Debian – Install and Configure Postfix, Dovecot

IMAP/POP3 Server, Fetchmail Mail Retrieval, Procmail

Mail Filter, Amavis, Spamassassin Mail Filter, Clam Anti
Virus, Freepops, SquirrelMail
2010.01.09

Note :
- Change IP Address with Your IP
- Change debian with Your Hostname
- Change linux.vmw with Your Domain
- Change debian.linux.vmw with Your FQDN Hostname
- Change /bkup with Your Directory
- Change **** with Your Password

1. Backup and Edit IP Address Configuration File

cp /etc/network/interfaces /bkup/interfaces.ori
sudo vim /etc/network/interfaces

allow-hotplug eth0auto eth0iface eth0 inet staticaddress

192.168.44.9netmask 255.255.255.0gateway
192.168.44.2network 192.168.44.0broadcast
192.168.44.255allow-hotplug eth1auto eth1iface eth1 inet
staticaddress 18.18.18.9netmask
255.255.255.0gateway 192.168.44.2network
18.18.18.0broadcast 18.18.18.255allow-hotplug eth2auto eth2iface
eth2 inet staticaddress 88.88.88.9netmask
255.255.255.0gateway 192.168.44.2network
88.88.88.0broadcast 88.88.88.255

2. Backup and Edit Hostname File Configuration

cp /etc/hostname /bkup/hostname.ori

sudo vim /etc/hostname

debian.linux.vmw

3. Backup and Edit Host Addresses Configuration

cp /etc/hosts /bkup/hosts.ori

sudo vim /etc/hosts

127.0.0.1 localhost127.0.1.1 debian.linux.vmw

debian192.168.44.9 debian.linux.vmw debian18.18.18.9
debian.linux.vmw debian88.88.88.9 debian.linux.vmw
debian

4. Backup and Edit Host Resolve Addresses Configuration

 cp /etc/resolv.conf /bkup/resolv.conf.ori

sudo vim /etc/resolv.conf

domain linux.vmwsearch linux.vmwnameserver 192.168.44.2

5. Reboot the Machine

sudo reboot

6. Update and Install Packages

sudo apt-get update

sudo apt-get install postfix postfix-tls dovecot-imapd dovecot-pop3d dovecot-

common fetchmail procmail amavisd-new spamassassin clamav clamav-base clamav-
freshclam clamav-daemon freepops squirrelmail apache2 php5 php5-cgi php5-cli
php5-common libapache2-mod-php5 libnet-dns-perl libmail-spf-query-perl pyzor
razor arj bzip2 cabextract cpio file gzip nomarch pax unzip zip zoo sasl2-bin libsasl2-
modules

7. Postfix Initialize Configuration

OK

Internet Site

System mail name : linux.vmw

8. Backup and Activate Spam Assassin

cp /etc/default/spamassassin /bkup/spamassassin.ori

sudo vim /etc/default/spamassassin

ENABLED=1

9. Backup and Edit Spam Assassin

cp /etc/spamassassin/local.cf /bkup/local.cf.ori

sudo vim /etc/spamassassin/local.cf

rewrite_header Subject [SPAM]report_safe 2

10. Add clamav user to the amavis group and vice versa

sudo adduser clamav amavis

sudo adduser amavis clamav

11. Backup and Activate Spam and Anti Virus Detection

cp /etc/amavis/conf.d/15-content_filter_mode /bkup/15-content_filter_mode.ori

sudo vim /etc/amavis/conf.d/15-content_filter_mode

@bypass_virus_checks_maps = ( \%bypass_virus_checks,
\@bypass_virus_checks_acl, \
$bypass_virus_checks_re);@bypass_spam_checks_maps = ( \
%bypass_spam_checks, \@bypass_spam_checks_acl, \
$bypass_spam_checks_re);

12. Backup and Edit Spam Mail Configuration

cp /etc/amavis/conf.d/20-debian_defaults /bkup/20-debian_defaults.ori

sudo vim /etc/amavis/conf.d/20-debian_defaults

$final_spam_destiny = D_DISCARD;

13. Backup and Edit User Domain Configuration

cp /etc/amavis/conf.d/50-user /bkup/50-user.ori

sudo vim /etc/amavis/conf.d/50-user

@local_domains_acl = ( ".$mydomain" );

14. Backup and Edit Main Postfix Configuration

cp /etc/postfix/main.cf /bkup/main.cf.ori

sudo vim /etc/postfix/main.cf

1. Add

mydomain = linux.vmwvirtual_alias_maps =content_filter = smtp-

amavis:[127.0.0.1]:10024home_mailbox = Maildir/inet_protocols =
allsmtpd_sasl_path = private/auth-clientsmtpd_sasl_local_domain
= $mydomainsmtpd_sasl_security_options =
noanonymoussmtpd_sasl_auth_enable = yesbroken_sasl_auth_clients
= yessmtpd_sasl_password_maps =
hash:/etc/postfix/saslpasswdsmtpd_always_send_ehlo =
yessmtpd_recipient_restrictions =
permit_mynetworks,permit_sasl_authenticated,reject_unauth_desti
nation,check_policy_service
inet:127.0.0.1:10023smtpd_sasl_authenticated_header =
yessmtpd_tls_auth_only = nosmtpd_tls_note_starttls_offer =
yessmtp_tls_note_starttls_offer = yessmtpd_tls_CAfile =
/etc/postfix/ssl/cacert.pemsmtpd_tls_loglevel =
1smtpd_tls_received_header = yessmtpd_tls_session_cache_timeout
= 3600stls_random_source = dev:/dev/urandom

2. Edit
 smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crtsmtpd_tls_key_file
= /etc/postfix/ssl/smtpd.keyrelayhost =
[smtp.gmail.com]:587mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104
[::1]/128 192.168.44.0/24 18.18.18.0/24 88.88.88.0/24

15. Backup and Edit Master Postfix Configuration

cp /etc/postfix/master.cf /bkup/master.cf.ori

sudo vim /etc/postfix/master.cf

pickup fifo n - - 60 1 pickup

-o content_filter= -o
receive_override_options=no_header_body_checkssmtp-amavis unix
- - - - 2 smtp -o
smtp_data_done_timeout=1200 -o smtp_send_xforward_command=yes
-o disable_dns_lookups=yes -o max_use=20127.0.0.1:10025 inet
n - - - - smtpd -o
content_filter= -o local_recipient_maps= -o
relay_recipient_maps= -o smtpd_restriction_classes= -o
smtpd_delay_reject=no -o
smtpd_client_restrictions=permit_mynetworks,reject -o
smtpd_helo_restrictions= -o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject -o
smtpd_data_restrictions=reject_unauth_pipelining -o
smtpd_end_of_data_restrictions= -o mynetworks=127.0.0.0/8
-o strict_rfc821_envelopes=yes -o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001 -o smtpd_hard_error_limit=1000
-o smtpd_client_connection_count_limit=0 -o
smtpd_client_connection_rate_limit=0 -o
receive_override_options=no_header_body_checks,no_unknown_recipient_c
hecks

