Setup a mailserver with Exim and Dovecot on a CentOS 7 VPS


exim vpsThe following article will guide you through the steps of installing and setting up a mailserver using Exim and Dovecot on a CentOS 7 VPS.

For this tutorial, we are using one of our CentOS based VPS hosting plans, pre-installed with minimal CentOS 7 OS.

What is Exim?

Exim is a mail transfer agent (MTA) used on Unix-like operating systems. Exim is free software distributed under the terms of the GNU General Public License, and it aims to be a general and flexible mailer with extensive facilities for checking incoming e-mail.

What is Dovecot?

Dovecot is an open source IMAP and POP3 email server for Linux/UNIX-like systems, written with security primarily in mind. Dovecot is an excellent choice for both small and large installations.

 

UPDATE THE SYSTEM

First off, ssh to your server and initiate a screen session using the command below:

## screen -U -S exim-dovecot

once you’re in a screen session, update your CentOS 7 VPS using yum as in:

## yum update

 

ENABLE EPEL REPOSITORY

Enable EPEL repository on the CentOS system using:

## yum install http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-2.noarch.rpm

if you get a 404 not found, go at http://dl.fedoraproject.org/pub/epel/7/x86_64/e/ and install the latest epel-release rpm package available.

check if EPEL has been enabled on your system using:

## yum repolist

once EPEL is enabled, install some useful tools using:

## yum install file perl-Mail-SPF.noarch openssl vim

 

GENERATE SSL CERTIFICATE

Since we are going to use SSL in Dovecot and Exim, we need to have an SSL certificate. You can purchase and use one of our GeoTrust SSL Certificates or you can create your own self-signed SSL certificate for mail.mydomain.com using the commands below:

## mkdir /root/SSL/mail.mydomain.com -p
## cd /root/SSL/mail.mydomain.com
## openssl req -nodes -x509 -newkey rsa:2048 -keyout mail.mydomain.com.key -out mail.mydomain.com.crt -days 365

Move the SSL certificate and key to /etc/ssl using:

## cp mail.mydomain.com.key mail.mydomain.com.crt /etc/ssl/

 

INSTALL AND CONFIGURE EXIM

Install exim on the CentOS 7 virtual server using yum:

## yum install exim

next, open /etc/exim/exim.conf with your favorite editor and configure exim as follows:

## cp /etc/exim/exim.conf{,.orig}
## vim /etc/exim/exim.conf

primary_hostname = mail.mydomain.com
domainlist local_domains = @ : mydomain.com

tls_advertise_hosts = *
tls_certificate = /etc/ssl/mail.mydomain.com.crt
tls_privatekey = /etc/ssl/mail.mydomain.com.key

auth_advertise_hosts = *

find the transport section and edit the following:

local_delivery:
  driver = appendfile
  directory = $home/Maildir
  maildir_format
  maildir_use_size_file
  delivery_date_add
  envelope_to_add
  return_path_add

scroll down the the authenticators section and add the following lines:

dovecot_login:
  driver = dovecot
  public_name = LOGIN
  server_socket = /var/run/dovecot/auth-client
  server_set_id = $auth1

dovecot_plain:
  driver = dovecot
  public_name = PLAIN
  server_socket = /var/run/dovecot/auth-client
  server_set_id = $auth1

Start the EXIM MTA and add it to system’s startup using systemctl

## systemctl start exim
## systemctl status exim
## systemctl enable exim

 

INSTALL AND CONFIGURE DOVECOT

Install Dovecot on the system using yum

## yum install dovecot

Once installed, configure SSL in Dovecot by editing the following:

## vim /etc/dovecot/conf.d/10-ssl.conf

ssl = yes
ssl_cert = </etc/ssl/mail.mydomain.com.crt
ssl_key = </etc/ssl/mail.mydomain.com.key

next, allow plaintext authentication in /etc/dovecot/conf.d/10-auth.conf:

## vim /etc/dovecot/conf.d/10-auth.conf

disable_plaintext_auth = no
auth_mechanisms = plain login

configure mailbox location and type in /etc/dovecot/conf.d/10-mail.conf:

## vim /etc/dovecot/conf.d/10-mail.conf

mail_location = maildir:~/Maildir

Set-up Dovecot so that is allows Exim to use its authentication system in /etc/dovecot/conf.d/10-master.conf

## vim /etc/dovecot/conf.d/10-master.conf

service auth {
...
    unix_listener auth-client {
        mode = 0660
        user = exim
    }
}

Start Dovecot and add it to system’s start-up using:

## systemctl start dovecot
## systemctl status dovecot
## systemctl enable dovecot

 

CREATE SYSTEM USER

## useradd -m test
## passwd test

 

CONFIGURE YOUR EMAIL CLIENT

In this example, we are using Mozilla Thunderbird as email client to send/receive emails. To configure the newly created email account, open Thunderbird enter your account details as shown in the pictures below:

step-1

Enter your name, your email address and your password and click ‘Continue’.

step-2

Configure your mail server parameters and click ‘Done’. That’s it.

