Mail Configuration Reference
This article is a Stub. You can help the Sympl Project by expanding it.
This page has a breakdown of the configuration options and files used when handling email for a domain.
Accepting Email
To accept email for a domain, one of the below methods must be enabled. Any email sent to an address not covered by one of these will be rejected.
Individual Mailboxes
The /srv/example.com/mailboxes/ directory contains the user mailboxes, so the existence of the directory /srv/example.com/mailboxes/alice would accept mail for the email address alice@example.com, /srv/example.com/mailboxes/bob would accept mail for bob@example.com and so on. Once these directories have been created, the mailbox will receive mail, and can be accessed via IMAP, POP3 or Webmail once a password has been set.
Mailbox Aliases
In some cases you may want to have multiple (internal or external) email addresses attached to the same mailbox. This is done using /srv/example.com/config/aliases, which is a file containing the local part followed by a comma separated list of email addresses. For example:
webmaster charlie@example.com info bob@example.com, alice@example.com alice.smith alice@example.dom bob.jones bob@example.com charlie.williams charlie@example.com staff alice@example.com, bob@example.com, charlie@example.com dave.taylor dave@some-other-email.net dave dave@some-other-email.net
Note that when using external email addresses which are not hosted on the same server, then the mail is forwarded on directly without the sender being rewritten, which may cause delivery issues if the sender or recipient are using any anti-spam measures.
For this reason, it is generally best to either deliver to a local mailbox which is collected by the user, or to use a Sieve forward rule in a local mailbox to ensure delivery.
Mail for Local System Users
Sympl also manages email for local system users, however this only applies to mail either addressed to the local domain, or internal mail sent without a destination domain. These are managed slightly differently, and are overridden at a mailbox level by the existence of an individual mailbox.
Accepting All Mail
The /srv/example.com/config/default_forward file acts as a fallback or catchall for any mail not covered by an existing mailbox or alias. This will then accept all mail, regardless of addressing.
See the Forwarding Mail section below for more information.
Suffixes and Plus Addressing
Sympl supports 'plus addressing suffixes for mailboxes. These are added to the local part of the email address after a plus (+) character, and can be used for filtering incoming email on the To: field or other purposes.
As an example, to filter all mail from a specific supplier regardless of their sender address, Alice may provide them alice+supplier@example.com as her email address, which will be delivered to the alice@example.com mailbox as normal.
Mailbox Passwords
The password for a user mailbox is set by the contents of the individual /srv/example.com/mailboxes/user/password file. The contents of this file can be either encrypted or plain text, which will be automatically encrypted as part of the daily cron jobs.
All passwords should be as long and complex as practical. A password of at least 16 characters with mixed case alphanumeric is suggested as minimum.
To force immediate encryption of any plain text email passwords, run sudo sympl-mail-encrypt-passwords --verbose.
User Password Change
Users are able to change their own passwords via the Webmail interface.
- Log into webmail with the current password
- Click 'Settings' in the top right.
- Click 'Password' in the list on the left.
- Change the password using the web form.
Note that the system will perform password strength checks, so attempting to set a weak or short password will fail with a relevant error message.
Resetting a User Password
If the password is not known and needs to be reset, then the /srv/example.com/mailboxes/user/password file can simply be updated with the new password.
Server-Side Rules with Sieve Filtering
Sieve is a standardised language for filtering incoming mail on the server directly on the server without having shell access, either using a Sieve client or through the webmail interface.
These rules can be used to mark messages read, flag mail, move mail into seperate folders, as well as forward and reply to mail, without a mail client needing to be connected.
Each mailbox can create a number of rule sets in the /srv/example.com/mailboxes/user/sieve.d directory, with the /srv/example.com/mailboxes/user/sieve file being the active file.
Note that only one file may be active at a time for each mailbox, so the user should add to existing rules rather than creating a new set.
Users can access a mailboxes Sieve rules by logging in and going to Settings (top right), then selecting 'Filters' from the list on the left.
Forwarding Mail
Mail can be forwarded via two methods, either at a mailbox level, or at the domain level as a catch-all for any addresses which do not otherwise exist.
Note that like aliases, when using external email addresses which are not hosted on the same server, then the mail is forwarded on directly without the sender being rewritten, which may cause delivery issues if the sender or recipient are using any anti-spam measures. With this in mind, it's suggested to use Sieve filters where possible when communicating with external domains.
For individual mailbox forwarding, the file is located at /srv/example.com/mailboxes/user/forward, and to forward all mail which is not already handled via another method, the file is /srv/example.com/config/default_forward. Format of these files is identical, and can be one of two formats.
