Showing posts with label dovecot. Show all posts
Showing posts with label dovecot. Show all posts

Monday, March 14, 2011

Fedora + Postfix + Dovecot + TLS/SSL + SASL

I was trying to set up Postfix with Dovecot, TLS/SSL on a new server and came across some issues so I documented them here and the install process again.

Tutorials Used
Install the Following
  • Postfix
  • Dovecot
  • OpenSSL
  • MailX
  • SASLAuthD
Configure Postfix according to my previous article on the blog
In /etc/dovecot/conf.d/10-auth.conf add the following:
passdb {
driver = pam
}

Forward these Ports to the Mailserver if Behind Gateway
smtp: 25, 2525, 3535
smtp submission: 587
smtp over ssl: 465
pop3: 110, 995
imap: 143, 220, 993, 585

Activate and start all the above daemons using chkconfig and service saslauthd on etc.

Issue #1
Ran into a problem where Postfix would not relay mail for its own domain.
Had to add $mydomain to "mydestination" directive.

Issue #2
/var/log/maillog said mail coming from outside is going to root@platinumfactor.com even though the user exists on the system.
saslauthd service was not running. Also removed these from main.cf
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth

Issue #3
Outgoing mail was not being delivered.
I had enabled TLS and provided a certificate to Postfix.
The client needed to be told to use SSL/TLS.

Issue #4
Set disable_plaintext_auth = yes
Incoming mail not being delivered.
Set client to use Secure POP (port 995)
No comments:

Tuesday, January 11, 2011

Postfix + Dovecot + SSL/TLS

Ok so I was trying the next step. After getting Postfix+Dovecot working with plain text authentication. I wanted to try TLS. I saw these errors:

warning: xsasl_cyrus_server_get_mechanism_list: no applicable SASL mechanisms
fatal: no SASL authentication mechanisms

Solutions is to yum install cyrus-sasl-plain

Here is the source

TLSv1 has deprecated SSLv3, and Dovecot seems to use it by default, but if that doesn't work then edit configuration files in /etc/dovecot/ directory.

Dovecot SSL Setup:
Dovecot SSL from Official Website
Here is another very useful HOWTO guide:
CentOS + Postfix + Dovecot + SASL + SSL

To check if SSL/TLS is being used:
openssl s_client -connect mail.platinumfactor.com:995
(Thanks to mick_laptop on #dovecot on Freenode for help in testing)
No comments:

Monday, January 10, 2011

Postfix with Dovecot Configuration

Without making things too complicated, all I wanted was a running mail server which will send and receive email. I decided to use Dovecot for POP3 functionality. The install is simply yum install dovecot.

These are the 3 real lines in my /etc/dovecot/dovecot.conf

protocols = imap pop3 lmtp
listen = *
!include conf.d/*.conf

Go into /etc/dovecot/conf.d and edit 10-auth.conf
Change this line:
disable_plaintext_auth = no
This is because we are not using SSL yet.

Aside from this, proper trust and relay permissions need to be set in /etc/postfix/main.cf file
I made these changes:
mynetworks_style = class
mynetworks = 192.168.1.0/24, 127.0.0.0/8


NOTE: Mailbox type needs to be changed from mbox to Maildir/ in /etc/postfix/main.cf. This caused me a lot of heartache trying to get Dovecot to work!
No comments:
Subscribe to: Posts (Atom)