Postfix Dovecot Mysql Pdf

In this tutorial, we are going to configure a mail server using Postfix, Dovecot, MySQL and SpamAssassin on Ubuntu 12.04. Following this tutorial you'll be able to add virtual domains, users, and aliases. Moreover, your virtual server will be secure from spam hub. When Postfix configuration is. How to Setup Postfix Mail Server and Dovecot with Database (MariaDB) Securely – Part 1. Devel postfix dovecot dovecot-mysql spamassassin clamav clamav-scanner.

Updated by Linode Written by Linode

Use promo code DOCS10 for $10 credit on a new account.
Contribute on GitHub

Report an Issue | View File | Edit File

Deprecated
This guide has been deprecated and is no longer being maintained.

The Postfix Mail Transfer Agent (MTA) is a high performance open source e-mail server system. This guide will help you get Postfix running on your Debian 6 (Squeeze) Linode, using Dovecot for IMAP/POP3 service and MySQL to store information on virtual domains and users. This guide is largely based on Christoph Haas’s great ISP-style Email Server with Debian-Lenny and Postfix 2.5 guide and HowtoForge Groupware Server With Group-Office, Postfix, Dovecot And SpamAssassin On Debian Lenny (5.0), with some packages omitted.

It is assumed that you have followed the steps outlined in our getting started guide. All configuration will be performed in a terminal session; make sure you’re logged into your Linode as root via SSH.

NOTE: Please read all of the information presented in this guide carefully. There are many files and commands that will need to be edited as part of the setup process: please do not simply copy and paste the example blocks.

Before you begin installing and configuring the components described in this guide, please make sure you’ve followed our instructions for setting your hostname. Issue the following commands to make sure it is set properly:

The first command should show your short hostname, and the second should show your fully qualified domain name (FQDN).

Issue the following commands to install any outstanding package updates:

Issue the following command to get the required packages installed on your Linode:

This will install the Postfix mail server, the MySQL database server, the Dovecot IMAP and POP daemons, and several supporting packages that provide services related to authentication. You will be prompted to choose a root password for MySQL; make sure you select a strong password comprised of letters, numbers, and non-alphanumeric characters. Write this password down and keep it in a safe place for later reference.

Next, you’ll be prompted to select the type of mail server configuration you want for your Linode. Select “Internet Site” and continue.

Now you’ll need to set the system mail name. This should be a fully qualified domain name (FQDN) that points to your Linode’s IP address. This example uses an example organization’s domain. You should set the reverse DNS for your Linode’s IP address to the fully qualified domain name you assign as the system mail name, while other domains you wish to host email for will be handled later through virtual domain setup steps.

This completes the initial package configuration steps. Next, you’ll set up a MySQL database to handle virtual domains and users.

Start the MySQL shell by issuing the following command. You’ll be prompted to enter the root password for MySQL that you assigned during the initial setup.

You’ll be presented with an interface similar to the following.

Issue the following command to create a database for your mail server and switch to it in the shell:

Create a mail administration user called mail_admin and grant it permissions on the mail database with the following commands. Please be sure to replace “mail_admin_password” with a password you select for this user.

Create the virtual domains table with the following command:

Create a table to handle mail forwarding with the following command:

Create the users table with the following command:

Create a transports table with the following command:

Exit the MySQL shell by issuing the following command:

Check that MySQL is set up to bind to localhost (127.0.0.1) by looking at the file /etc/mysql/my.cnf. You should have the following line in the configuration file:

bind-address = 127.0.0.1

This is required for Postfix to be able to communicate with the database server. If you have MySQL set up to run on another IP address (such as an internal IP), you will need to substitute this IP address in place of 127.0.0.1 during the Postfix configuration steps. Please note that it is not advisable to run MySQL on a publicly-accessible IP address.

If you changed MySQL’s configuration, restart the database server with the following command:

Next, you’ll perform additional Postfix configuration to set up communication with the database.

