The following tutorial describes how to set up a simple mailserver using Postfix as MTA, Dovecot as MDA and the awesome Sieve for sorting mails. The starting point is a freshly installed server with Debian on which you have got either access to the administrative user or sudo rights.
First, install the necessary packages:
sudo apt-get install postfix dovecot-imapd dovecot-managesieved
During the installation process, you will be asked what sort of server you are running and how Postfix will receive send and receive mails. Select “Internet Site” here.
The first configuration step is to connect Dovecot with Postfix and setup up a postmaster address, this is the address that others will see when mail delivery failed, so they can contact you on eventual problems on your end. Open /etc/dovecot/conf.d/15-lda.conf and edit the following line:
postmaster_address = yourname@yourdomain.tld
In the same file, also activate the automatic creation and subscription to folders you generate via IMAP:
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes
The next step is to configure the spot on the filesystem where the mails should be stored. Open /etc/dovecot/conf.d/10-mail.conf and edit the following lines:
mail_location = maildir:~/Maildir
Make sure that every other mention of mail_location is commented out in this context. Now you can tell Postfix to hand over incoming mails to Dovecot by editing /etc/postfix/main.cf, adding the following line:
mailbox_command = /usr/lib/dovecot/deliver
After restarting both services …
sudo service postfix restart
sudo service dovecot restart
… you can test if everything is working by issuing the following command:
echo "Testmail!" | mail -s "Testmail!" root@localhost
If everything is working properly you should find a message similar to the following one in /var/log/mail.log:
install postfix/local[10309]: A0B361DDA2: to=<root@localhost>, relay=local, delay=0.02, delays=0.01/0/0/0.01, dsn=2.0.0, status=sent (delivered to command: /usr/lib/dovecot/deliver
Now that the basic service is working, there are two important things left to set up. The internet is (sadly) not a friendly place, making encrypting as much as possible a necessity, in this case provided by SSL/TLS. Ideally you would have a certificate from a trusted CA – such as for example StartSSL where you can get a certificate for free – but for solely private usage a self-signed certificate is fine too. You can generate a self-signed certificate with the following command:
sudo mkdir /etc/dovecot/private
sudo openssl req -newkey rsa:4096 -sha512 -x509 -days 365 -nodes -keyout /etc/dovecot/private/mykey.key -out /etc/dovecot/mycert.pem
sudo chmod 600 /etc/dovecot/private/*
Depending on the speed of your server CPU, this will take a minute. After the generation process is complete, you can enable TLS-encryption for both Postfix and Dovecot. For Postfix, add the following lines to /etc/postfix/main.cf:
smtpd_tls_cert_file = /etc/dovecot/private/mykey.pem
smtpd_tls_key_file = /etc/dovecot/private/mycert.pem
smtpd_use_tls = yes
For Dovecot, open /etc/dovecot/conf.d/10-ssl.conf and edit the SSL-related lines:
ssl = yes
ssl_key = /etc/dovecot/private/mykey.pem
ssl_cert = /etc/dovecot/private/mycert.pem
Once again, restart both services:
sudo service postfix restart
sudo service dovecot restart
To verify that the setup is correct, you can test that the mailserver allows encrypted connections with the following command:
openssl s_client -starttls smtp -crlf -connect youripaddressoryourdomain:25
If the answer contains both certificate and connection information, then everything is working properly. The last step of this tutorial is the configuration of Sieve. It’s pretty simple, open /etc/dovecot/conf.d/15-lda.conf with your favorite text editor and edit the following line:
mail_plugins = $mail_plugins sieve
A final restart of Dovecot finishes your setup:
sudo service dovecot restart
At this point, you may want to set up a another user since using root for sending mails is considered arrogant. Simply run:
useradd -m yourusername
passwd yourusername
Now you can log into your server as your freshly created user over a secure connection, send and receive mail over secure connections, and sort your mails with sieve over a secure connection.