How To

How to Install and Configure Postfix on Ubuntu 18.04

No Comments

To receive mail a prerequisite is to have a fixed IP, a DNS server running either on your own server or to a hosting provider on which you can modify the recordings. Let us define some acronyms which will be used on this configuration:

  • Postfix is the Mail Transfer Agent (MTA) used to send and receive emails
  • Dovecot is the Local Delivery Agent (LDA) which use the Internet Messaging Application Protocol (IMAP) and Post Office Protocol (POP3) server.
  • SASL defined by Simple Authentication and Secure Layer, it adds an authentication between the user and the server to secure exchanges.
  • Postfixadmin the web interface which enables you to manage mailboxes, virtual domains, and aliases
  • LEMP: the web server with Nginx and PHP in order to access postfixadmin and easily manage the virtual users and domains, MySQL to store all the information.

https://linoxide.com/mail/install-configure-postfix-ubuntu/

 

 Install and configure Postfixadmin

sudo apt install php7.2-mbstring php7.2-dom php7.2-pdo php7.2-xml php7.2-common php7.2-bcmath php7.2-json php7.2-cli php7.2-fpm php7.2-mysql


 wget -P /opt https://github.com/postfixadmin/postfixadmin/archive/postfixadmin-3.2.tar.gz
--2018-06-11 21:53:14--  https://github.com/postfixadmin/postfixadmin/archive/postfixadmin-3.2.tar.gz
 cd /opt && tar xvf postfixadmin-3.2.tar.gz
mv postfixadmin-postfixadmin-3.2/ postfixadmin
 ln -s /opt/postfixadmin/public/ /var/www/html/pfa

Create the postfix database

# mysql -u root -p
Enter password:

CREATE DATABASE postfix;
CREATE USER 'postfix'@'localhost' IDENTIFIED BY 'postfix-db-password';
GRANT ALL PRIVILEGES ON `postfix` . * TO 'postfix'@'localhost';
FLUSH PRIVILEGES;
 exit

 Configure postfixadmin

# vim /opt/postfixadmin/config.local.php

<?php
$CONF['database_type'] = 'mysqli';
$CONF['database_user'] = 'postfix';
$CONF['database_password'] = 'postfix-db-password';
$CONF['database_name'] = 'postfix';

$CONF['configured'] = true;
?>

we should need to create it manually and give www-data permission

# mkdir /opt/postfixadmin/templates_c && chmod 755 -R /opt/postfixadmin/templates_c
# chown -R www-data:www-data /opt/postfixadmin/templates_c

/opt/postfixadmin/config.local.php

access postfix from your server ip address http://your-ip-or-domain/pfa/setup.php

 Install and configure postfix

Now we can install the postfix packages.

apt install postfix postfix-mysql sasl2-bin

Make sure that sasl run at the startup by editing its configuration file

# vim /etc/default/saslauthd

# Should saslauthd run automatically on startup? (default: no)
START=yes
groupadd -g 5000 vmail && mkdir -p /var/mail/vmail
useradd -u 5000 vmail -g vmail -s /usr/sbin/nologin -d /var/mail/vmail
chown -R vmail:vmail /var/mail/vmail

Create the configuration files for the database

mkdir -p /etc/postfix/sql
vim /etc/postfix/sql/mysql_virtual_domains_maps.cf
user = postfix
password = postfix-db-password
hosts = 127.0.0.1
dbname = postfix
query = SELECT domain FROM domain WHERE domain='%s' AND active = '1'
postconf -e virtual_mailbox_domains=mysql:/etc/postfix/sql/mysql_virtual_domains_maps.cf

Now we can check the configuration

# postmap -q mytuto.com mysql:/etc/postfix/sql/mysql_virtual_domains_maps.cf
jdk.co.ke
# vim /etc/postfix/sql/mysql_virtual_mailbox_maps.cf
user = postfix
password = postfix-db-password
hosts = 127.0.0.1
dbname = postfix
query = SELECT maildir FROM mailbox WHERE username='%s' AND active = '1'
# postconf -e virtual_mailbox_maps=mysql:/etc/postfix/sql/mysql_virtual_mailbox_maps.cf

Run the command to test the query on the database

# postmap -q info@jdk.co.ke mysql:/etc/postfix/sql/mysql_virtual_mailbox_maps.cf
jdk.co.ke /info/
  • Alias to contain the different email aliases.
# vim /etc/postfix/sql/mysql_virtual_alias_maps.cf
user = postfix
password = postfix-db-password
hosts = 127.0.0.1
dbname = postfix
query = SELECT goto FROM alias WHERE address='%s' AND active = '1'

Now add the configuration

# postconf -e virtual_alias_maps=mysql:/etc/postfix/sql/mysql_virtual_alias_maps.cf
# chgrp postfix /etc/postfix/sql/mysql_*.cf
# ls -l /etc/postfix/sql/

 Configure postfix

 cp /etc/postfix/main.cf /etc/postfix/main.cf.bak
# vim /etc/postfix/main.cf

# Allow authenticated users to send email, and use Dovecot to authenticate them. Tells Postfix to use Dovecot for authentication
smtpd_sasl_type = dovecot
## Path to the Postfix auth socket
smtpd_sasl_path = private/auth
## Tells Postfix to let people send email if they've authenticated to the server.
## Otherwise they can only send if they're logged in (SSH)
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $myhostname
# Enable authentication only for those with a TLS connection.
smtpd_tls_security_level = may
smtpd_tls_auth_only = no
# Tells Postfix who can send email: SASL-authenticated users connecting from a network specified in 'mynetworks'
smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination

