Tag: LAMP

Postfixadmin is a web frontend to the mysql or mariaDB database used by Postfix. With Postfixadmin we can easily manage from a web browser our Postfix service, adding and removing mail users and domains, mail aliases, disk quotas, etc.

Prerequisites

This article assumes you have at least basic knowledge of linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo’ to the commands to get root privileges. I will show you through the step by step installation Seafile Secure Cloud Storage on a CentOS 7 server.
Install Mail Server With PostfixAdmin on CentOS 7

Step 1. First, let’s start by ensuring your system is up-to-date.

yum clean all
yum -y update

Step 2. Install LAMP server.

A CentOS 7 LAMP stack server is required. If you do not have a LAMP installed, you can follow our guide here. Also install required PHP modules:

yum install php70w-cli php70w-gd php70w-xml php70w-curl php70w-mysql php70w-zip php70w-mbstring php70w-mcrypt

Step 3. Configuring MariaDB for PostfixAdmin.

By default, MariaDB is not hardened. You can secure MariaDB using the mysql_secure_installation script. You should read and below each step carefully which will set the root password, remove anonymous users, disallow remote root login, and remove the test database and access to secure MariaDB:

mysql_secure_installation

Configure it like this:

- Set root password? [Y/n] y
- Remove anonymous users? [Y/n] y
- Disallow root login remotely? [Y/n] y
- Remove test database and access to it? [Y/n] y
- Reload privilege tables now? [Y/n] y

Next we will need to log in to the MariaDB console and create a database for the PostfixAdmin. Run the following command:

mysql -u root -p

This will prompt you for a password, so enter your MariaDB root password and hit Enter. Once you are logged in to your database server you need to create a database for PostfixAdmin installation:

CMariaDB [(none)]> CREATE DATABASE postfixadmin;
MariaDB [(none)]> GRANT ALL PRIVILEGES ON postfixadmin.* TO 'postfixadmin'@'localhost' IDENTIFIED BY 'strong_password';
MariaDB [(none)]> FLUSH PRIVILEGES;
MariaDB [(none)]> \q

Step 4. Installing PostfixAdmin.

The first thing to do is to go to PostfixAdmin’s download page and download the latest stable version of PostfixAdmin:

wget -q -O - "https://downloads.sourceforge.net/project/postfixadmin/postfixadmin/postfixadmin-3.0.2/postfixadmin-3.0.2.tar.gz" | tar -xzf - -C /var/www/html

Open the mail configuration file:

nano /var/www/html/postfixadmin-3.0.2/config.inc.php

Edit the following values:

$CONF['configured'] = true;
$CONF['database_type'] = 'mysqli';
$CONF['database_host'] = 'localhost';
$CONF['database_user'] = 'postfixadmin';
$CONF['database_password'] = 'strong_password';
$CONF['database_name'] = 'postfixadmin';
$CONF['domain_path'] = 'NO';
$CONF['domain_in_mailbox'] = 'YES';

Now you need to assign the ownership of the files and folders to Apache’s user and group. To do so, the command is:

chown -R apache: /var/www/html/postfixadmin-3.0.2

To populate the database go to https://Your_IP_Address/postfixadmin-3.0.2/setup.php and you should see something like below:

Testing database connection - OK - mysqli://postfixadmin:xxxxx@localhost/postfixadmin
Everything seems fine... attempting to create/update database structure

Create a new admin user:

bash /var/www/html/postfixadmin-3.0.2/scripts/postfixadmin-cli admin add admin@your_domain_wpcademy.com --password strong_password22 --password2 strong_password22 --superadmin 1 --active 1
<.pre>

Step 5. Installing and configure Postfix.

