English - Spanish - Українська - (+)

Postfix/Dovecot/Rspamd (Email Server)

Available since: 22.6

About the Email Server

FreedomBox provides a complete email server solution using Postfix, Dovecot, and Rspamd. Postfix sends and receives emails. Dovecot allows email clients to access your mailbox using IMAP and POP3. Rspamd deals with spam. The following features are available:

Prerequisites

user@myserver:~$ nc freedombox.org 25
220 mx.sflc.info ESMTP Postfix (Debian/GNU)
^C

Installing

Go to the Apps menu.

If already installed, the Email Server will be shown above the Disabled line. This is likely not your case, but if it is, that means that the Email Server is already installed, so skip this step and jump to the next one.

If the Email Server is shown among the icons below the Disabled line, it is either not yet installed or it is currently disabled. This is the usual starting status.

Select the Postfix/Dovecot app. You are presented with the Postfix/Dovecot app page. If not installed yet you'll be shown the Install button. Click on it!

This will trigger the installation process.

After installing all needed software packages and configuring them, FreedomBox will tell you that the installation is successful and the app page will show additional content such as port information, configuration form and DNS settings.

Next time you go to the Apps Menu it will show the app enabled (above the disabled line).

Configuring the Email Server

  1. If you wish to send email to and receive mails from users on other email servers on the Internet, you need a proper domain. As explained in the Prerequisites section, either buy a domain from a registrar or obtain one from a Dynamic DNS provider. If you purchased a domain from a registrar add it in the System, Configuration page. If it is a Dynamic DNS, configured it in System, Dynamic DNS Client page.
  2. When a domain is added to FreedomBox, a TLS certificate is automatically obtained for the domain. This certificate is then used for encrypted communication with all the services that are configured with the domain. Go to System section, Let's Encrypt app page and verify that certificate has been successfully obtained for the domain. If not, click on the Obtain button and resolve any problems that show up. For successfully obtaining the certificate, your FreedomBox must be reachable from the Internet and your router, if any, must be configured to do port forwarding for the web ports (80, 443).

  3. After adding a domain to FreedomBox, visit the Email app page. In the Configuration section, select the configured domain as the primary domain for the purposes of sending and receiving email.

  4. After setting the primary domain, information will become available in the DNS Records section of the page. These are the records that must be manually configured on the domain. Login to your DNS provider's web interface for managing DNS records on your domain. There enter all the entries shown in the DNS records table.
    • The length of the value of DNS record for DKIM exceeds 255 characters in length. Typically, it must be broken into multiple values enclosed in the double quotes and separated by spaces. This is what FreedomBox does. If your DNS provider has a different way to enter these multiple values, consult their documentation.

    • All the records are assumed "under" the domain you are configuring but a full value can also be provided. For example, "Domain" value of "dkim._domainkey" means "dkim._domainkey.mydomain.example.". Use the latter form if necessary.
  5. Install Roundcube app if you want to access emails using a web interface. In Roundcube configuration, be sure enable option to "Use only the local mail server". This removes the server field in the login page and makes the app work without any further configuration.

Using the Email Server

As a user you can:

Once an admin has set up RoundCube configuration for it to work with the FreedomBox Email server you can log into RoundCube and start sending emails without the need for other email clients. Use the same login credentials to RoundCube that you use to log into the FreedomBox web interface.

With FreedomBox Webmail Client (RoundCube)

RoundCube email client is provided by FreedomBox as an optional app. If RoundCube has been installed before the email server, there is an option to make it work with FreedomBox's email server. Once both apps are installed, you have a complete webmail setup ready.

With Thunderbird

Open Thunderbird. Go to hamburger menu → New → Existing Mail Account. Enter a display name, your FreedomBox email address, and your FreedomBox password. Click continue.

FreedomBox implements the Automatic Account Configuration endpoint which Thunderbird will make use of.

Manual Configuration

Tell your email client to use these parameters:

STARTTLS on the SMTP submission port is also supported.

Email Aliases

Email aliases are useful for privacy. Now as FreedomBox email user (you don't need to be an administrator) you can have temporary throw-away and specific email addresses under your control. You can list, create and delete email aliases from the My Email Aliases shortcut in FreedomBox home page.

Email alias management page

Email alias management page

Mails to non-existent users, non-existent aliases, or system users will be rejected at the SMTP connection level.

Automatic Email Aliases

In addition to allowing users to create their own aliases, FreedomBox also sets up automatic aliases by appending a string to your user name with a '+' sign. If your mail address is myname@mydomain.example, then all myname+anystring@mydomain.example is an automatic alias to your email address. For example, when subscribing to a mailing list call foolist, you can provide your email address as myname+foolist@mydomain.example. When mail is sent to that address, it ends up in your mailbox of myname@mydomain.example. This is primarily useful for mail sorting and spam control.

Advanced: Troubleshooting

How to debug an action script failure? How to access the system log?

Open a secure shell connection to your FreedomBox. Type sudo journalctl -b -o short-monotonic --no-pager

Why does the server say "relay access denied"?

This is because Postfix was not aware of the email domain. To fix that,

  1. Ensure FreedomBox is aware of your internet domain name. If you don't have a domain name, skip to step 2.

    • Log into the FreedomBox web interface as an admin.

    • Go to System → Name Services

    • Add a domain name if you haven't done so.

Cannot send anything from Roundcube. It says "SMTP Error (250): Authentication failed".

Root cause: Roundcube tried to submit your email from an unencrypted connection, but ports 465 and 587 required SSL and STARTTLS encryption, respectively.

Solutions:

For RoundCube, edit the /etc/roundcube/config.inc.php file to make it use port 25 (unencrypted). Fix these settings:

$config['smtp_server'] = 'smtp://localhost';
$config['smtp_port'] = 25;

Notes:

If using another email client like Thunderbird, enforce SSL or STARTTLS usage by the email client.

Providing user feedback

Please provide your feedback on usage on this forum thread.

Technical info and discussion

FreedomBox email server was presented at Debconf21. Slides and video recording are available courtesy of the Debian Outreach team.

This salsa issue is driving the implementation. Feel free to join discussions and provide technical ideas.

Back to Features introduction or manual pages.


Intro

Information

Support

Contribute

Reports

Promote

Vision

Hardware

Live Help

Where To Start

Translate

Calls

Talks

Overview

Download

Q&A

To Do

Design

Releases

Press

Features

Manual

Contributors

Code

Blog

FreedomBox for Communities

FreedomBox Developer Manual

HELP & DISCUSSIONS: Discussion Forum - Matrix - Mailing List - #freedombox irc.debian.org | CONTACT Foundation | JOIN Project

Next call: Saturday, April 13 at 14:00 UTC

This page is copyright its contributors and is licensed under the Creative Commons Attribution-ShareAlike 4.0 International (CC BY-SA 4.0) license.


CategoryFreedomBox