how to build a mail system with dovecot and postfix on Centos 7

I will use my instance at vultr Tokyo to show you how to do that.
There are some tags of this how to:
LMTP
virtual users
mysql
reW


HI, SORRY TO DISTURB YOU. I JUST NEED 20 SECONDS OF YOUR TIME. LEARN HOW TO MAKE MONEY ONLINE IN AFRICA BY SUBSCRIBING TO MY YOUTUBE CHANNEL FOR VIDEO CONTENT AND FREE COURSES

CLICK HERE TO SUBSCRIBE

With this, you will need a server from Vultr.

1. prepare work
First, vultr would block the port 25 by default, you need to open a issue to let staff open it for you, it is not the problem of your system’s firewall.

first of all, you need to install below:


mariadb-server, dovecot-mysql, postfix


They would install the depends for you using:
yum install mariadb-server dovecot-mysql postfix
then create a user for virtual mail:
useradd -s /sbin/nologin -m vmail

2. database
Now I will create database and user for mail at mariadb(mysql), login the
mysql with:

mysql -u root -p

attention here, the mysql doesn’t have root password orignally, so you could
using this way to make a password for the root of mysql(not the system’s root):


HI, SORRY TO DISTURB YOU. I JUST NEED 20 SECONDS OF YOUR TIME. LEARN HOW TO MAKE MONEY ONLINE IN AFRICA BY SUBSCRIBING TO MY YOUTUBE CHANNEL FOR VIDEO CONTENT AND FREE COURSES

CLICK HERE TO SUBSCRIBE

mysqladmin -u root password

(enter here, then type the password)
at mariadb, you need could create a database in this way:
create database mail;
then create a user in this way

create user 'mail'@'localhost' IDENTIFIED BY 'mypass';

then grant the access for that user to database, as the user only need readonly to database:

grant select on mail.* to 'mail'@'localhost';

then exit from mysql shell, in system shell, save the scheme below to a place:

create table `virtual_users` (
        `id` int(11) not null auto_increment,
        `email` varchar(32) not null,
        `password` varchar(128) not null,
        `realname` varchar(32),
        `quota_limit_mbytes` int(8),
        primary key(`id`),
        unique key `email` (`email`)
);

CREATE TABLE `virtual_aliases` (
        `id` int(11) NOT NULL auto_increment,
        `source` varchar(100) NOT NULL,
        `destination` varchar(100) NOT NULL,
        PRIMARY KEY (`id`)
);

then import it to mysql by
mysql -u root -p mail < scheme.sql
then you could insert a user like this:
insert into virtual_users (`email`,`password`) values(‘test@example.org’,’hashedpassword’);

3. dovecot
actually the dovecot will do auth work at mail system,so I would to configure it first.


3.1 enable lmtp
modify /etc/dovecot/dovecot.conf:

protocols = pop3 lmtp

modify /etc/dovecot/conf.d/10-master.conf:
service lmtp {
  unix_listener /var/spool/postfix/private/dovecot-lmtp {
    user = postfix
    group = postfix
    mode = 0600
  }
}

enable enable the virtual user,
modify the /etc/dovecot/conf.d/10-auth.conf to enable sql auth

!include auth-sql.conf.ext
then the auth-sql.conf.ext
passdb {
  driver = sql 
  args = /etc/dovecot/dovecot-sql.conf.ext
}
userdb {
  driver = static
  args = args = uid=vmail gid=vmail home=/var/spool/mail/%d/%n
}

then the /etc/dovecot/dovecot-sql.conf.ext


HI, SORRY TO DISTURB YOU. I JUST NEED 20 SECONDS OF YOUR TIME. LEARN HOW TO MAKE MONEY ONLINE IN AFRICA BY SUBSCRIBING TO MY YOUTUBE CHANNEL FOR VIDEO CONTENT AND FREE COURSES

CLICK HERE TO SUBSCRIBE

driver=mysql
connect = host=localhost dbname=mail user=mail password=password

default_pass_scheme = SHA512-CRYPT

password_query = SELECT email AS user, password AS password \
        FROM virtual_users WHERE email = '%u'

finally, /etc/dovecot/conf.d/10-mail.conf

mail_location = mdbox:/var/spool/mail/%d/%n/mail

4.postfix
postfix will send mail and receive mail then delived it to dovecot
modify /etc/postfix/main.cf to

smtp_sasl_auth_enable = no
smtpd_sasl_auth_enable = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_local_domain = exmaple.info
smtpd_sasl_security_options = noanonymous
smtpd_sasl_tls_security_options = noanonymous
smtpd_sasl_exceptions_networks = $mynetworks
smtpd_helo_restrictions =
        permit_sasl_authenticated,
        reject_unknown_helo_hostname
smtpd_sender_restrictions = reject_unknown_sender_domain
smtpd_relay_restrictions =
        reject_non_fqdn_hostname,
        reject_non_fqdn_sender,
        reject_non_fqdn_recipient,
        reject_unknown_sender_domain,
        reject_unknown_recipient_domain,
        permit_mynetworks,
        permit_sasl_authenticated,
        reject_unauth_destination,
        reject_rbl_client zen.spamhaus.org,
        reject_rhsbl_helo dbl.spamhaus.org,
        reject_rhsbl_sender dbl.spamhaus.org
        permit

smtpd_data_restrictions =
        reject_unauth_pipelining,
        permit

the query/maps-mailboxes.query

host = 127.0.0.1
user = mail
password = password
dbname = mail
query = SELECT 1 FROM virtual_users WHERE email='%s'

5. firewall
the centos7 will block most of ports by default

firecmd-cmd --permanent --add-service=stmp
#for pop3
firecmd-cmd --permanent --add-port=110/tcp

the firewall-cmd –reload to apply

Leave a Comment