Setup a mailserver with Exim and Dovecot on a CentOS 7 VPS

The following article will guide you through the steps of installing and setting up a mailserver using Exim and Dovecot on a CentOS 7 VPS.

For this tutorial, we are using one of our CentOS based VPS hosting plans, pre-installed with minimal CentOS 7 OS.

What is Exim?

Exim is a mail transfer agent (MTA) used on Unix-like operating systems. Exim is free software distributed under the terms of the GNU General Public License, and it aims to be a general and flexible mailer with extensive facilities for checking incoming e-mail.

What is Dovecot?

Dovecot is an open source IMAP and POP3 email server for Linux/UNIX-like systems, written with security primarily in mind. Dovecot is an excellent choice for both small and large installations.


First off, ssh to your server and initiate a screen session using the command below:

## screen -U -S exim-dovecot

once you’re in a screen session, update your CentOS 7 VPS using yum as in:

## yum update


Enable EPEL repository on the CentOS system using:

## yum install http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-2.noarch.rpm

if you get a 404 not found, go at https://dl.fedoraproject.org/pub/epel/7/x86_64/Packages/e/ and install the latest epel-release rpm package available.

check if EPEL has been enabled on your system using:

## yum repolist

once EPEL is enabled, install some useful tools using:

## yum install file perl-Mail-SPF.noarch openssl vim


Since we are going to use SSL in Dovecot and Exim, we need to have an SSL certificate. You can purchase and use one of our GeoTrust SSL Certificates or you can create your own self-signed SSL certificate for mail.mydomain.com using the commands below:

## mkdir /root/SSL/mail.mydomain.com -p
## cd /root/SSL/mail.mydomain.com
## openssl req -nodes -x509 -newkey rsa:2048 -keyout mail.mydomain.com.key -out mail.mydomain.com.crt -days 365

Move the SSL certificate and key to /etc/ssl using:

## cp mail.mydomain.com.key mail.mydomain.com.crt /etc/ssl/


Install exim on the CentOS 7 virtual server using yum:

## yum install exim

next, open /etc/exim/exim.conf with your favorite editor and configure exim as follows:

## cp /etc/exim/exim.conf{,.orig}
## vim /etc/exim/exim.conf

primary_hostname = mail.mydomain.com
domainlist local_domains = @ : mydomain.com

tls_advertise_hosts = *
tls_certificate = /etc/ssl/mail.mydomain.com.crt
tls_privatekey = /etc/ssl/mail.mydomain.com.key

auth_advertise_hosts = *

find the transport section and edit the following:

  driver = appendfile
  directory = $home/Maildir

scroll down the the authenticators section and add the following lines:

  driver = dovecot
  public_name = LOGIN
  server_socket = /var/run/dovecot/auth-client
  server_set_id = $auth1

  driver = dovecot
  public_name = PLAIN
  server_socket = /var/run/dovecot/auth-client
  server_set_id = $auth1

Start the EXIM MTA and add it to system’s startup using systemctl

## systemctl start exim
## systemctl status exim
## systemctl enable exim


Install Dovecot on the system using yum

## yum install dovecot

Once installed, configure SSL in Dovecot by editing the following:

## vim /etc/dovecot/conf.d/10-ssl.conf

ssl = yes
ssl_cert = </etc/ssl/mail.mydomain.com.crt
ssl_key = </etc/ssl/mail.mydomain.com.key

next, allow plaintext authentication in /etc/dovecot/conf.d/10-auth.conf:

## vim /etc/dovecot/conf.d/10-auth.conf

disable_plaintext_auth = no
auth_mechanisms = plain login

configure mailbox location and type in /etc/dovecot/conf.d/10-mail.conf:

## vim /etc/dovecot/conf.d/10-mail.conf

mail_location = maildir:~/Maildir

Set-up Dovecot so that is allows Exim to use its authentication system in /etc/dovecot/conf.d/10-master.conf

## vim /etc/dovecot/conf.d/10-master.conf

service auth {
    unix_listener auth-client {
        mode = 0660
        user = exim

Start Dovecot and add it to system’s start-up using:

## systemctl start dovecot
## systemctl status dovecot
## systemctl enable dovecot


## useradd -m test
## passwd test


In this example, we are using Mozilla Thunderbird as email client to send/receive emails. To configure the newly created email account, open Thunderbird enter your account details as shown in the pictures below:

Enter your name, your email address and your password and click ‘Continue’.

