{"id":1066,"date":"2020-01-15T19:33:30","date_gmt":"2020-01-15T06:33:30","guid":{"rendered":"https:\/\/www.ronella.xyz\/?p=1066"},"modified":"2020-09-15T10:03:29","modified_gmt":"2020-09-14T22:03:29","slug":"configuring-email-server-with-postfix-and-dovecot","status":"publish","type":"post","link":"https:\/\/www.ronella.xyz\/?p=1066","title":{"rendered":"Configuring Email Server with Postfix and Dovecot"},"content":{"rendered":"<h1>Prerequisite<\/h1>\n<ul>\n<li>privkey.pem file<\/li>\n<li>fullchain.pem file<\/li>\n<\/ul>\n<h1>Installing Postfix<\/h1>\n<p>Run the following commands:<\/p>\n<pre style=\"white-space: pre;\">sudo apt-get update\r\nsudo apt-get install postfix<\/pre>\n<h1>Configuring Postfix<\/h1>\n<ol>\n<li>Run the following command:\n<pre style=\"white-space: pre;\">sudo dpkg-reconfigure postfix<\/pre>\n<p><strong>Configuration questions:<\/strong><\/p>\n<ol>\n<li>Select <strong>OK<\/strong> to proceed.<\/li>\n<li>Choose <strong>Internet Site<\/strong>.<\/li>\n<li>System Mail Name: <strong>&lt;EMAIL_DOMAIN&gt;<\/strong><\/li>\n<li>Other destinations for mail: <strong>&lt;EMAIL_DOMAIN&gt;, localhost.&lt;EMAIL_DOMAIN&gt;, localhost<\/strong><\/li>\n<li>Force synchronous updates on mail queue?: <strong>No<\/strong><\/li>\n<li>Local networks: <strong>127.0.0.0\/8 [::ffff:127.0.0.0]\/104 [::1]\/128<\/strong><\/li>\n<li>Use procmail for local delivery?: <strong>No<\/strong><\/li>\n<li>Mailbox size limit (bytes): <strong>0<\/strong><\/li>\n<li>Local address extension character: <strong>+<\/strong><\/li>\n<li>Internet protocols to use: <strong>all<\/strong><\/li>\n<\/ol>\n<blockquote><p>Feel free to answer the preceding questions based on your setup. Just replace the EMAIL_DOMAIN (i.e. example.com) with a valid value.<\/p><\/blockquote>\n<\/li>\n<li>Create the following folder:\n<pre style=\"white-space: pre;\">\/etc\/postfix\/ssl<\/pre>\n<\/li>\n<li>Copy the your <strong>privkey.pem<\/strong> and <strong>fullchain.pem<\/strong> to <strong>\/etc\/postfix\/ssl<\/strong>.<\/li>\n<li>Do additional configurations by executing the following commands:\n<pre style=\"white-space: pre;\">sudo postconf -e 'smtpd_sasl_local_domain ='\r\nsudo postconf -e 'smtpd_sasl_auth_enable = yes'\r\nsudo postconf -e 'smtpd_sasl_security_options = noanonymous'\r\nsudo postconf -e 'broken_sasl_auth_clients = yes'\r\nsudo postconf -e 'smtpd_recipient_restrictions =  permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination'\r\nsudo postconf -e 'inet_interfaces = all'\r\nsudo postconf -e 'smtp_tls_security_level = may'\r\nsudo postconf -e 'smtpd_tls_security_level = may'\r\nsudo postconf -e 'smtpd_tls_auth_only = no'\r\nsudo postconf -e 'smtp_tls_note_starttls_offer = yes'\r\nsudo postconf -e 'smtpd_tls_loglevel = 1'\r\nsudo postconf -e 'smtpd_tls_received_header = yes'\r\nsudo postconf -e 'smtpd_tls_session_cache_timeout = 3600s'\r\nsudo postconf -e 'tls_random_source = dev:\/dev\/urandom'\t\r\nsudo postconf -e 'mua_client_restrictions = permit_sasl_authenticated,reject'\r\nsudo postconf -e 'mua_helo_restrictions = permit_mynetworks, permit_sasl_authenticated'\r\nsudo postconf -e 'mua_sender_restrictions = permit_sasl_authenticated'\r\nsudo postconf -e 'smtpd_tls_key_file = \/etc\/postfix\/ssl\/privkey.pem'\r\nsudo postconf -e 'smtpd_tls_cert_file = \/etc\/postfix\/ssl\/fullchain.pem'\r\nsudo postconf -e 'myhostname = ronella.xyz'<\/pre>\n<\/li>\n<li>Create or update the <strong>\/etc\/postfix\/sasl\/smtpd.conf<\/strong> with the following:\n<pre style=\"white-space: pre;\">pwcheck_method: saslauthd\r\nmech_list: plain login<\/pre>\n<\/li>\n<li>In the <strong>\/etc\/postfix\/master.cf<\/strong> file, <strong>uncomment<\/strong> the <strong>submission section<\/strong> and must be like the following entries:\n<pre style=\"white-space: pre;\">submission inet n       -       y       -       -       smtpd\r\n  -o syslog_name=postfix\/submission\r\n  -o smtpd_tls_security_level=encrypt\r\n  -o smtpd_sasl_auth_enable=yes\r\n  -o smtpd_reject_unlisted_recipient=no\r\n  -o smtpd_client_restrictions=$mua_client_restrictions\r\n  -o smtpd_helo_restrictions=$mua_helo_restrictions\r\n  -o smtpd_sender_restrictions=$mua_sender_restrictions\r\n  -o smtpd_recipient_restrictions=\r\n  -o smtpd_relay_restrictions=permit_sasl_authenticated,reject\r\n  -o milter_macro_daemon_name=ORIGINATING<\/pre>\n<\/li>\n<li>Also in the same file, <strong>uncomment<\/strong> the <strong>smtps section<\/strong> and must be like the following entries:\n<pre style=\"white-space: pre;\">smtps     inet  n       -       y       -       -       smtpd\r\n  -o syslog_name=postfix\/smtps\r\n  -o smtpd_tls_wrappermode=yes\r\n  -o smtpd_sasl_auth_enable=yes\r\n  -o smtpd_reject_unlisted_recipient=no\r\n  -o smtpd_client_restrictions=$mua_client_restrictions\r\n  -o smtpd_helo_restrictions=$mua_helo_restrictions\r\n  -o smtpd_sender_restrictions=$mua_sender_restrictions\r\n  -o smtpd_recipient_restrictions=\r\n  -o smtpd_relay_restrictions=permit_sasl_authenticated,reject\r\n  -o milter_macro_daemon_name=ORIGINATING<\/pre>\n<\/li>\n<li><strong>Update<\/strong> the <strong>owner<\/strong> and <strong>group<\/strong> of <strong>\/var\/spool\/postfix<\/strong> directory to become <strong>postfix<\/strong> as follows:\n<pre style=\"white-space: pre;\">sudo chown postfix:postfix \/var\/spool\/postfix<\/pre>\n<\/li>\n<li><strong>Restart<\/strong> the <strong>postfix service<\/strong> with the following command:\n<pre style=\"white-space: pre;\">sudo systemctl restart postfix<\/pre>\n<\/li>\n<\/ol>\n<h1>Installing SASL<\/h1>\n<p>Run the following command:<\/p>\n<pre style=\"white-space: pre;\">sudo apt-get install libsasl2-2 sasl2-bin libsasl2-modules<\/pre>\n<h1>Configuring SASL<\/h1>\n<ol>\n<li>Open the <strong>\/etc\/default\/saslauthd<\/strong> file for editing.<\/li>\n<li>Search for <strong>START=no<\/strong> and change it like the following:\n<pre style=\"white-space: pre;\">START=yes<\/pre>\n<\/li>\n<li>Add the following entries just after preceding entry:\n<pre style=\"white-space: pre;\">PWDIR=\"\/var\/spool\/postfix\/var\/run\/saslauthd\"\r\nPARAMS=\"-m ${PWDIR}\"\r\nPIDFILE=\"${PWDIR}\/saslauthd.pid\"<\/pre>\n<\/li>\n<li>Search for <strong>OPTIONS=\"-c -m \/var\/run\/saslauthd\"<\/strong> and change it like the following:\n<pre style=\"white-space: pre;\">OPTIONS=\"-c -m \/var\/spool\/postfix\/var\/run\/saslauthd\"<\/pre>\n<\/li>\n<li>Update the <strong>dpkg state<\/strong> using the following command:\n<pre style=\"white-space: pre;\">sudo dpkg-statoverride --force --update --add root sasl 755 \/var\/spool\/postfix\/var\/run\/saslauthd<\/pre>\n<\/li>\n<li>Create