This is a puppet module that will install and configure a complete, moderately secure, mail server on an Ubuntu 14.04 LTS platform.
It will install and configure postfix, dovecot, sasl, opendkim, spamassassin, clamav, sieve, postgrey, mariadb, apache and roundcube.
Mailbox is intended to speed up configuration of mail specific subsystems.
- Mailbox will not manage your DNS or register a domain.
- Mailbox will not manage users or modify ssh settings.
- Mailbox will not configure firewall rules, or perform any other network management.
- Mailbox can accomodate an SSL/TLS cert, but will not get one.
- Manage your server level users. Users should only be able to SSH in with a private key.
- Set up some additional policy-checking security such as fail2ban or denyhosts.
- Install and set up a firewall.
- Use certificate based authentication in addition to a user name and password.
- And while I'm throwing recommendations around, maybe use a VPN and limit internet accessability.
No.
This setup gets you a moderate amount of security. It does not get you anonymity, deniability, or even full end-to-end encryption.
Ultimately, it cannot protect you from anybody who can intercept your email in transit. However, it can protect you from bulk email analysis done by email services.
Aside from, y'know, everything:
- Configure Roundcube to use sabredav, carddav_plus and calendar_plus plugins.
- How to set up a mail server on a GNU / Linux system
- How to run your own e-mail server with your own domain, part 1
- Taking e-mail back, part 2: Arming your server with Postfix and Dovecot
- Taking e-mail back, part 3: Fortifying your box against spammers
- Taking e-mail back, part 4: The finale, with webmail & everything after