Skip to main content

Ubuntu Server Mail

Some notes when setting ubuntu mail server:

guides:
1. Main guide post:
https://www.linode.com/docs/email/postfix/email-with-postfix-dovecot-and-mysql

2. other post to understand types and how to setting mail server:
https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-postfix-as-a-send-only-smtp-server-on-ubuntu-14-04
http://askubuntu.com/questions/47609/how-to-have-my-php-send-mail

List popular MTA and MDA on ubuntu:
https://help.ubuntu.com/community/MailServer

Automatic tool on github
https://github.com/mail-in-a-box



Steps:
Install postfix (MTA - mail transfer agent)
dovecot (a simple MDA - mail deliver agent)



sudo apt-get install libsasl2-2 libsasl2-modules sasl2-bin

:)
Here I'm simulate funny message when King Philip II of Macedon to Thrace:
"If I win this war, you will be slaves forever."

And You (Thrace) will reply:
"If"


PHP requires an SMTP client to send mail. You could install a full-featured mail transfer agent (MTA) like Postfix to serve this function, but it's overkill if you only need to send mail through PHP. Instead, install msmtp. It's lightweight and much simpler to configure.


Setting:
Use mysql store hostname, username (can be virtual) ...
If do NOT use ignore mysql related config:


All config file are clearly show in this post: 
https://www.linode.com/docs/email/postfix/email-with-postfix-dovecot-and-mysql

Re-store:

/etc/postfix/main.cf:
#command_directory = /usr/sbin

#daemon_directory = /usr/lib/postfix

#data_directory = /var/lib/postfix

#mail_owner = postfix

## TLS parameters
#smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
#smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
#smtpd_use_tls=yes
#smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
#smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

#smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
##myhostname = ip-172-31-4-174.ap-northeast-1.compute.internal
#myhostname = supdb.****.jp
#mydomain = ****.jp
#
#alias_maps = hash:/etc/aliases
#
#alias_database = hash:/etc/aliases
#myorigin = /etc/mailname

#mydestination = $myhostname,$mydomain,localhost.$mydomain, ip-172-31-4-***.ap-northeast-1.compute.internal, localhost.ap-northeast-1.compute.internal, , localhost
#relayhost =
#mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
#mailbox_size_limit = 0
#recipient_delimiter = +
#inet_interfaces = all
#inet_protocols = all

# See /usr/share/postfix/main.cf.dist for a commented, more complete version

# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

readme_directory = no

# TLS parameters
#smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
#smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
#smtpd_use_tls=yes
#smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
#smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

smtpd_tls_cert_file=/etc/dovecot/dovecot.pem
smtpd_tls_key_file=/etc/dovecot/private/dovecot.pem
smtpd_use_tls=yes
smtpd_tls_auth_only = yes

#Enabling SMTP for authenticated users, and handing off authentication to Dovecot
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes

smtpd_recipient_restrictions =
        permit_sasl_authenticated,
        permit_mynetworks,
        reject_unauth_destination

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

#myhostname = supdb.****.jp
myhostname = ***net.****.jp
mydomain = ****.jp

alias_maps = hash:/etc/aliases

alias_database = hash:/etc/aliases
myorigin = /etc/mailname
#mydestination = example.com, hostname.example.com, localhost.example.com, localhost
mydestination = localhost, mail.google.com, ***net.****.jp, ****.jp
relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = ipv4

#Handing off local delivery to Dovecot's LMTP, and telling it where to store mail
virtual_transport = lmtp:unix:private/dovecot-lmtp

#Virtual domains, users, and aliases
#virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf
#virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf

