This commit is contained in:
lxy 2018-12-19 09:35:33 +08:00
parent 522d126516
commit 31b5122870
2 changed files with 235 additions and 237 deletions

View File

@ -1,237 +0,0 @@
translating by lixinyuxx
My personal Email setup - Notmuch, mbsync, postfix and dovecot
======
I've been using personal email setup for quite long and have not documented it anywhere. Recently when I changed my laptop (a post is pending about it) I got lost trying to recreate my local mail setup. So this post is a self documentation so that I don't have to struggle again to get it right.
### Server Side
I run my own mail server and I use postfix as SMTP server and Dovecot for the IMAP purpose. I'm not going into detail of setting those up as my setup was mostly done by using scripts created by Jonas for Redpill infrastructure. What redpill is?. (In jonas's own words)
> <jonas> Redpill is a concept - a way to setup Debian hosts to collaborate across organisations <jonas> I develop the concept, and use it for the first ever Redpill network-of-networks redpill.dk, involving my own network (jones.dk), my main client's network (homebase.dk), a network in Germany including Skolelinux Germany (free-owl.de), and Vasudev's network (copyninja.info)
Along with that I have a dovecot sieve filtering to classify on high level mails into various folders depending on from where they originate. All the rules live in the ~/dovecot.sieve file under every account which has a mail address.
Again I'm not going into detail of how to set these things up, as its not goal of my this post.
### On my Laptop
On my laptop I've following 4 parts setup
1. Mail syncing : Done using mbsync command
2. Classification: Done using notmuch
3. Reading: Done using notmuch-emacs
4. Mail sending: Done using postfix running as relay server and SMTP client.
### Mail Syncing
Mail syncing is done using mbsync tool, I was previously user of offlineimap and recently switched to mbsync as I felt it more lighter and simpler to configure than offlineimap. mbsync command is provided by package isync.
Configuration file is ~/.mbsyncrc. Below is my sample content with some private things redacted.
```
IMAPAccount copyninja
Host imap.copyninja.info
User vasudev
PassCmd "gpg -q --for-your-eyes-only --no-tty --exit-on-status-write-error --batch --passphrase-file ~/path/to/passphrase.txt -d ~/path/to/mailpass.gpg"
SSLType IMAPS
SSLVersion TLSv1.2
CertificateFile /etc/ssl/certs/ca-certificates.crt
IMAPAccount gmail-kamathvasudev
Host imap.gmail.com
User kamathvasudev@gmail.com
PassCmd "gpg -q --for-your-eyes-only --no-tty --exit-on-status-write-error --batch --passphrase-file ~/path/to/passphrase.txt -d ~/path/to/mailpass.gpg"
SSLType IMAPS
SSLVersion TLSv1.2
CertificateFile /etc/ssl/certs/ca-certificates.crt
IMAPStore copyninja-remote
Account copyninja
IMAPStore gmail-kamathvasudev-remote
Account gmail-kamathvasudev
MaildirStore copyninja-local
Path ~/Mail/vasudev-copyninja.info/
Inbox ~/Mail/vasudev-copyninja.info/INBOX
MaildirStore gmail-kamathvasudev-local
Path ~/Mail/Gmail-1/
Inbox ~/Mail/Gmail-1/INBOX
Channel copyninja
Master :copyninja-remote:
Slave :copyninja-local:
Patterns *
Create Both
SyncState *
Sync All
Channel gmail-kamathvasudev
Master :gmail-kamathvasudev-remote:
Slave :gmail-kamathvasudev-local:
# Exclude everything under the internal [Gmail] folder, except the interesting folders
Patterns * ![Gmail]*
Create Both
SyncState *
Sync All
```
Explanation for some interesting part in above configuration. One is the PassCmd which allows you to provide shell command to obtain the password for the account. This avoids filling in the password in configuration file. I'm using symmetric encryption with gpg and storing password some where on my disk. Which is of course just safe guarded by Unix ACL.
I actually wanted to use my public key to encrypt the file but unlocking the file when script is run in background or via systemd looks difficult (or looked nearly impossible). If you have better suggestion I'm all ears :-).
Next instruction part is Patterns. This allows you to selectively sync mail from your mail server. This was really helpful for me to exclude all crappy [Gmail]/ folders.
