Difference between revisions of "Creating a Mail Server on Ubuntu 12.04"
From Zam Wiki
(→Amavis) |
|||
Line 641: | Line 641: | ||
Download Roundcube file from http://roundcube.net/download : | Download Roundcube file from http://roundcube.net/download : | ||
− | wget http://downloads.sourceforge.net/project/roundcubemail/roundcubemail/ | + | wget http://downloads.sourceforge.net/project/roundcubemail/roundcubemail/1.1.0/roundcubemail-1.1.0.tar.gz |
− | tar xvfz roundcubemail- | + | tar xvfz roundcubemail-1.1.0.tar.gz |
− | cd roundcubemail- | + | cd roundcubemail-1.1.0 |
− | mv roundcubemail- | + | mv roundcubemail-1.1.0 mail |
It is recommended to make the document root and the Roundcube files in it writable by the running as user www-data and group www-data: | It is recommended to make the document root and the Roundcube files in it writable by the running as user www-data and group www-data: | ||
chown -R www-data:www-data /var/www/mail | chown -R www-data:www-data /var/www/mail | ||
− | |||
− | |||
− | |||
− | |||
If you haven't already created a MySQL database for Roundcube (including a MySQL Roundcube user), you can do that as follows: | If you haven't already created a MySQL database for Roundcube (including a MySQL Roundcube user), you can do that as follows: |
Latest revision as of 23:02, 16 February 2015
Mail Server on Ubuntu 12.04 (Postfix, Courier, SSL/TLS, SpamAssassin, ClamAV, Amavis, Roundcube)
Contents
Introduction
Main components:
- Postfix is the mail transfer agent (MTA) responsible for accepting new messages and storing them on your server as well as allowing authorised users to send e-mail.
- Courier sits in front of Postfix and provides an IMAP and POP3 interface for clients to connect to.
- SASL with SSL and TLS allows you to authenticate and communicate with the mail server securely.
- SpamAssassin will analyse your e-mails as they arrive and will filter out what it thinks is spam.
- ClamAV will scan e-mails for viruses before delivering it to your inbox.
- Amavis ties SpamAssasin and ClamAV together, and is itself hooked into Postfix.
- MySQL will be used to manage user accounts and e-mail forwarding.
- Roundcube is the mail interface similar like Squirrelmail
Install required packages from repo
apt-get update apt-get install -y mysql-server postfix postfix-mysql libsasl2-modules libsasl2-modules-sql libgsasl7 libauthen-sasl-cyrus-perl sasl2-bin libpam-mysql clamav-base libclamav6 clamav-daemon clamav-freshclam amavisd-new spamassassin spamc courier-base courier-authdaemon courier-authlib-mysql courier-imap courier-imap-ssl courier-pop courier-pop-ssl courier-ssl php-pear php-auth-sasl php-net-smtp php5-intl php5-mcrypt
sudo pear install Mail_Mime sudo pear install Mail_mimeDecode sudo pear install channel://pear.php.net/Net_IDNA2-0.1.1
During the installation of MySQL you will be prompted for the root user password
Enter a secure password, and don’t forget it!
Similarly, during the installation of Courier you will be presented with the following configuration prompts
Choose No
Choose OK
Choose Internet Site
Enter your mail server name (e.g. replace mail.example.com with your own domain). Make sure you have this subdomain configured in your DNS records.
Choose OK
After everything has finished, we can proceed to configure our mail server.