Configure your mail server parameters and click ‘Done’. That’s it.


Of course you don’t have to do any of this if you use one of our Linux VPS Hosting services, in which case you can simply ask our expert Linux admins to install a mailserver with Exim and Dovecot. They are available 24×7 and will take care of your request immediately.

PS. If you liked this post please share it with your friends on the social networks using the buttons on the left or simply leave a reply below. Thanks.

Categories Tutorials
admin :

View Comments (21)

  • I used your guide to setup exim. seems ok til I try to connect to the test account from the internet. I get this error: '550 relay not permitted'.


  • in exim.conf:
    local_interfaces = <;

    systemctl stop firewalld.service (or open up the required ports)

    systemctl restart exim.service

  • when i start dovecot,the maillog give a message :master: Dovecot v2.2.10 starting up for imap, pop3, lmtp (core dumps disabled)

  • #this my dovecot.conf
    auth_mechanisms = plain login
    disable_plaintext_auth = no
    mail_location = mbox:/var/mail/%d/%1n/%n:INDEX=/var/indexes/%d/%1n/%n
    mbox_write_locks = fcntl
    namespace inbox {
    inbox = yes
    location =
    mailbox Drafts {
    special_use = \Drafts
    mailbox Junk {
    special_use = \Junk
    mailbox Sent {
    special_use = \Sent
    mailbox "Sent Messages" {
    special_use = \Sent
    mailbox Trash {
    special_use = \Trash
    prefix =
    passdb {
    driver = pam
    service auth {
    unix_listener auth-client {
    mode = 0660
    user = exim
    service imap-login {
    inet_listener imap {
    port = 143
    inet_listener imaps {
    port = 993
    ssl = yes
    service pop3-login {
    inet_listener pop3 {
    port = 110
    inet_listener pop3s {
    port = 995
    ssl = yes
    ssl = required
    ssl_cert = </etc/ssl/mail.chubangde.com.crt
    ssl_key = </etc/ssl/mail.chubangde.com.key
    userdb {
    driver = passwd

  • thx very much.it work very will.
    if you can add a virtual account method,that will very helpful .such as access by mysql.^_^

  • Hi,
    Wondered if you would be able to explain how this would work for a multi domain lamp stack? I am relatively experienced with Linux based hosting, but this has me stumped. I've created the mail server slightly differently to your guide, however the core is the same, and it functions the same. Say the server itself's hostname is web1.domain-one.com. The LAMP stack is home to domain-one.com, domain-two.com and domain-three.com. How, when I create system users, can I distinguish which domain they are for? And how, for instance, could I have two mailboxes, such as admin@domain-two.com and admin@domain-three.com?
    Many thanks in advance for any advice you can offer.

    • In short, you will need to change the 'local_domains' setting in your Exim configuration file to include the domain list from a specific directory (for example, /etc/exim/virtual ), create text files for your domain names (for example, /etc/exim/virtual/domain-two.com and /etc/exim/virtual/domain-three.com) and configure Exim to use 'vdom_aliases'. The text files for your domain names should contain information about mapping between the email address and a local user.


  • Hello, I am very pleased with the tutorial you have written, but I am having the same issue as Thanh, I followed the steps in the article, but when I get to the last step in setting up with email client even though I typed in my password correctly for my test user, it is coming up and saying my password is incorrect, I have checked /var/log/maillog and as well as exim log to see if anything is incorrect but I did not see anything out of the ordinary also I did nmap my mail server and it shows that the correct ports are showing, thank you for your time and I hope you will be able to help me shed light on this thank you again for the tutorial :)

