Set up VPS for incoming email only - best practices?
Looking for the best way to enable incoming only email on a low end/low resource VPS. Daily emails received will likely be below 50 average.
Have searched online for tutorials but no luck finding something I can use. A common suggestion is just to set up a regular email server and block port for outgoing emails but am looking for the lightest weight solution.
Plan on using Thunderbird from home PC to view and archive and it's already set up with reputable third party for sending email. I should be able enable Dovecot, Postflix, Fetchmail, Qmail, Procmail Mail Filter, SpamAssasin Mail filter, and ClamAV with a couple mouse clicks in control panel, as needed.
If anyone is using a VPS for incoming mail only please let me know what worked best for you, what settings you use, and what I should avoid. If anyone knows of any good tutorials for doing this geared toward less experienced users would appreciate the info.
Comments
Mentally strong people run nc -l 25 and type SMTP replies on the typewriter.
Webhosting24 aff best VPS; ServerFactory aff best VDS; Cloudie best ASN; Huel aff best brotein.
Do you already use Cloudflare? Then trust them with your e-mails too
https://www.cloudflare.com/products/email-routing/
Haven't bought a single service in VirMach Great Ryzen 2022 - 2023 Flash Sale.
https://lowendspirit.com/uploads/editor/gi/ippw0lcmqowk.png
Just set up Mail-in-a-Box and be done with it.
https://mailinabox.email
Recommended providers: BuyVM - MXroute - LunaNode - Forpsi - IntoVPS
Contact me for all of your Mail-in-a-Box email hosting needs at AnyDomain. I am also a proud reseller of MXroute email.
I've looked into MIAB, definitely not for me. One reason is: Mail-in-a-Box must be installed on a fresh machine that will be dedicated to Mail-in-a-Box
Thanks for the tip. Just checked out their free email routing offer but from what I can tell (please correct me if I am wrong) all they would do is forward all email sent to "[email protected]" to another address. Actually already having that done as domain registrar NameSilo offers that- any email sent to "[email protected]" gets sent on to "[email protected]"
Postfix has an official tutorial for a "split" setup (one instance for receiving, one instance for sending) but I don't have the link handy. Basically, to disable sending you could comment out the line(s) starting
submission
in/etc/postfix/master.cf
which stops the port 587 listener. You can obviously also block outgoing port 25 traffic with the firewall as you've said.I put my receiving instances in separate LXC containers running on a low-resource (1GB RAM) KVM VPS. They are NAT'ted so only port 25 is forwarded to the container.
A couple of things you'll need to consider. One is whether you really want to completely block outgoing mail. For example, what happens to any deferred message notifications - they will be blocked too.
Second is your whole mail chain. It doesn't sound like you only want to receive mail, but also store it (dovecot), filter it (sa, clamd) etc.
In particular Clamd is RAM-hungry so what do you mean by "low-resource"? Forget about this with under about 4GB RAM to spare. I hand processing of mail off to a second container on a different KVM VPS with greater resources.
You are correct that Clamd is a memory hog and will use more RAM then everything else combined, but you can still run this setup with Clamd on 2GB ram and 2GB swap without any issue if your only getting 50-100 emails a day.
@JDMcPea I run a similar inbound only setup with sendmail on a few VMs using dovecot and fetchmail. One thing that hung me up for a minute, so I'll pass on the tip, was not adding the following to dovecot config.
In /etc/dovecot/conf.d/15-mailboxes.conf
find the line that contains
namespace inbox
and add on a fresh line below this
inbox = yes
LES • About • Donate • Rules • Support
Maddy Is exactly what you want. Email server with no frills. Set it up, add your accounts and put your details in any email client you prefer. Boom, done. Bonus points, you can set up Rspamd to scan your incoming emails for spam.
That is a fair comment. It does depend on a lot of things - whether securite/malwarepatrol signatures are enabled, maximum size to scan, etc.