Mailserver with virtual users and domains using Postfix and Dovecot on a CentOS 6 VPS

mailserver-with-virtual-users-and-domains-using-postfix-and-dovecot-in-centos-6The following article will show you how to install and run simple POP3/IMAP/SMTP mail server in your CentOS VPS using virtual users and domains with Postfix and Dovecot

What is Postfix? It is a drop in replacement for the old and mature Sendmail. Postfix also attempts to be very fast, easy to administer, and secure.

What is Dovecot? It is an open source IMAP and POP3 server for *NIX-like systems, written primarily with security in mind.

PRE-REQ

You may want to check if your hostname/domainname is a valid FQDN (fully qualified domain name) and it has a valid MX DNS record.

## if ! type -path "dig" > /dev/null 2>&1; then yum install bind-utils -y; fi
## DOMAIN=mydomain.com
## NSHOSTS=( "$(dig @4.2.2.2 +short MX ${DOMAIN}|sort -n|cut -d' ' -f2)" )
## for NS in ${NSHOSTS[@]}; do printf "%-15s => %-s\n" "$(dig @4.2.2.2 +short A ${NS})" "${NS}"; done
## unset DOMAIN NSHOSTS

UPDATE THE SYSTEM

## screen -U -S mailserver-screen
## yum update

SET-UP SYSTEM USER

create group used for virtual mailboxes

## groupadd vmail -g 2222

create user used for virtual mailboxes

## useradd vmail -r -g 2222 -u 2222 -d /var/vmail -m -c "mail user"

INSTALL POSTFIX

## yum remove exim sendmail
## yum install postfix cronie

edit postfix main.cf configuration file

## cp /etc/postfix/main.cf{,.orig}
## vim /etc/postfix/main.cf
queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
mail_owner = postfix
unknown_local_recipient_reject_code = 550
alias_maps = hash:/etc/postfix/aliases
alias_database = $alias_maps

inet_interfaces = all
inet_protocols = ipv4
mydestination = $myhostname, localhost.$mydomain, localhost

debug_peer_level = 2
debugger_command =
         PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
         ddd $daemon_directory/$process_name $process_id & sleep 5

sendmail_path = /usr/sbin/sendmail.postfix
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq.postfix
setgid_group = postdrop
html_directory = no
manpage_directory = /usr/share/man
sample_directory = /usr/share/doc/postfix-2.6.6/samples
readme_directory = /usr/share/doc/postfix-2.6.6/README_FILES

relay_domains = *
virtual_alias_maps=hash:/etc/postfix/vmail_aliases
virtual_mailbox_domains=hash:/etc/postfix/vmail_domains
virtual_mailbox_maps=hash:/etc/postfix/vmail_mailbox

virtual_mailbox_base = /var/vmail
virtual_minimum_uid = 2222
virtual_transport = virtual
virtual_uid_maps = static:2222
virtual_gid_maps = static:2222

smtpd_sasl_auth_enable = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = /var/run/dovecot/auth-client
smtpd_sasl_security_options = noanonymous
smtpd_sasl_tls_security_options = $smtpd_sasl_security_options
smtpd_sasl_local_domain = $mydomain
broken_sasl_auth_clients = yes

smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination

create vmail_domains configuration file. this is where you add your virtual domains.

## vim /etc/postfix/vmail_domains
mydomain.com            OK
my-otherdomain.com      OK

create vmail_mailbox configuration file. this is where you define your mailboxes.

## vim /etc/postfix/vmail_mailbox
info@mydomain.com           mydomain.com/info/
info@my-otherdomain.com     my-otherdomain.com/info/

create vmail_aliases configuration file. this is where you define your virtual aliases.

## vim /etc/postfix/vmail_aliases
info@mydomain.com           info@mydomain.com
info@my-otherdomain.com     foo@bar.tld

hash the configuration files

## postmap /etc/postfix/vmail_domains
## postmap /etc/postfix/vmail_mailbox
## postmap /etc/postfix/vmail_aliases
## touch /etc/postfix/aliases
## vim +/submission /etc/postfix/master.cf
submission inet n       -       n       -       -       smtpd

