Create a mailserver with SMTP-Relay

NethServer Version: Latest

Hi, new here and new to this NethServer but I have work with Linux sometime now.
I have always been curious if I can have my own mail host at home but I have always been afraid to create one because I’m afraid that someone is going to brake it and send spam mail.

But now I feel I like to try something, I have a domain and I have read a little about the mail server on this system.
I even find this nice howto guide how to setup a mail server

Not sure if the guide still good to use (is about 3 years old now)

That I want to try to do is this
Receives mail to my domain.
Read it with webmail (See the nethserver have Roundcube web mail and that is nice or even SOGo Groupware)
Send mail thru a SMTP-relay from my ISP provider (Or maybe google)

Why I like to send it thru a SMTP-relay is that feel more secure then myself set up a SMTP and maybe do something stupid so someone can access and send spam mail.

Have anyone create something like this or can give me a direction where to find it.

Simple: install the mail server and webmail components using the software center, then configure a SMTP smart host for your outgoing mail.

Just an idea that might save you some money:
Instead of hosting your own server you could use a VPS. It could turn out quite a bit cheaper than having your own server.
Lets say you want a small server at home. For instance a HP microserver G8 or G10. Such a server typically uses around 40W. If you strip it to minimum you can end up with 30W, but you also need some performance. For a mailserver it is necessary that it is running 24/7

Now do the math on costs:
lets take 40W powerconsumption and calculate how much kWh that is on a monthly basis:
40W = 0.04kW
in a month you have 30 * 24 hours = 720 hours.
0.04 * 720 = 28.8 kWh
Electricity tuypically costs around 0.20 eurocents per kWh.
28.8 * 0.20 = EUR5.75
Remember this is only to cover for your electricity bill. You also need to buy the server!

Now lets find a cheap and reliable VPS. I am quite satisfied with my current VPS at Contabo.
The cheapest VPS they offer is a server with 2 cores, 4GB RAM and 300GB diskspace for EUR3,99/month

It might be an option for you too.

/edit: My VPS M SSD has been upgraded a bit today. Contabo changed their offer for VPS M SSD from:

  • 12GB RAM
  • 300GB SSD
  • 4 Xeon E5 cores
  • 16GB RAM
  • 400GB SSD
  • 6 Xeon E5 cores.

My VPS has been migrated to a new physical server and the only thing I needed to do is some fdisk and resize2fs magic to be able to use the extra diskspace.

/me is a happy puppy…

1 Like

Hmm ok going to look for SMTP smart host, thanks

Well yes but I have already a wmware server at home running for my system :slight_smile:

Hi @cazz
That is an understandable choice. Personally I also have a virtualization server (I use proxmox instead of vmware) but still I decided to have my mail and other online services on a VPS.

well yes my “real” mail is at my webhost. This I doing now is just for fun and is not going to be any public

To get it to work to send I did have to follow this guide

Now I just trying to understand how to receive :smiley:

Fair enough. My “real mail” is what I run on my NethServer powered VPS… :slight_smile:
All other mailaccounts are for catching spam when I have to sign up to some sleazy website just to be able to watch content.

thanks all for your responses. i was having similar questions and your answers were helpful to me.

Hi robb,

Interesting. When you do this, how do you restrict access to the cluster admin page? Can you e.g. configure it such that you need to login via vpn first and then get access?
How do you monitor the system to make sure you get informed in case of an attack/misuse?

I am asking because I consider to realize the same concept and want to learn how others do it.

Thank you!

On NS7 there is no such thing as cluster admin

1 Like

You could use Wireguard wg-easy as VPN solution for the VPS.

To restrict access to cluster admin, check out How do I prevent the administration page from being accessible from the Internet? - #2 by davidep. You may need to add the VPN network to the MyTrustedNetworks

You could use crowdsec to protect your server and get notifications on attacks.

1 Like