Me&AI will try to build a mail server (MTA, IMAP, SMTP)

[Graybeard]

Just to preface this thread: I have owned and operated my own mail servers for some time.
I prefer the 'absolute privacy' and if I decide to permanently delete some mail --it's fkn gone with no left behind `evidence` of the text AT ALL.

However, the server that I'm trying to replace is a postfix, dovecot, MySQL installation, postfix administrator that a friend of mine helped me with quite a few years ago that I added a DKIM to and spam filters also successfully, and it's on an obsolete operating system now 16.04LTS --the new one is 22.04LTS.

I got lucky this time (2nd try) and the IP assigned this new install VPS is not on any spam-list at all ipV4 and ipV6. Linode was bought by Akami and the cleaned it up. What issues a new mailserver will entail because of this event IDK. However the old mail-server is on the same network and has a clean reputation. I am a customer of 10 years or so ...

Anyway, I've tried two or three times to install a whole new mail server which is rather complicated manual configuration with virtual mailboxes and quite a few domains.

Each time it just hasn't worked out right so I've kept the old server the os expired for support about a year and a half ago --so it wont update anymore --not good.

I decided to do a journey to see how chat GPT could help me get the server installed properly.
So far the AI has already screwed up but it wasn't a big screw up it just happens to be something I know how to do from setting up mail servers in the past. So here we go Chat GPT replies will be kept in images.

First mistake, LOL I know better --I have my doubts now~


OK and ...

AI I have done this before (losing confidence so far)

So why the hell didn't you tell me that if 'indeed' you knew it was correct LOL

Strike 1

 

[T J Tutor]

Love this man! Watching and taking notes.

Something I've long thought about!

 

[Graybeard]

I am going to try to get this done by next week.
I have notes from my previous attempts.
So I know a lot of fixes --but maybe the AI can point out where I failed.

AI got the UFW (firewall rules right --just testing in I already know the path

 

[Graybeard]

I Installed a new MySQL server and client, set up the new root login for MySQL and created the mailserver database.

Setting up the new server process seems to keep changing with the newest version of MySQL.

CREATE USER 'mailuser'@'127.0.0.1' IDENTIFIED BY 'pAsSwOrD';
CREATE DATABASE mailserver;
GRANT SELECT ON mailserver.* TO 'mailuser'@'127.0.0.1';

CREATE TABLE `virtual_domains` (
    CREATE TABLE `virtual_users` (
       CREATE TABLE `virtual_aliases` (

Installed dovecot-core/jammy-updates
and a Nginx web server that was easy 'cause i haven't configured them --took less that a minute with apt on the cli (command line ssh)
After all, you have to prompt AI what to do, and explain what has been done, as well as the end goal of the process task is.
if you want details --just ask I took notes (as always) <rolls eyes>

I am starting out with this as a guide How to Set Up an Email Server With Postfix, Dovecot and MySQL | Linode

Can't wait to bash out the configuration dilemmas with my 'buddy' ChatGPT.

The plan is to follow a collection of tutorials I have accumulated and to also use the working mail server's configurations as an example to follow. Time to watch some streaming --maybe a movie it's getting late.

 

[Ailliot]

Simple question and might be a dumb one but why not building a docker image to ensure a smooth deployment and future proof

 

[Graybeard]

Note the title change: A full MTA, IMAP and SMTP server has a lot of components.

I don't like Docker --anyway I tried that with a mail server last year -- it failed.

If you know of a better Docker image one get a server and try installing it, and try to set up DKIM and try to inbox at Gmail --let me know how it worked out

Also, if it worked, which it did not, on Debian 10 or Ubuntu 20.04LTS servers, it was loaded with things unneeded by me, like roundcube webmail, spam assassin neither of which didn't work right in either the installs.

Also that Docker image required twice the server resources that a real mail server requires. Another thing is that Docker image did not use MySQL for the virtual domains and instead was a basic flat file Postfix/Dovecot system.

I wouldn't build a Nginx web server with Docker image either --it's crap if you ask me.

I like to know what my server is doing and be able to fix it. Not some point and click crap ...

The only this Docker is good for is an application server you develop and want to either use as portable or sell installed.

This is a personal all purpose mail server. If you want a send-only email server just use Amazon SES or another ESP provider

 

[Graybeard]

just images --I am setting up --or starting had to correct the security flaw in the ufw (firewall) for allowing MySQL access to the internet.

checked my status with the host I am a *favored customer* no access is being blocked for my new mailserver (if this one works (<facepalm)>

2

3.

ChatGPT really started to mess up with Dovecot so I went back to the tutorial cited above and configured the Postfix.

