Raspberry Pi mail server: using Raspberry Pi to manage e-mails
Raspberry Pi provides a basis for many useful as well as educational projects. You can use it for home automation or set up a media center with it. Moreover, a mail server can also be installed on this small computer. If you set up a Raspberry Pi e-mail server, you won’t just learn about the structure and functions of the required programs, but also how to gain more control over your messages.
But where there is light, there is also shadow: this private mail server is no exception. Problems often occur when sending messages on a private e-mail server in particular. We will clarify the possible uses as well as advantages and disadvantages of this kind of server, and show you how to set up Raspberry Pi as a mail server in our tutorial.
Problems with the IP address of a private mail server
Before you begin setting up the Raspberry Pi mail server, you should be aware of the following: an independent e-mail server is not generally an equivalent substitute for one from a commercial e-mail provider. This is mainly due to the fact that most internet connections do not use a static IP address. For a mail server to be able to operate, it must of course be connected to the internet. A professional e-mail server uses an internet connection that has at least one static (fixed) IP address. This non-changing address for internet access ensures that the server is permanently addressable and accessible. However, most internet connections only have a dynamic IP address, which means that the address is constantly changing (usually after 24 hours at the latest). This heavily limits sending messages via your own mail server: the recipient’s e-mail server often views messages as spam mails if they are sent via an internet connection with a dynamic IP address. This is due to the fact that spammers often use dynamic IP addresses to send their annoying messaged since the constantly-changing address prevents them from being easily located. In addition, e-mails sent directly from computers and their dynamic IP addresses often don’t come from the computer itself, but rather from Malware, which has managed to infiltrate the system. Many spam filters used by e-mail servers generally regard changing IP addresses as untrustworthy due to the above mentioned reasons. An internet connection with a dynamic IP address is only partially suitable for sending messages via a mail server. Even the e-mail server presented in this tutorial does not constitute a full-fledged mail server in this respect. However, with some restructuring and/or monthly costs, this e-mail server can be upgraded to a conventional e-mail server.
Pros and cons: when does a private mail server become profitable?
The difficulties faced with using a dynamic IP address is the biggest disadvantage of having a private mail server. It’s therefore not advisable to use this kind of server as an everyday e-mail server since most of your messages will end up in the recipient’s spam folder. But even if its aim isn’t to replace your existing e-mail service, a separate mail server can be worth it.
If you are primarily interested in studying the configuration and administration of an e-mail server, it is really worth setting up your own e-mail server. For this purpose, there is hardly a better and more cost-effective learning environment than Raspberry Pi. You can also use your own mail server if you want to have absolute data integrity over your e-mails on an internal network (for example, within a company or an organization). A mail server on a local network ensures that that exchanged information is stored solely on the hard drive of the sender, recipient, and their mail servers.
In a time where data protection is a hot topic, a dedicated internal mail server provides a secure way to store your messages. This is because only network administrators have access to the complete e-mail archive rather than an e-mail service provider whose mail server is used for processing the message dispatch. The following is a detailed list of the pros and cons of a Raspberry Pi e-mail server:
Set up your own professional email server in the blink of an eye. You benefit from large and expandable storage space, your own domain, automatic encryption as well as calendar and office functions or email archiving. IONOS also offers the highest security standards in ISO-certified data centers.
Pros
- Within an internal network, you are the only one that has access to the complete e-mail archive. Messages are left on the server and others can only read them if you give them consent.
- Even aside from an internal network it is possible to prevent others from reading your e-mails: for this purpose, however, senders and recipients need a private mail server. Provided that the recipient of your mails also has a self-managed e-mail server without connection to an e-mail provider, all exchanged data will be stored exclusively on the two private mail servers.
- The use of e-mail encryption is recommended for protecting your data when it’s being sent between two private mail servers. With regards to data security, a self-hosted mail server offers another advantage: if the mail traffic runs through the server from one or more e-mail service providers, the provider can still read the header data associated with the messages. This is despite the sender and recipient using PGP encryption since this data is always open with PGP. If both sides use their own e-mail server, you and your communication partner avoid this data protection gap – your message exchange remains private and unauthorized people cannot read it.
- You control the mail system yourself without exception and can, therefore, customize the settings of the mail server software. In addition, there are barely any restrictions on the size of the file attachments or on the general storage volume of your e-mail accounts (as long as you have enough disk space so that you can connect to the mail server computer).
- You can synchronize your data (such as e-mails via IMAP, contacts via CardDAV, or calendars via CalDAV) so that all devices, which have access to the mail server, have the same file sets.
- For domains linked to the mail server, you can create various e-mail addresses if desired.
- You don’t receive any ads from your e-mail provider.
Cons
- A separate server means putting in more effort where security is concerned. In this respect, a mail server is no exception since it’s permanently online and can be attacked. You need to ensure that the software is updated and that you monitor safety programs to make sure hackers cannot access your server (and then use it to send spam e-mails). When managing a publicly accessible e-mail server, you must therefore be familiar with security standards and keep broadening your knowledge.
