Setting Up a Mail Server and Sending Emails Using SMTP Commands in Kali Linux: A Comprehensive Guide

Setting Up a Mail Server and Sending Emails Using SMTP Commands in Kali Linux: A Comprehensive Guide

Kali Linux is a specialized Linux distribution tailored for cybersecurity professionals, penetration testers, and ethical hackers. Setting up a mail server on Kali Linux and using SMTP commands to send emails is invaluable for testing email functionalities, security configurations, and vulnerabilities in a controlled environment. This professional article provides a detailed, step-by-step guide to installing and configuring a mail server using Postfix for SMTP, integrating MySQL for user management, and sending emails via SMTP commands. It includes practical examples, usage scenarios, and ethical hacking considerations, reflecting best practices as of September 2025.

Introduction

A mail server handles email communication by sending and receiving messages via the Simple Mail Transfer Protocol (SMTP). Postfix, a robust and widely used Mail Transfer Agent (MTA), is ideal for setting up a mail server on Kali Linux. This guide focuses on configuring Postfix with MySQL for user management and demonstrates how to send emails using raw SMTP commands via tools like telnet or openssl. The setup is designed for local testing, emphasizing ethical and legal use in controlled environments.

Key Objectives

• Install and configure Postfix for SMTP.
• Integrate MySQL for managing email users.
• Send emails using SMTP commands manually.
• Provide a practical example of email sending.
• Offer ethical hacking techniques for testing mail server security.
• Highlight best practices for secure configuration.

Prerequisites

• Kali Linux 2025.x (or latest version) installed.
• Root or sudo privileges.
• Internet connection for package installation.
• Basic knowledge of Linux commands, MySQL, and SMTP.
• A controlled lab environment (e.g., local machine or VM) for testing.
• Explicit permission for any external testing (ethical hacking).
• A fully qualified domain name (FQDN) for testing (e.g., mail.example.com) or use localhost for local testing.

Installation and Setup

Step 1: Update Kali Linux

Ensure the system is up-to-date to avoid compatibility issues:

sudo apt update && sudo apt upgrade -y

This updates the package index and installs the latest patches.

Step 2: Install Postfix (SMTP Server)

Postfix is a reliable MTA for sending emails via SMTP. Install it with:

sudo apt install postfix postfix-mysql -y

During installation, select Internet Site and set the mail name to your FQDN (e.g., mail.example.com) or localhost for local testing. Verify Postfix is running:

sudo systemctl start postfix

sudo systemctl enable postfix

sudo systemctl status postfix

Check that Postfix is listening on port 25 (SMTP):

ss -ant | grep 25

Step 3: Install MySQL

MySQL will store user and domain information for the mail server. Install it with:

sudo apt install mysql-server -y

Secure the MySQL installation:

sudo mysql_secure_installation

Follow prompts to:

• Set a root password.
• Remove anonymous users.
• Disallow remote root login (recommended for security).
• Remove the test database.
• Reload privilege tables. Start and enable MySQL:

sudo systemctl start mysql

sudo systemctl enable mysql

Verify the service:

sudo systemctl status mysql

Step 4: Install Additional Tools

Install mailutils for command-line email testing:

sudo apt install mailutils -y

Install telnet and openssl for manual SMTP commands:

sudo apt install telnet openssl -y

Configuring the Mail Server

Step 5: Set Up MySQL Database and Users

Log in to MySQL:

sudo mysql -u root -p

Create a database and tables for mail users:

CREATE DATABASE mailserver;

USE mailserver;

CREATE TABLE virtual_domains (

    id INT AUTO_INCREMENT PRIMARY KEY,

    name VARCHAR(50) NOT NULL

);

CREATE TABLE virtual_users (

    id INT AUTO_INCREMENT PRIMARY KEY,

    domain_id INT NOT NULL,

    email VARCHAR(100) NOT NULL UNIQUE,

    password VARCHAR(106) NOT NULL

);

CREATE TABLE virtual_aliases (

    id INT AUTO_INCREMENT PRIMARY KEY,

    domain_id INT NOT NULL,

    source VARCHAR(100) NOT NULL,

    destination VARCHAR(100) NOT NULL

);

