Leaving Google: Difference between revisions

From Wildsong
Jump to navigationJump to search
Brian Wilson (talk | contribs)
Brian Wilson (talk | contribs)
mNo edit summary
 
(17 intermediate revisions by the same user not shown)
Line 1: Line 1:
I have to abandon keeping Wildsong.biz on Google Mail
IMAP settings w6gkd.w6gkd.radio port 993 with SSL/TLS, use your USERNAME not email and system password.
because over the years Google evolved the service offering from being
just email to being a "suite" of tools that I don't need or want,
and then finally used the "suite" as a justification for it to be a for-pay only service.
All that's fair, but I am not motivated to pay for the service.


I am setting up map46.com and w6gkd.radio domains for starters to test everything.
SMTP settings use same FQDN and use port 587 with STARTTLS and the same credentials. I had to add port 465 support for Blue Mail. I used "AUTOMATIC".


For now,
'''2023-09-23''' I've had my fun watching the spam in my mailbox, it's a fraction of what I used to get. Time to crank up Amavisd. Go see [[Postfix]].


# Set up new gmail accounts
'''2023-02-19''' I am now in "production" mode, my live email runs through the VPS. I am moving the Postfix server set up information to the [[Postfix]] page. Today's goal is to set up the spam filter.
# Forward from existing wildsong accounts to new gmail accounts
# Set up email forwarder for wildsong.biz
# Move devices (phones and tablets) to new addresses


I have a VPS at Tektonic.net as the mail server. It's on the Internet all the time even when I trip and kick the wires out of the wall here at home.
'''2023-02-05'''


As my SMTP server I will be using Postfix, along with its friends Postgrey, SpamAssassin and ClamAV.
Postfix and Dovecot run on the VPS


== Checklist ==
[https://roundcube.wildsong.biz Roundcube] runs at home on [[Bellman]]. I don't use it.


'''Hostname''' "hostname -f" should show the FQDN, which is w6gkd.w6gkd.radio
Thunderbird is installed on [[Murre]] and [[Plover]] but I don't use it.  
Set FQDN in /etc/hosts


'''Firewall?''' No. I am currently running fail2ban but have no firewall as such right now, which is fine for this server.
I use Bluemail on my tablet. On my phone I use well... I use a [[Sunbeam F1]] flip phone.
I'd need to make sure port 25 is open.


'''System time.''' It is on UTC. Change it. Install NTP.  
I need a contact database.  


timedatectl set-timezone America/Los_Angeles
'''2023-01-31''' Unsubscribed. Wildsong.biz mail now gets forwarded through w6gkd.radio.
apt install ntp
systemctl status ntp


'''Syslog'''
Google has evolved from being an email service for Wildsong.biz to being a "suite" of tools that I don't need or want. A few months ago they announced it would be a  for-pay only service. All that's fair, but I am not motivated to pay for the service. I am sure accounts like mine are just a money sink for them anyway even when I pay.
I think it is already set up. See /var/log/mail*


'''DNS''' is at Cloudflare. "dig w6gkd.radio MX" tells me it's pointed at the right place.
I set up map46.com and w6gkd.radio domains for starters to test everything. At this point I am almost ready to flip wildsong.biz mail over. I still need to pull all my files and photos out. For now I am migrating to plain gmail accounts.
The names "mail", "smtp", and "imap" should be CNAMEs fpr w6gkd.w6gkd.radio


The reverse needs a PTR record in place at the ISP. I did this via a ticket with Tektonic. It now returns w6gkd.w6gkd.radio
The steps, overall,


SMTP authentication - so I can forward mail from Google (and my own servers).
# Set up new gmail accounts for each of my users. ('''done''')
https://www.bluehost.com/help/article/email-client-enable-smtp-authentication
# (On Google), forward from the existing wildsong accounts to new gmail accounts (2/3's done. Doing mine today. 1/1/23)
# Set up email forwarder for wildsong.biz on my Tektonic VPS. ('''done''')
# Move devices (phones and tablets) to new addresses. (2/3 done, in the meantime I abandoned my smartphone for a Sunbeam F1 so '''done'''.)
# Google Voice: I have try to initiate a transfer of the number over to Twilio. I have not heard back from Twilio yet. There is a $3 port out fee.


My standard TXT record for email, V=SPF1 +A +MX -ALL
I have a VPS at Tektonic.net as the mail server. It's on the Internet all the time even when I trip and kick the wires out of the wall here at home.


Server: mail.DOMAINNAME
As my SMTP server I will be using Postfix, along with its friends Postgrey, SpamAssassin and ClamAV.
Port: 465 with SSL


TLS Certificate
== Google accounts ==


=== Install and configure Postfix ===
=== Move mail from one gmail account to another ===
Google uses POP3 to transfer mail between accounts.


