Set up a Mail Server with PostfixAdmin
Introduction
Users may set up and oversee a Postfix-based email server using the web-based Postfix Admin interface. You may build and administer several virtual domains, users, and aliases using Postfix Admin.
In this tutorial, we will guide you in Setting up and configuring a mail server which covers creating the necessary DNS records and explains how to install and configure Postfix Admin, Nginx with free Let’s Encrypt certificate, PHP, and MySQL.
Prerequisites
Prerequisites you will need:
- Ubuntu server 18.04. The hostname of the server must be a FQDN. We will utilize
mail.vegastack.com
throughout this tutorial. - User with Sudo privileges.
DNS Settings
The following DNS records must be configured for your mail system to function
- A record that directs the FQDN (hostname) of your system to the IPv4 address of your mail server.
mail.vegastack.com. 3600 IN A 23.45.67.89
- MX records are used to identify the mail server in charge of receiving email on behalf of a recipient's domain. In our example, we want the
mail.vegastack.com
mail server to accept all emails received to@vegastack.com
email addresses.
vegastack.com. 3600 IN MX 0 mail.vegastack.com.
- SPF record, which is used to confirm which mail servers have been granted permission to send emails on behalf of a certain domain. The domain mail servers (mx) in the example below are being approved, and if the SPF check fails, the outcome will be a soft failure (~all):
vegastack.com. 3600 IN TXT "v=spf1 mx ~all"
Reverse DNS (PTR)
Reverse DNS (PTR) does the exact opposite of DNS, which maps domain names to IP addresses, by mapping IP addresses to domain names.
The majority of email servers will do a reverse DNS lookup on the IP address that is trying to connect to them, and if the PTR record is not set, the server may not accept emails from that IP address.
Most of the time, PTR entries may be made through the web interface of your hosting company or by calling customer service and asking them to set up a proper PTR record for you.
To determine the reverse DNS for an IP address, use the dig command.
dig -x 23.45.67.89
Output
23.45.67.89.in-addr.arpa domain name pointer mail.linuxize.com.
Create a System User
One system user is required since we are setting up a mail server with virtual users. This user will be the owner of all mailboxes and will be used by the virtual users to access their email on the server.
The vmail
group and user will be created when the following command is run, and /var/mail/vmail
will be configured as the user's home directory:
sudo groupadd -g 5000 vmail
sudo useradd -u 5000 -g vmail -s /usr/sbin/nologin -d /var/mail/vmail -m vmail
The /var/mail/vmail
directory will store all virtual mailboxes.
Install Nginx PHP and MySQL
A PHP-based program is called Postfix Admin. We must set up an Online server and PHP in order to use the PostfixAdmin web server.
Install Nginx, PHP, and all needed PHP modules by running the command below:
sudo apt install nginx mysql-server php7.0-fpm php7.0-cli php7.0-imap php7.0-json php7.0-mysql php7.0-opcache php7.0-mbstring php7.0-readline
During the installation, you'll be asked to generate a MySQL root password.
Download and Configure Postfix Admin
Postfix Admin 3.3
is the most recent stable version at the time of writing this tutorial.
Utilizing the wget command shown below, download the Postfix Admin archive:
VERSION=3.3
wget -q https://downloads.sourceforge.net/project/postfixadmin/postfixadmin/postfixadmin-${VERSION}/postfixadmin-${VERSION}.tar.gz
After the download is finished, open the archive:
tar xzf postfixadmin-${VERSION}.tar.gz
Move the Postfix Admin source files to the /var/www
directory and create the templates_c
directory (smarty cache):
sudo mv postfixadmin-${VERSION}/ /var/www/postfixadmin
rm -f postfixadmin-${VERSION}.tar.gz
mkdir /var/www/postfixadmin/templates_c
We must transfer ownership of /var/www/postfixadmin
to www-data
as Nginx and PHP-FPM are both now executing under that user:
sudo chown -R www-data: /var/www/postfixadmin
A MySQL database will be used by Postfix Admin to hold data about users, domains, and application settings.
