Setting up an email server can be a very daunting task when you aren’t too sure about how an email server works. Thankfully there are tools and configurations you can use that will make the job of managing an email server incredibly easy to understand and perform.

For a long time I was creating new linux OS users to create a new mailbox. The problem here is it meant that only one server could handle a domain, this is when I discovered virtual mailboxes which allows one single server to handle emails for a large number of different domains. A lot of the tutorials out there will show you how to do this using the default database system that postfix uses. This is perfectly fine, but it becomes a major chore to manage when you start to get a large number of domains and emails. After some searching I discovered a web application called postfix admin. This magic piece of software lets you manage all your domains and mailboxes from your web browser without ever needing to ssh into the server. To make things even better, this will also replace the default postfix DB with a much more familiar MySQL database. So lets get to it, this guide will explain everything that you need to know about setting up an email server that uses Postfix and Dovecot with Postfix Admin to manager your sever.

Create Mail User

First thing we want to do is create the mail user. This will be a user that has access to manage all of the files and folders that your mail server will need to manage. The following commands will create a user and configure it with the correct permission and UID. This step is very important as all of the config code below is assuming that you are going to be using the same user created below. If you know what you are doing then of course you can change this to whatever you wish.

We now have a user and a group called vmail with the uid and gid of 2222. This is the ID that needs to be used when configuring Postfix and Dovecot.

Install And Configure Postfix

First and most important, install your SMTP server. There are various ways in which you can do this depending on your operating system. To install this on a Centos/ Red Hat OS run the following command.

Once postfix is installed, navigate to /etc/postfix/main.cf. Open this file and edit the contents to make it look like the following.

/etc/postfix/main.cf

One last change to the config files is to the master.cf file. Add or uncomment the following line. There is a good chance the line exists already and its commented (has a # at the start). Removing the hash will do.

/etc/postfix/master.cf

you have now setup the cf files, but we still have to setup the database. We are going to use MySQL as this allows us to link it in with a web interface and makes life so much easier. If you look at the contents added to the main.cf file you will see references to a bunch of files in an sql folder. All of these files need to be created. If you have downloaded postfix admin there will be an sh script that you can run and it will generate all of the files for you. This saves you a lot of trouble as these are annoying to write, but to make sure that this guide covers everything I will show you everything that needs to be added for these files. Before we can do this we need to setup PostfixAdmin as this will generate the database that you need to use. So lets setup PostfixAdmin.

Install PostfixAdmin

PostfixAdmin is a free, web interface that allows you to manage the database that postfix uses for virtual users. First things first, download and unzip the latest version of the code, which can be found here http://postfixadmin.sourceforge.net/. You will need to configure apache with an alias or virtualhost depending on what you want to do.

PostfixAdmin comes with its own extensive install guide that comes zipped in the folder. The setup is very straightforward. Run the setup php script through the browser and this will generate the database and add some admin information so you can begin working on it. Once you have it installed and setup, you will now have a database that can be used by postfix. Now we need to tell postfix to actually use this database. We have already instructed postfix that it will be using these files, so all you will need to do is create the following files and add the content to them.

Note: PostfixAdmin comes with a script to generate these files automatically for you. If you run the script (all documented in the setup notes) it will create the files in /tmp. If you decide to do this, take these files and copy them into /etc/postfix/sql and you will be done. If you dont know how to do this you can create them yourself.

Here are the database files that you need to create and add the content to.

/etc/postfix/sql/mysql_virtual_alias_domain_catchall_maps.cf

/etc/postfix/sql/mysql_virtual_alias_domain_mailbox_maps.cf

/etc/postfix/sql/mysql_virtual_alias_domain_maps.cf

/etc/postfix/sql/mysql_virtual_alias_maps.cf

/etc/postfix/sql/mysql_virtual_domains_maps.cf

/etc/postfix/sql/mysql_virtual_mailbox_limit_maps.cf

/etc/postfix/sql/mysql_virtual_mailbox_maps.cf

Finally you will need to restart postfix to apply all of the changes that you have made today. Make sure to check the log when restarting to ensure there weren’t any lines that were entered wrong etc.

Install And Configure Dovecot

Setting up Dovecot is a little less tricky than Postfix and there are less things that can go wrong, so consider the worst out of the way. First things first, let’s install Dovecot.

Once installed, navigate to the install directory and modify the following files.

