HannibalWiki

User Tools

Site Tools

You are here: start » picoenterprise » mta-mailstore-centos
Trace:
picoenterprise:mta-mailstore-centos

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision 		Previous revision
picoenterprise:mta-mailstore-centos [2017/04/06 23:45]
Luc Nieland created 		picoenterprise:mta-mailstore-centos [2017/04/07 17:03] (current)
Luc Nieland
Line 138: Line 138:
 In: /​etc/​postfix/​virtual In: /​etc/​postfix/​virtual
 <​code>​ <​code>​
-info@lexample.com       ​sv@vps2.laboratory.local +# e-mail addr.: ​        ​username @ servername (of the Dovecot-server):​ 
-sv@lexample.com         ​sv@vps2.laboratory.local + 
-# +info@example.com       ​sv@vps2.laboratory.local 
-info@lexample.com       ​ln@vps2.laboratory.local +sv@example.com         ​sv@vps2.laboratory.local 
-ln@lexample.com         ​ln@vps2.laboratory.local+ 
 +info@example2.com      ln@vps2.laboratory.local 
 +ln@example2.com        ln@vps2.laboratory.local
 </​code>​ </​code>​
  
Line 164: Line 166:
  
 ===== Dovecot ===== ===== Dovecot =====
 +
 +//The SE-Linux configuration is out of the scope of this howto.//
 +
  