#virtual_alias_maps = mysql:/etc/postfix/mysql-virtual-alias-maps.cf



Ubuntu ver:
Linux ip-172-31-4-174 3.13.0-44-generic #73-Ubuntu SMP Tue Dec 16 00:22:43 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux

ubuntu@ip-172-31-4-174:/var/www/psi-staging/config$ sudo cat /etc/postfix/master.cf
#
# Postfix master process configuration file.  For details on the format
# of the file, see the master(5) manual page (command: "man 5 master" or
# on-line: http://www.postfix.org/master.5.html).
#
# Do not forget to execute "postfix reload" after editing this file.
#
# ==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (yes)   (never) (100)
# ==========================================================================
smtp      inet  n       -       -       -       -       smtpd
#smtp      inet  n       -       -       -       1       postscreen
#smtpd     pass  -       -       -       -       -       smtpd
#dnsblog   unix  -       -       -       -       0       dnsblog
#tlsproxy  unix  -       -       -       -       0       tlsproxy
submission inet n       -       -       -       -       smtpd
  -o syslog_name=postfix/submission
  -o smtpd_tls_security_level=encrypt
  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_reject_unlisted_recipient=no
  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#  -o smtpd_helo_restrictions=$mua_helo_restrictions
#  -o smtpd_sender_restrictions=$mua_sender_restrictions
#  -o smtpd_recipient_restrictions=
#  -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
  -o milter_macro_daemon_name=ORIGINATING
smtps     inet  n       -       -       -       -       smtpd
  -o syslog_name=postfix/smtps
  -o smtpd_tls_wrappermode=yes
  -o smtpd_sasl_auth_enable=yes
  #-o smtpd_reject_unlisted_recipient=no
  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
  #-o smtpd_helo_restrictions=$mua_helo_restrictions
  #-o smtpd_sender_restrictions=$mua_sender_restrictions
  #-o smtpd_recipient_restrictions=
  #-o smtpd_relay_restrictions=permit_sasl_authenticated,reject
  -o milter_macro_daemon_name=ORIGINATING
#628       inet  n       -       -       -       -       qmqpd
pickup    unix  n       -       -       60      1       pickup
cleanup   unix  n       -       -       -       0       cleanup
qmgr      unix  n       -       n       300     1       qmgr
#qmgr     unix  n       -       n       300     1       oqmgr
tlsmgr    unix  -       -       -       1000?   1       tlsmgr
rewrite   unix  -       -       -       -       -       trivial-rewrite
bounce    unix  -       -       -       -       0       bounce
defer     unix  -       -       -       -       0       bounce
trace     unix  -       -       -       -       0       bounce
verify    unix  -       -       -       -       1       verify
flush     unix  n       -       -       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
proxywrite unix -       -       n       -       1       proxymap
smtp      unix  -       -       -       -       -       smtp
relay     unix  -       -       -       -       -       smtp
#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq     unix  n       -       -       -       -       showq
error     unix  -       -       -       -       -       error
retry     unix  -       -       -       -       -       error
discard   unix  -       -       -       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       -       -       -       lmtp
anvil     unix  -       -       -       -       1       anvil
scache    unix  -       -       -       -       1       scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent.  See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
maildrop  unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
#
# ====================================================================
#
# Recent Cyrus versions can use the existing "lmtp" master.cf entry.
#
# Specify in cyrus.conf:
#   lmtp    cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4
#
# Specify in main.cf one or more of the following:
#  mailbox_transport = lmtp:inet:localhost
#  virtual_transport = lmtp:inet:localhost
#
# ====================================================================
#
# Cyrus 2.1.5 (Amos Gouaux)
# Also specify in main.cf: cyrus_destination_recipient_limit=1
#
#cyrus     unix  -       n       n       -       -       pipe
#  user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
#
# ====================================================================
# Old example of delivery via Cyrus.
#
#old-cyrus unix  -       n       n       -       -       pipe
#  flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
#
# ====================================================================
#
# See the Postfix UUCP_README file for configuration details.
#
uucp      unix  -       n       n       -       -       pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
#
# Other external delivery methods.
#
ifmail    unix  -       n       n       -       -       pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
  flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix  -       n       n       -       2       pipe
  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman   unix  -       n       n       -       -       pipe
  flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py

