Red Hat Mail Server (Using Postfix and Dovecot)
Couple of weeks ago, a friend asked me how to setup a Mail Server
using his Fedora Core 4. Unfortunately, I got a flu and not able to help him by that time.
Now that I’m feeling better, let me post this quick guide how to set this up.
Note that I’m using CentOS 4.1 (the equivalent of RHEL) in setting this up since I never use FC for any server setup. Nevertheless, I presume this setup will also work in FC4 and to all Red Hat equivalent distro as significant settings are applied to Postfix and Dovecot, not to the OS itself.
Minimal Installation:
You got already a running Linux system. A minimal type of installation is recommended – no X-Window, no service selected – just the bare, head-less Linux that allows you to login; having a basic network setup that will allow you to download and install services as you need it. I always recommend not installing any packages and don’t run any service that you will not be using.
Security:
Securing a Linux box is a very scary-kind of topic, I don’t want to talk about here at this time in details. But just a quick note, start thinking of securing your box physically – its odd sometimes we overlook this obvious one – if someone press
Updates:
Before we start, I recommend you make sure your present box is updated. Use the yum command.
Download and Install:
Check if both Postfix and Dovecot is not yet installed in your system.
If you installed your box as Minimal, for sure both postfix and dovecot not yet installed. Let’s download and install both Postfix and Dovecot.
Sendmail and system-switch-mail
By default, sendmail is installed to your system and serves as the default MTA. Since we want to use postfix instead of sendmail, let’s get rid of it! You can use system-switch-mail to do that easily.
Check if it is installed
If not installed, install it
And run system-switch-mail
And select Postfix as your default MTA.
Goodbye Sendmail
To finally get rid of sendmail in to your system, go and completely erase it!
Setting up Postfix
Enough for the intro; let’s do now Postfix setup.
1. Go to /etc/postfix directory
2. Copy the original main.cf to another file
We copy the original main.cf file to a new file named main.cf-bak-orig in case we want to go back to the previous configuration. This is always my practice, that any modification I’m doing; I always do a backup first. Very handy in case something goes wrong.
3. Clear the existing main.cf file
This command will quickly clear the content of you main.cf file.
4. Edit and add the following lines to main.cf
Here I assume Internet domain name is “example.com”. Users are configured to send mail as“user@example.com”, we call this machine by the name of “mail.example.com”, and
5. Check Postfix
6. Reload Postfix
Setting up Dovecot
Dovecot is very easy to setup and easy to configure. In fact, the last time I setup Dovecot in our local mail server I just simply make sure that under protocols, imap and pop3 are there (protocols = imap pop3). Surprisingly nothing more I did and it works out-of-the-box. Only one thing you may need to get the authentication works – but hey if your users are in /etc/passwd there’s hardly anything you have to do.
Don’t forget to restart dovecot after you edited and saved
Firewall Configuration
Make sure you open the SMPT (tcp/25), POP3 (tcp/110), and IMAP (tcp/143) ports in your iptables.
Restart iptables
That’s all folks! With your choice of mail clients, your users can now send and receive emails.
Optionally, you can install SquirrelMail for your web-based email.
Just download SquirrelMail
Apache and PHP will be automatically downloaded and installed as well. Why not add MySQL so that you can do more things? Here’s how to do it, in case you want.
Edit some settings in SquirrelMail
Start Apache
Conclusion
This is a general very quick guide that will guarantee you a working Mail Server Setup in a latest Red Hat environment. Other optimization and enhancement can be done as your specific requirements arise.
Now that I’m feeling better, let me post this quick guide how to set this up.
Note that I’m using CentOS 4.1 (the equivalent of RHEL) in setting this up since I never use FC for any server setup. Nevertheless, I presume this setup will also work in FC4 and to all Red Hat equivalent distro as significant settings are applied to Postfix and Dovecot, not to the OS itself.
Minimal Installation:
You got already a running Linux system. A minimal type of installation is recommended – no X-Window, no service selected – just the bare, head-less Linux that allows you to login; having a basic network setup that will allow you to download and install services as you need it. I always recommend not installing any packages and don’t run any service that you will not be using.
