Back to Projects

Setting up an SMTP Server

Overview

This project was implemented on a Raspberry Pi 3B+ using Docker and Mailcow, incorporating Dovecot for IMAP & POP3 Email Retrieval, and Postfix for handling SMTP requests.

After evaluating various options, Mailcow emerged as the most suitable solution due to its comprehensive integration of essential mail server components. The deployment process via Docker was streamlined, requiring minimal setup configuration.

DNS Configuration

SPF Record

Configured to specify authorized IP addresses that can send emails from the domain:

v=spf1 ip4:103.73.84.10 -all

DKIM Record

Implemented for email authentication using public/private key pair:

v=DKIM1;k=rsa;t=s;s=email;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt7uJT/kZ4duo5AMPMLHeM+7q+EtN31BTaFW6iPBo8ODS9IlkPhfKR6GX049eeN3etSp5qLNpgDoTBNUzjtBRL+GBqp5pGrse2M7epoBHcAqxnHe90tK0Hxi85sgPglKMTNCfumpdjnczeS245kL498FP3lemQy8NaT7kvi60NrJIG/BNku0mm3q7FfVLS5eenIT1otAnQjCAcYo6OlD5p58C+2ILArSOrsZnfR5FEzIDiR7PUhe/DEDx2lmkgClxODiGhIRhVPrE4R68hao4qxxEL/2F/AgYL2rXN3rGGLV8CVG45FbvJrhikhZPlAvvFpz+hlcJaY15e6JoMjul9wIDAQAB

DMARC Record

Enforced strict email authentication policies with immediate rejection for SPF/DKIM failures:

v=DMARC1; p=reject; sp=reject; adkim=s; aspf=s; rua=mailto:6073b76057d14a61a0ae6b1ab6e31efd@dmarc-reports.cloudflare.net;

Implementation Challenges

Residential IP Blocklisting

The server's residential IP address was initially blocklisted by Spamhaus, as residential IPs are not typically expected to host mail servers. This was resolved through a successful exclusion request process.

Reverse DNS Limitations

ISP restrictions prevented the setup of reverse DNS records, significantly impacting email deliverability. This resulted in major email clients (Gmail, Outlook) marking messages as spam.

SMTP Protocol Analysis

During testing, interesting observations were made regarding email header manipulation and transport behavior. Below is an example SMTP request demonstrating the dual occurrence of sender/recipient information:

HELO mail.gibibyte.com MAIL FROM:<keane@gibibyte.com> RCPT TO:<bob@example.org> DATA From: Keane <keane@gibibyte.com> To: Bob <bob@example.org> Subject: Hello Bob Hi Bob, Regards, Keane . QUIT

This example highlights how sender and recipient information appears twice: once in the envelope (MAIL FROM & RCPT TO) and again in the message headers (From & To fields).

Key Findings

Email Transport Behavior

  • Only envelope headers (MAIL FROM & RCPT TO) are used for actual mail transport
  • Header fields under DATA section can be manipulated within DKIM/DMARC constraints
  • Some mail servers can be configured to enforce envelope-header matching, though this may affect CC functionality

Delivery Success Conditions

  • Emails were delivered (marked as spam) when:
    • From field contained any email from gibibyte.org domain (valid or not)
    • To field could be arbitrarily set without affecting delivery