full-configure
How to setup mail server in centos 6 ( postfix-dovecot )
This article describes how to setup a mail server in centos 6 . Here i have used three popular packages which is very easy to configure .
» Postfix ( for sending )
» Dovecot ( for receiving )
» Squirrelmail ( for webmail access )
This guide is strictly for learning purpose , not for real time servers .
Let’s start
Setup mail server in centos 6
» Installing and configuring postfix
Step 1 »Before installation assign a static ip and add a host entry for your domain to that IP in the /etc/hosts file like below.
192.168.0.15 krizna.com
Step 2 » Issue the below command to install postfix
[root@mail ~]# yum -y install postfix
Step 3 » Now issue the below command to install SMTP AUTH packages .
[root@mail ~]# yum -y install cyrus-sasl cyrus-sasl-devel cyrus-sasl-gssapi cyrus-sasl-md5 cyrus-sasl-plain
Postfix package installation is completed .
Step 4 » Issue the below commands one by one for creating SSL Cert.
[root@mail ~]# mkdir /etc/postfix/ssl
[root@mail ~]# cd /etc/postfix/ssl/
[root@mail ssl]# openssl genrsa -des3 -rand /etc/hosts -out smtpd.key 1024
[root@mail ssl]# chmod 600 smtpd.key
[root@mail ssl]# openssl req -new -key smtpd.key -out smtpd.csr
[root@mail ssl]# openssl x509 -req -days 365 -in smtpd.csr -signkey smtpd.key -out smtpd.crt
[root@mail ssl]# openssl rsa -in smtpd.key -out smtpd.key.unencrypted
[root@mail ssl]# mv -f smtpd.key.unencrypted smtpd.key
[root@mail ssl]# openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -days 365
Step 4 » Now open /etc/postfix/main.cf file .
Find and comment the below lines .
#inet_interfaces = localhost #---> line no 116
#mydestination = $myhostname, localhost.$mydomain, localhost #--> line no 164
and add these lines at the bottom of the file.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
myhostname = mail.krizna.com
mydomain = krizna.com
myorigin = $mydomain
home_mailbox = mail/
mynetworks = 127.0.0.0/8
inet_interfaces = all
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
smtpd_sasl_auth_enable = yes
smtpd_sasl_type = cyrus
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_sasl_authenticated_header = yes
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
smtpd_tls_auth_only = no
smtp_use_tls = yes
smtpd_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
Step 5 » Now open /etc/postfix/master.cf file and add the below line after smtp
1
2
3
4
5
smtps inet n - n - - smtpd
-o smtpd_sasl_auth_enable=yes
-o smtpd_reject_unlisted_sender=yes
-o smtpd_recipient_restrictions=permit_sasl_authenticated,reject
-o broken_sasl_auth_clients=yes
Step 6 » Now start postfix and saslauthd service
[root@mail ~]# service postfix start
[root@mail ~]# service saslauthd start
» Issue the below commands to start the postfix and saslauthd at startup
[root@mail ~]# chkconfig --level 235 postfix on
[root@mail ~]# chkconfig --level 235 saslauthd on
Step 7 » Now check your smtp connectivity . just telnet localhost on port 25 and type this command ehlo localhost
[root@mail ~]# telnet localhost 25
Trying ::1...
Connected to localhost.
Escape character is '^]'.
220 mail.krizna.com ESMTP Postfix
ehlo localhost <---- type this command
250-mail.krizna.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
quit
221 2.0.0 Bye
Connection closed by foreign host.
If you get this output .. Great .. everything is fine till now.
» Installing and configuring dovecot
Step 8 » Issue this command to install dovecot
[root@mail ~]# yum -y install dovecot
Step 9 » After installation open /etc/dovecot/dovecot.conf file and add the below line at the end of the file. please make sure mail_location and home_mailbox in postfix configuration are using the same name.
protocols = imap pop3
mail_location = maildir:~/mail
pop3_uidl_format = %08Xu%08Xv
Step 10 » Now start dovecot service
[root@mail ~]# service dovecot start
» Issue the below command to start the dovecot at startup
[root@mail ~]# chkconfig --level 235 dovecot on
Step 11 » Now test your pop3 connectivity .
[root@mail ~]# telnet localhost 110
Trying ::1...
