E-mail Server Installation Checklist
I have to install email servers every now and then. Sometimes customers need a new email server, sometimes it’s scheduled upgrade or replacement of the old server and sometimes it’s because of failures. In carrying out these installations the procedure differs slightly depending on the reason why I’m installing the server. I’ve been doing this so many times that I happen to follow a certain pattern automatically which I’m listing out here.This should be useful for planning and looking at the bigger picture of an email server installation before plunging into the technical details of actual installation, configuration, testing and putting into production.
1. Choose the MTA (Mail Transport Agent) software: There’re plenty of choices available ranging from free, open source to commercial ones. Some popular free and open source MTA’s are Sendmail, Qmail, Postfix and Exim. Popular commercial MTAs and Groupwares are MS Exchange, Lotus Notes and Novell Groupwise. I’ve worked with most of the the softwares and I find Qmail secure and easy to manage. This choice differs from admin to admin and also depends on the requirements e.g. some organizations require groupware together with the email server.
2. Choose the platform (Operating System): This is usually decided together with the first step. In some situations this step might come ahead of choosing the MTA. Most of the popular free MTAs are developed for *nix platforms only. Again this too depends on admins choice, organizations choice or requirements. For the Operating System my choice is Linux with the MTA being Qmail. I find it more stable, secure and a perfect match for Qmail. And of course it’s free and open source.
3. Estimate the number of users and server loading: This is a very important stage which will prepare you for the next crucial step i.e. choosing the hardware specification. The server loading includes following things (but not limited): how many email accounts the server will be serving, how many concurrent users will be using the service (POP3/SMTP/IMAP) during the peak hour, what is the max. number of email transactions that this server should support per day.
4. Choose the hardware: This is a very important decision which should be made based on the estimated server loading. We don’t want to discover that the RAM is not enough or CPU speed cannot cope with the daily email queues after the server is on production. Normally the more the RAM and CPU you can afford is better but you need to justify every extra MB and Mhz you are asking for. Most of the commercial software vendors provide a clear guideline for hardware requirement according to the number of users and number of email transaction per day. For my favorite Qmail installation there’s an online guide that provides calculation formulas for HDD, RAM and CPU requirements.
5. DNS Setup: Emails don’t work without properly configured domain names. So, it’s a good idea to configure the domain name (names) with proper MX records pointing to the new server before starting the installation of an email server. This can be done before the actual testing of email server but since it’s critical, just do it a step ahead.
6. Install and configure: After having the MX record ready you can install the MTA software and configure it. The configuration varies according to the requirements. It can be simple with one domain or few domains or it can be pretty complicated with groupware functions and integration with other modules like CRM. After the configuration; create user accounts according to the requirement.
7. TEST, TEST and TEST: This is the most important part of the installation. Many times I find myself going back to step 6 after this. What I’ve learnt is that; installing the software, configuring it and creating the users following the manual don’t mean that the server works until you test. Of course it’s obvious to everyone :). But it’s also something we admins tend to skip (sometimes with over confidence and sometimes with little carelessness). So, I want to emphasize one more time TEST, TEST and TEST. You need to create different scenarios for testing. The minimum testing scenario might look like this:
- i) Test from local to local: send an email to local user using the same server. (From: localuser; To: localuser)
- ii) Test from remote to local: send an email to newly created user using any outside server. (From: Gmailuser; To: localuser)
- iii) Test receiving emails: make sure you can receive both the email from test (i) and (ii) .
- iv) Test from local to remote: send an email using the local server to a remote server and make sure you can receive it in the remote server. (From: localuser; To: Gmail user)
This is the minimum testing required for any sort of installation. There could be more tests in some special cases.
8. Check the logs: Check the server logs during test because they provide a very good view on what is happening e.g the newly created user cannot login. You can see “password incorrect” in the log. Which will tell you that you are typing an incorrect password. Or “relay not allowed” meaning your smtp auth is not working or the ip is not listed in “tcp.smtp” file. Server log is the first place we should be looking during first test even if we don’t see any obvious problems. We don’t want to discover any hidden silly problems after the system is put on production.
9. Put the server on production and yourself on standby: After the testing is over we can put the server on production and ourselves on standby. We can’t grantee that the system is error free until the real users test it. It will pass the real test once users can send and receive emails without any problem. I put myself on standby by watching the server log live (“tail -f /var/log/qmail/current”) looking for problems.
I’ve put this checklist from my experience and find it very useful. I hope this will help you and if you have any suggestions comments or maybe a better way to do it, the comment section is open and I’ll be more than happy to improve this list.
[…] If your server is running Sendmail, I highly recommend to patch it or upgrade it. It is the most popular MTA but unfortunately has a history of serious security problems. If possible I recommend to switch to other MTAs like Postfix, Exim or Qmail which are more modular in design and were built with security in mind. My personal favorite is Qmail and all of my SMTP servers are running it. I’d previously written a guide Email Server Installation Checklist which you might find helpful while installing a new server or switching from Sendmail to other softwares. If you want secure and out-of-the-box SMTP server then SME Server can be a good choice. […]