16. Add SMTP Credential

sudo vim /etc/postfix/saslpasswd

[smtp.gmail.com]:587 steve.van.christie@gmail.com:*****

17. Hash /etc/postfix/saslpasswd

sudo postmap /etc/postfix/saslpasswd

18. Edit Postfix SASL

sudo vim /etc/postfix/sasl/smtpd.conf

pwcheck_method: saslauthdmech_list: plain login

19. Create Certificate for TLS Postfix

1. Create STMP TLS Key

sudo mkdir /etc/postfix/ssl

cd /etc/postfix/ssl/
 sudo openssl genrsa -des3 -rand /etc/hosts -out smtpd.key 1024

Enter pass phrase for smtpd.key: *****

Verifying – Enter pass phrase for smtpd.key: *****

2. Create SMTP CSR

sudo chmod 600 smtpd.key

sudo openssl req -new -key smtpd.key -out smtpd.csr

Enter pass phrase for smtpd.key: *****

Country Name (2 letter code) [AU]:ID

State or Province Name (full name) [Some-State]:Jakarta

Locality Name (eg, city) []:Jakarta

Organization Name (eg, company) [Internet Widgits Pty Ltd]:debian

Organizational Unit Name (eg, section) []:debian

Common Name (eg, YOUR name) []:debian.linux.vmw

Email Address []:steve.van.christie@gmail.com

A challenge password []:*****

An optional company name []:debian

3. Create Sign Key Expiration Date

sudo openssl x509 -req -days 3650 -in smtpd.csr -signkey smtpd.key -out
smtpd.crt

Enter pass phrase for smtpd.key: *****

4. Create Open SSL RSA

sudo openssl rsa -in smtpd.key -out smtpd.key.unencrypted

Enter pass phrase for smtpd.key: *****

5. Create SSL to PEM CA Certificate

sudo mv -f smtpd.key.unencrypted smtpd.key

 sudo openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem
-days 3650

Enter PEM pass phrase: *****

Verifying – Enter PEM pass phrase: *****

Country Name (2 letter code) [AU]:ID

State or Province Name (full name) [Some-State]:Jakarta

Locality Name (eg, city) []:Jakarta

Organization Name (eg, company) [Internet Widgits Pty Ltd]:debian

Organizational Unit Name (eg, section) []:debian

Common Name (eg, YOUR name) []:debian.linux.vmw

Email Address []:steve.van.christie@gmail.com

20. Edit Procmail 

sudo vim /etc/procmailrc

DROPPRIVS=yes:0fw| /usr/bin/spamc:0* ^X-Spam-Status: Yes$HOME/spam

21. Backup and Edit Dovecot Configuration

cp /etc/dovecot/dovecot.conf /bkup/dovecot.conf.ori 
sudo vim /etc/dovecot/dovecot.conf

protocols = imap imaps pop3 pop3sdisable_plaintext_auth =

nossl_disable = nomail_debug = yesauth_debug =
yesauth_debug_passwords = yesauth default {mechanisms = plain
loginpassdb pam {}userdb passwd {}socket listen {client {path =
/var/spool/postfix/private/authmode = 0660user = postfixgroup =
postfix}}}

22. Backup and Edit SASL Authentification Configuration

cp /etc/default/saslauthd /bkup/saslauthd.ori

sudo vim /etc/default/saslauthd

START=yes

23. Add Postfix User to SASL Group

sudo adduser postfix sasl

24. Backup and Enable SquirrelMail on Apache Configuration

 cp /etc/apache2/apache2.conf /bkup/apache2.conf.ori

sudo vim /etc/apache2/apache2.conf

Include /etc/squirrelmail/apache.conf

25. Create User Fetchmail 

sudo vim /home/sugizo/.fetchmailrc

poll pop.gmail.com proto pop3 port 995 user

"steve.van.christie" pass "*****" is sugizo
fetchall sslpoll pop3.live.com proto pop3 port
995 user "steve_van_christie@hotmail.com" pass "*****"
is sugizo fetchall sslpoll pop.mail.yahoo.com
proto pop3 port 110 user "steve_van_christie"
pass "*****" is sugizo fetchallpoll pop.aol.com
proto pop3 port 110 user "stevevanchristi@aol.com"
pass "*****" is sugizo fetchallpoll
pop.mail.yahoo.co.jp proto pop3 user "stevevanchristie"
pass "*****" is sugizo fetchallpoll pop.aol.com
proto pop3 user "sugizo@japan.com" pass "*****"
is sugizo fetchallpoll pop.icqmail.com proto pop3
user "steve_van_christie@icqmail.com" pass "*****" is
sugizo fetchallpoll imap.mail.ovi.com proto imap
port 993 user "steve_van_christie@ovi.com" pass "*****"
is sugizo fetchall sslpoll localhost proto pop3
port 2000 user "steve_van_christie@linuxmail.org" pass
"*****" is sugizo fetchall

26. Backup and Edit PHP Configuration File

cp /etc/php5/apache2/php.ini /bkup/php.ini.ori 
sudo vim /etc/php5/apache2/php.ini

post_max_size = 32Mupload_max_filesize = 32Mextension=msql.so

27. Backup and Edit Apache Configuration

cp /etc/apache2/apache2.conf /bkup/apache2.conf.ori 
sudo vim /etc/apache2/apache2.conf

ServerAdmin sugizo@japan.comServerName debian.linux.vmw

28. Restart Mail Service

sudo /etc/init.d/spamassassin restart

sudo /etc/init.d/amavis restart

sudo /etc/init.d/clamav-daemon restart

sudo /etc/init.d/clamav-freshclam restart

sudo /etc/init.d/postfix restart

 sudo /etc/init.d/dovecot restart

sudo /etc/init.d/saslauthd restart

sudo /etc/init.d/freepops restart

sudo /etc/init.d/apache2 restart

sudo /etc/init.d/fetchmail restart

29. Update Clam Anti Virus 

sudo freshclam
30. Test Squirrelmail

Open Your Browser Type : http://debian/squirrelmail

or http://192.168.44.9/squirrelmail

31. Test SMTP

telnet localhost 25

ehlo localhost

quit

32. Test IMAP

telnet localhost 143

0 logout

33. Test POP3

telnet localhost 110

quit

34. Test Amavis

telnet localhost 10024

ehlo localhost

quit
This tutorial describes how to set up a mail server where Postfix is the SMTP service, and Dovecot
provides IMAP and POP services. The users are virtual and user information is stored in a MySQL
database.

Pre-Configuration Requirements:
1. Hostname cnode1.rnd.pk with IP address (172.16.4.80) to eth0. (You can assign an IP address and
hostname of your choice.)

