Zarafa Mailserver

It’s hard to explain how much work it is to setup your own private state of the art private mail service. The list of components to care of might be pretty scary. But from my own expirience I can tell, it’s possible!

That’s why I decided to write some tutorial about this and share my knowledge. My final objective is to show how you can setup and run a mailserver keeping your mails at home and letting a smarthost handle transfers and checks.

For the start lets have a look on the list of components:

Smarthost: Server running Archlinux

    • Management – Postfix.Admin + MariaDB
    • Remote mail Retrieval – Fetchmail with Postfix.Admin
    • Mail transfer agent (MTA) – Postfix
    • Security
      • Encryption – SSL with Postfix, NGINX
      • PSF Perfect Forward Secrecy – SSL with Postfix, NGINX
      • Relay only allowed user – Cyrus SASL with Postfix
      • Two factor login – libpam-google-authenticator with sshd
      • Ban unwanted user – Fail2ban with IPTables
      • Firewall setup – Easy Firewall Generator for IPTables
    • Spam-Control
      • Antivirus – ClamAV with Postfix-Milter
      • DomainKeys Identified Mail (DKIM) – OpenDKIM with Postfix-Milter
      • Sender Policy Framework (SPF) – Mail-SPF-Query with Postfix-Restrictions
      • Domain-based Message Authentication, Reporting & Conformance (DMARC) – OpenDMARC with Postfix-Milter
      • Spamfilter by content – Spamassassin with Postfix-Milter
      • Spamfilter by IP – Greylistd with Postfix-Restrictions
      • Spam database and blacklist check – with Postfix-Restrictions
      • DNS-based Authentication of Named Entities (DANE)
      • Sender Rewriting Scheme (SRS) – PostSRSd with Postfix
    • Privacy
      • Header reduction – with Postfix-Headerchecks

Home: Odroid U3/Raspberry Pi running Archlinux

  • Mail transfer agent (MTA) - Postfix
  • Mailserver - Zarafa Server with MariaDB
  • Webinterface - NGINX, PHP-FPM with Zarafa Webapp
  • SSL Certificates - from RapidSSL
  • PSF Perfect Forward Secrecy - Postfix, NGINX, Zarafa
  • ActiveSync - NGINX, PHP-FPM with Z-Push
  • CardDAV - NGINX, PHP-FPM with SabreDAV, SabreZarafa
  • CalDAV - Zarafa ICal trough NGINX
  • Backup - Systemd service with timer, FUSE (ftps)

Read on my next post how to install Zarafa on Arch Linux.


Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.