I will use my instance at vultr Tokyo to show you how to do that.
There are some tags of this how to:
LMTP
virtual users
mysqlreW
With this, you will need a server from Vultr.
1. prepare work
First, vultr would block the port 25 by default, you need to open a issue to let staff open it for you, it is not the problem of your system’s firewall.
first of all, you need to install below:
mariadb-server, dovecot-mysql, postfix
They would install the depends for you using:
yum install mariadb-server dovecot-mysql postfix
then create a user for virtual mail:
useradd -s /sbin/nologin -m vmail
2. database
Now I will create database and user for mail at mariadb(mysql), login the
mysql with:
mysql -u root -pattention here, the mysql doesn’t have root password orignally, so you could
using this way to make a password for the root of mysql(not the system’s root):
mysqladmin -u root password(enter here, then type the password)
at mariadb, you need could create a database in this way:
create database mail;
then create a user in this way
create user 'mail'@'localhost' IDENTIFIED BY 'mypass';then grant the access for that user to database, as the user only need readonly to database:
grant select on mail.* to 'mail'@'localhost';then exit from mysql shell, in system shell, save the scheme below to a place:
create table `virtual_users` (
`id` int(11) not null auto_increment,
`email` varchar(32) not null,
`password` varchar(128) not null,
`realname` varchar(32),
`quota_limit_mbytes` int(8),
primary key(`id`),
unique key `email` (`email`)
);
CREATE TABLE `virtual_aliases` (
`id` int(11) NOT NULL auto_increment,
`source` varchar(100) NOT NULL,
`destination` varchar(100) NOT NULL,
PRIMARY KEY (`id`)
);
then import it to mysql by
mysql -u root -p mail < scheme.sql
then you could insert a user like this:
insert into virtual_users (`email`,`password`) values(‘test@example.org’,’hashedpassword’);
3. dovecot
actually the dovecot will do auth work at mail system,so I would to configure it first.
3.1 enable lmtp
modify /etc/dovecot/dovecot.conf:
protocols = pop3 lmtp
modify /etc/dovecot/conf.d/10-master.conf:
service lmtp {
unix_listener /var/spool/postfix/private/dovecot-lmtp {
user = postfix
group = postfix
mode = 0600
}
}
enable enable the virtual user,
modify the /etc/dovecot/conf.d/10-auth.conf to enable sql auth
!include auth-sql.conf.ext
then the auth-sql.conf.ext
passdb {
driver = sql
args = /etc/dovecot/dovecot-sql.conf.ext
}
userdb {
driver = static
args = args = uid=vmail gid=vmail home=/var/spool/mail/%d/%n
}
then the /etc/dovecot/dovecot-sql.conf.ext
driver=mysql
connect = host=localhost dbname=mail user=mail password=password
default_pass_scheme = SHA512-CRYPT
password_query = SELECT email AS user, password AS password \
FROM virtual_users WHERE email = '%u'
finally, /etc/dovecot/conf.d/10-mail.conf
mail_location = mdbox:/var/spool/mail/%d/%n/mail
4.postfix
postfix will send mail and receive mail then delived it to dovecot
modify /etc/postfix/main.cf to
smtp_sasl_auth_enable = no
smtpd_sasl_auth_enable = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_local_domain = exmaple.info
smtpd_sasl_security_options = noanonymous
smtpd_sasl_tls_security_options = noanonymous
smtpd_sasl_exceptions_networks = $mynetworks
smtpd_helo_restrictions =
permit_sasl_authenticated,
reject_unknown_helo_hostname
smtpd_sender_restrictions = reject_unknown_sender_domain
smtpd_relay_restrictions =
reject_non_fqdn_hostname,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unknown_sender_domain,
reject_unknown_recipient_domain,
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
reject_rbl_client zen.spamhaus.org,
reject_rhsbl_helo dbl.spamhaus.org,
reject_rhsbl_sender dbl.spamhaus.org
permit
smtpd_data_restrictions =
reject_unauth_pipelining,
permit
the query/maps-mailboxes.query
host = 127.0.0.1
user = mail
password = password
dbname = mail
query = SELECT 1 FROM virtual_users WHERE email='%s'5. firewall
the centos7 will block most of ports by default
firecmd-cmd --permanent --add-service=stmp
#for pop3
firecmd-cmd --permanent --add-port=110/tcpthe firewall-cmd –reload to apply
I am Keith Rainz a content creator in Zambia. I specialize in forex and crypto trading. You can WhatsApp me via +260977770202.