### Mail Classification
Once mail is locally on your device, we need a way to read the mails easily in a mail reader. My original setup was serving synced Maildir using local dovecot instance and read it in Gnus. This setup was bit of a over kill with all server software setups but inability of Gnus to not cope well with Maildir format this was best way to do it. This setup also has a disadvantage, that is searching a mail quickly when you have huge pile of mail to go through. This is where notmuch comes into picture.
notmuch allows me to easily index through Gigabytes of my mail archives and get what I need very easily. I've created a small script which combines executing of mbsync and notmuch execution. I tag mails based on the Maildirs which are actually created on server side using dovecot sieve. Below is my full shell script which is doing task of syncing classification and deleting of spams.
```
#!/bin/sh
MBSYNC=$(pgrep mbsync)
NOTMUCH=$(pgrep notmuch)
if [ -n "$MBSYNC" -o -n "$NOTMUCH" ]; then
echo "Already running one instance of mail-sync. Exiting..."
exit 0
fi
echo "Deleting messages tagged as *deleted*"
notmuch search --format=text0 --output=files tag:deleted |xargs -0 --no-run-if-empty rm -v
echo "Moving spam to Spam folder"
notmuch search --format=text0 --output=files tag:Spam and \
to:vasudev@copyninja.info | \
xargs -0 -I {} --no-run-if-empty mv -v {} ~/Mail/vasudev-copyninja.info/Spam/cur
notmuch search --format=text0 --output=files tag:Spam and
to:vasudev-debian@copyninja.info | \
xargs -0 -I {} --no-run-if-empty mv -v {} ~/Mail/vasudev-copyninja.info/Spam/cur
MDIR="vasudev-copyninja.info vasudev-debian Gmail-1"
mbsync -Va
notmuch new
for mdir in $MDIR; do
echo "Processing $mdir"
for fdir in $(ls -d /home/vasudev/Mail/$mdir/*); do
if [ $(basename $fdir) != "INBOX" ]; then
echo "Tagging for $(basename $fdir)"
notmuch tag +$(basename $fdir) -inbox -- folder:$mdir/$(basename $fdir)
fi
done
done
```
So before running mbsync I search for all mails tagged as deleted and delete them from system. Next I look for mails tagged as Spam on both my accounts and move it to Spam folder. Yeah you got it right these are mails escaping the spam filter and landing in my inbox and personally marked as Spam.
After running mbsync I tag mails based on their folder (searching string folder:). This allows me easily get contents of lets say a mailing list without remembering the list address.
### Reading Mails
Now that we have synced and classified mail its time to setup the reading part. I use notmuch-emacs interface to read the mails. I use Spacemacs flavor of emacs so I took some time to write down the a private layer which brings together all my keybindings and classification in one place and does not clutter my entire .spacemacs file. You can find the code for my private layer in [notmuch-emacs-layer repository][1]
### Sending Mails
Well its not sufficient that if we can read mails, we need to be able to reply to mail. And this was the slightly tricky part where I recently got lost and had to write this post so that I don't forget it again. (And of course don't have to refer some outdated posts on web).
My setup to send mails is using postfix as SMTP client with my own SMTP server as relayhost for it. The problem of relaying is it's not for the hosts with dynamic IP. There are couple of ways to allow hosts with dynamic IP to use relay servers, one is put the IP address from where mail will originate into my_network or second use SASL authentication.
My preferred way is use of SASL authentication. For this I first had to create a separate account one for each machine which is going to relay the mails to my main server. Idea is to not use my primary account for SASL authentication. (Originally I was using primary account, but Jonas gave this idea of account per road runner).
```
adduser <hostname>_relay
```
Here replace <hostname> with name of your laptop/desktop or whatever you are using. Now we need to adjust postfix to act as relaying server. So add following lines to postfix configuration
```
# SASL authentication
smtp_sasl_auth_enable = yes
smtp_tls_security_level = encrypt
smtp_sasl_tls_security_options = noanonymous
relayhost = [smtp.copyninja.info]:submission
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
```
So here relayhost is the server name which your postfix instance will be using to relay mails forward into internet. :submission part tells postfix to forward mail on to port 587 (secure). smtp_sasl_tls_security_options is set to disallow anonymous connection. This is must so that relay server trusts your mobile host and agrees to forward the mail for you.
/etc/postfix/sasl_passwd is the file where you need to store password for account to be used for SASL authentication with server. Put following content into it.
```
[smtp.example.com]:submission user:password
```
Replace smtp.example.com with your SMTP server name which you have put in relayhost configuration. Replace user with <hostname>_relay user you created and its password.
To secure the sasl_passwd file and create a hash of it for postfix use following command.
```
chown root:root /etc/postfix/sasl_passwd
chmod 0600 /etc/postfix/sasl_passwd
postmap /etc/postfix/sasl_passwd
```
The last command will create /etc/postfix/sasl_passwd.db file which is hash of your file /etc/postfix/sasl_passwd with same owner and permission. Now reload the postfix and check if mail makes out of your system using mail command.
