cover

Raspberry

tech
top
Index
PDF
1 Headless set-up
2 433MHz
3 Bitcoin mining with a pi
4 Change to SSL
5 A mail server
80 home.pl
81 Cronjob for 433Mhz swiching

5. A mail server

Setting up a mail server has two big problems:

  • It is difficult to maintain; especially the security patches are a PITA
  • Mail server set-up is complicated. Very complicated.

There are two solutions for that:

  • With fetchmail you do not need to expose your mail server to the Internet
  • With citadel setting up the mail server is easy

So, Citadel it is.

5.1. Install Citadel on a Pi

5.1.1. Considerations

You will be wanting to keep quite a lot of mail on-line. The SD card is not the right place to do that. And, although you could use a USB stick, I would recommend spinning rust. You will need to put /var/lib/citadel on that disk. You could choose to put /var completely on the disk, which will further relieve your SD card from write actions.

I would not state that mail is the most important thing in life, but I would be pretty miffed if I lost my mail. So a backup is required for me.

Installing Citadel is an interactive process. You will be prompted with Package Configuration dialogs, that may change from version to version. I would have loved to install Citadel with Ansible, but I failed to do that consistently.

5.1.2. The installation

5.1.3. Via apt-get

The default installation method for Citadel on a Pi is: 

sudo -s
apt-get update
apt-get upgrade
apt-get install citadel-suite

You will see a number of dialog screens:

  • Please specify the IP address which the server should be listening to. 0.0.0.0 is OK, because we're not exposing it to the Internet.
  • Authentication method to use: I use Internal, because I do not serve an LDAP or AD
  • Citadel administrator username: admin is fine; choose your own password.
  • Use internal for webcit, unless you plan to integrate it with Apache
  • HTTP port 80, HTTPS 443
  • User defined language

which is basically all the defaults. (If that was consistent I could install it via Ansible...)

5.1.4. Easy install

The problem with Easy Install is, that it is neither easy nor quick. The difficult part of the "easy" install is the dependencies. On my raspian, I had to install a number of development packages before the compiles succeeded. 

sudo -s
cd /root
apt-get install libical-dev
apt-get install libldb-dev  libldap2-dev
apt-get install gettext
apt-get install autoconf
apt-get install libcurl4-openssl-dev
curl http://easyinstall.citadel.org/install | sh

Answer the questions that after a while appear, and you're in business. Login as admin and create your own user-id under the Administration button. For testing purposes, I also created a test-user, aptly named test.

5.2. Fetchmail

To get the mail in, I use fetchmail. This allows me to have different mail providers and get it all in one mailbox at home.

Installing is, as you'd expect: 

sudo apt-get install fetchmail

Next, make for every user a .fetchmailrc in their home directory. The file should look like this: 

poll pop.provider1.nl with proto POP3
    user "username"     , with password "secret"    , is my_name here warnings 3600
    user "second_user"  , with password "hemlighet" , is my_name here warnings 3600
	user "third_user"   , with password "tajomstvo" , is my_name here warnings 3600
poll pop.provider2.nl with proto POP3
	user "mailbox"      , with password "geheim"    , is my_name here warnings 3600

And you might put in the crontab for the user: 

0,15,30,45 *  *   *   *    /usr/bin/fetchmail -v > /tmp/user.last_mail_fetch 2>/tmp/user.last_mail_error

to get mail every 15 minutes.

5.3. A backup server

A backup server is just another instance of Citadel. Every night, I make a backup of the relevant files to the backup server. I do a full backup; that means that I shutdown the primary mail server before the backup.

When the backup server is a newer version you cannot just copy the files to the backup server. Citadel will refuse to start, complaining about having both new and legacy configuration. apparently, citadel converts much of the legacy to the new when it starts up.

So, for me, the backup script is as follows. Note that sigma is the name of the backup server. 

logger "BACKUP:citadel:START"
/etc/init.d/citadel stop
ssh sigma /etc/init.d/webcit stop
ssh sigma /etc/init.d/citadel stop
sleep 60
logger "BACKUP:citadel:STOPPED"
ssh sigma rm -rf /var/lib/citadel.old/*
ssh sigma rm -rf /etc/citadel.old/*
ssh sigma mv /var/lib/citadel/* /var/lib/citadel.old
ssh sigma mv /etc/citadel/* /etc/citadel.old

scp -r /var/lib/citadel/* sigma:/var/lib/citadel
scp -r /etc/citadel/* sigma:/var/lib/citadel/etc
scp ~ljm/.fetchmailrc sigma:/var/lib/citadel/fetchmailrc
logger "BACKUP:citadel:COPIED to sigma"

ssh sigma /etc/init.d/citadel start
ssh sigma /etc/init.d/webcit start
/etc/init.d/citadel start
logger "BACKUP:citadel:RESTARTED"
logger "BACKUP:citadel:END"

As a bonus, there is an extra copy of the mail (1 day older) that is saved.

5.4. note

Raspberry Pi is a trademark of the Raspberry Pi Foundation.