Configuring Postfix and Dovecot on Ubuntu

Many Ubuntu users use the system not only for home needs. This approach is fully justified, because on Linux-systems it is much more convenient to do programming, creating servers and websites. One of the conveniences is the creation of an email server. For beginners, this task will seem terribly difficult, but if you figure out how to install and configure the mail server for Ubuntu, the task will not seem so hard for you.

How to set up a mail server based on Ubuntu.

A bit of theory

Before specific instructions and fermentation of the code can not do without a fraction of theoretical material. It is important to understand what an email server is and how it works.

A configured mail server, to put it very simply, is a postman who receives a “letter” from one email client and gives it to another. In this, in principle, the whole essence of the work of this software. The mail server is needed not only for sending email. On the sites, he is responsible for registering users, submitting forms and other important actions, without which the site would become like a book, which you can only look at by turning the pages, but it is difficult to do something.

Mail servers on Linux are significantly different from those on Windows and other systems. On Windows, this is a ready-made closed program, which can only start to use. Linux distributions also require self-tuning of all components. And the server will eventually consist of not one program, but several. We will use Postfix in combination with Dovecot and MySQL.

Why Postfix?

There are several email clients on Ubuntu, but we still chose this one. Setting up Posfix on Ubuntu is much easier than the same SendMail, and this is important for a novice user. In combination with Dovecot, Postfix is ​​able to do everything that is usually required from mail servers.

Postfix is ​​directly the mail transfer agent itself. He will play a major role in the whole submission. This is an open source program that many servers and websites use by default. Dovecot is a mail delivery agent. Its main role is to ensure server security. MySQL is an ideal database management system (DBMS) for any sites. It is needed to handle the information we receive from users of our server.

So, with the theoretical part is over. Now it is worth going to practice.

Create mail server

What should be configured before installing the mail server?

  • MySQL;
  • DNS zone, you must have a personal FDQN. Next we will use namehost.


Install the program:

apt-get install postfix postfix-mysql dovecot-core dovecot-imapd dovecot-lmtpd dovecot-mysql

When the Postfix configuration window appears, we will need to select the “Internet site”.

Below we will be asked to enter a domain name, use "".

MySQL setup

Now we need to configure three tables for data in MySQL: for domains, users, and for so-called Alias ​​— aliases or additional user mailboxes. Here we will not discuss in detail the configuration of the MySQL database.

Let's call the examplemail database. Create a database with the following name:

mysqladmin -p create servermail

Login in MySQL:

mysql -u root –p

Then enter the password. If everything is done correctly, there will be an entry in the terminal:


Create a new user specifically to log into the network:

mysql> GRANT SELECT ON examplemail. * TO 'usermail'@'' IDENTIFIED BY 'password';

Now restart MySQL to make sure all changes are applied successfully.

We use our database to create tables based on it:

mysql> USE examplemail;

Create a table for domains:

CREATE TABLE `virtual_domains` (


`name` VARCHAR (50) NOT NULL,



Create a table for users:

CREATE TABLE `virtual_users` (


`domain_id` INT NOT NULL,

`password` VARCHAR (106) NOT NULL,

`email` VARCHAR (120) NOT NULL,


UNIQUE KEY `email` (` email`),

FOREIGN KEY (domain_id) REFERENCES virtual_domains (id) ON DELETE CASCADE


Here, as you can see, added email and password. And each user is bound to the domain.

Finally, create a table for pseudonyms:

CREATE TABLE `virtual_aliases` (


`domain_id` INT NOT NULL,

`source` varchar (100) NOT NULL,

`destination` varchar (100) NOT NULL,


FOREIGN KEY (domain_id) REFERENCES virtual_domains (id) ON DELETE CASCADE


We have successfully configured MySQL and created three necessary tables. Now you need to deal with domains and emails.

Domains, email addresses and aliases

Let's add our domain to the table with domains. FDQN must be entered there:

INSERT INTO `examplemail`.`virtual_domains`

(`id`, ` name`)


('1', ''),

('2', '');

Add data about the email address to the user table:

INSERT INTO `examplemail`.`virtual_users`

(`id`, ` domain_id`, `password`, ` email`)


('1', '1', ENCRYPT ('firstpassword', CONCAT ('$ 6 $', SUBSTRING (SHA (RAND ()), -16))), ' '),

('2', '1', ENCRYPT ('secondpassword', CONCAT ('$ 6 $', SUBSTRING (SHA (RAND ()), -16))), ' ');

Now add the information to the last table:

INSERT INTO `examplemail`.`virtual_aliases`

(`id`, ` domain_id`, `source`, ` destination`)


('1', '1', ' ', ' ');

Close MySQL:

mysql> exit

Postfix Setup

Moving directly to the parameters Postfix. We need the mail client to send messages on behalf of the users entered into the database and handle the SMTP connection. To begin with, we will create a backup of the configuration file, in which case it was possible to return to the default settings:

cp /etc/postfix/ /etc/postfix/

Now open the configuration file:

nano /etc/postfix/

Instead of nano, you can use any text editor that is convenient for you.

