Howto setup a mail server


When you set a mail system you minimaly need 2 things: a smtp server and a pop server.

A Simple Mail Transfer Protocol (SMTP) server will relay mails, meaning it receives them AND sends them also. On your Freesco, you will need to tell exim that it can only serve mails or, otherwise, you'll have a public mail relayer and spammers just loves that. Knowing it is serving for that domain, when it receives mail for, it will send it to a local user on Freesco. So you send mail to your smtp server, it will forward it to the recipients smtp server. smtp server receive a mail for a local user and put the message in his mailbox.

Now, when your mail gets in your mailbox, you want to be able to retreive it from a remote machine, right? Well, a Post Office Protocol server permits you to do just that. Using a username/password (usualy the same as when you log to the terminal), you connect to the pop server with a mail client and the server will send you your mail.

Note that you can telnet to both servers. telnet , 25 for the smtp and 110 for the pop.
See telnet smtp and telnet pop for a list of commands.

This is the minimalistic setup. Over that, you can add have a local Mail User Agent (MUA) to send and recieve mail from within Freesco. There is Fetchmail to retreive the content of remote mailboxs into your local system. There is fowarding. There are a couple of things.
You'll have more then you bargained for :p

To summ up

Configurations could include:
- Exim
- Exim + Popa3d
- Fetchmail + Exim + Popa3d.

What you need to do is understand how the software packages rely on one another:
EXIM + POPA3D = 'MAIL SERVER' and how one won't work without the other.

FOR THE NEWBIES like myself that need to have some things spelled out. Popa3d (or Qpopper) like mentioned previously is a POP3 SERVER, another way to think of this, is, it is the communication WIRE between EXIM THE MAIL SERVER and an email client.

EXIM -------POPA3D (the communication wire)------- email clients


Steps to get the mail server up and running

Download and install the EXIM package

There has been a problem reported with this package that can cause the system to hang and eventually stop working if you have deleted the root account and replaced it by another account with root privileges. You should not install this package (exim 4.50) in this case.

IMPORTANT : If you plan on using also the perl package (for spamassassin) you must install perl before exim. Otherwise it will not work.


Exim is a message transfer agent (MTA) with well-documented, extensive features. It handles the sending of local and remote mail. There is a great deal of flexibility in the way mail can be routed, and there are extensive facilities for checking incoming mail.


Exiscan is a patch against exim version 4.x, now included in the source code in version 4.50, providing support for content scanning in email messages received by exim. It works after the sending client has completed the SMTP data phase and waits for an answer from the server. Messages containing unwanted content can be rejected at that stage, so the job of generating a bounce message is the job of the sending host.
Four different scanning facilities are supported:
- antivirus
- antispam
- regular expressions
- file extensions
(see below “extra packages”)

The latest exim version (4.50) can be found atFreescosoft.
For more info about this package look at this post in the forum. To install it, you can simply use :

pkg -i -/exim_4.50_phbc50

from a command line prompt.


Configure it

To configure exim you need to edit the main config file /etc/exim.conf.

Before you do, first make a backup of the original config file; before you start editing with your favourite text editor (vi, joe, mc, teddy).

To edit the file you can simply type :
edit /etc/exim.conf
(followed by <enter>)

There are four important points not to miss in the config file :

1. The primary hostname

Scroll down the file and search for this line :

primary_hostname = router.inet

This indicates what emails going out of your box will have as a domain.
You need to replace router.inet and put instead your dynamic hostname. This can be a domain obtained from a dynamic DNS service like dyndns or no-ip.
In my case my hostname is so I put it like this :

primary_hostname =

2.The local domain(s)

Go down a litlle and find this line:

domainlist local_domains = localhost : your.dynamic.hostname : router.inet

You have to add every domain that you want exim to respond to in this line.

  • router.inet is the hostname and domain name of freesco so you can leave it (or change it to your setup hostname and domain).
  • localhost : DO NOT remove this one, this is so that exim recognizes mails send from within FREESCO
  • your.dynamic.hostname must be replaced with the external domain name of your box, in order for exim to receive mails for user@your.dynamic.hostname.

