Mail server setup

Updated 7 Mars 2019

Mail server

Introduction

Un serveur de messagerie est un serveur qui traite les messages électroniques, ce qui inclut la réception et l'envoi, ainsi que l'envoi de courrier. All incoming mail does not go directly to the user's computer (otherwise it would have been necessary to keep it constantly on), but is stored on the mail server, which operates around the clock, so that the user can pick up their mail at any time.

To setup a mail server, you can use Calculate utilities included in the sys-apps/calculate-server package. User and group accounts are stored on the OpenLDAP server, Postfix is the mail agent, and Dovecot+ takes over the function of an IMAP/POP3 server. Tous les logiciels nécessaires sont inclus dans [Calculate Directory Server] (cds).

LDAP configuration

First setup a LDAP server. Effectuez toutes les procédures d'installation nécessaires conformément au manuel.

Configuration du serveur de messagerie

Avant de configurer le serveur de messagerie, configurez le stockage des comptes pour les utilisateurs Unix. Pour ce faire, exécutez:

cl-setup unix
* WARNING: Running this program will modify the configuration files and the LDAP database. If you want to continue, enter 'yes', else enter 'no': yes 

* Added ldif file ... 
[ok] 
* Unix service configured ... 
[ok]

To setup a mail server with default parameters, run:

cl-setup mail
* WARNING: Running this program will modify the configuration files and the LDAP database. If you want to continue, enter 'yes', else enter 'no': yes 

* Removed Mail DN from LDAP database ... 
[ok]
* Added ldif file ... 
[ok]
* Starting Postfix ... 
[ok]
* Starting Dovecot ...
[ok]
* Mail service configured ... 
[ok]

Pour sélectionner l'hôte mail.example.org et utiliser les protocoles IMAP et POP3, procédez comme suit:

cl-setup --type pop3,imap --host mail.example.org mail

To view all available parameters, run:

cl-setup --help-mail
calculate-server 2.1.18

Usage: cl-setup  [options]  service
Sets service in the system

Examples: 
  cl-setup samba                 # set Samba service in the system.             

Common options: 
  -h, --help                     display this help and exit                     
  --help-all                     display help for all services options          
  --help-jabber                  display help for Jabber service options        
  --help-ldap                    display help for LDAP service options          
  --help-mail                    display help for Mail service options          
  --help-samba                   display help for Samba service options         
  --help-proxy                   display help for Proxy service options         
  --help-dns                     display help for DNS service options           
  --help-dhcp                    display help for DHCP service options          

Mail service options: 
  -a, --allow                    enter the allowed ip addresses and network     
  --host HOST                    mail host, default - hostname                  
  -t, --type TYPE                mail type - 'imap', 'pop3', 'pop3,imap'        
                                 (default - imap)                               
  -c, --crypt CRYPT              encryption type - 'none', 'tls' (default - tls)
  --history CONDITION            enabled or disabled mail history logging,      
                                 default disable. (on/off)                      
  --history-domains DOMAIN       domain or domains for own mail (comma          
                                 delimited)                                     
  --history-path PATH            history path                                   

Services: 
  ldap                           ldap service                                   
  unix                           unix service                                   
  samba                          samba service                                  
  mail                           mail service                                   
  jabber                         jabber service                                 
  ftp                            ftp service                                    
  proxy                          proxy service                                  
  dns                            dns service                                    
  dhcp                           dhcp service

Une fois l'opération cl-setup' terminée, le service de messagerie sera configuré et lancé. Utilisez l'outilnetstat' pour vérifier les ports ouverts:

netstat -tln
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State      
tcp        0      0 0.0.0.0:110             0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:143             0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN     
tcp        0      0 127.0.0.1:631           0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:25              0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:636             0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:993             0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:995             0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:389             0.0.0.0:*               LISTEN     
tcp6       0      0 :::110                  :::*                    LISTEN     
tcp6       0      0 :::143                  :::*                    LISTEN     
tcp6       0      0 :::22                   :::*                    LISTEN     
tcp6       0      0 ::1:631                 :::*                    LISTEN     
tcp6       0      0 :::25                   :::*                    LISTEN     
tcp6       0      0 :::636                  :::*                    LISTEN     
tcp6       0      0 :::993                  :::*                    LISTEN     
tcp6       0      0 :::995                  :::*                    LISTEN     
tcp6       0      0 :::389                  :::*                    LISTEN 

Protocols POP3 и IMAP use ports 110 и 143 respectivement.

Pour éviter le spam apporté aux utilisateurs du système (décrit dans /etc/mail/aliases), le répertoire mail nobody n'est pas créé par défaut. If you need to get messages for system users, create a directory with the necessary access privileges:

mkdir /var/calculate/server-data/mail/nobody

chown nobody:nobody /var/calculate/server-data/mail/nobody

chmod 0700 /var/calculate/server-data/mail/nobody

Maintenant tous les messages pour les utilisateurs du système seront stockés dans /var/calculate/server-data/mail/nobody.

Gestion des comptes

Un compte est un enregistrement qui contient les informations nécessaires à l'identification de l'utilisateur lors de la connexion au système, de l'authentification et de l'enregistrement. Dans notre cas, il sera utilisé pour se connecter à un service de messagerie ou à une boîte aux lettres.
A mailbox is a logical disk partition used for mail storage, referred to as an mail address. Several addresses can correspond to a mailbox, called synonyms or aliases or else nicknames.

