Local Mail Server for Lion

Since the User Tips aren't ready yet, I thought I would go ahead and post my definitive guide to getting a local mail server running on Lion. This is meant to be a follow-on to my post on Local Web Server for Lion. Setting up a mail server is a bit more complex and not always required, so I put this document into its own post. I tried to use mail server in Lion Server, but found this process easier. 🙂

Requirements:

1. Solid understanding of Terminal.app and how to run command-line programs.
2. Basic understanding of mail servers.
3. Basic usage of vi. You can substitute nano if you want.
4. Xcode and basic understanding of how to build software form the command line.

Lines in bold are what you will have to type in at the Terminal.

Replace <your local host> with the name of your machine. Ideally, it should be a one-word name with no spaces or punctuation. It just makes life easier.

Replace <your short user name> with your short user name.

Replace <your login password> with your password.

Here goes... Enjoy!

Download the UW IMAP software.

Connect to ftp://ftp.cac.washington.edu/imap

Login as guest

Copy the file imap-2007f.tar.gz to your Desktop

Expand the archive with

tar zxvf imap-2007f.tar.gz

Fix the makefile. Open imap-2007f/Makefile and comment out line 422 that reads:

EXTRACFLAGS="$(EXTRACFLAGS) -DMAC_OSX_KLUDGE=1" \

Build the software with:

make oxp SSLDIR=/usr SSLCERTS=/System/Library/OpenSSL/certs

Create a place to store the server:

sudo mkdir -p /usr/local/libexec

Copy the server into place:

sudo mv ipopd/ipop3d /usr/local/libexec

Create a PAM authentication module:

sudo cp /etc/pam.d/ftpd /etc/pam.d/pop

Create a self-signed certificate:

sudo openssl req -new -x509 -nodes -out /System/Library/OpenSSL/certs/ipop3d.pem -keyout /System/Library/OpenSSL/certs/ipop3d.pem -days 3650

Create launchd config files

sudo touch /Library/LaunchDaemons/edu.washington.pop3.plist

sudo vi /Library/LaunchDaemons/edu.washington.pop3.plist

Enter the following content:

<?xml version="1.0" encoding="UTF-8"?>

<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">

<plist version="1.0">

<dict>

<key>Label</key>

<string>edu.washington.pop3</string>

<key>ProgramArguments</key>

<array>

<string>/usr/local/libexec/ipop3d</string>

</array>

<key>Sockets</key>

<dict>

<key>Listeners</key>

<dict>

<key>Bonjour</key>

<false/>

<key>SockServiceName</key>

<string>pop3</string>

<key>SockType</key>

<string>stream</string>

</dict>

</dict>

<key>inetdCompatibility</key>

<dict>

<key>Wait</key>

<false/>

</dict>

</dict>

</plist>

Do the same for /Library/LaunchDaemons/edu.washington.pop3s.plist. changing Label to pop3s and SockServiceName to pop3s

Load the launchd config files:

sudo launchctl load -w /Library/LaunchDaemons/edu.washington.pop3.plist

sudo launchctl load -w /Library/LaunchDaemons/edu.washington.pop3s.plist

Test your POP server:

openssl s_client -connect localhost:995

CONNECTED(00000003)

depth=0 <certificate stuff…>

emailAddress=<the e-mail address you used for the certificate>

verify error:num=18:self signed certificate

verify return:1

depth=0 <certificate stuff…>

emailAddress=<the e-mail address you used for the certificate>

verify return:1

---

Certificate chain

0 s:<certificate stuff…>

i:<certificate stuff…>

---

Server certificate

-----BEGIN CERTIFICATE-----

<certificate content in base64>

-----END CERTIFICATE-----

subject=<certificate stuff…>

emailAddress=<the e-mail address you used for the certificate>

issuer=<certificate stuff…>

emailAddress=<the e-mail address you used for the certificate>

---

No client certificate CA names sent

---

SSL handshake has read 1037 bytes and written 328 bytes

---

New, TLSv1/SSLv3, Cipher is AES256-SHA

Server public key is 1024 bit

Secure Renegotiation IS supported

Compression: NONE

Expansion: NONE

SSL-Session:

Protocol : TLSv1

Cipher : AES256-SHA

Session-ID: <something…>

Session-ID-ctx:

Master-Key: <something else…>

Key-Arg : None

Start Time: 1311510626

Timeout : 300 (sec)

Verify return code: 18 (self signed certificate)

---

+OK POP3 localhost 2007f.104 server ready

user <your short user name>

+OK User name accepted, password please

pass <your login password>

+OK Mailbox open, 5 messages

quit

+OK Sayonara

read:errno=0

Edit the launchd config file for postfix:

sudo vi /System/Library/LaunchDaemons/org.postfix.master.plist

Add the following:

<key>KeepAlive</key>

<true/>

Remove the following:

<string>-e</string>

<string>60</string>

Restart postfix master:

sudo launchctl unload -w /System/Library/LaunchDaemons/org.postfix.master.plist

sudo launchctl load -w /System/Library/LaunchDaemons/org.postfix.master.plist

Test your SMTP server:

telnet <your local host> 25

Trying fec0:0:0:fea9::1...

Connected to <your local host>.

Escape character is '^]'.

220 pele.local ESMTP Postfix

EHLO <your local host>

250-<your local host>

250-PIPELINING

250-SIZE 10485760

250-VRFY

250-ETRN

250-ENHANCEDSTATUSCODES

250-8BITMIME

250-DSN

250-BINARYMIME

250 CHUNKING

telnet> quit

Construct a test message:

From: <your short user name>@<your local host>

To: <your short user name>@<your local host>

Subject: This is a local test

This is a local test of the mail system.

Send your test message:

cat test.txt | sendmail -t

Setup Apple Mail to connect to:

Incoming Mail Server: <your local host>

User Name: <your short user name>

Password: <your login password>

Outgoing Mail Server SMTP: <your local host>

Use only this server: checked

Advanced:

Port: 995

Use SSL checked

Authentication: Password

Check your e-mail in Apple Mail. Accept the certificate.