Skip to content
Bots!
Bots!
  • About
    • Myself
    • আমার দোয়া
  • Bookmarks
    • Bookmarks
    • My OCI Bookmarks
    • Useful Proxmox Commands & Links
    • Learning Nano
    • Useful Sites
    • Useful Virtualbox Command
    • Useful MySQL Command
    • Useful Linux Command
    • BTT-CAS
  • Resources
    • Webinar on Cloud Adoption for Project Managers
  • Photos
  • Videos
  • Downloads
Bots!

Setup mail server on centos 7 using postfix and dovecot

Rumi, March 30, 2021

Installing packages

Step 1 » Assign hostname for the server using the below command.

[root@krizna ~]# hostnamectl set-hostname mail.krizna.com

Step 2 » Make a host entry with your IP in /etc/hosts file.

172.27.0.51 mail.krizna.com

Step 3 » Now start installing packages.

[root@krizna ~]# yum -y install postfix dovecot

After package installation continue with postfix configuration.

Step 4 » Follow the below steps one by one for creation.

[root@mail ~]# mkdir /etc/postfix/ssl
[root@mail ~]# cd /etc/postfix/ssl
[root@krizna ssl]# openssl genrsa -des3 -out server.key 2048
[root@krizna ssl]# openssl rsa -in server.key -out server.key.insecure
[root@krizna ssl]# mv server.key server.key.secure
[root@krizna ssl]# mv server.key.insecure server.keyLeave blank for A challenge password [] value in the below step.
[root@krizna ssl]# openssl req -new -key server.key -out server.csr
[root@krizna ssl]# openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

Step 5 » Now open /etc/postfix/main.cf file for changes.

Find and uncomment the below lines.

#inet_interfaces = localhost #---> line no 116
#mydestination = $myhostname, localhost.$mydomain, localhost #--> line no 164

and add below lines at the end of the file. change myhostname and mydomain values with yours and home_mailbox value to your desired directory. Here it will store mails in the users home directory (Eg: /home/john/mail ).

myhostname = mail.krizna.com
mydomain = krizna.com
myorigin = $mydomain
home_mailbox = mail/
mynetworks = 127.0.0.0/8
inet_interfaces = all
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
smtp_tls_security_level = may
smtpd_tls_security_level = may
smtp_tls_note_starttls_offer = yes
smtpd_tls_loglevel = 1
smtpd_tls_key_file = /etc/postfix/ssl/server.key
smtpd_tls_cert_file = /etc/postfix/ssl/server.crt
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom

Step 6 » Open /etc/postfix/master.cf file, add the below lines after “smtp inet n – n – – smtpd” line.

submission     inet  n       -       n       -       -       smtpd
  -o syslog_name=postfix/submission
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject
  -o milter_macro_daemon_name=ORIGINATING
smtps     inet  n       -       n       -       -       smtpd
  -o syslog_name=postfix/smtps
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject
  -o milter_macro_daemon_name=ORIGINATING

Now check the configuration using postfix check command.

Step 7 » Now configure Dovecot SASL for SMTP Auth. Open /etc/dovecot/conf.d/10-master.conf file, find “# Postfix smtp-auth” line ( line no:95 ) and add the below lines.

# Postfix smtp-auth
unix_listener /var/spool/postfix/private/auth {
mode = 0660
user = postfix
group = postfix
}

Step 8 » Open /etc/dovecot/conf.d/10-auth.conf file, find “auth_mechanisms = plain” ( Line no: 100 ) and add login to the value like below.

auth_mechanisms = plain login

Step 9 » Postfix configuration is over. Now restart both postfix and dovecot services and enable auto start

[root@mail ~]# systemctl restart postfix
[root@mail ~]# systemctl enable postfix
[root@mail ~]# systemctl restart dovecot
[root@mail ~]# systemctl enable dovecot

Step 10 » Add the firewall rules to allow 25, 587 and 465 ports.

[root@mail ~]# firewall-cmd --permanent --add-service=smtp
[root@mail ~]# firewall-cmd --permanent --add-port=587/tcp
[root@mail ~]# firewall-cmd --permanent --add-port=465/tcp
[root@mail ~]# firewall-cmd --reload

Now start testing connectivity for each ports 25,587 and 465 using telnet and make sure you are getting AUTH PLAIN LOGIN line after issuing ehlo mail.krizna.com command in telnet.