The items should be separated with a ':' (column), so the list results in (in my example):

domainlist local_domains = localhost : : router.inet

3. The domains for which we relay

Shortly after look for this line:

domainlist relay_to_domains = your.dynamic.hostname : router.inet

Here you should replace your.dynamic.hostname with your dynamic hostname, resulting in something like :

domainlist relay_to_domains = : router.inet

R: eventually change router.inet to match your FREESCO setup hostname and domain.

4. The hosts for which we authorize to relay without authentication

Finally, a few lines after look for this line :

hostlist   relay_from_hosts = : your.dynamic.hostname

It is usefull to put your LAN IP RANGE(s) here if you want to send mail out from any account, without needing to use SMTP AUTH (having to use a Freesco name and password to be able to send mail).
Simply replace your.dynamic.hostname with your LAN IP RANGE(s) (but leave the !), separated by ':' (column).

R: put a /16 at the end of the range.

If for instance you use 192.168.0.x addresses in your network, it should look like :

hostlist   relay_from_hosts = :

Ok!, now save the config file with <alt+x, y> and restart exim by typing :

rc_exim restart

followed by <enter>


Install a pop3 server


Popa3d is a tiny POP3 daemon designed with security as the primary goal. It's reliable and efficient, small and perfectly fits for regular use (including delivering a large number of messages).

Popa3d is available here


Qpopper is the most widely-used server for the POP3 protocol (this allows users to access their mail using any POP3 client). Qpopper supports the latest standards, and includes a large number of optional features. Qpopper is normally used with standard UNIX mail transfer and delivery agents such as sendmail or smail.

Qpopper supports Mysql with the mysql-4.1.7a-lighting package.

It is available here

There is no configuration needed, Popa3d or Qpopper both work “out of the box” with exim.


Test the server with telnet

You can test if exim works using telnet.
Log in as root and type:

telnet localhost 25

Since FREESCO version 0.3.4, the telnet client has been replaced by an ssh client, so another solution is to do this from another computer on the lan using :

telnet router.ip.address 25

router.ip.address being the IP address of FREESCO

at the prompt you should get something like :

220 ESMTP Exim 4.50 Sat, 04 Feb 2006 03:12:34 +0000

then, type


and try

telnet router.ip.address 110

here also replace router.ip.address by the IP address of FREESCO. it should yield :

+OK Qpopper (version 4.0.5) at router.inet starting.

or just


for popa3d.
Then type


to exit


Add users

You must add users to FREESCO, this is essential as exim uses the user password list in freesco to allow connections unto itself.

The thing that you need to understand about exim is the fact that user accounts = email accounts

The command to add a user in FREESCO is :

useradd username

where username is the name you want for the user.

Give those users a HOME directory, or it won't work.

Add as many users as you want mailboxes.



You must set an aliase for the root user in /etc/aliases, because for safety reasons no mails will be delivered to root. This reason may cause frozen messages.
Here is how you can do :
Edit /etc/aliases with :
edit /etc/aliases
Search for these lines :

# root aliase : change the next setting to a valid email user:
root: your_user

and change your_user with an existing email user on your system.
R: there is a real [tab] between ”:” and the “username”.

SET UP email client

You need to add identities to your email client corresponding to the new users added to FREESCO. Then set the outgoing mail server and incoming mail server in your identities configurations to use your FREESCO domain (your dyndns/no-ip address).

An example of my email address is

Try sending an email using one identity and receive it using another identity. It should work like a charm.

Now you can receive and send mails using your FREESCO box!


For more advanced things to do with your new email server, keep reading…




Fetchmail is a full-featured, robust, well-documented remote-mail retrieval and forwarding utility intended to be used over on-demand TCP/IP links (such as PPP connections). It supports every remote-mail protocol now in use on the Internet: POP2, POP3, RPOP, APOP, KPOP, all flavors of IMAP, ETRN, and ODMR. It can even support IPv6 and IPSEC. Fetchmail retrieves mail from remote mail servers and forwards it via SMTP. It allows all your system MTA's filtering, forwarding, and aliasing facilities to work just as they would on normal mail.

