====== Mail server (for aliases only) ====== ===== Initial cleaning ===== First of all, let's clean up our Debian 7 - 32 bit VPS apt-get remove --purge cifs-utils samba samba-common sendmail apache2 apache2-doc apache2-mpm-prefork apache2-utils apache2.2-bin apache2.2-common apt-get update && apt-get upgrade apt-get install sudo mc vim and install //ntp// (time is important!) apt-get install ntp ===== Database ===== Install mysql dbms apt-get install mysql-server mysql-client Getting mysql innodb error on your lowcost/cheap/crappy vps? InnoDB: Error: io_setup() failed with EAGAIN after 5 attempts. InnoDB: You can disable Linux Native AIO by setting innodb_use_native_aio = 0 in my.cnf [...] Then you can * Disable AIO by adding ''innodb_use_native_aio=0'' in ''my.cnf'' (''[mysqld]'' section) * Increase the global limit for the server in ''/proc/sys/fs/aio-max-nr'' (''echo 65536 > /proc/sys/fs/aio-max-nr'') * Disable innodb (it's ok for our mail server) To disable //innodb// add skip-innodb default-storage-engine=MyISAM under ''[mysqld]'' in ''/etc/my.cnf'' ===== WebServer ===== Now install a web server (needed for postfixadmin + webmail) apt-get install php5-fpm php5-mysql php5-intl php5-imap nginx Create web directories mkdir /var/www mkdir /var/www/XYZ mkdir /var/www/XYZ/tmp mkdir /var/www/XYZ/www edit site configuration file ''vim /etc/nginx/sites-available/mailing'' server { server_name XYZ; root /var/www/XYZ/www; index index.php index.html index.htm; location ~ \.php$ { try_files $uri =404; #try_files $uri $uri/ /index.html; fastcgi_pass unix:/var/run/php5-fpm.sock; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; } location ~ /\. { deny all; } access_log /var/log/nginx/XYZ-access.log; error_log /var/log/nginx/XYZ-error.log; } disable default configuration and enable new one rm /etc/nginx/sites-available/default ln -s /etc/nginx/sites-available/mailing /etc/nginx/sites-enabled/mailing and finally service nginx restart Btw, to make Nginx use your 404.html custom page instead of the default one, inside the nginx.conf server section, add 404 error_page 404 /404.html; location /404.html { internal; } Is a good idea, to block the access to that page, unless there is an error, so add also ''location'' directive as show above. ===== PostFixAdmin ===== Now login into mysql mysql -u root -p and create postfix/pfa users CREATE DATABASE postfix; GRANT ALL PRIVILEGES ON postfix.* TO 'postfix_admin'@'%' IDENTIFIED BY ''; GRANT SELECT ON postfix.* TO 'postfix'@'%' IDENTIFIED BY ''; FLUSH PRIVILEGES; Download postfixadmin and untar in www directory cd /var/www/XYZ/www wget http://downloads.sourceforge.net/project/postfixadmin/postfixadmin/postfixadmin-2.3.7/postfixadmin-2.3.7.tar.gz\?use_mirror=garr -O pfa.tar.gz tar -xzvf pfa.tar.gz mv postfixadmin-2.3.7/ pfa/ chown -R www-data:www-data pfa cd pfa sed -i 's/change-this-to-your.domain.tld/XYZ/g' config.inc.php Now edit configuration file config.inc.php and change these values: $CONF['configured'] = true; $CONF['postfix_admin_url'] = 'https://XYZ/pfa'; $CONF['database_type'] = 'mysqli'; $CONF['database_host'] = 'localhost'; $CONF['database_user'] = 'postfix_admin'; $CONF['database_password'] = ''; $CONF['database_name'] = 'postfix'; $CONF['domain_path'] = 'YES'; $CONF['domain_in_mailbox'] = 'NO'; $CONF['fetchmail'] = 'NO'; Go to http://XYZ/pfa/setup.php This setup script should create the necessary tables into postfix database. At the bottom of setup.php enter your admin password and click ‘Gererate password hash’. Edit ''config.inc.php'' and add the hash: $CONF['setup_password'] = ''; Now enter superadmin account info. ===== PostFix & Sasl ===== apt-get install postfix postfix-mysql libsasl2-modules libsasl2-modules-sql When prompted, choose ‘Internet Site’. Use yor domain name as ‘System mail name’: Create virtual mail user and group: groupadd -g 3000 vmail useradd -d /var/vmail -m -u 3000 -g 3000 vmail Check mydestination in /etc/postfix/main.cf; it should look like mydestination = , localhost and add the following lines: virtual_uid_maps = static:3000 virtual_gid_maps = static:3000 virtual_mailbox_base = /var/vmail virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_mailbox_domains.cf virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf relay_domains = mysql:/etc/postfix/mysql_relay_domains.cf virtual_transport = lmtp:unix:private/dovecot-lmtp smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_hostname, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unauth_destination, reject_unauth_pipelining, reject_invalid_hostname smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth milter_default_action = accept Create the cf file for interfacing postfix and mysql cd /etc/postfix/ wget https://dl.dropboxusercontent.com/u/12576285/mysql_postfix_cf.tar.gz tar -xzvf mysql_postfix_cf.tar.gz (remember to set mysql password within config files!). Add postfix user to sasl group: adduser postfix sasl Enable secure smtp ports, edit /etc/postfix/master.cf and uncomment: submission inet n - - - - smtpd -o syslog_name=postfix/submission -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject -o milter_macro_daemon_name=ORIGINATING smtps inet n - - - - smtpd -o syslog_name=postfix/smtps -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject -o milter_macro_daemon_name=ORIGINATING Restart service service postfix restart ===== Dovecot ===== apt-get install dovecot-imapd dovecot-mysql dovecot-lmtpd Edit /etc/dovecot/conf.d/10-master.conf service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { mode = 0600 user = postfix group = postfix } } service auth { # Postfix smtp-auth unix_listener /var/spool/postfix/private/auth { mode = 0666 } } Restart services: service dovecot restart service postfix restart You can now add a domain with PostfixAdmin: first of all, chooese "Create a new Domain" and add your domain XYZ; then create mailboxes/aliases. To test your e-mail server, install //mail// tool apt-get install bsd-mailx And send a test mail mail -s "My first outgoing mail" info@sth.com < /var/log/dmesg mail -s "My first local mail" info@XYZ.foo < /var/log/dmesg Any errors are found in logfiles: /var/log/auth.log /var/log/mail.log /var/log/syslog Getting warning: do not list domain XYZ.foo in BOTH mydestination and virtual_mailbox_domains warning: do not list domain XYZ.foo in BOTH mydestination and virtual_alias_domains in /var/log/mail.warn? Remove domain XYZ.foo from /etc/postfix/main.cf and leave only hostname mydestination = hostname.XYZ.foo, localhost BTW, in /etc/hosts you should have something like 127.0.0.1 localhost.localdomain localhost .XYZ.foo ===== Missing ===== * HTTPS [php5-mcrypt openssl ssl-cert] * Dovecot pop3/imap + Mailboxes [dovecot-pop3d + sql .cf] * Spam / AV filters * Webmail See [1] for what's missing ===== Source / More info ===== [1] [[http://www.xenlens.com/debian-wheezy-mail-server-postfix-dovecot-sasl-mysql-postfixadmin-roundcube-spamassassin-clamav-greylist-nginx-php5/]] [2] [[https://www.digitalocean.com/community/articles/how-to-install-linux-nginx-mysql-php-lemp-stack-on-debian-7]] [3] [[https://help.ubuntu.com/community/Postfix]]