View All Products
Compute
Storage
Networking
Databases
Services
Developer Tools
Industries
Pricing
Community
Engage With Us
Community Questions How do I install Postfix on Linode using Apache?
Log in to Ask a Question

How do I install Postfix on Linode using Apache?

Linode Staff

Hello,

I would like to install Postfix using Apache rather than Nginx as outlined in this guide:

https://www.linode.com/docs/email/postfix/email-with-postfix-dovecot-and-mariadb-on-centos-7/

I've followed the steps in the above guide, but I am getting an error after configuring it. Postfix is not starting, even before I make changes to the master.cf and main.cf files.

I would also like to install Roundcube to manage my emails. Could someone help me with this, please?

1 Reply

Greetings,

I took some time to install Postfix on a CentOS 7 system with Apache. I've outlined the steps below using squirrelmail - and have yet to test this using Roundcube.

You'll first want to deploy a fresh CentOS 7 install from the Linode Manager and then secure the Linode.

Setting up DNS

From there, we'll first want to make sure our DNS is configured properly. You can do this via the DNS Manager, which will automatically populate the necessary fields. First click "Add a New Domain Zone" and then choose the Linode under the option: "Yes, insert a few records to get me started, using this Linode:".

Now that the DNS settings are set up, you'll need to configure the FQDN of your mail server. Log into the Linode and run the following:

$ hostname mail.website.com

The hostname should match the FQDN for the MX record. Then edit the /etc/hosts file and add the following entry:

$ nano /etc/hosts

xxxx.xxx.xx.x mail.website.com

Reboot the system so the hostname has changed and then proceed to the next step.

Installing Postfix

To install: $yum -y install postfix

We'll need an SSL certificate to send mail which can be done like below. Openssl should do the trick:

$ mkdir /etc/postfix/ssl

$ cd /etc/postfix/ssl

$ yum -y install openssl

Then run the following snippet to create the key files and certicate:

$ openssl req -x509 -nodes -newkey rsa:2048 -keyout server.key -out server.crt -nodes -days 365

You will then see a prompt in which the information provided is added to the Code Signing Request. Most of these can be left blank by pressing enter. You'll notice an XX for required fields. Once that's done the key files and certificates will be saved to /etc/postfix/ssl.

Configuring Postfix

Next we'll need to edit main.cf and add the following lines:

$ nano /etc/postfix/main.cf

myhostname = mail.yourdomain.com
mydomain = yourdomain.com
myorigin = $mydomain
home_mailbox = mail/
mynetworks = 127.0.0.0/8
inet_interfaces = all
inet_protocols = all
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions = #permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
smtp_tls_security_level = may
smtpd_tls_security_level = may
smtp_tls_note_starttls_offer = yes
smtpd_tls_loglevel = 1
smtpd_tls_key_file = /etc/postfix/ssl/server.key
smtpd_tls_cert_file = /etc/postfix/ssl/server.crt
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom

I commented out the line that was breaking the installation for me. You may need to test a bit more for that.

Next we'll edit /master.cf. First find the following:

# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ==========================================================================
smtp inet n - n - - smtpd

Then add this snippet underneath:

submission inet n - n - - smtpd
-o syslog_name=postfix/submission
-o smtpd_sasl_auth_enable=yes
-o smtpd_recipient_restrictions=permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING
smtps inet n - n - - smtpd
-o syslog_name=postfix/smtps
-o smtpd_sasl_auth_enable=yes
-o smtpd_recipient_restrictions=permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING

Installing Dovecot

Both Dovecot and Postfix were installed by default on my system but just in case:

$ yum -y install dovecot

Configuring Dovecot

After installing Dovecot, we'll need to edit some configuration files.

$ nano /etc/dovecot/conf.d/10-master.conf

Find the following lines and append the blockquoted text.

# Postfix smtp-auth

unix_listener /var/spool/postfix/private/auth {
mode = 0660
user = postfix
group = postfix
}

And a few more….

nano /etc/dovecot/conf.d/10-auth.conf

Find the following:

auth_mechanisms = plain

Change to:

auth_mechanisms = plain login

Then…

$ nano /etc/dovecot/conf.d/10-mail.conf

Find the following:

mail_location =

Change to:

mail_location = maildir:~/mail

And then…

$ nano /etc/dovecot/conf.d/20-pop3.conf

Find the following and uncomment the line.

#pop3_uidl_format = %08Xu%08Xv

Firewall Rules

If you do not already, make sure you have the proper firewall rules in place. The following worked for me:

firewall-cmd --permanent --add-service=smtp firewall-cmd --permanent --add-port=587/tcp firewall-cmd --permanent --add-port=465/tcp firewall-cmd --permanent --add-port=110/tcp firewall-cmd --permanent --add-service=pop3s firewall-cmd --permanent --add-port=143/tcp firewall-cmd --permanent --add-service=imaps firewall-cmd --permanent --add-service=http firewall-cmd --reload

Restart and Test

Phew, ok we are here. Now time to restart the services.

systemctl restart postfix systemctl enable postfix systemctl restart dovecot systemctl enable dovecot

From your Linode's terminal you can test if Postfix is working:

```$ telnet mail.website.com smtp
Trying ::1...
Connected to localhost.
Escape character is '^]'.
220 mail.rackvoucher.com ESMTP Postfix```

To test Dovecot, enter the following command.

telnet mail.website.com pop3
Trying 104.36.18.239...
Connected to mail.rackvoucher.com.
Escape character is '^]'.
+OK Dovecot ready.

Installing SquirrelMail

Squirrelmail is not part of the default CentOS 7 repository so we'll need to add the EPEL repo.

$ yum -y install epel-release

Then install squirrelmail.

$ yum -y install squirrelmail

To run the configuration script, run the following:

cd /usr/share/squirrelmail/config/ ./conf.pl

When prompted make sure to choose 'Option 2' and change the server settings. The domain should be the same as your mail server's FQDN.

Next, change the MTA by selection the 3rd option and selecting 'Sendmail'.

Installing Apache

$ yum -y install httpd

Once Apache is installed, edit the configuration file to add a new virtual host.

nano /etc/httpd/conf/httpd.conf

The following lines should be added to httpd.conf

Now add the following lines at the end of the file.

>Alias /webmail /usr/share/squirrelmailOptions Indexes FollowSymLinks
    RewriteEngine On
    AllowOverride All
    DirectoryIndex index.php
    Order allow,deny
    Allow from all

Save the file and then restart Apache.

$ systemctl start httpd
$ systemctl enable httpd

Next you will need to create email users. Like so:

$ useradd -m user0 -s /sbin/nologin
$ passwd user0

The commands above will add a new user 'user0' and the attribute -s /sbin/nologin will deny login using SSH.

Now you should be able to browser to the mail server control panel.

http://website.com/webmail

Hope that helps. Let us know if that works out for you.

Best,
Preston
Linode Support Team

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Log in to Reply
Community Code of Conduct