There were a few errors or omissions in that tutorial. ChatGPT was able to troubleshoot them but the best one was the missing "" of the domain and the email address and this omission made settings that erred when checking and confirming that the postmap was configured right.
domain1.com was unquoted in the tutorial and neither myself or my AI buddy saw it however ChatGPT spit out the code quoted and I noticed the difference. The dumb bot did it right and didn't Make note of the difference --human supervision LOL

Postmap and the MySQL part are working now --yay!

root@mail2:~# sudo doveadm pw -s SHA512-CRYPT
Enter new password:
Retype new password:
{SHA512-CRYPT}$6$aHnu0kGw5Xd.DzMt$vLBcRum9i0.KOvDWklcUEL6HU0RkstXUi/1wOGFvYqPUM2pzZh00dX1O.EvoTV2DjyqOOMezTkGtq.9Q3.za70
mysql> INSERT INTO mailserver.virtual_users (domain_id, password , email) VALUES ('1', '$6$aHnu0kGw5Xd.DzMt$vLBcRum9i0.KOvDWklcUEL6HU0RkstXUi/1wOGFvYqPUM2pzZh00dX1O.EvoTV2DjyqOOMezTkGtq.9Q3.za70', 'username@domain1.com');
Query OK, 1 row affected (0.00 sec)

mysql> SELECT * FROM mailserver.virtual_users;
+----+-----------+------------------------------------------------------------------------------------------------------------+-----------------+
| id | domain_id | password                                                                                                   | email           |
+----+-----------+------------------------------------------------------------------------------------------------------------+-----------------+
|  1 |         1 | $6$aHnu0kGw5Xd.DzMt$vLBcRum9i0.KOvDWklcUEL6HU0RkstXUi/1wOGFvYqPUM2pzZh00dX1O.EvoTV2DjyqOOMezTkGtq.9Q3.za70 | username@domain1.com |
+----+-----------+------------------------------------------------------------------------------------------------------------+-----------------+

root@mail2:~# sudo postmap -q "domain1.com" mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf
1
root@mail2:~# sudo postmap -q "username@domain1.com" mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf
1

mysql> SELECT * FROM mailserver.virtual_domains;
+----+-------------+
| id | name        |
+----+-------------+
|  1 | domain1.com |
+----+-------------+

 

[Graybeard]

ChatGPT says this will work as add multiple domains to the mailserver but I may need to manually ad them --this was not in the tutorial most all of these are not including this feature properly --if at all

From the tutorial:

My corrections for the virtual MySQL query --AI was so fkn wrong --bad doggie! the tutorial's and ChatGPT's code is #commented out.

result:
root@mail2:~# sudo postmap -q "username@domain1.com" mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf
1

'%s' is a placeholder for the query "username@domain1.com" and the query result is 1 the id of the domain name

mysql> SELECT * FROM mailserver.virtual_domains;
+----+-------------+
| id | name        |
+----+-------------+
|  1 | domain1.com |
+----+-------------+
1 row in set (0.00 sec)

root@mail2:~# sudo postmap -q "username@domain1.com" mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf
1

mysql>  SELECT * FROM mailserver.virtual_users;
+----+-----------+------------------------------------------------------------------------------------------------------------+-----------------+
| id | domain_id | password                                                                                                   | email           |
+----+-----------+------------------------------------------------------------------------------------------------------------+-----------------+
|  1 |         1 | $6$aHnu0kGw5Xd.DzMt$vLBcRum9i0.KOvDWklcUEL6HU0RkstXUi/1wOGFvYqPUM2pzZh00dX1O.EvoTV2DjyqOOMezTkGtq.9Q3.za70 | username@domain1.com |
+----+-----------+------------------------------------------------------------------------------------------------------------+-----------------+

The tutorial is wrong in some places, or typically assumptive of the immediate mission.
This is going to be a mailserver for 7 domain names and the about 15 email addresses I use, in part to segment the email content as to the importance and relevance.

AI has botched up on the details of errors so far ...

 

[Graybeard]

Back at it configuring the Dovecot --trying to avoid past mistakes and asking AI stupid question to be sure there will not be a problem this time (<facepalm>)

Dovecot is the middleman that negotiates between the Postfix, the MySQL, the user's IMPA or pop client (think Thunderbird or Outlook (Kmail Linux) many imap email clients for Android or ios)

AI says 750 is "trusted" and 700 is "paranoid" mode.
I am the only user on this mail server so 750 it is ...

 

[Graybeard]

ChatGPT is the co-pilot I am the pilot

file was missing --the dovecot-lmtpd install was missing from that tutorial --maybe this is a newer version (updates are a bitch)

maybe? it will work tomorrow now

dovecot-lmtp does not exist

I followed this guide on linode to setup dovecot and postfix mail server on my Ubuntu 12.04.2 LTS . The setup requires socket /var/spool/postfix/private/dovecot-lmtp to act as virtual transport. Ho...

serverfault.com

good night Irene ;p

 

[Graybeard]

Polishing off my Dovecot
LMTP Server — Dovecot documentation grrr

there were a few errors in the mail.log ...
My *co-pilot ChatGPT* needed a few tries ...

Nice try Co-Pilot Try again

This is not simple and the tutorials are missing details or are outdated

Note the spammers have started to try to crack my mailserver already ... they have been trying on my other mailserver for years now with no success ... This is the norm ALWAYS ...

