full-configure

How to setup mail server in centos 6 ( postfix-dovecot )

This article describes how to setup a mail server in centos 6 . Here i have used three popular packages which is very easy to configure .

» Postfix ( for sending )

» Dovecot ( for receiving )

» Squirrelmail ( for webmail access )

This guide is strictly for learning purpose , not for real time servers .

Let’s start

Setup mail server in centos 6

» Installing and configuring postfix

» Installing and configuring dovecot

» Creating users and testing

» Installing and configuring squirrelmail

» Installing and configuring postfix

Step 1 »Before installation assign a static ip and add a host entry for your domain to that IP in the /etc/hosts file like below.

192.168.0.15 krizna.com

Step 2 » Issue the below command to install postfix

[root@mail ~]# yum -y install postfix

Step 3 » Now issue the below command to install SMTP AUTH packages .

[root@mail ~]# yum -y install cyrus-sasl cyrus-sasl-devel cyrus-sasl-gssapi cyrus-sasl-md5 cyrus-sasl-plain

Postfix package installation is completed .

Step 4 » Issue the below commands one by one for creating SSL Cert.

[root@mail ~]# mkdir /etc/postfix/ssl

[root@mail ~]# cd /etc/postfix/ssl/

[root@mail ssl]# openssl genrsa -des3 -rand /etc/hosts -out smtpd.key 1024

[root@mail ssl]# chmod 600 smtpd.key

[root@mail ssl]# openssl req -new -key smtpd.key -out smtpd.csr

[root@mail ssl]# openssl x509 -req -days 365 -in smtpd.csr -signkey smtpd.key -out smtpd.crt

[root@mail ssl]# openssl rsa -in smtpd.key -out smtpd.key.unencrypted

[root@mail ssl]# mv -f smtpd.key.unencrypted smtpd.key

[root@mail ssl]# openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -days 365

Step 4 » Now open /etc/postfix/main.cf file .

Find and comment the below lines .

#inet_interfaces = localhost #---> line no 116

#mydestination = $myhostname, localhost.$mydomain, localhost #--> line no 164

and add these lines at the bottom of the file.

myhostname = mail.krizna.com

mydomain = krizna.com

myorigin = $mydomain

home_mailbox = mail/

mynetworks = 127.0.0.0/8

inet_interfaces = all

mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain

smtpd_sasl_auth_enable = yes

smtpd_sasl_type = cyrus

smtpd_sasl_security_options = noanonymous

broken_sasl_auth_clients = yes

smtpd_sasl_authenticated_header = yes

smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination

smtpd_tls_auth_only = no

smtp_use_tls = yes

smtpd_use_tls = yes

smtp_tls_note_starttls_offer = yes

smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key

smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt

smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem

smtpd_tls_received_header = yes

smtpd_tls_session_cache_timeout = 3600s

tls_random_source = dev:/dev/urandom

Step 5 » Now open /etc/postfix/master.cf file and add the below line after smtp

smtps inet n - n - - smtpd

-o smtpd_sasl_auth_enable=yes

-o smtpd_reject_unlisted_sender=yes

-o smtpd_recipient_restrictions=permit_sasl_authenticated,reject

-o broken_sasl_auth_clients=yes

Step 6 » Now start postfix and saslauthd service

[root@mail ~]# service postfix start

[root@mail ~]# service saslauthd start

» Issue the below commands to start the postfix and saslauthd at startup

[root@mail ~]# chkconfig --level 235 postfix on

[root@mail ~]# chkconfig --level 235 saslauthd on

Step 7 » Now check your smtp connectivity . just telnet localhost on port 25 and type this command ehlo localhost

[root@mail ~]# telnet localhost 25

Trying ::1...

Connected to localhost.

Escape character is '^]'.

220 mail.krizna.com ESMTP Postfix

ehlo localhost <---- type this command

250-mail.krizna.com

250-PIPELINING

250-SIZE 10240000

250-VRFY

250-ETRN

250-STARTTLS

250-AUTH PLAIN LOGIN

250-AUTH=PLAIN LOGIN

250-ENHANCEDSTATUSCODES

250-8BITMIME

250 DSN

quit

221 2.0.0 Bye

Connection closed by foreign host.

If you get this output .. Great .. everything is fine till now.

» Installing and configuring dovecot

Step 8 » Issue this command to install dovecot

[root@mail ~]# yum -y install dovecot

Step 9 » After installation open /etc/dovecot/dovecot.conf file and add the below line at the end of the file. please make sure mail_location and home_mailbox in postfix configuration are using the same name.

protocols = imap pop3

mail_location = maildir:~/mail

pop3_uidl_format = %08Xu%08Xv

Step 10 » Now start dovecot service

[root@mail ~]# service dovecot start

» Issue the below command to start the dovecot at startup

[root@mail ~]# chkconfig --level 235 dovecot on

Step 11 » Now test your pop3 connectivity .

