freebsd

FreeBSD mail server: rspamd & DKIM

Now that we have our basic mail infrastructure working, we will add support for rspamd and enable DKIM signing of our messages. In this series we will set up a fully-featured mail server in a FreeBSD jail using OpenSMTPd, Dovecot and rspamd. In contrast to many other guides, this one is split into multiple posts that can either be read and followed individually, or as a whole. After each post, you end up with a fully working system (that might lack some features ;)).

FreeBSD mail server: Virtual users and LMTP

In this part of the FreeBSD mail server, we build on the recent two posts where we set up the IMAP and SMTP and extend our configuration to support virtual users, which means that we don’t autenticate with system users anymore and, alongside, hand over the incoming email management to Dovecot by providing email from OpenSMTPd to Dovecot using LMTP. Since both daemons will not work together more closely, we will also unify the login credentials in a single passwd-style file that can be read from both OpenSMTPd and Dovecot.

FreeBSD mail server: IMAP using Dovecot

This is a follow-up post to the initial FreeBSD mail server article that I posted a few weeks ago. In this step, we will build upon what we set up in the first part and add the possibility to fetch email from a mail client using IMAP. We will still use system users for authentication, before we switch to virtual users in the next step. In this series we will set up a fully-featured mail server in a FreeBSD jail using OpenSMTPd, Dovecot and rspamd.

FreeBSD mail server: Basic SMTP with OpenSMTPd

I run mail servers for many years now, but I was never brave enough to set up one from scratch for my daily mail. So I always fell back to pre-configured solutions like docker-mailserver, Mailcow, or in case of FreeBSD to iRedMail. My biggest pain point was the secure configuration of Postfix. When I discovered OpenSMTPd, I decided that it’s the right time now to finally build a fully-featured mail server setup from scratch including virtual users, spam filter etc.

Install Ubuntu on FreeBSD with byhve (Update Ubuntu 18.04)

For some reasons I needed a Linux installation on my NAS. byhve is a lightweight virtualization solution for FreeBSD that makes that easy and efficient. However, the CLI of bhyve is somewhat bulky and bare making it hard to use, especially for the first time. This is what vm-bhyve solves - it provides a simple CLI for working with virtual machines. The only requirement seems to be VT-x CPU support or whatever it may be called on AMD CPUs and ZFS as a file system.

Postfix subaddressing (with PostgreSQL)

I have so many accounts for various web-based solutions, I barely can remember a few. And they send emails. So many that it’s sometimes hard to not loose the overview in my mailbox. When you run your own mail server, it’s easy to set up a dynamic aliases for your mailserver based on a regular expression pattern that allows to e.g. have a own email address for each service you register.

FreeBSD: Route jail traffic through VPN

I wanted to expose a single jail of my FreeBSD NAS to a network of a client via OpenVPN while it’s reachable both from my network and from the clients’ network. It should send all of its traffic through that VPN tunnel so that it appears like it is just another computer on that foreign network. Luckily FreeBSD offers a great way to solve this by creating a separate routing table apart from my main routing table that is used when starting OpenVPN (so that it can populate it’s routes there) and when starting the jail (the jail in fact will consider that routing table as the only routing table available and therefore use it for anything).

NPM deadlock bug fixed in FreeBSD 11

Setting up a NodeJS application on a FreeBSD 10 system was impossible when using ZFS as a file system. This was a real pain for me because when I tried out various stuff in jails rendered the whole system unusable, forcing me to reboot and this is not something one would do in a production environment. Here’s the bug report: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=209158 Although I couldn’t read it from the bug it seems to be resolved now with FreeBSD 11-RELEASE because I’m running two Node applications on FreeBSD without any of the issues that were reproducible each time.

Building a FreeBSD NAS Part 3: System setup

FreeBSD is the ideal system to use when building a server. It’s reliable and rock-solid and it’s file system ZFS not only offers anything you would expect from a file system but is also easy to set up and to maintain. This is why I chose it to power my NAS. In Part 1 and Part 2 of this series I already described my intentions and the hardware assembly. Now it’s time to bring it to life.

FreeBSD: iTunes media server using forked-daapd

forked-daapd allows you to set up an iTunes Media server that hosts all music, podcasts and audiobooks and shows up in iTunes like a shared library. While other daapd implementations don’t work anymore with the current iTunes versions, forked-daapd does.

FreeBSD: Time Machine backup server with netatalk

While building my new NAS, I came across the question how to provide a Time Machine backup solution for my OS X clients. As I run OS X on all my machines I want to back up all data to my NAS. netatalk allows to create file shares for OS X to provide a simple solution for system backups.

Building a FreeBSD NAS Part 1: Concept & Hardware selection

After a long while I finally decided to build a new NAS / home server for my various needs. Though there are many solutions available, I chose to build one on my own as I want as much flexibility as possible. So I set out to buy all components needed for the system with upgradability and budget in mind.

FreeBSD: Send mails over an external SMTP server

FreeBSD is shipped with sendmail as the default MTA, which is configured to local delivery on a vanilla installation. Therefore many people don’t even recognize one of FreeBSDs great features for system administrators: FreeBSD sends system status emails through periodic(8)

FreeBSD jails with a single public IP address

Jails in FreeBSD provide a simple yet flexible way to set up a proper server layout. In the most setups the actual server only acts as the host system for the jails while the applications themselves run within those independent containers. Traditionally every jail has it’s own IP for the user to be able to address the individual services. But if you’re still using IPv4 this might get you in trouble as the most hosters don’t offer more than one single public IP address per server.

FreeBSD Init-Script for the Caddy Webserver

I have used Caddy for a while now on FreeBSD. But though it lacks a working init script, I decided to write one on my own. Here’s the result, description below:

Simple mail forwarding using Postfix

It’s more than likely that your email provider of choice, especially the ones that offer mail services free of charge, will not support receiving email to custom domain names like, in my case, davd.net. Running your own mail server would solve this problem but running a fully featured mail stack including POP, IMAP, Sieve filters et cetera requires a fairly powerful machine. Additionally, if not configured properly, there’s big potential for abuse, e.g. spam.

As an alternative, it’s possible to just run a MTA which redirects all incoming email to an external mail server. This can be ran on almost any machine, even on a low-budget computer like the Raspberry Pi or a cheap virtual server.

Simple Podcast-Downloader for Linux & BSD

During the last few months I managed to automate many recurring tasks on my NAS. One good example for those task is updating my podcast archive. I tried to accomplish this using a lightweight shell script which, running as a cronjob, would hold my podcast archive up to date and notify me about new episodes via push notifications.

Why use FreeBSD?

Often the question arises why one should prefer FreeBSD over any arbitrary GNU/Linux distribution, that is more widely spread and additionally offers commercial support. Though I have mostly positive experiences using Linux, there are many reasons why I would always choose FreeBSD for setting up a server.