๐ง AlmaLinux Mail Server: Complete Postfix & Dovecot Setup Guide
Hey there, email administrator! ๐ Ready to build your own professional mail server that rivals Gmail and Outlook? Today weโre setting up a complete email solution with Postfix and Dovecot on AlmaLinux that will handle millions of messages like a champ! ๐
Whether youโre running email for your business, organization, or personal domain, this guide will turn your AlmaLinux server into an email powerhouse with all the bells and whistles! ๐ช
๐ค Why is Running Your Own Mail Server Important?
Imagine having complete control over your email, no storage limits, and absolute privacy! ๐ Running your own mail server gives you independence from big tech companies and complete ownership of your data!
Hereโs why a mail server on AlmaLinux is amazing:
- ๐ฎ Complete Control - Your email, your rules, your privacy
- ๐พ Unlimited Storage - No more paying for extra space
- ๐ Enhanced Security - Implement your own security policies
- ๐ฏ Custom Domains - Professional email addresses for everyone
- ๐ No Limits - Unlimited accounts, aliases, and lists
- ๐ก๏ธ Spam Control - Advanced filtering exactly how you want it
- ๐ Full Backup Control - Your data stays with you
- ๐ผ Business Ready - Professional email infrastructure
๐ฏ What You Need
Before we start building your email empire, letโs make sure you have everything ready:
โ AlmaLinux 9.x server (with static IP) โ Domain name with DNS control โ Valid SSL certificate (weโll get one from Letโs Encrypt) โ Port 25, 587, 993, 995 open on firewall โ Reverse DNS (PTR) record set up โ At least 2GB RAM and 20GB storage โ Basic DNS knowledge for MX records โ Patience for configuration ๐
๐ Step 1: Install and Configure Postfix
Letโs start with Postfix, our SMTP server! ๐ฏ
# Set hostname properly
sudo hostnamectl set-hostname mail.yourdomain.com
# Install Postfix and utilities
sudo dnf install -y postfix postfix-mysql mailx cyrus-sasl cyrus-sasl-plain
# Backup original configuration
sudo cp /etc/postfix/main.cf /etc/postfix/main.cf.backup
# Configure Postfix main settings
sudo tee /etc/postfix/main.cf << 'EOF'
# Basic Configuration
myhostname = mail.yourdomain.com
mydomain = yourdomain.com
myorigin = $mydomain
inet_interfaces = all
inet_protocols = ipv4
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
# Network Configuration
mynetworks = 127.0.0.0/8, 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16
# Mail Storage
home_mailbox = Maildir/
mail_spool_directory = /var/spool/mail
# Virtual Domains and Users
virtual_mailbox_domains = yourdomain.com, mail.yourdomain.com
virtual_mailbox_base = /var/mail/vhosts
virtual_mailbox_maps = hash:/etc/postfix/vmailbox
virtual_minimum_uid = 100
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
virtual_alias_maps = hash:/etc/postfix/virtual
# Security and Authentication
smtpd_sasl_auth_enable = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $mydomain
broken_sasl_auth_clients = yes
# TLS Configuration
smtpd_use_tls = yes
smtpd_tls_cert_file = /etc/letsencrypt/live/mail.yourdomain.com/fullchain.pem
smtpd_tls_key_file = /etc/letsencrypt/live/mail.yourdomain.com/privkey.pem
smtpd_tls_security_level = may
