DevOps Tutorials - VegaStack
Please enter at least 3 characters
Jul 11, 2022 5 min read

Set up a Mail Server with PostfixAdmin

In this tutorial, we will guide you in Setting up and configuring a mail server.

Sk Rafikul Islam & Sumit Patel
Set up a Mail Server with PostfixAdmin
Table of Contents

Introduction

Users may set up and oversee a Postfix-based email server using the web-based Postfix Admin interface. You may build and administer several virtual domains, users, and aliases using Postfix Admin.

In this tutorial, we will guide you in Setting up and configuring a mail server  which covers creating the necessary DNS records and explains how to install and configure Postfix Admin, Nginx with free Let’s Encrypt certificate, PHP, and MySQL.

Prerequisites

Prerequisites you will  need:

  • Ubuntu server 18.04. The hostname of the server must be a FQDN. We will utilize mail.vegastack.com throughout this tutorial.
  • User with Sudo privileges.

DNS Settings

The following DNS records must be configured for your mail system to function

  • A record that directs the FQDN (hostname) of your system to the IPv4 address of your mail server.
mail.vegastack.com. 3600 IN A   23.45.67.89
ℹ️
The hostname and the domain name are the two components that make up the FQDN.
  • MX records are used to identify the mail server in charge of receiving email on behalf of a recipient's domain. In our example, we want the mail.vegastack.com mail server to accept all emails received to @vegastack.com email addresses.
vegastack.com.      3600 IN MX  0 mail.vegastack.com.
  • SPF record, which is used to confirm which mail servers have been granted permission to send emails on behalf of a certain domain. The domain mail servers (mx) in the example below are being approved, and if the SPF check fails, the outcome will be a soft failure (~all):
vegastack.com.      3600 IN TXT "v=spf1 mx ~all"
ℹ️
Of course, you must use your actual domain name and mail server's IP address in place of the placeholders for the domain and IP addresses.

Reverse DNS (PTR)

Reverse DNS (PTR) does the exact opposite of DNS, which maps domain names to IP addresses, by mapping IP addresses to domain names.

The majority of email servers will do a reverse DNS lookup on the IP address that is trying to connect to them, and if the PTR record is not set, the server may not accept emails from that IP address.

Most of the time, PTR entries may be made through the web interface of your hosting company or by calling customer service and asking them to set up a proper PTR record for you.

To determine the reverse DNS for an IP address, use the dig command.

dig -x 23.45.67.89

Output


23.45.67.89.in-addr.arpa domain name pointer mail.linuxize.com.

Create a System User

One system user is required since we are setting up a mail server with virtual users. This user will be the owner of all mailboxes and will be used by the virtual users to access their email on the server.

The vmail group and user will be created when the following command is run, and /var/mail/vmail will be configured as the user's home directory:

sudo groupadd -g 5000 vmail
sudo useradd -u 5000 -g vmail -s /usr/sbin/nologin -d /var/mail/vmail -m vmail

The /var/mail/vmail directory will store all virtual mailboxes.

Install Nginx PHP and MySQL

A PHP-based program is called Postfix Admin. We must set up an Online server and PHP in order to use the PostfixAdmin web server.

Install Nginx, PHP, and all needed PHP modules by running the command below:

sudo apt install nginx mysql-server php7.0-fpm php7.0-cli php7.0-imap php7.0-json php7.0-mysql php7.0-opcache php7.0-mbstring php7.0-readline

During the installation, you'll be asked to generate a MySQL root password.

Download and Configure Postfix Admin

Postfix Admin 3.3 is the most recent stable version at the time of writing this tutorial.

Utilizing the wget command shown below, download the Postfix Admin archive:

VERSION=3.3
wget -q https://downloads.sourceforge.net/project/postfixadmin/postfixadmin/postfixadmin-${VERSION}/postfixadmin-${VERSION}.tar.gz

After the download is finished, open the archive:

tar xzf postfixadmin-${VERSION}.tar.gz

Move the Postfix Admin source files to the /var/www directory and create the templates_c directory (smarty cache):

sudo mv postfixadmin-${VERSION}/ /var/www/postfixadmin
rm -f postfixadmin-${VERSION}.tar.gz
mkdir /var/www/postfixadmin/templates_c

We must transfer ownership of /var/www/postfixadmin to www-data as Nginx and PHP-FPM are both now executing under that user:

sudo chown -R www-data: /var/www/postfixadmin

A MySQL database will be used by Postfix Admin to hold data about users, domains, and application settings.

