Oracle Linux/Simple IMAP Server
Contents |
Overview
Dovecot for POP/IMAP
Postfix for SMTP
Setup SSL
Just going to use a simple self-signed cert. However, before we can, we need to create a symlink so that we utilize the existing private directory and create a link from the standard location for private keys to the actual location.
~$ cd /etc/ssl/ ~$ sudo ln -s ../pki/tls/private/ private ~$ sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/mail.key -out /etc/ssl/certs/mailcert.pem
Postfix
Make sure exim4 is not installed and verify that postfix is installed and at the latest version
~$ sudo rpm -qa | grep exim ~$ sudo yum install postfix
Edit the following: /etc/postfix/master.cf
uncomment: submission inet n - n - - smtpd -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject -o milter_macro_daemon_name=ORIGINATING add: -o syslog_name=postfix/submission -o smtpd_tls_wrappermode=no -o smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject -o smtpd_sasl_type=dovecot -o smtpd_sasl_path=private/auth
Let's back up the next file we'll be modifying:
~$ sudo cp /etc/postfix/main.cf /etc/postfix/main.cf.original
Edit the following: /etc/postfix.main.cf
uncomment and edit:
myhostname = mail.domain.com
myorigin = /etc/mailname
inet_interfaces = all
mydestination = mail.domain.com, domain.com, localhost, localhost,localdomain
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
relayhost =
uncomment:
recipient_delimiter = +
local_recipient_maps = proxy:unix:passwd.byname $alias_maps
comment out:
inet_interfaces = localhost
add:
# Adding mailbox size limit of 0 to remove restrictions on size
mailbox_size_limit = 0
# Adding SSL
smtpd_tls_cert_file=/etc/ssl/certs/mailcert.pem
smtpd_tls_key_file=/etc/ssl/private/mail.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_tls_security_level=may
smtpd_tls_protocols = !SSLv2, !SSLv3
verify:
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
Dovecot
~$ sudo yum install dovecot.x86_64
Backup /etc/dovecot/dovecot.conf
~$ sudo cp /etc/dovecot/dovecot.conf /etc/dovecot/dovecot.conf.original
Remove the old dovecot.conf file and create a new one
~$ sudo rm /etc/dovecot/dovecot.conf ~$ sudo vi /etc/dovecot/dovecot.conf
You'll want to add the following to your new dovecot.conf file:
log_timestamp = "%Y-%m-%d %H:%M:%S "
disable_plaintext_auth = no
mail_privileged_group = mail
mail_location = mbox:~/mail:INBOX=/var/mail/%u
userdb {
driver = passwd
}
passdb {
args = %s
driver = pam
}
protocols = "imap pop3"
service auth {
unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0660
user = postfix
}
}
ssl=required
ssl_cert = </etc/ssl/certs/mailcert.pem
ssl_key = </etc/ssl/private/mail.key
Lastly, make a couple of symlinks so authentication via pop/imap works.
~$ sudo ln -s /etc/pam.d/dovecot /etc/pam.d/imap ~$ sudo ln -s /etc/pam.d/dovecot /etc/pam.d/pop3
Wrap Up
~$ sudo newaliases ~$ sudo postfix stop ~$ sudo postfix start ~$ sudo dovecot restart
Also, with every new user that you create, you'll need to do the following:
~$ sudo chmod -R 777 /var/spool/mail
Without doing this, the users wont have access to create new folders or an Inbox and possibly messages.