We will comment out the TLS parameters, and also add others. Free SSL is used here:

# TLS parameters

# smtpd_tls_cert_file = / etc / ssl / certs / ssl-cert-snakeoil.pem

# smtpd_tls_key_file = / etc / ssl / private / ssl-cert-snakeoil.key

# smtpd_use_tls = yes

#smtpd_tls_session_cache_database = btree: $ {data_directory} / smtpd_scache

#smtp_tls_session_cache_database = btree: $ {data_directory} / smtp_scache

smtpd_tls_cert_file = / etc / ssl / certs / dovecot.pem

smtpd_tls_key_file = / etc / ssl / private / dovecot.pem

smtpd_use_tls = yes

smtpd_tls_auth_only = yes

After that we will add some more parameters:

smtpd_sasl_type = dovecot

smtpd_sasl_path = private / auth

smtpd_sasl_auth_enable = yes

smtpd_recipient_restrictions =




We also need to comment out the mydestination settings and change them to localhost:

#mydestination =,,, localhost

mydestination = localhost

The myhostname parameter should contain our domain name:

myhostname =

Now add a line to send messages to all domains listed in the MySQL table:

virtual_transport = lmtp: unix: private / dovecot-lmtp

Add three more parameters so that Postfix can connect to MySQL tables:

virtual_mailbox_domains = mysql: /etc/postfix/

virtual_mailbox_maps = mysql: /etc/postfix/

virtual_alias_maps = mysql: /etc/postfix/

Setting up MySQL and Postfix files

Create a file

Add these values ​​to it:

user = usermail

password = mailpassword

hosts =

dbname = examplemail

query = SELECT 1 FROM virtual_domains WHERE name = '% s'

Restart Postfix:

service postfix restart

Test domain for Postfix:

postmap -q mysql: /etc/postfix/

Create another file:

nano /etc/postfix/

user = usermail

password = mailpassword

hosts =

dbname = examplemail

query = SELECT 1 FROM virtual_users WHERE email = '% s'

Reboot Postfix:

service postfix restart

Then check Postfix again:

postmap -q mysql: /etc/postfix/

If done correctly, should be displayed

Create the last file for aliases:

nano /etc/postfix/

user = usermail

password = mailpassword

hosts =

dbname = examplemail

query = SELECT destination FROM virtual_aliases WHERE source = '% s'


service postfix restart

Last time we test:

postmap -q mysql: /etc/postfix/

Dovecot setup

We make backups for seven files that will be changed:

cp /etc/dovecot/dovecot.conf /etc/dovecot/dovecot.conf.orig

This is a sample command. Enter six more of the same for these files:






Open the first file:

nano /etc/dovecot/dovecot.conf

Check if this parameter is commented out:

! include conf.d / *. conf


! include_try /usr/share/dovecot/protocols.d/*.protocol

protocol = imap lmtp


! include_try /usr/share/dovecot/protocols.d/*.protocol line

Edit the following file:

nano /etc/dovecot/conf.d/10-mail.conf

Find the line mail_location, remove the comment, set the following parameter:

mail_location = maildir: / var / mail / vhosts /% d /% n

Find mail_privileged_group, put there:

mail_privileged_group = mail

We check access. Enter the command:

ls -ld / var / mail

Access should look like this:

drwxrwsr-x 3 root vmail 4096 Jan 24 21:23 / var / mail

Create a folder for each registered domain:

mkdir -p /var/mail/vhosts/

Create a user and group with ID 5000:

groupadd -g 5000 vmail

useradd -g vmail -u 5000 vmail -d / var / mail

Change the owner to the user VMail:

chown -R vmail: vmail / var / mail

Edit the following file:

nano /etc/dovecot/conf.d/10-auth.conf

Uncomment the authentication text and add the line:

disable_plaintext_auth = yes

Change the following parameter:

auth_mechanisms = plain login

Commenting on this line:

#! include auth-system.conf.ext

Add MySQL authorization, comment out the line:

! include auth-sql.conf.ext

Create a file with data for authentication:

nano /etc/dovecot/conf.d/auth-sql.conf.ext

Enter there the following:

passdb {

driver = sql

args = /etc/dovecot/dovecot-sql.conf.ext


userdb {

driver = static

args = uid = vmail gid = vmail home = / var / mail / vhosts /% d /% n


Edit the following file:

nano /etc/dovecot/dovecot-sql.conf.ext

Set the MySQL parameter and comment out:

driver = mysql

Uncomment and enter:

connect = host = dbname = servermail user = usermail password = mailpassword

Find the line default_pass_scheme, uncomment and enter the parameter:

default_pass_scheme = SHA512-CRYPT

Uncomment and introduce a new parameter:

password_query = SELECT email as user, password FROM virtual_users WHERE email = '% u';

Change the owner:

chown -R vmail: dovecot / etc / dovecot

chmod -R o-rwx / etc / dovecot

Open and edit the file:

nano /etc/dovecot/conf.d/10-master.conf

Uncomment and enter the parameter:

service imap-login {

inet_listener imap {

port = 0



service lmtp {

unix_listener / var / spool / postfix / private / dovecot-lmtp {

mode = 0600

user = postfix

group = postfix


#inet_listener lmtp {

# Avoid making LMTP visible for the internet

#address =

#port =



Change the following configuration:

service auth {

unix_listener / var / spool / postfix / private / auth {

mode = 0666

user = postfix

group = postfix


unix_listener auth-userdb {

mode = 0600

user = vmail

#group =


#unix_listener / var / spool / postfix / private / auth {

# mode = 0666


user = dovecot


Change the last configuration in this file:

service auth-worker {

# Auth worker process

# / etc / shadow. If this isn’t necessary

# $ default_internal_user.

user = vmail


So, we finally set up a mail server on Ubuntu. And you can also add an SSL configuration there or use the default one. To protect against spam, you can configure Spam Assassin to work with our server.

Use the standard email client to enter this information:

  • Username:
  • Password: email1
  • IMAP:
  • SMTP: