Essential Setup: Installing and Configuring Postfix Mail Server with Dovecot on Linux Ubuntu!

The ultimate guide for setting up your own email server on Linux Ubuntu! In this comprehensive tutorial, we’ll walk you through the step-by-step process of installing and configuring Postfix Mail Server with Dovecot. Whether you’re a beginner or an experienced Linux user, you’ll find everything you need to know to get your email server up and running smoothly.

Essential Setup: Installing and Configuring Postfix Mail Server with Dovecot on Linux Ubuntu!

Creating a mail server on Linux-based machines could be one of the most important things that every system administrator should do. If this is the first time you configure your server, you are going to face a lot of aspects that have to be considered during setup. In today’s article, we’ll discover how to perform initial configuration of a mail server, and how to install Postfix mail agent, Dovecot mail server, and how to configure them for proper operation.

Postfix is a free and open-source MTA – mail transfer agent – that can be used to route and deliver electronic mail on a Linux system.

Dovecot is a mail delivery agent created primarily with security in mind. I’ll show you how to configure it as an IMAP or POP3 server.

Step Stage Description
1 Requirements for Installation 1. Access to a server with Ubuntu.
2. Administrative rights (root access) or access through sudo.
3. A domain name or subdomain for the mail server.
4. Ability to create DNS records for your domain.
2 Set the Hostname and Create DNS Records for the Domain 1. Set the hostname with the command:
sudo hostnamectl set-hostname mail.example.com
2. Configure DNS records for the domain:
A record: Points to your server’s IP address.
MX record: Points to the mail server’s domain name (e.g., mail.example.com).
3 Install Postfix Mail Server on Ubuntu 1. Update the package list:
sudo apt update
2. Install Postfix:
sudo apt install postfix
3. During installation, select Internet Site mode and enter the domain.
4. Modify the Postfix configuration file:
sudo nano /etc/postfix/main.cf
5. Add or modify the following parameters:
myhostname = mail.example.com
mydomain = example.com
myorigin = /etc/mailname
inet_interfaces = all
mydestination = $myhostname, $mydomain, localhost.localdomain, localhost
4 Test the Postfix Mail Server on Ubuntu 1. Restart Postfix:
sudo systemctl restart postfix
2. Send a test email with the command:
echo "Test email" | mail -s "Test" user@example.com
3. Check the Postfix log:
sudo tail -f /var/log/mail.log
5 Install Dovecot IMAP and POP on Ubuntu 1. Install Dovecot IMAP and POP3:
sudo apt install dovecot-imapd dovecot-pop3d
2. Modify the Dovecot configuration file:
sudo nano /etc/dovecot/dovecot.conf
3. Add or check the following parameters:
protocols = imap pop3 lmtp
mail_location = maildir:~/Maildir
4. Restart Dovecot:
sudo systemctl restart dovecot
Go to view
How to Install and Configure a Postfix Mail Server with Dovecot on Linux Ubuntu

How to Install and Configure a Postfix Mail Server with Dovecot on Linux Ubuntu

Step 1. What you need for installation

To begin the installation, you’ll need a properly configured Linux Ubuntu server with a Fully Qualified Domain Name (FQDN). On the server, you need to add a non-root user but with sudo privileges, and open corresponding ports in your network. I already have a server with the required settings, and its ports are configured properly, so the only thing left to do is to add a user and start installing mail applications.

To add a user, open the terminal by pressing the key shortcut Ctrl + Alt + T, and run this command:

adduser demo

Adding a user with the terminal

Set a new password for this user, and leave other values without changes. You can specify any additional information if you need to. Now you have a new user account with standard privileges. However, sometimes you may have to perform administrative tasks as a root user.

To avoid having to sign out of your regular account and then sign in to a root user account, you can configure the so-called superuser or root privileges for your regular user account. This will let you run commands with administrative privileges by just placing the word “sudo” before the command.

To add privileges, you need to add a new user into the sudo system group by running this command:

usermod -aG sudo demo

Adding a user with the terminal

Step 2. Set the host name and create DNS entries for the domain

The next thing to do is to set a true domain name for your server.

