[:fr]

Voici un tutoriel d’installation pour le groupe Postfix, Dovecot et roundcube

Installer un serveur de messagerie sur ubuntu 14.04 ( POSTFIX – DOVECOT -ROUNDCUBE)

Requis:

  • Serveur : Ubuntu 14.04 LTS

Ce tutoriel explique commant creer un serveur de mail sous ubuntu 14.04

Voici les paquets que nous allons utiliser

  • Postfix ( for sending )
  • Dovecot ( for receiving )
  • ROUNDCUBE ( for webmail access )

Etape 1 – Installer le server de mail

Installer l’hôte dans /etc/hosts
192.168.0.1 mail.bsymedia.com

Installer et configurer postfix

sudo apt-get install postfix  
sudo dpkg-reconfigure postfix  

Maintenant vous pourrez afficher ces détails. Choisissez vos informations et remplacer bsymedia.com par votre nom de domaine.

1. Internet Site  
2. bsymedia.com  
3. postmaster@bsymedia.com  
4. bsymedia.com, second-domain.com, localhost.localdomain, localhost  
5. No  
6. 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128  
7. 0  
8. +  
9. all  

Step 3
Configure postfix for SMTP-AUTH using Dovecot SASL by adding the below lines to postfix config file /etc/postfix/main.cf.

home_mailbox = Maildir/  
smtpd_sasl_type = dovecot  
smtpd_sasl_path = private/auth  
smtpd_sasl_local_domain =  
smtpd_sasl_security_options = noanonymous  
broken_sasl_auth_clients = yes  
smtpd_sasl_auth_enable = yes  
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination  
smtp_tls_security_level = may  
smtpd_tls_security_level = may  
smtp_tls_note_starttls_offer = yes  
smtpd_tls_loglevel = 1  
smtpd_tls_received_header = yes  

Step 4
Now generate a digital certificate for tls. Issue the commands one by one and provide details as per your domain.

openssl genrsa -des3 -out server.key 2048  
openssl rsa -in server.key -out server.key.insecure  
mv server.key server.key.secure  
mv server.key.insecure server.key  
openssl req -new -key server.key -out server.csr  
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt  
sudo cp server.crt /etc/ssl/certs  
sudo cp server.key /etc/ssl/private  

Step 5
Now configure certificate path :

sudo postconf -e 'smtpd_tls_key_file = /etc/ssl/private/server.key'  
sudo postconf -e 'smtpd_tls_cert_file = /etc/ssl/certs/server.crt'  

Step 6
Now enable submission for smtp access through 587. Open /etc/postfix/master.cf file and uncomment below lines.

submission inet n       -       -       -       -       smtpd  
  -o syslog_name=postfix/submission
  -o smtpd_tls_security_level=encrypt
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
  -o milter_macro_daemon_name=ORIGINATING

Step 7
Now install Dovecot SASL by typing the below command. sudo apt-get install dovecot-common

Step 8
Make changes to the files as follows.
Open /etc/dovecot/conf.d/10-master.conf file and find # Postfix smtp-auth line ( line no:95 ) and add the below lines .

# Postfix smtp-auth
unix_listener /var/spool/postfix/private/auth {  
mode = 0660  
user = postfix  
group = postfix  
}

Open /etc/dovecot/conf.d/10-auth.conf file and find (line no:100) auth_mechanisms = plain and replace auth_mechanisms = plain login

Step 9
Restart postfix and dovecot services

sudo service postfix restart  
sudo service dovecot restart  

INSTALLING AND CONFIGURING DOVECOT

Step 1
Install dovecot using the below command :
sudo apt-get install dovecot-imapd dovecot-pop3d

Step 2
Now configure mailbox. Open /etc/dovecot/conf.d/10-mail.conf file and find (Line no:30 ) mail_location = mbox:~/mail:INBOX=/var/mail/%u Replace with mail_location = maildir:~/Maildir

Step 3
Now change pop3uidlformat . Open /etc/dovecot/conf.d/20-pop3.conf file and find and uncomment the below line ( Line no : 50 )
pop3_uidl_format = %08Xu%08Xv

Step 4
Now enable SSL . Open /etc/dovecot/conf.d/10-ssl.conf file and find and uncomment the below line ( Line no : 6 )
ssl = yes

Step 5
Restart dovecot service.
sudo service dovecot restart

INSTALLING AND CONFIGURING ROUNDCUBE WEBMAIL

Step 1
Download RoundCube from following Link :
RoundCube Download Page

Unzip and copy the whole folder to document_root of http server.

