HOWTO: Install Ubuntu Server 12.04 LTS and get working mailserver

By tonyhughes Hughes, in , posted: 4-Dec-2012 22:06

Updated: easier to read and more info.

This is a guide for people who want to have their own domain name, and run their own mailserver using Ubuntu Server 12.04 LTS.

Following this guide will likely take around 60 minutes, including installing Ubuntu Server onto your machine. I installed the 32bit version on an AMD Sempron 3000+, and at the end of the process had used up 2.2GB of hard drive space. I would recommend a 10GB or bigger drive, and 512MB or more of RAM. 

At the end of this guide, you should be able to:

Tasks to accomplish before going ahead:


Static WAN IP Address


Check with your ISP that you have a static IP address, port 25 is not blocked, and you are not in a firewalled ip pool. Your ISP may charge for a static IP address.


Register Domain Name

Register a domain name e.g. foo.com, from www.discountdomains.co.nz or any other domain reseller. You will require DNS hosting if given the option, so that you can set A records, MX records, and other configuration items for your domain.


Create Domain Records

Create an 'A' record in your domain name hosting panel at your domain reseller, pointing to your internet connection public IP address (e.g. 210.945.54.11) (visit http://whatsmyip.com to find your IP) as follows:

A <yourpublicipaddress>
e.g. A 210.945.54.11

Create an 'MX' record as follows:

MX 10 <yourpublicipaddress>
e.g. MX 10 210.945.54.11

(You may need to wait up to 72 hours before the planet as a whole can see your server, and send you mail).

Decide On IP Configuration

Based on your routers IP address, and DHCP settings, choose an IP address for your server. If your routers IP address is 192.168.1.1, then choose something like 192.168.1.150 for your servers new IP address.

Ensure the IP address you choose is not inside the DHCP pool assignment in your router.
Ensure the IP address you choose is not assigned to another machine on your network.


Create Port Forwards In Your Router

To allow the outside world to access your server from the internet, you will need to setup port forwarding. This is a slightly different process depending on the make and model of your router. Check out portforward.com for help setting up port forwarding.

Create port forwards for the following services:

Name: SMTP
Port: 25
Internal IP: 192.168.1.150
Protocol: TCP
If asked for a port to map to, put port 25.

Name: IMAP
Port: 143
Internal IP: 192.168.1.150
Protocol: TCP
If asked for a port to map to, put port 143.

Name: WEB
Port: 80
Internal IP: 192.168.1.150
Protocol: TCP
If asked for a port to map to, put port 80.


Download Ubuntu Server

Download Ubuntu Server 12.04 LTS from here (64 bit if you have a 64 bit CPU) and burn the iso image to a CD-R.

Virtualisation note:

Parallels or VMWare desktop or similar) - virtual servers might need bridged networking to get an IP address straight from router rather than from host, which is important for a server, and easier to do before you install Ubuntu - if given the option, clone your hosts MAC address).

USB Install:

You can also use various tools to create a bootable USB stick to install Ubuntu Server, rather than a CD. The Ubuntu Forums have plenty of information about this.


Install Ubuntu Server
  • Ensure the server BIOS is set to boot from CD first.
  • Insert CD into server, and power on the server.
  • Select English for the interface.
  • Select Install Ubuntu Server.
  • Select English for the installation process.
  • Choose your appropriate location.
  • Autodetect keyboard.
  • Select correct network interface if asked.
  • Enter a hostname (easy to change later so accept default is ok).
  • Enter your full name (e.g. 'Joe Foo')
  • Enter your desired user name (first name or 'joe')
  • Enter your desired password.
  • Confirm password.
  • Select no when asked to encrypt home directory.
  • Select Yes if your timezone is correctly identified, or choose.
  • Select default of Guided - use entire disk and setup LVM.
  • Select disk to partition.
  • Select Yes to write changes to disk.
  • Press enter to allocate full partition size to installer.
  • Select yes to write changes to disk.
  • Press enter to bypass http proxy information unless you need it.
  • Select install security updates automatically.
  • At the software selection screen, use spacebar to select the following software:
  • OpenSSH server
  • DNS server
  • LAMP server
  • Mail server
  • Select any other server options that you want (it's easy to add these later - just run 'sudo tasksel').
  • Press tab to get to continue and press enter.
  • Set and repeat MYSQL root user password.
  • Select internet site. Don't use a smarthost unless you need to relay outbound mail via your ISP.
  • Select mail system name (e.g. if you are hosting www.foo.com then type 'foo.com')
  • Select yes to install GRUB to the master boot record.
  • When prompted to remove CD, do so, and press enter.
  • Server will reboot.

