Postifix Email Server Virtual Domain with Mysql and Courier IMAP/POP Server
By sumit.rishu
Software's Used
Email Server: Postfix
Operating System: CentOS5
Database: Mysql
Other: Postfixadmin,Apache2, Courier IMAP, Courier Authlib, Postfix,Mysql
This document describes how to install
Postfix emails servers with virtual
domains. This means that the users are
stored in the MYSQL database. The
advantage of a virtual domain setup
is that we can host multiple domains
in a single server. More over since
the users are not system users the
setup is more secure.
We would also be installing Courier-
IMAP and Courier-Authlib which
would be using the same Mysql
database.This kind of setup is
advantageous since you do not have to
remember username and email id
separately. In a virtual domain setup
username and email id identical.
Please note that this is not the
only way to setup a virtual
domain with postfix.
2) Installing Packages
yum install rpm-build pcre-devel
yum install cyrus-sasl-sql cyrus-sasl-devel\
cyrus-sasl-lib.i386 cyrus-sasl-plain.i386\
cyrus-sasl.i386
yum install libtool \
postgresql-devel \
gdbm-devel pam-devel
expect \
openldap-devel gamin-devel \
openldap-servers
Note: The postfix available
in yum repository
of CentOS is not
compiled with mysql.
We would be compiling
postfix (email server)
and courier (ipam/pop)
server.
We would be also compiling
Courier Authlib,
authentication library
for courier daemon.
3) Make Directories
As normal User
[sumitk@sumitk ~]$mkdir $HOME/rpm
[sumitk@sumitk ~]$mkdir $HOME/rpm/SOURCES
[sumitk@sumitk ~]$mkdir $HOME/rpm/SPECS
[sumitk@sumitk ~]$mkdir $HOME/rpm/BUILD
[sumitk@sumitk ~]$mkdir $HOME/rpm/SRPMS
[sumitk@sumitk ~]$mkdir $HOME/rpm/RPMS
[sumitk@sumitk ~]$mkdir $HOME/rpm/RPMS/i386
[sumitk@sumitk ~]$echo "%_topdir $HOME/rpm" >> $HOME/.rpmmacros
[sumitk@sumitk ~]$mkdir $HOME/downloads
[sumitk@sumitk ~]$cd $HOME/downloads
4) Download Latest Coutier IMAP and Courier Authlib
[sumitk@sumitk ~]$cd $HOME/downloads
$wget Courier Authlib (Copy Paste link)
$wget Courier IMAP ( Copy Paste Link)
Note: Compile COurier IMAP and
Courier Authlib as Normal User
5) Resolve Courier Dependencies
$rpmbuild -ta courier-authlib-0.63.0.tar.bz2
error: Failed build dependencies:
mysql-devel is needed by courier-authlib-0.63.0-1.i386
zlib-devel is needed by courier-authlib-0.63.0-1.i386
gcc-c++ is needed by courier-authlib-0.63.0-1.i386
redhat-rpm-config is needed by courier-authlib-0.63.0-1.i386
/usr/include/ltdl.h is needed by courier-authlib-0.63.0-1.i386
$ sudo yum install mysql-devel \
zlib-devel gcc-c++ redhat-rpm-config
$ sudo yum -y install libtool-ltdl-devel
6) Compile Courier Authlib
$rpmbuild -ta courier-authlib-0.63.0.tar.bz2
$ ls -l $HOME/rpm/RPMS/i386/
total 688
courier-authlib-0.63.0-1.i386.rpm
courier-authlib-debuginfo-0.63.0-1.i386.rpm
courier-authlib-devel-0.63.0-1.i386.rpm
courier-authlib-ldap-0.63.0-1.i386.rpm
courier-authlib-mysql-0.63.0-1.i386.rpm
courier-authlib-pgsql-0.63.0-1.i386.rpm
courier-authlib-pipe-0.63.0-1.i386.rpm
courier-authlib-userdb-0.63.0-1.i386.rpm
7) Install Courier Authlib
$ cd $HOME/rpm/RPMS/i386/
$ sudo rpm -ivh courier-authlib-0.63.0-1.i386.rpm
Preparing... ###################### [100%]
1:courier-authlib ###################### [100%]
$ sudo rpm -ivh courier-authlib-devel-0.63.0-1.i386.rpm
Preparing... ###################### [100%]
1:courier-authlib-devel ############### [100%]
$ sudo rpm -ivh courier-authlib-mysql-0.63.0-1.i386.rpm
Preparing... ############################## [100%]
1:courier-authlib-mysql ############### [100%]
