how to build a mail system with dovecot and postfix on Centos 7

I will use my instance at vultr Tokyo to show you how to do that.
There are some tags of this how to:
virtual users

With this, you will need a server from Vultr.

1. prepare work
First, vultr would block the port 25 by default, you need to open a issue to let staff open it for you, it is not the problem of your system’s firewall.

first of all, you need to install below:

mariadb-server, dovecot-mysql, postfix

They would install the depends for you using:
yum install mariadb-server dovecot-mysql postfix
then create a user for virtual mail:
useradd -s /sbin/nologin -m vmail

2. database
Now I will create database and user for mail at mariadb(mysql), login the
mysql with:

mysql -u root -p

attention here, the mysql doesn’t have root password orignally, so you could
using this way to make a password for the root of mysql(not the system’s root):

mysqladmin -u root password

(enter here, then type the password)
at mariadb, you need could create a database in this way:
create database mail;
then create a user in this way

create user 'mail'@'localhost' IDENTIFIED BY 'mypass';

then grant the access for that user to database, as the user only need readonly to database:

grant select on mail.* to 'mail'@'localhost';

then exit from mysql shell, in system shell, save the scheme below to a place:

create table `virtual_users` (
        `id` int(11) not null auto_increment,
        `email` varchar(32) not null,
        `password` varchar(128) not null,
        `realname` varchar(32),
        `quota_limit_mbytes` int(8),
        primary key(`id`),
        unique key `email` (`email`)

CREATE TABLE `virtual_aliases` (
        `id` int(11) NOT NULL auto_increment,
        `source` varchar(100) NOT NULL,
        `destination` varchar(100) NOT NULL,
        PRIMARY KEY (`id`)

then import it to mysql by
mysql -u root -p mail < scheme.sql
then you could insert a user like this:
insert into virtual_users (`email`,`password`) values(‘’,’hashedpassword’);

3. dovecot
actually the dovecot will do auth work at mail system,so I would to configure it first.

3.1 enable lmtp
modify /etc/dovecot/dovecot.conf:

protocols = pop3 lmtp

modify /etc/dovecot/conf.d/10-master.conf:
service lmtp {
  unix_listener /var/spool/postfix/private/dovecot-lmtp {
    user = postfix
    group = postfix
    mode = 0600

enable enable the virtual user,
modify the /etc/dovecot/conf.d/10-auth.conf to enable sql auth

!include auth-sql.conf.ext
then the auth-sql.conf.ext
passdb {
  driver = sql 
  args = /etc/dovecot/dovecot-sql.conf.ext
userdb {
  driver = static
  args = args = uid=vmail gid=vmail home=/var/spool/mail/%d/%n

then the /etc/dovecot/dovecot-sql.conf.ext

connect = host=localhost dbname=mail user=mail password=password

default_pass_scheme = SHA512-CRYPT

password_query = SELECT email AS user, password AS password \
        FROM virtual_users WHERE email = '%u'

finally, /etc/dovecot/conf.d/10-mail.conf

mail_location = mdbox:/var/spool/mail/%d/%n/mail

postfix will send mail and receive mail then delived it to dovecot
modify /etc/postfix/ to

smtp_sasl_auth_enable = no
smtpd_sasl_auth_enable = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
smtpd_sasl_tls_security_options = noanonymous
smtpd_sasl_exceptions_networks = $mynetworks
smtpd_helo_restrictions =
smtpd_sender_restrictions = reject_unknown_sender_domain
smtpd_relay_restrictions =

smtpd_data_restrictions =

the query/maps-mailboxes.query

host =
user = mail
password = password
dbname = mail
query = SELECT 1 FROM virtual_users WHERE email='%s'

5. firewall
the centos7 will block most of ports by default

firecmd-cmd --permanent --add-service=stmp
#for pop3
firecmd-cmd --permanent --add-port=110/tcp

the firewall-cmd –reload to apply

Leave a Comment


Keith Rainz text logo
Keith Rainz black and white

Contact me

Chilanga. Along Kafue Road, Lusaka Zambia.


Contact me


Join my email list to receive free latest updates.

Join my free email list and be the first to know what's new from me, giveaways, tutorials and money making opportunities