LINUX How to configure ssl-postfix-dovecot

#cd /etc/postfix
#vi main.cf
Paste under mynetworks:

####### smtp auth
smtpd_tls_auth_only = yes
smtp_use_tls = yes
smtpd_sasl_auth_enable =   yes
smtpd_sasl_type = cyrus
local_recipient_maps =
smtpd_use_tls = yes
smtp_tls_note_starttls_offer   = yes
smtpd_tls_key_file =   /etc/postfix/ssl/smtpd.key
smtpd_tls_cert_file =   /etc/postfix/ssl/smtpd.crt
smtpd_tls_CAfile =   /etc/postfix/ssl/cacert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header   = yes
smtpd_tls_session_cache_timeout   = 3600s
tls_random_source =   dev:/dev/urandom
########

Then:
#vi master.cf
Paste under smtp:
smtps   inet n   -   n   - - smtpd
      -o smtpd_sasl_auth_enable=yes
      -o smtpd_reject_unlisted_sender=yes
      -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject
      -o broken_sasl_auth_clients=yes

To check the SASL available mechanisms run:

#saslauthd -V

Set SASL authentication to start at system boot:

#chkconfig --levels 235 saslauthd on

Set up the encryption keys:

#mkdir /etc/postfix/ssl
#cd ssl/
#openssl genrsa -des3 -rand /etc/hosts -out smtpd.key 1024
#chmod 600 smtpd.key
#openssl req -new -key smtpd.key -out smtpd.csr
#openssl x509 -req -days 3650 -in smtpd.csr -signkey smtpd.key -out smtpd.crt
#openssl rsa -in smtpd.key -out smtpd.key.unencrypted
#mv -f smtpd.key.unencrypted smtpd.key
#openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -days 3650

Set up the client certificate for importing into Internet Explorer (for Outlook) / Thunderbird (this will suppress warnings about using a self signed certificate):

#openssl pkcs12 -export -in smtpd.crt -inkey smtpd.key -out OutlookSMTP.p12

Reload the config:

#postfix reload

Check if the port is listening:

#netstat -ntpl | grep master

tcp     0    0     127.0.0.1:10025  0.0.0.0:*      LISTEN   8366/master
tcp     0    0     0.0.0.0:465      0.0.0.0:*      LISTEN   8366/master
tcp     0    0     0.0.0.0:25       0.0.0.0:*      LISTEN    8366/master


Test if TLS and AUTH is working:

#telnet localhost 465

Dovecot config for POP3 IMAP
#vi /etc/dovecot

protocols imap imaps pop3s

Whichever services you are using, you need to configure the IP and port on which each one will listen.

protocol imap {
    listen = 127.0.0.1:143
    ssl_listen = 123.45.67.89:993

    ...
}

protocol pop3 {
    # listen = 987.65.43.21:110
    ssl_listen = 123.45.67.89:995

    ...
}

Comments

Post a Comment

Popular posts from this blog

LINUX Move and copy files using SSH

Often you will need to move one or more files/folders or copy them to a different location. You can do so easily using an SSH connection. The commands which you would need to use are mv (short from move) and cp (short from copy). The mv command syntax looks like this: mv configuration.php-dist configuration.php By issuing the above command we will move (rename) the file configuration.php-dist to configuration.php. You can also use mv to move a whole directory and its content: mv includes/* ./ This will move all files (and folders) in the includes/ directory to the current working directory. In some cases however, we will need to only update the files and move only files that were changed, which we can do by passing ‘ -u ’ as argument to the command: mv -u includes/* admin/includes The copy (cp) command works the same way as mv, but instead of moving the files/folders it copies them. For example: cp configuration.php-dist configuration.php The command will copy the co
Read more

PHP Predefined Variables

PHP provides a large number of predefined variables to any script which it runs.PHP provides an additional set of predefined arrays containing variables from the web server the environment, and user input. These new arrays are called superglobals: All the following variables are automatically available in every scope. PHP Superglobals: Variable Description $GLOBALS Contains a reference to every variable which is currently available within the global scope of the script. The keys of this array are the names of the global variables. $_SERVER This is an array containing information such as headers, paths, and script locations. The entries in this array are created by the web server. There is no guarantee that every web server will provide any of these. See next section for a complete list of all the SERVER variables. $_GET An associative array of variables passed to the current script via the HTTP GET method. $_POST An associative array of variable
Read more

Java : Variables Declaring

[1]. Java Variables Variables are containers for storing data values. In Java, there are different types of variables, for example: String - stores text, such as "Hello". String values are surrounded by double quotes int - stores integers (whole numbers), without decimals, such as 123 or -123 float - stores floating point numbers, with decimals, such as 19.99 or -19.99 char - stores single characters, such as 'a' or 'B'. Char values are surrounded by single quotes boolean - stores values with two states: true or false [2]. Declaring (Creating) Variables To create a variable, you must specify the type and assign it a value: Syntax type variable = value ; Where type is one of Java's types (such as int or String), and variable is the name of the variable (such as x or name). The equal sign is used to assign values to the variable. To create a variable that should store text, look at the following example: Example Create a variable called  name  of type  Stri
Read more