 

[Graybeard]

Dovecot is tested and working
Net tutorial: How to Set up SPF and DKIM with Postfix on Ubuntu Server
I used linuxbabe to set up DKIM on my existing server --it succeeded before so it probably will this time too (I hope).

1 thing I want to do is make a email domain and email address set-up bash scripts. I don't need a fancy dashboard email 'administrator' for this. I don't need a webpage to do it from.

Goal is set up duplicate servers for the domains with email accounts on each mailserver. joe/@/example.com (mailserver1[existing server]) and joey/@/example (mailserver2[new server]) once it all works i can begin migration. I am paying for 2 servers but only $20 each for a full month (the host will prorate the accounts hourly) so it's and extra $15 maybe.

DKIM:

OK it's a go i see this answer in a web search also from many sources --just checking

 

[Graybeard]

Yesterday afternoon and this morning I made the administrative scripts to add domains, user email addresses, and alias emails addresses that are redirected to a user's email address.

That is to say, alias /@/example.com is sent to realuser /@/example.com.

The first issue encountered was a MySQL error issue which is a bug in MySQL the user I created that was intended to be a limited user with only the minimum necessary GRANT privileges to use with these scripts ended up in the Twilight Zone.

I found the solution here: How to fix MySQL ERROR 1396 - CREATE or DROP USER failed

Seems there's a bug in MySQL that generates the error I was getting --so I can't blame AI or myself and this took like half an hour to figure out --real pain in the ass welcome to development land.

• The first script that to add a new domain was easy.
• The second script to add a new email with a SHA512-CRYPT encrypted password into the MySQL database was complex, complicated and took a while to hash out the details and all the features that I wanted.
• The third script to add an alias went quickly .
• The fourth script to update a user password for his email account went quickly.

The reason the last 2 went quickly is that my prompts were really complicated instructions more details
my prompts contained enough information of the database structure and the desired MySQL action of the script that they were fired off quickly by AI copilot ChatGPT .

The AI scripts weren't perfect but I added a few of the routines from the first script to polish them off.

So AI is pretty good as a copilot but he still needs a pilot (read: boss) that's me

4 scripts, 10 change orders maybe 15 minutes of AI time and 30 minutes of actual debugging time on my part. The rest of the time was designing the email administration functions that I wanted and fuddy-pucking around with various issues mainly with server and email administration security.

Now I can enter all the domains into the domain table and script the DKIM to generate the domain DKIM for all the domains usinf a MySQL lookup query instead of a flat file table (manually) the manual procedure is time consuming and slow. As I add domains I can now do it with the dkim_domain_add script.

This server now has a PTR on the mailserver domain -- no linger linode-45wesd5df-usercontent as a hostname
host 45.56.106.86 86.***.***.45.in-addr.arpa domain name pointer mail.mailserver.TLD.

Ima name not a number
This matters for gmail etc I think.

 

[T J Tutor]

Loads of ambition. Loads of learning.

 

[Graybeard]

Moving along ...
AI took my authored scripts and modified them on a loop to read to install

• all my domains (33)
• then all my email addresses (30) that are only using 5 of the domains.
• to generate 33 unique passwords, 8 characters long AI popped this out

Prompt: now create a bash script to read the addresses from eaddress.csv and generate a random [a-Z][1-9][#$^&] password that is 8 characters long.

#!/bin/bash
# Read email addresses from the file
while IFS=, read -r email _; do
  # Generate a random password
  password=$(cat /dev/urandom | tr -dc 'a-zA-Z1-9#$^&' | fold -w 8 | head -n 1)

  echo "$email,$password"
done < eaddress-file.csv

# command to output to a file
#   ./generate-passwords.sh > newfile.csv

script runtime 2 seconds (at most)

However, adding multiple domains or addresses in the future will that only a few minutes to set up and seconds to do with these scripts I can use to cone another server ... investing time in the future
now finalizing the spf set up all domains (whether used or not, are ready with the catch all TXT v=spf1 mx ~all

now there was another error

linuxbabe says? No I read and pasted only the last line --this is complicated AF after modifying some of these files 6 times for different services

prompt: now I want to install a cron job to postfix logrotate /var/log/postfix.log when the file is more than 500K 2>&1

doing crons when you don't do that often (grrr --cheat sheet time?) NO, AI for the win

*/10 * * * * if [ $(stat -c %s /var/log/postfix.log) -gt 500000 ]; then /usr/sbin/postfix logrotate 2>&1; fi

 

[Graybeard]

my mistake in the prompt (forgot?)
>/dev/null 2>&1; fi

>/dev/null 2>&1
*/10 * * * * if [ -f /var/log/postfix.log ] && [ $(stat -c %s /var/log/postfix.log) -gt 500000 ]; 
\then /path/to/postfix logrotate /var/log/postfix.log >/dev/null 2>&1; fi

 

[Graybeard]

and we are going in circles

what is happening is some weird Postfix misconfiguration --3 hrs of troubleshooting (frustration) with no tangible results.

AI is just going in circles at this point.

d'Oh AI FAIL