Postfix + Dovecot mailserver on Ubuntu
Tested on Ubuntu 12.10 VPS
We will create simple mailserver using postfix and dovecot. In current example we will use secure pop3 and smtp.
You should act as user so we are not adding this annoying "sudo" at the beginning of each command.
Postfix
Install postfix
apt-get remove sendmail apt-get install postfix
NOTE: if you got the error: Package 'postfix' has no installation candidate. You should update the APT’s database:
apt-get update apt-get upgrade
Usually postfix will show you the initial config "ui" . But you can check and reconfigure in case something wrong :
dpkg-reconfigure postfix
Check the next details and change in case it neccessary:
Mail server configuration type: “Internet Site”. System mail name: mydomain.com Root and postmaster mail recipient: leave blank Other destinations to accept mail for: Add mydomain.com to the beginning of this comma-separated list. Force synchronous updates?: No Local networks: (All local subnets + Your Server IP Subnet)Usually you should add : <YourIP>/32 Use procmail?: No Mailbox size limit: “0″ Local address extension character: Leave as default. Internet protocols to use: all
Create first user that will be used for mail. Let;s create user "test" with password "test1" . Change this password to more complex.
useradd test passwd test
Create the place for user test mail.We will use Maildir format:
mkdir /home/test/Maildir postconf -e 'home_mailbox = Maildir/' export MAIL=/home/test/Maildir service postfix restart
Just to be sure that sendmail is stopped make the next:
service sendmail stop service postfix restart
Lets test if transport system working properly:
#telnet localhost 25 Trying 127.0.0.1... Connected to localhost.localdomain. Escape character is '^]'. 220 mail.vpsget.us ESMTP Postfix (Ubuntu)
Send yourself a test message:
>ehlo localhost >mail from: root@localhost 250 2.1.0 Ok >rcpt to: test@localhost 250 2.1.5 Ok >data >Subject: testmail >test 123 >. 250 2.0.0 Ok: queued as 51A803C4B0AB >quit 221 2.0.0 Bye Connection closed by foreign host. You have mail in /home/test/Maildir
You can view this message with "mail" command. To use mail command install if not installed:
apt-get install heirloom-mailx apt-get install mailutils
Run mail.you should see the subject line of your message. Press 1 and Enter to read it.
mail Heirloom mailx version 12.5 6/20/10. Type ? for help. "/home/test/Maildir": 1 message 1 new >N 1 root@localhost Mon Jun 16 10:32 13/403 testmail ? 1
On this step postfix is working properly.
Dovecot
Now we need to install dovecot ,We will use mail storage with dovecot
apt-get install dovecot-imapd apt-get install dovecot-common
You also could install pop3d:
apt-get install dovecot-pop3d
Check dovecot dpkg:
dpkg -l | grep dovecot dovecot-common 1:2.1.7-1ubuntu2.1 all Transitional package for dovecot dovecot-core 1:2.1.7-1ubuntu2.1 i386 secure mail server that supports mbox, maildir, dbox and mdbox mailboxes dovecot-imapd 1:2.1.7-1ubuntu2.1
Config /etc/dovecot/dovecot.conf
protocols = imap mail_location = maildir:~/Maildir
Sure you can change imap to pop3 if you like.
Check auth parameters in configfile etc/dovecot/conf.d/10-auth.conf
auth_mechanisms = plain login
Set maillocation in /etc/dovecot/conf.d/10-mail.conf
mail_location = maildir:~/Maildir
Add/uncomment the next config lines in appropriate section /etc/dovecot/conf.d/10-master.conf
unix_listener /var/spool/postfix/private/auth { mode = 0666 user = postfix #sometimes can be disabled }
Just for check you can list mailboxes:
doveadm mailbox list
Set prmissions on "test" mailbox (if Data source for users, homes and IDs set to Standard Unix user database)
chown test:test /home/test/Maildir chmod -R 700 /home/test/Maildir
Set up the mail storage hierarchy
maildirmake.dovecot /etc/skel/Maildir maildirmake.dovecot /etc/skel/Maildir/.Drafts maildirmake.dovecot /etc/skel/Maildir/.Sent maildirmake.dovecot /etc/skel/Maildir/.Trash maildirmake.dovecot /etc/skel/Maildir/.Templates cp -r /etc/skel/Maildir /home/test chown -R test /home/test/Maildir chmod -R 700 /home/test/Maildir
Start dovecot:
service dovecot start
take a look on listened ports:
netstat -tulp netstat -tulpn
Test dovecot with telnet:
telnet localhost imap Connected to localhost.localdomain. Escape character is '^]'. * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready.
Security SASL Auth Install SASL modules:
apt-get install libsasl2-modules
Also be sure that next packages installed:
apt-get install libsasl2-2 apt-get install sasl2-bin
Edit /etc/default/saslauthd
START=yes PWDIR="/var/spool/postfix/var/run/saslauthd" PARAMS="-m ${PWDIR}" PIDFILE="${PWDIR}/saslauthd.pid" OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd"
Enable SASL in your postfix config:
postconf -e 'smtpd_sasl_local_domain =' postconf -e 'smtpd_sasl_auth_enable = yes' postconf -e 'smtpd_sasl_security_options = noanonymous' postconf -e 'broken_sasl_auth_clients = yes'
Set the access restrictions for sending mail on the server:
postconf -e 'smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination' postconf -e 'inet_interfaces = all'
This line tells Postfix that our server will automatically accept mail from authenticated users (like your mail client), OR on any device connected to our own network, because we know they can be trusted.
Start SASL:
dpkg-statoverride --force --update --add root sasl 755 /var/spool/postfix/var/run/saslauthd service saslauthd start
Test SASL:
telnet localhost 25 ehlo localhost
you should receive 250-STARTTLS as one of the responses.
Dovecot: allow clients to connect to it in a secure way. Edit /etc/dovecot/conf.d/10-ssl.conf:
ssl = required ssl_cert_file = </etc/ssl/certs/ssl-cert-snakeoil.pem ssl_key_file = </etc/ssl/private/ssl-cert-snakeoil.key
Rrestart dovecot. You can test your mail client now. Set mail.mydomain.com as both your incoming (IMAP) and outgoing (SMTP) mail server. Make sure IMAP is using port 143, and SMTP is using port 25 or 587, whichever you chose in the Postfix configuration.