[root@mail ~]# telnet localhost 110

Trying ::1...

Connected to localhost.

Escape character is '^]'.

+OK Dovecot ready.

quit

+OK Logging out

Connection closed by foreign host.

Yes .. your server is ready to receive mails .

» Creating users and testing

Step 11 » Now create users to test your configuration.

[root@mail ~]# useradd -m bobby -s /sbin/nologin

[root@mail ~]# useradd -m leela -s /sbin/nologin

and create passwords for the users created

[root@mail ~]# passwd bobby

[root@mail ~]# passwd leela

Step 12 » Test your configuration in thunderbird . Refer the below image for configuration details.

Step 13 » Now you can send and receive mails using this server. In case of any issues please check the log file /var/log/maillog )

your mail server is ready …

» Installing and configuring squirrelmail

Step 14 » you need to add EPEL repository to install squirrelmail package. you can find latest EPEL repository rpm here ( http://ftp.jaist.ac.jp/pub/Linux/Fedora/epel/6/i386/repoview/epel-release.html )

[root@mail ~]# rpm -ivh http://ftp.jaist.ac.jp/pub/Linux/Fedora/epel/6/i386/epel-release-6-8.noarch.rpm

Step 15 » Issue the below command to install squirrelmail.

[root@mail ~]# yum install squirrelmail

This command will install squirrelmail along with apache and php.

Step 16 » Now run the below command to configure squirrelmail .

[root@mail ~]# perl /usr/share/squirrelmail/config/conf.pl

»»» 1 »»» 1 »»» krizna (type Organization name ) »»» R ( return )

»»» 2 »»» 1 »»» ( hit space for empty Domain name ) and choose 3 »»» SMTP ( choose SMTP ) »»» R ( return )

»»» D »»» dovecot ( type ) »»» press enter with default

»»» s ( save and quit)

Step 17 » Open /etc/httpd/conf.d/squirrelmail.conf file and uncomment below lines

# RewriteCond %{HTTPS} !=on

# RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

Step 18 » start apache service

[root@mail ~]# service httpd start

» Issue the below commands to start the httpd at startup

[root@mail ~]# chkconfig --level 235 httpd on

Step 19 » Now open http://serverip/webmail path in your browser . you could able to see the below page .

and after login

If any issues with apache check this page Installing Apache2 , Mysql server and PHP on Centos 6 (LAMP)

------------------------------------------XXXXXXXXXXXXXXXXXXXX--------------------------------------------------

Setup mail server on centos 7

This article helps you to install and configure basic mail server on Centos 7. Here i have used Postfix for SMTP, Dovecot for POP/IMAP and Dovecot SASL for SMTP AUTH.

Before proceeding please make sure you have assigned static IP for the server and have internet connectivity for installing packages.

Setup mail server on centos 7

1. Installing packages

2. Postfix configuration

3. Dovecot configuration

4. User creation

Installing packages

Step 1 » Assign hostname for the server using the below command.

[root@krizna ~]# hostnamectl set-hostname mail.krizna.com

Step 2 » Make a host entry with your IP in /etc/hosts file.

172.27.0.51 mail.krizna.com

Step 3 » Now start installing packages.

[root@krizna ~]# yum -y install postfix dovecot

After package installation continue with postfix configuration.

Postfix configuration

First create SSL certificate for encryption.

Step 4 » Follow the below steps one by one for creation.

[root@mail ~]# mkdir /etc/postfix/ssl

[root@mail ~]# cd /etc/postfix/ssl

[root@krizna ssl]# openssl genrsa -des3 -out server.key 2048

[root@krizna ssl]# openssl rsa -in server.key -out server.key.insecure

[root@krizna ssl]# mv server.key server.key.secure

[root@krizna ssl]# mv server.key.insecure server.key

Leave blank for A challenge password [] value in the below step.

[root@krizna ssl]# openssl req -new -key server.key -out server.csr

[root@krizna ssl]# openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

Step 5 » Now open /etc/postfix/main.cf file for changes.

Find and uncomment the below lines.

