CentOS 7.x migrate CentOS 6.x postfix, dovecot, squirrelmail server

From Notes_Wiki

Home > CentOS > CentOS 7.x > Email configuration > CentOS 7.x migrate CentOS 6.x postfix, dovecot, squirrelmail server

If server is already migrated to CentOS 7.x then use CentOS 7.x migrate CentOS 7.x postfix, dovecot, squirrelmail server instead

Following steps can be used for migrating a running mail server setup from CentOS 6.8 created using Configuring basic SMTP, IMAP, POP and HTTP access for complete email on a single server to CentOS 7.4:

  1. Create a new VM with necessary resources (Eg t2.micro)
  2. Add elastic IP to instance if not done already
  3. yum -y install vim
  4. Set correct time zone CentOS 7.x Change system timezone
  5. Storing date / time along with commands in history
  6. Mount partition to /home as desired
  7. Copy keys from old server to new server as authorized
  8. Add /etc/hosts entry in old server for pointing to new server with name (eg newserver)
  9. yum -y install httpd mod_ssl
  10. systemctl stop firewalld
  11. TODO - Copy firewalld configuration from old server to new server
  12. If custom SSL certificates were used edit /etc/httpd/conf.d/ssl.conf with
    SSLCertificateFile /etc/httpd/conf/ssl.crt
    SSLCertificateKeyFile /etc/httpd/conf/ssl.key
    SSLCACertificateFile /etc/httpd/conf/ca-bundle.pem
    and copy corresponding files from old server to new server
  13. If Installing lets-encrypt SSL certificate was used then copy /etc/letsencrypt from old server to new server. Also install python2-certbot-apache on new server. Also configure appropriate cron entries for automatic renewal same as old server on new server (crontab -l on old server, crontab -e on new server)
  14. systemctl start httpd
  15. systemctl status httpd
  16. systemctl enable httpd
  17. Copy home ( rsync -aHz --delete /home/ root@newserver:/home/ )
  18. Repeat rsync again after it finishes for a second sync
  19. cat /etc/passwd on old server. Copy all lines for UID >=500 and append corresponding lines to /etc/passwd on new server. The number of lines should match ls -1 /home | grep -v lost | wc -l Be watchful for IDs <500 which might appear in between (eg nscd)
  20. Copy /etc/shadow lines of corresponding users from old server to new server
  21. Copy /etc/group lines of corresponding users from old server to new server
  22. Do "ls -l /home" on new server and all user and group names should appear properly
  23. copy custom aliases from /etc/aliases to new server and update root alias appropriately
  24. newaliases
  25. yum -y install logwatch
  26. yum -y install postfix
  27. Edit /etc/postfix/main.cf on new server and correct values of following variables by looking at old server
    • myhostname
    • mydomain
    • myorigin
    • inet_interfaces
    • mydestination
    • home_mailbox
  28. Set hostname in /etc/hostname file on new server
  29. Use "hostname <fqdn>" command to set current hostname on new server
  30. systemctl enable postfix
  31. Add hostname against in /etc/hosts
  32. systemctl start postfix
  33. systemctl status postfix
  34. yum -y install dovecot
  35. Edit /etc/dovecot/conf.d/10-mail.conf and set
    mail_location = maildir:~/mail
    first_valid_uid = 500
    same as old server
  36. Also change all auth values from 1000 to 500 in various /etc/pam.d files
    grep 1000 /etc/pam.d/*
    #update all files
  37. systemctl enable dovecot
  38. systemctl start dovecot
  39. systemctl status dovecot
  40. Refer Postfix_SMTP_authentication_using_dovecot and if authentication is enabled on old server then enable it appropriately on new server also
  41. yum -y install wget
  42. yum -y install epel-release
  43. yum -y install squirrelmail
  44. Set correct timezone in PHP using following in /etc/php.ini:
    Refer: https://www.php.net/manual/en/timezones.php for list of all possible timezones
  45. Disable selinux (setenforce 0, edit /etc/sysconfig/selinux and set SELINUX=disabled)
  46. cd /usr/share/squirrelmail/config; ./conf.pl
    • Set Organization Preferences -> Organization name
    • Set Server Settings -> Domain
    • Set Server Settings -> IMAP Settings. Use values mail.sbarjatiya.com, 993, Secure (IMAP): true, Server software: dovecot
    • Setup mail sending using sendmail and not through SMTP
  47. rsync /var/www/html from old server to new server
  48. systemctl restart httpd
  49. Add /etc/hosts entry for new server in laptop and try to open the new server with name and IP.
  50. On old server stop httpd, dovecot and postfix
  51. Again sync /home ( rsync -aHz --delete /home/ root@newserver:/home/ )
  52. Change DNS entries to point to new server. If organization has local private DNS, then perhaps that may also require changes.
  53. Check updated entries via public DNS servers after waiting for a minute or two
  54. Copy /root/.ssh/authorized_keys from old server to new server
  55. Comment /etc/host entry in laptop after DNS entry has been changed
  56. Apply security group settings from old server to new server (HTTP, HTTPS, POP3, POP3S, SMTP, SMTPS, IMAP, IMAPS, SSH, Ping)
  57. Do TLS_configuration_for_postfix if configured on previous server
  58. Send test email from gmail to server and wait for receiving email on new server
  59. Send test email from new server to gmail and wait for receiving email on Gmail account
  60. stop and possibly terminate old server after few days. Elastic IP of old server can be released immediately after stopping.
  61. If elastic IP is locked make a request for release
  62. Fill AWS reverse entry form for email servers. For this first login into AWS account and then open https://aws.amazon.com/forms/ec2-email-limit-rdns-request
  63. CentOS 7.x Configure change password plugin for squirrelmail using poppassd
  64. CentOS 7.x Configure Postfix to block spam
  65. Increase postfix message and mailbox size limit using Troubleshooting_postfix_server_issues#Message_file_too_big_issue
  66. Look at all other custom configuration in /etc/postfix/main.cf that has not been migrated to new server

Refer: - https://serverfault.com/questions/291667/dovecot-getting-error-mail-access-for-users-with-uid-222-not-permitted

Home > CentOS > CentOS 7.x > Email configuration > CentOS 7.x migrate CentOS 6.x postfix, dovecot, squirrelmail server