{"id":236,"date":"2011-01-18T22:45:45","date_gmt":"2011-01-18T21:45:45","guid":{"rendered":""},"modified":"2011-01-18T23:07:00","modified_gmt":"2011-01-18T21:07:00","slug":"installation-on-ubuntu","status":"publish","type":"post","link":"https:\/\/drfugazi.eu.org\/en\/installation-on-ubuntu\/","title":{"rendered":"Installation of mail system on Ubuntu"},"content":{"rendered":"

I assume that you have installed system with basic configuration and SSH running. After login to system we can install dovecot-postfix package, which is described as fully functional mail server:<\/h3>\n
drfugazi@charr:~% sudo aptitude install dovecot-postfix\r\n[sudo] password for drfugazi:\r\nReading extended state information\r\nInitializing package states... Gotowe\r\nThe following NEW packages will be installed:\r\n  dovecot-common{a} dovecot-imapd{a} dovecot-pop3d{a} dovecot-postfix\r\n0 packages upgraded, 4 newly installed, 0 to remove and 0 not upgraded.\r\nNeed to get 7957kB of archives. After unpacking 15,1MB will be used.\r\nDo you want to continue? [Y\/n\/?] y\r\n...\r\nConfiguring dovecot-common (1:1.2.9-1ubuntu6.1) ...\r\nCreating config file \/etc\/dovecot\/dovecot.conf with new version\r\nCreating config file \/etc\/dovecot\/dovecot-ldap.conf with new version\r\nCreating config file \/etc\/dovecot\/dovecot-sql.conf with new version\r\n<\/code><\/pre>\n
Now we should check if Dovecot is running and we can connect to IMAP server on localhost:<\/h3>\n
<\/p>\n
drfugazi@charr:~% ps axu|grep dovecot\r\nroot     13772  0.0  0.0   2320   700 ?        Ss   Nov19   0:00 \/usr\/sbin\/dovecot -c \/etc\/dovecot\/dovecot.conf\r\nroot     13775  0.0  0.2  10208  2536 ?        S    Nov19   0:00 dovecot-auth\r\n...\r\ndrfugazi@charr:~% telnet localhost 143\r\nTrying 127.0.0.1...\r\nConnected to localhost.\r\nEscape character is '^]'.\r\n* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready.\r\na LOGOUT\r\n* BYE Logging out\r\na OK Logout completed.\r\nConnection closed by foreign host.<\/code><\/pre>\n
If you can connect to localhost then you can try from outside:<\/h3>\n
drfugazi@neptun:~% telnet example.com 143\r\nTrying 212.106.X.X...\r\ntelnet: Unable to connect to remote host: Connection timed out<\/code><\/pre>\n
Lets check on which interface Dovecot is listening for connections:<\/h3>\n
drfugazi@charr:~% netstat -an|grep 143\r\ntcp        0      0 0.0.0.0:143             0.0.0.0:*               LISTEN<\/code><\/pre>\n
All interfaces, so you need to check firewall and add a rule to allow connections to IMAP port 143:<\/h3>\n
sudo iptables -I INPUT -i eth0 -p tcp --syn --dport 143 -d 212.106.X.X -j ACCEPT<\/code><\/pre>\n
Try once more:<\/h3>\n
drfugazi@neptun:~% telnet example.com 143\r\nTrying 212.106.X.X...\r\nConnected to example.com.\r\nEscape character is '^]'.\r\n* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE STARTTLS LOGINDISABLED] Dovecot ready.\r\na LOGOUT\r\n* BYE Logging out\r\na OK Logout completed.\r\nConnection closed by foreign host.<\/code><\/pre>\n
Looks good. Now we can take a closer look to SMTP server, Postfix. Look at master.cf<\/code> file:<\/h3>\n
drfugazi@charr:~% cd \/etc\/postfix\r\ndrfugazi@charr:\/etc\/postfix% sudo vi master.cf\r\n[sudo] password for drfugazi:<\/code><\/pre>\n
We are especially interested smtps and submission sections, we need to enable them in master.cf<\/code>. By the way, we can check if the port numbers are in \/etc\/services<\/code>:<\/h3>\n
drfugazi@charr:\/etc\/postfix% grep submis \/etc\/services\r\nsubmission      587\/tcp                         # Submission [RFC4409]\r\nsubmission      587\/udp\r\ndrfugazi@charr:\/etc\/postfix% grep smtps \/etc\/services\r\nssmtp           465\/tcp         smtps           # SMTP over SSL<\/code><\/pre>\n
Looks good, lets check main.cf<\/code> file, there should be lines added by dovecot-postfix package:<\/h3>\n
