How to Install Mail Server on Centos 7(Part 2) ( Dovecot – Postfix )

centos-mailserver

You can setup your full(receiving and sending) mail server on Centos using multiple software’s ie. Postfix, Dovecot and Roundcube. To receive your mails on Centos server you need Dovecot, to send email from your server you need Postfix and to access your mail using web client you need Roundcube, you can also access your mails using third party clients like Thunderbird.

Note :- If you want to see the part 1 Installation & Configuration of Mail Server then click on below link:

https://www.cloudjojo.com/how-to-install-mail-server-on-centos-7part-1-dovecot-postfix/

Step 14. Before editing the configuration file of postfix make sure to create a backup of main.cf.

 # cp /etc/postfix/main.cf /etc/postfix/main.cf.dist

Step 15. Configure postfix by editing the main configuration file of postfix.Make sure to replace examplenet.xyz with your domain name.

# vi /etc/postfix/main.cf
# Uncomment & Edit the below lines:

myhostname = mx.examplenet.xyz
mydomain = mx.examplenet.xyz
myorigin = mx.examplenet.xyz
inet_interfaces = all
relayhost =
recipient_delimiter = +
home_mailbox = Maildir/
readme_directory = /usr/share/doc/postfix-2.10.1/README_FILES

# Add following Lines at the end of the page:

biff = no

# Virtual domains, users, and aliases

virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf
virtual_alias_maps = mysql:/etc/postfix/mysql-virtual-alias-maps.cf,mysql:/etc/postfix/mysql-virtual-email2email.cf
smtpd_tls_cert_file=/etc/dovecot/dovecot.pem
smtpd_tls_key_file=/etc/dovecot/private/dovecot.pem
smtpd_use_tls = no
smtpd_tls_auth_only = no

#Enabling SMTP for authenticated users.

smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes

smtpd_recipient_restrictions =
      permit_sasl_authenticated,
      permit_mynetworks,
      reject_unauth_destination

#Handing off local delivery to Dovecot's LMTP, and telling it where to store mail

virtual_transport = lmtp:unix:private/dovecot-lmtp

Note : Make sure to Replace examplenet.xyz with your domain name.

Step 16. Create a File for virtual_domains & add below lines.

# vi /etc/postfix/mysql-virtual-mailbox-domains.cf
user = mailuser
password = mailuserpasswd
hosts = 127.0.0.1
dbname = servermail
query = SELECT 1 FROM virtual_domains WHERE name='%s'

Step 17. Create a file for virtual_users & add below lines.

# vi /etc/postfix/mysql-virtual-mailbox-maps.cf
user = mailuser
password = mailuserpasswd
hosts = 127.0.0.1
dbname = servermail
query = SELECT 1 FROM virtual_users WHERE email='%s'

Step 18. Create a file for virtual_aliases & add below lines.

# vi /etc/postfix/mysql-virtual-alias-maps.cf
user = mailuser
password = mailuserpasswd
hosts = 127.0.0.1
dbname = servermail
query = SELECT destination FROM virtual_aliases WHERE source='%s'

Step 19.  Create a file for virtual-email2email & add below lines.

# vi /etc/postfix/mysql-virtual-email2email.cf
user = mailuser
password = mailuserpasswd
hosts = 127.0.0.1
dbname = servermail
query = SELECT email FROM virtual_users WHERE email='%s'

Step 20. Restart Postfix.

# service postfix restart

Step 21. Configure Postfix by uncomment by below lines in master.cf file.

# vi /etc/postfix/master.cf
submission inet n       -       -       -       -       smtpd
  -o syslog_name=postfix/submission
  -o smtpd_tls_security_level=encrypt
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
  -o milter_macro_daemon_name=ORIGINATING
smtps     inet  n       -       -       -       -       smtpd
  -o syslog_name=postfix/smtps
  -o smtpd_tls_wrappermode=yes
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
  -o milter_macro_daemon_name=ORIGINATING

Step 22. Restart Postfix again.

# service postfix restart

Step 23. Configure dovecot by add below line in dovecot.conf file.

# vi /etc/dovecot/dovecot.conf
protocols = imap pop3 lmtp

Step 24. Configure 10-mail.conf by Modify the below lines.

