Ubuntu server administrator note (2): quick installation and configuration of the email server (details: Postfix + Dovecot)

Source: Internet
Author: User
Tags dovecot email account

This article introduces the basic configuration process of the email server on Ubuntu. It is applicable to personal and junior enterprise applications and ensures information security, but does not involve the prevention of spam and viruses.

The test environment uses Ubuntu 11.04, Postfix 2.8.2, and Dovecot 1.2.15. For other versions, see.

First, describe the basic background knowledge. An email server usually includes the following two basic components:

  1. Mail Transfer Agent (MTA) is used to send emails to the recipient's target agent and receive emails from other agents. We use
    Postfix, as an MTA, is safer and more efficient than Sendmail and provides updates from official sources on the Ubuntu platform.
  2. Mail delivery agent (MDA) is used to access your emails on the server. We use
    Dovecot, as an MDA, is also provided by official sources on the Ubuntu platform.
Component Installation

Run the command with root permission (or use SUDO ):

# apt-get install postfix# apt-get install dovecot-common# apt-get install dovecot-imapd dovecot-pop3d

Postfix Basic settings

Edit the/etc/Postfix/Main. cf file and make the following changes:

1. To support TLS secure connections and ensure the certificate is available (the corresponding file is usually generated by default)

smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pemsmtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.keysmtpd_use_tls=yes

Secure Connection ensures that emails sent through the client are not intercepted or stolen.

2. Ensure that the Domain Name of the email server exists in the following list:

mydestination = daolicloud.com, lab, localhost.localdomain, localhost

In this way, emails sent to this domain name will be retained by the server rather than transferred to other MTA.

3. Listen to all network ports

inet_interfaces = all

4. Use maildir format to store data

home_mailbox = Maildir/

The advantage of this format is that the mail is stored separately, and the MDT does not need to be locked during access. In addition, some MDTS only support this format.

5. Configure the mailbox and email size limit

mailbox_size_limit = 2000000000message_size_limit = 20000000

Set the email address size to 2 GB and email address size to 20 mb.

Finally, execute the following command to make the above configuration take effect:

$ sudo service postfix reload
Verify Postfix and add account

Enter the following command on the local machine

$ telnet localhost smtp

The following output is displayed:

Trying 127.0.0.1...
Connected to localhost.
Escape Character is '^]'.
220 lab ESMTP Postfix (UBUNTU)

Enter the email content and send it to any existing Linux users:

mail from: root@[YourDomain]rcpt to: [UserName]@[YourDomain]dataSubject: HelloHi, how are you?Regards,Admin..quit

In this case, the maildir directory is displayed in the home directory of the user. Enter maildir/New to view the email (text file). You can view the content in any text editor. If you need another email account, you only need to add a Linux User. Generally, we can combine the home directories of these users dedicated to emails. The command line is as follows:

$ useradd -m -d /home/mail-users/[UserName] -g mail-users [UserName]

Here, the home directory of the email account is placed under/home/mail-users.

Dovecot Basic settings

Edit the/etc/Dovecot. conf file and make the following changes:

1. Use the maildir format (corresponding to the Postfix format)

mail_location = maildir:~/Maildir

2. Listen to all default ports

listen = *

3. Set secure remote access

To allow remote access, you must enable user name/password-based authentication:

disable_plaintext_auth = no

However, because the username and password are in plain text, we need to establish a secure connection to prevent information leakage.

ssl = requiredssl_cert_file = /etc/ssl/certs/dovecot.pemssl_key_file = /etc/ssl/private/dovecot.pem

Previously, Postfix used TLS. SSL here is similar to this. Make sure that the preceding files exist and are available. The default files are generated.

Finally, do not forget to make the changed configuration take effect:

$ sudo service dovecot reload

Use the mail client

At this point, the most basic configuration of Postfix and Dovecot has been completed. You can use the mail client (such as outlook) to send and receive emails. Note that the preceding encryption type is used when setting the account, for example:

Trouble-shoot: if the server has a firewall, make sure ports 25 and 993 are open.

Add SMTP verification (important)

Add this verification to prevent malicious or spam messages from being passed through your MTA. The authentication mechanism we use is SASL, which uses the same user name/password as the email receiving account. Anonymous users will be rejected.

You also need to change the file/etc/Postfix/Main. Cf, or directly use the following command (equivalent to the two ):

sudo postconf -e 'smtpd_sasl_auth_enable = yes'sudo postconf -e 'smtpd_sasl_type = dovecot'sudo postconf -e 'smtpd_sasl_path = private/auth'sudo postconf -e 'smtpd_sasl_security_options = noanonymous'sudo postconf -e 'broken_sasl_auth_clients = yes'sudo postconf -e 'smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination'

Correspondingly, Dovecot needs to open the verification interface, edit the file/etc/Dovecot. conf, and add the following lines in the auth default section, as shown in:

auth default {  ......  socket listen {    client {  path = /var/spool/postfix/private/auth  mode = 0660  user = postfix  group = postfix    }  }  ......}

To ensure the security of the user name and password, it is recommended that the email sending server also use a secure connection:

sudo postconf -e 'smtpd_tls_auth_only = yes'

Finally, do not forget to make the configuration take effect:

$ sudo service postfix reload$ sudo service dovecot reload

When configuring the mail client, you need to check SMTP authentication, such as (Outlook 2010 ):

At this point, all settings have been completed. Sending and receiving through the mail client should be normal and ensure security.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.