  ${nexthop} ${user}




I do not use this, so only use for reference.
On local Ubuntu Vbox, this config work well, but on server it stuck on mysql.sock or login (may be server setting problems).
Here 3 file i cat all:

user = mailuser
password = psi@2015
hosts = localhost
dbname = mailserver
query = SELECT destination FROM virtual_aliases WHERE source='%s'
user = mailuser
password = psi@2015
hosts = localhost
dbname = mailserver
query = SELECT 1 FROM virtual_domains WHERE name='%s'
user = mailuser
password = psi@2015
hosts = localhost
dbname = mailserver

query = SELECT 1 FROM virtual_users WHERE email='%s'

/etc/postfix/sasl_passwd (or password)


[smtp.gmail.com]:587 mtischer53@gmail.com:ah64dlongboud
This file can be config in many way:
ubuntu2 test@gmail.com:password

and 587 setting on main.cf (not on sasl_passwd).


sudo cat /etc/postfix/backup/main.cf.satellite
# nano /etc/postfix/main.cf
relayhost = [smtp.gmail.com]:587
smtp_use_tls=yes
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
smtp_sasl_security_options =
mydestination =
debug_peer_list=smtp.gmail.com

debug_peer_level=3

(Change to dovecot (Internet mod) when not use satellite mode)

Dovecot /etc/dovecot/dovecot.conf:
 sudo cat /etc/dovecot/dovecot.conf |grep -v "#"

!include_try /usr/share/dovecot/protocols.d/*.protocol
protocols = imap pop3 lmtp

dict {
}

!include conf.d/*.conf


!include_try local.conf

// All comments (so i grep # comment for shorter view)

Other sql config do not care if u do not use MySql store hostname and email:
sudo cat /etc/dovecot/dovecot-sql.conf.ext
...
If use, config follow guide. Be careful on -sql: if not use mysql so comment all in dovecot-sql*
...

/etc/dovecot/conf.d 
10-ssl
10-auth
10-mail
10-master.conf
...


Testing:
history |grep mail

 2001  sudo mysql -u root -p create mailserver
 2002  sudo mysqladmin -u root -p create mailserver
 2004  mysql -u mailuser -p
 2006  mysql -u mailuser -p
 2014  postmap -q ****.jp mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf
 2015  postmap -q alert@****.jp mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf
 2033  sudo vim 10-mail.conf
 2034  ls -ld /var/mail/
 2035  sudo mkdir -p /var/mail/vhosts/****.jp
 2036  sudo mkdir -p /var/mail/vhosts/***net.****jp
 2037  sudo chown -R vmail:vmail /var/mail
 2038  sudo groupadd -g 5000 vmail
 2039  sudo useradd -g vmail -u 5000 vmail -d /var/mail
 2040  sudo chown -R vmail:vmail /var/mail
 2044  sudo chown -R vmail:dovecot /etc/dovecot
 2078  ls /var/mail/
 2079  ls /var/mail/vhosts/
 2080  ls /var/mail/vhosts/****.jp/
 2081  ls /var/mail/vhosts/***net.****.jp/
 2089  sudo vim mysql-virtual-mailbox-domains.cf
 2090  sudo vim mysql-virtual-mailbox-maps.cf
 2112  mail -s "test satellite MTA postfix' vandung53cc@gmail.com
 2113  mail -s "test satellite MTA postfix"  vandung53cc@gmail.com
 2150  mail -r alert@***net.****.jp -s "Test mail after clean permission" vandung53cc@gmail.com
 2152  sudo cat php5/apache2/php.ini |grep mail
 2167  sudo vim class.phpmailer.php

