<yambe:breadcrumb>Email_server_configuration|Email server configuration</yambe:breadcrumb>

Configuring basic SMTP, IMAP, POP and HTTP access for complete email on a single server

In case of a completely new domain, one can create an account on AWS and use micro instance for testing configuration. A domain name can also be purchased

AWS Account creation and DNS entries

1. Create a dedicated amazon account
2. Create CentOS micro instance with public IP
3. Take an elastic IP and associate with VM
4. Ensure that security group of VM allows SSH, HTTP, HTTPS, IMAP, IMAPS, SMTP, STMPS, POP3, POP3S and ICMP
5. Register domain name through registrar such as godaddy
6. Update DNS entries for domain, www, mail, MX record to point to elastic IP of the VM

Configure web server

1. yum -y install httpd mod_ssl
2. service httpd start
3. Edit iptables to allow incoming connections to port 80, 443
4. service iptables restart
5. Put test file in /var/www/html
6. Open domain in browser to verify that website is accessible. (Wait at least 3-4 minutes after updating DNS entries to avoid getting wrong values cached in near-by DNS)
7. chkconfig httpd on
8. Edit /etc/httpd/conf/httpd.conf and update 'Listen 80' to 'Listen 0.0.0.0:80'

For public facing server it might make sense to get recognized SSL certificates from CA. For example refer Installing lets-encrypt SSL certificate

Create users

1. useradd saurabh
2. passwd saurabh

Similarly more users can be created

Setup postfix SMTP server

1. Edit '/etc/postfix/main.cf' as follows:
   1. Set myhostname=mail.sbarjatiya.com
   2. Set mydomain=sbarjatiya.com
   3. Set myorigin=$mydomain
   4. Set inet_interfaces=all (Comment inet_interfaces=localhost)
   5. Prepend $mydomain to mydestination value (Without this only @mail.domain.com mails would get accepted. After this change @domain.com would also work)
2. service postfix restart
3. Edit /etc/sysconfig/network and set correct hostname.
4. Edit /etc/hosts and correct hostname
5. hostname mail.sbarjatiya.com
6. Allow incoming connections to port 25 and 465

Also refer to Postfix SMTP authentication using dovecot

Increase postfix message and mailbox size limit using Troubleshooting_postfix_server_issues#Message_file_too_big_issue

Setup dovecot

1. yum -y install dovecot
2. Edit /etc/postfix/main.cf and set 'home_mailbox = mail/'
3. service postfix restart
4. Edit /etc/dovecot/conf.d/10-mail.conf and set 'mail_location = maildir:~/mail'
5. service dovecot start
6. Allow incoming connections to ports 110,143,993,995
7. chkconfig dovecot on

Setup squirrelmail

1. yum -y install wget
2. Setup rpmfusion, repoforge and epel
3. yum -y install squirrelmail
4. cd /usr/share/squirrelmail/config and run './conf.pl'
   1. Set Organization Preferences -> Organization name
   2. Set Server Settings -> Domain
   3. Set Server Settings -> IMAP Settings. Use values mail.sbarjatiya.com, 993, Secure (IMAP): true, Server software: dovecot
   4. Setup mail sending using sendmail and not through SMTP
5. Open <domain>/webmail in browser
6. setenforce 0
7. edit /etc/sysconfig/selinux and set SELINUX=disabled

Note that user must login into squirrelmail interface once before he/she can receive email. This is required for creating necessary folders in home folder.

Squirrelmail change password support

1. Download change_passwd and compatability (Version 1.3) plugins from

   http://squirrelmail.org/countdl.php?fileurl=http%3A%2F%2Fwww.squirrelmail.org%2Fplugins%2Fchange_passwd-4.0-1.2.8.tar.gz

   http://squirrelmail.org/countdl.php?fileurl=http%3A%2F%2Fwww.squirrelmail.org%2Fplugins%2Fcompatibility-1.3.tar.gz

2. cd /usr/share/squirrelmail/plugins
3. Extract both .tar.gz file here
4. For change_passwd read INSTALL file and perform necessary steps
   1. cp config.php.sample config.php
   2. yum -y install gcc
   3. gcc -lcrypt -O -o chpasswd chpasswd.c
   4. chown root:apache chpasswd
   5. chmod 4750 chpasswd
5. Go to /usr/share/squirrelmail/config
6. Again run ./conf.pl and enable both plugins (Compatability plugin must load before change_password plugin. Edit /etc/squirrelmail/config.php by hand if that is not the case)

Troubleshooting change password support

Squirrelmail change password support requires use of md5 salted hash and does not supports sha256 or sha512. In case machine is configured to use only sha256 hash for password then the plugin will not work and will always report old password as incorrect. To resolve this use following steps:

1. Edit /etc/libuser.conf and set 'crypt_style md5'
2. yum -y install authconfig
3. Edit /etc/sysconfig/authconfig and set 'PASSWDALGORITHM=md5'. The same can also be achived by running 'authconfig-tui' and enabling use of md5 for passwords.
4. Test by going to /usr/share/squirrelmail/plugins/change_passwd folder and by running command 'sudo ./chpasswd <username> <old_password> <new_password>'. If this fails then changing through browser will also fail as the browser plugin calls this script to change password.

Add swap in case of AWS

In rare cases the RAM requirement might go beyond RAM available in VM. In such cases swap would be necessary. Swap can be created and enabled using:

1. Create swap file of 1GB

   dd if=/dev/zero of=/swap bs=1024000 count=1024
   chown root:root /swap
   chmod 600 /swap
   mkswap /swap

2. Append in /etc/fstab

   /swap		none				swap	defaults	0 0

3. Enable swap using

   mount -a
   swapon -a
   free -m

Migrating email server

For migrating email server setup this way refer to Migrating mail server from one machine to another

<yambe:breadcrumb>Email_server_configuration|Email server configuration</yambe:breadcrumb>