Prepare Maildirs

• mkdir -p /etc/skel/Maildir/new
• mkdir -p /etc/skel/Maildir/cur
• mkdir -p /etc/skel/Maildir/tmp

Install Postfix

• apt-get install postfix

Postfix Service Handling

• systemctl start postfix.service
• systemctl restart postfix.service
• systemctl stop postfix.service
• systemctl status postfix.service

Config of Postfix

• /etc/postfix/master.cf
• /etc/postfix/main.cf

SSL Verschlüsselung

Install letsencrypt

• sudo apt install letsencrypt
• letsencrypt certonly --standalone -d yyy.tuxmen.de

master.cf changed

smtps     inet  n       -       y       -       -       smtpd
  -o smtpd_tls_wrappermode=yes
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_relay_restrictions=permit_sasl_authenticated,reject

main.cf

smtpd_tls_cert_file = /etc/letsencrypt/live/yyy.tuxmen.de/fullchain.pem
smtpd_tls_key_file = /etc/letsencrypt/live/yyy.tuxmen.de/privkey.pem
smtpd_tls_security_level = may
smtpd_tls_received_header = yes

Sasl2

Install

• apt-get install sasl2-bin

Config

• /etc/postfix/sasl/smtpd.conf

pwcheck_method: saslauthd
mech_list: PLAIN LOGIN
saslauthd_path: /var/run/saslauthd/mux

• /etc/default/saslauthd

START=yes
OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd"

• /etc/postfix/main.cf

smtpd_sasl_auth_enable = yes
smtpd_sasl_path = smtpd
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination

Test

• testsaslauthd -f /var/spool/postfix/var/run/saslauthd/mux -s smtp -u leroy -p suxer

Dovecot

Install

• apt-get install dovecot-core dovecot-imap

Config

• /etc/dovecot/conf.d/10-ssl.conf

ssl = yes
smtpd_tls_cert_file = /etc/letsencrypt/live/yyy.tuxmen.de/fullchain.pem
smtpd_tls_key_file = /etc/letsencrypt/live/yyy.tuxmen.de/privkey.pem

• /etc/dovecot/conf.d/10-mail.conf

mail_location = maildir:~/Maildir

• /etc/dovecot/conf.d/10-master.conf

service auth {
  unix_listener auth-userdb {
    #mode = 0666
    #user = 
    #group = 
  }
  unix_listener /var/spool/postfix/private/auth {
    mode = 0666
  }
}