### Bonus Part
Well since I've a script created above bringing together mail syncing and classification. I went ahead and created a systemd timer to periodically sync mails in the background. In my case every 10 minutes. Below is mailsync.timer file.
```
[Unit]
Description=Check Mail Every 10 minutes
RefuseManualStart=no
RefuseManualStop=no
[Timer]
Persistent=false
OnBootSec=5min
OnUnitActiveSec=10min
Unit=mailsync.service
[Install]
WantedBy=default.target
```
Below is mailsync.service which is needed by mailsync.timer to execute our scripts.
```
[Unit]
Description=Check Mail
RefuseManualStart=no
RefuseManualStop=yes
[Service]
Type=oneshot
ExecStart=/usr/local/bin/mail-sync
StandardOutput=syslog
StandardError=syslog
```
Put these files under /etc/systemd/user and run below command to enable them.
```
systemctl enable --user mailsync.timer
systemctl enable --user mailsync.service
systemctl start --user mailsync.timer
```
So that's how I've sync and send mail from my system. I came to know about afew from Jonas Smedegaard who also proof read this post. So next step I will try to improve my notmuch configuration using afew and of course a post will follow after that :-).
--------------------------------------------------------------------------------
via: https://copyninja.info/blog/email_setup.html
作者:[copyninja][a]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:https://copyninja.info
[1]:https://source.copyninja.info/notmuch-emacs-layer.git/

View File

@ -0,0 +1,235 @@
我的个人电子邮件系统 - Notmuch, mbsync, postfix and dovecot
======
我使用个人电子邮件系统已经相当长的时间了, 没有文字记录。最近当我换了我的笔记本电脑(职业变更做的变动)我在试图重新创建本地邮件设置时迷路了。所以这篇文章是一个自我文档, 这样我就不用再挣扎了就能改正过来。
### 服务器端
我运行自己的邮件服务器, 并使用 Postfix 作为 SMTP 服务器和用 Dovecot 实现 IMAP 。我不打算详细介绍如何配置这些设置, 因为我的设置主要是通过使用 Jonas 为 Redpill 基础架构创建的脚本完成的。什么是 Redpill (用 Jonas 自己的话说)
> <jonas> Redpill 是一个概念 - 一种设置 Debian hosts 去跨组织协作的方式<jonas> 我发展了这个概念, 并将其首次使用 Redpill 去联网 redpill.dk, 涉及我自己的网络 (jones.dk), 我的主要客户的网络 (homebase.dk),在德国的一个网络, 包括Skolelinux Germany (free-owl.de), 和 Vasudev 的网络 (copyninja.info)
除此之外, 我还有一个 dovecot sieve 过滤, 根据邮件的来源, 对高级邮件进行分类, 并将其分类到各种文件夹中。所有的规则都存在于每个有邮件地址的账户下的 ~/dovecot.sieve文件中。
再次, 我不详细介绍如何设置这些东西, 因为这不是我这个帖子的目标。
### 在我的笔记本电脑上
在我的笔记本电脑上, 我已经按照4个部分设置
1. 邮件同步: 使用 mbsync 命令完成
2. 分类: 使用 notmuch 完成
3. 阅读: 使用 notmuch-emacs 完成
4. 邮件发送: 使用作为转接服务器和 SMTP 客户端运行的 postfix 完成。
### 邮件同步
邮件同步是使用 mbsync 工具完成的, 我以前是离线的用户, 最近切换到 mbsync, 因为我觉得它比 OfflineIMAP 的配置更轻, 更简单。命令是由包 isync 提供的。
配置文件是 ~/.mbsyncrc. 下面是我的例子与一些私人设置。
```
IMAPAccount copyninja
Host imap.copyninja.info
User vasudev
PassCmd "gpg -q --for-your-eyes-only --no-tty --exit-on-status-write-error --batch --passphrase-file ~/path/to/passphrase.txt -d ~/path/to/mailpass.gpg"
SSLType IMAPS
SSLVersion TLSv1.2
CertificateFile /etc/ssl/certs/ca-certificates.crt
IMAPAccount gmail-kamathvasudev