smtpd_tls_auth_only = yes
smtpd_tls_loglevel = 1
smtp_tls_security_level = may
# Restrictions
smtpd_recipient_restrictions =
permit_sasl_authenticated,
permit_mynetworks,
reject_unauth_destination,
reject_invalid_hostname,
reject_unknown_recipient_domain,
reject_rbl_client zen.spamhaus.org
# Message Size and Rate Limits
message_size_limit = 52428800
mailbox_size_limit = 0
recipient_delimiter = +
# Performance
default_process_limit = 100
smtpd_client_connection_count_limit = 10
smtpd_client_connection_rate_limit = 30
EOF
# Create virtual mailbox user
sudo groupadd -g 5000 vmail
sudo useradd -g vmail -u 5000 vmail -d /var/mail/vhosts -m
# Create virtual mailbox mappings
sudo tee /etc/postfix/vmailbox << 'EOF'
[email protected] yourdomain.com/info/
[email protected] yourdomain.com/admin/
[email protected] yourdomain.com/user/
EOF
sudo postmap /etc/postfix/vmailbox
# Create virtual alias mappings
sudo tee /etc/postfix/virtual << 'EOF'
[email protected] [email protected]
[email protected] [email protected]
EOF
sudo postmap /etc/postfix/virtualPerfect! Postfix is configured! ๐
๐ง Step 2: Install and Configure Dovecot
Now letโs set up Dovecot for IMAP and POP3 access:
# Install Dovecot
sudo dnf install -y dovecot dovecot-mysql dovecot-pigeonhole
# Configure Dovecot
sudo tee /etc/dovecot/dovecot.conf << 'EOF'
# Protocols to enable
protocols = imap pop3 lmtp
# Listen on all interfaces
listen = *, ::
# Base directory
base_dir = /var/run/dovecot/
# Authentication
auth_mechanisms = plain login
disable_plaintext_auth = no
# Mail location
mail_location = maildir:/var/mail/vhosts/%d/%n
# User and group
mail_uid = vmail
mail_gid = vmail
first_valid_uid = 5000
last_valid_uid = 5000
# SSL Configuration
ssl = required
ssl_cert = </etc/letsencrypt/live/mail.yourdomain.com/fullchain.pem
ssl_key = </etc/letsencrypt/live/mail.yourdomain.com/privkey.pem
ssl_min_protocol = TLSv1.2
ssl_cipher_list = HIGH:!aNULL:!MD5
# Logging
log_path = /var/log/dovecot.log
info_log_path = /var/log/dovecot-info.log
auth_debug = no
mail_debug = no
EOF
# Configure authentication
sudo tee /etc/dovecot/conf.d/10-auth.conf << 'EOF'
auth_mechanisms = plain login
passdb {
driver = passwd-file
args = /etc/dovecot/users
}
userdb {
driver = static
args = uid=vmail gid=vmail home=/var/mail/vhosts/%d/%n
}
EOF
# Create user database
sudo tee /etc/dovecot/users << 'EOF'
[email protected]:{PLAIN}SecurePassword123
[email protected]:{PLAIN}UserPassword456
EOF
# Set permissions
sudo chmod 600 /etc/dovecot/users
sudo chown root:dovecot /etc/dovecot/users
# Configure master settings
sudo tee /etc/dovecot/conf.d/10-master.conf << 'EOF'
service imap-login {
inet_listener imap {
port = 143
}
inet_listener imaps {
port = 993
ssl = yes
}
}
service pop3-login {
inet_listener pop3 {
port = 110
}
inet_listener pop3s {
port = 995
ssl = yes
}
}
service lmtp {
unix_listener /var/spool/postfix/private/dovecot-lmtp {
mode = 0600
user = postfix
group = postfix
}
}
service auth {
unix_listener /var/spool/postfix/private/auth {
mode = 0660
user = postfix
group = postfix
}
unix_listener auth-userdb {
mode = 0660
user = vmail
group = vmail
}
}
service auth-worker {
user = vmail
}
EOF