Configuration
Postfix
First, we create file name main.cf
mv /etc/postfix/main.cf{,.default} nano /etc/postfix/main.cf
Copy/paste the following (change all instances of mail.yourdomain.com):
myorigin = /etc/mailname smtpd_banner = $myhostname ESMTP $mail_name biff = no append_dot_mydomain = no readme_directory = no mydestination = relayhost = mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 mynetworks_style = host mailbox_size_limit = 0 virtual_mailbox_limit = 0 recipient_delimiter = + inet_interfaces = all inet_protocols = all message_size_limit = 0 # SMTP Authentication (SASL) smtpd_sasl_auth_enable = yes broken_sasl_auth_clients = yes smtpd_sasl_security_options = noanonymous smtpd_sasl_local_domain = # Encrypted transfer (SSL/TLS) smtp_use_tls = yes smtpd_use_tls = yes smtpd_tls_cert_file = /etc/ssl/private/mail.yourdomain.com.crt smtpd_tls_key_file = /etc/ssl/private/mail.yourdomain.com.key smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache # Basic SPAM prevention smtpd_helo_required = yes smtpd_delay_reject = yes disable_vrfy_command = yes smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks, permit smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination # Force incoming mail to go through Amavis content_filter = amavis:[127.0.0.1]:10024 receive_override_options = no_address_mappings # Virtual user mappings alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases virtual_mailbox_base = /var/spool/mail/virtual virtual_mailbox_maps = mysql:/etc/postfix/maps/user.cf virtual_uid_maps = static:5000 virtual_gid_maps = static:5000 virtual_alias_maps = mysql:/etc/postfix/maps/alias.cf virtual_mailbox_domains = mysql:/etc/postfix/maps/domain.cf
Next, we edit file master.cf
mv /etc/postfix/master.cf{,.default} nano /etc/postfix/master.cf
Copy/paste the following (no changes is required):
# # # Postfix master process configuration file. For details on the format # of the file, see the master(5) manual page (command: "man 5 master"). # # Do not forget to execute "postfix reload" after editing this file. # # ========================================================================== # service type private unpriv chroot wakeup maxproc command + args # (yes) (yes) (yes) (never) (100) # ========================================================================== smtp inet n - - - - smtpd smtps inet n - - - - smtpd -o smtpd_tls_wrappermode=yes submission inet n - - - - smtpd pickup fifo n - - 60 1 pickup -o content_filter= -o receive_override_options=no_header_body_checks cleanup unix n - - - 0 cleanup qmgr fifo n - n 300 1 qmgr tlsmgr unix - - - 1000? 1 tlsmgr rewrite unix - - - - - trivial-rewrite bounce unix - - - - 0 bounce defer unix - - - - 0 bounce trace unix - - - - 0 bounce verify unix - - - - 1 verify flush unix n - - 1000? 0 flush proxymap unix - - n - - proxymap proxywrite unix - - n - 1 proxymap smtp unix - - - - - smtp # When relaying mail as backup MX, disable fallback_relay to avoid MX loops relay unix - - - - - smtp -o smtp_fallback_relay= showq unix n - - - - showq error unix - - - - - error retry unix - - - - - error discard unix - - - - - discard local unix - n n - - local virtual unix - n n - - virtual lmtp unix - - - - - lmtp anvil unix - - - - 1 anvil scache unix - - - - 1 scache # # ==================================================================== # Interfaces to non-Postfix software. Be sure to examine the manual # pages of the non-Postfix software to find out what options it wants. # # Many of the following services use the Postfix pipe(8) delivery # agent. See the pipe(8) man page for information about ${recipient} # and other message envelope options. # ==================================================================== # # maildrop. See the Postfix MAILDROP_README file for details. # Also specify in main.cf: maildrop_destination_recipient_limit=1 # maildrop unix - n n - - pipe flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient} # # See the Postfix UUCP_README file for configuration details. # uucp unix - n n - - pipe flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient) # # Other external delivery methods. # ifmail unix - n n - - pipe flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) bsmtp unix - n n - - pipe flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient scalemail-backend unix - n n - 2 pipe flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension} mailman unix - n n - - pipe flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py ${nexthop} ${user} amavis unix - - - - 2 smtp -o smtp_data_done_timeout=1200 -o smtp_send_xforward_command=yes -o disable_dns_lookups=yes -o max_use=20 127.0.0.1:10025 inet n - - - - smtpd -o content_filter= -o local_recipient_maps= -o relay_recipient_maps= -o smtpd_restriction_classes= -o smtpd_delay_reject=no -o smtpd_client_restrictions=permit_mynetworks,reject -o smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o smtpd_data_restrictions=reject_unauth_pipelining -o smtpd_end_of_data_restrictions= -o mynetworks=127.0.0.0/8 -o smtpd_error_sleep_time=0 -o smtpd_soft_error_limit=1001 -o smtpd_hard_error_limit=1000 -o smtpd_client_connection_count_limit=0 -o smtpd_client_connection_rate_limit=0 -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks
As all our mail users are going to be virtual (i.e. we’re not going to create physical user accounts for each user), we only need to create one mail directory and one user account.