8) Compile Courier IMAP
$ rpmbuild -ta courier-imap-4.9.1.tar.bz2
error: Failed build dependencies:
libidn-devel is needed by courier-imap-4.9.1-1.i386
$ sudo yum install libidn-devel
$ rpmbuild -ta courier-imap-4.9.1.tar.bz2
$ cd $HOME/rpm/RPMS/i386/
$ ls courier-imap-*
courier-imap-4.9.1-1.i386.rpm
courier-imap-debuginfo-4.9.1-1.i386.rpm
9) Install Courier IMAP
$ sudo rpm -ivh courier-imap-4.9.1-1.i386.rpm
Preparing... ################ [100%]
1:courier-imap ################ [100%]
10) Adding Courier IMAP/Authlib to start while booting
Run command as Root
# chkconfig --level 2345 courier-imap on
# chkconfig --level 2345 courier-authlib on
11) Installing Postfix
A) We would Download a source RPM package for
postfix and compile it with MYSQL support.
B) Remove Sendmail if installed
# rpm -e sendmail --nodeps
C) Execute below commands as root
#mkdir $HOME/rpm
#mkdir $HOME/rpm/SOURCES
#mkdir $HOME/rpm/SPECS
#mkdir $HOME/rpm/BUILD
#mkdir $HOME/rpm/SRPMS
#mkdir $HOME/rpm/RPMS
#mkdir $HOME/rpm/RPMS/i386
#echo "%_topdir $HOME/rpm" >> $HOME/.rpmmacros
#mkdir $HOME/downloads
#cd $HOME/downloads
D) Download latest postfix source .src.rpm package.
# wget Postfix .src.rpm (Copy and paste link)
E) Install Posstfix as root
# rpm -ivh postfix-2.8.2-1.src.rpm
Note: Ignore Warnings
$ cd ../rpm/SPECS/
F)Change the compiling parameters in spec file
# vi postfix.spec
%define with_alt_prio 30
%define with_cdb 0
%define with_ldap 1
%define with_mysql 0
%define with_mysql_redhat 1
%define with_pcre 0
%define with_pgsql 0
%define with_sasl 2
%define with_spf 0
%define with_dovecot 0
%define with_tls 1
%define with_tlsfix 2
%define with_vda 0
G) Compile postfix
# rpmbuild -ba postfix.spec
error: Failed build dependencies:
db4-devel is needed by postfix-2.8.2-1.rhel5.i386
# yum -y install db4-devel
# rpmbuild -ba postfix.spec
Wrote: /root/rpm/SRPMS/postfix-2.8.2-1.rhel5.src.rpm
Wrote: /root/rpm/RPMS/i386/postfix-2.8.2-1.rhel5.i386.rpm
Wrote: /root/rpm/RPMS/i386/postfix-debuginfo-2.8.2-1.rhel5.i386.rpm
# rpm -ivh /root/rpm/RPMS/i386/postfix-2.8.2-1.rhel5.i386.rpm
Preparing...################ [100%]
1:postfix################ [100%]
H) Adding Postfix to start while booting
Run Command as Root
# chkconfig --level 2345 postfix on
12) Download Postfixadmin [Frontend for postfix virtual domain] $wget Postfixadmin (copy and paste the URL) A) Untar the file $tar -xvzf postfixadmin-2.3.3.tar.gz B) Change the name (not necessary, i dont like the name postfixadmin) $mv postfixadmin-2.3.3 mailadmin C)If aapache2/php/squirrelmail is not installed please install it as root #yum -y install httpd php.i386 squirrelmail php-mysql.i386 php-imap.i386 D) Start Apache as root #/etc/init.d/httpd start Add httpd to start at boot # chkconfig --level 2345 httpd on E) Copy the directory mailadmin to web directory /var/www/html as root # cp -R mailadmin /var/www/html/ F) Start mysql Server as root #/etc/init.d/mysqld start Add mysql to start at boot # chkconfig --level 2345 mysqld on G) Enter mysql prompt #mysql -u root -p H) CREATE POSTFIX DATABASE and GRANT PRIVILIDGES Note: You can assign your own password for databse user postfix mysql> CREATE DATABASE postfix; mysql> CREATE USER 'postfix'@'localhost' IDENTIFIED BY 'postfix'; mysql> GRANT ALL PRIVILEGES ON `postfix` . * TO 'postfix'@'localhost'; I) Edit the config file as root #cd /var/www/html/mailadmin #vi config.inc.php $CONF['configured'] = true; $CONF['database_type'] = 'mysql'; $CONF['database_host'] = 'localhost'; $CONF['database_user'] = 'postfix'; $CONF['database_password'] = 