as a newbie suddenly requiring a mail server the configuration of dovecot and postfix is proving elusive. if i get one element working another fails. i think it would help readers if i supply my status report and ask for suggestions as to how to ensure a remote client can access the mail just delivered from another remote in addition for mutt to see the mail on the sever.
cat <<EOF > ~/mailserver-status.txt 📨 Mail Server Status – Ryzen2 (Ubuntu 25.10)
Objective: To host email services independently, replacing Manx Telecom’s legacy offering.
Rationale: Manx Telecom has been acquired by Jersey Telecom, with plans to charge £65 per annum per email address. This migration aims to preserve autonomy and reduce costs.
✅ Current Achievements
Mail Receipt Confirmed: Mail addressed to jsm@mckenzietrust.com (a domain owned by us) is successfully received via encrypted POP3S (port 995) using both Thunderbird and OpenSSL.
Maildir Workflow Operational: Messages arrive in Maildir/new and are moved every minute to Maildir/cur via a cron job. They are accessible locally using mutt.
SSL Layer Functional: POP3S handshake completes successfully, confirming certificate and encryption setup is sound.
⚠️ Known Issues
Remote Access Fails Silently: Thunderbird and OpenSSL clients connect but cannot retrieve messages from Maildir/cur or new. No errors are returned—access appears to die silently.
Dovecot Configuration Fragility: Any attempt to explicitly define mail_location in config files (e.g., 10-mail.conf) causes Dovecot to crash on startup. This behavior is consistent across both Ubuntu 25.04 and 25.10 builds. It is imperative not to attempt location overrides, as recovery requires reverting to a clean config state.
Post-Reboot Regression: Remote access was briefly functional but failed after a system reboot triggered by a firmware update. This suggests a state-dependent or ephemeral config success.
🧭 Configuration Notes
Dovecot and Postfix Versions: Packages from Ubuntu 25.04 were manually installed and locked to prevent auto-updates. This avoids compatibility issues with newer builds.
POP3S Listener Enabled: The following stanza is active in 10-master.conf: service pop3-login { inet_listener pop3 { port = 110 } inet_listener pop3s { port = 995 ssl = yes } }
SSL Configuration: ssl = yes ssl_server_cert_file = /etc/dovecot/private/dovecot.pem ssl_server_key_file = /etc/dovecot/private/dovecot.key These paths are valid and readable by root.
🧱 Constraints and Priorities
No Urgency: At least one month is available for debugging and refinement.
Web Server Stability Is Critical: The live web server must remain uninterrupted, as it hosts the McKenzie Trust’s public-facing structure.
Outbound Mail Deliverability: The domain currently uses DDNS. Without a PTR record, outbound mail from Ryzen2 may be rejected. A fixed IP or relay forwarding will be required.
🧩 Next Steps
- Investigate mailbox visibility for remote clients—likely a permissions or UID mapping issue.
- Consider enabling auth-master socket for privileged access if needed.
- Explore relay options or static IP acquisition to ensure outbound mail acceptance. EOF
regards jsm