Local mail server for OS X

Version 3
Last Modified: Nov 24, 2013 4:15 PM

This is meant to be a follow-on to my User Tip Setting up a local web server on OS X. Setting up a mail server is a bit more complex and not always required, so I put this document into its own post. I tried to use mail server in OS X Server, but found this process easier.

 

Requirements:

  1. Solid understanding of Terminal.app and how to run command-line programs.
  2. Basic understanding of mail servers.
  3. Basic usage of vi. You can substitute nano if you want.
  4. Xcode and basic understanding of how to build software form the command line.

 

Lines in bold are what you will have to type in at the Terminal.

Replace <your local host> with the name of your machine. Ideally, it should be a one-word name with no spaces or punctuation. It just makes life easier.

Replace <your short user name> with your short user name.

Replace <your login password> with your password.

 

Here goes... Enjoy!

 

Download the UW IMAP software from ftp://ftp.cac.washington.edu/imap

If using the Finder

  1. from the Go menu choose Connect to Server...
  2. enter ftp://ftp.cac.washington.edu/imap under Server Address:
  3. Login as guest
  4. Drag the file imap-2007f.tar.gz to your Desktop

 

Double click imap-2007f.tar.gz to expand the archive.

 

Fix the makefile. Open imap-2007f/Makefile and comment out line 422 that reads:

        EXTRACFLAGS="$(EXTRACFLAGS) -DMAC_OSX_KLUDGE=1" \

 

by inserting a # pound symbol at the start of the line so that it reads:

#EXTRACFLAGS="$(EXTRACFLAGS) -DMAC_OSX_KLUDGE=1" \

 

Build the software with:

make oxp SSLDIR=/usr SSLCERTS=/System/Library/OpenSSL/certs

 

Create a place to store the server:

sudo mkdir -p /usr/local/libexec

 

Copy the server into place:

sudo mv ipopd/ipop3d /usr/local/libexec

 

Create a PAM authentication module:

sudo cp /etc/pam.d/ftpd /etc/pam.d/pop

 

Create a self-signed certificate (this is all on one line):

sudo openssl req -new -x509 -nodes -out /System/Library/OpenSSL/certs/ipop3d.pem -keyout /System/Library/OpenSSL/certs/ipop3d.pem -days 3650

 

Fill in the prompts for your local mail server.

 

Create launchd config files

sudo touch /Library/LaunchDaemons/edu.washington.pop3.plist

sudo vi /Library/LaunchDaemons/edu.washington.pop3.plist

 

Enter the following content:

<?xml version="1.0" encoding="UTF-8"?>

<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">

<plist version="1.0">

  <dict>

    <key>Label</key>

    <string>edu.washington.pop3</string>

    <key>ProgramArguments</key>

    <array>

      <string>/usr/local/libexec/ipop3d</string>

    </array>

    <key>Sockets</key>

    <dict>

      <key>Listeners</key>

      <dict>

        <key>Bonjour</key>

        <false/>

        <key>SockServiceName</key>

        <string>pop3</string>

        <key>SockType</key>

        <string>stream</string>

      </dict>

    </dict>

    <key>inetdCompatibility</key>

    <dict>

      <key>Wait</key>

      <false/>

    </dict>

  </dict>

</plist>

 

Do the same for /Library/LaunchDaemons/edu.washington.pop3s.plist. changing Label to edu.washington.pop3s and SockServiceName to pop3s.

 

Load the launchd config files:

sudo launchctl load -w /Library/LaunchDaemons/edu.washington.pop3.plist

sudo launchctl load -w /Library/LaunchDaemons/edu.washington.pop3s.plist

 

Test your POP server:

openssl s_client -connect localhost:995

CONNECTED(00000003)

depth=0 <certificate stuff…>

emailAddress=<the e-mail address you used for the certificate>

verify error:num=18:self signed certificate

verify return:1

depth=0 <certificate stuff…>

emailAddress=<the e-mail address you used for the certificate>

verify return:1

---

Certificate chain

0 s:<certificate stuff…>

   i:<certificate stuff…>

---

Server certificate

-----BEGIN CERTIFICATE-----

<certificate content in base64>

-----END CERTIFICATE-----

subject=<certificate stuff…>

emailAddress=<the e-mail address you used for the certificate>

issuer=<certificate stuff…>

emailAddress=<the e-mail address you used for the certificate>

---

No client certificate CA names sent

---

SSL handshake has read 1037 bytes and written 328 bytes

---

New, TLSv1/SSLv3, Cipher is AES256-SHA

Server public key is 1024 bit

Secure Renegotiation IS supported

Compression: NONE

Expansion: NONE

SSL-Session:

    Protocol  : TLSv1

    Cipher    : AES256-SHA

    Session-ID: <something…>

    Session-ID-ctx:

    Master-Key: <something else…>

    Key-Arg   : None

    Start Time: 1311510626

    Timeout   : 300 (sec)

    Verify return code: 18 (self signed certificate)

---

+OK POP3 localhost 2007f.104 server ready

user <your short user name>

+OK User name accepted, password please

pass <your login password>

+OK Mailbox open, <some number of> messages

quit

+OK Sayonara

read:errno=0

 

Edit the launchd config file for postfix:

sudo vi /System/Library/LaunchDaemons/org.postfix.master.plist

 

Add the following:

        <key>KeepAlive</key>

        <true/>

 

after the lines:

        <key>Label</key>

        <string>org.postfix.master</string>

 

 

And remove the following:

        <string>-e</string>

        <string>60</string>

 

Restart postfix master:

sudo launchctl unload -w /System/Library/LaunchDaemons/org.postfix.master.plist

sudo launchctl load -w /System/Library/LaunchDaemons/org.postfix.master.plist

 

Test your SMTP server:

telnet <your local host> 25

Trying fec0:0:0:fea9::1...

Connected to <your local host>.

Escape character is '^]'.

220 pele.local ESMTP Postfix

EHLO <your local host>

250-<your local host>

250-PIPELINING

250-SIZE 10485760

250-VRFY

250-ETRN

250-ENHANCEDSTATUSCODES

250-8BITMIME

250-DSN

250-BINARYMIME

250 CHUNKING

 

Hold down the control key and type ]:

Enter the following at the telnet> prompt:

 

telnet> quit

 

Construct a test message:

From: <your short user name>@<your local host>

To:  <your short user name>@<your local host>

Subject: This is a local test

 

This is a local test of the mail system.

 

Send your test message:

cat test.txt | sendmail -t

 

Setup Apple Mail to connect to:

Incoming Mail Server: <your local host>

User Name: <your short user name>

Password: <your login password>

 

Outgoing Mail Server SMTP: <your local host>

Use only this server: checked

 

Advanced:

Port: 995

Use SSL checked

Authentication: Password

 

 

Check your e-mail in Apple Mail. Accept the certificate.