Create a virtual domain configuration file for Postfix called /etc/postfix/mysql-virtual_domains.cf with the following contents. Be sure to replace “mail_admin_password” with the password you chose earlier for the MySQL mail administrator user.

user = mail_admin password = mail_admin_password dbname = mail query = SELECT domain AS virtual FROM domains WHERE domain=‘%s’ hosts = 127.0.0.1

Create a virtual forwarding file for Postfix called /etc/postfix/mysql-virtual_forwardings.cf with the following contents. Be sure to replace “mail_admin_password” with the password you chose earlier for the MySQL mail administrator user.

user = mail_admin password = mail_admin_password dbname = mail query = SELECT destination FROM forwardings WHERE source=‘%s’ hosts = 127.0.0.1

Create a virtual mailbox configuration file for Postfix called /etc/postfix/mysql-virtual_mailboxes.cf with the following contents. Be sure to replace “mail_admin_password” with the password you chose earlier for the MySQL mail administrator user.

user = mail_admin password = mail_admin_password dbname = mail query = SELECT CONCAT(SUBSTRING_INDEX(email,<‘@’>,-1),‘/’,SUBSTRING_INDEX(email,<‘@’>,1),‘/’) FROM users WHERE email=‘%s’ hosts = 127.0.0.1

Create a virtual email mapping file for Postfix called /etc/postfix/mysql-virtual_email2email.cf with the following contents. Be sure to replace “mail_admin_password” with the password you chose earlier for the MySQL mail administrator user.

user = mail_admin password = mail_admin_password dbname = mail query = SELECT email FROM users WHERE email=‘%s’ hosts = 127.0.0.1

Set proper permissions and ownership for these configuration files by issuing the following commands:

Next, create a user and group for mail handling. All virtual mailboxes will be stored under this user’s home directory.

Issue the following commands to complete the remaining steps required for Postfix configuration. Please be sure to replace “server.example.com” with the fully qualified domain name you used for your system mail name.

This completes the configuration for Postfix. Next, you’ll make an SSL certificate for the Postfix server that contains values appropriate for your organization.

Issue the following commands to create the SSL certificate (the openssl command spans two lines, but should be entered as a single command):

You will be asked to enter several values similar to the output shown below. Be sure to enter the fully qualified domain name you used for the system mailname in place of “server.example.com”.

Set proper permissions for the key file by issuing the following command:

This completes SSL certificate creation for Postfix. Next, you’ll configure saslauthd to use MySQL for user authentication.

Issue the following command to create a directory for saslauthd:

Make a backup copy of the /etc/default/saslauthd file by issuing the following command.

Edit the file /etc/default/saslauthd to match the configuration shown below.

START=yes DESC=“SASL Authentication Daemon” NAME=“saslauthd” MECHANISMS=“pam” MECH_OPTIONS=“” THREADS=5 OPTIONS=“-c -m /var/spool/postfix/var/run/saslauthd -r”

Next, create the file /etc/pam.d/smtp and copy in the following two lines. Be sure to change “mail_admin_password” to the password you chose for your mail administration MySQL user earlier.

auth required pam_mysql.so user=mail_admin passwd=mail_admin_password host=127.0.0.1 db=mail table=users usercolumn=email passwdcolumn=password crypt=1 account sufficient pam_mysql.so user=mail_admin passwd=mail_admin_password host=127.0.0.1 db=mail table=users usercolumn=email passwdcolumn=password crypt=1

Create a file named /etc/postfix/sasl/smtpd.conf with the following contents. Be sure to change “mail_admin_password” to the password you chose for your mail administration MySQL user earlier.

pwcheck_method: saslauthd mech_list: plain login allow_plaintext: true auxprop_plugin: mysql sql_hostnames: 127.0.0.1 sql_user: mail_admin sql_passwd: mail_admin_password sql_database: mail sql_select: select password from users where email = ‘%u’

Set proper permissions and ownership for these configuration files by issuing the following commands:

Add the Postfix user to the sasl group and restart Postfix and saslauthd by issuing the following commands:

This completes configuration for saslauthd. Next, you’ll configure Dovecot to use MySQL for IMAP/POP3 user authentication.

