This tutorial is Copyright
(c) 2007 by Justin Refice. It is
derived from various guides and original material, listed at the end of
You are free to use this tutorial under the Creative Commons license
2.5 or any later version.
This guide describes how to set up a full email solution in
Debian Linux (all code is from Debian Etch). I was asked to
design a secure, scalable, portable solution for a small company.
While the guide references many ‘servers’, the
company only had 4 physical machines, Xen was used to virtualize the
solution. That particular aspect of the system is not
discussed in this guide, although I will try to get it into the next
Just a note on the server names used below: If it doesn’t need
to be accessed by the internet, don’t let it be. Domain names
ending in internal.example.com are internal NIC/IP Addresses… there
no way to access them directly from the internet, nor should there be.
Any server that ONLY has an internal.example.com domain name
is a pure-internal server, and can’t be accessed directly from the
servers have two NICS (These can be two real NICs, or virtual).
The first NIC has access to the internet, and is strictly
firewalled. The second NIC has access to the internal
network, and has a little less security as a result. The
details of how to setup these NICs are outside the scope of this
document, but I may update it to include them in the future.