[root@mail ~]# telnet mail.krizna.com 465
Trying 172.27.0.51...
Connected to mail.krizna.com.
Escape character is '^]'.
220 mail.krizna.com ESMTP Postfix
ehlo mail.krizna.com <------- Type this command
250-mail.krizna.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN

Start configuring Dovecot

Step 11 » Open /etc/dovecot/conf.d/10-mail.conf file, find #mail_location = (line no : 30 ) and add the same directory which is given to home_mailbox in the postfix config file ( Step 5).

mail_location = maildir:~/mail

Step 12 » Open /etc/dovecot/conf.d/20-pop3.conf file, find and uncomment the below line ( line no : 50 ) .

pop3_uidl_format = %08Xu%08Xv

Step 13 » Restart dovecot service.

[root@mail ~]# systemctl restart dovecot

Step 14 » Add firewall rules to allow 110,143,993 and 995.

[root@mail ~]# firewall-cmd --permanent --add-port=110/tcp
[root@mail ~]# firewall-cmd --permanent --add-service=pop3s
[root@mail ~]# firewall-cmd --permanent --add-port=143/tcp
[root@mail ~]# firewall-cmd --permanent --add-service=imaps
[root@mail ~]# firewall-cmd --reload

Check the connectivity for the ports 110,143,993 and 995 using telnet.

User creation

Step 15 » Create user with /sbin/nologin shell to restrict login access.

[root@mail ~]# useradd -m john -s /sbin/nologin
[root@mail ~]# passwd john

Mail server is ready now, Configure user in your mail client and test send/receive.

Ref : https://www.krizna.com/centos/setup-mail-server-centos-7/

Administrations Configurations (Linux) CentOSCentOS 7DovecotMail ServerPostfix

Post navigation

Previous post
Next post

Comments (2)

  1. Antonio says:
    November 23, 2022 at 4:33 am

    I made the settings according tuturial, but gave the following error: 554 5.7.1 : Recipients address rejected: access denied

    Reply
    1. Rumi says:
      December 27, 2022 at 10:16 am

      It’s happening because the error message is self explanatory- “554 5.7.1 : Recipients address rejected: access denied”
      The destination mail server is rejecting message delivery for one or more recipients. This is likely due to configuration on the destination mail server or some form of anti-spam message filtering.
      Its not mail server issue, you need to update SPF, DKIM, DMARC and possibly Reverse IP/PTR entries in the DNS.

      Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Myself…

Hi, I am Hasan T. Emdad Rumi, an IT Project Manager & Consultant, Virtualization & Cloud Savvyfrom Dhaka, Bangladesh. I have prior experience in managing numerous local and international projects in the area of Telco VAS & NMC, National Data Center & PKI Naitonal Root and CA Infrastructure. Also engaged with several Offshore Software Development Team.

Worked with Orascom Telecom-Banglalink, Network Elites as VAS partner, BTRC, BTT (Turkey) , Mango Teleservices Limited and Access to Informaiton (A2I-UNDP)

Currently working at Oracle Corporation as Principal Technology Solution and Cloud Architect.

You can reach me [h.t.emdad at gmail.com] and I will be delighted to exchange my views.

Tags

Apache Bind Cacti CentOS CentOS 6 CentOS 7 Debain Debian Debian 10 Debian 11 Debian 12 DKIM Docker endian icinga iptables Jitsi LAMP Letsencrypt Linux Munin MySQL Nagios Nextcloud NFS nginx pfsense php Postfix powerdns Proxmox RDP squid SSH SSL Ubuntu Ubuntu 16 Ubuntu 18 Ubuntu 20 Varnish virtualbox vpn Webmin XCP-NG zimbra

Topics

Recent Posts

  • Install Jitsi on Ubuntu 22.04 / 22.10 April 30, 2025
  • Key Lessons in life April 26, 2025
  • Create Proxmox Backup Server (PBS) on Debian 12 April 19, 2025
  • Add Physical Drive in Proxmox VM Guest April 19, 2025
  • Mount a drive permanently with fstab in Linux April 16, 2025
  • Proxmox 1:1 NAT routing March 30, 2025
  • Installation steps of WSL – Windows Subsystem for Linux March 8, 2025
  • Enabling Nested Virtualization In Proxmox March 8, 2025
  • How to Modify/Change console/SSH login banner for Proxmox Virtual Environment (Proxmox VE / PVE) March 3, 2025
  • Install Proxmox Backup Server on Debian 12 February 12, 2025

Archives

Top Posts & Pages

  • Install Jitsi on Ubuntu 22.04 / 22.10
©2025 Bots! | WordPress Theme by SuperbThemes
Bots!
Bots!
  • About
    • Myself
    • আমার দোয়া
  • Bookmarks
    • Bookmarks
    • My OCI Bookmarks
    • Useful Proxmox Commands & Links
    • Learning Nano
    • Useful Sites
    • Useful Virtualbox Command
    • Useful MySQL Command
    • Useful Linux Command
    • BTT-CAS
  • Resources
    • Webinar on Cloud Adoption for Project Managers
  • Photos
  • Videos
  • Downloads