Knowledgebase

  1. Portal Home
  2. Knowledgebase
  3. Operating Systems
  4. Ubuntu
  5. How to Install Postfix, Dovecot, and Roundcube on Ubuntu 20.04

  Categories

23
Accounts
 16
App Platform
 8
Backups
 7
Billing
 4
Connectivity Troubleshooting
 148
Data Management
 1
Ddos
 197
Development
 13
DNS
 41
Game Servers
 5
Hosting Packages
 97
Infrastructure
 6
IPv6
 48
Kubernetes
 11
Load Balancers
 34
Machine Learning
 10
MongoDB
 1
Monitoring
 21
MySQL
 14
Networking
 1039
Operating Systems
 21
PostgreSQL
 1
Private Internet Guardian (VPN)
 1
Products
 7
Redis
 100
Reference Guides
 4
Resellers
 6
Reserved IPs
 86
Server
 322
Server Apps
 7
Site Management Tools
 1
SnapShooter
 16
Snapshots
 3
Spaces
 4
SSH Troubleshooting
 5
SSL
 2
Streaming and Broadcasting
 23
Support Plans FAQ
 2
Teams
 6
Third-Party Applications
 5
Volumes
 1
VPC
 2
Windows Security

  Categories

  Support

  My Support Tickets   Announcements   Knowledgebase   Downloads   Network Status   Open Ticket

How to Install Postfix, Dovecot, and Roundcube on Ubuntu 20.04 Print

  • 0

Introduction

Postfix is a Mail Transfer Agent(MTA) for routing and delivering electronic mail(email). Dovecot is a secure IMAP and POP3 Mail Delivery Agent(MDA). These two open-source applications work well with Roundcube, an email client primarily famous for its clever use of Ajax technology. In this guide, you'll install Postfix, Dovecot, and Roundcube on Ubuntu 20.04. This guide uses the domain example.com and the server name mail.example.com.

Prerequisites

Before you begin, make sure you have the following:

1. Install & Configure Postfix

  1. SSH to your server and install the Postfix server by running the command below.

     $ sudo apt update -y
 $ sudo apt install -y postfix

  2. You'll get the Postfix configuration screen, as shown below. Press Tab and Enter to continue.

    Postfix package configuration screen

  3. On the next screen, select Internet Site, then Tab and Enter.

    Postfix mail type configuration

  4. Enter the system mail name, which is your domain name. For instance, the server name is mail.example.com, so you'll enter example.com here.

    Postfix system mail name

  5. Back up the the /etc/postfix/main.cf file, and create a new one.

     $ sudo mv /etc/postfix/main.cf /etc/postfix/main.cf.bk
 $ sudo nano /etc/postfix/main.cf

  6. Enter the information below to the new file. Replace example.com with your domain name throughout the file. Make sure the value of smtpd_tls_cert_file and smtpd_tls_key_file point to your SSL certificate.

     smtpd_banner = $myhostname ESMTP $mail_name
 biff = no
 append_dot_mydomain = no
 readme_directory = no

 # TLS parameters
 smtp_use_tls = yes
 smtp_tls_security_level = may
 smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

 smtpd_use_tls = yes
 smtpd_tls_security_level = may
 smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
 smtpd_tls_cert_file = /etc/letsencrypt/live/example.com/fullchain.pem
 smtpd_tls_key_file = /etc/letsencrypt/live/example.com/privkey.pem
 smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated,  reject_unauth_destination

 smtpd_sasl_auth_enable = yes
 smtpd_sasl_type = dovecot
 smtpd_sasl_path = private/auth

 virtual_transport = lmtp:unix:private/dovecot-lmtp
 virtual_mailbox_domains = /etc/postfix/virtual_mailbox_domains

 myhostname = mail.example.com
 myorigin = /etc/mailname
 mydestination =  localhost.$mydomain, localhost
 relayhost = 
 mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
 mailbox_size_limit = 0
 recipient_delimiter = +
 inet_interfaces = all
 inet_protocols = all
 alias_maps = hash:/etc/aliases
 alias_database = hash:/etc/aliases

  7. Save and close the file.

2. Create Virtual Mail Box Domains

  1. The main.cf configuration file instructs postfix to look for email domains in the /etc/postfix/virtual_mailbox_domains file. Create the file:

     $ sudo nano /etc/postfix/virtual_mailbox_domains

  2. Add the information below to the file and replace example.com with your domain name.

     example.com #domain

  3. Use the postmap command to change /etc/postfix/virtual_mailbox_domains to a format recognizable by Postfix. Run this command every time you edit the file, for instance, after adding more domains to the file.