Eventually, you want to retrieve emails from a mailbox located somewhere on the net and download it to your FREESCO box, that is what fetchmail is for…

The package is available atFreescosoft.

There is also a version that supports the SSL protocol, retrieving your emails with Gmail for instance.

This SSL package is available here.

You need to edit the config file /etc/fetchmail.conf, the syntax is self explanatory.

For instance if you want to retrieve mails from a server called my.pop.server and forward it to a user called user1 on your FREESCO box, you would then have to add to the config file a line like :

poll my.pop.server user "username" there with password "password" is "user1" here

where username and password must be replaced by the account information of the remote mailbox.

If you only want to retrieve a copy of the message and leave the original on the server, just add “keep” at the end of the above line, simple isn't it ?

When you're done editing the config file, save it (<alt+x>, y)
and restart fetchmail with : rc_fetchmail restart



Message size

The Maximum message size
Since the package is not based on the /var directory anymore, you can send email as large as you want ( actually the size of freespace available on you hard disk… )

Log files

Log files location
The log files are located in /var/log. You will find at least one file called

  • exim_mainlog (what used to appear in the /var/messages file).
  • Also you will find useful information in exim_rejectlog (when a message couldn't be delivered).
  • exim_paniclog :in case an exim process crashes

Opening exim to the internet

Opening exim to the internet DOES NOT have any effect on mail which is going OUT of your freesco box. It is only needed if you want mail comming INTO your box from the internet. For example, mail addressed to you@yourdyndns. If you do not want this then don't open exim to the internet

Now if you do want to be able to send mail from the internet to addresses you@yourdyndns then the following must be true:
1. Exim must realise that your internet address (dyndns/no-ip/…) is a local domain (the local_domains option in the config file). Restart exim to make any changes take effect with:

rc_exim restart

2. Exim has to be open to the internet

3. Port 25 shouldn't be forwarded to anywhere else!

4. Your ISP must not block port 25. Test by trying to telnet to port 25 on your freesco box from OUTSIDE your lan.

5. If the host name in question doesn't have the IP of your freesco box, then you need to set up an mx entry in the
dns which points to your freesco box (usually not something you need to worry about because your dyndns
address is usually your freesco box).

6. YOU SHOULD CHECK THAT YOU ARE NOT RUNNING AN OPEN RELAY. If you want to be able to send mail VIA freesco from the
internet then enable SMTP AUTH.

A couple of open relay checks can be found here and here – others can be found with google. </box>

  • To make exim accessible from the internet :
    edit /pkg/rc/rc_exim.

Comment out the firewall rule by adding a ”#” at the beginning of the line(s) that say :

                ipfwadm -I -a $Pd -P tcp -W $INET -D 0/0 25 $LOG
                ipfwadm -I -a $Pd -P udp -W $INET -D 0/0 25 $LOG

Then exit ans save the file with with <alt+x>,y and restart your firewall in order for the changes to take effect:

rc_masq restart

and you should be all set.



Log facility

There are two methods :

  1. Exim is using the syslog facility for its messages. Default exim tags these messages with type 'mail', so you can use /etc/syslog to send these messages to a seperate log file. The default /etc/syslog of FREESCO is rather simple and on my 027 box looks like:
# I'm too lazy to do something with this file.
# Should you need nice logging tune it yourself.

auth.*          /dev/tty4
auth.*          /var/log/login

*.*             /dev/tty3
*.*             /var/log/log

Now, by adding the next line, and change the default:

mail.*          /some/where/mail.log
*.*;mail.none             /var/log/log

To make this change permanent, you'll probably have to copy /etc/syslog.conf to /boot/etc for FREESCO 0.3.x and to /mnt/router/etc for FREESCO 0.2.7

Then reboot the box (or send a HUP signal to the syslogd and restart exim) you'll end up with a seperate log file /some/where/mail.log (where /some/where should be an existing directory on your FREESCO!) with only the exim messages in it.

