2 years ago

      If you are afraid that you might make mistakes, you can try a managed VPS hosting solution like Scalahosting. With a managed VPS, you don’t need to manually configure the email server or WordPress. All you need to do is click a few buttons in the VPS control panel and your email server will be working. And you can also run WordPress on the same VPS. You own a dedicated IP address and no one else can use it.
      How to Set Up ScalaHosting Managed VPS Email Server

      • Mo.Khateeb
        2 years ago

        No Sir My Objective is to build my WordPress website + Email server + third party mail application on the same VPS Server I will request your Supervision ASAP if you have a Udemy video course for these subjects in detail I’m ready for purchasing

        • Mo.Khateeb
          2 years ago

          If not I will follow your steps and I will request your supervision but can you create a blog on how to create a WordPress website with an Nginx web server in the parallel email server and add it in this class

    • Xiao Guoan (Admin)
      2 years ago

      I don’t have Udemy video course.

  • Rick Lell
    2 years ago

    Excellent tutorial as always, dear Xiao. I had iRedMail on my Debian VPS, but wanted to build from scratch as you are doing here. I did a rebuild, upgraded the RAM to 4 gigs… and now following your wonderful series of tutorials for this project. Thank you for the work you do. Bless you, dear Xiao. Peace.

  • Ross Johnson
    2 years ago

    Thanks for an excellent tutorial series! Question: you mention that I can set myhostname to the apex domain (e.g. example.com instead of mail.example.com), but it will cause problems later in the tutorial, so I’m wondering what problems it will cause? I think I want to use the apex domain for my mail server because I have only one globally-routable static IP address from my ISP, my ISP controls the PTR record, and they points it to my apex domain. I could ask them to change it to point to something like mail.example.com instead of example.com. However, my domain does a lot more than mail, so this seem awkward and I’m not sure whether it would break something else. What problems will I have if I choose the apex domain for myhostname?

    • Xiao Guoan (Admin)
      2 years ago

      If you really want to use apex domain as myhostname, then you should set mydestination to the following value in part 3 (PostfixAdmin virtual mailbox)

      mydestination = mail.example.com localhost

      In part 3, you will add your apex domain to the virtual domain table in the database, so you can’t include your apex domain again in the mydestination parameter, which is for canonical domains.

    • Xiao Guoan (Admin)
      2 years ago

      My mail server runs other applications too, but I stick with the mail.example.com hostname. It won’t affect other applications on the same server.

      • Ross Johnson
        2 years ago

        Thanks for the replies. After more thought, I would prefer to use the hostname rather than the apex domain as you suggest. I’ve started working with my ISP to get the reverse DNS changed, but the person who setup the PTR record to my apex domain several years ago is no longer with the company. I am still hopeful that I can get this changed, but I might have to go back to using the apex domain since that’s what is currently in the PTR record. In any case, thanks again for your comments.

  • Charles
    2 years ago

    I’m having a problem at this point in the tutorial:

    echo “test email” | sendmail [email protected]

    I substitute my email, however I get the following response:

    -bash: sendmail: command not found

    This usually means something isn’t installed or I don’t have permissions. If I use sudo in front of the echo I get the same result

  • Charles
    2 years ago

    Solved the problem by creating a link between the sbin and bin directories …

    sudo ln -s /usr/sbin/sendmail /usr/bin/sendmail

  • Charles
    2 years ago

    Recommending using this site for external port scanning

    https://www.whatismyip.com/port-scanner/

  • Dazzrick
    2 years ago

    Hello!

    I’ve a dedicated server, he don’t have static ipv4, only a tunnel of te Hurricane Electric with ipv6. work http, when I run the nmap, te smtp port is enable, but in the TCP Port Scan he is Filtered. When I run:

    telnet gmail-smtp-in.l.google.com 25

    Shot this error:

    Trying 2800:3f0:4003:c03::1a...
    Trying 142.250.0.26...
    telnet: Unable to connect to remote host: Connection timed out
    
    • Xiao Guoan (Admin)
      2 years ago

      External port scanners can only tell if the inbound TCP port 25 is open.

      telnet: Unable to connect to remote host: Connection timed out

      This means the outbound TCP port 25 is blocked. You need to set up SMTP relay.

      • Ricardo
        2 years ago

        Mas quando eu tento conectar nele de outro cliente telnet na porta 25 ele funciona perfeitamente…

        • Ricardo
          2 years ago

          Sorry, wrong language…
          But when I try te connection with another telnet client in the 25 port he connect perfectly…

  • Santosh
    1 year ago

    The command below does not work.

    sudo ping 2607:f8b0:4005:808::2005

    Please suggest the one below

    sudo ping -6 gmail.com

    Thanks.

  • Hi,

    You write great tutorials!

    I am transferring my mail server to a new VPS and it has not been as easy his time. I have changed all the IPs and set Reverse DNS on the new VPS.

    I have set the hostname in /etc/postfix/main.cf and made other necessary modifications.

    I can send an email to my gmail address but when I send a reply I get error an message saying domain mydomain.localdomain couldn’t be found. I cannot find anywhere in any config files where mydomain.localdomain is set.

    Do you have any idea what the issue is?

    Thanks!

    • I would grep thru all the files for that.
      grep -rni “mydomain.localdomain” *

  • Hi,
    You write great tutorials!
    I have poor English, I hope I won’t disturb you
    I encountered an issue when using the email client. What is the username and password for my outgoing/incoming server? I followed the system username and password in the dovecot tutorial for receiving emails, but I am not sure about the username and password for the outgoing server.
    Another question is, what if I forget this password.
    Thank you!

    • i found that i use the root account to deploy the postfix, :(, do i have to repeat the steps again? Do you have any idea avoid the repeating, thanks for your help!

  • Hi,
    You state this is tested with debian 10 and 11, will this guide also be updated for debian 12?
    Since I updated my debian version, it seems like spamassassin won’t filter out spam anymore.

    btw, very nice guide! best there is.
    Thanks in advance!

  • Hi,

    I was wondering, could you add a part for adding DANE support / TLSA-records?

Leave a Comment

  • Comments with links are moderated by admin before published.
  • Your email address will not be published.
  • Use <pre> ... </pre> HTML tag to quote the output from your terminal/console.
  • Please use the community (https://community.linuxbabe.com) for questions unrelated to this article.
  • I don't have time to answer every question. Making a donation would incentivize me to spend more time answering questions.

The maximum upload file size: 2 MB. You can upload: image. Links to YouTube, Facebook, Twitter and other services inserted in the comment text will be automatically embedded. Drop file here