[2024-feb-29] Sad news: Eric Layton aka Nocturnal Slacker aka vtel57 passed away on Feb 26th, shortly after hospitalization. He was one of our Wiki's most prominent admins. He will be missed.

Welcome to the Slackware Documentation Project

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision
Previous revision
Last revisionBoth sides next revision
howtos:network_services:postfix_with_cyrus [2017/10/18 04:32 (UTC)] – grammar, minor formatting corrections, spelling, and minimalism klaatuhowtos:network_services:postfix_with_cyrus [2019/02/16 16:43 (UTC)] – [Sources] pedro.herrero
Line 1: Line 1:
 ====== Making Slackware Mail Server ====== ====== Making Slackware Mail Server ======
  
-This article shows how to make an Slackware machine your personal Mail Server. This howto is for Slackware 64 13.37, but with few changes you can adapt it to the newest member of the Slackware family.+This article shows how to make an Slackware machine your personal Mail Server. This howto is for Slackware 64 13.37, but with few changes you can adapt it to the newest member of Slackware familly Slackware 14.
  
-Before beginning, you need a normal installation of Slackware, without any special packages. You will manually download and install from Slackbuilds.org extra packages needed to make a Mail ServerThis article uses Cyrus SASL authentication and Cyrus IMAP for remote login, rather than alternatives like qpopper or dovecot. +Before we begin I must say that you need a normal installation of Slackware, without any special packages. The packages we will need to make the Mail Server we will manually download and install from Slackbuilds.org. I preffer the Cyrus SASL authentication method and Cyrus IMAP for remote login, insted of other alternatives like qpopper or dovecot. 
  
-You will install Cyrus-SASL, Postfix, Cyurs-IMAPand then configure them to use certificates for encrypting the mail packages that traverse the Internet.+Let's get started then , we will need to install Cyrus-SASL, Postfix, Cyurs-IMAP and then configure them all to use Certificates for encrypting the mail packages that traverse the Internet.
  
 ====== Installing Cyrus-SASL ====== ====== Installing Cyrus-SASL ======
Line 45: Line 45:
   # joe postfix.Slackbuild   # joe postfix.Slackbuild
      
-Edit the following line and replace "dovecot" with "cyrus" like this:+Edit the following line and replace "dovecot" with "cyrus" like this
  
   SASL=${SASL:-cyrus}   SASL=${SASL:-cyrus}
      
-To begin Postfix installationyou must create the **postfix** user and group. Later, you will add the user postfix and user cyrus to the **mail** group.+In order to begin Postfix installation you will need to create postfix user and group (also keep in mind that we need to add user postfix and user cyrus to the same group, mail group that is).
  
   # groupadd -g 200 postfix   # groupadd -g 200 postfix
Line 57: Line 57:
   # installpkg /tmp/postfix-2.8.3-x86_64-1_SBo.tgz    # installpkg /tmp/postfix-2.8.3-x86_64-1_SBo.tgz 
  
-Before continuing, configure Postfix can authenticate with sasl. First, make some aliases and tell Postfix to use aliases maps from **/etc/postfix/aliases**:+Before we continue with installation of IMAP server we need to assure that Postfix is working and we can authenticate with sasl. Let'make some basic Postfix configuration and some basic SASL configuration. I will be explaining plain auth because later on we will use it togheter with SASL to authenticate. 
 + 
 +First of all we need to make our aliases and tell Postfix to use aliases maps from /etc/postfix/aliases, so :
  
   # joe /etc/postfix/main.cf   # joe /etc/postfix/main.cf
      
-Edit these lines and make them look like this:+Edit these lines and make them look like this :
  
   alias_maps = hash:/etc/postfix/aliases   alias_maps = hash:/etc/postfix/aliases
   alias_database = hash:/etc/postfix/aliases     alias_database = hash:/etc/postfix/aliases  
      
-Now add a user to your Slackware machine, a user who will also can read and send mail.+Now let'add a user to the Slackware machine, a user who will also can read and send mail.
  
