Differences

This shows you the differences between two versions of the page.

--- ubuntu:email:install_postfix_mail_server_with_dovecot [2020/12/06 12:45] – peter
+++ ubuntu:email:install_postfix_mail_server_with_dovecot [2020/12/06 13:07] (current) – removed peter
@@ Line 1: / Line 1: @@
-====== Ubuntu - Email - Install Postfix Mail Server with Dovecot ======
-**Postfix** is responsible for interacting with the other email servers in the world.
-Postfix is used to either send mail to, or receive mail from, other servers.
-**Dovecot** interacts with your email client (Thunderbird, etc.), and is the intermediary between your email client and Postfix.
-----
-====== Install Postfix ======
-<code bash>
-sudo apt install postfix
-</code>
-----
-===== Virtual Mailboxes =====
-Create a user that will actually own all the virtual mailboxes.
-<code bash>
-useradd -m -r -s /sbin/nologin vmail
-</code>
-<WRAP info>
-**NOTE:**  This creates the user and gives it a home directory: **~vmail**.
-The virtual mailboxes will be placed in this directory.
-Virtual mailboxes allow us to unlink the users of the email system from the users on the underlying operating system.  This means that there can be mailboxes associated with users that do not have Linux accounts, and those users that do have Linux accounts can have multiple email accounts.
-</WRAP>
-----
-===== Configuring Postfix =====
-The configuration files for Postfix are usually found in **/etc/postfix**.
-The two most important files are **main.cf** and **master.cf**.
-----
-==== Basic Configuration ====
-The file **main.cf** will be completely replaced.
-It should start with the basic configuration:
-<file bash /etc/postfix/main.cf>
-mydomain = sharewiz.net
-myhostname = mail2.$mydomain
-myorigin = $mydomain
-mydestination = $myhostname, localhost, localhost.$mydomain, localhost.localdomain
-mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
-inet_interfaces = all
-mailbox_size_limit = 0
-home_mailbox = mail/
-# Prevent bad guys from querying for valid email addresses.
-disable_vrfy_command = yes
-</file>
-<WRAP info>
-**NOTE:**
-  * **myorigin** defines the domain used for outgoing messages.
-  * **mydestination** gives the non-virtual domains for which mail will be accepted.  mydestination should not contain any of your virtual mail domains.
-    * $mydomain is not contained in mydestination. That is intentional.  It will instead be placed in the list of virtual mail domains (described later).
-Postfix will reject any mail that it receives that is not destined for a domain or machine that is not listed in **mydestination** (or in the virtual mail domains defined later) unless it comes from a machine on the local network.  In this way, mail from the local network can be sent to anyone out onto the open internet and mail from anyone on the open internet can be delivered to a known user, but Postfix will not act as an open relay.
-  * **mynetworks** defines the local network.  In this case the local network is confined to the server itself.
-  * **mailbox_size_limit = 0** is used to disable limits on the size of the mail that can be received into a mailbox.
-  * **home_mailbox** define the name of the mailbox used for local users.  In this case the mail will be placed in a hidden directory in the users home directory and it will take the form of a directory itself (the trailing slash indicates that the maildir format should be used).
-</WRAP>
-----
-==== Local Aliases ====
-<file bash /etc/postfix/main.cf>
-alias_maps = hash:/etc/aliases
-alias_database = hash:/etc/aliases
-# Configure list of users/recipients
-local_recipient_maps = proxy:unix:passwd.byname $alias_maps
-</file>
-<WRAP info>
-**NOTE:**  This requires than an aliases file **/etc/aliases** exists.
-You should not have to create this file nor change it, but if you do change it, you will need to run the following before the changes will take effect:
-<code bash>
-postalias /etc/aliases
-</code>
-</WRAP>
-----
-===== Virtual Mailboxes =====
-How should local delivery be performed?
-Local delivery is that act of moving a piece of email from Postfix to the users mailbox.
-For Local Delivery, we could use:
-  * **Postfix**:  Simpler.
-  * **Dovecot**:  More efficient.  Allows some automated filtering.
-----
-==== Using the Postfix LDA ====
-To configure the Postfix local delivery agent for virtual mailboxes, add the following to main.cf:
-<file bash /etc/postfix/main.cf>
-virtual_mailbox_domains = sharewiz.net abcd.com
-virtual_mailbox_maps = hash:/etc/postfix/virtual_mailbox_maps
-virtual_alias_maps = hash:/etc/postfix/virtual_alias_maps
-virtual_mailbox_base=/home/vmail
-virtual_uid_maps = static:997
-virtual_gid_maps = static:997
-virtual_minimum_uid = 997
-</file>
-<WRAP info>
-**NOTE:**
-  * **virtual_mailbox_domains** defines the virtual mail domains for which Postfix will accept mail.