2. Create an alias eth0:0. Assign IP address (172.16.4.81). (You can assign an IP address of your
choice.)

3. Make entries of your hostname and IP in /etc/hosts . In my case my /etc/hosts file

shows

127.0.0.1 localhost.localdomain localhost

172.16.4.80 cnode1.rnd cnode1
172.16.4.81 mail.rnd mail
 

Installation Of Required Packages:

We need the following packages for our mail server to be installed:

dovecot-0.99.11-8.EL4 (with database support), postfix-2.2.10-1.1.el4.centos.mysql (with database

support) and squirrelmail.

1. First install dovecot. If you install postfix before dovecot, then dovecot will not be installed on
your system because of packages conflicts.

yum install -y dovecot

This will install dovecot along with dependencies (mysql and postgresql).

2. Then install postfix (with mysql support) and and mysql-server-5 from centosplus repos.

yum --enablerepo=centosplus install postfix mysql-server

yum install -y squirrelmail

This will install postfix along with dependencies mysql-5 and postgresql. Our installation section is
complete now. Moving to our next section i.e. Configuration.

Configuration:

SMTP-AUTH/TLS
First we configure SMTP-AUTH and TLS. For this edit /usr/lib/sasl2/smtpd.conf with your
favorite editor.

vi /usr/lib/sasl2/smtpd.conf
and make changes as given below.

pwcheck_method: saslauthd
mech_list: plain login
Create directories, then private key and lastly the certificate.

mkdir -p /etc/ssl/mycompany/mailserver/

cd /etc/ssl/mycompany/mailserver/

openssl genrsa -des3 -rand /etc/hosts -out smtpd.key 1024

chmod 600 smtpd.key

openssl req -new -key smtpd.key -out smtpd.csr

openssl x509 -req -days 3650 -in smtpd.csr -signkey smtpd.key -out smtpd.crt

openssl rsa -in smtpd.key -out smtpd.key.unencrypted

mv -f smtpd.key.unencrypted smtpd.key

openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -days 3650

Private keys and certificates have been created. Later on we will tell postfix to use them.

MySQL:
We will now create a database named mail, for this we will issue commands given below; our first
step will be to set a password for the administrative user.

mysqladmin -u root password newpassword

Replace newpassword phrase with your password. We will use user "mail" in our case for all
database related operations. (Select Update and Insert into Database.)

mysql -u root -p

Enter the password and you will be at the MySQL prompt (mysql>)

CREATE DATABASE mail;

Give all privileges on mail to user mail.

GRANT ALL PRIVILEGES ON mail.* TO 'mail'@'localhost' IDENTIFIED BY 'mail';

FLUSH PRIVILEGES;

quit

Set password for mail user. This will be done by the following statement.

msqladmin -u mail password newpassword

Then we will create the necessary tables for our new database (mail) that contains domains, users,
aliases and mailboxes information.

mysql -u mail -p

After giving the password you will be at the MySQL prompt.

show databases;

It will show all databases, including our "mail" database. We will use "mail".

USE mail;

1. Create the domain table.

CREATE TABLE domain ( domain varchar(255) NOT NULL default '', description varchar(255) NOT
NULL default '', aliases int(10) NOT NULL default '0', mailboxes int(10) NOT NULL default '0',
maxquota int(10) NOT NULL default '0', transport varchar(255) default NULL, backupmx tinyint(1)
NOT NULL default '0', created datetime NOT NULL default '0000-00-00 00:00:00', modified datetime
NOT NULL default '0000-00-00 00:00:00', active tinyint(1) NOT NULL default '1', PRIMARY KEY
(domain), KEY domain (domain) ) TYPE=MyISAM COMMENT=' Virtual Domains';

2. Second most important table is mailbox, so create mailbox.

CREATE TABLE mailbox ( username varchar(255) NOT NULL default '', password varchar(255) NOT
NULL default '', name varchar(255) NOT NULL default '', maildir varchar(255) NOT NULL default '',
quota int(10) NOT NULL default '0', domain varchar(255) NOT NULL default '', created datetime NOT
NULL default '0000-00-00 00:00:00', modified datetime NOT NULL default '0000-00-00 00:00:00',
active tinyint(1) NOT NULL default '1', PRIMARY KEY (username), KEY username (username) )
TYPE=MyISAM COMMENT='Virtual Mailboxes';

3. Create the alias table.

CREATE TABLE alias ( address varchar(255) NOT NULL default '', goto text NOT NULL, domain
varchar(255) NOT NULL default '', created datetime NOT NULL default '0000-00-00 00:00:00',
modified datetime NOT NULL default '0000-00-00 00:00:00', active tinyint(1) NOT NULL default '1',
PRIMARY KEY (address), KEY address (address) ) TYPE=MyISAM COMMENT='Virtual Aliases';

We have created the necessary tables, so quit MySQL.

quit

 
Postfix MySQL:
Postfix needs to know where and how it can look up all mailbox related information. For this
purpose we will create the following files under /etc/postfix. Recent versions of Postfix may use that
instead of the other statements, and in that case, just comment all lines out, and un-comment the
last one.

1. Create file mysql_virtual_alias_maps.cf for forwarding emails from one email address to another

vi /etc/postfix/mysql_virtual_alias_maps.cf

user = mail
password = mail
hosts = localhost
dbname = mail
table = alias
select_field = goto
where_field = address
additional_conditions = and active = '1'
#query = SELECT goto FROM alias WHERE address='%s' AND active = '1'
2. Create file mysql_virtual_domains_maps.cf, for the virtual domains mapping. Virtual domains are
queried using information provided in this file.

vi /etc/postfix/mysql_virtual_domains_maps.cf

user = mail
password = mail
hosts = localhost
dbname = mail
table = domain
select_field = domain
where_field = domain
additional_conditions = and backupmx = '0' and active = '1'
#query = SELECT domain FROM domain WHERE domain='%s' AND backupmx = '0' AND
active = '1'
3. Create the file mysql_virtual_mailbox_maps.cf. Which is usually the mapping of email addresses
to the location of the user's mailbox on your hard disk. If you saved incoming email to the hard disk
using Postfix' built-in virtual delivery agent then it would be queried to find out the mailbox path.

vi /etc/postfix/mysql_virtual_mailbox_maps.cf

user = mail
password = mail
hosts = localhost
dbname = mail
table = mailbox
select_field = CONCAT(domain,'/',maildir)
where_field = username
additional_conditions = and active = '1'
#query = SELECT CONCAT(domain,'/',maildir) FROM mailbox WHERE username='%s'
AND active = '1'
4. Lastly create file mysql_virtual_mailbox_limit_maps.cf which will be used for mapping users
mailboxes quota limit.

vi /etc/postfix/mysql_virtual_mailbox_limit_maps.cf
user = mail
password = mail
hosts = localhost
dbname = mail
table = mailbox
select_field = quota
where_field = username
additional_conditions = and active = '1'
#query = SELECT quota FROM mailbox WHERE username='%s' AND active = '1'
 

