Setup internal mail server

Hello
Please, help on how to setup an internal mail server with special requirements.
I already installed opensuse leap 15 with KDE and Samba. I use it with btrfs for backup storage.
I thought, maybe I could use the programs postfix+dovecot+getmail for this purpose.
But I don’t know much about this programs and maybe others are better suited?

Requirements:
The mail server must not be reachable from the internet. It must get all mails by POP.

[ul]
[li]This way, the local recipients will be in the “envelope-to” header.[/li][/ul]

[ul]
[li]Sometimes I recieve multiple mails with the same “message-id” header, but different “envelope-to”. [/li]So if possible the mail server must identify double mails using both the “message-id” + “envelope-to” header.
If this is not possible, it must not delete double mails at all.
[/ul]

Then the mails must be checked with spamassassin (I already have many rules) and write the result and report into the mail header.

[ul]
[li]Which else methods are available to check and modify mails?[/li][li]Like: remove all attachments that are not allowed?[/li][/ul]

Then the mail server should put all mails in a single mailbox or folder, no matter who they are addressed to.

[ul]
[li]Mailbox name = “incoming”.[/li][li]Each mail must be a single file in RFC-mail-format.[/li][/ul]

I want to check the files in this “incoming” folder with a python script I want to write.

[ul]
[li]Every mail that is classified as “good” according to certain criteria, will get moved to a second mailbox (name = “goodmails”).[/li][/ul]

[ul]
[li]IMAP access to this mailboxes is necessary to check the result of the filter process and to manually move good messages.[/li][/ul]

A DMS-program on another server will periodically retrieve all mails from “goodmails” via POP and distribute them to its own mailboxes.

[ul]
[li]But this DMS doesn’t have mail server functionality. [/li]It is even sending mails to other internal users to the external mail server.
[/ul]

This internal mail server must accept mails from the DMS-program (SMTP) and:

[ul]
[li]forward mails, that are adressed to external recipients, to the mail server of my webspace provider.[/li][LIST]
[li]If a mail is adressed to internal and external recipients, will the providers mail server send a copy back?[/li][/ul]

[li]and put mails that are adressed to internal recipients into the “goodmails” mailbox.[/li]In this case the filters should be bypassed.
But since I sometimes recieve malware mails with sender address RealUser@MyDomain.com, this bypass must be smart enough to distinguish between them.
[/LIST]

User Authentication:

[ul]
[li]Is it possible to authenticate mailbox users with linux user authentication, but only for 2 of 4 linux users, and the other 2 do not have a mailbox?[/li][li]And in this case, both mailbox folders should be in an common folder and not in the users home folder.[/li][/ul]

If I understand what you want to achieve correctly, you would like to set-up a local MTA – “Mail Transfer Agent” – with some very special requirements or, have I misunderstood you?

So, starting at the very beginning – with some ISBN references for books published by O’Reilly & Associates:

• The original, very flexible, MTA is “sendmail”.
• But, as noted in the openSUSE package description for “sendmail”:

The “Unix System Administration Handbook” calls sendmail “The most complex and complete mail delivery system in common use…” .

• ISBN: 0-596-00391-9 “Linux Security Cookbook” – Chapter 8: “Protecting Email” – section 8.18 “Using and SMTP Server from Arbitrary Clients”.

Therefore, there’s some reading to be done with respect to the “modern alternatives” to “sendmail”:

• ISBN-10: 0-596-00952-6 ISBN-13: 978-0-596-00952-6 “Linux System Administration” – Chapter 5: “Mail” – deals with security issues and, setting up “Postfix”.
• ISBN: 0-596-00640-3 “Linux Cookbook” – Chapter 20: “Building a Postfix Mail Server”.

[HR][/HR]BTW, the 5th edition of the “UNIX and Linux System Administration Handbook” is available from the publisher Addison-Wesley Professional – ISBN-10: 0-13-427755-4 – ISBN-13: 978-0-13-427755-4 …

As an author, editor, and publisher, I never paid much attention to the competition—except in a few cases. This is one of those cases. The UNIX System Administration Handbook is one of the few books we ever measured ourselves against.
Tim O’Reilly, founder of O’Reilly Media

If you’re setting up a mail server for only a few Users and you want to make those mailbox Users the same as locally logged in openSUSE User accounts,

You might want to start with what is available when you set up a mail server using YaST.
Although it’ll set up anti-virus a bit differently by default, it’s probably not a major problem to modify however you wish (if you can’t figure it out, ask again).
It can also set up fetchmail which accomplishes what you were asking about using POP.

I haven’t set up the openSUSE mail server any time recently, but I stepped through the first pages of the YaST mail server module and it all looks pretty much common; sense… to someone with some mail server experience.

I’d recommend you diagram what you want, using YaST to set up your mail server at the center of everything you want to do.
I don’t see any openSUSE documentation related to using the YaST mail server module, but if you run into specific problems you can post your questions.

TSU

Note BTRFS with snapper is NOT backup it does no help if drives fail. You still need to guard against equipment failure.

Thank you for the hints.
I didn’t know there is a Mail-Server setup in YaST - will try that later.

@TomMach:
The diagram doesn’t need to be a graphic masterpiece such as that in the “Mail” chapter of the O’Reilly “Linux System Administration” book – a “keyboard character” diagram such as those on the Postfix architecture overview page is also sufficient: <http://www.postfix.org/OVERVIEW.html>. A scanned “pencil and paper” diagram is also quite sufficient …

If you still wanted to make something close to a “masterpiece,”
You could create a Visio-like diagram with fancy shapes and flows using an app like Dia.

TSU