#!/bin/bash

# source:
# https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-postfix-as-a-send-only-smtp-server-on-ubuntu-22-04
# 

set your_domain="abc.com"

sudo apt update
sudo apt install mailutils

# sudo vim /etc/postfix/main.cf
# 
# change, to receive emails only from the server on which it is running—that is, from localhost
# inet_interfaces = loopback-only
# 
# change, if domain is actually a subdomain and you want the email messages to look as if they were sent from the main domain:
# 
# masquerade_domains = {your_main_domain}

# restart service
sudo systemctl restart postfix

# to test smtp is working:
# echo "This is the body of the email" | mail -s "This is the subject line" your_email_address

# to add email forwarding:
# sudo vim /etc/aliases
# 
# postmaster:    root
# root:          your_email_address
# 
# for the change to take effect run:
# sudo newaliases
# 
# to test email forwarding:
# echo "This is the body of the email" | mail -s "This is the subject line" root



# Enable SMTP Encryption
#
# install certbot:
sudo apt install certbot

# make sure server port 80 is open underfirewall
# if you are using on server firewall "ufw", do:
# sudo ufw allow 80

# get cert
sudo certbot certonly --standalone --rsa-key-size 4096 --agree-tos --preferred-challenges http -d $your_domain

# sudo vim /etc/postfix/main.cf
# 
# smtpd_tls_cert_file=/etc/letsencrypt/live/your_domain/fullchain.pem
# smtpd_tls_key_file=/etc/letsencrypt/live/your_domain/privkey.pem

# restart service
# sudo systemctl restart postfix

# test 
# echo "This is the body of an encrypted email" | mail -s "This is the subject line" root



# dkim setup
# ref: https://www.linuxbabe.com/mail-server/setting-up-dkim-and-spf
apt install opendkim opendkim-tools
gpasswd -a postfix opendkim
vim /etc/opendkim.conf
# ...