  • Hello,
    Thanks for your tutorial , but i having an error .
    I can sent but cant receive . Can u help me fix it ?
    I create 2 users for test : samsung , nokia
    2016-05-16 10:30:41 exim 4.84_2 daemon started: pid=1326, -q1h, listening for SMTP on port 25 (IPv6 and IPv4) port 587 (IPv6 and IPv4) and for SMTPS on port 465 (IPv6 and IPv4)
    2016-05-16 10:30:41 Start queue run: pid=1328
    2016-05-16 10:30:41 End queue run: pid=1328
    2016-05-16 10:49:21 exim 4.84_2 daemon started: pid=1651, -q1h, listening for SMTP on port 25 (IPv6 and IPv4) port 587 (IPv6 and IPv4) and for SMTPS on port 465 (IPv6 and IPv4)
    2016-05-16 10:49:21 Start queue run: pid=1653
    2016-05-16 10:49:21 End queue run: pid=1653
    2016-05-16 10:50:18 exim 4.84_2 daemon started: pid=1093, -q1h, listening for SMTP on port 25 (IPv6 and IPv4) port 587 (IPv6 and IPv4) and for SMTPS on port 465 (IPv6 and IPv4)
    2016-05-16 10:50:18 Start queue run: pid=1097
    2016-05-16 10:50:18 End queue run: pid=1097
    2016-05-16 10:50:34 exim 4.84_2 daemon started: pid=1179, -q1h, listening for SMTP on port 25 (IPv6 and IPv4) port 587 (IPv6 and IPv4) and for SMTPS on port 465 (IPv6 and IPv4)
    2016-05-16 10:50:34 Start queue run: pid=1181
    2016-05-16 10:50:34 End queue run: pid=1181
    2016-05-16 10:51:54 1b29ZS-0000LS-8f nokia R=localuser T=local_delivery
    2016-05-16 10:51:54 1b29ZS-0000LS-8f Completed
    2016-05-16 10:52:16 1b29Zo-0000La-1o samsung R=localuser T=local_delivery
    2016-05-16 10:52:16 1b29Zo-0000La-1o Completed
    2016-05-16 10:53:20 1b29aq-0000Pn-TD nokia R=localuser T=local_delivery
    2016-05-16 10:53:21 1b29aq-0000Pn-TD Completed
    2016-05-16 10:53:32 1b29b1-0000Px-UW nokia R=localuser T=local_delivery
    2016-05-16 10:53:32 1b29b1-0000Px-UW Completed
    2016-05-16 10:54:39 exim 4.84_2 daemon started: pid=1740, -q1h, listening for SMTP on port 25 (IPv6 and IPv4) port 587 (IPv6 and IPv4) and for SMTPS on port 465 (IPv6 and IPv4)
    2016-05-16 10:54:39 Start queue run: pid=1742
    2016-05-16 10:54:39 End queue run: pid=1742
    2016-05-16 11:02:20 1b29jY-0000Uu-IV samsung R=localuser T=local_delivery
    2016-05-16 11:02:20 1b29jY-0000Uu-IV Completed
    2016-05-16 11:06:44 exim 4.84_2 daemon started: pid=2071, -q1h, listening for SMTP on port 25 (IPv6 and IPv4) port 587 (IPv6 and IPv4) and for SMTPS on port 465 (IPv6 and IPv4)
    2016-05-16 11:06:44 Start queue run: pid=2073
    2016-05-16 11:06:44 End queue run: pid=2073

    • You should check for:
      - dovecot mail_location setting,
      - blocking firewall rules,
      - MX records.
      - errors in the exim log file

  • Hi, I followed this tutorial to setup exim and dovecot on my CentOS 7 VM, but when I am trying to use Thunderbird client from my local Windows machine, it is giving me "username or password invalid" error. Please help!!

  • I know this tutorial probably hasn't been updated but goddamn it I am going to fix my server.
    When launching Thunderbird and inputting test@mydomain.com (with my actual domain lol), and my password I get: "user name or password invalid"
    How can I double check user name and password?
    Where, in this tutorial did we make the User and pass?
    Is there a file containing these Users?
    If yes do I add further users with that file?
    Are you annoyed yet?
    Is there any recommended tutorials to help me understand better?
    Any books?
    Thanks for reading and I hope this actually gets answered one day. Oh and thanks for the tutorial. I'm just new and still learning :).

    • The email user is a system user, so you should use test instead of test@mydomain.com while configuring the email client. Check the CREATE SYSTEM USER and CONFIGURE YOUR EMAIL CLIENT
      sections for more information. If you want to learn more, you can check the Exim and Dovecot documentations. Thanks.


GDPR Compliance

By using this web site you agree to our privacy policy as shown at https://www.rosehosting.com/priv.html

Privacy Settings

This website uses cookies.