# Start services
sudo systemctl enable postfix dovecot
sudo systemctl start postfix dovecotExcellent! Dovecot is ready! ๐
๐ Step 3: Set Up SSL/TLS with Letโs Encrypt
Letโs secure our mail server with SSL certificates:
# Install Certbot
sudo dnf install -y certbot
# Stop services temporarily
sudo systemctl stop postfix dovecot
# Get SSL certificate
sudo certbot certonly --standalone -d mail.yourdomain.com \
--email [email protected] \
--agree-tos \
--no-eff-email
# Create renewal hook
sudo tee /etc/letsencrypt/renewal-hooks/deploy/mail-server.sh << 'EOF'
#!/bin/bash
systemctl reload postfix
systemctl reload dovecot
EOF
sudo chmod +x /etc/letsencrypt/renewal-hooks/deploy/mail-server.sh
# Restart services
sudo systemctl start postfix dovecot
# Set up automatic renewal
(crontab -l 2>/dev/null; echo "0 0,12 * * * certbot renew --quiet") | crontab -โ Step 4: Configure Spam Filtering
Now letโs add SpamAssassin for spam filtering:
# Install SpamAssassin and ClamAV
sudo dnf install -y spamassassin clamav clamav-server clamav-data clamav-update clamav-server-systemd
# Configure SpamAssassin
sudo tee /etc/mail/spamassassin/local.cf << 'EOF'
# Basic Configuration
required_score 5.0
report_safe 0
rewrite_header Subject [SPAM]
# Bayesian Filter
use_bayes 1
bayes_auto_learn 1
bayes_auto_learn_threshold_nonspam 0.1
bayes_auto_learn_threshold_spam 12.0
# Network Tests
skip_rbl_checks 0
use_razor2 1
use_pyzor 1
# Whitelist and Blacklist
whitelist_from *@yourdomain.com
blacklist_from *@spam.com
# Custom Rules
score URIBL_BLOCKED 0
score URIBL_DBL_SPAM 0
score URIBL_SBL 0
score URIBL_SBL_A 0
EOF
# Configure ClamAV
sudo freshclam
sudo setsebool -P antivirus_can_scan_system 1
# Integrate with Postfix
sudo tee -a /etc/postfix/master.cf << 'EOF'
# Spam Filter
smtp inet n - n - - smtpd
-o content_filter=spamassassin
spamassassin unix - n n - - pipe
user=spamd argv=/usr/bin/spamc -f -e /usr/sbin/sendmail -oi -f ${sender} ${recipient}
EOF
# Start services
sudo systemctl enable spamassassin clamav-freshclam clamd@scan
sudo systemctl start spamassassin clamav-freshclam clamd@scan๐ฎ Quick Examples
Example 1: Webmail Installation (Roundcube)
# Install Roundcube
sudo dnf install -y httpd php php-mysqli php-xml php-mbstring php-intl
# Download Roundcube
cd /var/www/html
sudo wget https://github.com/roundcube/roundcubemail/releases/download/1.6.0/roundcubemail-1.6.0-complete.tar.gz
sudo tar xzf roundcubemail-1.6.0-complete.tar.gz
sudo mv roundcubemail-1.6.0 webmail
sudo chown -R apache:apache webmail
# Configure Apache
sudo tee /etc/httpd/conf.d/webmail.conf << 'EOF'
<VirtualHost *:80>
ServerName webmail.yourdomain.com
DocumentRoot /var/www/html/webmail
<Directory /var/www/html/webmail>
Options -Indexes +FollowSymLinks
AllowOverride All
Require all granted
</Directory>
ErrorLog logs/webmail_error.log
CustomLog logs/webmail_access.log combined
</VirtualHost>
EOF
sudo systemctl restart httpdExample 2: Email Account Management Script
cat > /usr/local/bin/mail-manager.sh << 'EOF'
#!/bin/bash
# Email Account Manager
add_email() {
read -p "Email address: " EMAIL
read -sp "Password: " PASSWORD
echo
DOMAIN=$(echo $EMAIL | cut -d@ -f2)
USER=$(echo $EMAIL | cut -d@ -f1)