Security:
Securing a Linux box is a very scary-kind of topic, I don’t want to talk about here at this time in details. But just a quick note, start thinking of securing your box physically – its odd sometimes we overlook this obvious one – if someone press
Ctrl+Alt-Del
, reboot
and boot from CD, go to the BIOS setup, unplug the power itself, etc.
And of course since you will be running a server, this box will
definitely be online.
Once your box online, you’re not secured anymore – endless possibility
can now happened. Good start is to check the open ports using netstat –vat
and
you will be surprise how many ports are open. If you are not using it;
you better close it. Oh yeah, don’t use unsecured connections like
telnet; use ssh instead. Securing a box is truly a challenge – it is a
learning process and a cycle of identifying possible insecurities,
patching it — cycle must goes on, and it should never stop.Updates:
Before we start, I recommend you make sure your present box is updated. Use the yum command.
# yum update
Download and Install:
Check if both Postfix and Dovecot is not yet installed in your system.
# rpm –q postfix
# rpm –q dovecot
If you installed your box as Minimal, for sure both postfix and dovecot not yet installed. Let’s download and install both Postfix and Dovecot.
# yum install postfix
# yum install dovecot
Sendmail and system-switch-mail
By default, sendmail is installed to your system and serves as the default MTA. Since we want to use postfix instead of sendmail, let’s get rid of it! You can use system-switch-mail to do that easily.
Check if it is installed
# rpm –q system-switch-mail
If not installed, install it
# yum install system-switch-mail
And run system-switch-mail
# system-switch-mail
And select Postfix as your default MTA.
Goodbye Sendmail
To finally get rid of sendmail in to your system, go and completely erase it!
# rpm –e --nodeps sendmail
Setting up Postfix
Enough for the intro; let’s do now Postfix setup.
1. Go to /etc/postfix directory
# cd /etc/postfix
2. Copy the original main.cf to another file
# cp main.cf main.cf-bak-orig
We copy the original main.cf file to a new file named main.cf-bak-orig in case we want to go back to the previous configuration. This is always my practice, that any modification I’m doing; I always do a backup first. Very handy in case something goes wrong.
3. Clear the existing main.cf file
# cat /dev/null > main.cf
This command will quickly clear the content of you main.cf file.
4. Edit and add the following lines to main.cf
myhostname = mail.example.com
mydomain = example.com
myorigin = $mydomain
mydestination = $myhostname localhost.$mydomain localhost $mydomain
relay_domains =
home_mailbox = Maildir/
Here I assume Internet domain name is “example.com”. Users are configured to send mail as“user@example.com”, we call this machine by the name of “mail.example.com”, and
“home_mailbox = Maildir/"
for qmail-style delivery.5. Check Postfix
# postfix check
6. Reload Postfix
# postfix reload
Setting up Dovecot
Dovecot is very easy to setup and easy to configure. In fact, the last time I setup Dovecot in our local mail server I just simply make sure that under protocols, imap and pop3 are there (protocols = imap pop3). Surprisingly nothing more I did and it works out-of-the-box. Only one thing you may need to get the authentication works – but hey if your users are in /etc/passwd there’s hardly anything you have to do.
Don’t forget to restart dovecot after you edited and saved
/etc/dovecot.conf
# /etc/init.d/dovecot restart
Firewall Configuration
Make sure you open the SMPT (tcp/25), POP3 (tcp/110), and IMAP (tcp/143) ports in your iptables.
# vi /etc/sysconfig/iptables
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 25 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 110 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 143 -j ACCEPT
Restart iptables
# /etc/init.d/iptables restart
That’s all folks! With your choice of mail clients, your users can now send and receive emails.
Optionally, you can install SquirrelMail for your web-based email.
Just download SquirrelMail
# yum intall squirrelmail
Apache and PHP will be automatically downloaded and installed as well. Why not add MySQL so that you can do more things? Here’s how to do it, in case you want.
Edit some settings in SquirrelMail
# /usr/share/squirrelmail/config/conf.pl
Start Apache
# /etc/init.d/httpd start
Conclusion
This is a general very quick guide that will guarantee you a working Mail Server Setup in a latest Red Hat environment. Other optimization and enhancement can be done as your specific requirements arise.
0 comments:
Post a Comment