 

LET US DO THIS FOR YOU?

Of course you don’t have to do any of this if you use one of our Linux VPS Hosting services, in which case you can simply ask our expert Linux admins to install a mailserver with Exim and Dovecot. They are available 24×7 and will take care of your request immediately.

PS. If you liked this post please share it with your friends on the social networks using the buttons on the left or simply leave a reply below. Thanks.

Tips and Tricks
How to set up time zone on CentOS 7
Tutorials
Install Squid on Debian 6 ‘Squeeze’
Tutorials
Speed-up NGINX using ngx_pagespeed on a CentOS 6 VPS
  • thanh luan pham

    i have create user test with pass 123456, but when i config in thunderbird it says wrong password. help me


    • admin

      adminadmin

      Author Reply

      Is there anything logged in your mail server log files?


      • willi

        williwilli

        Author Reply

        Any solutions for the problem? Same thing here……


  • Joe Villa

    Joe VillaJoe Villa

    Author Reply

    Great I did this and my server is working great, but I would like to add a Mail Server GUI to create/edit/delete users, I have tried a lot but none is compatible with CentOS 7, I love this operating system, would it be great if you knew of an GUI to CRUD users of exim/dovecot configuration, can you help me?


    • admin

      adminadmin

      Author Reply

      We are not aware of such a GUI application for CentOS 7.

      Anyway, you can create/delete users from your server CLI as described in this article.


  • Michael

    MichaelMichael

    Author Reply

    I used your guide to setup exim. seems ok til I try to connect to the test account from the internet. I get this error: ‘550 relay not permitted’.

    Ideas?


  • Akash

    AkashAkash

    Author Reply

    in exim.conf:
    local_interfaces = <; 0.0.0.0

    systemctl stop firewalld.service (or open up the required ports)

    systemctl restart exim.service


  • Holly

    HollyHolly

    Author Reply

    when i start dovecot,the maillog give a message :master: Dovecot v2.2.10 starting up for imap, pop3, lmtp (core dumps disabled)
    Ideas?


    • admin

      adminadmin

      Author Reply

      Please restart your Dovecot service and provide us with the complete log output after restart.


  • Holly

    HollyHolly

    Author Reply

    #this my dovecot.conf
    auth_mechanisms = plain login
    disable_plaintext_auth = no
    mail_location = mbox:/var/mail/%d/%1n/%n:INDEX=/var/indexes/%d/%1n/%n
    mbox_write_locks = fcntl
    namespace inbox {
    inbox = yes
    location =
    mailbox Drafts {
    special_use = \Drafts
    }
    mailbox Junk {
    special_use = \Junk
    }
    mailbox Sent {
    special_use = \Sent
    }
    mailbox “Sent Messages” {
    special_use = \Sent
    }
    mailbox Trash {
    special_use = \Trash
    }
    prefix =
    }
    passdb {
    driver = pam
    }
    service auth {
    unix_listener auth-client {
    mode = 0660
    user = exim
    }
    }
    service imap-login {
    inet_listener imap {
    port = 143
    }
    inet_listener imaps {
    port = 993
    ssl = yes
    }
    }
    service pop3-login {
    inet_listener pop3 {
    port = 110
    }
    inet_listener pop3s {
    port = 995
    ssl = yes
    }
    }
    ssl = required
    ssl_cert = </etc/ssl/mail.chubangde.com.crt
    ssl_key = </etc/ssl/mail.chubangde.com.key
    userdb {
    driver = passwd
    }


  • Holly

    HollyHolly

    Author Reply

    thx very much.it work very will.
    if you can add a virtual account method,that will very helpful .such as access by mysql.^_^


  • Dave

    DaveDave

    Author Reply

    Hi,
    Wondered if you would be able to explain how this would work for a multi domain lamp stack? I am relatively experienced with Linux based hosting, but this has me stumped. I’ve created the mail server slightly differently to your guide, however the core is the same, and it functions the same. Say the server itself’s hostname is web1.domain-one.com. The LAMP stack is home to domain-one.com, domain-two.com and domain-three.com. How, when I create system users, can I distinguish which domain they are for? And how, for instance, could I have two mailboxes, such as admin@domain-two.com and admin@domain-three.com?
    Many thanks in advance for any advice you can offer.
    Dave.