Now let’s edit the /etc/postfix/master.cf configuration file. It’s the process configuration file. We will enable secure SMTP ports by adding or uncomment the lines below and make a copy before

# cp /etc/postfix/master.cf /etc/postfix/master.cf.bak

# vim /etc/postfix/master.cf
submission inet n       -       y       -       -       smtpd
  -o syslog_name=postfix/submission
  -o smtpd_tls_security_level=encrypt
  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_tls_auth_only=yes
#  -o smtpd_reject_unlisted_recipient=no
#  -o smtpd_client_restrictions=$mua_client_restrictions
  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#  -o smtpd_helo_restrictions=$mua_helo_restrictions
#  -o smtpd_sender_restrictions=$mua_sender_restrictions
#  -o smtpd_recipient_restrictions=
#  -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
  -o milter_macro_daemon_name=ORIGINATING
smtps     inet  n       -       y       -       -       smtpd
  -o syslog_name=postfix/smtps
  -o smtpd_tls_wrappermode=yes
  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_reject_unlisted_recipient=no
#  -o smtpd_client_restrictions=$mua_client_restrictions
#  -o smtpd_helo_restrictions=$mua_helo_restrictions
#  -o smtpd_sender_restrictions=$mua_sender_restrictions
#  -o smtpd_recipient_restrictions=
#  -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
  -o milter_macro_daemon_name=ORIGINATING

Now you can run the postconf -n command to check some errors

# postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
...
...

# systemctl restart postfix
# systemctl status postfix

 Install and configure Dovecot

# apt install dovecot-imapd dovecot-mysql dovecot-managesieved

Configuration of dovecot

The configuration of Dovecot is contained into multiples files in /etc/dovecot/conf.d. First, check the content of the /etc/dovecot/dovecot.conf to have these lines uncommented

!include_try /usr/share/dovecot/protocols.d/*.protocol
!include conf.d/*.conf
  • the 10-auth.conf file to modify the connection mechanisms by adding or uncommenting the lines. Dovecot uses the system users by default but we use Mysql users
cp 10-auth.conf 10-auth.conf.bak
# vim 10-auth.conf

auth_mechanisms = plain login
#!include auth-system.conf.ext
!include auth-sql.conf.ext
  • the auth-sql.conf.ext file for the sql configuration
# cp auth-sql.conf.ext auth-sql.conf.ext.bak
# vim auth-sql.conf.ext

passdb {
  driver = sql
  args = /etc/dovecot/dovecot-sql.conf.ext
}

userdb {
  driver = static
  args = uid=vmail gid=vmail home=/var/mail/vmail/%d/%n
}
  • now let’s edit the /etc/dovecot/dovecot-sql.conf.ext to tell dovecot how to connect to the SQL database
# cp /etc/dovecot/dovecot-sql.conf.ext /etc/dovecot/dovecot-sql.conf.ext.bak

# vim /etc/dovecot/dovecot-sql.conf.ext

driver = mysql
connect = host=127.0.0.1 dbname=postfix user=postfix password=postfix-db-password
password_query = SELECT username,domain,password FROM mailbox WHERE username='%u';
default_pass_scheme = MD5-CRYPT

w we will edit the 10-mail.conf file to configure the mail location directory

# cp 10-mail.conf 10-mail.conf.bak

# vim 10-mail.conf
mail_location = maildir:/var/mail/vmail/%d/%n/Maildir
mail_privileged_group = mail

Now we will edit the 10-master.conf file for the connection to the socket

# cp 10-master.conf 10-master.conf.bak
# vim 10-master.conf

service auth {
  unix_listener auth-userdb {
    mode = 0600
    user = vmail
  }

  unix_listener /var/spool/postfix/private/auth {
    mode = 0660
    user = postfix
    group = postfix
  }

  user = dovecot
}
  • Now we need to configure the LDA 15-lda.conf file to indicate sieve in order to automatically organize mail into the corresponding folder
# cp 15-lda.conf 15-lda.conf.bak

# vim 15-lda.conf

protocol lda {
  # Space separated list of plugins to load (default is global mail_plugins).
  mail_plugins = $mail_plugins sieve
}

We should give permission if we want that the vmail user can launch dovecot

# chgrp vmail /etc/dovecot/dovecot.conf
# systemctl restart dovecot

Integrate dovecot to postfix

Now that we have configured dovecot, we should indicate postfix to work with dovecot. Edit the master postfix configuration file and add the lines below at the end of the file

# vim /etc/postfix/master.cf

dovecot   unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop}

Now edit the main postfix configuration file

 # vim /etc/postfix/main.cf
virtual_transport = dovecot
dovecot_destination_recipient_limit = 1

then restart postfix

# systemctl restart postfix

 Test of mail server

# apt install mailutils

# echo "Hello John" | mail -s "test mail" info@jdk.co.ke

First, let’s check the mail log

 # tail -n 20 -f /var/log/mail.log

reference https://linoxide.com/mail/install-configure-postfix-ubuntu/

Facebook Comments

You may also like