Setting Up a Personal Mailserver

Categories: Linux


This article describes how to set up a personal email server on a hosted virtual private server (vps), suitable for handling email for a small number of people eg a family. It assumes moderate competence in Linux administration - eg being comfortable editing config-files, restarting services, adding system users.

The resulting system uses Postfix + Dovecot + Spamassassin, with user-accounts defined via config-files (not a database). There are dozens, if not hundreds of tutorials/guides on this topic on the internet, and many are more elegantly presented than this one. What is different here is the amount of background information on how the components work, and why specific config options have been chosen. This isn’t a “quick read” - but setting up an email server is not a quick task :-).

I’m no expert in this area - the information below are effectively notes of research that I made while figuring out how to set up a personal email system the way I needed it. I dislike simply following steps 1..N in a guide without understanding the underlying system; that makes it difficult to adapt instructions to slightly different requirements, to handle differences between distributions and software versions, etc. The background information presented here will hopefully make this article useful event if your requirements are slightly different from mine.

This is actually the first page of 4; the others are linked to at the appropriate places below:

And a warning: setting up an email-server is not trivial. As with many projects, looking back at the final results everything looks fairly simple. However even though I am a moderately experienced linux admin, setting up email took me many late evenings with a number of frustrating detours and bugs before everything worked. Hopefully this article will save you some of that effort, and the end result is very satisfying, but it is still not something to take lightly. Before you start, you should read Why you may NOT want to run an email server.

The Goal

What I (and probably many others) want from email is:

  • to send email from a desktop client (eg Thunderbird)
  • to read email from a desktop client via POP3 or IMAP
  • to be able to also read/write email via a web interface (when on holiday or similar)

The necessary infrastructure should be:

  • fairly cheap (ie low resource requirements)
  • fairly reliable
  • fairly private
  • open-source software running on a Linux operating system

I already rent a virtual private server to host this website, and that (linux-based) server is already online 24 hours per day. It seems pointless to pay additional money to a hosting company just to handle my email when the same server could host my mail directly. I expect there are quite a few people with the same goals.

What I do NOT require is a pretty admin interface to add/remove email-accounts, change passwords, etc. This email system is intended for just a small number of people (two in my case), so performing administration via the command-line is adequate for me. The setup I describe below (postfix + dovecot) can be extended with additional packages to provide pretty admin interfaces if needed. However if you have so many users that you need such features, then perhaps the larger “email suites” might be a better fit (see Zimbra, Kolab, etc in section “Choosing an SMTP Server” below).

Email Theory

I recommend that you first read this description of the basic theory of email servers, which explains some of the terminology used, and the paths data takes through an email system.

Note that much of the documentation that comes directly from mail-related projects (ie is written by the people who have implemented these projects) assumes that email is being delivered to real user accounts on the mailserver - ie the original way email was used in the 1970s. However I believe that it is now far more likely that the mailserver is just an email-storage-location for users who are running email client applications on desktop, laptop, or mobile devices. It therefore pays to be wary of advice direct from developers - they may not be describing a solution that is applicable for you.


  • That you already have a personal domain-name.
  • That you already have a virtual private server running Linux. This guide assumes Ubuntu 16.04 LTS, though it should apply with few changes to other linux-based operating systems of the same age or newer.
  • That you know how to obtain an SSL certificate for your mailserver, eg via letsencrypt.

Why Not Hosted Email?

This is the first time I have configured an email server; until now email has always been handled by my ISP or an external hosting provider. So why not stay with such a setup?

I have a personal domain (, and have an email-address at that domain; ISPs and free email providers generally do not support custom email addresses.

  • Google gmail previously provided free hosting for custom email-domains, but as of 2016 that is no longer the case - you need to pay for a commercial google account (gsuite aka google-apps).
  • Zoho (a multinational company based primarily in Japan, Hong Kong, and India) currently provide free hosting of custom email domains, but who knows how long that will last.

I’m not aware of any other free hosting providers. And given that I already pay for a server, it seems pointless to also pay for email. And hosting it personally gives some extra privacy, or at least the feeling that private communication is not being stored on systems not belonging to me, and (in the case of google) is not being scanned for advertising purposes.

Choosing Software

Choosing an SMTP server

Wikipedia has an excellent page listing all the major email implementations.

However many of these are not open-source, or not linux-based. After filtering for these criteria, the remaining options are:

  • Citadel, Kolab, Zimbra
  • Haraka (node.js-based)
  • Courier
  • Postfix
  • Exim
  • sendmail
  • OpenSMTPD
  • qmail

Citadel, Kolab and Zimbra are all “full suites” that provide a range of email and calendaring tools, and nice web-based admin tools to manage them, along with an embedded SMTP server. However these all assume they are being installed on a dedicated server, and set up webservers, databases, and many other components for internal purposes. This article is about installing a light-weight set of tools on a server that is also being used for other purposes, eg serving websites.

Haraka looks interesting, but it is somewhat obscure and it appears there is little “community support”. Running a “service” based on node.js is also a little too adventurous for this project.

Courier is interesting, as it not only provides an SMTP server but also an IMAP server and web-based email client. I chose not to follow this path because more documentation was available online on other options, but it is definitely worth considering. As with the “full suites”, it would be a more resource-intensive solution than the one chosen.

