Saturday, March 25, 2017

configure smtps and pop3s useing postfix and dovecot

1- install necessary packages
$ sudo apt-get install postfix dovecot-core dovecot-pop3d easy-rsa

2- create certification
$ cd /usr/share/easy-rsa
$ mkdir keys
$ touch keys/index.txt
$ echo 01 > keys/serial
$ source ./vars
$ export PATH=$PATH:/usr/share/easy-rsa
$ pkitool --initca
$ pkitool --server server1

$ mkdir /etc/newcert/
$ cp keys/server1.* /etc/newcert

3- configure postfix

-/etc/postfix/main.cf
mydomain = test.mail
myorigin = $mydomain
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no
append_dot_mydomain = no
readme_directory = no
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions =
   permit_sasl_authenticated,
   permit_mynetworks,
   check_relay_domains
smtpd_sasl_path = private/auth
smtpd_sasl_type = dovecot
smtpd_tls_cert_file=/etc/newcert/server1.crt
smtpd_tls_key_file=/etc/newcert/server1.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
myhostname = localhost
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
mydestination = localhost, localhost.localdomain, localhost, $mydomain, localhost.$mydomain
relayhost =
mynetworks = 192.168.58.0/24 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all


- /etc/postfix/master.cf
smtp      inet  n       -       -       -       -       smtpd
smtps     inet  n       -       -       -       -       smtpd
  -o syslog_name=postfix/smtps
  -o smtpd_tls_wrappermode=yes
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
pickup    unix  n       -       -       60      1       pickup
cleanup   unix  n       -       -       -       0       cleanup
qmgr      unix  n       -       n       300     1       qmgr
tlsmgr    unix  -       -       -       1000?   1       tlsmgr
rewrite   unix  -       -       -       -       -       trivial-rewrite
bounce    unix  -       -       -       -       0       bounce
defer     unix  -       -       -       -       0       bounce
trace     unix  -       -       -       -       0       bounce
verify    unix  -       -       -       -       1       verify
flush     unix  n       -       -       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
proxywrite unix -       -       n       -       1       proxymap
smtp      unix  -       -       -       -       -       smtp
relay     unix  -       -       -       -       -       smtp
showq     unix  n       -       -       -       -       showq
error     unix  -       -       -       -       -       error
retry     unix  -       -       -       -       -       error
discard   unix  -       -       -       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       -       -       -       lmtp
anvil     unix  -       -       -       -       1       anvil
scache    unix  -       -       -       -       1       scache
maildrop  unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
uucp      unix  -       n       n       -       -       pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail    unix  -       n       n       -       -       pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
  flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix    -    n    n    -    2    pipe
  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman   unix  -       n       n       -       -       pipe
  flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
  ${nexthop} ${user}





4- configure dovecot
-/etc/dovecot/conf.d/10-auth.conf
disable_plaintext_auth = no
auth_mechanisms = plain login
!include auth-system.conf.ext


-/etc/dovecot/conf.d/10-master.conf
service imap-login {
  inet_listener imap {
  }
  inet_listener imaps {
  }
}
service pop3-login {
  inet_listener pop3 {
  }
  inet_listener pop3s {
  }
}
service lmtp {
  unix_listener lmtp {
  }
}
service imap {
}
service pop3 {
}
service auth {
  unix_listener auth-userdb {
  }
  unix_listener /var/spool/postfix/private/auth {
    mode = 0666
       user = postfix
       group = postfix
 }
}
service auth-worker {
}
service dict {
  unix_listener dict {
  }
}


- /etc/dovecot/conf.d/10-ssl.conf
ssl_cert = </etc/newcert/server1.crt
ssl_key = </etc/newcert/server1.key


5- restart both postfix and dovecot services, the mail server is ready
$ sudo service dovecot restart
$ sudo /etc/init.d/postfix restart

6- read mail log
$ tail -f /var/log/mail.log
Mar 25 07:34:06 utrusty dovecot: pop3(info): Disconnected: Logged out top=0/0, retr=0/0, del=0/41, size=47947
Mar 25 07:34:26 utrusty postfix/smtps/smtpd[6336]: connect from unknown[192.168.58.10]
Mar 25 07:34:26 utrusty postfix/smtps/smtpd[6336]: 9E6A13807A9: client=unknown[192.168.58.10], sasl_method=LOGIN, sasl_username=info
Mar 25 07:34:26 utrusty postfix/cleanup[6343]: 9E6A13807A9: message-id=<20170325073427.501051cd@utrusty>
Mar 25 07:34:26 utrusty postfix/qmgr[6335]: 9E6A13807A9: from=<info@test.mail>, size=481, nrcpt=1 (queue active)
Mar 25 07:34:26 utrusty postfix/local[6344]: 9E6A13807A9: to=<info@test.mail>, relay=local, delay=0.05, delays=0.05/0/0/0, dsn=2.0.0, status=sent (delivered to mailbox)
Mar 25 07:34:26 utrusty postfix/qmgr[6335]: 9E6A13807A9: removed
Mar 25 07:34:26 utrusty postfix/smtps/smtpd[6336]: disconnect from unknown[192.168.58.10]
Mar 25 07:34:29 utrusty dovecot: pop3-login: Login: user=<info>, method=PLAIN, rip=192.168.58.10, lip=192.168.58.99, mpid=6350, TLS, session=<67s/foxLPgDAqDoK>
Mar 25 07:34:29 utrusty dovecot: pop3(info): Disconnected: Logged out top=0/0, retr=1/589, del=0/42, size=48520



No comments:

Post a Comment