Postfix:
In the Postfix configuration section we will edit the main.cf file located in configuration directory of
postfix (/etc/postfix), to enter some basic information necessary for Postfix.

mv /etc/postfix/main.cf /etc/postfix/main.cf.orig

vi /etc/postfix/main.cf

############## Postfix###############
smtpd_banner = $myhostname
biff = no
append_dot_mydomain = no
relayhost =
mynetworks = 172.16.4.81
inet_interfaces = 172.16.4.81
mailbox_size_limit = 0
recipient_delimiter = +
alias_database = hash:/etc/postfix/aliases
alias_maps = $alias_database
myhostname = cnode1.rnd
mydomain = rnd
myorigin = $myhostname
mydestination = $myhostname, localhost.$mydomain, $transport_maps
mail_spool_directory = /var/spool/mail
debug_peer_level = 2
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
xxgdb $daemon_directory/$process_name $process_id & sleep 5
disable_vrfy_command = no
readme_directory = /usr/share/doc/postfix-2.2.10/README_FILES
sample_directory = /usr/share/doc/postfix-2.2.10/samples
sendmail_path = /usr/sbin/sendmail
html_directory = no
setgid_group = postdrop
command_directory = /usr/sbin
manpage_directory = /usr/share/man
daemon_directory = /usr/libexec/postfix
newaliases_path = /usr/bin/newaliases
mailq_path = /usr/bin/mailq
queue_directory = /var/spool/postfix
mail_owner = postfix
unknown_local_recipient_reject_code = 450
####################postfix section ends here###############
 
Postfix Virtual user information:
Again we will edit main.cf file to add support for virtual users. The “virtual_minimum_uid” and
“virtual_uid_maps” point to user id 150 in my case, which is a user I created specifically for handling
virtual mail. It uses the standard “mail” group with the default gid 12. So first create the user by
issuing the useradd command or adduser.

useradd -r -u 150 -g mail -d /var/vmail -s /sbin/nologin -c “Virtual mailbox” vmail

chmod 770 /var/vmail/

chown vmail:mail /var/vmail

vi /etc/postfix/main.cf

#######################Virtual Domains Users and mailboxes###############

virtual_mailbox_domains = mysql:
$config_directory/mysql_virtual_domains_maps.cf
virtual_mailbox_base = /var/vmail
virtual_mailbox_maps = mysql:
$config_directory/mysql_virtual_mailbox_maps.cf
virtual_alias_maps = mysql:$config_directory/mysql_virtual_alias_maps.cf
virtual_minimum_uid = 150
virtual_uid_maps = static:150
virtual_gid_maps = static:12
##############################Virtual section of main.cf ends##############
 

Postfix SASL/TLS authentication:

Finally we will again edit main.cf file to enable SASL/TLS authentication. Previously we created some
certificates, we will use them here to secure mail server.

vi /etc/postfix.main.cf

#################### SASL/TLS Authentication###########################

######SASL PART#########
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_sasl_local_domain =
smtpd_recipient_restriction = permit_sasl_authenticated, permit_mynetworks,
reject_unauth_destination
######TLS PART###########
smptpd_tls_cert_file = /etc/ssl/rnd/mailserver/smtpd.crt
smtpd_tls_key_file = /etc/ssl/rnd/mailserver/smtpd.key
smtpd_tls_CAfile = /etc/ssl/rnd/mailserver/cacert.pem
smtp_tls_auth_only = no
smtp_use_tls = yes
smtpd_use_tls = yes
smtpd_tls_received_header = no
smtp_tls_note_starttls_offer = yes
smtpd_tls_loglevel = 1
tls_random_source = dev:/dev/urandom
smtpd_tls_session_cache_timeout = 3600s
smtpd_tls_recieved_header = yes
###########################SASL/TLS Authentication ends here#############
For my convenience I have divided main.cf in three sections { Postfix, virtual-Domains-Users-and-
mailboxes, SASL/TLS-Authentication}. SASL/TLS-Authentication is further divided into ( SASL-PART
and TLS-PART). To show you each section and their parameters I have edited the same file thrice.
Now copy the /etc/aliases and /etc/aliases.db to /etc/postfix/ and run
newaliases.

cp /etc/aliases* /etc/postfix/

newaliases

Dovecot IMAP and POP:

Let us configure Dovecot which provides both a POP3 and an IMAP service. The configuration file for
Dovecot is /etc/dovecot.conf. We will rename it to dovecot.conf.orig, and create our own.
To handle virtual users with dovecot we will create the file /etc/dovecot-mysql.conf

vi /etc/dovecot-mysql.conf

######dove-mysql.conf should look like this##########

db_host = 127.0.0.1
db_port = 3306
db = mail
db_user = mail
db_passwd = mail
db_client_flags = 0
default_pass_scheme = PLAIN
password_query = SELECT password FROM mailbox WHERE username = '%u'
user_query = SELECT '/var/vmail/%d/%n' as home, 'maildir:/var/vmail/%d/%n'
as mail, 150 AS uid, 12 AS gid, concat('dirsize:storage=',quota) AS quota
FROM mailbox WHERE username ='%u' AND active ='1'
####################ends here####################
Now moving to configure dovecot.conf, to authenticate virtual user using mysql_auth method. Keep
this thing in mind that normal Linux users can't login to mail-server. Because we haven't enabled
Pam-authentication method in our dovecot configuration. Also first_valid_uid and last_valid_uid are
set to 150, which means only the user with uid 150 will be able to log in. Pop3 and pop3s protocols
are made available.

mv /etc/dovecot.conf /etc/dovecot.conf.orig

vi /etc/dovecot.conf

##############dovecot configured to work with virtual users############

base_dir = /var/run/dovecot/
protocols = imap pop3 imaps pop3s
imap_listen = [::]
pop3_listen = [::]
login_dir = /var/run/dovecot-login
login = imap
login = pop3
default_mail_env = mbox:/var/vmail/%d/%n
mbox_locks = fcntl
log_timestamp = "%Y-%m-%d %H:%M:%S "
log_path = /var/log/maillog
mail_extra_groups = mail
first_valid_uid = 150
last_valid_uid = 150
maildir_copy_with_hardlinks = yes
auth = mysql_auth
auth_userdb = mysql /etc/dovecot-mysql.conf
auth_passdb = mysql /etc/dovecot-mysql.conf
####################################ends here######################
After this we will set the ownership and access rights on /etc/dovecot-mysql.conf.

chmod 600 /etc/dovecot/*.conf

chown vmail /etc/dovecot/*.conf

Squirrelmail configuration:
Go to squirrelmail config directory and run config.pl.

cd /usr/share/squirrelmail/config/

/conf.pl

It will show some selection like this:

SquirrelMail Configuration : Read: config.php (1.4.0) ---------------------------------------------------------

Main Menu --

1. Organization Preferences

2. Server Settings

3. Folder Defaults

4. General Options

5. Themes

6. Address Books

7. Message of the Day (MOTD)

8. Plugins

9. Database

10. Languages

D. Set pre-defined settings for specific IMAP servers

C.Turn color on

S Save data

Q Quit Command >>

At the command prompt type 1 and set Organization Preferences. Here my settings are shown. You
can choose your own.