Comma Separated List
The most basic format is a comma-separated list of email addresses to forward the mail to, for example, to deliver all mail sent to bob@example.com to alice@example.com and charlie@example.com, in /srv/example.com/mailboxes/bob/forward you would place the text:
alice@example.com, charlie@example.com
Note that this method will redirect all incoming mail, preventing it from being delivered to the bob@example.com mailbox.
Exim Filter File
A more complex format is using Exim filter file, which are fully documented in the Exim project documentation. Some common examples are below.
Forward a copy of the mail and deliver normally
This delivers the mail to the mailbox as normal, but also sends a copy to both alice@example.com and charlie@example.com, but also delivers it to bob@example.com, and would be located in/srv/example.com/mailboxes/bob/forward.
# Exim filter unseen deliver alice@example.com unseen deliver charlie@example.com
Redirect all mail to another domain
This redirects all mail to the domain example.org, retaining the local part. This is much more useful at /srv/example.com/config/default-forward rather than in a mailbox, and acts similar to a web redirect.
# Exim filter deliver $local_part@example.org
Vacation Messages
A vacation message can be set to auto-reply to incoming messages on a users mailbox by creating /srv/example.com/mailboxes/user/vacation, and adding the text to be sent as an auto-reply.
Addresses which were sent replies are logged in /srv/example.com/mailboxes/user/vacation.log, with a machine-readable database of these messages ..................................
Size Quotas
Sympl can enforce mailbox size quotas on user accounts, preventing too much space being used on the server.
To set a quota for all mailboxes, create the file /srv/example.com/mailbox-quota, or for a single mailbox, create /srv/example.com/mailboxes/user/quota. Any quota set on a mailbox individually will override a quota at the domain level.
The contents of this file are the maximum size of the mailbox in bytes if no suffix is used, otherwise the following suffixes are available:
| Suffix | Full Name | Bytes |
|---|---|---|
| k | kilobytes | 1,000 |
| M | megabytes | 1,000,000 |
| G | gigabytes | 1,000,000,000 |
| ki | kibibytes | 1,024 |
| Mi | mibibytes | 1,048,576 |
| Gi | gibibytes | 1,073,741,824 |
For example, the text 1Gi in /srv/example.com/mailbox-quota limits all mailboxes to a maximum of 1 Gibibyte, and the text 2Gi in /srv/example.com/mailboxes/bob/quota would allow bob@example.com to store twice as much mail.
Alternatively, the value 0 (zero) is the default and disables any quota, allowing you to set an overall quota, but disable it for specific users.
Rate Limiting Outbound Mail
Anti-Spam and Anti-Virus Scanning
Customising SpamAssassin
Filtering Mail Using Headers
Using Real-Time Blacklists from Spamhaus
Blacklisting Senders
Setting A Specific IP For Sending Email
Local System User Mail
Other than accepting mail for users in a /srv/example.com/mailboxes/ directory, Sympl also manages mailboxes for local system users based on their home directories and local users will receive email to <username>@<hostname of the server>. Mail for these users is stored in the users home directory in a Maildir/ directory, and users may use local mail reader apps to access it, negating the need for SMTP/IMAP.
Note: It both a normal mailbox exists as well as a local system user on the same domain, then the mailbox will take precedence.
Webmail
Port Configuration
Mail is configured to use the default ports, with STARTTLS enabled on legacy ports.
| Service | Port | Encryption | TLS Enabled by |
|---|---|---|---|
| SMTP | 25, 587 | TLS | Using STARTTLS |
| SMTP | 465 | TLS | On connection |
| POP3 | 110 | TLS | Using STARTTLS |
| POP3 | 995 | TLS | On connection |
| IMAP | 143 | TLS | Using STARTTLS |
| IMAP | 993 | TLS | On connection |
| Sieve | 4190 | TLS | On connection |
Configuration Reference
| File or Directory | Used For |
|---|---|
.../config/ip
|
Contains a list of IP addresses which mail will be sent from for the domain. Defaults to the primary IPs (IPv4 and IPv6) of your server. |
.../config/spf
|
Existence of this file will add SPF Records to the automatically generated DNS files. Any content will be used as the SPF record. |
.../config/dkim
|
Enables DKIM record generation and along with dkim.key, will enable signing of outgoing mails. The DKIM 'selector' defaults to the short hostname of your server, otherwise any content in this file will be used as the selector in outgoing mails and automatically generated DNS.
|
.../config/dkim.key
|
This key is used to sign outgoing DKIM mails. Required to be able to sign mails, along with the dkim file.
|
.../config/dmarc
|
This file will create a DMARC record in generated DNS files. If the file is not empty, the content will be used as the new DMARC record. |
See also Configuration Reference for other configuration files.