mailbox_command = \/usr\/lib\/dovecot\/deliver -c \/etc\/dovecot\/conf.d\/01-dovecot-postfix.conf -n -m \"${EXTENSION}\"\r\nhome_mailbox = Maildir\/\r\nsmtpd_sasl_auth_enable = yes\r\nsmtpd_sasl_type = dovecot\r\nsmtpd_sasl_path = private\/dovecot-auth\r\nsmtpd_sasl_authenticated_header = yes\r\nsmtpd_sasl_security_options = noanonymous\r\nsmtpd_sasl_local_domain = $myhostname\r\nbroken_sasl_auth_clients = yes\r\nsmtpd_recipient_restrictions = reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unauth_pipelining, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination\r\nsmtpd_sender_restrictions = reject_unknown_sender_domain\r\nsmtp_use_tls = yes\r\nsmtpd_tls_received_header = yes\r\nsmtpd_tls_mandatory_protocols = SSLv3, TLSv1\r\nsmtpd_tls_mandatory_ciphers = medium\r\nsmtpd_tls_auth_only = yes\r\ntls_random_source = dev:\/dev\/urandom<\/code><\/pre>\n
We can leave this as is and restart Postfix. Note: you need to stop and start Postfix server to get new settings from master.cf<\/code> file:<\/h3>\n
drfugazi@charr:\/etc\/postfix% sudo service postfix stop\r\n * Stopping Postfix Mail Transport Agent postfix                                                                 [ OK ]\r\ndrfugazi@charr:\/etc\/postfix% sudo service postfix start\r\n * Starting Postfix Mail Transport Agent postfix                                                                 [ OK ]\r\n<\/code><\/pre>\n
Lets check if postfix listening on submission (587) and smtps (465) ports:<\/h3>\n
drfugazi@charr:\/etc\/postfix% netstat -an|egrep \"(:587|:465)\"\r\ntcp        0      0 0.0.0.0:587             0.0.0.0:*               LISTEN\r\ntcp        0      0 0.0.0.0:465             0.0.0.0:*               LISTEN\r\n<\/code><\/pre>\n
Ports are open, lets try to connect from localhost:<\/h3>\n
drfugazi@charr:\/etc\/postfix% telnet localhost 587\r\nTrying 127.0.0.1...\r\nConnected to localhost.\r\nEscape character is '^]'.\r\n220 charr ESMTP Postfix (Ubuntu)\r\nehlo localhost\r\n250-charr\r\n250-PIPELINING\r\n250-SIZE 10240000\r\n250-VRFY\r\n250-ETRN\r\n250-STARTTLS\r\n250-ENHANCEDSTATUSCODES\r\n250-8BITMIME\r\n250 DSN\r\nstarttls\r\n220 2.0.0 Ready to start TLS\r\n^]\r\ntelnet> quit\r\nConnection closed.<\/code><\/pre>\n
We will not try to connect to smtps (465) port, because there is SSL needed to talk. Lets try to connect from outside, iptables needs to allow connections of course:<\/h3>\n
drfugazi@charr:\/etc\/postfix% sudo iptables -L -n|egrep \"(:465|:587)\"\r\ndrfugazi@charr:\/etc\/postfix% sudo iptables -I INPUT -i eth0 -p tcp --syn --dport 587 -d 212.106.X.X -j ACCEPT\r\ndrfugazi@charr:\/etc\/postfix% sudo iptables -I INPUT -i eth0 -p tcp --syn --dport 465 -d 212.106.X.X -j ACCEPT\r\ndrfugazi@charr:\/etc\/postfix% sudo iptables -L -n|egrep \"(:465|:587)\"\r\nACCEPT     tcp  --  0.0.0.0\/0            212.106.X.X     tcp dpt:465 flags:0x17\/0x02\r\nACCEPT     tcp  --  0.0.0.0\/0            212.106.X.X     tcp dpt:587 flags:0x17\/0x02\r\n\r\ndrfugazi@charlie:~% telnet example.com 587\r\nTrying 212.106.X.X...\r\nConnected to example.com.\r\nEscape character is '^]'.\r\n220 charr ESMTP Postfix (Ubuntu)\r\nehlo test\r\n250-charr\r\n250-PIPELINING\r\n250-SIZE 10240000\r\n250-VRFY\r\n250-ETRN\r\n250-STARTTLS\r\n250-ENHANCEDSTATUSCODES\r\n250-8BITMIME\r\n250 DSN\r\nstarttls\r\n220 2.0.0 Ready to start TLS\r\n^]\r\ntelnet> quit\r\nConnection closed.<\/code><\/pre>\n
Now I suggest you to configure mail client software like Thunderbird or Outlook and try to login with use of configured system user. Finally we want to have virtual domains and users with LDAP of course, but it is better to do some checkpoints. If you have a problem with login please check log files for errors and try to eliminate them.<\/p>\n
My Thunderbird automagically configured itself for IMAP with TLS on port 143, and for SMTP with TLS on port 587. This is very good configuration. If your mail client can not do that, you can configure IMAP with SSL on 993 or POP3\/SSL on 995 and SMTP with SSL on port 465 or… change mail client \ud83d\ude09<\/p>\n