    • admin

      adminadmin

      Author Reply

      In short, you will need to change the ‘local_domains’ setting in your Exim configuration file to include the domain list from a specific directory (for example, /etc/exim/virtual ), create text files for your domain names (for example, /etc/exim/virtual/domain-two.com and /etc/exim/virtual/domain-three.com) and configure Exim to use ‘vdom_aliases’. The text files for your domain names should contain information about mapping between the email address and a local user.

      Thanks.


  • Jonathan Krause

    Hello, I am very pleased with the tutorial you have written, but I am having the same issue as Thanh, I followed the steps in the article, but when I get to the last step in setting up with email client even though I typed in my password correctly for my test user, it is coming up and saying my password is incorrect, I have checked /var/log/maillog and as well as exim log to see if anything is incorrect but I did not see anything out of the ordinary also I did nmap my mail server and it shows that the correct ports are showing, thank you for your time and I hope you will be able to help me shed light on this thank you again for the tutorial :)


    • admin

      adminadmin

      Author Reply

      Can you log in using a webmail client such as RoundCube or SquirrelMail ?


  • Minh Trinh

    Minh TrinhMinh Trinh

    Author Reply

    Hello,
    Thanks for your tutorial , but i having an error .
    I can sent but cant receive . Can u help me fix it ?
    I create 2 users for test : samsung , nokia
    /var/log/exim/main.log
    ———————————————————————————————————————————
    2016-05-16 10:30:41 exim 4.84_2 daemon started: pid=1326, -q1h, listening for SMTP on port 25 (IPv6 and IPv4) port 587 (IPv6 and IPv4) and for SMTPS on port 465 (IPv6 and IPv4)
    2016-05-16 10:30:41 Start queue run: pid=1328
    2016-05-16 10:30:41 End queue run: pid=1328
    2016-05-16 10:49:21 exim 4.84_2 daemon started: pid=1651, -q1h, listening for SMTP on port 25 (IPv6 and IPv4) port 587 (IPv6 and IPv4) and for SMTPS on port 465 (IPv6 and IPv4)
    2016-05-16 10:49:21 Start queue run: pid=1653
    2016-05-16 10:49:21 End queue run: pid=1653
    2016-05-16 10:50:18 exim 4.84_2 daemon started: pid=1093, -q1h, listening for SMTP on port 25 (IPv6 and IPv4) port 587 (IPv6 and IPv4) and for SMTPS on port 465 (IPv6 and IPv4)
    2016-05-16 10:50:18 Start queue run: pid=1097
    2016-05-16 10:50:18 End queue run: pid=1097
    2016-05-16 10:50:34 exim 4.84_2 daemon started: pid=1179, -q1h, listening for SMTP on port 25 (IPv6 and IPv4) port 587 (IPv6 and IPv4) and for SMTPS on port 465 (IPv6 and IPv4)
    2016-05-16 10:50:34 Start queue run: pid=1181
    2016-05-16 10:50:34 End queue run: pid=1181
    2016-05-16 10:51:54 1b29ZS-0000LS-8f nokia R=localuser T=local_delivery
    2016-05-16 10:51:54 1b29ZS-0000LS-8f Completed
    2016-05-16 10:52:16 1b29Zo-0000La-1o samsung R=localuser T=local_delivery
    2016-05-16 10:52:16 1b29Zo-0000La-1o Completed
    2016-05-16 10:53:20 1b29aq-0000Pn-TD nokia R=localuser T=local_delivery
    2016-05-16 10:53:21 1b29aq-0000Pn-TD Completed
    2016-05-16 10:53:32 1b29b1-0000Px-UW nokia R=localuser T=local_delivery
    2016-05-16 10:53:32 1b29b1-0000Px-UW Completed
    2016-05-16 10:54:39 exim 4.84_2 daemon started: pid=1740, -q1h, listening for SMTP on port 25 (IPv6 and IPv4) port 587 (IPv6 and IPv4) and for SMTPS on port 465 (IPv6 and IPv4)
    2016-05-16 10:54:39 Start queue run: pid=1742
    2016-05-16 10:54:39 End queue run: pid=1742
    2016-05-16 11:02:20 1b29jY-0000Uu-IV samsung R=localuser T=local_delivery
    2016-05-16 11:02:20 1b29jY-0000Uu-IV Completed
    2016-05-16 11:06:44 exim 4.84_2 daemon started: pid=2071, -q1h, listening for SMTP on port 25 (IPv6 and IPv4) port 587 (IPv6 and IPv4) and for SMTPS on port 465 (IPv6 and IPv4)
    2016-05-16 11:06:44 Start queue run: pid=2073
    2016-05-16 11:06:44 End queue run: pid=2073


    • admin

      adminadmin

      Author Reply

      You should check for:
      – dovecot mail_location setting,
      – blocking firewall rules,
      – MX records.
      – errors in the exim log file