/etc/dovecot/dovecot.conf

/etc/dovecot/dovecot-sql.conf

/etc/dovecot/dovecot-dict-quota.conf

This is everything you need to get dovecot working. Note the UID and GID values are using 2222 which is the same value that was setup for the user and group earlier in the tutorial. Of course please change the username/password/db name for all of the SQL queries for everything.

Final Notes

Everything should now be up and running. Restart everything just to make sure that everything is working fresh and clean.

You should be able to navigate to Postfix Admin in your web browser and work away with managing your web server. I understand that this is an incredibly frustrating part of the setup as there are so many things that can go wrong. I have gathered everything that I have encountered from the times when I have set this up. Hopefully everything went well for you, but if not these resources might help you.

Issue Fixes

Hopefully everything went well, but I know all to well that things never go smooth. Chances are you have some issues that you have encountered while setting this up. The following resources might help you solve any issues that you might be getting while setting this up.

Mysql Access Denied

This error is a damn nightmare. It can be one of many things to solve and hopefully its the obvious error that the account you are using has a bad password or does not have the correct permissions to access the database that you are trying to connect to. If you are 100% sure the user has access and can access the database via the command line then it might be an issue with MySQL. The following tutorial may help you get past this issue.

Postfix With Dovecot MySQL Access Denied

 Dovecot – unknown database driver MySQL

This is a common issue with a simple fix. It just means that you have not installed the dovecot mysql driver. The following guide will show you how to do this.

Dovecot Error Unknown database driver mysql

 

This error has become the bane of email server management for me. I know the cause and I know how to fix it, yet it always seems to take forever to get it right and it seems to break so very easily. Thankfully after a lot of frustration i have found a very easy way to get past the following error.

You have tried granting the user full permissions for everything, you can log in via the command line and nothing appears to be wrong with the user account. I tried all of this too and the problem appears to be the method that MySQL uses to encrypt the passwords. I’m not sure if its dovecot that needs to catch up with this or if SQL is acting up. Either way you can fix this error with the following command.

This will alter the password hash for the user account using the older hashing method. Im not really sure the big details of this, but all i know for sure is that it fixed the issue for me.

Of course this might not be the cause of your error. It might be a simple fact that the login is incorrect or that the user does not have the correct permissions to view the database. However it goes, hopefully this helps and you can get over this issue as easy as possible.

This guide is going to work off the assumption that you already have a functional email server running with postfix on your server. This guide will show you how to setup OpenDKIM with postfix on a linux server

 

Now that opendkim is installed, you need to generate the dkim keys that you need to use to sign the emails with. There are multiple ways to do this. You can do it through the command line or you can use this service http://dkimcore.org/tools/keys.html.

Open up this directory and open the file called “default”. Paste your private key into this file. For safe keeping you could also create another file called “public.txt” and pop the public key into this file so you can access it in the future if you need it.

Sometimes default permissions dont get correctly set. In the event that this happens run the following. There is no harm just running this query anyway.

Open up “/etc/opendkim.conf” and replace everything with the following

You now need to add a key to the keytable. This file is located in /etc/opendkim/keytable

You will also need to add a line to the signing table.
If the file doesnt exist, create it. “/etc/opendkim/SigningTable”

Open or create “/etc/opendkim/TrustedHosts” and add the following.

Add the following to your postfix main.cf file. This will instruct postfix to sign the emails with the DKIM key you setup.

Thats all thats needed. Now run opendkim and restart postfix and you should be good to go.

 

Had a look around online and couldnt find any decent SMTP plugin for sending and receiving emails through wordpress. Seems like it makes a lot of people angry for wordpress to do such a thing which seemed odd, so I decided to start working on one myself.

The goal of this plugin is to add the following functionality to the wordpress dashboard.

  • Send Emails
  • Receive Emails
  • Log into any user inbox using SMTP servers user authentication.
  • Create WP database to log emails and better manage them.
  • Parse and display any email information.
  • Setup email blasts for newsletters.
  • Basic spam filter
  • Adminbar notifications for unread emails.

The wordpress side of things is the easy part so I have put the effort into extracting the emails from the IMAP server from a wordpress plugin. It took quite a bit of work to get this to display any useful information, but after a while I started to make some good progress on this. Using a linux server with postfix and dovecot installed as the SMTP and IMAP servers I was able to use PHP to pull the latest emails for an individual user.

