Haack's Wiki

User Tools

Site Tools

Trace:
computing:mailserver-trixie

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision		Previous revision
computing:mailserver-trixie [2025/05/31 18:36] – created oemb1905computing:mailserver-trixie [2025/06/05 19:05] (current) oemb1905
Line 13: Line 13:
 This tutorial is for users of Debian GNU/Linux who want to set up a proper email server. This particular version is a work in progress and will contain adjustments needed for Trixie. So far, I've found the following differences: This tutorial is for users of Debian GNU/Linux who want to set up a proper email server. This particular version is a work in progress and will contain adjustments needed for Trixie. So far, I've found the following differences:
  
-``` +  # Editing authentication settings 
-# Editing authentication settings +  sudo nano /etc/dovecot/conf.d/10-auth.conf 
-sudo nano /etc/dovecot/conf.d/10-auth.conf +  auth_username_format = %{user|username|lower} 
-auth_username_format = %{user|username|lower} +  #auth_username_format = %n 
-#auth_username_format = %n +  # Editing mailbox location settings 
-# Editing mailbox location settings +  sudo nano /etc/dovecot/conf.d/10-mail.conf 
-sudo nano /etc/dovecot/conf.d/10-mail.conf +  mail_driver = maildir 
-mail_driver = maildir +  mail_path = ~/Maildir 
-mail_path = ~/Maildir +  mail_inbox_path = ~/Maildir/.INBOX 
-mail_inbox_path = ~/Maildir/.INBOX +  #old one was 
-#old one was +  #mail_location = mbox:~/mail:INBOX=/var/mail/%u 
-#mail_location = mbox:~/mail:INBOX=/var/mail/%u +  #mail_location = maildir:~/Maildir 
-#mail_location = maildir:~/Maildir +  # Editing SSL/TLS settings 
-# Editing SSL/TLS settings +  sudo nano /etc/dovecot/conf.d/10-ssl.conf 
-sudo nano /etc/dovecot/conf.d/10-ssl.conf +  #new format for cert and key, longer name, removes the classic “<” character 
-#new format for cert and key, longer name, removes the classic “<” character +  ssl_server_cert_file = /etc/letsencrypt/live/mail.outsidebox.club/fullchain.pem 
-ssl_server_cert_file = /etc/letsencrypt/live/mail.outsidebox.club/fullchain.pem +  ssl_server_key_file = /etc/letsencrypt/live/mail.outsidebox.club/privkey.pem 
-ssl_server_key_file = /etc/letsencrypt/live/mail.outsidebox.club/privkey.pem +  #comment out diffy helman, now deprecated 
-#comment out diffy helman, now deprecated +  #ssl_server_dh_file = /etc/dovecot/dh.pem 
-#ssl_server_dh_file = /etc/dovecot/dh.pem +  # Editing Sieve filter settings 
-# Editing Sieve filter settings +  sudo nano /etc/dovecot/conf.d/90-sieve.conf 
-sudo nano /etc/dovecot/conf.d/90-sieve.conf +  #updating where dovecot looks for sieve rules by default, new format 
-#updating where dovecot looks for sieve rules by default, new format +  sieve_script personal { 
-sieve_script personal { +    driver = file 
-  driver = file +    path = ~/sieve 
-  path = ~/sieve +    active_path = ~/.dovecot.sieve 
-  active_path = ~/.dovecot.sieve +  
-+  #old one was 
-#old one was +  #plugin {  
-#plugin {  +  #sieve = file:~/sieve;active=~/.dovecot.sieve 
-#sieve = file:~/sieve;active=~/.dovecot.sieve +  #} 
-#} +  # Editing main Dovecot configuration 
-# Editing main Dovecot configuration +  sudo nano /etc/dovecot/dovecot.conf 
-sudo nano /etc/dovecot/dovecot.conf +  #declare versions 
-#declare versions +  dovecot_storage_version = 2.4.1 
-dovecot_storage_version = 2.4.1 +  dovecot_config_version = 2.4 
-dovecot_config_version = 2.4 +  #comment out dictionary (unless you set it up) 
-#comment out dictionary (unless you set it up) +  #dict { 
-#dict { +  #  quota = file:/var/lib/dovecot/quota 
-#  quota = file:/var/lib/dovecot/quota +  #} 
-#} + 
-```+In May 2025, the Validity RBL switched to a locked model, so you need to disable queries to it in spamassassin by editing ''sudo nano /etc/spamassassin/local.cf'' and putting the following restrictions underneath ''dns_server 127.0.0.1'' and then comment out the VALIDITY scoring rule. 
 + 
 +  dns_query_restriction deny bl.score.senderscore.com 
 +  dns_query_restriction deny sa-accredit.habeas.com 
 +  dns_query_restriction deny sa-trusted.bondedsender.org 
 +  #score RCVD_IN_VALIDITY_RPBL             5.0 
 + 
 +Over the weeks and months ahead, I will merge the changes documented above into the body of the tutorial below. It will be some months before I merge, however, since Trixie is not yet stable and there will likely be more changes on the server I am testing in production. Below, please find the Bookworm tutorial: 
  
 +-- -- Original -- --
  
 This tutorial assumes you know how to set up A, AAAA, SPF, DKIM, DMARC, MX, and PTR records. Set an A record for example.org and mail.example.org and make sure you or your ISP has set a PTR record to mail.example.org for the IPv4 and IPv6 addresses. If you don't know how, then learn up, and do not proceed. //Thanks to LinuxBabe for a great jumping off point//. Let's begin by editing our hosts file ''sudo nano /etc/hosts'' as follows: This tutorial assumes you know how to set up A, AAAA, SPF, DKIM, DMARC, MX, and PTR records. Set an A record for example.org and mail.example.org and make sure you or your ISP has set a PTR record to mail.example.org for the IPv4 and IPv6 addresses. If you don't know how, then learn up, and do not proceed. //Thanks to LinuxBabe for a great jumping off point//. Let's begin by editing our hosts file ''sudo nano /etc/hosts'' as follows:
Line 619: Line 627:
 These tools prove helpful if/when emails get stuck, etc. These tools prove helpful if/when emails get stuck, etc.
  
- --- //[[alerts@haacksnetworking.org|oemb1905]] 2025/05/31 18:33//+ --- //[[alerts@haacksnetworking.org|oemb1905]] 2025/06/05 19:02//
computing/mailserver-trixie.1748716619.txt.gz · Last modified: 2025/05/31 18:36 by oemb1905

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: GNU Free Documentation License 1.3
GNU Free Documentation License 1.3 Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki