Last week I decided to host my own mail server. Since I’m running OSX server with and e-mail server built right in that should be very easy. Of course you should have a domain and mx records set up and you server must be connected to Internet to be able to send and receive mail but I suppose you know that already since you’ve decided to host your own mail server. However there are some special points of attention that might have to be adressed before all works well.

Internal e-mail is not delivered by default

Due to the config of postfix internal mail will not be delivered. This is easily solved. Go to Settings > Advanced > Hosting and add your domain, without the hostname to the local host aliases.

Changing the junk mail settings might break the mail server config

Since I want my mail checked on spam and virusses I changed the ‘junk mail rejection servers’ in settings > relay. This broke my config which turns out to happen more often. When this happens external mail won’t be received anymore and after some time you’ll get the ‘451 Server configuration error’ message. It is easily solved: edit the postfix config file /etc/postfix/main.cf and change the ’smtpd_client_restrictions=..’ to ’smtpd_client_restrictions = permit_mynetworks reject_rbl_client sbl-xbl.spamhaus.org reject_rbl_client relays.ordb.org permit’. Save it and restart postfix with ’sudo postfix reload’.

When all works it is important to check your security. You should make sure your mail server is not open for relays to prevent it being misused for spam. Also you should check if the firewall is correctly configured. This can easily be done using the following links:

Check your firewall

Go to www.grc.nl > enter the site > go to shields up and test ‘common ports’. Port 25 (smtp) should be open to be able to receive mail. All other ports best be Stealth, not revealing the existence of your server. If you wan’t to send and read your mail over the Internet you also need ports for either pop or imap. If so it would be wise to use ssl to secure communications

Check for open relay

Servers that are open for relay requests are often being misused by spammers. If yours is not only you are adding to the spam problem, also you can count on being added to a blacklist and if you have a decent ISP you’ll also be blocked by them, both of which measures will effectively shut down your ability to send and receive mail. So be sure to check you server on being open relays, it’s easily don with help of www.abuse.net/relay.html

Looking for answers?

If you have any questions or run into problems I recommend to visit the Apple support forums and search for a solution there. Usually I find anything I need on google but this time I had more luck at the Apple support forums. To find them, go to www.apple.com/support and choose discussions from the menu bar just below the tabs.