CentOS 5 Install & Configure Postfix/Dovecot
Here is how to install a mail server on CentOS 5.2.
FIRST, MAKE SURE SENDMAIL IS UNINSTALLED:
> yum remove sendmail
We want to use Postfix as our mail transfer agent (MTA) because it is simpler to configure.
INSTALL POSTFIX:
> yum install postfix
> vi /etc/postfix/main.cf
myhostname = host.domain.com
mydomain = domain.com
myorigin = $mydomain
inet_interfaces = all
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
relay_domains = $mydestination
EDIT THE POSTTFIX CONFIGURATION FILES:
Make sure the myhostname and mydomain parameters are set correctly. Check the /etc/hosts and /etc/sysconfig/network files and use the “hostname” command to make sure network configurations are correct.
START POSTFIX:
> /etc/init.d/postfix start
Starting postfix: [ OK ]
> telnet localhost smtp
Trying 127.0.0.1…
Connected to localhost.localdomain (127.0.0.1).
Escape character is ‘^]’.
220 host.domain.com ESMTP Postfix
> ehlo host
250-host.domain.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
> mail from: mnguyen
250 2.1.0 Ok
> rcpt to: mnguyen
250 2.1.5 Ok
> data
354 End data with <CR><LF>.<CR><LF>
> test
> .
250 2.0.0 Ok: queued as 1869B10145
> quit
221 2.0.0 Bye
Connection closed by foreign host.
TEST POSTFIX:
Log into the server via telnet, check for an extended hello response, send a test message, and quit.
INSTALL DOVECOT:
> yum install dovecot
We can send or check for messages locally if a client like mailx is installed. However, we will install a POP3 server so we can send or check for messages remotely from a client such as Outlook, Lotus Notes, or Thunderbird.
CONFIGURE DOVECOT:
> vi /etc/dovecot.conf
protocols = pop3 pop3s imap imaps
mail_location = mbox:~/mail:INBOX=/var/mail/%u
pop3_uidl_format = %08Xu%08Xv
imap_client_workarounds = delay-newmail outlook-idle netscape-eoh
pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
We need to enable the POP3 protocol because it is not enabled by default. We will use the mbox mailbox format. We will also enable the built-in client workarounds.
START DOVECOT:
> /etc/init.d/dovecot start
Starting Dovecot Imap: [ OK ]
> telnet localhost pop3
Trying 127.0.0.1…
Connected to localhost.localdomain (127.0.0.1).
Escape character is ‘^]’.
+OK Dovecot ready.
> user mnguyen
+OK
> pass password
+OK Logged in.
> list
+OK 1 messages:
1 488
.
> retr 1
+OK 488 octets
Return-Path: <mnguyen@host.domain.com>
X-Original-To: mnguyen
Delivered-To: mnguyen@host.domain.com
Received: from localhost.localdomain (localhost.localdomain [127.0.0.1])
by host.domain.com (Postfix) with SMTP id 1869B10145
for <mnguyen>; Thu, 9 Oct 2008 14:12:03 -0400 (EDT)
Message-Id: <20081009181211.1869B10145@host.domain.com>
Date: Thu, 9 Oct 2008 14:12:03 -0400 (EDT)
From: mnguyen@host.domain.com
To: undisclosed-recipients:;
test
.
> quit
+OK Logging out.
Connection closed by foreign host.
TEST DOVECOT:
Log into the POP3 server via telnet and retrieve the message sent earlier.
CONFIGURE SASL FOR SMTP AUTHENTICATION:
> vi /etc/dovecot.conf
auth default
{
mechanisms = plain login
passdb pam
{
}
userdb passwd
{
}
socket listen
{
client
{
path = /var/spool/postfix/private/auth
mode = 0660 #[or 0666]
user = postfix
group = postfix
}
}
}
> vi /etc/postfix/main.cf
mynetworks = 127.0.0.0/8
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
broken_sasl_auth_clients = yes
We want to configure SMTP authentication to allow only our users to relay mail. Unauthorized users (e.g. spammers) are denied relay. Edit both the Dovecot and Postfix configuration files. Put the SASL lines at the bottom of the Postfix configuration file.
START SASL AND RESTART POSTFIX AND DOVECOT:
> /etc/init.d/postfix restart
Shutting down postfix: [ OK ]
Starting postfix: [ OK ]
> /etc/init.d/dovecot restart
Stopping Dovecot Imap: [ OK ]
Starting Dovecot Imap: [ OK ]
> /etc/init.d/saslauthd start
Starting saslauthd: [ OK ]
> chkconfig –level 2345 postfix on
> chkconfig –level 2345 dovecot on
> chkconfig –level 2345 saslauthd on
> telnet host.domain.com smtp
Trying 123.123.123.123…
Connected to host.domain.com.
Escape character is ‘^]’.
220 host.domain.com ESMTP Postfix
> ehlo host
250-host.domain.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
> mail from: mnguyen
250 2.1.0 Ok
> rcpt to: minh@minhtech.com
554 5.7.1 <minh@minhtech.com>: Relay access denied
> quit
221 2.0.0 Bye
Connection closed by foreign host.
TEST THE SASL IMPLEMENTATION:
We are expecting relay access to be denied.