Skip to content

Mail System Install on Ubuntu

Barry O'Donovan edited this page Feb 14, 2014 · 2 revisions

This is a worked example of installing ViMbAdmin with Dovecot and Postfix on Ubuntu 13.10 (Saucy).

At the end of this process, you'll have:

  • ViMbAdmin installed and managing your virtual domains, mailboxes and aliases;
  • Postfix installed and configured for:
    • Email delivery / acceptance to your virtual mailboxes and aliases;
    • TLS available on port 25;
    • SSL on port 465;
    • Email relay to authenticated users only.
  • Dovecot installed and configured for:
    • IMAP over SSL;
    • POP3 over SSL;
    • ManageSieve with TLS support;
    • LMTP for local mail delivery to your virtual mailboxes.

Preparation

Install required packages and dependancies:

apt-get install --yes php5-cgi php5-mcrypt php5-memcache php5-mysql \
    php5-json libapache2-mod-php5 memcached git mysql-server subversion

PHP composer can be installed via:

php -r "readfile('https://getcomposer.org/installer');" | php
mv composer.phar /usr/local/bin/composer

Set the timezone in /etc/php5/apache2/php.ini, such as:

date.timezone = "UTC"

Disclaimer

These instructions are to enable you to get Postfix and Dovecot configured to work with ViMdAdmin. I try to stick with the specific configuration options for this. I neither suggest nor assert that this configuration is secure. Nor do I delve into the many other possible configuration options available in Postfix and Dovecot. These are out of scope here.

ViMbAdmin

Follow the instructions from the Installation documentation and ensure you:

  • set up the database;
  • set the security salts;
  • create your administrative user.

Dovecot

Dovecot will provide support for:

  • IMAP mail access;
  • POP3 mail access;
  • the manage sieved service; and
  • the local delivery protocol (LMTP) - Postfix passes emails it accepts for local delivery off to this process to be stored on the filesystem.

Install the Dovecot related packages via:

apt-get install --yes dovecot-core dovecot-imapd dovecot-managesieved \
    dovecot-pop3d dovecot-postfix dovecot-sieve dovecot-mysql         \
    dovecot-lmtpd dovecot-common

We will store all emails under /srv/vmail and we need to create a user with the appropriate uid and gid used in this example:

groupadd -g 2000 vmail
useradd -c 'Virtual Mailboxes' -d /srv/vmail -g 2000 -u 2000 -s /usr/sbin/nologin -m vmail

Configuring Dovecot

Remove (clear) an unnecessary file which will interfere with our configuration:

echo "" >/etc/dovecot/conf.d/99-mail-stack-delivery.conf

Now, examine this Gist which provides a sample working configuration. If you have any issues, you can increase logging by setting any of the following in /etc/dovecot/conf.d/10-logging.conf to yes:

auth_verbose = no
auth_debug = no
auth_debug_passwords = no
mail_debug = no
verbose_ssl = no

and then:

tail -f /var/log/mail.log`

In our Gist above, we only set parameters that are different from the default. You can see the effect of these by running dovecot -n and comparing it to our version at FIXME.

Postfix

We will configure Postfix for the following purposes here:

  • accept mail for the domains / mailboxes / aliases configured in ViMbAdmin;
  • hand these messages off to Dovecot's deliver - a local delivery agent;
  • allow mailboxes configured in ViMbAdmin to log into Postfix to relay mail.

First, we need to install the following packages:

apt-get install postfix postfix-mysql

When you are asked to choose a general type of mail configuration, choose No configuration. This should hopefully make these instructions reasonably generic.

Configuring Postfix

See this Gist of a main.cf sample Postfix configuration file.

You need to edit master.conf to enable smtps (SMTP over SSL on port 465' TLS is supported over port 25 as part of our configuration):

smtps     inet  n       -       -       -       -       smtpd
  -o smtpd_tls_wrappermode=yes
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_sasl_type=dovecot
  -o smtpd_sasl_path=private/auth
  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
  -o milter_macro_daemon_name=ORIGINATING

ViMbAdmin Integration

Postfix integrates with our ViMbAdmin database via settings in the above Gist and by creating the following files form the samples provided (all under /etc/postfix/mysql):

Postfix with SSL

The above referenced Gist includes support for TLS/SSL (encrypted) support with Postfix. We can create a self-signed certificate for testing as follows.

When asked to enter Common Name (eg, YOUR name) []:, ensure you enter the fully qualified name of your mail server. In our example main.cf, we use mail.example.com.

mkdir -p /etc/postfix/ssl
openssl req -new -x509 -days 3650 -nodes       \
    -out /etc/postfix/ssl/mail.example.com.pem \
    -keyout /etc/postfix/ssl/mail.example.com.pem
chmod 0600 /etc/postfix/ssl/mail.example.com.pem

We also need to create the Diffe Hellman parameters:

for len in 512 1024; do
    openssl genpkey -genparam -algorithm DH -out /etc/postfix/dh_${len}.pem \
        -pkeyopt dh_paramgen_prime_len:${len}
done

WARNING: while self-signed certificates are okay for testing, they will cause issues in production. In particular, you will have to train your end users to accept and import untrusted certificates. This is a very bad precedent to set!

Final Steps

Everything outlined in the opening section should now be working. I've followed these instructions and confirmed this via Thunderbird.