Setup a mailserver with Exim and Dovecot on a CentOS 7

exim vpsThe following article will guide you through the steps of installing and setting up a mailserver using Exim and Dovecot on a CentOS 7 VPS.

For this tutorial, we are using one of our CentOS-based managed VPS hosting plans, pre-installed with minimal CentOS 7 OS.

What is Exim?

Exim is a mail transfer agent (MTA) used on Unix-like operating systems. Exim is free software distributed under the terms of the GNU General Public License, and it aims to be a general and flexible mailer with extensive facilities for checking incoming e-mail.

What is Dovecot?

Dovecot is an open source IMAP and POP3 email server for Linux/UNIX-like systems, written with security primarily in mind. Dovecot is an excellent choice for both small and large installations.

 

UPDATE THE SYSTEM

First off, ssh to your server and initiate a screen session using the command below:

## screen -U -S exim-dovecot

once you’re in a screen session, update your CentOS 7 VPS using yum as in:

## yum update

 

ENABLE EPEL REPOSITORY

Enable EPEL repository on the CentOS system using:

## yum install http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-2.noarch.rpm

if you get a 404 not found, go at https://dl.fedoraproject.org/pub/epel/7/x86_64/Packages/e/ and install the latest epel-release rpm package available.

check if EPEL has been enabled on your system using:

## yum repolist

once EPEL is enabled, install some useful tools using:

## yum install file perl-Mail-SPF.noarch openssl vim

 

GENERATE SSL CERTIFICATE

Since we are going to use SSL in Dovecot and Exim, we need to have an SSL certificate. You can purchase and use one of our GeoTrust SSL Certificates or you can create your own self-signed SSL certificate for mail.mydomain.com using the commands below:

## mkdir /root/SSL/mail.mydomain.com -p
## cd /root/SSL/mail.mydomain.com
## openssl req -nodes -x509 -newkey rsa:2048 -keyout mail.mydomain.com.key -out mail.mydomain.com.crt -days 365

Move the SSL certificate and key to /etc/ssl using:

## cp mail.mydomain.com.key mail.mydomain.com.crt /etc/ssl/

 

INSTALL AND CONFIGURE EXIM

Install exim on the CentOS 7 virtual server using yum:

## yum install exim

next, open /etc/exim/exim.conf with your favorite editor and configure exim as follows:

## cp /etc/exim/exim.conf{,.orig}
## vim /etc/exim/exim.conf

primary_hostname = mail.mydomain.com
domainlist local_domains = @ : mydomain.com

tls_advertise_hosts = *
tls_certificate = /etc/ssl/mail.mydomain.com.crt
tls_privatekey = /etc/ssl/mail.mydomain.com.key

auth_advertise_hosts = *

find the transport section and edit the following:

local_delivery:
  driver = appendfile
  directory = $home/Maildir
  maildir_format
  maildir_use_size_file
  delivery_date_add
  envelope_to_add
  return_path_add

scroll down the the authenticators section and add the following lines:

dovecot_login:
  driver = dovecot
  public_name = LOGIN
  server_socket = /var/run/dovecot/auth-client
  server_set_id = $auth1

dovecot_plain:
  driver = dovecot
  public_name = PLAIN
  server_socket = /var/run/dovecot/auth-client
  server_set_id = $auth1

Start the EXIM MTA and add it to system’s startup using systemctl

## systemctl start exim
## systemctl status exim
## systemctl enable exim

 

INSTALL AND CONFIGURE DOVECOT

Install Dovecot on the system using yum

## yum install dovecot

Once installed, configure SSL in Dovecot by editing the following:

## vim /etc/dovecot/conf.d/10-ssl.conf

ssl = yes
ssl_cert = </etc/ssl/mail.mydomain.com.crt
ssl_key = </etc/ssl/mail.mydomain.com.key

next, allow plaintext authentication in /etc/dovecot/conf.d/10-auth.conf:

## vim /etc/dovecot/conf.d/10-auth.conf

disable_plaintext_auth = no
auth_mechanisms = plain login

configure mailbox location and type in /etc/dovecot/conf.d/10-mail.conf:

Need a fast and easy fix?
✔ Unlimited Managed Support
✔ Supports Your Software
✔ 2 CPU Cores
✔ 2 GB RAM
✔ 50 GB PCIe4 NVMe Disk
✔ 1854 GeekBench Score
✔ Unmetered Data Transfer
NVME 2 VPS

Now just $43 .99
/mo

GET YOUR VPS
## vim /etc/dovecot/conf.d/10-mail.conf

mail_location = maildir:~/Maildir

Set-up Dovecot so that is allows Exim to use its authentication system in /etc/dovecot/conf.d/10-master.conf

## vim /etc/dovecot/conf.d/10-master.conf

service auth {
...
    unix_listener auth-client {
        mode = 0660
        user = exim
    }
}

Start Dovecot and add it to system’s start-up using:

## systemctl start dovecot
## systemctl status dovecot
## systemctl enable dovecot

 

CREATE SYSTEM USER

## useradd -m test
## passwd test

 

CONFIGURE YOUR EMAIL CLIENT

In this example, we are using Mozilla Thunderbird as email client to send/receive emails. To configure the newly created email account, open Thunderbird enter your account details as shown in the pictures below:

step-1

Enter your name, your email address and your password and click ‘Continue’.

step-2

Configure your mail server parameters and click ‘Done’. That’s it.

