====== Debian Lenny Postfix Howto ======

http://www.thinkdebian.org/archives/652

This guide will show you how to setup Postfix mail server running alongside Cyrus SASL, Courier-IMAP and SquirrelMail. Once everything is setup you will be able to read and write emails using the SquirrelMail web interface and be able to access your email anywhere in the world!

===== Install and Configure Postfix =====

Postfix requires a DNS service running otherwise it will not work, follow this Debian Lenny Bind Howto guide if required. During the Postfix installation, Select ‘Internet Site’ and enter your domain name for ‘System mail name’, ie example.com

''# aptitude install postfix''

Make sure you read the comments and change accordingly.

''# vim /etc/postfix/main.cf''

  smtpd_banner = $myhostname ESMTP $mail_name (example.com)
  biff = no
  append_dot_mydomain = no
  
  ### your hostname here
  myhostname = server   
  
  mydomain = example.com
  myorigin = $mydomain
  inet_interfaces = all
  mydestination = $mydomain, localhost.$mydomain, localhost
  
  ### your allowed networks
  mynetworks = 127.0.0.0/8,192.168.1.0/24   
  
  smtpd_sasl_auth_enable = yes
  smtpd_sasl_security_options = noanonymous
  smtpd_sasl_local_domain = $mydomain
  broken_sasl_auth_clients = yes
  
  smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
  
  home_mailbox = Maildir/
  alias_maps = hash:/etc/aliases
  
  ### your ISP SMTP relay
  relayhost = relay.yourisp.net
  
  smtpd_recipient_limit = 250
  
  readme_directory = /usr/share/doc/postfix
  html_directory = /usr/share/doc/postfix/html
  
  
===== Setup Postfix SASL Authentication =====

''# vim /etc/postfix/sasl/smtpd.conf''

  pwcheck_method: saslauthd
  mech_list: plain login

Aliases are used to map names with email accounts. This example will map all mail for root with ‘you@example.com’. You can add as many aliases as you like, ‘my.nick’ and ‘my.name’ are just examples.

''# vim /etc/aliases''

  postmaster:    root
  root:   you@example.com
  my.nick:  you@example.com
  my.name:  you@example.com

''# newaliases''
  

===== Install SASL Authentication =====

Edit saslauthd and change ‘START=yes’, dont touch the rest of the configuration.

''# aptitude install sasl2-bin libsasl2-2 libsasl2-modules''

''# vim /etc/default/saslauthd''

  START=yes

We need to make sure chrooted Postfix can communicate with saslauthd.

''# rm -r /var/run/saslauthd/''

''# mkdir -p /var/spool/postfix/var/run/saslauthd''

''# ln -s /var/spool/postfix/var/run/saslauthd /var/run''

''# chgrp sasl /var/spool/postfix/var/run/saslauthd''

''# adduser postfix sasl''

===== Install Courier-IMAP =====

During the install process it will ask ‘Create directories for web-based administration?’ say No.

''# aptitude install courier-imap''

''# vim /etc/courier/authmodulelist''

  authdaemon


===== Install Squirrelmail =====

''# aptitude install squirrelmail''

''# ln -s /etc/squirrelmail/apache.conf /etc/apache2/conf.d/squirrelmail.conf''

''# ln -s /usr/share/squirrelmail /var/www/squirrelmail''

''# chgrp -R www-data /usr/share/squirrelmail/''


===== Add User and Setup Mailbox =====

You will be asked for user ‘you’ password, make sure you remember this password as this account will be used to access your email.

''# adduser you''

''# su you''

''$ maildirmake.courier /home/you/Maildir''


Start Postfix, Cyrus SASL, Courier-IMAP and Apache

''# /etc/init.d/postfix start''

''# /etc/init.d/courier-imap start''

''# /etc/init.d/courier-authdaemon start''

''# /etc/init.d/saslauthd start''

''# /etc/init.d/apache2 restart''


===== Test Postfix SMTP with Telnet =====

This will create a string for SASL authentication, don’t forget to insert ‘0′ when they are needed.

''# perl -MMIME::Base64 -e 'print encode_base64("you0you0yourPASSWORD");'''

  eW91AHlvdQB5b3VyUEFTU1dPUkQ=


Now we can telnet into the Postfix SMTP server and send a test email. Type in the commands in the places where I have indicated ‘<<<'

''# telnet 192.168.1.20 25''

  220 debian ESMTP Postfix (example.com)
  EHLO LOCALHOST   <<<
  250-debian
  250-PIPELINING
  250-SIZE 10240000
  250-VRFY
  250-ETRN
  250-AUTH PLAIN LOGIN
  250-AUTH=PLAIN LOGIN
  250-ENHANCEDSTATUSCODES
  250-8BITMIME
  250 DSN
  AUTH PLAIN eW91AHlvdQB5b3VyUEFTU1dPUkQ=   <<<
  235 2.7.0 Authentication successful
  MAIL FROM:<you@example.com>   <<<
  250 2.1.0 Ok
  RCPT TO:<you@example.com>   <<<
  250 2.1.5 Ok
  DATA   <<<
  354 End data with .
  THIS IS A TEST MESSAGE!!   <<<
  .   <<<
  250 2.0.0 Ok: queued as 832291812D
  QUIT
  221 2.0.0 Bye

===== Check Squirrelmail =====

Fire up, http://example.com/squirrelmail and log in as the user ‘you’ we created previously, hopefully you should see the test email we sent using telnet! You should now be able to send and receive email. Make sure the MX record in your registered domain name is pointing at your box, and you have forwarded port 25 on your firewall.