     $ sudo postmap /etc/postfix/virtual_mailbox_domains

  4. Edit the /etc/postfix/master.cf configuration file to enable the SMTP service.

     $ sudo nano /etc/postfix/master.cf

  5. Find the entry below.

     ...
 #submission inet n       -       y       -       -       smtpd
 ...

    Remove the pound symbol at the beginning of the line.

     ...
 submission inet n       -       y       -       -       smtpd
 ...

  6. Save and close the file.

3. Install & Configure Dovecot

  1. Install the Dovecot package and all the dependency packages required to run the imap, pop3, and lmtp service.

     $ sudo apt install -y dovecot-core dovecot-imapd dovecot-pop3d dovecot-lmtpd

  2. Edit the /etc/dovecot/conf.d/10-mail.conf file to instruct Dovecot on the directory to look for mails.

     $ sudo nano /etc/dovecot/conf.d/10-mail.conf

  3. Find the entry below.

     mail_location = mbox:~/mail:INBOX=/var/mail/%u

    Change to:

     mail_location = maildir:/var/mail/vhosts/%d/%n

    Save and close the file. The %d represents the domain, and %n represents the users. This means that you'll need to create a sub-directory in the /var/mail/vhosts for every domain receiving emails on your server.

  4. Create the first sub-directory and replace example.com with your domain name.

     $ sudo mkdir -p /var/mail/vhosts/example.com

    Repeat the command above for every other domain that you want to receive emails for in your server while replacing example.com with the domain name. For instance, if you also intend to receive emails for the example.net domain, run the command below.

     $ sudo mkdir -p /var/mail/vhosts/example.net

  5. Create a Vmail user and group for the Dovecot service.

    Create the vmail group.

     $ sudo groupadd -g 5000 vmail

    Create a vmail user and add the user to the vmail group.

     $ sudo useradd -r -g vmail -u 5000 vmail -d /var/mail/vhosts -c "virtual mail user"

    Assign the ownership of the /var/mail/vhosts/ to the vmail user and group.

     $ sudo chown -R vmail:vmail /var/mail/vhosts/

  6. Edit the Dovecot 10-master.conf file.

     $ sudo nano /etc/dovecot/conf.d/10-master.conf

  7. Locate the entries below.

     ...
 inet_listener imaps {
   #port = 993
   #ssl = yes
 }
 ...

    Remove the pound symbol before the port and ssl entries, as shown below, to allow Dovecot to use port 993 and SSL for secure IMAP.

     ...
 inet_listener imaps {
   port = 993
   ssl = yes
 }
 ...

  8. Locate the entries below.

     ...
 inet_listener pop3s {
   #port = 995
   #ssl = yes
 }
 ...

    Remove the pound symbol before the port = 995 and ssl = yes parameters.

     ...
 inet_listener pop3s {
   port = 995
   ssl = yes
 }
 ...

  9. Enable the lmtp service. Locate the entries below.

     ...
 service lmtp {
   unix_listener lmtp {
     #mode = 0666
   }

   # Create inet listener only if you can't use the above UNIX socket
   #inet_listener lmtp {
     # Avoid making LMTP visible for the entire internet
     #address =
     #port =
   #}
 }
 ...

    Change the configuration to:

     ...
 service lmtp {
   unix_listener /var/spool/postfix/private/dovecot-lmtp {
     mode = 0600
     user = postfix
     group = postfix
   }
 }
 ...

  10. Locate the Dovecot authentication socket configurations below.

    ...
# Postfix smtp-auth
#unix_listener /var/spool/postfix/private/auth {
#  mode = 0666
#}
...

    Change the configuration to:

    ...
#Postfix smtp-auth
unix_listener /var/spool/postfix/private/auth {
  mode = 0666
  user = postfix
  group = postfix
}
...

  11. Save and close the file.

  12. Configure Dovecot to use secure authentication. Edit the Dovecot 10-auth.conf file.

    $ sudo nano /etc/dovecot/conf.d/10-auth.conf

  13. Find the entry below.

    # disable_plaintext_auth = yes

    Uncomment the setting above by removing the # character to disable plain text authorization.

    disable_plaintext_auth = yes

  14. Find the entry below.

    auth_mechanisms = plain

    Change the authentication mechanisms from plain to plain login.

    auth_mechanisms = plain login

  15. Disable the Dovecot default authentication behavior that requires users to have a system account to use the email service. Find the line:

    !include auth-system.conf.ext

    Add a pound symbol at the beginning of the line to comment it out.