For this purpose, there is a special command, hostnamectl:

sudo hostnamectl set-hostname hetmansoftware.com

Set a true domain name for your server

After that, you need to add MX and A records for the domain in the DNS control panel. These records will show to the other mail agents that your domain is in charge of delivering electronic mail.

Add MX and A records for the domain in the DNS control panel

Open the DNS control panel and add these records, while specifying the public IP address of your server.

Step 3. Installing a Postfix mail server on Ubuntu

Now you can begin the installation of a Postfix mail agent.

Here is the command you need to use:

$ sudo apt-get install postfix

Add MX and A records for the domain in the DNS control panel

In the Postfix Configuration window that opens, click Ok. After that, the system will suggest you to choose mail configuration type: select Internet Site - Enter.

Choose mail configuration type

In the next window, type the domain name to be used when sending electronic mail. After Postfix is installed, it will start automatically and create a configuration file (in the location in /etc/postfix/main.cf).

Type the domain name to be used when sending electronic mail

You can check Postfix version and service status by using the following commands.

$ sudo systemctl status postfix

Check Postfix version and service status

If you need to change the configuration, type this command:

sudo dpkg-reconfigure postfix

Click ОK and select Internet Site - Enter. In the next window, type the domain name to be used when sending electronic mail. Then add the mail recipient. Specify other destinations to accept mail.

Specify other destinations to accept mail

Force synchronous updates on mail queue: No. Leave local networks settings without changes.

Specify other destinations to accept mail

Mailbox size limit: 0. Local address extension character: + Internet protocols to use: all.

Use all Internet protocols

Step 4. Testing a Postfix mail server on Ubuntu

Now let’s check if your mail server is connected to port 25 by running this command:

$ telnet gmail-smtp-in.l.google.com 25

Let’s check if your mail server is connected to port 25

The result displayed by the system indicates that the connection has been established successfully. To close the connection, type quit.

Also, you can use a mail application to test the mail service. However, it should be installed first, so run the installation command

apt install mailutils

Here is the command to use:

/usr/sbin/sendmail dmitriyzh23@gmail.com

Specify the email address to send your mail to, subject and contents, and then press Сtrl + D to send.

Sending a test email

The mail service works and the email was delivered, but it ended up in the spam folder. Let’s see what settings should be changed to prevent emails from being classified as spam.

The email ended in the spam folder

After sending the first email, the program will create a file with the user’s name in the var/mail/ folder. In this file, all incoming and outgoing mail will be recorded.

Folder var/mail/

This recording format is known as mbox. To use the maildir format, which divides emails to separate files which are then moved between directories depending on the user’s actions, you need to make some changes to the configuration file.

Sudo nano /etc/postfix/main.cf

Add the line home_mailbox= Maildir/:

Making changes to the configuration file

Or run the command:

sudo postconf -e 'home_mailbox= Maildir/'

In this case, mail will be stored in separate files, and can be found by this path: home/demo/Maildir/new

Step 5. Installing Dovecot IMAP and POP on Ubuntu

As a result, the mail server is running, you can send and receive mail, but it can hardly do without an opportunity to send mail by SMTP. This protocol is already supported in Postfix, but it has no authentication by default. To add authentication support, you should use Dovecot. As a bonus, you’ll get the opportunity to view your mail by POP3 and IMAP protocols. First of all, you need to install the Dovecot service itself. Here is the command to use:

sudo apt-get install dovecot-imapd dovecot-pop3d

After the installation is over, it is recommended to restart the dovecot service.

sudo systemctl restart dovecot

Install Dovecot service

To configure Dovecot, you should edit the configuration file: /etc/dovecot/dovecot.conf. To open it, you need one more command:

nano /etc/dovecot/dovecot.conf:

You can choose which protocol to use. It could be pop3, pop3s (secure pop3), imap or imaps (secure imap). IMAPS and POP3S are more secure than conventional IMAP and POP3, since they use SSL encryption for their connections. As soon as you have chosen a protocol to use, correct the next line in the file dovecot.conf.

To open it, you need one more command:

nano /etc/dovecot/dovecot.conf:

Add or edit this line:

protocols = pop3 pop3s imap imaps

Ctrl + Х, and Yes to save - Enter.

Add to the configuration - pop3 pop3s imap imaps

Now let’s check how POP3 works. Go to a check-up service, enter the data and click to start the test, then check the result.

