Posted on by Steve Bar Yakov Gindi

Set up a Postfix Mail Server With Dovecot and Squirrelmail on Ubuntu 16.04 – 1&1

Views: 1772

Simple setup for Postfix without MySql. I am following directions from link at the end.

Antique Red Old Vintage Letter Classic Mailbox

Firewall Access

You will need to set your firewall(s) to allow access to the following ports:

  • SMTP: 25
  • POP3: 110
  • IMAP: 143
  • SMTP Secure: 465
  • MSA: 587
  • IMAP Secure: 993
  • POP3 Secure: 995

Configure Postfix

After the installation is complete, run the command to configure Postfix:

sudo dpkg-reconfigure postfix

....

Create an SSL Certificate

We will create a self-signed SSL certificate to secure incoming and outgoing email connections:

sudo openssl req -x509 -nodes -newkey rsa:2048 -keyout mailserver.key -out mailserver.crt -nodes -days 365

sudo openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -days 3650

Answer the questions at the prompts, or just hit [Enter] to leave an answer blank. This command will create two files: mailserver.key and mailserver.crt.

Create a folder for the SSL certificate files:

sudo mkdir /etc/postfix/ssl

Then move the files into this folder:

sudo mv mailserver.key /etc/postfix/ssl
sudo mv mailserver.crt /etc/postfix/ssl
sudo mv cakey.pem /etc/postfix/ssl
sudo mv cacert.pem /etc/postfix/ssl

Set Up SMTP AUTH

SMTP AUTH is a basic method of securing your mail server. We strongly recommend the use of SMTP AUTH on all mail servers.

To begin, use the following commands to configure Postfix to use SMTP AUTH:

sudo postconf -e 'smtpd_sasl_local_domain ='
sudo postconf -e 'smtpd_sasl_auth_enable = yes'
sudo postconf -e 'smtpd_sasl_security_options = noanonymous'
sudo postconf -e 'broken_sasl_auth_clients = yes'
sudo postconf -e 'smtpd_recipient_restrictions =  permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination'
sudo postconf -e 'inet_interfaces = all'
sudo postconf -e 'smtp_tls_security_level = may'
sudo postconf -e 'smtpd_tls_security_level = may'
sudo postconf -e 'smtpd_tls_auth_only = no'
sudo postconf -e 'smtp_tls_note_starttls_offer = yes'
sudo postconf -e 'smtpd_tls_key_file = /etc/postfix/ssl/mailserver.key'
sudo postconf -e 'smtpd_tls_cert_file = /etc/postfix/ssl/mailserver.crt'
sudo postconf -e 'smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem'
sudo postconf -e 'smtpd_tls_loglevel = 1'
sudo postconf -e 'smtpd_tls_received_header = yes'
sudo postconf -e 'smtpd_tls_session_cache_timeout = 3600s'
sudo postconf -e 'tls_random_source = dev:/dev/urandom'

Replace example.com with your own domain name:

sudo postconf -e 'myhostname = example.com'

Next, create the file /etc/postfix/sasl/smtpd.conf and open it for editing:

sudo nano /etc/postfix/sasl/smtpd.conf

Add the following content:

pwcheck_method: saslauthd
mech_list: plain login

After you have finished configuring Postfix, restart the Postfix daemon with the command:

sudo systemctl restart postfix

Install SASL

Postfix will use SASL to handle the authentication with SMTP AUTH. Now that Postfix has been configured to use SMTP AUTH, install SASL with the command:

sudo apt-get install libsasl2-2 sasl2-bin libsasl2-modules

After the installation is done, edit /etc/default/saslauthd:

sudo nano /etc/default/saslauthd

Scroll down to the line:

# Should saslauthd run automatically on startup? (default: no)
START=no

Change START to yes:

# Should saslauthd run automatically on startup? (default: no)
START=yes

Below that line, add the following three lines:

PWDIR="/var/spool/postfix/var/run/saslauthd"
PARAMS="-m ${PWDIR}"
PIDFILE="${PWDIR}/saslauthd.pid"

Scroll down to the bottom of the file to the line:

OPTIONS="-c -m /var/run/saslauthd"

Change the last line to read:

OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd"

Save and exit the file.

Next, run the following command to update the dpkg state:

sudo dpkg-statoverride --force --update --add root sasl 755 /var/spool/postfix/var/run/saslauthd

Note: If you get an error message that /var/spool/postfix/var/run/saslauthd does not exist, ignore it. This directory will be created when you start the SASL daemon.

Create a symlink for the config file:

sudo ln -s /etc/default/saslauthd /etc/saslauthd

And finally, start the SASL daemon:

sudo /etc/init.d/saslauthd start

...

Install and Configure Dovecot

Dovecot is the default POP3/IMAP server for Ubuntu, and is installed on most Ubuntu 16.04 servers by default. Update Dovecot and install the imapd package with the command:

sudo apt-get install dovecot-core dovecot-imapd

You can check on the status of Dovecot with the command:

sudo systemctl status dovecot

If Dovecot is running, you will see output similar to:

[user@mail dovecot]$ sudo systemctl status dovecot -l
● dovecot.service - Dovecot IMAP/POP3 email server
   Loaded: loaded (/usr/lib/systemd/system/dovecot.service; disabled; vendor preset: disabled)
   Active: active (running) since Thu 2016-12-08 21:04:48 UTC; 3s ago
  Process: 8985 ExecStartPre=/usr/libexec/dovecot/prestartscript (code=exited, status=0/SUCCESS)
 Main PID: 8989 (dovecot)
   CGroup: /system.slice/dovecot.service
           ├─8989 /usr/sbin/dovecot -F
           ├─8992 dovecot/anvil
           ├─8993 dovecot/log
           └─8995 dovecot/config

Dec 08 21:04:48 example.com systemd[1]: Starting Dovecot IMAP/POP3 email server...
Dec 08 21:04:48 example.com systemd[1]: Started Dovecot IMAP/POP3 email server.
Dec 08 21:04:48 example.com dovecot[8989]: master: Dovecot v2.2.10 starting up for imap (core dumps disabled)

Note the line that reads:

Active: active (running) since Thu 2016-12-08 21:04:48 UTC; 3s ago

This means that Dovecot is installed and running.

Set the permissions on the /var/mail directory so that Dovecot can create folders for new users:

sudo chmod 777 /var/mail

 

Source: Set up a Postfix Mail Server With Dovecot and Squirrelmail on Ubuntu 16.04 – 1&1

Leave a Reply

Privacy Policy