Install postfix with the following command:

yum -y install postfix

Once the installation is completed, we need to create configuration files:

mkdir -p /etc/postfix/sql/

nano /etc/postfix/sql/mysql_virtual_alias_domain_catchall_maps.cf

Edit the following values:

user = postfixadmin
password = strong_password
hosts = localhost
dbname = postfixadmin
query = SELECT goto FROM alias,alias_domain WHERE alias_domain.alias_domain = '%d' and alias.address = CONCAT('@', alias_domain.target_domain) AND alias.active = 1 AND alias_domain.active='1'

nano /etc/postfix/sql/mysql_virtual_alias_domain_mailbox_maps.cf

Edit the following values:

user = postfixadmin
password = strong_password
hosts = localhost
dbname = postfixadmin
query = SELECT maildir FROM mailbox,alias_domain WHERE alias_domain.alias_domain = '%d' and mailbox.username = CONCAT('%u', '@', alias_domain.target_domain) AND mailbox.active = 1 AND alias_domain.active='1'

nano /etc/postfix/sql/mysql_virtual_alias_domain_maps.cf

Edit the following values:

user = postfixadmin
password = strong_password
hosts = localhost
dbname = postfixadmin
query = SELECT goto FROM alias,alias_domain WHERE alias_domain.alias_domain = '%d' and alias.address = CONCAT('%u', '@', alias_domain.target_domain) AND alias.active = 1 AND alias_domain.active='1'

nano /etc/postfix/sql/mysql_virtual_alias_maps.cf

Edit the following values:

user = postfixadmin
password = strong_password
hosts = localhost
dbname = postfixadmin
query = SELECT goto FROM alias WHERE address='%s' AND active = '1'
#expansion_limit = 100

nano /etc/postfix/sql/mysql_virtual_domains_maps.cf

Edit the following values:

user = postfixadmin
password = strong_password
hosts = localhost
dbname = postfixadmin
query = SELECT domain FROM domain WHERE domain='%s' AND active = '1'
#query = SELECT domain FROM domain WHERE domain='%s'
#optional query to use when relaying for backup MX
#query = SELECT domain FROM domain WHERE domain='%s' AND backupmx = '0' AND active = '1'
#expansion_limit = 100

nano /etc/postfix/sql/mysql_virtual_mailbox_limit_maps.cf

Edit the following values:

user = postfixadmin
password = strong_password
hosts = localhost
dbname = postfixadmin
query = SELECT quota FROM mailbox WHERE username='%s' AND active = '1'

nano /etc/postfix/sql/mysql_virtual_mailbox_maps.cf

Edit the following values:

user = postfixadmin
password = strong_password
hosts = localhost
dbname = postfixadmin
query = SELECT maildir FROM mailbox WHERE username='%s' AND active = '1'
#expansion_limit = 100

Next, edit the main.cf file:

postconf -e "myhostname = $(hostname -f)"

postconf -e "virtual_mailbox_domains = proxy:mysql:/etc/postfix/sql/mysql_virtual_domains_maps.cf"
postconf -e "virtual_alias_maps = proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_maps.cf, proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_maps.cf, proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_catchall_maps.cf"
postconf -e "virtual_mailbox_maps = proxy:mysql:/etc/postfix/sql/mysql_virtual_mailbox_maps.cf, proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_mailbox_maps.cf"
postconf -e "smtpd_tls_cert_file = /etc/pki/tls/certs/localhost.crt"
postconf -e "smtpd_tls_key_file = /etc/pki/tls/private/localhost.key"
postconf -e "smtpd_use_tls = yes"
postconf -e "smtpd_tls_auth_only = yes"
postconf -e "smtpd_sasl_type = dovecot"
postconf -e "smtpd_sasl_path = private/auth"
postconf -e "smtpd_sasl_auth_enable = yes"
postconf -e "smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination"
postconf -e "mydestination = localhost"
postconf -e "mynetworks = 127.0.0.0/8"
postconf -e "inet_protocols = ipv4"
postconf -e "inet_interfaces = all"
postconf -e "virtual_transport = lmtp:unix:private/dovecot-lmtp"

Open the master.cf file, find submission inet n and smtps inet n sections and edit as follows:

nano /etc/postfix/master.cf

Edit the following values:

submission inet n - n - - smtpd
-o syslog_name=postfix/submission
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
# -o smtpd_reject_unlisted_recipient=no
# -o smtpd_client_restrictions=$mua_client_restrictions
# -o smtpd_helo_restrictions=$mua_helo_restrictions
# -o smtpd_sender_restrictions=$mua_sender_restrictions
# -o smtpd_recipient_restrictions=
-o smtpd_relay_restrictions=permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING
smtps inet n - n - - smtpd
-o syslog_name=postfix/smtps
# -o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
# -o smtpd_reject_unlisted_recipient=no
# -o smtpd_client_restrictions=$mua_client_restrictions
# -o smtpd_helo_restrictions=$mua_helo_restrictions
# -o smtpd_sender_restrictions=$mua_sender_restrictions
# -o smtpd_recipient_restrictions=
-o smtpd_relay_restrictions=permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING

Finally, enable the postfix service:

systemctl enable postfix
systemctl restart postfix

Step 6. Installing and Configure Dovecot.

