I’m currently running two servers using YunoHost on my home network. YunoHost includes an email stack, including postfix and dovecot for both SMTP and IMAP. However, since I’m on a residential internet plan, port 25 is blocked, so I want to instead use Mail-in-a-Box on a small VPS as my email.
I’d like it so that when my YunoHost servers need to send email–for instance, when my Friendica or NextCloud installations need to send system emails–they can do so. I think that’s a mail relay?
And it would be awesome, though it’s not my highest priority, if I could also use MIAB to actually send and receive emails through the domains I have associated with YunoHost.
Bonus points if I could just use the webmail service on my YunoHost box to access these email accounts, though that’s even less of a priority.
Here’s the catch: I don’t know a darn thing about email.
My question is: how can I make this work? Where do I diverge from the documented MIAB setup instructions, and what might I need to add to postfix/dovecot configuration so that the machines on my home network can use the MIAB server?
More broadly, any guidance and tips would be much appreciated, as this is all very foreign to me.
Yes, I am personally not overly familiar with YunoHost’s components, but you would configure the MTA to relay outbound emails to your MiaB configuration - which may be a bit tricky (or potentially impossible) due to the way that MiaB handles ‘permitted senders’. It may be much simpler for you to use a commercial SMTP relay such as the one I have created for use with MiaB. I’ll provide more details upon request.
I think that your best plan would be to handle all email as being treated as sent/received from your MiaB - in other words, not actively use the email server components within YunoHost for clients to access their email, etc. Just use the email components within YunoHost for the scenarios you have outlined, such as Friendica or NextCloud.
Again, I would need to be more familiar with YunoHost to advise if this could be done … but it is likely that the answer is yes. What specifically is it about the ‘webmail service on my YunoHost box’ is attractive to you?
Well, there are a lot of unknowns here. Start by addressing the questions I have posed and perhaps the community here can help figure it out.
Thanks for your response, @alento! I appreciate your patient explanation.
Interesting. Can you say more about permitted senders?
The YunoHost support forums have some posts on setting up a mail relay, such as this one. Would I need to do something extra to configure this with MiaB?
Honestly, just having it all in one place. After sleeping on it, I realized it would be simple enough to put a link in my YunoHost dashboard to the MiaB webmail, so I’m fine letting this “criterion” go.
Definitely. I think I’ve answered your questions, but please let me know if more information is needed.
As extra security, to prevent email from being spoofed by other senders, MiaB tracks which senders are ‘allowed senders’ for each mailbox user. If the sender is not specifically allowed, MiaB will reject the email from sending. Using a relay from YunoHost will mean that ONLY one specific user will be sending mail on behalf of all of the users listed in MiaB. Due to this, it may be simpler to go with a commercial relay. Please note, most commercial email providers do not have this limitating factor that MiaB has added it their attempt to limit spoofing.
A link from one of the comments in that post reminded me that there is an extra consideration - how to tell YunoHost that it is NOT the mail exchanger for the domains served by it. There were directions in that comment, which need to be reviewed to see if they are accurate. Other than that, the post you linked is almost perfectly accurate. There is a slight syntax difference that I noticed, which I will point out to you at another time when I can look more carefully at it. (Basically, the instructions said to list the relayhost.domain.tld but in actuality it needs to be in the format of [relayhost.domain.tld]:port. So the brackets, a colon, and the smtp port number need to be added.
Are there multiple domains involved, and are there multiple people involved, i.e. are you hosting sites for others?
I wanted to get this reply to you quickly - but I realize that I am not at my best at the moment, so I will need to look at this again with a fresh set of eyes in the morning.
Huh. I’m struggling to understand this. So if I have users like friendica@example.com and essdub@example.com on my YunoHost box, and I’m relaying mail out to MiaB at example.email, then MiaB will send them all from a single user? And there’s no way around this?
I have several domains, and I would like to have support for multiple people–at the very least so I can have my own personal inbox that is separate from automatic system emails.
That is not quite what I said … what I said actually is the MiaB wouldn’t even send them - it would cause an error UNLESS you listed EACH and every user with a permitted sender of the user account that you are authenticating with. Confused yet?
The setup for MiaB asks for the first user … the guide suggests using your personal user account. I never do this. I want the first user to be an admin only account. Typically I use miab@domain.tld personally.
But the question I was asking was more along the lines of is this for your (and close friends/family) use or do you have clients that you host? The reason I am asking is that there are things to do to be more professional.
Now I really need to go back and study this complete discussion — just at a lack of time atm to do so.
I’m trying hard to follow, there’s just a lot of moving pieces. Thanks for your patience!