   # adduser   # adduser
Line 77: Line 79:
   Do you wish to change the sheel? (Y/n): n   Do you wish to change the sheel? (Y/n): n
   Expiry date (YYYY-MM-DD) []: press ENTER   Expiry date (YYYY-MM-DD) []: press ENTER
- +  Press ENTER and imput full name and other account relates stuff. Also specify an password for your newly created user.
-Press ENTER and input full name and other account-related stuff. Also specify password for your newly created user.+
      
-Now edit /etc/postfix/aliases and modify it to your needs : +Now edit /etc/postfix/aliases and modifiy it to your needs : 
  
   root  :         slackware_user   root  :         slackware_user
   office:   slackware_user   office:   slackware_user
      
-Update your aliases database:+Now update your aliases database issuing the command :
  
   # postalias hash:/etc/postfix/aliases      # postalias hash:/etc/postfix/aliases   
- +It is now time to make our important configurations for Postfix in order for it to run
-Make the required configuration changes to Postfix so it can run:  +
   # joe /etc/postfix/main.cf   # joe /etc/postfix/main.cf
   myhostname = mx.yourdomain.tld   myhostname = mx.yourdomain.tld
Line 98: Line 97:
   mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain   mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
   mynetworks = 127.0.0.0/8   mynetworks = 127.0.0.0/8
- +Let's now configure Postfix to authenticate users using SASL
-Configure Postfix to authenticate users using SASL+
   # mkdir /etc/sasl2   # mkdir /etc/sasl2
   # cd /etc/sasl2   # cd /etc/sasl2
Line 108: Line 105:
   pwcheck_method: saslauthd   pwcheck_method: saslauthd
   mech_list: PLAIN LOGIN   mech_list: PLAIN LOGIN
- +Now let'configure Postfix to have users authenticate using SASL. Edit /etc/postfix/main.cf and add the folowing code to the end of the file :
-Next, configure Postfix to have users authenticate using SASL. Edit /etc/postfix/main.cf and add the folowing code to the end of the file: +
   smtpd_sasl_auth_enable = yes      smtpd_sasl_auth_enable = yes   
   broken_sasl_auth_clients = yes     broken_sasl_auth_clients = yes  
   smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination   smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
-   +Let's start the daemons and test our configurations until now:
-Start the daemons and test our configurations until now: +
   # saslauthd -a shadow   # saslauthd -a shadow
   # postfix start   # postfix start
-   +Then from another machine telnet into your mail server on port 25 and issue the following commands :
-Then from another machinetelnet into your mail server on port 25 and issue the following commands : +
   # telnet mx.mailserver.com 25   # telnet mx.mailserver.com 25
   ehlo user.mailserver.tld      ehlo user.mailserver.tld   
Line 146: Line 137:
   250 2.0.0 Ok: queued as 4C0EE221E93   250 2.0.0 Ok: queued as 4C0EE221E93
   QUIT   QUIT
-   
 <note>In order to find out the string after AUTH PLAIN enter the command ''printf 'user\0user\0password' | mmencode'' on your mail server, where user is your username and password is your password</note>   <note>In order to find out the string after AUTH PLAIN enter the command ''printf 'user\0user\0password' | mmencode'' on your mail server, where user is your username and password is your password</note>  
- 
 <note important>Rember to put the "." at the end so the mail can be sent to qeue daemon </note>   <note important>Rember to put the "." at the end so the mail can be sent to qeue daemon </note>  
- 
 ====== Installing Mail Delivery and Cyrus IMAP ====== ====== Installing Mail Delivery and Cyrus IMAP ======
  
Line 180: Line 168:
   # /usr/doc/cyrus-imapd-2.4.12/tools/mkimap   # /usr/doc/cyrus-imapd-2.4.12/tools/mkimap
   # su - root   # su - root
- 
 Edit /etc/imapd.conf and add the following lines: Edit /etc/imapd.conf and add the following lines:
- 
   sasl_mech_list: PLAIN LOGIN   sasl_mech_list: PLAIN LOGIN
   allowplaintext: yes     allowplaintext: yes  
-   
 Edit /etc/postfix/main.cf and at mailbox_transport add the following: Edit /etc/postfix/main.cf and at mailbox_transport add the following:
- 
   mailbox_transport = lmtp:unix:/var/imap/socket/lmtp   mailbox_transport = lmtp:unix:/var/imap/socket/lmtp
-   +The last step to do is to add users to your imap server. For that you need to issue these commands :
-The last step to do is to add users to your imap server. +
   # passwd cyrus   # passwd cyrus
 +and add a password for cyrus user
   # cyradm --user cyrus --server localhost --auth plain       # cyradm --user cyrus --server localhost --auth plain    
   localhost>cm user.slackware_user    localhost>cm user.slackware_user 
   localhost>lm   localhost>lm
   localhost> quit   localhost> quit
-   
 <note>slackware_user is the user you have created in your slackware machine</note>   <note>slackware_user is the user you have created in your slackware machine</note>  
-At this point, you have functional Mail Serverbut with users authenticating in plain text . So the next step is inevitable.+At this point we have an functional Mail Server but with users authenticating in plain text . So the next step is innevitabile.
  
