In the previous meeting we've configured the DNS server on our ubuntu, and now we'll try to configur mail server. Follow this steps:
#1-----Fisrt off all log on with SUPER USER:
fm@fm-vm: $ sudo su
#2-----Because the last meeting we've set the IP to manual now set the IP to DHCP in order to run updating command.
root@fm-vm:/home/fm# nano /etc/network/interfaces
#-----Uncommand all of our setting and write this 2 last line script (2 fisrt line was made by default setting, leave it unchange):
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet dhcp
#3-----Now restart the networking:
root@fm-vm:/home/fm# ifdown eth0 && ifup eth0
#------or this command:
root@fm-vm:/home/fm# sudo service network-manager restart
#4-----Then check the internet connection by pinging google.com, after connection is ready then move to the next step.
root@fm-vm:/home/fm# ping google.com
PING google.com (74.125.200.101) 56(84) bytes of data.
64 bytes from sa-in-f101.1e100.net (74.125.200.101): icmp_seq=1 ttl=43 time=134 ms
^C
--- google.com ping statistics ---
3 packets transmitted, 2 received, 33% packet loss, time 2003ms
rtt min/avg/max/mdev = 113.149/123.725/134.302/10.582 ms
#5-----After connection ready, now Update the repository:
root@fm-vm:/home/fm# apt-get update
#6-----Now install postfix:
root@fm-vm:/home/fm# apt-get install postfix
#------Look at screenshoot:
#7-----Now install dovecot-common:
root@fm-vm:/home/fm# apt-get install dovecot-common
#-----Look at screenshoot:
#8-----Now install dovecot-imapd and dovecot-pop3d:
root@fm-vm:/home/fm# apt-get install dovecot-imapd dovecot-pop3d
#9-----Now install squirrelmail:
root@fm-vm:/home/fm# apt-get install squirrelmail
#------If there is question like “Do you want to continue? [Y/n] “ then type Y then press Enter
#10----After installing needed package (postfix, dovecot-common, dovecot-imapd, dovecot-pop3d, squirrelmail) then turn the IP configuration like the old setting (remove the uncommand and put the uncommand sign the two lines writen in the first step), do step 2,3,4.
#11-----Try to ping the 3 of your domains ex: farihin.com, forum.farihin.com, mail.farihin.com
#12-----In case some of the domain won't replay then use this script to reboot the networking:
root@fm-vm:/home/fm# sudo ifdown eth0 && ifup eth0
root@fm-vm:/home/fm# sudo ifdown eth0:1 && ifup eth0:1
root@fm-vm:/home/fm# sudo ifdown eth0:2 && ifup eth0:2
root@fm-vm:/home/fm# sudo service network-manager restart
#13-----Now let's re-configure the postfix
root@fm-vm:/home/fm# dpkg-reconfigure postfix
#-----Follow the screen-shoot:
#14-----Now open main.cf file:
root@fm-vm:/home/fm# nano /etc/postfix/main.cf
#-----Then find the myhostname = (after = write your mail domain name ex: myhostname = farihin.com)
#-----After that we need to configure the SASL Autentification. Add this script after the last line of the main.cf file:
home_mailbox = Maildir/
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_local_domain = farihin.com
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
smtp_tls_security_level = may
smtpd_tls_security_level = may
smtp_tls_note_starttls_offer = yes
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
#15-----Now run this command one by one:
A. root@fm-vm:/home/fm# openssl genrsa -des3 -out server.key 2048
Enter pass phrase for server.key: farihin (or whatever)
Verifying - Enter pass phrase for server.key: farihin (or whatever)
B. root@fm-vm:/home/fm# openssl rsa -in server.key -out server.key.insecure
Enter pass phrase for server.key: farihin (or whatever)
C. root@fm-vm:/home/fm# mv server.key server.key.secure
D. root@fm-vm:/home/fm# mv server.key.insecure server.key
E. root@fm-vm:/home/fm# openssl req -new -key server.key -out server.csr
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:ID
State or Province Name (full name) [Some-State]:Jawa Barat
Locality Name (eg, city) []:Tasikmalaya
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Farihin Incorporated
Organizational Unit Name (eg, section) []:IT
Common Name (e.g. server FQDN or YOUR name) []:farihin.com
Email Address []:farihinmuhamad@gmail.com
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:farihinok
An optional company name []:Farihin Inc
F. root@fm-vm:/home/fm# openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
G. root@fm-vm:/home/fm# sudo cp server.crt /etc/ssl/certs
H. root@fm-vm:/home/fm# sudo cp server.key /etc/ssl/private
#16-----Now run this 2 commands to configure certificate path:
root@fm-vm:/home/fm# sudo postconf -e 'smtpd_tls_key_file = /etc/ssl/private/server.key'
root@fm-vm:/home/fm# sudo postconf -e 'smtpd_tls_cert_file = /etc/ssl/certs/server.crt'
#17-----We’re going to configure master.cf file, so let’s open the master.cf file:
root@fm-vm:/home/fm# nano /etc/postfix/master.cf
#-----Now you need to remove the uncommand on these lines:
submission inet n - - - - smtpd
-o syslog_name=postfix/submission
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
-o smtpd_reject_unlisted_recipient=no
-o smtpd_client_restrictions=$mua_client_restrictions