To add user guest with mail nickname guestmail@mail.example.org, run:

cl-useradd -p -e guestmail@mail.example.org guest mail
New password:
Repeat new password:
* User added to Unix service
* User added to Mail service

To modify the guest user password, run:

cl-passwd guest mail
New password:
Repeat new password:
* Password of Mail service user changed

To remove user guest from the mail service, run:

cl-userdel guest mail
* Created /var/calculate/server-backup/deleted/guest-1000/mail for storing remote user data
* User mail directory /var/calculate/server-data/mail/guest deleted
* User guest of Mail service deleted

Managing mail groups

A mail group is a set of mail addresses used to send mail to several recipients. An mail sent to the group address is distributed to all mail accounts in the group.

To add a mailing group guestgroup with an alternative mailing address gg@example.org, run:

cl-groupadd -e gg@example.org guestgroup mail
 * Группа 'guestgroup' добавлена в Mail сервис

To remove guestgroup, run:

cl-groupdel guestgroup mail
* Группа guestgroup Mail сервиса удалена

To add and remove accounts, the cl-usermod and cl-groupmod commands are used.

For instance, to add user guest to groups guesttest and guestgroup, run:

cl-usermod -a guesttest,guestgroup guest mail
* User added to groups

To move user guest to the guesttest group, run:

cl-usermod -G guesttest guest mail
* List of additional groups replaced

To add users guest1 and guest2 to group guesttest, run:

cl-groupmod -a guest1,guest2 guesttest mail
* Users added to group guesttest

Pour supprimer les utilisateurs guest1 et guest2 du groupe guesttest, lancez:

cl-groupmod -d guest1,guest2 guesttest mail
* Utilisateurs supprimés du groupe guesttest

Vérification du serveur

Pour vérifier si le courrier a été envoyé à ~~guestmail@mail.example.org, exécutez:

openssl s_client -starttls smtp -connect mail.example.org:25
CONNECTED(00000003)
...
---
250 DSN
ehlo mail
250-mail.example.org
250-PIPELINING
250-SIZE 100000000
250-ETRN
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
mail from:<guest@mail.example.org>
250 2.1.0 Ok
rcpt to:<guestmail@mail.example.org>
250 2.1.5 Ok
data
354 End data with <CR><LF>.<CR><LF>
From:<guest@mail.example.org>
To:<guestmail@mail.example.org>
Subject: Test

Test
.
250 2.0.0 Ok: queued as 15A9D1D4A2
quit
221 2.0.0 Bye
closed

Pour vérifier la réception du courrier via IMAP pour l'utilisateur invité avec mot de passe secret , suivez ces étapes:

openssl s_client -starttls imap -crlf -connect mail.example.org:143
CONNECTED(00000003)
...
---
. OK Pre-login capabilities listed, post-login capabilities have more.
A1 LOGIN guest secret
* CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS THREAD=ORDEREDSUBJECT MULTIAPPEND URL-PARTIAL CATENATE UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS BINARY MOVE SNIPPET=FUZZY LITERAL+ NOTIFY SPECIAL-USE
A1 OK Logged in
A2 SELECT Inbox
* FLAGS (\Answered \Flagged \Deleted \Seen \Draft)
* OK [PERMANENTFLAGS (\Answered \Flagged \Deleted \Seen \Draft \*)] Flags permitted.
* 1 EXISTS
* 0 RECENT
* OK [UIDVALIDITY 1542618255] UIDs valid
* OK [UIDNEXT 2] Predicted next UID
A2 OK [READ-WRITE] Select completed (0.002 + 0.000 + 0.001 secs).
A3 FETCH 1 BODY[HEADER]
* 1 FETCH (BODY[HEADER] {598}
Return-Path: <noname@mail.example.org>
X-Original-To: guestmail@mail.example.org
Delivered-To: guest@mail.example.org
Received: from mail (mail.example.org [127.0.0.1])
    (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
    (No client certificate requested)
    by mail.example.org (Postfix) with ESMTPS id 15A9D1D4A2
    for <guestmail@mail.example.org>; Mon, 19 Nov 2018 11:58:27 +0300 (MSK)
From:<guest@mail.example.org>
To:<guestmail@mail.example.org>
Subject: Test
Message-Id: <20181119085920.15A9D1D4A2@mail.example.org>
Date: Mon, 19 Nov 2018 11:58:27 +0300 (MSK)

)
A3 OK Fetch completed (0.001 + 0.000 secs).
A4 LOGOUT
* BYE Logging out
A4 OK Logout completed (0.001 + 0.000 secs).
closed

Pour vérifier la réception du courrier via POP3 pour l'utilisateur guest avec mot de passe secret , suivez ces étapes:

openssl s_client -starttls pop3 -crlf -connect mail.example.org:110
CONNECTED(00000003)
...
---
+OK Dovecot ready.
user guest
+OK
pass secret
+OK Logged in.
list
+OK 1 messages:
1 604
.
retr 1
+OK 604 octets
Return-Path: <noname@mail.example.org>
X-Original-To: guestmail@mail.example.org
Delivered-To: guest@mail.example.org
Received: from mail (mail.example.org [127.0.0.1])
    (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
    (No client certificate requested)
    by mail.example.org (Postfix) with ESMTPS id 15A9D1D4A2
    for <guestmail@mail.example.org>; Mon, 19 Nov 2018 11:58:27 +0300 (MSK)
From:<guest@mail.example.org>
To:<guestmail@mail.example.org>
Subject: Test
Message-Id: <20181119085920.15A9D1D4A2@mail.example.org>
Date: Mon, 19 Nov 2018 11:58:27 +0300 (MSK)

Test
.
quit
+OK Logging out.
closed