Setup a mail server with Postfix and Dovecot on Ubuntu / Debian

Mail system for your own domain

You have your own domain name and your very own vps/dedicated server and want to use the domain name for emails. So you need to setup a mail server using an smtp server and an imap/pop server.

This tutorial shows you how to setup Postfix (smtp server) and Dovecot (imap/pop server). The task of the smtp server is to accept incoming mails and relay outgoing mails from authorised users on the system.

Whereas Dovecot allows authorized users to access their Inbox and read whatever mails there are.

The Simple Configuration - We are not doing this

In the simplest kind of configuration for Postfix, just specify your domain name "xyz.com" in the "mydestination" configuration parameter then you shall be able to receive mails for [email protected] if there is a (linux) user named silver on the system.

This technique is simple but with heavy drawbacks. Firstly you need to create a new unix user account for every new email address we need.

Secondly the users have to login with their system passwords. So this is not a very flexible strategy to setup mail accounts.

Separately you can configure Dovecot to read the incoming mails from the directory where Postfix stores them (/var/mail by default). There is an article on DigitalOcean that shows how to setup postfix with dovecot like that.

We are going to setup things in a way that you can quickly create email addresses just by writing them in a file along with the password.

We shall add as many domains as we like and create as many emails and it would all be encrypted and authenticated.

Since the email accounts we shall be creating are not related to any system users or system domains, they are called "virtual users" and "virtual domains".

Virtual means, that not related to any system specific thing.

How will it work ? - The technical jargon

1. All incoming mails destined to your server shall be received by Postfix (SMTP) and then handed over to Dovecot (LMTP) for storing in the Inbox.

This is better because dovecot's inbuilt lmtp service offers more features like quotas, permissions, flexible directory structures for mailboxes etc.

Incoming mail (From somewhere) -> Postfix (SMTP) -> Dovecot (LMTP) -> MailBox/Inbox
And due to this Postfix is reduced to just a "tranmission agent" that just moves mails in and out, and nothing else.






2. All outgoing mails shall be send out by Postfix. But only from authenticated accounts.

Outgoing mail (Thunderbird) -> Postfix (SMTP) -> Destination (SMTP) like gmail

3. Dovecot shall provide IMAP/POP services to allow mail clients to read Inbox.

Thunderbird <==> Dovecot (IMAP) <==> Inbox

4. Dovecot shall exclusively provide authentication mechanism to Postfix via SASL.
The email accounts - username + passwords shall be stored in a file.

If you wish to setup domains and email accounts in a database (instead of a file), then following this tutorial at linode.com

Setup MX records for domain

Before getting any further, ensure that the MX records for your domains that you are going to use with your mail server, are properly set. Most server providers like Linode provide an easy interface to setup zone entries for mx records.

If your domain is example.com your mx could be mail.example.com for example. Use the dig command to verify -

# Find the MX (mail exchange) server
$ dig MX amazon.com +short
5 amazon-smtp.amazon.com.

# Find the ip address of the mx server
$ dig amazon-smtp.amazon.com +short
207.171.184.25

Ensure that the ip address of your MX (mail server) is of that server on which you are going to setup postfix and dovecot.

Install and Configure Postfix

The first thing to setup is Postfix. Do not forget that in our setup, Postfix is going to transmit all outgoing mails, but for all incoming mails, it would hand them over to Dovecot for storage and later access by email clients.

Things to know first

1. Postfix logs all its actions in a file called /var/log/mail.log. Check it for useful information and save time diagnosing problems.

2. The postconf command is the tool to peek inside the configurations of Postfix. It lists out everything in a name=value format linewise. So use the grep command to find whatever needed.

3. All the Postfix configuration parameters lie in the file /etc/postfix/main.cf
The parameters are explained in man pages found at - "man 5 postconf"

Install Postfix

Okay, so if you haven't already done so, install Postfix. Its right there in the repositories so you shouldn't look elsewhere unless you want something newer.

$ sudo aptitude install postfix

Don't worry, the rest is not going to be that easy. After installing Postfix you may want to check the version. Here is the command to do that.