-o smtpd_helo_restrictions=$mua_helo_restrictions
-o smtpd_sender_restrictions=$mua_sender_restrictions
-o smtpd_recipient_restrictions=
-o smtpd_relay_restrictions=permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING
smtps inet n - - - - smtpd
-o syslog_name=postfix/smtps
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_reject_unlisted_recipient=no
-o smtpd_client_restrictions=$mua_client_restrictions
-o smtpd_helo_restrictions=$mua_helo_restrictions
-o smtpd_sender_restrictions=$mua_sender_restrictions
-o smtpd_recipient_restrictions=
-o smtpd_relay_restrictions=permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING
#18----- We’re done configuring postfix. Now let's configure the dovecot. First open the 10-master.conf file:
root@fm-vm:/home/fm# nano /etc/dovecot/conf.d/10-master.conf
#-----Find this line: # Postfix smtp-auth, then remove some uncommands and write some scripts until became like this :
# Postfix smtp-auth
unix_listener /var/spool/postfix/private/auth {
mode = 0660
user = postfix
group = postfix
}
#19-----And now open 10-auth.conf file:
root@fm-vm:/home/fm# nano /etc/dovecot/conf.d/10-auth.conf
#-----Find this line: auth_mechanisms = plain, then add login word at the end of the script (until be like this: auth_mechanisms = plain login)
#20-----Now restart the postfix:
root@fm-vm:/home/fm# sudo service postfix restart
#21-----Then restart the dovecot:
root@fm-vm:/home/fm# sudo service dovecot restart
#22-----Now check the SMTP-AUTH and smtp/pop3 port:
root@fm-vm:/home/fm# telnet farihin.com smtp
Trying 192.168.100.1...
Connected to farihin.com.
Escape character is '^]'.
220 mail.farihin.com ESMTP Postfix (Ubuntu)
#-----Then type: ehlo farihin.com
250-farihin.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
#-----Then type: quit (to quit telnet)
221 2.0.0 Bye
Connection closed by foreign host.
#23-----Now configure the mailbox on the dovicot, so you need to find this line : mail_location = mbox: /mail:INBOX=/var/mail/%u, and replace with : mail_location = maildir: /Maildir
root@fm-vm:/home/fm# nano /etc/dovecot/conf.d/10-mail.conf
#24-----Remove the uncommand sign on this line: #pop3_uidl_format = %08Xu%08Xv.
root@fm-vm:/home/fm# nano /etc/dovecot/conf.d/20-pop3.conf
#25-----Now let's enable the SSL. Open the 10-ssl.conf file and remove the uncommand sign on this line: #ssl = yes (Line 6).
root@fm-vm:/home/fm# nano /etc/dovecot/conf.d/10-ssl.conf
#26-----Then restart the dovecot :
root@fm-vm:/home/fm# sudo service dovecot restart
#27-----Test the pop3 and imap port on the dovecot we've made before:
root@fm-vm:/home/fm# telnet farihin.com 110
Trying 192.168.100.3...
Connected to farihin.com.
Escape character is '^]'.
+OK Dovecot (Ubuntu) ready.
#-----Type: quit (to exit telnet)
+OK Logging out
Connection closed by foreign host.
#-----Or you can use this to check:
root@fm-vm:/home/fm# netstat -nlpt
#-----The result could be like this screen-shoot:
#28-----Dovecot configuration was done, now let’s create two e-mail user for testing.
#--------Let's create first user:
root@fm-vm:/home/fm# adduser farihinadmin
Adding user `farihinadmin' ...
Adding new group `farihinadmin' (1001) ...
Adding new user `farihinadmin' (1001) with group `farihinadmin' ...
Creating home directory `/home/farihinadmin' ...
Copying files from `/etc/skel' ...
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
Changing the user information for farihinadmin
Enter the new value, or press ENTER for the default
Full Name []: Muhamad Farihin
Room Number []: 100
Work Phone []: 0265311766
Home Phone []: 085222572912
Other []: NA
Is the information correct? [Y/n] y
#-----And then let’s create second user:
root@fm-vm:/home/fm# adduser deanuser
Adding user `deanuser' ...
Adding new group `deanuser' (1002) ...
Adding new user `deanuser' (1002) with group `deanuser' ...
Creating home directory `/home/deanuser' ...
Copying files from `/etc/skel' ...
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
Changing the user information for deanuser
Enter the new value, or press ENTER for the default
Full Name []: Dean Malfoy
Room Number []: 101
Work Phone []: 0265311766
Home Phone []: 085223123223
Other []: NA
Is the information correct? [Y/n] y
#29-----The last, we need to configure the squirrelmail:
root@fm-vm:/home/fm# sudo cp /etc/squirrelmail/apache.conf /etc/apache2/sites-available/squirrelmail.conf
root@fm-vm:/home/fm# sudo a2ensite squirrelmail
root@fm-vm:/home/fm# sudo service apache2 restart
#30-----Now let's try open the squirrelmail on web browser. Open firefox then on the address kafetaria type yourdomain/squirrelmail (ex: farihin.com/squirrelmail). Then the squirremail interface will showing like this:
#31-----Log in with your first user then send a mail to your second user. Log out and log in again with your second user, see if the mail received. Then try to reply.
#--That’s all, if you can send and receive e-mail it’s mean your success, CONGRATULATIONS. But if you don’t please doing re-check your configuration. Sumber http://farihinmuhamad.blogspot.com