Install dovecot using the command bellow:

yum install dovecot dovecot-mysql

Open the /etc/dovecot/conf.d/10-mail.conf file:

nano /etc/dovecot/conf.d/10-mail.conf

Change the following values:

mail_location = maildir:/var/vmail/%d/%n
mail_privileged_group = mail
mail_uid = vmail
mail_gid = mail
first_valid_uid = 150
last_valid_uid = 150

Open the /etc/dovecot/conf.d/10-auth.conf file:

nano /etc/dovecot/conf.d/10-auth.conf

Change the following values:

auth_mechanisms = plain login
#!include auth-system.conf.ext
!include auth-sql.conf.ext

Create a new dovecot-sql.conf.ext file:

nano /etc/dovecot/dovecot-sql.conf.ext

Edit the following values:

driver = mysql
connect = host=localhost dbname=postfixadmin user=postfixadmin password=strong_password
default_pass_scheme = MD5-CRYPT
password_query = SELECT username as user, password, '/var/vmail/%d/%n' as userdb_home, 'maildir:/var/vmail/%d/%n' as userdb_mail, 150 as userdb_uid, 8 as userdb_gid FROM mailbox WHERE username = '%u' AND active = '1'
user_query = SELECT '/var/vmail/%d/%u' as home, 'maildir:/var/vmail/%d/%u' as mail, 150 AS uid, 8 AS gid, concat('dirsize:storage=', quota) AS quota FROM mailbox WHERE username = '%u' AND active = '1'

In the /etc/dovecot/conf.d/10-ssl.conf file enable SSL support:

ssl = yes

Open the /etc/dovecot/conf.d/15-lda.conf file and set the postmaster_address email address:

postmaster_address = postmaster@your_domain_name.com

Open the /etc/dovecot/conf.d/10-master.conf file, find the service lmtp section and change it to:

service lmtp {
unix_listener /var/spool/postfix/private/dovecot-lmtp {
mode = 0600
user = postfix
group = postfix
}
}

Find the service auth section and change it to:

service auth {
unix_listener /var/spool/postfix/private/auth {
mode = 0666
user = postfix
group = postfix
}
unix_listener auth-userdb {
mode = 0600
user = vmail
#group = vmail
}
user = dovecot
}

Change the service auth-worker section to the following:

service auth-worker {
user = vmail
}

Now you need to assign the ownership of the files and folders. To do so, the command is:

chown -R vmail:dovecot /etc/dovecot
chmod -R o-rwx /etc/dovecot

Finally, enable and restart the dovecot service:

systemctl enable dovecot
systemctl restart dovecot

Step 7. Installing and configure Spamassassin.

Install spamassassin using the command bellow:

yum -y install spamassassin

Create a spamassassin system user:

groupadd spamd
useradd -g spamd -s /bin/false -d /var/log/spamassassin spamd
chown spamd:spamd /var/log/spamassassin

Next, configure Postfix to use SpamAssassin:

nano /etc/postfix/master.cf

Change values:

smtp inet n - n - - smtpd

With:

smtp inet n - n - - smtpd -o content_filter=spamassassin

Add the following line at the end of the file:

systemctl enable spamassassin
systemctl restart spamassassin

Finally, restart the postfix service:

systemctl restart postfix

Step 8. Accessing PostfixAdmin.

If everything is set up correctly now you should be able to log in to your PostfixAdmin backend by going to http://Your_IP_Address/postfixadmin-3.0.2.2 and create your first virtual domain and mailbox.

Congratulation’s! You have successfully installed PostfixAdmin. Thanks for using this tutorial for installing Mail Server With PostfixAdmin on CentOS 7 system. For additional help or useful information, we recommend you to check the official PostfixAdmin web site.