Login to the MySQL shell :
mysql -u root -p
Use the following commands to create a new MySQL user and database:
CREATE DATABASE postfixadmin;
GRANT ALL ON postfixadmin.* TO 'postfixadmin'@'localhost' IDENTIFIED BY 'P4ssvv0rD';
FLUSH PRIVILEGES;
We will create a new file called config.local.php
that will replace the default application settings rather than altering the default Postfix Admin configuration:
With your text editor, open the file:
sudo nano /var/www/postfixadmin/config.local.php
Paste the following PHP code:
<?php
$CONF['configured'] = true;
$CONF['database_type'] = 'mysqli';
$CONF['database_host'] = 'localhost';
$CONF['database_user'] = 'postfixadmin';
$CONF['database_password'] = 'P4ssvv0rD';
$CONF['database_name'] = 'postfixadmin';
$CONF['default_aliases'] = array (
'abuse' => 'abuse@linuxize.com',
'hostmaster' => 'hostmaster@linuxize.com',
'postmaster' => 'postmaster@linuxize.com',
'webmaster' => 'webmaster@linuxize.com'
);
$CONF['fetchmail'] = 'NO';
$CONF['show_footer_text'] = 'NO';
$CONF['quota'] = 'YES';
$CONF['domain_quota'] = 'YES';
$CONF['quota_multiplier'] = '1024000';
$CONF['used_quotas'] = 'YES';
$CONF['new_quota_table'] = 'YES';
$CONF['aliases'] = '0';
$CONF['mailboxes'] = '0';
$CONF['maxquota'] = '0';
$CONF['domain_quota_default'] = '0';
?>
Save the document, then exit.
The database type and the login credentials are defined by the settings above. Additionally, we are activating quota, disabling fetchmail
, and defining the default aliases.
Run the below command to construct the Postfix Admin database's schema:
sudo -u www-data php /var/www/postfixadmin/upgrade.php
Once the database has been filled, we can use the postfixadmin-cli
tool to create our first PostfixAdmin super admin account.
This user will be granted administrative rights to change any application or domain configuration.
sudo bash /var/www/postfixadmin/scripts/postfixadmin-cli admin add superadmin@linuxize.com --superadmin 1 --active 1 --password P4ssvv0rD --password2 P4ssvv0rD
The output should look something like this:
Output
Welcome to Postfixadmin-CLI v0.2
---------------------------------------------------------------
The admin superadmin@vegastack.com has been added!
---------------------------------------------------------------
Install free Let’s Encrypt SSL Certificate
To activate Dovecot and Postfix SSL/TLS encryption, we will utilize the SSL certificate to access our Postfix Admin installation.
How to install a Let's Encrypt SSL certificate is covered in our guide. Creating an SSL Certificate for your server hostname (FQDN), in this example, mail.vegastack.com
, is the most crucial step in this process.
Edit your Nginx server block as follows after you have created the SSL certificate by following the instructions in the aforementioned link:
server {
listen 80;
server_name mail.linuxize.com;
include snippets/letsencrypt.conf;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl http2;
server_name mail.linuxize.com;
root /var/www;
ssl_certificate /etc/letsencrypt/live/mail.linuxize.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/mail.linuxize.com/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/mail.linuxize.com/chain.pem;
include snippets/ssl.conf;
include snippets/letsencrypt.conf;
location / {
try_files $uri $uri/ /index.php;
}
location /postfixadmin {
index index.php;
try_files $uri $uri/ /postfixadmin/index.php;
}
location ~* \.php$ {
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
if (!-f $document_root$fastcgi_script_name) {return 404;}
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
}
Reload the Nginx service for changes to take effect:
sudo systemctl reload nginx
Using the super admin account you established earlier in this article, you should now be able to log in to your Postfix Admin installation at https://mail.vegastack.com/postfixadmin.
Conclusion
You have completed the installation of Postfix Admin from this tutorial.
If you have any queries, please leave a comment below and we’ll be happy to respond to them.