-
As previously mentioned, outbound e-mails sent via an internet connection with a dynamic IP address will most probably be seen as spam by the recipient’s mail server and will end up in the spam folder. There are two ways to prevent this from happening:
-
You rely on another (commercial) mail server, for which you already have an e-mail address, to send e-mails. If you have already set up your own mail server, you can use an e-mail program that is connected to it so that another e-mail provider’s server is responsible for sending e-mails instead of your own server.
Disadvantage: this procedure is at the expense of your data privacy. This is because the e-mail provider’s service intervenes by storing outbound messages on its server, which can then be read by others -
You request a static IP address for your internet access. This is so that your private mail server looks similar to a professional one – even though it’s possible that your static address first has to acquire a certain reputation with other servers. Many mail servers are initially skeptical about new e-mail servers that send them messages: you must first prove that your server isn’t being used to send spam.
In order to be able to operate a fully-fledged e-mail server, you need at least one static IP address for your internet access:
-
A mail exchange resource record (abbreviated to MX record) for the domain in use. This is an entry in the Domain Name System (DNS), which identifies your mail server as the server responsible for receiving e-mails on a particular domain.
- A PTR resource record (PTR record), where an IP address is resolved to the corresponding name via the 'reverse lookup' in the DNS.
However, an internet connection with a static IP address is not always easy to maintain – it often requires much higher costs for connecting to the internet -
-
- The spam filters of private mail servers are less effective than those of established e-mail providers, whose filtering system is better developed and can identify and sort spam more easily. However, you can use these programs to improve the spam protection of your own mail server.
Requirements for your own mail server
Of course, you need at least one e-mail address that you can freely use. Use this to register a domain. Since it’s assumed that you have a dynamic IP address (which is normally the case), we will explain how to install a mail server on your Raspberry Pi with this one IP address. Besides a computer, you will need the following for a Raspberry Pi e-mail server:
- The Raspbian operating system,
- A (micro) SD memory card (should be at least 4 GB – more is better)
- A permanent internet connection (ideally through a network cable, otherwise via WiFi)
- A permanent power supply for the Raspberry Pi (via Micro USB power supply)
- For remote access to the Raspberry Pi terminal, a computer with SSH client software (such as PuTTY or OpenSSH), which is connected to the Raspberry Pi (simply specify the Raspberry Pi’s IP address in the SSH client).
or a screen and input devices for the terminal operation, if you do not want to use an SSH client. You can also use another storage medium (such as a USB memory stick or an external hard drive), in case you want to have more space on the mail server. So that a mail server can be continuously online, it must always be accessible at the same address on the internet. Because of this a static IP address is optimal for your internet connection, it is not readily available. Alternatively, you can also use services that offer (often free) dynamic DNS (DDNS). Via DDNS, you issue a domain name to your mail server. With a program this domain name is then always linked to the current IP address of your internet connection and therefore acts as the e-mail server’s permanent address. A similar function is already integrated in some network routers (e.g. Cisco routers – instructions on how to set up a dynamic DNS can be found on the manufacturer’s site.
Setting up Raspberry Pi e-mail server
Before setting up the e-mail server, establish a static private IP address within your network for the Raspberry Pi. A mail server is controlled via an IP address in the network, exactly like a website. In order to always be accessible from all other e-mails servers, the server needs the same address permanently. This fixed IP address within a local network is not to be confused with the previously discussed static IP address of an internet connection.
Determining a private IP address
In your local network, the Raspberry Pi mail server requires a static private IP address to manage inbound and outbound e-mails at all times. However, since the Raspberry Pi is usually assigned only one dynamic IP address in your local network, you issue one static IP address to the Raspberry Pi.
In order to change the local IP address of the Raspberry Pi, you first need to know the current (dynamic) IP address. For example, when you’re on the desktop of the Raspbian operating system you can use the mouse to hover over the internet icon which will then show you the IP address. In our tutorial we use 192.168.0.3 as the original dynamic IP address of the Raspberry Pi.
Right-click on the internet icon to select the WiFi settings and then click on 'eth0' in the drop-down menu. In the field provided, enter the IP address’ first three sequences of numbers (separated by dots) – in our example, it would be 192.168.0. Now add a number that hasn’t yet been used for any other device within your network into the last field. In general, all numbers above 100 are reserved for static IP addresses. In our tutorial we use the IP address, 192.168.0.101. After you set the static private IP address, re-start the Raspberry Pi.
Installing Citadel/UX on the Raspberry Pi as a mail server
In the following step, you should set up the mail server on the Raspberry Pi. For this, we use the groupware Citadel/UX that supports SMTP as a mail server, as well as contains an IMAP and POP3 server. Citadel additionally offers a calendar, address book, and task functions, as well as this WebMail interface. Perform the set up in the terminal and update all installed packages with the following command lines:
sudo apt-get update
sudo apt-get upgrade
Citadel is pre-configured so that IPv4 and IPv6 are set as the default transfer protocols. As soon as the program detects that no IPv6 is online, the installation process is aborted. You can use this command to activate the protocol
sudo modprobe ipv6
and then set up Citadel with the following command line:
sudo apt-get install citadel-suite.