$ postconf mail_version
mail_version = 2.10.2

$ postconf | grep mail_version
mail_version = 2.10.2

Configure main.cf

In this section we shall configure several things in the Postfix main configuration file located at /etc/postfix/main.cf.

These include hostnames, parameters for SASL authentication, unix sockets for dovecot lmtp and dovecot sasl authentication service and list of our virtual_mailbox_domains for which Postfix shall be responsible for receiving incoming mails.

The tricky parameters !!!

The following parameters are the 3 super confusing parameters that you need to understand and configure properly to avoid unexpected problems.

myhostname
mydomain
myorigin

You could be hosting multiple domains on your server, say abc.com + efg.com + xyz.com. You have to use one of them as a primary domain and use it for "myorigin". The myorigin field is the one that is configured automatically while postfix installs and asks you for the domain of the server.

By default myorigin is configured to point to /etc/mailname so you can either fill in your default domain in /etc/mailname or specify in the configuration file directly.

The domain specified with myorigin is used for mails generated by Postfix. For example when it fails to deliver a mail, it would reply with a from address of "Mail Delivery System<[email protected]>".

The myhostname parameter is supposed to contain the your "mail server name" as indicated by your mx record. This is the name that Postfix uses in smtp communication to identify itself. For example "HELO myhostname".

If you set myhostname to a certain domain, then you should be able to setup the SPF records for that domain later. This is dictated by the SPF specifications.

You might as well leave myhostname to just "localhost" and things would still work just fine. However in that case your server would use a message like "HELO localhost" when connecting to other mail servers like gmail, and gmail would angrily reject the mail calling it unsolicited.

Therefore it is recommended to configure myhostname to a proper domain name with valid A and TXT (SPF) records. Also make sure to set myorigin.

Example configuration -

myhostname = mail.yoursite.com
myorigin = yoursite.com

Technically, on a single a server, you can use the same value of myorigin for myhostname. However in diverse setups involving multiple separate servers, the values of these fields need to setup more carefully.

To learn more read the Postfix basic configuration guide.

Configure the LMTP socket - main.cf

The virtual_transport parameter tells postfix to forward/transport the mails to dovecot for those domains that are listed in "virtual_mailbox_domains".

# Handing off local delivery to Dovecot's LMTP
virtual_transport = lmtp:unix:private/dovecot-lmtp

The path "private/dovecot-lmtp" is relative to "/var/spool/postfix/". The actual unix socket shall be configured later in the Dovecot configuration section.

Configure SASL - main.cf

Here we set the parameters to setup SASL based authentication for Postfix. Postfix internally is capable of talking to "Dovecot's SASL service" via a unix socket.

#Enabling SMTP for authenticated users, and handing off authentication to Dovecot

smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes

smtpd_tls_auth_only = yes

To check what different smtpd_sasl_type plugins your installation of Postfix supports run the following command.

# postconf -a
cyrus
dovecot

Add mailbox domains - main.cf

Over here we specify the domains for which Postfix shall "accept" incoming mails. So specify all your inhouse domains over here. We shall be putting the domains in a file named virtual_mailbox_domains.

#Virtual domains, users, and aliases
virtual_mailbox_domains = /etc/postfix/virtual_mailbox_domains
# virtual_mailbox_maps = /etc/postfix/virtual_mailbox_maps
# nano /etc/postfix/virtual_mailbox_domains

Enter the domains, one in a line

example.com OK
mysite.com OK

Then run postmap on the file. It will create a file named virtual_mailbox_domains.db which is going to be used by Postfix

# postmap /etc/postfix/virtual_mailbox_domains

The virtual_mailbox_maps table can be used to specify valid email addresses for the domains listed in virtual_mailbox_domains.

However this is not necessary, since the SASL authentication via Dovecot would be doing the verification.

Enable SMTPS and MSA - master.cf

In addition to the smtp service on port 25 we need to enable more services. SMTPS will operate on port 465 and MSA (Mail submission Agent) will operate on port 587. SMTP uses SSL/TLS authentication type and MSA uses STARTTLS.