'postfix'; $CONF['database_name'] = 'postfix'; $CONF['admin_email'] = 'postmaster@example.com'; # change to your domain name $CONF['min_password_length'] = 6; $CONF['page_size'] = '100'; $CONF['domain_path'] = 'YES'; $CONF['domain_in_mailbox'] = 'NO'; J) On your browser type the URL http://<Server IP>/mailadmin/setup.php H) If everything is correct, the setup will create the database Go to mysql prompt and check if the database is created. mysql -u root -p mysql>use postfix; mysql> show tables; +-----------------------+ | Tables_in_postfix | +-----------------------+ | admin | | alias | | alias_domain | | config | | domain | | domain_admins | | fetchmail | | log | | mailbox | | quota | | quota2 | | vacation | | vacation_notification | +-----------------------+ 13 rows in set (0.00 sec) I) Setup SUPERADMIN Account On your browser type the URL http://<Server IP>/mailadmin/setup.php Generate a setup password Setup password: Setup password (again): I have given admin You would get something like this If you want to use the password you entered as setup password, edit config.inc.php and set $CONF['setup_password'] = '9567b320b103adf6203639516ff764e0:fa6c4f60c679632c965aa335f11f7659d913cb58'; -> Edit config.inc.php #cd /var/www/html/mailadmin vi config.inc.php Change the variable $CONF['setup_password'] $CONF['setup_password'] = '9567b320b103adf6203639516ff764e0:fa6c4f60c679632c965aa335f11f7659d913cb58'; Again On your browser type the URL http://<Server IP>/mailadmin/setup.php Fill in the required fields Setup password: admin (in my case) Admin: admin@example.com (change it to your domain) Password:admin (password of your choice) Password (again):admin This should create the superadmin TO verify, go to the mysql prompt mysql> select * from domain_admins; +------------------+--------+---------------------+--------+ | username | domain | created | active | +------------------+--------+---------------------+--------+ | admin@example.com| ALL | 2011-05-12 03:50:43 | 1 | +------------------+--------+---------------------+--------+ 1 row in set (0.00 sec) mysql> select * from admin; +------------------+------------------------------------+---------------------+---------------------+--------+ | username | password | created | modified | active | +------------------+------------------------------------+---------------------+---------------------+--------+ | admin@example.com| $1$210ca79d$Fvx80cbl9f5Nc4kXMzbZ0. | 2011-05-12 03:50:43 | 2011-05-12 03:50:43 | 1 | +------------------+------------------------------------+---------------------+---------------------+--------+
J) Alternate method to Setup SUPERUSER Account
mysql> INSERT INTO domain_admins (username, domain, active)
VALUES ('admin@example.com','ALL','1');
Query OK, 1 row affected (0.00 sec)
mysql> INSERT INTO admin (username, password, active)
VALUES ('admin@example.com','$1$0fec9189$bgI6ncWrldPOsXnkUBIjl1','1');
Query OK, 1 row affected (0.00 sec)
mysql> exit
Bye
Then you can log in as admin@example.com, password: admin.
Change the password after first login
TO login to the web UI type the URL onto your browser
http://<Server IP>/mailadmin/
username:admin@example.com
password:admin
===================================================================
13) Configure Postfix
A) Add a User vmail. The email would be stored in the user's home directory
#useradd -m vmail
# id vmail
uid=1005(vmail) gid=1005(vmail) groups=1005(vmail)
Make note of the uid and gid of vmail user.
We would be entering the same uid and gid
in postfix as well as courier configuration.
