Table of Contents
Mail server (for aliases only)
Initial cleaning
First of all, let's clean up our Debian 7 - 32 bit VPS
apt-get remove --purge cifs-utils samba samba-common sendmail apache2 apache2-doc apache2-mpm-prefork apache2-utils apache2.2-bin apache2.2-common apt-get update && apt-get upgrade apt-get install sudo mc vim
and install ntp (time is important!)
apt-get install ntp
Database
Install mysql dbms
apt-get install mysql-server mysql-client
Getting mysql innodb error on your lowcost/cheap/crappy vps?
InnoDB: Error: io_setup() failed with EAGAIN after 5 attempts. InnoDB: You can disable Linux Native AIO by setting innodb_use_native_aio = 0 in my.cnf [...]
Then you can
- Disable AIO by adding
innodb_use_native_aio=0
inmy.cnf
([mysqld]
section) - Increase the global limit for the server in
/proc/sys/fs/aio-max-nr
(echo 65536 > /proc/sys/fs/aio-max-nr
) - Disable innodb (it's ok for our mail server)
To disable innodb add
skip-innodb default-storage-engine=MyISAM
under [mysqld]
in /etc/my.cnf
WebServer
Now install a web server (needed for postfixadmin + webmail)
apt-get install php5-fpm php5-mysql php5-intl php5-imap nginx
Create web directories
mkdir /var/www mkdir /var/www/XYZ mkdir /var/www/XYZ/tmp mkdir /var/www/XYZ/www
edit site configuration file vim /etc/nginx/sites-available/mailing
server { server_name XYZ; root /var/www/XYZ/www; index index.php index.html index.htm; location ~ \.php$ { try_files $uri =404; #try_files $uri $uri/ /index.html; fastcgi_pass unix:/var/run/php5-fpm.sock; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; } location ~ /\. { deny all; } access_log /var/log/nginx/XYZ-access.log; error_log /var/log/nginx/XYZ-error.log; }
disable default configuration and enable new one
rm /etc/nginx/sites-available/default ln -s /etc/nginx/sites-available/mailing /etc/nginx/sites-enabled/mailing
and finally
service nginx restart
Btw, to make Nginx use your 404.html custom page instead of the default one, inside the nginx.conf server section, add 404
error_page 404 /404.html; location /404.html { internal; }
Is a good idea, to block the access to that page, unless there is an error, so add also location
directive as show above.
PostFixAdmin
Now login into mysql
mysql -u root -p
and create postfix/pfa users
CREATE DATABASE postfix; GRANT ALL PRIVILEGES ON postfix.* TO 'postfix_admin'@'%' IDENTIFIED BY '<dbpassword1>'; GRANT SELECT ON postfix.* TO 'postfix'@'%' IDENTIFIED BY '<dbpassword2>'; FLUSH PRIVILEGES;
Download postfixadmin and untar in www directory
cd /var/www/XYZ/www wget http://downloads.sourceforge.net/project/postfixadmin/postfixadmin/postfixadmin-2.3.7/postfixadmin-2.3.7.tar.gz\?use_mirror=garr -O pfa.tar.gz tar -xzvf pfa.tar.gz mv postfixadmin-2.3.7/ pfa/ chown -R www-data:www-data pfa cd pfa sed -i 's/change-this-to-your.domain.tld/XYZ/g' config.inc.php
Now edit configuration file config.inc.php and change these values:
$CONF['configured'] = true; $CONF['postfix_admin_url'] = 'https://XYZ/pfa'; $CONF['database_type'] = 'mysqli'; $CONF['database_host'] = 'localhost'; $CONF['database_user'] = 'postfix_admin'; $CONF['database_password'] = '<dbpassword1>'; $CONF['database_name'] = 'postfix'; $CONF['domain_path'] = 'YES'; $CONF['domain_in_mailbox'] = 'NO'; $CONF['fetchmail'] = 'NO';
Go to http://XYZ/pfa/setup.php
This setup script should create the necessary tables into postfix database.
At the bottom of setup.php enter your admin password and click ‘Gererate password hash’.
Edit config.inc.php
and add the hash:
$CONF['setup_password'] = '<hash>';
Now enter superadmin account info.
PostFix & Sasl
apt-get install postfix postfix-mysql libsasl2-modules libsasl2-modules-sql
When prompted, choose ‘Internet Site’.
Use yor domain name as ‘System mail name’: <abc.XYZ.foo>
Create virtual mail user and group:
groupadd -g 3000 vmail useradd -d /var/vmail -m -u 3000 -g 3000 vmail
Check mydestination in /etc/postfix/main.cf; it should look like
mydestination = <abc.XYZ.foo>, localhost
and add the following lines:
virtual_uid_maps = static:3000 virtual_gid_maps = static:3000 virtual_mailbox_base = /var/vmail virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_mailbox_domains.cf virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf relay_domains = mysql:/etc/postfix/mysql_relay_domains.cf virtual_transport = lmtp:unix:private/dovecot-lmtp smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_hostname, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unauth_destination, reject_unauth_pipelining, reject_invalid_hostname smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth milter_default_action = accept
Create the cf file for interfacing postfix and mysql
cd /etc/postfix/ wget https://dl.dropboxusercontent.com/u/12576285/mysql_postfix_cf.tar.gz tar -xzvf mysql_postfix_cf.tar.gz
(remember to set mysql password within config files!). Add postfix user to sasl group:
adduser postfix sasl
Enable secure smtp ports, edit /etc/postfix/master.cf and uncomment:
submission inet n - - - - smtpd -o syslog_name=postfix/submission -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject -o milter_macro_daemon_name=ORIGINATING smtps inet n - - - - smtpd -o syslog_name=postfix/smtps -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject -o milter_macro_daemon_name=ORIGINATING
Restart service
service postfix restart
Dovecot
apt-get install dovecot-imapd dovecot-mysql dovecot-lmtpd
Edit /etc/dovecot/conf.d/10-master.conf
service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { mode = 0600 user = postfix group = postfix } } service auth { # Postfix smtp-auth unix_listener /var/spool/postfix/private/auth { mode = 0666 } }
Restart services:
service dovecot restart service postfix restart
You can now add a domain with PostfixAdmin: first of all, chooese “Create a new Domain” and add your domain XYZ; then create mailboxes/aliases. To test your e-mail server, install mail tool
apt-get install bsd-mailx
And send a test mail
mail -s "My first outgoing mail" info@sth.com < /var/log/dmesg mail -s "My first local mail" info@XYZ.foo < /var/log/dmesg
Any errors are found in logfiles:
/var/log/auth.log /var/log/mail.log /var/log/syslog
Getting
warning: do not list domain XYZ.foo in BOTH mydestination and virtual_mailbox_domains warning: do not list domain XYZ.foo in BOTH mydestination and virtual_alias_domains
in /var/log/mail.warn?
Remove domain XYZ.foo from /etc/postfix/main.cf and leave only hostname
mydestination = hostname.<del>XYZ.foo</del>, localhost
BTW, in /etc/hosts you should have something like
127.0.0.1 localhost.localdomain localhost <server_ip> <hostname>.XYZ.foo <hostname>
Missing
- HTTPS [php5-mcrypt openssl ssl-cert]
- Dovecot pop3/imap + Mailboxes [dovecot-pop3d + sql .cf]
- Spam / AV filters
- Webmail
See [1] for what's missing