groupadd virtual -g 5000 useradd -r -g "virtual" -G "users" -c "Virtual User" -u 5000 virtual mkdir /var/spool/mail/virtual chown virtual:virtual /var/spool/mail/virtual
Now we’ll create the database which will store the mail user configuration and forwarding rules. Enter the password you created during the MySQL installation. Copy/paste the following (change mailuserpassword, yourdomain.com and admin password to something more secure)
CREATE DATABASE mail; GRANT ALL ON mail.* TO mail@localhost IDENTIFIED BY 'mailuserpassword'; FLUSH PRIVILEGES;
USE mail; CREATE TABLE IF NOT EXISTS `alias` (`source` VARCHAR(255) NOT NULL, `destination` VARCHAR(255) NOT NULL DEFAULT "", `enabled` TINYINT UNSIGNED NOT NULL DEFAULT 1, PRIMARY KEY (`source`)) ENGINE=MyISAM DEFAULT CHARSET=utf8;
CREATE TABLE IF NOT EXISTS `domain` (`domain` VARCHAR(255) NOT NULL DEFAULT "", `transport` VARCHAR(255) NOT NULL DEFAULT "virtual:", `enabled` TINYINT UNSIGNED NOT NULL DEFAULT 1, PRIMARY KEY (`domain`)) ENGINE=MyISAM DEFAULT CHARSET=utf8; CREATE TABLE IF NOT EXISTS `user` (`email` VARCHAR(255) NOT NULL DEFAULT "", `password` VARCHAR(255) NOT NULL DEFAULT "", `name` VARCHAR(255) DEFAULT NULL, `quota` INT UNSIGNED DEFAULT NULL, `enabled` TINYINT UNSIGNED NOT NULL DEFAULT 1, PRIMARY KEY (`email`)) ENGINE=MyISAM DEFAULT CHARSET=utf8; INSERT INTO `alias` (`source`, `destination`, `enabled`) VALUES ('@localhost', '[email protected]', 1); INSERT INTO `alias` (`source`, `destination`, `enabled`) VALUES ('@localhost.localdomain', '@localhost', 1); INSERT INTO `domain` (`domain`, `transport`, `enabled`) VALUES ('localhost', 'virtual:', 1); INSERT INTO `domain` (`domain`, `transport`, `enabled`) VALUES ('localhost.localdomain', 'virtual:', 1); INSERT INTO `domain` (`domain`, `transport`, `enabled`) VALUES ('yourdomain.com', 'virtual:', 1); INSERT INTO `user` (`email`, `password`, `name`, `quota`, `enabled`) VALUES ('[email protected]', ENCRYPT('adminpassword'), 'Administrator', NULL, 1);
Now that the database is in place we can create the map files to tell Postfix how to communicate with it.
mkdir /etc/postfix/maps nano /etc/postfix/maps/alias.cf
Copy/paste the following (change mailuserpassword):
user=mail password=mailuserpassword dbname=mail table=alias select_field=destination where_field=source hosts=127.0.0.1 additional_conditions=and enabled = 1
nano /etc/postfix/maps/domain.cf
Copy/paste the following (change mailuserpassword):
user = mail password = mailuserpassword dbname = mail table = domain select_field = domain where_field = domain hosts = 127.0.0.1 additional_conditions = and enabled = 1
We create file name user.cf
nano /etc/postfix/maps/user.cf
Copy/paste the following (change mailuserpassword):
user = mail password = mailuserpassword dbname = mail table = user select_field = CONCAT(SUBSTRING_INDEX(email,'@',-1),'/',SUBSTRING_INDEX(email,'@',1),'/') where_field = email hosts = 127.0.0.1 additional_conditions = and enabled = 1
Set restrictive read permissions as these files contain the MySQL mail user’s password.
