Migration & Retirement of MacOS Server Mail Service

John Hartley -

Status:

November 2024 - Biting the bullet and writing notes along the way to replace macOS Mail services

Up to MacOS High Sierra Apple had its macOS Server product which allowed users to self host:

  • Mail - using tuned Postfix/Dovecot/amavis/ClamAV implementation
  • OpenDirectory - based on OpenLDAP
  • CalDAV/CardDAV - Calender and Address services
  • Messages/XMPP - Federated Messaging service based
  • File Sharing Services - which were folding to macOS
  • Profile Services - for user device profile management

Apple published notice and guideance in via support note and while most if services had relatively simple single server replacements, the Mail service did not, as it was built from quite a few components.

Though long retired I continued to use macOS Mail Services, as its replacement was more complicated than other services and email has been functionally stable for a long time.

So "if it ain't broke, then don't fix it"....

In 2024 this is no longer the case:

  • ClamAV Version Obselete - so no longer getting virus signature updates
  • SSL Security Fixes - there have signficiant number of SSL related security fixes that are no longer being provided with macOS High Sierra
  • SSL Encryption Algorithms - SSL has also had new and more secure algorihims added and older ones are no longer considered secure
  • IOS 18.X has broken iPhone/iPad IMAP pickup - the macOS Server Dovecot IMAP implementation now has issues with latest iPhone / iPad Mail client, and while this appears to be client but, a fix from Apple has not been forthcoming, so other option is to update Dovecot IMAP server to newer release

So time has come to look to replace macOS Server Mail services and retire it,

Mail Replacement Requirements & Options

The macOS Server Mail services are build from the following Open Source components:

  • Postfix - mature and widely deployed Simple Mail Transport Protocol (SMTP) based Mail Transfer Agent (MTA). This is responsible for sending mail across different organisations mail servers.
  • Dovecot - mature and widely deployed Internet Message Access Protcol (IMAP) server. This is responsible for providing user mail retieval service, also known as mail delivery agent (MDA).
  • amavis - provide interface between MTA and MDA to allow anti-virus scanning agent (such as ClamAV)
  • ClamAV - an mail content virus scanner
  • Spamhaus - provides online email delivery restrictions database to help filter out email spanners etc

So like for like replacemet should provide these services and also allow integration with LDAP for checking valid email recipients to replace Open Directory service and for SSL use LetsEncrypt certificate service to get certificates.

So building a replacement email server which features equivant to the macOS Mail Services requires integration of quite a few components and is not just a matter of running an Postfix / Dovement based service as this will not have the additional and valuable anti-virus and anti-spam features that macOS Mail Service provided.

Next option is what to run the replacement on. Candidiates include macOS, FreeBSD or Linux Distribution. Why my bias would be to run the mail services on FreeBSD, looking into available documemtation on this indicate that this option would appear to need a combination of Ports and Source Build build process to get the various parts working. For Ubuntu Linux it seems that the component parts can be deployed using apt based binary distributions, which greatly simplifies install and configuration of soluion.

On this basis I have opted for Ubuntu based replacement strategy.

Installing and Configuring Mail Server parts on Ubuntu

Links & References:

macOS Server Overview - provides details on what macOS Server provided before its gradual retirement started...

Apple macOS Server Notice - Apple's suggestion for replacement of macOS Server services

"macOS Server - Service Migration Guide" - Apple's developer documentation on macOS Server migration guide, which is notable for its absense of information on Mail Services

Apple Community Discussion on Mail Server Migration/Replacement - with Mail service retirement, users where left to try to figure out how to replace service. Some tried to do this while still on macOS, as discussed here. Users also recognised that replacement needs more than a single server and some elected to commercial offerings and others to try to roll their own, as discussed here.

Redhat Postfix Deployment Documentation - useful set of instructions as gets to the core Postfix configuration file setup

FreeBSD Postfix Guide - an example FreeBSD Postfix / Dovecot guide, appears complicated...

Ubuntu Postfix / Dovecot Guides - this set of Ubuntu apt based guides seems more digestible... and covers amavis and ClamAV in addition to Postfix and Dovecot

Image - from Quicksilver Messenger Service - Happy Trails Cover Art