INSTALL DOVECOT

## yum install dovecot

edit dovecot dovecot.conf configuration file

## cp /etc/dovecot/dovecot.conf{,.orig}
## vim /etc/dovecot/dovecot.conf
listen = *
ssl = no
protocols = imap lmtp
disable_plaintext_auth = no
auth_mechanisms = plain login
mail_access_groups = vmail
default_login_user = vmail
first_valid_uid = 2222
first_valid_gid = 2222
#mail_location = maildir:~/Maildir
mail_location = maildir:/var/vmail/%d/%n

passdb {
    driver = passwd-file
    args = scheme=SHA1 /etc/dovecot/passwd
}
userdb {
    driver = static
    args = uid=2222 gid=2222 home=/var/vmail/%d/%n allow_all_users=yes
}
service auth {
    unix_listener auth-client {
        group = postfix
        mode = 0660
        user = postfix
    }
    user = root
}
service imap-login {
  process_min_avail = 1
  user = vmail
}

create virtual user’s configuration file passwd. this is where usernames and password hashes will be stored.

## touch /etc/dovecot/passwd
## doveadm pw -s sha1 | cut -d '}' -f2

## vim /etc/dovecot/passwd
info@mydomain.com:DOzcsKI8HY0bg8LAuz0DPKwS3WA=
## chown root: /etc/dovecot/passwd
## chmod 600 /etc/dovecot/passwd

START SERVICES

## chkconfig postfix on
## chkconfig dovecot on
## service postfix restart
## service dovecot restart

TEST THE SET-UP

Open your favorite e-mail client and configure it to use the newly created info@mydomain.com account. Try to send/receive an email. If you experience any issues, check if there’s something logged in /var/log/maillog

you can also use swaks to test your smtp server, for example:

swaks --to support@mydomain.com --from email@address.net

more information about swaks you can find at man swaks

ADD ANOTHER ACCOUNT

set-up account’s mailbox

## vim /etc/postfix/vmail_mailbox
...
support@mydomain.com           mydomain.com/support/

set-up account’s alias(es)

## vim /etc/postfix/vmail_aliases
...
support@mydomain.com           support@mydomain.com

postmap configuration files and restart postfix

## postmap /etc/postfix/vmail_mailbox
## postmap /etc/postfix/vmail_aliases
## service postfix restart

generate password hash and add username:password-hash to passwd file.

## doveadm pw -s sha1 | cut -d '}' -f2
## vim /etc/dovecot/passwd
...
support@mydomain.com:DOzcsKI8HY0bg8LAuz0DPKwS3WA=

This is a simple, but yet very robust mail server set-up on a CentOS 6 VPS which supports SMTP and IMAP without SSL, webmail, anti-spam, anti-virus, filter rules, opendkim etc. However, in the next few related articles, we will be adding additional features to the set-up to make it even yet more powerful, so stay tuned.


Of course, if you are one of our Linux VPS Hosting customers, you don’t have to do any of this, simply ask our admins, sit back and relax. Our admins will set this up for you immediately.

PS. If you liked this post please share it with your friends on the social networks using the buttons on the left or simply leave a reply below. Thanks.

17 thoughts on “Mailserver with virtual users and domains using Postfix and Dovecot on a CentOS 6 VPS

  1. Pingback: Install and set-up Roundcube webmail interface | RoseHosting.com Linux VPS Hosting Blog

  2. Pingback: Set-up SSL encrypted connection in Postfix, Dovecot and Apache | RoseHosting.com Linux VPS Hosting Blog

  3. Pingback: How to install and integrate SpamAssassin with Postfix on a CentOS 6 VPS | RoseHosting.com Linux VPS Hosting Blog

  4. Pingback: How to set-up server-side email filtering with Dovecot Sieve and Roundcube on a CentOS 6 VPS | RoseHosting.com Linux VPS Hosting Blog

  5. Pingback: How to install and integrate OpenDKIM with Postfix on a CentOS 6 VPS | RoseHosting.com Linux VPS Hosting Blog

  6. matt

    Please add extra details to install postfix,dovecot,roundcube on ningx+wordpress+w3total cache article
    Thanks!

    Reply
  7. mayasl

    My configuration details

    /etc/postfix/vmail_domains
    indianrockers.net OK

    /etc/postfix/vmail_mailbox
    webmaster@indianrockers.net indianrockers.net/webmaster/

    /etc/postfix/vmail_aliases
    webmaster@indianrockers.net webmaster@indianrockers.net

    When I executed “doveadm pw -s sha1 | cut -d ‘}’ -f2″ I was asked for a password. I entered a password and confirmed it. Then I got a hash value.
    I opened /etc/dovecot/passwd and entered as follows.
    webmaster@indianrockers.net:THEHASHVALUEIGOT

    In Thunderbird,
    Your name : IndianRockers
    Email address : webmaster@indianrockers.net
    Password : Which I provided before getting the hash value.