chmod 700 /etc/postfix/maps/* chown postfix:postfix /etc/postfix/maps/*
SASL
The final part of configuring Postfix is to configure the authentication mechanism. SASL is a authentication layer that provides the ability to receive a user’s credentials in a variety of formats.
mkdir -p /var/spool/postfix/var/run/saslauthd mkdir /etc/postfix/sasl adduser postfix sasl
nano /etc/postfix/sasl/smtpd.conf
Copy/paste the following (change mailuserpassword):
pwcheck_method: saslauthd auxprop_plugin: sql mech_list: plain login sql_engine: mysql sql_hostnames: 127.0.0.1 sql_user: mail sql_passwd: mailuserpassword sql_database: mail sql_select: SELECT password FROM user WHERE email='%u@%r' AND enabled = 1
Change file permission:
chmod -R 700 /etc/postfix/sasl/smtpd.conf
mv /etc/default/saslauthd{,.default} nano /etc/default/saslauthd
Copy/paste the following (no changes required):
START=yes DESC="SASL Authentication Daemon" NAME="saslauthd" MECHANISMS="pam" MECH_OPTIONS="" THREADS=5 OPTIONS="-r -c -m /var/spool/postfix/var/run/saslauthd"
nano /etc/pam.d/smtp
Copy/paste the following (change all instances of mailuserpassword):
auth required pam_mysql.so user=mail passwd=mailuserpassword host=127.0.0.1 db=mail table=user usercolumn=email passwdcolumn=password crypt=1 account sufficient pam_mysql.so user=mail passwd=mailuserpassword host=127.0.0.1 db=mail table=user usercolumn=email passwdcolumn=password crypt=1
Change file permission:
chmod 700 /etc/pam.d/smtp
Courier
Now let’s configure Courier. I like to provide both IMAP and POP3 support, although personally I only use IMAP. In addition, we’ll be provide SSL support for securing authentication requests.
mv /etc/courier/authdaemonrc{,.default} nano /etc/courier/authdaemonrc
Copy/paste the following (no changes required):
authmodulelist="authmysql" authmodulelistorig="authuserdb authpam authpgsql authldap authmysql authcustom authpipe" daemons=5 authdaemonvar=/var/run/courier/authdaemon DEBUG_LOGIN=0 DEFAULTOPTIONS="" LOGGEROPTS=""
mv /etc/courier/authmysqlrc{,.default} nano /etc/courier/authmysqlrc
Copy/paste the following (change mailuserpassword):
MYSQL_SERVER localhost MYSQL_USERNAME mail MYSQL_PASSWORD mailuserpassword MYSQL_PORT 0 MYSQL_DATABASE mail MYSQL_USER_TABLE user MYSQL_CRYPT_PWFIELD password MYSQL_UID_FIELD 5000 MYSQL_GID_FIELD 5000 MYSQL_LOGIN_FIELD email MYSQL_HOME_FIELD "/var/spool/mail/virtual" MYSQL_MAILDIR_FIELD CONCAT(SUBSTRING_INDEX(email,'@',-1),'/',SUBSTRING_INDEX(email,'@',1),'/') MYSQL_NAME_FIELD name MYSQL_QUOTA_FIELD quota
mv /etc/courier/imapd{,.default} nano /etc/courier/imapd
Copy/paste the following (no changes required):
