I donāt, I am using a virtual server that I ārentā. This is much more reliable and comes with a very fast connection. Itās really expensive to get an Internet plan with high upload and that kind of availability.
Of course there is the drawback of less privacy because potentially a malicious admin of the hoster could access the vhost, but at least afaics itās illegal in Germany and not trivial because they donāt have a user on my OS, so they would have to go a few levels lower. Since you should assume that any cloud, even Nextcloud, can be compromised (e.g. zero day exploits) I would not recommend to put anything there, that if compromised, would have catastrophic implications for you anyway. So using a vhost is a compromise I can live with.
For hosting a mailserver at home, you could use a āsmarthostā to send mail and Fetchmail to pull IMAP/POP3 mailboxes. Not quite a private mail server, but at least the mails stay locally on your own server.
True, the Nextcloud implementation isnāt, but I just wanted to mention it as a measure against snooping server operators. Aside from that, other options exist in the meantime, like for example Cryptomator.
@PancakeConnaisseur
1st I have to thank you for the great work you have done with this tutorial.
But I have to admit, that after reading there are still some open questions:
Why PostgreSQL?
can you explain this statement with a bit more background info?
Why no virus scan implementation?
Is there a special reason why you did not even mention a virus scan in this context?
Whatās about redis?
As far as I know Rspamd depends on redis when it comes to caching. Why do you use APCu instead of redis for caching in nextcloud?
These questions are no criticism at all, but will help me to get a deeper understanding of the subject.
more convenient functions, e.g. ILIKE for case insensitive search which is a mess in MariaDB, i.e. queries becomes way more complex instead of just using ILIKE instead of LIKE as you can with Postgres.
PostgreSQL just feels more rounded, is more standard compliant and creates less hassle. MariaDB (to me personally) feels too āhackyā compared to Postgres. Another example is that to make MariaDB queries secure with PDO in PHP you need to make sure the right charset is used. In Postgres āit just worksā.
Why no virus scan implementation?
Because virus scanners are mostly snake oil, i.e. give you a wrong sense of security while detecting few viruses that really matter. This might be even more true for desktop solutions but I just decided that its not worth the effort for the little to no gain.
Whatās about redis?
I actually state in the tutorial that you should use Redis for larger user bases and provide links to instructions on how to set up Redis. I did not include it merely because at some point I had to make a cut (you can always explain more and do more but time is limited) and for my use case I donāt need it (relatively few users). But if you do, just follow the links.
Thank you for posting this tutorial, itās exactly what I wanted to do
Iām hoping that you can help, or point me in a helpful direction, since you know much more about this topic than I do.
After starting dovecot, when I check the error log, it says
mail dovecot: auth: Fatal: sql /etc/dovecot/dovecot-sql.conf.ext: Error in configuration file /etc/dovecot/dovecot-sql.conf.ext line 72: Unknown setting: password
Then command startup failed, throttling for x seconds, imap error login timeout.
I went triple-checked the tutorial to make sure Iād typed correctly (checked to make sure I typed it properly, tried putting password on a different line, tried putting it all on one line the way Iād done it initially in case it auto-misformatted).
These seemed most relevant, but I checked others:
There were others that were more relevant, but they didnāt have answers, and I lost track of them (sorry!)
It seems that the issue actually has nothing to do with the password setting, since by all accounts that is an actual setting that is supposed to be there.
Every test up to this point has worked successfully, except the SSL setup; I used the --staging option for that, but when I reran it without that, it said the certificates were already there and to use force renew. When I visit my domain in a browser it says SSL_ERROR_RX_RECORD_TOO_LONG
But that is fixed with https://support.servertastic.com/knowledgebase/article/error-code-ssl_error_rx_record_too_long
and I was going to do that afterwords, when everything else was set up, since I didnāt want to lose my place. Iām not sure if thatās related but I want to give as much information as possible.
So, Iām not sure where to look next, since the error seems to be of the āsomething other than what the error says is causing it to spit this error outā type, but everything else has tested as working.
Any help would be greatly appreciated, and thank you for this tutorial
Okay, I switched (in the offending file mentioned in the previous post) from 127.0.0.1 to localhost since they mean the same thing and the latter was used both originally in the file and in the dovecot wiki. /var/log/mail.err didnāt spit out an error when I reloaded dovecot, nor when I tried the start command. Iām going to consider this fixed for now and keep going. Iāll update as events warrant.
