Self Hosted Email Server with postfixadmin + roundcubemail + dovecot + postfix + spamassassin
Find a file
2021-05-06 15:33:18 +05:30
dovecot Update 10-ssl.conf 2021-05-06 15:09:30 +05:30
httpd mail server config updated 2021-05-05 20:09:14 +05:30
postfix Delete groots_in_ca.crt 2021-05-06 15:07:10 +05:30
postfixadmin mail server config updated 2021-05-05 20:09:14 +05:30
roundcubemail mail server config updated 2021-05-05 20:09:14 +05:30
local.cf mail server config updated 2021-05-05 20:09:14 +05:30
php.ini mail server config updated 2021-05-05 20:09:14 +05:30
quota-warning.sh mail server config updated 2021-05-05 20:09:14 +05:30
README.txt Update README.txt 2021-05-06 15:33:18 +05:30
roundcubemail.sql mail server config updated 2021-05-05 20:09:14 +05:30
vmailadmin.sql mail server config updated 2021-05-05 20:09:14 +05:30

# MAIL SERVER
#######################################################
Self Hosted Email Server with postfixadmin + roundcubemail + dovecot + postfix + spamassassin
#######################################################

# Following resources depends on your users count.
# Supports up to 200 users.
# Supports up to 20k mail flow daily mail flow handles.

RAM: 2 GiB
SWAP: 2x RAM
Disk: 20GB OR your requirement as per user count.
CPU: 2 or 4 core.

# Operating System and Components Version:
OS: Centos 7.x (Minimal Package)
Dovecot: 2.2.36
Postfix: 2.10.1
SpamAssassin: 3.4.0
PHP: 7.4.16
Postfixadmin: 3.3.8
Roundcubemail: 1.4.11
Apache: 2.4.6

Reference Link:
https://github.com/postfixadmin/postfixadmin
https://github.com/roundcube/roundcubemail

# Install required packages.

yum install -y epel-release yum-utils http://rpms.remirepo.net/enterprise/remi-release-7.rpm vim net-tools ; yum-config-manager --enable remi-php74 ; yum -y install postfix dovecot dovecot-mysql dovecot-pigeonhole mariadb-server telnet mailx wget ; yum -y install spamassassin ; yum install -y libopendkim opendkim; yum install -y postgrey spamassassin spamass-milter-postfix spamass-milter; yum install -y clamav-filesystem clamav-server clamav-update clamav-milter-systemd clamav-data clamav-server-systemd clamav-scanner-systemd clamav clamav-milter clamav-lib  clamav-devel; yum install -y php php-cli php-gd php-xml php-curl php-mysql php-zip php-mbstring php-mcrypt php-fpm php-imap php-common php-pdo php-intl php-imagick; yum update -y; yum clean all;

# Enable and start mariadb service.

systemctl enable mariadb && systemctl start mariadb && systemctl status mariadb

# Disable selinux.

getenforce
sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config
setenforce 0

# Reboot server.

reboot

# Setup MySQL root password.

mysql_secure_installation

Configure it like this:
- Enter current password for root (enter for none): (Just Enter)
- Set root password? [Y/n] y
New password: <STRONGPASSWORD>
Re-enter new password: <STRONGPASSWORD>
Password updated successfully!
- Remove anonymous users? [Y/n] y
- Disallow root login remotely? [Y/n] y
- Remove test database and access to it? [Y/n] y
- Reload privilege tables now? [Y/n] y

# Create postfixadmin database and user.

mysql -u root -p;

ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY 'example#2345';
SELECT host, user FROM mysql.user;

CREATE DATABASE vmailadmin;
GRANT ALL PRIVILEGES ON vmailadmin.* TO 'vmailadmin'@'localhost' IDENTIFIED BY 'STRONGPASSWORD';
grant select on vmailadmin.* to 'vmailadmin'@'localhost' identified by 'STRONGPASSWORD';
FLUSH PRIVILEGES;
SELECT host, user FROM mysql.user;
exit

# Create roundcube database and user.

mysql -u root -p;

CREATE DATABASE roundcubemail CHARACTER SET utf8 COLLATE utf8_general_ci;
CREATE USER 'roundcube'@'localhost' IDENTIFIED BY 'password';
GRANT ALL PRIVILEGES ON roundcubemail.* TO 'roundcube'@'localhost';
FLUSH PRIVILEGES;
exit

# Create mailstore directory for store users mails in this location.

mkdir -p /mailstore/vmail
useradd -r -u 2000 -g mail -d /mailstore/vmail -s /sbin/nologin -c "MyHosted Virtual Mail User" vmail
mkdir -p /mailstore/vmail
chmod -R 770 /mailstore/vmail
chown -R vmail:mail /mailstore/vmail