Insert a test domain and user:

INSERT INTO virtual_domains (id, name) VALUES (1, 'example.com');

INSERT INTO virtual_users (id, domain_id, email, password) VALUES (1, 1, 'test@example.com', ENCRYPT('secure_password', CONCAT('$6$', SUBSTRING(SHA(RAND()), -16))));

Create a MySQL user for Postfix:

CREATE USER 'mailuser'@'localhost' IDENTIFIED BY 'mailpassword';

GRANT SELECT ON mailserver.* TO 'mailuser'@'localhost';

FLUSH PRIVILEGES;

EXIT;

Step 6: Configure Postfix

Edit the main Postfix configuration file:

sudo nano /etc/postfix/main.cf

Add or modify:

myhostname = mail.example.com

mydestination = localhost

mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128

inet_interfaces = all

inet_protocols = all

virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf

virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf

virtual_alias_maps = mysql:/etc/postfix/mysql-virtual-alias-maps.cf

smtpd_sasl_auth_enable = yes

smtpd_sasl_type = dovecot

smtpd_sasl_path = private/auth

smtpd_sasl_security_options = noanonymous

smtpd_tls_security_level = may

smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem

smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key

Create MySQL configuration files for Postfix. For /etc/postfix/mysql-virtual-mailbox-domains.cf:

sudo nano /etc/postfix/mysql-virtual-mailbox-domains.cf

Add:

user = mailuser

password = mailpassword

hosts = 127.0.0.1

dbname = mailserver

query = SELECT 1 FROM virtual_domains WHERE name='%s'

For /etc/postfix/mysql-virtual-mailbox-maps.cf:

sudo nano /etc/postfix/mysql-virtual-mailbox-maps.cf

Add:

user = mailuser

password = mailpassword

hosts = 127.0.0.1

dbname = mailserver

query = SELECT 1 FROM virtual_users WHERE email='%s'

For /etc/postfix/mysql-virtual-alias-maps.cf:

sudo nano /etc/postfix/mysql-virtual-alias-maps.cf

Add:

user = mailuser

password = mailpassword

hosts = 127.0.0.1

dbname = mailserver

query = SELECT destination FROM virtual_aliases WHERE source='%s'

Set permissions:

sudo chmod 640 /etc/postfix/mysql-*.cf

sudo chown root:postfix /etc/postfix/mysql-*.cf

Create a mail storage directory:

sudo mkdir -p /var/mail/vhosts/example.com/test

sudo chown -R vmail:vmail /var/mail/vhosts

sudo groupadd -g 5000 vmail

sudo useradd -u 5000 -g vmail -s /usr/sbin/nologin -d /var/mail/vhosts vmail

Restart Postfix:

sudo systemctl restart postfix

Sending Emails Using SMTP Commands

Step 7: Send Email via SMTP Commands (Telnet)

Test SMTP by connecting to the server manually:

telnet localhost 25

Enter the following SMTP commands (press Enter after each):

EHLO localhost

MAIL FROM: <sender@example.com>

RCPT TO: <test@example.com>

DATA

Subject: Test Email

This is a test email sent via SMTP commands.

.

QUIT

• EHLO localhost: Initiates the SMTP session.
• MAIL FROM: Specifies the sender’s email.
• RCPT TO: Specifies the recipient’s email.
• DATA: Begins the email content, ended with a single . on a new line.
• QUIT: Closes the connection. Check the mail log for confirmation:

sudo tail -f /var/log/mail.log

The email should be stored in /var/mail/vhosts/example.com/test.

Step 8: Send Email via Secure SMTP (SMTPS)

For secure SMTP (port 587 or 465), use openssl:

openssl s_client -connect localhost:587 -starttls smtp

Enter the same SMTP commands as above:

EHLO localhost

MAIL FROM: <sender@example.com>

RCPT TO: <test@example.com>

DATA

Subject: Secure Test Email

This is a test email sent via SMTPS.

.