ADDRESS=0 PORT=143 MAXDAEMONS=40 MAXPERIP=20 PIDFILE=/var/run/courier/imapd.pid TCPDOPTS="-nodnslookup -noidentlookup" LOGGEROPTS="-name=imapd" IMAP_CAPABILITY="IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE" IMAP_KEYWORDS=1 IMAP_ACL=1 IMAP_CAPABILITY_ORIG="IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA AUTH=CRAM-MD5 AUTH=CRAM-SHA1 AUTH=CRAM-SHA256 IDLE" IMAP_PROXY=0 IMAP_PROXY_FOREIGN=0 IMAP_IDLE_TIMEOUT=60 IMAP_MAILBOX_SANITY_CHECK=0 IMAP_CAPABILITY_TLS="$IMAP_CAPABILITY AUTH=PLAIN" IMAP_CAPABILITY_TLS_ORIG="$IMAP_CAPABILITY_ORIG AUTH=PLAIN" IMAP_DISABLETHREADSORT=0 IMAP_CHECK_ALL_FOLDERS=0 IMAP_OBSOLETE_CLIENT=0 IMAP_UMASK=022 IMAP_ULIMITD=65536 IMAP_USELOCKS=1 IMAP_SHAREDINDEXFILE=/etc/courier/shared/index IMAP_ENHANCEDIDLE=0 IMAP_TRASHFOLDERNAME=Trash IMAP_EMPTYTRASH=Trash:7 IMAP_MOVE_EXPUNGE_TO_TRASH=0 SENDMAIL=/usr/sbin/sendmail HEADERFROM=X-IMAP-Sender IMAPDSTART=YES MAILDIRPATH=Maildir
mv /etc/courier/imapd-ssl{,.default} nano /etc/courier/imapd-ssl
Copy/paste the following (change mail.yourdomain.com):
SSLPORT=993 SSLADDRESS=0 SSLPIDFILE=/var/run/courier/imapd-ssl.pid SSLLOGGEROPTS="-name=imapd-ssl" IMAPDSSLSTART=YES IMAPDSTARTTLS=YES IMAP_TLS_REQUIRED=0 COURIERTLS=/usr/bin/couriertls TLS_KX_LIST=ALL TLS_COMPRESSION=ALL TLS_CERTS=X509 TLS_CERTFILE=/etc/ssl/private/mail.yourdomain.com.pem TLS_TRUSTCERTS=/etc/ssl/certs TLS_VERIFYPEER=NONE TLS_CACHEFILE=/var/lib/courier/couriersslcache TLS_CACHESIZE=524288 MAILDIRPATH=Maildir
mv /etc/courier/pop3d{,.default} nano /etc/courier/pop3d
Copy/paste the following (no changes required):
PIDFILE=/var/run/courier/pop3d.pid MAXDAEMONS=40 MAXPERIP=4 POP3AUTH="LOGIN" POP3AUTH_ORIG="PLAIN LOGIN CRAM-MD5 CRAM-SHA1 CRAM-SHA256" POP3AUTH_TLS="LOGIN PLAIN" POP3AUTH_TLS_ORIG="LOGIN PLAIN" POP3_PROXY=0 PORT=110 ADDRESS=0 TCPDOPTS="-nodnslookup -noidentlookup" LOGGEROPTS="-name=pop3d" POP3DSTART=YES MAILDIRPATH=Maildir
mv /etc/courier/pop3d-ssl{,.default} nano /etc/courier/pop3d-ssl
Copy/paste the following (change mail.yourdomain.com):
SSLPORT=995 SSLADDRESS=0 SSLPIDFILE=/var/run/courier/pop3d-ssl.pid SSLLOGGEROPTS="-name=pop3d-ssl" POP3DSSLSTART=YES POP3_STARTTLS=YES POP3_TLS_REQUIRED=0 COURIERTLS=/usr/bin/couriertls TLS_STARTTLS_PROTOCOL=TLS1 TLS_KX_LIST=ALL TLS_COMPRESSION=ALL TLS_CERTS=X509 TLS_CERTFILE=/etc/ssl/private/mail.yourdomain.com.pem TLS_TRUSTCERTS=/etc/ssl/certs TLS_VERIFYPEER=NONE TLS_CACHEFILE=/var/lib/courier/couriersslcache TLS_CACHESIZE=524288 MAILDIRPATH=Maildir
SSL
We need to create SSL certificates for Courier to use when authenticating using SSL/TLS. You can either purchase these (to prevent "invalid" certificate warnings) or generate a self-signed certificate which is just as secure, and free.
