Maddy: Difference between revisions
imported>Onny Add notes about SPF record |
imported>Onny Add info about spam filtering |
||
| Line 22: | Line 22: | ||
}; | }; | ||
}; | }; | ||
</nowiki>}} | </nowiki>}} | ||
| Line 57: | Line 56: | ||
mx1.example.org. 3600 IN TXT "v=spf1 mx ~all" | mx1.example.org. 3600 IN TXT "v=spf1 mx ~all" | ||
</syntaxhighlight> | </syntaxhighlight> | ||
=== Managing users and inboxes === | === Managing users and inboxes === | ||
| Line 64: | Line 64: | ||
# maddyctl creds create postmaster@example.org | # maddyctl creds create postmaster@example.org | ||
# maddyctl imap-acct create postmaster@example.org | # maddyctl imap-acct create postmaster@example.org | ||
</syntaxhighlight> | |||
=== Spam filtering === | |||
You can enable and use [[rspamd]] spam filtering daemon | |||
{{file|/etc/nixos/configuration.nix|nix|<nowiki> | |||
services.rspamd.enable = true; | |||
</nowiki>}} | |||
Add following <code>check</code> part to your Maddy configuration at the beginning of the section <code>msgpipeline local_routing</code> as referenced by the default config. | |||
<syntaxhighlight lang="json"> | |||
msgpipeline local_routing { | |||
check { | |||
rspamd | |||
} | |||
[...] | |||
</syntaxhighlight> | </syntaxhighlight> | ||
[[Category:Mail Server]] | [[Category:Mail Server]] | ||
Revision as of 19:11, 2 August 2022
Maddy is a composable, modern mail server written in Go. It includes everything required to manage users, inboxes, send and receive mails while supporting all important secure protocols and standards.
Installation
The following example enables the Maddy mail server listening on mail delivery SMTP/Submission ports (25, 587) and IMAP/IMAPS ports (143/993) for mail clients to connect to. The server is configured to send and receive mails for the primary domain example.org.
/etc/nixos/configuration.nix
services.maddy = {
enable = true;
openFirewall = true;
primaryDomain = "example.org";
tls = {
certPath = /var/lib/acme/example.org/example.org.crt;
keyPath = /var/lib/acme/example.org/example.org.key;
};
imap = {
port = 143;
tlsEnable = true;
tlsPort = 993;
};
};
TLS certificates can be obtained by using services like certbot or the acme service. Please reference their documentation on how to configure it to acquire the certificates.
Configuration
DNS records
Ensure that the domain you're going to use has MX DNS records probably configured. They should point to the correct public IP addresses of your server running Maddy.
# dig MX example.org
;; ANSWER SECTION:
example.org. 3364 IN MX 0 mx1.example.org.
# dig A mx1.example.org
;; ANSWER SECTION:
mx1.example.org. 3392 IN A 8.8.8.8
# dig AAAA mx1.example.org
;; ANSWER SECTION:
mx1.example.org. 3364 IN AAAA 2001:db8:85a3:8d3:1319:8a2e:370:7348
Consult your domain provider on how to configure these records.
An other record called SPF should also be present, telling that only servers in the MX are allowed to send mails for this domain
# dig TXT example.org
;; ANSWER SECTION:
example.org. 3600 IN TXT "v=spf1 mx ~all"
# dig TXT mx1.example.org
;; ANSWER SECTION:
mx1.example.org. 3600 IN TXT "v=spf1 mx ~all"
Managing users and inboxes
Creating credentials and inboxes for a specific account. The first command creates the user postmaster@example.org and will prompt for a password.
# maddyctl creds create postmaster@example.org
# maddyctl imap-acct create postmaster@example.org
Spam filtering
You can enable and use rspamd spam filtering daemon
/etc/nixos/configuration.nix
services.rspamd.enable = true;
Add following check part to your Maddy configuration at the beginning of the section msgpipeline local_routing as referenced by the default config.
msgpipeline local_routing {
check {
rspamd
}
[...]