BullMail is a no-bullshit solution to setup an E-Mail server on a Debian/Ubuntu shitbox.

What it does

• Creates an SMTP server (postfix, to send and receive E-Mails)
• Creates an IMAP server (dovecot, to check your E-Mails)
• Configures rspamd server to filter the spam (yes, the junk emails goes in the Junk folder! WOW!!!)
• Signs outgoing E-Mails with DKIM (using rspamd)
• Strips out your IP address and user agent from the headers of outgoing E-Mails (and no, it doesn't fuck with the INCOMING headers for fucks sake!)
• Adds User-Agent: Mozilla Thunderbird to all E-Mails instead ^^
• sendmail just fucking works. No header fuckery, it all just fucking works as described. Programs like Gitea don't fail to send out mail.
• Mailboxes: Inbox, Drafts, Sent, Junk & Trash for each user. If you remove & add an E-Mail account in your client, the mailboxes don't DISAPPEAR FOR NO FUCKING REASON!!
• Mails are stored in ~/Maildir, no unecessary database bullshit, just live your life and go outside
• Restores your sanity, it just fucking works

What it DOESN'T do

• Sets up some gay fucking roundcube piece of shit webmail interface (although you can set that shit up if you're homosexual)
• Fucks with SSL certificate creation: YOU SUPPLY YOUR OWN FUCKING CERTIFICATE! (Just make sure to restart postfix, dovecot & rspamd IN THIS ORDER when replacing the cert)
• Not suitable for many users, since they need a /home/ directory. Meant for private use. If you want to run a public mail server, here's a pro tip: FUCKING DON'T DO THAT

Port bindings

Certain pieces of shit ISPs like Videotron will block you from connecting to your server on ports 25 and 143, so special alternative ports are configured. If your client is explicitly configured to do so, you can connect without SSL with plain auth, so legacy E-Mail clients (like a 4th gen iPod touch) can connect without any bullshit.

• SMTP: 25, 2525 (SASL+Plain auth with optional STARTTLS)
• IMAP: 143, 1143 (SASL+Plain auth, NO SSL)
• IMAPs: 993, 1993 (SASL+Plain auth, SSL)

Requirements

• You need a domain, duh. Complete control over it.
• A compute machine. Don't get some scummy host, otherwise your E-Mails are going straight to spam. If you're hosting it under a residential IP, you will get issues with spam lists. DO YOUR RESEARCH
• Patience. I know it's your 10th attempt installing an E-Mail server, trust me this script just fucking works okay?

Installation

Step 1

Log onto your registrar and set and A and AAAA record onto your domain that points to your server. For the retards in the back:

• A record: You give an IPv4 address to your server
• AAAA record: Thats where you put the IPv6 address

Now, you want to point these records in a way that mail.yourdomain.com resolves to your server's IP.

Now, make sure to also add these TXT records (these TXT records have no name. Input @ if it forces you to put a name in):

v=spf1 mx a:mail.yourdomain.com ip4:51.79.70.119 ip6:2607:5300:205:200::35c2 -all

v=DMARC1; p=reject; rua=mailto:postmaster@yourdomain.com; fo=1

Replace the domain, ip4 and ip6 with your own.

Lastly, add this MX record to your domain:

mail.yourdomain.com

If it asks for a distance/priority parameter, input 10.

Keep your domain's DNS manager open, we're not done with it.

Step 2

Go to your host's server configuration panel and set the rDNS (Reverse DNS) to mail.yourdomain.com (obviously, replace yourdomain.com with your own). This helps some exotic mail servers to perceive your E-Mails as not spam. After setting up the rDNS, restart the server and run this from your local machine:

will@fuckedmachine:~$ ping yourdomain.com
PING yourdomain.com (x.x.x.x) 56(84) bytes of data.
64 bytes from mail.yourdomain.com (x.x.x.x): icmp_seq=1 ttl=52 time=13.4 ms
^C
--- yourdomain.com ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 13.445/13.445/13.445/0.000 ms

The 3rd line is the interesting part. It should say 64 bytes from mail.yourdomain.com.

