Setup mail server

[andrey-utkin]

mailto:[email protected] is required to be responsive

[andrey-utkin]

Add notes and automatic checks for:

• having correct reverse DNS record (is set up at VPS hosting platform).
  This should show your advertised domain name:
  dig D.C.B.A.in-addr.arpa ptr if your IPv4 address is A.B.C.D
  If it doesn't yet, try adding parameter "@"
• DKIM, SF, DMARC TXT DNS records, see
  https://www.debian-administration.org/article/718/DKIM-signing_outgoing_mail_with_exim4
  https://www.debian-administration.org/article/719/Avoiding_mail-spoofing_with_SPF

DMARC requires setup of dedicated mailbox.

http://dkimcore.org/c/keycheck is a tool to check DKIM records.

http://www.mail-tester.com is great tool to check correctness trustworthiness of setup.

https://ssl-tools.net/mailservers/decent.im correctness and features test.

[andrey-utkin]

Not willing to mess with DKIM/DMARC.

What makes sense on initial stage is reception of email, e.g. abuse reports (and of confirmation email by xmpp.org directory maintainers...). Received email can be forwarded to all devs addresses, or stored in local maildir.

[andrey-utkin]

Parts of solution learnt from playing with staging server:

• emerge exim with USE="maildir lmtp sasl doc syslog" (maybe sasl and doc are not really needed)
• exim with default config works well (cp /etc/exim/exim.conf{.dist,})
• create non-root user for email receival because exim refuses to receive for root
• define /etc/mail/aliases root, operator, xmpp to that user
• test with https://mxtoolbox.com/SuperTool.aspx
• test with https://www.wormly.com/test-smtp-server sending to abuse@ and/or xmpp@
• mutt launched without args opens the right maildir

[andrey-utkin]

Set up manually on both staging and production. Nothing added to our repos because that's none of our business how/whether other setups' owners want to run mail service.

[andrey-utkin]

Considering making above notes a part of sysadmin documentation.