A Server (Almost) of Your Own

 in
Set up a virtual host for e-mail on your virtual private server.
Listing 3. The .fetchmailrc Configuration File
set postmaster "usera"
set no bouncemail
set no spambounce

poll localhost with protocol POP3 and port 2110
and options no dns:
   user "maila" there is usera here and wants
   mda "/usr/bin/procmail -d %T" options fetchall
         password "MAILA'S VPS PASSWORD"
Listing 4. The ssmtp.conf Configuration File
# The person who gets all mail for userids < 1000
# Make this empty to disable rewriting.
root=postmaster

# The place where the mail goes. The actual machine
# name is required; no MX records are consulted.
mailhub=localhost:2525

# The full hostname
hostname=localhost

# The "From" line sender address will override any
# settings here.
FromLineOverride=YES

Finally, note that you need to set up the SSH tunnel again every time you reboot your workstation. There are many ways to automate the process, but it is beyond the scope of this article to discuss them.

How to Read and Send Mail over the Web

The Fedora Linux distribution provides a Web-based e-mail interface that requires very little work to configure. It is based on SquirrelMail and Apache. Web mail is an easy way to support Windows clients. It also does not require shell access on the VPS.

First, install SquirrelMail:

[root@myvps ~]# up2date --install squirrelmail

This process also installs several other packages that SquirrelMail requires. Next, enable secure https access by installing mod_ssl:

[root@myvps ~]# up2date --install mod_ssl

You must disable unsecure http access to SquirrelMail. Edit the file /etc/httpd/conf.d/squirrelmail.conf, and append the following lines:

<LocationMatch "/webmail">
SSLRequireSSL
</LocationMatch>

Now, start the Apache Web server:

[root@myvps ~]# /etc/init.d/httpd start

Connect to https://MY.VPS.IP.ADDRESS/webmail. Your browser will warn you about the SSL certificate—just accept it permanently, and you will not be warned again. The only way to avoid this error altogether is to use a certificate signed by a recognized Certificate Authority (CA). The CA will need to verify your identity and also will charge an annual fee for signing the certificate.

After accepting the certificate, you should be able to log in as any of the mail users that you have created earlier. If a particular mail user—for example mailb—does not need shell access, disable it with the following command:

[root@myvps ~]# usermod -s /sbin/nologin mailb

Do not forget to add the Apache Web server to your startup environment:

[root@myvps ~]# chkconfig --level 345 httpd on

Your Web mail users should click on the Options link in the SquirrelMail interface and configure their account information. Otherwise, SquirrelMail will format their messages with something like mailb@localhost.localdomain in the From field. This certainly will confuse anyone who receives such a message.

Conclusion

This article has covered one of the most difficult aspects of switching to a VPS account—setting up your e-mail. As you have seen, e-mail service is provided by a collection of several different programs working together. There are many other ways to configure this service. Unfortunately, it would require a lengthy book to describe and compare them all. This article tries to provide a simple solution with good security that a new VPS user can implement quickly.

Welcome to the world of VPS hosting—the server that is (almost) your own.

Acknowledgements

The author wishes to acknowledge Sean Reifschneider and Evelyn Mitchell of tummy.com, LTD., for generously providing a VPS account used to test the examples presented here, as well as their valuable comments on this article.

Resources for this article: /article/9380.

George Belotsky is a software architect who has done extensive work on high-performance Internet servers, as well as hard real-time and embedded systems. His technology interests include C++, Python and Linux. He is also the author of the Flightdeck-UI Open Source Project, which uses the ideas from aircraft instrumentation to implement computer user interfaces. You can reach George at questions@openlight.com.

______________________

Comments

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

The articles is good,

elf's picture

The articles is good, however when it comes about email I think qmail offers more flexibility. From my experience I found Debian to be more apropriate for VPS than Fedora.

great article :)

statistik-tutorial's picture

Since I prefer postfix, too and use it together with dovecot I found this article very helpful. I think postfix together with dovecot is easy to configure and flexible enough for most tasks. Though it's a matter of personal taste as always.

the article is very good :P

Pedro Simões's picture

I desagree with that i prefer postfix than qmail much easier to personalize and resolving problems and qmail u allways to have a patch to fix something or add something.....

Helpful

Tattoo Design's picture

The article is very informative.....thanks for providing such an in depth knowledge

Webinar
One Click, Universal Protection: Implementing Centralized Security Policies on Linux Systems

As Linux continues to play an ever increasing role in corporate data centers and institutions, ensuring the integrity and protection of these systems must be a priority. With 60% of the world's websites and an increasing share of organization's mission-critical workloads running on Linux, failing to stop malware and other advanced threats on Linux can increasingly impact an organization's reputation and bottom line.

Learn More

Sponsored by Bit9

Webinar
Linux Backup and Recovery Webinar

Most companies incorporate backup procedures for critical data, which can be restored quickly if a loss occurs. However, fewer companies are prepared for catastrophic system failures, in which they lose all data, the entire operating system, applications, settings, patches and more, reducing their system(s) to “bare metal.” After all, before data can be restored to a system, there must be a system to restore it to.

In this one hour webinar, learn how to enhance your existing backup strategies for better disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible bare-metal recovery solution for UNIX and Linux systems.

Learn More

Sponsored by Storix