intro
In this tutorial, we are going to configure a mail server using postfix, dovecot, mysql and spamassassin on ubuntu 12.04.
by following this tutorial, you will be able to add virtual domains, users and aliases. In addition, your virtual server will be protected against the spam center.
requirements
Before configuring your mail server, your vps needs to have the following:
* domain is forwarding to your server (configure domain) * mysql installed and configured (configure mysql) * user with root privileges (configure new users- skip step 5) * configure and identify your fqdn (configure fqdn)
optional: ssl certificate (setup free signed ssl certificate)
optional (login as root user)
Installing packages as the root user is useful because you have full privileges.
enter your user password. once successful, you will see the $ symbol change to #.
step 1: install packages
when prompted for postfix configuration, choose the internet site:
Postfix configuration will ask about System mail name – you could use your FDQN or main domain.
Step 2: Create a MySQL Database, Virtual Domains, Users and Aliases
after the installation is done, we are going to create a mysql database to set up three different tables: one for domains, one for users, and the last one for aliases.
we’re going to name the database server mail, but you can use any name you like.
create mail server database:
login as mysql root user
enter your mysql root password; if it succeeds, you will see:
first we need to create a new user, specific for mail authentication, and we are going to give it selection permission.
after that, we need to reload mysql’s privileges to make sure it applies those permissions successfully:
finally we need to use the database to create tables and input our data:
let’s create a table for the specific domains recognized as authoritative domains.
Let’s create a table to present to users. here you will add the email address and passwords. it is necessary to associate each user to a domain.
finally we are going to create a table of virtual aliases to specify all the emails that you are going to forward to the other email.
We have successfully created all three tables. Now let’s enter the data.
virtual domains
here we are going to enter your domains into the virtual_domains table. you can add as many domains as you like, but in this tutorial we will only introduce the main domain (example.com) and its fqdn (hostname.example.com).
virtual emails
We are going to enter the email address and passwords associated with each domain. make sure to change all the information with your specific information.
virtual aliases
we are going to enter the email address (source) that we are going to forward to the other email address (destination).
exit mysql
step 3: configure suffix
we are going to configure postfix to handle smtp connections and send messages for each user entered in the mysql database.
First we need to create a copy of the default file, in case you want to go back to the default settings.
open the main.cf file to modify it:
First, we need to comment out the tls parameters and add other parameters. In this tutorial, we are using the free ssl certificates and routes that are suggested in the tutorial (link), but you can modify according to your personal settings.
then we are going to add the following parameters below the tls configuration that we changed in the previous step:
we need to comment out the default setting of mydestination and replace it with localhost. this change allows your vps to use the virtual domains inside the mysql table.
verify that the myhostname parameter is set to your fqdn.
add the following line for local mail delivery to all virtual domains listed within the mysql table.
Finally, we need to add these three parameters to tell postfix to set up the virtual domains, users, and aliases.
note: compare these changes to this file for bugs or errors:
let’s create the last three files that we will add in the main.cf file to tell postfix how to connect to mysql.
First we need to create the mysql-virtual-mailbox-domains.cf file. you need to change the values depending on your personal settings.
then we need to restart postfix.
We need to make sure that postfix finds your domain, so we need to test it with the following command. if successful, it should return 1:
then we need to create the file mysql-virtual-mailbox-maps.cf.
we need to restart postfix again.
At this point we will make sure that postfix finds your first email address with the following command. should return 1 on success:
finally, we are going to create the last file to configure the connection between postfix and mysql.
reset suffix
we need to verify that postfix can find its aliases. enter the following command and it should return mail that is forwarded to the alias:
if you want to enable port 587 to connect securely with email clients, you need to modify the /etc/postfix/master.cf file
we need to uncomment these lines and add other parameters:
in some cases we need to restart postfix to make sure port 587 is open.
note: you can use this tool to scan your domain ports and verify that ports 25 and 587 are open (http://mxtoolbox.com/supertool.aspx)
step 4: configure dovecote
we’re going to copy the 7 files we’re going to modify, so you can revert it back to its default settings if you need to. enter the following commands one by one:
edit dovecot configuration file.
verify that this option is not commented out.
let’s enable protocols (add pop3 if you want) below the line !include_try /usr/share/dovecot/protocols.d/*.protocol.
note: compare these changes to this file for bugs or errors:
then let’s edit the mail configuration file:
find the mail_location line, uncomment it and put the following parameter:
find the mail_privileged_group line, uncomment it and add the mail parameter like this:
note: compare these changes to this file for bugs or errors:
verify permissions
enter this command:
make sure the permissions are like this:
let’s create a folder for each domain we register in the mysql table:
create a vmail user and group with an id of 5000
we need to change the owner of the /var/mail folder to the vmail user.
then we need to edit the /etc/dovecot/conf.d/10-auth.conf file:
remove the plaintext authentication and add this line:
modify auth_mechanisms parameter:
comment out this line:
enable mysql authorization by uncommenting this line:
note: compare these changes to this file for bugs or errors:
we need to create /etc/dovecot/dovecot-sql.conf.ext file with your information for authentication:
enter the following code in the file:
we need to modify the /etc/dovecot/dovecot-sql.conf.ext file with our custom mysql information:
uncomment the driver parameter and set mysql as parameter:
uncomment the connection line and enter your mysql specific information:
uncomment the line default_pass_scheme and change it to sha-512.
uncomment the password_query line and add this information:
note: compare these changes to this file for bugs or errors:
change dovecot folder owner and group to vmail user:
open and modify the /etc/dovecot/conf.d/10-master.conf file (be careful because different parameters will be changed).
modify the unix_listener parameter to service_auth like this:
modify the service’s authentication worker like this:
note: compare these changes to this file for bugs or errors:
Finally, we are going to modify dovecot’s ssl configuration file (skip this step if you are going to use the default configuration).
change the ssl parameter to required:
and modify the path for ssl_cert and ssl_key:
restart dovecote
you should check that port 993 is open and working (in case you enable pop3, you should also check port 995).
Congratulations. You have successfully configured your mail server and can test your account using an email client:
note: use port 993 for secure imap and port 587 or 25 for smtp.
step 5: configure spamassassin
first we need to install spamassassin.
then we need to create a user for spamassassin.
To properly configure spamassassin, you need to open and modify the configuration settings.
we need to change the enabled parameter to enable the spamassassin daemon.
we need to configure the startup parameters and options.
then we need to specify the pid_file parameter like this:
Finally, we need to specify that the spamassassin rules will be updated automatically.
note: compare these changes to this file for bugs or errors:
we need to open /etc/spamassassin/local.cf to configure the antispam rules.
spamassassin will rate each email and if it determines that this email has more than 5.0 in its spam check, it will automatically be considered spam. you could use the following parameters to configure anti-spam rules:
we need to change the postfix /etc/postfix/master.cf file to tell it that every email will be checked against spamassassin.
then we need to find the following line and add the spamassassin filter:
finally we need to add the following parameters:
you need to start spamassassin and restart postfix to start checking emails for spam.
Congratulations! You have successfully configured your mail server with postfix and dovecot with mysql authentication and spam filtering with spamassassin!