In order to configure everything properly, first install these packages:
pkg
pkg update -f
pkg install dovecot dovecot-managesieve postfix
When pkg asks you:
Would you like to activate Postfix in /etc/mail/mailer.conf [n]?
Answer with y.
The first configuration step is done in /usr/local/etc/dovecot.conf. In the protocol lda section, we will add a postmaster address so that people can contact you in case of a failure. Next, we will allow auto-creation of folders and auto-subscription of said folders to avoid an inconsistent state between your mail client and the server:
postmaster_address = yourname@yourdomain.tld
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes
The next step is to assign the correct path for your users’ mailboxes in the same file, under the mail_location directive:
mail_location = maildir:~/Maildir
If the line already exists, comment it out and replace it with the one above. Now to configure encryption for IMAP. I assume that you already have a certificate in place:
ssl = yes
ssl_cert = </path/to/your/certificate
ssl_key = </path/to/your/key
The last step is to tell Postfix to deliver the mails via Dovecot, and also tell it to use SASL via Dovecot for authentication. Add the following lines to /usr/local/etc/postfix/main.cf:
mailbox_command = /usr/local/libexec/dovecot/deliver
smtpd_use_tls = no
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = private/auth
smtpd_sasl_type = dovecot
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination
Next, add both services to /etc/rc.conf and start them:
echo "postfix_enable=YES" >> /etc/rc.conf
echo "dovecot_enable=YES" >> /etc/rc.conf
/usr/local/etc/rc.d/postfix start
/usr/local/etc/rc.d/dovecot start
Since it is considered rude to use the root-account for mailing, you should create a separate user for your mailing needs:
pw user add youruser -m
passwd youruser
Inform postfix about the new user:
newaliases
Now you can test the mail functionality with the following command:
echo "TEST" | mail -s "testmail" youruser@localhost && tail -f /var/log/maillog
If your log files contain a line similar to the following one (The last part is the important) ..
postfix/local[27114]: 3F63C5B71: to=<youruser@localhost>, orig_to=<youruser@localhost>, relay=local, delay=0.01, delays=0/0/0/0.01, dsn=2.0.0, status=sent (delivered to command: /usr/libexec/dovecot/deliver)
.. then everything is working properly.
Sieve is automatically installed and configured by the dovecot-managesieve package itself.
And that’s it. You can now log in via IMAP or POP3 in a secure fashion, send transport encrypted mails, and write filters with Sieve.
Happy mailing!
In order to configure everything, you will first need to install these packages:
yum install postfix dovecot dovecot-pigeonhole mailx
The first configuration step is done in /etc/dovecot/conf.d/15-lda.conf, by adding a postmaster address. This allows people to contact you in case of a failure. We will also be allowing auto-creation of folders and auto-subscription of said folders to avoid an inconsistent state between your mail client and the server:
postmaster_address = yourname@yourdomain.tld
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes
The next step is to assign the correct path for your users’ mailboxes in /etc/dovecot/conf.d/10-mail.conf:
mail_location = maildir:~/Maildir
Make sure that there is only one mention of “mail_location” in the file to avoid problems. The last step for ensuring basic functionality is to tell Postfix to deliver the mails via Dovecot. Add the following line to /etc/postfix/main.cf:
mailbox_command = /usr/libexec/dovecot/deliver
Restart both services and you can send the first test mail:
systemctl restart postfix
systemctl restart dovecot
Since it is considered rude to use the root-account for mailing, you should create a separate user for your mailing needs:
useradd -m youruser
passwd youruser
Now, you can test the mail functionality with the following command:
echo "TEST" | mail -s "testmail" youruser@localhost && tail -f /var/log/maillog
If your log files contain a line similar to the following one (The last part is the important) ..
postfix/local[27114]: 3F63C5B71: to=<youruser@localhost>, orig_to=<youruser@localhost>, relay=local, delay=0.01, delays=0/0/0/0.01, dsn=2.0.0, status=sent (delivered to command: /usr/libexec/dovecot/deliver)
.. then everything is working properly.
At this point, there are two important things missing – encryption and mail sorting.