 

LET US DO THIS FOR YOU?

Of course you don’t have to do any of this if you use one of our Linux VPS Hosting services, in which case you can simply ask our expert Linux admins to install a mailserver with Exim and Dovecot. They are available 24×7 and will take care of your request immediately.

PS. If you liked this post please share it with your friends on the social networks using the buttons on the left or simply leave a reply below. Thanks.

23 thoughts on “Setup a mailserver with Exim and Dovecot on a CentOS 7”

  1. Great I did this and my server is working great, but I would like to add a Mail Server GUI to create/edit/delete users, I have tried a lot but none is compatible with CentOS 7, I love this operating system, would it be great if you knew of an GUI to CRUD users of exim/dovecot configuration, can you help me?

    Reply
    • We are not aware of such a GUI application for CentOS 7.

      Anyway, you can create/delete users from your server CLI as described in this article.

      Reply
  2. I used your guide to setup exim. seems ok til I try to connect to the test account from the internet. I get this error: ‘550 relay not permitted’.

    Ideas?

    Reply
  3. in exim.conf:
    local_interfaces = <; 0.0.0.0

    systemctl stop firewalld.service (or open up the required ports)

    systemctl restart exim.service

    Reply
  4. when i start dovecot,the maillog give a message :master: Dovecot v2.2.10 starting up for imap, pop3, lmtp (core dumps disabled)
    Ideas?

    Reply
  5. #this my dovecot.conf
    auth_mechanisms = plain login
    disable_plaintext_auth = no
    mail_location = mbox:/var/mail/%d/%1n/%n:INDEX=/var/indexes/%d/%1n/%n
    mbox_write_locks = fcntl
    namespace inbox {
    inbox = yes
    location =
    mailbox Drafts {
    special_use = \Drafts
    }
    mailbox Junk {
    special_use = \Junk
    }
    mailbox Sent {
    special_use = \Sent
    }
    mailbox “Sent Messages” {
    special_use = \Sent
    }
    mailbox Trash {
    special_use = \Trash
    }
    prefix =
    }
    passdb {
    driver = pam
    }
    service auth {
    unix_listener auth-client {
    mode = 0660
    user = exim
    }
    }
    service imap-login {
    inet_listener imap {
    port = 143
    }
    inet_listener imaps {
    port = 993
    ssl = yes
    }
    }
    service pop3-login {
    inet_listener pop3 {
    port = 110
    }
    inet_listener pop3s {
    port = 995
    ssl = yes
    }
    }
    ssl = required
    ssl_cert = </etc/ssl/mail.chubangde.com.crt
    ssl_key = </etc/ssl/mail.chubangde.com.key
    userdb {
    driver = passwd
    }

    Reply
  6. thx very much.it work very will.
    if you can add a virtual account method,that will very helpful .such as access by mysql.^_^

    Reply
  7. Hi,
    Wondered if you would be able to explain how this would work for a multi domain lamp stack? I am relatively experienced with Linux based hosting, but this has me stumped. I’ve created the mail server slightly differently to your guide, however the core is the same, and it functions the same. Say the server itself’s hostname is web1.domain-one.com. The LAMP stack is home to domain-one.com, domain-two.com and domain-three.com. How, when I create system users, can I distinguish which domain they are for? And how, for instance, could I have two mailboxes, such as admin@domain-two.com and admin@domain-three.com?
    Many thanks in advance for any advice you can offer.
    Dave.

    Reply
    • In short, you will need to change the ‘local_domains’ setting in your Exim configuration file to include the domain list from a specific directory (for example, /etc/exim/virtual ), create text files for your domain names (for example, /etc/exim/virtual/domain-two.com and /etc/exim/virtual/domain-three.com) and configure Exim to use ‘vdom_aliases’. The text files for your domain names should contain information about mapping between the email address and a local user.

      Thanks.