More info about the syslog.conf syntax can f.i. be found here

  1. Another method is to turn off logging within exim.

Simply add :

log_selector = -all

to the main part of the exim config file ( for instance just before the ACL section), this will make all of these annoying messages disappear.



  • To get exim to deliver e-mail send to non-existing users to a default mailbox,

(i.e. when someone sent an e-mail to a user that didn't exist in my aliases file it would automatically be delivered to another existing user). Open the /etc/exim.conf file and look for this part in the configuration

 driver = redirect
 data = ${lookup{$local_part}lsearch{/etc/aliases}}
# user = exim
 file_transport = address_file
 pipe_transport = address_pipe

This is the part of the config file, that makes exim check if the user is present. If this is left as it is, mail send to users which do not exist in the aliases file the mail is rejected with the message unrouteable address.

So in order to get a mail send to a non-existing user delivered to an existing user all you need to do replace lsearch with lsearch* in this part of the config so this is how it should look like…

 driver = redirect
 data = ${lookup{$local_part}lsearch*{/etc/aliases}}
# user = exim
 file_transport = address_file
 pipe_transport = address_pipe

And make sure you have set this line in your aliases file located in the /etc folder (/etc/aliases)

*: [tab] username

where [tab] is an actual TAB and username is the account where you want the mail to be delivered to. (This has to be an existing mail account on your FREESCO)


Adding a default route

More and more organisations are blocking mail that originates from a dynamic IP address range.
The solution ? Configure exim to route outgoing mails via the SMTP server of your ISP.

For exim 3.x

Add these lines as the first router in the ROUTERS section of your exim configuration file /usr/local/exim/configure :

# route via ISP mail server
driver = domainlist
transport = remote_smtp
route_list = "* smtp.your.isp"

where smtp.your.isp must be changed to the address of your ISP's smtp server.


For exim 4.x

Add these lines (or uncomment them in version 4.50) in the config file in the routers section :

driver = manualroute
domains = !+local_domains
transport = remote_smtp
route_list = * smtp.your.isp


begin routers

which in your exim configuration file should give you something like this :

#                      ROUTERS CONFIGURATION                         #
#               Specifies how addresses are handled                  #
# An address is passed to each router in turn until it is accepted.  #

begin routers

    driver = manualroute
    domains = !+local_domains
    transport = remote_smtp
    route_list = * smtp.your.isp

Where smtp.your.isp must be changed to the domain name of your ISP's SMTP server.
IMPORTANT This must be the FIRST router.

Save changes (alt+x, y) and restart exim :

rc_exim restart



If your ISP requires SMTP authentification, here is what you should do, in order to configure exim to send a username and password to the smtp server :

Put as a first router (see above “default route” for details)

  driver = manualroute
  domains = !+local_domains
  transport = remote_smtp
  route_list = * your.isp.smtp

In the transports section find the following lines :

 driver = smtp
 hosts_require_auth = your.isp.smtp

and add the beginning with hosts_require_auth, in the above (both the router and the transport) your.isp.smtp must be changed to the address of your ISP's smtp server.


   driver = plaintext
   public_name = LOGIN
   server_prompts = "Username:: : Password::"
   server_condition = "${if and {{!eq{${lc:$1}}{ppp}}{!eq{$1}{}}{!eq{$2}{}} \
   {crypteq{$2}{${extract{1}{:} \
   server_set_id = $1


client_send = ": youruserid : yourpassword"

Where youruserid and yourpassword should be replaced by the account data.