-  * **virtual_mailbox_maps** defines where the actual virtual mailboxes are defined.  An example of this file is:<file bash /etc/postfix/virtual_mailbox_maps>
-peter@sharewiz.net      sharewiz.net/peter/mail/
-peter@abcd.net          abcd.com/peter/mail/
-admin@sharewiz.net      sharewiz.net/admin/mail/
-</file>
-    * Each line defines a virtual mailbox and consists of two items.
-      * The first item is the email address of the virtual mailbox (should be lowercase).
-      * The second item is the physical address on disk.
-        * Each of the second entries ends with a slash.  This indicates that the maildir format should be used rather than the mbox format (maildir places the mail into individual files inside the maildir whereas mbox is one giant file that contains the all of the mail messages).
-        * The mail directory for **peter@sharewiz.net** would be **/home/vmail/sharewiz.net/peter/mail/**.
-    * Whenever you modify this file you must run **postmap** in order to Postfix to be aware of the changes: <code bash>
-postmap /etc/postfix/virtual_mailbox_maps
-</code>
-  * **virtual_uid_maps** defines the user of the owner of the mail files.  This is the number of the **vmail** user as found in /etc/passwd.
-  * **virtual_gid_maps** defines the group of the owner of the mail files.  This is the number of the **vmail** group as found in /etc/group.
-  * **virtual_minimum_uid** must be equal to or smaller than the UID specified in **virtual_uid_maps**.  It is associated with a sanity check that make more sense if you were using more sophisticated set ups.
-</WRAP>
-----
-==== Virtual Aliases ====
-**virtual_alias_maps** is a file that contains aliases for the virtual mailboxes.
-An example file is:
-<file bash /etc/postfix/virtual_alias_maps>
-admin@abcd.com             admin@sharewiz.net
-admin@mail2.abcd.com       admin@sharewiz.net
-admin@mail2.sharewiz.net   admin@sharewiz.net
-peter@mail2.abcd.com       peter@abcd.com
-peter@mail2.sharewiz.net   peter@sharewiz.net
-</file>
-**NOTE:**  Each line defines an alias, and the alias contains two items.
-The first is the address that represents the alias and the second is the destination, which may either be a virtual mailbox or another alias.
-----
-===== Using the Dovecot LDA =====
-<file bash /etc/postfix/main.cf>
-....
-mailbox_command = /usr/libexec/dovecot/dovecot-lda -f "$SENDER" -a "$RECIPIENT"
-virtual_alias_maps = hash:/etc/postfix/virtual_alias_maps
-virtual_mailbox_maps = hash:/etc/postfix/virtual_mailbox_maps
-virtual_mailbox_domains = sharewiz.net abcd.com
-virtual_transport=dovecot
-# Uncomment the following if dovecot-lda seems to hang.
-#dovecot_destination_concurrency_limit = 1
-</file>
-**NOTE:**
-  * ***mailbox_command** indicates that dovecot-lda should be used for delivering mail to local (not virtual) mailboxes.
-  * **virtual_mailbox_maps** is the same file as given above in the Postfix LDA, but the value given for the second entry is ignored (it must still be present, but the actual value has no effect). <file bash /etc/postfix/virtual_mailbox_maps>
-peter@sharewiz.net      sharewiz.net/peter/mail/
-peter@abcd.net          abcd.com/peter/mail/
-admin@sharewiz.net      sharewiz.net/admin/mail/
-</file>
-  * **virtual_transport** gives the name of the process entry in the **master.cf** file that is used to deliver mail to the virtual mailboxes.  That entry is (this should be added to master.cf): <file bash /etc/postfix/master.cf>
-dovecot   unix -        n       n       -       -       pipe
-  flags=DRhu
-  user=vmail:vmail
-  argv=/usr/libexec/dovecot/dovecot-lda -f ${sender} -d ${recipient}
-</file>
-----
-===== Transport Layer Security (SSL) =====
-This assumes that you have already created an certificate using OpenSSL.
-The one I am using is named ssl-cert-mail.
-<file bash>
-# Configure TLS.
-tls_random_source=dev:/dev/urandom
-# Settings that control how email is received when using TLS.
-smtpd_tls_cert_file=/etc/pki/tls/certs/ssl-cert-mail.crt
-smtpd_tls_key_file=/etc/pki/tls/private/ssl-cert-mail.key
-smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
-smtpd_use_tls=yes
-smtpd_tls_security_level=may
-smtpd_tls_protocols = !SSLv2, !SSLv3
-smtpd_tls_eecdh_grade = strong
-# Settings that control how email is sent when using TLS.
-smtp_tls_cert_file=/etc/pki/tls/certs/ssl-cert-mail.crt
-smtp_tls_key_file=/etc/pki/tls/private/ssl-cert-mail.key
-smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
-smtp_use_tls=yes
-# Settings that control authentication.
-smtpd_sasl_type=dovecot
-smtpd_sasl_path=private/auth
-smtpd_sasl_security_options=noanonymous
-</file>
-<WRAP info>
-**NOTE:**  **smtpd_sasl_path** must correspond to the last part of the auth-client listener path given in the Dovecot configuration file.
-</WRAP>