B) Create a hash for the aliases file
postalias /etc/postfix/aliases
C) Edit postfix configuration
vi /etc/postfix/main.cf
inet_interfaces = all
mynetworks = 192.168.1.0/24, 127.0.0.0/8 # enter your trusted
# network to send
# email without
# authentication
#### Add below lines at the end if the config file #############
virtual_mailbox_base = /home/vmail/
####################DOMAIN#########
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf
#################MAILBOX################3
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
#################ALIAS#################
virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
##################################################################
virtual_uid_maps = static:1005
virtual_gid_maps = static:1005
###################################################################
smtpd_sasl_local_domain =
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_sasl_authenticated
permit_mynetworks
reject_unauth_destination
reject_invalid_hostname
reject_non_fqdn_sender
reject_non_fqdn_recipient
D) Create below files as root
Note: Database username/password is the same
as what we created while installing postfixadmin
# vi /etc/postfix/mysql_virtual_domains_maps.cf
user = postfix
password = postfix
dbname = postfix
hosts = 127.0.0.1:3306
table = domain
select_field = transport
where_field = domain
additional_conditions = AND backupmx='0' AND active='1'
# vi /etc/postfix/mysql_virtual_mailbox_maps.cf
user = postfix
password = postfix
dbname = postfix
hosts = 127.0.0.1:3306
table = mailbox
select_field = maildir
where_field = username
additional_conditions = AND active='1'
# vi /etc/postfix/mysql_virtual_alias_maps.cf
user = postfix
password = postfix
dbname = postfix
hosts = 127.0.0.1:3306
table = alias
select_field = goto
where_field = address
E) Start postfix
#/etc/init.d/postfix start
F) Login to PostfixAdmin (http://<your server ip>/mailadmin
username: admin@example.com (configured Earlier)
password (admin)
i) Create a domain
Go to Domain-> New Domain
Domain: sumitk.net
Description: Sumit Domain
Aliases: 0 -1 = disable | 0 = unlimited
Mailboxes: 0 -1 = disable | 0 = unlimited
Add default mail aliases: <-- Leave Unchecked
Mail server is backup MX: <-- Leave Unchecked
Add domain <-- Submit
ii) Add a mailbox user
Go to Domain List -> sumitk.net -> Add mailbox
Username: sumitk <- Select the domian
Password: <password> Password for POP3/IMAP
Password (again): <password>
Name: Sumit Kumar Full name
Active: Checked
Send Welcome mail: Checked
G) If everything is fine user will be created and a mail will be
send to the user.
H) Verification of setup of virtual domain.
i) check logs
tail -fn 20 /var/log/maillog
May 12 06:51:00 sumitk postfix/smtpd[24074]: connect from sumitk.homelinux.net[127.0.0.1]
May 12 06:51:00 sumitk postfix/smtpd[24074]: 25C89198404: client=sumitk.homelinux.net[127.0.0.1]
May 12 06:51:00 sumitk postfix/cleanup[24080]: 25C89198404: message-id=<20110512012100.25C89198404@sumitk.homelinux.net>
May 12 06:51:00 sumitk postfix/qmgr[23979]: 25C89198404: from=<sumitk@sumit.net>, size=496, nrcpt=1 (queue active)
May 12 06:51:00 sumitk postfix/smtpd[24074]: disconnect from sumitk.homelinux.net[127.0.0.1]
May 12 06:51:00 sumitk postfix/virtual[24082]: 25C89198404: to=<sumitk@sumitk.net>, relay=virtual, delay=0.09, delays=0.04/0.02/0/0.03, dsn=2.0.0, status=sent (delivered to maildir)
May 12 06:51:00 sumitk postfix/qmgr[23979]: 25C89198404: removed
ii) Check if directory is created under user vmail's home directory
[root@sumitk downloads]# ls -l /home/vmail/
total 8
drwx------ 3 vmail vmail 4096 May 12 06:31 sumitk.net
drwx------ 5 vmail vmail 4096 May 12 06:31 sumitk
[root@sumitk downloads]# ls -l /home/vmail/sumitk.net/sumitk/
total 24
