loading...

CentOS 7 – Setting up a mail tool (Dovecot) to retrieve mails

How to Configure Network Static IP Address on Ubuntu 19.10

As we have said earlier, Dovecot is an open source IMAP and
POP3 server. It is fast, easy to set up and configure, and it uses very little RAM memory. For this section, we are going to install it to work with Postfix as
MDA (POP/IMAP service) and sieve for sorting mail at the mail server POP/IMAP service. As this image shows, Dovocot is positioned between the user mailbox and Postfix:

Since we have already installed Dovecot, we now only need to configure it to work alongside Postfix. If we ever miss the installation, we can always use the yum package manager to reinstall it:


$ sudo yum install dovecot

Then, we need to add Dovecot support to the Postfix configuration file. Again, we will not go and edit the file; we will only use the command postconf -e. First, we need to enable Dovecot to use the SMTP and enable the service authentication:


$ sudo postconf -e 'smtpd_sasl_type = dovecot'
$ sudo postconf -e 'smtpd_sasl_path = private/auth'
$ sudo postconf -e 'smtpd_sasl_auth_enable = yes'
$ sudo postconf -e 'broken_sasl_auth_clients = yes'
$ sudo postconf -e 'smtpd_sasl_authenticated_header = yes'

Then we enable Postfix to create and extend the mail directory if needed:


$ sudo postconf -e 'virtual_create_maildirsize = yes'
$ sudo postconf -e 'virtual_maildir_extended = yes'

Finally, we set the mail transport parameters:


$ sudo postconf -e 'proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps'
$ sudo postconf -e 'virtual_transport = dovecot'
$ sudo postconf -e 'dovecot_destination_recipient_limit = 1'

For this section, we will use the default security option provided by Dovecot so we need to tell Postfix to use the SSL certificate and key provided by Dovecot:


$ sudo postconf -e 'smtpd_use_tls = yes'
$ sudo postconf -e 'smtpd_tls_cert_file = /etc/pki/dovecot/certs/dovecot.pem'
$ sudo postconf -e 'smtpd_tls_key_file = /etc/pki/dovecot/private/dovecot.pem'

Then we move to the service configuration file of Postfix, /etc/postfix/master.cf:


$ sudo nano /etc/postfix/master.cf

Add the Dovecot service to the bottom of the file, then save it and exit:


dovecot   unix  -       n       n       -       -       pipe
    flags=DRhu user=vmail:vmail argv=/usr/libexec/dovecot/deliver -f ${sender} -d ${recipient}

Then we move to the Dovecot service configuration. Before we start the configuration, we need to have a copy of the initial configuration file backed up:


$ sudo cp /etc/dovecot/dovecot.conf /etc/dovecot/dovecot.conf-backup

For this example, we are going to create our own new configuration file where we will specify every single parameter one by one. We will create a new file with the same name as the original configuration file:


$ sudo nano /etc/dovecot/dovecot.conf

Then we add the following code without the description:

# We define the protocols that we want to be serving
protocols = imap pop3
# Enable Dovecot to listen to all domains
listen = *
# Define the time format to be shown at the log file
log_timestamp = "%Y-%m-%d %H:%M:%S "
# Define the location of the received mails
mail_location = maildir:/home/vmail/%d/%n/Maildir
# Locate the files to be used for the SSL authentication
ssl_cert = /etc/pki/dovecot/certs/dovecot.pem
ssl_key = /etc/pki/dovecot/private/dovecot.pem

# Define Mailbox main domain setting
namespace {
    type = private
    separator = .
    prefix = INBOX.
    inbox = yes
}

# Define the service users option 
service auth {
    unix_listener auth-master {
        mode = 0600
        user = vmail
    }

    unix_listener /var/spool/postfix/private/auth {
        mode = 0666
        user = postfix
        group = postfix
    }

user = root
}

service auth-worker {
    user = root
}
# Configure the protocol LDA
protocol lda {
    log_path = /home/vmail/dovecot-deliver.log
    auth_socket_path = /var/run/dovecot/auth-master
    postmaster_address = postmaster@packt.co.uk
}
# Configure the protocol POP3
protocol pop3 {
    pop3_uidl_format = %08Xu%08Xv
}
# Database configuration
passdb {
    driver = sql
    args = /etc/dovecot/dovecot-sql.conf.ext
}

userdb {
    driver = static
    args = uid=5000 gid=5000 home=/home/vmail/%d/%n allow_all_users=yes
}

We save the file to have the configuration stored. Then we need to create the database files already assigned to the Dovecot configuration file:


$ sudo nano /etc/dovecot/dovecot-sql.conf.ext

Then we add the following code, changing the mail administrator password mail_admin_password for the one already set in an earlier section where we have setup the MariaDB database:

driver = mysql
connect = host=127.0.0.1 dbname=mail user=mail_admin password=mail_admin_password
default_pass_scheme = CRYPT
password_query = SELECT email as user, password FROM users WHERE email='%u';

Then we arrange the files permission and ownership to restrict access to the files:


$ sudo chgrp dovecot /etc/dovecot/dovecot-sql.conf.ext
$ sudo chmod o= /etc/dovecot/dovecot-sql.conf.ext