1. Organization Name : R&D Dept.

2. Organization Logo : ../images/sm_logo.png

3. Org. Logo Width/Height : (308/111)

4. Organization Title : Research & Developement

5. Signout Page : http://mail.rnd

6. Top Frame : _top

7. Provider link : http://mail.rnd

8. Provider name : R&D

Save your settings and return to the main menu. Now at the command prompt type 2, and in server
settings menu provide information.

>>Command 2 mine is shown below.

1. Domain : mail.rnd

2. Invert Time : false

3. Sendmail or SMTP : SMTP

A. Update IMAP Settings : mail.rnd:143 (uw)

B. Update SMTP Settings : mail.rnd:25

Configuring squirrelmail is very easy as it is menu driven. Hope you will do it yourself.

 HTTP Section:
To start using the mailserver web front end we will edit file /etc/httpd/conf/httpd.conf.

vi /etc/httpd/conf/httpd.conf

And append the statements given below to it.

<VirtualHost 172.16.4.81:80>
DocumentRoot /usr/share/squirrelmail
ServerName mail.rnd
</VirtualHost>
Save the configuration and exit.

 
Creating Virtual users and domains:
Now we will create virtual domains and virtual users in our mail database.

mysql -u mail -p

Enter the password and you will be at the mysql> prompt.

USE mail;

First create a virtual domain in the domain table (mail.rnd) using the command given below.

INSERT INTO domain (domain,description,aliases,mailboxes,maxquota,transport,backupmx,active)

VALUES ('mail.rnd','Virtual domain','10','10', '0','virtual', '0','1');

Now create two virtual users in the mailbox table. I have created (mike@mail.rnd & john@mail.rnd)
as usernames for mike and john.

INSERT INTO mailbox (username,password,name,maildir,quota,domain,active) VALUES

('john@mail.rnd','mypassword', 'John Smith ','john/', '0','mail.rnd','1');

INSERT INTO mailbox (username,password,name,maildir,quota,domain,active) VALUES

('mike@mail.rnd','mypassword', 'Mike Tyson','mike/', '0','mail.rnd','1');

quit

Now that we have created virtual users and virtual domain, we want to test our mail server by
logging in and sending mail from one user account to another. So let's start Dovecot, Postfix, MySQL
and webserver daemons. Also we want that they should start themselves on next reboot. For this we
issue following commands.

chkconfig –level 235 mysqld on

chkconfig –level 235 saslauthd on

chkconfig –level 235 postfix on

chkconfig –level 235 dovecot on

chkconfig –level 235 httpd on

/etc/init.d/saslauthd start

/etc/init.d/mysqld start

/etc/init.d/postfix start

/etc/init.d/dovecot start

/etc/init.d/httpd start

Finally fire-up the browser and go to http://mail.rnd and enter the username and password and then
click on Login. And enjoy playing with your mailserver.
 

phpMyAdmin:
phpMyAdmin is a powerful and easy to use frontend for MySQL. The rpm of phpMyAdmin exists in
the DAG repository. Go and add DAG repository. And install phpmyadmin and php-mysql if not
already installed.

yum install -y phpmyadmin php-mysql

After this fire up a browser and enter http://127.0.0.1 in the address bar. Enter the user name and
password and start using it. /etc/httpd/conf.d/phpmyadmin.conf has the information to locate
phpmyadmin. If it fails you can create a virual alias in /etc/httpd/conf/httpd.conf file by editing it.

vi /etc/httpd/conf/httpd.conf

<VirtualHost 127.0.0.1>
DocumentRoot /usr/share/phpmyadmin
ServerName localhost.localdomin
</VirtualHost>
Enjoy using phpMyAdmin for creating users, domain and aliases.
Postfix Mailserver Virtual dengan Authentikasi User
Mysql Debian Etch
Postfix Mailserver Virtual dengan Authentikasi User
Mysql Debian Etch
Filed under: Linux, Network by ujangawaludin — 3 Comments
June 23, 2008

Ini adalah tugas Pertamaku saat menjadi Network Engineer di Perusahaan dimana aku
bekerja sekarang, agak ribet siih tapi untungnya ada mbah google yang bantu. langsung aja ya
pren

Inastall Debian Etch

1. Edit sourcelist : /etc/apt/sourcelist

deb http://kambing.vlsm.org/debian/ stable main contrib non-free

deb http://kambing.vlsm.org/debian-security/ stable/updates main contrib non-free

2. jalankan line berikut untuk melengkapi instalasi yang error

aptitude -y install postfix-mysql mysql-server-5.0 dovecot-pop3d dovecot-imapd amavisd-

new libclass-dbi-mysql-perl spamassassin clamav-daemon cpio arj zoo nomarch lzop
cabextract pax lha unrar openssl squirrelmail phpmyadmin libapache2-mod-php5 php5-mysql
telnet mutt mailman postgrey

3. masuk ke http://localhost/phpmyadmin lewat browser create database mailserver dan

masukkan dump file mailserver atau sql berikut:

GRANT SELECT ON mailserver.*

TO mailuser@localhost

IDENTIFIED BY ‘password′;

CREATE TABLE `virtual_domains` (

id INT NOT NULL AUTO_INCREMENT PRIMARY KEY,

name VARCHAR(50) NOT NULL

) ENGINE = InnoDB;

CREATE TABLE `virtual_users` (

id int(11) NOT NULL AUTO_INCREMENT PRIMARY KEY,

domain_id INT(11) NOT NULL,

user VARCHAR(40) NOT NULL,

password VARCHAR(32) NOT NULL,

CONSTRAINT UNIQUE_EMAIL UNIQUE (domain_id,user),

FOREIGN KEY (domain_id) REFERENCES virtual_domains(id) ON DELETE CASCADE

) ENGINE = InnoDB;

CREATE TABLE `virtual_aliases` (

id int(11) NOT NULL AUTO_INCREMENT PRIMARY KEY,

domain_id INT(11) NOT NULL,

source VARCHAR(20) NOT NULL,

destination VARCHAR(80) NOT NULL,

FOREIGN KEY (domain_id) REFERENCES virtual_domains(id) ON DELETE CASCADE

) ENGINE = InnoDB;

CREATE VIEW view_users AS

SELECT CONCAT(virtual_users.user, ‘@’, virtual_domains.name) AS email,

virtual_users.password

FROM virtual_users

LEFT JOIN virtual_domains ON virtual_users.domain_id=virtual_domains.id;

CREATE VIEW view_aliases AS

SELECT CONCAT(virtual_aliases.source, ‘@’, virtual_domains.name) AS email,

destination

FROM virtual_aliases

LEFT JOIN virtual_domains ON virtual_aliases.domain_id=virtual_domains.id;

