Skip to content

X386 – Ubuntu & Python

Ubuntu and Python Documentation

  • Home
  • About
  • Contact
  • License
  • Privacy Policy

Simple Mail Server on Ubuntu

Posted on 24/05/2020 - 29/03/2021 by exforge

SimpleMailServerOnUbuntu: Mail Server with SMTP and IMAP on Ubuntu 20.04

Copyright (C) 2020 Exforge exforge@x386.xyz 

# This document is free text: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# any later version.
# This document is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
# You should have received a copy of the GNU General Public License
# along with this program.  If not, see <https://www.gnu.org/licenses/>.

Specs 

# Based on the valuable documents at:
https://www.server-world.info/en/note?os=Ubuntu_18.04&p=mail&f=1
# SMTP: Postfix
# IMAP: Dovecot
# No virtual domains, only Linux users will have email accounts
# Tried to be as simple as possible
#
# Hostname: mail.x11.xyz
# Mail Domain: x11.xyz
#
# An MX record must be created at the DNS Server with the value of mail.x11.xyz

1. Install and Configure Postfix 

# 1.1. Install Postfix and SASL (Simple Auth. & Security Layer)
sudo apt -y install postfix sasl2-bin 
#   Select No configuration at the install question, we will configure manually
#
# 1.2. Create a standart config file for postfix
sudo cp /usr/share/postfix/main.cf.dist /etc/postfix/main.cf
#
# 1.3. Edit postfix config file as described
sudo nano /etc/postfix/main.cf 
#
# around line 78: uncomment
mail_owner = postfix
#
# around line 94: uncomment and specify hostname
myhostname = mail.x11.xyz
#
# around line 102: uncomment and specify domainname
mydomain = x11.xyz
#
# around line 123: uncomment
myorigin = $mydomain
#
# around line 137: uncomment
inet_interfaces = all
#
# around line 185: uncomment
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
#
# around line 228: uncomment
local_recipient_maps = unix:passwd.byname $alias_maps
#
# around line 270: uncomment
mynetworks_style = subnet
#
# around line 287: add your local network
mynetworks = 127.0.0.0/8, 10.0.0.0/24
#
# around line 407: uncomment
alias_maps = hash:/etc/aliases
#
# around line 418: uncomment
alias_database = hash:/etc/aliases
#
# around line 440: uncomment
home_mailbox = Maildir/
#
# around line 576: comment out and add
#smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
smtpd_banner = $myhostname ESMTP
#
# around line 650: add
sendmail_path = /usr/sbin/postfix
#
# around line 655: add
newaliases_path = /usr/bin/newaliases
#
# around line 660: add
mailq_path = /usr/bin/mailq
#
# around line 666: add
setgid_group = postdrop
#
# around line 670: comment out
#html_directory =
#
# around line 674: comment out
#manpage_directory =
#
# around line 679: comment out
#sample_directory =
#
# around line 683: comment out
#readme_directory =
#
# add to the end: 
# limit an email size 10M
message_size_limit = 10485760
# limit mailbox 1G
mailbox_size_limit = 1073741824
# SMTP-Auth setting
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $myhostname
smtpd_recipient_restrictions = permit_mynetworks, permit_auth_destination, permit_sasl_authenticated, reject
#
# 1.4. Activate Aliases (Will be explained at 5.2.) 
sudo newaliases
# 1.5. Restart Postfix
sudo systemctl restart postfix

2. Install and Configure Dovecot 

# 2.1. Install Dovecot core, pop3 and imap deamons
sudo apt -y install dovecot-core dovecot-pop3d dovecot-imapd 
#
# 2.2. Dovecot main config
sudo nano /etc/dovecot/dovecot.conf
# around line 30: uncomment
listen = *, ::
#
# 2.3. Dovecot auth config
sudo nano /etc/dovecot/conf.d/10-auth.conf
# around line 10: uncomment and change ( allow plain text auth )
disable_plaintext_auth = no
#
# around line 100: add
auth_mechanisms = plain login
#
# 2.4. Dovecot mail config
sudo nano /etc/dovecot/conf.d/10-mail.conf
# around line 30: change to Maildir
mail_location = maildir:~/Maildir
#
# 2.5. Dovecot master config
sudo nano /etc/dovecot/conf.d/10-master.conf
# around line 107-109: uncomment and add
# Postfix smtp-auth
unix_listener /var/spool/postfix/private/auth {
    mode = 0666
    user = postfix
    group = postfix
}
#
# 2.6. Restart Dovecot
sudo systemctl restart dovecot

