Mail system Server Setup record (ii) (POSTFIX+CYRUS-SASL+COURIER-AUTHLIB+DOVECOT+EXTMAIL+MYSQL)

5. Install Dovecot and configure Dovecot via Yum

Section 4th describes the configuration of the postfix and tests the postfix send mail feature. You can use the Mail command on the server to accept messages sent to the user's mailbox in the native domain. But if you want to use MUA remote to receive mail, then you need to use a POP3/IMAP-enabled service to help MUA pull messages from the mailbox to local, such as Dovecot.

[email protected] ~]# Yum install Dovecot

Edit the/etc/dovecot/dovecot.conf file and modify the following line:

[Email protected] ~]# vi/etc/dovecot/dovecot.conf
protocols = POP3

If you want to authenticate the recipient using the operating system account, edit the/etc/dovecot/conf.d/10-auth.conf and modify the following line:

[Email protected] conf.d]# vi/etc/dovecot/conf.d/10-auth.conf
auth_mechanisms = Plain Login

If you need to remotely use MUA (such as outlook,foxmail) to test your Dovecot's pickup functionality, you need to configure the following line of/etc/dovecot/conf.d/10-auth.conf:

[Email protected] conf.d]# vi/etc/dovecot/conf.d/10-auth.conf
disable_plaintext_auth = no

Otherwise, when you log on to the incoming mail server with a remote server, MUA will pop up the following error:

Log on to the receiving mail server (POP3): Your mailbox is temporarily unavailable because other e-mail messages are being delivered to your mailbox, or if other mail applications are accessing it. Response server:-err [in-use] couldn ' t open inbox:internal error occurred. Refer to server log for more information. [2016-01-05 11:23:21]

Also pay attention to/etc/dovecot/conf.d/10-mail.conf in mail_location refers to the path corresponding to the permissions problem, if the user used for MUA does not have permission to access or modify the contents of the directory, When you use MUA to log on to the receiving mail server, Mua also pops up the following error:

Log on to the receiving mail server (POP3): Your mailbox is temporarily unavailable because other e-mail messages are being delivered to your mailbox, or if other mail applications are accessing it. Response server:-err [in-use] couldn ' t open inbox:internal error occurred. Refer to server log for more information. [2016-01-05 11:23:21]

The following error will also be printed in Maillog:

[Email protected] ~]# tail-f/var/log/maillog
Jan 5 11:23:21 Mail dovecot:pop3 (mailtest): Error:mkdir (/home/mailt Est/mail/.imap/inbox) failed:operation not permitted
Jan 5 11:23:21 Mail dovecot:pop3 (mailtest): Error:couldn ' t op En inbox:internal error occurred. Refer to server log for more information. [2016-01-05 11:23:21]
Jan 5 11:23:21 Mail dovecot:pop3 (mailtest): couldn ' t open INBOX top=0/0, retr=0/0, del=0/0, size=0

After the configuration is complete, start Dovecot, and the Dovecot runtime listens on the Dovecot (POP3) and 995 (pop3s) ports because the configuration supports POP3 protocol:

[[Email protected] conf.d]# service dovecot start Starting dovecot imap:                                        [  ok  ] [[email protected] conf.d]# netstat -tunlp |  Grep dovecot tcp        0      0  0.0.0.0:110                  0.0.0.0:*                    LISTEN      21883/dovecot         tcp        0      0  0.0.0.0:995                 0.0.0.0:*                    listen       21883/dovecot

Test whether Dovecot can receive mail by using Telnet to access port 110 and to access Port 995 via OpenSSL:

[Email protected] ~]# telnet 127.0.0.1
Trying 127.0.0.1 ...
Connected to 127.0.0.1.
Escape character is ' ^] '.
+ok Dovecot ready.
USER mailtest
+ok
PASS mailtest
+ok logged in.
LIST
+ok 4 messages:
1 623
2 623
3 623
4 623.
RETR 1
+ok 623 octets
return-path: <[email protected]>
x-original-to: [email protected]
delivered-to: [email protected]
...
QUIT
+ok Logging out.
Connection closed by foreign host.
[email protected] home]# OpenSSL s_client-connect 127.0.0.1:995
...
+ok Dovecot ready.
USER mailtest
+okpass mailtest
+ok logged in.
LIST
+ok 4 messages:
1 623
2 623
3 623
4 623
...

You can also perform a remote pickup test via MUA.

6. Configure CYRUS-SASL to support recipient authentication for Postfix

In the 4th section, the Postfix is implemented by the Postfix configuration, but at this point Postfix cannot authenticate the recipient, so this article uses CYRUS-SASL to help postfix implement authentication to the recipient.

CYRUS-SASL is installed by default on RHEL6.5, to enable SASL support for SMTPD, create a new/usr/lib64/sasl2/file under smtpd.conf and edit it as follows:

[Email protected] sasl2]# vi smtpd.conf
PWCHECK_METHOD:SASLAUTHD
mech_list:plain LOGIN

To edit the/ETC/POSTFIX/MAIN.CF, add the following configuration parameters:

[Email protected] postfix]# VI main.cf
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = Permit_ Mynetworks,permit_sasl_authenticated,reject_invalid_hostname,reject_non_fqdn_hostname,
Reject_unknown_ Sender_domain,reject_non_fqdn_sender,reject_non_fqdn_recipient,reject_unknown_recipient_domain,reject_unauth_ Pipelining,reject_unauth_destination
smtpd_sasl_auth_enable = yes
Smtpd_sasl_local_domain = $myhostname
smtpd_sasl_security_options = noanonymous
Smtpd_sasl_path = smtpd

If you want to validate/etc/passwd and/etc/shadow by using the login password of the system user, edit the/ETC/SYSCONFIG/SASLAUTHD mech parameter (Note: The original PAM algorithm is not validated):

[Email protected] sysconfig]# VI saslauthd
Mech=shadow

Restart Postfix and CYRUS-SASL to verify the Postfix's receipt:

[[Email protected] sysconfig]# service saslauthd restart STOPPING SASLAUTHD:                                           [  ok  ] starting saslauthd:                                          [   ok  ] [[Email protected] sysconfig]# postfix stop Postfix/postfix-script:  stopping the postfix mail system [[email protected] sysconfig]#  Postfix start Postfix/postfix-script: starting the postfix mail system [[Email  protected] sysconfig]# telnet 127.0.0.1 25 trying 127.0.0.1 ...
connected to 127.0.0.1.
escape character is  ' ^] '. 220 mail.asika.com esmtp postfix ehlo localhost 250-mail.asika.com 250-PIPELINING 250-SIZE
 10240000 250-vrfy 250-etrn 250-auth login plain 250-auth=login plain 250-ENHANCEDSTATUSCODES
250-8bitmime 250 dsn auth login 334 vxnlcm5hbwu6     #Username  base64 bit encoding bwfpbhrlc3q=     #mailtest  base64 bit encoding 334 ugfzc3dvcmq6    # Password base64 bit code bwfpbhrlc3q= 235 2.7.0 authentication successful quit 221 2.0.0  Bye Connection closed by foreign host.

The next article will introduce the MySQL database to implement postfix and dovecot verification of the virtual user's e-mail.

Mail system Server Setup record (ii) (POSTFIX+CYRUS-SASL+COURIER-AUTHLIB+DOVECOT+EXTMAIL+MYSQL)