 Hostname: vps2.laboratory.local Hostname: vps2.laboratory.local
 +
 +firewall:
 +  firewall-cmd --add-port={24/​tcp,​143/​tcp,​993/​tcp,​4190/​tcp,​12345/​tcp} --permanent
 +  firewall-cmd --reload
 +
 +Software:
 +  yum install ​ dovecot
 +
 +En voeg toe voor Sieve:
 +  yum install dovecot-pigeonhole
 +
 +
 +Create directories and files:
 +  mkdir /​var/​dovecot/​
 +  mkdir /​var/​dovecot/​mail
 +  mkdir /​var/​dovecot/​sieve
 +  mkdir /​var/​dovecot/​conf
 +  #
 +  touch /​var/​dovecot/​conf/​users
 +  #
 +  chown -R dovecot:​dovecot ​ /​var/​dovecot
 +  touch /​var/​log/​dovecot.log
 +  chown dovecot:​dovecot /​var/​log/​dovecot.log
 +
 +Make x509 certs:
 +  openssl req -utf8 -newkey rsa:2048 -keyout /​var/​dovecot/​conf/​tls.key -nodes -x509 -days 3650 -out /​var/​dovecot/​conf/​tls.crt -set_serial 0
 +
 +
 +
 +Create usernames and pw's (for the SASL-db):
 +
 +The IMAP-users are created by adding a line in the users file. It has two columns, separated by a colon. The first column is the username, the second line contans the sha512-crypt which can be generated by executing:
 +
 +  doveadm pw -s SHA512-CRYPT
 +
 +The result in /​var/​dovecot/​conf/​users will be like:
 +
 +  ...
 +  sv:​{SHA512-CRYPT}$6$T5tUmkrjF2mAbo9G$3EEvR08UCHb11KCmCHbCaPcd1xv7CylpfdZgu3gv0WddRZGoF1drU62aHHEU9U4VTeTsM/​wlxI2svBXsd7auX0
 +  ...
 +  ln:​{SHA512-CRYPT}$6$RHC1lIs0bS.ggVzR$NRaTNB.SJW7.sTcFbMcbfRZdJwEllNCM4zmROOxhiTBqQr4B4oxFnOAA1I.BknbKbSZ7uuvk5Z6k3JjT1Jonq/​
 +  ...
 +
 +
 +
 +
 +  ​
 +In: /​etc/​dovecot/​dovecot.conf
 +<​code>​
 +log_path = /​var/​log/​dovecot.log
 +
 +mail_location = maildir:/​var/​dovecot/​data/​%n/​mail
 +
 +auth_mechanisms = plain login
 +disable_plaintext_auth = no
 +
 +#ssl_ca = </​var/​dovecot/​conf/​
 +ssl_cert = </​var/​dovecot/​conf/​tls.crt
 +ssl_key = </​var/​dovecot/​conf/​tls.key
 +
 +
 +# Default:
 +namespace inbox {
 +  inbox = yes
 +  location = 
 +     ​mailbox Drafts {
 +       ​special_use = \Drafts
 +     }
 +     ​mailbox Junk {
 +       ​special_use = \Junk
 +     }
 +     ​mailbox Sent {
 +       ​special_use = \Sent
 +     }
 +     #​mailbox "Sent Messages"​ {
 +     # ​ special_use = \Sent
 +     #}
 +     ​mailbox Trash {
 +       ​special_use = \Trash
 +     }
 +  prefix = 
 +}
 +
 +passdb {
 +  driver = passwd-file
 +  args = scheme=CRYPT username_format=%n /​var/​dovecot/​conf/​users
 +}
 +
 +first_valid_uid = 2
 +
 +userdb {
 +  # For static type, LDA verify the user's existence by lookup passdb
 +  #   ( http://​wiki2.dovecot.org/​UserDatabase/​Static )
 +  driver = static
 +  args = uid=dovecot gid=dovecot home=/​var/​dovecot/​data/​%n/​mail
 +}
 +
 +
 +protocols = "imap lmtp sieve"
 +
 +
 +protocol lmtp {
 +  mail_plugins = $mail_plugins sieve
 +}
 +
 +service managesieve-login {
 +  inet_listener sieve {
 +    address = 0.0.0.0
 +    port = 4190
 +  }
 +  service_count = 1
 +  process_min_avail = 1
 +}
 +
 +service managesieve {
 +}
 +
 +#protocol managesieve {
 +#  disable_plaintext_auth = no
 +#}
 +
 +protocol sieve {
 +}
 +
 +plugin {
 +  sieve =      /​var/​dovecot/​data/​%n/​managesieve/​.dovecot.sieve
 +  sieve_dir =  /​var/​dovecot/​data/​%n/​managesieve/​sieve
 +}
 +
 +
 +# ###############################​
 +service imap-login {
 +  inet_listener imap {
 +    port = 143
 +  }
 +  inet_listener imaps {
 +    port = 993
 +  }
 +}
 +
 +protocol imap {
 +  disable_plaintext_auth = no
 +}
 +
 +
 +service lmtp {
 +  inet_listener lmtp {
 +    address = 0.0.0.0
 +    port = 24
 +  }
 +  user = dovecot
 +}
 +
 +
 +service auth-worker {
 +  # Forbid to access /etc/shadow
 +  user = $default_internal_user
 +}
 +
 +service auth {
 +  inet_listener saslauth {
 +     ​address = 0.0.0.0
 +     port = 12345
 +  }
 +}
 +
 +</​code>​
 +
 +
 +
 +Enable and start the Dovecot:
 +  systemctl start dovecot
 +  systemctl enable dovecot
 +
 +
 +Make a connection with each mailbox with a MUA (mutt or Thunderbird) first **before** sending mail to the LMTP-connection. This will let Dovecot create the mailfolder structure for the mailbox to be stored. See: /​var/​dovecot/​data/​ (each username has it's own directory here).
 +
 +Connect info for the MUA:
 +  IMAP host:port = vps2.laboratory.local : 993
 +  SMTP host:port = vps1.laboratory.local : 587
 +  loginname = sv
 +
 +
 +Test with:
 +  telnet ​ vps1.laboratory.local 25
  
  
  
picoenterprise/mta-mailstore-centos.1491515149.txt.gz · Last modified: 2017/04/06 23:45 by Luc Nieland

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Noncommercial-Share Alike 4.0 International
CC Attribution-Noncommercial-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki