Best Mail Server / Ubuntu 12.04LTS

I've been running Postfix/Dovecot for my personal email needs for over a year, a few different email accounts over different domains, and it has worked fine. So I'd just follow that nice Linode guide, it's great and works like a charm.

If you have other users you probably want to buy SSL certificates so the users won't get a certificate warning from their email clients, and there's a guide about SSL certificates too! Linode have really made this quite simple with their guides.

Before you start though, make sure your mail server IP address is not listed as "bad" anywhere here: http://www.dnsbl.info (If it's bad, ask Linode to replace the IP address with a clean one)

Sweet - thanks for the info. I'll give that one a shot and report back here on how it goes. Did you see any resource hits when loaded it onto your linode? I'm hoping I won't have to add RAM.

I have dovecot/postfix running on a 1024 along side a nginx/php/mysql and I've never had memory problems (it was running on a 512). I am the only user though.

The memory hogs will be spam filters (i.e. spam assassin) and antivirus (clamav).

If you want a web interface then then I like roundcube. Squirrelmail is also popular.

@theatereleven:

Sweet - thanks for the info. I'll give that one a shot and report back here on how it goes. Did you see any resource hits when loaded it onto your linode? I'm hoping I won't have to add RAM.
So far so good. I'm still running a 512 node (haven't upgraded to 1GB yet) and I'm not even close to running out of RAM.

obs mentioned spam filters. You can reduce that burden by using DNSBL services in /etc/postfix/main.cf

Mine is like so:

smtpd_recipient_restrictions =
  permit_mynetworks,
  permit_sasl_authenticated,
  reject_rbl_client b.barracudacentral.org,
  reject_rbl_client zen.spamhaus.org,
  reject_unauth_destination

Another thing to do is to look at /var/log/mail.log from time to time and see if you get any brute-force attempts. Then use Fail2Ban to block those (https://library.linode.com/securing-you … g-fail2ban">https://library.linode.com/securing-your-server#sph_installing-and-configuring-fail2ban) I'm still experimenting with this myself.

We use Postfix/Dovecot on smaller Linodes. It's very reliable.

We've recently set up a Zimbra mail server (Open Source version) on Ubuntu 12.04. It's on a 3GB Linode because of the piggish RAM requirements. The full featured nature of Zimbra is great but I'm not sure it's worth the resources.

Might want to take a look at aixgen mail server – free, works wonderfully, nice gui -- can't figure out why it's not more widely known. It should be!

http://www.axigen.com/mail-server/free/

Axigen Free looks interesting, but it's almost impossible to get any info about dependancies without giving full contact info to their sales department (never a good sign).

• What MTA does it use?

• What does it use for IMAP & POP?

• Does it require java? (Zimbra does and it causes horrible server performance and resource usage).

• Does it require Apache or nginx for webmail?

• It defaults to port 80 for webmail, but can it run on a web server that's already using port 80 for Apache?

Their install info says it's only 32-bit, and no support for Ubuntu 12.04.

The admin appears to be wrapped up so you need to use their CLI interface to access anything (the same problem as Zimbra). This makes scripted operations (such as backups) a PITA.

My big concern is that it's proprietary (the Free version is not open source) and that the 'Free' server license says it's only a one year license.

All - in - one solutions like Zimbra and Axigen are often based on proprietary code and have that "black box" feeling all the time. Sure, they're completely fine if you need something that's easy to set up and administer, but if you'd like to customize it for your needs, such as add backup scripts, that's gonna hurt really bad.

I've been running Postfix + Dovecot stack for a few years now on my Linode and it works flawlessly. Also, that stack is just so much more script - friendly and with enough of time and dedication you can set up pretty much anything you like. Of course, open source stacks don't have some advanced capabilities such as groupware collaboration stuff, push mail, etc. But you can get pretty much all of that if you install additional software and components and end up having all that great stuff with a little more work on your side, one feature at a time, at your own pace. It all comes down to specific needs, and I prefer to install everything myself so I can have greater control of my mail stack. Just a personal preference…

petarpetrovic,

I'm realizing the "black box" feeling right now with Zimbra. I'm glad I haven't moved any clients over to it yet (though I have a few live accounts accounts on it, some test accounts, and I've let clients test it). I'm also not thrilled with the 100 user limits.

Time to me to rethink things.

Main Street James,

I think it's the perfect time to rethink your mail server strategy. All those all-in-one solutions are great until you start to find limits. Because, in the end, they all want you to upgrade to lots of premium stuff that you might not need and give them some money. You don't have any limits with Postfix, for example, and it consumes considerably less RAM. It might be harder to set up and maintain, but you're much more free to do anything you like with it.

petarpetrovic,

I think you're right. I'm going to be setting up a test mail server this weekend using Postfix + Dovecot. I'll need to write some scripts to add users, domains, etc, but in the long run I think it will be much more flexible. I'll try the new version of RoundCube for the GUI and then maybe try the Horde groupware solution.

