Skip to main content

LINUX How to configure ssl-postfix-dovecot

#cd /etc/postfix
#vi main.cf
Paste under mynetworks:

####### smtp auth
smtpd_tls_auth_only = yes
smtp_use_tls = yes
smtpd_sasl_auth_enable =   yes
smtpd_sasl_type = cyrus
local_recipient_maps =
smtpd_use_tls = yes
smtp_tls_note_starttls_offer   = yes
smtpd_tls_key_file =   /etc/postfix/ssl/smtpd.key
smtpd_tls_cert_file =   /etc/postfix/ssl/smtpd.crt
smtpd_tls_CAfile =   /etc/postfix/ssl/cacert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header   = yes
smtpd_tls_session_cache_timeout   = 3600s
tls_random_source =   dev:/dev/urandom
########

Then:
#vi master.cf
Paste under smtp:
smtps   inet n   -   n   - - smtpd
      -o smtpd_sasl_auth_enable=yes
      -o smtpd_reject_unlisted_sender=yes
      -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject
      -o broken_sasl_auth_clients=yes

To check the SASL available mechanisms run:

#saslauthd -V

Set SASL authentication to start at system boot:

#chkconfig --levels 235 saslauthd on

Set up the encryption keys:

#mkdir /etc/postfix/ssl
#cd ssl/
#openssl genrsa -des3 -rand /etc/hosts -out smtpd.key 1024
#chmod 600 smtpd.key
#openssl req -new -key smtpd.key -out smtpd.csr
#openssl x509 -req -days 3650 -in smtpd.csr -signkey smtpd.key -out smtpd.crt
#openssl rsa -in smtpd.key -out smtpd.key.unencrypted
#mv -f smtpd.key.unencrypted smtpd.key
#openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -days 3650

Set up the client certificate for importing into Internet Explorer (for Outlook) / Thunderbird (this will suppress warnings about using a self signed certificate):

#openssl pkcs12 -export -in smtpd.crt -inkey smtpd.key -out OutlookSMTP.p12

Reload the config:

#postfix reload

Check if the port is listening:

#netstat -ntpl | grep master

tcp     0    0     127.0.0.1:10025  0.0.0.0:*      LISTEN   8366/master
tcp     0    0     0.0.0.0:465      0.0.0.0:*      LISTEN   8366/master
tcp     0    0     0.0.0.0:25       0.0.0.0:*      LISTEN    8366/master


Test if TLS and AUTH is working:

#telnet localhost 465

Dovecot config for POP3 IMAP
#vi /etc/dovecot

protocols imap imaps pop3s

Whichever services you are using, you need to configure the IP and port on which each one will listen.

protocol imap {
    listen = 127.0.0.1:143
    ssl_listen = 123.45.67.89:993

    ...
}

protocol pop3 {
    # listen = 987.65.43.21:110
    ssl_listen = 123.45.67.89:995

    ...
}

Comments

Post a Comment

Popular posts from this blog

PERL Some good framework

1. Catalyst is the most popular agile Perl MVC web framework that encourages rapid development and clean design without getting in your way. Catalyst | Perl MVC web application framework 2. Mojolicious is a next generation web framework for the Perl programming language. Back in the early days of the web, many people learned Perl because of a wonderful Perl   ... Mojolicious - Perl real-time web framework 3. Documents for Perl  The Perl Archive Network, the gateway to all things Perl. The canonical location for Perl code and modules. The Comprehensive Perl Archive Network - www. cpan .org
Post a Comment
Read more

C++ How to use Date and Time

The C++ standard library does not provide a proper date type. C++ inherits the structs and functions for date and time manipulation from C. To access date and time related functions and structures, you would need to include <ctime> header file in your C++ program. There are four time-related types: clock_t, time_t, size_t , and tm . The types clock_t, size_t and time_t are capable of representing the system time and date as some sort of integer. The structure type tm holds the date and time in the form of a C structure having the following elements: struct tm { int tm_sec ; // seconds of minutes from 0 to 61 int tm_min ; // minutes of hour from 0 to 59 int tm_hour ; // hours of day from 0 to 24 int tm_mday ; // day of month from 1 to 31 int tm_mon ; // month of year from 0 to 11 int tm_year ; // year since 1900 int tm_wday ; // days since sunday int tm_yday ; // days since January 1st int tm_isdst ; // hours of daylight savin...
Post a Comment
Read more

Lambda Function with Amazon DynamoDB

DynamoDB can trigger AWS Lambda when the data in added to the tables, updated or deleted. In this chapter, we will work on a simple example that will add items to the DynamoDB table and AWS Lambda which will read the data and send mail with the data added. Requisites To use Amazon DB and AWS Lambda, we need to follow the steps as shown below − Create a table in DynamoDB with primary key Create a role which will have permission to work with DynamoDBand AWS Lambda. Create function in AWS Lambda AWS Lambda Trigger to send mail Add data in DynamoDB Let us discuss each of this step in detail. Example We are going to work out on following example which shows the basic interaction between DynamoDB and AWS Lambda. This example will help you to understand the following operations − Creating a table called customer in Dynamodb table and how to enter data in that table. Triggering AWS Lambda function once the data is entered and sending mail using Amazon SES service. The basic block diagram that ...
Post a Comment
Read more