So we have a web server, it would be a good idea to install a mail server, or MTA to use the technical jargon, to deliver emails generated by our system to external users. Strictly speaking this step is optional, you do not need the ability to send emails for the raw functionality we desire, but I am going to include it in this guide anyway.

As with the web server we’re not planning to do anything too complex with our mail server, but this is much more significant in this case. We do not need to accept smtp connections from outside, or root mail to local folders, indeed doing so would be a bad thing if we didn’t also have a way of reading those emails. So my choice of mail server in this case is also based upon what I am familiar with, and there are alternatives that could almost certainly do the job just as well. With that in mind we shall install Postfix.

sudo apt-get install postfix

This will bring up a menu asking what sort of mail service we want, the various options will all start with different configurations that best match the option you pick. As we are configuring this server to send emails to the internet the best matching option is “Internet Site”. When you pick this option you will be asked to put in a domain name, this should be the FQDN of the server “git.example.com” in this guide (don’t actually use “git.example.com” as you could upset people). In theory we now have a working mail server, in practise we don’t allow outside connections, and we need to tell the mail server where to deliver mail for local users. For this we are going to edit the main aliases file.

sudo truncate /etc/aliases --size=0
cat << EOF | sudo tee -a /etc/aliases > /dev/null
# See man 5 aliases for format
postmaster: user@example.com
root: user@example.com
mailer-daemon: user@example.com
git: user@example.com
EOF
sudo newaliases
echo "user@example.com" > ~/.forward

This will empty the default aliases file, and then put some defaults that are needed into it and generates the alias database that postfix uses with those entries in, and then make sure our local user’s emails will also get forwarded. This assumes the email address “user@example.com” exists, you should use a valid email address in it’s place. We will also need to ensure that emails generated for our user get forwarded to a valid email address. This is all we need to do to get our mail server working. However with the settings as they are now we will not use TLS encryption to send emails if it is available, fortunately this is easy to fix.

sudo postconf smtp_tls_security_level=may

Our mail server is now set up for use. Note that what we are using here is overkill for what we want, but is also terribly poor for an actual mail server that accepts and delivers emails. However as we have blocked incoming connections to port 25 using iptables in Starting With a Secure Base this shouldn’t be a problem for us.