Add to the configuration pop3 pop3s imap imaps

Now that you have configured the mail service, you need to make sure that mail doesn’t end up in the spam folder, and for that purpose, you should add a few more DNS records. Open the DNS control panel. Add SPF, DMARC and DKIM records.

How to add a DKIM record

To have SPF and DMARC running, all you need is to add their DNS records, but for DKIM to work, it has to be installed on the server.

Add SPF, DMARC and DKIM records in the DNS Panel

DKIM (DomainKeys Identified Mail) is an email authentication method designed to detect forged sender addresses in email (known as email spoofing). DKIM enables the user to check if an email was actually sent from the stated domain.

Here is the command you need to install the package:

apt-get install opendkim opendkim-tools

Installing DKIM

Then start it and add it to automatic startup

sudo systemctl start opendkim

sudo systemctl enable opendkim

After that, you should create a certificate with the help of opendkim-genkey

Create a directory for keys using this command:

mkdir /etc/opendkim

And use another command to generate a key:

opendkim-genkey -D /etc/opendkim/ --domain hetmansoftware.com --selector mail

Here, you need to specify your server’s domain name.

Start DKIM and create a certificate

In the folder /etc/opendkim/ two files should appear, with the extensions .private (a closed key) and .txt (a txt record). Now let’s configure DNS.

View the contents of the txt file:

cat /etc/opendkim/mail.txt

Copy the line with the private DKIM key

Copy the contents, switch to DNS control panel and create a TXT record:

mail._domainkey IN TXT ( "v=DKIM1; k=rsa; "

“the txt file contents”

mail - the selector name,

p= p=MIIBIjANB...IDAQAB - the shortened record of the public key.

Create a record in the DNS Control Panel

sudo chown -R opendkim:opendkim /etc/opendkim

Now let’s make changes to the configuration file

sudo nano /etc/opendkim.conf

Here, you need to comment and add a few lines

AutoRestart Yes

AutoRestartRate 10/1h

Umask 002

Syslog yes

SyslogSuccess Yes

LogWhy Yes

Mode sv

Canonicalization relaxed/simple

UserID opendkim:opendkim

Socket inet:8891@localhost

PidFile /var/run/opendkim/opendkim.pid

ExternalIgnoreList refile:/etc/opendkim/TrustedHosts

InternalHosts refile:/etc/opendkim/TrustedHosts

KeyTable refile:/etc/opendkim/KeyTable

SigningTable refile:/etc/opendkim/SigningTable

SignatureAlgorithm rsa-sha256

Let’s make changes to the configuration file

Add your domain to trusted hosts.

sudo nano /etc/opendkim/TrustedHosts

Add the domain, Сtrl + Х, Yes, Enter:

Add your domain to trusted hosts

Give the path to the key.

sudo nano /etc/opendkim/KeyTable

mail._domainkey.hetmansoftware.com hetmansoftware.com:mail:/etc/opendkim/dkim.private

Сtrl + Х, Yes, Enter

Give the path to the key

The path to the signature

sudo nano /etc/opendkim/SigningTable

*@hetmansoftware.com mail._domainkey.hetmansoftware.com

Сtrl + Х, Yes, Enter

Give the path to the signature

Restart the services

sudo systemctl restart opendkim

sudo systemctl restart postfix

Now that the record is added, let’s check it. Open a DKIM checkup service in the browser.

https://dmarcian.com/dkim-inspector/

Type the domain and selector name into the fields. The service has found my DKIM record.

DKIM checkup service

The record is added. For additional fine-tuning, adding trusted hosts, domains etc you’ll have to open the configuration file and add extra settings.

Now let’s test mail sending again.

/usr/sbin/sendmail dmitriyzh23@gmail.com

From: demo@hetmansoftware.com

Subject: test

Test send mail spf dkim dmarc

Ctrl + D

Now the email arrived, and this time it was not dumped into the spam folder. Let’s reply to this email. The mail service works properly.

DKIM checkup service

All right, so you have installed and configured Postfix and Dovecot, checked how the mail service works and added corresponding DNS records. For more convenient work, you can add a MySql storage server and a mail client - for example, Roundcube.