Break Time 

# At this point we have a very basic mail config, all our linux users at 
#   mail.x11.xyz have mail addresses. They can access smtp at port 25 and imap at
#   port 143. But unfortunately there is no encryption. 
# At the next step we will add SSL encrytpion and that will change our smtp port to 587.
#
# The easiest way to get SSL certificate for our mail server is:
#   Install apache2
#   Create a site with servername mail.x11.xyz
#   Get ssl certificate with Certbot
#   (See tutorial CertbotOnUbuntu)
# At the next section I assume you have certificates  as
#    /etc/letsencrypt/live/mail.x11.xyz/fullchain.pem
#    /etc/letsencrypt/live/mail.x11.xyz/privkey.pem

3. Add SSL/TLS to Postfix and Dovecot 

# 3.1. Postfix main config
sudo nano /etc/postfix/main.cf 
#   Add to the end
smtpd_use_tls = yes
smtp_tls_mandatory_protocols = !SSLv2, !SSLv3
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
smtpd_tls_cert_file = /etc/letsencrypt/live/mail.x11.xyz/fullchain.pem
smtpd_tls_key_file = /etc/letsencrypt/live/mail.x11.xyz/privkey.pem
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
#
# 3.2. Postfix master config
sudo nano /etc/postfix/master.cf
#  Around line 17-21: uncomment like follows
submission inet n       -       y       -       -       smtpd
  -o syslog_name=postfix/submission
#  -o smtpd_tls_security_level=encrypt
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_tls_auth_only=yes
#  Around line 29-31: uncomment like follows
smtps     inet  n       -       y       -       -       smtpd
  -o syslog_name=postfix/smtps
  -o smtpd_tls_wrappermode=yes
#
# 3.3. Dovecot config
sudo nano /etc/dovecot/conf.d/10-ssl.conf
# Around line 12,13: Specify certificates (change as below)
#   Remember to change domain names:  
ssl_cert = </etc/letsencrypt/live/mail.x11.xyz/fullchain.pem
ssl_key = </etc/letsencrypt/live/mail.x11.xyz/privkey.pem
#
# 3.4. Restart Postfix and Dovecot
sudo systemctl restart postfix dovecot

4. Client Mail Settings 

# For Linux User exforge at mail.x11.xyz
# Replace all occurences of:
#  exforge --> your user name
#  mail.x11.xyz --> your server name
#  x11.xyz --> your domain
#
# Thunderbird Config:
#  Your name: Exforge
#  Email address: exforge@x11.xyz
#  Password: (Your Linux Password)
#  Incoming: IMAP  mail.x11.xyz  	143  STARTTLS  Normal password
#  Outgoing: SMTP  mail.x11.xyz  	465  SSL/TLS   Normal password
#  Username: Incoming: exforge    	Outgoing: exforge
#     
#  See my config screenshot at:
https://imgur.com/a/RVIAy3o

5. Account Management 

# 5.1. All Linux users already have mail accounts with their login name and passwords.
#   To add a new mail user, you need to add a user to your server
sudo useradd -d /home/exforge -m exforge
#   And you need to give her a password too
sudo passwd exforge
#
# 5.2. If you want to use aliases, say postmaster and abuse for user exforge.
#   First create Linux users
sudo useradd -d /home/postmaster -m postmaster
sudo useradd -d /home/abuse -m abuse
sudo passwd postmaster
sudo passwd abuse
#   Add them to /etc/aliases file
sudo nano /etc/aliases
#_______________________________________
# See man 5 aliases for format
postmaster:    exforge
abuse:     exforge
#_______________________________________
#
#   Activate aliases
sudo newaliases
# 
# 5.3. Restart Postfix and Dovecot
sudo systemctl restart postfix dovecot

Posted in Ubuntu

Post navigation

MariaDB On Ubuntu
WordPress on Ubuntu
Proudly powered by WordPress | Theme: micro, developed by DevriX.