drwx------ 2 vmail vmail 4096 May 12 06:31 cur
drwx------ 2 vmail vmail 4096 May 12 06:31 new
drwx------ 2 vmail vmail 4096 May 12 06:31 tmp
H) Send email through commandline and check
$echo test | mail sumitk@sumitk.net -s "Test Mail"
May 12 06:51:51 sumitk postfix/pickup[23980]: 12870198405: uid=0 from=<root>
May 12 06:51:51 sumitk postfix/cleanup[24080]: 12870198405: message-id=<20110512012151.12870198405@sumitk.homelinux.net>
May 12 06:51:51 sumitk postfix/qmgr[23979]: 12870198405: from=<root@sumitk.homelinux.net>, size=315, nrcpt=1 (queue active)
May 12 06:51:51 sumitk postfix/virtual[24082]: 12870198405: to=<sumitk@sumitk.net>, relay=virtual, delay=0.07, delays=0.05/0.01/0/0.01, dsn=2.0.0, status=sent (delivered to maildir)
May 12 06:51:51 sumitk postfix/qmgr[23979]: 12870198405: removed
14) Configure Courier Authdaemon
A) Edit configuration files
vi /etc/authlib/authdaemonrc
authmodulelist="authmysql"
DEBUG_LOGIN=0 # change it to 2 if you want
# more verbose output in /var/log/maillog (even passwords)
vi /etc/authlib/authmysqlrc # Note: comment all variables and add below
# lines at the end of the config file or
# change variables accordingly
MYSQL_SERVER 127.0.0.1
MYSQL_USERNAME postfix
MYSQL_PASSWORD postfix
MYSQL_PORT 3306
MYSQL_DATABASE postfix
MYSQL_USER_TABLE mailbox
MYSQL_CRYPT_PWFIELD password
MYSQL_UID_FIELD '1005'
MYSQL_GID_FIELD '1005'
MYSQL_LOGIN_FIELD username
MYSQL_HOME_FIELD '/home/vmail/'
MYSQL_NAME_FIELD name
MYSQL_MAILDIR_FIELD maildir
B) Start courier service
# /etc/init.d/courier-authlib start
Starting Courier authentication services: authdaemond
# /etc/init.d/courier-imap start
Starting Courier-IMAP server: imap generating-SSL-certificate... imap-ssl pop3 generating-SSL-certificate... pop3-ssl
15) Configure Webmail interface. #/usr/share/squirrelmail/config/conf.pl Select option 3 SquirrelMail Configuration : Read: config.php (1.4.0) --------------------------------------------------------- Folder Defaults 1. Default Folder Prefix : mail/ 2. Show Folder Prefix Option : true 3. Trash Folder : INBOX.Trash 4. Sent Folder : INBOX.Sent 5. Drafts Folder : INBOX.Drafts 6. By default, move to trash : true 7. By default, move to sent : true 8. By default, save as draft : true 9. List Special Folders First : true 10. Show Special Folders Color : true 11. Auto Expunge : true 12. Default Sub. of INBOX : false 13. Show 'Contain Sub.' Option : true 14. Default Unseen Notify : 2 15. Default Unseen Type : 1 16. Auto Create Special Folders : true 17. Folder Delete Bypasses Trash : false 18. Enable /NoSelect folder fix : false R Return to Main Menu C Turn color off S Save data Q Quit Command >> s B) Type the webmail url into your browser http://<your server ip>/webmail Note: In virtual domain the username is the complete email ID (sumitk@sumitk.com) password: User password given while creating the user You can send and receive email. Make sure your MX record points to your email server 16) Configuring SMTPAUTH for outgoing emails Note: Please disable selinux. A reboot of your machine is required [root@sumitk ~]# cat /etc/selinux/config # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - SELinux is fully disabled. #SELINUX=enforcing SELINUX=disabled # SELINUXTYPE= type of policy in use. Possible values are: # targeted - Only targeted network daemons are protected. # strict - Full SELinux protection. SELINUXTYPE=targeted A) Edit config file vi /usr/lib/sasl2/smtpd.conf pwcheck_method: authdaemond log_level: 5 mech_list: PLAIN LOGIN authdaemond_path: /var/spool/authdaemon/socket B) Change permission of socket. chmod 755 /var/spool/authdaemon/socket ENJOY !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Please post your feedback and doubts. I will be overjoyed if I can help.
sumit.rishu 4 weeks ago
Thanks a lot !!!!