Postfix, Exim, qmail, sendmail and OpenSMTPD are all fairly similar; they provide an SMTP server only and IMAP/web-access must be provided by separate software. All are available from the standard Ubuntu package repository. After some research (eg here), this seems to be a fair summary:

  • Postfix is considered to be secure, and scalable up to very large installations. However it has a reputation for being non-trivial to configure. It also has fewer features than Exim.
  • Exim is considered less secure than Postfix, but with more features. It is also non-trivial to configure, but not too bad. Sadly Debian maintainers for this package have added a “configuration wizard” onto it which frankly makes it far more difficult to configure than it originally was. And this wizard is mandatory AFAICT.
  • Sendmail is a very old program, and is considered to have one of the most unpleasant configuration file formats ever. It is generally obsolete now - don’t use. However newer programs often offer sendmail-compliant interfaces, including even installing an application under name “sendmail” for backwards-compatibility.
  • OpenSMTPD is reasonably new, certainly postdating postfix and exim. It is originally a BSD project, though it is available as a standard package for Ubuntu. It has few features, but mostly sufficient for this usecase. Its configuration format is nice, but its bsd-like flavour makes it somewhat odd in a linux environment. It also appears to implement many features as “external daemons” rather than internally, which means running multiple processes and some not-quite-elegant config. Most critically, OpenSMTPD has no builtin support for RBLs.
  • qmail was a significant option in the early 2000s, but is now effectively “abandonware”. Its emphasis on security also implies many many independent servers, and complex configuration.

There are also a couple of projects that provide a container image with all software preconfigured, which can be started within a virtual machine on some host; see mailinabox and flockport. I am not sure how “low config” these are, considering that there are many site-specific options such as the email-domain, ssl-certificates, and users which need to be defined. Nor am I sure that these will be “low resource” solutions, so I didn’t try either out. If you do have some experience with these, please let me know how it turned out!

In the end, I chose Postfix due to its reputation for reasonable configuration (at least better than some), widespread usage, and the significant amount of online documentation and community support available (eg articles on stackoverflow).

Choosing an IMAP server

Given that I have chosen Postfix as an SMTP server, it is necessary to also pick a separate tool for IMAP access.

This choice is simpler than an SMTP server: there are just two credible candidates, Cyrus-imap and Dovecot. I chose Dovecot, mainly because I found two good online articles describing postfix+dovecot setup.

Choosing a Web Email Client

At some future time, I intend to add a web-based interface to mail, for access when on holiday etc. This article doesn’t cover webmail but the Roundcube project seems to be the standard solution for a standalone web-email-client, and is often used together with Dovecot/Postfix.

Other Software

The iredmail project comes up in searches for email-software; it includes many open-source components but is not itself open-source and is not included in the standard Ubuntu/Debian archives.

Vimbadmin is just an admin front-end for postfix/dovecot that avoids the need to log in to the server via SSH in order to add/modify users. For a small-scale personal setup this doesn’t seem necessary.

Postfix Theory

Now that Postfix+Dovecot+RoundCube have been chosen as tools, I recommend reading the basic theory behind postfix.

Configuring Email

And finally the actual setup steps are described here.

Notes on Choosing a Virtual Private Server Provider

If you do not yet have a suitable linux-based server which has a static IP address and is on 24 hours per day, then I recommend signing up for a “virtual private server” from one of the large hosting companies. A basic server costs around 9 Euros (10 USD) per month, and can be used for web-hosting, email-hosting, and anything else you need.

I currently use a VPS from Digital Ocean (, and I can recommend them. Digital Ocean is based in the USA, but with datacenters in several places around the world - and you choose the desired location for each virtual server you configure. Setting up an account, and configuring a server was really easy - far smoother than I had expected. The website for administrating an account and associated servers is well thought-out and there is a good amount of help/explanation available when needed. In short, Digital Ocean really is set up for the “small user” wanting a single server - as long as that user is ready to do their work from an SSH console (not much “point-and-click” style configuration available for the servers themselves, other than being able to choose an initial OS image with some packages pre-installed and pre-configured).

Digital Ocean don’t bombard with advertising, or do anything else undesirable (so far). I have received a couple of emails suggesting some additional products I could use, and encouraging me to join their forums, but they were actually relevant.

Each Virtual Server is allocated a static public IPv4 address, and optionally an IPv6 address (not enabled by default, but just a click away).

Digital Ocean provide DNS-related configuration pages which support several very important steps when setting up email:

  • defining a PTR-record that maps ip-address to domain-name; this is used by other webservers to filter out spammers so it is important that such a record exists.
  • defining an A-record to map domain-name to host (fairly standard)
  • defining a CNAME-record to define aliases for a host (eg ->
  • defining an MX-record that maps an email-domain-name to a host-name.
  • defining TXT records for SPF, DKIM and DMARC declarations

Digital Ocean are not a domain-name-registrar. The domain-name used for email needs to be registered with someone else, and that registrar also needs to configure NS-records to point to digitalocean DNS servers; most registrars provide a web-page where NS records can be modified by the domain-name owner themselves.