QUIT

Verify delivery in /var/mail/vhosts/example.com/test.

Practical Example: Command-Line Email Testing

Step 9: Test Email Sending with mail Command

Use the mail command for a simpler test:

echo "This is a test email from mailutils." | mail -s "Test Subject" test@example.com

Check the mail log:

sudo tail -f /var/log/mail.log

Verify the email in /var/mail/vhosts/example.com/test using:

cat /var/mail/vhosts/example.com/test/new/*

Ethical Hacking Techniques

Note: These techniques are for testing in controlled environments (e.g., localhost or authorized lab setups) with explicit permission. Unauthorized testing violates laws like the U.S. Computer Fraud and Abuse Act or GDPR.

1. SMTP User Enumeration

Goal: Identify valid email accounts. Steps:

1. Install smtp-user-enum:

sudo apt install smtp-user-enum

2. Test for valid users:

smtp-user-enum -M VRFY -u test -t localhost

3. Check for responses confirming test@example.com exists.
4. Mitigation: Disable VRFY/EXPN in /etc/postfix/main.cf:

smtpd_noop_commands = vrfy expn

Restart Postfix: sudo systemctl restart postfix.

2. SMTP Open Relay Testing

Goal: Check if the server allows unauthorized relaying. Steps:

1. Use telnet to test relaying:

telnet localhost 25

Enter:

EHLO localhost

MAIL FROM: <external@example.com>

RCPT TO: <external@otherdomain.com>

2. If RCPT TO is accepted, the server may be an open relay.
3. Mitigation: Restrict mynetworks in /etc/postfix/main.cf to trusted IPs and enable SASL authentication:

smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination

Restart Postfix: sudo systemctl restart postfix.

3. Sniffing Unencrypted SMTP Traffic

Goal: Capture SMTP credentials or emails. Steps:

1. Use Wireshark to monitor traffic:

sudo wireshark &

2. Filter for smtp and send an email via telnet localhost 25.
3. Check for plaintext credentials or email content.
4. Mitigation: Enable TLS in /etc/postfix/main.cf:

5.  smtpd_tls_security_level = encrypt

smtp_tls_security_level = encrypt

Restart Postfix: sudo systemctl restart postfix.

Best Practices

• Secure Configurations: Enforce TLS for SMTP (smtpd_tls_security_level = encrypt).
• Strong Passwords: Use complex passwords in MySQL for virtual_users.
• Firewall Rules: Restrict port 25 to trusted networks:

sudo ufw allow proto tcp from 127.0.0.1 to any port 25

• Regular Updates: Keep Postfix and MySQL updated: sudo apt update && sudo apt upgrade.
• Backup Data: Back up the MySQL database:

mysqldump -u mailuser -p mailserver > mailserver_backup.sql

• Ethical Testing: Test only in authorized environments and respect bug bounty scopes.
• Logging: Monitor /var/log/mail.log for issues and anomalies.

Limitations

• Kali Linux Stability: Designed for testing, not production; consider Ubuntu for production mail servers.
• Resource Usage: Postfix and MySQL can be resource-intensive; optimize configurations.
• Security Risks: Misconfigured servers can be exploited; secure ports and credentials.
• External Delivery: Sending emails to external domains requires proper DNS setup (MX, SPF, DKIM), which is complex and often restricted by VPS providers.
• Manual SMTP Commands: Error-prone for beginners; consider automated tools for production.

Conclusion

Setting up a mail server with Postfix on Kali Linux and sending emails via SMTP commands provides a powerful environment for testing email functionalities and security configurations. This guide demonstrated how to configure Postfix with MySQL, send emails using telnet and openssl, and perform ethical security tests. Always ensure you have permission for testing and follow best practices to secure your server. For further learning, explore resources like postfix.org, kali.org, or practice with tools like Metasploit.

To convert this Markdown to .docx for your website, use Pandoc: pandoc mailserver-smtp-kali-linux-tutorial.md -o mailserver-smtp-kali-linux-tutorial.docx. Alternatively, paste into Microsoft Word or a CMS with Markdown support.