I decided to start a series of articles that explain how to go about setting up various types of servers using the Raspberry Pi as a base for the server infrastructure. Thus, this one is about setting the Raspberry Pi to be a mail server using Citadel.
The first thing we need to understand in setting up a mail server are the protocols that need to be in place. The most basic mail server requires two protocols to function, one to retrieve e-mail (IMAP/POP3) and one to send and accept mail (SMTP). Usually these function operate as two different services. On Linux platforms Postfix and Sendmail are commonly used for SMTP and either Dovecot or Courier-IMAP are used for IMAP. Normally, these can be somewhat of a pain to configure and are usually tied to accounts on the actual host system. Wouldn't it be nice if we could have all this functionality wrapped into one application? Well, that's where Citadel comes into play.
Without going into to too much detail Citadel is an open-source project that originated as a BBS system (and still serves that function) but gradually took on the role of providing mail services. The best thing about using Citadel is that it's basically a black-box application, meaning it doesn't rely on a bunch of hooks and dependencies into the system (this makes it more portable since it's self-contained). And it doesn't stop there, Citadel is loaded with the following the features.
- SMTP, IMAP, POP3 protocols supported
- Supports XMPP (Citadel can act as a Jabber server for instant messaging)
- Provides a fast webmail interface
- Easily hooks into spamassassin and ClamAV for spam and virus filtering
- Supports authentication against LDAP or Active Directory
- Basic groupware functionality (Calendars, Meetings, Address Books, Notes, Tasks)
And to top it all off, Citadel is written in C as a native application so you don't have to worry about an interpreted language (like PHP/Python) slowing you down.
So let's get right down to installing it. For this tutorial I'm going to be using the Official Raspbian "Wheezy" image as my base system.
Before we begin the process, Citadel is automatically going to try and start using IPv6 so we need to load the module before proceeding with the installation.
sudo modprobe ipv6
Thankfully, Debian makes the Citadel installation pretty easy as it's included in Debian repositories. You can compile Citadel yourself but on an ARM like the Pi it usually takes 2 - 3 hours. So we're going to make sure our sources are up-to-date and then install the citadel-suite package.
sudo apt-get update sudo apt-get install citadel-suite
After a few mintues you should see the first screen. This is asking what interface we want to listen on. 0.0.0.0 means Citadel will listen on all addresses, generally speaking this is fine so just hit OK.
The next screen will ask you how you want to authenticate users. For now lets select Internal, this means users will be stored in Citadel's own database. Host will use accounts that are on the Linux box serving Citadel. LDAP and Active Directory are for tying into a more advanced directory structure.
Enter the name of the user that you want to have admin privileges, this user will be able to make changes to the site-wide configuration.
Enter a password for the admin user.
Confirm the admin user password.
For now select Internal but if you were hosting other web sites on the same machine and want to serve other content simultaneously on port 80 you can proxy through Apache (or Nginx).
Enter the port you want the webmail interface to operate on. Port 80 is usually fine unless you have something already binding that port.
Unfortunately it doesn't matter what you port you enter here as something in the configuration process is broke and it will automatically default to port 80 anyway.
Previous explanation applies for this. This allows you to utilize SSL for a secure solution.
Select a default language if you like.
Once that's done the service should start, and you should see an error along the lines of the following.
Failed to adjust ownership of: /etc/citadel/netconfigs/7.
For whatever reason Citadel didn't create this directory but we can go ahead and run the following commands to fix that.
sudo mkdir /etc/citadel/netconfigs sudo chown citadel:citadel /etc/citadel/netconfigs sudo service citadel restart
Apparently something is broken with the Debian package so that even though we told Citadel to listen on 0.0.0.0 for IPv4 addresses, it still tries to bind IPv6 addresses (which is why we had to load the module beforehand). It basically doesn't set any of the settings you specified in the setup. What we have to do to fix this is manually run Citadel's setup program in which you'll need to re-enter some of the setup information you just entered.
Once again the admin user.
And the password.
Just leave this blank, citadel is the proper user. Debian creates this user during the install process.
This is what causes the problem, a * tells the program to bind on IPv4 and IPv6. We need to enter 0.0.0.0 or a specific IP here.
Leave this blank, the default is fine.
Once again, choose your authentication method.
Here you can go ahead and say Yes, I don't know of anything yet that this will break.
Once that's done, Debian should reload the Citadel server. However, let's reboot the machine just to make sure we're running clean.
If you need to change the port that webcit runs on. You'll to need to open up /etc/default/webcit and modify the export WEBCIT_HTTP_PORT='80' to match whatever port you want.
Now point your browser to the Raspberry Pi's IP address (or hostname if you've got it mapped with DNS) and you should see the login screen. I've noticed it may take a few minutes for the web interface to load but after that it's quick until you restart the Pi. Enter your admin credentials here to proceed.
First thing you'll want to do is head to Administration.
Now we're going to go to Domain names and Internet mail configuration. Here you'll need to add the domains you want to receive mail for under the Local host aliases.
Back at the Administration screen there's nothing you really need to edit in the site-wide configuration at this point. But you'll probably want to create a user or two by going to Add, change, delete user accounts.
At this point Citadel is installed and ready to go, just setup your appropriate MX records to point your server and mail should start coming in.
An important note that I've missed is that you also need to have a reverse lookup PTR record that points your IP back to your domain. Without that any e-mails you send may be seen as spam because many spam filters do a reverse lookup when receiving e-mails. Unfortunately, if you're running this out of your home with a dynamic IP you won't be able to set this up as your ISP controls it so your mileage with this setup may vary.