SMTP Mail Server (Postfix):
apt-get install postfix postfix-mysql postfix-pcre postfix-tls libsasl2-2 libsasl2-modules libsasl2-modules-sql
dpkg-reconfigure postfix
To generate self signed certificate
openssl req -new -outform PEM -out smtpd.cert -newkey rsa:2048 -nodes -keyout smtpd.key -keyform PEM -days 365 -x509
vi /etc/postfix/master.cf =>
smtp inet n � n � � smtpd => 2626 inet n � n � � smtpd #Change the default SMTP port(25) to 2626. Also -v for extra logging
/etc/postfix/main.cf =>
sudo postconf -e 'smtpd_tls_cert_file = /etc/postfix/smtpd.cert'
sudo postconf -e 'smtpd_tls_key_file = /etc/postfix/smtpd.key'
sudo postconf -e "home_mailbox = Maildir/"
sudo postconf -e "mailbox_command = "
sudo postconf -e "mydestination = mail.fossedu.org, localhost.localdomain, localhost, yourdomain.com"
sudo postconf -e "inet_interfaces = all"
sudo postconf -e "inet_protocols = all"
inet_protocol = all => ipv4 #IPv4 only
vi /etc/postfix/local-host-names =>
vi /etc/postfix/virtusertable =>
postmap /etc/postfix/virtusertable
postmap /etc/postfix/vmailbox
newaliases # creates aliases and aliases.db
sudo service saslauthd status
SMTP: 465 os depriciated. 25 is mta-mta,587=mua-mta
openssl s_client -connect <ip>:587 -starttls smtp
ehlo <domain>
AUTH LOGIN
To generate base64 encoded authentication information: echo -ne '\000username' | openssl base64
echo -ne '\000password' | openssl base64
echo -ne '\000username\000password' | openssl base64
perl -MMIME::Base64 -e 'print encode_base64("<user>\@<domain>")'
POP/IMAP Mail server:
sudo apt-get install courier-pop # POP is not good. DO NOT INSTALL
sudo apt-get install courier-imap ca-certificates ssl-cert courier-ssl courier-imap-ssl courier-pop-ssl courier-authlib-mysql
###### DOnt run this as it clears some other libs. => aptitude purge ca-certificates ssl-cert courier-ssl courier-imap-ssl courier-pop-ssl
Debug courier login problem:
vi /etc/courier/authdaemonrc =>
authmodulelist="authmysql"
DEBUG_LOGIN=2
vi /etc/courier/authmysqlrc =>
USER
PASSWORD
PORT
vi impapd-ssl =>
TLS_TRUSTCERTS
TLS_CERTFILE
Multiple domain service
if TLS_CERTFILE is set to
# /etc/certificate.pem, then you'll need to install the actual certificate # files as /etc/certificate.pem.192.168.0.2, /etc/certificate.pem.192.168.0.3 # and so on, for each IP address.
service courier-authdaemon restart
service courier-imap restart
# After installation courier-authdaemon is not enabled. Run below once to enable at startup
update-rc.d courier-authdaemon defaults
update-rc.d courier-authdaemon enable
POSTFIX
- Problem
- scan_dir_push: open directory deferred/1: Permission denied postfix/cleanup[54693]: fatal: trace: remove 7508E3DE8521 log: Permission denied
- Solution
- sudo chmod -R 755 /var/spool/postfix sudo chmod 1733 /var/spool/postfix/maildrop
- Problem
- unsupported dictionary type: mysql postfix
- Solution
apt-get install postfix-mysql
- Problem
- Solution
- To disable backwards compatibility use "postconf compatibility_level=2"
ProbleM: Prevent postfix double log to syslog remove /var/rsyslog.d/postfix.conf
- Courier
- Problem: Stop insecure imap and all pop Open this file: /etc/courier-imap/pop3d Find line POP3DSTART=YES Replace YES with NO Open this file: /etc/courier-imap/imapd Find line IMAPDSTART=YES Replace YES with NO run �/etc/init.d/courier-imap stop� run �/etc/init.d/courier-pop stop� run �/etc/init.d/courier-pop-ssl stop�
Couirer: /etc/courier/shared/index If the "shared" directory doesn't exist, just create it.
- PROBLEM
- courier-authdaemon not starting on boot
- Solution
service courier-authdaemon start
To check certificates
openssl s_client -showcerts -connect <domain>:993
postfix/courier:
store the email
/var/spool/mail/$user mbox format.
/home/$user/Maildir maildir format.
/etc/courier> /usr/lib/courier/mkimapdcert to generate the pem file for imap ssl. This uses imapd.cnf to generate the cert.
userdbpw to generate impap enctryped passwords.
Courier imapd uses authdeamon and postfix smtp uses sasl for user authentication. Both connects to db using a conf file.
IMAP TEST
openssl s_client -connect <domain_name>:993 -tls1_2
01 login <user@your.domain> <password> #******* The numbers in the beginning of each command are required ****
02 list �� �*�
03 select â��INBOXâ�� # To select one of the folders thatâ�TMs displayed by the previous command
Should return
* FLAGS (Answered Flagged Deleted Seen Draft) * OK [PERMANENTFLAGS (Answered Flagged Deleted Seen Draft )] Flags permitted. 1 EXISTS
- 0 RECENT
- OK [UIDVALIDITY 35764095342] UIDs valid
- OK [UIDNEXT 3] Predicted next UID 3 OK [READ-WRITE] Select completed.
04 fetch 1 all #
05 fetch 1 body[]
06 logout
RFC 3501 - INTERNET MESSAGE ACCESS PROTOCOL - VERSION 4rev1 increment <cmd> for each command
Login
<cmd> LOGIN username password
Values can be quoted to enclose spaces and special characters. A " must then be escape with a \ <cmd> LOGIN "username" "pass word"
List Folders/Mailboxes
<cmd> LIST "" *
<cmd> LIST INBOX *
<cmd> LIST "Archive" *
Create new Folder/Mailbox
<cmd> CREATE INBOX.Archive.2012
<cmd> CREATE "To Read"
Delete Folder/Mailbox
<cmd> DELETE INBOX.Archive.2012
<cmd> DELETE "To Read"
Rename Folder/Mailbox
<cmd> RENAME "INBOX.One" "INBOX.Two"
List Subscribed Mailboxes
<cmd> LSUB ""
Status of Mailbox
There are more flags than the ones listed <cmd> STATUS INBOX (MESSAGES UNSEEN RECENT) Select a mailbox
<cmd> SELECT INBOX
List messages
<cmd> FETCH 1: (FLAGS)
<cmd> UID FETCH 1:* (FLAGS)
Retrieve Message Content
<cmd> FETCH 2 body[text]
<cmd> FETCH 2 all
<cmd#> UID FETCH 102 (UID RFC822.SIZE BODY.PEEK[]) Close Mailbox
<cmd#> CLOSE
Logout
<cmd#> LOGOUT
To make Maildir compatible mailboxes for IMAP and SMTP:
maildirmake -q 5000000S,1000C ./Maildir This sets the quota to 5,000,000 bytes or 1000 messages, whichever comes first.
Folders are additional subdirectories in the maildir whose names begin with a period: such as .Drafts or .Sent. Each folder itself contains the same three subdirectories, tmp, new, and cur
See http://www.courier-mta.org/maildir.html for more detail
Test imap server from external server:
http://www.checktls.com/perl/live/TestReceiver.pl