 2211  history |grep mail

ubuntu@ip-172-31-4-174:/etc/dovecot/conf.d$ history |grep mail

 2045  mail -s "test" vandung53cc@gmail.com
 2050  mail -s "Test mail server dovecot" vandung53cc@gmail.com
 2051  mail -s "Test mail server 1" alert@***net.****.jp
 2056  mail -s "Test mail server 2" alert@***net.****.jp
 2073  ls /var/mail/vhosts/
 2074  ls /var/mail/vhosts/****.jp/
 2075  ls /var/mail/vhosts/***net.****.jp/
 2076  ls -l /var/mail/vhosts/
 2078  sudo mail -s "Test sv mail 3" vandung53cc@gmail.com
 2079  mail -s "Test mail sv 4"  lethanhhai****@gmail.com
 2080  mail -s "Test mail sv 5" -c "vandung53cc@gmail.com"   lethanhhai****@gmail.com -- -f alert@psinet.****.jp
 2081  mail -s "Test mail sv 5" vandung53cc@gmail.com,lethanhhai****@gmail.com -- -f alert@psinet.****.jp
 2082  echo "Test mail content: King Philip II of Macedon" | mail -s "Test mail 6" lethanhhai2008@gmail.com-- -f alert@***net.****.jp
 2083  echo "Test mail content: King Philip II of Macedon" | mail -s "Test mail 6" lethanhhai2008@gmail.com -- -f alert@***net.****.jp
 2084  echo "Test mail content: King Philip II of Macedon" | mail -s "Test mail 7" vandung53cc@gmail.com -- -f alert@***net.****.jp
 2085  mail -s "King Phillip II of Macedon: If I win, you will be slave forever" -a "From: alert@psinet.****.jp" vandung53cc@gmail.com, lethanhhai****@gmail.com
 2086  mail -r alert@***net.****.jp -s "King Philip III of Macedon" vandung53cc@gmail.com
 2087  php -r "mail()"
 2088  php -r "mail();"
 2105  sudo vim 10-mail.conf

 2112  history |grep mail




mysql-virtual*

Test config in Yii: swiftmailer:
        'mailer' => [
            'class' => 'yii\swiftmailer\Mailer',
            // send all mails to a file by default. You have to set
            // 'useFileTransport' to false and configure a transport
            // for the mailer to send real emails.
            'useFileTransport' => false,
            'transport' => [
                'class' => 'Swift_SmtpTransport',
                'host'  => 'localhost', //'smtp.gmail.com',
                'username' => 'alert@***net.****.jp', // 'kou***testtest@gmail.com',
                //'password' => '***20152015',
                'port'     => '25', //'587',
                //'encryption' => 'tls',
            ],

        ],


php mail() default function:
<?php

$to      = 'lethanhhai2008@gmail.com';
$subject = 'King Philip II of Macedon [Thrace]';
$message = 'If I win the war, you will be slave forever!';
$headers = 'From: alert@***net.****.jp' . "\r\n" .
    'Reply-To: vandung53cc@gmail.com' . "\r\n" .
    'X-Mailer: PHP/' . phpversion();

if(mail($to, $subject, $message, $headers)) {

  echo "done";
} else {
echo "********** ERR ****";
}


PHP test use swift_mailer

$message = Swift_Message::newInstance('test Subject')
            ->setFrom('alert@***net.****.jp')
            ->setReplyTo(array('kaka*****@****.jp'))
            ->setTo(array('lethanhhai****@gmail.com', 'vandung53cc@gmail.com'))
            ->setBody('Here is the message itself. <br/> King Philip IIIIII of Macedon')
        ;


Now you have your own mail server, so change mail FROM
eg. gmail.com to your servername, hostname domain
test@gmail.com => test@hostname.jp


Notes:

mydestination = localhost, mail.google.com
# ***net.****.jp, yourservername.jp
When mail deliver agent (MDA) like dovecot send mail to test@gmail.com  it will deliver to gmail.com server,
so when your server send to your own it ....

This will see that all mail send from Your server to yourservername.jp is local (private company mail) so it do not deliver to other server, instead self-sent to your own server.