Edit the file /etc/postfix/master.cf and add the dovecot service to the bottom of the file.

dovecot unix - n n - - pipe
flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -d ${recipient}

Issue the following command to make a backup copy of your /etc/dovecot/dovecot.conf file.

Replace the contents of the file with the following example, substituting your system’s domain name for example.com.

protocols = imap imaps pop3 pop3s log_timestamp = “%Y-%m-%d %H:%M:%S “ mail_location = maildir:/home/vmail/%d/%n/Maildir

ssl_cert_file = /etc/ssl/certs/dovecot.pem ssl_key_file = /etc/ssl/private/dovecot.pem

namespace private {
separator = . prefix = INBOX. inbox = yes

}

protocol lda {
log_path = /home/vmail/dovecot-deliver.log auth_socket_path = /var/run/dovecot/auth-master postmaster_address = postmaster@example.com mail_plugins = sieve global_script_path = /home/vmail/globalsieverc

}

protocol pop3 {
pop3_uidl_format = %08Xu%08Xv

}

auth default {

user = root

passdb sql {

args = /etc/dovecot/dovecot-sql.conf

}

userdb static {
args = uid=5000 gid=5000 home=/home/vmail/%d/%n allow_all_users=yes

}

socket listen {

master {

path = /var/run/dovecot/auth-master mode = 0600 user = vmail

}

client {
path = /var/spool/postfix/private/auth mode = 0660 user = postfix group = postfix

}

}

}

MySQL will be used to store password information, so /etc/dovecot/dovecot-sql.conf must be edited. Issue the following command to make a backup copy of the existing file.

Replace the contents of the file with the following example, making sure to replace “main_admin_password” with your mail password.

driver = mysql connect = host=127.0.0.1 dbname=mail user=mail_admin password=mail_admin_password default_pass_scheme = CRYPT password_query = SELECT email as user, password FROM users WHERE email=‘%u’;

Dovecot has now been configured. You must restart it to make sure it is working properly:

Now check your /var/log/mail.log to make sure dovecot started without errors. Your log should have lines similar to the following:

Jun 13 17:01:58 li263-140 dovecot: Dovecot v1.2.15 starting up (core dumps disabled) Jun 13 17:01:58 li263-140 dovecot: auth-worker(default): mysql: Connected to 127.0.0.1 (mail)

Before testing dovecot, you must change the permissions on /etc/dovecot/dovecot.conf to allow the vmail user to access them:

You can test your POP3 server to make sure it’s running properly by issuing the following command.

You should see output similar to the following in your terminal:

Enter the command “quit” to return to your shell. This completes the Dovecot configuration. Next, you’ll make sure aliases are configured properly.

Edit the file /etc/aliases, making sure the “postmaster” and “root” directives are set properly for your organization.

postmaster: root root: postmaster@example.com

After modifying this file, you must run the following commands to update aliases and restart Postfix:

This completes alias configuration. Next, you’ll test Postfix to make sure it’s operating properly.

To test Postfix for SMTP-AUTH and TLS, issue the following command:

While connected to Postfix, issue the following command:

You should see output similar to the following, with the line “250-STARTTLS” included:

Issue the command quit to terminate the Postfix connection. Next, you’ll populate the MySQL database with domains and email users.

Please note that you’ll need to modify the DNS records for any domains that you wish to handle email by adding an MX record that points to your mail server’s fully qualified domain name. If MX records already exist for a domain you would like to handle the email for, you’ll need to either delete them or set them to a larger priority number than your mail server. Smaller priority numbers indicate higher priority for mail delivery, with “0” being the highest priority.

We’ll use the MySQL shell to add support for the domain “example.com”, which will have an email account called “sales”. You should substitute one of your domains for “example.com” in these statements, along with a strong password for the “password” entry in the second SQL statement.

You’ll need to send a welcome message to new email accounts before they can be accessed via IMAP or POP3. This is because the mailboxes for new users won’t be created until an email is received for them. To send a welcome message from the command line, you may use the mailx utility. Issue the following command to send the message.