Thanks for the feedback.

Well, the "best mail server" overall, and particularly from the standpoint of ease of installation and configuration seems to be Citadel. Well, if Citadel has guts to call themselves "the best", it is worth at least looking at it.

It takes a couple of minutes to install and configuration is a breeze, just answer a few questions and you are running with full support of most mail protocols, encryption schemes and so on.

Actually, you get not only a full fledged mail server, but excellent web interface, blogs, wiki, contacts, notes, chat and quite a few other goodies as you can see here (actually the citadel site running latest citadel version):

https://uncensored.citadel.org/knrooms? … ortOrder=1">https://uncensored.citadel.org/knrooms?template=knrooms?SortBy=byfloorroom?SortOrder=1

It's been running on our system for years without any problems.

Unfortunately, out of the box packages for Ubuntu 12.04 LTS 32 bit version has a nasty bug that coredumps the mail server and totally ties up your cpu, as server is being constantly restarted automatically and it coredumps, and that is nasty.

But there are several ways to take care of that situation. One of them is to do a build from the source tree using their "easy install" procedure that is verified to work on Ubuntu 12.04 32 bit. Plus, it installs the latest version of citadel (8.22) which runs fine so far.

Citadel easy install (8.22):

http://www.citadel.org/doku.php/install … asyinstall">http://www.citadel.org/doku.php/installation:easyinstall:easyinstall

This is the command that was used to build from the source tree, install, configure and start citadel.

wget -q -O - http://easyinstall.citadel.org/install | sh

You just need to make sure you have the built environment installed.

There is a web page somewhere with prerequisites for build. But it reduces to following:

Getting build environment:

apt-get install build-essential curl g++ gettext shared-mime-info libssl-dev

If you use this easy install option, then you can just safely remove the previous citadel packages if you had any of them installed.

There is also a way to install binary packages without doing this build. It is described here:

https://bugs.launchpad.net/ubuntu/+sour … bug/911732">https://bugs.launchpad.net/ubuntu/+source/citadel/+bug/911732

(look at comments 24 and 25)

There was an argument about which way is "the best" on one of on-line chats. But there are tradeoffs and the issue is not as simple as it might look on paper. For example, if you bypass the packaging system and install citadel via built process, then your system upgrades will not update the citadel and you'd have to do a build again, and the nasty thing about it is that you might loose your entire database. And that is why they suggest to backup the entire citadel tree before you do it.

The advantage of build process is that no matter what are the package updates via update procedure, it won't affect your citadel. So…

On the Linode page about citadel mail server there is a yellow box that says there is a problem with it. But they were informed about these solutions and, apparently, just ignored it in ways of "go screw yourself, we are not interested", which is strange considering Linode as business, being one of the best of its kind.

But, as they say, "we are working on this" and we will do our best to make sure Linode and its name and reputation are not tainted by such gross disregard to the customer problems or issues. Otherwise, Linode is not better than some "goDaddy" out there.

Here is that page:

https://library.linode.com/email/citade … e-pangolin">https://library.linode.com/email/citadel/ubuntu-12.04-precise-pangolin

Now, since there IS a solution to this nasty bug, that page has to be updated with whatever method is more appropriate in the opinion of the linode customer support stuff.

Because you can't just ignore the solutions to problems with "the best there is" as Citadel claim they are.

There were plenty of people that struggled with this problems for days on, trying all sorts of things including fresh installs of the entire system and not only the fresh installs of the citadel itself, and all in vain.

For webmail, have a look at the new RainLoop - http://rainloop.net/

I've been running it in a test environment for a couple weeks and I'm impressed. Nice interface, very low resource usage, seems to be technically very good.

Compared to Roundcube it's feature-poor, but it does what it does very well.

Your needs are extremely similar to ours. I use the combination of Postfix, Dovecot, Roundcube (webmail), and PostgreSQL (storage of all Postfix maps and Roundcube preferences). This setup has worked very well for a few years now. The resources usage of these components is negligible compared to the other stuff running on the node (Apache, PHP, MySQL, Drupal, CiviCRM). Anti-spam and anti-virus additions however are another story. SpamAssassin seems to have a relatively sane footprint, but ClamAV and Amavis-new were pretty huge, so if you actually need to scan messages for viruses expect to upgrade your node, and Bayesian filtering gives you a small hit, but if all you do is have SA check some public spam DNS blacklists that will cut down on the majority of the spam with very little resource impact. (SpamAssassin has multiple modular checks it can run - the more checks, the more memory. DNSRBL is a pretty small one, and actually can be done by Postfix directly as mentioned above if you don't want to mess with SA at all.) I will say that it's really nice to have your user and alias maps in something like Postgres, PAM, LDAP, etc. rather than the regular Postfix flat files - easier to edit, and no restarting the daemon for the changes to take effect.