Skip to main content

Setup mail server on Centos with postfix, dovecot, cyrus

POSTFIX
Postfix is a free open source mail transfer agent (MTA), a computer program for the routing and delivery of email. It is intended as a fast, easy-to-administer, and secure alternative to the widely-used Sendmail MTA which is installed by default with CentOS.
First we need to remove the Sendmail MTA
yum remove sendmail
Install Postfix
yum install postfix
Installation Of Required Packages for SMTP AUTH
yum install cyrus-sasl cyrus-sasl-devel cyrus-sasl-gssapi cyrus-sasl-md5 cyrus-sasl-plain
Postfix configuration files are stored in /etc/postfix. The two main postfix configuration files are master.cf and main.cf. First we are going to make some additions or changes to the main.cf configuration file as below
#NOTE:  Make sure you uncomment inet_interfaces = localhost
home_mailbox = Maildir/
mailbox_command =
mynetworks = 127.0.0.0/8,221.132.35.94
inet_interfaces = all
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
relay_domains =
local_recipient_maps =
#configure SMTP-AUTH
smtpd_sasl_local_domain =
smtpd_sasl_auth_enable = yes
smtpd_sasl_type = cyrus
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_sasl_authenticated_header = yes
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
////////////////////////
edit /usr/lib/sasl2/smtpd.conf so that Postfix allows PLAIN and LOGIN logins.
On a 64Bit CentOS you must edit the file /usr/lib64/sasl2/smtpd.conf instead. It should look like this:
pwcheck_method: saslauthd
mech_list: plain login
////////////////////
Create the certificates for TLS
///////////////////////
mkdir /etc/postfix/ssl
cd /etc/postfix/ssl/
openssl genrsa -des3 -rand /etc/hosts -out smtpd.key 1024
chmod 600 smtpd.key
openssl req -new -key smtpd.key -out smtpd.csr
openssl x509 -req -days 3650 -in smtpd.csr -signkey smtpd.key -out smtpd.crt
openssl rsa -in smtpd.key -out smtpd.key.unencrypted
mv -f smtpd.key.unencrypted smtpd.key
openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -days 3650
/////////////////////////
Configure Postfix for TLS
#The following lines should be added, edited or uncommented in main.cf file
///////////////////////
smtpd_tls_auth_only = no
smtp_use_tls = yes
smtpd_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
///////////////////////
DOVECOT
It’s an open source IMAP and POP3 server for Linux/UNIX-like systems, written primarily with security in mind.
Install Dovecot (POP3S/IMAPS Server)
yum install dovecot
Open the dovecot config file /etc/dovecot.conf and make the following changes.
protocols = pop3 pop3s imap imaps
mail_location = maildir:~/Maildir/
pop3_uidl_format = %08Xu%08Xv
imap_client_workarounds = delay-newmail outlook-idle netscape-eoh
pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
/////////////
Test dovecot
/////////////
[root@localhost ~]# telnet localhost 110
Trying 127.0.0.1…
Connected to localhost.localdomain (127.0.0.1).
Escape character is ‘^]’.
+OK Dovecot ready.
quit
+OK Logging out
Connection closed by foreign host.
//////////
Set the necessary services to automatically start at boot and then start all services
//////////
chkconfig postfix on/start
chkconfig saslauthd on/start
chkconfig dovecot on/start
////////////////////////
To see if SMTP-AUTH and TLS work properly now run the following command (you can also run the telnet command on the other ports to test if TLS and AUTH is working)
telnet localhost 25
After you have established the connection to your Postfix mail server type
ehlo localhost
If you see the lines
250-STARTTLS
and
250-AUTH PLAIN LOGIN
everything is fine.
/////////////////////
# telnet localhost 25
Trying 127.0.0.1…
Connected to localhost.localdomain (127.0.0.1).
Escape character is ‘^]’.
220 server1.example.com ESMTP Postfix
ehlo localhost
250-server1.example.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
quit
221 2.0.0 Bye
Connection closed by foreign host.
Setup mail server on Centos with postfix, dovecot, cyrus

Comments

  1. This is a smart blog. I mean it. You have an excellent knowledge about this topic. Thanks for sharing such a great blogs to us. VoIP Systems for Small Business

    ReplyDelete

Post a Comment

Popular posts from this blog

Asterisk – CLI commands

Agent commands agent logoff  - Sets an agent offline agent show  - Show status of agents agent show online  - Show all online agents AGI commands agi dump html  - Dumps a list of AGI commands in HTML format agi exec  - Add AGI command to a channel in Async AGI agi set debug [on|off]  - Enable/Disable AGI debugging agi show commands [topic]  - List AGI commands or specific help dnsmgr refresh  - Performs an immediate refresh dnsmgr reload  - Reloads the DNS manager configuration dnsmgr status  - Display the DNS manager status Calendar commands calendar dump sched  - Dump calendar sched context calendar show calendar  - Display information about a calendar calendar show calendars  - Show registered calendars Channel commands channel originate  - Originate a call channel redirect  - Redirect a call channel request hangup  - Request a hangup on a given channel Cli commands cli check permissions  - Try a permissions config for a user cli reload permi

Making video calls – Asterisk tutorial

sip.conf To be able to send video during a call, codec h263 and video support must be enabled. This is done by adding three lines in the sip.conf file (Location: /etc/asterisk/sip.conf). Add the following lines in the [general] tab of the file. videosupport = yes ; Enable video allow = h263 ; H.263 is our video codec allow = h263p ; H.263p is the enhanced video codec Reload Reload the sip.conf file by running the following command in the CLI console:  reload Config in Softphone  Click “Softphone”  Click “Preferences”    Click “Video Codecs”  Verify that h263 and h263+ are selected Click “OK”  Click the video (Webcam) icon to display the video  Dial the other sip phone (number 1002)  Click “Show Video” on the two sip phones. http://asteriskvoipsystem.org/making-video-calls-asterisk-tutorial/

Step by step: Configure call recording - Asterisk tutorials

This article will cover enabling asterisk to record calls. You may want this to interview people over the phone, podcast, or some other purpose. In features.conf, under: [featuremap] uncomment the line that looks like this: automixmon => *3 ; One Touch Record a.k.a. Touch MixMonitor — Make sure to set the X and/or x option in the Dial() or    Queue() app call! Then, enable the X option for Dial() in your dialplan in extensions.conf: PLEASE NOTE:  change you need to make – add the X  your dial rule make look different with me. exten => s,n,Dial(SIP/100,60) make it this instead: exten => s,n,Dial(SIP/100,60,X) The X is what tells Asterisk to allow callers to dial *3 during a call to enable or disable recording. From the asterisk console (run asterisk -r), you should see a line like this appear when the user starts a recording: – User hit ‘*3′ to record call. filename: auto-xxxxx-EXTENSION-DIALEDNUMBER When the recording ends, un