    #!include auth-system.conf.ext

  16. Find the line:

    #!include auth-passwdfile.conf.ext

    Remove the # symbol at the beginning to enable Dovecot to use a password file.

    !include auth-passwdfile.conf.ext

  17. Save and close the file.

  18. Edit the Dovecot password file, auth-passwdfile.conf.ext.

    $ sudo nano /etc/dovecot/conf.d/auth-passwdfile.conf.ext

    The file looks similar to the one shown below.

    passdb {
  driver = passwd-file
  args = scheme=CRYPT username_format=%u /etc/dovecot/users
}

userdb {
  driver = passwd-file
  args = username_format=%u /etc/dovecot/users
...
}

    Make the changes to the file, as shown below.

    passdb {
    driver = passwd-file
    args = scheme=PLAIN username_format=%u /etc/dovecot/dovecot-users
}

userdb {
    driver = static
    args = uid=vmail gid=vmail home=/var/mail/vhosts/%d/%n    
}

    Save and close the file.

  19. Create the /etc/dovecot/dovecot-users password file. This file is a plain text database that holds email users on your server.

    $ sudo nano /etc/dovecot/dovecot-users

    Add the users that you want to use the email service to the file by following the format below. Replace EXAMPLE_PASSWORD with a strong password. Also, replace example.com with your domain name.

    admin@example.com:{plain}EXAMPLE_PASSWORD
info@example.com:{plain}EXAMPLE_PASSWORD
billing@example.com:{plain}EXAMPLE_PASSWORD

    Save and close the file.

  20. Configure Dovecot to Use the SSL Certificate. Open the /etc/dovecot/conf.d/10-ssl.conf file.

    $ sudo nano /etc/dovecot/conf.d/10-ssl.conf

    Find the line:

    ssl = yes

    Change the ssl value from yes to required.

    ssl = required

    Locate the two entries below.

    #ssl_cert = </etc/dovecot/dovecot.pem
#ssl_key = </etc/dovecot/private/dovecot.pem

    Change the two entries above and make sure they are pointing to the SSL certificate for your domain. For instance, if you are using the Let's Encrypt certificate, your entries will be similar to those shown below. Replace example.com with your domain name.

    ssl_cert = </etc/letsencrypt/live/example.com/fullchain.pem
ssl_key = </etc/letsencrypt/live/example.com/privkey.pem

    Save and close the file.
    Restart the postfix and dovecot services to use the new settings.

    $ sudo service postfix restart 
$ sudo service dovecot restart

4. Install & Configure Roundcube

  1. To access Postfix and Dovecot servers, install Roundcube email client.

     $ sudo apt install -y roundcube

  2. Press Enter to configure the database for use with Roundcube.

    Configure database for Roundcube

  3. On the next screen, enter a MySQL password to use with Roundcube.

    Database password for Roudcube

    Press Tab and Enter.

    Repeat the same password then hit Tab and Enter to continue.

  4. Open your website SSL configuration file from the /etc/apache2/sites-enabled directory. Run the command below and replace example.com with your domain name.

     $ sudo nano /etc/apache2/sites-enabled/example.com-le-ssl.conf

    Your website configuration file will be similar to the one shown below.

     ...
 <VirtualHost *:443>
     ServerAdmin admin@franktek.space
     ServerName franktek.space  
 ...    
 </VirtualHost>
 ...

    Add the entry Alias /mail /usr/share/roundcube after the entry ServerName example.com as shown below.

     ...
 <VirtualHost *:443>
     ServerAdmin admin@example.com
     ServerName example.com
    Alias /mail /usr/share/roundcube  
 ...    
 </VirtualHost>
 ...

    Save and close the file.

  5. Restart Apache.

     $ sudo service apache2 restart

5. Test the Email Service

To login to the email server using Roundcube, enter the URL shown below and replace example.com with your domain name.

https://mail.example.com/mail

You should see a screen similar to the one shown below. Enter the username and password you defined in the Dovecot password file, and log in.

Roundcube login page

Once logged in, you can send and receive emails from the Roundcube dashboard.