Make sure that the following directories (and the files within) are writable by the web server user:

  • temp
  • logs

Step 2 Database Configuration
Next thing we need to do is decide what database backend we’ll use. The most common is MySQL but others are PostgreSQL and SQLite. So once you decide, create a database with any name you want and grant privileges to a separate database user. It’s recommended not to use an existing user or root.

With MySQL you can set up the database by issuing the following commands:

CREATE DATABASE roundcubemail;  
GRANT ALL PRIVILEGES ON roundcubemail.* TO username@localhost IDENTIFIED BY 'password';  
FLUSH PRIVILEGES;  

(of course you have to replace the database, username and password accordingly)

Step 3 Configuring RoundCube
After uploading the files point your browser to http://url-to-roundcube/installer/ to start the install wizard.

In case you see some red NOT OK messages, you need to install or enable something. Follow the links or find out more by searching your web site for your server’s operating system or http://www.php.net.

If the mail server supports SSL connection for imap and TLS for SMTP, then SMTPServer will be tls://localhost and IMAPServer will be ssl://localhost.

Step 4 Protect your installation
Access through your webserver to at least the following directories should be denied:

  • /config
  • /temp
  • /logs

Roundcube use .htaccess files to protect this directories, be sure to allow override of the Limit directives to get them taken into account.

Last but not least you have to remove the whole installer directory from the webserver. If this remains active it can expose the configuration including passwords.

ETC

Add user account

sudo useradd -m username -s /sbin/nologin  
sudo passwd username  

Mail forwarding

  • Using aliases file
vi /etc/aliases  
master:  root, user00, root@bsymedia.com  
newaliases  
  • Making .forward file in user home directory
vi $HOME/.forward  
user00@forward.mail.com  

[:en]

Installer un serveur de messagerie sur ubuntu 14.04 ( POSTFIX – DOVECOT -ROUNDCUBE)

Requis:

  • Serveur : Ubuntu 14.04 LTS

Ce tutoriel explique commant creer un serveur de mail sous ubuntu 14.04

Voici les paquets que nous allons utiliser

  • Postfix ( for sending )
  • Dovecot ( for receiving )
  • ROUNDCUBE ( for webmail access )

Etape 1 – Installer le server de mail

Installer l’hôte dans /etc/hosts
192.168.0.1 mail.bsymedia.com

Installer et configurer postfix

sudo apt-get install postfix  
sudo dpkg-reconfigure postfix  

Maintenant vous pourrez afficher ces détails. Choisissez vos informations et remplacer bsymedia.com par votre nom de domaine.

1. Internet Site  
2. bsymedia.com  
3. postmaster@bsymedia.com  
4. bsymedia.com, second-domain.com, localhost.localdomain, localhost  
5. No  
6. 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128  
7. 0  
8. +  
9. all  

Step 3
Configure postfix for SMTP-AUTH using Dovecot SASL by adding the below lines to postfix config file /etc/postfix/main.cf.

home_mailbox = Maildir/  
smtpd_sasl_type = dovecot  
smtpd_sasl_path = private/auth  
smtpd_sasl_local_domain =  
smtpd_sasl_security_options = noanonymous  
broken_sasl_auth_clients = yes  
smtpd_sasl_auth_enable = yes  
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination  
smtp_tls_security_level = may  
smtpd_tls_security_level = may  
smtp_tls_note_starttls_offer = yes  
smtpd_tls_loglevel = 1  
smtpd_tls_received_header = yes  

Step 4
Now generate a digital certificate for tls. Issue the commands one by one and provide details as per your domain.

openssl genrsa -des3 -out server.key 2048  
openssl rsa -in server.key -out server.key.insecure  
mv server.key server.key.secure  
mv server.key.insecure server.key  
openssl req -new -key server.key -out server.csr  
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt  
sudo cp server.crt /etc/ssl/certs  
sudo cp server.key /etc/ssl/private  

Step 5
Now configure certificate path :

sudo postconf -e 'smtpd_tls_key_file = /etc/ssl/private/server.key'  
sudo postconf -e 'smtpd_tls_cert_file = /etc/ssl/certs/server.crt'  

Step 6
Now enable submission for smtp access through 587. Open /etc/postfix/master.cf file and uncomment below lines.

submission inet n       -       -       -       -       smtpd  
  -o syslog_name=postfix/submission
  -o smtpd_tls_security_level=encrypt
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
  -o milter_macro_daemon_name=ORIGINATING

Step 7
Now install Dovecot SASL by typing the below command. sudo apt-get install dovecot-common

Step 8
Make changes to the files as follows.
Open /etc/dovecot/conf.d/10-master.conf file and find # Postfix smtp-auth line ( line no:95 ) and add the below lines .

# Postfix smtp-auth
unix_listener /var/spool/postfix/private/auth {  
mode = 0660  
user = postfix  
group = postfix  
}

Open /etc/dovecot/conf.d/10-auth.conf file and find (line no:100) auth_mechanisms = plain and replace auth_mechanisms = plain login

Step 9
Restart postfix and dovecot services

sudo service postfix restart  
sudo service dovecot restart  

INSTALLING AND CONFIGURING DOVECOT

Step 1
Install dovecot using the below command :
sudo apt-get install dovecot-imapd dovecot-pop3d

Step 2
Now configure mailbox. Open /etc/dovecot/conf.d/10-mail.conf file and find (Line no:30 ) mail_location = mbox:~/mail:INBOX=/var/mail/%u Replace with mail_location = maildir:~/Maildir

Step 3
Now change pop3uidlformat . Open /etc/dovecot/conf.d/20-pop3.conf file and find and uncomment the below line ( Line no : 50 )
pop3_uidl_format = %08Xu%08Xv

Step 4
Now enable SSL . Open /etc/dovecot/conf.d/10-ssl.conf file and find and uncomment the below line ( Line no : 6 )
ssl = yes

Step 5
Restart dovecot service.
sudo service dovecot restart

INSTALLING AND CONFIGURING ROUNDCUBE WEBMAIL

Step 1
Download RoundCube from following Link :
RoundCube Download Page

Unzip and copy the whole folder to document_root of http server.

Make sure that the following directories (and the files within) are writable by the web server user:

  • temp
  • logs

Step 2 Database Configuration
Next thing we need to do is decide what database backend we’ll use. The most common is MySQL but others are PostgreSQL and SQLite. So once you decide, create a database with any name you want and grant privileges to a separate database user. It’s recommended not to use an existing user or root.

With MySQL you can set up the database by issuing the following commands:

CREATE DATABASE roundcubemail;  
GRANT ALL PRIVILEGES ON roundcubemail.* TO username@localhost IDENTIFIED BY 'password';  
FLUSH PRIVILEGES;  

(of course you have to replace the database, username and password accordingly)

Step 3 Configuring RoundCube
After uploading the files point your browser to http://url-to-roundcube/installer/ to start the install wizard.

In case you see some red NOT OK messages, you need to install or enable something. Follow the links or find out more by searching your web site for your server’s operating system or http://www.php.net.

If the mail server supports SSL connection for imap and TLS for SMTP, then SMTPServer will be tls://localhost and IMAPServer will be ssl://localhost.

Step 4 Protect your installation
Access through your webserver to at least the following directories should be denied:

  • /config
  • /temp
  • /logs

Roundcube use .htaccess files to protect this directories, be sure to allow override of the Limit directives to get them taken into account.

Last but not least you have to remove the whole installer directory from the webserver. If this remains active it can expose the configuration including passwords.

ETC

Add user account

sudo useradd -m username -s /sbin/nologin  
sudo passwd username  

Mail forwarding

  • Using aliases file
vi /etc/aliases  
master:  root, user00, root@bsymedia.com  
newaliases  
  • Making .forward file in user home directory
vi $HOME/.forward  
user00@forward.mail.com  

[:]