On the following screen, make sure that the server is waiting for requests at all addresses by accepting the default address 0.0.0.0. Follow additional prompts that allow you to use an internal database for Citadel’s password management. Additionally, define the admin username (you can simply accept the 'admin' suggestion), as well as the corresponding password. Now you have to decide whether you want to use Citadel with the internal (included in the groupware) web server, Webcit, or to link to a pre-installed Apache web server with Citadel. The latter is a reasonable option if you have already completed our tutorial on setting up an Apache web server on a Raspberry Pi. We will therefore explain how to set up an internal web server, and assume that you are using the usual recommended ports for a mail server (set port forwarding for HTTP port 80 and HTTPS port 443). The Webcit web server can be run in different languages.
Setting up Citadel mail server
Now start Citadel in the terminal using this command:
sudo service citadel start
In your web browser, enter the static private IP address of your Raspberry Pi (in our example, 192.168.0.101), which will open the Citadel mail server. However, you cannot log into the program just yet because you first have to set up Citadel so that it uses IPv4 instead of IPv6. To do this, go back to the terminal and use the command for the Citadel setup
sudo /usr/lib/citadel-server/setup
and log in as admin. Keep the username 'citadel' and enter the address 0.0.0.0 again. The rest of the setup settings stay as they are. The final step is to re-start Citadel so that all changes are saved.
Connect the Citadel mail server with Raspberry Pi
If you open Citadel again in the browser via the Raspberry Pi IP address, you should now be able to log in with your admin username and password. Select 'Administration' from the menu bar on the left and click on 'Edit System Settings' under 'Global Configuration'. In this tutorial, we will merely set up the Simple Mail Transfer Protocol (SMTP) that you need in order to send messages. In order to receive and retrieve messages, you also need to configure IMAP or POP3 in a similar manner Select the menu option 'SMTP' and here you’ll see three ports used by the Citadel mail server. To make sure that you can use these, you must first ensure that they are opened by your router. It’s advisable to note the three port numbers and then configure your router. In case you don’t know its address, enter the command 'ipconfig' in the Windows prompt and call up the address specified under 'Standard gateway', which is usually 192.168.0.1 or 192.168.178.1. Log into the router’s configuration page. If you haven’t defined an individual user name or password in the past, you can find lots of various models and their standard settings on RouterPasswords.com. As soon as you are in the router’s configuration settings, go to the menu for port forwarding. Here, enter the Raspberry Pi’s IP address – including the numbers of the three ports. You should also create port 80 for your webmail interface. Now all the standard features in Citadel are configured so that the program can be used as a mail server.
Connecting the domain name with the mail server’s IP address
In order to make the Raspberry Pi mail server permanently accessible via an address online, log onto a DDNS service, register a corresponding domain name and finally connect it with Citadel. You must register the domain name as 'DNS Host (A)' with your current IP address, which your provider assigned to you. You can find this IP address, for example, from www.whatsmyip.org or similar online services. If you enter the registered domain name into your browser, the Citadel mail server page will open. Now you just have to go to the 'Administration' menu and select 'Domain names and Internet mail configuration'. Enter the domain name under 'Aliases for this machine', then finally go to 'Edit system preferences' via 'Administration'. When here, delete the node name and instead enter your domain name under 'Fully qualified domain name'. Once you have saved the settings, click on 'Administration' again to re-start the Citadel mail server. Now you’ve finally made it: your private mail server is ready for use and can be operated via the installed web mailer. You can, of course, use it with another e-mail program (Thunderbird, Outlook, etc.) and expand Citadel’s range of functions.
Conclusion: what is your own Raspberry Pi mail server suitable for?
If you use the Raspberry Pi as a mail server in combination with an internet connection that has a static IP address, you come as close as possible to a professional mail server. In this case, it is advisable to enter not only the above-mentioned mandatory entries (PTR and MX record), but also an SPF resource record and DKIM (DomainKeys Identified Mail). This reduces the likelihood of your Raspberry Pi e-mail server deciding that e-mails from other mail servers are spam. However, as mentioned above, a mail server first needs to build up a reputation so that messages it sends will be less likely to be considered as spam, which is difficult to achieve on private servers with comparatively low activity.
If your internet connection only has a dynamic IP address, you can set up the Raspberry Pi mail server via DDNS, at least with the basic functions – even if your mails are likely to frequently end up in the recipient’s spam folder. Therefore, it is important to let the recipient know that they should configure their spam filter so that your e-mails don’t end up in the spam folder. This is usually only worth it if a manageable group of people (such as within a company, work group, etc.) is to be reached via the mail server. However, if all recipients are connected to the same local network, creating an internal mail server especially pays off.
One of the biggest advantages of your own e-mail server not being connected to an e-mail provider is complete data integrity. If it’s not that important for you to set up and operate your own e-mail server, the effort and cost of managing and updating the server isn’t worth it. In this case, using a larger mail provider for e-mail traffic is usually the better option. Otherwise, technology enthusiasts and those curious to learn could benefit from a private mail server if they want to understand the technology behind an e-mail server with Raspberry Pi.