A Server (Almost) of Your Own
[usera@ws]$ telnet MY.VPS.IP.ADDRESS 25 Trying MY.VPS.IP.ADDRESS Connected to MY.VPS.IP.ADDRESS. Escape character is '^]'. 220 first.domain ESMTP HELO example.com 250 first.domain MAIL FROM: email@example.com 250 Ok RCPT TO: firstname.lastname@example.org 250 Ok DATA 354 End data with <CR><LF>.<CR><LF> This is a test . 250 Ok: queued as MESSAGEID QUIT 221 Bye Connection closed by foreign host.
Use Listing 2 as a guide to run the following tests:
Connect to port 25 of your VPS from an outside machine, such as your workstation. Verify that Postfix accepts messages for each e-mail address you intend to use. Then, make sure the right users are receiving the messages. See the following discussion for details.
Connect again from the outside, and check that Postfix will refuse to relay mail to other systems. Use an e-mail account that you have on some other system as the destination, just in case. It is very important that your MTA refuse any relay requests from external machines. Otherwise, spammers will quickly discover that they can route their junk e-mails through your system.
Using telnet from a shell prompt on your VPS itself, check that the MTA will relay mail to remote servers. Use your own e-mail account on some other system as the destination. Note that the remote MTA may refuse to accept the message, because your system is not live yet, so reverse DNS lookups will not yield the right result.
You can verify that a user on the VPS has received mail with the mail command. Here is an example that checks the mail for maila:
[root@myvps ~]# mail -u maila
The mail command is a simple mail reader. Type h to view the received messages, then type the number of the message to view it. Press the spacebar to scroll through the message. You also can scroll through the message with the Enter key, but it will start viewing the next message after it gets to the end of the current one. You can type q to stop viewing a message. When you are not viewing a message, typing q will exit mail. The ? key brings up a help screen.
When everything is working as it should, tell your initialization scripts to launch Postfix automatically on system reboot:
[root@myvps ~]# chkconfig --add postfix
In this article, we discuss two methods for reading your mail. One is to download the mail to your workstation. The other is to leave it on the VPS and use a Web-based solution to view the messages through your browser. You can use both methods together.
The first approach requires the POP3 protocol, and the second needs IMAP. On Fedora, the simplest way to get both is to install Dovecot:
[root@myvps ~]# up2date --install dovecot
When the installation finishes, edit /etc/dovecot.conf. Find the protocols directive and replace it with the following. Do not delete the original line, but comment it out for future reference:
#protocols = imap imaps pop3 pop3s protocols = pop3 imap
As a security precaution, configure both POP3 and IMAP to accept requests only from the VPS itself. Once again, do not delete the original code, but leave it commented out for future reference:
#imap_listen = [::] imap_listen = [127.0.0.1] #pop3_listen = [::] pop3_listen = [127.0.0.1]
Start dovecot, and add it to your system's initialization scripts:
[root@myvps ~]# /etc/init.d/dovecot start Starting Dovecot Imap: [ OK ] [root@myvps ~]# chkconfig --level 345 dovecot on
We will be using SSH tunneling to read and send mail securely from your workstation. With SSH tunneling, you can temporarily map ports on the VPS to available ports on the workstation. All communication on the mapped ports takes place over an encrypted tunnel.
Give the following command on your workstation. Use your VPS's IP address if you did not add an entry for myvps in the /etc/hosts file on your workstation:
[usera@ws ~]$ ssh -Nf maila@myvps \ -L 2525:localhost:25 -L 2110:localhost:110
The user maila must have shell access to the VPS. You will be prompted for maila's password.
This tunnel maps ports 25 and 110 on the VPS to ports 2525 and 2110 on the workstation, respectively. If you are already downloading your inbound mail using POP3 and sending your outbound mail through an ISP's mail server, you will require very few changes to your mail client's configuration.
Simply set your POP3 server as localhost with port 2110, and your outbound mail server to localhost with port 2525. You even can leave your outbound mail settings unchanged, unless you plan to cancel the account at the ISP whose mail server you are currently using. Here are specific instructions for two popular e-mail clients.
If you use Mozilla Thunderbird, select Account Settings... from the Edit menu. Add a new account by clicking the Add Account... button in the dialog box, and follow the prompts in the Account Wizard. After you create the new account, click on its Server Settings list item in the left pane to configure the POP3 server and port. Figure 1 shows the screenshot. Red-colored highlights indicate the most important parameters.
You also can configure Thunderbird's outgoing mail server from the same Account Settings dialog box. Click on Outgoing Server (SMTP) in the left pane of the dialog. Figure 2 shows the resulting screenshot. Remember to uncheck the Use name and password check box.
Another popular mail client is Mutt. A typical Mutt-based configuration uses Fetchmail to download the mail, Procmail to sort it into mailboxes and ssmtp to deliver the outbound mail. See Listing 3 for an example .fetchmailrc file and Listing 4 for an example ssmtp.conf file. Both use the SSH tunnel that we created earlier. Do not forget to change the code in Listing 3 to reflect your correct user names and passwords.
|PostgreSQL, the NoSQL Database||Jan 29, 2015|
|HPC Cluster Grant Accepting Applications!||Jan 28, 2015|
|Sharing Admin Privileges for Many Hosts Securely||Jan 28, 2015|
|Red Hat Enterprise Linux 7.1 beta available on IBM Power Platform||Jan 23, 2015|
|Designing with Linux||Jan 22, 2015|
|Wondershaper—QOS in a Pinch||Jan 21, 2015|
- PostgreSQL, the NoSQL Database
- Sharing Admin Privileges for Many Hosts Securely
- HPC Cluster Grant Accepting Applications!
- Internet of Things Blows Away CES, and it May Be Hunting for YOU Next
- Designing with Linux
- Red Hat Enterprise Linux 7.1 beta available on IBM Power Platform
- Wondershaper—QOS in a Pinch
- Ideal Backups with zbackup
- Slow System? iotop Is Your Friend
- January 2015 Issue of Linux Journal: Security
Editorial Advisory Panel
Thank you to our 2014 Editorial Advisors!
- Jeff Parent
- Brad Baillio
- Nick Baronian
- Steve Case
- Chadalavada Kalyana
- Caleb Cullen
- Keir Davis
- Michael Eager
- Nick Faltys
- Dennis Frey
- Philip Jacob
- Jay Kruizenga
- Steve Marquez
- Dave McAllister
- Craig Oda
- Mike Roberts
- Chris Stark
- Patrick Swartz
- David Lynch
- Alicia Gibb
- Thomas Quinlan
- Carson McDonald
- Kristen Shoemaker
- Charnell Luchich
- James Walker
- Victor Gregorio
- Hari Boukis
- Brian Conner
- David Lane