Login to server and begin configuration
  • Login with the username and password you gave during install.
  • Temporarily assume 'root' privileges until (dropped or logged out):
sudo su
  • Set static IP address:
nano /etc/network/interfaces
  • Set the eth0 assignment to 'static' and add the following lines:
auto eth0
iface eth0 inet static
address 192.168.1.150

netmask 255.255.255.0
gateway 192.168.1.1
  • Restart networking services to gain new IP: (Note - if you are SSHing in, ifdown will kill the network connection):
ifdown eth0
ifup eth0
  • Install Rootkit checking software:
apt-get install rkhunter
  • Set a baseline for RKHunter to check for rootkits later:
rkhunter --propupd
  • Update RKHunter:
rkhunter --update
  • Update Ubuntu repository package list: 
apt-get update
  • Upgrade all installed packages to latest versions through the Ubuntu repositories:
apt-get upgrade
  • Install some useful software and some of their dependencies (All optional, but recommended):
apt-get install chkrootkit iptraf nmap tiger logwatch libdate-manip-perl ufw psad denyhosts fail2ban squirrelmail perl libnet-ssleay-perl openssl libauthen-pam-perl libpam-runtime libio-pty-perl apt-show-versions python
  • Install webmin web-based server administration tool:
wget http://prdownloads.sourceforge.net/webadmin/webmin_1.610_all.deb
sudo dpkg -i webmin_1.610_all.deb
  • Configure DenyHosts reporting via email (Scroll down to mail administrator info and set your address):
nano /etc/denyhosts.conf
  • Create a symbolic link to make http://foo.com/webmail be a valid address to login to webmail:
ln -s /usr/share/squirrelmail/ /var/www/webmail
  • OPTIONAL: Turn the whoopsie service off (Canonical error reporting). Lessens CPU/RAM use turning off. Helps Canonical leaving it on:
sed -i -e '/report_crashes=/ s/true/false/' /etc/default/whoopsie 
service whoopsie stop
  • Edit the SSH port number in sshd_config to reduce script-kiddie annoyance (make it a random unused port below 1024 - e.g. port 899):
nano /etc/ssh/sshd_config
reload ssh
  • Edit your hosts file to enable various addresses:
nano /etc/hosts

  • Add the following lines:
127.0.0.1 localhost localhost
127.0.1.1 ubuntu localhost
127.0.0.1 foo.com localhost
127.0.0.1 mail.foo.com localhost

  • Edit /etc/dovecot/dovecot.conf
nano /etc/dovecot/dovecot.conf

and add the following lines:

auth default {	
  socket listen {
    client {
	  path = /var/spool/postfix/private/auth
	  mode = 0660
	  user = postfix
	  group = postfix
    }
  }	
  mechanisms = plain login
}

  • Edit /etc/postfix/main.cf
nano /etc/postfix/main.cf

and add the following lines:
mynetworks = 127.0.0.0/8
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions =  permit_mynetworks, 
    permit_sasl_authenticated, reject_unauth_destination
broken_sasl_auth_clients = yes

  • Setup firewall (after enabling, the default setting denies everything, so set your allow rules) Assuming your router only forwards 143, 25 and 80, then you won't be exposing your Webmin login page or SSH server to the internet): (port 899 refers to whatever you chose for SSH)
ufw enable
ufw allow 143
ufw allow 899
ufw allow 25
ufw allow 80
ufw allow 10000
  • Cleanup some unneeded junk from installs:
apt-get autoremove
  • Use a browser on a local network PC and head to https://<yourserver>:10000 then login and select Servers > Dovecot > Edit config files and add the following two lines to the file "10-mail.conf":
mail_location = mbox:~/mail:INBOX=/var/spool/mail/%u
mail_access_groups=mail
  • Click Save, then click Apply Configuration.
  • While logged into Webmin in your browser, go back to the status screen and select upgrade Webmin to new version (at the bottom). Stay on this page while the upgrade is in progress (if there is an update that is).
Thats it - you're all done!

More guides, blogs, and geek stuff at http://www.geek101.co.nz/

Other related posts:
How to move your Drupal 7 site to a different folder on your domain...
I want broadband, why do I have to wait 3 days to even know if its POSSIBLE?
Lotteries Commission using open source software








Comment by valtam, on 29-Dec-2012 20:27

Nice work, will try this out sometime.


Add a comment

Please note: comments that are inappropriate or promotional in nature will be deleted. E-mail addresses are not displayed, but you must enter a valid e-mail address to confirm your comments.

Are you a registered Geekzone user? Login to have the fields below automatically filled in for you and to enable links in comments. If you have (or qualify to have) a Geekzone Blog then your comment will be automatically confirmed and shown in this blog post.

Your name:

Your e-mail:

Your webpage:



Subscribe To My RSS Feed