Update: I went back to where I was, and the next step was test the mail server. I used the telnet command, and it worked. Wtf. Letās see if it sticks.
Update2: Test email went through. Seems to have worked, in both directionsā¦
Hi all, hi @PancakeConnaisseur ! This tutorial is awesome, very detailed and everything is explained very well. But I have one issue with it. Iām using environment where we have MariaDB(MySQL) already deployed. I donāt want to install additional database instance just to maintain email addresses.
I was never working with PostgreSQL and it seems MySQL lacks some features like for example user-defined domainā¦
Now that is how a tutorial is done easy to follow and learned a lot. Of course at the very end ran into a problem and have been stuck for a couple days. After installing User Backend Using Raw SQL I cant access the Users in the profile so I am not able to create any users. I get an internal error page and nextcloud.log gives error āFileā:"/var/www/nextcloud/apps/user_backend_sql_raw/lib/Dbs/Postgresql.php",āLineā:30,āCustomMessageā:"ā"} . This is the file the error is referring to.
namespace OCA\UserBackendSqlRaw\Dbs;
23
24 use OCA\UserBackendSqlRaw\Db;
25 use \PDO;
26
27 class Postgresql extends Db {
28
29 protected function createDbHandle() {
30 return new PDO($this->assembleDsn());
31 }
32
33 protected function assembleDsn() {
34 return āpgsql:host=ā . $this->config->getDbHost()
35 . ā;port=ā . $this->config->getDbPort()
36 . ā;dbname=ā . $this->config->getDbName()
37 . ā;user=ā . $this->config->getDbUser()
38 . ā;password=ā . $this->config->getDbPassword();
39 }
40 }
Any clues would be great.
Thanks!
UPDATE: This was solved by removing \ symbol in the mail_admin password. Once removed User Backend Using Raw SQL connected perfectly. This really was the best tutorial I have ever used and just what I needed. Thanks @PancakeConnaisseur you really raised the bar on tutorials with this one.
Hello, at first that is a really good tutorial. I havenĀ“t tried it yet but soon. It it very full of detail. I know you write at the end, that a tutorial for the data transfer is too much, but do you know a good tutorial how i can do this? We are useing at the moment a Mailserver from our provider where our website. ItĀ“s an all inclusive package. The only problem I donĀ“t know how to transfer all our mails too the new server.
Hey, thanks for info. I am not using Active Directory myself, so I have to interest/motivation to add this to my tutorial. I suppose people needing that can just google āNextcloud Active Directoryā and would find these guides anyway.
It really depends on how the e-mails are stored and whether your hoster will give you access to the e-mails on a system level. This is really specific to your hosterās technical setup and policies, so I canāt really help you there.
I got myself a VPS with the goal to run my own Mailserver and have an option to store some files i.e, so in the end your solution was basically what i was looking for (even though i dont need al ot of the functions of Nextcloud.
So far most of the stuff works. With a tinly little exception. I cannot send Mails. It works with the sendmail command from the command line, but neither through NExtcloud (Error 500) nor from Microsoft Outlook or the The Bat was i able to send Mails.
The Bat first told me about some fqdn Errors which i could squash by commenting out the HELO restrictions in the postfix configuration.
But the next error was
04.10.2020, 15:55:43: SEND - Verbinde mit SMTP-Server mx.rzie.net auf Port 587
04.10.2020, 15:55:43: SEND - Einleitung TLS-Handshake
!04.10.2020, 15:55:43: SEND - TLS-Protokollfehler: Unerwartete Nachricht SessionUnknownContentType ct (50)
Outlook being a microsoftproduct doesnt hand out anything. The initial testmail went out after a few tries (at first i told me that the server doent understand its security protocolls) but since then all messages are stuck
So i tried reducing the mandated TLS version by also allowing 1 and 1.1 but to no success.
After some googling i activated a deeper debuglevel with postfix for my IP to get more information and thats the block i get from a The Bat! connection attempt:
it boils down to the 500 5.5.2 Error: bad UTF-8 syntax and 500 5.5.2 Error: bad syntax errors. (Outlook just gave me the UTF8 part)
Do you have any suggestion at what mistake i made setting this up to cause this error?
What confuses me is, that if it is a TLS error, why cant i send mails with Nextcloud then since if i understood your tutorial a lot of the security features arent applicable to nextclouds mailclient since it runs localy.
. It is fixed now.