Tutorial: Your own mail server (Dovecot, Postfix, Rspamd) with tight Nextcloud (on Apache) integration for Debian

Great tutorial. I intend to follow it and set up such a server myself later.

This may sound greedy, but it would be nice if you also added how to add z-push which enables ActiveSync.

There’s already several good posts on it, perhaps you could reference them.:

Hello, at first that is a really good tutorial. I haven´t tried it yet but soon. It it very full of detail. I know you write at the end, that a tutorial for the data transfer is too much, but do you know a good tutorial how i can do this? We are useing at the moment a Mailserver from our provider where our website. It´s an all inclusive package. The only problem I don´t know how to transfer all our mails too the new server.

Hey, thanks for info. I am not using Active Directory myself, so I have to interest/motivation to add this to my tutorial. I suppose people needing that can just google “Nextcloud Active Directory” and would find these guides anyway.

It really depends on how the e-mails are stored and whether your hoster will give you access to the e-mails on a system level. This is really specific to your hoster’s technical setup and policies, so I can’t really help you there.

@PancakeConnaisseur

Hi, and thank you for your tutorial!

I got myself a VPS with the goal to run my own Mailserver and have an option to store some files i.e, so in the end your solution was basically what i was looking for (even though i dont need al ot of the functions of Nextcloud.

So far most of the stuff works. With a tinly little exception. I cannot send Mails. It works with the sendmail command from the command line, but neither through NExtcloud (Error 500) nor from Microsoft Outlook or the The Bat was i able to send Mails.

The Bat first told me about some fqdn Errors which i could squash by commenting out the HELO restrictions in the postfix configuration.

But the next error was
04.10.2020, 15:55:43: SEND - Verbinde mit SMTP-Server mx.rzie.net auf Port 587
04.10.2020, 15:55:43: SEND - Einleitung TLS-Handshake
!04.10.2020, 15:55:43: SEND - TLS-Protokollfehler: Unerwartete Nachricht SessionUnknownContentType ct (50)

Outlook being a microsoftproduct doesnt hand out anything. The initial testmail went out after a few tries (at first i told me that the server doent understand its security protocolls) but since then all messages are stuck

So i tried reducing the mandated TLS version by also allowing 1 and 1.1 but to no success.

After some googling i activated a deeper debuglevel with postfix for my IP to get more information and thats the block i get from a The Bat! connection attempt:

it boils down to the 500 5.5.2 Error: bad UTF-8 syntax and 500 5.5.2 Error: bad syntax errors. (Outlook just gave me the UTF8 part)

Do you have any suggestion at what mistake i made setting this up to cause this error?
What confuses me is, that if it is a TLS error, why cant i send mails with Nextcloud then since if i understood your tutorial a lot of the security features arent applicable to nextclouds mailclient since it runs localy.

Hey Schwarzie,

  1. What do you mean by Error 500 with Nextcloud? What component yields this error?
  2. No, I haven’t encountered this UTF-8 error yet. Weird. Can you try a recent version of Mozilla Thunderbird? This is what I mostly use and didn’t have any issues yet.
  3. Yes, Nextcloud connects via localhost and uses no encryption.
  4. AFAIK sendmail does not use Postfix but implements a SMTP client itself, thus connects to other mail servers without Postfix.
  5. What distribution are you using specifically? If it is not Debian 10, there might be some libary conflicts or unresolved bugs.
  1. When i try to send a Mail with Nextcloud, for example answering to one i got i receive this error:

Error sending your message

Error: Request failed with status code 500

  1. I can try Thunderbiord tomorrow, but when the Webclient and two other Clients wont work (with identical error) i dont have many hopes that it works.

  2. Which hardens my assumption that something in my postfix is borked and the UTF error is just a symptom.

  3. I am using Debian 10, it was a completely fresh install, only webmin came preinstalled, and Nextcloud 20.

Everything works except sending mail. So something in postfix must be broken, if it were doveblablub i wouldnt be able to connect via IMAP and read my mail, which works flawlessly

@PancakeConnaisseur

Ok. im completely confused now.

I installed Thunderbird and put in my Account. It worked out of the box. But the wierdness doesnt stop here. i then started The Bat and Outlook and the Mails stuck in there could be send aswell.

Whenever i send an Email with the Webinterface i still get the error 500 message BUT those Emails are send aswell. Which is even stranger…

And i definitely didnt touch my server since the last time i tried to send a Mail. No upgrades, no configchanges, no restarts. Nothing.

Gremlins?

@Schwarzie This is really weird, indeed. Update me if you find more useful log entries.

Although this is probably not the culprit, I would advice against using Nextcloud 20 for now. I haven’t tested it yet and in general I wait until the first patch release (20.0.1) just to be sure that there are not major bugs before updating my server. This is also what Nextcloud does itself when you are on the production update channel.

Hi!
Thanks for tutorial.

Installation without major problems, but sending mail causes error 500 (Error: Request failed with status code 500) or unavailable send button.

mail.warn – ‘Oct 8 11:49:07 mail postfix/submission/smtpd[1592]: warning: TLS library problem: error:14209102:SSL routines:tls_early_post_process_client_hello:unsupported protocol:…/ssl/statem/statem_srvr.c:1661:”

Fresh debian 10.6 amd64, nextcloud 19.0.3

Can you suggest something?

Thanks!

I have seen this error with K9-Mail on Android when sending e-mails but not on any other e-mail client so far. I did some research but was not able to find a solution yet. I am suspecting it to be a openssl error on the client side, but I am not sure. Are you using K9-Mail?

No. it is a built-in client.
“Rainloop webmail” works well, something with a built-in “mail”

If you look further up, i had the exact same problem with Nextclouds built in mailclient, version 20 though, and “fixed” it with Rainloop aswell.

So far i thought this error was caused because i used NExtcloud 20. Seeing you using 19 suggests that it might be a problem with the build in mailclient though.

Please, report issues with our Mail app - so we can fix 'em! Especially if they show up with this awesome tutorial :wink:

BTW @PancakeConnaisseur did you have a look at https://lightmeter.io/ → might be a nice addition to the tutorial :wink:

I signed up here to tell you this is an incredible how-to. Well done, and thank you.

Just wanted to add heaps of praise to OP for the updated Debian 10 tutorial! :smile: I previously ran the Debian 9 version tutorial, but decided to backup, wipe and reinstall everything using the new tut.

However, I am also getting error 500 when sending e-mail through the Nextcloud Mail app. I’ve found an answer here:


But unfortunately can’t get it to work with the proposed fix. Eagerly awaiting an ‘update’ to the Mail app!

Yeah, this is an annoying bug. To be honest, I almost never use the Mail app, because I have my phone and my laptops have a real mail client installed. I was thinking about removing the Mail app from the tutorial altogether, because its UI/UX is bad and it has had bugs since I can remember.

Hope you found a workaround in the meantime. Unfortunately I haven’t had the time to check this thread on a regular basis.

Thank you for the tutorial. Any chance you could make a similar tutorial for Docker images…particularly Nextcloud AIO?

Thanks for the tutorial. It looks like an implied prerequisite is a static IP, as the first step under the DNS section is to create an A record. Is there some way to achieve something similar with a dynamic IPv4 address?

A dynamic IPv4 address, sounds like you want to run this from your home.
In Belgium these home IPv4 addresses wont change that often…I had a change when I restarted the ISP router.

But I’ve been reading that most Home IPv4 addresses are on a blacklist.
This blacklist will prevent you from delivering mail.

Strange thing is my home IP address isn’t on a list. Still some clients of my wife company, complain that they can’t get to the appointments app when at work.