tech

AWS Lightsail: Ubuntu 16: Postfix & Dovecot

Title might be misleading > also excellent instructions for setting up Postfix and Dovecot

Ubuntu

Open lightsail ports
SSH TCP 22 
Custom TCP 25 
HTTP TCP 80 
Custom TCP 110 
Custom TCP 143 
HTTPS TCP 443 
Custom TCP 993 
Custom TCP 995
sudo netstat -lnpt
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 127.0.0.1:3306          0.0.0.0:*               LISTEN      4786/mysqld     
tcp        0      0 0.0.0.0:110             0.0.0.0:*               LISTEN      5971/dovecot    
tcp        0      0 0.0.0.0:143             0.0.0.0:*               LISTEN      5971/dovecot    
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      926/nginx -g daemon
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      1194/sshd       
tcp        0      0 0.0.0.0:25              0.0.0.0:*               LISTEN      907/master      
tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      926/nginx -g daemon
tcp6       0      0 :::110                  :::*                    LISTEN      5971/dovecot    
tcp6       0      0 :::143                  :::*                    LISTEN      5971/dovecot    
tcp6       0      0 :::80                   :::*                    LISTEN      926/nginx -g daemon
tcp6       0      0 :::22                   :::*                    LISTEN      1194/sshd       
tcp6       0      0 :::25                   :::*                    LISTEN      907/master      
tcp6       0      0 :::443                  :::*                    LISTEN      926/nginx -g daemon
DNS settings (Route53)
hensler.net. MX 10 mail.hensler.net
202.201.225.3.in-addr.arpa.hensler.net. PTR ec2-3-225-201-202.compute-1.amazonaws.com
mail.hensler.net. A 3.225.201.202
Local Firewall disabled > lightsail firewall 
sudo ufw status
Status: inactive

sudo service iptables status
‚óŹ iptables.service
   Loaded: not-found (Reason: No such file or directory)
   Active: inactive (dead)
nc -z mail.hensler.net 110 
Create Mail user
sudo useradd -m -G mail -s /bin/bash/ bernhard
sudo passwd bernhard
sudo deluser --remove-home gabriel
sudo apt install mailutils

su bernhard
Cannot execute /bin/bash/: Not a directory
sudo chsh -s /bin/bash bernhard // > remove /

Postfix

Postfix setup
sudo apt install postfix
sudo postconf mail_version
sudo service postfix restart
dpkg -L postfix | grep /usr/sbin/

sudo vim /etc/postfix/main.cf 
sudo dpkg-reconfigure postfix
sudo postconf -e 'home_mailbox = Maildir/'
sudo postconf -e 'mydomain = hensler.net'
sudo postconf -e 'smtpd_tls_cert_file = /etc/letsencrypt/live/hensler.net/fullchain.pem'
sudo postconf -e 'smtpd_tls_key_file = /etc/letsencrypt/live/hensler.net/privkey.pem'
...
many others, refer to afore mentioned website.

sudo vim /etc/postfix/virtual
postmaster@example.com
root root@example.com root
info@exampe.com info
sudo postmap /etc/postfix/virtual
sudo systemctl restart postfix

tail -f /var/log/syslog | grep postfix
vim /var/log/mail.log
list queued messages stuck
sudo mailq

Scenario 1 : Remove particular mail queue id (on running mailq command,you will get mail queue id)
postsuper -d mail_queue_id
Scenario 2: Remove ALL mails from queue
postsuper -d ALL
Scenario 3: Remove only ALL deferred mails which are in queue
postsuper -d ALL deferred

Dovecot

Dovecot setup
sudo apt-get install dovecot-imapd dovecot-pop3d

sudo vim /etc/dovecot/dovecot.conf
Most of the actual configuration gets included below

sudo vim /etc/dovecot/conf.d/10-auth.conf 
disable_plaintext_auth = yes
auth_mechanisms = plain login 

sudo vim /etc/dovecot/conf.d/10-mail.conf 
mail_location = maildir:~/Maildir

sudo vim /etc/dovecot/conf.d/10-ssl.conf 
ssl = required
ssl_cert = </etc/letsencrypt/live/hensler.net/fullchain.pem
ssl_key = </etc/letsencrypt/live/hensler.net/privkey.pem

openssl rsa -in /etc/letsencrypt/live/mail.hensler.net/privkey.pem -check -noout

sudo service dovecot restart

SMTP Banner

sudo vim /etc/postfix/main.cf
smtpd_banner = ec2-3-225-201-202.compute-1.amazonaws.com ESMTP $mail_name (Ubuntu)
nc mail.hensler.net 25                        
220 ec2-3-225-201-202.compute-1.amazonaws.com ESMTP Postfix (Ubuntu)
202.201.225.3.in-addr.arpa.hensler.net. PTR ec2-3-225-201-202.compute-1.amazonaws.com

Test connections: https://mxtoolbox.com/SuperTool.aspx

Leave a Reply

Your email address will not be published. Required fields are marked *