A mail server is a combination of two different types of software:
1. An SMTP server for receiving mail and forwarding it onwards (relay) or delivering it to the final recipient. This part is called a Mail Transfer Agent (MTA).
2. A POP or IMAP server for allowing a user to retrieve mail to a mail handling program (an MUA or Mail User Agent).
An example of MTAs are qmail, postfix, exim or sendmail, while an example of MUAs are kmail, evolution or thunderbird. POP or IMAP servers are cyrus, dovecot or courier.
In order to have your own mail server, you need to setup your local MTA to accept mail for your domain. By default, MTAs are usually setup to handle local mail only. That means that you will be able to recieve mail sent via the SMTP server directly to an existing user on your own machine.
Most distros usually have a firewall in place that prevents external connections to the SMTP port (tcp/25), so if you want to handle mail from outside your LAN, you need to make sure that the relevant port is open on your firewall.
Most MTAs are usually configured to refuse relays. This means, that you will not be able to send any non-local mail from your SMTP server. This is done as an attempt to prevent spammers from using your computer as an open relay to spamming their victims. Most MTAs can be configured to allow external relays only after the sender has authenticated to the MTA.
If you want to be able to use an MUA like kmail or thunderbird to read your mail, you need to expose the mail via a POP or IMAP server. For home use, I recommend the dovecot IMAP server - it's pretty easy to setup, and it's relativly fast. You should read up on the differences between POP and IMAP, and choose which protocol you prefer.
Regarding your questions:
1) Where are remotely recieved messages stored by default?
2) Are messages automatically stored? Theoretically, everyone could send anything, and that is quite a security issue... How is it checked?
3) What else do I need to set up?
1. There are a few possibilities. The first, most common, is /var/spool/mail/<username> and the second most common is /home/<user>/Maildir . The differences are that the first uses the mbox file standard, and the second uses Maildir. Each method has it's pros and cons, but generally Maildir is considered better because it's easier to read and write. Of course, you can set it up any way you want with most MTA software.
2. Messages to local users are automatically stored until you run out of disk space. Most MTAs limit the size of a single mail message, and some MTAs support quotas on mail boxes. You should also install an antivirus mail filter like CLAMAV and a spam filter like spamassasin for best effects.
3. See above.
Hope this helped.