 ====== SSL / TLS Postfix and Cyrus ====== ====== SSL / TLS Postfix and Cyrus ======
  
-Start by creating certificates and configuring POSTFIX to use STARTTLS. +Let's start by creating our certificates and configuring POSTFIX to use STARTTLS.
   # cd /etc/ssl   # cd /etc/ssl
   # misc/CA.pl -newca ( complete all entries)   # misc/CA.pl -newca ( complete all entries)
Line 214: Line 195:
   # chmod 400 /etc/postfix/mailkey.pem   # chmod 400 /etc/postfix/mailkey.pem
   # cp /etc/ssl/demoCA/cacert.pem /etc/postfix   # cp /etc/ssl/demoCA/cacert.pem /etc/postfix
-   +Now add the followings to /etc/postfix/main.cf :
-Add the followings to /etc/postfix/main.cf : +
   smtpd_use_tls = yes   smtpd_use_tls = yes
   smtpd_tls_key_file = /etc/postfix/mailkey.pem   smtpd_tls_key_file = /etc/postfix/mailkey.pem
   smtpd_tls_cert_file = /etc/postfix/mail_signed_cert.pem   smtpd_tls_cert_file = /etc/postfix/mail_signed_cert.pem
   smtpd_tls_CAfile = /etc/postfix/cacert.pem   smtpd_tls_CAfile = /etc/postfix/cacert.pem
-   
 <note important>In /etc/postfix/master.cf delete the "#" sign from smtps and the next two columns from it <note important>In /etc/postfix/master.cf delete the "#" sign from smtps and the next two columns from it
                    smtps     inet  n                               smtpd                    smtps     inet  n                               smtpd
Line 227: Line 205:
                      -o smtpd_sasl_auth_enable=yes                      -o smtpd_sasl_auth_enable=yes
 </note> </note>
- +Now let'configure IMAP to use STARTTLS
-Now configure IMAP to use STARTTLS+
   # openssl req -new -nodes -out req.pem -keyout key.pem     # openssl req -new -nodes -out req.pem -keyout key.pem  
   # openssl rsa -in key.pem -out new.key.pem   # openssl rsa -in key.pem -out new.key.pem
Line 244: Line 220:
 ====== Adding daemons to rc.local ====== ====== Adding daemons to rc.local ======
      
-The final step is to add all daemons to **rc.local** so they can start when machine boots. Open **/etc/rc.d/rc.local** and add these lines : +Now the last step is to add all daemons to rc.local so they can start when machine boots. So open /etc/rc.d/rc.local and add these lines :
   # Starting saslauthd daemon   # Starting saslauthd daemon
   if [ ! -r /var/state/saslauthd/saslauthd.pid ]; then   if [ ! -r /var/state/saslauthd/saslauthd.pid ]; then
Line 268: Line 243:
   Postfix The Definitive Guide, Kyle D. Dent, O'Reilly   Postfix The Definitive Guide, Kyle D. Dent, O'Reilly
   Managing IMAP, Dianna Mullet & Kevin Mullet, O'Reilly   Managing IMAP, Dianna Mullet & Kevin Mullet, O'Reilly
-  Official Postfix Documentation, [[http://www.postfix.org/documentation.html]]+  Official Postfix Documentation, [[http://www.postfix.org/documentation.html|Postfix]]
 {{tag>howtos author_badirca}} {{tag>howtos author_badirca}}
 +[[http://example.com|External Link]]
 howtos:network_services:postfix_with_cyrus ()