a <strong>symbolic link<\/strong> using the following command:\n<pre style=\"white-space: pre;\">sudo ln -s \/etc\/default\/saslauthd \/etc\/saslauthd<\/pre>\n<\/li>\n<li><strong>Restart<\/strong> the <strong>sasl service<\/strong> using the following command:\n<pre style=\"white-space: pre;\">sudo service saslauthd restart<\/pre>\n<\/li>\n<\/ol>\n<h1>Installing Dovecot<\/h1>\n<p>Run the following command:<\/p>\n<pre style=\"white-space: pre;\">sudo apt-get install dovecot-core dovecot-imapd dovecot-pop3d<\/pre>\n<blockquote><p>The default location of the <strong>mail directory<\/strong> is <strong>\/var\/mail<\/strong>.<\/p><\/blockquote>\n<h1>Configuring Dovecot<\/h1>\n<ol>\n<li><strong>Update<\/strong> the certificate location in the file <strong>\/etc\/dovecot\/conf.d\/10-ssl.conf <\/strong>to be as follows:\n<pre style=\"white-space: pre;\">ssl_cert = &lt;\/etc\/postfix\/ssl\/fullchain.pem\r\nssl_key = &lt;\/etc\/postfix\/ssl\/privkey.pem<\/pre>\n<\/li>\n<li><strong>Restart<\/strong> the <strong>dovecot service<\/strong> using the following command:\n<pre style=\"white-space: pre;\">sudo service dovecot restart<\/pre>\n<\/li>\n<\/ol>\n<p><em><strong>Related Posts<\/strong><\/em><br \/>\n<em><a href=\"https:\/\/www.ronella.xyz\/?p=1041\" target=\"_blank\" rel=\"noopener noreferrer\">Basic Postfix Management<\/a><\/em><br \/>\n<em><a href=\"https:\/\/www.ronella.xyz\/?p=1022\" target=\"_blank\" rel=\"noopener noreferrer\">Creating an Email Alias<\/a><\/em><br \/>\n<em><a href=\"https:\/\/www.ronella.xyz\/?p=1080\" target=\"_blank\" rel=\"noopener noreferrer\">MailScanner with Postfix<\/a><\/em><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Prerequisite privkey.pem file fullchain.pem file Installing Postfix Run the following commands: sudo apt-get update sudo apt-get install postfix Configuring Postfix Run the following command: sudo dpkg-reconfigure postfix Configuration questions: Select OK to proceed. Choose Internet Site. System Mail Name: &lt;EMAIL_DOMAIN&gt; Other destinations for mail: &lt;EMAIL_DOMAIN&gt;, localhost.&lt;EMAIL_DOMAIN&gt;, localhost Force synchronous updates on mail queue?: No Local [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[55,59,12],"tags":[],"_links":{"self":[{"href":"https:\/\/www.ronella.xyz\/index.php?rest_route=\/wp\/v2\/posts\/1066"}],"collection":[{"href":"https:\/\/www.ronella.xyz\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ronella.xyz\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ronella.xyz\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ronella.xyz\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1066"}],"version-history":[{"count":17,"href":"https:\/\/www.ronella.xyz\/index.php?rest_route=\/wp\/v2\/posts\/1066\/revisions"}],"predecessor-version":[{"id":1295,"href":"https:\/\/www.ronella.xyz\/index.php?rest_route=\/wp\/v2\/posts\/1066\/revisions\/1295"}],"wp:attachment":[{"href":"https:\/\/www.ronella.xyz\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1066"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ronella.xyz\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1066"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ronella.xyz\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1066"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}