You will be prompted to input some information about the certificates you create. You can enter any information you want here except Common Name (CN) which must be your mailname (e.g. mail.yourdomain.com).
Run the following (change mail.yourdomain.com):
1. Remove default certificates
rm -f /etc/courier/imapd.cnf rm -f /etc/courier/imapd.pem rm -f /etc/courier/pop3d.cnf rm -f /etc/courier/pop3d.pem
2. Generate a new PEM certificate (valid for 10 years)
openssl req -x509 -newkey rsa:1024 -keyout "/etc/ssl/private/mail.yourdomain.com.pem" -out "/etc/ssl/private/mail.example.com.pem" -nodes -days 3650
3. Generate a new CRT certificate (valid for 10 years)
openssl req -new -outform PEM -out "/etc/ssl/private/mail.yourdomain.com.crt" -newkey rsa:2048 -nodes -keyout "/etc/ssl/private/mail.example.com.key" -keyform PEM -days 3650 -x509
chmod 640 /etc/ssl/private/mail.yourdomain.com.* chgrp ssl-cert /etc/ssl/private/mail.yourdomain.com.*
Amavis
Next we’ll configure Amavis, the software that ties together SpamAssassin and ClamAV with Postfix.
adduser clamav amavis cat /dev/null > /etc/amavis/conf.d/15-content-filter-mode nano /etc/amavis/conf.d/15-content-filter-mode
Copy/paste the following (no changes required):
use strict; $log_level = 1; $sa_kill_level_deflt = 6.5; $final_spam_destiny = D_DISCARD; $pax = 'pax'; @bypass_virus_checks_maps = (\%bypass_virus_checks, \@bypass_virus_checks_acl, \$bypass_virus_checks_re); @bypass_spam_checks_maps = (\%bypass_spam_checks, \@bypass_spam_checks_acl, \$bypass_spam_checks_re); @local_domains_acl = qw(.); 1;
cat /dev/null > /etc/amavis/conf.d/50-user nano /etc/amavis/conf.d/50-user
Copy/paste the following (no changes required):
use strict; @local_domains_acl = qw(.); $log_level = 1; $syslog_priority = 'info'; $sa_kill_level_deflt = 6.5; $final_spam_destiny = D_DISCARD; $pax = 'pax'; 1;
mv /etc/default/spamassassin{,.default} nano /etc/default/spamassassin
Copy/paste the following (no changes required):
ENABLED=1 OPTIONS="--create-prefs --max-children 5 --helper-home-dir" PIDFILE="/var/run/spamd.pid" CRON=0
ClamAV
ClamAV will scan e-mails for viruses before delivering it to your inbox.
Now, let's configure our ClamAV:
dpkg-reconfigure clamav-freshclam
After that, it will show you a console with an options. Select the settings accordingly:
Choose OK
Choose daemon
Choose a mirror closest to you
Enter your proxy, if required. Usually you will leave this blank
By default, ClamAV updates every hour. That’s excessive. Bring that down to once a day
Choose No
Now restart everything
sudo /etc/init.d/saslauthd restart sudo /etc/init.d/postfix restart sudo /etc/init.d/courier-authdaemon restart sudo /etc/init.d/courier-imap restart sudo /etc/init.d/courier-imap-ssl restart sudo service amavis restart
Testing
Now Postfix is running properly. So it should accept connections on port 25(SMTP port), and send email anywhere in the world.