Go to view
⚕️How to Recover Emails📧, Contacts and Profiles in Mozilla Thunderbird (2021)

⚕️How to Recover Emails📧, Contacts and Profiles in Mozilla Thunderbird (2021)

Go to view
How to Restore Access to Gmail, Yahoo, AOL, ICloud, Outlook Mailbox without a Login and Password 📧🔓🔑

How to Restore Access to Gmail, Yahoo, AOL, ICloud, Outlook Mailbox without a Login and Password 📧🔓🔑

Vladimir Artiukh

Author: , Technical Writer

Vladimir Artiukh is a technical writer for Hetman Software, as well as the voice and face of their English-speaking YouTube channel, Hetman Software: Data Recovery for Windows. He handles tutorials, how-tos, and detailed reviews on how the company’s tools work with all kinds of data storage devices.

Oleg Afonin

Editor: , Technical Writer

Oleg Afonin is an expert in mobile forensics, data recovery and computer systems. He often attends large data security conferences, and writes several blogs for such resources as xaker.ru, Elcomsoft and Habr. In addition to his online activities, Oleg’s articles are also published in professional magazines. Also, Oleg Afonin is the co-author of a well-known book, Mobile Forensics - Advanced Investigative Strategies.

  • Evaluations:
  • 2
  • /
  • :

Share

Questions and answers

  • What are the minimum system requirements for an Ubuntu distributive?

    As far as we know, the minimum system requirements for normal system performance are as follows:

    Basic:

    • CPU: Intel Pentium 4 3 Ghz
    • System memory: 1.5 Gb
    • Graphics adapter: any having 128 Mb of memory
    • Hard disk: any having 10 Gb of free space

    Optimal requirements:

    • CPU: Intel Core 2 Duo 1.8 Ghz
    • System memory: 4 Gb
    • Graphics adapter: any having 256 Mb of memory
    • Hard disk: any having 20 Gb of free space
  • How to open a file manager with root privileges?

    To manage files with root (administrator) privileges, it’s not the best idea to use Nautilus (Nemo) basic file manager. It is so deeply integrated with other system components that you are running a risk of breaching access permissions regarding elements of your home directory. The same would be true for Xubuntu versions with Thunar file manager, and Lubuntu versions with PCmanFM file manager.

    For the reason cited above, it is better to manage files as a root user with a simple file manager app which is not integrated with the desktop environment. To install it, open the terminal and type this command (use the copy/paste options):

    Linux Mint, Ubuntu:

    sudo apt-get install gnome-commander

    Fedora Workstation:

    sudo dnf install gnome-commander

    At a certain moment of this process, you will need to type your password. When the packages are installed, type the command to launch the installed file manager:

    pkexec gnome-commander

  • What are Xubuntu, Kubuntu, Lubuntu and Edubuntu?

    Xubuntu, Kubuntu, Lubuntu and Edubuntu are official versions of Ubuntu (or its official derivatives). They mostly differ by the sets of preinstalled apps and desktop environments they use. Meanwhile, they share the same technologies and software repositories of the Ubuntu project.

    Ubuntu is the main version using GNOME desktop environment.

    Xubuntu is a version of the Ubuntu distributive with Xfce desktop environment.

    Kubuntu uses Ubuntu packages as the basis for KDE desktop environment. While the main idea for GNOME desktop environment was simplicity of operation, the KDE developers intended to implement a menu to deal with a maximum number of various settings.

    Lubuntu is the most lightweight version of Ubuntu distributive: the desktop environment it uses has minimum system requirements and is still easy to work with.

    Edubuntu is a specialized Ubuntu distributive containing specific software meant for schools and education establishments.

  • How to make a computer shut down after a specific period of time?

    Automatically power off Ubuntu after a given period of time. Open the terminal window and get temporary root privileges.

    sudo -i

    When asked, type your password. Your password will not be displayed in any way, even as dots, and this is normal. After you have typed the password, press Enter again.

    Now you need to calculate for how many seconds the computer should be running before shutdown. For example, if you want a computer to work for the next half an hour, you will have to use the number of seconds calculated this way: 30 x 60 = 1,800 seconds. Type the command:

    sleep 1800 && shutdown -h now

    For the command to be performed, don’t close the terminal window and press Enter. As a result, your computer will shut down automatically in 30 minutes.