# vi /etc/dovecot/conf.d/10-mail.conf
mail_location = maildir:/var/mail/vhosts/%d/%n
mail_privileged_group = mail

Step 25.  Configure 10-auth.conf by Modify the below lines.

vi /etc/dovecot/conf.d/10-auth.conf
disable_plaintext_auth = no
auth_mechanisms = plain login
#!include auth-system.conf.ext
!include auth-sql.conf.ext

Step 26. Check the permession of /var/vmail.It should be same as below.

#  ls -ld /var/mail
drwxrwsr-x 2 root mail 4096 Dec 14 12:22 /var/mail

Step 27. Now create a directory for your domain & make sure to replace examplenet.xyz with your domain name.

# mkdir -p /var/mail/vhosts/examplenet.xyz
# chmod 755 /var/mail/vhosts/examplenet.xyz

Step 28. Add the user & group for vmail.

# groupadd -g 5000 vmail
# useradd -g vmail -u 5000 vmail -d /var/mail -m

Step 29. Change the owner of /var/mail to vmail.

# chown -R vmail:vmail /var/mail

Step 30. Edit the auth-sql.conf.ext file & uncomment below lines.

# vi /etc/dovecot/conf.d/auth-sql.conf.ext
passdb {
   driver = sql
   args = /etc/dovecot/dovecot-sql.conf.ext
}
userdb {
   driver = static
   args = uid=vmail gid=vmail home=/var/mail/vhosts/%d/%n
    }
Step 31. Create a file dovecot-sql.conf.ext & add the below lines in that file.
# vi /etc/dovecot/dovecot-sql.conf.ext
driver = mysql

connect = host=127.0.0.1 dbname=servermail user=mailuser password=mailuserpasswd

default_pass_scheme = MD5

password_query = SELECT email as user, password FROM virtual_users WHERE email='%u';

Step 32. Change the owner,group & permissions  of /etc/dovecot.

# chown -R vmail:dovecot /etc/dovecot
# chmod -R o-rwx /etc/dovecot

Step 33. Modify & uncomment the 10-master.conf file as shown below.

# vi /etc/dovecot/conf.d/10-master.conf
service imap-login {
	inet_listener imap {
		port = 143
	}
	inet_listener imaps {
		#port = 993
		#ssl = yes
	}
}
service pop3-login {
	inet_listener pop3 {
		port = 110
	}
	inet_listener pop3s {
		#port = 995
	#ssl = yes
	}
}

service lmtp {
	unix_listener /var/spool/postfix/private/dovecot-lmtp {
		mode = 0600
		user = postfix
		group = postfix
	}
	# Create inet listener only if you can't use the above UNIX socket
	#inet_listener lmtp {
		# Avoid making LMTP visible for the entire internet
		#address =
		#port =
	#}
}
service auth {
	# auth_socket_path points to this userdb socket by default. It's typically
	# used by dovecot-lda, doveadm, possibly imap process, etc. Users that have
	# full permissions to this socket are able to get a list of all usernames and
	# get the results of everyone's userdb lookups.
	#
	# The default 0666 mode allows anyone to connect to the socket, but the
	# userdb lookups will succeed only if the userdb returns an "uid" field that
	# matches the caller process's UID. Also if caller's uid or gid matches the
	# socket's uid or gid the lookup succeeds. Anything else causes a failure.
	#
	# To give the caller full permissions to lookup all users, set the mode to
	# something else than 0666 and Dovecot lets the kernel enforce the
	# permissions (e.g. 0777 allows everyone full permissions).
	unix_listener auth-userdb {
		mode = 0666
		user = vmail
		#group =
	}
	# Postfix smtp-auth
	unix_listener /var/spool/postfix/private/auth {
		mode = 0666
		user = postfix
		group = postfix
	}
	# Auth process is run as this user.
	user = dovecot
}
service auth-worker {
	# Auth worker process is run as root by default, so that it can access
	# /etc/shadow. If this isn't necessary, the user should be changed to
	#  $default_internal_user.
	user = vmail
}

Step 34. Restart Postfix & Dovecot.

# service postfix restart
# service dovecot restart

You can test your mail server using any email client like Thunderbird.