Host imap.gmail.com
User kamathvasudev@gmail.com
PassCmd "gpg -q --for-your-eyes-only --no-tty --exit-on-status-write-error --batch --passphrase-file ~/path/to/passphrase.txt -d ~/path/to/mailpass.gpg"
SSLType IMAPS
SSLVersion TLSv1.2
CertificateFile /etc/ssl/certs/ca-certificates.crt
IMAPStore copyninja-remote
Account copyninja
IMAPStore gmail-kamathvasudev-remote
Account gmail-kamathvasudev
MaildirStore copyninja-local
Path ~/Mail/vasudev-copyninja.info/
Inbox ~/Mail/vasudev-copyninja.info/INBOX
MaildirStore gmail-kamathvasudev-local
Path ~/Mail/Gmail-1/
Inbox ~/Mail/Gmail-1/INBOX
Channel copyninja
Master :copyninja-remote:
Slave :copyninja-local:
Patterns *
Create Both
SyncState *
Sync All
Channel gmail-kamathvasudev
Master :gmail-kamathvasudev-remote:
Slave :gmail-kamathvasudev-local:
# Exclude everything under the internal [Gmail] folder, except the interesting folders
Patterns * ![Gmail]*
Create Both
SyncState *
Sync All
```
对上述配置中的一些有趣部分进行说明。一个是 PassCmd , 它允许您提供 shell 命令来获取帐户的密码。这样可以避免在配置文件中填写密码。我使用对称加密与 gpg 和存储密码在我的磁盘上的一些地方。这当然是由 Unix ACL 保护安全。
实际上, 我想使用我的公钥加密文件, 但当脚本在后台或通过 systemd 运行时, 解锁文件看起来很困难 (或看起来几乎不可能)。如果你有更好的建议, 我洗耳恭听:-)。
下一个指令部分是模式。这使您可以有选择地同步来自邮件服务器的邮件。这对我来说真的很有帮助, 可以排除所有的垃圾 [Gmail]/ folders.
### 邮件分类
一旦邮件在您本地的设备, 我们需要一种方法来轻松地在邮件读取器中读取邮件。我最初的设置使用本地 dovecot 实例提供同步 Maildir, 并在 Gnus 中阅读。这种设置是有点大题小作相比于设置所有服务器软件, 但 Gnus 无法很好地应付 maildir 格式, 这是最好的方法。这个设置也有一个缺点, 那就是在你有大量邮件要看的时候快速搜索邮件。这是为数不多的情况。
不多让我很容易索引通过千兆字节的邮件档案, 并很容易得到我需要的东西。我已经创建了一个小脚本, 它结合了执行 mbsync 和 notmuch 执行语句。我基于 Maildirs 标记邮件, 实际上是创建在服务器端使用 dovecot sieve 。下面是我的完整 shell 脚本, 它正在执行同步分类和删除垃圾邮件的任务。
```
#!/bin/sh
MBSYNC=$(pgrep mbsync)
NOTMUCH=$(pgrep notmuch)
if [ -n "$MBSYNC" -o -n "$NOTMUCH" ]; then
echo "Already running one instance of mail-sync. Exiting..."
exit 0
fi
echo "Deleting messages tagged as *deleted*"
notmuch search --format=text0 --output=files tag:deleted |xargs -0 --no-run-if-empty rm -v
echo "Moving spam to Spam folder"
notmuch search --format=text0 --output=files tag:Spam and \
to:vasudev@copyninja.info | \
xargs -0 -I {} --no-run-if-empty mv -v {} ~/Mail/vasudev-copyninja.info/Spam/cur
notmuch search --format=text0 --output=files tag:Spam and
to:vasudev-debian@copyninja.info | \
xargs -0 -I {} --no-run-if-empty mv -v {} ~/Mail/vasudev-copyninja.info/Spam/cur
MDIR="vasudev-copyninja.info vasudev-debian Gmail-1"
mbsync -Va
notmuch new
for mdir in $MDIR; do
echo "Processing $mdir"
for fdir in $(ls -d /home/vasudev/Mail/$mdir/*); do
if [ $(basename $fdir) != "INBOX" ]; then
echo "Tagging for $(basename $fdir)"
notmuch tag +$(basename $fdir) -inbox -- folder:$mdir/$(basename $fdir)
fi
done
done
```
因此, 在运行 mbsync 之前, 我搜索所有标记为已删除的邮件, 并将其从系统中删除。接下来, 我在我的帐户上查找标记为 "垃圾邮件" 的邮件, 并将其移动到垃圾邮件文件夹。你做的对, 这些邮件逃脱垃圾邮件过滤器进到我的 inbox, 并被我亲自标记为垃圾邮件。
运行 mbsync 后, 我基于他们的文件夹标记邮件 (搜索字符串文件夹:)。这让我可以很容易地得到一个邮件列表的内容, 而不需要记住列表地址。