Find the section on "submission" and "smtps" in the file named /etc/postfix/master.cf and uncomment the first lines. YES ONLY THE FIRST LINE

...
submission inet n       -       -       -       -       smtpd
#  -o syslog_name=postfix/submission
#  -o smtpd_tls_security_level=encrypt
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_reject_unlisted_recipient=no
#  -o smtpd_client_restrictions=$mua_client_restrictions
#  -o smtpd_helo_restrictions=$mua_helo_restrictions
#  -o smtpd_sender_restrictions=$mua_sender_restrictions
#  -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject
#  -o milter_macro_daemon_name=ORIGINATING
smtps     inet  n       -       -       -       -       smtpd
#  -o syslog_name=postfix/smtps
#  -o smtpd_tls_wrappermode=yes
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_reject_unlisted_recipient=no
#  -o smtpd_client_restrictions=$mua_client_restrictions
#  -o smtpd_helo_restrictions=$mua_helo_restrictions
#  -o smtpd_sender_restrictions=$mua_sender_restrictions
#  -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject
#  -o milter_macro_daemon_name=ORIGINATING
...

The "submission" line enables the MSA service on port 587 and the "smtps" starts the SSL-enabled SMTP service on port 465.

You may want to enable only the submission service, since SMTPS is now deprecated and maintained only for compatibility with Microsoft applications that do not support STARTTLS.

Due to historic specifications, technically port 25, 465, 587 do almost the same thing. However as things are evolving they are being redefined.

Port 25 - is for MTA (Mail transmission Agent). MTA service is to allow other MTAs and MSAs to connect to and deliver mails.

Port 465/587 - is for MSA (Mail submission agent). MSA service is for MUAs (mail user agents like thunderbird) to connect and deposit emails for delivery.

Thunderbird (MUA) -> your server smtp(MSA/MTA) -> gmail (MTA) -> Inbox

Restart Postfix

We are done configuring Postfix. Now just restart.

$ sudo service postfix restart

Install and Configure Dovecot

We are done with installing and configuring Postfix. What remains is Dovecot, the IMAP/POP server. But Dovecot does a lot more than that as we shall see right now.

Things to know

1. Dovecot shall be given a location to store the incoming mails handed over by Postfix.

2. A separate system user account shall be created and given to dovecot so that dovecot can read/write the mail storage directory. In our example the user is called "vmail".

3. Dovecot shall host secure IMAP and POP services to allow email clients to read Inbox.

4. Dovecot shall provide the SASL authentication service to Postfix via a unix socket. The same username/password shall work with both Postfix (SMTP server) and Dovecot (IMAP/POP server)

5. We shall use the full email address ([email protected]) as the username and set a encrypted password too.

Install Dovecot

First install dovecot and some necessary packages. Install dovecot core package and packages for imap, pop and lmtp support.

# sudo apt-get install dovecot-core dovecot-imapd dovecot-pop3d dovecot-lmtpd

Check version

# dovecot --version
2.1.7

Configure Dovecot

Now its time to configure Dovecot to setup user accounts and also SASL sockets to enable Postfix to do authentications. All configuration files lie inside the /etc/dovecot/conf.d/ directory.

Check the /etc/dovecot/dovecot.conf file and make sure that protocols file are included. It includes the configuration files for various protocols which enable them.

# Enable installed protocols
!include_try /usr/share/dovecot/protocols.d/*.protocol

Installed protocols can be listed like this

# ls -l /usr/share/dovecot/protocols.d
total 12
-rw-r--r-- 1 root root 28 Nov 30 15:44 imapd.protocol
-rw-r--r-- 1 root root 28 Nov 30 15:44 lmtpd.protocol
-rw-r--r-- 1 root root 28 Nov 30 15:44 pop3d.protocol
#

Configure Inbox location - 10-mail.conf

We tell dovecot to store mails inside /var/mail/vhosts directory and further put them sub directories for each domain and the user under that domain.