#inet_interfaces = localhost #---> line no 116

#mydestination = $myhostname, localhost.$mydomain, localhost #--> line no 164

and add below lines at the end of the file. change myhostname and mydomainvalues with yours and home_mailbox value to your desired directory. Here it will store mails in the users home directory (Eg: /home/john/mail ).

myhostname = mail.krizna.com

mydomain = krizna.com

myorigin = $mydomain

home_mailbox = mail/

mynetworks = 127.0.0.0/8

inet_interfaces = all

mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain

smtpd_sasl_type = dovecot

smtpd_sasl_path = private/auth

smtpd_sasl_local_domain =

smtpd_sasl_security_options = noanonymous

broken_sasl_auth_clients = yes

smtpd_sasl_auth_enable = yes

smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination

smtp_tls_security_level = may

smtpd_tls_security_level = may

smtp_tls_note_starttls_offer = yes

smtpd_tls_loglevel = 1

smtpd_tls_key_file = /etc/postfix/ssl/server.key

smtpd_tls_cert_file = /etc/postfix/ssl/server.crt

smtpd_tls_received_header = yes

smtpd_tls_session_cache_timeout = 3600s

tls_random_source = dev:/dev/urandom

Step 6 » Open /etc/postfix/master.cf file, add the below lines after “smtp inet n – n – – smtpd” line.

submission inet n - n - - smtpd

-o syslog_name=postfix/submission

-o smtpd_sasl_auth_enable=yes

-o smtpd_recipient_restrictions=permit_sasl_authenticated,reject

-o milter_macro_daemon_name=ORIGINATING

smtps inet n - n - - smtpd

-o syslog_name=postfix/smtps

-o smtpd_sasl_auth_enable=yes

-o smtpd_recipient_restrictions=permit_sasl_authenticated,reject

-o milter_macro_daemon_name=ORIGINATING

Now check the configuration using postfix check command.

Step 7 » Now configure Dovecot SASL for SMTP Auth. Open /etc/dovecot/conf.d/10-master.conf file, find “# Postfix smtp-auth” line ( line no:95 ) and add the below lines.

# Postfix smtp-auth

unix_listener /var/spool/postfix/private/auth {

mode = 0660

user = postfix

group = postfix

}

Step 8 » Open /etc/dovecot/conf.d/10-auth.conf file, find “auth_mechanisms = plain” ( Line no: 100 ) and add login to the value like below.

auth_mechanisms = plain login

Step 9 » Postfix configuration is over. Now restart both postfix and dovecot services and enable auto start.

[root@mail ~]# systemctl restart postfix

[root@mail ~]# systemctl enable postfix

[root@mail ~]# systemctl restart dovecot

[root@mail ~]# systemctl enable dovecot

Step 10 » Add the firewall rules to allow 25, 587 and 465 ports.

[root@mail ~]# firewall-cmd --permanent --add-service=smtp

[root@mail ~]# firewall-cmd --permanent --add-port=587/tcp

[root@mail ~]# firewall-cmd --permanent --add-port=465/tcp

[root@mail ~]# firewall-cmd --reload

Now start testing connectivity for each ports 25,587 and 465 using telnet and make sure you are getting AUTH PLAIN LOGIN line after issuing ehlo mail.krizna.comcommand in telnet.

[root@mail ~]# telnet mail.krizna.com 465

Trying 172.27.0.51...

Connected to mail.krizna.com.

Escape character is '^]'.

220 mail.krizna.com ESMTP Postfix

ehlo mail.krizna.com <------- Type this command 250-mail.krizna.com 250-PIPELINING 250-SIZE 10240000 250-VRFY 250-ETRN 250-STARTTLS 250-AUTH PLAIN LOGIN 250-AUTH=PLAIN LOGIN 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN

Dovecot configuration

Start configuring Dovecot .

Step 11 » Open /etc/dovecot/conf.d/10-mail.conf file, find #mail_location = (line no : 30 ) and add the same directory which is given to home_mailbox in the postfix config file ( Step 5).

mail_location = maildir:~/mail

Step 12 » Open /etc/dovecot/conf.d/20-pop3.conf file, find and uncomment the below line ( line no : 50 ) .

pop3_uidl_format = %08Xu%08Xv

Step 13 » Restart dovecot service.

[root@mail ~]# systemctl restart dovecot

Step 14 » Add firewall rules to allow 110,143,993 and 995.

[root@mail ~]# firewall-cmd --permanent --add-port=110/tcp

[root@mail ~]# firewall-cmd --permanent --add-service=pop3s

[root@mail ~]# firewall-cmd --permanent --add-port=143/tcp

[root@mail ~]# firewall-cmd --permanent --add-service=imaps

[root@mail ~]# firewall-cmd --reload

Check the connectivity for the ports 110,143,993 and 995 using telnet.

User creation

Now create user for testing .

Step 15 » Create user with /sbin/nologin shell to restrict login access.

[root@mail ~]# useradd -m john -s /sbin/nologin

[root@mail ~]# passwd john

Mail server is ready now, Configure user in your mail client and test send/receive.