Out goes Exim4, in with Postfix.
In the old account you have to '''allow "less secure" apps. You also have to disable two factor auth.''' Stupid, huh?
I tried putting it in Docker, sigh, maybe later for that.


apt remove exim4-base exim4-config exim4-daemon-light
Then you have to set up POP3 in Accounts to tell the new account to do the import. It really did take 1-2 days for it to happen. Use your [/cdn-cgi/l/email-protection <nowiki>[email protected]</nowiki>] to log in to the old server, use the same login [/cdn-cgi/l/email-protection <nowiki>[email protected]</nowiki>] and the POP server of pop.gmail.com, port 995, TLS security ON.
apt install postfix postgrey clamav spamassassin


[https://acm.percipio.com/books/b8d57580-f219-11e6-b0e2-0242c0a80804 The Book of Postfix]
The process is not documented by Google, it's described in a
[https://support.google.com/mail/thread/8805971/server-denied-pop3-access-for-the-given-username-and-password-i-have-tried-everything-need-help?hl=en community posting.]


Configure in /etc/postfix especially main.cf
Google's process to describe transferring mail is described by a user, not by Google.  


=== Testing ===
=== Forward mail from old account to new one ===
Next you set the old account to forward all mail to the new one. If you do this before setting POP3 it will switch off mysteriously by itself. Do it after.


To send mail on the host, I want the address to have the domain not the hostname,
=== Copy files ===
The short term strategy to preserve content by moving to a new gmail account. The longer term strategy


date | mail bwilson
==== Short term: Move Google Drive ====


should go to bwilson@w6gkd.radio not [email protected]
==== Short term: Move Google Photos ====
Make the new account and the old one "partners" and "share everything."


This is controlled by "mail" NOT postfix. So put this in /etc/mailutils.conf
==== Long term: Download ====
I am supposed to be able to copy all content in one go, but apparently I do not have the right sliver key to do that. Or maybe it's a vorpal sword? So, I am installing "grive" on Bellman. In a Docker.


address {
cd docker/grive
    email-domain w6gkd.radio;
}


# Can I send from w6gkd.radio?
== VPS set up ==
# Can I send to [email protected]?
# Are the letsencrypt keys working?


/etc/cron.weekly runs /usr/local/sbin/renew_certs.sh
'''Hostname''' "hostname -f" should show the FQDN, which is '''w6gkd.w6gkd.radio''' Set FQDN in /etc/hosts


See /etc/letsencrypt/live to see what is set up
'''Firewall?''' No. I am currently running fail2ban but have no firewall as such right now, which is fine for this server. I'd need to make sure port 25 is open.


=== Filters ===
'''System time.''' It is on UTC. Change it. Install NTP.
 
timedatectl set-timezone America/Los_Angeles
apt install ntp
systemctl status ntp


* Postgrey -- https://postgrey.schweikert.ch/
'''Syslog'''
* Spamassassin -- https://spamassassin.apache.org/
I think it is already set up. See /var/log/mail*
* ClamAV -- Antivirus / malware -- https://www.clamav.net/


=== IMAP - Dovecot ===
'''DNS''' is at Cloudflare. "dig w6gkd.radio MX" tells me it's pointed at the right place.
The names "mail", "smtp", and "imap" should be CNAMEs fpr w6gkd.w6gkd.radio


I am inclined to install dovecot, mysql, and elastic search in Docker containers
The reverse needs a PTR record in place at the ISP. I did this via a ticket with Tektonic. It now returns w6gkd.w6gkd.radio
Docker based installations are so clean and flexible.


== Forward mail from one gmail account to another ==
SMTP authentication - so I can forward mail from Google (and my own servers).
https://www.bluehost.com/help/article/email-client-enable-smtp-authentication


My standard TXT record for email, V=SPF1 +A +MX -ALL


== Move mail from one gmail account to another ==
Server: mail.DOMAINNAME
Port: 465 with SSL


Google uses POP3 to transfer mail between accounts.
TLS Certificate
Strangely Google does not allow Google to import mail from Google.
In the old account you have to allow "less secure" apps and do a captcha thing.
The process is not documented by Google, it's described in a
[https://support.google.com/mail/thread/8805971/server-denied-pop3-access-for-the-given-username-and-password-i-have-tried-everything-need-help?hl=en community posting.]


Google's process to describe transferring mail is described by a user, not by Google.
=== Install and configure Postfix ===
Whatever.
Information here moved to the [[Postfix]] page.