Now you should try to send mail, preferably to your external account. Next step is to reply to this mail. This will show whether mail is sent back and forth. If something is wrong, check your logs and try to fix.<\/p>\n
If all of above works, we have mail system configured to send and deliver mail and authenticate user with use of files. Now we can go for more challenging tasks like installation and configuration of LDAP directory service:<\/h3>\n
There is quite good description on HowtoForge<\/a>. I used this, here is my session transcript: installation-and-configuration-openldap<\/a>.<\/h3>\n","protected":false},"excerpt":{"rendered":"
I assume that you have installed system with basic configuration and SSH running. After login to system we can install dovecot-postfix package, which is described as fully functional mail server:<\/h3>\n
drfugazi@charr:~% sudo aptitude install dovecot-postfix\r\n[sudo] password for drfugazi:\r\nReading extended state information\r\nInitializing package states... Gotowe\r\nThe following NEW packages will be installed:\r\n  dovecot-common{a} dovecot-imapd{a} dovecot-pop3d{a} dovecot-postfix\r\n0 packages upgraded, 4 newly installed, 0 to remove and 0 not upgraded.\r\nNeed to get 7957kB of archives. After unpacking 15,1MB will be used.\r\nDo you want to continue? [Y\/n\/?] y\r\n...\r\nConfiguring dovecot-common (1:1.2.9-1ubuntu6.1) ...\r\nCreating config file \/etc\/dovecot\/dovecot.conf with new version\r\nCreating config file \/etc\/dovecot\/dovecot-ldap.conf with new version\r\nCreating config file \/etc\/dovecot\/dovecot-sql.conf with new version\r\n<\/code><\/pre>\n
Now we should check if Dovecot is running and we can connect to IMAP server on localhost:<\/h3>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_exactmetrics_skip_tracking":false,"_exactmetrics_sitenote_active":false,"_exactmetrics_sitenote_note":"","_exactmetrics_sitenote_category":0,"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_newsletter_tier_id":0,"footnotes":"","jetpack_publicize_message":"","jetpack_is_tweetstorm":false,"jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","enabled":false}}},"categories":[],"tags":[22,45],"jetpack_publicize_connections":[],"acf":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p7M9Tz-3O","jetpack-related-posts":[{"id":226,"url":"https:\/\/drfugazi.eu.org\/en\/instalacja-systemu-pocztowego-na-ubuntu\/","url_meta":{"origin":236,"position":0},"title":"Instalacja systemu pocztowego na Ubuntu","author":"drfugazi","date":"Friday November 19th, 2010","format":false,"excerpt":"Zak\u0142adam, \u017ce system jest zainstalowany i posiada podstawow\u0105 konfiguracj\u0119 z uruchomion\u0105 us\u0142ug\u0105 SSH. Po zalogowaniu przyst\u0119pujemy do instalacji pakietu dovecot-postfix, kt\u00f3ry opisany jest jako w pe\u0142ni funkcjonalny serwer pocztowy: drfugazi@charr:~% sudo aptitude install dovecot-postfix [sudo] password for drfugazi: Czytanie list pakiet\u00f3w... Gotowe Budowanie drzewa zale\u017cno\u015bci Odczyt informacji o stanie... Gotowe\u2026","rel":"","context":"In \"Dovecot\"","block_context":{"text":"Dovecot","link":"https:\/\/drfugazi.eu.org\/en\/tag\/dovecot\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":240,"url":"https:\/\/drfugazi.eu.org\/en\/mail-system-authentication-ldap\/","url_meta":{"origin":236,"position":1},"title":"Mail system authentication in LDAP","author":"drfugazi","date":"Wednesday March 16th, 2011","format":false,"excerpt":"I suppose that Dovecot and Postfix are up and running, and you can receive and send mail with system user (see previous posts). It is time to configure authentication in LDAP. Use of directory service to user authentication allows for flexible management of mail system, hosting and so on. LDAP\u2026","rel":"","context":"In \"Mail system\"","block_context":{"text":"Mail system","link":"https:\/\/drfugazi.eu.org\/en\/tag\/mail_system\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":355,"url":"https:\/\/drfugazi.eu.org\/en\/dovecot-compilation-and-installation\/","url_meta":{"origin":236,"position":2},"title":"Dovecot – compilation and installation","author":"drfugazi","date":"Wednesday June 27th, 2012","format":false,"excerpt":"On Linux systems you can install Dovecot from packages. Appropriate packages supports also LDAP authentication, MySQL and so on. Unfortunatelly you probably would not find a newest versions, when you install in this manner. Eg. for today in Ubuntu packages you will find version 2.0.19-0ubuntu1, while on Dovecot page version\u2026","rel":"","context":"In "Mail system"","block_context":{"text":"Mail system","link":"https:\/\/drfugazi.eu.org\/en\/category\/mail-system\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":330,"url":"https:\/\/drfugazi.eu.org\/en\/mail-system-authentication-ldap\/","url_meta":{"origin":236,"position":3},"title":"Mail system authentication in LDAP","author":"","date":"Wednesday March 16th, 2011","format":false,"excerpt":"I suppose that Dovecot and Postfix are up and running, and you can receive and send mail with system user (see previous posts). It is time to configure authentication in LDAP. Use of directory service to user authentication allows for flexible management of mail system, hosting and so on. LDAP\u2026","rel":"","context":"Similar post","block_context":{"text":"Similar post","link":""},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":208,"url":"https:\/\/drfugazi.eu.org\/en\/dovecot-1213\/","url_meta":{"origin":236,"position":4},"title":"dovecot-1.2.13","author":"drfugazi","date":"Friday August 13th, 2010","format":false,"excerpt":"Dovecot is an open source IMAP and POP3 email server for Linux\/UNIX-like systems, written with security primarily in mind. Dovecot is an excellent choice for both small and large installations. It's fast, simple to set up, requires no special administration and it uses very little memory. Source: http:\/\/dovecot.org\/ Below you\u2026","rel":"","context":"In \"Mail system\"","block_context":{"text":"Mail system","link":"https:\/\/drfugazi.eu.org\/en\/tag\/mail_system\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":348,"url":"https:\/\/drfugazi.eu.org\/en\/dovecot-2\/","url_meta":{"origin":236,"position":5},"title":"Dovecot","author":"drfugazi","date":"Monday June  4th, 2012","format":false,"excerpt":"Dovecot is an open source IMAP and POP3 email server for Linux\/UNIX-like systems, written with security primarily in mind. Dovecot is an excellent choice for both small and large installations. It's fast, simple to set up, requires no special administration and it uses very little memory.","rel":"","context":"In "Mail system"","block_context":{"text":"Mail system","link":"https:\/\/drfugazi.eu.org\/en\/category\/mail-system\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"_links":{"self":[{"href":"https:\/\/drfugazi.eu.org\/en\/wp-json\/wp\/v2\/posts\/236"}],"collection":[{"href":"https:\/\/drfugazi.eu.org\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/drfugazi.eu.org\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/drfugazi.eu.org\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/drfugazi.eu.org\/en\/wp-json\/wp\/v2\/comments?post=236"}],"version-history":[{"count":0,"href":"https:\/\/drfugazi.eu.org\/en\/wp-json\/wp\/v2\/posts\/236\/revisions"}],"wp:attachment":[{"href":"https:\/\/drfugazi.eu.org\/en\/wp-json\/wp\/v2\/media?parent=236"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/drfugazi.eu.org\/en\/wp-json\/wp\/v2\/categories?post=236"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/drfugazi.eu.org\/en\/wp-json\/wp\/v2\/tags?post=236"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}