Postfix Dovecot Postfixadmin

Press Ctrl+D to complete the message. You can safely leave the field for “CC:” blank. This completes the configuration for a new domain and email user.

Given the possibility for virtual hosting a large number of virtual domains on a single mail system, the username portion of an email address (i.e. before the @ sign) is not sufficient to authenticate to the mail server. When email users authenticate to the server, they must supply their email clients with the entire email address created above as their username.

After you have sent the test mail, you’ll want to check your error logs to make sure the mail was delivered. First check your mail.log located in /var/log/mail.log. You should see something similar to the following:

Jun 13 17:05:40 li263-140 postfix/cleanup[5435]: E7AA723FD2: message-id=<20110613210540.E7AA723FD2@hostname.example.com> Jun 13 17:05:40 li263-140 postfix/qmgr[5349]: E7AA723FD2: from=<root@hostname.example.com>, size=376, nrcpt=1 (queue active) Jun 13 17:05:41 li263-140 postfix/pipe[5439]: E7AA723FD2: to=<sales@example.com>, relay=dovecot, delay=0.24, delays=0.08/0.01/0/0.15, dsn=2.0.0, status=sent (delivered via dovecot service) Jun 13 17:05:41 li263-140 postfix/qmgr[5349]: E7AA723FD2: removed

Next you should check the Dovecot delivery log located in /home/vmail/dovecot-deliver.log. The contents should look similar to the following:

2011-06-13 17:05:41 deliver(sales@example.com): Info: msgid=<20110613210540.E7AA723FD2@hostname.example.com>: saved mail to INBOX

Now you can test to see what the users of your email server would see with their email clients.

To test the sales@example.com mail box, navigate to the mailbox directory /home/vmail/example.com/sales/Maildir and type the following command:

You should see output similar to the following:

Now you can test using a mail client. When configuring your local email client, use the full email address for the mailbox you wish to connect to as the username. You may use mutt for this test. It is not installed by default so you may need to install it (apt-get install mutt). Type the following command to view user’s mail:

You may be prompted to create the root mailbox. This is not required. If you see an e-mail in the inbox, you’ve successfully configured Postfix, Dovecot, and MySQL to provide email services for virtual domains and users on your Linode. Please consult the “More Information” section for additional resources that may prove useful in the administration of your new email server.

You may wish to consult the following resources for additional information on this topic. While these are provided in the hope that they will be useful, please note that we cannot vouch for the accuracy or timeliness of externally hosted materials.

Join our Community

Please enable JavaScript to view the comments powered by Disqus.comments powered by Disqus

This guide is published under a CC BY-ND 4.0 license.

This tutorial exists for these OS versions

  • Ubuntu 18.04 (Bionic Beaver)

On this page

This tutorial shows the installation of an Ubuntu 18.04 (Bionic Beaver) web hosting server with Apache 2.4, Postfix, Dovecot, Bind and PureFTPD to prepare it for the installation of ISPConfig 3.1. The resulting system will provide a Web, Mail, Mailinglist, DNS and FTP Server.

ISPConfig is a web hosting control panel that allows you to configure the following services through a web browser: Apache or Nginx web server, Postfix mail server, Courier or Dovecot IMAP/POP3 server, MySQL, BIND or MyDNS nameserver, PureFTPd, SpamAssassin, ClamAV, and many more. This setup covers the installation of Apache (instead of Nginx), BIND (instead of MyDNS), and Dovecot (instead of Courier).

1. Preliminary Note

In this tutorial, I use the hostname server1.example.com with the IP address 192.168.1.100 and the gateway 192.168.1.1 These settings might differ for you, so you have to replace them where appropriate. Before proceeding further you need to have a basic minimal installation of Ubuntu 18.04 as explained in the tutorial.

The commands in this tutorial have to be run with root permissions. To avoid adding sudo in front of each command, you'll have to become root user by running:

before you proceed.