Step 3

SSH onto your shitbox and become root

sudo su

Step 4

Create your mail user. Note that all users with the mail group will be able to send and receive mail.

useradd -m yourname -G mail
passwd yourname

OR... If you already have an user that you use (say, will), do this instead:

usermod -aG mail will

-aG tells your stupid server "hey, mail is a secondary group for will!" -G says it's the primary group.

Step 5

Run these commands (don't run bullmail.sh quite yet you moron)

git clone https://git.lolcat.ca/lolcat/bullmail
cd bullmail/script
chmod +x bullmail.sh

Step 6

Edit bullmail.sh and change the variables at the top to what matches your configuration. In my case, this is what I used:

#
# Input your settings here
#
tls_cert="/etc/apache2/ssl/lolcat.ca.pem"
tls_key="/etc/apache2/ssl/lolcat.ca.key"
hostname="mail.lolcat.ca"
domain="lolcat.ca"

Yes, you need to provide your own TLS certificates. Pro tip: ACME.sh rules, you will lose your sanity using certbot.

Step 7

I know this is not the first time you're trying to install a mail server. Make sure that you cleaned up your previous attempts before running this. This script makes an effort to clean up after your mess, but there are no guarantees.

Step 8

Run the script. Make sure you're root and inside the script folder

./bullmail.sh

Wait for it to complete. Trust the plan. When postfix asks questions, pick "Internet site" and when it asks for a domain enter yourdomain.com (obviously, replace yourdomain.com with your own domain. Don't add mail. in front of it)

Step 9

The script should output something like this at the end:

Done. Please set this TXT record on your yourdomain.com domain.
mail._domainkey IN TXT ( "v=DKIM1; k=rsa; "
    "p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvrB..." ) ;
Bye!

In your DNS settings of your domain, create a TXT record called mail._domainkey with this shit in it. Notice how you need to remove the weird quotes the script outputs after k=rsa; ". Example:

v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvrB... (truncated)

Make sure to copy-paste what the script outputs, not the bullshit I gave as an example, you moron.

Check the shit works

Make sure to wait for the DNS to propagate, and then send an email to ping@tools.mxtoolbox.com. You should get an email back with your deliverability score, and it should tell you if your DKIM is setup correctly. You'll also see what headers are being sent when you send out an email. Here are what my headers look on my server:

From will@lolcat.ca  Fri Jul 11 03:32:35 2025
Return-Path: <will@lolcat.ca>
X-Original-To: ping@tools.mxtoolbox.com
Delivered-To: ping@tools.mxtoolbox.com
Received: from mail.lolcat.ca (mail.lolcat.ca [51.79.70.119])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256)
	(No client certificate requested)
	by tools.mxtoolbox.com (Postfix) with ESMTPS id 84DB9AD33D
	for <ping@tools.mxtoolbox.com>; Fri, 11 Jul 2025 03:32:35 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lolcat.ca; s=mail;
	t=1752204755;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=g3zLYH4xKxcPrHOD18z9YfpQcnk/GaJedfustWU5uGs=;
	b=RNPVHLULrmpWuCTizr8z8B7aTIUdd19GBeKevo21hacpjS2aFWEDhE8vhea25/XikmJ+8C
	ywJLr+TXO+iHb1mG30Unf+760NFuoT3OlAnTHhXbL+D9ozEeKfSbIp4kEtCYwTwRExfrOx
	FxiKUvBhUXe1Wy8O8lTKZbhri1N+2pM=
Message-ID: <c1575f29-6793-4971-99ba-eb7ad4b3254f@lolcat.ca>
Date: Thu, 10 Jul 2025 23:32:34 -0400
MIME-Version: 1.0
To: ping@tools.mxtoolbox.com
Content-Language: en-US
User-Agent: Mozilla Thunderbird
From: will <will@lolcat.ca>
Subject: test
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit

test

Additional configuration

rspamd is your spam filter. You can tweak it manually to instruct it to block specific E-Mails, depending of your situation.

Screenshots

Inbox

Junk

4th gen iPod mail reader

License

WTFPL