[[Category: System Administration]]
[[Category: System Administration]]

Latest revision as of 15:44, 23 September 2023

IMAP settings w6gkd.w6gkd.radio port 993 with SSL/TLS, use your USERNAME not email and system password.

SMTP settings use same FQDN and use port 587 with STARTTLS and the same credentials. I had to add port 465 support for Blue Mail. I used "AUTOMATIC".

2023-09-23 I've had my fun watching the spam in my mailbox, it's a fraction of what I used to get. Time to crank up Amavisd. Go see Postfix.

2023-02-19 I am now in "production" mode, my live email runs through the VPS. I am moving the Postfix server set up information to the Postfix page. Today's goal is to set up the spam filter.

2023-02-05

Postfix and Dovecot run on the VPS

Roundcube runs at home on Bellman. I don't use it.

Thunderbird is installed on Murre and Plover but I don't use it.

I use Bluemail on my tablet. On my phone I use well... I use a Sunbeam F1 flip phone.

I need a contact database.

2023-01-31 Unsubscribed. Wildsong.biz mail now gets forwarded through w6gkd.radio.

Google has evolved from being an email service for Wildsong.biz to being a "suite" of tools that I don't need or want. A few months ago they announced it would be a for-pay only service. All that's fair, but I am not motivated to pay for the service. I am sure accounts like mine are just a money sink for them anyway even when I pay.

I set up map46.com and w6gkd.radio domains for starters to test everything. At this point I am almost ready to flip wildsong.biz mail over. I still need to pull all my files and photos out. For now I am migrating to plain gmail accounts.

The steps, overall,

  1. Set up new gmail accounts for each of my users. (done)
  2. (On Google), forward from the existing wildsong accounts to new gmail accounts (2/3's done. Doing mine today. 1/1/23)
  3. Set up email forwarder for wildsong.biz on my Tektonic VPS. (done)
  4. Move devices (phones and tablets) to new addresses. (2/3 done, in the meantime I abandoned my smartphone for a Sunbeam F1 so done.)
  5. Google Voice: I have try to initiate a transfer of the number over to Twilio. I have not heard back from Twilio yet. There is a $3 port out fee.

I have a VPS at Tektonic.net as the mail server. It's on the Internet all the time even when I trip and kick the wires out of the wall here at home.

As my SMTP server I will be using Postfix, along with its friends Postgrey, SpamAssassin and ClamAV.

Google accounts

Move mail from one gmail account to another

Google uses POP3 to transfer mail between accounts.

In the old account you have to allow "less secure" apps. You also have to disable two factor auth. Stupid, huh?

Then you have to set up POP3 in Accounts to tell the new account to do the import. It really did take 1-2 days for it to happen. Use your [/cdn-cgi/l/email-protection [email protected]] to log in to the old server, use the same login [/cdn-cgi/l/email-protection [email protected]] and the POP server of pop.gmail.com, port 995, TLS security ON.

The process is not documented by Google, it's described in a community posting.

Google's process to describe transferring mail is described by a user, not by Google.

Forward mail from old account to new one

Next you set the old account to forward all mail to the new one. If you do this before setting POP3 it will switch off mysteriously by itself. Do it after.

Copy files

The short term strategy to preserve content by moving to a new gmail account. The longer term strategy

Short term: Move Google Drive

Short term: Move Google Photos

Make the new account and the old one "partners" and "share everything."

Long term: Download

I am supposed to be able to copy all content in one go, but apparently I do not have the right sliver key to do that. Or maybe it's a vorpal sword? So, I am installing "grive" on Bellman. In a Docker.

cd docker/grive

VPS set up

Hostname "hostname -f" should show the FQDN, which is w6gkd.w6gkd.radio Set FQDN in /etc/hosts

Firewall? No. I am currently running fail2ban but have no firewall as such right now, which is fine for this server. I'd need to make sure port 25 is open.

System time. It is on UTC. Change it. Install NTP.

timedatectl set-timezone America/Los_Angeles
apt install ntp
systemctl status ntp

Syslog I think it is already set up. See /var/log/mail*

DNS is at Cloudflare. "dig w6gkd.radio MX" tells me it's pointed at the right place. The names "mail", "smtp", and "imap" should be CNAMEs fpr w6gkd.w6gkd.radio

The reverse needs a PTR record in place at the ISP. I did this via a ticket with Tektonic. It now returns w6gkd.w6gkd.radio

SMTP authentication - so I can forward mail from Google (and my own servers). https://www.bluehost.com/help/article/email-client-enable-smtp-authentication

My standard TXT record for email, V=SPF1 +A +MX -ALL

Server: mail.DOMAINNAME
Port: 465 with SSL

TLS Certificate

Install and configure Postfix

Information here moved to the Postfix page.