Then we move to configure the Dovecot authentication parameters located in its configuration folder, /etc/dovecot/conf.d/. We start with the authentication process configuration file:


$ sudo nano /etc/dovecot/conf.d/10-auth.conf

We need to locate the following lines and change them:

# Line 10: needs to uncommented and changed
disable_plaintext_auth = no

# Line 100: We need to add it login at the end
auth_mechanisms = plain login 

Then we move to the mailbox configuration file:


$ sudo nano /etc/dovecot/conf.d/10-mail.conf

Then uncomment the following line and change its end to match with the following code:

# Line 30: Define the mailbox directory location
mail_location = maildir:~/maildir

Similarly, we need to edit the master configuration file to define the Postfix user who will use the SMTP authentication:


$ sudo nano /etc/dovecot/conf.d/10-master.conf

Then uncomment the unix_listener /var/spool/postfix/private/auth section, and add it to the user and group lines:

# Line 96-100: Set the user and group for the Unix listener section
unix_listener /var/spool/postfix/private/auth {
    mode = 0666
    user = postfix 
    group = postfix 
}

Finally, we configure the SSL authentication configuration file:


$ sudo nano /etc/dovecot/conf.d/10-ssl.conf

And we change the SSL option from no to yes:

# Line 8: change it yes
ssl = yes

Before starting the test, we need to make sure that we have defined two variables in our /etc/aliases configuration file:


$ sudo nano /etc/aliases

Then we check the following code:

postmaster: root
root: postmaster@packt.co.uk

Then we update the aliases list:


$ sudo newaliases

And to finish the Dovecot configuration, we need to restart both the Postfix and Dovecot services. Also, we need to add Dovecot to the system startup services:


$ sudo systemctl restart postfix.service
$ sudo systemctl restart dovecot.service
$ sudo systemctl enable dovecot.service

To verify that the services are running well and there is no problem with the configuration files we need to check the mail log file:


$ sudo tail /var/log/maillog

We should see something like the following code to know that Dovecot is running well:


dovecot: master: Dovecot v2.2.10 starting up for imap, pop3 (core dumps disabled)

Note

Sometimes, SELinux prevents Dovecot from using the system resource so we need to grant Dovecot access to the system resource, or if we have an alternative way to secure the server we can either disable SELinux or set it as permissive.

At this point, our mail server is fully qualified to work as a sender and receiver with a well-organized database and a medium security level. We can start testing our mail server.

First, we will use the Telnet service to check that Postfix SMTP-AUTH and TLS are working fine. We need to install Telnet and if it doesn’t exist on the system, run the following command:


$ sudo yum install telnet

Then we run the test:


$ telnet localhost 25

Telnet will connect and we will see the Telnet shell, inside which we type inside the following command:


> ehlo localhost

To know that our test is positive, we need to see the following message:


250-server.packt.co.uk
250-PIPELINING
250-SIZE 10485760
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH PLAIN
250-AUTH=PLAIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN

Then we exit the Telnet shell:


> quit

Now we will test the mail service. To do that, we need to first populate our database with a test domain and user. First, we enter the MariaDB database shell:


$ sudo mysql -u root -p

Then we switch to our mail database:


> USE mail;

Then we create a new domain at the domains table:


> INSERT INTO domains (domain) VALUES ('packtmail.co.uk');

We add a new user to that domain. We need to enter a good password for the real users later:


> INSERT INTO users (email, password) VALUES ('user1@packtmail.co.uk', ENCRYPT('user_password'));

Then we exit the MariaDB shell.

Now we need to send a test mail to our newly created user. We need to use Mailx, so if we don’t have it installed we need to do so before the test:


$ sudo yum install mailx

Then we send our test mail:


$ mailx user1@packtmail.co.uk

We need to put the Subject and then press Enter. If we ever need to insert a copied address, we need to write Cc: then add the copied address. Then we type in the message and press Enter, then to send it we need to put . at the end and press Enter.

To check whether the mail has been sent, we go to the mail log file;


$ sudo tail /var/log/maillog

Then we should see something like the following code to know that it is ok:


to=<user1@packtmail.co.uk>, relay=dovecot, delay=0.11, delays=0.07/0.01/0/0.03, dsn=2.0.0, status=sent (delivered via dovecot service) 

Now we check the Dovecot delivery by visualizing the Dovecot delivery log:


$ sudo tail /home/vmail/dovecot-deliver.log

And we should see something like the following line to make sure that it is working:


lda(user1@packtmail.co.uk): Info: msgid=<20150822073408.6537761B3936@server.packt.co.uk>: saved mail to INBOX

Now we can test our mailbox via the mail client. For this example, we are going to use Mutt, which is a simple mail client. But before using it, we need to install it first:


$ sudo yum install mutt

Then we need to go to the location where the new user mailbox is stored and run Mutt:


$ sudo cd /home/vmail/packtmail.co.uk/user1/Maildir/

And now we run Mutt:


$ sudo mutt –f .

The message showing that we need to create a root mailbox is not required, so we can skip it. And to exit Mutt type q.

Then we will have a pretty clear interface where we can navigate using keyboard direction and press Enter to see what is inside the mail. To confirm that our mail server is well configured and running, we should see the test mail that we have sent using Mailx:

Comments are closed.

loading...