If you're using Debian or Ubuntu, chasquid can be installed by running:
sudo apt install chasquid
If you're using Arch, there is a chasquid AUR package you can use. See the official Arch documentation for how to install it. If you use the pacaur helper, you can just run:
pacaur -S chasquid
Binary packages are also available, courtesy of foxcpp.
To get, build and install from source, you will need a working Go environment.
# Get the code and build the binaries.
git clone https://blitiri.com.ar/repos/chasquid
cd chasquid
make
# Install the binaries to /usr/local/bin.
sudo make install-binaries
# Copy the example configuration to /etc/chasquid and /etc/systemd, and create
# the /var/lib/chasquid directory.
sudo make install-config-skeleton
The configuration is in /etc/chasquid/ by default, and has the following
structure:
- chasquid.conf Main config file.
- domains/ Domains' data.
- example.com/
- users User and password database for the domain.
- aliases Aliases for the domain.
...
- certs/ Certificates to use, one dir per pair.
- mx.example.com/
- fullchain.pem Certificate (full chain).
- privkey.pem Private key.
...
The certs/ directory layout matches the one from certbot, letsencrypt's default client, to make it easier to integrate.
A convenient way to set this up is:
1) Obtain TLS certificates using certbot as needed.
2) Symlink chasquid's certs/ to /etc/letsencrypt/live:\
sudo ln -s /etc/letsencrypt/live/ /etc/chasquid/certs
3) Give chasquid permissions to read the certificates:\
sudo setfacl -R -m u:chasquid:rX /etc/letsencrypt/{live,archive}
4) Set up automatic renewal to restart chasquid when certificates are
renewed.
Please see the how-to guide for more detailed examples.
You can add users with:
chasquid-util user-add user@domain
This will also create the corresponding domain directory if it doesn't exist.
Run chasquid-util print-config to parse your configuration and display the
resulting values.
Run smtp-check yourdomain.com, it will check:
It needs to access port 25, which is often blocked by ISPs, so it's likely that you need to run it from your server.
chasquid supports running a post-DATA hook, which can be used to perform greylisting, and run anti-spam and anti-virus filters.
The hook should be at /etc/chasquid/hooks/post-data.
The one installed by default is a bash script supporting:
To use them, they just need to be available in your system.
For example, in Debian you can run the following to install all three:
apt install greylistd spamc clamdscan
usermod -a -G greylist mail
Note that the default hook may not work in all cases, it is provided as a practical example but you should adjust it to your particular system if needed.