Comments

  1. When King Philip was expanding his empire across Greece, he sent a letter to the current Spartan king, asking if he wanted him to enter his lands as a friend or a foe. The only response Philip ever received was yet another single-word reply: “Neither.”

    ReplyDelete

Post a Comment

Popular posts from this blog

AWS Elasticache Memcached connection

https://docs.aws.amazon.com/AmazonElastiCache/latest/mem-ug/accessing-elasticache.html#access-from-outside-aws http://hourlyapps.blogspot.com/2010/06/examples-of-memcached-commands.html Access memcached https://docs.aws.amazon.com/AmazonElastiCache/latest/mem-ug/GettingStarted.AuthorizeAccess.html Zip include hidden file https://stackoverflow.com/questions/12493206/zip-including-hidden-files phpmemcachedadmin ~ phpMyAdmin or phpPgAdmin ... telnet mycachecluster.eaogs8.0001.usw2.cache.amazonaws.com 11211 stats items stats cachedump 27 100 https://docs.aws.amazon.com/AmazonElastiCache/latest/mem-ug/VPCs.EC.html https://lzone.de/cheat-sheet/memcached VPC ID Security Group ID (sg-...) Cluster: The identifier for the cluster memcached1 Creation Time: The time (UTC) when the cluster was created January 9, 2019 at 11:47:16 AM UTC+7 Configuration Endpoint: The configuration endpoint of the cluster memcached1.ahgofe.cfg.usw1.cache.amazonaws.com:11211 St...

Notes Windows 10 Virtualbox config, PHP Storm Japanese, custom PHP, Apache build, Postgresql

 cmd => Ctrl + Shift + Enter mklink "C:\Users\HauNT\Videos\host3" "C:\Windows\System32\drivers\etc\hosts" https://www.quora.com/How-to-create-a-router-in-php https://serverfault.com/questions/225155/virtualbox-how-to-set-up-networking-so-both-host-and-guest-can-access-internet 1 NAT + 1 host only config https://unix.stackexchange.com/questions/115464/how-to-properly-set-up-2-network-interfaces-in-centos-running-in-virtualbox DEVICE=eth0 TYPE=Ethernet #BOOTPROTO=dhcp BOOTPROTO=none #IPADDR=10.9.11.246 #PREFIX=24 #GATEWAY=10.9.11.1 #IPV4_FAILURE_FATAL=yes #HWADDR=08:00:27:CC:AC:AC ONBOOT=yes NAME="System eth0" [root@localhost www]# cat /etc/sysconfig/network-scripts/ifcfg-eth1 # Advanced Micro Devices, Inc. [AMD] 79c970 [PCnet32 LANCE] DEVICE=eth1 IPADDR=192.168.56.28 <= no eff => auto like DHCP #GATEWAY=192.168.56.1 #BOOTPROTO=dhcp BOOTPROTO=static <= no eff ONBOOT=yes HWADDR=08:00:27:b4:20:10 [root@localhost www]# ...

Rocket.Chat DB schema

_raix_push_notifications avatars.chunks avatars.files instances meteor_accounts_loginServiceConfiguration meteor_oauth_pendingCredentials meteor_oauth_pendingRequestTokens migrations rocketchat__trash rocketchat_cron_history rocketchat_custom_emoji rocketchat_custom_sounds rocketchat_import rocketchat_integration_history rocketchat_integrations rocketchat_livechat_custom_field rocketchat_livechat_department rocketchat_livechat_department_agents rocketchat_livechat_external_message rocketchat_livechat_inquiry rocketchat_livechat_office_hour rocketchat_livechat_page_visited rocketchat_livechat_trigger rocketchat_message rocketchat_oauth_apps rocketchat_oembed_cache rocketchat_permissions rocketchat_raw_imports rocketchat_reports rocketchat_roles rocketchat_room rocketchat_settings rocketchat_smarsh_history rocketchat_statistics rocketchat_subscription rocketchat_uploads system.indexes users usersSessions https://rocket.chat/docs/developer-guides/sc...