Connected to localhost.
Escape character is '^]'.
+OK Dovecot ready.
quit
+OK Logging out
Connection closed by foreign host.
Yes .. your server is ready to receive mails .
» Creating users and testing
Step 11 » Now create users to test your configuration.
[root@mail ~]# useradd -m bobby -s /sbin/nologin
[root@mail ~]# useradd -m leela -s /sbin/nologin
and create passwords for the users created
[root@mail ~]# passwd bobby
[root@mail ~]# passwd leela
Step 12 » Test your configuration in thunderbird . Refer the below image for configuration details.
Step 13 » Now you can send and receive mails using this server. In case of any issues please check the log file /var/log/maillog )
your mail server is ready …
» Installing and configuring squirrelmail
Step 14 » you need to add EPEL repository to install squirrelmail package. you can find latest EPEL repository rpm here ( http://ftp.jaist.ac.jp/pub/Linux/Fedora/epel/6/i386/repoview/epel-release.html )
[root@mail ~]# rpm -ivh http://ftp.jaist.ac.jp/pub/Linux/Fedora/epel/6/i386/epel-release-6-8.noarch.rpm
Step 15 » Issue the below command to install squirrelmail.
[root@mail ~]# yum install squirrelmail
This command will install squirrelmail along with apache and php.
Step 16 » Now run the below command to configure squirrelmail .
[root@mail ~]# perl /usr/share/squirrelmail/config/conf.pl
»»» 1 »»» 1 »»» krizna (type Organization name ) »»» R ( return )
»»» 2 »»» 1 »»» ( hit space for empty Domain name ) and choose 3 »»» SMTP ( choose SMTP ) »»» R ( return )
»»» D »»» dovecot ( type ) »»» press enter with default
»»» s ( save and quit)
Step 17 » Open /etc/httpd/conf.d/squirrelmail.conf file and uncomment below lines
# RewriteCond %{HTTPS} !=on
# RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
Step 18 » start apache service
[root@mail ~]# service httpd start
» Issue the below commands to start the httpd at startup
[root@mail ~]# chkconfig --level 235 httpd on
Step 19 » Now open http://serverip/webmail path in your browser . you could able to see the below page .
and after login
If any issues with apache check this page Installing Apache2 , Mysql server and PHP on Centos 6 (LAMP)
------------------------------------------XXXXXXXXXXXXXXXXXXXX--------------------------------------------------
Setup mail server on centos 7
This article helps you to install and configure basic mail server on Centos 7. Here i have used Postfix for SMTP, Dovecot for POP/IMAP and Dovecot SASL for SMTP AUTH.
Before proceeding please make sure you have assigned static IP for the server and have internet connectivity for installing packages.
Setup mail server on centos 7
Installing packages
Step 1 » Assign hostname for the server using the below command.
[root@krizna ~]# hostnamectl set-hostname mail.krizna.com
Step 2 » Make a host entry with your IP in /etc/hosts file.
172.27.0.51 mail.krizna.com
Step 3 » Now start installing packages.
[root@krizna ~]# yum -y install postfix dovecot
After package installation continue with postfix configuration.
Postfix configuration
First create SSL certificate for encryption.
Step 4 » Follow the below steps one by one for creation.
[root@mail ~]# mkdir /etc/postfix/ssl
[root@mail ~]# cd /etc/postfix/ssl
[root@krizna ssl]# openssl genrsa -des3 -out server.key 2048
[root@krizna ssl]# openssl rsa -in server.key -out server.key.insecure
[root@krizna ssl]# mv server.key server.key.secure
[root@krizna ssl]# mv server.key.insecure server.key
Leave blank for A challenge password [] value in the below step.
[root@krizna ssl]# openssl req -new -key server.key -out server.csr
[root@krizna ssl]# openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
Step 5 » Now open /etc/postfix/main.cf file for changes.
Find and uncomment the below lines.
#inet_interfaces = localhost #---> line no 116
#mydestination = $myhostname, localhost.$mydomain, localhost #--> line no 164
and add below lines at the end of the file. change myhostname and mydomainvalues with yours and home_mailbox value to your desired directory. Here it will store mails in the users home directory (Eg: /home/john/mail ).