Login to the MySQL shell :

mysql -u root -p

Use the following commands to create a new MySQL user and database:

CREATE DATABASE postfixadmin;
GRANT ALL ON postfixadmin.* TO 'postfixadmin'@'localhost' IDENTIFIED BY 'P4ssvv0rD';
FLUSH PRIVILEGES;
⚠️
Remember to replace the default password (P4ssvv0rD) with a more secure one.

We will create a new file called config.local.php that will replace the default application settings rather than altering the default Postfix Admin configuration:

With your text editor, open the file:

sudo nano /var/www/postfixadmin/config.local.php

Paste the following PHP code:

<?php
$CONF['configured'] = true;

$CONF['database_type'] = 'mysqli';
$CONF['database_host'] = 'localhost';
$CONF['database_user'] = 'postfixadmin';
$CONF['database_password'] = 'P4ssvv0rD';
$CONF['database_name'] = 'postfixadmin';

$CONF['default_aliases'] = array (
  'abuse'      => '[email protected]',
  'hostmaster' => '[email protected]',
  'postmaster' => '[email protected]',
  'webmaster'  => '[email protected]'
);

$CONF['fetchmail'] = 'NO';
$CONF['show_footer_text'] = 'NO';

$CONF['quota'] = 'YES';
$CONF['domain_quota'] = 'YES';
$CONF['quota_multiplier'] = '1024000';
$CONF['used_quotas'] = 'YES';
$CONF['new_quota_table'] = 'YES';

$CONF['aliases'] = '0';
$CONF['mailboxes'] = '0';
$CONF['maxquota'] = '0';
$CONF['domain_quota_default'] = '0';
?>

Save the document, then exit.

The database type and the login credentials are defined by the settings above. Additionally, we are activating quota, disabling fetchmail, and defining the default aliases.

Run the below command to construct the Postfix Admin database's schema:

sudo -u www-data php /var/www/postfixadmin/upgrade.php

Once the database has been filled, we can use the postfixadmin-cli tool to create our first PostfixAdmin super admin account.

This user will be granted administrative rights to change any application or domain configuration.

sudo bash /var/www/postfixadmin/scripts/postfixadmin-cli admin add [email protected] --superadmin 1 --active 1 --password P4ssvv0rD --password2 P4ssvv0rD

The output should look something like this:

Output

Welcome to Postfixadmin-CLI v0.2
---------------------------------------------------------------

The admin [email protected] has been added!

---------------------------------------------------------------

Install free Let’s Encrypt SSL Certificate

To activate Dovecot and Postfix SSL/TLS encryption, we will utilize the SSL certificate to access our Postfix Admin installation.

How to install a Let's Encrypt SSL certificate is covered in our guide. Creating an SSL Certificate for your server hostname (FQDN), in this example, mail.vegastack.com, is the most crucial step in this process.

Edit your Nginx server block as follows after you have created the SSL certificate by following the instructions in the aforementioned link:

server {
    listen 80;
    server_name mail.linuxize.com;

    include snippets/letsencrypt.conf;
    return 301 https://$host$request_uri;
}

server {
    listen 443 ssl http2;
    server_name mail.linuxize.com;
    root /var/www;

    ssl_certificate /etc/letsencrypt/live/mail.linuxize.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/mail.linuxize.com/privkey.pem;
    ssl_trusted_certificate /etc/letsencrypt/live/mail.linuxize.com/chain.pem;
    include snippets/ssl.conf;
    include snippets/letsencrypt.conf;

    location / {
       try_files $uri $uri/ /index.php;
    }

    location /postfixadmin {
       index index.php;
       try_files $uri $uri/ /postfixadmin/index.php;
    }

    location ~* \.php$ {
         fastcgi_split_path_info ^(.+?\.php)(/.*)$;
         if (!-f $document_root$fastcgi_script_name) {return 404;}
         fastcgi_pass  unix:/run/php/php7.0-fpm.sock;
         fastcgi_index index.php;
         include fastcgi_params;
         fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    }
}

Reload the Nginx service for changes to take effect:

sudo systemctl reload nginx

Using the super admin account you established earlier in this article, you should now be able to log in to your Postfix Admin installation at https://mail.vegastack.com/postfixadmin.

Conclusion

You have completed the installation of Postfix Admin from this tutorial.

If you have any queries, please leave a comment below and we’ll be happy to respond to them.

Great! You’ve successfully signed up.
Welcome back! You've successfully signed in.
You've successfully subscribed to DevOps Tutorials - VegaStack.
Your link has expired.
Success! Check your email for magic link to sign-in.
Success! Your billing info has been updated.
Your billing was not updated.