Configuring basic SMTP, IMAP, POP and HTTP access for complete email on different servers

From Notes_Wiki

Home > CentOS > CentOS 6.x > Email server configuration > Configuring basic SMTP, IMAP, POP and HTTP access for complete email on different servers

It is possible to setup a very basic email system using postfix, dovecot and squirrelmail. The simplest possible case is to configure all three services on same host which would work for very small organizations. For slightly bigger organizations it might be preferable to have one postfix host for receiving external email and filtering SPAM, another host for storing email in user mailbox and allowing user to access mail box using IMAP, POP3 and finally a third web server to allow access to email using light weight web interfaces such as squirrelmail.

We will look at three server approach in this article as even that is fairly straightforward and simple to configure. In the current article we will see how we can configure email for organization sbarjatiya.com using following three servers:

postfix.sbarjatiya.com
This is specified as MX record in both internal and external DNS servers. All emails for sbarjatiya.com domain are sent to this server.
dovecot.sbarjatiya.com
This is dovecot based POP3/IMAP server where users email are stored. postfix.sbarjatiya.com should forward all legitimate emails to this server.
mail.sbarjatiya.com
This is squirrelmail based web server for allowing users to check and send emails for domain sbarjatiya.com.


Configuring postfix.sbarjatiya.com

First we can configure postfix.sbarjatiya.com to accept emails for sbarjatiya.com but relay them to dovecot.sbarjatiya.com. This can be done using: 

myhostname = postfix.sbarjatiya.com
mydomain = sbarjatiya.com
myorigin = $mydomain
inet_interfaces = all
mydestination = $myhostname, localhost.$mydomain, localhost, localhost4.localdomain4
mynetworks = 127.0.0.1/8, 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16
relay_domains = $mydomain
relayhost = [dovecot.sbarjatiya.com]

Note that it is important to not have $mydomain in mydestination. It should be in relay_domains so that emails for $mydomain are accepted but not tried to be delivered locally. With the help of relayhost they would get forwarded to dovecot server. Reading Basics of postfix server configuration might help in understanding the rationale behind configuration.

Also refer to Postfix SMTP authentication using dovecot

Increase postfix message and mailbox size limit using Troubleshooting_postfix_server_issues#Message_file_too_big_issue



Configuring dovecot.sbarjatiya.com

Configuring postfix

On dovecot.sbarjatiya.com we need both a postfix server and a dovecot server. First configure postfix server using: 

myhostname = dovecot.sbarjatiya.com
mydomain = sbarjatiya.com
myorigin = $mydomain
inet_interfaces = all
proxy_interfaces = postfix.sbarjatiya.com
mydestination = $myhostname, localhost.$mydomain, localhost, localhost4.localdomain4, $mydomain, mail.sbarjatiya.com
mynetworks = 127.0.0.1/8, 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16
home_mailbox = mail/

Note that you can restrict incoming emails to come only from postfix.sbarjatiya.com using firewall, if necessary. Also note that postfix server need not be part of mynetworks as the mails from it would be part of mydestination so special mention in mynetworks is not required.

Increase postfix message and mailbox size limit using Troubleshooting_postfix_server_issues#Message_file_too_big_issue


Configuring dovecot

Most dovecot defaults are very good for basic setup. The only thing we need to tell to dovecot is where users mail would be stored. This can be done by editing '/etc/dovecot/conf.d/10-mail.conf and specifying: 

mail_location = maildir:~/mail

This particular step is learned from http://forums.fedoraforum.org/archive/index.php/t-262200.html


Home directories for LDAP users

In case the current system is configured for LDAP based user and group accounts then for mail system to work as configured here home directories for all LDAP users must exist. This can be created using simple script which goes through 'getent passwd' output and for each user (first field) does 'mkdir -p <home_dir>' (sixth field separated by :) and does 'chown -R <username> <home_dir>'. For safety it is advisable to restrict SSH access to this server using /etc/security/access.conf as specified at Configuring_authentication_with_openLDAP_server#Restricting_logins_to_specific_users_and_posixGroups.



Configuring mail.sbarjatiya.com

Install packages squirrelmail, httpd and mod_ssl. If CA signed certificates for mail.sbarjatiya.com are available then configure appropriate values in /etc/httpd/conf.d/ssl.conf file. Consider getting recognized CA signed certificate (eg Installing lets-encrypt SSL certificate ) Go to '/usr/share/squirrelmail/config/' and execute './conf.pl' for configuring squirrelmail. Following things must be configured:

  • Organization Preferences
    Organization Name
    Sbarjatiya.com
  • Server Settings
    Domain
    sbarjatiya.com
    Sendmail or SMTP
    SMTP
    • Update IMAP Settings
      IMAP server
      dovecot.sbarjatiya.com
      IMAP port
      993
      Secure IMAP (TLS): true
      Server software
      dovecot

Optionally enable as many plugins as you would like. Choose 'S' to save data and then 'Q' to quit. The same settings can be done directly by editing file '/usr/share/squirrelmail/config/config.php' or '/etc/squirrelmail/config.php' as follows: 

$org_name      = "Sbarjatiya.com";
$domain        = 'sbarjaitya.com';
$imapServerAddress      = 'dovecot.sbarjatiya.com';
$imapPort               = 993;
$useSendmail            = false;
$imap_server_type       = 'dovecot';
$use_imap_tls = true;

Set correct timezone on system using CentOS 7.x Change system timezone

Also set correct timezone in PHP using following in /etc/php.ini: 

date.timezone="Asia/Kolkata"

Refer: https://www.php.net/manual/en/timezones.php for list of all possible timezones

Some steps learned from http://squirrelmail.org/docs/admin/admin-5.html


Firewall considerations

It is assumed in this article that necessary firewall exceptions for incoming port 25 for postfix servers, incoming port 25, 110,143,993, etc. for dovecot server, incoming port 80,443 for squirrelmail server and outgoing port 25 for at least postfix and squirrelmail servers are present.


Testing setup

Try to access squirrelmail at https://mail.sbarjatiya.com/webmail and login using some user account that exists on dovecot.sbarjatiya.com and its corresponding password. Try sending email to other account and try receiving reply back.



Home > CentOS > CentOS 6.x > Email server configuration > Configuring basic SMTP, IMAP, POP and HTTP access for complete email on different servers

Retrieved from "http://www.sbarjatiya.com/notes_wiki/index.php?title=Configuring_basic_SMTP,_IMAP,_POP_and_HTTP_access_for_complete_email_on_different_servers&oldid=5456"