Finally, save the file and restart exim with :

rc_exim restart


Sending mail using php

If you want to send emails with a php script, make sure that there is a link called sendmail on your system that points to exim, you can check for it with (at the console) :

ls -l /usr/sbin/sendmail

and look at the result :

[root@Freesco] ls -l /usr/sbin/sendmail
lrwxrwxrwx   1 root          root               13 May  9  2005 /usr/sbin/sendmail -> /pkg/bin/exim

Here you can see that /usr/sbin/sendmail points to the exim binary, ”/pkg/bin/exim”. If you get something like “no such file or directory” instead, then you need to add a sendmail symlink to exim, do it like this :

ln -s /path/to/exim /usr/sbin/sendmail

where /path/to/exim should be replaced by the location of the exim binary on your system (If you use version 4.50 the path is /pkg/bin/exim, for previous versions (including exim 3.x) it's /usr/local/exim/bin/exim )
Php will need this in order to recognize the mail agent. Next you will have to edit the php.ini file, located in /usr/local/lib, with :

cd /usr/local/lib
edit php.ini

Scroll down the file until you find these lines :

; For Unix only.  You may supply arguments as well (default: 'sendmail -t -i').
;sendmail_path =

and uncomment the line that contains sendmail_path= by removing the “;” at the beginning, then add to the end “/usr/sbin/sendmail -t -i”, so it reads :

sendmail_path =/usr/sbin/sendmail -t -i

save the file (alt+x, y), and restart the web server with :

rc_httpd restart

Now you can test sending an email using a form script, it should work.

Configure exim for Virtual Mail domains

This article describes howto configure exim to host multiple virtual mail domains.


Extra Packages


Antivirus package.

The Antivir package is available at Freescosoft An updated package is available here (with the latest virus definitions). Look at antivir's site for more info.

In order for updates to work, you need to have a licence key, to get it you will have to download a version of the antivir workstation complete package from antivir's web site.
Then save it on your local hard disk and extract the file, you can do it like this :

cd /some/where (location where you downlaoded the workstation package)
tar zxvf workstation-xxx-xxx.tar.gz
cd workstation-xxx-xxx

You need to copy the licence key in the main directory in/usr/local/antivir/ to activate antivir.
The licence is valid for a year.

By default and with a key the packages updates the virus definition every day at 22:50 PM, but if you need to change it use

rc_antivir setup

to modify the config file.
To scan emails with antivir and exim follow these steps :

Edit the exim config file /etc/exim.conf, with :
edit /etc/exim.conf
Search for these lines in the main section :

#av_scanner = cmdline:\
#                /usr/local/antivir/antivir %s:\
#                ALERT:'(.+)'

and uncomment them (by removing the '#' sign at the beginning).
Then scroll down the file and in the ACL section find the following lines :

#    deny  message = This message contains malware ($malware_name)
#          malware = *

Also uncomment them.
That's it. Now save the file (with <alt+x>,y) and restart exim with :

rc_exim restart

After that exim will scan your mails automatically before delivering them to your users.

Example run for content scan :

2005-04-15 09:51:13 1DMNTk-00048v-Pb H=localhost [] F=<xxxx@xxxx> rejected after DATA: This message
 contains an unwanted file extension (pif)
2005-04-15 21:14:58 1DMY9R-0001R0-QH H=localhost [] F=<xxxx@xxxx> rejected after DATA: This message
 contains an unwanted file extension (scr)
2005-04-15 21:14:58 1DMY9S-0001R0-BM H=localhost [] F=<xxxx@xxxx> rejected after DATA: This message 
contains an unwanted file extension (pif)
2005-04-16 00:05:42 1DMaod-0006lF-H4 H=localhost [] F=<xxxxx@xxxx> rejected after DATA: This message
 matches a blacklisted regular expression ([Vv] *[Ii] *[Aa] *[Gg] *[Rr] *[Aa])
2005-04-16 00:06:32 1DMapR-0006lF-RR H=localhost [] F=<xxxx@xxxx> rejected after DATA: This message matches
 a blacklisted regular expression ([Vv] *[Ii] *[Aa] *[Gg] *[Rr] *[Aa])
2005-04-16 00:06:49 1DMapi-0006lF-KN H=localhost [] F=<xxxx@xxxx> rejected after DATA: This message matches
 a blacklisted regular expression ([Vv] *[Ii] *[Aa] *[Gg] *[Rr] *[Aa])



An anti-spam package that works with exim 4.50.
It provides full scanning of mails against spam, see here for more info.
The package is available at Freescosoft.