4. Buat database mapping

isikan pada file /etc/postfix/mysql-virtual-mailbox-domains.cf

user = mailuser

password = password

hosts = 127.0.0.1

dbname = mailserver

query = SELECT 1 FROM virtual_domains WHERE name=’%s’

isikan pada file /etc/postfix/mysql-virtual-mailbox-maps.cf

user = mailuser

password = password

hosts = 127.0.0.1

dbname = mailserver

query = SELECT 1 FROM view_users WHERE email=’%s’

isikan pada file /etc/postfix/mysql-virtual-alias-maps.cf

user = mailuser

password = password

hosts = 127.0.0.1

dbname = mailserver

query = SELECT destination FROM view_aliases WHERE email=’%s’

isikan pada file /etc/postfix/mysql-email2email.cf

user = mailuser

password = password

hosts = 127.0.0.1

dbname = mailserver

query = SELECT email FROM view_users WHERE email=’%s’

postconf -e virtual_mailbox_domains=mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf
postconf -e virtual_mailbox_maps=mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf
postconf -e virtual_alias_maps=mysql:/etc/postfix/mysql-virtual-alias-
maps.cf,mysql:/etc/postfix/mysql-email2email.cf
postconf -e virtual_transport=dovecot
postconf -e dovecot_destination_recipient_limit=1
postconf -e virtual_uid_maps=static:5000
postconf -e virtual_gid_maps=static:5000
groupadd -g 5000 vmail
useradd -g vmail -u 5000 vmail -d /home/vmail -m
chgrp postfix /etc/postfix/mysql-*.cf
chmod u=rw,g=r,o= /etc/postfix/mysql-*.cf
5. edit file pada /etc/postfix/master.cf
dovecot unix – n n – - pipe
flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -d ${recipient}

6. Configure Dovecote file /etc/dovecote/dovecote.conf

protocols = imap imaps pop3 pop3s
disable_plaintext_auth = no
log_timestamp = “%Y-%m-%d %H:%M:%S ”
mail_location = maildir:/home/vmail/%d/%n
mail_extra_groups = mail
namespace private {
separator = .
prefix = INBOX.
inbox = yes
}
protocol imap {
}
protocol pop3 {
pop3_uidl_format = %08Xu%08Xv
}
protocol lda {
log_path = /home/vmail/dovecot-deliver.log
auth_socket_path = /var/run/dovecot/auth-master
postmaster_address = postmaster@example.com
mail_plugins = cmusieve
global_script_path = /home/vmail/globalsieverc
}
auth default {
mechanisms = plain login
passdb sql {
args = /etc/dovecot/dovecot-sql.conf
}
userdb passwd {
}
userdb static {
args = uid=5000 gid=5000 home=/home/vmail/%d/%n allow_all_users=yes
}
socket listen {
master {
path = /var/run/dovecot/auth-master
mode = 0600
user = vmail
}
client {
path = /var/spool/postfix/private/auth
mode = 0660
user = postfix
group = postfix
}
}
}
dict {
}
plugin {
}

7. isi file /etc/dovecot/dovecot-sql.conf

driver = mysql
connect = host=127.0.0.1 dbname=mailserver user=mailuser password=password
default_pass_scheme = PLAIN-MD5
password_query = SELECT email as user, password FROM view_users WHERE
email=’%u’;
8. restart dovecote /etc/init.d/dovecot restart
9. ubah group dan privilege
chgrp vmail /etc/dovecot/dovecot.conf
chmod g+r /etc/dovecot/dovecot.conf
10. setting Amavis edit file /etc/amavis/conf.d/15-content_filter_mode uncomment
@bypass_…
11. tambahkan pada file /etc/spamassassin/local.cf
bayes_auto_expire 0
12. start amavis /etc/init.d/amavis restart
13. tambahkan konfigurasi postfix
postconf -e content_filter=smtp-amavis:[127.0.0.1]:10024
postconf -e receive_override_options=no_address_mappings
14. tambahkan pada file /etc/postfix/master.cf
smtp-amavis unix – - n – 2 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
-o disable_dns_lookups=yes
-o max_use=20

127.0.0.1:10025 inet n – - – - smtpd

-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_delay_reject=no
-o smtpd_client_restrictions=permit_mynetworks,reject
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o smtpd_data_restrictions=reject_unauth_pipelining
-o smtpd_end_of_data_restrictions=
-o mynetworks=127.0.0.0/8
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
-o smtpd_client_connection_count_limit=0
-o smtpd_client_connection_rate_limit=0
-o receive_override_options=no_header_body_checks,no_unknown_recipient_checks
-o local_header_rewrite_clients=
15. create user amavis dan restart service
adduser clamav amavis
/etc/init.d/clamav-daemon restart
chmod o= /etc/amavis/conf.d/50-user
16. konfigure squirrelmail
ln -s /etc/squirrelmail/apache.conf /etc/apache2/conf.d/squirrelmail.conf
apache2ctl restart
squirrelmail-configure –> set pop3 & imap server dengan hostname

17. setting Postgrey dan limit pada file /etc/postfix/main.cf

relayhost = (smtp provider)
mynetworks = 192.168.0..0./24 (lan)

smtpd_client_restrictions =
permit_mynetworks
permit_sasl_authenticated
reject_unauth_pipelining

hopcount_limit = 10000
delay_notice_recipient = postmaster@example.com
bounce_notice_recipient = postmaster@example.com
2bounce_notice_recipient = postmaster@example.com
error_notice_recipient = postmaster@example.com
qmgr_message_recipient_limit = 50000
default_process_limit = 100000
default_destination_recipient_limit = 20
default_destination_concurrency_limit = 1000
luser_relay = postmaster@example.com

message_size_limit = 2048000
header_size_limit = 2048
bounce_size_limit = 500000
line_length_limit = 2048000

18. restart postfix /etc/init.d/postfix restart

Setting Multiple Domain Mail Server Menggunakan
POSTFIX + DOVECOT + CYRUS-SASL + MYSQL
Saya percaya, akan ada saat dimana setting mail server di linux semudah instalasi MS
Exchange Server di windows. Tapi saat itu bukan hari ini …

Instalasi aplikasi di server linux memang memiliki kesulitan tersendiri. Kalau pun kita
sudah “pernah”, pas dicoba 1x lagi pada distro yang berbeda atau walau cuma beda
versi, belum tentu hasilnya sama.

Pertama kali saya melakukan instalasi mail server adalah 2 tahun lalu saya melakukan
instalasi mail server diatas OS Linux Fedora 9, cara mudahnya adalah dengan cara copas dari
berbagai tutorial yang saya termukan di internet. Alhasil, setelah 1 minggu usah, punya juga
mail server. Sekarang, saya coba lagi melakukan yang sama pada Fedora 14. Cara praktisnya
adalah copas konfigurasi server lama ke server baru. Tapi ternyata … memang tidak semudah
yang dikira. Beberapa perbedaan versi pada aplikasi yang dipakai menjadikannya perlu
ada adaptasi agar konfigurasi lama yang saya pakai bisa digunakan kembali.

