Oracle Linux/Simple IMAP Server

From r00tedvw.com wiki
Jump to: navigation, search

Contents

Overview

Dovecot for POP/IMAP
Postfix for SMTP

Setup SSL

Just going to use a simple self-signed cert. However, before we can, we need to create a symlink so that we utilize the existing private directory and create a link from the standard location for private keys to the actual location.

~$ cd /etc/ssl/
~$ sudo ln -s ../pki/tls/private/ private
~$ sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/mail.key -out /etc/ssl/certs/mailcert.pem

Postfix

Make sure exim4 is not installed and verify that postfix is installed and at the latest version

~$ sudo rpm -qa | grep exim
~$ sudo yum install postfix

Edit the following: /etc/postfix/master.cf

uncomment:
submission inet n       -       n       -       -       smtpd
  -o smtpd_tls_security_level=encrypt
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
  -o milter_macro_daemon_name=ORIGINATING
add:
  -o syslog_name=postfix/submission
  -o smtpd_tls_wrappermode=no
  -o smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
  -o smtpd_sasl_type=dovecot
  -o smtpd_sasl_path=private/auth

Let's back up the next file we'll be modifying:

~$ sudo cp /etc/postfix/main.cf /etc/postfix/main.cf.original

Edit the following: /etc/postfix.main.cf

uncomment and edit:
  myhostname = mail.domain.com
  myorigin = /etc/mailname
  inet_interfaces = all
  mydestination = mail.domain.com, domain.com, localhost, localhost,localdomain
  mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
  relayhost =  

uncomment:
  recipient_delimiter = +
  local_recipient_maps = proxy:unix:passwd.byname $alias_maps

comment out:
  inet_interfaces = localhost

add:
  # Adding mailbox size limit of 0 to remove restrictions on size
  mailbox_size_limit = 0

  # Adding SSL
  smtpd_tls_cert_file=/etc/ssl/certs/mailcert.pem
  smtpd_tls_key_file=/etc/ssl/private/mail.key
  smtpd_use_tls=yes
  smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
  smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
  smtpd_tls_security_level=may
  smtpd_tls_protocols = !SSLv2, !SSLv3

verify:
  alias_maps = hash:/etc/aliases
  alias_database = hash:/etc/aliases

Dovecot

~$ sudo yum install dovecot.x86_64

Backup /etc/dovecot/dovecot.conf

~$ sudo cp /etc/dovecot/dovecot.conf /etc/dovecot/dovecot.conf.original

Remove the old dovecot.conf file and create a new one

~$ sudo rm /etc/dovecot/dovecot.conf
~$ sudo vi /etc/dovecot/dovecot.conf

You'll want to add the following to your new dovecot.conf file:

log_timestamp = "%Y-%m-%d %H:%M:%S "
disable_plaintext_auth = no
mail_privileged_group = mail
mail_location = mbox:~/mail:INBOX=/var/mail/%u
userdb {
  driver = passwd
}
passdb {
  args = %s
  driver = pam
}
protocols = "imap pop3"

service auth {
  unix_listener /var/spool/postfix/private/auth {
    group = postfix
    mode = 0660
    user = postfix
  }
}

ssl=required
ssl_cert = </etc/ssl/certs/mailcert.pem
ssl_key = </etc/ssl/private/mail.key

Lastly, make a couple of symlinks so authentication via pop/imap works.

~$ sudo ln -s /etc/pam.d/dovecot /etc/pam.d/imap
~$ sudo ln -s /etc/pam.d/dovecot /etc/pam.d/pop3

Wrap Up

~$ sudo newaliases
~$ sudo postfix stop
~$ sudo postfix start
~$ sudo dovecot restart

Also, with every new user that you create, you'll need to do the following:

~$ sudo chmod -R 777 /var/spool/mail

Without doing this, the users wont have access to create new folders or an Inbox and possibly messages.

Personal tools
Namespaces

Variants
Actions
Navigation
Mediawiki
Confluence
DevOps Tools
Ubuntu
Oracle Linux
AWS
Windows
OpenVPN
Grafana
Pivotal
osTicket
OTRS
phpBB
WordPress
VmWare ESXI 5.1
Crypto currencies
HTML
CSS
Python
Java Script
PHP
Raspberry Pi
Canvas LMS
Kaltura Media Server
MetaSploit
Zoneminder
Photoshop CS2
Fortinet
Uploaded
Certifications
General Info
Games
Meal Plans
NC Statutes
Toolbox