Rolling out a new mail server

Rolling out a new mail server

 21.09.2012, last updated 05.03.2021 -  Jeremy T. Bouse -  ~2 Minutes

So for the past few years I’ve been content to outsource my email services to Web.com  with very few problems though lately I’ve had a few contacts report problems sending me email and I’ve ran into issues where they don’t implement certain features I prefer to use (most notably user+extension email addressing). With that in mind I’ve set out to setup and re-implement my own mail server management and to ‘eat my own dog food’ as a consultant specializing in cloud service management I thought implementing it within Amazon Web Services . My experience with AWS has proven that I could make the migration and also save expenses which is never a bad thing.

For the scope of the project I was planning to utilize an Elastic Compute Cloud (EC2)  instance that would run Postfix  and Dovecot  IMAP/POP3 daemons to handle email sending & receiving. I also wanted to add Apache2  with Roundcube  for a webmail front-end. Of course this mail system needed to be secure and block spam that I have a love/hate relationship with (see previous post) so I wanted to include Amavis , ClamAV  and Spamassassin  integration. I couldn’t forget the best weapon in the arsenal against spam, greylisting, either. With this scope I also figured it would need a database of some form so I would utilize Amazon’s Relational Database Service (RDS)  to provide a MySQL instance. I’d also need a management interface for the mail system so I would make use of PostfixAdmin  which is easy to tie in with both Postfix and Dovecot. Finally, all communication has to be secured so I would utilize X.509 secure certificates from my provider of choice, StartCom, as I have already taken care of all verification processes.

With that design scope in mind I’ve purchased the necessary AWS EC2 and RDS reserved instances and brought the EC2 instance online using the community Ubuntu Precise (12.04.1 LTS) AMI. I intend to deconstruct the steps taken to setup the mail infrastructure and document in multiple parts to give proper coverage to the configuration and the pitfalls I encountered with some of the content that I did find already available online.