# Take backup Postfix configuration.

cp -a /etc/postfix /etc/postfix_original

# Take backup Dovecot configuration.

cp -a /etc/dovecot /etc/dovecot_original

# Pull mailserver configuration from github.

cd /root/
git clone https://github.com/harishjadhav26/mail_server.git

# Remove default postfix and dovecot configuration.

rm -rf /etc/postfix

rm -rf /etc/dovecot

# Copy postfix and dovecot new config files.

cp -a /root/mail_server/postfix /etc/postfix

cp -a /root/mail_server/dovecot /etc/dovecot

# Copy postfixadmin and roundcubemail configuration in html.

cp -a /root/mail_server/postfixadmin /var/www/html/

cp -a /root/mail_server/roundcubemail /var/www/html/

# Import postfixadmin and roundcubemail DB.

mysql -u root -p vmailadmin < /root/mail_server/vmailadmin.sql
mysql -u root -p roundcubemail < /root/mail_server/roundcubemail.sql 

# Copy dovecot quota script.

cp /root/mail_server/quota-warning.sh /usr/local/bin/quota-warning.sh

# configure SpamAssassin.

cp /etc/mail/spamassassin/local.cf /etc/mail/spamassassin/local.cf_original

cp /root/mail_server/local.cf /etc/mail/spamassassin/local.cf

# PHP config file.

cp /etc/php.ini /etc/php.ini_original

cp  /root/mail_server/php.ini /etc/php.ini

# Add new user to run SpamAssassin. ** -g = add to group spamd, -s /bin/false = No shell (does not mean, cannot access via SSH!), -d = home dir **

groupadd spamd
useradd -g spamd -s /bin/false -d /var/log/spamassassin spamd
chown -R spamd:spamd /var/log/spamassassin

# Update the spam rules by running

time sa-update

# Update ownership to dovecot and postfix files.

touch /etc/postfix/sasl_passwd
touch /var/lib/postfix/smtpd_scache
postmap /etc/postfix/sasl_passwd
postmap /etc/postfix/master.cf
postmap /etc/postfix/main.cf
postmap /etc/postfix/sql/*.cf
postmap /etc/postfix/header_checks
postmap /etc/postfix/transport

# Update files permission.

chown -R root:postfix /etc/postfix/sql/*
sudo chmod 0640 /etc/postfix/sql/*
chown -R postfix. /var/lib/postfix/smtpd_scache

# Update postfixadmin and roundcubemail configuration.

chown -R apache. /var/www/html/*

# Update apache virtualhost file.

cp /root/mail_server/httpd/* /etc/httpd/conf.d/

# Service restart.

systemctl enable mariadb dovecot postfix httpd spamassassin php-fpm
systemctl restart mariadb dovecot postfix httpd spamassassin php-fpm
systemctl status mariadb dovecot postfix httpd spamassassin php-fpm

# Dovecot config permission and ownership update.

chown -R vmail.mail /var/run/dovecot/dict

# Send mail from command line.

echo "hello" | mail -r harish@example.com -s "test sub" postmaster@example.com

# Verify mail delivery in maillog.

tail -f /var/log/maillog

# Default password:
PostfixadminDB:
MySQL USER: vmailadmin
Password: STRONGPASSWORD

RoundcubemailDB:
MySQL User: roundcube
Password: password

Postfixadmin:
http://<IP/HOSTNAME>:8080
Superadmin User: postmaster@example.com
Password: password#123

Roundcubemail:
http://<IP/HOSTNAME>
User: postmaster@example.com
Password: password#123

# Reset User Password and DB, Set in Postfixadmin, Roundcubemail, Postfix and Dovecot as per your require meet.

sed -i 's/password = postfixadmin_password/password = STRONGPASSWORD/g' /etc/postfix/sql/*.cf

# Quota update for all domain users.
doveadm quota recalc -u *@*

# Quota verify.
sudo doveadm quota get -A

# Open ports in your firewall application and os level.

Service 	    Software 	Protocol 	Port
SMTP 	        Postfix 	TCP 	25
HTTP 	        Apache 	  TCP 	80
POP3 	        Dovecot 	TCP 	110
IMAP 	        Dovecot 	TCP 	143
HTTPS 	      Apache 	  TCP 	443
SMTPS 	      Postfix 	TCP 	465
Submission 	  Postfix 	TCP 	587
IMAPS 	      Dovecot 	TCP 	993
POP3S   	    Dovecot 	TCP 	995
ManageSieve 	Dovecot 	TCP 	4190

# Suggestion use Nginx as frontend server.

LICENSE:

Copyright (c) 2021 Harish <nirahhp999@gmail.com>

Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.