# Add to Postfix
echo "$EMAIL $DOMAIN/$USER/" >> /etc/postfix/vmailbox
postmap /etc/postfix/vmailbox
# Add to Dovecot
echo "$EMAIL:{PLAIN}$PASSWORD" >> /etc/dovecot/users
# Create maildir
mkdir -p /var/mail/vhosts/$DOMAIN/$USER
chown -R vmail:vmail /var/mail/vhosts/$DOMAIN
echo "โ
Email account created: $EMAIL"
}
list_emails() {
echo "๐ง Email Accounts:"
cat /etc/postfix/vmailbox | grep -v "^#" | awk '{print $1}'
}
delete_email() {
read -p "Email to delete: " EMAIL
# Remove from files
sed -i "/$EMAIL/d" /etc/postfix/vmailbox
sed -i "/$EMAIL/d" /etc/dovecot/users
postmap /etc/postfix/vmailbox
echo "โ
Email account deleted: $EMAIL"
}
case "$1" in
add) add_email ;;
list) list_emails ;;
delete) delete_email ;;
*) echo "Usage: $0 {add|list|delete}" ;;
esac
EOF
chmod +x /usr/local/bin/mail-manager.shExample 3: DNS Configuration
# Show required DNS records
cat > show-dns-config.sh << 'EOF'
#!/bin/bash
DOMAIN="yourdomain.com"
IP="YOUR_SERVER_IP"
echo "๐ Required DNS Records for $DOMAIN:"
echo "=================================="
echo ""
echo "MX Record:"
echo " $DOMAIN. IN MX 10 mail.$DOMAIN."
echo ""
echo "A Records:"
echo " mail.$DOMAIN. IN A $IP"
echo ""
echo "SPF Record:"
echo " $DOMAIN. IN TXT \"v=spf1 mx a ip4:$IP -all\""
echo ""
echo "DKIM Record (after setup):"
echo " mail._domainkey.$DOMAIN. IN TXT \"v=DKIM1; k=rsa; p=YOUR_PUBLIC_KEY\""
echo ""
echo "DMARC Record:"
echo " _dmarc.$DOMAIN. IN TXT \"v=DMARC1; p=quarantine; rua=mailto:admin@$DOMAIN\""
EOF
chmod +x show-dns-config.sh
./show-dns-config.sh๐จ Fix Common Problems
Problem 1: Emails Going to Spam
# Check SPF, DKIM, and DMARC
# Install OpenDKIM
sudo dnf install -y opendkim opendkim-tools
# Configure OpenDKIM
sudo opendkim-default-keygen
sudo chown opendkim:opendkim /etc/opendkim/keys/default.private
# Test email authentication
echo "Test email" | mail -s "Test" [email protected]Problem 2: Cannot Send/Receive Emails
# Check ports
sudo netstat -tlnp | grep -E "25|587|993|995"
# Test SMTP
telnet localhost 25
EHLO test
# Check logs
sudo tail -f /var/log/maillog
# Fix firewall
sudo firewall-cmd --permanent --add-service={smtp,smtp-submission,imaps,pop3s}
sudo firewall-cmd --reload๐ Simple Commands Summary
| Command | Purpose |
|---|---|
sudo systemctl status postfix | Check Postfix status |
sudo systemctl status dovecot | Check Dovecot status |
sudo postqueue -p | View mail queue |
sudo postsuper -d ALL | Clear mail queue |
sudo tail -f /var/log/maillog | Monitor mail logs |
mail-manager.sh add | Add email account |
sudo postfix reload | Reload Postfix config |
sudo doveadm reload | Reload Dovecot config |
๐ What You Learned
Congratulations! Youโve successfully built a complete mail server on AlmaLinux! ๐
โ Configured Postfix for SMTP services โ Set up Dovecot for IMAP/POP3 access โ Secured with SSL/TLS encryption โ Added spam filtering with SpamAssassin โ Created management tools for accounts โ Implemented webmail interface
๐ฏ Why This Matters
Running your own mail server gives you complete control over your communications! ๐ You now have enterprise-grade email infrastructure thatโs private, secure, and fully under your control! ๐
Keep your mail server updated and monitored for best performance! โญ๐