Berikut adalah beberapa catatan yang saya buat pada saat melakukan konfigurasi Mail Server
dengan Multiple Domain (Virtual Domain) di Linux.

Jika Anda pernah melakukan instalasi email server menggunakan MS Exchange Server,
semuanya mudah. 1 program untuk seluruh keperluan. Berbeda dengan Linux, Mail Server
terdiri dari program yang terpisah. Dengan demikian, untuk bisa memahaminya tentunya
harus mengetahui fungsi masing-masing program yang digunakan.

Berikut adalah spesifikasi Mail Server yang saya buat:

Dibuat diatas OS Linux Fedora 14.
Mail server terdiri dari POSTFIX, Dovecot, Cyrus-SASL, MySQL.
Virtual domail: example.com & example2.com
Mengirim email menggunakan authentikasi PLAIN (artinya password tidak di enkripsi)
authentikasi POP & IMAP menggunakan LOGIN PLAIN (artinya password tidak di enkripsi)

POSTFIX
POSTFIX adalah program yang berfungsi menerima dan mengirim email.
instalasi modul yang diperlukan untuk POSTFIX adalah:
yum install postfix

berikut adalah initial setting untuk POSTFIX yang saya gunakan (file: /etc/postfix/main.cf)
# uncomment for debugging if needed
soft_bounce=yes
debug_peer_level = 99
debug_peer_list = 127.0.0.1

# postfix main
mail_owner = postfix
setgid_group = postdrop
delay_warning_time = 4
# postfix paths
html_directory = no
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
queue_directory = /var/spool/postfix
sendmail_path = /usr/sbin/sendmail.postfix
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man

# network settings
inet_interfaces = all
mydomain = example.com
myhostname = host.example.com
mydestination = $myhostname localhost.$mydomain
mynetworks = 127.0.0.0/8, 119.235.30.174/32
mynetworks_style = subnet
myorigin = example.com
relay_domains = example2.com #virtual domain

# mail delivery
recipient_delimiter = +

# mappings
alias_maps = mysql:/etc/postfix/mysql-aliases.cf

# virtual setup
virtual_alias_maps = mysql:/etc/postfix/mysql-virtual_alias_maps.cf
virtual_gid_maps = static:89
virtual_mailbox_base = /home/vmail
virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual_domains_maps.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual_mailbox_maps.cf
virtual_minimum_uid = 89 #UID user postfix. lihat di file /etc/group
virtual_transport = virtual
virtual_uid_maps = static:89 #UID user postfix. lihat di file /etc/group

# debugging
debug_peer_level = 5
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
xxgdb $daemon_directory/$process_name $process_id & sleep 5

# authentication
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $myhostname
broken_sasl_auth_clients = yes

smtpd_helo_restrictions = permit_sasl_authenticated, permit_mynetworks,

reject_invalid_hostname
smtpd_sender_restrictions = reject_unknown_sender_domain
smtpd_recipient_restrictions = permit_sasl_authenticated,
permit_mynetworks, reject_unauth_destination,
reject_non_fqdn_recipient, reject_unknown_sender_domain,
reject_unknown_recipient_domain,
reject_unverified_sender, reject_unverified_recipient

smtpd_helo_required = yes
unknown_local_recipient_reject_code = 550
disable_vrfy_command = yes
smtpd_data_restrictions = reject_unauth_pipelining
message_size_limit = 12582912

Seperti yang saya ungkapkan sebelumnya, ini adalah initial setup. Artinya konfigurasi “asal
jalan”. Untuk keamanan, tentunya konfigurasi tersebut harus di tweak lagi.

informasi yang menghubungkan antara POSTFIX dengan mysql diletakan pada file *.cnf. Isi
dari file-file tersebut adalah sebagai berikut:
/etc/postfix/mysql-aliases.cf
user = postfix
password = mypassword
dbname = postfix
table = postfix_alias
select_field = destination
where_field = alias
hosts = localhost

/etc/postfix/mysql-virtual_alias_maps.cf
hosts = localhost
user = postfix
password = mypassword
dbname = postfix
table = alias
select_field = goto
where_field = address

/etc/postfix/mysql-virtual_domains_maps.cf
hosts = localhost
user = postfix
password = buburayam
dbname = postfix
table = domain
select_field = domain
where_field = domain
additional_conditions = and backupmx = '0' and active = '1'

/etc/postfix/mysql-virtual_mailbox_maps.cf
hosts = localhost
user = postfix
password = buburayam
dbname = postfix
table = mailbox
select_field = maildir
where_field = username

MySQL
Ada banyak cara bagaimana Anda menyimpan data username & password. Namun untuk kali
ini, saya memilih menggunakan MySQL.
instalasi modul yang diperlukan untuk MySQL adalah:
yum install mysql mysql-server

Buat database yang akan digunakan menggunakan SQL berikut:

CREATE TABLE IF NOT EXISTS `admin` (

`username` varchar(255) NOT NULL DEFAULT '',
`password` varchar(255) NOT NULL DEFAULT '',
`created` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`modified` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`active` tinyint(1) NOT NULL DEFAULT '1',
PRIMARY KEY (`username`)
);

CREATE TABLE IF NOT EXISTS `alias` (

`address` varchar(255) NOT NULL DEFAULT '',
`goto` text NOT NULL,
`domain` varchar(255) NOT NULL DEFAULT '',
`created` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`modified` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`active` tinyint(1) NOT NULL DEFAULT '1',
PRIMARY KEY (`address`)
);

CREATE TABLE IF NOT EXISTS `alias_domain` (

`alias_domain` varchar(255) NOT NULL DEFAULT '',
`target_domain` varchar(255) NOT NULL DEFAULT '',
`created` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`modified` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`active` tinyint(1) NOT NULL DEFAULT '1',
PRIMARY KEY (`alias_domain`),
KEY `active` (`active`),
KEY `target_domain` (`target_domain`)
) ;

CREATE TABLE IF NOT EXISTS `config` (

`id` int(11) NOT NULL AUTO_INCREMENT,
`name` varchar(20) NOT NULL DEFAULT '',
`value` varchar(20) NOT NULL DEFAULT '',
PRIMARY KEY (`id`),
UNIQUE KEY `name` (`name`)
) AUTO_INCREMENT=1 ;

CREATE TABLE IF NOT EXISTS `domain` (

`domain` varchar(255) NOT NULL DEFAULT '',
`description` varchar(255) CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT
NULL,
`aliases` int(10) NOT NULL DEFAULT '0',
`mailboxes` int(10) NOT NULL DEFAULT '0',
`maxquota` bigint(20) NOT NULL DEFAULT '0',
`quota` bigint(20) NOT NULL DEFAULT '0',
`transport` varchar(255) DEFAULT NULL,
`backupmx` tinyint(1) NOT NULL DEFAULT '0',
`created` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`modified` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`active` tinyint(1) NOT NULL DEFAULT '1',
PRIMARY KEY (`domain`)
);

