[2024-feb-29] Sad news: Eric Layton aka Nocturnal Slacker aka vtel57 passed away on Feb 26th, shortly after hospitalization. He was one of our Wiki's most prominent admins. He will be missed.
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
howtos:misc:postifx_with_cyrus [2013/07/21 12:50 (UTC)] – badirca | howtos:network_services:postfix_with_cyrus [2017/10/18 04:32 (UTC)] – grammar, minor formatting corrections, spelling, and minimalism klaatu | ||
---|---|---|---|
Line 1: | Line 1: | ||
====== Making Slackware Mail Server ====== | ====== Making Slackware Mail Server ====== | ||
- | This article shows how to make an Slackware machine your personal Mail Server. This howto is for Slackware 64 13.37, but with few changes you can adapt it to the newest member of Slackware | + | This article shows how to make an Slackware machine your personal Mail Server. This howto is for Slackware 64 13.37, but with few changes you can adapt it to the newest member of the Slackware |
- | Before | + | Before |
- | Let's get started then , we will need to install Cyrus-SASL, Postfix, Cyurs-IMAP and then configure them all to use Certificates | + | You will install Cyrus-SASL, Postfix, Cyurs-IMAP, and then configure them to use certificates |
====== Installing Cyrus-SASL ====== | ====== Installing Cyrus-SASL ====== | ||
Line 11: | Line 11: | ||
# cd /tmp | # cd /tmp | ||
- | # mkdir cyrus-sal | + | # mkdir cyrus-sasl |
# cd cyrus-sasl | # cd cyrus-sasl | ||
# wget ftp:// | # wget ftp:// | ||
Line 45: | Line 45: | ||
# joe postfix.Slackbuild | # joe postfix.Slackbuild | ||
| | ||
- | Edit the following line and replace " | + | Edit the following line and replace " |
SASL=${SASL: | SASL=${SASL: | ||
| | ||
- | In order to begin Postfix installation you will need to create postfix user and group (also keep in mind that we need to add user postfix and user cyrus to the same group, | + | To begin Postfix installation, you must create |
# groupadd -g 200 postfix | # groupadd -g 200 postfix | ||
Line 57: | Line 57: | ||
# installpkg / | # installpkg / | ||
- | Before | + | Before |
- | + | ||
- | First of all we need to make our aliases and tell postfix | + | |
# joe / | # joe / | ||
| | ||
- | Edit these lines and make them look like this : | + | Edit these lines and make them look like this: |
alias_maps = hash:/ | alias_maps = hash:/ | ||
alias_database = hash:/ | alias_database = hash:/ | ||
| | ||
- | Now let' | + | Now add a user to your Slackware machine, a user who will also can read and send mail. |
# adduser | # adduser | ||
| | ||
- | Login name for new user []:xxxxxx | + | Login name for new user []: slackware_user |
User ID (' | User ID (' | ||
Initial group [ users ]: 200 | Initial group [ users ]: 200 | ||
Line 79: | Line 77: | ||
Do you wish to change the sheel? (Y/n): n | Do you wish to change the sheel? (Y/n): n | ||
Expiry date (YYYY-MM-DD) []: press ENTER | Expiry date (YYYY-MM-DD) []: press ENTER | ||
- | | + | |
+ | Press ENTER and input full name and other account-related | ||
| | ||
- | Now edit / | + | Now edit / |
- | root: your_user | + | root : slackware_user |
- | office: | + | office: |
| | ||
- | Now update | + | Update |
# postalias hash:/ | # postalias hash:/ | ||
- | It is now time to make our important configurations for Postfix | + | |
+ | Make the required configuration changes | ||
# joe / | # joe / | ||
myhostname = mx.yourdomain.tld | myhostname = mx.yourdomain.tld | ||
Line 97: | Line 98: | ||
mydestination = $myhostname, | mydestination = $myhostname, | ||
mynetworks = 127.0.0.0/8 | mynetworks = 127.0.0.0/8 | ||
- | Let's now configure | + | |
+ | Configure | ||
# mkdir /etc/sasl2 | # mkdir /etc/sasl2 | ||
# cd /etc/sasl2 | # cd /etc/sasl2 | ||
Line 105: | Line 108: | ||
pwcheck_method: | pwcheck_method: | ||
mech_list: PLAIN LOGIN | mech_list: PLAIN LOGIN | ||
- | Now let' | + | |
+ | Next, configure Postfix to have users authenticate using SASL. Edit / | ||
smtpd_sasl_auth_enable = yes | smtpd_sasl_auth_enable = yes | ||
broken_sasl_auth_clients = yes | broken_sasl_auth_clients = yes | ||
smtpd_recipient_restrictions = permit_mynetworks, | smtpd_recipient_restrictions = permit_mynetworks, | ||
- | Let's start the daemons and test our configurations until now: | + | |
+ | Start the daemons and test our configurations until now: | ||
