nixos-mailserver/README.md

80 lines
1.7 KiB
Markdown
Raw Normal View History

2016-07-21 18:11:43 +02:00
# nixos-mailserver
2016-07-21 18:55:01 +02:00
![license](https://img.shields.io/badge/license-GPL3-brightgreen.svg)
2016-07-21 18:11:43 +02:00
## Work in progress...
2017-08-13 12:58:00 +02:00
### What works and what is missing for first release
* Postfix
- [x] starts
- [x] receive email on port 25
2017-08-13 14:05:40 +02:00
- [x] receive email on submission port 587
2017-08-13 12:58:00 +02:00
- [x] lmtp with dovecot
* Dovecot
- [x] lmpto with postfix
- [x] creates maildir folders, saves mails
- [x] imap retrieval
- [ ] pop3 retrieval (to check)
* Certificates
- [x] manual certificates
- [x] on the fly creation
- [ ] TODO: Let's Encrypt
* Spam Filtering
- [x] scans emails
- [ ] Dovecot moves spam to spam folder (to check)
* Virus Scanning
- [ ] TODO: Implement
* DKIM Signing
- [ ] TODO: Implement
* User Management
- [x] Creates Users
- [ ] TODO: Set Passwords in config file
2017-08-12 11:52:01 +02:00
### How to Test
You can test the setup via `nixops`. After installation, do
```
nixops create nixops/single-server.nix nixops/vbox.nix -d mail
nixops deploy -d mail
nixops info -d mail
```
You can then test the server via e.g. `telnet`. To log into it, use
```
nixops ssh -d mail mailserver
```
2016-07-21 18:11:43 +02:00
## A Complete Mail Server Without Moving Parts
### Used Technologies
2017-08-12 11:37:54 +02:00
* Nixos
* Nixpkgs
* Dovecot
* Postfix
* Rmilter
* Rspamd
* Clamav
* Opendkim
* Pam
2016-07-21 18:20:56 +02:00
### Features
* one domain
* unlimited mail accounts
2016-07-21 18:20:56 +02:00
* unlimited aliases for every mail account
* spam and virus checking
* dkim signing of outgoing emails
2016-07-21 18:42:14 +02:00
* imap (optionally pop3)
* startTLS
2016-07-21 18:20:56 +02:00
### Nonfeatures
* moving parts
* SQL databases
* configurations that need to be made after `nixos-rebuild switch`
* complicated storage schemes
* webclients / http-servers
2017-08-13 14:05:40 +02:00
## Ideas for future releases
* Fine grained control over ownership of aliases
* More than one domain