Mails for [email protected] would be stored in /var/mail/vhosts/example.com/someone/

Edit the 10-mail.conf file

#mail_location = mbox:~/mail:INBOX=/var/mail/%u
mail_location = maildir:/var/mail/vhosts/%d/%n

Create the directory /var/mail/vhosts

# mkdir /var/mail/vhosts/

Now create inside that directory create a directory for each domain on which you want to receive mail on this server.

# mkdir /var/mail/vhosts/example.com

Create a user to read the mails

Now create a user with name and group of vmail and uid and gid of 5000. Although the uid can be any number, we are choosing 5000 to indicate that it is not an ordinary user. The "-r" option further specifies that this user is a system level user and does not have any login.

$ groupadd -g 5000 vmail
$ useradd -r -g vmail -u 5000 vmail -d /var/mail/vhosts -c "virtual mail user"

Give vmail full privileges to read/write on /var/mail/vhosts

$ chown -R vmail:vmail /var/mail/vhosts/

Enable IMAPS and POP3S services - 10-master.conf

Now tell dovecot to start the imaps and pops services. Edit the 10-master.conf file and enable the ports for the services and specify ssl to yes.

Leave the ports for imap and pop commented since we do not want to host un-secure services.

For IMAPS - Secure IMAP

service imap-login {
  inet_listener imap {
    #port = 143
  }
  inet_listener imaps {
    port = 993
    ssl = yes
  }

For POP3S - Secure POP3

service pop3-login {
  inet_listener pop3 {
    #port = 110
  }
  inet_listener pop3s {
    port = 995
    ssl = yes
  }
}

Configure lmtp socket - 10-master.conf

The dovecot wiki page on LMTP shows a simple example of how to setup the lmtp socket in /etc/dovecot/conf.d/10-master.conf file.

Find the section named "service lmtp" and fill in the path to the file where the unix socket would be created. This same path is used by postfix for the "virtual_transport" setting.

service lmtp {
  unix_listener /var/spool/postfix/private/dovecot-lmtp {
    mode = 0600
        user = postfix
        group = postfix

  }
.....

The socket must have privileges of user:group postfix so that Postfix process can use it.

Configure SASL authentication socket

Find the section "service auth" and inside it add the following. If its already there, then just modify it.

service auth {
.....
  # Postfix smtp-auth
  unix_listener /var/spool/postfix/private/auth {
    mode = 0666
user=postfix
group=postfix
  }
.....

Configure authentication

Open the file conf.d/10-auth.conf and uncomment the disable_plaintext_auth line making sure that its set to yes. This ensures that TLS/SSL encryption is always used for authentication purpose.

disable_plaintext_auth = yes

Find the setting named auth_mechanism and uncomment it. This setting specifies the format in which the password would be provided to dovecot.

auth_mechanisms = plain login

Specify authentication files

The last thing to configure in 10-auth.conf file is the password database. By default dovecot is configured to authenticate using "system users" (linux users from /etc/passwd).

We are going to tell it to authenticate using a separate file containing the usernames and passwords

Find and comment out the auth-system.conf.ext line and uncomment the auth-passwdfile line. It should look something like this

#!include auth-system.conf.ext
#!include auth-sql.conf.ext   
#!include auth-ldap.conf.ext
!include auth-passwdfile.conf.ext
#!include auth-checkpassword.conf.ext
#!include auth-vpopmail.conf.ext
#!include auth-static.conf.ext

Next edit the auth-passwdfile.conf.ext file

/etc/dovecot/conf.d# nano auth-passwdfile.conf.ext

Make it look something like this.

passdb {
  driver = passwd-file
  args = scheme=PLAIN username_format=%u /etc/dovecot/dovecot-users
}

userdb {
  driver = static
#  args = username_format=%u /etc/dovecot/dovecot-users
args = uid=vmail gid=vmail home=/var/mail/vhosts/%d/%n

  # Default fields that can be overridden by passwd-file
  #default_fields = quota_rule=*:storage=1G

  # Override fields from passwd-file
  #override_fields = home=/home/virtual/%u
}

The passdb section tells dovecot where to look for the username and passwords in order to authenticate. The file is /etc/dovecot/dovecot-users.