The first can be configured, for Dovecot, in /etc/dovecot/conf.d/10-ssl.conf, assuming you already have a certificate at hand:
ssl = require
ssl_cert = </path/to/your/certificate
ssl_key = </path/to/your/key
For sieve to work, edit the protocol section in /etc/dovecot/conf.d/15-lda.conf to look like this:
protocol lda {
mail_plugins = $mail_plugins sieve
}
Restart the service:
systemctl restart dovecot
And that’s it. You can now log in via IMAP or POP3 in a secure way, send transport encrypted mails, and write filters with Sieve.
It is also important to allow the IMAP, SMTP, and POP3 ports in firewalld as follows
firewall-cmd --permanent --add-service=smtp
firewall-cmd --permanent --add-service=pop3
firewall-cmd --permanent --add-service=imap
firewall-cmd --permanent --add-service=smtps
firewall-cmd --permanent --add-service=pop3s
firewall-cmd --permanent --add-service=imaps
firewall-cmd --reloadFirst, install the necessary packages:
sudo apt-get install postfix dovecot-imapd dovecot-managesieved
During the installation process, you will be asked what sort of server you are running and how Postfix will receive send and receive mails. Select “Internet Site” here.
The first configuration step is to connect Dovecot with Postfix and setup up a postmaster address, this is the address that others will see when mail delivery failed, so they can contact you on eventual problems on your end. Open /etc/dovecot/conf.d/15-lda.conf and edit the following line:
postmaster_address = yourname@yourdomain.tld
In the same file, also activate the automatic creation and subscription to folders you generate via IMAP:
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes
The next step is to configure the spot on the filesystem where the mails should be stored. Open /etc/dovecot/conf.d/10-mail.conf and edit the following lines:
mail_location = maildir:~/Maildir
Make sure that every other mention of mail_location is commented out in this context. Now you can tell Postfix to hand over incoming mails to Dovecot by editing /etc/postfix/main.cf, adding the following line:
mailbox_command = /usr/lib/dovecot/deliver
After restarting both services …
sudo service postfix restart
sudo service dovecot restart
… you can test if everything is working by issuing the following command:
echo "Testmail!" | mail -s "Testmail!" root@localhost
If everything is working properly you should find a message similar to the following one in /var/log/mail.log:
install postfix/local[10309]: A0B361DDA2: to=<root@localhost>, relay=local, delay=0.02, delays=0.01/0/0/0.01, dsn=2.0.0, status=sent (delivered to command: /usr/lib/dovecot/deliver
Now that the basic service is working, there are two important things left to set up. The internet is (sadly) not a friendly place, making encrypting as much as possible a necessity, in this case provided by SSL/TLS. Ideally you would have a certificate from a trusted CA – such as for example StartSSL where you can get a certificate for free – but for solely private usage a self-signed certificate is fine too. You can generate a self-signed certificate with the following command:
sudo mkdir /etc/dovecot/private
sudo openssl req -newkey rsa:4096 -sha512 -x509 -days 365 -nodes -keyout /etc/dovecot/private/mykey.key -out /etc/dovecot/mycert.pem
sudo chmod 600 /etc/dovecot/private/*
Depending on the speed of your server CPU, this will take a minute. After the generation process is complete, you can enable TLS-encryption for both Postfix and Dovecot. For Postfix, add the following lines to /etc/postfix/main.cf:
smtpd_tls_cert_file = /etc/dovecot/private/mykey.pem
smtpd_tls_key_file = /etc/dovecot/private/mycert.pem
smtpd_use_tls = yes
For Dovecot, open /etc/dovecot/conf.d/10-ssl.conf and edit the SSL-related lines:
ssl = yes
ssl_key = /etc/dovecot/private/mykey.pem
ssl_cert = /etc/dovecot/private/mycert.pem
Once again, restart both services:
sudo service postfix restart
sudo service dovecot restart
To verify that the setup is correct, you can test that the mailserver allows encrypted connections with the following command:
openssl s_client -starttls smtp -crlf -connect youripaddressoryourdomain:25
If the answer contains both certificate and connection information, then everything is working properly. The last step of this tutorial is the configuration of Sieve. It’s pretty simple, open /etc/dovecot/conf.d/15-lda.conf with your favorite text editor and edit the following line:
mail_plugins = $mail_plugins sieve
A final restart of Dovecot finishes your setup:
sudo service dovecot restart
At this point, you may want to set up a another user since using root for sending mails is considered arrogant. Simply run:
useradd -m yourusername
passwd yourusername
Now you can log into your server as your freshly created user over a secure connection, send and receive mail over secure connections, and sort your mails with sieve over a secure connection.
]]>