Wednesday, March 31, 2010

ISP Style Virtual Mail System Postfix Postfixadmin Dovecot Mysql

SkyHi @ Wednesday, March 31, 2010

This document will explain the process of installing
a fully working virtual email system on CentOS Linux using PostFix and
Dovecot. I personally finalized my setup with RoundCube Webmail Project
for robust online email usage. This how-to is very simple and easy to
implement for beginners.




you have not installed the packages this would be a good time to get
moving. Using CentOS or RedHat Enterprise Linux (RHEL) you can use the
“YUM” package manager to achieve this. You can also remove
sendmail because it may cause SMTP based port issues with Postfix.
Installing Postfix with database support is a bit tricky. You have to
enable the CentOS Plus repository. You will then use upgrade if already
installed or install for a full fresh install. I had to use upgrade due
to installing the normal Postfix later finding out it would not work
with this setup due to the lack of MySQL database support.

yum --enablerepo=centosplus upgrade/install postfix*

yum install dovecot


Note: You
don't want to screw up your PostFix install with yum
updates! Here is how to setup /etc/yum.repos.d/CentOS-Base.repo:

#additional packages that extend functionality of existing packages
name=CentOS-$releasever - Plus


would also want to add this to both the [base] and [update] sections of
/etc/yum.repos.d/CentOS-Base.repo, so as not to get postfix packages
from there anymore:



you had everything working and all of a sudden your SMTP is broke or
you have error like "unsupported dictionary type: mysql" check this out for a nice easy fix.


MySQL Database


next step is to manually create the blank database with a corresponding
user. You need to log into MySQL and create the database using the
create database command. Then, give your new user permissions to that
database. In this example the user is named mail with a password of

mysql -uroot –p


GRANT ALL PRIVILEGES ON mail.* TO 'mail'@'localhost' IDENTIFIED BY 'mail';




next step is to prepare the database. In this example we use MySQL with
the PostFix Admin database dump provided with PostFix Admin files.
 Note the URL might change based on version. Extract the files to
your web folder unless you plan on administering your email accounts
manually. Something like phpMyAdmin would work as well once you
understand the required table data.


tar xvfz postfixadmin-2.1.0.tgz



postfixadmin-2.1.0/DATABASE_MYSQL.TXT with your favorite editor such as
vim, nano or gedit and comment out or remove all lines under create
user section Postfix / MySQL, since we have created our own use for the
mail server. When this is done, just load the file into MySQL using the
following command.

mysql -umail -p mail < postfixadmin-2.1.0/DATABASE_MYSQL.TXT







Open up your Dovecot.conf for editing. The sample
below is what I used to create this system using IMAP for webmail and
POP3 for email clients like Outlook or Thunderbird direct access.

base_dir = /var/run/dovecot/

protocols = imap pop3


protocol imap {

                listen = *:143



protocol pop3 {

                listen = *:110



log_timestamp = "%Y-%m-%d %H:%M:%S"

syslog_facility = mail

mail_location = maildir:/var/vmail/%d/%u

mail_extra_groups = mail

mail_debug = no

first_valid_uid = 150

last_valid_uid = 150

maildir_copy_with_hardlinks = yes


protocol imap {

login_executable = /usr/libexec/dovecot/imap-login

mail_executable = /usr/libexec/dovecot/imap

                imap_max_line_length = 65536



protocol pop3 {

login_executable = /usr/libexec/dovecot/pop3-login

mail_executable = /usr/libexec/dovecot/pop3

                pop3_uidl_format = %08Xu%08Xv



protocol lda {

                postmaster_address =
sendmail_path = /usr/lib/sendmail

auth_socket_path = /var/run/dovecot/auth-master



auth_verbose = no

auth_debug = no

auth_debug_passwords = no


auth default {

                mechanisms = plain

                passdb sql {

args = /etc/dovecot/dovecot-sql.conf


                userdb sql {

args = /etc/dovecot/dovecot-sql.conf


                user = nobody

                socket listen {

master {

path = /var/run/dovecot/auth-master

mode = 0660

user = vmail

group = mail


client {

path = /var/spool/postfix/private/auth

mode = 0660

user = postfix

group = postfix






up the dovecot-sql.conf for editing. This file has been specified in
the main Dovecot configuration file. Dovecot looks for this file in
order to fire up the database driven virtual mailboxes.