CREATE TABLE IF NOT EXISTS `domain_admins` (

`username` varchar(255) NOT NULL DEFAULT '',
`domain` varchar(255) NOT NULL DEFAULT '',
`created` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`active` tinyint(1) NOT NULL DEFAULT '1',
KEY `username` (`username`)
);
CREATE TABLE IF NOT EXISTS `fetchmail` (
`id` int(11) unsigned NOT NULL AUTO_INCREMENT,
`mailbox` varchar(255) NOT NULL DEFAULT '',
`src_server` varchar(255) NOT NULL DEFAULT '',
`src_auth`
enum('password','kerberos_v5','kerberos','kerberos_v4','gssapi','cram-
md5','otp','ntlm','msn','ssh','any') DEFAULT NULL,
`src_user` varchar(255) NOT NULL DEFAULT '',
`src_password` varchar(255) NOT NULL DEFAULT '',
`src_folder` varchar(255) NOT NULL DEFAULT '',
`poll_time` int(11) unsigned NOT NULL DEFAULT '10',
`fetchall` tinyint(1) unsigned NOT NULL DEFAULT '0',
`keep` tinyint(1) unsigned NOT NULL DEFAULT '0',
`protocol` enum('POP3','IMAP','POP2','ETRN','AUTO') DEFAULT NULL,
`ssl` tinyint(1) unsigned NOT NULL DEFAULT '0',
`extra_options` text,
`returned_text` text,
`mda` varchar(255) NOT NULL DEFAULT '',
`date` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE
CURRENT_TIMESTAMP,
PRIMARY KEY (`id`)
) AUTO_INCREMENT=1 ;

CREATE TABLE IF NOT EXISTS `log` (

`timestamp` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`username` varchar(255) NOT NULL DEFAULT '',
`domain` varchar(255) NOT NULL DEFAULT '',
`action` varchar(255) NOT NULL DEFAULT '',
`data` varchar(255) NOT NULL DEFAULT '',
KEY `timestamp` (`timestamp`)
);

CREATE TABLE IF NOT EXISTS `mailbox` (

`username` varchar(255) COLLATE utf8_unicode_ci NOT NULL,
`password` varchar(255) COLLATE utf8_unicode_ci NOT NULL,
`name` varchar(255) COLLATE utf8_unicode_ci NOT NULL,
`maildir` varchar(255) COLLATE utf8_unicode_ci NOT NULL,
`quota` bigint(20) NOT NULL DEFAULT '0',
`domain` varchar(255) COLLATE utf8_unicode_ci NOT NULL,
`created` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`modified` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`passwd_expire` char(1) COLLATE utf8_unicode_ci NOT NULL,
`active` tinyint(1) NOT NULL DEFAULT '1',
PRIMARY KEY (`username`)
);

CREATE TABLE IF NOT EXISTS `postfix_alias` (

`destination` varchar(50) DEFAULT NULL,
`alias` varchar(50) DEFAULT NULL
);

CREATE TABLE IF NOT EXISTS `vacation` (

`email` varchar(255) NOT NULL DEFAULT '',
`subject` varchar(255) NOT NULL DEFAULT '',
`body` text NOT NULL,
`cache` text NOT NULL,
`domain` varchar(255) NOT NULL DEFAULT '',
`created` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`active` tinyint(1) NOT NULL DEFAULT '1',
PRIMARY KEY (`email`),
KEY `email` (`email`)
);

Dovecot
POSTFIX hanya bertugas menerima dan mengirim. Sedangkan program yang melayani
aplikasi email client lewat protokol IMAP & POP (seperti MS Outlook, Mozilla Thunderbird
atau SquirellMail) ditangani oleh Dovecot.
instalasi modul yang diperlukan untuk Dovecot adalah:
yum install dovecot dovecot-mysql

konfigurasi untuk dovecot (saya menggunakan versi 2) terletak di dalam file

/etc/dovecot/dovecot.conf, dan dari file tersebut load file lain yang ada di /etc/dovecot/conf.d.
Namun untuk penyerderhanaan, saya membuatnya menjadi 1 file di
/etc/dovecot/dovecot.conf dengan isi sebagai berikut:

# 2.0.9: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.35.6-45.fc14.x86_64 x86_64 Fedora release 14 (Laughlin)
ext3
first_valid_uid = 89
log_path = /var/log/dovecot

disable_plaintext_auth = no

#debug option
#mail_debug = yes
#auth_debug_passwords=yes
#auth_debug=yes
#auth_verbose = yes
#auth_verbose_passwords=plain
#verbose_ssl = yes

mail_location = maildir:/home/vmail/%d/%n
protocols = pop3 imap
ssl_cert =

Dovecot pun perlu sambungan untuk membaca informasi user yang tersimpan di
MySQL. Konfigurasi untuk koneksi ke MySQL bisa dilihat di
/etc/dovecot/dovecot-mysql.conf

driver = mysql
connect = host=localhost dbname=postfix user=postfix password=mypassword
default_pass_scheme = PLAIN

password_query = SELECT password FROM mailbox WHERE username = '%u'

user_query = SELECT maildir, 89 AS uid, 89 AS gid FROM mailbox WHERE
username = '%u'

Cyrus-SASL
Khusus untuk keperluan autentikasi (memeriksa apakah user yang login via Dovecot atau
POSTFIX adalah user yang valid) digunakan program Cyrus-SASL.
instalasi modul yang diperlukan untuk Cyrus-SASL adalah:
yum install cyrus-sasl cyrus-sasl-mysql cyrus-sasl-plain pam_mysql
pastikan /etc/sasl2/smtpd.conf seperti berikut:
pwcheck_method: saslauthd
mech_list: plain login

set konfigurasi /etc/pam.d/smtp

auth required pam_mysql.so user=postfix passwd=mypassword host=localhost
db=postfix table=mailbox usercolumn=username passwdcolumn=password
account sufficient pam_mysql.so user=postfix passwd=mypassword
host=localhost db=postfix table=mailbox usercolumn=username
passwdcolumn=password

untuk keperluan Virtual Domain, pastikan Cyrus memeriksa realm pada saat memeriksa user.
Hal ini ditentukan oleh 2 file konfigurasi:
/etc/init.d/saslauthd pastikan memiliki baris:
PARAMS="${PARAMS} -a ${MECHANISMS} -r"

/etc/sysconfig/saslauthd pastikan menambahkan “-r” pada FLAG

SOCKETDIR=/var/run/saslauthd
MECH=pam
FLAGS=-r

Coba restart MySQL, POSTFIX, Dovecot, dan Cyrus-SASL. … And see what happen!

Saya belum bisa menuliskan step by step yang lengkap untuk proses setting ini. Tapi,
mungkin Anda coba merujuk ke beberapa link berikut ini.