# saslauthd -a shadow | # saslauthd -a shadow | ||
# postfix start | # postfix start | ||
- | Then from another machine telnet into your mail server on port 25 and issue the following commands : | + | |
+ | Then from another machine, telnet into your mail server on port 25 and issue the following commands : | ||
# telnet mx.mailserver.com 25 | # telnet mx.mailserver.com 25 | ||
ehlo user.mailserver.tld | ehlo user.mailserver.tld | ||
Line 137: | Line 146: | ||
250 2.0.0 Ok: queued as 4C0EE221E93 | 250 2.0.0 Ok: queued as 4C0EE221E93 | ||
QUIT | QUIT | ||
+ | | ||
< | < | ||
+ | |||
<note important> | <note important> | ||
+ | ====== Installing Mail Delivery and Cyrus IMAP ====== | ||
+ | # cd /tmp | ||
+ | # mkdir cyrus-imap | ||
+ | # cd cyrus-imap | ||
+ | # wget http:// | ||
+ | # wget http:// | ||
+ | # wget http:// | ||
+ | # wget http:// | ||
+ | # wget http:// | ||
+ | # wget http:// | ||
+ | # wget http:// | ||
+ | # wget http:// | ||
+ | # wget http:// | ||
+ | # wget http:// | ||
+ | # mkdir patches | ||
+ | # cd patches/ | ||
+ | # wget http:// | ||
+ | # wget http:// | ||
+ | # cd / | ||
+ | # groupadd -g 238 cyrus | ||
+ | # useradd -d /var/imap -s /bin/sh -u 238 -g 238 cyrus -G mail | ||
+ | # sh cyrus-imapd.SlackBuild | ||
+ | # installpkg / | ||
+ | # mkdir -m 750 -p /var/imap / | ||
+ | # chown cyrus:mail /var/imap / | ||
+ | # su - cyrus | ||
+ | # / | ||
+ | # su - root | ||
+ | Edit / | ||
- | ====== Sources ====== | + | sasl_mech_list: |
- | <!-- If you are copying information from another source, then specify that source --> | + | |
- | <!-- * Original source: [[http://some.website.org/some/page.html]] --> | + | |
- | <!-- Authors are allowed to give credit to themselves! --> | + | Edit /etc/postfix/main.cf and at mailbox_transport add the following: |
- | <!-- * Originally written by [[wiki: | + | |
- | <!-- * Contributions by [[wiki:user:yyy | User Y]] --> | + | |
- | <!-- Please do not modify anything below, except adding | + | mailbox_transport = lmtp: |
- | <!-- You must remove | + | |
- | {{tag> | + | The last step to do is to add users to your imap server. |
+ | |||
+ | # passwd cyrus | ||
+ | # cyradm | ||
+ | localhost> | ||
+ | localhost> | ||
+ | localhost> | ||
+ | |||
+ | < | ||
+ | At this point, you have a functional Mail Server, but with users authenticating in plain text . So the next step is inevitable. | ||
+ | |||
+ | ====== SSL / TLS Postfix and Cyrus ====== | ||
+ | |||
+ | Start by creating certificates and configuring POSTFIX to use STARTTLS. | ||
+ | |||
+ | # cd /etc/ssl | ||
+ | # misc/CA.pl -newca ( complete all entries) | ||
+ | # openssl req -new -nodes -keyout mailkey.pem -out mailreq.pem | ||
+ | # openssl ca -out mail_signed_cert.pem | ||
+ | # cp / | ||
+ | # cp / | ||
+ | # chown root / | ||
+ | # chmod 400 / | ||
+ | # cp / | ||
+ | |||
+ | Add the followings to / | ||
+ | |||
+ | smtpd_use_tls = yes | ||
+ | smtpd_tls_key_file = / | ||
+ | smtpd_tls_cert_file = / | ||
+ | smtpd_tls_CAfile = / | ||
+ | |||
+ | <note important> | ||
+ | | ||
+ | -o smtpd_tls_wrappermode=yes | ||
+ | -o smtpd_sasl_auth_enable=yes | ||
+ | </ | ||
+ | |||
+ | Now configure IMAP to use STARTTLS: | ||
+ | |||
+ | # openssl req -new -nodes -out req.pem -keyout key.pem | ||
+ | # openssl rsa -in key.pem -out new.key.pem | ||
+ | # openssl x509 -in req.pem -out ca-cert -req -signkey new.key.pem -days 36500 | ||
+ | # cp new.key.pem / | ||
+ | # rm new.key.pem | ||
+ | # cat ca-cert | ||
+ | # chown cyrus:mail / | ||
+ | # chmod 600 / | ||
+ | # echo tls_ca_file: | ||
+ | # echo tls_cert_file: | ||
+ | # echo tls_key_file: | ||
+ | |||
+ | ====== Adding daemons to rc.local ====== | ||
+ | |||
+ | The final step is to add all daemons to **rc.local** so they can start when machine boots. Open **/ | ||
+ | |||
+ | # Starting saslauthd daemon | ||
+ | if [ ! -r / | ||
+ | echo " | ||
+ | / | ||
+ | fi | ||
+ | |||
+ | # Starting IMAP daemon | ||
+ | if [ -x / | ||
+ | echo " | ||
+ | / | ||
+ | fi | ||
+ | |||
+ | # Starting POSTFIX daemon | ||
+ | / | ||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | ====== Sources ====== | ||
+ | Postfix The Definitive Guide, Kyle D. Dent, O' | ||
+ | Managing IMAP, Dianna Mullet & Kevin Mullet, O' | ||
+ | Official Postfix Documentation, | ||
+ | {{tag> |