Here is the base inbox page that lists the latest emails. This is going to need major touch ups to style, but I want to get the functionality working smooth before making it look pretty.

Wordpress Email Inbox

WordPress Email Inbox

 

This inbox page is a bit messy, but its working! The next thing was to be able to view the actual email body. This is also crazy messy, but it works and thats all that matters for the moment. I have listed the emails and dumped the email body below. Attachments still don’t show up, but the core components are correctly displaying.

Received Emails With Body

Received Emails With Body

The next stage to this would be making this a little more user friendly so emails can be read much better. I will create individual “view email” pages that will display the email and hopefully any attachments. I will work on adding controls to this page that will allow for replies, forwarding, attachments etc.

I do see some potential issues in the future with this. While it is working perfectly on my server, I am not confident its going to work straight up on another server that’s running a different operating system/mail server. Once i have a stable version of the plugin I will try to get a few people to test this out on various servers. I will work on creating a quick setup tool that will try to test various config options in order to determine what one will work best for the particular system. The install of php-imap and mail servers are requirements in order to make this work.

I’m very surprised this hasn’t been done in the past. WordPress is a CMS, but with the evolution of the web I for one would like to have everything related to my website kept in one area. Why go to a roundcube install or anything else when you can just do everything that you need to do within wordpress?

DomainKeys Identified Mail (DKIM) is a process used to validate emails preventing someone from sending spam email using an unauthorised email address. The process works using 2 encrypted SSL keys. A public key which is obviously made available to the public and a private key which only you / your web server will know. When you send an email you will attach your private key to the email. When gmail or any other web server gets the email, it will check to see if the public key that you have made available via your DNS zone file, matches up with the private key that was sent with the email. DKIM is a one useful method to prevent your emails ending up in spam folders.

Setting up DKIM for your web server may seem like it is incredibly complicated and there is no denying..it sucks! but as long as you have some experience working with a web server and have access to everything needed, you should be able to get this setup. To make life as easy as possible I will break this down into a series of individual steps.

Step 1 – Generate a private and public key
Creating your public and private keys are less complicated than you might think. SSL keys can be generated by any machine, you don’t have to register for an account anywhere or setup anything special. You simply download an application and it will generate the keys for you. It’s best to do this on your own machine rather than use an online service as you don’t know if the online service could be saving these keys.

So to create the keys you will need to download a command line SSL tool. You can find a download link here http://slproweb.com/products/Win32OpenSSL.html . Download and install this tool. In order to run it you will need to open up a command shell window (command prompt) in administrator mode if you are running windows vista or newer.

When in a command window run the following commands. You might need to give the direct path of the .exe file in order for the command to work. This will generate 2 files (rsa.private and rsa.public) in whatever folder you are currently in. It will be best to change directory to the desktop or the root of the C drive in order to get at these files quickly.

You now have a public and private key!

Step 2 – Add DNS records
The DNS record is where you are going to store the public key. When gmail gets an email from your server it will check the dns record for the domain and see if there is a key available. If there is one there is will have the public key which it can use with the private key that was send with the email.

This part of the guide will depend on where your DNS zone file is hosted. For most people godaddy will likely be the place where the zone file is hosted. If you don’t use godaddy then you will have to find out how to edit your zone file. This is a very important file, so if you dont know how to edit it you will have bigger issues than setting up domain keys.

You need to add 2 TXT records to your zone file. I wanted to create a record for a noreply email address so that my server could send out emails to users automatically and the emails would make it to the inbox folder and not the spam folder.

Add the following data to the Host and TXT fields of your zone file.

 

NOTE!! Make sure the public key is one long string with out any whitespace or line breaks. The SSL tool will generate the file with line breaks so make sure you remove them all and make it one long file.

Save these changes and in an hour or so (up to 48 hours in on a bad day) this TXT record will be live.

Step 3 – Sending the private key with an email
This part very much depends on your programming language and the email client you are using with that programming language.

So for example if you are using PHPMailer, you can setup the private DKIM key by adding the following lines to your code

So this is it, you are finished! Not so bad right? May take a while for the updates to show up since DNS zone file changes can take a while to update across the internet, but once they do you will be all set with DKIM keys correctly setup for your emails. Remember that this is only 1 method of improving the odds of your emails not ending up in a spam folder, but doesn’t guarantee it. You may also need to setup a reverse lookup in order to make yourself 100% safe.