MailStackDelivery

Complete configuration #

  • Install
sudo apt install mail-stack-delivery

  • Preparar bústia

  • A /etc/profile posar

MAIL=/home/$USER/Maildir
  • crear carpeta d'usuaris al skel
mkdir skel
  • A /etc/dovecot/conf.d/10-auth.conf canviar el paràmetre
disable_plaintext_auth = yes
auth_mechanisms = cram-md5
  • Canviar a Maildir al postfix
sudo postconf -e "home_mailbox = Maildir/"
  • Canviar a Maildir a Dovecot
mail_location = maildir:~/Maildir

  • comentar l' altre linea mail_location

  • Authoritzation a postfix

sudo postconf -e 'smtpd_sasl_type = dovecot'
sudo postconf -e 'smtpd_sasl_path = private/auth'
sudo postconf -e 'smtpd_sasl_local_domain ='
sudo postconf -e 'smtpd_sasl_security_options = noanonymous'
sudo postconf -e 'broken_sasl_auth_clients = yes'
sudo postconf -e 'smtpd_sasl_auth_enable = yes'
sudo postconf -e 'smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination'
  • Generar certificat
roger@roger-System-Product-Name:~$ sudo openssl genrsa -des3 -out server.key 2048
Generating RSA private key, 2048 bit long modulus
....................+++
.....................................................................+++
e is 65537 (0x010001)
Enter pass phrase for server.key:
Enter pass phrase for server.key:
Verifying - Enter pass phrase for server.key:
roger@roger-System-Product-Name:~$ openssl rsa -in server.key -out server.key.insecure
Enter pass phrase for server.key:
roger@roger-System-Product-Name:~$ openssl rsa -in server.key -out server.key.insecure
Enter pass phrase for server.key:
writing RSA key
roger@roger-System-Product-Name:~$ mv server.key server.key.secure
roger@roger-System-Product-Name:~$ mv server.key.insecure server.key
roger@roger-System-Product-Name:~$ openssl req -new -key server.key -out server.csr
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:ES
State or Province Name (full name) [Some-State]:bcn
Locality Name (eg, city) []:granollers
Organization Name (eg, company) [Internet Widgits Pty Ltd]:institut carles vallbona
Organizational Unit Name (eg, section) []:serveis de xarxa
Common Name (e.g. server FQDN or YOUR name) []:roger
Email Address []:roger.sanchez@iescarlesvallbona.cat

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:nochallenge
An optional company name []:
  • generar el certificat autosignat
roger@roger-System-Product-Name:~$ openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
Signature ok
subject=C = ES, ST = bcn, L = granollers, O = institut carles vallbona, OU = serveis de xarxa, CN = roger, emailAddress = roger.sanchez@iescarlesvallbona.cat
Getting Private key
sudo cp server.crt /etc/ssl/certs
sudo cp server.key /etc/ssl/private
  • Afegir al main.conf
smtp_tls_security_level = may
smtpd_tls_security_level = may
smtp_tls_note_starttls_offer = yes
smtpd_tls_key_file = /etc/ssl/private/server.key
smtpd_tls_cert_file = /etc/ssl/certs/server.crt
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
On this page: