Install mail server on Ubuntu or Debian

This howto is tested on Ubuntu 16, 18, 20 and Debian 10, 11 edition.

Installing and configuring  postfix

Step 1 » Assign static IP and hostname and add a host entry for the host name .

Assign hostname in /etc/hostname

Add a host entry in /etc/hosts

Step 2 » Update the repositories.

tweenpath@mail:~$ sudo apt-get update

Step 3 » Install postfix and dependencies . Press enter for all prompted questions during installation. we will do that in the next step.

tweenpath@mail:~$ sudo apt-get install postfix

Step 4 » After installation issue the below command to configure postfix.

tweenpath@mail:~$ sudo dpkg-reconfigure postfix

Now you will be prompted for set of details . choose the following values and replace with your domain name.

1. Internet Site
3. tweenpath
4., localhost.localdomain, localhost
5. No
6. [::ffff:]/104 [::1]/128
7. 0
8. +
9. all

Step 5 » Now configure Postfix for SMTP-AUTH using Dovecot SASL by adding the below lines to postfix config file /etc/postfix/ .

home_mailbox = Maildir/
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
smtp_tls_security_level = may
smtpd_tls_security_level = may
smtp_tls_note_starttls_offer = yes
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes

Step 6 » Now generate a digital certificate for tls. Issue the commands one by one and provide details as per your domain.

tweenpath@mail:~$ openssl genrsa -des3 -out server.key 2048
tweenpath@mail:~$ openssl rsa -in server.key -out server.key.insecure
tweenpath@mail:~$ mv server.key
tweenpath@mail:~$ mv server.key.insecure server.key
tweenpath@mail:~$ openssl req -new -key server.key -out server.csr
tweenpath@mail:~$ openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
tweenpath@mail:~$ sudo cp server.crt /etc/ssl/certs
tweenpath@mail:~$ sudo cp server.key /etc/ssl/private

Step 7 » Now configure certificate path

tweenpath@mail:~$ sudo postconf -e 'smtpd_tls_key_file = /etc/ssl/private/server.key'
tweenpath@mail:~$ sudo postconf -e 'smtpd_tls_cert_file = /etc/ssl/certs/server.crt'

Step 8 » Open /etc/postfix/ file and uncomment below lines to enable smtps ( 465 ) and submission ( 587 )

submission inet n - - - - smtpd
-o syslog_name=postfix/submission
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
-o smtpd_relay_restrictions=permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING
smtps inet n - n - - smtpd
-o syslog_name=postfix/smtps
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_relay_restrictions=permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING

Step 9 » Now install Dovecot SASL by typing the below command.

tweenpath@mail:~$ sudo apt-get install dovecot-common

Issue the following values for the prompts during installation.

1. yes

Step 10 » Make changes to the files as follows.

Open /etc/dovecot/conf.d/10-master.conf file and find # Postfix smtp-auth line ( line no:95 ) and add the below lines .

# Postfix smtp-auth
unix_listener /var/spool/postfix/private/auth {
mode = 0660
user = postfix
group = postfix

Open /etc/dovecot/conf.d/10-auth.conf file and find (line no:100)

auth_mechanisms = plain and replace auth_mechanisms = plain login

Step 11 » Restart postfix and dovecot services

tweenpath@mail:~$ sudo service postfix restart
tweenpath@mail:~$ sudo service dovecot restart

Step 12 » Now test SMTP-AUTH and smtp/pop3 port access .

Type the below command and should get below response.

tweenpath@mail:~$ telnet smtp
Connected to localhost.
Escape character is '^]'.
220 ESMTP Postfix (Ubuntu)

Now type ehlo and should get below response , please make sure you get those bolded lines .

250 DSN and try the same with port 587 (telnet 587).
Postfix configuration is over, continue for dovecot installation.
» Installing and configuring dovecot

Step 12 » Install dovecot using the below command

tweenpath@mail:~$ sudo apt-get install dovecot-imapd dovecot-pop3d

Step 13 » Now configure mailbox. Open /etc/dovecot/conf.d/10-mail.conf file and find (Line no:30 )

mail_location = mbox:~/mail:INBOX=/var/mail/%uReplace with
mail_location = maildir:~/Maildir

Step 14 » Now change pop3_uidl_format . Open /etc/dovecot/conf.d/20-pop3.conf file and find and uncomment the below line ( Line no : 50 )

pop3_uidl_format = %08Xu%08Xv

Step 15 » Now enable SSL . Open /etc/dovecot/conf.d/10-ssl.conf file and find and uncomment the below line ( Line no : 6 )

ssl = yes

Step 16 »Restart dovecot service.

tweenpath@mail:~$ sudo service dovecot restart

Step 17 » Now test pop3 and imap port access using the telnet command.

tweenpath@mail:~$ telnet 110
Connected to localhost.
Escape character is '^]'.
+OK Dovecot (Ubuntu) ready. Repeat the same for 995,993,143 ports.

OR check for listening ports using netstat command .

tweenpath@mail:~$ netstat -nl4 you should get the result like below.

Step 18 » Create some users and check using mail clients like thunderbird or outlook

tweenpath@mail:~$ sudo useradd -m bobby -s /sbin/nologin
tweenpath@mail:~$ sudo passwd bobby

Now mail server is ready, you can send and receive mail using the server. Continue for squirrelmail ..

» Installing and configuring squirrelmail

Step 19 » Install squirrelmail using the below command. This will install apache and PHP packages.

tweenpath@mail:~$ sudo apt-get install squirrelmail

Step 20 » Configure squirrelmail

tweenpath@mail:~$ sudo squirrelmail-configureEverything is pre-configured , we just need to change Organization name .
» Press 1 (Organization Preferences) » again press 1 (Organization Name) » Organization Name » Press S » Press Q to quit

Step 19 » Now configure apache to enable squirrelmail .

tweenpath@mail:~$ sudo cp /etc/squirrelmail/apache.conf /etc/apache2/sites-available/squirrelmail.conf
tweenpath@mail:~$ sudo a2ensite squirrelmail

Step 20 » Restart Apache service

tweenpath@mail:~$ sudo service apache2 restart

Step 21 » Now open http://serverIP/squirrelmail in your browser and login using username (bobby) . you can send and receive mail using squirrelmail.



Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.