The username_format "%u" tells that the entire email address will be used as the username. This means that when logging in from an email client you would use the email address as the username for both smtp and imap/pop.

The username and passwords are stored in a file named /etc/dovecot/dovecot-users that we shall create in the next step

The userdb section tells dovecot where to read/write the mails for a given user. We are using a fixed directory structure /var/mail/vhosts/%d/%n

So mails for the user [email protected] would be read from the following directory -

/var/mail/vhosts/example.com/someone/

Configure user accounts

Create a simple plain text file inside /etc/dovecot/ and fill it with username and passwords in the format user:password. Here is an example

# cat dovecot-users 
[email protected]:{plain}abc123
[email protected]:{MD5-CRYPT}$1$JdyRMcO6$qUwKZT40EVp/oIpVfAEXF1

Generate passwords using the doveadm command like this. The password hash returned by the above command should be copied as it is into the dovecot-users file.

# doveadm pw -s MD5-CRYPT
Enter new password: 
Retype new password: 
{MD5-CRYPT}$1$JdyRMcO6$qUwKZT40EVp/oIpVfAEXF1
#

The password file can also contain information about individual user's mailbox directory and permissions. Check the wiki article on passwdfile format.

Enable SSL in dovecot - 10-ssl.conf

Open the file /etc/dovecot/conf.d/10-ssl.conf and uncomment the ssl line and set it to required

# SSL/TLS support: yes, no, required. <doc/wiki/SSL.txt>
ssl = required

Also ensure that ssl_cert and ssl_key are pointing to proper files (this is by default)

ssl_cert = </etc/dovecot/dovecot.pem
ssl_key = </etc/dovecot/private/dovecot.pem
&#91;/pre&#93;

If you have your own certificates from a certificate authority then use them here.

<h4>Setup dovecot log files</h4>

Dovecot by default logs to /var/log/syslog which is already a giant warehouse of logs and would make it difficult to search in there. A neater way is to make dovecot log to a separate file that is easier to track. The configuration lies in the file /etc/dovecot/conf.d/10-logging.conf

Open the file and edit the log_path variable and set it to /var/log/dovecot.log
Also note that info_log_path and debug_log_path would use the same to log information and debugging messages respectively. If you want to separate them further then set a log file for each.

[pre]
# Log file to use for error messages. "syslog" logs to syslog,
# /dev/stderr logs to stderr.
log_path = /var/log/dovecot.log

# Log file to use for informational messages. Defaults to log_path.
#info_log_path =
# Log file to use for debug messages. Defaults to info_log_path.
#debug_log_path =

Setup logrotate

If we change the log files of Dovecot, then it is necessary to configure logrotate to ensure that log files are created in parts instead of one large file.

$ nano /etc/logrotate.d/dovecot

And fill the following

/var/log/dovecot*.log {
  missingok
  notifempty
  delaycompress
  sharedscripts
  postrotate
    doveadm log reopen
  endscript
}

For more information check dovecot wiki page on logging.

Restart Dovecot

Good work. All configurations done. Now restart dovecot

$ sudo service dovecot restart

Test

Now that you are done configuring everything its time to test. Use a mail client like Thunderbird and configure SMTP and IMAP connections.

Then try sending a mail out to some other account like a gmail. If you receive the mail on gmail, try replying back. If the mail shows up in your mail client, you are done. Congratulations!

