This tutorial will show you how to get a simple mailserver on CentOS 7, with Postfix as MTA, Dovecot as MDA and Sieve for sorting mail - all over an encrypted connection for improved security.

In order to configure everything, you will first need to install these packages:

yum install postfix dovecot dovecot-pigeonhole mailx

The first configuration step is done in /etc/dovecot/conf.d/15-lda.conf, by adding a postmaster address. This allows people to contact you in case of a failure. We will also be allowing auto-creation of folders and auto-subscription of said folders to avoid an inconsistent state between your mail client and the server:

postmaster_address = yourname@yourdomain.tld
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes

The next step is to assign the correct path for your users' mailboxes in /etc/dovecot/conf.d/10-mail.conf:

mail_location = maildir:~/Maildir

Make sure that there is only one mention of "mail_location" in the file to avoid problems. The last step for ensuring basic functionality is to tell Postfix to deliver the mails via Dovecot. Add the following line to /etc/postfix/main.cf:

mailbox_command = /usr/libexec/dovecot/deliver

Restart both services and you can send the first test mail:

systemctl restart postfix
systemctl restart dovecot

Since it is considered rude to use the root-account for mailing, you should create a separate user for your mailing needs:

 useradd -m youruser
 passwd youruser

Now, you can test the mail functionality with the following command:

echo "TEST" | mail -s "testmail" youruser@localhost && tail -f /var/log/maillog

If your log files contain a line similar to the following one (The last part is the important) ..

postfix/local[27114]: 3F63C5B71: to=<youruser@localhost>, orig_to=<youruser@localhost>, relay=local, delay=0.01, delays=0/0/0/0.01, dsn=2.0.0, status=sent (delivered to command: /usr/libexec/dovecot/deliver)

.. then everything is working properly.

At this point, there are two important things missing - encryption and mail sorting.

The first can be configured, for Dovecot, in /etc/dovecot/conf.d/10-ssl.conf, assuming you already have a certificate at hand:

ssl = require
ssl_cert = </path/to/your/certificate
ssl_key = </path/to/your/key

For sieve to work, edit the protocol section in /etc/dovecot/conf.d/15-lda.conf to look like this:

protocol lda {
  mail_plugins = $mail_plugins sieve
}

Restart the service:

systemctl restart dovecot

And that's it. You can now log in via IMAP or POP3 in a secure way, send transport encrypted mails, and write filters with Sieve.

It is also important to allow the IMAP, SMTP, and POP3 ports in firewalld as follows

firewall-cmd --permanent --add-service=smtp
firewall-cmd --permanent --add-service=pop3
firewall-cmd --permanent --add-service=imap
firewall-cmd --permanent --add-service=smtps
firewall-cmd --permanent --add-service=pop3s
firewall-cmd --permanent --add-service=imaps
firewall-cmd --reload
Kas see vastus oli kasulik? 0 Kasutajad peavad seda kasulikuks (0 Hääled)