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
myhostname = mail.krizna.com
mydomain = krizna.com
myorigin = $mydomain
home_mailbox = mail/
mynetworks = 127.0.0.0/8
inet_interfaces = all
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
smtp_tls_security_level = may
smtpd_tls_security_level = may
smtp_tls_note_starttls_offer = yes
smtpd_tls_loglevel = 1
smtpd_tls_key_file = /etc/postfix/ssl/server.key
smtpd_tls_cert_file = /etc/postfix/ssl/server.crt
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
Step 6 » Open /etc/postfix/master.cf file, add the below lines after “smtp inet n – n – – smtpd” line.
1
2
3
4
5
6
7
8
9
10
submission inet n - n - - smtpd
-o syslog_name=postfix/submission
-o smtpd_sasl_auth_enable=yes
-o smtpd_recipient_restrictions=permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING
smtps inet n - n - - smtpd
-o syslog_name=postfix/smtps
-o smtpd_sasl_auth_enable=yes
-o smtpd_recipient_restrictions=permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING
Now check the configuration using postfix check command.
Step 7 » Now configure Dovecot SASL for SMTP Auth. Open /etc/dovecot/conf.d/10-master.conf file, find “# Postfix smtp-auth” line ( line no:95 ) and add the below lines.
# Postfix smtp-auth
unix_listener /var/spool/postfix/private/auth {
mode = 0660
user = postfix
group = postfix
}
Step 8 » Open /etc/dovecot/conf.d/10-auth.conf file, find “auth_mechanisms = plain” ( Line no: 100 ) and add login to the value like below.
auth_mechanisms = plain login
Step 9 » Postfix configuration is over. Now restart both postfix and dovecot services and enable auto start.
[root@mail ~]# systemctl restart postfix
[root@mail ~]# systemctl enable postfix
[root@mail ~]# systemctl restart dovecot
[root@mail ~]# systemctl enable dovecot
Step 10 » Add the firewall rules to allow 25, 587 and 465 ports.
[root@mail ~]# firewall-cmd --permanent --add-service=smtp
[root@mail ~]# firewall-cmd --permanent --add-port=587/tcp
[root@mail ~]# firewall-cmd --permanent --add-port=465/tcp
[root@mail ~]# firewall-cmd --reload
Now start testing connectivity for each ports 25,587 and 465 using telnet and make sure you are getting AUTH PLAIN LOGIN line after issuing ehlo mail.krizna.comcommand in telnet.
[root@mail ~]# telnet mail.krizna.com 465
Trying 172.27.0.51...
Connected to mail.krizna.com.
Escape character is '^]'.
220 mail.krizna.com ESMTP Postfix
ehlo mail.krizna.com <------- Type this command 250-mail.krizna.com 250-PIPELINING 250-SIZE 10240000 250-VRFY 250-ETRN 250-STARTTLS 250-AUTH PLAIN LOGIN 250-AUTH=PLAIN LOGIN 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN
Dovecot configuration
Start configuring Dovecot .
Step 11 » Open /etc/dovecot/conf.d/10-mail.conf file, find #mail_location = (line no : 30 ) and add the same directory which is given to home_mailbox in the postfix config file ( Step 5).
mail_location = maildir:~/mail
Step 12 » Open /etc/dovecot/conf.d/20-pop3.conf file, find and uncomment the below line ( line no : 50 ) .
pop3_uidl_format = %08Xu%08Xv
Step 13 » Restart dovecot service.
[root@mail ~]# systemctl restart dovecot
Step 14 » Add firewall rules to allow 110,143,993 and 995.
[root@mail ~]# firewall-cmd --permanent --add-port=110/tcp
[root@mail ~]# firewall-cmd --permanent --add-service=pop3s
[root@mail ~]# firewall-cmd --permanent --add-port=143/tcp
[root@mail ~]# firewall-cmd --permanent --add-service=imaps
[root@mail ~]# firewall-cmd --reload
Check the connectivity for the ports 110,143,993 and 995 using telnet.
User creation
Now create user for testing .
Step 15 » Create user with /sbin/nologin shell to restrict login access.
[root@mail ~]# useradd -m john -s /sbin/nologin
[root@mail ~]# passwd john
Mail server is ready now, Configure user in your mail client and test send/receive.