driver = mysql

connect = host=localhost dbname=mail user=mail password=mail

default_pass_scheme = MD5

= SELECT '/var/vmail/%d/%n' as home, 'maildir:/var/vmail/%d/%n' as
mail, 150 AS uid, 12 AS gid, concat('dirsize:storage=', quota) AS


quota FROM mailbox WHERE username = '%u' AND active = '1'

= SELECT username as user, password, '/var/vmail/%d/%n' as userdb_home,
'maildir:/var/vmail/%d/%n' as userdb_mail, 150 as


userdb_uid, 12 as userdb_gid FROM mailbox WHERE username = '%u' AND active = '1'







Open for editing. You will need to change “hostname” and
“myorigin”. The rest was simple and should work on almost
all systems for simple implementation.

biff = no

append_dot_mydomain = no

#delay_warning_time = 4h

myhostname = yourhostnamehere like

myorigin =

mydestination = localhost

relayhost =

alias_maps = hash:/etc/aliases

mynetworks =

mailbox_size_limit = 0

recipient_delimiter = +

inet_interfaces = all

smtp_helo_name = $myhostname


# Virtual mailbox settings

virtual_mailbox_domains = proxy:mysql:$config_directory/

virtual_mailbox_base = /var/vmail

virtual_mailbox_maps = proxy:mysql:$config_directory/

virtual_alias_maps = proxy:mysql:$config_directory/

virtual_minimum_uid = 150

virtual_uid_maps = static:150

virtual_gid_maps = static:12

virtual_transport = dovecot

dovecot_destination_recipient_limit = 1


# SASL Authentication

smtpd_sasl_auth_enable = yes

smtpd_sasl_exceptions_networks = $mynetworks

smtpd_sasl_security_options = noanonymous

broken_sasl_auth_clients = yes

smtpd_sasl_type = dovecot

smtpd_sasl_path = private/auth


smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, permit



Open for editing. Add these two lines to the bottom of the file. I
found that if the proper spacing and formatting was not found Postfix
would actually not start properly. So as a tip check these lines for
proper spacing and formatting as a trouble shooting step.

unix  -      
-       pipe

  flags=DRhu user=vmail:mail argv=/usr/libexec/dovecot/deliver -d $(recipient)



Add file and open for editing.

user = mail

password = mail

hosts = localhost

dbname = mail

table = alias

select_field = goto

where_field = address

additional_conditions = and active = '1'

#query = SELECT goto FROM alias WHERE address='%s' AND active = '1'



Add file and open for editing.

user = mail

password = mail

hosts = localhost

dbname = mail

table = domain

select_field = domain

where_field = domain

additional_conditions = and backupmx = '0' and active = '1'

#query = SELECT domain FROM domain WHERE domain='%s' AND backupmx = '0' AND active = '1'



Add file and open for editing.

user = mail

password = mail

hosts = localhost

dbname = mail

table = mailbox

select_field = quota

where_field = username

additional_conditions = and active = '1'

#query = SELECT quota FROM mailbox WHERE username='%s' AND active = '1'


Add file and open for editing.

user = mail

password = mail

hosts = localhost

dbname = mail

table = mailbox

select_field = CONCAT(domain,'/',maildir)

where_field = username

additional_conditions = and active = '1'

#query = SELECT CONCAT(domain,'/',maildir) FROM mailbox WHERE username='%s' AND active = '1'



Postfix Admin      phpMyAdmin



have installed phpMyAdmin as well as Postfix Admin. Between the two
packages I was able to learn how to create mailboxes manually, if
needed. I suggest you start with tools like Postfix Admin until you
fully understand what data is required for your email system to
function properly.



Postfix Admin


decided to go with RoundCube Webmail Project due to the sleek look and
feel. Once downloaded and extracted it took all of 15 minutes to have
it up and running for all users globally. If you want to really seal
the deal create a virtual host within Apache to handle webmail.* for
all of your domains. This really gives it a professional touch for your
end users.


Roundcube Webmail Project



installing the system I have had no issues with many domains containing
multiple virtual user mailboxes. This is a great virtual setup and can
easily go hand in hand with my virtual ftp documentation posted
earlier. Once you have these down, you can easily add virtual hosts in
Apache for a robust hosting solution at no required software cost.