// Tutorial //

How To Setup Exim, Spamassassin, Clamd, and Dovecot on an Arch Linux VPS

Published on September 17, 2013
Default avatar
By Petre Daniel
Developer and author at DigitalOcean.
How To Setup Exim, Spamassassin, Clamd, and Dovecot on an Arch Linux VPS

Introduction


This tutorial will cover how to install and configure an email system on a VPS running Arch Linux. This will allow us to receive and send email as the Linux user we create on our VPS (droplet). The email can then be accessed and administered by running a local mail client, such as Thunderbird.

This configuration does not configure SSL for mail transfer, so it will not be secure for most uses.

Install Exim and Anti-Virus Software


First, install the exim mail transport agent, which is responsible for receiving messages and sending them to remote mail servers. Exim also authenticates users via dovecot so that we can send e-mail from remote computers using the Arch Linux VPS as an intermediary.

Installing exim and the antispam/antivirus components is easy:

pacman -S exim spamassassin clamav

Enable Spamassassin


Before starting spamd daemon, we should update spamassassin’s rules:

/usr/bin/vendor_perl/sa-update -v

We enable spamd in systemd so it will be started after a reboot. We will then run it in the background immediately:

systemctl enable spamassassin
systemctl start spamassassin

Configure Clam Anti-Virus


We will edit clamav’s config. Open the file now:

nano /etc/clamav/clamd.conf

We will set a higher attachment limit to scan by changing the default of 10M to 16M. We will also enable other groups in the system to use clamav. Also, comment out “Example” as shown below:

#Example
StreamMaxLength 16M
AllowSupplementaryGroups yes

We also enable the clamav updater by editing /etc/clamav/freshclam.conf file:

nano /etc/clamav/freshclam.conf

Comment out “Example” as we did above:

#Example

Next, add clamav to the exim group so clamav can open exim mail files and scan them accordingly:

usermod -G exim clamav

Start and enable the services:

systemctl enable freshclamd
systemctl enable clamd
systemctl start freshclamd

Wait a few minutes for the database in /var/lib/clamav to be updated and then type:

systemctl start clamd

Configure Exim


Next, we will configure exim without SSL, add our domains, and set up dovecot smtp authentication. Set the following in /etc/mail/exim.conf:

nano /etc/mail/exim.conf

<pre> primary_hostname = <span class=“highlight”>yourdomain.com</span> domainlist local_domains = @ : <span class=“highlight”>yourdomain.com</span> av_scanner = clamd:/var/lib/clamav/clamd.sock spamd_address = 127.0.0.1 783 </pre>

Additionally, comment out the SSL lines if they aren’t commented out already:

#tls_advertise_hosts = *
#tls_certificate = /etc/ssl/exim.crt
#tls_privatekey = /etc/ssl/exim.pem

In the “acl_check_data:” section, uncomment the following so exim will scan incoming e-mail for malware and possible spam:

deny    malware    = *
        message    = This message contains a virus ($malware_name).
warn    spam       = nobody
        add_header = X-Spam_score: $spam_score\n\
                    X-Spam_score_int: $spam_score_int\n\
                    X-Spam_bar: $spam_bar\n\
                    X-Spam_report: $spam_report

Next, search for the section called “begin authenticators” and enter the dovecot authentication details:

dovecot_login:
  driver = dovecot
  public_name = LOGIN
  server_socket = /var/run/dovecot/auth-client
  server_set_id = $auth1

dovecot_plain:
  driver = dovecot
  public_name = PLAIN
  server_socket = /var/run/dovecot/auth-client
  server_set_id = $auth1

Save and close the file.

After exim.conf is set, we can enable the MTA and start it:

systemctl enable exim
systemctl start exim

We can check anytime what’s going on with out mail daemon by tailing the log files in /var/log/exim/:

tail /var/log/exim/mainlog

Install and Configure Dovecot


Next, install the dovecot imap/pop3 daemon:

pacman -S dovecot

Rename dovecot’s main config file and enable imap and pop3 there:

cp /etc/dovecot/dovecot.conf.sample /etc/dovecot/dovecot.conf
nano /etc/dovecot/dovecot.conf

Change the protocols line to read:

protocols = imap pop3

Save and close the file.

There other configuration files that can be edited for more tweaking, so we will copy them too:

cp /usr/share/doc/dovecot/example-config/conf.d/* /etc/dovecot/conf.d/

Disable ‘ssl’ in ‘/etc/dovecot/conf.d/10-ssl.conf’ by changing the following:

nano /etc/dovecot/conf.d/10-ssl.conf

ssl = no
#ssl_cert = </etc/ssl/certs/dovecot.pem
#ssl_key = </etc/ssl/private/dovecot.pem

Allow plaintext auth in /etc/dovecot/conf.d/10-auth.conf:

nano /etc/dovecot/conf.d/10-auth.conf

disable_plaintext_auth = no

Specify the location of our e-mail in /etc/dovecot/conf.d/10-mail.conf:

nano /etc/dovecot/conf.d/10-mail.conf

mail_location = mbox:~/mail:INBOX=/var/mail/%u

We will also configure the dovecot authenticator so exim can authenticate us. In /etc/dovecot/conf.d/10-master.conf under “service auth {”, add:

nano /etc/dovecot/conf.d/10-master.conf

unix_listener auth-client {
    mode = 0660
    user = exim
  }

Enable and start dovecot by running:

systemctl enable dovecot
systemctl start dovecot

Set Up System Users


Add a user to the system by running:

<pre> useradd -d /home/<span class=“highlight”>USERNAME</span> -m -k /etc/skel <span class=“highlight”>USERNAME</span> </pre>

Set the password with:

<pre> passwd <span class=“highlight”>USERNAME</span> </pre>

Configure Your Mail Client


We can now use the Thunderbird mail client with the USERNAME and password we just configured to send and receive e-mail through our Arch Linux VPS.

