MinhTech.com

Yet another technology tutorial blog.

CentOS 5 Install & Configure Postfix/Dovecot

By • Jan 3rd, 2009 • Category: Featured Linux, Linux

Here is how to install a mail server on CentOS 5.2.

First, make sure sendmail is uninstalled:

> yum remove sendmail

We want to use Postfix as our mail transfer agent (MTA) because it is simpler to configure.

Install Postfix:

> yum install postfix

Edit the Posttfix configuration files:

> vi /etc/postfix/main.cf
myhostname = host.domain.com
mydomain = domain.com
myorigin = $mydomain
inet_interfaces = all
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
relay_domains = $mydestination

Make sure the myhostname and mydomain parameters are set correctly. Check the /etc/hosts and /etc/sysconfig/network files and use the “hostname” command to make sure network configurations are correct.

Start Postfix:

> /etc/init.d/postfix start
Starting postfix: [ OK ]

Test Postfix:

> telnet localhost smtp
Trying 127.0.0.1…
Connected to localhost.localdomain (127.0.0.1).
Escape character is ‘^]’.
220 host.domain.com ESMTP Postfix
> ehlo host
250-host.domain.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
> mail from: mnguyen
250 2.1.0 Ok
> rcpt to: mnguyen
250 2.1.5 Ok
> data
354 End data with <CR><LF>.<CR><LF>
> test
> .
250 2.0.0 Ok: queued as 1869B10145
> quit
221 2.0.0 Bye
Connection closed by foreign host.

Log into the server via telnet, check for an extended hello response, send a test message, and quit.

Install Dovecot:

> yum install dovecot

We can send or check for messages locally if a client like mailx is installed. However, we will install a POP3 server so we can send or check for messages remotely from a client such as Outlook, Lotus Notes, or Thunderbird.

Configure Dovecot:

> vi /etc/dovecot.conf
protocols = pop3 pop3s imap imaps
mail_location = mbox:~/mail:INBOX=/var/mail/%u
pop3_uidl_format = %08Xu%08Xv
imap_client_workarounds = delay-newmail outlook-idle netscape-eoh
pop3_client_workarounds = outlook-no-nuls oe-ns-eoh

We need to enable the POP3 protocol because it is not enabled by default. We will use the mbox mailbox format. We will also enable the built-in client workarounds.

Start Dovecot:

> /etc/init.d/dovecot start
Starting Dovecot Imap: [ OK ]

Test Dovecot:

> telnet localhost pop3
Trying 127.0.0.1…
Connected to localhost.localdomain (127.0.0.1).
Escape character is ‘^]’.
+OK Dovecot ready.
> user mnguyen
+OK
> pass password
+OK Logged in.
> list
+OK 1 messages:
1 488
.
> retr 1
+OK 488 octets
Return-Path: <mnguyen@host.domain.com>
X-Original-To: mnguyen
Delivered-To: mnguyen@host.domain.com
Received: from localhost.localdomain (localhost.localdomain [127.0.0.1])
by host.domain.com (Postfix) with SMTP id 1869B10145
for <mnguyen>; Thu, 9 Oct 2008 14:12:03 -0400 (EDT)
Message-Id: <20081009181211.1869B10145@host.domain.com>
Date: Thu, 9 Oct 2008 14:12:03 -0400 (EDT)
From: mnguyen@host.domain.com
To: undisclosed-recipients:;
test
.
> quit
+OK Logging out.
Connection closed by foreign host.

Log into the POP3 server via telnet and retrieve the message sent earlier.

Configure SASL for SMTP Authentication:

> vi /etc/dovecot.conf
auth default
{
   mechanisms = plain login
   passdb pam
   {
   }
   userdb passwd
   {
   }
   socket listen
   {
      client
      {
         path = /var/spool/postfix/private/auth
         mode = 0660
         user = postfix
         group = postfix
      }
   }
}
> vi /etc/postfix/main.cf
mynetworks = 127.0.0.0/8
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
broken_sasl_auth_clients = yes

We want to configure SMTP authentication to allow only our users to relay mail. Unauthorized users (e.g. spammers) are denied relay. Edit both the Dovecot and Postfix configuration files. Put the SASL lines at the bottom of the Postfix configuration file.

Start SASL and restart Postfix and Dovecot:

> /etc/init.d/postfix restart
Shutting down postfix: [ OK ]
Starting postfix: [ OK ]
> /etc/init.d/dovecot restart
Stopping Dovecot Imap: [ OK ]
Starting Dovecot Imap: [ OK ]
> /etc/init.d/saslauthd start
Starting saslauthd: [ OK ]
> chkconfig –level 2345 postfix on
> chkconfig –level 2345 dovecot on
> chkconfig –level 2345 saslauthd on

Test the SASL implementation:

> telnet host.domain.com smtp
Trying 123.123.123.123…
Connected to host.domain.com.
Escape character is ‘^]’.
220 host.domain.com ESMTP Postfix
> ehlo host
250-host.domain.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
> mail from: mnguyen
250 2.1.0 Ok
> rcpt to: minh@minhtech.com
554 5.7.1 <minh@minhtech.com>: Relay access denied
> quit
221 2.0.0 Bye
Connection closed by foreign host.

We are expecting relay access to be denied.

is a technology junkie.
Email this author | All posts by

2 Responses »

  1. How about setting for config file /etc/posfix/master.conf ?

  2. thanks for your quick replay. my OS : CentOS 6.2. when i try to uptade iptables for ftp its show errorOpen FTP Port 21 (FTP)-A RH-Firewall-1-INPUT -m state state NEW -p tcp dport 21 -j ACCEPTerror: iptables: Applying firewall rules: iptables-restore: line 16 failed [FAILED]pls help me for firewall configuration for FTP and ispconfig3 thanks

Leave a Reply