An Ubuntu VPS on Slicehost: Mail

2008-06-10T00:00:00-07:00

As mentioned previously, I’ve recently moved this domain over to Slicehost. What follows is Part Three of a guide, compiled from my notes, to setting up an Ubuntu Hardy VPS. See also Part One, Part Two, and Part Four.

Last week I moved this domain’s email to Google Apps. Slicehost has a guide to creating MX records for Google Apps. I have a couple other domains with Google Apps, along with a couple domains hosted locally with addresses that simply forward to my primary, Google hosted, email. I also need to send mail from the server. To accomplish all of this, I use Postfix.

Installing Postfix is a simple matter. Telnet is used quite a bit for testing, so I install that too:

1	`$ sudo aptitude install postfix telnet mailutils`

The Postfix setup will ask how it should be installed – we want the “Internet Site” option – and then ask you for your fully qualified domain name.

Done? Let’s make sure Postfix is running:

1	`$ telnet localhost 25`

If it’s working Postfix should return:

Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 localhost ESMTP Postfix (Ubuntu)

Let’s send a test message from root to the user account user (replace that with whatever your standard user is):

ehlo localhost
mail from: root@localhost
rcpt to: user@localhost
data
Subject: Test
Hi, is this thing on?
.
quit

Now, check your email as user by running mail. See the message? Good.

Open /etc/postfix/main.cf to make sure that Postfix knows what domains it’s receiving mail for. To do this, edit the mydestination variable to include all the proper domains. For me, the name of my server looks like server.mydomain.com. I want Postfix to accept mail for that domain, but not for mydomain.com (since that’s being handled by Google Apps), so mine looks like:

mydestination = server.mydomain.com, localhost.mydomain.com , localhost

Restart Postfix if you made any changes:

1	`$ sudo /etc/init.d/postfix restart`

Right. Now let’s send another test. Notice this time we’re using full domain names, instead of localhost:

$ telnet server.mydomain.com 25

ehlo server.mydomain.com
mail from: root@server.mydomain.com
rcpt to: user@server.mydomain.com
data
Subject: domains!
woot... I think this works.
.
quit

Working? Good.

Let’s test from the outside. The first step is to open up the correct ports in the firewall. Assuming you have iptables configured in the way the Slicehost article suggests, open up your /etc/iptables.test.rules and add the following:

# Allow mail server connections
-A INPUT -p tcp -m state --state NEW --dport 25 -j ACCEPT

Now let’s apply the rules:

1	`$ sudo iptables-restore < /etc/iptables.test.rules`

Make sure everything looks dandy:

1	`$ sudo iptables -L`

If it meets your fancy, save the rules:

$ sudo -i
$ iptables-save > /etc/iptables.up.rules

And now, from your local computer, let’s test it out.

$ telnet server.mydomain.com 25

ehlo server.mydomain.com
mail from: root@server.mydomain.com
rcpt to: user@server.mydomain.com
data
Subject: remote connection test
Hello, you.
.
quit

Now check your mail on the mail server as before. Once again, everything should be working.

Now we need to setup a virtual domain. Remember, I don’t want any virtual users. I only want aliases at a virtual domain to forward to my primary email address. That makes this relatively simple. (Be very, very happy. You should have seen this guide before, when I was still hosting virtual domains with virtual users!) Open up /etc/postfix/main.cf and add the following:

virtual_alias_domains = myvirtualdomain.com
virtual_alias_maps = hash:/etc/postfix/virtual

Create the /etc/postfix/virtual file referenced above and add the aliases:

alias@myvirtualdomain.com       user@mydomain.com

Turn it into a database:

$ cd /etc/postfix
$ sudo postmap virtual

Restart Postfix:

1	`$ sudo /etc/init.d/postfix restart`

Attempt to send an email to the new alias at the virtual domain:

$ telnet server.mydomain.com 25
ehlo server.mydomain.com
mail from: root@server.mydomain.com
rcpt to: alias@myvirtualdomain.com
data
Subject: virtual domain test
I hope this works!
.
quit

The message should now be in your primary email inbox!

As long as we’re setting up forwards, let’s forward system account mail to somewhere where it’ll actually get read. To do so, create a ~/.forward file with the following contents:

user@mydomain.com

Let’s also create a /root/.forward, so that roots mail gets forwarded to my local account (where it is then forwarded to my primary email). Root’s forward would simply read:

user

Next up: install Wordpress with rewrites. (Previously, we did a basic setup and installed a web server.)

Google Apps

2008-06-09T00:00:00-07:00

Last week I outsourced my email to Google Apps.

For years, my paranoia has prevented me from moving my mail. I never liked the idea of Google parsing through each message for keywords to generate ads. In fact, I usually don’t even allow Google to cookie me. But now most of my regular email contacts have started using GPG. Enough of my mail is now encrypted that I’m comfortable with Google.

I haven’t decided yet if I prefer the Gmail interface or Thunderbird. In the web interface, I use FireGPG for signing and d/encrypting, which of courses places signatures inline. Since I’m jumping back and forth between that and Thunderbird/Enigmail, in order to maintain some measure of consistency, I’ve told Enigmail to sign inline instead of using PGP/Mime. It is a bit annoying, and will probably frighten the sheeple, but that’s the way it is for now.

So, please encrypt all email. And if you don’t, be aware that Google is reading it.

pig-monkey.com - google apps

An Ubuntu VPS on Slicehost: Mail

Google Apps