2. Edit /etc/apt/sources.list And Update Your Linux Installation

Edit /etc/apt/sources.list. Comment out or remove the installation CD from the file and make sure that the universe and multiverse repositories are enabled. It should look like this afterwards:

Then run

to update the apt package database and

to install the latest updates (if there are any). If you see that a new kernel gets installed as part of the updates, you should reboot the system afterwards:

3. Change the Default Shell

/bin/sh is a symlink to /bin/dash, however we need /bin/bash, not /bin/dash. Therefore, we do this:

Use dash as the default system shell (/bin/sh)?<-- No

If you don't do this, the ISPConfig installation will fail.

4. Disable AppArmor

AppArmor is a security extension (similar to SELinux) that should provide extended security. In my opinion, you don't need it to configure a secure system, and it usually causes more problems than advantages (think of it after you have done a week of trouble-shooting because some service wasn't working as expected, and then you find out that everything was ok, only AppArmor was causing the problem). Therefore, I disable it (this is a must if you want to install ISPConfig later on).

We can disable it like this:

5. Synchronize the System Clock

Postfix Dovecot Mysql Pdf File

It is a good idea to synchronize the system clock with an NTP (network time protocol) server over the Internet when you run a physical server. In case you run a virtual server then you should skip this step. Just run

and your system time will always be in sync.

6. Install Postfix, Dovecot, MariaDB, rkhunter, and binutils

For installing postfix, we need to ensure that sendmail is not installed and running. To stop and remove sendmail run this command:

The error message:

Is ok, it just means that sendmail was not installed, so there was nothing to be removed.

Now we can install Postfix, Dovecot, MariaDB (as MySQL replacement), rkhunter, and binutils with a single command:

You will be asked the following questions:

It is important that you use a subdomain as 'system mail name' like server1.example.com or server1.yourdomain.com and not a domain that you want to use as email domain (e.g. yourdomain.tld) later.

Next, open the TLS/SSL and submission ports in Postfix:

Uncomment the submission and smtps sections as follows - add the line -o smtpd_client_restrictions=permit_sasl_authenticated,reject to both sections and leave everything thereafter commented:

NOTE: The whitespaces in front of the '-o .... ' lines are important!

Php Mysql Pdf

Restart Postfix afterward:

We want MySQL to listen on all interfaces, not just localhost. Therefore, we edit /etc/mysql/mariadb.conf.d/50-server.cnf and comment out the line bind-address = 127.0.0.1:

Postfix With Dovecot

Now we set a root password in MariaDB. Run:

You will be asked these questions:

Set the password authentication method in MariaDB to native so we can use PHPMyAdmin later to connect as root user:

Edit the file /etc/mysql/debian.cnf and set the MYSQL / MariaDB root password there twice in the rows that start with password.

The MySQL root password that needs to be added is shown in read, in this example the password is 'howtoforge'. Replace the word 'howtoforge' with the password that you have set for the MySQL root user with the mysql_secure_installation command.

Then we restart MariaDB:

Now check that networking is enabled. Run

The output should look like this:

7. Install Amavisd-new, SpamAssassin, and Clamav

To install amavisd-new, SpamAssassin, and ClamAV, we run

The ISPConfig 3 setup uses amavisd which loads the SpamAssassin filter library internally, so we can stop SpamAssassin to free up some RAM:

To start ClamAV use:

Ubuntu Postfix Dovecot Mysql

Manual

The following error can be ignored on the first run of freshclam.

The amavisd-new program has currently a bug in Ubuntu 18.04 which prevents that emails get signed with Dkim correctly. Run the following commands to patch amavisd-new.

In case you get an error for thelast 'patch' command, then Ubuntu has probably fixed the issue in the meantime, so it should be safe to ignore that error then.

7.1 Install Metronome XMPP Server (optional)

The Metronome XMPP Server provides an XMPP chat server. This step is optional, if you do not need a chat server, then you can skip this step. No other ISPConfig functions depend on this software.

Install the following packages with apt.

Add a shell user for Metronome.

Mysql Pdf Manual

Download Metronome to the /opt directory and compile it.

Postfix Dovecot Mysql Centos 7

Metronome has now be installed to /opt/metronome.