Robust and Minimal, Yet Functional Mail Server With FreeBSD, Sendmail, and Dovecot

freebsd mail server sendmail dovecot

Many people think running functional Mail-Server is a complicated process and we need a script to do that. Also, there are numerous blogs talking about Sendmail complicatedness and many other rumors.
As a matter of fact, neither running a Mail-Server nor working with Sendmail is painful. The point is as you dig deeper into concepts it might be confusing so we keep things practical.

To running a FreeBSD Mail-Server you need:

  1. FreeBSD host with static IP
    It can be VPS or anything like that.
  2. A domain with MX record
    A mail exchanger record (MX record) is a type of record in the Domain Name System that specifies a mail server responsible for accepting mail, prioritize mail delivery if multiple mail servers are available.
  3. Sendmail
    Sendmail is the default MTA(message transfer agent) installed with FreeBSD. It accepts mail from and delivers it to the appropriate mail host.
  4. Dovecot
    Dovecot is an open-source IMAP and POP3 server for UNIX-like operating systems. It’s fast and secure. IMAP and POP3 let you send and receive mail from your desktop with your favorite mail client.
  5. Thunderbird
    Thunderbird is our client. It can send and receive mail.
  6. SSL key.
    To ensure the connection is secured we need SSL key

Sendmail Configuration

By default Sendmail listen on localhost or 127.0.0.1 so you can’t receive mails from outside but you can force it to listen on all interfaces:
# sockstat -4l
Output is:

root sendmail 6895 4 tcp4 *:25 *:*

Add these lines to your “/etc/rc.conf”:

sendmail_enable="YES"  
sendmail_submit_flags="-L sm-mta -bd -q30m -ODaemonPortOptions=Addr=0.0.0.0"

Then restart Sendmail:
# service sendmail restart
So Sendmail can now listen on any.
We want to everyone can send mail to this Mail-Server:
Add this line to “/etc/mail/access”

*	ok

If you have multiple domains you can route one mail account to another. We have corebox.ir and usenix.ir so we add this line to “/etc/mail/virtusertable”:

info@usenix.ir	info@corebox.ir

We want to restrict our Mail-Server sender to custom IPs or TLDs so only these IPs or TLDs can send mail.
Add these lines to “/etc/mail/relay-domains”:

“your client IP”

Or you can add it by TLDs:

.ir  
.com

Issue these commands to update Sendmail database:

# makemap hash /etc/mail/virtusertable.db < /etc/mail/virtusertable
# makemap hash /etc/mail/access.db < /etc/mail/access
# service sendmail restart

You can get full edition at:
https://contents.meetbsd.ir/ebook/sendmail_bsdmag.pdf
Or:
https://bsdmag.org/download/table-level-security-postgresql/

enter image description here