  • How to disable the Caps Lock key (in all Linux Mint, Ubuntu, and Fedora Workstation editions)?

    Some people really dislike the Caps Lock key as they hit it accidentally from time to time, and this changes letters to uppercase. To disable it in all Linux Mint, Ubuntu, and Fedora Workstation editions you need to make sure that Caps Lock isn’t active. After that, open the terminal window and type this command:

    setxkbmap -option caps:none

    As a result, the Caps Lock will be disabled - that is, nothing will happen even if you press the key by accident!

    Note: this command is only active within the current user session and it will not work after you reboot the computer. If you want it to be run automatically every time you sign in to the operating system, you can just add it to the startup list. In this case, the Caps Lock key will be disabled automatically as soon as you sign in to your account.

    If necessary, you’ll be able to activate the Caps Lock key easily with the help of setxkbmap utility.

    setxkbmap -option

Comments (18)

  • Nfon Andrew
    Nfon Andrew 28.11.2024 19:15 #

    Thanks very much. I followed all the steps but i was not able to verify

    ``` There is something wrong with your DKIM record.
    DNS error: unable to resolve mail._domainkey.anticcrs.cm TXT.
    Query: mail._domainkey.anticcrs.cm ```

    Reply
    • Hetman Software
      Hetman Software 20.12.2024 16:24 #

      It seems like you are experiencing issues with verifying your DKIM record due to a DNS error. The error message indicates that there is a problem resolving the TXT record for mail._domainkey.anticcrs.cm in your DNS settings.

      To resolve this issue, you may need to check and correct the DNS settings for your domain. Here are some steps you can take to troubleshoot and fix the issue:

      • Make sure that the DKIM record for mail._domainkey.anticcrs.cm is correctly set up in your DNS settings. You may need to double-check the record and ensure that it is entered correctly.
      • Ensure that the TXT record for mail._domainkey.anticcrs.cm is properly configured in your DNS settings. You can use online DNS lookup tools to verify the existence and correctness of the TXT record.
      • Sometimes, DNS changes may take some time to propagate across the internet. It is recommended to wait for some time and try verifying the DKIM record again.
      • If you are still facing issues, you may need to contact your DNS provider for assistance. They can help you troubleshoot and resolve any DNS-related issues affecting the verification of your DKIM record.
      Reply
  • Isoy15
    Isoy15 3.02.2024 13:56 #
    how i can login my postfix email on gmail app via pop3 or imap
    Reply
  • Xavier
    Xavier 10.09.2023 19:59 #
    using the same setup with google domains, The mail service works and the email was delivered, but it ended up in the spam folder
    Reply
    • Hetman Software
      Hetman Software 11.09.2023 10:21 #

      If your emails are landing in spam, it’s usually a configuration issue. Check the following:

      • Set up proper SPF, DKIM, and DMARC records in your Google Domains DNS.
      • Ensure your server has a valid reverse PTR record (reverse DNS) pointing to your domain.
      • Check that your IP is not blacklisted using online tools.
      • Send test emails and monitor headers to confirm SPF/DKIM pass.

      Correctly configuring these will greatly reduce the chance of your emails going to spam.

      Reply
  • Armin Mansouri
    Armin Mansouri 10.05.2023 12:10 #
    Could you also show us how to configure the mailserver to use SMTP over TLS (port 587) please?
    Reply
    • Hetman Software
      Hetman Software 16.05.2023 14:58 #

      Yes! To configure Postfix with SMTP over TLS (port 587) on Ubuntu, you can follow these essential steps:

      • Install Postfix and Dovecot: sudo apt install postfix dovecot-core dovecot-imapd
      • Edit Postfix main config: sudo nano /etc/postfix/main.cf and add: smtpd_tls_cert_file=/etc/ssl/certs/your_cert.pem
        smtpd_tls_key_file=/etc/ssl/private/your_key.pem
        smtpd_use_tls=yes
        smtpd_tls_auth_only = yes
        submission inet n - y - - smtpd
        -o syslog_name=postfix/submission
        -o smtpd_tls_security_level=encrypt
        -o smtpd_sasl_auth_enable=yes
      • Reload Postfix: sudo systemctl restart postfix
      • Ensure Dovecot handles authentication for Postfix (check /etc/dovecot/conf.d/10-master.conf for service auth)
      • Test your setup using openssl s_client -connect yourdomain.com:587 -starttls smtp and by sending email via a mail client.

