User Tools

Site Tools



Port(s) 25, 143, 587, 80, 443
Publicly Accessible? Yes
Upstream Dovecot, Postfix, RSpamd, OpenDKIM, and Rainloop

Sends and receives email. Rainloop is a simple webmail client that communicates with normal IMAP/SMTP.

If not used to the jumble of services used for mail, ISPMail is a good explanation, although we use a slightly different setup outlined below.

When receiving:

  1. Postfix receives an incoming SMTP connection
  2. Postfix queries LDAP to find the user/alias for the address.
  3. Postfix checks it with rspamd
  4. If rspamd decides we should deliver it, we pass it to dovecot through LMTP
  5. Dovecot queries LDAP again and places it in the user's mailbox
  6. The user then uses their MUA to access their mailbox through dovecot (over IMAP)

When sending:

  1. Postfix receives an SMTP connection on port 587
  2. The user authenticates, which postfix asks dovecot for help with
    1. Dovecot uses bind authentication against our LDAP
  3. Postfix cleans up the headers and passes it to OpenDKIM to do signing
  4. Postfix sends the signed message to wherever it needs to go

Data directories

  • /var/lib/mail, which is ceph share maildirs mounted over NFS.

Configuration locations

Managed declaratively using Nix.

hosts/web/email.txt · Last modified: 2022/09/30 21:58 by tcmal