This package is recommended for computers whith a lot of memory (>64Mb of RAM) and (preferably) a fast CPU (pentium), because the spamassassin daemon(s) eat up a lot of ressource.

Exim Configuration

After install edit /etc/exim.conf with :
edit /etc/exim.conf
and find this line (in the main section) :

#spamd_address = 783

uncomment it by removing the '#' sign at the beginning.
Then a little down further, uncomment also this line :

#system_filter = /pkg/etc/exim.filter

Also find these lines further down in the ACL section:

### Spamassassin configuration ###

# Always add X-Spam-Score and X-Spam-Report headers, using SA system-wide settin
# (user "nobody"), no matter if over threshold or not.
### For the spamd package uncomment these lines (6) :

#    warn  message = X-Spam-Score: $spam_score ($spam_bar)
#          spam = nobody:true
#    warn  message = X-Spam-Report: $spam_report
#          spam = nobody:true
#    warn message = X-Spam-Flag: YES
#         spam = nobody

### If you want to REJECT all SPAMs uncomment these lines.
### BEWARE, if you use this facility :
### All mails defined by SPAMASSASSIN as spam will be LOST after the data scan !
### (Reject spam messages with score over 10, using an extra condition).

#    deny  message = This message scored $spam_score points. Congratulations!
#          spam = nobody:true
#          condition = ${if >{$spam_score_int}{100}{1}{0}}

### Rewrites Message Subject adding *SPAM* at the beginning
### This works with the file defined in "system_filter =", see above.
### Uncomment the next lines (2) for spamd to add a subject starting with *SPAM*

#    warn message = X-New-Subject: *SPAM* $h_subject:
#         spam = nobody

### End Spamassassin configuration ###

Here uncomment the appropriate lines as explained…

Then save the file with <alt+x, y>, and restart exim with :

rc_exim restart

With this incoming emails will be analyzed and those which score a number over 5 in spamassassin's scale of recognition will have *SPAM* added in the subject header. Therefore it is easy to put a rule in your mail client (like thunderbird, outlook) to redirect spam to a different folder, separating it from regular emails.

Here is an extract from the log for spam (as seen in /var/log/spamd.log) :

2005-04-21 05:18:20 [4371] i: server started on port 783/tcp (running version 3.0.0)
2005-04-21 05:18:20 [4371] i: server successfully spawned child process, pid 4923
2005-04-21 05:45:24 [4923] i: connection from localhost [] at port 1134
2005-04-21 05:45:24 [4923] i: info: setuid to nobody succeeded
2005-04-21 05:45:25 [4923] i: checking message <xxxxx@xxxxx> for nobody:99.
2005-04-21 05:45:30 [4923] i: clean message (-2.6/5.0) for nobody:99 in 6.0 seconds, 3403 bytes.
2005-04-21 05:45:30 [4923] i: result: . -2 - BAYES_00,NO_REAL_NAME 
2005-04-21 06:14:24 [4923] i: connection from localhost [] at port 2071
2005-04-21 06:14:24 [4923] i: info: setuid to nobody succeeded
2005-04-21 06:14:24 [4923] i: checking message <> for nobody:99.
2005-04-21 06:14:30 [4923] i: identified spam (15.8/5.0) for nobody:99 in 6.0 seconds, 2629 bytes.

Spamassassin configuration is done with config files in /etc/spamassassin.

If you want to customize spamassassin, you need to create a file in /.spamassassin called user_prefs, then you can add your custom rules in it.

Remark : you must set user and prefs for the file like this :

chown root.root /.spamassassin/user_prefs
chmod 600 /.spamassassin/user_prefs

and then restart spamassassin with :

rc_spamd restart


made by phbc50

freesco/howtos/how-to_setup_a_mail_server.txt (290112 views) · Last modified: 2007/01/15 22:36 (external edit)
Recent changes RSS feed Creative Commons License Donate Powered by PHP Valid XHTML 1.0 Valid CSS Driven by DokuWiki