Checking open ports with netstat

Use the netstat command to check that services are up and running

# netstat -ltnp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 0.0.0.0:993             0.0.0.0:*               LISTEN      28791/dovecot   
tcp        0      0 0.0.0.0:995             0.0.0.0:*               LISTEN      28791/dovecot   
tcp        0      0 127.0.0.1:3306          0.0.0.0:*               LISTEN      3315/mysqld     
tcp        0      0 0.0.0.0:587             0.0.0.0:*               LISTEN      16218/master    
tcp        0      0 0.0.0.0:110             0.0.0.0:*               LISTEN      28791/dovecot   
tcp        0      0 0.0.0.0:143             0.0.0.0:*               LISTEN      28791/dovecot   
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      3337/nginx      
tcp        0      0 0.0.0.0:465             0.0.0.0:*               LISTEN      16218/master    
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      3252/sshd       
tcp        0      0 0.0.0.0:25              0.0.0.0:*               LISTEN      16218/master

In the above output we can see that dovecot is holding ports 993, 995, 110 and 143
Whereas Postfix (master) is holding ports 587, 465 and 25

Troubleshooting

1. mail.log empty

On Ubuntu servers the /var/log/mail.log file might be totally blank. This happens due to permission issues and can be fixed with the following commands

# ls -l /var/log/mail.log
-rw-r----- 1 messagebus adm 0 Apr 26  2013 /var/log/mail.log

The correct owner of the file should be syslog. Set the correct ownership permission with the following commands -

$ sudo chown syslog.adm /var/log/mail.log
$ sudo chmod 640 /var/log/mail.log

Now the mail.log file should be populated with the correct messages to track what is going on with the Postfix server.

2. Relay access denied

When sending mails, if the postfix log (/var/log/mail.log) shows such an error message -

Dec  1 09:57:12 li240-5 postfix/smtpd[25795]: NOQUEUE: reject: RCPT from unknown[122.163.8.12]: 454 4.7.1 <...>: Relay access denied; from=<...> to=<...> proto=ESMTP helo=<&#91;192.168.1.2&#93;>

Make sure that smtpd_relay_restrictions field (/etc/postfix/main.cf) has "permit_sasl_authenticated" listed so that users authenticated via SASL are allowed to send mails using postfix as an smtp server.

smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination

3. Error while receiving mail

If the dovecot logs show such an error message when receiving mails -

Dec 02 18:32:12 lmtp(4412): Fatal: Error reading configuration: Invalid settings: postmaster_address setting not given

Just edit /etc/dovecot/conf.d/15-lda.conf and add a value for postmaster_address

# Address to use when sending rejection mails.
# Default is postmaster@<your domain>. %d expands to recipient domain.
postmaster_address = [email protected]

Create SPF DNS records to enable validation and avoid spam

Try sending an email to some gmail address through a mail client like thunderbird and via the postfix smtp server, and mail would land into the spam folder of gmail, or might get rejected entirely.

To solve this, the SPF records for the sender domain have to be setup. If the postfix server sends out mails with "from address" of [email protected], then the TXT DNS records of example.com must contain the SPF validation information to indicate that this server is authorised to send out mails on behalf of example.com

All that needs to be done is to edit your nameserver's zone entries and add a TXT record containing the following

"v=spf1 mx a -all"

Most vps providers like Linode provide a neat interface to edit DNS settings like those. Check out OpenSPF project website to learn more about it.

Check the SPF records of your domain with this simple command -

$ dig -t TXT example.com

Notes

The above example uses a file to store email accounts and passwords. This makes it convenient when you need few email accounts on your personal server and won't be modifying them too often.

However, at large scales when providing emails to a large number of users and creating/deleting accounts often, the recommended way is to store virtual_mailbox_domains and virtual_mailbox_maps in a database and then use some database client to modify records quickly and easily.

Both Postfix and Dovecot support Mysql/MariaDB.

Check out the resources at the bottom for links useful articles on how to configure Postfix and Dovecot in other ways using a database.

What next

1. You can install a web based mail client like Roundcube to be able to login to your server from the browser and read/send mails.

2. Some users (like me ofcourse) prefer to use Google's gmail as a mail client by adding smtp and pop account information. Google would quickly allow you to send mails using this brand new smtp server setup above.

But gmail would not read mails from the IMAP/POP server created above, until we use a real certificate from a certificate authority (CA) in Dovecot.