Introduction Postfix is a Mail Transfer Agent(MTA) for routing and delivering electronic mail(email). Dovecot is a secure IMAP and POP3 Mail Delivery Agent(MDA). These two open-source applications work well with Roundcube, an email client primarily famous for its clever use of Ajax technology. In this guide, you'll install Postfix, Dovecot, and Roundcube on Ubuntu 20.04. This guide uses the domain example.com and the server name mail.example.com. Prerequisites Before you begin, make sure you have the following: An Ubuntu 20.04 server configured with a Fully Qualified Domain Name (FQDN). A non-root user with sudo privileges. A LAMP stack with an SSL certificate installed. This guide uses a free Let's Encrypt certificate. Verify the server's outbound port status. 1. Install & Configure Postfix SSH to your server and install the Postfix server by running the command below. $ sudo apt update -y $ sudo apt install -y postfix You'll get the Postfix configuration screen, as shown below. Press TAB and ENTER to continue. On the next screen, select Internet Site, then TAB and ENTER. Enter the system mail name, which is your domain name. For instance, the server name is mail.example.com, so you'll enter example.com here. Back up the the /etc/postfix/main.cf file, and create a new one. $ sudo mv /etc/postfix/main.cf /etc/postfix/main.cf.bk $ sudo nano /etc/postfix/main.cf Enter the information below to the new file. Replace example.com with your domain name throughout the file. Make sure the value of smtpd_tls_cert_file and smtpd_tls_key_file point to your SSL certificate. smtpd_banner = $myhostname ESMTP $mail_name biff = no append_dot_mydomain = no readme_directory = no # TLS parameters smtp_use_tls = yes smtp_tls_security_level = may smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtpd_use_tls = yes smtpd_tls_security_level = may smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtpd_tls_cert_file = /etc/letsencrypt/live/example.com/fullchain.pem smtpd_tls_key_file = /etc/letsencrypt/live/example.com/privkey.pem smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth virtual_transport = lmtp:unix:private/dovecot-lmtp virtual_mailbox_domains = /etc/postfix/virtual_mailbox_domains myhostname = mail.example.com myorigin = /etc/mailname mydestination = localhost.$mydomain, localhost relayhost = mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = all inet_protocols = all alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases Save and close the file. 2. Create Virtual Mail Box Domains The main.cf configuration file instructs postfix to look for email domains in the /etc/postfix/virtual_mailbox_domains file. Create the file: $ sudo nano /etc/postfix/virtual_mailbox_domains Add the information below to the file and replace example.com with your domain name. example.com #domain Use the postmap command to change /etc/postfix/virtual_mailbox_domains to a format recognizable by Postfix. Run this command every time you edit the file, for instance, after adding more domains to the file. $ sudo postmap /etc/postfix/virtual_mailbox_domains Edit the /etc/postfix/master.cf configuration file to enable the SMTP service. $ sudo nano /etc/postfix/master.cf Find the entry below. ... #submission inet n - y - - smtpd ... Remove the pound symbol at the beginning of the line. ... submission inet n - y - - smtpd ... Save and close the file. 3. Install & Configure Dovecot Install the Dovecot package and all the dependency packages required to run the imap, pop3, and lmtp service. $ sudo apt install -y dovecot-core dovecot-imapd dovecot-pop3d dovecot-lmtpd Edit the /etc/dovecot/conf.d/10-mail.conf file to instruct Dovecot on the directory to look for mails. $ sudo nano /etc/dovecot/conf.d/10-mail.conf Find the entry below. mail_location = mbox:~/mail:INBOX=/var/mail/%u Change to: mail_location = maildir:/var/mail/vhosts/%d/%n Save and close the file. The %d represents the domain, and %n represents the users. This means that you'll need to create a sub-directory in the /var/mail/vhosts for every domain receiving emails on your server. Create the first sub-directory and replace example.com with your domain name. $ sudo mkdir -p /var/mail/vhosts/example.com Repeat the command above for every other domain that you want to receive emails for in your server while replacing example.com with the domain name. For instance, if you also intend to receive emails for the example.net domain, run the command below. $ sudo mkdir -p /var/mail/vhosts/example.net Create a Vmail user and group for the Dovecot service. Create the vmail group. $ sudo groupadd -g 5000 vmail Create a vmail user and add the user to the vmail group. $ sudo useradd -r -g vmail -u 5000 vmail -d /var/mail/vhosts -c "virtual mail user" Assign the ownership of the /var/mail/vhosts/ to the vmail user and group. $ sudo chown -R vmail:vmail /var/mail/vhosts/ Edit the Dovecot 10-master.conf file. $ sudo nano /etc/dovecot/conf.d/10-master.conf Locate the entries below. ... inet_listener imaps { #port = 993 #ssl = yes } ... Remove the pound symbol before the port and ssl entries, as shown below, to allow Dovecot to use port 993 and SSL for secure IMAP. ... inet_listener imaps { port = 993 ssl = yes } ... Locate the entries below. ... inet_listener pop3s { #port = 995 #ssl = yes } ... Remove the pound symbol before the port = 995 and ssl = yes parameters. ... inet_listener pop3s { port = 995 ssl = yes } ... Enable the lmtp service. Locate the entries below. ... service lmtp { unix_listener lmtp { #mode = 0666 } # Create inet listener only if you can't use the above UNIX socket #inet_listener lmtp { # Avoid making LMTP visible for the entire internet #address = #port = #} } ... Change the configuration to: ... service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { mode = 0600 user = postfix group = postfix } } ... Locate the Dovecot authentication socket configurations below. ... # Postfix smtp-auth #unix_listener /var/spool/postfix/private/auth { # mode = 0666 #} ... Change the configuration to: ... #Postfix smtp-auth unix_listener /var/spool/postfix/private/auth { mode = 0666 user = postfix group = postfix } ... Save and close the file. Configure Dovecot to use secure authentication. Edit the Dovecot 10-auth.conf file. $ sudo nano /etc/dovecot/conf.d/10-auth.conf Find the entry below. # disable_plaintext_auth = yes Uncomment the setting above by removing the # character to disable plain text authorization. disable_plaintext_auth = yes Find the entry below. auth_mechanisms = plain Change the authentication mechanisms from plain to plain login. auth_mechanisms = plain login Disable the Dovecot default authentication behavior that requires users to have a system account to use the email service. Find the line: !include auth-system.conf.ext Add a pound symbol at the beginning of the line to comment it out. #!include auth-system.conf.ext Find the line: #!include auth-passwdfile.conf.ext Remove the # symbol at the beginning to enable Dovecot to use a password file. !include auth-passwdfile.conf.ext Save and close the file. Edit the Dovecot password file, auth-passwdfile.conf.ext. $ sudo nano /etc/dovecot/conf.d/auth-passwdfile.conf.ext The file looks similar to the one shown below. passdb { driver = passwd-file args = scheme=CRYPT username_format=%u /etc/dovecot/users } userdb { driver = passwd-file args = username_format=%u /etc/dovecot/users ... } Make the changes to the file, as shown below. passdb { driver = passwd-file args = scheme=PLAIN username_format=%u /etc/dovecot/dovecot-users } userdb { driver = static args = uid=vmail gid=vmail home=/var/mail/vhosts/%d/%n } Save and close the file. Create the /etc/dovecot/dovecot-users password file. This file is a plain text database that holds email users on your server. $ sudo nano /etc/dovecot/dovecot-users Add the users that you want to use the email service to the file by following the format below. Replace EXAMPLE_PASSWORD with a strong password. Also, replace example.com with your domain name. admin@example.com:{plain}EXAMPLE_PASSWORD info@example.com:{plain}EXAMPLE_PASSWORD billing@example.com:{plain}EXAMPLE_PASSWORD Save and close the file. Configure Dovecot to Use the SSL Certificate. Open the /etc/dovecot/conf.d/10-ssl.conf file. $ sudo nano /etc/dovecot/conf.d/10-ssl.conf Find the line: ssl = yes Change the ssl value from yes to required. ssl = required Locate the two entries below. #ssl_cert = ServerAdmin admin@franktek.space ServerName franktek.space ... ... Add the entry Alias /mail /usr/share/roundcube after the entry ServerName example.com as shown below. ... ServerAdmin admin@example.com ServerName example.com Alias /mail /usr/share/roundcube ... ... Save and close the file. Restart Apache. $ sudo service apache2 restart 5. Test the Email Service To login to the email server using Roundcube, enter the URL shown below and replace example.com with your domain name. https://mail.example.com/mail You should see a screen similar to the one shown below. Enter the username and password you defined in the Dovecot password file, and log in. Once logged in, you can send and receive emails from the Roundcube dashboard.
Was this answer helpful?

Related Articles

How to Deploy a Multi-Node Apache Cassandra Database Cluster on Ubuntu 22.04 Introduction A multi-node Apache Cassandra database cluster contains two or more database... How to Install and Secure the Apache Cassandra Database Server On Ubuntu 22.04 Introduction Apache Cassandra is a free open-source NoSQL database server commonly used with... How to Deploy Apache Airflow on Ubuntu 20.04 Introduction Apache Airflow is an open-source data platform to author, schedule, and monitor... How to Configure a New Ubuntu Server with Ansible .article--sm, .article--sm .alert { font-size: 15px; line-height: 24px;... Install Redmine on Ubuntu 20.04 .article--sm, .article--sm .alert { font-size: 15px; line-height: 24px;...
Back

Powered by WHMCompleteSolution

  Support

  My Support Tickets   Announcements   Knowledgebase   Downloads   Network Status   Open Ticket