      Reply
  8. Hello, I am very pleased with the tutorial you have written, but I am having the same issue as Thanh, I followed the steps in the article, but when I get to the last step in setting up with email client even though I typed in my password correctly for my test user, it is coming up and saying my password is incorrect, I have checked /var/log/maillog and as well as exim log to see if anything is incorrect but I did not see anything out of the ordinary also I did nmap my mail server and it shows that the correct ports are showing, thank you for your time and I hope you will be able to help me shed light on this thank you again for the tutorial :)

    Reply
  9. Hello,
    Thanks for your tutorial , but i having an error .
    I can sent but cant receive . Can u help me fix it ?
    I create 2 users for test : samsung , nokia
    /var/log/exim/main.log
    ---------------------------------------------------------------------------------------------------------------------------------
    2016-05-16 10:30:41 exim 4.84_2 daemon started: pid=1326, -q1h, listening for SMTP on port 25 (IPv6 and IPv4) port 587 (IPv6 and IPv4) and for SMTPS on port 465 (IPv6 and IPv4)
    2016-05-16 10:30:41 Start queue run: pid=1328
    2016-05-16 10:30:41 End queue run: pid=1328
    2016-05-16 10:49:21 exim 4.84_2 daemon started: pid=1651, -q1h, listening for SMTP on port 25 (IPv6 and IPv4) port 587 (IPv6 and IPv4) and for SMTPS on port 465 (IPv6 and IPv4)
    2016-05-16 10:49:21 Start queue run: pid=1653
    2016-05-16 10:49:21 End queue run: pid=1653
    2016-05-16 10:50:18 exim 4.84_2 daemon started: pid=1093, -q1h, listening for SMTP on port 25 (IPv6 and IPv4) port 587 (IPv6 and IPv4) and for SMTPS on port 465 (IPv6 and IPv4)
    2016-05-16 10:50:18 Start queue run: pid=1097
    2016-05-16 10:50:18 End queue run: pid=1097
    2016-05-16 10:50:34 exim 4.84_2 daemon started: pid=1179, -q1h, listening for SMTP on port 25 (IPv6 and IPv4) port 587 (IPv6 and IPv4) and for SMTPS on port 465 (IPv6 and IPv4)
    2016-05-16 10:50:34 Start queue run: pid=1181
    2016-05-16 10:50:34 End queue run: pid=1181
    2016-05-16 10:51:54 1b29ZS-0000LS-8f nokia R=localuser T=local_delivery
    2016-05-16 10:51:54 1b29ZS-0000LS-8f Completed
    2016-05-16 10:52:16 1b29Zo-0000La-1o samsung R=localuser T=local_delivery
    2016-05-16 10:52:16 1b29Zo-0000La-1o Completed
    2016-05-16 10:53:20 1b29aq-0000Pn-TD nokia R=localuser T=local_delivery
    2016-05-16 10:53:21 1b29aq-0000Pn-TD Completed
    2016-05-16 10:53:32 1b29b1-0000Px-UW nokia R=localuser T=local_delivery
    2016-05-16 10:53:32 1b29b1-0000Px-UW Completed
    2016-05-16 10:54:39 exim 4.84_2 daemon started: pid=1740, -q1h, listening for SMTP on port 25 (IPv6 and IPv4) port 587 (IPv6 and IPv4) and for SMTPS on port 465 (IPv6 and IPv4)
    2016-05-16 10:54:39 Start queue run: pid=1742
    2016-05-16 10:54:39 End queue run: pid=1742
    2016-05-16 11:02:20 1b29jY-0000Uu-IV samsung R=localuser T=local_delivery
    2016-05-16 11:02:20 1b29jY-0000Uu-IV Completed
    2016-05-16 11:06:44 exim 4.84_2 daemon started: pid=2071, -q1h, listening for SMTP on port 25 (IPv6 and IPv4) port 587 (IPv6 and IPv4) and for SMTPS on port 465 (IPv6 and IPv4)
    2016-05-16 11:06:44 Start queue run: pid=2073
    2016-05-16 11:06:44 End queue run: pid=2073

    Reply
    • You should check for:
      – dovecot mail_location setting,
      – blocking firewall rules,
      – MX records.
      – errors in the exim log file

      Reply
  10. Hi, I followed this tutorial to setup exim and dovecot on my CentOS 7 VM, but when I am trying to use Thunderbird client from my local Windows machine, it is giving me “username or password invalid” error. Please help!!

    Reply
  11. I know this tutorial probably hasn’t been updated but goddamn it I am going to fix my server.
    When launching Thunderbird and inputting test@mydomain.com (with my actual domain lol), and my password I get: “user name or password invalid”
    How can I double check user name and password?
    Where, in this tutorial did we make the User and pass?
    Is there a file containing these Users?
    If yes do I add further users with that file?
    Are you annoyed yet?
    Is there any recommended tutorials to help me understand better?
    Any books?
    Thanks for reading and I hope this actually gets answered one day. Oh and thanks for the tutorial. I’m just new and still learning :).

    Reply
    • The email user is a system user, so you should use test instead of test@mydomain.com while configuring the email client. Check the CREATE SYSTEM USER and CONFIGURE YOUR EMAIL CLIENT
      sections for more information. If you want to learn more, you can check the Exim and Dovecot documentations. Thanks.

      Reply
      • can please briefly elaborate .how to create a system user and configure email client.I have done every thing in the post but only thunderbird username and password is in valid out reading every post can you please post this Answer for this issue

        Reply
        • Instructions on how to create system user and how to configure the email client you can find in the blog post. If you experience some problems you can check your Exim/Dovecot log files for errors.

          Reply

Leave a Comment