SSL certificates from CAs cost money, but you can get a free certificate from StartCom StartSSL PKI and use it with Dovecot and then gmail would allow you to read mails from this server.

3. Further you should also setup DKIM (Domainkeys Identified Mail) for your domain, to enforce the authenticity of the mails and be treated as legitimate by major mail services like gmail.

Resources

Here are some more useful resources on how to setup and configure Postfix and Dovecot in various ways to get the exact kind of mail server you want.

Linode tutorial on setting up Postfix and Dovecot with Mysql
https://www.linode.com/docs/email/postfix/email-with-postfix-dovecot-and-mysql

Documentation of Postfix configuration parameters to use in main.cf
http://www.postfix.org/postconf.5.html

Explanation of the different kind of domains that Postfix supports and uses
https://workaround.org/ispmail/squeeze/postfix-domain-types

Details of how Postfix deals with different kinds of virtual domains
http://www.postfix.org/VIRTUAL_README.html

Full Postfix documentation
http://www.postfix.org/documentation.html

Last Updated On : 3rd February 2016

Subscribe to get updates delivered to your inbox

15 Comments + Add Comment

  • how should I add the MX records?

  • Thank you for this tutorial. I followed the steps and I am able to send mail to my gmail account but when I try to send an email from my gmail account to the mail server, it fails with this error: user was not found as domain. I have also added the MX record to my DNS server. The errors that exist in my dovecot.log file is that passdb doesn’t support credential lookups and passwd([email protected]): unknown user
    I get this error when I try this command: doveadm user [email protected] but when I try doveadm user user1 , I dont get any errors. However both commands show me the results that the user exists. Please help me, I have been working on this for days and I dont really know what the problem is. I am also new to dovecot and postfix. I greatly appreicate your help. If you need anything else from my files please let me know.

  • Thanks a lot for this guide.

    Just want to add a note on the ssl config. If you dont have certificate and key pem files you can generate them by using
    mkcert.sh located in /usr/share/dovecot.

  • The best tutorial on the net! It worked, thank you so much!!! :)))

  • Hi Silver Moon, I’ve tried a few other ways before coming across your method. Your method is the best I have encountered so far because of the minimal changes and actually covering real world scenario i.e. 1 server and multiple domain names.

    The good news is that for the unix users (not on virtual host) the could receive email from external parties. However for the emails on vhosts, I still can’t read the emails with mal. mail (on command line) showed 0 messages. mail.log showed this
    Jan 13 14:01:58 fr-str1 postfix/lmtp[17097]: 7CBBE1A0AD: to=, relay=none, delay=63405, delays=63405/0.01/0/0, dsn=4.4.1, status=deferred (connect to fr-str1.mydomain.net[private/dovecot-lmtp]: No such file or directory)

    I have tried changing the the value in postfix main.cf for the virtual transport but that would result in postfix error. I believe this error I have made is on dovecot config. Would you happen to have some idea which file it is and how could I correct it?

    Thank you very much

  • What about adding aliases (virtual ones)? See my question
    http://unix.stackexchange.com/q/252389/50557

  • Hello,

    I followed this https://www.digitalocean.com/community/tutorials/how-to-install-and-setup-postfix-on-ubuntu-14-04 tutorial before. Now I deleted from there my email and followed your tutorial and now I get this

    550 5.1.1 : Recipient address rejected: User unknown in local recipient table

    before the mail was working with mail cli app

  • I keep getting

    User unknown in local recipient table
    postfix doesnt see dovecot user, whats the problem?

  • Great tutorial! I’ve just done my first successful Dovecot configuration.

  • I have to be signed into my Ubuntu server in order for my email client to work? Is there a step that I missed or is everyone else signed into there server too?

  • The best tutorial, solved my problems, my pain killer indeed! Thanks!!!

  • Revelation, the best tutorial
    needed only antysmpam

  • thanks for the link. it covers almost everything needed for a perfect mail server.

  • this setup does not include anti-virus or anti-spam,white/gray lists or any of the other important things.

    • yes, those would be covered in upcoming articles.

Leave a comment