Linux mail server tips
Step by step setup of postfix & dovecot
A typical postfix and dovecot step by step configuration on Ubuntu 12 and above operating system. Steps include installation of postfix, creating of groups, users, creation of main.cf & master.cf, md5 password generation, creating dovecot.conf and starting the services. Depending on your server, you may need some alterations.
Step 1: Install the required packages
sudo apt-get install postfix
sudo apt-get install dovecot-core dovecot-imapd dovecot-pop3d dovecot-lmtpd
Step 2: Create the mail group and the mailbox location
Create the vmail user/group
groupadd -g 5000 vmail
useradd -u 5000 -g vmail -s /usr/bin -d /home/vmail -m vmail
Create the mailbox location
/var/vmail/domain.com/email@domain.com
Step 3: Configure postfix
a. Create the file /etc/mailname
armtechnologies.com
b. Create /etc/aliases
mailer-daemon: postmaster
postmaster: root
nobody: root
hostmaster: root
usenet: root
news: root
webmaster: root
www: root
ftp: root
abuse: root
c. create the virtual domains in file /etc/postfix/vmail_domains
armtechnologies.com OK
d. create the virtual users in file /etc/postfix/vmail_mailbox
contact@armtechnologies.com armtechnologies.com/contact/
e. create the virtual aliases in /etc/postfix/vmail_aliases
contact@armtechnologies.com contact@armtechnologies.com
@armtechnologies.com contact@armtechnologies.com
f. map the virtual files
postmap /etc/postfix/vmail_domains
postmap /etc/postfix/vmail_mailbox
postmap /etc/postfix/vmail_aliases
Step 4: configure postfix main.cf and master.cf
a. main.cf
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no
append_dot_mydomain = no
home_mailbox = Maildir/
mailbox_size_limit = 0
recipient_delimiter = +
inet_protocols = ipv4
inet_interfaces = all
myorigin = /etc/mailname
myhostname = mail.armtechnologies.com
mydestination =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
relayhost =
relay_domains = *
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
virtual_mailbox_base = /var/vmail
virtual_minimum_uid = 1000
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
virtual_mailbox_domains = /etc/postfix/vmail_domains
virtual_mailbox_maps = hash:/etc/postfix/vmail_mailbox
virtual_alias_maps = hash:/etc/postfix/vmail_aliases
virtual_transport = lmtp:unix:private/dovecot-lmtp
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
smtpd_tls_auth_only = yes
smtpd_tls_cert_file=/etc/dovecot/dovecot.pem
smtpd_tls_key_file=/etc/dovecot/private/dovecot.pem
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks
b. master.cf
#==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
#==========================================================================
smtp inet n - n - - smtpd
submission inet n - n - - smtpd
-o syslog_name=postfix/submission
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
pickup unix n - - 60 1 pickup
cleanup unix n - - - 0 cleanup
qmgr unix n - n 300 1 qmgr
tlsmgr unix - - - 1000? 1 tlsmgr
rewrite unix - - - - - trivial-rewrite
bounce unix - - - - 0 bounce
defer unix - - - - 0 bounce
trace unix - - - - 0 bounce
verify unix - - - - 1 verify
flush unix n - - 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - - - - smtp
relay unix - - - - - smtp
showq unix n - - - - showq
error unix - - - - - error
retry unix - - - - - error
discard unix - - - - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - - - - lmtp
anvil unix - - - - 1 anvil
scache unix - - - - 1 scache
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix - n n - 2 pipe
flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman unix - n n - - pipe
flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
${nexthop} ${user}
Step 5: Dovecot configuration
Create the file /etc/dovecot/passwd
contact@armtechnologies.com:{MD5-CRYPT}$somehashgenerated.
Command to generate md5 password
doveadm pw -s MD5-CRYPT
Step 6: Create dovecot configuration file /etc/dovecot/dovecot.conf
listen = *
disable_plaintext_auth = yes
auth_mechanisms = plain login
mail_access_groups = vmail
default_login_user = vmail
auth_verbose = yes
log_timestamp = "%Y-%m-%d %H:%M:%S"
mail_location = maildir:/var/vmail/%d/%n
mail_privileged_group = vmail
protocols = imap lmtp
passdb {
args = scheme=plain-md5 username_format=%u /etc/dovecot/passwd
driver = passwd-file
}
userdb {
args = uid=5000 gid=5000 home=/var/vmail/%d/%n allow_all_users=yes
driver = static
}
service imap-login {
inet_listener imap {
port = 143
}
inet_listener imaps {
port = 993
ssl = yes
}
}
protocol imap {
}
plugin {
autocreate = Trash
autocreate2 = Sent
autosubscribe = Trash
autosubscribe2 = Sent
}
service auth {
unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0660
user = postfix
}
}
service lmtp {
unix_listener /var/spool/postfix/private/dovecot-lmtp {
mode = 0600
user = postfix
group = postfix
}
}
ssl = required
ssl_cert = </etc/dovecot/dovecot.pem
ssl_key = </etc/dovecot/private/dovecot.pem
Step 7: Start the mail services
Check dovecot configuration with the command
sudo dovecot -F
Start the mail services
sudo service postfix start
sudo service dovecot start