      This enables clients to securely send email via TLS on port 587 while keeping Postfix and Dovecot working together.

      Reply
  • Zack Brownell
    Zack Brownell 27.12.2022 22:54 #
    How can you configure Dovecot to work with Postfix?
    Reply
    • Hetman Software
      Hetman Software 27.12.2022 23:15 #
      • Install Dovecot: Install Dovecot on your server using your package manager.
      • Configure Postfix: Edit your Postfix configuration file (main.cf) and add the following lines:
        # Dovecot configuration
        mail_spool_directory = /var/mail
        mailbox_command = /usr/lib/dovecot/deliver
        virtual_transport = dovecot
      • Configure Dovecot: Edit your Dovecot configuration file (dovecot.conf) and add the following lines:
        # Postfix configuration
        protocols = imap pop3 lmtp
        mail_location = maildir:~/Maildir
        mail_privileged_group = mail
      • Restart Services: Restart both Postfix and Dovecot services for the changes to take effect.
      Reply
  • Sammy Blanchfield
    Sammy Blanchfield 27.12.2022 20:59 #
    How can you test whether your Postfix configuration is working correctly or not?
    Reply
    • Hetman Software
      Hetman Software 27.12.2022 21:29 #
      1. Check the Postfix log files to ensure that your mail is being delivered correctly.
      2. Send a test email from the server to an external address and verify that it was received.
      3. Use telnet to connect to the Postfix server on port 25 and send a test email.
      4. Use a tool such as swaks to test the server’s SMTP settings.
      5. Use an online SMTP tester to verify the server’s configuration.
      Reply
  • Leon Hurley
    Leon Hurley 27.12.2022 17:01 #
    What are some of the important parameters that need to be set in the main.cf file?
    Reply
    • Hetman Software
      Hetman Software 27.12.2022 17:36 #
      1. myhostname: This is the fully-qualified domain name of the mail server.
      2. mydomain: This is the domain name used for mail routing.
      3. myorigin: This is the domain name that will be used to construct email addresses.
      4. mydestination: This is a list of domains that this server will accept mail for.
      5. relay_domains: This is a list of domains that this server will relay mail for.
      6. inet_interfaces: This is a list of network interfaces that Postfix will listen on.
      7. mynetworks: This is a list of trusted networks that are allowed to relay mail through the server.
      8. virtual_alias_maps: This is a list of mappings from email addresses to other email addresses or destinations.
      9. virtual_mailbox_maps: This is a list of mappings from email addresses to mailbox locations.
      10. smtpd_recipient_restrictions: This is a list of restrictions that will be applied to incoming mail.
      Reply
  • Anderson Carling
    Anderson Carling 27.12.2022 15:07 #
    How can you check whether Postfix is already installed on your system or not?
    Reply
    • Hetman Software
      Hetman Software 27.12.2022 15:31 #
      You can check whether Postfix is already installed on your system by running the following command in the terminal:
      $ sudo dpkg -s postfix
      This will display information about the Postfix package, including its version and installation status.
      Reply
  • Terry Mullies
    Terry Mullies 27.12.2022 12:02 #
    What is the first step in setting up Postfix and Dovecot on Linux Ubuntu?
    Reply
    • Hetman Software
      Hetman Software 27.12.2022 12:32 #
      The first step in setting up Postfix and Dovecot on Linux Ubuntu is to install the packages. This can be done by running the following command in a terminal: sudo apt-get install postfix dovecot-core dovecot-imapd dovecot-lmtpd.
      Reply
  • Maxim Cherniga
    Maxim Cherniga 9.11.2022 14:01 #
    If you have any questions about installing and configuring a Postfix mail server with Dovecot, configuring a mail server to prevent your emails from falling into the spam folder, or adding DNS records such as SPF, DKIM and DMARC, feel free to post a comment and ask us.
    Reply
Post comment
User
Leave a reply
Your email address will not be published. Required fields are marked *

Recommended For You
This website uses cookies to improve your experience. Description