Install Thunderbird on your local machine if you have not done so already.

This setup will greatly depend on what operating system you are using on your local computer.

You will need to add a new mail account. In some cases, this will be under Preferences, and then Account Settings. In other operating systems, you can access this by clicking File, and then selecting New, followed by “existing mail account”.

<img style=“border:2px solid black; display:block;margin-left:auto;margin-right:auto” src=“https://assets.digitalocean.com/articles/arch_mail/new_account.png” alt =“Thunderbird Add New Account” />

Set the first name and last name of the account, and then type the email address like:

<pre> <span class=“highlight”>user_name</span>@<span class=“highlight”>domain.com</span> </pre>

If you do not have a domain, you can use the IP address of your VPS. Input the password as well.

<img style=“border:2px solid black; display:block;margin-left:auto;margin-right:auto” src=“https://assets.digitalocean.com/articles/arch_mail/account_settings.png” alt =“Thunderbird Account Settings” />

Click Continue and Thunderbird should autodetect IMAP settings. Click Done.

If Thunderbird pops up an information window regarding the lack of encryption on our email communication, check “I understand the risks” and then click Done.

<img style=“border:2px solid black; display:block;margin-left:auto;margin-right:auto” src=“https://assets.digitalocean.com/articles/arch_mail/ssl_warning.png” alt =“Thunderbird No SSL Warning” />

Test out your email by emailing back and forth with a known email address. You may have to check the spam folder on your other account.


Want to learn more? Join the DigitalOcean Community!

Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in our Questions & Answers section, find tutorials and tools that will help you grow as a developer and scale your project or business, and subscribe to topics of interest.

Sign up
About the authors
Default avatar
Developer and author at DigitalOcean.

Still looking for an answer?

Was this helpful?
10 Comments

I’ve set this up before on arch doing almost the same thing. But currently, I’m trying to set it up on Ubuntu. And seem to be having some trouble following. The exim configuration files are in different locations and set up differently. And the clamd.sock doesn’t exist nor does the clamd.ctl which is what ubuntu is looking for. I tried making clamd.sock and specifying it in the config. There are a few other aspects that don’t translate perfectly from ubuntu/debian. Such as the exim user, being Debian-exim.

Can we expect an update/new guide for the changes needed to set it up on ubuntu?

Failed in the last step. Because I don’t know the IMAP/POP3 port number, while the thunderbird also failed to auto detect the port numbers. Could you please tell me where to find these 2 numbers ?

I use CentOS any hope for me??

Hello!

I’ just setup my Arch droplet and began setting up email using this awesome tutorial. However I am running in to an issue with checking the updates for SpamAssassin:

Use of uninitialized value in subroutine entry at /usr/share/perl5/core_perl/XSLoader.pm line 92. Perl API version v5.18.0 of does not match v5.16.0 at /usr/share/perl5/core_perl/XSLoader.pm line 92. Compilation failed in require at /usr/share/perl5/vendor_perl/Mail/SpamAssassin/HTML.pm line 27. BEGIN failed–compilation aborted at /usr/share/perl5/vendor_perl/Mail/SpamAssassin/HTML.pm line 27. Compilation failed in require at /usr/share/perl5/vendor_perl/Mail/SpamAssassin/Message/Node.pm line 43. BEGIN failed–compilation aborted at /usr/share/perl5/vendor_perl/Mail/SpamAssassin/Message/Node.pm line 43. Compilation failed in require at /usr/share/perl5/vendor_perl/Mail/SpamAssassin/Message.pm line 50. BEGIN failed–compilation aborted at /usr/share/perl5/vendor_perl/Mail/SpamAssassin/Message.pm line 50. Compilation failed in require at /usr/share/perl5/vendor_perl/Mail/SpamAssassin.pm line 75. BEGIN failed–compilation aborted at /usr/share/perl5/vendor_perl/Mail/SpamAssassin.pm line 75. Compilation failed in require at /usr/bin/vendor_perl/sa-update line 134. BEGIN failed–compilation aborted at /usr/bin/vendor_perl/sa-update line 134.

Any ideas on how to fix this issue? It looks like it all stems from an incompatible version of Perl.

Any help would be greatly appreciated!

@Donal: Did you add an MX record to your domain name?

This system doesn’t seem to support external mail systems, I tried to send an email from gmail and it didn’t go through. Any idea why this is?

How do you create new mailboxes for users that are already created? For instance I already created a user named codex as “useradd -d /home/codex codex” . I created the user before I got mail set up and running. Now I have all these users with websites and no mail :(

@biondizzle, binary “sa-update” might already be in the PATH. Try to simply run “sudo sa-update -v”.

Running fresh Arch Linux 2013.05 x64 Droplet. When I run: /usr/bin/vendor_perl/sa-update -v I get this error: [url]http://pressingdark.com/archError.jpg[/url]

Do I have to downgrade my Perl version?