    Error : Configuration could not be verified – is the username or password wrong?

    What am I doing wrong?

    Maillog

    Mar 2 02:14:09 indianrockers dovecot: imap-login: Login: user=, method=PLAIN, rip=***.***.***.***, lip=107.150.12.23, mpid=4262
    Mar 2 02:14:09 indianrockers dovecot: imap(webmaster@indianrockers.net): Error: chdir(/var/vmail/indianrockers.net/webmaster/) failed: Permission denied (euid=2222(<u$
    Mar 2 02:14:09 indianrockers dovecot: imap(webmaster@indianrockers.net): Error: chdir(/var/vmail/indianrockers.net/webmaster) failed: Permission denied
    Mar 2 02:14:09 indianrockers dovecot: imap(webmaster@indianrockers.net): Error: user webmaster@indianrockers.net: Initialization failed: Initializing mail storage fro$
    Mar 2 02:14:09 indianrockers dovecot: imap(webmaster@indianrockers.net): Error: Invalid user settings. Refer to server log for more information.

    Reply
    1. admin Post author

      Could you please post the output of below commands:

      # id vmail
      # ls -dl /var/vmail
      # ls -dl /var/vmail/vmail1
      # dovecot -n

      Reply
  8. Jeff

    Followed Part 1 to 3 of this blog. Can’t seem to login via roundcube. Always get ‘Login failed’ error. Complete Linux newbie, so please advise how to troubleshoot/investigate further. Thank you.

    Reply
    1. admin Post author

      Make sure you complete all the steps correctly.

      Also, you could enable imap_debug in the main.inc.php and post the log of an attempted login.

      Reply
  9. Jeff

    Found out what was wrong. I deviated a little from the steps above. I put my custom config of dovecot in local.conf instead of dovecot.conf but forgot to uncomment the last line of dovecot.conf which includes configuration in local.conf.

    I have another question regarding roundcube webmail that I hope you can assist with. I deviated the configuration of postfix/dovecot a little (based on https://library.linode.com/email/postfix/postfix2.9.6-dovecot2.0.19-mysql) to store virtual domains, virtual accounts, passwords and virtual aliases in MySQL database. I understand roundcube webmail comes with password plugin that can allow user to change their passwords via the roundcube webmail interface and that it supports accounts/passwords stored in MySQL. Just not sure how to configure the plugin to fit with the MySQL schema as listed in the linode article.

    Reply
  10. Steen

    This guide is very sweet and it makes it very easy to get a server going.
    I have both an issue and a concern though.
    First of all: “relay_domains = *” sounds like a terribly bad idea, but I’m not really sure, I guess it won’t matter when login is required as specified by “auth_mechanisms = plain login”

    Now my issue which has nothing to do with the above:
    postfix expects /var/vmail/%d/%u to be a file and dovecot sets it up as a directory. What do I do here? Postfix can’t deliver e-mail because %d/%u is a directory and not a file. If I delete it and create it the mail is delivered but I cannot log in to the IMAP server.

    Reply
    1. admin Post author

      About “relay_domains = *”; You need to add the list of the domains your server will relay mail to, e.g:

      relay_domains = your-domain1.com, your-domain2.com

      As for the ‘mail_location’ problem, can you please provide us with your ‘/etc/dovecot/dovecot.conf’ Dovecot configuration file?

      Reply
  11. kavitama

    Did part 1
    Went fine but cannot check mail server connection since i get the following:
    “Log onto incoming mail server (POP3): Outlook cannot connect to your incoming (POP3) e-mail server. If you continue to receive this message, contact your server administrator or Internet service provider (ISP).”

    cat /var/log/maillog gives this:
    warning: maildir access problem for UID/GID=2222/2222: create maildir file /var/vmail/prosyde.net/info/tmp/1394210401.P2283.prosyde-mail: Permission denied

    checked /var/vmail and it is ok
    drwxrwxrwx. 2 vmail vmail 4096 Mar 7 11:47 /var/vmail

    What did i do wrong?

    Regards

    Reply
    1. admin Post author

      Something is not configured OK. Re-check your dovecot and postfix configuration files and make sure they use UID/GID 2222 to manage the mailboxes in /var/vmail

      Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>