So let's try telnet to our server via port 25 and send a test email:
$ telnet mail.yourdomain.com 25 Trying mail.yourdomain.com... Connected to mail.yourdomain.com. Escape character is '^]'. 220 mail.yourdomain.com ESMTP Postfix HELO localhost 250 mail.yourdomain.com MAIL FROM: <[email protected]> 250 2.1.0 Ok RCPT TO: <[email protected]> 250 2.1.5 Ok DATA 354 End data with <CR><LF>.<CR><LF> Subject: Test email Testmail to ensure Postfix is working. . 250 2.0.0 Ok: queued as 6705C20E32 QUIT 221 2.0.0 Bye Connection closed by foreign host.
So this proving that our email is working properly.
But is some cases, you may encounter something like this during test sending email to another domain:
$ telnet mail.yourdomain.com 25 Trying mail.yourdomain.com... Connected to mail.yourdomain.com. Escape character is '^]'. 220 mail.yourdomain.com ESMTP Postfix HELO localhost 250 mail.yourdomain.com MAIL FROM: <[email protected]> 250 2.1.0 Ok RCPT TO: <[email protected]> 454 4.7.1 <[email protected]>: Relay access denied QUIT 221 2.0.0 Bye Connection closed by foreign host.
This may cause by misconfiguration during the setup or your server has blocked the port 25.
Do check your firewall and allow connection to and from port 25.
Errors will usually show up in:
/var/log/mail.log /var/log/mail.err
Roundcube
Download Roundcube file from http://roundcube.net/download :
wget http://downloads.sourceforge.net/project/roundcubemail/roundcubemail/1.1.0/roundcubemail-1.1.0.tar.gz tar xvfz roundcubemail-1.1.0.tar.gz cd roundcubemail-1.1.0 mv roundcubemail-1.1.0 mail
It is recommended to make the document root and the Roundcube files in it writable by the running as user www-data and group www-data:
chown -R www-data:www-data /var/www/mail
If you haven't already created a MySQL database for Roundcube (including a MySQL Roundcube user), you can do that as follows:
mysqladmin -u root -p create roundcube
mysql -u root -p
GRANT ALL PRIVILEGES ON roundcube.* TO 'roundcube_admin'@'localhost' IDENTIFIED BY 'roundcube_password'; GRANT ALL PRIVILEGES ON roundcube.* TO 'roundcube_admin'@'localhost.localdomain' IDENTIFIED BY 'roundcube_password'; FLUSH PRIVILEGES; quit;
Edit php.ini:
sudo nano /etc/php5/apache2/php.ini
Add this to the end of file:
extension=mcrypt.so
Edit timezone:
date.timezone = "Asia/Kuala_Lumpur"
Now we can launch the web-based Roundcube installer by going to http://yourdomain/mail/installer/
Scroll down and click on START INSTALLATION
On the next page the installer checks if your environment fulfills all prerequisites.
If everyting is ok, scroll down and click on NEXT
On the next page you can configure. Most default settings should be ok. Scroll down to the Database setup section and fill in the details for the Roundcube MySQL database that we've previously created
Then go to the IMAP Settings section and fill in the details of your IMAP server. If it is located on the same server, fill in localhost in the default_host field. If you want to use IMAPS (port 993), prepend the hostname with ssl:// and change the default_port field to 993
Under SMTP Settings fill in your SMTP server (localhost if it's on the same host). If the SMTP server uses the same login details as your IMAP server, please check Use the current IMAP username and password for SMTP authentication
If all other settings are ok (as I mentioned before, the default settings in all other sections should be fine), click on the CREATE CONFIG button
On the next page you will see two configuration files (main.inc.php and db.inc.php). Copy the contents and create both files in the config directory (/var/www/mail/config/ in this case):
nano /var/www/mail/config/main.inc.php nano /var/www/mail/config/db.inc.php
After you have created both files, click on CONTINUE
On the next page, click on the Initialize database button to make the installer create the Roundcube MySQL database
Finally (this is optional) you have the possibility to test your SMTP and IMAP login
After the installation has finished, you should delete the Roundcube installer directory:
rm -rf /var/www/mail/installer/
Now you can go to http://yourdomain.com/mail/ and use Roundcube to log into your email account
This is how Roundcube looks