### 阅读邮件
现在, 我们已经实现同步和分类邮件,是时候来设置阅读部分。我使用 notmuch-emacs 界面来阅读邮件。我使用 emacs 的 Spacemacs 风格, 所以我花了一些时间写下一个私有层, 它将我所有的快捷键和分类集中在一个地方, 不会扰乱我的整个. spacemacs 文件。您可以在 [notmuch-emacs-layer repository][1] 找到我私有层的代码。
### 发送邮件
如果我们能阅读邮件, 我们就需要能够回复邮件, 这还不够。而这是我最近迷惑的一个略显棘手的部分, 不得不写这篇文章, 这样我就不会再忘记了。(当然也不必在网络上引用一些过时的帖子)。
我的设置发送邮件使用 postfix 作为 SMTP 客户端与我自己的 SMTP 服务器作为它的转接主机。转接的问题是, 它不是具有动态 IP 的主机。有几种方法可以允许具有动态 ip 的主机使用转接服务器, 一种是将邮件从其中发源于 my_network 或第二个使用 SASL 身份验证的 IP 地址。
我的首选方法是使用 SASL 身份验证。为此, 我首先要为每台机器创建一个单独的账户, 它将把邮件传递到我的主服务器上。想法是不使用我的主帐户 SASL 进行身份验证。(最初我使用的是主要账户, 但 Jonas 给出了每个可行账户的想法
```
adduser <hostname>_relay
```
这里替换 <hostname> 与您的笔记本电脑的名称或任何你正在使用的设备。现在我们需要调整 postfix , 作为转接服务器。因此, 在 postfix 配置中添加以下行
```
# SASL authentication
smtp_sasl_auth_enable = yes
smtp_tls_security_level = encrypt
smtp_sasl_tls_security_options = noanonymous
relayhost = [smtp.copyninja.info]:submission
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
```
因此, 这里的 relayhost 是您的 postfix 实例将用于邮件转发到互联网的服务器名称。submission 的部分 postfix 将邮件转发到端口 587 (安全)。smtp_sasl_tls_security_options 设置为不允许匿名连接。这必须使转接服务器信任您的移动主机, 并同意为您转发邮件。
/etc/postfix/sasl__asswd 是您需要存储用于服务器 SASL 身份验证的帐户密码的文件。将以下内容放入其中。
```
[smtp.example.com]:submission user:password
```
替换 smtp.example.com 用你的 SMTP 服务器名称, 您已输入的 relayhost 认证。 用您创建的用户及其密码替换 user with <hostname>_relay 。
若要保护 sasl_passwd 文件, 并创建它的哈希值进行 postfix 使用以下命令。
```
chown root:root /etc/postfix/sasl_passwd
chmod 0600 /etc/postfix/sasl_passwd
postmap /etc/postfix/sasl_passwd
```
最后的命令将创建 /etc/postfix/sasl_passwd.db 文件是您的文件的哈希值 /etc/postfix/sasl_passwd 具有相同的所有者和权限。现在重新加载 postfix, 并检查邮件是否使用邮件命令从您的系统中取出。
### Bonus 的部分
好吧, 因为我有一个脚本创建以上结合了邮件的同步和分类。我继续创建了一个 systemd 计时器, 以定期同步后台的邮件。就我而言, 每10分钟一次。下面是 mailsync.timer 文件。
```
[Unit]
Description=Check Mail Every 10 minutes
RefuseManualStart=no
RefuseManualStop=no
[Timer]
Persistent=false
OnBootSec=5min
OnUnitActiveSec=10min
Unit=mailsync.service
[Install]
WantedBy=default.target
```
下面是 mailsync. 服务, 这是邮件同步计时器执行我们的脚本所需要的。
```
[Unit]
Description=Check Mail
RefuseManualStart=no
RefuseManualStop=yes
[Service]
Type=oneshot
ExecStart=/usr/local/bin/mail-sync
StandardOutput=syslog
StandardError=syslog
```
将这些文件置于 /etc/systemd/user 目录下并运行以下代码去开启他们
```
systemctl enable --user mailsync.timer
systemctl enable --user mailsync.service
systemctl start --user mailsync.timer
```
这就是我从系统同步和发送邮件的方式。我从 Jonas Smedegaard 那里了解到了 afew 他同时阅读了这篇帖子。因此, 下一步, 我将尝试使用 afew 改进我的 notmuch 配置, 当然还会有一个后续的帖子:-)。
--------------------------------------------------------------------------------
via: https://copyninja.info/blog/email_setup.html
作者:[copyninja][a]
译者:[lixinyuxx](https://github.com/lixinyuxx)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:https://copyninja.info
[1]:https://source.copyninja.info/notmuch-emacs-layer.git/