-
Notifications
You must be signed in to change notification settings - Fork 102
Mail System Install on Ubuntu
This is a worked example of installing ViMbAdmin with Dovecot and Postfix on Ubuntu 13.10 (Saucy).
At the end of this process, you'll have:
- ViMbAdmin installed and managing your virtual domains, mailboxes and aliases;
- Postfix installed and configured for:
- Email delivery / acceptance to your virtual mailboxes and aliases;
- TLS available on port 25;
- SSL on port 465;
- Email relay to authenticated users only.
- Dovecot installed and configured for:
- IMAP over SSL;
- POP3 over SSL;
- ManageSieve with TLS support;
- LMTP for local mail delivery to your virtual mailboxes.
Install required packages and dependancies:
apt-get install --yes php5-cgi php5-mcrypt php5-memcache php5-mysql \
php5-json libapache2-mod-php5 memcached git mysql-server subversion
PHP composer can be installed via:
php -r "readfile('https://getcomposer.org/installer');" | php
mv composer.phar /usr/local/bin/composer
Set the timezone in /etc/php5/apache2/php.ini
, such as:
date.timezone = "UTC"
These instructions are to enable you to get Postfix and Dovecot configured to work with ViMdAdmin. I try to stick with the specific configuration options for this. I neither suggest nor assert that this configuration is secure. Nor do I delve into the many other possible configuration options available in Postfix and Dovecot. These are out of scope here.
Follow the instructions from the Installation documentation and ensure you:
- set up the database;
- set the security salts;
- create your administrative user.
Dovecot will provide support for:
- IMAP mail access;
- POP3 mail access;
- the manage sieved service; and
- the local delivery protocol (LMTP) - Postfix passes emails it accepts for local delivery off to this process to be stored on the filesystem.
Install the Dovecot related packages via:
apt-get install --yes dovecot-core dovecot-imapd dovecot-managesieved \
dovecot-pop3d dovecot-postfix dovecot-sieve dovecot-mysql \
dovecot-lmtpd dovecot-common
We will store all emails under /srv/vmail
and we need to create a user with the appropriate uid and gid used in this example:
groupadd -g 2000 vmail
useradd -c 'Virtual Mailboxes' -d /srv/vmail -g 2000 -u 2000 -s /usr/sbin/nologin -m vmail
Remove (clear) an unnecessary file which will interfere with our configuration:
echo "" >/etc/dovecot/conf.d/99-mail-stack-delivery.conf
Now, examine this Gist which provides a sample working configuration. If you have any issues, you can increase logging by setting any of the following in /etc/dovecot/conf.d/10-logging.conf
to yes:
auth_verbose = no
auth_debug = no
auth_debug_passwords = no
mail_debug = no
verbose_ssl = no
and then:
tail -f /var/log/mail.log`
In our Gist above, we only set parameters that are different from the default. You can see the effect of these by running dovecot -n
and comparing it to our version at FIXME.
We will configure Postfix for the following purposes here:
- accept mail for the domains / mailboxes / aliases configured in ViMbAdmin;
- hand these messages off to Dovecot's deliver - a local delivery agent;
- allow mailboxes configured in ViMbAdmin to log into Postfix to relay mail.
First, we need to install the following packages:
apt-get install postfix postfix-mysql
When you are asked to choose a general type of mail configuration, choose No configuration. This should hopefully make these instructions reasonably generic.
See this Gist of a main.cf sample Postfix configuration file.
You need to edit master.conf
to enable smtps
(SMTP over SSL on port 465' TLS is supported over port 25 as part of our configuration):
smtps inet n - - - - smtpd
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_sasl_type=dovecot
-o smtpd_sasl_path=private/auth
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING
Postfix integrates with our ViMbAdmin database via settings in the above Gist and by creating the following files form the samples provided (all under /etc/postfix/mysql
):
The above referenced Gist includes support for TLS/SSL (encrypted) support with Postfix. We can create a self-signed certificate for testing as follows.
When asked to enter Common Name (eg, YOUR name) []:, ensure you enter the fully qualified name of your mail server. In our example main.cf
, we use mail.example.com
.
mkdir -p /etc/postfix/ssl
openssl req -new -x509 -days 3650 -nodes \
-out /etc/postfix/ssl/mail.example.com.pem \
-keyout /etc/postfix/ssl/mail.example.com.pem
chmod 0600 /etc/postfix/ssl/mail.example.com.pem
We also need to create the Diffe Hellman parameters:
for len in 512 1024; do
openssl genpkey -genparam -algorithm DH -out /etc/postfix/dh_${len}.pem \
-pkeyopt dh_paramgen_prime_len:${len}
done
WARNING: while self-signed certificates are okay for testing, they will cause issues in production. In particular, you will have to train your end users to accept and import untrusted certificates. This is a very bad precedent to set!
Everything outlined in the opening section should now be working. I've followed these instructions and confirmed this via Thunderbird.
- Enable calculation and display of Mailbox Sizes.
- Enable Deleting Mailboxes
- Enable Archiving Mailboxes
- Configure Quotas